#! /bin/csh -f
if ( $ echo "Usage: buildSysAnchors cert_dir"
echo "A typical run, when in the rootStoreTool dir, would be:"
echo "buildSysAnchors ../../../security_certificates/roots"
exit(1)
endif
set BUILD_DIR=$LOCAL_BUILD_DIR
set ROOT_KC=SystemRootCerts.keychain
set ROOT_KC_PATH=$BUILD_DIR/$ROOT_KC
set SETTINGS_FILE=SystemTrustSettings.plist
set SETTINGS_FILE_PATH=$BUILD_DIR/$SETTINGS_FILE
echo Creating empty $ROOT_KC in build directory...
rm -f "$ROOT_KC_PATH" || exit(1)
security create-keychain -p password "$ROOT_KC_PATH" || exit(1)
echo Creating empty $SETTINGS_FILE in build directory....
rm -f "$SETTINGS_FILE_PATH" || exit(1)
security add-trusted-cert -o "$SETTINGS_FILE_PATH" || exit(1)
set cmd="cd $argv[1]"
echo $cmd
$cmd
set GOT_ERROR=NO
foreach root (*)
echo Processing $root...
security import "$root" -k "$ROOT_KC_PATH" -t cert || exit(1)
security add-trusted-cert -i "$SETTINGS_FILE_PATH" -o "$SETTINGS_FILE_PATH" "$root" || exit(1)
end
set DST_PATH=/System/Library/Keychains
echo Copying $ROOT_KC and $SETTINGS_FILE to $DST_PATH...
cp $ROOT_KC_PATH $SETTINGS_FILE_PATH $DST_PATH || exit(1)
echo "=== Done. ==="