# HG changeset patch # User Thomas Fitzsimmons # Date 1183586084 14400 # Node ID f38a4e9e21341912d84fb8a3911792400261351a # Parent 944f194e8e9dd19b1ea15d170d9d7122467c5df4 - Add generate-cacerts.pl, Makefile and README. diff -r 944f194e8e9d -r f38a4e9e2134 Makefile --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/Makefile Wed Jul 04 17:54:44 2007 -0400 @@ -0,0 +1,174 @@ +# -*- Makefile -*- +# +# Common Makefile for building RPMs +# Licensed under the new-BSD license (http://www.opensource.org/licenses/bsd-license.php) +# Copyright (C) 2004-2005 Red Hat, Inc. +# Copyright (C) 2005 Fedora Foundation +# +# $Id: Makefile.common,v 1.68 2007/07/02 13:00:55 ausil Exp $ + +NAME := java-1.7.0-icedtea +SPECFILE = $(firstword $(wildcard *.spec)) + +DIST_DEFINES = --define "dist %{nil}" + +## a base directory where we'll put as much temporary working stuff as we can +ifndef WORKDIR +WORKDIR := $(shell pwd) +endif +## of course all this can also be overridden in your RPM macros file, +## but this way you can separate your normal RPM setup from your CVS +## setup. Override RPM_WITH_DIRS in ~/.cvspkgsrc to avoid the usage of +## these variables. +SRCRPMDIR ?= $(WORKDIR) +BUILDDIR ?= $(WORKDIR) +RPMDIR ?= $(WORKDIR) + +## SOURCEDIR is special; it has to match the CVS checkout directory, +## because the CVS checkout directory contains the patch files. So it basically +## can't be overridden without breaking things. But we leave it a variable +## for consistency, and in hopes of convincing it to work sometime. +ifndef SOURCEDIR +SOURCEDIR := $(shell pwd) +endif + +ifndef RPM_DEFINES +RPM_DEFINES = --define "_sourcedir $(SOURCEDIR)" \ + --define "_builddir $(BUILDDIR)" \ + --define "_srcrpmdir $(SRCRPMDIR)" \ + --define "_rpmdir $(RPMDIR)" \ + $(DIST_DEFINES) +endif + +# Initialize the variables that we need, but are not defined +# the version of the package +ifndef NAME +$(error "You can not run this Makefile without having NAME defined") +endif +ifndef VERSION +VERSION := $(shell rpm $(RPM_DEFINES) $(DIST_DEFINES) -q --qf "%{VERSION}\n" --specfile $(SPECFILE)| head -1) +endif +# the release of the package +ifndef RELEASE +RELEASE := $(shell rpm $(RPM_DEFINES) $(DIST_DEFINES) -q --qf "%{RELEASE}\n" --specfile $(SPECFILE)| head -1) +endif +# this is used in make patch, maybe make clean eventually. +# would be nicer to autodetermine from the spec file... +RPM_BUILD_DIR ?= $(BUILDDIR)/$(NAME)-$(VERSION) + +ARCH = $(shell uname -m | sed 's/i.86/i586/') + +all: sources $(ARCH) + +# The repository and the clients we use for the files +REPOSITORY ?= http://cvs.fedora.redhat.com/repo/pkgs +UPLOAD_REPOSITORY ?= https://cvs.fedora.redhat.com/repo/pkgs/upload.cgi + +# RPM with all the overrides in place; you can override this in your +# .cvspkgsrc also, to use a default rpm setup +# the rpm build command line +ifndef RPM +RPM := $(shell if test -f /usr/bin/rpmbuild ; then echo rpmbuild ; else echo rpm ; fi) +endif +ifndef RPM_WITH_DIRS +RPM_WITH_DIRS = $(RPM) $(RPM_DEFINES) +endif + +# source file basenames +SOURCEFILES := $(shell cat sources 2>/dev/null | awk '{ print $$2 }') +# full path to source files +FULLSOURCEFILES := $(addprefix $(SOURCEDIR)/,$(SOURCEFILES)) + +# list the possible targets for valid arches +ARCHES = i586 x86_64 + +# for the modules that do different "make prep" depending on what arch we build for +PREP_ARCHES = $(addprefix prep-,$(ARCHES)) + +## list all our bogus targets +.PHONY :: $(ARCHES) sources tag test-srpm srpm verrel clean patch mockbuild prep compile install-short compile-short FORCE local + +# build for a particular arch +$(ARCHES) : sources $(TARGETS) + $(RPM_WITH_DIRS) --target $@ -ba $(SPECFILE) 2>&1 | tee .build-$(VERSION)-$(RELEASE).log + @exit ${PIPESTATUS[0]} + +# empty target to force checking of md5sums in FULLSOURCEFILES +FORCE: + +# build whatever's appropriate for the local architecture +local: $(ARCH) + +tag: + hg tag $(NAME)-$(VERSION)-$(RELEASE) + +mockbuild: srpm + mock --arch=$(ARCH) $(NAME)-$(VERSION)-$(RELEASE).src.rpm + +prep: sources $(TARGETS) + $(RPM_WITH_DIRS) --nodeps -bp --target $(ARCH) $(SPECFILE) + +compile: sources $(TARGETS) + $(RPM_WITH_DIRS) -bc $(SPECFILE) + +compile-short: sources $(TARGETS) + $(RPM_WITH_DIRS) --nodeps --short-circuit -bc $(SPECFILE) + +install-short: sources $(TARGETS) + $(RPM_WITH_DIRS) --nodeps --short-circuit -bi $(SPECFILE) + +## use this to build an srpm locally +srpm: sources $(TARGETS) + $(RPM_WITH_DIRS) $(DIST_DEFINES) --nodeps -bs $(SPECFILE) + +test-srpm: srpm + +verrel: + @echo $(NAME)-$(VERSION)-$(RELEASE) + +# mop up, printing out exactly what was mopped. +clean :: + @echo "Running the %clean script of the rpmbuild..." + -@$(RPM_WITH_DIRS) --clean --nodeps $(SPECFILE) + @for F in $(FULLSOURCEFILES); do \ + if test -e $$F ; then \ + echo "Deleting $$F" ; /bin/rm -f $$F ; \ + fi; \ + done + @if test -d $(TMPCVS); then \ + echo "Deleting CVS dir $(TMPCVS)" ; \ + /bin/rm -rf $(TMPCVS); \ + fi + @if test -e $(SRCRPMDIR)/$(NAME)-$(VERSION)-$(RELEASE).src.rpm ; then \ + echo "Deleting $(SRCRPMDIR)/$(NAME)-$(VERSION)-$(RELEASE).src.rpm" ; \ + /bin/rm -f $(SRCRPMDIR)/$(NAME)-$(VERSION)-$(RELEASE).src.rpm ; \ + fi + @rm -fv *~ clog + @echo "Fully clean!" + +clog: $(SPECFILE) + @sed -n '/^%changelog/,/^$$/{/^%/d;/^$$/d;s/%%/%/g;p}' $(SPECFILE) | tee $@ + +help: + @echo "Usage: make " + @echo "Available targets are:" + @echo " help Show this text" + @echo " sources Download source files [default]" + @echo " Local test rpmbuild binary" + @echo " local Local test rpmbuild binary" + @echo " prep Local test rpmbuild prep" + @echo " compile Local test rpmbuild compile" + @echo " compile-short Local test rpmbuild short-circuit compile" + @echo " install-short Local test rpmbuild short-circuit install" + @echo " srpm Create a srpm" + @echo " verrel Echo \"$(NAME)-$(VERSION)-$(RELEASE)\"" + @echo " clog Make a clog file containing top changelog entry" + @echo " clean Remove srcs ($(SOURCEFILES)), export dir (cvs-$(TAG)) and srpm ($(NAME)-$(VERSION)-$(RELEASE).src.rpm)" + @echo " unused-patches Print list of patches not referenced by name in specfile" + @echo " gimmespec Print the name of the specfile" + +gimmespec: + @echo "$(SPECFILE)" + +unused-patches: + @for f in *.patch; do if [ -e $$f ]; then grep -q $$f $(SPECFILE) || echo $$f; fi; done diff -r 944f194e8e9d -r f38a4e9e2134 README --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/README Wed Jul 04 17:54:44 2007 -0400 @@ -0,0 +1,31 @@ +Setup Instructions +================== + +1. Create icedtea-1.1.tar.gz using IcedTea's make dist. +2. Copy/symlink icedtea-1.1.tar.gz into this directory. +3. Copy/symlink openjdk-7-ea-src-b14-21_jun_2007.zip into this directory. +4. Copy/symlink java-access-bridge-1.18.0.tar.gz into this directory. + +To build binary rpms, do: + +make + +To build binary rpms in mock, do: + +make mockbuild + +To build a source rpm, do: + +make srpm + +To see what other make targets are available, do: + +make help + +Release Instructions +==================== + +1. Verify that make mockbuild works on i586 and x86_64. +2. make tag +3. make srpm +4. Upload srpm to icedtea.classpath.org:/var/lib/public-download/fedora diff -r 944f194e8e9d -r f38a4e9e2134 generate-cacerts.pl --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/generate-cacerts.pl Wed Jul 04 17:54:44 2007 -0400 @@ -0,0 +1,106 @@ +#!/usr/bin/perl + +# Copyright (C) 2007 Red Hat, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# generate-cacerts.pl generates a gkeytool keystore named 'cacerts' +# from OpenSSL's certificate bundle. + +# First extract each of OpenSSL's bundled certificates into its own +# aliased filename. +$file = "/etc/pki/tls/cert.pem"; +open(CERTS, $file); +@certs = ; +close(CERTS); + +$pem_file_number = 0; +$writing_cert = 0; +foreach $cert (@certs) +{ + if ($cert eq "-----BEGIN CERTIFICATE-----\n") + { + if ($writing_cert != 0) + { + die "$file is malformed."; + } + $pem_file_number++; + # Numbering each file guarantees that cert aliases will be + # unique. + $pem_file_name = "$pem_file_number$cert_alias.pem"; + $writing_cert = 1; + open(PEM, ">$pem_file_name"); + print PEM $cert; + } + elsif ($cert eq "-----END CERTIFICATE-----\n") + { + $writing_cert = 0; + print PEM $cert; + close(PEM); + } + elsif ($cert =~ /Issuer: /) + { + # Generate an alias using the OU and CN attributes of the + # Issuer field if both are present, otherwise use only the CN + # attribute. The Issuer field must have either the OU or the + # CN attribute. + $_ = $cert; + if ($cert =~ /OU=/) + { + s/Issuer:.*?OU=//; + # Remove other occurrences of OU=. + s/OU=.*CN=//; + # Remove CN= if there were not other occurrences of OU=. + s/CN=//; + } + elsif ($cert =~ /CN=/) + { + s/Issuer:.*CN=//; + } + s/\W//g; + tr/A-Z/a-z/; + $cert_alias = $_ + } + else + { + if ($writing_cert == 1) + { + print PEM $cert; + } + } +} + +# Check that the correct number of .pem files were produced. +@pem_files = <*.pem>; +if (@pem_files != $pem_file_number) +{ + die "Number of .pem files produced does not match". + " number of certs read from $file."; +} + +# Now store each cert in the 'cacerts' file using keytool command +# passed in as command-line argument. +$certs_written_count = 0; +foreach $pem_file (@pem_files) +{ + system "yes | $ARGV[0] -import -alias `basename $pem_file .pem`". + " -keystore cacerts -storepass changeit -file $pem_file". + " 2>&1 >/dev/null"; + unlink($pem_file); + $certs_written_count++; +} + +# Check that the correct number of certs were added to the keystore. +if ($certs_written_count != $pem_file_number) +{ + die "Number of certs added to keystore does not match". + " number of certs read from $file."; +}