aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRosen Penev <rosenp@gmail.com>2018-05-27 15:13:47 -0700
committerJohn Crispin <john@phrozen.org>2018-05-30 06:38:06 +0200
commitf97946c49680a5fe713d0e2caaf072789f70e68d (patch)
treede56bd76568d3406bfe751681754abca988f40b3
parent9685f3978795727ac99d5d20a4af16c808b1e24b (diff)
downloadupstream-f97946c49680a5fe713d0e2caaf072789f70e68d.tar.gz
upstream-f97946c49680a5fe713d0e2caaf072789f70e68d.tar.bz2
upstream-f97946c49680a5fe713d0e2caaf072789f70e68d.zip
curl: Use ca-bundle for all TLS libraries.
It simplifies the Makefile a bit. In addition, using ca-bundle saves some space as well. It also fixes an issue with at least transmission, which has a dependency on ca-bundle, but currently libcurl with OpenSSL or GnuTLS cause it not to work. This has been tested on mt7621 with OpenSSL and GnuTLS just by running 'curl https://www.google.com' and seeing if there's a verify error. The rest are already using ca-bundle and therefore work fine. Signed-off-by: Rosen Penev <rosenp@gmail.com> Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
-rw-r--r--package/network/utils/curl/Makefile10
1 files changed, 6 insertions, 4 deletions
diff --git a/package/network/utils/curl/Makefile b/package/network/utils/curl/Makefile
index 92b3cab7dd..ae8cc31edc 100644
--- a/package/network/utils/curl/Makefile
+++ b/package/network/utils/curl/Makefile
@@ -112,13 +112,15 @@ CONFIGURE_ARGS += \
--without-libmetalink \
--without-librtmp \
--without-libidn \
+ --without-ca-path \
+ --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt \
\
$(call autoconf_bool,CONFIG_IPV6,ipv6) \
\
- $(if $(CONFIG_LIBCURL_WOLFSSL),--with-cyassl="$(STAGING_DIR)/usr" --without-ca-path --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt,--without-cyassl) \
- $(if $(CONFIG_LIBCURL_GNUTLS),--with-gnutls="$(STAGING_DIR)/usr" --without-ca-bundle --with-ca-path=/etc/ssl/certs,--without-gnutls) \
- $(if $(CONFIG_LIBCURL_OPENSSL),--with-ssl="$(STAGING_DIR)/usr" --without-ca-bundle --with-ca-path=/etc/ssl/certs,--without-ssl) \
- $(if $(CONFIG_LIBCURL_MBEDTLS),--with-mbedtls="$(STAGING_DIR)/usr" --without-ca-path --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt,--without-mbedtls) \
+ $(if $(CONFIG_LIBCURL_WOLFSSL),--with-cyassl="$(STAGING_DIR)/usr",--without-cyassl) \
+ $(if $(CONFIG_LIBCURL_GNUTLS),--with-gnutls="$(STAGING_DIR)/usr",--without-gnutls) \
+ $(if $(CONFIG_LIBCURL_OPENSSL),--with-ssl="$(STAGING_DIR)/usr",--without-ssl) \
+ $(if $(CONFIG_LIBCURL_MBEDTLS),--with-mbedtls="$(STAGING_DIR)/usr",--without-mbedtls) \
\
$(if $(CONFIG_LIBCURL_LIBIDN2),--with-libidn2="$(STAGING_DIR)/usr",--without-libidn2) \
$(if $(CONFIG_LIBCURL_SSH2),--with-libssh2="$(STAGING_DIR)/usr",--without-libssh2) \