diff options
| author | Koen Kooi <koen.kooi@linaro.org> | 2014-05-07 11:06:22 +0200 |
|---|---|---|
| committer | Martin Jansa <Martin.Jansa@gmail.com> | 2014-05-15 12:30:17 +0200 |
| commit | 6bb0c0de3f5284ba506211362227d34e02ae5553 (patch) | |
| tree | 18c4e54c98335b7b20b81a9605615339b9ea60d2 /meta-oe | |
| parent | 04dcd55c9d293a26a925377055660310bd229b1b (diff) | |
| download | meta-openembedded-6bb0c0de3f5284ba506211362227d34e02ae5553.tar.gz | |
openldap: fix build against gnutls3
OE-core update from gnutls2 to gnutls3, openldap needs patches to cope with that. Also add libgcrypt to DEPENDS since openldap links against it directly now instead of through gnutls.
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Diffstat (limited to 'meta-oe')
3 files changed, 64 insertions, 1 deletions
diff --git a/meta-oe/recipes-support/openldap/openldap-2.4.23/0205e83f4670d10ad3c6ae4b8fc5ec1d0c7020c0.patch b/meta-oe/recipes-support/openldap/openldap-2.4.23/0205e83f4670d10ad3c6ae4b8fc5ec1d0c7020c0.patch new file mode 100644 index 0000000000..dffd3ca512 --- /dev/null +++ b/meta-oe/recipes-support/openldap/openldap-2.4.23/0205e83f4670d10ad3c6ae4b8fc5ec1d0c7020c0.patch | |||
| @@ -0,0 +1,44 @@ | |||
| 1 | From 0205e83f4670d10ad3c6ae4b8fc5ec1d0c7020c0 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Howard Chu <hyc@openldap.org> | ||
| 3 | Date: Sat, 7 Sep 2013 09:39:24 -0700 | ||
| 4 | Subject: [PATCH] ITS#7430 GnuTLS: Avoid use of deprecated function | ||
| 5 | |||
| 6 | Upstream-status: Backport | ||
| 7 | |||
| 8 | --- | ||
| 9 | libraries/libldap/tls_g.c | 12 ++++++++++++ | ||
| 10 | 1 files changed, 12 insertions(+), 0 deletions(-) | ||
| 11 | |||
| 12 | diff --git a/libraries/libldap/tls_g.c b/libraries/libldap/tls_g.c | ||
| 13 | index 9acffaf..c793828 100644 | ||
| 14 | --- a/libraries/libldap/tls_g.c | ||
| 15 | +++ b/libraries/libldap/tls_g.c | ||
| 16 | @@ -368,6 +368,17 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server ) | ||
| 17 | * then we have to build the cert chain. | ||
| 18 | */ | ||
| 19 | if ( max == 1 && !gnutls_x509_crt_check_issuer( certs[0], certs[0] )) { | ||
| 20 | +#if GNUTLS_VERSION_NUMBER >= 0x020c00 | ||
| 21 | + unsigned int i; | ||
| 22 | + for ( i = 1; i<VERIFY_DEPTH; i++ ) { | ||
| 23 | + if ( gnutls_certificate_get_issuer( ctx->cred, certs[i-1], &certs[i], 0 )) | ||
| 24 | + break; | ||
| 25 | + max++; | ||
| 26 | + /* If this CA is self-signed, we're done */ | ||
| 27 | + if ( gnutls_x509_crt_check_issuer( certs[i], certs[i] )) | ||
| 28 | + break; | ||
| 29 | + } | ||
| 30 | +#else | ||
| 31 | gnutls_x509_crt_t *cas; | ||
| 32 | unsigned int i, j, ncas; | ||
| 33 | |||
| 34 | @@ -387,6 +398,7 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server ) | ||
| 35 | if ( j == ncas ) | ||
| 36 | break; | ||
| 37 | } | ||
| 38 | +#endif | ||
| 39 | } | ||
| 40 | rc = gnutls_certificate_set_x509_key( ctx->cred, certs, max, key ); | ||
| 41 | if ( rc ) return -1; | ||
| 42 | -- | ||
| 43 | 1.7.4.2 | ||
| 44 | |||
diff --git a/meta-oe/recipes-support/openldap/openldap-2.4.23/openldap-2.4.28-gnutls-gcrypt.patch b/meta-oe/recipes-support/openldap/openldap-2.4.23/openldap-2.4.28-gnutls-gcrypt.patch new file mode 100644 index 0000000000..c7b1552c1c --- /dev/null +++ b/meta-oe/recipes-support/openldap/openldap-2.4.23/openldap-2.4.28-gnutls-gcrypt.patch | |||
| @@ -0,0 +1,17 @@ | |||
| 1 | From http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/net-nds/openldap/files/ | ||
| 2 | |||
| 3 | Upstream-status: Unknown | ||
| 4 | |||
| 5 | -- | ||
| 6 | |||
| 7 | --- openldap-2.4.28/configure.in.orig 2012-02-11 22:40:36.004360795 +0000 | ||
| 8 | +++ openldap-2.4.28/configure.in 2012-02-11 22:40:13.410986851 +0000 | ||
| 9 | @@ -1214,7 +1214,7 @@ | ||
| 10 | ol_with_tls=gnutls | ||
| 11 | ol_link_tls=yes | ||
| 12 | |||
| 13 | - TLS_LIBS="-lgnutls" | ||
| 14 | + TLS_LIBS="-lgnutls -lgcrypt" | ||
| 15 | |||
| 16 | AC_DEFINE(HAVE_GNUTLS, 1, | ||
| 17 | [define if you have GNUtls]) | ||
diff --git a/meta-oe/recipes-support/openldap/openldap_2.4.23.bb b/meta-oe/recipes-support/openldap/openldap_2.4.23.bb index 5c6f9eac65..306a78647d 100644 --- a/meta-oe/recipes-support/openldap/openldap_2.4.23.bb +++ b/meta-oe/recipes-support/openldap/openldap_2.4.23.bb | |||
| @@ -16,6 +16,8 @@ LDAP_VER = "${@'.'.join(d.getVar('PV',1).split('.')[0:2])}" | |||
| 16 | SRC_URI = "ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz \ | 16 | SRC_URI = "ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz \ |
| 17 | file://openldap-m4-pthread.patch \ | 17 | file://openldap-m4-pthread.patch \ |
| 18 | file://kill-icu.patch \ | 18 | file://kill-icu.patch \ |
| 19 | file://0205e83f4670d10ad3c6ae4b8fc5ec1d0c7020c0.patch \ | ||
| 20 | file://openldap-2.4.28-gnutls-gcrypt.patch \ | ||
| 19 | file://initscript \ | 21 | file://initscript \ |
| 20 | " | 22 | " |
| 21 | SRC_URI[md5sum] = "90150b8c0d0192e10b30157e68844ddf" | 23 | SRC_URI[md5sum] = "90150b8c0d0192e10b30157e68844ddf" |
| @@ -48,7 +50,7 @@ PACKAGECONFIG ??= "gnutls modules \ | |||
| 48 | ldap meta monitor null passwd shell proxycache dnssrv \ | 50 | ldap meta monitor null passwd shell proxycache dnssrv \ |
| 49 | " | 51 | " |
| 50 | #--with-tls with TLS/SSL support auto|openssl|gnutls [auto] | 52 | #--with-tls with TLS/SSL support auto|openssl|gnutls [auto] |
| 51 | PACKAGECONFIG[gnutls] = "--with-tls=gnutls,,gnutls" | 53 | PACKAGECONFIG[gnutls] = "--with-tls=gnutls,,gnutls libgcrypt" |
| 52 | PACKAGECONFIG[openssl] = "--with-tls=openssl,,openssl" | 54 | PACKAGECONFIG[openssl] = "--with-tls=openssl,,openssl" |
| 53 | 55 | ||
| 54 | PACKAGECONFIG[sasl] = "--with-cyrus-sasl,--without-cyrus-sasl,cyrus-sasl" | 56 | PACKAGECONFIG[sasl] = "--with-cyrus-sasl,--without-cyrus-sasl,cyrus-sasl" |