diff options
author | Ricardo Wurmus <rekado@elephly.net> | 2016-07-23 23:25:11 +0200 |
---|---|---|
committer | Ricardo Wurmus <rekado@elephly.net> | 2016-07-24 09:41:57 +0200 |
commit | 6af691723ed6c70fc468768e1e07b19b27c6f4d8 (patch) | |
tree | 3303831ca37ce3deb3b4d92e5515bc33da6ab71d | |
parent | 578aeea6cd949fb5daf683378c5c6c154bafd184 (diff) | |
download | guix-6af691723ed6c70fc468768e1e07b19b27c6f4d8.tar.gz |
gnu: icedtea-6: Narrow file to certificate block.
* gnu/packages/java.scm (icedtea-6)[arguments]: Extract certificate blocks from pem files before importing.
-rw-r--r-- | gnu/packages/java.scm | 39 |
1 files changed, 30 insertions, 9 deletions
diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm index 2d50ad84fa..83ffba4f4c 100644 --- a/gnu/packages/java.scm +++ b/gnu/packages/java.scm @@ -535,17 +535,38 @@ build process and its dependencies, whereas Make uses Makefile format.") "/etc/ssl/certs")) (keytool (string-append (assoc-ref outputs "jdk") "/bin/keytool"))) + (define (extract-cert file target) + (call-with-input-file file + (lambda (in) + (call-with-output-file target + (lambda (out) + (let loop ((line (read-line in 'concat)) + (copying? #f)) + (cond + ((eof-object? line) #t) + ((string-prefix? "-----BEGIN" line) + (display line out) + (loop (read-line in 'concat) #t)) + ((string-prefix? "-----END" line) + (display line out) + #t) + (else + (when copying? (display line out)) + (loop (read-line in 'concat) copying?))))))))) (define (import-cert cert) (format #t "Importing certificate ~a\n" (basename cert)) - (let* ((port (open-pipe* OPEN_WRITE keytool - "-import" - "-alias" (basename cert) - "-keystore" keystore - "-storepass" "changeit" - "-file" cert))) - (display "yes\n" port) - (when (not (zero? (status:exit-val (close-pipe port)))) - (error "failed to import" cert)))) + (let ((temp "tmpcert")) + (extract-cert cert temp) + (let ((port (open-pipe* OPEN_WRITE keytool + "-import" + "-alias" (basename cert) + "-keystore" keystore + "-storepass" "changeit" + "-file" temp))) + (display "yes\n" port) + (when (not (zero? (status:exit-val (close-pipe port)))) + (error "failed to import" cert))) + (delete-file temp))) ;; This is necessary because the certificate directory contains ;; files with non-ASCII characters in their names. |