Patchwork [Consolidated,Pull,13/17] curl: enable ssl support

login
register
mail settings
Submitter Saul Wold
Date June 14, 2012, 7:27 p.m.
Message ID <5a1646b267619919186d5b12e59207d3251cf2dd.1339701375.git.sgw@linux.intel.com>
Download mbox | patch
Permalink /patch/29875/
State New
Headers show

Comments

Saul Wold - June 14, 2012, 7:27 p.m.
This patch enables ssl support for curl to allow git to clone from
https / ssl sites. We do not want to enable gnutls for native or
nativesdk, as it adds additional dependency and increase build time

[YOCTO #2532]

Signed-off-by: Saul Wold <sgw@linux.intel.com>
---
 meta/recipes-support/curl/curl_7.24.0.bb |   10 +++++-----
 1 files changed, 5 insertions(+), 5 deletions(-)
Phil Blundell - June 14, 2012, 7:54 p.m.
On Thu, 2012-06-14 at 12:27 -0700, Saul Wold wrote:
> +DEPENDS = "zlib gnutls openssl"

Do you really want both gnutls and openssl simultaneously?  That seems a
bit excessive.  What exactly is openssl bringing here that gnutls
doesn't do?

p.
Phil Blundell - June 14, 2012, 7:58 p.m.
On Thu, 2012-06-14 at 20:54 +0100, Phil Blundell wrote:
> On Thu, 2012-06-14 at 12:27 -0700, Saul Wold wrote:
> > +DEPENDS = "zlib gnutls openssl"
> 
> Do you really want both gnutls and openssl simultaneously?  That seems a
> bit excessive.  What exactly is openssl bringing here that gnutls
> doesn't do?

Also, if you really do want this, it ought to be a DISTRO_FEATURE and/or
PKG_CONFIG option.  Aside from the issue of binary bloat, OpenSSL brings
a pile of licensing grief that a lot of folks may not want.

p.
Saul Wold - June 14, 2012, 8:10 p.m.
On 06/14/2012 12:58 PM, Phil Blundell wrote:
> On Thu, 2012-06-14 at 20:54 +0100, Phil Blundell wrote:
>> On Thu, 2012-06-14 at 12:27 -0700, Saul Wold wrote:
>>> +DEPENDS = "zlib gnutls openssl"
>>
>> Do you really want both gnutls and openssl simultaneously?  That seems a
>> bit excessive.  What exactly is openssl bringing here that gnutls
>> doesn't do?
>
> Also, if you really do want this, it ought to be a DISTRO_FEATURE and/or
> PKG_CONFIG option.  Aside from the issue of binary bloat, OpenSSL brings
> a pile of licensing grief that a lot of folks may not want.
>
Ah, I tried to figure out why openssl was not in the first place, now I 
understand better.  How's this as a comprise, go back to pure gnutls for 
the target, but have the native only use openssl to allow secure git 
fetches, which is what triggered this in the first place.

Sau!

> p.
>
>
>
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>
>
Phil Blundell - June 14, 2012, 8:25 p.m.
On Thu, 2012-06-14 at 13:10 -0700, Saul Wold wrote:
> On 06/14/2012 12:58 PM, Phil Blundell wrote:
> > On Thu, 2012-06-14 at 20:54 +0100, Phil Blundell wrote:
> >> On Thu, 2012-06-14 at 12:27 -0700, Saul Wold wrote:
> >>> +DEPENDS = "zlib gnutls openssl"
> >>
> >> Do you really want both gnutls and openssl simultaneously?  That seems a
> >> bit excessive.  What exactly is openssl bringing here that gnutls
> >> doesn't do?
> >
> > Also, if you really do want this, it ought to be a DISTRO_FEATURE and/or
> > PKG_CONFIG option.  Aside from the issue of binary bloat, OpenSSL brings
> > a pile of licensing grief that a lot of folks may not want.
> >
> Ah, I tried to figure out why openssl was not in the first place, now I 
> understand better.  How's this as a comprise, go back to pure gnutls for 
> the target, but have the native only use openssl to allow secure git 
> fetches, which is what triggered this in the first place.

That sounds like a decent plan.  In the longer term I think there would
be some mileage in a generic DISTRO_FEATURES setting to allow one to
select between gnutls and openssl (or yassl, nss, ...) in a global kind
of way, and then curl should be made to respect it.

p.

Patch

diff --git a/meta/recipes-support/curl/curl_7.24.0.bb b/meta/recipes-support/curl/curl_7.24.0.bb
index 12e95c9..f9dce7d 100644
--- a/meta/recipes-support/curl/curl_7.24.0.bb
+++ b/meta/recipes-support/curl/curl_7.24.0.bb
@@ -5,10 +5,10 @@  SECTION = "console/network"
 LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://COPYING;beginline=7;md5=3a34942f4ae3fbf1a303160714e664ac"
 
-DEPENDS = "zlib gnutls"
-DEPENDS_virtclass-native = "zlib-native"
-DEPENDS_virtclass-nativesdk = "zlib-nativesdk"
-PR = "r0"
+DEPENDS = "zlib gnutls openssl"
+DEPENDS_virtclass-native = "zlib-native openssl-native"
+DEPENDS_virtclass-nativesdk = "zlib-nativesdk openssl-nativesdk"
+PR = "r1"
 
 SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \
            file://noldlibpath.patch \
@@ -20,7 +20,7 @@  SRC_URI[sha256sum] = "ebdb111088ff8b0e05b1d1b075e9f1608285e8105cc51e21caacf33d01
 inherit autotools pkgconfig binconfig
 
 EXTRA_OECONF = "--with-zlib=${STAGING_LIBDIR}/../ \
-                --without-ssl \
+		--with-ssl \
                 --without-libssh2 \
 		--with-random=/dev/urandom \
 		--without-libidn \