deployment: Add Mozilla CA certificate store 2019-08-28 (#5773)

* deployment: Add Mozilla CA certificate store 2019-08-28 This is the cacerts file that was once proviced by the OpenSSL Homebrew formula. The osquery packages in 3.x and previous provided this store as the default / fallback. The hash can be corroborated via: https://curl.haxx.se/ca/cacert.pem.sha256 38b6230aa4bee062cd34ee0ff6da173250899642b1937fc130896290b6bd91e3 * install certs.pem directly from source
2024-11-06 17:45:22 +00:00 · 2019-09-08 17:42:01 -04:00 · 2019-09-08 17:42:01 -04:00 · f4bd3e1630
commit f4bd3e1630
parent be28d9c8de
2 changed files with 3485 additions and 2 deletions
--- a/cmake/packaging.cmake
+++ b/cmake/packaging.cmake
@ -149,6 +149,8 @@ function(generateInstallTargets)
    file(COPY "${CMAKE_SOURCE_DIR}/packs" DESTINATION "${CMAKE_BINARY_DIR}/package/linux")
    install(DIRECTORY "${CMAKE_BINARY_DIR}/package/linux/packs" DESTINATION share/osquery)

+    install(FILES "${CMAKE_SOURCE_DIR}/tools/deployment/certs.pem" DESTINATION share/osquery/certs)
+
    # etc
    file(COPY "${CMAKE_SOURCE_DIR}/tools/deployment/osqueryd.sysconfig" DESTINATION "${CMAKE_BINARY_DIR}/package/linux")
    if("${PACKAGING_SYSTEM}"  STREQUAL "DEB")
@ -193,6 +195,8 @@ function(generateInstallTargets)
    file(COPY "${CMAKE_SOURCE_DIR}/packs" DESTINATION "${CMAKE_BINARY_DIR}/package/wix")
    install(DIRECTORY "${CMAKE_BINARY_DIR}/package/wix/packs" DESTINATION .)

+    # certs
+    install(FILES "${CMAKE_SOURCE_DIR}/tools/deployment/certs.pem" DESTINATION certs)
  elseif(DEFINED PLATFORM_MACOS)
    # bin
    install(TARGETS osqueryd DESTINATION bin COMPONENT osquery)
@ -213,6 +217,8 @@ function(generateInstallTargets)
    file(COPY "${CMAKE_SOURCE_DIR}/packs" DESTINATION "${CMAKE_BINARY_DIR}/package/pkg")
    install(DIRECTORY "${CMAKE_BINARY_DIR}/package/pkg/packs" COMPONENT osquery DESTINATION /private/var/osquery)

+    install(FILES "${CMAKE_SOURCE_DIR}/tools/deployment/certs.pem" COMPONENT osquery DESTINATION /private/var/osquery/certs)
+
    file(COPY "${CMAKE_SOURCE_DIR}/tools/deployment/com.facebook.osqueryd.conf" DESTINATION "${CMAKE_BINARY_DIR}/package/pkg")
    file(RENAME "${CMAKE_BINARY_DIR}/package/pkg/com.facebook.osqueryd.conf" "${CMAKE_BINARY_DIR}/package/pkg/com.osquery.osqueryd.conf")
    install(FILES "${CMAKE_BINARY_DIR}/package/pkg/com.osquery.osqueryd.conf" DESTINATION /private/var/osquery COMPONENT osquery)
@ -246,14 +252,13 @@ set(CPACK_PACKAGE_HOMEPAGE_URL "https://osquery.io")
 set(CPACK_PROJECT_CONFIG_FILE "${CMAKE_BINARY_DIR}/package/CPackConfig.cmake")
 set(CPACK_PACKAGE_RELOCATABLE ON)
 set(CPACK_RESOURCE_FILE_LICENSE "${CMAKE_BINARY_DIR}/package/LICENSE.txt")
+set(CPACK_STRIP_FILES ON)

 configure_file(cmake/CPackConfig.cmake.in package/CPackConfig.cmake @ONLY)

 set(CPACK_GENERATOR "${PACKAGING_SYSTEM}")

 if(DEFINED PLATFORM_LINUX)
-  set(CPACK_STRIP_FILES ON)
-
  if(CPACK_GENERATOR STREQUAL "TGZ")
    set(CPACK_PACKAGE_FILE_NAME "${CPACK_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}_1.linux.x86_64")
    set(CPACK_INCLUDE_TOPLEVEL_DIRECTORY 0)
@ -281,9 +286,11 @@ if(DEFINED PLATFORM_LINUX)
    )
  endif()
 elseif(DEFINED PLATFORM_MACOS)
+  set(CPACK_PACKAGE_FILE_NAME "${CPACK_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}")
 elseif(DEFINED PLATFORM_WINDOWS)
  file(COPY "${CMAKE_SOURCE_DIR}/tools/osquery.ico" DESTINATION "${CMAKE_BINARY_DIR}/package/wix")
  file(COPY "${CMAKE_SOURCE_DIR}/cmake/wix_patches/osquery_wix_patch.xml" DESTINATION "${CMAKE_BINARY_DIR}/package/wix")
+  set(CPACK_PACKAGE_FILE_NAME "${CPACK_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}")
  set(CPACK_WIX_PRODUCT_ICON "${CMAKE_BINARY_DIR}/package/wix/osquery.ico")
  set(CPACK_WIX_UPGRADE_GUID "ea6c7327-461e-4033-847c-acdf2b85dede")
  set(CPACK_WIX_PATCH_FILE "${CMAKE_BINARY_DIR}/package/wix/osquery_wix_patch.xml" )
--- a/tools/deployment/certs.pem
+++ b/tools/deployment/certs.pem