aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0004-THRIFT-3207-enable-build-with-OpenSSL-1.1.0-series.patch28
-rw-r--r--meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0005-THRIFT-3878-Compile-error-in-TSSLSocket.cpp-with-new.patch26
-rw-r--r--meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0006-THRIFT-3736-C++-library-build-fails-if-OpenSSL-does-.patch45
-rw-r--r--meta-oe/recipes-connectivity/thrift/thrift_0.9.3.bb3
4 files changed, 102 insertions, 0 deletions
diff --git a/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0004-THRIFT-3207-enable-build-with-OpenSSL-1.1.0-series.patch b/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0004-THRIFT-3207-enable-build-with-OpenSSL-1.1.0-series.patch
new file mode 100644
index 0000000000..44764359ce
--- /dev/null
+++ b/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0004-THRIFT-3207-enable-build-with-OpenSSL-1.1.0-series.patch
@@ -0,0 +1,28 @@
+diff --git a/lib/cpp/src/thrift/transport/TSSLSocket.cpp b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
+index 68e475d..19132ff 100644
+--- a/lib/cpp/src/thrift/transport/TSSLSocket.cpp
++++ b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
+@@ -39,6 +39,7 @@
+ #include <thrift/transport/PlatformSocket.h>
+
+ #define OPENSSL_VERSION_NO_THREAD_ID 0x10000000L
++#define OPENSSL_VERSION_WITH_TLSv1_1_AND_TLSv1_2 0x10100000L
+
+ using namespace std;
+ using namespace apache::thrift::concurrency;
+@@ -148,10 +149,15 @@ SSLContext::SSLContext(const SSLProtocol& protocol) {
+ ctx_ = SSL_CTX_new(SSLv3_method());
+ } else if (protocol == TLSv1_0) {
+ ctx_ = SSL_CTX_new(TLSv1_method());
++#if (OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_WITH_TLSv1_1_AND_TLSv1_2)
+ } else if (protocol == TLSv1_1) {
+ ctx_ = SSL_CTX_new(TLSv1_1_method());
+ } else if (protocol == TLSv1_2) {
+ ctx_ = SSL_CTX_new(TLSv1_2_method());
++#else
++ //Support for this versions will end on 2016-12-31
++ //https://www.openssl.org/about/releasestrat.html
++#endif
+ } else {
+ /// UNKNOWN PROTOCOL!
+ throw TSSLException("SSL_CTX_new: Unknown protocol");
diff --git a/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0005-THRIFT-3878-Compile-error-in-TSSLSocket.cpp-with-new.patch b/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0005-THRIFT-3878-Compile-error-in-TSSLSocket.cpp-with-new.patch
new file mode 100644
index 0000000000..8d71056675
--- /dev/null
+++ b/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0005-THRIFT-3878-Compile-error-in-TSSLSocket.cpp-with-new.patch
@@ -0,0 +1,26 @@
+From cc4f32db13ddc62fbd1e316127c5a60f4080a2d3 Mon Sep 17 00:00:00 2001
+From: "James E. King, III" <jim.king@simplivity.com>
+Date: Thu, 29 Sep 2016 15:04:09 -0400
+Subject: [PATCH] THRIFT-3878: fix interop with newer OpenSSL libraries
+
+---
+ lib/cpp/src/thrift/transport/TSSLSocket.cpp | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/lib/cpp/src/thrift/transport/TSSLSocket.cpp b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
+index 517151f714..1efb9f7a47 100644
+--- a/lib/cpp/src/thrift/transport/TSSLSocket.cpp
++++ b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
+@@ -108,7 +108,12 @@ void initializeOpenSSL() {
+ SSL_library_init();
+ SSL_load_error_strings();
+ // static locking
++ // newer versions of OpenSSL changed CRYPTO_num_locks - see THRIFT-3878
++#ifdef CRYPTO_num_locks
++ mutexes = boost::shared_array<Mutex>(new Mutex[CRYPTO_num_locks()]);
++#else
+ mutexes = boost::shared_array<Mutex>(new Mutex[ ::CRYPTO_num_locks()]);
++#endif
+ if (mutexes == NULL) {
+ throw TTransportException(TTransportException::INTERNAL_ERROR,
+ "initializeOpenSSL() failed, "
diff --git a/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0006-THRIFT-3736-C++-library-build-fails-if-OpenSSL-does-.patch b/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0006-THRIFT-3736-C++-library-build-fails-if-OpenSSL-does-.patch
new file mode 100644
index 0000000000..9c18171f1e
--- /dev/null
+++ b/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0006-THRIFT-3736-C++-library-build-fails-if-OpenSSL-does-.patch
@@ -0,0 +1,45 @@
+From 53dc6e255bec2e4cd8bae85d14bec1cf28310d3f Mon Sep 17 00:00:00 2001
+From: Nobuaki Sukegawa <nsuke@apache.org>
+Date: Sun, 13 Mar 2016 08:55:38 +0900
+Subject: [PATCH] THRIFT-3736 C++ library build fails if OpenSSL does not
+ surrpot SSLv3
+
+---
+ lib/cpp/src/thrift/transport/TSSLSocket.cpp | 2 ++
+ lib/cpp/test/SecurityTest.cpp | 8 ++++++++
+ 2 files changed, 10 insertions(+)
+
+diff --git a/lib/cpp/src/thrift/transport/TSSLSocket.cpp b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
+index bd13160260..517151f714 100644
+--- a/lib/cpp/src/thrift/transport/TSSLSocket.cpp
++++ b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
+@@ -151,8 +151,10 @@ static char uppercase(char c);
+ SSLContext::SSLContext(const SSLProtocol& protocol) {
+ if (protocol == SSLTLS) {
+ ctx_ = SSL_CTX_new(SSLv23_method());
++#ifndef OPENSSL_NO_SSL3
+ } else if (protocol == SSLv3) {
+ ctx_ = SSL_CTX_new(SSLv3_method());
++#endif
+ } else if (protocol == TLSv1_0) {
+ ctx_ = SSL_CTX_new(TLSv1_method());
+ } else if (protocol == TLSv1_1) {
+diff --git a/lib/cpp/test/SecurityTest.cpp b/lib/cpp/test/SecurityTest.cpp
+index 9968e2c478..23650d6280 100644
+--- a/lib/cpp/test/SecurityTest.cpp
++++ b/lib/cpp/test/SecurityTest.cpp
+@@ -240,6 +240,14 @@ BOOST_AUTO_TEST_CASE(ssl_security_matrix)
+ continue;
+ }
+
++#ifdef OPENSSL_NO_SSL3
++ if (si == 2 || ci == 2)
++ {
++ // Skip all SSLv3 cases - protocol not supported
++ continue;
++ }
++#endif
++
+ boost::mutex::scoped_lock lock(mMutex);
+
+ BOOST_TEST_MESSAGE(boost::format("TEST: Server = %1%, Client = %2%")
diff --git a/meta-oe/recipes-connectivity/thrift/thrift_0.9.3.bb b/meta-oe/recipes-connectivity/thrift/thrift_0.9.3.bb
index aa93283712..7ab74026bb 100644
--- a/meta-oe/recipes-connectivity/thrift/thrift_0.9.3.bb
+++ b/meta-oe/recipes-connectivity/thrift/thrift_0.9.3.bb
@@ -12,6 +12,9 @@ SRC_URI = "http://mirror.switch.ch/mirror/apache/dist/thrift/${PV}/${BPN}-${PV}.
file://0001-Forcibly-disable-check-for-Qt5.patch \
file://0001-THRIFT-3828-In-cmake-avoid-use-of-both-quoted-paths-.patch \
file://0002-THRIFT-3831-in-test-cpp-explicitly-use-signed-char.patch \
+ file://0004-THRIFT-3207-enable-build-with-OpenSSL-1.1.0-series.patch \
+ file://0005-THRIFT-3878-Compile-error-in-TSSLSocket.cpp-with-new.patch \
+ file://0006-THRIFT-3736-C++-library-build-fails-if-OpenSSL-does-.patch \
"
SRC_URI[md5sum] = "88d667a8ae870d5adeca8cb7d6795442"