diff mbox series

[v8,3/4] package/systemd: support dnssec if openssl is available

Message ID 20230115114840.9027-3-nolange79@gmail.com
State Accepted
Headers show
Series [v8,1/4] package/systemd: bump to version 252.4 | expand

Commit Message

Norbert Lange Jan. 15, 2023, 11:48 a.m. UTC 
Set -Ddefault-dnssec=allow-downgrade if openssl is available as both
openssl and gcrypt are now supported for dnssec.

Signed-off-by: Norbert Lange <nolange79@gmail.com>
Reviewed-by: James Hilliard <james.hilliard1@gmail.com>

---
v6->v7:

*   split off as its own patch
*   seems that the change was done at v250 or earlier
---
 package/systemd/systemd.mk | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

Comments

Arnout Vandecappelle Feb. 7, 2023, 5:58 p.m. UTC | #1 
On 15/01/2023 12:48, Norbert Lange wrote:
> Set -Ddefault-dnssec=allow-downgrade if openssl is available as both
> openssl and gcrypt are now supported for dnssec.
> 
> Signed-off-by: Norbert Lange <nolange79@gmail.com>
> Reviewed-by: James Hilliard <james.hilliard1@gmail.com>

  Applied to master, thanks. (Still not pushed - systemd runtime tests are 
failing locally, I'm trying to see if this was already the case before the 
version bump.)

  Regards,
  Arnout

> 
> ---
> v6->v7:
> 
> *   split off as its own patch
> *   seems that the change was done at v250 or earlier
> ---
>   package/systemd/systemd.mk | 10 ++++++++--
>   1 file changed, 8 insertions(+), 2 deletions(-)
> 
> diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
> index f49d34d32f..297cc400ee 100644
> --- a/package/systemd/systemd.mk
> +++ b/package/systemd/systemd.mk
> @@ -246,9 +246,9 @@ endif
>   
>   ifeq ($(BR2_PACKAGE_LIBGCRYPT),y)
>   SYSTEMD_DEPENDENCIES += libgcrypt
> -SYSTEMD_CONF_OPTS += -Ddefault-dnssec=allow-downgrade -Dgcrypt=true
> +SYSTEMD_CONF_OPTS += -Dgcrypt=true
>   else
> -SYSTEMD_CONF_OPTS += -Ddefault-dnssec=no -Dgcrypt=false
> +SYSTEMD_CONF_OPTS += -Dgcrypt=false
>   endif
>   
>   ifeq ($(BR2_PACKAGE_P11_KIT),y)
> @@ -318,6 +318,12 @@ else
>   SYSTEMD_CONF_OPTS += -Dselinux=false
>   endif
>   
> +ifneq ($(BR2_PACKAGE_LIBGCRYPT)$(BR2_PACKAGE_LIBOPENSSL),)
> +SYSTEMD_CONF_OPTS += -Ddefault-dnssec=allow-downgrade
> +else
> +SYSTEMD_CONF_OPTS += -Ddefault-dnssec=no
> +endif
> +
>   ifeq ($(BR2_PACKAGE_SYSTEMD_HWDB),y)
>   SYSTEMD_CONF_OPTS += -Dhwdb=true
>   define SYSTEMD_BUILD_HWDB
diff mbox series

Patch

diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
index f49d34d32f..297cc400ee 100644
--- a/package/systemd/systemd.mk
+++ b/package/systemd/systemd.mk
@@ -246,9 +246,9 @@  endif
 
 ifeq ($(BR2_PACKAGE_LIBGCRYPT),y)
 SYSTEMD_DEPENDENCIES += libgcrypt
-SYSTEMD_CONF_OPTS += -Ddefault-dnssec=allow-downgrade -Dgcrypt=true
+SYSTEMD_CONF_OPTS += -Dgcrypt=true
 else
-SYSTEMD_CONF_OPTS += -Ddefault-dnssec=no -Dgcrypt=false
+SYSTEMD_CONF_OPTS += -Dgcrypt=false
 endif
 
 ifeq ($(BR2_PACKAGE_P11_KIT),y)
@@ -318,6 +318,12 @@  else
 SYSTEMD_CONF_OPTS += -Dselinux=false
 endif
 
+ifneq ($(BR2_PACKAGE_LIBGCRYPT)$(BR2_PACKAGE_LIBOPENSSL),)
+SYSTEMD_CONF_OPTS += -Ddefault-dnssec=allow-downgrade
+else
+SYSTEMD_CONF_OPTS += -Ddefault-dnssec=no
+endif
+
 ifeq ($(BR2_PACKAGE_SYSTEMD_HWDB),y)
 SYSTEMD_CONF_OPTS += -Dhwdb=true
 define SYSTEMD_BUILD_HWDB