diff options
Diffstat (limited to 'poky/meta/recipes-connectivity/openssl')
-rw-r--r-- | poky/meta/recipes-connectivity/openssl/openssl/0001-Fix-broken-change-from-b3d113e.patch | 35 | ||||
-rw-r--r-- | poky/meta/recipes-connectivity/openssl/openssl/0001-Fix-build-error-for-aarch64-big-endian.patch | 43 | ||||
-rw-r--r-- | poky/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb (renamed from poky/meta/recipes-connectivity/openssl/openssl_1.1.1c.bb) | 12 |
3 files changed, 5 insertions, 85 deletions
diff --git a/poky/meta/recipes-connectivity/openssl/openssl/0001-Fix-broken-change-from-b3d113e.patch b/poky/meta/recipes-connectivity/openssl/openssl/0001-Fix-broken-change-from-b3d113e.patch deleted file mode 100644 index 6b4789fc7..000000000 --- a/poky/meta/recipes-connectivity/openssl/openssl/0001-Fix-broken-change-from-b3d113e.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 711a161f03ef9ed7cd149a22bf1203700c103e96 Mon Sep 17 00:00:00 2001 -From: Pauli <paul.dale@oracle.com> -Date: Fri, 29 Mar 2019 09:24:07 +1000 -Subject: [PATCH] Fix broken change from b3d113e. - -Reviewed-by: Tim Hudson <tjh@openssl.org> -(Merged from https://github.com/openssl/openssl/pull/8606) - -Running valgrind against code using Openssl v1.1.1c reports a large number of -uninitialized memory errors. This fix from upstream solves this problem. - -Upstream-Status: Backport [https://github.com/openssl/openssl/commit/711a161f03ef9ed7cd149a22bf1203700c103e96] -Signed-off-by: Laurent Bonnans <laurent.bonnans@here.com> ---- - crypto/rand/rand_lib.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c -index 23abbde156..a298b7515b 100644 ---- a/crypto/rand/rand_lib.c -+++ b/crypto/rand/rand_lib.c -@@ -235,8 +235,9 @@ size_t rand_drbg_get_nonce(RAND_DRBG *drbg, - struct { - void * instance; - int count; -- } data = { NULL, 0 }; -+ } data; - -+ memset(&data, 0, sizeof(data)); - pool = rand_pool_new(0, min_len, max_len); - if (pool == NULL) - return 0; --- -2.20.1 - diff --git a/poky/meta/recipes-connectivity/openssl/openssl/0001-Fix-build-error-for-aarch64-big-endian.patch b/poky/meta/recipes-connectivity/openssl/openssl/0001-Fix-build-error-for-aarch64-big-endian.patch deleted file mode 100644 index 9a90a68cf..000000000 --- a/poky/meta/recipes-connectivity/openssl/openssl/0001-Fix-build-error-for-aarch64-big-endian.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 1f8c0f2feea5cdcae0bcd9dfc78198d9e2c4cf09 Mon Sep 17 00:00:00 2001 -From: Lei Maohui <leimaohui@cn.fujitsu.com> -Date: Thu, 13 Jun 2019 12:17:30 +0900 -Subject: [PATCH] Fix build error for aarch64 big endian. - -Modified rev to rev64, because rev only takes integer registers. -https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90827 -Otherwise, the following error will occur. - -Error: operand 1 must be an integer register -- `rev v31.16b,v31.16b' - -Upstream-Status: Submitted [https://github.com/openssl/openssl/pull/9151] - -Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com> ---- - crypto/sha/asm/keccak1600-armv8.pl | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/crypto/sha/asm/keccak1600-armv8.pl b/crypto/sha/asm/keccak1600-armv8.pl -index dc72f18..6620690 100755 ---- a/crypto/sha/asm/keccak1600-armv8.pl -+++ b/crypto/sha/asm/keccak1600-armv8.pl -@@ -731,7 +731,7 @@ $code.=<<___; - blo .Lprocess_block_ce - ldr d31,[$inp],#8 // *inp++ - #ifdef __AARCH64EB__ -- rev v31.16b,v31.16b -+ rev64 v31.16b,v31.16b - #endif - eor $A[$j/5][$j%5],$A[$j/5][$j%5],v31.16b - beq .Lprocess_block_ce -@@ -740,7 +740,7 @@ ___ - $code.=<<___; - ldr d31,[$inp],#8 // *inp++ - #ifdef __AARCH64EB__ -- rev v31.16b,v31.16b -+ rev64 v31.16b,v31.16b - #endif - eor $A[4][4],$A[4][4],v31.16b - --- -2.7.4 - diff --git a/poky/meta/recipes-connectivity/openssl/openssl_1.1.1c.bb b/poky/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb index 75159ac72..072f727e0 100644 --- a/poky/meta/recipes-connectivity/openssl/openssl_1.1.1c.bb +++ b/poky/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb @@ -16,16 +16,14 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ file://0001-skip-test_symbol_presence.patch \ file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ file://afalg.patch \ - file://0001-Fix-build-error-for-aarch64-big-endian.patch \ - file://0001-Fix-broken-change-from-b3d113e.patch \ " SRC_URI_append_class-nativesdk = " \ file://environment.d-openssl.sh \ " -SRC_URI[md5sum] = "15e21da6efe8aa0e0768ffd8cd37a5f6" -SRC_URI[sha256sum] = "f6fb3079ad15076154eda9413fed42877d668e7069d9b87396d0804fdb3f4c90" +SRC_URI[md5sum] = "3be209000dbc7e1b95bcdf47980a3baa" +SRC_URI[sha256sum] = "1e3a91bc1f9dfce01af26026f856e064eab4c8ee0a8f457b5ae30b40b8b711f2" inherit lib_package multilib_header multilib_script ptest MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" @@ -45,10 +43,10 @@ do_configure[cleandirs] = "${B}" EXTRA_OECONF_append_libc-musl = " no-async" EXTRA_OECONF_append_libc-musl_powerpc64 = " no-asm" -# This prevents openssl from using getrandom() which is not available on older glibc versions +# adding devrandom prevents openssl from using getrandom() which is not available on older glibc versions # (native versions can be built with newer glibc, but then relocated onto a system with older glibc) -EXTRA_OECONF_class-native = "--with-rand-seed=devrandom" -EXTRA_OECONF_class-nativesdk = "--with-rand-seed=devrandom" +EXTRA_OECONF_class-native = "--with-rand-seed=os,devrandom" +EXTRA_OECONF_class-nativesdk = "--with-rand-seed=os,devrandom" # Relying on hardcoded built-in paths causes openssl-native to not be relocateable from sstate. CFLAGS_append_class-native = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin" |