[oe] [meta-python][jethro][fido][PATCH] python-m2crypto: fix SSLv2 symbol issue
akuster808
akuster808 at gmail.com
Tue Mar 8 17:14:27 UTC 2016
On 03/07/2016 06:58 PM, Yi Zhao wrote:
> Hi,
>
> I got a build error when applied this patch on jethro branch:
thanks. looking into it now.
- armin
>
> building 'M2Crypto.__m2crypto' extension
> swigging SWIG/_m2crypto.i to SWIG/_m2crypto_wrap.c
> swig -python
> -I/buildarea/poky/build-m2/tmp/sysroots/qemux86/usr/include/python2.7
> -I/buildarea/poky/build-m2/tmp/sysroots/qemux86/usr/include -includeall
> -modern -builtin -outdir build/lib.linux-x86_64-2.7/M2Crypto -o
> SWIG/_m2crypto_wrap.c SWIG/_m2crypto.i
> swig error : Unrecognized option OPENSSL_NO_SSL2
> Use 'swig -help' for available options.
> error: command 'swig' failed with exit status 1
> ERROR: python setup.py build execution failed.
> ERROR: Function failed: do_compile (log file is located at
> /buildarea/poky/build-m2/tmp/work/i586-poky-linux/python-m2crypto/0.21.1-r0/temp/log.do_compile.9461)
>
>
>
>
> Thanks,
> Yi
>
>
> 在 2016年03月06日 00:54, Armin Kuster 写道:
>> From: Armin Kuster <akuster at mvista.com>
>>
>> ERROR: Failed to import the "M2Crypto" module:
>> .../usr/lib/python2.7/site-packages/M2Crypto/__m2crypto.so: undefined
>> symbol: SSLv2_method
>>
>> disable using SSLv2_method if not supported in openssl. This is now
>> the case
>> with the advent of CVE-2016-0800
>>
>> Signed-off-by: Armin Kuster <akuster at mvista.com>
>> ---
>> ...y_build_with_SSLv2_when_it_is_not_available.patch | 20
>> ++++++++++++++++++++
>> .../python/python-m2crypto_0.21.1.bb | 4 +++-
>> 2 files changed, 23 insertions(+), 1 deletion(-)
>> create mode 100644
>> meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
>>
>>
>> diff --git
>> a/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
>> b/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
>>
>> new file mode 100644
>> index 0000000..526c23f
>> --- /dev/null
>> +++
>> b/meta-python/recipes-devtools/python/python-m2crypto/dont_try_build_with_SSLv2_when_it_is_not_available.patch
>>
>> @@ -0,0 +1,20 @@
>> +Upstream-Status: Backport
>> +https://gitlab.com/m2crypto/m2crypto/commit/ac01b38302474920288c1a9eb63fd35fa8d1db5b
>>
>> +
>> +Signed-off-by: Armin Kuster <akuster at mvista.com>
>> +
>> +Index: M2Crypto-0.21.1/SWIG/_ssl.i
>> +===================================================================
>> +--- M2Crypto-0.21.1.orig/SWIG/_ssl.i
>> ++++ M2Crypto-0.21.1/SWIG/_ssl.i
>> +@@ -48,8 +48,10 @@ extern const char *SSL_alert_desc_string
>> + %rename(ssl_get_alert_desc_v) SSL_alert_desc_string_long;
>> + extern const char *SSL_alert_desc_string_long(int);
>> +
>> ++#ifndef OPENSSL_NO_SSL2
>> + %rename(sslv2_method) SSLv2_method;
>> + extern SSL_METHOD *SSLv2_method(void);
>> ++#endif
>> + %rename(sslv3_method) SSLv3_method;
>> + extern SSL_METHOD *SSLv3_method(void);
>> + %rename(sslv23_method) SSLv23_method;
>> diff --git
>> a/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
>> b/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
>> index ff6203f..7dfa8d8 100644
>> --- a/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
>> +++ b/meta-python/recipes-devtools/python/python-m2crypto_0.21.1.bb
>> @@ -8,7 +8,8 @@ LIC_FILES_CHKSUM =
>> "file://LICENCE;md5=b0e1f0b7d0ce8a62c18b1287b991800e"
>> SRC_URI =
>> "http://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-${PV}.tar.gz
>> \
>>
>> file://0001-setup.py-link-in-sysroot-not-in-host-directories.patch \
>> - file://0001-M2Crypto-Error-fix.patch"
>> + file://0001-M2Crypto-Error-fix.patch \
>> +
>> file://dont_try_build_with_SSLv2_when_it_is_not_available.patch"
>> SRC_URI[md5sum] = "f93d8462ff7646397a9f77a2fe602d17"
>> SRC_URI[sha256sum] =
>> "25b94498505c2d800ee465db0cc1aff097b1615adc3ac042a1c85ceca264fc0a"
>> @@ -19,6 +20,7 @@ inherit setuptools
>> SWIG_FEATURES_x86-64 = "-D__x86_64__"
>> SWIG_FEATURES ?= ""
>> +SWIG_FEATURES += "OPENSSL_NO_SSL2"
>> export SWIG_FEATURES
>> # Get around a problem with swig, but only if the
>
More information about the Openembedded-devel
mailing list