From patchwork Wed May 7 09:06:22 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Koen Kooi X-Patchwork-Id: 29753 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-ie0-f200.google.com (mail-ie0-f200.google.com [209.85.223.200]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 6D67D202E4 for ; Wed, 7 May 2014 09:06:39 +0000 (UTC) Received: by mail-ie0-f200.google.com with SMTP id lx4sf3531808iec.3 for ; Wed, 07 May 2014 02:06:38 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:delivered-to:from:to:date :message-id:cc:subject:precedence:reply-to:list-id:list-unsubscribe :list-archive:list-post:list-help:list-subscribe:mime-version:sender :errors-to:x-original-sender:x-original-authentication-results :mailing-list:content-type:content-transfer-encoding; bh=Z08h0Ik8PaNHeZENMVdPCPVywtPUcZq4JBWaNxvUd8w=; b=cvDKeSFZ1ZNaAestH2Uwy5NdyJeoQVCmYq4nJ1fV+WbNBQGXdDUx2/VNAoLJO/kHnZ HSEhANcbqGoss2rZ5tDrnI6nmtJW5q+523RgO0jwzeLHu2YGb6+L0L0LQPl5AezQ3p3P MAOkSvBHb9PXYSbHI7rWNE19TeWosIVan+7AGNcRlVKgVDQrkuc/DEuAyN9o1sr4NqW3 gPd4CpNpYul3yjITDky/276N7sCpaNc/qq+e1/ypBW142qljApyQj2PkevhIK628oSNS GSLB5Akp+BsWOJj6u8bUxtuQwlNPPa1MnivpLdGJvGHtpYgQclj25yyb5NsWus+4nfYw B2Pw== X-Gm-Message-State: ALoCoQkxx4vDKPwwyxEOvHYU1k9n3UghEjMbQaxJRHFC4fY3HiCQRLY8pln6hwuEwAa9PZpo1aZ3 X-Received: by 10.43.92.68 with SMTP id bp4mr3551082icc.26.1399453598860; Wed, 07 May 2014 02:06:38 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.140.35.210 with SMTP id n76ls3374891qgn.15.gmail; Wed, 07 May 2014 02:06:38 -0700 (PDT) X-Received: by 10.52.175.69 with SMTP id by5mr25237428vdc.16.1399453598637; Wed, 07 May 2014 02:06:38 -0700 (PDT) Received: from mail-ve0-f176.google.com (mail-ve0-f176.google.com [209.85.128.176]) by mx.google.com with ESMTPS id mr9si2791675vec.119.2014.05.07.02.06.38 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 07 May 2014 02:06:38 -0700 (PDT) Received-SPF: none (google.com: patch+caf_=patchwork-forward=linaro.org@linaro.org does not designate permitted sender hosts) client-ip=209.85.128.176; Received: by mail-ve0-f176.google.com with SMTP id jz11so853999veb.7 for ; Wed, 07 May 2014 02:06:38 -0700 (PDT) X-Received: by 10.58.123.71 with SMTP id ly7mr37838237veb.11.1399453598559; Wed, 07 May 2014 02:06:38 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.220.221.72 with SMTP id ib8csp291697vcb; Wed, 7 May 2014 02:06:38 -0700 (PDT) X-Received: by 10.66.148.197 with SMTP id tu5mr16698389pab.108.1399453597792; Wed, 07 May 2014 02:06:37 -0700 (PDT) Received: from mail.openembedded.org (mail.openembedded.org. [140.211.169.62]) by mx.google.com with ESMTP id tf5si9637788pac.295.2014.05.07.02.06.37 for ; Wed, 07 May 2014 02:06:37 -0700 (PDT) Received-SPF: none (google.com: openembedded-devel-bounces@lists.openembedded.org does not designate permitted sender hosts) client-ip=140.211.169.62; Received: from mail.openembedded.org (localhost [127.0.0.1]) by mail.openembedded.org (Postfix) with ESMTP id C5B8461489; Wed, 7 May 2014 09:06:30 +0000 (UTC) X-Original-To: openembedded-devel@lists.openembedded.org Delivered-To: openembedded-devel@lists.openembedded.org Received: from mail-wi0-f176.google.com (mail-wi0-f176.google.com [209.85.212.176]) by mail.openembedded.org (Postfix) with ESMTP id B04BD60559 for ; Wed, 7 May 2014 09:06:24 +0000 (UTC) Received: by mail-wi0-f176.google.com with SMTP id n15so5963930wiw.15 for ; Wed, 07 May 2014 02:06:25 -0700 (PDT) X-Received: by 10.194.62.210 with SMTP id a18mr10616789wjs.4.1399453585470; Wed, 07 May 2014 02:06:25 -0700 (PDT) Received: from localhost ([2001:610:612:0:5e51:4fff:fec8:7c15]) by mx.google.com with ESMTPSA id gp15sm25801597wjc.10.2014.05.07.02.06.24 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 07 May 2014 02:06:24 -0700 (PDT) From: Koen Kooi To: openembedded-devel@lists.openembedded.org Date: Wed, 7 May 2014 11:06:22 +0200 Message-Id: <1399453582-13107-1-git-send-email-koen.kooi@linaro.org> X-Mailer: git-send-email 1.9.0 Cc: Koen Kooi Subject: [oe] [meta-oe][PATCHv2] openldap: fix build against gnutls3 X-BeenThere: openembedded-devel@lists.openembedded.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: openembedded-devel@lists.openembedded.org List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , MIME-Version: 1.0 Sender: openembedded-devel-bounces@lists.openembedded.org Errors-To: openembedded-devel-bounces@lists.openembedded.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: koen.kooi@linaro.org X-Original-Authentication-Results: mx.google.com; spf=neutral (google.com: patch+caf_=patchwork-forward=linaro.org@linaro.org does not designate permitted sender hosts) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 OE-core update from gnutls2 to gnutls3, openldap needs patches to cope with that. Also add libgcrypt to DEPENDS since openldap links against it directly now instead of through gnutls. Signed-off-by: Koen Kooi --- .../0205e83f4670d10ad3c6ae4b8fc5ec1d0c7020c0.patch | 44 ++++++++++++++++++++++ .../openldap-2.4.28-gnutls-gcrypt.patch | 17 +++++++++ .../recipes-support/openldap/openldap_2.4.23.bb | 4 +- 3 files changed, 64 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-support/openldap/openldap-2.4.23/0205e83f4670d10ad3c6ae4b8fc5ec1d0c7020c0.patch create mode 100644 meta-oe/recipes-support/openldap/openldap-2.4.23/openldap-2.4.28-gnutls-gcrypt.patch diff --git a/meta-oe/recipes-support/openldap/openldap-2.4.23/0205e83f4670d10ad3c6ae4b8fc5ec1d0c7020c0.patch b/meta-oe/recipes-support/openldap/openldap-2.4.23/0205e83f4670d10ad3c6ae4b8fc5ec1d0c7020c0.patch new file mode 100644 index 0000000..dffd3ca --- /dev/null +++ b/meta-oe/recipes-support/openldap/openldap-2.4.23/0205e83f4670d10ad3c6ae4b8fc5ec1d0c7020c0.patch @@ -0,0 +1,44 @@ +From 0205e83f4670d10ad3c6ae4b8fc5ec1d0c7020c0 Mon Sep 17 00:00:00 2001 +From: Howard Chu +Date: Sat, 7 Sep 2013 09:39:24 -0700 +Subject: [PATCH] ITS#7430 GnuTLS: Avoid use of deprecated function + +Upstream-status: Backport + +--- + libraries/libldap/tls_g.c | 12 ++++++++++++ + 1 files changed, 12 insertions(+), 0 deletions(-) + +diff --git a/libraries/libldap/tls_g.c b/libraries/libldap/tls_g.c +index 9acffaf..c793828 100644 +--- a/libraries/libldap/tls_g.c ++++ b/libraries/libldap/tls_g.c +@@ -368,6 +368,17 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server ) + * then we have to build the cert chain. + */ + if ( max == 1 && !gnutls_x509_crt_check_issuer( certs[0], certs[0] )) { ++#if GNUTLS_VERSION_NUMBER >= 0x020c00 ++ unsigned int i; ++ for ( i = 1; icred, certs[i-1], &certs[i], 0 )) ++ break; ++ max++; ++ /* If this CA is self-signed, we're done */ ++ if ( gnutls_x509_crt_check_issuer( certs[i], certs[i] )) ++ break; ++ } ++#else + gnutls_x509_crt_t *cas; + unsigned int i, j, ncas; + +@@ -387,6 +398,7 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server ) + if ( j == ncas ) + break; + } ++#endif + } + rc = gnutls_certificate_set_x509_key( ctx->cred, certs, max, key ); + if ( rc ) return -1; +-- +1.7.4.2 + diff --git a/meta-oe/recipes-support/openldap/openldap-2.4.23/openldap-2.4.28-gnutls-gcrypt.patch b/meta-oe/recipes-support/openldap/openldap-2.4.23/openldap-2.4.28-gnutls-gcrypt.patch new file mode 100644 index 0000000..c7b1552 --- /dev/null +++ b/meta-oe/recipes-support/openldap/openldap-2.4.23/openldap-2.4.28-gnutls-gcrypt.patch @@ -0,0 +1,17 @@ +From http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/net-nds/openldap/files/ + +Upstream-status: Unknown + +-- + +--- openldap-2.4.28/configure.in.orig 2012-02-11 22:40:36.004360795 +0000 ++++ openldap-2.4.28/configure.in 2012-02-11 22:40:13.410986851 +0000 +@@ -1214,7 +1214,7 @@ + ol_with_tls=gnutls + ol_link_tls=yes + +- TLS_LIBS="-lgnutls" ++ TLS_LIBS="-lgnutls -lgcrypt" + + AC_DEFINE(HAVE_GNUTLS, 1, + [define if you have GNUtls]) diff --git a/meta-oe/recipes-support/openldap/openldap_2.4.23.bb b/meta-oe/recipes-support/openldap/openldap_2.4.23.bb index 5c6f9ea..306a786 100644 --- a/meta-oe/recipes-support/openldap/openldap_2.4.23.bb +++ b/meta-oe/recipes-support/openldap/openldap_2.4.23.bb @@ -16,6 +16,8 @@ LDAP_VER = "${@'.'.join(d.getVar('PV',1).split('.')[0:2])}" SRC_URI = "ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz \ file://openldap-m4-pthread.patch \ file://kill-icu.patch \ + file://0205e83f4670d10ad3c6ae4b8fc5ec1d0c7020c0.patch \ + file://openldap-2.4.28-gnutls-gcrypt.patch \ file://initscript \ " SRC_URI[md5sum] = "90150b8c0d0192e10b30157e68844ddf" @@ -48,7 +50,7 @@ PACKAGECONFIG ??= "gnutls modules \ ldap meta monitor null passwd shell proxycache dnssrv \ " #--with-tls with TLS/SSL support auto|openssl|gnutls [auto] -PACKAGECONFIG[gnutls] = "--with-tls=gnutls,,gnutls" +PACKAGECONFIG[gnutls] = "--with-tls=gnutls,,gnutls libgcrypt" PACKAGECONFIG[openssl] = "--with-tls=openssl,,openssl" PACKAGECONFIG[sasl] = "--with-cyrus-sasl,--without-cyrus-sasl,cyrus-sasl"