[Buildroot] [PATCH 1/2] gnutls: Give library a default trust location
peter at korsgaard.com
Sun Dec 16 14:25:33 UTC 2018
>>>>> "Trent" == Trent Piepho <tpiepho at impinj.com> writes:
> Gnutls is building with no default location to look for CA certs. Since
> there are buildroot packages to provide these, configure it to use them
> by default.
> Configure gnutls to find them using the bundle file which contains all
> certs, rather than looking in the cert directory. When gnutls is told
> to use the directory, it loads *every* file in it. This means it loads
> the bundle with all certs, then loads each cert a second time using the
> individual pem files, and then loads them all the third time via the
> hash symlinks to the pem files.
> When p11-kit is enabled, use its trust module instead of the bundle
> file. p11-kit can be configured to use the bundle (the default), but it
> can do other things too, such as integrate with the "trust" command for
> adding and removing trust anchors.
> Signed-off-by: Trent Piepho <tpiepho at impinj.com>
Committed both to 2018.02.x, 2018.08.x and 2018.11.x, thanks.
Bye, Peter Korsgaard
More information about the buildroot