diff options
author | Stefan Ghinea <stefan.ghinea@windriver.com> | 2021-04-23 20:18:26 +0300 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-04-24 02:59:20 +0100 |
commit | 8d284bc013b950ca20f374c0bbfce014d9d80717 (patch) | |
tree | 49e703cbc81025f9b4d998fce40daa5724ec1d71 | |
parent | c039538549ece28f32a371c044adb088f681a9ae (diff) | |
download | openembedded-core-contrib-8d284bc013b950ca20f374c0bbfce014d9d80717.tar.gz |
libssh2: fix build failure with option no-ecdsa
libssh2 fails at do_compile if
DEPRECATED_CRYPTO_FLAGS = "no-ecdsa" is set in recipe:
../src/.libs/libssh2.so: undefined reference to
`LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY'
References:
https://github.com/libssh2/libssh2/issues/549
Upstream patches:
https://github.com/libssh2/libssh2/commit/1f76151c92e1b52e9c24ebf06adc77fbd6c062bc
Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/recipes-support/libssh2/files/0001-kex.c-move-EC-macro-outside-of-if-check-549-550.patch | 112 | ||||
-rw-r--r-- | meta/recipes-support/libssh2/libssh2_1.9.0.bb | 1 |
2 files changed, 113 insertions, 0 deletions
diff --git a/meta/recipes-support/libssh2/files/0001-kex.c-move-EC-macro-outside-of-if-check-549-550.patch b/meta/recipes-support/libssh2/files/0001-kex.c-move-EC-macro-outside-of-if-check-549-550.patch new file mode 100644 index 0000000000..b331c1bf81 --- /dev/null +++ b/meta/recipes-support/libssh2/files/0001-kex.c-move-EC-macro-outside-of-if-check-549-550.patch @@ -0,0 +1,112 @@ +From 1f76151c92e1b52e9c24ebf06adc77fbd6c062bc Mon Sep 17 00:00:00 2001 +From: Will Cosgrove <will@panic.com> +Date: Tue, 26 Jan 2021 11:41:21 -0800 +Subject: [PATCH] kex.c: move EC macro outside of if check #549 (#550) + +File: kex.c + +Notes: +Moved the macro LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY outside of the LIBSSH2_ECDSA since it's also now used by the ED25519 code. + +Sha 256, 384 and 512 need to be defined for all backends now even if they aren't used directly. I believe this is already the case, but just a heads up. + +Credit: +Stefan-Ghinea + +Upstream-Status: Backport + +Reference to upstream patch: +https://github.com/libssh2/libssh2/commit/1f76151c92e1b52e9c24ebf06adc77fbd6c062bc + +Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com> +--- + src/kex.c | 66 +++++++++++++++++++++++++++---------------------------- + 1 file changed, 33 insertions(+), 33 deletions(-) + +diff --git a/src/kex.c b/src/kex.c +index cb16639..19ab6ec 100644 +--- a/src/kex.c ++++ b/src/kex.c +@@ -1885,39 +1885,6 @@ kex_method_diffie_hellman_group_exchange_sha256_key_exchange + } + + +-#if LIBSSH2_ECDSA +- +-/* kex_session_ecdh_curve_type +- * returns the EC curve type by name used in key exchange +- */ +- +-static int +-kex_session_ecdh_curve_type(const char *name, libssh2_curve_type *out_type) +-{ +- int ret = 0; +- libssh2_curve_type type; +- +- if(name == NULL) +- return -1; +- +- if(strcmp(name, "ecdh-sha2-nistp256") == 0) +- type = LIBSSH2_EC_CURVE_NISTP256; +- else if(strcmp(name, "ecdh-sha2-nistp384") == 0) +- type = LIBSSH2_EC_CURVE_NISTP384; +- else if(strcmp(name, "ecdh-sha2-nistp521") == 0) +- type = LIBSSH2_EC_CURVE_NISTP521; +- else { +- ret = -1; +- } +- +- if(ret == 0 && out_type) { +- *out_type = type; +- } +- +- return ret; +-} +- +- + /* LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY + * + * Macro that create and verifies EC SHA hash with a given digest bytes +@@ -2027,6 +1994,39 @@ kex_session_ecdh_curve_type(const char *name, libssh2_curve_type *out_type) + } \ + + ++#if LIBSSH2_ECDSA ++ ++/* kex_session_ecdh_curve_type ++ * returns the EC curve type by name used in key exchange ++ */ ++ ++static int ++kex_session_ecdh_curve_type(const char *name, libssh2_curve_type *out_type) ++{ ++ int ret = 0; ++ libssh2_curve_type type; ++ ++ if(name == NULL) ++ return -1; ++ ++ if(strcmp(name, "ecdh-sha2-nistp256") == 0) ++ type = LIBSSH2_EC_CURVE_NISTP256; ++ else if(strcmp(name, "ecdh-sha2-nistp384") == 0) ++ type = LIBSSH2_EC_CURVE_NISTP384; ++ else if(strcmp(name, "ecdh-sha2-nistp521") == 0) ++ type = LIBSSH2_EC_CURVE_NISTP521; ++ else { ++ ret = -1; ++ } ++ ++ if(ret == 0 && out_type) { ++ *out_type = type; ++ } ++ ++ return ret; ++} ++ ++ + /* ecdh_sha2_nistp + * Elliptic Curve Diffie Hellman Key Exchange + */ +-- +2.17.1 + diff --git a/meta/recipes-support/libssh2/libssh2_1.9.0.bb b/meta/recipes-support/libssh2/libssh2_1.9.0.bb index 0b8ccbd217..a5451628e7 100644 --- a/meta/recipes-support/libssh2/libssh2_1.9.0.bb +++ b/meta/recipes-support/libssh2/libssh2_1.9.0.bb @@ -11,6 +11,7 @@ SRC_URI = "http://www.libssh2.org/download/${BP}.tar.gz \ file://CVE-2019-17498.patch \ file://0001-configure-Conditionally-undefine-backend-m4-macro.patch \ file://run-ptest \ + file://0001-kex.c-move-EC-macro-outside-of-if-check-549-550.patch \ " SRC_URI_append_ptest = " file://0001-Don-t-let-host-enviroment-to-decide-if-a-test-is-bui.patch" |