3 files changed, 141 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/iksemel/iksemel/avoid-obsolete-gnutls-apis.patch b/meta-oe/recipes-support/iksemel/iksemel/avoid-obsolete-gnutls-apis.patch
new file mode 100644
index 0000000000..41fccc3ab0
--- /dev/null
+++ b/meta-oe/recipes-support/iksemel/iksemel/avoid-obsolete-gnutls-apis.patch
@@ -0,0 +1,55 @@
+From 7136a908a056d0e36c89b6e1c39adff8ce2bb1d4 Mon Sep 17 00:00:00 2001
+From: Andre McCurdy <armccurdy@gmail.com>
+Date: Wed, 1 Nov 2017 13:17:34 -0700
+Subject: [PATCH] avoid obsolete gnutls apis
+The gnutls_*_set_priority() family of functions was marked deprecated
+in gnutls 2.12.x and removed completely in 3.5.x. These functions
+have been superceded by gnutls_priority_set_direct(), which was added
+in gnutls 2.2.0 (released 2007-12-14).
+Rather than simply update the custom gnutls_*_set_priority() calls to
+use gnutls_priority_set_direct(), drop the custom priority selection
+completely and use the recommended approach of letting gnutls pick a
+reasonable set of defaults.
+Upstream-Status: Pending
+Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
+---
+ src/tls-gnutls.c | 12 ++----------
+ 1 file changed, 2 insertions(+), 10 deletions(-)
+diff --git a/src/tls-gnutls.c b/src/tls-gnutls.c
+index d7b7c91..749e9ef 100644
+--- a/src/tls-gnutls.c
+++ b/src/tls-gnutls.c
+@@ -48,11 +48,6 @@ tls_pull (struct ikstls_data *data, char *buffer, size_t len)
+ static int
+ tls_handshake (struct ikstls_data **datap, ikstransport *trans, void *sock)
+ {
+-       const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
+-       const int kx_priority[] = { GNUTLS_KX_RSA, 0 };
+-       const int cipher_priority[] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0};
+-       const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
+-       const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
+        struct ikstls_data *data;
+        int ret;
+ 
+@@ -81,11 +76,8 @@ tls_handshake (struct ikstls_data **datap, ikstransport *trans, void *sock)
+                return IKS_NOMEM;
+        }
+ 
+-       gnutls_protocol_set_priority (data->sess, protocol_priority);
+-       gnutls_cipher_set_priority(data->sess, cipher_priority);
+-       gnutls_compression_set_priority(data->sess, comp_priority);
+-       gnutls_kx_set_priority(data->sess, kx_priority);
+-       gnutls_mac_set_priority(data->sess, mac_priority);
+       gnutls_set_default_priority (data->sess);
+
+        gnutls_credentials_set (data->sess, GNUTLS_CRD_CERTIFICATE, data->cred);
+ 
+        gnutls_transport_set_push_function (data->sess, (gnutls_push_func) tls_push);
+-- 
+1.9.1
diff --git a/meta-oe/recipes-support/iksemel/iksemel/fix-configure-option-parsing.patch b/meta-oe/recipes-support/iksemel/iksemel/fix-configure-option-parsing.patch
new file mode 100644
index 0000000000..05accdd9c8
--- /dev/null
+++ b/meta-oe/recipes-support/iksemel/iksemel/fix-configure-option-parsing.patch
@@ -0,0 +1,62 @@
+From 17a5cf8f70b86d8a2195562e2d9dcccb4fa35c83 Mon Sep 17 00:00:00 2001
+From: Andre McCurdy <armccurdy@gmail.com>
+Date: Tue, 31 Oct 2017 20:05:58 -0700
+Subject: [PATCH] fix configure option parsing
+Don't over-write with_openssl etc by trying to set to $enablevar
+Upstream-Status: Pending
+Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
+---
+ configure.ac | 14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+diff --git a/configure.ac b/configure.ac
+index 82e6d2d..823e6c1 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -56,17 +56,17 @@ fi
+ dnl Options for overriding TLS checks
+ AC_ARG_WITH([openssl],
+   AS_HELP_STRING([--without-openssl],[disable checking for openssl]),
+-  [with_openssl=$enableval],
+-  [with_openssl=yes]
+  [],
+  [with_openssl=auto]
+ )
+ AC_ARG_WITH([gnutls],
+   AS_HELP_STRING([--without-gnutls],[disable checking for GNU TLS]),
+-  [with_gnutls=$enableval],
+-  [with_gnutls=yes]
+  [],
+  [with_gnutls=auto]
+ )
+ 
+ dnl Check OpenSSL
+-if test "x$with_openssl" = "xyes"; then
+if test "x$with_openssl" != "xno"; then
+   PKG_CHECK_MODULES([OPENSSL], openssl >= 0.9.8, have_openssl=yes, have_openssl=no)
+   if test "x$have_openssl" = "xyes"; then
+     LIBOPENSSL_CFLAGS="$OPENSSL_CFLAGS"
+@@ -78,7 +78,7 @@ if test "x$with_openssl" = "xyes"; then
+ fi
+ 
+ dnl Check GNU TLS
+-if test "x$with_gnutls" = "xyes"; then
+if test "x$with_gnutls" != "xno"; then
+   if test "x$have_openssl" != "xyes"; then
+     PKG_CHECK_MODULES([GNUTLS], gnutls >= 2.0.0, have_gnutls=yes, have_gnutls=no)
+     if test "x$have_gnutls" = "xyes"; then
+@@ -94,7 +94,7 @@ fi
+ dnl Option for overriding Python check
+ AC_ARG_ENABLE([python],
+   AS_HELP_STRING([--disable-python],[disable checking for Python bindings]),
+-  [with_python=$enableval],
+  [],
+   [with_python=yes]
+ )
+ 
+-- 
+1.9.1
diff --git a/meta-oe/recipes-support/iksemel/iksemel_1.5.bb b/meta-oe/recipes-support/iksemel/iksemel_1.5.bb
new file mode 100644
index 0000000000..0903e90d7d
--- /dev/null
+++ b/meta-oe/recipes-support/iksemel/iksemel_1.5.bb
@@ -0,0 +1,24 @@
+SUMMARY = "Fast and portable XML parser and Jabber protocol library"
+HOMEPAGE = "https://github.com/meduketto/iksemel"
+SECTION = "libs"
+LICENSE = "LGPLv2.1"
+LIC_FILES_CHKSUM = "file://COPYING;md5=d8045f3b8f929c1cb29a1e3fd737b499"
+SRCREV = "978b733462e41efd5db72bc9974cb3b0d1d5f6fa"
+PV = "1.5+git${SRCPV}"
+SRC_URI = "git://github.com/meduketto/iksemel.git;protocol=https \
+           file://fix-configure-option-parsing.patch \
+           file://avoid-obsolete-gnutls-apis.patch"
+S = "${WORKDIR}/git"
+inherit autotools pkgconfig lib_package
+# TLS support requires either openssl or gnutls (if both are enabled openssl will be used).
+PACKAGECONFIG ?= "gnutls"
+PACKAGECONFIG[gnutls] = "--with-gnutls,--without-gnutls,gnutls"
+PACKAGECONFIG[openssl] = "--with-openssl,--without-openssl,openssl"
+EXTRA_OECONF = "--disable-python"

diff --git a/meta-oe/recipes-support/iksemel/iksemel/avoid-obsolete-gnutls-apis.patch b/meta-oe/recipes-support/iksemel/iksemel/avoid-obsolete-gnutls-apis.patch new file mode 100644 index 0000000000..41fccc3ab0 --- /dev/null +++ b/meta-oe/recipes-support/iksemel/iksemel/avoid-obsolete-gnutls-apis.patch
@@ -0,0 +1,55 @@
	1	From 7136a908a056d0e36c89b6e1c39adff8ce2bb1d4 Mon Sep 17 00:00:00 2001
	2	From: Andre McCurdy <armccurdy@gmail.com>
	3	Date: Wed, 1 Nov 2017 13:17:34 -0700
	4	Subject: [PATCH] avoid obsolete gnutls apis
	5
	6	The gnutls_*_set_priority() family of functions was marked deprecated
	7	in gnutls 2.12.x and removed completely in 3.5.x. These functions
	8	have been superceded by gnutls_priority_set_direct(), which was added
	9	in gnutls 2.2.0 (released 2007-12-14).
	10
	11	Rather than simply update the custom gnutls_*_set_priority() calls to
	12	use gnutls_priority_set_direct(), drop the custom priority selection
	13	completely and use the recommended approach of letting gnutls pick a
	14	reasonable set of defaults.
	15
	16	Upstream-Status: Pending
	17
	18	Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
	19	---
	20	src/tls-gnutls.c \| 12 ++----------
	21	1 file changed, 2 insertions(+), 10 deletions(-)
	22
	23	diff --git a/src/tls-gnutls.c b/src/tls-gnutls.c
	24	index d7b7c91..749e9ef 100644
	25	--- a/src/tls-gnutls.c
	26	+++ b/src/tls-gnutls.c
	27	@@ -48,11 +48,6 @@ tls_pull (struct ikstls_data data, char buffer, size_t len)
	28	static int
	29	tls_handshake (struct ikstls_data *datap, ikstransport trans, void *sock)
	30	{
	31	- const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
	32	- const int kx_priority[] = { GNUTLS_KX_RSA, 0 };
	33	- const int cipher_priority[] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0};
	34	- const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
	35	- const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
	36	struct ikstls_data *data;
	37	int ret;
	38
	39	@@ -81,11 +76,8 @@ tls_handshake (struct ikstls_data *datap, ikstransport trans, void *sock)
	40	return IKS_NOMEM;
	41	}
	42
	43	- gnutls_protocol_set_priority (data->sess, protocol_priority);
	44	- gnutls_cipher_set_priority(data->sess, cipher_priority);
	45	- gnutls_compression_set_priority(data->sess, comp_priority);
	46	- gnutls_kx_set_priority(data->sess, kx_priority);
	47	- gnutls_mac_set_priority(data->sess, mac_priority);
	48	+ gnutls_set_default_priority (data->sess);
	49	+
	50	gnutls_credentials_set (data->sess, GNUTLS_CRD_CERTIFICATE, data->cred);
	51
	52	gnutls_transport_set_push_function (data->sess, (gnutls_push_func) tls_push);
	53	--
	54	1.9.1
	55


diff --git a/meta-oe/recipes-support/iksemel/iksemel/fix-configure-option-parsing.patch b/meta-oe/recipes-support/iksemel/iksemel/fix-configure-option-parsing.patch new file mode 100644 index 0000000000..05accdd9c8 --- /dev/null +++ b/meta-oe/recipes-support/iksemel/iksemel/fix-configure-option-parsing.patch
@@ -0,0 +1,62 @@
	1	From 17a5cf8f70b86d8a2195562e2d9dcccb4fa35c83 Mon Sep 17 00:00:00 2001
	2	From: Andre McCurdy <armccurdy@gmail.com>
	3	Date: Tue, 31 Oct 2017 20:05:58 -0700
	4	Subject: [PATCH] fix configure option parsing
	5
	6	Don't over-write with_openssl etc by trying to set to $enablevar
	7
	8	Upstream-Status: Pending
	9
	10	Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
	11	---
	12	configure.ac \| 14 +++++++-------
	13	1 file changed, 7 insertions(+), 7 deletions(-)
	14
	15	diff --git a/configure.ac b/configure.ac
	16	index 82e6d2d..823e6c1 100644
	17	--- a/configure.ac
	18	+++ b/configure.ac
	19	@@ -56,17 +56,17 @@ fi
	20	dnl Options for overriding TLS checks
	21	AC_ARG_WITH([openssl],
	22	AS_HELP_STRING([--without-openssl],[disable checking for openssl]),
	23	- [with_openssl=$enableval],
	24	- [with_openssl=yes]
	25	+ [],
	26	+ [with_openssl=auto]
	27	)
	28	AC_ARG_WITH([gnutls],
	29	AS_HELP_STRING([--without-gnutls],[disable checking for GNU TLS]),
	30	- [with_gnutls=$enableval],
	31	- [with_gnutls=yes]
	32	+ [],
	33	+ [with_gnutls=auto]
	34	)
	35
	36	dnl Check OpenSSL
	37	-if test "x$with_openssl" = "xyes"; then
	38	+if test "x$with_openssl" != "xno"; then
	39	PKG_CHECK_MODULES([OPENSSL], openssl >= 0.9.8, have_openssl=yes, have_openssl=no)
	40	if test "x$have_openssl" = "xyes"; then
	41	LIBOPENSSL_CFLAGS="$OPENSSL_CFLAGS"
	42	@@ -78,7 +78,7 @@ if test "x$with_openssl" = "xyes"; then
	43	fi
	44
	45	dnl Check GNU TLS
	46	-if test "x$with_gnutls" = "xyes"; then
	47	+if test "x$with_gnutls" != "xno"; then
	48	if test "x$have_openssl" != "xyes"; then
	49	PKG_CHECK_MODULES([GNUTLS], gnutls >= 2.0.0, have_gnutls=yes, have_gnutls=no)
	50	if test "x$have_gnutls" = "xyes"; then
	51	@@ -94,7 +94,7 @@ fi
	52	dnl Option for overriding Python check
	53	AC_ARG_ENABLE([python],
	54	AS_HELP_STRING([--disable-python],[disable checking for Python bindings]),
	55	- [with_python=$enableval],
	56	+ [],
	57	[with_python=yes]
	58	)
	59
	60	--
	61	1.9.1
	62


diff --git a/meta-oe/recipes-support/iksemel/iksemel_1.5.bb b/meta-oe/recipes-support/iksemel/iksemel_1.5.bb new file mode 100644 index 0000000000..0903e90d7d --- /dev/null +++ b/meta-oe/recipes-support/iksemel/iksemel_1.5.bb
@@ -0,0 +1,24 @@
	1	SUMMARY = "Fast and portable XML parser and Jabber protocol library"
	2	HOMEPAGE = "https://github.com/meduketto/iksemel"
	3	SECTION = "libs"
	4	LICENSE = "LGPLv2.1"
	5	LIC_FILES_CHKSUM = "file://COPYING;md5=d8045f3b8f929c1cb29a1e3fd737b499"
	6
	7	SRCREV = "978b733462e41efd5db72bc9974cb3b0d1d5f6fa"
	8	PV = "1.5+git${SRCPV}"
	9
	10	SRC_URI = "git://github.com/meduketto/iksemel.git;protocol=https \
	11	file://fix-configure-option-parsing.patch \
	12	file://avoid-obsolete-gnutls-apis.patch"
	13
	14	S = "${WORKDIR}/git"
	15
	16	inherit autotools pkgconfig lib_package
	17
	18	# TLS support requires either openssl or gnutls (if both are enabled openssl will be used).
	19	PACKAGECONFIG ?= "gnutls"
	20
	21	PACKAGECONFIG[gnutls] = "--with-gnutls,--without-gnutls,gnutls"
	22	PACKAGECONFIG[openssl] = "--with-openssl,--without-openssl,openssl"
	23
	24	EXTRA_OECONF = "--disable-python"