mirror of
https://git.yoctoproject.org/poky
synced 2026-03-06 15:29:40 +01:00
25fa4e9e8f
The c_rehash utility is supposed to be run in the folder /etc/ssl/certs of a rootfs where the package ca-certificates puts symlinks to various CA certificates stored in /usr/share/ca-certificates/mozilla/. These symlinks are absolute. This means that when c_rehash is run at rootfs creation time it can't hash the actual files since they actually reside in the build host's directory $SYSROOT/usr/share/ca-certificates/mozilla/. This problem doesn't reproduce when building on Debian or Ubuntu hosts though, because these OSs have the certificates installed in the same /usr/share/ca-certificates/mozilla/ folder. Images built in other distros, e.g. Fedora, have problems with connecting to https servers when using e.g. python's http lib. The patch fixes c_rehash to check if it runs on a build host by testing $SYSROOT and to translate the paths to certificates accordingly. (From OE-Core rev: 5199b990edf4d9784c19137d0ce9ef141cd85e46) (From OE-Core rev: 9ab0cba49d9ab67aacfcfb47689f4a77a72a0866) Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>