chromiumos-overlay: Use restricted HTTPS CAs when sending crashes

chromeos-base/chromeos-ca-certificates/chromeos-ca-certificates-0.0.1-r1.ebuild

Index: chromeos-base/chromeos-ca-certificates/chromeos-ca-certificates-0.0.1-r1.ebuild
diff --git a/chromeos-base/chromeos-ca-certificates/chromeos-ca-certificates-0.0.1-r1.ebuild b/chromeos-base/chromeos-ca-certificates/chromeos-ca-certificates-0.0.1-r1.ebuild
new file mode 100644
index 0000000000000000000000000000000000000000..fce15100a58a9f5e576fa9ba01f3b232adf10f3a
--- /dev/null
+++ b/chromeos-base/chromeos-ca-certificates/chromeos-ca-certificates-0.0.1-r1.ebuild
@@ -0,0 +1,31 @@
+# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=2
+
+DESCRIPTION="Chrome OS restricted set of certificates."
+HOMEPAGE="http://src.chromium.org"
+SRC_URI=""
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="amd64 arm x86"
+
+src_install() {
+	# c_rehash (OpenSSL 0.9.8l 5 Nov 2009) is processing just .pem files so
+	# rename the certificates from .crt to .pem. An alternative is to use
+	# openssl directly to create the hash symlinks:
+	#
+	#   ln -s $cert.crt $(openssl x509 -noout -hash < $cert.crt).0
+	#
+	# However, c_rehash has smarts about incrementing the .0 extension if
+	# necessary.
+	CA_CERT_DIR=/usr/share/chromeos-ca-certificates
+	insinto "${CA_CERT_DIR}"
+	for cert in \
+	  Equifax_Secure_Certificate_Authority \
+	  GeoTrustGlobalCA_crosssigned \
+	  GoogleInternetAuthority; do
+	  newins ${FILESDIR}/$cert.crt $cert.pem
+	done
+	c_rehash "${D}/${CA_CERT_DIR}"
+}