[Buildroot] [PATCH 1/2] gnutls: Give library a default trust location

Thomas Petazzoni thomas.petazzoni at bootlin.com
Mon Dec 3 20:27:17 UTC 2018


On Fri, 16 Nov 2018 20:17:32 +0000, Trent Piepho wrote:
> Gnutls is building with no default location to look for CA certs.  Since
> there are buildroot packages to provide these, configure it to use them
> by default.
> Configure gnutls to find them using the bundle file which contains all
> certs, rather than looking in the cert directory.  When gnutls is told
> to use the directory, it loads *every* file in it.  This means it loads
> the bundle with all certs, then loads each cert a second time using the
> individual pem files, and then loads them all the third time via the
> hash symlinks to the pem files.
> When p11-kit is enabled, use its trust module instead of the bundle
> file.  p11-kit can be configured to use the bundle (the default), but it
> can do other things too, such as integrate with the "trust" command for
> adding and removing trust anchors.
> Signed-off-by: Trent Piepho <tpiepho at impinj.com>
> ---
>  package/gnutls/gnutls.mk | 7 +++++++
>  1 file changed, 7 insertions(+)

Both patches applied. Thanks!

Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering

More information about the buildroot mailing list