new file mode 100644
@@ -0,0 +1,7 @@
+DEPENDS += "openssl-native"
+
+export OPENSSL_MODULES="${STAGING_LIBDIR_NATIVE}/ossl-modules"
+export OPENSSL_ENGINES="${STAGING_LIBDIR_NATIVE}/engines-3"
+export OPENSSL_CONF="${STAGING_LIBDIR_NATIVE}/ssl-3/openssl.cnf"
+export SSL_CERT_DIR="${STAGING_LIBDIR_NATIVE}/ssl-3/certs"
+export SSL_CERT_FILE="${STAGING_LIBDIR_NATIVE}/ssl-3/cert.pem"
@@ -163,6 +163,7 @@ do_install () {
ln -sf ${@oe.path.relative('${libdir}/ssl-3', '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-3/openssl.cnf
}
+# Please keep openssl-native.bbclass in sync with this wrapper
do_install:append:class-native () {
create_wrapper ${D}${bindir}/openssl \
OPENSSL_CONF=${libdir}/ssl-3/openssl.cnf \
Using openssl-native shared libraries correctly is hard. A number of environment variables need to be correctly set or the errors may be really confusing. openssl can be made to detect these paths automatically, but upstream has rejected these ideas. openssl-native provides a wrapper script for 'openssl' binary, but shared library users like python3-cryptgraphy-native need to have the shared libraries working directly. Thus follow example from python3native.bbclass and implement this via openssl-native.bbclass. If full certificate checking is needed, then users also need to DEPEND on ca-certificates-native. See also: https://lists.openembedded.org/g/openembedded-core/topic/93651845#170562 https://github.com/openssl/openssl/issues/19242 https://github.com/openssl/openssl/pull/19260 Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> --- meta/classes/openssl-native.bbclass | 7 +++++++ meta/recipes-connectivity/openssl/openssl_3.0.5.bb | 1 + 2 files changed, 8 insertions(+) create mode 100644 meta/classes/openssl-native.bbclass v3: no changes v2: no changes v1: https://lists.openembedded.org/g/openembedded-core/topic/docs_patch_1_4/94110827?p=,,,20,0,0,0::recentpostdate/sticky,,,20,2,0,94110827,previd%3D1664895400514033654,nextid%3D1664840452025327543&previd=1664895400514033654&nextid=1664840452025327543