From: "Armin Kuster" <akuster808@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [hardknott 01/14] freeradius: check existence of openssl's commands in bootstrap
Date: Mon, 3 May 2021 12:11:54 -0700 [thread overview]
Message-ID: <601c0804998f2e478e42fe5a0008df18b73d3b8b.1620069041.git.akuster808@gmail.com> (raw)
In-Reply-To: <cover.1620069041.git.akuster808@gmail.com>
From: Kai Kang <kai.kang@windriver.com>
It calls openssl's commands 'dhparam' and 'pkcs12' in script bootstrap.
These commands are configurable based on configure options 'no-dh' and
'no-des', and may not be provided by openssl. So check existence of
these commands. If not, abort running of script bootstrap.
1. https://github.com/openssl/openssl/blob/master/apps/build.info#L37
2. https://github.com/openssl/openssl/blob/master/apps/build.info#L22
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c8ceefc5c3fa5ce87f0e1b0a8f5bb06b259d1e76)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
...eck-openssl-cmds-in-script-bootstrap.patch | 38 +++++++++++++++++++
.../freeradius/freeradius_3.0.21.bb | 1 +
2 files changed, 39 insertions(+)
create mode 100644 meta-networking/recipes-connectivity/freeradius/files/check-openssl-cmds-in-script-bootstrap.patch
diff --git a/meta-networking/recipes-connectivity/freeradius/files/check-openssl-cmds-in-script-bootstrap.patch b/meta-networking/recipes-connectivity/freeradius/files/check-openssl-cmds-in-script-bootstrap.patch
new file mode 100644
index 0000000000..fcadae93a0
--- /dev/null
+++ b/meta-networking/recipes-connectivity/freeradius/files/check-openssl-cmds-in-script-bootstrap.patch
@@ -0,0 +1,38 @@
+bootstrap: check commands of openssl exist
+
+It calls openssl commands dhparam and pkcs12 in script bootstrap. These
+commands are configurable based on configure options 'no-dh' and
+'no-des', and may not be provided by openssl. So check existence of
+these commands. If not, abort running of script bootstrap.
+
+1. https://github.com/openssl/openssl/blob/master/apps/build.info#L37
+2. https://github.com/openssl/openssl/blob/master/apps/build.info#L22
+
+Upstream-Status: Denied [https://github.com/FreeRADIUS/freeradius-server/pull/4059]
+ The maintainer commented in the pull that the script could
+ be run on a host which provides these openssl commands.
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+---
+ raddb/certs/bootstrap | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/raddb/certs/bootstrap b/raddb/certs/bootstrap
+index 0f719aafd4..17feddbeeb 100755
+--- a/raddb/certs/bootstrap
++++ b/raddb/certs/bootstrap
+@@ -13,6 +13,14 @@
+ umask 027
+ cd `dirname $0`
+
++# check commands of openssl exist
++for cmd in dhparam pkcs12; do
++ if ! openssl ${cmd} -help >/dev/null 2>&1; then
++ echo "Error: command ${cmd} is not supported by openssl."
++ exit 1
++ fi
++done
++
+ make -h > /dev/null 2>&1
+
+ #
diff --git a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
index 864a4e9447..a6df2aeb03 100644
--- a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
+++ b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
@@ -31,6 +31,7 @@ SRC_URI = "git://github.com/FreeRADIUS/freeradius-server.git;branch=v3.0.x;lfs=0
file://0001-workaround-error-with-autoconf-2.7.patch \
file://radiusd.service \
file://radiusd-volatiles.conf \
+ file://check-openssl-cmds-in-script-bootstrap.patch \
"
SRCREV = "af428abda249b2279ba0582180985a9f6f4a144a"
--
2.17.1
next prev parent reply other threads:[~2021-05-03 19:12 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-03 19:11 [hardknott 00/14] Patch review May 3 Armin Kuster
2021-05-03 19:11 ` Armin Kuster [this message]
2021-05-03 19:11 ` [hardknott 02/14] tbb: Re-introduce PE Armin Kuster
2021-05-03 19:11 ` [hardknott 03/14] python3-pysonos: Upgrade 0.0.42 -> 0.0.43 Armin Kuster
2021-05-03 19:11 ` [hardknott 04/14] python3-asttokens: Upgrade 2.0.4 -> 2.0.5 Armin Kuster
2021-05-03 19:11 ` [hardknott 05/14] python3-hyperframe: Upgrade 6.0.0 -> 6.0.1 Armin Kuster
2021-05-03 19:11 ` [hardknott 06/14] networkmanager: upgrade 1.30.2 -> 1.30.4 Armin Kuster
2021-05-03 19:12 ` [hardknott 07/14] libdvdread: upgrade 6.1.1 -> 6.1.2 Armin Kuster
2021-05-03 19:12 ` [hardknott 08/14] redis: upgrade 6.2.1 -> 6.2.2 Armin Kuster
2021-05-03 19:12 ` [hardknott 09/14] gimp: Disable vector icons on musl/x86 Armin Kuster
2021-05-03 19:12 ` [hardknott 10/14] gvfs: rdepend on gsettings-desktop-schemas Armin Kuster
2021-05-03 19:12 ` [hardknott 11/14] nss: upgrade 3.63 -> 3.64 Armin Kuster
2021-05-03 19:12 ` [hardknott 12/14] zram: add support for mem_limit Armin Kuster
2021-05-03 19:12 ` [hardknott 13/14] nostromo: Blacklist and exclude from world builds Armin Kuster
2021-05-03 19:12 ` [hardknott 14/14] packagegroup-meta-webserver: remove nostromo from pkg grp Armin Kuster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=601c0804998f2e478e42fe5a0008df18b73d3b8b.1620069041.git.akuster808@gmail.com \
--to=akuster808@gmail.com \
--cc=openembedded-devel@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.