git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit

buildtools-tarball: Make buildtools respects host CA certificates

To adapt user network enviroment, buildtools should first try to use
the user configured envs like SSL_CERT_FILE/CURL_CA_BUNDLE/..., if these
envs is not set, then use the auto-detected ca file and ca path, and
finally use the CA certificates in buildtools.

nativesdk-openssl set OPENSSLDIR as "/not/builtin", need set SSL_CERT_FILE/SSL_CERT_DIR to work

nativesdk-curl don't set default ca file, need
SSL_CERT_FILE/SSL_CERT_DIR or CURL_CA_BUNDLE/CURL_CA_PATH to work

nativesdk-git actually use libcurl, and GIT_SSL_CAPATH/GIT_SSL_CAINFO
also works

nativesdk-python3-requests will use cacert.pem under python module certifi by
default, need to set REQUESTS_CA_BUNDLE

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

author	Changqing Li <changqing.li@windriver.com>
	Tue, 15 Apr 2025 10:56:07 +0000 (18:56 +0800)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Thu, 24 Apr 2025 10:25:00 +0000 (11:25 +0100)
commit	8a7ec52e9b35654bee48cd948c6c34c63db3e265
tree	afb6f69c04e843a96a20e8541136790bf2ba181c	tree \| snapshot
parent	34c1f66c4c689b26a4c3129eb62f4ff9b6ec14be	commit \| diff

meta/recipes-connectivity/openssl/files/environment.d-openssl.sh		diff \| blob \| blame \| history
meta/recipes-core/meta/buildtools-tarball.bb		diff \| blob \| blame \| history
meta/recipes-devtools/git/git/environment.d-git.sh		diff \| blob \| blame \| history
meta/recipes-devtools/python/python3-requests/environment.d-python3-requests.sh		diff \| blob \| blame \| history
meta/recipes-support/curl/curl/environment.d-curl.sh		diff \| blob \| blame \| history