[meta-openssl102-fips][PATCH 3/3] meta-openssl102-fips: convert to new override syntax


Yi Zhao
 

This is the result of automated script conversion:
poky/scripts/contrib/convert-overrides.py meta-openssl102-fips

Converting the metadata to use ":" as the override character instead of "_".

Signed-off-by: Yi Zhao <yi.zhao@...>
---
README.build | 8 ++++----
README.openssh_cavstest | 2 +-
classes/fips_kernel.bbclass | 4 ++--
classes/image-enable-fips.bbclass | 2 +-
conf/layer.conf | 4 ++--
.../openssh/openssh_8.%.bbappend | 2 +-
recipes-connectivity/openssh/openssh_fips.inc | 16 ++++++++--------
.../openssl/openssl-fips-example_2.0.16.bb | 6 +++---
.../openssl/openssl-fips_2.0.16.bb | 6 +++---
.../openssl/openssl_1.0.2%.bbappend | 2 +-
recipes-connectivity/openssl/openssl_fips.inc | 8 ++++----
recipes-support/fipscheck/fipscheck_1.5.0.bb | 6 +++---
recipes-support/rng-tools/rng-tools_6.%.bbappend | 2 +-
recipes-support/rng-tools/rng-tools_fips.inc | 2 +-
14 files changed, 35 insertions(+), 35 deletions(-)

diff --git a/README.build b/README.build
index 36e3875..b675686 100644
--- a/README.build
+++ b/README.build
@@ -44,7 +44,7 @@ to image [3]
[2] git://git.yoctoproject.org/meta-openssl102
Manually set 1.0.2% to openssl preferred version
echo "PREFERRED_VERSION_openssl = '1.0.2%'" >> conf/local.conf
-[3] echo "IMAGE_INSTALL_append = ' packagegroup-core-buildessential'" >> conf/local.conf
+[3] echo "IMAGE_INSTALL:append = ' packagegroup-core-buildessential'" >> conf/local.conf

The easiest way to do this with Wind River Linux is include:

@@ -56,7 +56,7 @@ Additionally you will need a way to get the openssl-fips module source to
the target for the build. Adding ssh/scp is recommended, to add these
add the following to your local.conf file:

- IMAGE_INSTALL_append = " openssh-ssh openssh-scp"
+ IMAGE_INSTALL:append = " openssh-ssh openssh-scp"

If you are building with configurations that have security software enabled,
such as SE Linux, you may be required to boot in a non-enforcing mode to
@@ -132,7 +132,7 @@ Building Steps (based on section 4 of the UsersGuide-2.0.pdf):
prebuilt tar archive.

For Yocto, in your build directory, edit conf/local.conf, add:
- IMAGE_INSTALL_append = " openssl-fips-dev"
+ IMAGE_INSTALL:append = " openssl-fips-dev"
OPENSSL_FIPS_ENABLED = "1"
OPENSSL_FIPS_PREBUILT = "<path>"

@@ -230,7 +230,7 @@ program, and embed the fingerprint.

On host:
edit local.conf to add openssl-fips-example to image
-$ echo 'IMAGE_INSTALL_append = " openssl-fips-example"' >> conf/local.conf
+$ echo 'IMAGE_INSTALL:append = " openssl-fips-example"' >> conf/local.conf
$ bitbake <image>

On target:
diff --git a/README.openssh_cavstest b/README.openssh_cavstest
index 2c31209..975a782 100644
--- a/README.openssh_cavstest
+++ b/README.openssh_cavstest
@@ -1,5 +1,5 @@
1. Install openssh-cavs to images
-$ echo "IMAGE_INSTALL_append = ' openssh-cavs'" >> conf/local.conf
+$ echo "IMAGE_INSTALL:append = ' openssh-cavs'" >> conf/local.conf
$ bitbake <image>

2. Run tests on target
diff --git a/classes/fips_kernel.bbclass b/classes/fips_kernel.bbclass
index 064088f..1a2525d 100644
--- a/classes/fips_kernel.bbclass
+++ b/classes/fips_kernel.bbclass
@@ -1,4 +1,4 @@
-FILESEXTRAPATHS_prepend := "${LAYER_PATH_meta-openssl-one-zero-two-fips}/recipes-kernel/linux/files/:"
-SRC_URI_append = " \
+FILESEXTRAPATHS:prepend := "${LAYER_PATH_meta-openssl-one-zero-two-fips}/recipes-kernel/linux/files/:"
+SRC_URI:append = " \
file://crypto_fips.scc \
"
diff --git a/classes/image-enable-fips.bbclass b/classes/image-enable-fips.bbclass
index fcb5a40..5792883 100644
--- a/classes/image-enable-fips.bbclass
+++ b/classes/image-enable-fips.bbclass
@@ -1,4 +1,4 @@
-ROOTFS_POSTPROCESS_COMMAND_append = " enable_system_fips;"
+ROOTFS_POSTPROCESS_COMMAND:append = " enable_system_fips;"

enable_system_fips() {
install -d ${IMAGE_ROOTFS}${sysconfdir}
diff --git a/conf/layer.conf b/conf/layer.conf
index fc1dcbd..e9ac874 100644
--- a/conf/layer.conf
+++ b/conf/layer.conf
@@ -18,8 +18,8 @@ LAYERDEPENDS_meta-openssl-one-zero-two-fips = " \
meta-openssl-one-zero-two \
"

-IMAGE_CLASSES_append = "${@'' if d.getVar('OPENSSL_FIPS_ENABLED', True) != '1' else ' image-enable-fips'}"
+IMAGE_CLASSES:append = "${@'' if d.getVar('OPENSSL_FIPS_ENABLED', True) != '1' else ' image-enable-fips'}"

LAYER_PATH_meta-openssl-one-zero-two-fips = "${LAYERDIR}"

-KERNEL_CLASSES_append = " ${@bb.utils.contains('OPENSSL_FIPS_ENABLED', '1', ' fips_kernel', '',d)}"
+KERNEL_CLASSES:append = " ${@bb.utils.contains('OPENSSL_FIPS_ENABLED', '1', ' fips_kernel', '',d)}"
diff --git a/recipes-connectivity/openssh/openssh_8.%.bbappend b/recipes-connectivity/openssh/openssh_8.%.bbappend
index 07799f6..a2e3aca 100644
--- a/recipes-connectivity/openssh/openssh_8.%.bbappend
+++ b/recipes-connectivity/openssh/openssh_8.%.bbappend
@@ -1,4 +1,4 @@
FIPSINC = ""
-FIPSINC_class-target = "${@'' if d.getVar('OPENSSL_FIPS_ENABLED', True) != '1' else 'openssh_fips.inc'}"
+FIPSINC:class-target = "${@'' if d.getVar('OPENSSL_FIPS_ENABLED', True) != '1' else 'openssh_fips.inc'}"

require ${FIPSINC}
diff --git a/recipes-connectivity/openssh/openssh_fips.inc b/recipes-connectivity/openssh/openssh_fips.inc
index efba8db..b13e06e 100644
--- a/recipes-connectivity/openssh/openssh_fips.inc
+++ b/recipes-connectivity/openssh/openssh_fips.inc
@@ -1,9 +1,9 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/openssh:"
+FILESEXTRAPATHS:prepend := "${THISDIR}/openssh:"
DEPENDS += " \
openssl-fips \
fipscheck \
"
-RRECOMMENDS_${PN}-sshd_remove = "rng-tools"
+RRECOMMENDS:${PN}-sshd:remove = "rng-tools"

SRC_URI += " \
file://0001-openssh-8.6p1-fips.patch \
@@ -14,13 +14,13 @@ SRC_URI += " \
file://0001-ssh-cavs-set-kex-sessin_id-via-sshbuf_put.patch \
"

-do_install_append() {
+do_install:append() {
install -d ${D}${libdir}/fipscheck
}

inherit qemu

-pkg_postinst_append_${PN}-ssh () {
+pkg_postinst:append:${PN}-ssh () {
if [ -n "$D" ]; then
if ${@bb.utils.contains('MACHINE_FEATURES', 'qemu-usermode', 'true','false', d)}; then
${@qemu_run_binary(d, '$D', '${bindir}/fipshmac')} \
@@ -33,7 +33,7 @@ pkg_postinst_append_${PN}-ssh () {
fi
}

-pkg_postinst_append_${PN}-sshd () {
+pkg_postinst:append:${PN}-sshd () {
if [ -n "$D" ]; then
if ${@bb.utils.contains('MACHINE_FEATURES', 'qemu-usermode', 'true','false', d)}; then
${@qemu_run_binary(d, '$D', '${bindir}/fipshmac')} \
@@ -47,10 +47,10 @@ pkg_postinst_append_${PN}-sshd () {
}

PACKAGES =+ "${PN}-cavs"
-SUMMARY_${PN}-cavs = "CAVS tests for FIPS validation"
-FILES_${PN}-cavs = " \
+SUMMARY:${PN}-cavs = "CAVS tests for FIPS validation"
+FILES:${PN}-cavs = " \
${libexecdir}/ctr-cavstest \
${libexecdir}/ssh-cavs \
${libexecdir}/ssh-cavs_driver.pl"

-FILES_${PN} += "${libdir}/fipscheck"
+FILES:${PN} += "${libdir}/fipscheck"
diff --git a/recipes-connectivity/openssl/openssl-fips-example_2.0.16.bb b/recipes-connectivity/openssl/openssl-fips-example_2.0.16.bb
index 1a720cd..c6d069f 100644
--- a/recipes-connectivity/openssl/openssl-fips-example_2.0.16.bb
+++ b/recipes-connectivity/openssl/openssl-fips-example_2.0.16.bb
@@ -19,14 +19,14 @@ DEPENDS = " \
openssl \
"

-RDEPENDS_${PN} = " \
+RDEPENDS:${PN} = " \
openssl-fips-dev \
openssl-dev \
openssl-staticdev \
packagegroup-core-buildessential \
"

-FILES_${PN} += "${libdir}/ssl/fips-2.0/test"
+FILES:${PN} += "${libdir}/ssl/fips-2.0/test"

do_configure[noexec] = "1"

@@ -47,7 +47,7 @@ do_install() {
sed -i "s:@LIBDIR@:${libdir}:g" ${D}/${libdir}/ssl/fips-2.0/test/Makefile
}

-INSANE_SKIP_${PN} += "dev-deps"
+INSANE_SKIP:${PN} += "dev-deps"

python __anonymous() {
if d.getVar("OPENSSL_FIPS_ENABLED", True) != "1":
diff --git a/recipes-connectivity/openssl/openssl-fips_2.0.16.bb b/recipes-connectivity/openssl/openssl-fips_2.0.16.bb
index b7cb34b..7a2949a 100644
--- a/recipes-connectivity/openssl/openssl-fips_2.0.16.bb
+++ b/recipes-connectivity/openssl/openssl-fips_2.0.16.bb
@@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8"
# Set "OPENSSL_FIPS_PREBUILT" to the location of the prebuilt
# openssl-fips-TARGET_ARCH-install.tar.bz2 files.
#
-FILESEXTRAPATHS_prepend := "${OPENSSL_FIPS_PREBUILT}:"
+FILESEXTRAPATHS:prepend := "${OPENSSL_FIPS_PREBUILT}:"

PREBUILT_OPENSSL_FIPS = "openssl-fips-${PV}-${TARGET_ARCH}-install.tar.bz2"

@@ -20,8 +20,8 @@ SRC_URI = "file://${PREBUILT_OPENSSL_FIPS} \
"
S = "${WORKDIR}"

-RDEPENDS_${PN}-dev = ""
-FILES_${PN}-dev += "${bindir}/fipsld ${libdir}/ssl/fips-2.0"
+RDEPENDS:${PN}-dev = ""
+FILES:${PN}-dev += "${bindir}/fipsld ${libdir}/ssl/fips-2.0"

INHIBIT_PACKAGE_DEBUG_SPLIT = '1'
INHIBIT_PACKAGE_STRIP = '1'
diff --git a/recipes-connectivity/openssl/openssl_1.0.2%.bbappend b/recipes-connectivity/openssl/openssl_1.0.2%.bbappend
index 517f1c2..41a7302 100644
--- a/recipes-connectivity/openssl/openssl_1.0.2%.bbappend
+++ b/recipes-connectivity/openssl/openssl_1.0.2%.bbappend
@@ -1,4 +1,4 @@
FIPSINC = ""
-FIPSINC_class-target = "${@'' if d.getVar('OPENSSL_FIPS_ENABLED', True) != '1' else 'openssl_fips.inc'}"
+FIPSINC:class-target = "${@'' if d.getVar('OPENSSL_FIPS_ENABLED', True) != '1' else 'openssl_fips.inc'}"

require ${FIPSINC}
diff --git a/recipes-connectivity/openssl/openssl_fips.inc b/recipes-connectivity/openssl/openssl_fips.inc
index 5480096..9ae23cd 100644
--- a/recipes-connectivity/openssl/openssl_fips.inc
+++ b/recipes-connectivity/openssl/openssl_fips.inc
@@ -1,11 +1,11 @@
-PACKAGECONFIG_append = " fips"
+PACKAGECONFIG:append = " fips"

PACKAGECONFIG[fips] = "fips --with-fipsdir=${STAGING_DIR_TARGET}${libdir}/ssl/fips-2.0,,openssl-fips,,"

-FILESEXTRAPATHS_prepend := "${THISDIR}/openssl:"
+FILESEXTRAPATHS:prepend := "${THISDIR}/openssl:"

# This adds the necessary symbols if fips is enabled.
-SRC_URI_append = " file://openssl-fips-version.patch \
+SRC_URI:append = " file://openssl-fips-version.patch \
file://0001-make-fips_premain_dso-support-cross-compiling.patch \
"

@@ -14,7 +14,7 @@ DEPENDS += "qemu-native"
inherit qemu

# We need to run the special fips_premain_dso under QEMU
-do_compile_prepend() {
+do_compile:prepend() {
qemu_binary="${@qemu_wrapper_cmdline(d, '${STAGING_DIR_HOST}', ['${STAGING_LIBDIR}','${STAGING_BASELIBDIR}'])}"
cat << EOF > fips_premain_dso
#! /bin/sh
diff --git a/recipes-support/fipscheck/fipscheck_1.5.0.bb b/recipes-support/fipscheck/fipscheck_1.5.0.bb
index 970640d..df72454 100644
--- a/recipes-support/fipscheck/fipscheck_1.5.0.bb
+++ b/recipes-support/fipscheck/fipscheck_1.5.0.bb
@@ -27,13 +27,13 @@ EXTRA_OECONF += " \
EXTRA_OEMAKE += " \
-I${STAGING_LIBDIR_NATIVE}/ssl/fips-2.0/include \
"
-do_install_append() {
+do_install:append() {
install -d ${D}${libdir}/fipscheck
}

inherit qemu

-pkg_postinst_${PN} () {
+pkg_postinst:${PN} () {
if [ -n "$D" ]; then
if ${@bb.utils.contains('MACHINE_FEATURES', 'qemu-usermode', 'true','false', d)}; then
${@qemu_run_binary(d, '$D', '${bindir}/fipshmac')} \
@@ -54,4 +54,4 @@ python __anonymous() {
raise bb.parse.SkipPackage("To enable the fipscheck recipe set OPENSSL_FIPS_ENABLED = '1'.")
}

-FILES_${PN} += "${libdir}/fipscheck"
+FILES:${PN} += "${libdir}/fipscheck"
diff --git a/recipes-support/rng-tools/rng-tools_6.%.bbappend b/recipes-support/rng-tools/rng-tools_6.%.bbappend
index c487175..7eeaecb 100644
--- a/recipes-support/rng-tools/rng-tools_6.%.bbappend
+++ b/recipes-support/rng-tools/rng-tools_6.%.bbappend
@@ -1,4 +1,4 @@
FIPSINC = ""
-FIPSINC_class-target = "${@'' if d.getVar('OPENSSL_FIPS_ENABLED', True) != '1' else 'rng-tools_fips.inc'}"
+FIPSINC:class-target = "${@'' if d.getVar('OPENSSL_FIPS_ENABLED', True) != '1' else 'rng-tools_fips.inc'}"

require ${FIPSINC}
diff --git a/recipes-support/rng-tools/rng-tools_fips.inc b/recipes-support/rng-tools/rng-tools_fips.inc
index d5f6435..e3b89ca 100644
--- a/recipes-support/rng-tools/rng-tools_fips.inc
+++ b/recipes-support/rng-tools/rng-tools_fips.inc
@@ -1,2 +1,2 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/rng-tools:"
+FILESEXTRAPATHS:prepend := "${THISDIR}/rng-tools:"

--
2.25.1

Join yocto@lists.yoctoproject.org to automatically receive all group messages.