MIRRORS/meta-intel
1
0
Fork 0
mirror of git://git.yoctoproject.org/meta-intel.git synced 2025-07-19 21:09:03 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

sbsigntool: Fix build with Openssl 3.0

Browse Source 
The patch fixes the build when OpenSSL 3.0 is used. We also disable
errors on deprecations as the code uses a good amount of them that look
to be harmless.

Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
This commit is contained in:
Andrei Gherzan 2021-12-09 15:14:39 +01:00 committed by Anuj Mittal
parent 48440091d4
commit aa8482af7b
2 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
recipes-support/sbsigntool/sbsigntool-native_git.bb
View File

@ -22,6 +22,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.GPLv3;md5=9eef91148a9b14ec7f9df333daebc746 \
SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/jejb/sbsigntools.git;protocol=https;name=sbsigntools;branch=master \ SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/jejb/sbsigntools.git;protocol=https;name=sbsigntools;branch=master \
git://github.com/rustyrussell/ccan.git;protocol=https;destsuffix=git/lib/ccan.git;name=ccan;branch=master \ git://github.com/rustyrussell/ccan.git;protocol=https;destsuffix=git/lib/ccan.git;name=ccan;branch=master \
file://0001-configure-Fixup-build-dependencies-for-cross-compili.patch \ file://0001-configure-Fixup-build-dependencies-for-cross-compili.patch \
file://0002-fix-openssl-3-0.patch \
" "
SRCREV_sbsigntools ?= "f12484869c9590682ac3253d583bf59b890bb826" SRCREV_sbsigntools ?= "f12484869c9590682ac3253d583bf59b890bb826"
@ -79,3 +80,5 @@ EXTRA_OEMAKE = "\
-I${STAGING_INCDIR_NATIVE} \ -I${STAGING_INCDIR_NATIVE} \
-I${STAGING_INCDIR_NATIVE}/efi/${@efi_arch(d)}' \ -I${STAGING_INCDIR_NATIVE}/efi/${@efi_arch(d)}' \
" "
CFLAGS:append = " -Wno-error"

32
recipes-support/sbsigntool/sbsigntool/0002-fix-openssl-3-0.patch Normal file
View File

@ -0,0 +1,32 @@
Use ASN1_ITEM_rptr() instead of taking the address of IDC_PEID_it.
openssl-3.0 changed the type of TYPE_it from `const ASN1_ITEM TYPE_it` to
`const ASN1_ITEM *TYPE_it(void)`. This was previously hidden behind
OPENSSL_EXPORT_VAR_AS_FUNCTION but in 3.0 only the function version is
available. This change should have been transparent to the application, but
only if the `ASN1_ITEM_rptr()` macro is used.
This change passes `make check` with both openssl 1.1 and 3.0.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Upstream-status: Submited [https://groups.io/g/sbsigntools/topic/patch_fix_openssl_3_0_issue/85903418]
---
src/idc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/idc.c b/src/idc.c
index 6d87bd4..0a82218 100644
--- a/src/idc.c
+++ b/src/idc.c
@@ -189,7 +189,7 @@ int IDC_set(PKCS7 *p7, PKCS7_SIGNER_INFO *si, struct image *image)
idc->data->type = OBJ_nid2obj(peid_nid);
idc->data->value = ASN1_TYPE_new();
- type_set_sequence(image, idc->data->value, peid, &IDC_PEID_it);
+ type_set_sequence(image, idc->data->value, peid, ASN1_ITEM_rptr(IDC_PEID));
idc->digest->alg->parameter = ASN1_TYPE_new();
idc->digest->alg->algorithm = OBJ_nid2obj(NID_sha256);
--
2.25.1