On Tue, Jun 20, 2023 at 7:38 PM Beniamin Sandu <beniaminsa...@gmail.com> wrote:
>
> On Tue, Jun 20, 2023 at 4:12 PM Beniamin Sandu <beniaminsa...@gmail.com>
> wrote:
> >
> > On Tue, Jun 20, 2023 at 3:42 PM Alex Kiernan <alex.kier...@gmail.com> wrote:
> > >
> > > On Tue, Jun 20, 2023 at 1:03 PM Alex Kiernan via
> > > lists.openembedded.org <alex.kiernan=gmail....@lists.openembedded.org>
> > > wrote:
> > > >
> > > > On Tue, Jun 20, 2023 at 11:53 AM Beniamin Sandu
> > > > <beniaminsa...@gmail.com> wrote:
> > > > >
> > > > > On Tue, Jun 20, 2023 at 12:56 PM Alex Kiernan
> > > > > <alex.kier...@gmail.com> wrote:
> > > > > >
> > > > > > On Mon, Jun 19, 2023 at 8:38 PM Beniamin Sandu
> > > > > > <beniaminsa...@gmail.com> wrote:
> > > > > > >
> > > > > > > I am trying to add a v3.x mbedtls recipe to master branch, and
> > > > > > > without
> > > > > >
> > > > > > Sorry, was reading the thread out of order and missed that you were
> > > > > > trying to add an Mbed TLS 3 recipe!
> > > > > >
> > > > > > > this patch, mdns does not build. I could not find an obvious way
> > > > > > > to
> > > > > > > submit upstream patches to mdns from a quick search, otherwise I
> > > > > > > would
> > > > > > > gladly do it.
> > > > > > >
> > > > > >
> > > > > > Several folk have tried sending them to d...@apple.com (seemingly
> > > > > > without success), there's also a couple of attempted PRs on github
> > > > > > (again seemingly going nowhere). Winding back about 20 years, I
> > > > > > tried
> > > > > > to get a bunch of portability fixes into the Quicktime Streaming
> > > > > > Server without success - the model appears to very much be open
> > > > > > source, not open contribution.
> > > > > >
> > > > > > > While I am with you on trying to reduce technical debt within
> > > > > > > yocto
> > > > > > > layers, this one is very small and rather harmless, so I hope we
> > > > > > > can
> > > > > > > make a sacrifice for the greater good. :)
> > > > > > >
> > > > > >
> > > > > > I'm guessing we'll need to scope an Mbed TLS 3 recipe as being
> > > > > > explicitly mbedtls3_...? So sticking with 2.x doesn't feel like a
> > > > > > terrible option, but I agree its not ideal.
> > > > >
> > > > > This also sounds like a fairly decent option, having a separate
> > > > > mbedtls3 package might make it easier in general, although I am not
> > > > > aware of how used the current v2 version actually is.
> > > > >
> > > >
> > > > Looks like we're out of date (there's a 2.28.3), but it's still
> > > > supported for now... "Mbed TLS 2.28 is a long-time support branch. It
> > > > will be supported with bug-fixes and security fixes until end of
> > > > 2024."
> > > >
> > >
> > > Will send an update for 2.28.3, but constrain `devtool upgrade` to
> > > things on the 2.x branch
> > >
> > > One thought on 3.x - if mdns is the only failure maybe rename the
> > > current recipe to mbedtls2_% and add 3.x as mbedtls_% and then fix up
> > > the mdns recipe to consume mbedtls2?
> > >
> >
> > Personally I would say it is not worth to do it, just because of this
> > one package. Plus, it's building fine with both versions by including
> > this small patch, but maybe Khem Raj can chime in with an opinion
> > here.
> >
>
> While looking through some stuff, I discovered some variable I had no
> idea exists, called DEFAULT_PREFERENCE:
> https://docs.yoctoproject.org/ref-manual/variables.html#term-DEFAULT_PREFERENCE
>
> Seems it could be a very simple way to make mbedtls v2 be the
> "default" version unless specified by user through PREFERRED_PROVIDER?
I meant PREFERRED_VERSION, so we could add this DEFAULT_PREFERENCE to
mbedtls v3 recipe and anyone who wants to use it will need to select
it on their side, otherwise v2 will get built.
>
> > > > > >
> > > > > > My concern isn't really with the one liner now, its the how hard
> > > > > > does
> > > > > > it become to do the upgrades down the road - if we suddenly can't
> > > > > > upgrade because upstream's stuck on 2.x and there's something
> > > > > > incompatible with 3.x what do we do?
> > > > > >
> > > > > > > Cheers,
> > > > > > > Beni
> > > > > > >
> > > > > > >
> > > > > > > On Mon, Jun 19, 2023 at 10:14 PM Alex Kiernan
> > > > > > > <alex.kier...@gmail.com> wrote:
> > > > > > > >
> > > > > > > > Keeping up with Apple given they take nothing is frankly a
> > > > > > > > right pain, adding things which are nice to have rather than
> > > > > > > > just broken seems like we're just adding to the problem. Last
> > > > > > > > time I resynchronized this it took me days, unless there's a
> > > > > > > > really good reason to do this, or there's a way to get it
> > > > > > > > upstreamed I'd rather we didn't.
> > > > > > > >
> > > > > > > >
> > > > > > > > On Mon, 19 Jun 2023, 19:20 Beniamin Sandu,
> > > > > > > > <beniaminsa...@gmail.com> wrote:
> > > > > > > >>
> > > > > > > >> Signed-off-by: Beniamin Sandu <beniaminsa...@gmail.com>
> > > > > > > >> ---
> > > > > > > >> .../mdns/0009-remove-unneeded-headers.patch | 33
> > > > > > > >> +++++++++++++++++++
> > > > > > > >> .../recipes-protocols/mdns/mdns_1790.80.10.bb | 1 +
> > > > > > > >> 2 files changed, 34 insertions(+)
> > > > > > > >> create mode 100644
> > > > > > > >> meta-networking/recipes-protocols/mdns/mdns/0009-remove-unneeded-headers.patch
> > > > > > > >>
> > > > > > > >> diff --git
> > > > > > > >> a/meta-networking/recipes-protocols/mdns/mdns/0009-remove-unneeded-headers.patch
> > > > > > > >>
> > > > > > > >> b/meta-networking/recipes-protocols/mdns/mdns/0009-remove-unneeded-headers.patch
> > > > > > > >> new file mode 100644
> > > > > > > >> index 000000000..74d387368
> > > > > > > >> --- /dev/null
> > > > > > > >> +++
> > > > > > > >> b/meta-networking/recipes-protocols/mdns/mdns/0009-remove-unneeded-headers.patch
> > > > > > > >> @@ -0,0 +1,33 @@
> > > > > > > >> +From 1d7e71e72c597ffcc19c04373a477d1fbd3ad955 Mon Sep 17
> > > > > > > >> 00:00:00 2001
> > > > > > > >> +From: Beniamin Sandu <beniaminsa...@gmail.com>
> > > > > > > >> +Date: Thu, 15 Jun 2023 17:02:58 +0000
> > > > > > > >> +Subject: [PATCH] remove unneeded headers
> > > > > > > >> +
> > > > > > > >> +From a quick look, these seem to not be needed and having them
> > > > > > > >> +breaks the build with mbedtls 3.x. Without them it builds fine
> > > > > > > >> +on both 2.x and 3.x versions.
> > > > > > > >> +
> > > > > > > >> +Upstream-Status: Pending
> > > > > > > >> +
> > > > > > > >> +Signed-off-by: Beniamin Sandu <beniaminsa...@gmail.com>
> > > > > > > >> +---
> > > > > > > >> + mDNSPosix/mbedtls.c | 2 --
> > > > > > > >> + 1 file changed, 2 deletions(-)
> > > > > > > >> +
> > > > > > > >> +diff --git a/mDNSPosix/mbedtls.c b/mDNSPosix/mbedtls.c
> > > > > > > >> +index a73681b..ab8f8c7 100644
> > > > > > > >> +--- a/mDNSPosix/mbedtls.c
> > > > > > > >> ++++ b/mDNSPosix/mbedtls.c
> > > > > > > >> +@@ -38,10 +38,8 @@
> > > > > > > >> + #include <mbedtls/sha256.h>
> > > > > > > >> + #include <mbedtls/base64.h>
> > > > > > > >> +
> > > > > > > >> +-#include <mbedtls/certs.h>
> > > > > > > >> + #include <mbedtls/x509.h>
> > > > > > > >> + #include <mbedtls/ssl.h>
> > > > > > > >> +-#include <mbedtls/config.h>
> > > > > > > >> +
> > > > > > > >> + // Posix TLS server context
> > > > > > > >> + struct TLSContext_struct {
> > > > > > > >> +--
> > > > > > > >> +2.34.1
> > > > > > > >> diff --git
> > > > > > > >> a/meta-networking/recipes-protocols/mdns/mdns_1790.80.10.bb
> > > > > > > >> b/meta-networking/recipes-protocols/mdns/mdns_1790.80.10.bb
> > > > > > > >> index 612d343c8..46f1b70cb 100644
> > > > > > > >> --- a/meta-networking/recipes-protocols/mdns/mdns_1790.80.10.bb
> > > > > > > >> +++ b/meta-networking/recipes-protocols/mdns/mdns_1790.80.10.bb
> > > > > > > >> @@ -21,6 +21,7 @@ SRC_URI =
> > > > > > > >> "git://github.com/apple-oss-distributions/mDNSResponder;protocol=https
> > > > > > > >> file://0006-Handle-noisy-netlink-sockets.patch \
> > > > > > > >>
> > > > > > > >> file://0007-Mark-deleted-interfaces-as-being-changed.patch \
> > > > > > > >> file://0008-Handle-errors-from-socket-calls.patch \
> > > > > > > >> + file://0009-remove-unneeded-headers.patch \
> > > > > > > >> file://mdns.service \
> > > > > > > >> "
> > > > > > > >> SRCREV = "8769ab51605e465425d33d757f602ce5905ca639"
> > > > > > > >> --
> > > > > > > >> 2.25.1
> > > > > > > >>
> > > > > > > >>
> > > > > > > >>
> > > > > > > >>
> > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > > Alex Kiernan
> > > >
> > > >
> > > >
> > > > --
> > > > Alex Kiernan
> > > >
> > > >
> > > >
> > >
> > >
> > > --
> > > Alex Kiernan
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#103461):
https://lists.openembedded.org/g/openembedded-devel/message/103461
Mute This Topic: https://lists.openembedded.org/mt/99629056/21656
Group Owner: openembedded-devel+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
