Topics

Issue while adding the support for TLS1.3 in existing krogoth yocto #yocto #raspberrypi #apt


amaya jindal
 

I am using currently krogoth yocto for my current Arm based board. I am having currently openssl 1.0.2h and related recipes from current version but when I want to add TLs 1.3 that is openssl 1.1.1a/b/pre etc from available yocto source or from thud20. 0 yocto I am getting lot of issues. First of all I had to change rpm 4.14. 2 from current 5.4.16. After some time I got error in gobject-introspection recipe 1.46 version that sha1 sha256 hash not found when try to search in python 2.7.2 Please guide


Alexander Kanavin
 

Backporting core pieces across many yocto releases is basically impossible. You more or less end up having to move and integrate half of the stack, which is a herculean task.

The correct way to approach this is to have a strategy and plan for migrating to newer yocto releases. Investigate what you need to to do to move to thud, or newer, because thud is not a supported release anymore.

Alex


On Tue, 18 Feb 2020 at 08:25, <amayajindal786@...> wrote:
I am using currently krogoth yocto for my current Arm based board. I am having currently openssl 1.0.2h and related recipes from current version but when I want to add TLs 1.3 that is openssl 1.1.1a/b/pre etc from available yocto source or from thud20. 0 yocto I am getting lot of issues. First of all I had to change rpm 4.14. 2 from current 5.4.16. After some time I got error in gobject-introspection recipe 1.46 version that sha1 sha256 hash not found when try to search in python 2.7.2 Please guide


amaya jindal
 

Thanks for your prompt reply. But is not there any way similar to add support for TLS1.3 instead of moving to new yocto releases

Sent from my Huawei phone


-------- Original message --------
From: Alexander Kanavin <alex.kanavin@...>
Date: Tue, 18 Feb 2020, 1:13 pm
To: amayajindal786@...
Cc: yocto@...
Subject: Re: [yocto] Issue while adding the support for TLS1.3 in existing krogoth yocto #yocto #yocto #yocto #yocto #apt #raspberrypi #yocto
Backporting core pieces across many yocto releases is basically impossible. You more or less end up having to move and integrate half of the stack, which is a herculean task.

The correct way to approach this is to have a strategy and plan for migrating to newer yocto releases. Investigate what you need to to do to move to thud, or newer, because thud is not a supported release anymore.

Alex

On Tue, 18 Feb 2020 at 08:25, <amayajindal786@...> wrote:
I am using currently krogoth yocto for my current Arm based board. I am having currently openssl 1.0.2h and related recipes from current version but when I want to add TLs 1.3 that is openssl 1.1.1a/b/pre etc from available yocto source or from thud20. 0 yocto I am getting lot of issues. First of all I had to change rpm 4.14. 2 from current 5.4.16. After some time I got error in gobject-introspection recipe 1.46 version that sha1 sha256 hash not found when try to search in python 2.7.2 Please guide -=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#48464): https://lists.yoctoproject.org/g/yocto/message/48464
Mute This Topic: https://lists.yoctoproject.org/mt/71367169/1686489
Mute #yocto: https://lists.yoctoproject.org/mk?hashtag=yocto&subid=6691550
Mute #apt: https://lists.yoctoproject.org/mk?hashtag=apt&subid=6691550
Mute #raspberrypi: https://lists.yoctoproject.org/mk?hashtag=raspberrypi&subid=6691550
Group Owner: yocto+owner@...
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub  [alex.kanavin@...]
-=-=-=-=-=-=-=-=-=-=-=-


amaya jindal
 

Any kind of patch if available to directly apply? I am getting error in gobject-introspection native that sha1 sha256 etc not found in usr/lib/python2 7/hashlib.py

Sent from my Huawei phone


-------- Original message --------
From: Mikko.Rapeli@...
Date: Tue, 18 Feb 2020, 2:36 pm
To: amayajindal786@...
Cc: alex.kanavin@..., yocto@...
Subject: Re: [yocto] Issue while adding the support for TLS1.3 in existing krogoth yocto #yocto #yocto #yocto #yocto #apt #raspberrypi #yocto
Hi,

On Tue, Feb 18, 2020 at 01:20:25PM +0530, amaya jindal wrote:
>    Thanks for your prompt reply. But is not there any way similar to add
>    support for TLS1.3 instead of moving to new yocto releases

openssl is tricky to update and requires backporting fixes for many, many recipes
to get builds passing etc. Depending on project size, it may be possible
to update only those components which you use, e.g. backport commits from
poky master or release branches like warrior. The number of backported changes
will be large. I've ported openssl 1.1.1d patches to yocto 2.5 sumo but it wasn't
pretty. A strategy with regular yocto updates is much better and forces you
to think of your dependencies and patches much harder.

Hope this helps,

-Mikko


Mikko Rapeli
 

Hi,

On Tue, Feb 18, 2020 at 01:20:25PM +0530, amaya jindal wrote:
Thanks for your prompt reply. But is not there any way similar to add
support for TLS1.3 instead of moving to new yocto releases
openssl is tricky to update and requires backporting fixes for many, many recipes
to get builds passing etc. Depending on project size, it may be possible
to update only those components which you use, e.g. backport commits from
poky master or release branches like warrior. The number of backported changes
will be large. I've ported openssl 1.1.1d patches to yocto 2.5 sumo but it wasn't
pretty. A strategy with regular yocto updates is much better and forces you
to think of your dependencies and patches much harder.

Hope this helps,

-Mikko


amaya jindal
 

Hi All 

 while I tried to add Openssh 7.8p1 recipe in krogoth yocto, to add support for openssl 1.1.1b. Every thing compiled successfully but now I am getting issue when I tried to. test that on board, its getting restarted every time. Please suggest 

Sent from my Huawei phone


-------- Original message --------
From: amaya jindal <amayajindal786@...>
Date: Wed, 19 Feb 2020, 1:09 pm
To: Mikko.Rapeli@...
Cc: alex.kanavin@..., yocto@...
Subject: Re: [yocto] Issue while adding the support for TLS1.3 in existing krogoth yocto #yocto #yocto #yocto #yocto #apt #raspberrypi #yocto
Any kind of patch if available to directly apply? I am getting error in gobject-introspection native that sha1 sha256 etc not found in usr/lib/python2 7/hashlib.py

Sent from my Huawei phone


-------- Original message --------
From: Mikko.Rapeli@...
Date: Tue, 18 Feb 2020, 2:36 pm
To: amayajindal786@...
Cc: alex.kanavin@..., yocto@...
Subject: Re: [yocto] Issue while adding the support for TLS1.3 in existing krogoth yocto #yocto #yocto #yocto #yocto #apt #raspberrypi #yocto
Hi,

On Tue, Feb 18, 2020 at 01:20:25PM +0530, amaya jindal wrote:
>    Thanks for your prompt reply. But is not there any way similar to add
>    support for TLS1.3 instead of moving to new yocto releases

openssl is tricky to update and requires backporting fixes for many, many recipes
to get builds passing etc. Depending on project size, it may be possible
to update only those components which you use, e.g. backport commits from
poky master or release branches like warrior. The number of backported changes
will be large. I've ported openssl 1.1.1d patches to yocto 2.5 sumo but it wasn't
pretty. A strategy with regular yocto updates is much better and forces you
to think of your dependencies and patches much harder.

Hope this helps,

-Mikko


amaya jindal
 

Pls can any body guide and suggest the reason of issue

Sent from my Huawei phone


-------- Original message --------
From: "amaya jindal via Lists.Yoctoproject.Org" <amayajindal786=gmail.com@...>
Date: Wed, 18 Mar 2020, 4:30 pm
To: "Khem Raj via Lists.Yoctoproject.Org" <raj.khem=gmail.com@...>, yocto@...
Cc: yocto@...
Subject: Re: [yocto] Issue while adding the support for TLS1.3 in existing krogoth yocto #yocto #yocto #yocto #yocto #apt #raspberrypi #yocto
Hi All 

 while I tried to add Openssh 7.8p1 recipe in krogoth yocto, to add support for openssl 1.1.1b. Every thing compiled successfully but now I am getting issue when I tried to. test that on board, its getting restarted every time. Please suggest 

Sent from my Huawei phone


-------- Original message --------
From: amaya jindal <amayajindal786@...>
Date: Wed, 19 Feb 2020, 1:09 pm
To: Mikko.Rapeli@...
Cc: alex.kanavin@..., yocto@...
Subject: Re: [yocto] Issue while adding the support for TLS1.3 in existing krogoth yocto #yocto #yocto #yocto #yocto #apt #raspberrypi #yocto
Any kind of patch if available to directly apply? I am getting error in gobject-introspection native that sha1 sha256 etc not found in usr/lib/python2 7/hashlib.py

Sent from my Huawei phone


-------- Original message --------
From: Mikko.Rapeli@...
Date: Tue, 18 Feb 2020, 2:36 pm
To: amayajindal786@...
Cc: alex.kanavin@..., yocto@...
Subject: Re: [yocto] Issue while adding the support for TLS1.3 in existing krogoth yocto #yocto #yocto #yocto #yocto #apt #raspberrypi #yocto
Hi,

On Tue, Feb 18, 2020 at 01:20:25PM +0530, amaya jindal wrote:
>    Thanks for your prompt reply. But is not there any way similar to add
>    support for TLS1.3 instead of moving to new yocto releases

openssl is tricky to update and requires backporting fixes for many, many recipes
to get builds passing etc. Depending on project size, it may be possible
to update only those components which you use, e.g. backport commits from
poky master or release branches like warrior. The number of backported changes
will be large. I've ported openssl 1.1.1d patches to yocto 2.5 sumo but it wasn't
pretty. A strategy with regular yocto updates is much better and forces you
to think of your dependencies and patches much harder.

Hope this helps,

-Mikko


amaya jindal
 

Hi all, 

Pls guide which yocto poky reference support Mongo 4.2.2. 

Sent from my Huawei phone


-------- Original message --------
From: "amaya jindal via Lists.Yoctoproject.Org" <amayajindal786=gmail.com@...>
Date: Thu, 19 Mar 2020, 6:28 pm
To: "Khem Raj via Lists.Yoctoproject.Org" <raj.khem=gmail.com@...>, yocto@...
Cc: yocto@...
Subject: Re: [yocto] Issue while adding the support for TLS1.3 in existing krogoth yocto #yocto #yocto #yocto #yocto #apt #raspberrypi #yocto
Pls can any body guide and suggest the reason of issue

Sent from my Huawei phone


-------- Original message --------
From: "amaya jindal via Lists.Yoctoproject.Org" <amayajindal786=gmail.com@...>
Date: Wed, 18 Mar 2020, 4:30 pm
To: "Khem Raj via Lists.Yoctoproject.Org" <raj.khem=gmail.com@...>, yocto@...
Cc: yocto@...
Subject: Re: [yocto] Issue while adding the support for TLS1.3 in existing krogoth yocto #yocto #yocto #yocto #yocto #apt #raspberrypi #yocto
Hi All 

 while I tried to add Openssh 7.8p1 recipe in krogoth yocto, to add support for openssl 1.1.1b. Every thing compiled successfully but now I am getting issue when I tried to. test that on board, its getting restarted every time. Please suggest 

Sent from my Huawei phone


-------- Original message --------
From: amaya jindal <amayajindal786@...>
Date: Wed, 19 Feb 2020, 1:09 pm
To: Mikko.Rapeli@...
Cc: alex.kanavin@..., yocto@...
Subject: Re: [yocto] Issue while adding the support for TLS1.3 in existing krogoth yocto #yocto #yocto #yocto #yocto #apt #raspberrypi #yocto
Any kind of patch if available to directly apply? I am getting error in gobject-introspection native that sha1 sha256 etc not found in usr/lib/python2 7/hashlib.py

Sent from my Huawei phone


-------- Original message --------
From: Mikko.Rapeli@...
Date: Tue, 18 Feb 2020, 2:36 pm
To: amayajindal786@...
Cc: alex.kanavin@..., yocto@...
Subject: Re: [yocto] Issue while adding the support for TLS1.3 in existing krogoth yocto #yocto #yocto #yocto #yocto #apt #raspberrypi #yocto
Hi,

On Tue, Feb 18, 2020 at 01:20:25PM +0530, amaya jindal wrote:
>    Thanks for your prompt reply. But is not there any way similar to add
>    support for TLS1.3 instead of moving to new yocto releases

openssl is tricky to update and requires backporting fixes for many, many recipes
to get builds passing etc. Depending on project size, it may be possible
to update only those components which you use, e.g. backport commits from
poky master or release branches like warrior. The number of backported changes
will be large. I've ported openssl 1.1.1d patches to yocto 2.5 sumo but it wasn't
pretty. A strategy with regular yocto updates is much better and forces you
to think of your dependencies and patches much harder.

Hope this helps,

-Mikko