diff options
Diffstat (limited to 'import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/replace_deprecated_GnuTLS_functions.patch')
-rw-r--r-- | import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/replace_deprecated_GnuTLS_functions.patch | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/replace_deprecated_GnuTLS_functions.patch b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/replace_deprecated_GnuTLS_functions.patch new file mode 100644 index 000000000..be05eee82 --- /dev/null +++ b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/replace_deprecated_GnuTLS_functions.patch @@ -0,0 +1,73 @@ +replace deprecated GnuTLS functions with newer ones if available + +closes https://github.com/rsyslog/rsyslog/issues/302 + +Upstream fix https://github.com/rsyslog/rsyslog/commit/b34c35e38f258935c0e92ca754da097d7f3f0f58 + +Upstream-Status: Backport +Signed-off-by: Tudor Florea <tudor.florea@enea.com> + +--- + configure.ac | 2 ++ + runtime/nsd_gtls.c | 21 ++++++++++++++++++--- + 2 files changed, 20 insertions(+), 3 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 643fc94..56835fb 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -763,6 +763,8 @@ AC_ARG_ENABLE(gnutls, + if test "x$enable_gnutls" = "xyes"; then + PKG_CHECK_MODULES(GNUTLS, gnutls >= 1.4.0) + AC_DEFINE([ENABLE_GNUTLS], [1], [Indicator that GnuTLS is present]) ++ AC_CHECK_LIB(gnutls, gnutls_global_init) ++ AC_CHECK_FUNCS(gnutls_certificate_set_retrieve_function,,) + fi + AM_CONDITIONAL(ENABLE_GNUTLS, test x$enable_gnutls = xyes) + +diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c +index a763e4b..e127834 100644 +--- a/runtime/nsd_gtls.c ++++ b/runtime/nsd_gtls.c +@@ -232,15 +232,26 @@ gtlsLoadOurCertKey(nsd_gtls_t *pThis) + */ + static int + gtlsClientCertCallback(gnutls_session session, +- __attribute__((unused)) const gnutls_datum* req_ca_rdn, int __attribute__((unused)) nreqs, +- __attribute__((unused)) const gnutls_pk_algorithm* sign_algos, int __attribute__((unused)) sign_algos_length, +- gnutls_retr_st *st) ++ __attribute__((unused)) const gnutls_datum* req_ca_rdn, ++ int __attribute__((unused)) nreqs, ++ __attribute__((unused)) const gnutls_pk_algorithm* sign_algos, ++ int __attribute__((unused)) sign_algos_length, ++#if HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION ++ gnutls_retr2_st* st ++#else ++ gnutls_retr_st *st ++#endif ++ ) + { + nsd_gtls_t *pThis; + + pThis = (nsd_gtls_t*) gnutls_session_get_ptr(session); + ++#if HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION ++ st->cert_type = GNUTLS_CRT_X509; ++#else + st->type = GNUTLS_CRT_X509; ++#endif + st->ncerts = 1; + st->cert.x509 = &pThis->ourCert; + st->key.x509 = pThis->ourKey; +@@ -1625,7 +1625,11 @@ Connect(nsd_t *pNsd, int family, uchar *port, uchar *host) + gnutls_session_set_ptr(pThis->sess, (void*)pThis); + iRet = gtlsLoadOurCertKey(pThis); /* first load .pem files */ + if(iRet == RS_RET_OK) { ++# if HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION ++ gnutls_certificate_set_retrieve_function(xcred, gtlsClientCertCallback); ++# else + gnutls_certificate_client_set_retrieve_function(xcred, gtlsClientCertCallback); ++# endif + } else if(iRet != RS_RET_CERTLESS) { + FINALIZE; /* we have an error case! */ + } |