[yocto] [meta-security][PATCH 19/25] pcr-extend: fix building with openssl 1.1

Armin Kuster akuster808 at gmail.com
Sun Sep 16 08:57:13 PDT 2018


Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
 .../files/fix_openssl11_build.patch           | 45 +++++++++++++++++++
 .../recipes-tpm/pcr-extend/pcr-extend_git.bb  |  3 +-
 2 files changed, 47 insertions(+), 1 deletion(-)
 create mode 100644 meta-tpm/recipes-tpm/pcr-extend/files/fix_openssl11_build.patch

diff --git a/meta-tpm/recipes-tpm/pcr-extend/files/fix_openssl11_build.patch b/meta-tpm/recipes-tpm/pcr-extend/files/fix_openssl11_build.patch
new file mode 100644
index 0000000..cf2d437
--- /dev/null
+++ b/meta-tpm/recipes-tpm/pcr-extend/files/fix_openssl11_build.patch
@@ -0,0 +1,45 @@
+Enable building with openssl 1.1
+
+Upstream-Status: Pending
+Signed-off-by: Armin Kuster <akuster808 at gmail.com>
+
+Index: git/src/pcr-extend.c
+===================================================================
+--- git.orig/src/pcr-extend.c
++++ git/src/pcr-extend.c
+@@ -118,7 +118,7 @@ dump_buf (FILE *file, char *buf, size_t
+ static unsigned char*
+ sha1_file (FILE *file, unsigned int *hash_len)
+ {
+-    EVP_MD_CTX ctx = { 0 };
++    EVP_MD_CTX *ctx = EVP_MD_CTX_new();
+     unsigned char *buf = NULL, *hash = NULL;
+     size_t num_read = 0;
+ 
+@@ -127,7 +127,7 @@ sha1_file (FILE *file, unsigned int *has
+         perror ("malloc:\n");
+         goto sha1_fail;
+     }
+-    if (EVP_DigestInit (&ctx, EVP_sha1 ()) == 0) {
++    if (EVP_DigestInit (ctx, EVP_sha1 ()) == 0) {
+         ERR_print_errors_fp (stderr);
+         goto sha1_fail;
+     }
+@@ -135,7 +135,7 @@ sha1_file (FILE *file, unsigned int *has
+         num_read = fread (buf, 1, BUF_SIZE, file);
+         if (num_read <= 0)
+             break;
+-        if (EVP_DigestUpdate (&ctx, buf, num_read) == 0) {
++        if (EVP_DigestUpdate (ctx, buf, num_read) == 0) {
+             ERR_print_errors_fp (stderr);
+             goto sha1_fail;
+         }
+@@ -149,7 +149,7 @@ sha1_file (FILE *file, unsigned int *has
+         perror ("calloc of hash buffer:\n");
+         goto sha1_fail;
+     }
+-    if (EVP_DigestFinal (&ctx, hash, hash_len) == 0) {
++    if (EVP_DigestFinal (ctx, hash, hash_len) == 0) {
+         ERR_print_errors_fp (stderr);
+         goto sha1_fail;
+     }
diff --git a/meta-tpm/recipes-tpm/pcr-extend/pcr-extend_git.bb b/meta-tpm/recipes-tpm/pcr-extend/pcr-extend_git.bb
index 0cc4f63..f8347b7 100644
--- a/meta-tpm/recipes-tpm/pcr-extend/pcr-extend_git.bb
+++ b/meta-tpm/recipes-tpm/pcr-extend/pcr-extend_git.bb
@@ -9,7 +9,8 @@ DEPENDS = "libtspi"
 PV = "0.1+git${SRCPV}"
 SRCREV = "c02ad8f628b3d99f6d4c087b402fe31a40ee6316"
 
-SRC_URI = "git://github.com/flihp/pcr-extend.git "
+SRC_URI = "git://github.com/flihp/pcr-extend.git \
+           file://fix_openssl11_build.patch "
 
 inherit autotools
 
-- 
2.17.1



More information about the yocto mailing list