Hi Mikko, Thanks for working on this, particularly with upstream.
On Tue, 2022-10-04 at 13:10 +0300, Mikko Rapeli wrote: > Using openssl-native shared libraries correctly is hard. A number > of environment variables need to be correctly set or > the errors may be really confusing. openssl can be made > to detect these paths automatically, but upstream has rejected > these ideas. openssl-native provides a wrapper script for 'openssl' > binary, but shared library users like python3-cryptgraphy-native > need to have the shared libraries working directly. Thus follow > example from python3native.bbclass and implement this via > openssl-native.bbclass. > > If full certificate checking is needed, then users > also need to DEPEND on ca-certificates-native. > > See also: > https://lists.openembedded.org/g/openembedded-core/topic/93651845#170562 > https://github.com/openssl/openssl/issues/19242 > > Signed-off-by: Mikko Rapeli <[email protected]> > --- > documentation/ref-manual/classes.rst | 11 +++++++++++ > meta/classes/openssl-native.bbclass | 7 +++++++ > meta/recipes-connectivity/openssl/openssl_3.0.5.bb | 1 + > 3 files changed, 19 insertions(+) Docs are in a different repo to OE-Core so this patch would need to be split. I think it is worth referencing this too: https://github.com/openssl/openssl/pull/19260 I noticed there that the patches have thrown some compiler warnings: crypto/conf/conf_mod.c:667:20: error: passing 'const char *(int)' to parameter of type 'const void *' converts between void pointer and function pointer [-Werror,-Wpedantic] if (dladdr(OpenSSL_version, &info)) { crypto/conf/conf_mod.c: In function 'CONF_get1_default_config_file': crypto/conf/conf_mod.c:667:20: error: ISO C forbids passing argument 1 of 'dladdr' between function pointer and 'void *' [-Werror=pedantic] 667 | if (dladdr(OpenSSL_version, &info)) { | ^~~~~~~~~~~~~~~ In file included from /usr/aarch64-linux-gnu/include/link.h:25, from crypto/conf/conf_mod.c:34: /usr/aarch64-linux-gnu/include/dlfcn.h:98:32: note: expected 'const void *' but argument is of type 'const char * (*)(int)' 98 | extern int dladdr (const void *__address, Dl_info *__info) It may be worth fixing those just in case they consider the patch. I'm wondering whether we should just carry those patches? They don't look so invasive and it would save complicating things elsewhere in our codebase... Cheers, Richard
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#171386): https://lists.openembedded.org/g/openembedded-core/message/171386 Mute This Topic: https://lists.openembedded.org/mt/94110827/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
