diff options
author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-08-14 02:59:39 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-08-30 02:44:03 +0300 |
commit | 220d5534d34c16d996dd3eb9c3dcc94591f5ded4 (patch) | |
tree | 9576094c44a78d81de247a95922d23d4aad8fb43 /poky/meta/recipes-connectivity/openssl/openssl_1.1.0i.bb | |
parent | 8845f92d5dc18f9b0792c43621c96f4036393aac (diff) | |
download | openbmc-220d5534d34c16d996dd3eb9c3dcc94591f5ded4.tar.xz |
poky: sumo refresh 874976b..45ef387
Update poky to sumo HEAD.
Alexander Kanavin (1):
openssl: fix upstream version check for 1.0 version
Andre McCurdy (19):
openssl_1.1: avoid using += with an over-ride
openssl_1.1: minor recipe formatting tweaks etc
openssl_1.0: merge openssl10.inc into the openssl_1.0.2o.bb recipe
openssl_1.0: minor recipe formatting tweaks etc
openssl_1.0: drop curly brackets from shell local variables
openssl_1.0: fix cryptodev-linux PACKAGECONFIG support
openssl_1.0: drop leading "-" from no-ssl3 config option
openssl_1.0: avoid running make twice for target do_compile()
openssl: remove uclibc remnants
openssl: support musl-x32 build
openssl: minor indent fixes
openssl_1.0: drop obsolete ca.patch
openssl_1.0: drop obsolete exporting of AS, EX_LIBS and DIRS
openssl_1.0: drop unmaintained darwin support
openssl_1.0: add PACKAGECONFIG option to control manpages
openssl_1.0: squash whitespace in CC_INFO
openssl: fix missing dependency on hostperl-runtime-native
openssl_1.0: drop unnecessary dependency on makedepend-native
openssl_1.0: drop unnecessary call to perlpath.pl from do_configure()
Andrej Valek (3):
openssl-1.1: fix c_rehash perl errors
openssl: update 1.0.2o -> 1.0.2p
openssl: update 1.1.0h -> 1.1.0i
Anuj Mittal (1):
wic/qemux86: don't pass ip parameter to kernel in wks
Changqing Li (1):
unzip: fix CVE-2018-1000035
Hongxu Jia (2):
nasm: fix CVE-2018-8883 & CVE-2018-8882 & CVE-2018-10316
patch: fix CVE-2018-6952
Jagadeesh Krishnanjanappa (19):
libvorbis: CVE-2017-14160 CVE-2018-10393
libvorbis: CVE-2018-10392
flac: CVE-2017-6888
libarchive: CVE-2017-14503
libsndfile1: CVE-2017-14245 CVE-2017-14246
libsndfile1: CVE-2017-14634
coreutils: CVE-2017-18018
libgcrypt: CVE-2018-0495
git: CVE-2018-11235
gnupg: CVE-2018-12020
shadow: CVE-2018-7169
procps: CVE-2018-1124
python: CVE-2018-1000030
qemu: CVE-2018-7550
qemu: CVE-2018-12617
perl: CVE-2018-6798
perl: CVE-2018-6797
perl: CVE-2018-6913
perl: CVE-2018-12015
Joshua Watt (2):
alsa-lib: Cleanup packaging
swig: Remove superfluous python dependency
Ovidiu Panait (1):
openssl-nativesdk: Fix "can't open config file" warning
Ross Burton (6):
bzip2: use Yocto Project mirror for SRC_URI
classes: sanity-check LIC_FILES_CHKSUM
openssl: disable ccache usage
unzip: fix symlink problem
bitbake: utils/md5_file: don't iterate line-by-line
bitbake: checksum: sanity check path when recursively checksumming
Change-Id: I262a451f483cb276343ae6f02c272af053d33d7a
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'poky/meta/recipes-connectivity/openssl/openssl_1.1.0i.bb')
-rw-r--r-- | poky/meta/recipes-connectivity/openssl/openssl_1.1.0i.bb | 170 |
1 files changed, 170 insertions, 0 deletions
diff --git a/poky/meta/recipes-connectivity/openssl/openssl_1.1.0i.bb b/poky/meta/recipes-connectivity/openssl/openssl_1.1.0i.bb new file mode 100644 index 000000000..e7006268f --- /dev/null +++ b/poky/meta/recipes-connectivity/openssl/openssl_1.1.0i.bb @@ -0,0 +1,170 @@ +SUMMARY = "Secure Socket Layer" +DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools." +HOMEPAGE = "http://www.openssl.org/" +BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html" +SECTION = "libs/network" + +# "openssl | SSLeay" dual license +LICENSE = "openssl" +LIC_FILES_CHKSUM = "file://LICENSE;md5=d57d511030c9d66ef5f5966bee5a7eff" + +DEPENDS = "hostperl-runtime-native" + +SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ + file://run-ptest \ + file://openssl-c_rehash.sh \ + file://0001-Take-linking-flags-from-LDFLAGS-env-var.patch \ + " + +SRC_URI_append_class-nativesdk = " \ + file://environment.d-openssl.sh \ + " + +SRC_URI[md5sum] = "9495126aafd2659d357ea66a969c3fe1" +SRC_URI[sha256sum] = "ebbfc844a8c8cc0ea5dc10b86c9ce97f401837f3fa08c17b2cdadc118253cf99" + +inherit lib_package multilib_header ptest + +#| engines/afalg/e_afalg.c: In function 'eventfd': +#| engines/afalg/e_afalg.c:110:20: error: '__NR_eventfd' undeclared (first use in this function) +#| return syscall(__NR_eventfd, n); +#| ^~~~~~~~~~~~ +EXTRA_OECONF_append_aarch64 = " no-afalgeng" + +#| ./libcrypto.so: undefined reference to `getcontext' +#| ./libcrypto.so: undefined reference to `setcontext' +#| ./libcrypto.so: undefined reference to `makecontext' +EXTRA_OECONF_append_libc-musl = " -DOPENSSL_NO_ASYNC" + +do_configure () { + os=${HOST_OS} + case $os in + linux-gnueabi |\ + linux-gnuspe |\ + linux-musleabi |\ + linux-muslspe |\ + linux-musl ) + os=linux + ;; + *) + ;; + esac + target="$os-${HOST_ARCH}" + case $target in + linux-arm) + target=linux-armv4 + ;; + linux-armeb) + target=linux-armv4 + ;; + linux-aarch64*) + target=linux-aarch64 + ;; + linux-sh3) + target=linux-generic32 + ;; + linux-sh4) + target=linux-generic32 + ;; + linux-i486) + target=linux-elf + ;; + linux-i586 | linux-viac3) + target=linux-elf + ;; + linux-i686) + target=linux-elf + ;; + linux-gnux32-x86_64 | linux-muslx32-x86_64 ) + target=linux-x32 + ;; + linux-gnu64-x86_64) + target=linux-x86_64 + ;; + linux-mips) + # specifying TARGET_CC_ARCH prevents openssl from (incorrectly) adding target architecture flags + target="linux-mips32 ${TARGET_CC_ARCH}" + ;; + linux-mipsel) + target="linux-mips32 ${TARGET_CC_ARCH}" + ;; + linux-gnun32-mips*) + target=linux-mips64 + ;; + linux-*-mips64 | linux-mips64) + target=linux64-mips64 + ;; + linux-*-mips64el | linux-mips64el) + target=linux64-mips64 + ;; + linux-microblaze*|linux-nios2*) + target=linux-generic32 + ;; + linux-powerpc) + target=linux-ppc + ;; + linux-powerpc64) + target=linux-ppc64 + ;; + linux-riscv32) + target=linux-generic32 + ;; + linux-riscv64) + target=linux-generic64 + ;; + linux-supersparc) + target=linux-sparcv9 + ;; + linux-sparc) + target=linux-sparcv9 + ;; + darwin-i386) + target=darwin-i386-cc + ;; + esac + + useprefix=${prefix} + if [ "x$useprefix" = "x" ]; then + useprefix=/ + fi + libdirleaf="$(echo ${libdir} | sed s:$useprefix::)" + perl ./Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} --prefix=$useprefix --openssldir=${libdir}/ssl-1.1 --libdir=$libdirleaf $target +} + +do_install () { + oe_runmake DESTDIR="${D}" MANDIR="${mandir}" MANSUFFIX=ssl install + oe_multilib_header openssl/opensslconf.h +} + +do_install_append_class-native () { + # Install a custom version of c_rehash that can handle sysroots properly. + # This version is used for example when installing ca-certificates during + # image creation. + install -Dm 0755 ${WORKDIR}/openssl-c_rehash.sh ${D}${bindir}/c_rehash + sed -i -e 's,/etc/openssl,${sysconfdir}/ssl,g' ${D}${bindir}/c_rehash +} + +do_install_append_class-nativesdk () { + mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d + install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh +} + +do_install_ptest() { + cp -r * ${D}${PTEST_PATH} + + # Putting .so files in ptest package will mess up the dependencies of the main openssl package + # so we rename them to .so.ptest and patch the test accordingly + mv ${D}${PTEST_PATH}/libcrypto.so ${D}${PTEST_PATH}/libcrypto.so.ptest + mv ${D}${PTEST_PATH}/libssl.so ${D}${PTEST_PATH}/libssl.so.ptest + sed -i 's/$target{shared_extension_simple}/".so.ptest"/' ${D}${PTEST_PATH}/test/recipes/90-test_shlibload.t +} + +PACKAGES =+ "${PN}-engines" + +FILES_${PN} =+ "${libdir}/ssl-1.1/*" +FILES_${PN}_append_class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh" +FILES_${PN}-engines = "${libdir}/engines-1.1" + +RDEPENDS_${PN}-ptest += "perl-module-file-spec-functions bash python" + +BBCLASSEXTEND = "native nativesdk" |