snailed
/
void-packages
2
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Activity
void-packages/srcpkgs/retroarch/patches/mbedtls3.patch

77 lines
3.0 KiB
Diff
Raw Blame History

From 4683e83d9a51c0229fff23400a6a19542aa523b7 Mon Sep 17 00:00:00 2001
From: Keith Bowes <keithbowes@users.noreply.github.com>
Date: Thu, 18 Jul 2024 09:25:29 -0400
Subject: [PATCH] Add support for mbedtls v3 (#16763)
v2 is not going to receive security fixes after 2024
Fixes #16672
---
Makefile.common | 3 ++-
libretro-common/net/net_socket_ssl_mbed.c | 5 +++++
qb/config.libs.sh | 19 +++++++++----------
3 files changed, 16 insertions(+), 11 deletions(-)
diff --git a/Makefile.common b/Makefile.common
index a550c791462..ee4fa1c4ccc 100644
--- a/Makefile.common
+++ b/Makefile.common
@@ -753,7 +753,8 @@ else ifeq ($(HAVE_BUILTINMBEDTLS), 1)
OBJ += $(OBJS_TLS_CRYPTO) $(OBJS_TLS_X509) $(OBJS_TLS)
else ifeq ($(HAVE_SSL), 1)
DEFINES += -DHAVE_SSL
- LIBS += $(SYSTEMMBEDTLS_LIBS)
+ LIBS += $(SYSTEMMBEDTLS_LIBS) $(SYSTEMMBEDX509_LIBS) $(SYSTEMMBEDCRYPTO_LIBS)
+ DEF_FLAGS += $(SYSTEMMBEDTLS_CFLAGS) $(SYSTEMMBEDX509_CFLAGS) $(SYSTEMMBEDCRYPTO_CFLAGS)
endif
# Miscellaneous
diff --git a/libretro-common/net/net_socket_ssl_mbed.c b/libretro-common/net/net_socket_ssl_mbed.c
index a0a524f3559..69c2239002e 100644
--- a/libretro-common/net/net_socket_ssl_mbed.c
+++ b/libretro-common/net/net_socket_ssl_mbed.c
@@ -35,8 +35,13 @@
#include "../../deps/mbedtls/mbedtls/ctr_drbg.h"
#include "../../deps/mbedtls/mbedtls/entropy.h"
#else
+#include <mbedtls/version.h>
+#if MBEDTLS_VERSION_MAJOR < 3
#include <mbedtls/config.h>
#include <mbedtls/certs.h>
+#else
+#include <mbedtls/build_info.h>
+#endif
#include <mbedtls/debug.h>
#include <mbedtls/platform.h>
#include <mbedtls/net_sockets.h>
diff --git a/qb/config.libs.sh b/qb/config.libs.sh
index 1c845375186..06ca062f0cc 100644
--- a/qb/config.libs.sh
+++ b/qb/config.libs.sh
@@ -316,16 +316,15 @@ check_enabled SSL BUILTINMBEDTLS 'builtin mbedtls' 'ssl is' false
check_enabled SSL BUILTINBEARSSL 'builtin bearssl' 'ssl is' false
if [ "$HAVE_SYSTEMMBEDTLS" = "auto" ]; then SYSTEMMBEDTLS_IS_AUTO=yes; else SYSTEMMBEDTLS_IS_AUTO=no; fi
-check_lib '' SYSTEMMBEDTLS '-lmbedtls -lmbedx509 -lmbedcrypto'
-check_header '' SYSTEMMBEDTLS \
- mbedtls/config.h \
- mbedtls/certs.h \
- mbedtls/debug.h \
- mbedtls/platform.h \
- mbedtls/net_sockets.h \
- mbedtls/ssl.h \
- mbedtls/ctr_drbg.h \
- mbedtls/entropy.h
+check_val '' SYSTEMMBEDTLS '-lmbedtls' 'mbedtls' mbedtls 2.5.1 '' true
+check_val '' SYSTEMMBEDX509 '-lmbedx509' 'mbedtls' mbedx509 2.5.1 '' true
+check_val '' SYSTEMMBEDCRYPTO '-lmbedcrypto' 'mbedtls' mbedcrypto 2.5.1 '' true
+if [ "$HAVE_SYSTEMMBEDTLS" = 'yes' ] && [ -z "$SYSTEMMBEDTLS_VERSION" ]; then
+ # Ancient versions (such as the one included in the Ubuntu version used for
+ # build checks) don't have this header
+ check_header '' SYSTEMMBEDTLS mbedtls/net_sockets.h
+fi
+if [ "$HAVE_SYSTEMMBEDX509" = 'no' ] || [ "$HAVE_SYSTEMMBEDCRYPTO" = 'no' ]; then HAVE_SYSTEMMBEDTLS=no; fi
if [ "$SYSTEMMBEDTLS_IS_AUTO" = "yes" ] && [ "$HAVE_SYSTEMMBEDTLS" = "yes" ]; then HAVE_SYSTEMMBEDTLS=auto; fi
SSL_BACKEND_CHOSEN=no
Reference in New Issue View Git Blame Copy Permalink