On 6/8/21 6:31 PM, Roland Hieber wrote: > On Tue, Jun 08, 2021 at 05:53:28PM +0200, Bastian Krause wrote: >> Signed-off-by: Bastian Krause <[email protected]> >> --- >> rules/libcurl.in | 20 +++++++++++++++++++- >> rules/libcurl.make | 6 +++--- >> 2 files changed, 22 insertions(+), 4 deletions(-) >> >> diff --git a/rules/libcurl.in b/rules/libcurl.in >> index 390e495ca..632ed48e4 100644 >> --- a/rules/libcurl.in >> +++ b/rules/libcurl.in >> @@ -5,7 +5,8 @@ menuconfig LIBCURL >> prompt "libcurl " >> select LIBC_RT >> select ZLIB >> - select OPENSSL if LIBCURL_SSL >> + select OPENSSL if LIBCURL_SSL_OPENSSL >> + select GNUTLS if LIBCURL_SSL_GNUTLS >> select LIBSSH2 if LIBCURL_LIBSSH2 >> select CA_CERTIFICATES if LIBCURL_SSL_CA_CERTIFICATES && RUNTIME >> select C_ARES if LIBCURL_C_ARES >> @@ -58,6 +59,17 @@ config LIBCURL_SSL >> >> if LIBCURL_SSL >> >> +choice >> + prompt "SSL backend" >> + default LIBCURL_SSL_OPENSSL >> + >> + config LIBCURL_SSL_OPENSSL >> + bool "OpenSSL" >> + >> + config LIBCURL_SSL_GNUTLS >> + bool "GnuTLS" >> +endchoice >> + >> choice >> prompt "Central CA certificate storage" >> >> @@ -81,6 +93,12 @@ config LIBCURL_SSL_CA_CERTIFICATES_PATH >> >> endif >> >> +config LIBCURL_SSL_DEFAULT_BACKEND >> + string >> + default "openssl" if LIBCURL_SSL_OPENSSL >> + default "gnutls" if LIBCURL_SSL_GNUTLS >> + default "no" if !LIBCURL_SSL >> + >> config LIBCURL_SSL_CAPATH_PATH >> string "CA directory path" if LIBCURL_SSL_CAPATH >> default "/etc/ssl/certs" if LIBCURL_SSL_CAPATH || >> (LIBCURL_SSL_CA_CERTIFICATES && LIBCURL_SSL_CA_CERTIFICATES_PATH) >> diff --git a/rules/libcurl.make b/rules/libcurl.make >> index 5620ba276..7a915dce3 100644 >> --- a/rules/libcurl.make >> +++ b/rules/libcurl.make >> @@ -89,15 +89,15 @@ LIBCURL_CONF_OPT := \ >> --without-brotli \ >> --without-zstd \ >> --without-gssapi \ >> - --with-default-ssl-backend=$(call ptx/ifdef, >> PTXCONF_LIBCURL_SSL,openssl,no) \ >> + --with-default-ssl-backend=$(PTXCONF_LIBCURL_SSL_DEFAULT_BACKEND) \ >> --without-winssl \ >> --without-schannel \ >> --without-darwinssl \ >> --without-secure-transport \ >> --without-amissl \ >> - --with-ssl=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL,$(SYSROOT)/usr,no) \ >> + --with-ssl=$(call ptx/ifdef, >> PTXCONF_LIBCURL_SSL_OPENSSL,$(SYSROOT)/usr,no) \ >> --with-random=/dev/urandom \ >> - --without-gnutls \ >> + --with-gnutls=$(call ptx/ifdef, >> PTXCONF_LIBCURL_SSL_GNUTLS,$(SYSROOT)/usr,no) \ > > Without having looked further into this, it looks like you could build > libcurl with OpenSSL support, but use GnuTLS as default with ./configure > --with-default-ssl-backend=gnutls --with-ssl=/usr --with-gnutls=/usr …? > But our kconfig prevents that, so I think it's okay.
Yes, you can actually build curl with multiple backends. But I do not need that, so I leave that to someone in the future who needs it ;) Regards, Bastian > > - Roland > >> --without-mbedtls \ >> --without-wolfssl \ >> --without-mesalink \ >> -- >> 2.29.2 >> >> >> _______________________________________________ >> ptxdist mailing list >> [email protected] >> To unsubscribe, send a mail with subject "unsubscribe" to >> [email protected] >> > -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | _______________________________________________ ptxdist mailing list [email protected] To unsubscribe, send a mail with subject "unsubscribe" to [email protected]
