[Buildroot] [PATCH v2 1/3] package/ca-certificates: don't hash certificates.crt
Martin Bark
martin at barkynet.com
Sat Jun 16 22:05:59 UTC 2018
Currently c_rehash mistakenly hashes the certificates bundle
certificates.crt resulting in ${TAGET_DIR}/etc/ssl/certs/128805a3.0
incorrectly linking to ca-certificates.crt when it should be linked to
EE_Certification_Centre_Root_CA_2.pem
To fix this install certificates.crt to /etc/ssl/certs after we run
c_rehash to prevent it getting hashed by mistake.
Note: $(TARGET_DIR)/etc/ssl/certs/ is already removed during install so
this fix also works for rebuilds.
Signed-off-by: Martin Bark <martin at barkynet.com>
---
Changes v1 -> v2:
- reword commit message and improve creation of ca-certificates.crt
(Suggested By Peter Korsgaard)
---
package/ca-certificates/ca-certificates.mk | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/package/ca-certificates/ca-certificates.mk b/package/ca-certificates/ca-certificates.mk
index c19d37788b..9685d0e6f0 100644
--- a/package/ca-certificates/ca-certificates.mk
+++ b/package/ca-certificates/ca-certificates.mk
@@ -33,11 +33,15 @@ define CA_CERTIFICATES_INSTALL_TARGET_CMDS
cd $(TARGET_DIR) ;\
for i in `find usr/share/ca-certificates -name "*.crt"` ; do \
ln -sf ../../../$$i etc/ssl/certs/`basename $${i} .crt`.pem ;\
- cat $$i >>etc/ssl/certs/ca-certificates.crt ;\
- done
+ cat $$i ;\
+ done >$(@D)/ca-certificates.crt
# Create symlinks to the certificates by their hash values
$(HOST_DIR)/bin/c_rehash $(TARGET_DIR)/etc/ssl/certs
+
+ # Install the certificates bundle
+ $(INSTALL) -D -m 644 $(@D)/ca-certificates.crt \
+ $(TARGET_DIR)/etc/ssl/certs/ca-certificates.crt
endef
$(eval $(generic-package))
--
2.17.1
More information about the buildroot
mailing list