package/libuhttpd: fix build w/ mbedtls v3.6

Since the mbedtls bump to v3.6 [1] the libuhttpd fails to build with the following error: ``` [ 8%] Building C object src/ssl/CMakeFiles/xssl.dir/mbedtls.c.o .../buildroot/output/build/libuhttpd-3.14.1/src/ssl/mbedtls.c:52:10: fatal error: mbedtls/certs.h: No such file or directory 52 | #include <mbedtls/certs.h> | ^~~~~~~~~~~~~~~~~ compilation terminated. ``` This error can be reproduced with the following config: ``` cat <<EOF >.config BR2_arm=y BR2_cortex_a7=y BR2_TOOLCHAIN_EXTERNAL=y BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y BR2_PACKAGE_MBEDTLS=y BR2_PACKAGE_LIBUHTTPD=y EOF make olddefconfig make ``` The compatibility with mbedtls v3 has been addressed upstream in the zhaojh329/ssl project included as a submodule of libuhttpd [2]. This patch backport this upstream commit to be applied on the submodule directory. This required adaptation of the line numbers (see [3]) and renaming a function reference passed as parameter of 'mbedtls_pk_parse_keyfile' caused by the commit [4]. [1] 3481a9643f package/mbedtls: bump to version 3.6.3.1 [2] 28cc9b5d98 [3] 8092b5a490 (diff-fbc46fa2db83f8649ccf1f46c6a044473b7b228edc7d4c0f7cc04b5a879f6fb7) [4] 0e7d2f73d7 (diff-fbc46fa2db83f8649ccf1f46c6a044473b7b228edc7d4c0f7cc04b5a879f6fb7R92) Signed-off-by: Thomas Perale <thomas.perale@mind.be> Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-07-06 20:09:08 +02:00
parent 95985d3524
commit 1a8e868623
1 changed files with 64 additions and 0 deletions
--- a/package/libuhttpd/0004-add-compatibility-with-mbed-tls-3-0-0.patch
+++ b/package/libuhttpd/0004-add-compatibility-with-mbed-tls-3-0-0.patch
@@ -0,0 +1,64 @@
+From 28cc9b5d98179d161673d20e79333ae5a4864228 Mon Sep 17 00:00:00 2001
+From: Jianhui Zhao <zhaojh329@gmail.com>
+Date: Sat, 4 May 2024 19:40:07 +0800
+Subject: [PATCH] Add compatibility with Mbed TLS 3.0.0
+
+Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
+Upstream: https://github.com/zhaojh329/ssl/commit/28cc9b5d98179d161673d20e79333ae5a4864228
+[thomas: 
+  - Apply to submodule directory
+  - Rename 'urandom' to '_urandom'
+  - Adapt line numbers
+]
+Signed-off-by: Thomas Perale <thomas.perale@mind.be>
+---
+ src/ssl/mbedtls.c | 11 +++++++++--
+ 1 file changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/src/ssl/mbedtls.c b/src/ssl/mbedtls.c
+index 2e02e1c..cad7e00 100644
+--- a/src/ssl/mbedtls.c
+++ b/src/ssl/mbedtls.c
+@@ -49,7 +49,6 @@
+ #include "ssl.h"
+ 
+ #include <mbedtls/ssl.h>
+-#include <mbedtls/certs.h>
+ #include <mbedtls/x509.h>
+ #include <mbedtls/rsa.h>
+ #include <mbedtls/error.h>
+@@ -136,9 +135,13 @@ static const int default_ciphersuites_client[] =
+     AES_CBC_CIPHERS(ECDHE_ECDSA),
+     AES_CBC_CIPHERS(ECDHE_RSA),
+     AES_CBC_CIPHERS(DHE_RSA),
+#ifdef MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+     MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
+#endif
+     AES_CIPHERS(RSA),
+#ifdef MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
+     MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
+#endif
+     0
+ };
+ 
+@@ -221,7 +224,7 @@ static void ssl_update_own_cert(struct ssl_context *ctx)
+     if (!ctx->cert.version)
+         return;
+ 
+-    if (!ctx->key.pk_info)
+    if (mbedtls_pk_get_type(&ctx->key) == MBEDTLS_PK_NONE)
+         return;
+ 
+     mbedtls_ssl_conf_own_cert(&ctx->conf, &ctx->cert, &ctx->key);
+@@ -258,7 +261,11 @@ int ssl_load_key_file(struct ssl_context *ctx, const char *file)
+ {
+     int ret;
+ 
+#if (MBEDTLS_VERSION_NUMBER >= 0x03000000)
+    ret = mbedtls_pk_parse_keyfile(&ctx->key, file, NULL, _urandom, NULL);
+#else
+     ret = mbedtls_pk_parse_keyfile(&ctx->key, file, NULL);
+#endif
+     if (ret)
+         return -1;
+