mirror of
git://git.yoctoproject.org/poky
synced 2026-04-02 02:49:11 +00:00
42d32c4016
Openssl 3.2 has reached EOL. Some projects would like to use LTS version due to criticality and exposure of this component, so upgrade to 3.5 branch. Copy recipe from oe-core master fd3b1efb6f7ffb5505ff7eb95cae222e1db9f776 which is the last revision before disabling TLS 1/1.1 by default. Single change is replacing UNPACKDIR by WORKIDR (one occurence). (From OE-Core rev: c4fc6ee6986fbd05d72bf1e6bb1d2c4eee84e5db) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Paul Barker <paul@pbarker.dev> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
25 lines
1.1 KiB
Bash
25 lines
1.1 KiB
Bash
export OPENSSL_CONF="$OECORE_NATIVE_SYSROOT/usr/lib/ssl-3/openssl.cnf"
|
|
export OPENSSL_MODULES="$OECORE_NATIVE_SYSROOT/usr/lib/ossl-modules/"
|
|
export OPENSSL_ENGINES="$OECORE_NATIVE_SYSROOT/usr/lib/engines-3"
|
|
export BB_ENV_PASSTHROUGH_ADDITIONS="${BB_ENV_PASSTHROUGH_ADDITIONS:-} OPENSSL_CONF OPENSSL_MODULES OPENSSL_ENGINES"
|
|
|
|
# Respect host env SSL_CERT_FILE/SSL_CERT_DIR first, then auto-detected host cert, then cert in buildtools
|
|
# CAFILE/CAPATH is auto-detected when source buildtools
|
|
if [ -z "${SSL_CERT_FILE:-}" ]; then
|
|
if [ -n "${CAFILE:-}" ];then
|
|
export SSL_CERT_FILE="$CAFILE"
|
|
elif [ -e "${OECORE_NATIVE_SYSROOT}/etc/ssl/certs/ca-certificates.crt" ];then
|
|
export SSL_CERT_FILE="$OECORE_NATIVE_SYSROOT/usr/lib/ssl-3/certs/ca-certificates.crt"
|
|
fi
|
|
fi
|
|
|
|
if [ -z "${SSL_CERT_DIR:-}" ]; then
|
|
if [ -n "${CAPATH:-}" ];then
|
|
export SSL_CERT_DIR="$CAPATH"
|
|
elif [ -e "${OECORE_NATIVE_SYSROOT}/etc/ssl/certs/ca-certificates.crt" ];then
|
|
export SSL_CERT_DIR="$OECORE_NATIVE_SYSROOT/usr/lib/ssl-3/certs"
|
|
fi
|
|
fi
|
|
|
|
export BB_ENV_PASSTHROUGH_ADDITIONS="${BB_ENV_PASSTHROUGH_ADDITIONS:-} SSL_CERT_DIR SSL_CERT_FILE"
|