subject:"\[oe\] \[meta\-python\]\[jethro\]\[PATCH\]\[V2\] python\-m2crypto\: fix SSLv2 symbol issue"

Re: [oe] [meta-python][jethro][PATCH][V2] python-m2crypto: fix SSLv2 symbol issue

2016-03-29 Thread Martin Jansa

On Tue, Mar 29, 2016 at 11:58:55AM +0200, Javier Viguera wrote:
> On 17/03/16 22:54, Martin Jansa wrote:
> >
> > I'm still seeing multiple issues caused by last openssl upgrade, e.g.
> > ruby, pywbem, crda
> >
> > Are they all supposed to be fixed by this?
> 
> Well I just did a basic build tests with the three mentioned above 
> (ruby, pywbem and crda) and these are the results:
> 
> RUBY
> 
> I don't see any difference with or without the patch, it's building fine 
> even without the patch but the patch does not hurt either.
> 
> PYWBEM_0.8.0
> 
> Without the patch fails with:
> 
>File 
> "/ssd/dey/jethro/x11/ccimx6sbc/tmp/sysroots/x86_64-linux/usr/lib/python2.7/site-packages/M2Crypto/_m2crypto.py",
>  
> line 24, in swig_import_helper
>  _mod = imp.load_module('__m2crypto', fp, pathname, description)
>ImportError: 
> /ssd/dey/jethro/x11/ccimx6sbc/tmp/sysroots/x86_64-linux/usr/lib/python2.7/site-packages/M2Crypto/__m2crypto.so:
>  
> undefined symbol: SSLv2_method
> 
> With the patch PYWBEM builds fine.
> 
> CRDA_3.18
> ~
> Without the patch fails with:
> 
> NOTE: make -j 8 MAKEFLAGS= 
> DESTDIR=/ssd/dey/jethro/x11/ccimx6sbc/tmp/work/cortexa9hf-vfp-neon-dey-linux-gnueabi/crda/3.18-r0/image
>  
> LIBDIR=/usr/lib/crda LDLIBREG=-Wl,-rpath,/usr/lib/crda -lreg all_noverify
>GEN  keys-gcrypt.c
>Trusted pubkeys: pubkeys/linville.key.pub.pem 
> pubkeys/sforshee.key.pub.pem
> ERROR: Failed to import the "M2Crypto" module: 
> /ssd/dey/jethro/x11/ccimx6sbc/tmp/sysroots/x86_64-linux/usr/lib/python2.7/site-packages/M2Crypto/__m2crypto.so:
>  
> undefined symbol: SSLv2_method
> 
> With the patch CRDA builds fine.
> 
> So I would say that the patch improves the situation. It fixes the build 
> for some packages and does not seem to break anything.
> 
> 
> I'm also having build failures for CRDA since almost a month now, so I 
> would like to have the 'jethro-next' merged to 'jethro' as well.

Thanks for testing.

ruby fix is pending in:
http://lists.openembedded.org/pipermail/openembedded-core/2016-March/119582.html

I've merged jethro-next in meta-oe repo.

-- 
Martin 'JaMa' Jansa jabber: martin.ja...@gmail.com


signature.asc
Description: Digital signature
-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

Re: [oe] [meta-python][jethro][PATCH][V2] python-m2crypto: fix SSLv2 symbol issue

2016-03-29 Thread Javier Viguera


On 17/03/16 22:54, Martin Jansa wrote:


I'm still seeing multiple issues caused by last openssl upgrade, e.g.
ruby, pywbem, crda

Are they all supposed to be fixed by this?


Well I just did a basic build tests with the three mentioned above 
(ruby, pywbem and crda) and these are the results:


RUBY

I don't see any difference with or without the patch, it's building fine 
even without the patch but the patch does not hurt either.


PYWBEM_0.8.0

Without the patch fails with:

  File 
"/ssd/dey/jethro/x11/ccimx6sbc/tmp/sysroots/x86_64-linux/usr/lib/python2.7/site-packages/M2Crypto/_m2crypto.py", 
line 24, in swig_import_helper

_mod = imp.load_module('__m2crypto', fp, pathname, description)
  ImportError: 
/ssd/dey/jethro/x11/ccimx6sbc/tmp/sysroots/x86_64-linux/usr/lib/python2.7/site-packages/M2Crypto/__m2crypto.so: 
undefined symbol: SSLv2_method


With the patch PYWBEM builds fine.

CRDA_3.18
~
Without the patch fails with:

NOTE: make -j 8 MAKEFLAGS= 
DESTDIR=/ssd/dey/jethro/x11/ccimx6sbc/tmp/work/cortexa9hf-vfp-neon-dey-linux-gnueabi/crda/3.18-r0/image 
LIBDIR=/usr/lib/crda LDLIBREG=-Wl,-rpath,/usr/lib/crda -lreg all_noverify

  GEN  keys-gcrypt.c
  Trusted pubkeys: pubkeys/linville.key.pub.pem 
pubkeys/sforshee.key.pub.pem
ERROR: Failed to import the "M2Crypto" module: 
/ssd/dey/jethro/x11/ccimx6sbc/tmp/sysroots/x86_64-linux/usr/lib/python2.7/site-packages/M2Crypto/__m2crypto.so: 
undefined symbol: SSLv2_method


With the patch CRDA builds fine.

So I would say that the patch improves the situation. It fixes the build 
for some packages and does not seem to break anything.



I'm also having build failures for CRDA since almost a month now, so I 
would like to have the 'jethro-next' merged to 'jethro' as well.



Thanks,

Javier Viguera
--
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

Re: [oe] [meta-python][jethro][PATCH][V2] python-m2crypto: fix SSLv2 symbol issue

2016-03-19 Thread Pushpal Sidhu

On Thu, Mar 17, 2016 at 2:54 PM, Martin Jansa  wrote:
> On Mon, Mar 14, 2016 at 03:21:33PM -0700, Pushpal Sidhu wrote:
>> Hi,
>>
>> On Wed, Mar 9, 2016 at 11:18 AM, akuster808  wrote:
>> >
>> >
>> >
>> > On 03/09/2016 11:11 AM, Martin Jansa wrote:
>> > > On Wed, Mar 09, 2016 at 09:06:57AM -0800, Armin Kuster wrote:
>> > >> From: Armin Kuster 
>> > >>
>> > >> missed using "-D"  for OPENSSL_NO_SSL2 swig_features.
>> > >
>> > > fido version:
>> > > http://patchwork.openembedded.org/patch/117291/
>> > > needed -D as well, right?
>> >
>> > yes.
>> >
>> >
>> > >
>> > > I've pushed both to fido-next and jethro-next
>>
>> When will this be merged into fido/jethro? I've been running into this
>> build breakage for about a week now and if I patch it myself, I'll
>> only run into a conflict again later, causing more build issues.
>
> I'm still seeing multiple issues caused by last openssl upgrade, e.g.
> ruby, pywbem, crda
>
> Are they all supposed to be fixed by this?

Good point, it doesn't seem like they are because these tools haven't
been updated to stop supporting SSLv2. We either need to patch every
broken package or update them (which may or may not fix them). For
example, I bumped the crda package from 3.13 -> 3.18 (fido), but I
still run into this problem.

Another approach we can try is by updating m2crypto as Armin did here:
http://patchwork.openembedded.org/patch/117217/. This would have to be
backported all the way back to fido (unless openssl was updated for
other branches as well). Apparently, this fixes crda, might be a fix
for other packages as well?

- Pushpal

>> > thanks
>> > -armin
>> > >
>> > >>
>> > >> ERROR: Failed to import the "M2Crypto" module: 
>> > >> .../usr/lib/python2.7/site-packages/M2Crypto/__m2crypto.so: undefined 
>> > >> symbol: SSLv2_method
>> > >>
>> > >> disable using SSLv2_method if not supported in openssl. This is now the 
>> > >> case
>> > >> with the advent of CVE-2016-0800
>> > >>
>> > >> Signed-off-by: Armin Kuster 
>> > >> ---
>> > >>  ...y_build_with_SSLv2_when_it_is_not_available.patch | 20 
>> > >> 
>> > >>  .../python/python-m2crypto_0.21.1.bb |  4 +++-
>> > >>  2 files changed, 23 insertions(+), 1 deletion(-)
>> > >>  create mode 100644 
>> > >> meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
>> > >>
>> > >> diff --git 
>> > >> a/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
>> > >>  
>> > >> b/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
>> > >> new file mode 100644
>> > >> index 000..526c23f
>> > >> --- /dev/null
>> > >> +++ 
>> > >> b/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
>> > >> @@ -0,0 +1,20 @@
>> > >> +Upstream-Status: Backport
>> > >> +https://gitlab.com/m2crypto/m2crypto/commit/ac01b38302474920288c1a9eb63fd35fa8d1db5b
>> > >> +
>> > >> +Signed-off-by: Armin Kuster 
>> > >> +
>> > >> +Index: M2Crypto-0.21.1/SWIG/_ssl.i
>> > >> +===
>> > >> +--- M2Crypto-0.21.1.orig/SWIG/_ssl.i
>> > >>  M2Crypto-0.21.1/SWIG/_ssl.i
>> > >> +@@ -48,8 +48,10 @@ extern const char *SSL_alert_desc_string
>> > >> + %rename(ssl_get_alert_desc_v) SSL_alert_desc_string_long;
>> > >> + extern const char *SSL_alert_desc_string_long(int);
>> > >> +
>> > >> ++#ifndef OPENSSL_NO_SSL2
>> > >> + %rename(sslv2_method) SSLv2_method;
>> > >> + extern SSL_METHOD *SSLv2_method(void);
>> > >> ++#endif
>> > >> + %rename(sslv3_method) SSLv3_method;
>> > >> + extern SSL_METHOD *SSLv3_method(void);
>> > >> + %rename(sslv23_method) SSLv23_method;
>> > >> diff --git 
>> > >> a/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb 
>> > >> b/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
>> > >> index ff6203f..9daea5e 100644
>> > >> --- a/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
>> > >> +++ b/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
>> > >> @@ -8,7 +8,8 @@ LIC_FILES_CHKSUM = 
>> > >> "file://LICENCE;md5=b0e1f0b7d0ce8a62c18b1287b991800e"
>> > >>
>> > >>  SRC_URI = 
>> > >> "http://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-${PV}.tar.gz
>> > >>  \
>> > >> 
>> > >> file://0001-setup.py-link-in-sysroot-not-in-host-directories.patch \
>> > >> -   file://0001-M2Crypto-Error-fix.patch"
>> > >> +   file://0001-M2Crypto-Error-fix.patch \
>> > >> +   
>> > >> file://dont_try_build_with_SSLv2_when_it_is_not_available.patch"
>> > >>
>> > >>  SRC_URI[md5sum] = "f93d8462ff7646397a9f77a2fe602d17"
>> > >>  SRC_URI[sha256sum] = 
>> > >> "25b94498505c2d800ee465db0cc1aff097b1615adc3ac042a1c85ceca264fc0a"
>> > >> @@ -19,6 +20,7 @@ inherit setuptools

Re: [oe] [meta-python][jethro][PATCH][V2] python-m2crypto: fix SSLv2 symbol issue

2016-03-19 Thread Martin Jansa

On Mon, Mar 14, 2016 at 03:21:33PM -0700, Pushpal Sidhu wrote:
> Hi,
> 
> On Wed, Mar 9, 2016 at 11:18 AM, akuster808  wrote:
> >
> >
> >
> > On 03/09/2016 11:11 AM, Martin Jansa wrote:
> > > On Wed, Mar 09, 2016 at 09:06:57AM -0800, Armin Kuster wrote:
> > >> From: Armin Kuster 
> > >>
> > >> missed using "-D"  for OPENSSL_NO_SSL2 swig_features.
> > >
> > > fido version:
> > > http://patchwork.openembedded.org/patch/117291/
> > > needed -D as well, right?
> >
> > yes.
> >
> >
> > >
> > > I've pushed both to fido-next and jethro-next
> 
> When will this be merged into fido/jethro? I've been running into this
> build breakage for about a week now and if I patch it myself, I'll
> only run into a conflict again later, causing more build issues.

I'm still seeing multiple issues caused by last openssl upgrade, e.g.
ruby, pywbem, crda

Are they all supposed to be fixed by this?

> > thanks
> > -armin
> > >
> > >>
> > >> ERROR: Failed to import the "M2Crypto" module: 
> > >> .../usr/lib/python2.7/site-packages/M2Crypto/__m2crypto.so: undefined 
> > >> symbol: SSLv2_method
> > >>
> > >> disable using SSLv2_method if not supported in openssl. This is now the 
> > >> case
> > >> with the advent of CVE-2016-0800
> > >>
> > >> Signed-off-by: Armin Kuster 
> > >> ---
> > >>  ...y_build_with_SSLv2_when_it_is_not_available.patch | 20 
> > >> 
> > >>  .../python/python-m2crypto_0.21.1.bb |  4 +++-
> > >>  2 files changed, 23 insertions(+), 1 deletion(-)
> > >>  create mode 100644 
> > >> meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
> > >>
> > >> diff --git 
> > >> a/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
> > >>  
> > >> b/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
> > >> new file mode 100644
> > >> index 000..526c23f
> > >> --- /dev/null
> > >> +++ 
> > >> b/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
> > >> @@ -0,0 +1,20 @@
> > >> +Upstream-Status: Backport
> > >> +https://gitlab.com/m2crypto/m2crypto/commit/ac01b38302474920288c1a9eb63fd35fa8d1db5b
> > >> +
> > >> +Signed-off-by: Armin Kuster 
> > >> +
> > >> +Index: M2Crypto-0.21.1/SWIG/_ssl.i
> > >> +===
> > >> +--- M2Crypto-0.21.1.orig/SWIG/_ssl.i
> > >>  M2Crypto-0.21.1/SWIG/_ssl.i
> > >> +@@ -48,8 +48,10 @@ extern const char *SSL_alert_desc_string
> > >> + %rename(ssl_get_alert_desc_v) SSL_alert_desc_string_long;
> > >> + extern const char *SSL_alert_desc_string_long(int);
> > >> +
> > >> ++#ifndef OPENSSL_NO_SSL2
> > >> + %rename(sslv2_method) SSLv2_method;
> > >> + extern SSL_METHOD *SSLv2_method(void);
> > >> ++#endif
> > >> + %rename(sslv3_method) SSLv3_method;
> > >> + extern SSL_METHOD *SSLv3_method(void);
> > >> + %rename(sslv23_method) SSLv23_method;
> > >> diff --git 
> > >> a/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb 
> > >> b/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
> > >> index ff6203f..9daea5e 100644
> > >> --- a/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
> > >> +++ b/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
> > >> @@ -8,7 +8,8 @@ LIC_FILES_CHKSUM = 
> > >> "file://LICENCE;md5=b0e1f0b7d0ce8a62c18b1287b991800e"
> > >>
> > >>  SRC_URI = 
> > >> "http://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-${PV}.tar.gz 
> > >> \
> > >> 
> > >> file://0001-setup.py-link-in-sysroot-not-in-host-directories.patch \
> > >> -   file://0001-M2Crypto-Error-fix.patch"
> > >> +   file://0001-M2Crypto-Error-fix.patch \
> > >> +   
> > >> file://dont_try_build_with_SSLv2_when_it_is_not_available.patch"
> > >>
> > >>  SRC_URI[md5sum] = "f93d8462ff7646397a9f77a2fe602d17"
> > >>  SRC_URI[sha256sum] = 
> > >> "25b94498505c2d800ee465db0cc1aff097b1615adc3ac042a1c85ceca264fc0a"
> > >> @@ -19,6 +20,7 @@ inherit setuptools
> > >>
> > >>  SWIG_FEATURES_x86-64 = "-D__x86_64__"
> > >>  SWIG_FEATURES ?= ""
> > >> +SWIG_FEATURES += "-DOPENSSL_NO_SSL2"
> > >>  export SWIG_FEATURES
> > >>
> > >>  # Get around a problem with swig, but only if the
> > >> --
> > >> 2.3.5
> > >>
> > >> --
> > >> ___
> > >> Openembedded-devel mailing list
> > >> Openembedded-devel@lists.openembedded.org
> > >> http://lists.openembedded.org/mailman/listinfo/openembedded-devel
> > >
> > --
> > ___
> > Openembedded-devel mailing list
> > Openembedded-devel@lists.openembedded.org
> > http://lists.openembedded.org/mailman/listinfo/openembedded-devel

-- 
Martin 'JaMa' Jansa jabber: martin.ja...@gmail.com


signature.asc
Description: Digital signature
--

Re: [oe] [meta-python][jethro][PATCH][V2] python-m2crypto: fix SSLv2 symbol issue

2016-03-14 Thread Pushpal Sidhu

Hi,

On Wed, Mar 9, 2016 at 11:18 AM, akuster808  wrote:
>
>
>
> On 03/09/2016 11:11 AM, Martin Jansa wrote:
> > On Wed, Mar 09, 2016 at 09:06:57AM -0800, Armin Kuster wrote:
> >> From: Armin Kuster 
> >>
> >> missed using "-D"  for OPENSSL_NO_SSL2 swig_features.
> >
> > fido version:
> > http://patchwork.openembedded.org/patch/117291/
> > needed -D as well, right?
>
> yes.
>
>
> >
> > I've pushed both to fido-next and jethro-next

When will this be merged into fido/jethro? I've been running into this
build breakage for about a week now and if I patch it myself, I'll
only run into a conflict again later, causing more build issues.

Thanks,
- Pushpal

> thanks
> -armin
> >
> >>
> >> ERROR: Failed to import the "M2Crypto" module: 
> >> .../usr/lib/python2.7/site-packages/M2Crypto/__m2crypto.so: undefined 
> >> symbol: SSLv2_method
> >>
> >> disable using SSLv2_method if not supported in openssl. This is now the 
> >> case
> >> with the advent of CVE-2016-0800
> >>
> >> Signed-off-by: Armin Kuster 
> >> ---
> >>  ...y_build_with_SSLv2_when_it_is_not_available.patch | 20 
> >> 
> >>  .../python/python-m2crypto_0.21.1.bb |  4 +++-
> >>  2 files changed, 23 insertions(+), 1 deletion(-)
> >>  create mode 100644 
> >> meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
> >>
> >> diff --git 
> >> a/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
> >>  
> >> b/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
> >> new file mode 100644
> >> index 000..526c23f
> >> --- /dev/null
> >> +++ 
> >> b/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
> >> @@ -0,0 +1,20 @@
> >> +Upstream-Status: Backport
> >> +https://gitlab.com/m2crypto/m2crypto/commit/ac01b38302474920288c1a9eb63fd35fa8d1db5b
> >> +
> >> +Signed-off-by: Armin Kuster 
> >> +
> >> +Index: M2Crypto-0.21.1/SWIG/_ssl.i
> >> +===
> >> +--- M2Crypto-0.21.1.orig/SWIG/_ssl.i
> >>  M2Crypto-0.21.1/SWIG/_ssl.i
> >> +@@ -48,8 +48,10 @@ extern const char *SSL_alert_desc_string
> >> + %rename(ssl_get_alert_desc_v) SSL_alert_desc_string_long;
> >> + extern const char *SSL_alert_desc_string_long(int);
> >> +
> >> ++#ifndef OPENSSL_NO_SSL2
> >> + %rename(sslv2_method) SSLv2_method;
> >> + extern SSL_METHOD *SSLv2_method(void);
> >> ++#endif
> >> + %rename(sslv3_method) SSLv3_method;
> >> + extern SSL_METHOD *SSLv3_method(void);
> >> + %rename(sslv23_method) SSLv23_method;
> >> diff --git a/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb 
> >> b/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
> >> index ff6203f..9daea5e 100644
> >> --- a/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
> >> +++ b/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
> >> @@ -8,7 +8,8 @@ LIC_FILES_CHKSUM = 
> >> "file://LICENCE;md5=b0e1f0b7d0ce8a62c18b1287b991800e"
> >>
> >>  SRC_URI = 
> >> "http://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-${PV}.tar.gz \
> >> 
> >> file://0001-setup.py-link-in-sysroot-not-in-host-directories.patch \
> >> -   file://0001-M2Crypto-Error-fix.patch"
> >> +   file://0001-M2Crypto-Error-fix.patch \
> >> +   
> >> file://dont_try_build_with_SSLv2_when_it_is_not_available.patch"
> >>
> >>  SRC_URI[md5sum] = "f93d8462ff7646397a9f77a2fe602d17"
> >>  SRC_URI[sha256sum] = 
> >> "25b94498505c2d800ee465db0cc1aff097b1615adc3ac042a1c85ceca264fc0a"
> >> @@ -19,6 +20,7 @@ inherit setuptools
> >>
> >>  SWIG_FEATURES_x86-64 = "-D__x86_64__"
> >>  SWIG_FEATURES ?= ""
> >> +SWIG_FEATURES += "-DOPENSSL_NO_SSL2"
> >>  export SWIG_FEATURES
> >>
> >>  # Get around a problem with swig, but only if the
> >> --
> >> 2.3.5
> >>
> >> --
> >> ___
> >> Openembedded-devel mailing list
> >> Openembedded-devel@lists.openembedded.org
> >> http://lists.openembedded.org/mailman/listinfo/openembedded-devel
> >
> --
> ___
> Openembedded-devel mailing list
> Openembedded-devel@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-devel
-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

Re: [oe] [meta-python][jethro][PATCH][V2] python-m2crypto: fix SSLv2 symbol issue

2016-03-09 Thread akuster808



On 03/09/2016 11:11 AM, Martin Jansa wrote:
> On Wed, Mar 09, 2016 at 09:06:57AM -0800, Armin Kuster wrote:
>> From: Armin Kuster 
>>
>> missed using "-D"  for OPENSSL_NO_SSL2 swig_features.
> 
> fido version:
> http://patchwork.openembedded.org/patch/117291/
> needed -D as well, right?

yes.


> 
> I've pushed both to fido-next and jethro-next

thanks
-armin
> 
>>
>> ERROR: Failed to import the "M2Crypto" module: 
>> .../usr/lib/python2.7/site-packages/M2Crypto/__m2crypto.so: undefined 
>> symbol: SSLv2_method
>>
>> disable using SSLv2_method if not supported in openssl. This is now the case
>> with the advent of CVE-2016-0800
>>
>> Signed-off-by: Armin Kuster 
>> ---
>>  ...y_build_with_SSLv2_when_it_is_not_available.patch | 20 
>> 
>>  .../python/python-m2crypto_0.21.1.bb |  4 +++-
>>  2 files changed, 23 insertions(+), 1 deletion(-)
>>  create mode 100644 
>> meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
>>
>> diff --git 
>> a/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
>>  
>> b/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
>> new file mode 100644
>> index 000..526c23f
>> --- /dev/null
>> +++ 
>> b/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
>> @@ -0,0 +1,20 @@
>> +Upstream-Status: Backport
>> +https://gitlab.com/m2crypto/m2crypto/commit/ac01b38302474920288c1a9eb63fd35fa8d1db5b
>> +
>> +Signed-off-by: Armin Kuster 
>> +
>> +Index: M2Crypto-0.21.1/SWIG/_ssl.i
>> +===
>> +--- M2Crypto-0.21.1.orig/SWIG/_ssl.i
>>  M2Crypto-0.21.1/SWIG/_ssl.i
>> +@@ -48,8 +48,10 @@ extern const char *SSL_alert_desc_string
>> + %rename(ssl_get_alert_desc_v) SSL_alert_desc_string_long;
>> + extern const char *SSL_alert_desc_string_long(int);
>> + 
>> ++#ifndef OPENSSL_NO_SSL2
>> + %rename(sslv2_method) SSLv2_method;
>> + extern SSL_METHOD *SSLv2_method(void);
>> ++#endif
>> + %rename(sslv3_method) SSLv3_method;
>> + extern SSL_METHOD *SSLv3_method(void);
>> + %rename(sslv23_method) SSLv23_method;
>> diff --git a/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb 
>> b/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
>> index ff6203f..9daea5e 100644
>> --- a/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
>> +++ b/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
>> @@ -8,7 +8,8 @@ LIC_FILES_CHKSUM = 
>> "file://LICENCE;md5=b0e1f0b7d0ce8a62c18b1287b991800e"
>>  
>>  SRC_URI = 
>> "http://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-${PV}.tar.gz \
>> 
>> file://0001-setup.py-link-in-sysroot-not-in-host-directories.patch \
>> -   file://0001-M2Crypto-Error-fix.patch"
>> +   file://0001-M2Crypto-Error-fix.patch \
>> +   file://dont_try_build_with_SSLv2_when_it_is_not_available.patch"
>>  
>>  SRC_URI[md5sum] = "f93d8462ff7646397a9f77a2fe602d17"
>>  SRC_URI[sha256sum] = 
>> "25b94498505c2d800ee465db0cc1aff097b1615adc3ac042a1c85ceca264fc0a"
>> @@ -19,6 +20,7 @@ inherit setuptools
>>  
>>  SWIG_FEATURES_x86-64 = "-D__x86_64__"
>>  SWIG_FEATURES ?= ""
>> +SWIG_FEATURES += "-DOPENSSL_NO_SSL2"
>>  export SWIG_FEATURES
>>  
>>  # Get around a problem with swig, but only if the
>> -- 
>> 2.3.5
>>
>> -- 
>> ___
>> Openembedded-devel mailing list
>> Openembedded-devel@lists.openembedded.org
>> http://lists.openembedded.org/mailman/listinfo/openembedded-devel
> 
-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

Re: [oe] [meta-python][jethro][PATCH][V2] python-m2crypto: fix SSLv2 symbol issue

2016-03-09 Thread Martin Jansa

On Wed, Mar 09, 2016 at 09:06:57AM -0800, Armin Kuster wrote:
> From: Armin Kuster 
> 
> missed using "-D"  for OPENSSL_NO_SSL2 swig_features.

fido version:
http://patchwork.openembedded.org/patch/117291/
needed -D as well, right?

I've pushed both to fido-next and jethro-next

> 
> ERROR: Failed to import the "M2Crypto" module: 
> .../usr/lib/python2.7/site-packages/M2Crypto/__m2crypto.so: undefined symbol: 
> SSLv2_method
> 
> disable using SSLv2_method if not supported in openssl. This is now the case
> with the advent of CVE-2016-0800
> 
> Signed-off-by: Armin Kuster 
> ---
>  ...y_build_with_SSLv2_when_it_is_not_available.patch | 20 
> 
>  .../python/python-m2crypto_0.21.1.bb |  4 +++-
>  2 files changed, 23 insertions(+), 1 deletion(-)
>  create mode 100644 
> meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
> 
> diff --git 
> a/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
>  
> b/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
> new file mode 100644
> index 000..526c23f
> --- /dev/null
> +++ 
> b/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
> @@ -0,0 +1,20 @@
> +Upstream-Status: Backport
> +https://gitlab.com/m2crypto/m2crypto/commit/ac01b38302474920288c1a9eb63fd35fa8d1db5b
> +
> +Signed-off-by: Armin Kuster 
> +
> +Index: M2Crypto-0.21.1/SWIG/_ssl.i
> +===
> +--- M2Crypto-0.21.1.orig/SWIG/_ssl.i
>  M2Crypto-0.21.1/SWIG/_ssl.i
> +@@ -48,8 +48,10 @@ extern const char *SSL_alert_desc_string
> + %rename(ssl_get_alert_desc_v) SSL_alert_desc_string_long;
> + extern const char *SSL_alert_desc_string_long(int);
> + 
> ++#ifndef OPENSSL_NO_SSL2
> + %rename(sslv2_method) SSLv2_method;
> + extern SSL_METHOD *SSLv2_method(void);
> ++#endif
> + %rename(sslv3_method) SSLv3_method;
> + extern SSL_METHOD *SSLv3_method(void);
> + %rename(sslv23_method) SSLv23_method;
> diff --git a/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb 
> b/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
> index ff6203f..9daea5e 100644
> --- a/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
> +++ b/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
> @@ -8,7 +8,8 @@ LIC_FILES_CHKSUM = 
> "file://LICENCE;md5=b0e1f0b7d0ce8a62c18b1287b991800e"
>  
>  SRC_URI = 
> "http://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-${PV}.tar.gz \
> 
> file://0001-setup.py-link-in-sysroot-not-in-host-directories.patch \
> -   file://0001-M2Crypto-Error-fix.patch"
> +   file://0001-M2Crypto-Error-fix.patch \
> +   file://dont_try_build_with_SSLv2_when_it_is_not_available.patch"
>  
>  SRC_URI[md5sum] = "f93d8462ff7646397a9f77a2fe602d17"
>  SRC_URI[sha256sum] = 
> "25b94498505c2d800ee465db0cc1aff097b1615adc3ac042a1c85ceca264fc0a"
> @@ -19,6 +20,7 @@ inherit setuptools
>  
>  SWIG_FEATURES_x86-64 = "-D__x86_64__"
>  SWIG_FEATURES ?= ""
> +SWIG_FEATURES += "-DOPENSSL_NO_SSL2"
>  export SWIG_FEATURES
>  
>  # Get around a problem with swig, but only if the
> -- 
> 2.3.5
> 
> -- 
> ___
> Openembedded-devel mailing list
> Openembedded-devel@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-devel

-- 
Martin 'JaMa' Jansa jabber: martin.ja...@gmail.com


signature.asc
Description: Digital signature
-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-python][jethro][PATCH][V2] python-m2crypto: fix SSLv2 symbol issue

2016-03-09 Thread Armin Kuster

From: Armin Kuster 

missed using "-D"  for OPENSSL_NO_SSL2 swig_features.

ERROR: Failed to import the "M2Crypto" module: 
.../usr/lib/python2.7/site-packages/M2Crypto/__m2crypto.so: undefined symbol: 
SSLv2_method

disable using SSLv2_method if not supported in openssl. This is now the case
with the advent of CVE-2016-0800

Signed-off-by: Armin Kuster 
---
 ...y_build_with_SSLv2_when_it_is_not_available.patch | 20 
 .../python/python-m2crypto_0.21.1.bb |  4 +++-
 2 files changed, 23 insertions(+), 1 deletion(-)
 create mode 100644 
meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch

diff --git 
a/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
 
b/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
new file mode 100644
index 000..526c23f
--- /dev/null
+++ 
b/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
@@ -0,0 +1,20 @@
+Upstream-Status: Backport
+https://gitlab.com/m2crypto/m2crypto/commit/ac01b38302474920288c1a9eb63fd35fa8d1db5b
+
+Signed-off-by: Armin Kuster 
+
+Index: M2Crypto-0.21.1/SWIG/_ssl.i
+===
+--- M2Crypto-0.21.1.orig/SWIG/_ssl.i
 M2Crypto-0.21.1/SWIG/_ssl.i
+@@ -48,8 +48,10 @@ extern const char *SSL_alert_desc_string
+ %rename(ssl_get_alert_desc_v) SSL_alert_desc_string_long;
+ extern const char *SSL_alert_desc_string_long(int);
+ 
++#ifndef OPENSSL_NO_SSL2
+ %rename(sslv2_method) SSLv2_method;
+ extern SSL_METHOD *SSLv2_method(void);
++#endif
+ %rename(sslv3_method) SSLv3_method;
+ extern SSL_METHOD *SSLv3_method(void);
+ %rename(sslv23_method) SSLv23_method;
diff --git a/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb 
b/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
index ff6203f..9daea5e 100644
--- a/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
+++ b/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
@@ -8,7 +8,8 @@ LIC_FILES_CHKSUM = 
"file://LICENCE;md5=b0e1f0b7d0ce8a62c18b1287b991800e"
 
 SRC_URI = 
"http://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-${PV}.tar.gz \
file://0001-setup.py-link-in-sysroot-not-in-host-directories.patch \
-   file://0001-M2Crypto-Error-fix.patch"
+   file://0001-M2Crypto-Error-fix.patch \
+   file://dont_try_build_with_SSLv2_when_it_is_not_available.patch"
 
 SRC_URI[md5sum] = "f93d8462ff7646397a9f77a2fe602d17"
 SRC_URI[sha256sum] = 
"25b94498505c2d800ee465db0cc1aff097b1615adc3ac042a1c85ceca264fc0a"
@@ -19,6 +20,7 @@ inherit setuptools
 
 SWIG_FEATURES_x86-64 = "-D__x86_64__"
 SWIG_FEATURES ?= ""
+SWIG_FEATURES += "-DOPENSSL_NO_SSL2"
 export SWIG_FEATURES
 
 # Get around a problem with swig, but only if the
-- 
2.3.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

Re: [oe] [meta-python][jethro][PATCH][V2] python-m2crypto: fix SSLv2 symbol issue

Re: [oe] [meta-python][jethro][PATCH][V2] python-m2crypto: fix SSLv2 symbol issue

Re: [oe] [meta-python][jethro][PATCH][V2] python-m2crypto: fix SSLv2 symbol issue

Re: [oe] [meta-python][jethro][PATCH][V2] python-m2crypto: fix SSLv2 symbol issue

Re: [oe] [meta-python][jethro][PATCH][V2] python-m2crypto: fix SSLv2 symbol issue

Re: [oe] [meta-python][jethro][PATCH][V2] python-m2crypto: fix SSLv2 symbol issue

Re: [oe] [meta-python][jethro][PATCH][V2] python-m2crypto: fix SSLv2 symbol issue

[oe] [meta-python][jethro][PATCH][V2] python-m2crypto: fix SSLv2 symbol issue

8 matches

Site Navigation

Mail list logo

Footer information