From 4e5ea3163094e4c8cf185959b983ce95c97944e4 Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Sun, 17 Mar 2024 14:14:46 +0100 Subject: [PATCH] package/spice: fix libressl build Fix the following build failure raised since bump of libressl to version 3.5.2 in commit 8b216927db080b38fdbf1f8b025b6f90a89d4bc2: red-stream.cpp: In function 'RedStreamSslStatus red_stream_ssl_accept(RedStream*)': red-stream.cpp:526:22: error: invalid use of incomplete type 'SSL' {aka 'struct ssl_st'} 526 | stream->priv->ssl->s3->flags |= SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS; | ^~ In file included from /home/buildroot/autobuild/instance-1/output-1/host/i686-buildroot-linux-gnu/sysroot/usr/include/openssl/err.h:120, from red-stream.cpp:33: /home/buildroot/autobuild/instance-1/output-1/host/i686-buildroot-linux-gnu/sysroot/usr/include/openssl/ossl_typ.h:173:16: note: forward declaration of 'SSL' {aka 'struct ssl_st'} 173 | typedef struct ssl_st SSL; | ^~~~~~ Fixes: - http://autobuild.buildroot.org/results/273eadf9e49af55e0932a8293ca65762fb43114f - http://autobuild.buildroot.org/results/97601f321efc532de0c2ea6aa618ce11fad9e851 Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard --- ...SL_OP_NO_RENEGOTIATION-fallback-path.patch | 43 +++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 package/spice/0001-server-add-SSL_OP_NO_RENEGOTIATION-fallback-path.patch diff --git a/package/spice/0001-server-add-SSL_OP_NO_RENEGOTIATION-fallback-path.patch b/package/spice/0001-server-add-SSL_OP_NO_RENEGOTIATION-fallback-path.patch new file mode 100644 index 0000000000..edb8b2ed17 --- /dev/null +++ b/package/spice/0001-server-add-SSL_OP_NO_RENEGOTIATION-fallback-path.patch @@ -0,0 +1,43 @@ +From 5e580eefac44d0c709afcf93eb5fca2fb353166a Mon Sep 17 00:00:00 2001 +From: orbea +Date: Fri, 26 May 2023 13:38:34 -0700 +Subject: [PATCH] server: add SSL_OP_NO_RENEGOTIATION fallback path + +With LibreSSL SSL_OP_NO_CLIENT_RENEGOTIATION is opaque which is not +compatible with the OpenSSL 1.0.2 and earlier code path in +red-stream.cpp while SSL_OP_NO_RENEGOTIATION is not yet defined for the +newer OpenSSL code path in reds.cpp. + +So with OpenSSL 1.1.0 and later if SSL_OP_NO_RENEGOTIATION is undefined +and SSL_OP_NO_CLIENT_RENEGOTIATION is defined then define the former as +the latter. This will allow the build to succeed with LibreSSL 3.7.2 and +in the future when newer LibreSSL versions add SSL_OP_NO_RENEGOTIATION +that code path will then be used automatically. + +Signed-off-by: orbea +Acked-by: Frediano Ziglio + +Upstream: https://gitlab.freedesktop.org/spice/spice/-/commit/5e580eefac44d0c709afcf93eb5fca2fb353166a +Signed-off-by: Fabrice Fontaine +--- + server/red-stream.h | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/server/red-stream.h b/server/red-stream.h +index 716e93317..8e57c5e5e 100644 +--- a/server/red-stream.h ++++ b/server/red-stream.h +@@ -25,6 +25,10 @@ + + SPICE_BEGIN_DECLS + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(SSL_OP_NO_RENEGOTIATION) && defined(SSL_OP_NO_CLIENT_RENEGOTIATION) ++#define SSL_OP_NO_RENEGOTIATION SSL_OP_NO_CLIENT_RENEGOTIATION ++#endif ++ + typedef void (*AsyncReadDone)(void *opaque); + typedef void (*AsyncReadError)(void *opaque, int err); + +-- +GitLab +