utils/genrandconfig: use --no-check-certificate in wget by default

A number of autobuilder failures are due to the fact that autobuilder instances use old distributions, with old SSL certificates, and therefore wget aborts with an error "The certificate of `xyz.org' is not trusted.". In order to avoid such failures that are not very interesting in the context of the autobuilders, we pass --no-check-certificate to wget. The integrity of the downloaded files is anyway verified by the hashes, and this is only meant to be used in the context of testing/CI, not in production. Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> (cherry picked from commit 0866a280e4) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-02 23:29:38 +02:00 · 2017-09-02 23:29:38 +02:00 · 4a1a806d48
commit 4a1a806d48
parent 560b1d374e
1 changed files with 3 additions and 0 deletions
--- a/utils/genrandconfig
+++ b/utils/genrandconfig
@ -347,6 +347,9 @@ def gen_config(args):
    with open(minimalconfigfile) as minimalf:
        configlines += minimalf.readlines()

+    # Allow hosts with old certificates to download over https
+    configlines.append("BR2_WGET=\"wget --passive-ftp -nd -t 3 --no-check-certificate\"")
+
    # Amend the configuration with a few things.
    if randint(0, 20) == 0:
        configlines.append("BR2_ENABLE_DEBUG=y\n")