Patchwork openssl: Add ca-certificates in RRECOMMENDS

login
register
mail settings
Submitter Shakeel, Muhammad
Date Sept. 19, 2013, 1:03 p.m.
Message ID <1379595818-6019-1-git-send-email-muhammad_shakeel@mentor.com>
Download mbox | patch
Permalink /patch/58369/
State New
Headers show

Comments

Shakeel, Muhammad - Sept. 19, 2013, 1:03 p.m.
From: Muhammad Shakeel <muhammad_shakeel@mentor.com>

In some situations ca-certificates are required along with openssl
to communicate securely, i.e. curl trying to fetch contents through https.

Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com>
---
 meta/recipes-connectivity/openssl/openssl.inc |    2 ++
 1 file changed, 2 insertions(+)
Shakeel, Muhammad - Sept. 25, 2013, 3:03 p.m.
On 09/19/2013 06:03 PM, Shakeel, Muhammad wrote:
> From: Muhammad Shakeel <muhammad_shakeel@mentor.com>
>
> In some situations ca-certificates are required along with openssl
> to communicate securely, i.e. curl trying to fetch contents through https.
>
> Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com>
> ---
>   meta/recipes-connectivity/openssl/openssl.inc |    2 ++
>   1 file changed, 2 insertions(+)
>
> diff --git a/meta/recipes-connectivity/openssl/openssl.inc b/meta/recipes-connectivity/openssl/openssl.inc
> index 78ff7ae..cf60d4b 100644
> --- a/meta/recipes-connectivity/openssl/openssl.inc
> +++ b/meta/recipes-connectivity/openssl/openssl.inc
> @@ -13,6 +13,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8"
>   
>   DEPENDS = "perl-native-runtime"
>   
> +RRECOMMENDS_${PN} = "ca-certificates"
> +
>   SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
>             "
>   S = "${WORKDIR}/openssl-${PV}"

Any feedback on this?

Thanks,
Shakeel
Paul Eggleton - Sept. 25, 2013, 3:52 p.m.
On Wednesday 25 September 2013 20:03:19 Muhammad Shakeel wrote:
> On 09/19/2013 06:03 PM, Shakeel, Muhammad wrote:
> > From: Muhammad Shakeel <muhammad_shakeel@mentor.com>
> > 
> > In some situations ca-certificates are required along with openssl
> > to communicate securely, i.e. curl trying to fetch contents through https.
> > 
> > Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com>
> > ---
> > 
> >   meta/recipes-connectivity/openssl/openssl.inc |    2 ++
> >   1 file changed, 2 insertions(+)
> > 
> > diff --git a/meta/recipes-connectivity/openssl/openssl.inc
> > b/meta/recipes-connectivity/openssl/openssl.inc index 78ff7ae..cf60d4b
> > 100644
> > --- a/meta/recipes-connectivity/openssl/openssl.inc
> > +++ b/meta/recipes-connectivity/openssl/openssl.inc
> > @@ -13,6 +13,8 @@ LIC_FILES_CHKSUM =
> > "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8"> 
> >   DEPENDS = "perl-native-runtime"
> > 
> > +RRECOMMENDS_${PN} = "ca-certificates"
> > +
> > 
> >   SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
> >   
> >             "
> >   
> >   S = "${WORKDIR}/openssl-${PV}"
> 
> Any feedback on this?

I could be wrong, but this doesn't seem like the right thing to do. Surely 
individual *applications* that need ca-certificates in conjunction with OpenSSL 
should be adding it to their RRECOMMENDS?

Cheers,
Paul
Khem Raj - Sept. 25, 2013, 4:53 p.m.
On Sep 25, 2013, at 8:52 AM, Paul Eggleton <paul.eggleton@linux.intel.com> wrote:

> On Wednesday 25 September 2013 20:03:19 Muhammad Shakeel wrote:
>> On 09/19/2013 06:03 PM, Shakeel, Muhammad wrote:
>>> From: Muhammad Shakeel <muhammad_shakeel@mentor.com>
>>> 
>>> In some situations ca-certificates are required along with openssl
>>> to communicate securely, i.e. curl trying to fetch contents through https.
>>> 
>>> Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com>
>>> ---
>>> 
>>>  meta/recipes-connectivity/openssl/openssl.inc |    2 ++
>>>  1 file changed, 2 insertions(+)
>>> 
>>> diff --git a/meta/recipes-connectivity/openssl/openssl.inc
>>> b/meta/recipes-connectivity/openssl/openssl.inc index 78ff7ae..cf60d4b
>>> 100644
>>> --- a/meta/recipes-connectivity/openssl/openssl.inc
>>> +++ b/meta/recipes-connectivity/openssl/openssl.inc
>>> @@ -13,6 +13,8 @@ LIC_FILES_CHKSUM =
>>> "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8"> 
>>>  DEPENDS = "perl-native-runtime"
>>> 
>>> +RRECOMMENDS_${PN} = "ca-certificates"
>>> +
>>> 
>>>  SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
>>> 
>>>            "
>>> 
>>>  S = "${WORKDIR}/openssl-${PV}"
>> 
>> Any feedback on this?
> 
> I could be wrong, but this doesn't seem like the right thing to do. Surely 
> individual *applications* that need ca-certificates in conjunction with OpenSSL 
> should be adding it to their RRECOMMENDS?

may be RSUGGESTS_${PN} is an option here.

> 
> Cheers,
> Paul
> 
> -- 
> 
> Paul Eggleton
> Intel Open Source Technology Centre
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core

Patch

diff --git a/meta/recipes-connectivity/openssl/openssl.inc b/meta/recipes-connectivity/openssl/openssl.inc
index 78ff7ae..cf60d4b 100644
--- a/meta/recipes-connectivity/openssl/openssl.inc
+++ b/meta/recipes-connectivity/openssl/openssl.inc
@@ -13,6 +13,8 @@  LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8"
 
 DEPENDS = "perl-native-runtime"
 
+RRECOMMENDS_${PN} = "ca-certificates"
+
 SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
           "
 S = "${WORKDIR}/openssl-${PV}"