mirror of
https://github.com/fosslinux/live-bootstrap.git
synced 2026-03-10 21:35:24 +01:00
6ed2e09f3a
- This idea originates from very early in the project and was, at the
time, a very easy way to categorise things.
- Now, it doesn't really make much sense - it is fairly arbitary, often
occuring when there is a change in kernel, but not from builder-hex0
to fiwix, and sysb is in reality completely unnecessary.
- In short, the sys* stuff is a bit of a mess that makes the project
more difficult to understand.
- This puts everything down into one folder and has a manifest file that
is used to generate the build scripts on the fly rather than using
coded scripts.
- This is created in the "seed" stage.
stage0-posix -- (calls) --> seed -- (generates) --> main steps
Alongside this change there are a variety of other smaller fixups to the
general structure of the live-bootstrap rootfs.
- Creating a rootfs has become much simpler and is defined as code in
go.sh. The new structure, for an about-to-be booted system, is
/
-- /steps (direct copy of steps/)
-- /distfiles (direct copy of distfiles/)
-- all files from seed/*
-- all files from seed/stage0-posix/*
- There is no longer such a thing as /usr/include/musl, this didn't
really make any sense, as musl is the final libc used. Rather, to
separate musl and mes, we have /usr/include/mes, which is much easier
to work with.
- This also makes mes easier to blow away later.
- A few things that weren't properly in packages have been changed;
checksum-transcriber, simple-patch, kexec-fiwix have all been given
fully qualified package names.
- Highly breaking change, scripts now exist in their package directory
but NOT WITH THE packagename.sh. Rather, they use pass1.sh, pass2.sh,
etc. This avoids manual definition of passes.
- Ditto with patches; default directory is patches, but then any patch
series specific to a pass are named patches-passX.
56 lines
1.8 KiB
Diff
56 lines
1.8 KiB
Diff
# SPDX-FileCopyrightText: 2023 Eduardo Sánchez Muñoz <eduardosm-dev@e64.io>
|
|
#
|
|
# SPDX-License-Identifier: curl
|
|
|
|
Disables checking current date in mk-ca-bundle script, so it produces
|
|
reproducible bundles.
|
|
|
|
diff -ru scripts/mk-ca-bundle.pl scripts/mk-ca-bundle.pl
|
|
--- scripts/mk-ca-bundle.pl
|
|
+++ scripts/mk-ca-bundle.pl
|
|
@@ -499,19 +499,7 @@
|
|
if($main_block) {
|
|
push @precert, $_ if not /^#$/;
|
|
if(/^# Not Valid After : (.*)/) {
|
|
- my $stamp = $1;
|
|
- use Time::Piece;
|
|
- # Not Valid After : Thu Sep 30 14:01:15 2021
|
|
- my $t = Time::Piece->strptime($stamp, "%a %b %d %H:%M:%S %Y");
|
|
- my $delta = ($t->epoch - time()); # negative means no longer valid
|
|
- if($delta < 0) {
|
|
- $skipnum++;
|
|
- report "Skipping: $main_block_name is not valid anymore" if ($opt_v);
|
|
- $valid = 0;
|
|
- }
|
|
- else {
|
|
- $valid = 1;
|
|
- }
|
|
+ $valid = 1;
|
|
}
|
|
}
|
|
next;
|
|
@@ -573,24 +561,6 @@
|
|
if($timestamp[12] ne "Z") {
|
|
report "distrust date stamp is not using UTC";
|
|
}
|
|
- # Example date: 200617000000Z
|
|
- # Means 2020-06-17 00:00:00 UTC
|
|
- my $distrustat =
|
|
- timegm($timestamp[10] . $timestamp[11], # second
|
|
- $timestamp[8] . $timestamp[9], # minute
|
|
- $timestamp[6] . $timestamp[7], # hour
|
|
- $timestamp[4] . $timestamp[5], # day
|
|
- ($timestamp[2] . $timestamp[3]) - 1, # month
|
|
- "20" . $timestamp[0] . $timestamp[1]); # year
|
|
- if(time >= $distrustat) {
|
|
- # not trusted anymore
|
|
- $skipnum++;
|
|
- report "Skipping: $main_block_name is not trusted anymore" if ($opt_v);
|
|
- $valid = 0;
|
|
- }
|
|
- else {
|
|
- # still trusted
|
|
- }
|
|
}
|
|
next;
|
|
}
|