diff options
| author |   Eric Hameleers <alien@slackware.com> | 2022-08-09 11:22:13 +0000 |
|---|---|---|
| committer | Eric Hameleers <alien@slackware.com> | 2022-08-09 11:22:13 +0000 |
| commit | db5b93a8a13cb31c54673160c58ea41a2f543765 (patch) | |
| tree | 3e12114e47172edeac9fc669a65ed5c1e1054d38 | |
| parent | a27fc975adfd6374f47dc6083b8e22eec665bf01 (diff) | |
| download | asb-db5b93a8a13cb31c54673160c58ea41a2f543765.tar.gz asb-db5b93a8a13cb31c54673160c58ea41a2f543765.tar.xz | |
Initial revision
| -rw-r--r-- | openjdk11/build/desktop/openjdk11-java.desktop | 10 | ||||
| -rw-r--r-- | openjdk11/build/desktop/openjdk11-jconsole.desktop | 9 | ||||
| -rw-r--r-- | openjdk11/build/desktop/openjdk11-jshell.desktop | 9 | ||||
| -rw-r--r-- | openjdk11/build/doinst.sh | 37 | ||||
| -rwxr-xr-x | openjdk11/build/profile.d/openjdk11.csh | 4 | ||||
| -rwxr-xr-x | openjdk11/build/profile.d/openjdk11.sh | 4 | ||||
| -rw-r--r-- | openjdk11/build/scripts/generate-cacerts.pl | 349 | ||||
| -rw-r--r-- | openjdk11/build/slack-desc | 19 |
8 files changed, 441 insertions, 0 deletions
diff --git a/openjdk11/build/desktop/openjdk11-java.desktop b/openjdk11/build/desktop/openjdk11-java.desktop new file mode 100644 index 00000000..46d709fa --- /dev/null +++ b/openjdk11/build/desktop/openjdk11-java.desktop @@ -0,0 +1,10 @@ +[Desktop Entry] +Name=OpenJDK Java 11 Runtime +Comment=OpenJDK Java 11 Runtime +Exec=@JPATH@java -jar +Icon=@PRGNAM@ +Terminal=false +Type=Application +Keywords=java;runtime +MimeType=application/x-java-archive;application/java-archive;application/x-jar; +NoDisplay=true diff --git a/openjdk11/build/desktop/openjdk11-jconsole.desktop b/openjdk11/build/desktop/openjdk11-jconsole.desktop new file mode 100644 index 00000000..b50b7714 --- /dev/null +++ b/openjdk11/build/desktop/openjdk11-jconsole.desktop @@ -0,0 +1,9 @@ +[Desktop Entry] +Name=OpenJDK Java 11 Console +Comment=OpenJDK Java 11 Monitoring & Management Console +Exec=@JPATH@jconsole +Icon=@PRGNAM@ +Terminal=false +Type=Application +Keywords=java;console;monitoring +Categories=Application;System; diff --git a/openjdk11/build/desktop/openjdk11-jshell.desktop b/openjdk11/build/desktop/openjdk11-jshell.desktop new file mode 100644 index 00000000..ed593066 --- /dev/null +++ b/openjdk11/build/desktop/openjdk11-jshell.desktop @@ -0,0 +1,9 @@ +[Desktop Entry] +Name=OpenJDK Java 11 Shell +Comment=OpenJDK Java 11 Shell +Exec=@JPATH@jshell +Icon=@PRGNAM@ +Terminal=true +Type=Application +Keywords=java;shell +Categories=Application;System; diff --git a/openjdk11/build/doinst.sh b/openjdk11/build/doinst.sh new file mode 100644 index 00000000..b3fee938 --- /dev/null +++ b/openjdk11/build/doinst.sh @@ -0,0 +1,37 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/openjdk11/logging.properties.new +config etc/openjdk11/net.properties.new +config etc/openjdk11/sound.properties.new +config etc/openjdk11/management/jmxremote.access.new +config etc/openjdk11/management/jmxremote.password.template.new +config etc/openjdk11/management/management.properties.new +config etc/openjdk11/security/policy/unlimited/default_local.policy.new +config etc/openjdk11/security/policy/unlimited/default_US_export.policy.new +config etc/openjdk11/security/policy/limited/default_local.policy.new +config etc/openjdk11/security/policy/limited/default_US_export.policy.new +config etc/openjdk11/security/policy/limited/exempt_local.policy.new +config etc/openjdk11/security/java.security.new +config etc/openjdk11/security/java.policy.new + +if [ -x usr/bin/update-desktop-database ]; then + chroot . /usr/bin/update-desktop-database -q usr/share/applications >/dev/null 2>&1 +fi + +if [ -e usr/share/icons/hicolor/icon-theme.cache ]; then + if [ -x usr/bin/gtk-update-icon-cache ]; then + chroot . /usr/bin/gtk-update-icon-cache usr/share/icons/hicolor >/dev/null 2>&1 + fi +fi + diff --git a/openjdk11/build/profile.d/openjdk11.csh b/openjdk11/build/profile.d/openjdk11.csh new file mode 100755 index 00000000..2e338e2c --- /dev/null +++ b/openjdk11/build/profile.d/openjdk11.csh @@ -0,0 +1,4 @@ +#!/bin/csh +setenv JAVA_HOME /usr/@LIB@/java +setenv MANPATH ${MANPATH}:${JAVA_HOME}/man +setenv PATH ${PATH}:${JAVA_HOME}/bin diff --git a/openjdk11/build/profile.d/openjdk11.sh b/openjdk11/build/profile.d/openjdk11.sh new file mode 100755 index 00000000..c92b66f9 --- /dev/null +++ b/openjdk11/build/profile.d/openjdk11.sh @@ -0,0 +1,4 @@ +#!/bin/sh +export JAVA_HOME=/usr/@LIB@/java +export MANPATH="${MANPATH}:${JAVA_HOME}/man" +export PATH="${PATH}:${JAVA_HOME}/bin" diff --git a/openjdk11/build/scripts/generate-cacerts.pl b/openjdk11/build/scripts/generate-cacerts.pl new file mode 100644 index 00000000..0213fcdd --- /dev/null +++ b/openjdk11/build/scripts/generate-cacerts.pl @@ -0,0 +1,349 @@ +#!/usr/bin/perl -w + +# Obtained from "http://pkgs.fedoraproject.org/gitweb/?p=ca-certificates.git;a=blob_plain;f=generate-cacerts.pl;hb=HEAD" + +use diagnostics; +use Fcntl; + +# Copyright (C) 2007, 2008 Red Hat, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# generate-cacerts.pl generates a JKS keystore named 'cacerts' from +# OpenSSL's certificate bundle using OpenJDK's keytool. + +# First extract each of OpenSSL's bundled certificates into its own +# aliased filename. +$file = $ARGV[1]; +open(CERTS, $file); +@certs = <CERTS>; +close(CERTS); + +$pem_file_count = 0; +$in_cert_block = 0; +$write_current_cert = 1; +foreach $cert (@certs) +{ + if ($cert =~ "Certificate:\n") + { + print "New certificate...\n"; + } + elsif ($cert =~ /Subject: /) + { + $_ = $cert; + if ($cert =~ /personal-freemail/) + { + $cert_alias = "thawtepersonalfreemailca"; + } + elsif ($cert =~ /personal-basic/) + { + $cert_alias = "thawtepersonalbasicca"; + } + elsif ($cert =~ /personal-premium/) + { + $cert_alias = "thawtepersonalpremiumca"; + } + elsif ($cert =~ /server-certs/) + { + $cert_alias = "thawteserverca"; + } + elsif ($cert =~ /premium-server/) + { + $cert_alias = "thawtepremiumserverca"; + } + elsif ($cert =~ /Class 1 Public Primary Certification Authority$/) + { + $cert_alias = "verisignclass1ca"; + } + elsif ($cert =~ /Class 1 Public Primary Certification Authority - G2/) + { + $cert_alias = "verisignclass1g2ca"; + } + elsif ($cert =~ + /VeriSign Class 1 Public Primary Certification Authority - G3/) + { + $cert_alias = "verisignclass1g3ca"; + } + elsif ($cert =~ /Class 2 Public Primary Certification Authority$/) + { + $cert_alias = "verisignclass2ca"; + } + elsif ($cert =~ /Class 2 Public Primary Certification Authority - G2/) + { + $cert_alias = "verisignclass2g2ca"; + } + elsif ($cert =~ + /VeriSign Class 2 Public Primary Certification Authority - G3/) + { + $cert_alias = "verisignclass2g3ca"; + } + elsif ($cert =~ /Class 3 Public Primary Certification Authority$/) + { + $cert_alias = "verisignclass3ca"; + } + # Version 1 of Class 3 Public Primary Certification Authority + # - G2 is added. Version 3 is excluded. See below. + elsif ($cert =~ /Class 3 Public Primary Certification Authority - G2.*1998/) + { + $cert_alias = "verisignclass3g2ca"; + } + elsif ($cert =~ + /VeriSign Class 3 Public Primary Certification Authority - G3/) + { + $cert_alias = "verisignclass3g3ca"; + } + elsif ($cert =~ + /RSA Data Security.*Secure Server Certification Authority/) + { + $cert_alias = "rsaserverca"; + } + elsif ($cert =~ /GTE CyberTrust Global Root/) + { + $cert_alias = "gtecybertrustglobalca"; + } + elsif ($cert =~ /Baltimore CyberTrust Root/) + { + $cert_alias = "baltimorecybertrustca"; + } + elsif ($cert =~ /www.entrust.net\/Client_CA_Info\/CPS/) + { + $cert_alias = "entrustclientca"; + } + elsif ($cert =~ /www.entrust.net\/GCCA_CPS/) + { + $cert_alias = "entrustglobalclientca"; + } + elsif ($cert =~ /www.entrust.net\/CPS_2048/) + { + $cert_alias = "entrust2048ca"; + } + elsif ($cert =~ /www.entrust.net\/CPS incorp /) + { + $cert_alias = "entrustsslca"; + } + elsif ($cert =~ /www.entrust.net\/SSL_CPS/) + { + $cert_alias = "entrustgsslca"; + } + elsif ($cert =~ /The Go Daddy Group/) + { + $cert_alias = "godaddyclass2ca"; + } + elsif ($cert =~ /Starfield Class 2 Certification Authority/) + { + $cert_alias = "starfieldclass2ca"; + } + elsif ($cert =~ /ValiCert Class 2 Policy Validation Authority/) + { + $cert_alias = "valicertclass2ca"; + } + elsif ($cert =~ /GeoTrust Global CA$/) + { + $cert_alias = "geotrustglobalca"; + } + elsif ($cert =~ /Equifax Secure Certificate Authority/) + { + $cert_alias = "equifaxsecureca"; + } + elsif ($cert =~ /Equifax Secure eBusiness CA-1/) + { + $cert_alias = "equifaxsecureebusinessca1"; + } + elsif ($cert =~ /Equifax Secure eBusiness CA-2/) + { + $cert_alias = "equifaxsecureebusinessca2"; + } + elsif ($cert =~ /Equifax Secure Global eBusiness CA-1/) + { + $cert_alias = "equifaxsecureglobalebusinessca1"; + } + elsif ($cert =~ /Sonera Class1 CA/) + { + $cert_alias = "soneraclass1ca"; + } + elsif ($cert =~ /Sonera Class2 CA/) + { + $cert_alias = "soneraclass2ca"; + } + elsif ($cert =~ /AAA Certificate Services/) + { + $cert_alias = "comodoaaaca"; + } + elsif ($cert =~ /AddTrust Class 1 CA Root/) + { + $cert_alias = "addtrustclass1ca"; + } + elsif ($cert =~ /AddTrust External CA Root/) + { + $cert_alias = "addtrustexternalca"; + } + elsif ($cert =~ /AddTrust Qualified CA Root/) + { + $cert_alias = "addtrustqualifiedca"; + } + elsif ($cert =~ /UTN-USERFirst-Hardware/) + { + $cert_alias = "utnuserfirsthardwareca"; + } + elsif ($cert =~ /UTN-USERFirst-Client Authentication and Email/) + { + $cert_alias = "utnuserfirstclientauthemailca"; + } + elsif ($cert =~ /UTN - DATACorp SGC/) + { + $cert_alias = "utndatacorpsgcca"; + } + elsif ($cert =~ /UTN-USERFirst-Object/) + { + $cert_alias = "utnuserfirstobjectca"; + } + elsif ($cert =~ /America Online Root Certification Authority 1/) + { + $cert_alias = "aolrootca1"; + } + elsif ($cert =~ /DigiCert Assured ID Root CA/) + { + $cert_alias = "digicertassuredidrootca"; + } + elsif ($cert =~ /DigiCert Global Root CA/) + { + $cert_alias = "digicertglobalrootca"; + } + elsif ($cert =~ /DigiCert High Assurance EV Root CA/) + { + $cert_alias = "digicerthighassuranceevrootca"; + } + elsif ($cert =~ /GlobalSign Root CA$/) + { + $cert_alias = "globalsignca"; + } + elsif ($cert =~ /GlobalSign Root CA - R2/) + { + $cert_alias = "globalsignr2ca"; + } + elsif ($cert =~ /Elektronik.*Kas.*2005/) + { + $cert_alias = "extra-elektronikkas2005"; + } + elsif ($cert =~ /Muntaner 244 Barcelona.*Firmaprofesional/) + { + $cert_alias = "extra-oldfirmaprofesional"; + } + # Mozilla does not provide these certificates: + # baltimorecodesigningca + # gtecybertrust5ca + # trustcenterclass2caii + # trustcenterclass4caii + # trustcenteruniversalcai + else + { + # Generate an alias using the OU and CN attributes of the + # Subject field if both are present, otherwise use only the + # CN attribute. The Subject field must have either the OU + # or the CN attribute. + $_ = $cert; + if ($cert =~ /OU=/) + { + s/Subject:.*?OU=//; + # Remove other occurrences of OU=. + s/OU=.*CN=//; + # Remove CN= if there were not other occurrences of OU=. + s/CN=//; + s/\/emailAddress.*//; + s/Certificate Authority/ca/g; + s/Certification Authority/ca/g; + } + elsif ($cert =~ /CN=/) + { + s/Subject:.*CN=//; + s/\/emailAddress.*//; + s/Certificate Authority/ca/g; + s/Certification Authority/ca/g; + } + s/\W//g; + tr/A-Z/a-z/; + $cert_alias = "extra-$_"; + } + print "$cert => alias $cert_alias\n"; + } + elsif ($cert =~ "Signature Algorithm: ecdsa") + { + # Ignore ECC certs since keytool rejects them + $write_current_cert = 0; + print " => ignoring ECC certificate\n"; + } + elsif ($cert eq "-----BEGIN CERTIFICATE-----\n") + { + if ($in_cert_block != 0) + { + die "FAIL: $file is malformed."; + } + $in_cert_block = 1; + if ($write_current_cert == 1) + { + $pem_file_count++; + if (!sysopen(PEM, "$cert_alias.pem", O_WRONLY|O_CREAT|O_EXCL)) { + $cert_alias = "$cert_alias.1"; + sysopen(PEM, "$cert_alias.1.pem", O_WRONLY|O_CREAT|O_EXCL) + || die("FAIL: could not open file for $cert_alias.pem: $!"); + } + print PEM $cert; + print " => writing $cert_alias.pem...\n"; + } + } + elsif ($cert eq "-----END CERTIFICATE-----\n") + { + $in_cert_block = 0; + if ($write_current_cert == 1) + { + print PEM $cert; + close(PEM); + } + $write_current_cert = 1 + } + else + { + if ($in_cert_block == 1 && $write_current_cert == 1) + { + print PEM $cert; + } + } +} + +# Check that the correct number of .pem files were produced. +@pem_files = <*.pem>; +if (@pem_files != $pem_file_count) +{ + print "$pem_file_count != ".@pem_files."\n"; + die "FAIL: Number of .pem files produced does not match". + " number of certs read from $file."; +} + +# Now store each cert in the 'cacerts' file using keytool. +$certs_written_count = 0; +foreach $pem_file (@pem_files) +{ + print "+ Adding $pem_file...\n"; + if (system("$ARGV[0] -import". + " -alias `basename $pem_file .pem`". + " -keystore cacerts -noprompt -storepass 'changeit' -file $pem_file") == 0) { + $certs_written_count++; + } else { + print "FAILED\n"; + } +} + +# Check that the correct number of certs were added to the keystore. +if ($certs_written_count != $pem_file_count) +{ + die "FAIL: Number of certs added to keystore does not match". + " number of certs read from $file."; +} diff --git a/openjdk11/build/slack-desc b/openjdk11/build/slack-desc new file mode 100644 index 00000000..ceac29ce --- /dev/null +++ b/openjdk11/build/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +openjdk11: openjdk11 (Java Platform Standard Edition Development Kit) +openjdk11: +openjdk11: openjdk11 is an open source implementation of the Java Platform, +openjdk11: Standard Edition, release 11. +openjdk11: The Java SDK software includes tools for developing, testing, and +openjdk11: running programs written in the Java programming language. This +openjdk11: package contains the Open Source version of the JDK, which holds +openjdk11: everything you need to run Java(TM). +openjdk11: +openjdk11: See also: https://openjdk.org/ +openjdk11: |