d792f1a83e
Fixes YOCTO #16077 Commit 0f98fecd (a backport of 4909a46e) broke HTTPS downloads in opkg in the SDK, they now fail with: > SSL certificate problem: self-signed certificate in certificate chain The root cause is a difference in the handling of related env vars between curl-cli and libcurl. The CLI will honour CURL_CA_BUNDLE and SSL_CERT_DIR|FILE (see [0]). Those are set in the SDK via env setup scripts like [1], so curl continued to work. The library however does not handle those env vars. Thus, unless the program utilizing libcurl has implemented a similar mechanism itself and configures libcurl accordingly via the API (like for example Git in [2] and [3]), there will be no default CA bundle configured to verify certificates against. Opkg only supports setting the CA bundle path via config options 'ssl_ca_file' and 'ssl_ca_path'. Upstreaming and then backporting a patch to add env var support is not a feasible short-time fix for the issue at hand. Instead it's better to ship libcurl in the SDK with a sensible built-in default - which also helps any other libcurl users. This patch is based on a proposal by Peter.Marko@siemens.com in the related mailing list discussion at [4]. (cherry picked from commit 3f819f57aa1960af36ac0448106d1dce7f38c050) [0]: |
||
|---|---|---|
| bitbake | ||
| contrib | ||
| documentation | ||
| meta | ||
| meta-poky | ||
| meta-selftest | ||
| meta-skeleton | ||
| meta-yocto-bsp | ||
| scripts | ||
| .gitignore | ||
| .templateconf | ||
| LICENSE | ||
| LICENSE.GPL-2.0-only | ||
| LICENSE.MIT | ||
| MAINTAINERS.md | ||
| MEMORIAM | ||
| oe-init-build-env | ||
| README.hardware.md | ||
| README.md | ||
| README.OE-Core.md | ||
| README.poky.md | ||
| README.qemu.md | ||
| SECURITY.md | ||
Poky
Poky is an integration of various components to form a pre-packaged build system and development environment which is used as a development and validation tool by the Yocto Project. It features support for building customised embedded style device images and custom containers. There are reference demo images ranging from X11/GTK+ to Weston, commandline and more. The system supports cross-architecture application development using QEMU emulation and a standalone toolchain and SDK suitable for IDE integration.
Additional information on the specifics of hardware that Poky supports is available in README.hardware. Further hardware support can easily be added in the form of BSP layers which extend the systems capabilities in a modular way. Many layers are available and can be found through the layer index.
As an integration layer Poky consists of several upstream projects such as BitBake, OpenEmbedded-Core, Yocto documentation, the 'meta-yocto' layer which has configuration and hardware support components. These components are all part of the Yocto Project and OpenEmbedded ecosystems.
The Yocto Project has extensive documentation about the system including a reference manual which can be found at https://docs.yoctoproject.org/
OpenEmbedded is the build architecture used by Poky and the Yocto project. For information about OpenEmbedded, see the OpenEmbedded website.
Contribution Guidelines
Please refer to our contributor guide here: https://docs.yoctoproject.org/dev/contributor-guide/ for full details on how to submit changes.
Where to Send Patches
As Poky is an integration repository (built using a tool called combo-layer), patches against the various components should be sent to their respective upstreams:
OpenEmbedded-Core (files in meta/, meta-selftest/, meta-skeleton/, scripts/):
- Git repository: https://git.openembedded.org/openembedded-core/
- Mailing list: openembedded-core@lists.openembedded.org
BitBake (files in bitbake/):
- Git repository: https://git.openembedded.org/bitbake/
- Mailing list: bitbake-devel@lists.openembedded.org
Documentation (files in documentation/):
- Git repository: https://git.yoctoproject.org/cgit/cgit.cgi/yocto-docs/
- Mailing list: docs@lists.yoctoproject.org
meta-yocto (files in meta-poky/, meta-yocto-bsp/):
- Git repository: https://git.yoctoproject.org/cgit/cgit.cgi/meta-yocto
- Mailing list: poky@lists.yoctoproject.org
If in doubt, check the openembedded-core git repository for the content you intend to modify as most files are from there unless clearly one of the above categories. Before sending, be sure the patches apply cleanly to the current git repository branch in question.