From 8f99e552b152bc304d5f3c7c54fc83ffd8a0d465 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bernhard=20Rosenkr=C3=A4nzer?=
<bernhard.rosenkraenzer.ext@huawei.com>
Date: Wed, 5 May 2021 22:27:11 +0200
Subject: [PATCH] mbedtls: Replace ancient version from gitee with mbedtls
2.26.0
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Bernhard Rosenkränzer <bernhard.rosenkraenzer.ext@huawei.com>
---
.../recipes-libs/mbedtls/mbedtls_git.bb | 19 ---------
...sl_tls-Increase-size-of-padbuf-to-64.patch | 34 ++++++++++++++++
...9-Wformat-truncation-false-positives.patch | 31 ++++++++++++++
.../mbedtls/mbedtls_2.26.0.bb | 40 +++++++++++++++++++
4 files changed, 105 insertions(+), 19 deletions(-)
delete mode 100644 meta-ohos-foundation/recipes-libs/mbedtls/mbedtls_git.bb
create mode 100644 meta-ohos-staging/recipes-connectivity/mbedtls/mbedtls/0001-ssl_tls-Increase-size-of-padbuf-to-64.patch
create mode 100644 meta-ohos-staging/recipes-connectivity/mbedtls/mbedtls/0002-workaround-gcc9-Wformat-truncation-false-positives.patch
create mode 100644 meta-ohos-staging/recipes-connectivity/mbedtls/mbedtls_2.26.0.bb
diff --git a/meta-ohos-foundation/recipes-libs/mbedtls/mbedtls_git.bb b/meta-ohos-foundation/recipes-libs/mbedtls/mbedtls_git.bb
deleted file mode 100644
index fb066b86..00000000
--- a/meta-ohos-foundation/recipes-libs/mbedtls/mbedtls_git.bb
+++ /dev/null
@@ -1,19 +0,0 @@
-# SPDX-FileCopyrightText: Huawei Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-
-SUMMARY = "Mbed TLS"
-DESCRIPTION = "C library for X.509 certificate manipulation and the SSL/TLS and DTLS"
-LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=302d50a6369f5f22efdb674db908167a"
-
-SRC_URI = "git://gitee.com/openharmony/third_party_mbedtls.git;protocol=https"
-
-PV = "1.0+git${SRCPV}"
-SRCREV = "43547c1c8a8ab35694acefb7c8b26323dd71eafa"
-
-S = "${WORKDIR}/git"
-
-DEPENDS = "zlib"
-
-inherit cmake perlnative python3native
diff --git a/meta-ohos-staging/recipes-connectivity/mbedtls/mbedtls/0001-ssl_tls-Increase-size-of-padbuf-to-64.patch b/meta-ohos-staging/recipes-connectivity/mbedtls/mbedtls/0001-ssl_tls-Increase-size-of-padbuf-to-64.patch
new file mode 100644
index 00000000..f3ba04f5
--- /dev/null
+++ b/meta-ohos-staging/recipes-connectivity/mbedtls/mbedtls/0001-ssl_tls-Increase-size-of-padbuf-to-64.patch
@@ -0,0 +1,34 @@
+From c3d7321d59e959b357a7d3d69782d9105f3d04aa Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Mon, 1 Mar 2021 21:04:57 -0800
+Subject: [PATCH] ssl_tls: Increase size of padbuf to 64
+
+This fixes warnings with gcc11
+
+git/library/ssl_tls.c: In function 'ssl_calc_finished_tls_sha384':
+git/library/ssl_tls.c:3267:5: error: 'mbedtls_sha512_finish_ret' accessing 64 bytes in a region of size 48 [-Werror=stringop-overflow=]
+ 3267 | finish( &sha512, padbuf );
+ | ^~~~~~~~~~~~~~~~~~~~~~~~~
+git/library/ssl_tls.c:3267:5: note: referencing argument 2 of type 'unsigned char *'
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ library/ssl_tls.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/library/ssl_tls.c b/library/ssl_tls.c
+index a1a5859f0..4c98a4104 100644
+--- a/library/ssl_tls.c
++++ b/library/ssl_tls.c
+@@ -3205,7 +3205,7 @@ static void ssl_calc_finished_tls_sha384(
+ {
+ int len = 12;
+ const char *sender;
+- unsigned char padbuf[48];
++ unsigned char padbuf[64];
+ #if defined(MBEDTLS_USE_PSA_CRYPTO)
+ size_t hash_size;
+ psa_hash_operation_t sha384_psa = PSA_HASH_OPERATION_INIT;
+--
+2.30.1
+
diff --git a/meta-ohos-staging/recipes-connectivity/mbedtls/mbedtls/0002-workaround-gcc9-Wformat-truncation-false-positives.patch b/meta-ohos-staging/recipes-connectivity/mbedtls/mbedtls/0002-workaround-gcc9-Wformat-truncation-false-positives.patch
new file mode 100644
index 00000000..69fdd2d4
--- /dev/null
+++ b/meta-ohos-staging/recipes-connectivity/mbedtls/mbedtls/0002-workaround-gcc9-Wformat-truncation-false-positives.patch
@@ -0,0 +1,31 @@
+From c3d7321d59e959b357a7d3d69782d9105f3d04aa Mon Sep 17 00:00:00 2001
+From: Bernhard Rosenkraenzer <bernhard.rosenkraenzer.ext@huawei.com>
+Date: Mon, 17 May 2021 18:19:20 +0100
+Subject: [PATCH] ssl_tls: Increase size of padbuf to 64
+
+This fixes a warning (turned to an error with -Werror)
+with gcc 9 (dunfell's default).
+
+Signed-off-by: Bernhard Rosenkraenzer <bernhard.rosenkraenzer.ext@huawei.com>
+Upstream-Status: Pending
+---
+ CMakeLists.txt | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff -up git/CMakeLists.txt.gcc9~ git/CMakeLists.txt
+--- git/CMakeLists.txt.gcc9~ 2021-05-05 23:14:42.309742058 +0200
++++ git/CMakeLists.txt 2021-05-05 23:16:00.015038640 +0200
+@@ -197,9 +197,12 @@ if(CMAKE_COMPILER_IS_GNU)
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-signedness")
+ endif()
+ endif()
+- if (GCC_VERSION VERSION_GREATER 7.0 OR GCC_VERSION VERSION_EQUAL 7.0)
++ if (GCC_VERSION VERSION_GREATER 7.0 OR GCC_VERSION VERSION_EQUAL 7.0 AND GCC_VERSION VERSION_LESS 9.0)
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-overflow=2 -Wformat-truncation=2")
+ endif()
++ if (GCC_VERSION VERSION_GREATER 9.0 OR GCC_VERSION VERSION_EQUAL 9.0)
++ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-overflow=2 -Wformat-truncation=1")
++ endif()
+ set(CMAKE_C_FLAGS_RELEASE "-O2")
+ set(CMAKE_C_FLAGS_DEBUG "-O0 -g3")
+ set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage")
diff --git a/meta-ohos-staging/recipes-connectivity/mbedtls/mbedtls_2.26.0.bb b/meta-ohos-staging/recipes-connectivity/mbedtls/mbedtls_2.26.0.bb
new file mode 100644
index 00000000..3d03050c
--- /dev/null
+++ b/meta-ohos-staging/recipes-connectivity/mbedtls/mbedtls_2.26.0.bb
@@ -0,0 +1,40 @@
+# SPDX-FileCopyrightText: Huawei Inc.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+SUMMARY = "Lightweight crypto and SSL/TLS library"
+DESCRIPTION = "mbedtls is a lean open source crypto library \
+for providing SSL and TLS support in your programs. It offers \
+an intuitive API and documented header files, so you can actually \
+understand what the code does."
+
+HOMEPAGE = "https://tls.mbed.org/"
+
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
+
+SECTION = "libs"
+
+S = "${WORKDIR}/git"
+SRCREV = "e483a77c85e1f9c1dd2eb1c5a8f552d2617fe400"
+SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https \
+file://0001-ssl_tls-Increase-size-of-padbuf-to-64.patch \
+file://0002-workaround-gcc9-Wformat-truncation-false-positives.patch"
+
+inherit cmake
+
+PACKAGECONFIG ??= "shared-libs programs"
+PACKAGECONFIG[shared-libs] = "-DUSE_SHARED_MBEDTLS_LIBRARY=ON,-DUSE_SHARED_MBEDTLS_LIBRARY=OFF"
+PACKAGECONFIG[programs] = "-DENABLE_PROGRAMS=ON,-DENABLE_PROGRAMS=OFF"
+
+EXTRA_OECMAKE = "-DENABLE_ZLIB_SUPPORT:BOOL=ON -DLINK_WITH_PTHREAD:BOOL=ON -DENABLE_TESTING:BOOL=OFF -DLIB_INSTALL_DIR:STRING=${libdir}"
+
+PROVIDES += "polarssl"
+RPROVIDES_${PN} = "polarssl"
+
+PACKAGES =+ "${PN}-programs"
+FILES_${PN}-programs = "${bindir}/"
+
+DEPENDS = "zlib"
+
+BBCLASSEXTEND = "native nativesdk"
--
GitLab