[poky] gnutls-2.12.14-r3.1 - strange rpm names yocto

Andrei Gherzan andrei at gherzan.ro
Wed Dec 21 01:47:12 PST 2011 

Yes.  Absolutely. I will attach a patch to that bug today.
On Dec 21, 2011 7:55 AM, "Saul Wold" <sgw at linux.intel.com> wrote:

> On 12/20/2011 03:41 PM, Andrei Gherzan wrote:
>
>> On 12/20/2011 08:18 PM, Saul Wold wrote:
>>
>>> On 12/20/2011 03:09 AM, Andrei Gherzan wrote:
>>>
>>>> I can look over this as well but there would be a problem: i don't know
>>>> what solution to choose. I can take this package out from WHITELIST,
>>>> ican make wpa_supplicant to compile with openssl and not with gnutls...
>>>> i can compile wpa-supplicant without gnutls-extra and so on... What do
>>>> you say?
>>>>
>>> I think it needs to stay in the WHITELIST for know, until we have some
>>> kind of future change that can determine package based LICENSE info
>>> and build accordingly (that's a different issue then this right now).
>>>
>>> What does wpa-supplicant use from gnutls-extra? What functionality
>>> could be lost? This might be the best approach, and could be a
>>> conditional patch based on GPLv3 or not (see code in util-linux_2.19.1)
>>>
>>> For WPA-supplicant and openssl, are there know issues?
>>>
>>> Sau!
>>>
>>>  ______________________________**_________________
>>>> poky mailing list
>>>> poky at yoctoproject.org
>>>> https://lists.yoctoproject.**org/listinfo/poky<https://lists.yoctoproject.org/listinfo/poky>
>>>>
>>>>
>> Well things seem to be like this. wpa-supplicant has 3 ways of
>> implementing TLS:
>> 1. internal
>> 2. openssl
>> 3. gnutls + optional gnutls extra.
>>
>> For internal there are only these features:
>> 1. can be used in place of an external TLS/crypto library
>> 2. TLSv1
>> 3. X.509 certificate processing
>> 4. PKCS #1
>> 5. ASN.1
>> 6. RSA
>> 7. bignum
>> 8. minimal size (ca. 50 kB binary, parts of which are already needed for
>> WPA; TLSv1/X.509/ASN.1/RSA/bignum parts are about 25 kB on x86)
>>
>> OpenSSL has a license problem (as i recall). It is not GPL compatible.
>>
>> gnutls comes optionally with gnutls-extra. This rpm implements TLS/IA.
>>
>> "The TLS/IA protocol was designed to be used in the EAP-TTLSv1
>> protocol, to perform user authentication of Wireless LAN network nodes
>> using IEEE 802.1x. The TLS/IA and TTLSv1 protocols were published
>> through the IETF and descriptions"
>>
>> My choice would be to eliminate this feature and build wpa-suplicant
>> without gnutls-extra. In this way we have a solid TLS implementations,
>> GPL compatible with a little compromise. Obviously, this would be only
>> in a non-GPLv3 build.
>>
> That was also the direction I was leaning as you might have been able to
> tell, I just to be sure of the functionality lose.  Do you think it's
> possible to implement it as a conditional on the INCOMPATIBLE_LICENSE
> having GPLv3?
>
> Thanks again
>        Sau!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/poky/attachments/20111221/05be556f/attachment.html>

More information about the poky mailing list