[Buildroot] [PATCH 1/1] package/ca-certificates: add support for cryptography > 3.0
Peter Korsgaard
peter at korsgaard.com
Mon Nov 14 20:20:37 UTC 2022
>>>>> "Yann" == Yann E MORIN <yann.morin.1998 at free.fr> writes:
> Justin, All,
> On 2022-11-02 12:56 -0400, jwood+buildroot at starry.com spake thusly:
>> From: Justin Wood <jwood at starry.com>
>>
>> This patch was originally submitted upstream at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008244
>> by Wataru Ashihara <wsh at iij.ad.jp>. Minor changes by me to account for the Buildroot change in 0001-*.patch.
>>
>> Building ca-certificates with a newer cryptography is breaking without this patch, and building buildroots
>> `python-cryptography` package first doesn't change the broken behavior.
> I've reworded the commit log in a more logical manner (explain what
> breaks and why, then how we fix it).
> I also notice that the bug report states that cryptography 3.0 is also
> affected, so I tweaked the commit title accordingly.
>> Signed-off-by: Justin Wood <jwood at starry.com>
> Applied to master, thanks.
This is patching code we've added ourselves in patch 0001, so perhaps it
makes sense to invert the order of the patches, merge them or simply
drop the certdata2pem.py call completely? We don't build
host-python-cryptography automatically, so it can only happen if the
recently added optee-os option is selected (or a custom package), and
they happen to build before ca-certificates.
Committed to 2022.08.x, thanks (we don't have host-python-cryptography
in 2022.02.x).
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list