[Buildroot] [PATCH 1/2] gnutls: Give library a default trust location
thomas.petazzoni at bootlin.com
Mon Dec 3 20:27:17 UTC 2018
On Fri, 16 Nov 2018 20:17:32 +0000, Trent Piepho wrote:
> Gnutls is building with no default location to look for CA certs. Since
> there are buildroot packages to provide these, configure it to use them
> by default.
> Configure gnutls to find them using the bundle file which contains all
> certs, rather than looking in the cert directory. When gnutls is told
> to use the directory, it loads *every* file in it. This means it loads
> the bundle with all certs, then loads each cert a second time using the
> individual pem files, and then loads them all the third time via the
> hash symlinks to the pem files.
> When p11-kit is enabled, use its trust module instead of the bundle
> file. p11-kit can be configured to use the bundle (the default), but it
> can do other things too, such as integrate with the "trust" command for
> adding and removing trust anchors.
> Signed-off-by: Trent Piepho <tpiepho at impinj.com>
> package/gnutls/gnutls.mk | 7 +++++++
> 1 file changed, 7 insertions(+)
Both patches applied. Thanks!
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
More information about the buildroot