[OE-core] cURL recipe: SSL backend

Viacheslav Salnikov slavasalnikovv at gmail.com
Tue May 8 09:23:10 UTC 2018 

Mark, the main point of the question about "changing without side-effects"
and not about "how to change one config option to another"

But Andre has already provided information, cheers for that.

Thanks for participation

2018-05-07 23:00 GMT+03:00 Andre McCurdy <armccurdy at gmail.com>:

> On Mon, May 7, 2018 at 7:17 AM, Mark Hatle <mark.hatle at windriver.com>
> wrote:
> > On 5/7/18 8:16 AM, Viacheslav Salnikov wrote:
> >> Alright, good point.
> >>
> >> But what if I need to use openssl instead of gnutls on Target? Can it
> be changed
> >> without side effects?
>
> The behaviour of curl when built with gnutls -vs- openssl in OE is not
> the same. There are things (maybe related to certificates?) which work
> fine with openssl but don't work with gnutls. Unfortunately I don't
> have many more details than that - all the OE distros I use have
> switched to using openssl, so going back to figure out what's wrong
> with gnutls has never been a high priority. If you switch you should
> test carefully, but from my experience openssl works better.
>
> > This is why the package config settins are present in the curl recipe.
> You can
> > adjust the setting to use whatever TLS engine you want in your
> distribution or
> > project configuration.
> >
> > PACKAGECONFIG_pn-curl = "ipv6 proxy ssl threaded-resolver zlib"
>
> This will work, but a more robust approach may be to use _append and
> _remove to change PACKAGECONFIG options (rather than over-riding with
> an absolute set of options, which may become out of sync with the
> defaults in the main recipe). e.g.
>
>   PACKAGECONFIG_remove_pn-curl = "gnutls"
>   PACKAGECONFIG_append_pn-curl = " ssl"
>
> > or any other combination of available options..
> >
> > --Mark
> >
> >> Regards,
> >>
> >> 2018-05-07 15:59 GMT+03:00 Alexander Kanavin <alexander.kanavin at linux.
> intel.com
> >> <mailto:alexander.kanavin at linux.intel.com>>:
> >>
> >>     On 05/07/2018 03:51 PM, Viacheslav Salnikov wrote:
> >>
> >>         cULR is built with GNUTLS for Target but OpenSSL is used for
> native and SDK.
> >>
> >>         So my question is: why GNUTLS is used only for target? Is it
> necessary
> >>         for some good reason? Documentation for cURL has no explicit
> answer for
> >>         that.
> >>
> >>         Could somebody help me to find the answer?
> >>
> >>
> >>     I think enabling gnutls on the native side would add a ton of
> dependencies
> >>     to build, and so openssl (which is more self-contained) is selected
> there.
> >>
> >>     Alex
> >>
> >>
> >>
> >>
> >
> > --
> > _______________________________________________
> > Openembedded-core mailing list
> > Openembedded-core at lists.openembedded.org
> > http://lists.openembedded.org/mailman/listinfo/openembedded-core
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20180508/ddb6b6f4/attachment-0002.html>

More information about the Openembedded-core mailing list