yocto@lists.yoctoproject.org | Guidance Downgrading Python2 in Zeus

Home Messages Hashtags Subgroups

Topics

Date Date 1 - 5 of 5

Guidance Downgrading Python2 in Zeus
#python

MikeB #49161 I'm working on a set of platforms that have a FIPs certified OpenSSL. We are at version 1.0.2l. I've found that the new version of python in Zeus (2.7.17) requires a newer version of OpenSSL (1.1). We really don't want to go through a new round of certification, so we want to keep our current OpenSSL (1.0.2l). I think the easiest solution is to downgrade python 2 back to the version used by Sumo (2.7.15). I know how to downgrade simple recipes, but python is far from simple. Can someone give me some guidance on how to approach the downgrade of python2 in Zeus? Thanks, Mike
More All Messages By This Member
Alexander Kanavin #49162 I think python2 recipe requires openssl 1.1, but python2 itself will work just fine with openssl 1.0. So you only need to adjust the dependency, there are several ways to do that. Alex toggle quoted messageShow quoted text On Wed, 15 Apr 2020 at 18:16, MikeB <mabnhdev@...> wrote: I'm working on a set of platforms that have a FIPs certified OpenSSL. We are at version 1.0.2l. I've found that the new version of python in Zeus (2.7.17) requires a newer version of OpenSSL (1.1). We really don't want to go through a new round of certification, so we want to keep our current OpenSSL (1.0.2l). I think the easiest solution is to downgrade python 2 back to the version used by Sumo (2.7.15). I know how to downgrade simple recipes, but python is far from simple. Can someone give me some guidance on how to approach the downgrade of python2 in Zeus? Thanks, Mike
More All Messages By This Member
akuster #49163 On 4/15/20 9:16 AM, MikeB wrote: I'm working on a set of platforms that have a FIPs certified OpenSSL. We are at version 1.0.2l. I've found that the new version of python in Zeus (2.7.17) requires a newer version of OpenSSL (1.1). We really don't want to go through a new round of certification, so we want to keep our current OpenSSL (1.0.2l). I think the easiest solution is to downgrade python 2 back to the version used by Sumo (2.7.15). I know how to downgrade simple recipes, but python is far from simple. Can someone give me some guidance on how to approach the downgrade of python2 in Zeus? Have had a chance to look at this layer? http://git.yoctoproject.org/cgit/cgit.cgi/meta-openssl102-fips/ - armin Thanks, Mike
More All Messages By This Member
Sean McKay #49164 FYI, we’re doing the same internally (vendor supplied FIPS supported openssl 1.0.2), and the layer Armin suggests worked for us on zeus with minimal additional tweaking. Good luck! -Sean toggle quoted messageShow quoted text From: yocto@... <yocto@...> On Behalf Of akuster Sent: Wednesday, April 15, 2020 9:23 AM To: MikeB <mabnhdev@...>; yocto@... Subject: Re: [yocto] Guidance Downgrading Python2 in Zeus #python On 4/15/20 9:16 AM, MikeB wrote: I'm working on a set of platforms that have a FIPs certified OpenSSL. We are at version 1.0.2l. I've found that the new version of python in Zeus (2.7.17) requires a newer version of OpenSSL (1.1). We really don't want to go through a new round of certification, so we want to keep our current OpenSSL (1.0.2l). I think the easiest solution is to downgrade python 2 back to the version used by Sumo (2.7.15). I know how to downgrade simple recipes, but python is far from simple. Can someone give me some guidance on how to approach the downgrade of python2 in Zeus? Have had a chance to look at this layer? http://git.yoctoproject.org/cgit/cgit.cgi/meta-openssl102-fips/ - armin Thanks, Mike
More All Messages By This Member
MikeB #49173 Thank you all. The new layer did the trick for me also. Regards, Mike toggle quoted messageShow quoted text On Wed, Apr 15, 2020 at 12:33 PM McKay, Sean <sean.mckay@...> wrote: FYI, we’re doing the same internally (vendor supplied FIPS supported openssl 1.0.2), and the layer Armin suggests worked for us on zeus with minimal additional tweaking. Good luck! -Sean From: yocto@... <yocto@...> On Behalf Of akuster Sent: Wednesday, April 15, 2020 9:23 AM To: MikeB <mabnhdev@...>; yocto@... Subject: Re: [yocto] Guidance Downgrading Python2 in Zeus #python On 4/15/20 9:16 AM, MikeB wrote: I'm working on a set of platforms that have a FIPs certified OpenSSL. We are at version 1.0.2l. I've found that the new version of python in Zeus (2.7.17) requires a newer version of OpenSSL (1.1). We really don't want to go through a new round of certification, so we want to keep our current OpenSSL (1.0.2l). I think the easiest solution is to downgrade python 2 back to the version used by Sumo (2.7.15). I know how to downgrade simple recipes, but python is far from simple. Can someone give me some guidance on how to approach the downgrade of python2 in Zeus? Have had a chance to look at this layer? http://git.yoctoproject.org/cgit/cgit.cgi/meta-openssl102-fips/ - armin Thanks, Mike
More All Messages By This Member

1 - 5 of 5

1

Previous Topic Next Topic

Home Messages Hashtags Subgroups Terms