summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStefan Ghinea <stefan.ghinea@windriver.com>2021-04-23 20:18:26 +0300
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-04-24 02:59:20 +0100
commit8d284bc013b950ca20f374c0bbfce014d9d80717 (patch)
tree49e703cbc81025f9b4d998fce40daa5724ec1d71
parentc039538549ece28f32a371c044adb088f681a9ae (diff)
downloadopenembedded-core-contrib-8d284bc013b950ca20f374c0bbfce014d9d80717.tar.gz
libssh2: fix build failure with option no-ecdsa
libssh2 fails at do_compile if DEPRECATED_CRYPTO_FLAGS = "no-ecdsa" is set in recipe: ../src/.libs/libssh2.so: undefined reference to `LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY' References: https://github.com/libssh2/libssh2/issues/549 Upstream patches: https://github.com/libssh2/libssh2/commit/1f76151c92e1b52e9c24ebf06adc77fbd6c062bc Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-support/libssh2/files/0001-kex.c-move-EC-macro-outside-of-if-check-549-550.patch112
-rw-r--r--meta/recipes-support/libssh2/libssh2_1.9.0.bb1
2 files changed, 113 insertions, 0 deletions
diff --git a/meta/recipes-support/libssh2/files/0001-kex.c-move-EC-macro-outside-of-if-check-549-550.patch b/meta/recipes-support/libssh2/files/0001-kex.c-move-EC-macro-outside-of-if-check-549-550.patch
new file mode 100644
index 0000000000..b331c1bf81
--- /dev/null
+++ b/meta/recipes-support/libssh2/files/0001-kex.c-move-EC-macro-outside-of-if-check-549-550.patch
@@ -0,0 +1,112 @@
+From 1f76151c92e1b52e9c24ebf06adc77fbd6c062bc Mon Sep 17 00:00:00 2001
+From: Will Cosgrove <will@panic.com>
+Date: Tue, 26 Jan 2021 11:41:21 -0800
+Subject: [PATCH] kex.c: move EC macro outside of if check #549 (#550)
+
+File: kex.c
+
+Notes:
+Moved the macro LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY outside of the LIBSSH2_ECDSA since it's also now used by the ED25519 code.
+
+Sha 256, 384 and 512 need to be defined for all backends now even if they aren't used directly. I believe this is already the case, but just a heads up.
+
+Credit:
+Stefan-Ghinea
+
+Upstream-Status: Backport
+
+Reference to upstream patch:
+https://github.com/libssh2/libssh2/commit/1f76151c92e1b52e9c24ebf06adc77fbd6c062bc
+
+Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
+---
+ src/kex.c | 66 +++++++++++++++++++++++++++----------------------------
+ 1 file changed, 33 insertions(+), 33 deletions(-)
+
+diff --git a/src/kex.c b/src/kex.c
+index cb16639..19ab6ec 100644
+--- a/src/kex.c
++++ b/src/kex.c
+@@ -1885,39 +1885,6 @@ kex_method_diffie_hellman_group_exchange_sha256_key_exchange
+ }
+
+
+-#if LIBSSH2_ECDSA
+-
+-/* kex_session_ecdh_curve_type
+- * returns the EC curve type by name used in key exchange
+- */
+-
+-static int
+-kex_session_ecdh_curve_type(const char *name, libssh2_curve_type *out_type)
+-{
+- int ret = 0;
+- libssh2_curve_type type;
+-
+- if(name == NULL)
+- return -1;
+-
+- if(strcmp(name, "ecdh-sha2-nistp256") == 0)
+- type = LIBSSH2_EC_CURVE_NISTP256;
+- else if(strcmp(name, "ecdh-sha2-nistp384") == 0)
+- type = LIBSSH2_EC_CURVE_NISTP384;
+- else if(strcmp(name, "ecdh-sha2-nistp521") == 0)
+- type = LIBSSH2_EC_CURVE_NISTP521;
+- else {
+- ret = -1;
+- }
+-
+- if(ret == 0 && out_type) {
+- *out_type = type;
+- }
+-
+- return ret;
+-}
+-
+-
+ /* LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY
+ *
+ * Macro that create and verifies EC SHA hash with a given digest bytes
+@@ -2027,6 +1994,39 @@ kex_session_ecdh_curve_type(const char *name, libssh2_curve_type *out_type)
+ } \
+
+
++#if LIBSSH2_ECDSA
++
++/* kex_session_ecdh_curve_type
++ * returns the EC curve type by name used in key exchange
++ */
++
++static int
++kex_session_ecdh_curve_type(const char *name, libssh2_curve_type *out_type)
++{
++ int ret = 0;
++ libssh2_curve_type type;
++
++ if(name == NULL)
++ return -1;
++
++ if(strcmp(name, "ecdh-sha2-nistp256") == 0)
++ type = LIBSSH2_EC_CURVE_NISTP256;
++ else if(strcmp(name, "ecdh-sha2-nistp384") == 0)
++ type = LIBSSH2_EC_CURVE_NISTP384;
++ else if(strcmp(name, "ecdh-sha2-nistp521") == 0)
++ type = LIBSSH2_EC_CURVE_NISTP521;
++ else {
++ ret = -1;
++ }
++
++ if(ret == 0 && out_type) {
++ *out_type = type;
++ }
++
++ return ret;
++}
++
++
+ /* ecdh_sha2_nistp
+ * Elliptic Curve Diffie Hellman Key Exchange
+ */
+--
+2.17.1
+
diff --git a/meta/recipes-support/libssh2/libssh2_1.9.0.bb b/meta/recipes-support/libssh2/libssh2_1.9.0.bb
index 0b8ccbd217..a5451628e7 100644
--- a/meta/recipes-support/libssh2/libssh2_1.9.0.bb
+++ b/meta/recipes-support/libssh2/libssh2_1.9.0.bb
@@ -11,6 +11,7 @@ SRC_URI = "http://www.libssh2.org/download/${BP}.tar.gz \
file://CVE-2019-17498.patch \
file://0001-configure-Conditionally-undefine-backend-m4-macro.patch \
file://run-ptest \
+ file://0001-kex.c-move-EC-macro-outside-of-if-check-549-550.patch \
"
SRC_URI_append_ptest = " file://0001-Don-t-let-host-enviroment-to-decide-if-a-test-is-bui.patch"