<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/poky.git/meta/recipes-support/ca-certificates, branch hardknott</title>
<subtitle>Mirror of git.yoctoproject.org/poky</subtitle>
<id>https://git.enea.com/cgit/linux/poky.git/atom?h=hardknott</id>
<link rel='self' href='https://git.enea.com/cgit/linux/poky.git/atom?h=hardknott'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/'/>
<updated>2021-11-21T11:40:35+00:00</updated>
<entry>
<title>meta: add explicit branch and protocol to SRC_URI</title>
<updated>2021-11-21T11:40:35+00:00</updated>
<author>
<name>Anuj Mittal</name>
<email>anuj.mittal@intel.com</email>
</author>
<published>2021-11-10T03:56:20+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=d64469d524cac772f1f0a24ba75f69ef636e2aeb'/>
<id>urn:sha1:d64469d524cac772f1f0a24ba75f69ef636e2aeb</id>
<content type='text'>
Add branch name explicitly to SRC_URI where it's not defined and switch
to using https protocol for Github projects.

The change was made using convert-srcuri script in scripts/contrib.

(From OE-Core rev: ab781d4e3fa7425d96ea770ddfd0f01f62018c5b)

Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ca-certificates: update 20210119 -&gt; 20211016</title>
<updated>2021-11-03T11:19:04+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2021-10-19T15:33:29+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=a35a3ce1bf28e7c79951a9f16160b432894d7c89'/>
<id>urn:sha1:a35a3ce1bf28e7c79951a9f16160b432894d7c89</id>
<content type='text'>
(From OE-Core rev: 9c351e7a0b6e4e1cc58e3855d8b711d64764a7e3)

Signed-off-by: Alexander Kanavin &lt;alex@linutronix.de&gt;
Signed-off-by: Alexandre Belloni &lt;alexandre.belloni@bootlin.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit c479b8a810d966d7267af1b4dac38a46f55fc547)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ca-certificates: Fix openssl runtime cert dependencies</title>
<updated>2021-04-30T13:37:25+00:00</updated>
<author>
<name>Khem Raj</name>
<email>raj.khem@gmail.com</email>
</author>
<published>2021-04-18T22:53:10+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=1a3ffc03d5fdee2b5c8b0874f238be3f7bf79eb8'/>
<id>urn:sha1:1a3ffc03d5fdee2b5c8b0874f238be3f7bf79eb8</id>
<content type='text'>
With commit dc778c70449ee5401b5a24ad18b22b88338c47c5, dependency was
moved to openssl-bin which in itself was a fine change, but dropping
dependency on openssl too should have been kept along, dropping this
meant that openssl binary wont be able to validate secure connections as
the CApath files wont be installed, which infact are required for
openssl bins to work, following call e.g. fails

$ openssl s_client -connect google.com:443

....
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 256 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 20 (unable to get local issuer certificate)
....

The local issuer certs are not found in default location
/usr/lib/ssh-1.1/certs, this dir and its content is installed by openssl package
therefore re-add the dependency on openssl

(From OE-Core rev: 84afcdcb9d7ee24596bd3f8d808d30c9d558d918)

Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
Cc: Andrei Gherzan &lt;andrei@gherzan.ro&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit eaf377315efc73d6ffe361372a873918b3bb3bf5)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ca-certificates: Clean up two patches and submit upstream</title>
<updated>2021-02-23T22:35:01+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2021-02-20T15:45:46+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=c79cc7dcbec13e10a2a6750bbcd96142eb073829'/>
<id>urn:sha1:c79cc7dcbec13e10a2a6750bbcd96142eb073829</id>
<content type='text'>
(From OE-Core rev: f3eabbb5c15fb55ae3d46b2377c09bb58226d965)

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ca-certificates: upgrade 20200601 -&gt; 20210119</title>
<updated>2021-01-30T10:41:04+00:00</updated>
<author>
<name>zhengruoqin</name>
<email>zhengrq.fnst@cn.fujitsu.com</email>
</author>
<published>2021-01-28T10:05:52+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=3f1c05e14840ce0db9a8ca813dca0466520888d8'/>
<id>urn:sha1:3f1c05e14840ce0db9a8ca813dca0466520888d8</id>
<content type='text'>
0001-certdata2pem.py-use-python3.patch
removed since it is included in 20210119

(From OE-Core rev: afd86357e07f69090eaff4c5db2c517867dd4ccf)

Signed-off-by: Zheng Ruoqin &lt;zhengrq.fnst@cn.fujitsu.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ca-certificates: correct upstream version check</title>
<updated>2020-06-09T12:14:00+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2020-06-08T07:46:58+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=b70b4c9bbba9cb5f60d9500acc9ed97112c5a411'/>
<id>urn:sha1:b70b4c9bbba9cb5f60d9500acc9ed97112c5a411</id>
<content type='text'>
(From OE-Core rev: 9bc2943a7819c7e6d1bd4c1c03b265671811784c)

Signed-off-by: Alexander Kanavin &lt;alex.kanavin@gmail.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ca-certificates: upgrade 20190110 -&gt; 20200601</title>
<updated>2020-06-04T12:27:32+00:00</updated>
<author>
<name>Wang Mingyu</name>
<email>wangmy@cn.fujitsu.com</email>
</author>
<published>2020-06-03T10:51:57+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=00a50debbbb5404108af92e1a7fab80cf2c70e88'/>
<id>urn:sha1:00a50debbbb5404108af92e1a7fab80cf2c70e88</id>
<content type='text'>
-License-Update: format changed

(From OE-Core rev: 0007f38b03bcb0bd561bd9181fbffc7dec47fe9a)

Signed-off-by: Wang Mingyu &lt;wangmy@cn.fujitsu.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ca-certificates: use python 3 for builds</title>
<updated>2019-09-01T21:33:07+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2019-08-30T12:49:51+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=2100fbe529e3031e4b0f7997acbfe781f25104dd'/>
<id>urn:sha1:2100fbe529e3031e4b0f7997acbfe781f25104dd</id>
<content type='text'>
(From OE-Core rev: 8157c6d32e2af67211eb8fcd048a0771f10f7b26)

Signed-off-by: Alexander Kanavin &lt;alex.kanavin@gmail.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ca-certificates: Fix reproducibilty and multilib issue</title>
<updated>2019-08-29T16:12:34+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2019-08-29T11:10:16+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=ba6a568512d46d49173998a7fb15cd8ee3302551'/>
<id>urn:sha1:ba6a568512d46d49173998a7fb15cd8ee3302551</id>
<content type='text'>
This command was dependent on the order of files on the disk and for multilib builds
could result in:

Error: Transaction check error:
  file /etc/ca-certificates.conf conflicts between attempted installs of ca-certificates-20190110-r0.core2_32 and lib64-ca-certificates-20190110-r0.x86_64

Sorting the file makes things deterministic.

(From OE-Core rev: c8f329fc562c9eecdcc1cb10d2c7661f44110fb4)

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ca-certificates: Fix openssl runtime dependencies</title>
<updated>2019-05-31T14:36:20+00:00</updated>
<author>
<name>Andrei Gherzan</name>
<email>andrei@gherzan.ro</email>
</author>
<published>2019-05-30T12:22:23+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=024825532e9a855403cd0d2b08d8d9da4b9f0f5e'/>
<id>urn:sha1:024825532e9a855403cd0d2b08d8d9da4b9f0f5e</id>
<content type='text'>
Since yocto thud, and more specifically since poky switched to
openssl 1.1 line, the openssl binary is provided by 'openssl-bin'. This
impacts the native and nativesdk recipe variants as well.

(From OE-Core rev: dc778c70449ee5401b5a24ad18b22b88338c47c5)

Signed-off-by: Andrei Gherzan &lt;andrei@gherzan.ro&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
</feed>
