1 files changed, 44 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/openldap/openldap-2.4.39/gnutls-Avoid-use-of-deprecated-function.patch b/meta-oe/recipes-support/openldap/openldap-2.4.39/gnutls-Avoid-use-of-deprecated-function.patch
new file mode 100644
index 000000000..dffd3ca51
--- /dev/null
+++ b/meta-oe/recipes-support/openldap/openldap-2.4.39/gnutls-Avoid-use-of-deprecated-function.patch
@@ -0,0 +1,44 @@
+From 0205e83f4670d10ad3c6ae4b8fc5ec1d0c7020c0 Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc@openldap.org>
+Date: Sat, 7 Sep 2013 09:39:24 -0700
+Subject: [PATCH] ITS#7430 GnuTLS: Avoid use of deprecated function
+Upstream-status: Backport
+---
+ libraries/libldap/tls_g.c |   12 ++++++++++++
+ 1 files changed, 12 insertions(+), 0 deletions(-)
+diff --git a/libraries/libldap/tls_g.c b/libraries/libldap/tls_g.c
+index 9acffaf..c793828 100644
+--- a/libraries/libldap/tls_g.c
+++ b/libraries/libldap/tls_g.c
+@@ -368,6 +368,17 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
+                 * then we have to build the cert chain.
+                 */
+                if ( max == 1 && !gnutls_x509_crt_check_issuer( certs[0], certs[0] )) {
+#if GNUTLS_VERSION_NUMBER >= 0x020c00
+                       unsigned int i;
+                       for ( i = 1; i<VERIFY_DEPTH; i++ ) {
+                               if ( gnutls_certificate_get_issuer( ctx->cred, certs[i-1], &certs[i], 0 ))
+                                       break;
+                               max++;
+                               /* If this CA is self-signed, we're done */
+                               if ( gnutls_x509_crt_check_issuer( certs[i], certs[i] ))
+                                       break;
+                       }
+#else
+                        gnutls_x509_crt_t *cas;
+                        unsigned int i, j, ncas;
+ 
+@@ -387,6 +398,7 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
+                                if ( j == ncas )
+                                        break;
+                        }
+#endif
+                }
+                rc = gnutls_certificate_set_x509_key( ctx->cred, certs, max, key );
+                if ( rc ) return -1;
+-- 
+1.7.4.2

diff --git a/meta-oe/recipes-support/openldap/openldap-2.4.39/gnutls-Avoid-use-of-deprecated-function.patch b/meta-oe/recipes-support/openldap/openldap-2.4.39/gnutls-Avoid-use-of-deprecated-function.patch new file mode 100644 index 000000000..dffd3ca51 --- /dev/null +++ b/meta-oe/recipes-support/openldap/openldap-2.4.39/gnutls-Avoid-use-of-deprecated-function.patch
@@ -0,0 +1,44 @@
	1	From 0205e83f4670d10ad3c6ae4b8fc5ec1d0c7020c0 Mon Sep 17 00:00:00 2001
	2	From: Howard Chu <hyc@openldap.org>
	3	Date: Sat, 7 Sep 2013 09:39:24 -0700
	4	Subject: [PATCH] ITS#7430 GnuTLS: Avoid use of deprecated function
	5
	6	Upstream-status: Backport
	7
	8	---
	9	libraries/libldap/tls_g.c \| 12 ++++++++++++
	10	1 files changed, 12 insertions(+), 0 deletions(-)
	11
	12	diff --git a/libraries/libldap/tls_g.c b/libraries/libldap/tls_g.c
	13	index 9acffaf..c793828 100644
	14	--- a/libraries/libldap/tls_g.c
	15	+++ b/libraries/libldap/tls_g.c
	16	@@ -368,6 +368,17 @@ tlsg_ctx_init( struct ldapoptions lo, struct ldaptls lt, int is_server )
	17	* then we have to build the cert chain.
	18	*/
	19	if ( max == 1 && !gnutls_x509_crt_check_issuer( certs[0], certs[0] )) {
	20	+#if GNUTLS_VERSION_NUMBER >= 0x020c00
	21	+ unsigned int i;
	22	+ for ( i = 1; i<VERIFY_DEPTH; i++ ) {
	23	+ if ( gnutls_certificate_get_issuer( ctx->cred, certs[i-1], &certs[i], 0 ))
	24	+ break;
	25	+ max++;
	26	+ /* If this CA is self-signed, we're done */
	27	+ if ( gnutls_x509_crt_check_issuer( certs[i], certs[i] ))
	28	+ break;
	29	+ }
	30	+#else
	31	gnutls_x509_crt_t *cas;
	32	unsigned int i, j, ncas;
	33
	34	@@ -387,6 +398,7 @@ tlsg_ctx_init( struct ldapoptions lo, struct ldaptls lt, int is_server )
	35	if ( j == ncas )
	36	break;
	37	}
	38	+#endif
	39	}
	40	rc = gnutls_certificate_set_x509_key( ctx->cred, certs, max, key );
	41	if ( rc ) return -1;
	42	--
	43	1.7.4.2
	44