diff options
| author | Enrico Jörns <ejo@pengutronix.de> | 2025-07-03 15:21:05 +0200 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2025-07-10 10:47:30 +0100 |
| commit | de46ad45f6b12f0cd553b288e1e0144169ee3537 (patch) | |
| tree | 335ce776aeaf235fdd7a770aef95785e839f30fd | |
| parent | e5e8f2aa0a63df555f79b79205c3900c33d90d50 (diff) | |
| download | poky-de46ad45f6b12f0cd553b288e1e0144169ee3537.tar.gz | |
openssl: add workaround for broken paths in native libcrypto.pc
Since d1b29222 ("openssl-native(sdk): poision built in paths") the
workaround for host path contamination in native(sdk) openssl is fixed.
But an unfortunate side-effect of forcing the directory variables
(OPENSSLDIR, ENGINESDIR, MODULESDIR) to be invalid is that it renders
the generated native pkg-config file (libcrypto.pc) unusable:
[..]
includedir=${prefix}/include
enginesdir=${libdir}/../../../../../../../../../../../../../../../../not/builtin
modulesdir=${libdir}/../../../../../../../../../../../../../../../../not/builtin
Name: OpenSSL-libcrypto
[..]
This will prevent other native tools (like libp11-native) from
installing their (.so) files into valid OpenSSL directories.
The strange paths are a result of OpenSSL's build system attempting to
resolve the dummy path "/not/builtin" relative to ${libdir} for
libcrypto.pc.in:
| enginesdir=${libdir}/{- $OpenSSL::safe::installdata::ENGINESDIR_REL_LIBDIR[0] -}
There doesn't appear to be a straightforward way to avoid embedding a
built-in host path while still generating a valid libcrypto.pc file.
This workaround now post-fixes the .pc files for openssl-native by using
two sed calls to replace the invalid paths with the valid ones.
(To prevent bitbake from early expanding the libdir variables, use a
group as a simple hack.)
(From OE-Core rev: 4d4af8d1cb272369eb4ddcc489e90831c9c2c8c7)
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/recipes-connectivity/openssl/openssl_3.5.0.bb | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl_3.5.0.bb b/meta/recipes-connectivity/openssl/openssl_3.5.0.bb index 0f5c28dafa..a7d08d5b86 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.5.0.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.5.0.bb | |||
| @@ -192,6 +192,11 @@ do_install:append:class-native () { | |||
| 192 | SSL_CERT_FILE=\${SSL_CERT_FILE:-${libdir}/ssl-3/cert.pem} \ | 192 | SSL_CERT_FILE=\${SSL_CERT_FILE:-${libdir}/ssl-3/cert.pem} \ |
| 193 | OPENSSL_ENGINES=\${OPENSSL_ENGINES:-${libdir}/engines-3} \ | 193 | OPENSSL_ENGINES=\${OPENSSL_ENGINES:-${libdir}/engines-3} \ |
| 194 | OPENSSL_MODULES=\${OPENSSL_MODULES:-${libdir}/ossl-modules} | 194 | OPENSSL_MODULES=\${OPENSSL_MODULES:-${libdir}/ossl-modules} |
| 195 | |||
| 196 | # Setting ENGINESDIR and MODULESDIR to invalid paths prevents host contamination, | ||
| 197 | # but also breaks the generated libcrypto.pc file. Post-Fix it manually here. | ||
| 198 | sed -i 's|^enginesdir=\($.libdir.\)/.*|enginesdir=\1/engines-3|' ${D}${libdir}/pkgconfig/libcrypto.pc | ||
| 199 | sed -i 's|^modulesdir=\($.libdir.\)/.*|modulesdir=\1/ossl-modules|' ${D}${libdir}/pkgconfig/libcrypto.pc | ||
| 195 | } | 200 | } |
| 196 | 201 | ||
| 197 | do_install:append:class-nativesdk () { | 202 | do_install:append:class-nativesdk () { |