aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/ca-certificates
Commit message (Collapse)AuthorAgeFilesLines
* ca-certificates: remove -- separatorMaciej Borzecki2016-08-101-1/+5
| | | | | | | | Options and directory separator -- slipped past the patch removing Debianims, thus resulting in failures on hosts running Fedora. Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* ca-certificates: add dependency for native/nativesdk on openssl-nativePaul Eggleton2016-06-031-1/+2
| | | | | | | | | | When running update-ca-certificates on the build host, as we do during do_install for ca-certificates-native (and nativesdk-ca-certificates), as of OE-Core commit cea46e7b8d9463306779301fa97f651d750f380f we now need openssl-native so it can run c_rehash. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ca-certificates: Add openssl as a runtime dependencyOtavio Salvador2016-05-301-0/+2
| | | | | | | | | The update-ca-certificates script uses the c_rehash utility which is installed by openssl. Add openssl as a runtime dependency to fulfill the utility requirement. Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com>
* ca-certificates: Use c_rehash utilityOtavio Salvador2016-05-252-47/+0
| | | | | | | | As now the c_rehash utility is available, we can use it. This removes the patch to disable its usage allowing for a standard SSL behaviour. Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ca-certificates: support ToyboxPatrick Ohly2016-04-182-0/+35
| | | | | | | | "mktemp -t" is deprecated and does not work when using Toybox. Replace with something that works also with Toybox. Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* ca-certificates: update to 20160104Alexander Kanavin2016-01-131-3/+2
| | | | | | | LICENSE checksum changed due to an updated file listing in debian/copyright Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ca-certificates: Update 20141019 -> 20150426Khem Raj2015-08-094-49/+37
| | | | | | | | Older SRCREV was not fetchable which triggered this upgrade Change-Id: I85d028294ff0018f4c81c6bb81ae262b18af7a87 Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ca-certificates: remove Debianism in run-parts invocationRoss Burton2015-07-072-0/+34
| | | | | | | | | | | ca-certificates comes from Debian but not all distros (i.e. Fedora) have a leaner run-parts that doesn't support the -- separator between options and paths, which causes this error: | Running hooks in [...]/rootfs/etc/ca-certificates/update.d... | [...]/usr/sbin/update-ca-certificates: line 194: Not: command not found Signed-off-by: Ross Burton <ross.burton@intel.com>
* ca-certificates: clean up before do_compile()Andreas Oberritter2015-03-241-0/+4
| | | | | | | | Otherwise the script which converts mozilla certificates extracts each certificate twice. Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ca-certificates: Upgrade to 20141019 (git based)Saul Wold2015-02-073-244/+10
| | | | | | | | Rebase default-sysroot patch Remove backported Mozilla certdata patch License has not changed, just wording. Signed-off-by: Saul Wold <sgw@linux.intel.com>
* ca-certificates: Update to 20140325Saul Wold2014-06-252-3/+233
| | | | | | | | | | | | Changes to debian/copyright: Update to "Copyright: Mozilla Contributors" for mozilla/{certdata.txt,nssckbi.h} Backported on additional patch from ca-certificates tree [YOCTO #6454] Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ca-certificates: generate CAfile for -native in do_installKoen Kooi2014-05-131-0/+4
| | | | | | | | | | | | | | | | | | Git-replacement-native needs the generated files in place for https:// URIs: WARNING: Failed to fetch URL git://github.com/kernelslacker/trinity.git;protocol=https, attempting MIRRORS if available ERROR: Fetcher failure: Fetch command failed with exit code 128, output: Cloning into bare repository '/build/linaro/build/build/downloads/git2/github.com.kernelslacker.trinity.git'... fatal: unable to access 'https://github.com/kernelslacker/trinity.git/': error setting certificate verify locations: CAfile: /build/linaro/build/build/tmp-eglibc/sysroots/x86_64-linux/etc/ssl/certs/ca-certificates.crt CApath: none ERROR: Function failed: Fetcher failure for URL: 'git://github.com/kernelslacker/trinity.git;protocol=https'. Unable to fetch URL from any source. ERROR: Logfile of failure stored in: /build/linaro/build/build/tmp-eglibc/work/aarch64-oe-linux/trinity/1.3-r0/temp/log.do_fetch.7843 ERROR: Task 1378 (/build/linaro/build/meta-linaro/meta-linaro/recipes-extra/trinity/trinity_1.3.bb, do_fetch) failed with exit code '1' Signed-off-by: Koen Kooi <koen.kooi@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ca-certificates: Clarify in Description that certs are Debian basedSaul Wold2013-10-181-1/+2
| | | | Signed-off-by: Saul Wold <sgw@linux.intel.com>
* nativesdk-ca-certificates: prepopulate ca-certificates.crtChristopher Larson2013-08-261-0/+6
| | | | | | | | As postinsts aren't run for nativesdk packages when populating an SDK, we need to prepopulate up-front. Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
* ca-certificates: add recipe (version 20130610)Christopher Larson2013-08-265-0/+239
We need this for certain nativesdk recipes, as we can't rely on the certificate path or bundle path being the same across distros, and it's useful in many cases on the target as well. This is based on the 20130119 recipe from meta-oe, with the following changes: - use the debian git repository to avoid vanishing sources - obey our target paths - default to a sysroot relative to the script location (make relocatable) - define SUMMARY - don't inherit autotools, this isn't an autotools package - add MPL-2.0 to LICENSE, as that's the license of the certdata - install the script man page - use a native rather than cross recipe, as it's not bound in any way to the target system - add nativesdk to bbclassextend, for use in SDKs Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>