[OE-core] [PATCH v6 3/3] openssl-1.1: /etc/ssl location compatibility
Andre McCurdy
armccurdy at gmail.com
Thu Aug 16 23:38:25 UTC 2018
On Tue, Jul 17, 2018 at 2:10 AM, Andrej Valek <andrej.valek at siemens.com> wrote:
> Some packages have hard-coded path to /etc/ssl location.
> Create a symlinks to correct location.
>
> Signed-off-by: Andrej Valek <andrej.valek at siemens.com>
> Signed-off-by: Marko Peter <peter.marko at siemens.com>
> ---
> meta/recipes-connectivity/openssl/openssl_1.1.0h.bb | 18 +++++++++++++++---
> 1 file changed, 15 insertions(+), 3 deletions(-)
>
> diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb b/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb
> index 7af527ca31..d6ef66ba51 100644
> --- a/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb
> +++ b/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb
> @@ -22,7 +22,7 @@ SRC_URI_append_class-nativesdk = " \
> SRC_URI[md5sum] = "5271477e4d93f4ea032b665ef095ff24"
> SRC_URI[sha256sum] = "5835626cde9e99656585fc7aaa2302a73a7e1340bf8c14fd635a62c66802a517"
>
> -inherit lib_package multilib_header ptest
> +inherit lib_package multilib_header ptest relative_symlinks
>
> #| engines/afalg/e_afalg.c: In function 'eventfd':
> #| engines/afalg/e_afalg.c:110:20: error: '__NR_eventfd' undeclared (first use in this function)
> @@ -133,6 +133,18 @@ do_configure () {
> do_install () {
> oe_runmake DESTDIR="${D}" MANDIR="${mandir}" MANSUFFIX=ssl install
> oe_multilib_header openssl/opensslconf.h
> +
> + # Create SSL structure for PATH hard-coded packages like ca-certificates
> + # Debian is also using this technique
> + install -d ${D}${sysconfdir}/ssl/
> + mv ${D}${libdir}/ssl-1.1/openssl.cnf \
> + ${D}${libdir}/ssl-1.1/certs \
> + ${D}${libdir}/ssl-1.1/private \
> + \
> + ${D}${sysconfdir}/ssl/
> + ln -sf ${sysconfdir}/ssl/certs ${D}${libdir}/ssl-1.1/certs
> + ln -sf ${sysconfdir}/ssl/private ${D}${libdir}/ssl-1.1/private
> + ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${libdir}/ssl-1.1/openssl.cnf
> }
>
> do_install_append_class-native () {
> @@ -169,8 +181,8 @@ FILES_${PN}-engines = "${libdir}/engines-1.1"
> FILES_${PN}-misc = "${libdir}/ssl-1.1/misc"
> RDEPENDS_${PN}-misc = "${@bb.utils.filter('PACKAGECONFIG', 'perl', d)}"
>
> -FILES_openssl-conf = "${libdir}/ssl-1.1/openssl.cnf"
> -CONFFILES_openssl-conf = "${libdir}/ssl-1.1/openssl.cnf"
> +FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf ${libdir}/ssl-1.1/openssl.cnf"
The openssl 1.0 recipe does not put the ${libdir} symlink in the
openssl-conf package. The reasons for that are not entirely clear, but
it does seem to be a deliberate choice according to comments in this
thread:
http://lists.openembedded.org/pipermail/openembedded-core/2017-April/135176.html
Is there a clear reason for the openssl 1.1 recipe to be different?
> +CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
> RRECOMMENDS_libcrypto += "openssl-conf"
>
> RDEPENDS_${PN}-bin = "perl"
> --
> 2.11.0
More information about the Openembedded-core
mailing list