On Wed, Mar 09, 2016 at 09:06:57AM -0800, Armin Kuster wrote: > From: Armin Kuster <[email protected]> > > missed using "-D" for OPENSSL_NO_SSL2 swig_features.
fido version: http://patchwork.openembedded.org/patch/117291/ needed -D as well, right? I've pushed both to fido-next and jethro-next > > ERROR: Failed to import the "M2Crypto" module: > .../usr/lib/python2.7/site-packages/M2Crypto/__m2crypto.so: undefined symbol: > SSLv2_method > > disable using SSLv2_method if not supported in openssl. This is now the case > with the advent of CVE-2016-0800 > > Signed-off-by: Armin Kuster <[email protected]> > --- > ...y_build_with_SSLv2_when_it_is_not_available.patch | 20 > ++++++++++++++++++++ > .../python/python-m2crypto_0.21.1.bb | 4 +++- > 2 files changed, 23 insertions(+), 1 deletion(-) > create mode 100644 > meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch > > diff --git > a/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch > > b/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch > new file mode 100644 > index 0000000..526c23f > --- /dev/null > +++ > b/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch > @@ -0,0 +1,20 @@ > +Upstream-Status: Backport > +https://gitlab.com/m2crypto/m2crypto/commit/ac01b38302474920288c1a9eb63fd35fa8d1db5b > + > +Signed-off-by: Armin Kuster <[email protected]> > + > +Index: M2Crypto-0.21.1/SWIG/_ssl.i > +=================================================================== > +--- M2Crypto-0.21.1.orig/SWIG/_ssl.i > ++++ M2Crypto-0.21.1/SWIG/_ssl.i > +@@ -48,8 +48,10 @@ extern const char *SSL_alert_desc_string > + %rename(ssl_get_alert_desc_v) SSL_alert_desc_string_long; > + extern const char *SSL_alert_desc_string_long(int); > + > ++#ifndef OPENSSL_NO_SSL2 > + %rename(sslv2_method) SSLv2_method; > + extern SSL_METHOD *SSLv2_method(void); > ++#endif > + %rename(sslv3_method) SSLv3_method; > + extern SSL_METHOD *SSLv3_method(void); > + %rename(sslv23_method) SSLv23_method; > diff --git a/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb > b/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb > index ff6203f..9daea5e 100644 > --- a/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb > +++ b/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb > @@ -8,7 +8,8 @@ LIC_FILES_CHKSUM = > "file://LICENCE;md5=b0e1f0b7d0ce8a62c18b1287b991800e" > > SRC_URI = > "http://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-${PV}.tar.gz \ > > file://0001-setup.py-link-in-sysroot-not-in-host-directories.patch \ > - file://0001-M2Crypto-Error-fix.patch" > + file://0001-M2Crypto-Error-fix.patch \ > + file://dont_try_build_with_SSLv2_when_it_is_not_available.patch" > > SRC_URI[md5sum] = "f93d8462ff7646397a9f77a2fe602d17" > SRC_URI[sha256sum] = > "25b94498505c2d800ee465db0cc1aff097b1615adc3ac042a1c85ceca264fc0a" > @@ -19,6 +20,7 @@ inherit setuptools > > SWIG_FEATURES_x86-64 = "-D__x86_64__" > SWIG_FEATURES ?= "" > +SWIG_FEATURES += "-DOPENSSL_NO_SSL2" > export SWIG_FEATURES > > # Get around a problem with swig, but only if the > -- > 2.3.5 > > -- > _______________________________________________ > Openembedded-devel mailing list > [email protected] > http://lists.openembedded.org/mailman/listinfo/openembedded-devel -- Martin 'JaMa' Jansa jabber: [email protected]
signature.asc
Description: Digital signature
-- _______________________________________________ Openembedded-devel mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-devel
