Date: Sat, 9 Sep 2023 05:38:00 GMT From: Kyle Evans <kevans@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: b06aed1e7810 - stable/12 - caroot: add a primitive script to re-stamp certs Message-ID: <202309090538.3895c0VM069841@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/12 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=b06aed1e781051a55e11a04408ea14a95e079e34 commit b06aed1e781051a55e11a04408ea14a95e079e34 Author: Kyle Evans <kevans@FreeBSD.org> AuthorDate: 2023-09-09 05:34:31 +0000 Commit: Kyle Evans <kevans@FreeBSD.org> CommitDate: 2023-09-09 05:34:31 +0000 caroot: add a primitive script to re-stamp certs The tooling in main isn't stamping output with $FreeBSD$ strings going forward, so we need to remember to do that in this branch with each update. Add a stupid simple script that we can just run every time we MFC an update without having to put much thought into it. Direct commit to stable/12 because we don't need this in stable/13 or stable/14. --- secure/caroot/stamp-certs.sh | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/secure/caroot/stamp-certs.sh b/secure/caroot/stamp-certs.sh new file mode 100755 index 000000000000..8e702cd56668 --- /dev/null +++ b/secure/caroot/stamp-certs.sh @@ -0,0 +1,18 @@ +#!/bin/sh + +scriptdir=$(dirname $(realpath "$0")) + +files=$(grep -Lr '$FreeBSD' "$scriptdir"/*/*.pem) + +if [ -z "$files" ]; then + 1>&2 echo "No certs to stamp." + exit 0 +fi + +for f in $files; do + echo "Stamping $f" + sed -i.bak -e $'/Extracted from/a\\\n## with $FreeBSD$' "$f" && \ + rm "$f.bak" +done + +1>&2 echo "Done."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202309090538.3895c0VM069841>