librelp: Add packageconfigs for TLS implementations

valgrind is not available on all arches e.g. riscv so enable it
conditionally

Enable openSSL TLS by default and add option to enable gnuTLS

Signed-off-by: Khem Raj <raj.khem@gmail.com>

2 files changed, 100 insertions, 2 deletions

diff --git a/meta-oe/recipes-extended/rsyslog/librelp/0001-tcp-fix-some-compiler-warnings-with-enable-tls-opens.patch b/meta-oe/recipes-extended/rsyslog/librelp/0001-tcp-fix-some-compiler-warnings-with-enable-tls-opens.patch
new file mode 100644
index 0000000000..3ce5926333
--- /dev/null
+++ b/meta-oe/recipes-extended/rsyslog/librelp/0001-tcp-fix-some-compiler-warnings-with-enable-tls-opens.patch
@@ -0,0 +1,88 @@
+From 6e9b27f04132287463c89d3be0ce4f506944920d Mon Sep 17 00:00:00 2001
+From: Patrick Williams <patrick@stwcx.xyz>
+Date: Fri, 3 Feb 2023 16:11:29 -0600
+Subject: [PATCH] tcp: fix some compiler warnings with enable-tls-openssl
+
+When --enable-tls=no and --enable-tls-openssl=yes, the following
+compiler errors are reported:
+
+```
+| ../../git/src/tcp.c:3765:1: error: no previous declaration for 'relpTcpGetRtryDirection_gtls' [-Werror=missing-declarations]
+|  3765 | relpTcpGetRtryDirection_gtls(LIBRELP_ATTR_UNUSED relpTcp_t *const pThis)
+|       | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
+| ../../git/src/tcp.c:3583:1: error: 'relpTcpChkPeerName' defined but not used [-Werror=unused-function]
+|  3583 | relpTcpChkPeerName(NOTLS_UNUSED relpTcp_t *const pThis, NOTLS_UNUSED void* cert)
+|       | ^~~~~~~~~~~~~~~~~~
+```
+
+Fix these by:
+    1. Add static on the openssl path for relpTcpGetRtryDirection_gtls.
+    2. Move the relpTcpChkPeerName forward declaration to another ifdef
+       leg.
+    3. Wrap relpTcpChkPeerName in gnutls-based ifdef.
+    4. Remove relpTcpChkPeerName_gtls from openssl path.
+
+Upstream-Status: Backport [https://github.com/rsyslog/librelp/pull/255]
+Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
+---
+ src/tcp.c | 11 ++++-------
+ 1 file changed, 4 insertions(+), 7 deletions(-)
+
+diff --git a/src/tcp.c b/src/tcp.c
+index 7a75cc4..18cffda 100644
+--- a/src/tcp.c
++++ b/src/tcp.c
+@@ -132,12 +132,12 @@ callOnErr(const relpTcp_t *__restrict__ const pThis,
+ static int LIBRELP_ATTR_NONNULL() relpTcpGetCN(char *const namebuf, const size_t lenNamebuf, const char *const szDN);
+ #ifdef HAVE_GNUTLS_CERTIFICATE_SET_VERIFY_FUNCTION
+ static int relpTcpVerifyCertificateCallback(gnutls_session_t session);
++static int relpTcpChkPeerName(relpTcp_t *const pThis, void* cert);
+ #endif /* #ifdef HAVE_GNUTLS_CERTIFICATE_SET_VERIFY_FUNCTION */
+ #if defined(HAVE_GNUTLS_CERTIFICATE_SET_VERIFY_FUNCTION) || defined(ENABLE_TLS_OPENSSL)
+ static void relpTcpChkOnePeerName(relpTcp_t *const pThis, char *peername, int *pbFoundPositiveMatch);
+ static int relpTcpAddToCertNamesBuffer(relpTcp_t *const pThis, char *const buf,
+        const size_t buflen, int *p_currIdx, const char *const certName);
+-static int relpTcpChkPeerName(relpTcp_t *const pThis, void* cert);
+ #endif /* defined(HAVE_GNUTLS_CERTIFICATE_SET_VERIFY_FUNCTION) || defined(ENABLE_TLS_OPENSSL) */
+ 
+ 
+@@ -2820,11 +2820,6 @@ relpTcpLstnInitTLS_gtls(LIBRELP_ATTR_UNUSED relpTcp_t *const pThis)
+ {
+        return RELP_RET_ERR_INTERNAL;
+ }
+-static int
+-relpTcpChkPeerName_gtls(LIBRELP_ATTR_UNUSED relpTcp_t *const pThis, LIBRELP_ATTR_UNUSED void *vcert)
+-{
+-       return RELP_RET_ERR_INTERNAL;
+-}
+ #endif /* defined(ENABLE_TLS)*/
+ 
+ 
+@@ -3579,6 +3574,7 @@ finalize_it:
+ 
+ }
+ 
++#ifdef HAVE_GNUTLS_CERTIFICATE_SET_VERIFY_FUNCTION
+ static int
+ relpTcpChkPeerName(NOTLS_UNUSED relpTcp_t *const pThis, NOTLS_UNUSED void* cert)
+ {
+@@ -3592,6 +3588,7 @@ relpTcpChkPeerName(NOTLS_UNUSED relpTcp_t *const pThis, NOTLS_UNUSED void* cert)
+        #endif /* #ifdef  WITH_TLS*/
+        LEAVE_RELPFUNC;
+ }
++#endif
+ 
+ static relpRetVal LIBRELP_ATTR_NONNULL()
+ relpTcpAcceptConnReqInitTLS(NOTLS_UNUSED relpTcp_t *const pThis, NOTLS_UNUSED relpSrv_t *const pSrv)
+@@ -3761,7 +3758,7 @@ relpTcpGetRtryDirection_gtls(relpTcp_t *const pThis)
+        return gnutls_record_get_direction(pThis->session);
+ }
+ #else /* #ifdef ENABLE_TLS */
+-relpRetVal LIBRELP_ATTR_NONNULL()
++static relpRetVal LIBRELP_ATTR_NONNULL()
+ relpTcpGetRtryDirection_gtls(LIBRELP_ATTR_UNUSED relpTcp_t *const pThis)
+ {
+        return RELP_RET_ERR_INTERNAL;
+-- 
+2.41.0
+
diff --git a/meta-oe/recipes-extended/rsyslog/librelp_1.11.0.bb b/meta-oe/recipes-extended/rsyslog/librelp_1.11.0.bb
index eebfece3f2..c64eaf2c48 100644
--- a/meta-oe/recipes-extended/rsyslog/librelp_1.11.0.bb
+++ b/meta-oe/recipes-extended/rsyslog/librelp_1.11.0.bb
@@ -4,11 +4,12 @@ HOMEPAGE = "https://github.com/rsyslog/librelp"
 LICENSE = "GPL-3.0-only"
 LIC_FILES_CHKSUM = "file://COPYING;md5=1fb9c10ed9fd6826757615455ca893a9"
 
-DEPENDS = "gmp nettle libidn zlib gnutls openssl"
+DEPENDS = "gmp libidn zlib"
 
 SRC_URI = "git://github.com/rsyslog/librelp.git;protocol=https;branch=stable \
            file://0001-Fix-function-inline-errors-in-debug-optimization-Og.patch \
            file://0001-tests-Fix-callback-prototype.patch \
+           file://0001-tcp-fix-some-compiler-warnings-with-enable-tls-opens.patch \
            file://run-ptest \
 "
 
@@ -18,6 +19,15 @@ S = "${WORKDIR}/git"
 
 inherit autotools pkgconfig ptest
 
+PACKAGECONFIG ?= "tls-openssl valgrind"
+# Valgrind is not available for RISCV yet
+PACKAGECONFIG:remove:riscv64 = "valgrind"
+PACKAGECONFIG:remove:riscv32 = "valgrind"
+
+PACKAGECONFIG[tls] = "--enable-tls,--disable-tls,gnutls nettle"
+PACKAGECONFIG[tls-openssl] = "--enable-tls-openssl,--disable-tls-openssl,openssl"
+PACKAGECONFIG[valgrind] = "--enable-valgrind,--disable-valgrind,"
+
 # For ptests, copy source tests/*.sh scripts, Makefile and 
 # executables and run them with make on target.
 TESTDIR = "tests"
@@ -71,5 +81,5 @@ RDEPENDS:${PN}-ptest += "\
   make bash coreutils libgcc util-linux gawk grep \
   python3-core python3-io \
 "
+RRECOMMENDS:${PN}-ptest += "${@bb.utils.filter('PACKAGECONFIG', 'valgrind', d)}"
 
-RRECOMMENDS:${PN}-ptest += " valgrind"