[poky] gnutls-2.12.14-r3.1 - strange rpm names yocto

Saul Wold sgw at linux.intel.com
Tue Dec 20 21:55:50 PST 2011 

On 12/20/2011 03:41 PM, Andrei Gherzan wrote:
> On 12/20/2011 08:18 PM, Saul Wold wrote:
>> On 12/20/2011 03:09 AM, Andrei Gherzan wrote:
>>> I can look over this as well but there would be a problem: i don't know
>>> what solution to choose. I can take this package out from WHITELIST,
>>> ican make wpa_supplicant to compile with openssl and not with gnutls...
>>> i can compile wpa-supplicant without gnutls-extra and so on... What do
>>> you say?
>> I think it needs to stay in the WHITELIST for know, until we have some
>> kind of future change that can determine package based LICENSE info
>> and build accordingly (that's a different issue then this right now).
>>
>> What does wpa-supplicant use from gnutls-extra? What functionality
>> could be lost? This might be the best approach, and could be a
>> conditional patch based on GPLv3 or not (see code in util-linux_2.19.1)
>>
>> For WPA-supplicant and openssl, are there know issues?
>>
>> Sau!
>>
>>> _______________________________________________
>>> poky mailing list
>>> poky at yoctoproject.org
>>> https://lists.yoctoproject.org/listinfo/poky
>>>
>
> Well things seem to be like this. wpa-supplicant has 3 ways of
> implementing TLS:
> 1. internal
> 2. openssl
> 3. gnutls + optional gnutls extra.
>
> For internal there are only these features:
> 1. can be used in place of an external TLS/crypto library
> 2. TLSv1
> 3. X.509 certificate processing
> 4. PKCS #1
> 5. ASN.1
> 6. RSA
> 7. bignum
> 8. minimal size (ca. 50 kB binary, parts of which are already needed for
> WPA; TLSv1/X.509/ASN.1/RSA/bignum parts are about 25 kB on x86)
>
> OpenSSL has a license problem (as i recall). It is not GPL compatible.
>
> gnutls comes optionally with gnutls-extra. This rpm implements TLS/IA.
>
> "The TLS/IA protocol was designed to be used in the EAP-TTLSv1
> protocol, to perform user authentication of Wireless LAN network nodes
> using IEEE 802.1x. The TLS/IA and TTLSv1 protocols were published
> through the IETF and descriptions"
>
> My choice would be to eliminate this feature and build wpa-suplicant
> without gnutls-extra. In this way we have a solid TLS implementations,
> GPL compatible with a little compromise. Obviously, this would be only
> in a non-GPLv3 build.
That was also the direction I was leaning as you might have been able to 
tell, I just to be sure of the functionality lose.  Do you think it's 
possible to implement it as a conditional on the INCOMPATIBLE_LICENSE 
having GPLv3?

Thanks again
	Sau!

More information about the poky mailing list