git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit

author	Changqing Li <changqing.li@windriver.com>
	Mon, 28 Apr 2025 07:11:46 +0000 (15:11 +0800)
committer	Steve Sakoman <steve@sakoman.com>
	Thu, 8 May 2025 20:19:12 +0000 (13:19 -0700)
commit	0d5f241eee19c0dff9f9f59949485414935edaa2
tree	c5aca2f02872a7d15563426e6e0dd6d285d23d45	tree \| snapshot
parent	5fa8cb40395977722d0d5a2271c8044598fb1f01	commit \| diff

buildtools-tarball: Make buildtools respects host CA certificates

To adapt user network enviroment, buildtools should first try to use
the user configured envs like SSL_CERT_FILE/CURL_CA_BUNDLE/..., if these
envs is not set, then use the auto-detected ca file and ca path, and
finally use the CA certificates in buildtools.

nativesdk-openssl set OPENSSLDIR as "/not/builtin", need set SSL_CERT_FILE/SSL_CERT_DIR to work

nativesdk-curl don't set default ca file, need
SSL_CERT_FILE/SSL_CERT_DIR or CURL_CA_BUNDLE/CURL_CA_PATH to work

nativesdk-git actually use libcurl, and GIT_SSL_CAPATH/GIT_SSL_CAINFO
also works

nativesdk-python3-requests will use cacert.pem under python module certifi by
default, need to set REQUESTS_CA_BUNDLE

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

meta/recipes-connectivity/openssl/files/environment.d-openssl.sh		diff \| blob \| blame \| history
meta/recipes-core/meta/buildtools-tarball.bb		diff \| blob \| blame \| history
meta/recipes-devtools/git/git/environment.d-git.sh		diff \| blob \| blame \| history
meta/recipes-devtools/python/python3-requests/environment.d-python3-requests.sh		diff \| blob \| blame \| history
meta/recipes-support/curl/curl/environment.d-curl.sh		diff \| blob \| blame \| history