mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-05-30 13:00:02 +00:00
Code Issues Projects Releases Wiki Activity

mdns: Update for mbedtls4, set daemon version

Browse Source 
Switch to psa_crypto_init() which initialises all crypto subsystems,
this works for both Mbed TLS 3 and 4. Also set the daemon version so
it's correctly reported at runtime.

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
This commit is contained in:
Alex Kiernan
2026-05-08 09:54:12 +01:00
committed by Khem Raj
parent 4310ecc78f
commit 682856ec1f
2 changed files with 60 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-networking/recipes-protocols/mdns/mdns/0001-mDNSPosix-Rework-mbedtls-for-compatibility-with-mbed.patch
+57
View File
@@ -0,0 +1,57 @@
From f4f5039eb90918b5248bd6266afdad0b33b2d010 Mon Sep 17 00:00:00 2001
From: Alex Kiernan <alex.kiernan@gmail.com>
Date: Thu, 30 Apr 2026 08:21:19 +0100
Subject: [PATCH] mDNSPosix: Rework mbedtls for compatibility with mbedtls4
Upstream-Status: Inactive-Upstream [Upstream does not take patches]
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
mDNSPosix/mbedtls.c | 21 +++++----------------
1 file changed, 5 insertions(+), 16 deletions(-)
diff --git a/mDNSPosix/mbedtls.c b/mDNSPosix/mbedtls.c
index 6726ef9b9145..c4b7fd4edfff 100644
--- a/mDNSPosix/mbedtls.c
+++ b/mDNSPosix/mbedtls.c
@@ -29,14 +29,10 @@
#include <errno.h>
#include <unistd.h>
+#include <psa/crypto.h>
+
#include <mbedtls/error.h>
-#include <mbedtls/pk.h>
-#include <mbedtls/ecp.h>
-#include <mbedtls/ecdsa.h>
-#include <mbedtls/entropy.h>
-#include <mbedtls/ctr_drbg.h>
-#include <mbedtls/sha256.h>
-#include <mbedtls/base64.h>
+#include <mbedtls/psa_util.h>
#include <mbedtls/x509.h>
#include <mbedtls/ssl.h>
@@ -53,21 +49,14 @@ struct TLSServerContext_struct {
mbedtls_ssl_config config;
};
-// Context that is shared amongs all TLS connections, regardless of which server cert/key is in use.
-static mbedtls_entropy_context entropy;
-static mbedtls_ctr_drbg_context ctr_drbg;
-
mDNSBool
mDNSPosixTLSInit(void)
{
int status;
- mbedtls_entropy_init(&entropy);
- mbedtls_ctr_drbg_init(&ctr_drbg);
-
- status = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0);
+ status = psa_crypto_init();
if (status != 0) {
- LogRedact(MDNS_LOG_CATEGORY_DEFAULT, MDNS_LOG_ERROR, "Unable to seed RNG: %x", -status);
+ LogRedact(MDNS_LOG_CATEGORY_DEFAULT, MDNS_LOG_ERROR, "PSA crypto init failed: %x", -status);
return mDNSfalse;
}
return mDNStrue;
meta-networking/recipes-protocols/mdns/mdns_2881.100.56.0.1.bb
+3 -1
View File
@@ -15,6 +15,7 @@ SRC_URI = "git://github.com/apple-oss-distributions/mDNSResponder;protocol=https
file://0001-Fix-build-with-gcc-15.patch \ file://0001-Fix-build-with-gcc-15.patch \
file://mdns.service \ file://mdns.service \
file://0007-mDNSShared-Make-Apple-Wireless-Direct-Link-depend-on.patch \ file://0007-mDNSShared-Make-Apple-Wireless-Direct-Link-depend-on.patch \
file://0001-mDNSPosix-Rework-mbedtls-for-compatibility-with-mbed.patch \
" "
BRANCH = "rel/mDNSResponder-2881" BRANCH = "rel/mDNSResponder-2881"
SRCREV = "ea3902cfeff86a04b4c684753c80e425edbd1a21" SRCREV = "ea3902cfeff86a04b4c684753c80e425edbd1a21"
@@ -47,7 +48,8 @@ EXTRA_OEMAKE = "os=linux 'CC=${CCLD}' 'LD=${CCLD}' 'LINKOPTS=${LDFLAGS}' STRIP=:
# MDNS_VERSIONSTR_NODTS disables __DATE__ and __TIME__ in the version string, # MDNS_VERSIONSTR_NODTS disables __DATE__ and __TIME__ in the version string,
# which are fixed anyway for build reproducibility. # which are fixed anyway for build reproducibility.
TARGET_CPPFLAGS += "-DMDNS_VERSIONSTR_NODTS" TARGET_CPPFLAGS += "-DmDNSResponderVersion=${PV} \
-DMDNS_VERSIONSTR_NODTS"
TARGET_CC_ARCH += "${LDFLAGS}" TARGET_CC_ARCH += "${LDFLAGS}"