| Message ID | 20221004062843.2541778-2-mbriand@witekio.com |
|---|---|
| State | New |
| Headers | show |
| Series | [meta-networking,dunfell,1/4] mbedtls: Fix CVE product name | expand |
Why did the LIC_FILES_CHKSUM change? - armin On 10/4/22 2:28 AM, Mathieu Dubois-Briand wrote: > Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com> > --- > .../mbedtls/{mbedtls_2.16.6.bb => mbedtls_2.16.12.bb} | 11 +++++++---- > 1 file changed, 7 insertions(+), 4 deletions(-) > rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_2.16.6.bb => mbedtls_2.16.12.bb} (81%) > > diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.16.6.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.16.12.bb > similarity index 81% > rename from meta-networking/recipes-connectivity/mbedtls/mbedtls_2.16.6.bb > rename to meta-networking/recipes-connectivity/mbedtls/mbedtls_2.16.12.bb > index 0ad1e02630a8..adb8e4a2c994 100644 > --- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.16.6.bb > +++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.16.12.bb > @@ -18,13 +18,16 @@ understand what the code does. It features: \ > HOMEPAGE = "https://tls.mbed.org/" > > LICENSE = "Apache-2.0" > -LIC_FILES_CHKSUM = "file://LICENSE;md5=302d50a6369f5f22efdb674db908167a" > +LIC_FILES_CHKSUM = " \ > + file://LICENSE;md5=d32b51202e173d9e438ca20f008209a1 \ > + file://apache-2.0.txt;md5=3b83ef96387f14655fc854ddc3c6bd57 \ > + " > > SECTION = "libs" > > -SRC_URI = "https://tls.mbed.org/download/mbedtls-${PV}-apache.tgz" > -SRC_URI[md5sum] = "1f629a43c166de2eca808f3e30aa961d" > -SRC_URI[sha256sum] = "66455e23a6190a30142cdc1113f7418158839331a9d8e6b0778631d077281770" > +SRC_URI = "https://github.com/Mbed-TLS/mbedtls/archive/refs/tags/v${PV}.tar.gz" > +SRC_URI[md5sum] = "f3a7b041c43b35c883632a1773bf61a6" > +SRC_URI[sha256sum] = "294871ab1864a65d0b74325e9219d5bcd6e91c34a3c59270c357bb9ae4d5c393" > > inherit cmake >
On Tue, Oct 04, 2022 at 02:16:35PM -0400, akuster808 wrote: > Why did the LIC_FILES_CHKSUM change? > Oh yeh, good question ! Previous LICENSE file was Apache 2.0 license, now we have three files: - LICENSE, who basically says "SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later". https://github.com/Mbed-TLS/mbedtls/blob/v2.16.12/LICENSE - apache-2.0.txt, well the Apache 2.0 license. - gpl-2.0.txt, that I choose to not include in LIC_FILES_CHKSUM, as LICENSE only refer to Apache. Now, saying this, maybe I should switch LICENSE to "GPL-2.0-or-later|Apache-2.0" and use all three files in LIC_FILES_CHKSUM ? Best regards, Mathieu
On Wed, Oct 05, 2022 at 10:24:15AM +0200, Mathieu Dubois-Briand wrote: > On Tue, Oct 04, 2022 at 02:16:35PM -0400, akuster808 wrote: > > Why did the LIC_FILES_CHKSUM change? > > > > Oh yeh, good question ! > > Previous LICENSE file was Apache 2.0 license, now we have three files: > - LICENSE, who basically says "SPDX-License-Identifier: Apache-2.0 OR > GPL-2.0-or-later". https://github.com/Mbed-TLS/mbedtls/blob/v2.16.12/LICENSE > - apache-2.0.txt, well the Apache 2.0 license. > - gpl-2.0.txt, that I choose to not include in LIC_FILES_CHKSUM, as > LICENSE only refer to Apache. > > Now, saying this, maybe I should switch LICENSE to > "GPL-2.0-or-later|Apache-2.0" and use all three files in > LIC_FILES_CHKSUM ? > > Best regards, > Mathieu Any news regarding this patch set ? Do you believe I should change the LICENSE content ? Best regards, Mathieu
diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.16.6.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.16.12.bb similarity index 81% rename from meta-networking/recipes-connectivity/mbedtls/mbedtls_2.16.6.bb rename to meta-networking/recipes-connectivity/mbedtls/mbedtls_2.16.12.bb index 0ad1e02630a8..adb8e4a2c994 100644 --- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.16.6.bb +++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.16.12.bb @@ -18,13 +18,16 @@ understand what the code does. It features: \ HOMEPAGE = "https://tls.mbed.org/" LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=302d50a6369f5f22efdb674db908167a" +LIC_FILES_CHKSUM = " \ + file://LICENSE;md5=d32b51202e173d9e438ca20f008209a1 \ + file://apache-2.0.txt;md5=3b83ef96387f14655fc854ddc3c6bd57 \ + " SECTION = "libs" -SRC_URI = "https://tls.mbed.org/download/mbedtls-${PV}-apache.tgz" -SRC_URI[md5sum] = "1f629a43c166de2eca808f3e30aa961d" -SRC_URI[sha256sum] = "66455e23a6190a30142cdc1113f7418158839331a9d8e6b0778631d077281770" +SRC_URI = "https://github.com/Mbed-TLS/mbedtls/archive/refs/tags/v${PV}.tar.gz" +SRC_URI[md5sum] = "f3a7b041c43b35c883632a1773bf61a6" +SRC_URI[sha256sum] = "294871ab1864a65d0b74325e9219d5bcd6e91c34a3c59270c357bb9ae4d5c393" inherit cmake
Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com> --- .../mbedtls/{mbedtls_2.16.6.bb => mbedtls_2.16.12.bb} | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_2.16.6.bb => mbedtls_2.16.12.bb} (81%)