[PATCH] [OE-core] libssh2: fix build failure with option no-ecdsa

Stefan Ghinea Fri, 23 Apr 2021 10:18:52 -0700

libssh2 fails at do_compile if
DEPRECATED_CRYPTO_FLAGS = "no-ecdsa" is set in recipe:


../src/.libs/libssh2.so: undefined reference to
`LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY'

References:
https://github.com/libssh2/libssh2/issues/549

Upstream patches:
https://github.com/libssh2/libssh2/commit/1f76151c92e1b52e9c24ebf06adc77fbd6c062bc

Signed-off-by: Stefan Ghinea <stefan.ghi...@windriver.com>
---
 ...EC-macro-outside-of-if-check-549-550.patch | 112 ++++++++++++++++++
 meta/recipes-support/libssh2/libssh2_1.9.0.bb |   1 +
 2 files changed, 113 insertions(+)
 create mode 100644 
meta/recipes-support/libssh2/files/0001-kex.c-move-EC-macro-outside-of-if-check-549-550.patch

diff --git 
a/meta/recipes-support/libssh2/files/0001-kex.c-move-EC-macro-outside-of-if-check-549-550.patch
 
b/meta/recipes-support/libssh2/files/0001-kex.c-move-EC-macro-outside-of-if-check-549-550.patch
new file mode 100644
index 0000000000..b331c1bf81
--- /dev/null
+++ 
b/meta/recipes-support/libssh2/files/0001-kex.c-move-EC-macro-outside-of-if-check-549-550.patch
@@ -0,0 +1,112 @@
+From 1f76151c92e1b52e9c24ebf06adc77fbd6c062bc Mon Sep 17 00:00:00 2001
+From: Will Cosgrove <w...@panic.com>
+Date: Tue, 26 Jan 2021 11:41:21 -0800
+Subject: [PATCH] kex.c: move EC macro outside of if check #549 (#550)
+
+File: kex.c
+
+Notes:
+Moved the macro LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY outside of the 
LIBSSH2_ECDSA since it's also now used by the ED25519 code.
+
+Sha 256, 384 and 512 need to be defined for all backends now even if they 
aren't used directly. I believe this is already the case, but just a heads up.
+
+Credit:
+Stefan-Ghinea
+
+Upstream-Status: Backport
+
+Reference to upstream patch:
+https://github.com/libssh2/libssh2/commit/1f76151c92e1b52e9c24ebf06adc77fbd6c062bc
+
+Signed-off-by: Stefan Ghinea <stefan.ghi...@windriver.com>
+---
+ src/kex.c | 66 +++++++++++++++++++++++++++----------------------------
+ 1 file changed, 33 insertions(+), 33 deletions(-)
+
+diff --git a/src/kex.c b/src/kex.c
+index cb16639..19ab6ec 100644
+--- a/src/kex.c
++++ b/src/kex.c
+@@ -1885,39 +1885,6 @@ 
kex_method_diffie_hellman_group_exchange_sha256_key_exchange
+ }
+ 
+ 
+-#if LIBSSH2_ECDSA
+-
+-/* kex_session_ecdh_curve_type
+- * returns the EC curve type by name used in key exchange
+- */
+-
+-static int
+-kex_session_ecdh_curve_type(const char *name, libssh2_curve_type *out_type)
+-{
+-    int ret = 0;
+-    libssh2_curve_type type;
+-
+-    if(name == NULL)
+-        return -1;
+-
+-    if(strcmp(name, "ecdh-sha2-nistp256") == 0)
+-        type = LIBSSH2_EC_CURVE_NISTP256;
+-    else if(strcmp(name, "ecdh-sha2-nistp384") == 0)
+-        type = LIBSSH2_EC_CURVE_NISTP384;
+-    else if(strcmp(name, "ecdh-sha2-nistp521") == 0)
+-        type = LIBSSH2_EC_CURVE_NISTP521;
+-    else {
+-        ret = -1;
+-    }
+-
+-    if(ret == 0 && out_type) {
+-        *out_type = type;
+-    }
+-
+-    return ret;
+-}
+-
+-
+ /* LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY
+  *
+  * Macro that create and verifies EC SHA hash with a given digest bytes
+@@ -2027,6 +1994,39 @@ kex_session_ecdh_curve_type(const char *name, 
libssh2_curve_type *out_type)
+ }                                                                       \
+ 
+ 
++#if LIBSSH2_ECDSA
++
++/* kex_session_ecdh_curve_type
++ * returns the EC curve type by name used in key exchange
++ */
++
++static int
++kex_session_ecdh_curve_type(const char *name, libssh2_curve_type *out_type)
++{
++    int ret = 0;
++    libssh2_curve_type type;
++
++    if(name == NULL)
++        return -1;
++
++    if(strcmp(name, "ecdh-sha2-nistp256") == 0)
++        type = LIBSSH2_EC_CURVE_NISTP256;
++    else if(strcmp(name, "ecdh-sha2-nistp384") == 0)
++        type = LIBSSH2_EC_CURVE_NISTP384;
++    else if(strcmp(name, "ecdh-sha2-nistp521") == 0)
++        type = LIBSSH2_EC_CURVE_NISTP521;
++    else {
++        ret = -1;
++    }
++
++    if(ret == 0 && out_type) {
++        *out_type = type;
++    }
++
++    return ret;
++}
++
++
+ /* ecdh_sha2_nistp
+  * Elliptic Curve Diffie Hellman Key Exchange
+  */
+-- 
+2.17.1
+
diff --git a/meta/recipes-support/libssh2/libssh2_1.9.0.bb 
b/meta/recipes-support/libssh2/libssh2_1.9.0.bb
index 0b8ccbd217..a5451628e7 100644
--- a/meta/recipes-support/libssh2/libssh2_1.9.0.bb
+++ b/meta/recipes-support/libssh2/libssh2_1.9.0.bb
@@ -11,6 +11,7 @@ SRC_URI = "http://www.libssh2.org/download/${BP}.tar.gz \
            file://CVE-2019-17498.patch \
            file://0001-configure-Conditionally-undefine-backend-m4-macro.patch 
\
            file://run-ptest \
+           file://0001-kex.c-move-EC-macro-outside-of-if-check-549-550.patch \
 "
 
 SRC_URI_append_ptest = " 
file://0001-Don-t-let-host-enviroment-to-decide-if-a-test-is-bui.patch"
-- 
2.17.1

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#150861): 
https://lists.openembedded.org/g/openembedded-core/message/150861
Mute This Topic: https://lists.openembedded.org/mt/82316861/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[PATCH] [OE-core] libssh2: fix build failure with option no-ecdsa

Reply via email to