* [meta-networking][PATCH] freeradius: check existence of openssl's commands in bootstrap
@ 2021-04-21 9:40 kai
0 siblings, 0 replies; only message in thread
From: kai @ 2021-04-21 9:40 UTC (permalink / raw)
To: openembedded-devel
From: Kai Kang <kai.kang@windriver.com>
It calls openssl's commands 'dhparam' and 'pkcs12' in script bootstrap.
These commands are configurable based on configure options 'no-dh' and
'no-des', and may not be provided by openssl. So check existence of
these commands. If not, abort running of script bootstrap.
1. https://github.com/openssl/openssl/blob/master/apps/build.info#L37
2. https://github.com/openssl/openssl/blob/master/apps/build.info#L22
Signed-off-by: Kai Kang <kai.kang@windriver.com>
---
...eck-openssl-cmds-in-script-bootstrap.patch | 38 +++++++++++++++++++
.../freeradius/freeradius_3.0.21.bb | 1 +
2 files changed, 39 insertions(+)
create mode 100644 meta-networking/recipes-connectivity/freeradius/files/check-openssl-cmds-in-script-bootstrap.patch
diff --git a/meta-networking/recipes-connectivity/freeradius/files/check-openssl-cmds-in-script-bootstrap.patch b/meta-networking/recipes-connectivity/freeradius/files/check-openssl-cmds-in-script-bootstrap.patch
new file mode 100644
index 000000000..fcadae93a
--- /dev/null
+++ b/meta-networking/recipes-connectivity/freeradius/files/check-openssl-cmds-in-script-bootstrap.patch
@@ -0,0 +1,38 @@
+bootstrap: check commands of openssl exist
+
+It calls openssl commands dhparam and pkcs12 in script bootstrap. These
+commands are configurable based on configure options 'no-dh' and
+'no-des', and may not be provided by openssl. So check existence of
+these commands. If not, abort running of script bootstrap.
+
+1. https://github.com/openssl/openssl/blob/master/apps/build.info#L37
+2. https://github.com/openssl/openssl/blob/master/apps/build.info#L22
+
+Upstream-Status: Denied [https://github.com/FreeRADIUS/freeradius-server/pull/4059]
+ The maintainer commented in the pull that the script could
+ be run on a host which provides these openssl commands.
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+---
+ raddb/certs/bootstrap | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/raddb/certs/bootstrap b/raddb/certs/bootstrap
+index 0f719aafd4..17feddbeeb 100755
+--- a/raddb/certs/bootstrap
++++ b/raddb/certs/bootstrap
+@@ -13,6 +13,14 @@
+ umask 027
+ cd `dirname $0`
+
++# check commands of openssl exist
++for cmd in dhparam pkcs12; do
++ if ! openssl ${cmd} -help >/dev/null 2>&1; then
++ echo "Error: command ${cmd} is not supported by openssl."
++ exit 1
++ fi
++done
++
+ make -h > /dev/null 2>&1
+
+ #
diff --git a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
index 864a4e944..a6df2aeb0 100644
--- a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
+++ b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
@@ -31,6 +31,7 @@ SRC_URI = "git://github.com/FreeRADIUS/freeradius-server.git;branch=v3.0.x;lfs=0
file://0001-workaround-error-with-autoconf-2.7.patch \
file://radiusd.service \
file://radiusd-volatiles.conf \
+ file://check-openssl-cmds-in-script-bootstrap.patch \
"
SRCREV = "af428abda249b2279ba0582180985a9f6f4a144a"
--
2.17.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2021-04-21 9:40 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-21 9:40 [meta-networking][PATCH] freeradius: check existence of openssl's commands in bootstrap kai
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.