From e34c58ed66886ee2c964aa21aee2268d87c65699 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Fri, 18 Aug 2023 09:52:55 -0700 Subject: librelp: Add packageconfigs for TLS implementations valgrind is not available on all arches e.g. riscv so enable it conditionally Enable openSSL TLS by default and add option to enable gnuTLS Signed-off-by: Khem Raj --- ...e-compiler-warnings-with-enable-tls-opens.patch | 88 ++++++++++++++++++++++ meta-oe/recipes-extended/rsyslog/librelp_1.11.0.bb | 14 +++- 2 files changed, 100 insertions(+), 2 deletions(-) create mode 100644 meta-oe/recipes-extended/rsyslog/librelp/0001-tcp-fix-some-compiler-warnings-with-enable-tls-opens.patch diff --git a/meta-oe/recipes-extended/rsyslog/librelp/0001-tcp-fix-some-compiler-warnings-with-enable-tls-opens.patch b/meta-oe/recipes-extended/rsyslog/librelp/0001-tcp-fix-some-compiler-warnings-with-enable-tls-opens.patch new file mode 100644 index 0000000000..3ce5926333 --- /dev/null +++ b/meta-oe/recipes-extended/rsyslog/librelp/0001-tcp-fix-some-compiler-warnings-with-enable-tls-opens.patch @@ -0,0 +1,88 @@ +From 6e9b27f04132287463c89d3be0ce4f506944920d Mon Sep 17 00:00:00 2001 +From: Patrick Williams +Date: Fri, 3 Feb 2023 16:11:29 -0600 +Subject: [PATCH] tcp: fix some compiler warnings with enable-tls-openssl + +When --enable-tls=no and --enable-tls-openssl=yes, the following +compiler errors are reported: + +``` +| ../../git/src/tcp.c:3765:1: error: no previous declaration for 'relpTcpGetRtryDirection_gtls' [-Werror=missing-declarations] +| 3765 | relpTcpGetRtryDirection_gtls(LIBRELP_ATTR_UNUSED relpTcp_t *const pThis) +| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ +| ../../git/src/tcp.c:3583:1: error: 'relpTcpChkPeerName' defined but not used [-Werror=unused-function] +| 3583 | relpTcpChkPeerName(NOTLS_UNUSED relpTcp_t *const pThis, NOTLS_UNUSED void* cert) +| | ^~~~~~~~~~~~~~~~~~ +``` + +Fix these by: + 1. Add static on the openssl path for relpTcpGetRtryDirection_gtls. + 2. Move the relpTcpChkPeerName forward declaration to another ifdef + leg. + 3. Wrap relpTcpChkPeerName in gnutls-based ifdef. + 4. Remove relpTcpChkPeerName_gtls from openssl path. + +Upstream-Status: Backport [https://github.com/rsyslog/librelp/pull/255] +Signed-off-by: Patrick Williams +--- + src/tcp.c | 11 ++++------- + 1 file changed, 4 insertions(+), 7 deletions(-) + +diff --git a/src/tcp.c b/src/tcp.c +index 7a75cc4..18cffda 100644 +--- a/src/tcp.c ++++ b/src/tcp.c +@@ -132,12 +132,12 @@ callOnErr(const relpTcp_t *__restrict__ const pThis, + static int LIBRELP_ATTR_NONNULL() relpTcpGetCN(char *const namebuf, const size_t lenNamebuf, const char *const szDN); + #ifdef HAVE_GNUTLS_CERTIFICATE_SET_VERIFY_FUNCTION + static int relpTcpVerifyCertificateCallback(gnutls_session_t session); ++static int relpTcpChkPeerName(relpTcp_t *const pThis, void* cert); + #endif /* #ifdef HAVE_GNUTLS_CERTIFICATE_SET_VERIFY_FUNCTION */ + #if defined(HAVE_GNUTLS_CERTIFICATE_SET_VERIFY_FUNCTION) || defined(ENABLE_TLS_OPENSSL) + static void relpTcpChkOnePeerName(relpTcp_t *const pThis, char *peername, int *pbFoundPositiveMatch); + static int relpTcpAddToCertNamesBuffer(relpTcp_t *const pThis, char *const buf, + const size_t buflen, int *p_currIdx, const char *const certName); +-static int relpTcpChkPeerName(relpTcp_t *const pThis, void* cert); + #endif /* defined(HAVE_GNUTLS_CERTIFICATE_SET_VERIFY_FUNCTION) || defined(ENABLE_TLS_OPENSSL) */ + + +@@ -2820,11 +2820,6 @@ relpTcpLstnInitTLS_gtls(LIBRELP_ATTR_UNUSED relpTcp_t *const pThis) + { + return RELP_RET_ERR_INTERNAL; + } +-static int +-relpTcpChkPeerName_gtls(LIBRELP_ATTR_UNUSED relpTcp_t *const pThis, LIBRELP_ATTR_UNUSED void *vcert) +-{ +- return RELP_RET_ERR_INTERNAL; +-} + #endif /* defined(ENABLE_TLS)*/ + + +@@ -3579,6 +3574,7 @@ finalize_it: + + } + ++#ifdef HAVE_GNUTLS_CERTIFICATE_SET_VERIFY_FUNCTION + static int + relpTcpChkPeerName(NOTLS_UNUSED relpTcp_t *const pThis, NOTLS_UNUSED void* cert) + { +@@ -3592,6 +3588,7 @@ relpTcpChkPeerName(NOTLS_UNUSED relpTcp_t *const pThis, NOTLS_UNUSED void* cert) + #endif /* #ifdef WITH_TLS*/ + LEAVE_RELPFUNC; + } ++#endif + + static relpRetVal LIBRELP_ATTR_NONNULL() + relpTcpAcceptConnReqInitTLS(NOTLS_UNUSED relpTcp_t *const pThis, NOTLS_UNUSED relpSrv_t *const pSrv) +@@ -3761,7 +3758,7 @@ relpTcpGetRtryDirection_gtls(relpTcp_t *const pThis) + return gnutls_record_get_direction(pThis->session); + } + #else /* #ifdef ENABLE_TLS */ +-relpRetVal LIBRELP_ATTR_NONNULL() ++static relpRetVal LIBRELP_ATTR_NONNULL() + relpTcpGetRtryDirection_gtls(LIBRELP_ATTR_UNUSED relpTcp_t *const pThis) + { + return RELP_RET_ERR_INTERNAL; +-- +2.41.0 + diff --git a/meta-oe/recipes-extended/rsyslog/librelp_1.11.0.bb b/meta-oe/recipes-extended/rsyslog/librelp_1.11.0.bb index eebfece3f2..c64eaf2c48 100644 --- a/meta-oe/recipes-extended/rsyslog/librelp_1.11.0.bb +++ b/meta-oe/recipes-extended/rsyslog/librelp_1.11.0.bb @@ -4,11 +4,12 @@ HOMEPAGE = "https://github.com/rsyslog/librelp" LICENSE = "GPL-3.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=1fb9c10ed9fd6826757615455ca893a9" -DEPENDS = "gmp nettle libidn zlib gnutls openssl" +DEPENDS = "gmp libidn zlib" SRC_URI = "git://github.com/rsyslog/librelp.git;protocol=https;branch=stable \ file://0001-Fix-function-inline-errors-in-debug-optimization-Og.patch \ file://0001-tests-Fix-callback-prototype.patch \ + file://0001-tcp-fix-some-compiler-warnings-with-enable-tls-opens.patch \ file://run-ptest \ " @@ -18,6 +19,15 @@ S = "${WORKDIR}/git" inherit autotools pkgconfig ptest +PACKAGECONFIG ?= "tls-openssl valgrind" +# Valgrind is not available for RISCV yet +PACKAGECONFIG:remove:riscv64 = "valgrind" +PACKAGECONFIG:remove:riscv32 = "valgrind" + +PACKAGECONFIG[tls] = "--enable-tls,--disable-tls,gnutls nettle" +PACKAGECONFIG[tls-openssl] = "--enable-tls-openssl,--disable-tls-openssl,openssl" +PACKAGECONFIG[valgrind] = "--enable-valgrind,--disable-valgrind," + # For ptests, copy source tests/*.sh scripts, Makefile and # executables and run them with make on target. TESTDIR = "tests" @@ -71,5 +81,5 @@ RDEPENDS:${PN}-ptest += "\ make bash coreutils libgcc util-linux gawk grep \ python3-core python3-io \ " +RRECOMMENDS:${PN}-ptest += "${@bb.utils.filter('PACKAGECONFIG', 'valgrind', d)}" -RRECOMMENDS:${PN}-ptest += " valgrind" -- cgit v1.2.3-54-g00ecf