summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAdrian Bunk <bunk@stusta.de>2019-05-10 14:55:03 +0300
committerKhem Raj <raj.khem@gmail.com>2019-05-10 09:19:22 -0700
commit3df653fe09360f3107fba003a0944097fb369d13 (patch)
tree333c2d1ceb00a890bcbaa047ff2c8bac5504cb07
parent9d3f1fde98f01f794a44e5080a94e43864488de5 (diff)
downloadmeta-openembedded-3df653fe09360f3107fba003a0944097fb369d13.tar.gz
openwsman: Upgrade 2.6.8 -> 2.6.9
Remove patches applied upstream. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
-rw-r--r--meta-oe/recipes-extended/openwsman/openwsman/0001-Adjust-for-CURLE_SSL_CACERT-deprecation-in-curl-7.62.patch42
-rw-r--r--meta-oe/recipes-extended/openwsman/openwsman/0001-openSSL-1.1.0-API-fixes.patch77
-rw-r--r--meta-oe/recipes-extended/openwsman/openwsman_2.6.9.bb (renamed from meta-oe/recipes-extended/openwsman/openwsman_2.6.8.bb)6
3 files changed, 2 insertions, 123 deletions
diff --git a/meta-oe/recipes-extended/openwsman/openwsman/0001-Adjust-for-CURLE_SSL_CACERT-deprecation-in-curl-7.62.patch b/meta-oe/recipes-extended/openwsman/openwsman/0001-Adjust-for-CURLE_SSL_CACERT-deprecation-in-curl-7.62.patch
deleted file mode 100644
index 4dcd10800..000000000
--- a/meta-oe/recipes-extended/openwsman/openwsman/0001-Adjust-for-CURLE_SSL_CACERT-deprecation-in-curl-7.62.patch
+++ /dev/null
@@ -1,42 +0,0 @@
1From f2c37fab5dbaffa06c1268ee1309596306c9a4df Mon Sep 17 00:00:00 2001
2From: Khem Raj <raj.khem@gmail.com>
3Date: Tue, 20 Nov 2018 12:23:47 -0800
4Subject: [PATCH] Adjust for CURLE_SSL_CACERT deprecation in curl >= 7.62
5
6Use CURLE_PEER_FAILED_VERIFICATION instead
7
8Upstream-Status: Pending
9
10Signed-off-by: Khem Raj <raj.khem@gmail.com>
11---
12 src/lib/wsman-curl-client-transport.c | 7 +++++++
13 1 file changed, 7 insertions(+)
14
15diff --git a/src/lib/wsman-curl-client-transport.c b/src/lib/wsman-curl-client-transport.c
16index d0a3829b..92727f4f 100644
17--- a/src/lib/wsman-curl-client-transport.c
18+++ b/src/lib/wsman-curl-client-transport.c
19@@ -186,16 +186,23 @@ convert_to_last_error(CURLcode r)
20 return WS_LASTERR_SSL_CONNECT_ERROR;
21 case CURLE_BAD_FUNCTION_ARGUMENT:
22 return WS_LASTERR_CURL_BAD_FUNCTION_ARG;
23+#if LIBCURL_VERSION_NUM < 0x073E00
24 case CURLE_SSL_PEER_CERTIFICATE:
25 return WS_LASTERR_SSL_PEER_CERTIFICATE;
26+#endif
27 case CURLE_SSL_ENGINE_NOTFOUND:
28 return WS_LASTERR_SSL_ENGINE_NOTFOUND;
29 case CURLE_SSL_ENGINE_SETFAILED:
30 return WS_LASTERR_SSL_ENGINE_SETFAILED;
31 case CURLE_SSL_CERTPROBLEM:
32 return WS_LASTERR_SSL_CERTPROBLEM;
33+#if LIBCURL_VERSION_NUM < 0x073E00
34 case CURLE_SSL_CACERT:
35 return WS_LASTERR_SSL_CACERT;
36+#else
37+ case CURLE_PEER_FAILED_VERIFICATION:
38+ return WS_LASTERR_SSL_PEER_CERTIFICATE;
39+#endif
40 #if LIBCURL_VERSION_NUM > 0x70C01
41 case CURLE_SSL_ENGINE_INITFAILED:
42 return WS_LASTERR_SSL_ENGINE_INITFAILED;
diff --git a/meta-oe/recipes-extended/openwsman/openwsman/0001-openSSL-1.1.0-API-fixes.patch b/meta-oe/recipes-extended/openwsman/openwsman/0001-openSSL-1.1.0-API-fixes.patch
deleted file mode 100644
index 8d230ba6d..000000000
--- a/meta-oe/recipes-extended/openwsman/openwsman/0001-openSSL-1.1.0-API-fixes.patch
+++ /dev/null
@@ -1,77 +0,0 @@
1From 634b95157e1823672a2c95fac0cecf079b5967e7 Mon Sep 17 00:00:00 2001
2From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkaempf@suse.de>
3Date: Mon, 19 Nov 2018 15:31:27 +0100
4Subject: [PATCH] openSSL 1.1.0 API fixes
5
6---
7 src/server/shttpd/io_ssl.c | 5 +++++
8 src/server/shttpd/shttpd.c | 11 ++++++++++-
9 src/server/shttpd/ssl.h | 3 +++
10 3 files changed, 18 insertions(+), 1 deletion(-)
11
12diff --git a/src/server/shttpd/io_ssl.c b/src/server/shttpd/io_ssl.c
13index 6de0db2a..ece610ef 100644
14--- a/src/server/shttpd/io_ssl.c
15+++ b/src/server/shttpd/io_ssl.c
16@@ -21,8 +21,13 @@ struct ssl_func ssl_sw[] = {
17 {"SSL_set_fd", {0}},
18 {"SSL_new", {0}},
19 {"SSL_CTX_new", {0}},
20+#if OPENSSL_VERSION_NUMBER < 0x10100000L
21 {"SSLv23_server_method", {0}},
22 {"SSL_library_init", {0}},
23+#else
24+ {"TLS_server_method", {0}},
25+ {"OPENSSL_init_ssl", {0}},
26+#endif
27 {"SSL_CTX_use_PrivateKey_file", {0}},
28 {"SSL_CTX_use_certificate_file",{0}},
29 {NULL, {0}}
30diff --git a/src/server/shttpd/shttpd.c b/src/server/shttpd/shttpd.c
31index f0f3fbd8..652aea17 100644
32--- a/src/server/shttpd/shttpd.c
33+++ b/src/server/shttpd/shttpd.c
34@@ -1489,9 +1489,14 @@ set_ssl(struct shttpd_ctx *ctx, const char *pem)
35 }
36
37 /* Initialize SSL crap */
38- SSL_library_init();
39
40+#if OPENSSL_VERSION_NUMBER < 0x10100000L
41+ SSL_library_init();
42 if ((CTX = SSL_CTX_new(SSLv23_server_method())) == NULL)
43+#else
44+ OPENSSL_init_ssl();
45+ if ((CTX = SSL_CTX_new(TLS_server_method())) == NULL)
46+#endif
47 _shttpd_elog(E_LOG, NULL, "SSL_CTX_new error");
48 else if (SSL_CTX_use_certificate_file(CTX, wsmand_options_get_ssl_cert_file(), SSL_FILETYPE_PEM) != 1)
49 _shttpd_elog(E_LOG, NULL, "cannot open certificate file %s", pem);
50@@ -1552,6 +1557,10 @@ set_ssl(struct shttpd_ctx *ctx, const char *pem)
51 if (rc != 1) {
52 _shttpd_elog(E_LOG, NULL, "Failed to set SSL cipher list \"%s\"", ssl_cipher_list);
53 }
54+ else if ((*ssl_cipher_list == 0) || (*ssl_cipher_list == ' ')) {
55+ _shttpd_elog(E_LOG, NULL, "Empty 'ssl_cipher_list' defaults to 'TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256'.");
56+ _shttpd_elog(E_LOG, NULL, "Check openSSL documentation.");
57+ }
58 }
59 ctx->ssl_ctx = CTX;
60
61diff --git a/src/server/shttpd/ssl.h b/src/server/shttpd/ssl.h
62index 2304b70a..89a73c49 100644
63--- a/src/server/shttpd/ssl.h
64+++ b/src/server/shttpd/ssl.h
65@@ -56,6 +56,9 @@ extern struct ssl_func ssl_sw[];
66 #if OPENSSL_VERSION_NUMBER < 0x10100000L
67 #define SSLv23_server_method() (* (SSL_METHOD * (*)(void)) FUNC(9))()
68 #define SSL_library_init() (* (int (*)(void)) FUNC(10))()
69+#else
70+#define TLS_server_method() (* (SSL_METHOD * (*)(void)) FUNC(9))()
71+#define OPENSSL_init_ssl() (* (int (*)(void)) FUNC(10))()
72 #endif
73 #define SSL_CTX_use_PrivateKey_file(x,y,z) (* (int (*)(SSL_CTX *, \
74 const char *, int)) FUNC(11))((x), (y), (z))
75--
762.19.1
77
diff --git a/meta-oe/recipes-extended/openwsman/openwsman_2.6.8.bb b/meta-oe/recipes-extended/openwsman/openwsman_2.6.9.bb
index f04ff01d9..e5bb0765f 100644
--- a/meta-oe/recipes-extended/openwsman/openwsman_2.6.8.bb
+++ b/meta-oe/recipes-extended/openwsman/openwsman_2.6.9.bb
@@ -15,15 +15,13 @@ DEPENDS = "curl libxml2 openssl libpam"
15inherit distro_features_check 15inherit distro_features_check
16REQUIRED_DISTRO_FEATURES = "pam" 16REQUIRED_DISTRO_FEATURES = "pam"
17 17
18# v2.6.8 18# v2.6.9
19SRCREV = "b9cd0b72534854abb6dd834c8c11e02111b4c8d7" 19SRCREV = "5efb1545dbac7e6d1e0a992f3e84ca12cea1c18e"
20 20
21SRC_URI = "git://github.com/Openwsman/openwsman.git \ 21SRC_URI = "git://github.com/Openwsman/openwsman.git \
22 file://libssl-is-required-if-eventint-supported.patch \ 22 file://libssl-is-required-if-eventint-supported.patch \
23 file://openwsmand.service \ 23 file://openwsmand.service \
24 file://0001-lock.c-Define-PTHREAD_MUTEX_RECURSIVE_NP-if-undefine.patch \ 24 file://0001-lock.c-Define-PTHREAD_MUTEX_RECURSIVE_NP-if-undefine.patch \
25 file://0001-openSSL-1.1.0-API-fixes.patch \
26 file://0001-Adjust-for-CURLE_SSL_CACERT-deprecation-in-curl-7.62.patch \
27 " 25 "
28 26
29S = "${WORKDIR}/git" 27S = "${WORKDIR}/git"