glib-networking wants to use the certificates bundle, not the individual
certificates.
Generating the bundle is usually done with update-ca-certificates, but
that does not support running out-of-tree.
Fortiunately, and as Gustavo put it, update-ca-certificates is jsut a
glorified 'cat'. It is supposed to be fed a config file stating which
certificate to add/remove to/from the bundle, otherwise nothing fancy
(Oh, yes, running hooks after updating the bundle).
Since we do not need any of this in Buidlroot, we jsut generate a bundle
with all certificates unconditionally.
Reported-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Since the trailing slash is stripped from $($(PKG)_SITE) by pkg-generic.mk:
$(call DOWNLOAD,$($(PKG)_SITE:/=)/$($(PKG)_SOURCE))
so it is redundant.
This patch removes it from $(PKG)_SITE variable for BR consistency.
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
ca-certificates contains sensitive security-related information,
and we want to ensure the archive that we download has not been
compromised.
Add the sha1 and sha256 hashes from Debian's packaging.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Martin Bark <martin@barkynet.com>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Some new CA added, some removed.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Cc: Martin Bark <martin@barkynet.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
CA certificates used for SSL based applications. The package installs CA
certificates to /usr/share/ca-certificates and creates symbolic links under
/etc/ssl/certs. For example, the existing libcurl package will use these
certificates for https urls. Based on the debian ca-certifcates package.
[Peter: fixup comments as pointed out by Yann]
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
