sysmo-bts
/
generic-poky
9
0
Fork 0
Code Pull Requests Releases Activity

openssl: Ensure SSL certificates are stored on sysconfdir 

Debian and other generic distributions has moved the certificates for
sysconfdir (/etc/ssl) and made the libdir content to link for it.

This provides several advantages specially for read-only
rootfs. Another benefit is that it ensures foreign implementations
(e.g: BoringSSL, from Chromium, when running with OpenSSL backend for
the certificates) to find the content correctly.

(From OE-Core rev: 50d63fa346bbb05dafffc0cb55e21e1092272d95)

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Otavio Salvador 2016-05-23 17:45:27 -03:00 committed by Richard Purdie
parent 0b1a03e332
commit 06563e639f
1 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
meta/recipes-connectivity/openssl/openssl.inc
View File

@ -43,8 +43,8 @@ RDEPENDS_${PN}-misc = "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '',
# package RRECOMMENDS on this package. This will enable the configuration
# file to be installed for both the base openssl package and the libcrypto
# package since the base openssl package depends on the libcrypto package.
FILES_openssl-conf = "${libdir}/ssl/openssl.cnf"
CONFFILES_openssl-conf = "${libdir}/ssl/openssl.cnf"
FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
RRECOMMENDS_libcrypto += "openssl-conf"
RDEPENDS_${PN}-ptest += "${PN}-misc make perl perl-module-filehandle bc"
@ -178,6 +178,17 @@ do_install () {
else
rm -f ${D}${libdir}/ssl/misc/CA.pl ${D}${libdir}/ssl/misc/tsget
fi
# Create SSL structure
install -d ${D}${sysconfdir}/ssl/
mv ${D}${libdir}/ssl/openssl.cnf \
${D}${libdir}/ssl/certs \
${D}${libdir}/ssl/private \
\
${D}${sysconfdir}/ssl/
ln -sf ${sysconfdir}/ssl/certs ${D}${libdir}/ssl/certs
ln -sf ${sysconfdir}/ssl/private ${D}${libdir}/ssl/private
ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${libdir}/ssl/openssl.cnf
}
do_install_ptest () {
@ -191,7 +202,7 @@ do_install_ptest () {
cp -r certs ${D}${PTEST_PATH}
mkdir -p ${D}${PTEST_PATH}/apps
ln -sf ${libdir}/ssl/misc/CA.sh ${D}${PTEST_PATH}/apps
ln -sf ${libdir}/ssl/openssl.cnf ${D}${PTEST_PATH}/apps
ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${PTEST_PATH}/apps
ln -sf ${bindir}/openssl ${D}${PTEST_PATH}/apps
cp apps/server2.pem ${D}${PTEST_PATH}/apps
mkdir -p ${D}${PTEST_PATH}/util