[OE-core] [PATCH v2] openssl: Use the c_rehash shell re-implementation for target
Otavio Salvador
otavio.salvador at ossystems.com.br
Mon Mar 18 16:00:58 UTC 2019
Hello Alexander,
On Mon, Mar 18, 2019 at 11:53 AM Alexander Kanavin
<alex.kanavin at gmail.com> wrote:
>
> Apologies, but I still have to veto this. The concerns I expressed previously still stand.
>
> The best course of action would be to work with the OpenSSL upstream to replace the utility with either C or shell version.
I understand your concerns about this however, those also stands for
the native recipe. So we have two possible routes which seem to align
with those concerns:
1) assume the c_rehash in shell script is good enough and adopt it
2) drop c_rehash from openssl recipe
either work. The use of a different version for target and native does
not seem consistent either correct.
As mentioned, this has been in use in multiple devices for years
without concerns and this has been changed under the hood when moving
to OpenSSL 1.1. Also, the ca-certificate is broken for installation on
target now (as it uses c_rehash) and this is still unnoticed.
So I know your view on this. I'd like to know the view of other team
members as well...
--
Otavio Salvador O.S. Systems
http://www.ossystems.com.br http://code.ossystems.com.br
Mobile: +55 (53) 9 9981-7854 Mobile: +1 (347) 903-9750
More information about the Openembedded-core
mailing list