ca-certificates: add missing dependency to openssl

openssl and openssl-misc are required for update-ca-certificates to work correctly when c_rehash is enabled. Instead of having those in packageconfig, add them here as rdepends. Remove old ca-certificates recipe as upstream poky has a newer version. Task-number: QTBUG-57641 Change-Id: I3c76f86ec52c193cedecc51c50805c897b8e03b6 Reviewed-by: Teemu Holappa <teemu.holappa@qt.io> Reviewed-by: Kari Oikarinen <kari.oikarinen@qt.io>

ca-certificates: add missing dependency to openssl
openssl and openssl-misc are required for update-ca-certificates to work correctly when c_rehash is enabled. Instead of having those in packageconfig, add them here as rdepends. Remove old ca-certificates recipe as upstream poky has a newer version. Task-number: QTBUG-57641 Change-Id: I3c76f86ec52c193cedecc51c50805c897b8e03b6 Reviewed-by: Teemu Holappa <teemu.holappa@qt.io> Reviewed-by: Kari Oikarinen <kari.oikarinen@qt.io>
dd26c661 · Samuli Piippo · c53d98d5 · c53d98d5 · c53d98d5 · c53d98d5
Commit dd26c661 authored 8 years ago by Samuli Piippo
--- a/recipes/ca-certificates/ca-certificates/0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch
+++ b/recipes/ca-certificates/ca-certificates/0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch
-ca-certificates is a package from Debian, but some host distros such as Fedora
-have a leaner run-parts provided by cron which doesn't support --verbose or the
- -- separator between arguments and paths.
-
-This solves errors such as
-
-| Running hooks in [...]/rootfs/etc/ca-certificates/update.d...
-| [...]/usr/sbin/update-ca-certificates: line 194: Not: command not found
-
-Upstream-Status: Inappropriate
-Signed-off-by: Ross Burton <ross.burton@intel.com>
---
- sbin/update-ca-certificates | 4 +---
- 1 file changed, 1 insertion(+), 3 deletions(-)
-
-Index: git/sbin/update-ca-certificates
-===================================================================
--- git.orig/sbin/update-ca-certificates
-+++ git/sbin/update-ca-certificates
-@@ -191,9 +191,7 @@ if [ -d "$HOOKSDIR" ]
- then
- 
-   echo "Running hooks in $HOOKSDIR..."
-  VERBOSE_ARG=
-  [ "$verbose" = 0 ] || VERBOSE_ARG="--verbose"
-  eval run-parts "$VERBOSE_ARG" --test -- "$HOOKSDIR" | while read hook
-+  eval run-parts --test -- "$HOOKSDIR" | while read hook
-   do
-     ( cat "$ADDED"
-       cat "$REMOVED" ) | "$hook" || echo "E: $hook exited with code $?."
--- a/recipes/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch
+++ b/recipes/ca-certificates/ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch
-Upstream-Status: Pending
-
-From 724cb153ca0f607fb38b3a8db3ebb2742601cd81 Mon Sep 17 00:00:00 2001
-From: Andreas Oberritter <obi@opendreambox.org>
-Date: Tue, 19 Mar 2013 17:14:33 +0100
-Subject: [PATCH 2/2] update-ca-certificates: use $SYSROOT
-
-Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
---
- sbin/update-ca-certificates |   14 +++++++-------
- 1 file changed, 7 insertions(+), 7 deletions(-)
-
-Index: git/sbin/update-ca-certificates
-===================================================================
--- git.orig/sbin/update-ca-certificates
-+++ git/sbin/update-ca-certificates
-@@ -24,12 +24,12 @@
- verbose=0
- fresh=0
- default=0
-CERTSCONF=/etc/ca-certificates.conf
-CERTSDIR=/usr/share/ca-certificates
-LOCALCERTSDIR=/usr/local/share/ca-certificates
-+CERTSCONF=$SYSROOT/etc/ca-certificates.conf
-+CERTSDIR=$SYSROOT/usr/share/ca-certificates
-+LOCALCERTSDIR=$SYSROOT/usr/local/share/ca-certificates
- CERTBUNDLE=ca-certificates.crt
-ETCCERTSDIR=/etc/ssl/certs
-HOOKSDIR=/etc/ca-certificates/update.d
-+ETCCERTSDIR=$SYSROOT/etc/ssl/certs
-+HOOKSDIR=$SYSROOT/etc/ca-certificates/update.d
- 
- while [ $# -gt 0 ];
- do
-@@ -92,9 +92,9 @@ add() {
-   PEM="$ETCCERTSDIR/$(basename "$CERT" .crt | sed -e 's/ /_/g' \
-                                                   -e 's/[()]/=/g' \
-                                                   -e 's/,/_/g').pem"
-  if ! test -e "$PEM" || [ "$(readlink "$PEM")" != "$CERT" ]
-+  if ! test -e "$PEM" || [ "$(readlink "$PEM")" != "${CERT##$SYSROOT}" ]
-   then
-    ln -sf "$CERT" "$PEM"
-+    ln -sf "${CERT##$SYSROOT}" "$PEM"
-     echo "+$PEM" >> "$ADDED"
-   fi
-   # Add trailing newline to certificate, if it is missing (#635570)
--- a/recipes/ca-certificates/ca-certificates/default-sysroot.patch
+++ b/recipes/ca-certificates/ca-certificates/default-sysroot.patch
-Upstream-Status: Pending
-
-update-ca-certificates: find SYSROOT relative to its own location
-
-This makes the script relocatable.
-
-Index: git/sbin/update-ca-certificates
-===================================================================
--- git.orig/sbin/update-ca-certificates
-+++ git/sbin/update-ca-certificates
-@@ -66,6 +66,39 @@ do
-   shift
- done
- 
-+if [ -z "$SYSROOT" ]; then
-+  local_which () {
-+    if [ $# -lt 1 ]; then
-+      return 1
-+    fi
-+
-+    (
-+      IFS=:
-+      for entry in $PATH; do
-+        if [ -x "$entry/$1" ]; then
-+          echo "$entry/$1"
-+          exit 0
-+        fi
-+      done
-+      exit 1
-+    )
-+  }
-+
-+  case "$0" in
-+    */*)
-+      sbindir=$(cd ${0%/*} && pwd)
-+      ;;
-+    *)
-+      sbindir=$(cd $(dirname $(local_which $0)) && pwd)
-+      ;;
-+  esac
-+  prefix=${sbindir%/*}
-+  SYSROOT=${prefix%/*}
-+  if [ ! -d "$SYSROOT/usr/share/ca-certificates" ]; then
-+    SYSROOT=
-+  fi
-+fi
-+
- if [ ! -s "$CERTSCONF" ]
- then
-   fresh=1
--- a/recipes/ca-certificates/ca-certificates/sbindir.patch
+++ b/recipes/ca-certificates/ca-certificates/sbindir.patch
-Upstream-Status: Pending
-
-Let us alter the install destination of the script via SBINDIR
-
--- ca-certificates-20130119.orig/sbin/Makefile
-+++ ca-certificates-20130119/sbin/Makefile
-@@ -3,9 +3,12 @@
- #
- #
-
-+SBINDIR = /usr/sbin
-+
- all:
-
- clean:
-
- install:
-	install -m755 update-ca-certificates $(DESTDIR)/usr/sbin/
-+	install -d $(DESTDIR)$(SBINDIR)
-+	install -m755 update-ca-certificates $(DESTDIR)$(SBINDIR)/
--- a/recipes/ca-certificates/ca-certificates_%.bbappend
+++ b/recipes/ca-certificates/ca-certificates_%.bbappend
@@ -29,3 +29,6 @@

 SRC_URI_remove = "file://0001-update-ca-certificates-remove-c-rehash.patch"
 DEPENDS_class-native = "coreutils-native"
+
+# for c_rehash
+RDEPENDS_${PN}_class-target += "openssl openssl-misc"
--- a/recipes/ca-certificates/ca-certificates_20150426.bb
+++ b/recipes/ca-certificates/ca-certificates_20150426.bb
-SUMMARY = "Common CA certificates"
-DESCRIPTION = "This package includes PEM files of CA certificates to allow \
-SSL-based applications to check for the authenticity of SSL connections. \
-This derived from Debian's CA Certificates."
-HOMEPAGE = "http://packages.debian.org/sid/ca-certificates"
-SECTION = "misc"
-LICENSE = "GPL-2.0+ & MPL-2.0"
-LIC_FILES_CHKSUM = "file://debian/copyright;md5=48d2baf97986999e776b43c8dd9e0c5a"
-
-# This is needed to ensure we can run the postinst at image creation time
-DEPENDS = "ca-certificates-native"
-DEPENDS_class-native = ""
-
-# tag: debian/20150426 + 2
-SRCREV = "d4790d2832aaac9152f450e06661511067592227"
-
-SRC_URI = "git://anonscm.debian.org/collab-maint/ca-certificates.git \
-           file://0001-update-ca-certificates-remove-c-rehash.patch \
-           file://0002-update-ca-certificates-use-SYSROOT.patch \
-           file://0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch \
-           file://default-sysroot.patch \
-           file://sbindir.patch"
-
-S = "${WORKDIR}/git"
-
-inherit allarch
-
-EXTRA_OEMAKE = "\
-    'CERTSDIR=${datadir}/ca-certificates' \
-    'SBINDIR=${sbindir}' \
-"
-
-do_compile_prepend() {
-    oe_runmake clean
-}
-
-do_install () {
-    install -d ${D}${datadir}/ca-certificates \
-               ${D}${sysconfdir}/ssl/certs \
-               ${D}${sysconfdir}/ca-certificates/update.d
-    oe_runmake 'DESTDIR=${D}' install
-
-    install -d ${D}${mandir}/man8
-    install -m 0644 sbin/update-ca-certificates.8 ${D}${mandir}/man8/
-
-    install -d ${D}${sysconfdir}
-    {
-        echo "# Lines starting with # will be ignored"
-        echo "# Lines starting with ! will remove certificate on next update"
-        echo "#"
-        find ${D}${datadir}/ca-certificates -type f -name '*.crt' | \
-            sed 's,^${D}${datadir}/ca-certificates/,,'
-    } >${D}${sysconfdir}/ca-certificates.conf
-}
-
-do_install_append_class-target () {
-    sed -i -e 's,/etc/,${sysconfdir}/,' \
-           -e 's,/usr/share/,${datadir}/,' \
-           -e 's,/usr/local,${prefix}/local,' \
-        ${D}${sbindir}/update-ca-certificates \
-        ${D}${mandir}/man8/update-ca-certificates.8
-}
-
-pkg_postinst_${PN} () {
-    SYSROOT="$D" update-ca-certificates
-}
-
-CONFFILES_${PN} += "${sysconfdir}/ca-certificates.conf"
-
-# Postinsts don't seem to be run for nativesdk packages when populating SDKs.
-CONFFILES_${PN}_append_class-nativesdk = " ${sysconfdir}/ssl/certs/ca-certificates.crt"
-do_install_append_class-nativesdk () {
-    SYSROOT="${D}${SDKPATHNATIVE}" update-ca-certificates
-}
-
-do_install_append_class-native () {
-    SYSROOT="${D}${base_prefix}" ${D}${sbindir}/update-ca-certificates
-}
-
-BBCLASSEXTEND += "native nativesdk"
--- a/recipes/packagegroup/packagegroup-b2qt-embedded-base.bb
+++ b/recipes/packagegroup/packagegroup-b2qt-embedded-base.bb
@@ -38,7 +38,6 @@ MACHINE_EXTRA_INSTALL ?= ""
 RDEPENDS_${PN} = "\
        kernel-modules \
        linux-firmware \
-        openssl-misc \
        ca-certificates \
        liberation-fonts \
        ttf-devanagari \