[libcamera-devel] [PATCH] libcamera: pub_key: Support GNUTLS < v3
Kieran Bingham
kieran.bingham at ideasonboard.com
Mon Nov 9 11:51:59 CET 2020
It has been reported that SailfishOS is packaged with an older GnuTLS
library. Supporting GnuTLS < 3 appears to be trivial, but comes at the
cost of using a #define to switch.
Use a #define block to support older GnuTLS installations.
Reported-by: Simon Schmeisser <mail_to_wrt at gmx.de>
Suggested-by: Matti Lehtimaki <matti.lehtimaki at gmail.com>
Signed-off-by: Kieran Bingham <kieran.bingham at ideasonboard.com>
---
src/libcamera/pub_key.cpp | 7 +++++++
1 file changed, 7 insertions(+)
This was reported at [0], with a fix proposed at [1]
[0] https://github.com/sailfish-on-dontbeevil/droid-config-pinephone/issues/55
[1] https://git.sailfishos.org/mal/libcamera/blob/master/rpm/gnutls2.patch
Alternatively we could just /require/ GnuTLS >= 3... but this seems
fairly cheap.
This patch is a simplified version of [1] (No need to check if we're
__cplusplus, in a cpp file, but I haven't seen that this is needed
either).
I'd like to see Tested-by: tags on this before integration, as I have no
way to verify it.
--
Kieran
diff --git a/src/libcamera/pub_key.cpp b/src/libcamera/pub_key.cpp
index 9bb08fda34af..857c395373ea 100644
--- a/src/libcamera/pub_key.cpp
+++ b/src/libcamera/pub_key.cpp
@@ -8,7 +8,9 @@
#include "libcamera/internal/pub_key.h"
#if HAVE_GNUTLS
+extern "C" {
#include <gnutls/abstract.h>
+}
#endif
/**
@@ -87,8 +89,13 @@ bool PubKey::verify([[maybe_unused]] Span<const uint8_t> data,
static_cast<unsigned int>(sig.size())
};
+#if GNUTLS_VERSION_MAJOR >= 3
int ret = gnutls_pubkey_verify_data2(pubkey_, GNUTLS_SIGN_RSA_SHA256, 0,
&gnuTlsData, &gnuTlsSig);
+#else
+ int ret = gnutls_pubkey_verify_data(pubkey_, 0, &gnuTlsData, &gnuTlsSig);
+#endif
+
return ret >= 0;
#else
return false;
--
2.25.1
More information about the libcamera-devel
mailing list