Yes.  Absolutely. I will attach a patch to that bug today.

On Dec 21, 2011 7:55 AM, "Saul Wold" <sgw@linux.intel.com> wrote:
On 12/20/2011 03:41 PM, Andrei Gherzan wrote:
On 12/20/2011 08:18 PM, Saul Wold wrote:
On 12/20/2011 03:09 AM, Andrei Gherzan wrote:
I can look over this as well but there would be a problem: i don't know
what solution to choose. I can take this package out from WHITELIST,
ican make wpa_supplicant to compile with openssl and not with gnutls...
i can compile wpa-supplicant without gnutls-extra and so on... What do
you say?
I think it needs to stay in the WHITELIST for know, until we have some
kind of future change that can determine package based LICENSE info
and build accordingly (that's a different issue then this right now).

What does wpa-supplicant use from gnutls-extra? What functionality
could be lost? This might be the best approach, and could be a
conditional patch based on GPLv3 or not (see code in util-linux_2.19.1)

For WPA-supplicant and openssl, are there know issues?

Sau!

_______________________________________________
poky mailing list
poky@yoctoproject.org
https://lists.yoctoproject.org/listinfo/poky


Well things seem to be like this. wpa-supplicant has 3 ways of
implementing TLS:
1. internal
2. openssl
3. gnutls + optional gnutls extra.

For internal there are only these features:
1. can be used in place of an external TLS/crypto library
2. TLSv1
3. X.509 certificate processing
4. PKCS #1
5. ASN.1
6. RSA
7. bignum
8. minimal size (ca. 50 kB binary, parts of which are already needed for
WPA; TLSv1/X.509/ASN.1/RSA/bignum parts are about 25 kB on x86)

OpenSSL has a license problem (as i recall). It is not GPL compatible.

gnutls comes optionally with gnutls-extra. This rpm implements TLS/IA.

"The TLS/IA protocol was designed to be used in the EAP-TTLSv1
protocol, to perform user authentication of Wireless LAN network nodes
using IEEE 802.1x. The TLS/IA and TTLSv1 protocols were published
through the IETF and descriptions"

My choice would be to eliminate this feature and build wpa-suplicant
without gnutls-extra. In this way we have a solid TLS implementations,
GPL compatible with a little compromise. Obviously, this would be only
in a non-GPLv3 build.
That was also the direction I was leaning as you might have been able to tell, I just to be sure of the functionality lose.  Do you think it's possible to implement it as a conditional on the INCOMPATIBLE_LICENSE having GPLv3?

Thanks again
       Sau!