[Buildroot] [PATCH v2 1/3] package/ca-certificates: don't hash certificates.crt
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Sun Jun 17 19:25:47 UTC 2018
Hello,
On Sat, 16 Jun 2018 23:05:59 +0100, Martin Bark wrote:
> Currently c_rehash mistakenly hashes the certificates bundle
> certificates.crt resulting in ${TAGET_DIR}/etc/ssl/certs/128805a3.0
> incorrectly linking to ca-certificates.crt when it should be linked to
> EE_Certification_Centre_Root_CA_2.pem
I can't reproduce this issue here:
output/target$ ls -l etc/ssl/certs/128805a3.0
lrwxrwxrwx 1 thomas thomas 35 Jun 17 20:58 etc/ssl/certs/128805a3.0 -> EE_Certification_Centre_Root_CA.pem
Also, during the review, you said that you noticed this problem when
comparing the /etc/ssl/certs generated by Buildroot with the one
available in Ubuntu.
On Fedora, it looks just like this:
$ ls -l /etc/ssl/certs/
total 4
lrwxrwxrwx 1 root root 49 May 18 13:21 ca-bundle.crt -> /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
lrwxrwxrwx 1 root root 55 May 18 13:21 ca-bundle.trust.crt -> /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt
-rw-r--r-- 1 root root 2516 Apr 3 13:18 Makefile
So it really doesn't look like what Buildroot produces. But I'm not
familiar at all with those certificates.
Peter, since you've reviewed the previous iteration of this patch
series, perhaps you can take care of merging it ?
Thanks!
Thomas Petazzoni
--
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list