From patchwork Tue May 22 12:03:08 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Richard via openwrt-devel X-Patchwork-Id: 918220 X-Patchwork-Delegate: blogic@openwrt.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=lists.openwrt.org Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="IC0GHm27"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40qvRs0jPVz9s55 for ; Tue, 22 May 2018 22:03:21 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Date:Sender:Content-Type: Subject:List-Help:Reply-To:List-Archive:List-Unsubscribe:List-Subscribe:Cc: From:List-Post:List-Id:Message-ID:MIME-Version:References:In-Reply-To:To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=pCkdlO0E1jJeCFSAWHQTv2Z5S6BZCLY1Nm+Zv4LyyYk=; b=IC0GHm27k1bGa1G6jIMoUGrt7 8cj+22BjzurnaV1jt2Sic5uw3+7zdwaWRAJzHs61o87rOofLjZjvIxSmsU+q502ZeFkq8kXpa3j4P 7WzFNKQuy5Z5GT/yMqV0CQ8WSgjLafLTaO+p7ycyYWEEJkyUbNeCNe1EIBpiQ0deVI2d2e6N5syVy xJEIJs8SU0C05fVcIxE459Hzs0xzYXSF+BL2nRjGknKXGX8FHulQxb1P9idvj+Mal0+gTrjBLbBDr O77qZSJBQxoeixUXh9S0TTelY9Ylvunj/2lPjABwWnQY7umCpHiIb0u51tLeDP1S7Lwc3RZGb1jwd vjq1cLRSQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fL60S-000711-Ur; Tue, 22 May 2018 12:03:08 +0000 To: openwrt-devel@lists.openwrt.org In-Reply-To: <30f4d3c4-ed06-521a-28ee-d5b2e61ce667@phrozen.org> References: <30f4d3c4-ed06-521a-28ee-d5b2e61ce667@phrozen.org> MIME-Version: 1.0 Message-ID: List-Id: List-Post: X-Patchwork-Original-From: Eneas U de Queiroz via openwrt-devel From: Thomas Richard via openwrt-devel Precedence: list Cc: Eneas U de Queiroz , John Crispin X-Mailman-Version: 2.1.21 X-BeenThere: openwrt-devel@lists.openwrt.org List-Subscribe: , List-Unsubscribe: , List-Archive: Reply-To: Eneas U de Queiroz List-Help: Subject: [OpenWrt-Devel] [PATCH 1/4] openssl: Upgrade to 1.1.0h Sender: "openwrt-devel" Date: Tue, 22 May 2018 12:03:08 +0000 Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. This version brings major changes to the API, so many packages will need adjustments or version bumps. Signed-off-by: Eneas U de Queiroz --- package/libs/openssl/Config.in | 10 -- package/libs/openssl/Makefile | 51 ++---- .../libs/openssl/patches/110-openwrt_targets.patch | 26 +++ .../openssl/patches/110-optimize-for-size.patch | 16 -- package/libs/openssl/patches/130-perl-path.patch | 64 ------- .../libs/openssl/patches/140-makefile-dirs.patch | 11 -- package/libs/openssl/patches/150-no_engines.patch | 81 --------- .../openssl/patches/160-disable_doc_tests.patch | 58 ------- package/libs/openssl/patches/170-bash_path.patch | 8 - .../openssl/patches/180-fix_link_segfault.patch | 16 +- .../patches/190-remove_timestamp_check.patch | 23 --- .../libs/openssl/patches/200-parallel_build.patch | 184 --------------------- 12 files changed, 50 insertions(+), 498 deletions(-) create mode 100644 package/libs/openssl/patches/110-openwrt_targets.patch delete mode 100644 package/libs/openssl/patches/110-optimize-for-size.patch delete mode 100644 package/libs/openssl/patches/130-perl-path.patch delete mode 100644 package/libs/openssl/patches/140-makefile-dirs.patch delete mode 100644 package/libs/openssl/patches/150-no_engines.patch delete mode 100644 package/libs/openssl/patches/160-disable_doc_tests.patch delete mode 100644 package/libs/openssl/patches/170-bash_path.patch delete mode 100644 package/libs/openssl/patches/190-remove_timestamp_check.patch delete mode 100644 package/libs/openssl/patches/200-parallel_build.patch diff --git a/package/libs/openssl/Config.in b/package/libs/openssl/Config.in index 96d3ba3e9d..fdad98fdf6 100644 --- a/package/libs/openssl/Config.in +++ b/package/libs/openssl/Config.in @@ -10,11 +10,6 @@ config OPENSSL_WITH_EC2M depends on OPENSSL_WITH_EC prompt "Enable ec2m support" -config OPENSSL_WITH_SSL3 - bool - default n - prompt "Enable sslv3 support" - config OPENSSL_WITH_DEPRECATED bool default y @@ -30,11 +25,6 @@ config OPENSSL_WITH_COMPRESSION default n prompt "Enable compression support" -config OPENSSL_WITH_NPN - bool - default y - prompt "Enable NPN support" - config OPENSSL_WITH_PSK bool default y diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile index 8409730d70..ba6577d915 100644 --- a/package/libs/openssl/Makefile +++ b/package/libs/openssl/Makefile @@ -8,8 +8,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openssl -PKG_BASE:=1.0.2 -PKG_BUGFIX:=o +PKG_BASE:=1.1.0 +PKG_BUGFIX:=h PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX) PKG_RELEASE:=1 PKG_USE_MIPS16:=0 @@ -24,7 +24,7 @@ PKG_SOURCE_URL:= \ http://gd.tuwien.ac.at/infosys/security/openssl/source/ \ http://www.openssl.org/source/ \ http://www.openssl.org/source/old/$(PKG_BASE)/ -PKG_HASH:=ec3f5c9714ba0fd45cb4e087301eb1336c317e0d20b575a125050470e8089e4d +PKG_HASH:=5835626cde9e99656585fc7aaa2302a73a7e1340bf8c14fd635a62c66802a517 PKG_LICENSE:=OpenSSL PKG_LICENSE_FILES:=LICENSE @@ -34,12 +34,10 @@ PKG_CONFIG_DEPENDS:= \ CONFIG_OPENSSL_ENGINE_DIGEST \ CONFIG_OPENSSL_WITH_EC \ CONFIG_OPENSSL_WITH_EC2M \ - CONFIG_OPENSSL_WITH_SSL3 \ CONFIG_OPENSSL_HARDWARE_SUPPORT \ CONFIG_OPENSSL_WITH_DEPRECATED \ CONFIG_OPENSSL_WITH_DTLS \ CONFIG_OPENSSL_WITH_COMPRESSION \ - CONFIG_OPENSSL_WITH_NPN \ CONFIG_OPENSSL_WITH_PSK \ CONFIG_OPENSSL_WITH_SRP \ CONFIG_OPENSSL_OPTIMIZE_SPEED @@ -101,9 +99,8 @@ This package contains the OpenSSL command-line utility. endef -OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc5 no-sha0 no-camellia no-krb5 \ - no-whrlpool no-whirlpool no-seed no-jpake -OPENSSL_OPTIONS:= shared no-err no-sse2 no-ssl2 no-ssl2-method no-heartbeats +OPENSSL_NO_CIPHERS:= no-idea no-mdc2 no-camellia no-whirlpool no-seed +OPENSSL_OPTIONS:= shared no-err no-heartbeats ifdef CONFIG_OPENSSL_ENGINE_CRYPTO OPENSSL_OPTIONS += -DHAVE_CRYPTODEV @@ -111,7 +108,7 @@ ifdef CONFIG_OPENSSL_ENGINE_CRYPTO OPENSSL_OPTIONS += -DUSE_CRYPTODEV_DIGESTS endif else - OPENSSL_OPTIONS += no-engines + OPENSSL_OPTIONS += no-engine endif ifndef CONFIG_OPENSSL_WITH_EC @@ -122,10 +119,6 @@ ifndef CONFIG_OPENSSL_WITH_EC2M OPENSSL_OPTIONS += no-ec2m endif -ifndef CONFIG_OPENSSL_WITH_SSL3 - OPENSSL_OPTIONS += no-ssl3 no-ssl3-method -endif - ifndef CONFIG_OPENSSL_HARDWARE_SUPPORT OPENSSL_OPTIONS += no-hw endif @@ -144,10 +137,6 @@ else OPENSSL_OPTIONS += no-comp endif -ifndef CONFIG_OPENSSL_WITH_NPN - OPENSSL_OPTIONS += no-nextprotoneg -endif - ifndef CONFIG_OPENSSL_WITH_PSK OPENSSL_OPTIONS += no-psk endif @@ -164,16 +153,16 @@ ifeq ($(CONFIG_x86_64),y) OPENSSL_TARGET:=linux-x86_64-openwrt OPENSSL_MAKEFLAGS += LIBDIR=lib else - OPENSSL_OPTIONS+=no-sse2 + OPENSSL_OPTIONS+= no-sse2 ifeq ($(CONFIG_mips)$(CONFIG_mipsel),y) - OPENSSL_TARGET:=linux-mips-openwrt + OPENSSL_TARGET:=linux-mips32-openwrt else ifeq ($(CONFIG_aarch64),y) OPENSSL_TARGET:=linux-aarch64-openwrt else ifeq ($(CONFIG_arm)$(CONFIG_armeb),y) OPENSSL_TARGET:=linux-armv4-openwrt else OPENSSL_TARGET:=linux-generic-openwrt - OPENSSL_OPTIONS+=no-perlasm + OPENSSL_OPTIONS+= no-perlasm endif endif @@ -191,6 +180,7 @@ define Build/Configure $(TARGET_CPPFLAGS) \ $(TARGET_LDFLAGS) -ldl \ $(if $(CONFIG_OPENSSL_OPTIMIZE_SPEED),,-DOPENSSL_SMALL_FOOTPRINT) \ + -DOPENSSL_NO_ASYNC \ $(OPENSSL_NO_CIPHERS) \ $(OPENSSL_OPTIONS) \ ) @@ -215,29 +205,12 @@ define Build/Compile OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \ $(OPENSSL_MAKEFLAGS) \ all - +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \ - CROSS_COMPILE="$(TARGET_CROSS)" \ - CC="$(TARGET_CC)" \ - ASFLAGS="$(TARGET_ASFLAGS) -I$(PKG_BUILD_DIR)/crypto -c" \ - AR="$(TARGET_CROSS)ar r" \ - RANLIB="$(TARGET_CROSS)ranlib" \ - OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \ - $(OPENSSL_MAKEFLAGS) \ - build-shared - # Work around openssl build bug to link libssl.so with libcrypto.so. - -rm $(PKG_BUILD_DIR)/libssl.so.*.*.* - +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \ - CROSS_COMPILE="$(TARGET_CROSS)" \ - CC="$(TARGET_CC)" \ - OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \ - $(OPENSSL_MAKEFLAGS) \ - do_linux-shared $(MAKE) -C $(PKG_BUILD_DIR) \ CROSS_COMPILE="$(TARGET_CROSS)" \ CC="$(TARGET_CC)" \ - INSTALL_PREFIX="$(PKG_INSTALL_DIR)" \ + DESTDIR="$(PKG_INSTALL_DIR)" \ $(OPENSSL_MAKEFLAGS) \ - install + install_sw install_ssldirs endef define Build/InstallDev diff --git a/package/libs/openssl/patches/110-openwrt_targets.patch b/package/libs/openssl/patches/110-openwrt_targets.patch new file mode 100644 index 0000000000..bc74c8819f --- /dev/null +++ b/package/libs/openssl/patches/110-openwrt_targets.patch @@ -0,0 +1,26 @@ +--- /dev/null ++++ b/Configurations/25-openwrt.conf +@@ -0,0 +1,23 @@ ++%targets = ( ++ "linux-x86_64-openwrt" => { ++ inherit_from => [ "linux-x86_64" ], ++ cflags => add("\$(OPENWRT_OPTIMIZATION_FLAGS)"), ++ }, ++ "linux-aarch64-openwrt" => { ++ inherit_from => [ "linux-aarch64" ], ++ cflags => add("\$(OPENWRT_OPTIMIZATION_FLAGS)"), ++ }, ++ "linux-armv4-openwrt" => { ++ inherit_from => [ "linux-armv4" ], ++ cflags => add("\$(OPENWRT_OPTIMIZATION_FLAGS)"), ++ }, ++ "linux-mips32-openwrt" => { ++ inherit_from => [ "linux-mips32" ], ++ cflags => add("\$(OPENWRT_OPTIMIZATION_FLAGS)"), ++ }, ++ "linux-generic-openwrt" => { ++ inherit_from => [ "linux-generic" ], ++ cflags => add("\$(OPENWRT_OPTIMIZATION_FLAGS)"), ++ }, ++); ++ diff --git a/package/libs/openssl/patches/110-optimize-for-size.patch b/package/libs/openssl/patches/110-optimize-for-size.patch deleted file mode 100644 index d6d4a21111..0000000000 --- a/package/libs/openssl/patches/110-optimize-for-size.patch +++ /dev/null @@ -1,16 +0,0 @@ ---- a/Configure -+++ b/Configure -@@ -470,6 +470,13 @@ my %table=( - "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", - "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", - -+# OpenWrt targets -+"linux-armv4-openwrt","gcc:-DTERMIOS \$(OPENWRT_OPTIMIZATION_FLAGS) -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-aarch64-openwrt","gcc:-DTERMIOS \$(OPENWRT_OPTIMIZATION_FLAGS) -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${aarch64_asm}:linux64:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-x86_64-openwrt", "gcc:-m64 -DL_ENDIAN -DTERMIOS \$(OPENWRT_OPTIMIZATION_FLAGS) -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", -+"linux-mips-openwrt","gcc:-DTERMIOS \$(OPENWRT_OPTIMIZATION_FLAGS) -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-generic-openwrt","gcc:-DTERMIOS \$(OPENWRT_OPTIMIZATION_FLAGS) -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+ - # Android: linux-* but without pointers to headers and libs. - "android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:".eval{my $asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", diff --git a/package/libs/openssl/patches/130-perl-path.patch b/package/libs/openssl/patches/130-perl-path.patch deleted file mode 100644 index 2dbdc76010..0000000000 --- a/package/libs/openssl/patches/130-perl-path.patch +++ /dev/null @@ -1,64 +0,0 @@ ---- a/Configure -+++ b/Configure -@@ -1,4 +1,4 @@ --: -+#!/usr/bin/perl - eval 'exec perl -S $0 ${1+"$@"}' - if $running_under_some_shell; - ## ---- a/tools/c_rehash.in -+++ b/tools/c_rehash.in -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -+#!/usr/bin/perl - - # Perl c_rehash script, scan all files in a directory - # and add symbolic links to their hash values. ---- a/util/clean-depend.pl -+++ b/util/clean-depend.pl -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -w -+#!/usr/bin/perl - # Clean the dependency list in a makefile of standard includes... - # Written by Ben Laurie 19 Jan 1999 - ---- a/util/mkdef.pl -+++ b/util/mkdef.pl -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -w -+#!/usr/bin/perl - # - # generate a .def file - # ---- a/util/mkerr.pl -+++ b/util/mkerr.pl -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -w -+#!/usr/bin/perl - - my $config = "crypto/err/openssl.ec"; - my $hprefix = "openssl/"; ---- a/util/mkstack.pl -+++ b/util/mkstack.pl -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -w -+#!/usr/bin/perl - - # This is a utility that searches out "DECLARE_STACK_OF()" - # declarations in .h and .c files, and updates/creates/replaces ---- a/util/pod2man.pl -+++ b/util/pod2man.pl -@@ -1,4 +1,4 @@ --: #!/usr/bin/perl-5.005 -+#!/usr/bin/perl - eval 'exec /usr/bin/perl -S $0 ${1+"$@"}' - if $running_under_some_shell; - ---- a/util/selftest.pl -+++ b/util/selftest.pl -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -w -+#!/usr/bin/perl - # - # Run the test suite and generate a report - # diff --git a/package/libs/openssl/patches/140-makefile-dirs.patch b/package/libs/openssl/patches/140-makefile-dirs.patch deleted file mode 100644 index 83c412f444..0000000000 --- a/package/libs/openssl/patches/140-makefile-dirs.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/Makefile.org -+++ b/Makefile.org -@@ -137,7 +137,7 @@ FIPSCANLIB= - - BASEADDR= - --DIRS= crypto ssl engines apps test tools -+DIRS= crypto ssl apps - ENGDIRS= ccgost - SHLIBDIRS= crypto ssl - diff --git a/package/libs/openssl/patches/150-no_engines.patch b/package/libs/openssl/patches/150-no_engines.patch deleted file mode 100644 index 102e7a3272..0000000000 --- a/package/libs/openssl/patches/150-no_engines.patch +++ /dev/null @@ -1,81 +0,0 @@ ---- a/Configure -+++ b/Configure -@@ -2136,6 +2136,11 @@ EOF - close(OUT); - } - -+# ugly hack to disable engines -+if($target eq "mingwx") { -+ system("sed -e s/^LIB/XLIB/g -i engines/Makefile"); -+} -+ - print < 19 Jan 1999 - diff --git a/package/libs/openssl/patches/180-fix_link_segfault.patch b/package/libs/openssl/patches/180-fix_link_segfault.patch index 3e36beb49c..703ab04108 100644 --- a/package/libs/openssl/patches/180-fix_link_segfault.patch +++ b/package/libs/openssl/patches/180-fix_link_segfault.patch @@ -1,18 +1,26 @@ --- a/Makefile.shared +++ b/Makefile.shared -@@ -95,7 +95,6 @@ LINK_APP= \ - LDCMD="$${LDCMD:-$(CC)}"; LDFLAGS="$${LDFLAGS:-$(CFLAGS)}"; \ +@@ -102,9 +102,7 @@ LINK_APP= \ + LDCMD="$${LDCMD:-$(CC)}"; LDFLAGS="$${LDFLAGS:-$(CFLAGS) $(LDFLAGS)}"; \ LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ +- echo LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ +- $${LDCMD} $${LDFLAGS} -o $${APPNAME:=$(APPNAME)} $(OBJECTS) $${LIBDEPS}; \ - LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ ++ echo $${LDCMD} $${LDFLAGS} -o $${APPNAME:=$(APPNAME)} $(OBJECTS) $${LIBDEPS}; \ $${LDCMD} $${LDFLAGS} -o $${APPNAME:=$(APPNAME)} $(OBJECTS) $${LIBDEPS} ) LINK_SO= \ -@@ -105,7 +104,6 @@ LINK_SO= \ +@@ -114,11 +112,9 @@ LINK_SO= \ SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ +- echo LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ +- $${SHAREDCMD} $${SHAREDFLAGS} \ ++ echo $${SHAREDCMD} $${SHAREDFLAGS} \ + -o $(SHLIBNAME_FULL) \ + $$ALLSYMSFLAGS $$SHOBJECTS $$NOALLSYMSFLAGS $$LIBDEPS; \ - LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ $${SHAREDCMD} $${SHAREDFLAGS} \ - -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ + -o $(SHLIBNAME_FULL) \ $$ALLSYMSFLAGS $$SHOBJECTS $$NOALLSYMSFLAGS $$LIBDEPS \ diff --git a/package/libs/openssl/patches/190-remove_timestamp_check.patch b/package/libs/openssl/patches/190-remove_timestamp_check.patch deleted file mode 100644 index 424e66063c..0000000000 --- a/package/libs/openssl/patches/190-remove_timestamp_check.patch +++ /dev/null @@ -1,23 +0,0 @@ ---- a/Makefile.org -+++ b/Makefile.org -@@ -185,7 +185,7 @@ TARFILE= ../$(NAME).tar - EXHEADER= e_os2.h - HEADER= e_os.h - --all: Makefile build_all -+all: build_all - - # as we stick to -e, CLEARENV ensures that local variables in lower - # Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn -@@ -404,11 +404,6 @@ openssl.pc: Makefile - echo 'Version: '$(VERSION); \ - echo 'Requires: libssl libcrypto' ) > openssl.pc - --Makefile: Makefile.org Configure config -- @echo "Makefile is older than Makefile.org, Configure or config." -- @echo "Reconfigure the source tree (via './config' or 'perl Configure'), please." -- @false -- - libclean: - rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib - diff --git a/package/libs/openssl/patches/200-parallel_build.patch b/package/libs/openssl/patches/200-parallel_build.patch deleted file mode 100644 index 0616551b6e..0000000000 --- a/package/libs/openssl/patches/200-parallel_build.patch +++ /dev/null @@ -1,184 +0,0 @@ ---- a/Makefile.org -+++ b/Makefile.org -@@ -282,17 +282,17 @@ build_libcrypto: build_crypto build_engi - build_libssl: build_ssl libssl.pc - - build_crypto: -- @dir=crypto; target=all; $(BUILD_ONE_CMD) -+ +@dir=crypto; target=all; $(BUILD_ONE_CMD) - build_ssl: build_crypto -- @dir=ssl; target=all; $(BUILD_ONE_CMD) -+ +@dir=ssl; target=all; $(BUILD_ONE_CMD) - build_engines: build_crypto -- @dir=engines; target=all; $(BUILD_ONE_CMD) -+ +@dir=engines; target=all; $(BUILD_ONE_CMD) - build_apps: build_libs -- @dir=apps; target=all; $(BUILD_ONE_CMD) -+ +@dir=apps; target=all; $(BUILD_ONE_CMD) - build_tests: build_libs -- @dir=test; target=all; $(BUILD_ONE_CMD) -+ +@dir=test; target=all; $(BUILD_ONE_CMD) - build_tools: build_libs -- @dir=tools; target=all; $(BUILD_ONE_CMD) -+ +@dir=tools; target=all; $(BUILD_ONE_CMD) - - all_testapps: build_libs build_testapps - build_testapps: -@@ -473,7 +473,7 @@ update: errors stacks util/libeay.num ut - @set -e; target=update; $(RECURSIVE_BUILD_CMD) - - depend: -- @set -e; target=depend; $(RECURSIVE_BUILD_CMD) -+ +@set -e; target=depend; $(RECURSIVE_BUILD_CMD) - - lint: - @set -e; target=lint; $(RECURSIVE_BUILD_CMD) -@@ -535,9 +535,9 @@ dist: - @$(MAKE) SDIRS='$(SDIRS)' clean - @$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar - --install: all install_sw -+install: install_sw - --install_sw: -+install_dirs: - @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ - $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \ - $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \ -@@ -546,12 +546,19 @@ install_sw: - $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ - $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ - $(INSTALL_PREFIX)$(OPENSSLDIR)/private -+ @$(PERL) $(TOP)/util/mkdir-p.pl \ -+ $(INSTALL_PREFIX)$(MANDIR)/man1 \ -+ $(INSTALL_PREFIX)$(MANDIR)/man3 \ -+ $(INSTALL_PREFIX)$(MANDIR)/man5 \ -+ $(INSTALL_PREFIX)$(MANDIR)/man7 -+ -+install_sw: install_dirs - @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @set -e; target=install; $(RECURSIVE_BUILD_CMD) -+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) - @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ - do \ - if [ -f "$$i" ]; then \ -@@ -635,12 +642,7 @@ install_html_docs: - done; \ - done - --install_docs: -- @$(PERL) $(TOP)/util/mkdir-p.pl \ -- $(INSTALL_PREFIX)$(MANDIR)/man1 \ -- $(INSTALL_PREFIX)$(MANDIR)/man3 \ -- $(INSTALL_PREFIX)$(MANDIR)/man5 \ -- $(INSTALL_PREFIX)$(MANDIR)/man7 -+install_docs: install_dirs - @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \ - here="`pwd`"; \ - filecase=; \ ---- a/Makefile.shared -+++ b/Makefile.shared -@@ -120,6 +120,7 @@ SYMLINK_SO= \ - done; \ - fi; \ - if [ -n "$$SHLIB_SOVER" ]; then \ -+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ - ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ - ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ - fi; \ ---- a/crypto/Makefile -+++ b/crypto/Makefile -@@ -85,11 +85,11 @@ testapps: - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - - subdirs: -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO -- @target=files; $(RECURSIVE_MAKE) -+ +@target=files; $(RECURSIVE_MAKE) - - links: - @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) -@@ -100,7 +100,7 @@ links: - # lib: $(LIB): are splitted to avoid end-less loop - lib: $(LIB) - @touch lib --$(LIB): $(LIBOBJ) -+$(LIB): $(LIBOBJ) | subdirs - $(AR) $(LIB) $(LIBOBJ) - test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o - $(RANLIB) $(LIB) || echo Never mind. -@@ -111,7 +111,7 @@ shared: buildinf.h lib subdirs - fi - - libs: -- @target=lib; $(RECURSIVE_MAKE) -+ +@target=lib; $(RECURSIVE_MAKE) - - install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... -@@ -120,7 +120,7 @@ install: - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - lint: - @target=lint; $(RECURSIVE_MAKE) ---- a/engines/Makefile -+++ b/engines/Makefile -@@ -72,7 +72,7 @@ top: - - all: lib subdirs - --lib: $(LIBOBJ) -+lib: $(LIBOBJ) | subdirs - @if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ - for l in $(LIBNAMES); do \ -@@ -89,7 +89,7 @@ lib: $(LIBOBJ) - - subdirs: - echo $(EDIRS) -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO -@@ -128,7 +128,7 @@ install: - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ - done; \ - fi -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - tags: - ctags $(SRC) ---- a/test/Makefile -+++ b/test/Makefile -@@ -145,7 +145,7 @@ install: - tags: - ctags $(SRC) - --tests: exe apps $(TESTS) -+tests: exe $(TESTS) - - apps: - @(cd ..; $(MAKE) DIRS=apps all) -@@ -586,7 +586,7 @@ $(DTLSTEST)$(EXE_EXT): $(DTLSTEST).o ssl - # fi - - dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) -- @target=dummytest; $(BUILD_CMD) -+ +@target=dummytest; $(BUILD_CMD) - - # DO NOT DELETE THIS LINE -- make depend depends on it. - From patchwork Tue May 22 12:02:52 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Richard via openwrt-devel X-Patchwork-Id: 918219 X-Patchwork-Delegate: blogic@openwrt.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=lists.openwrt.org Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="t9gjcBbu"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40qvRN3cSTz9s55 for ; Tue, 22 May 2018 22:02:56 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Date:Sender:Content-Type: Subject:List-Help:Reply-To:List-Archive:List-Unsubscribe:List-Subscribe:Cc: From:List-Post:List-Id:Message-ID:MIME-Version:References:In-Reply-To:To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=KS97Ll99tQuJHUK1gJKa2SwtSw1ZqGqCd5Ir8d8Djms=; b=t9gjcBbusX4go0u5uGHyna6Vv 22/7ZekDvQPtXn8nWWWEdC6w+zGAsHnI08WtjRTUH2F5BBpUky1qw3ujYmqjDQ2hJybzK4xPgBYX8 y7FZsJtzBedz8GpKfN7FC91O3/RVLec2/h4eEExiWlqUtKs2QSGNEvFNivJ9+G10ShsLoSGJDafZi M0cQlCbMIaQvP3eKCl5JgrbdFL3uolzBoJ+0ztFLfk3/78gDn3D6PXz/j+SXqqtLAfvEgZqHKTzsK wvV8kYPNDPKpwGfPqzzEEtgFsv/ndrpK+1IYBfRURRvucFTcku76Th53Cripf8ekHad/TPxNHBBzQ dNHuZYKaw==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fL60C-0006qv-61; Tue, 22 May 2018 12:02:52 +0000 To: openwrt-devel@lists.openwrt.org In-Reply-To: <20180522120215.13360-1-cote2004-github@yahoo.com> References: <30f4d3c4-ed06-521a-28ee-d5b2e61ce667@phrozen.org> <20180522120215.13360-1-cote2004-github@yahoo.com> MIME-Version: 1.0 Message-ID: List-Id: List-Post: X-Patchwork-Original-From: Eneas U de Queiroz via openwrt-devel From: Thomas Richard via openwrt-devel Precedence: list Cc: Eneas U de Queiroz , John Crispin X-Mailman-Version: 2.1.21 X-BeenThere: openwrt-devel@lists.openwrt.org List-Subscribe: , List-Unsubscribe: , List-Archive: Reply-To: Eneas U de Queiroz List-Help: Subject: [OpenWrt-Devel] [PATCH 2/4] libevent2: Make it build using OpenSSL 1.1.0 Sender: "openwrt-devel" Date: Tue, 22 May 2018 12:02:52 +0000 Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. This is a backport of @kroeckx patch that was merged in libevent release-2.1.7-rc. Signed-off-by: Eneas U de Queiroz --- .../0001-Make-it-build-using-OpenSSL-1.1.0.patch | 202 +++++++++++++++++++++ 1 file changed, 202 insertions(+) create mode 100644 package/libs/libevent2/patches/0001-Make-it-build-using-OpenSSL-1.1.0.patch diff --git a/package/libs/libevent2/patches/0001-Make-it-build-using-OpenSSL-1.1.0.patch b/package/libs/libevent2/patches/0001-Make-it-build-using-OpenSSL-1.1.0.patch new file mode 100644 index 0000000000..fb9ad06eb6 --- /dev/null +++ b/package/libs/libevent2/patches/0001-Make-it-build-using-OpenSSL-1.1.0.patch @@ -0,0 +1,202 @@ +From 9982da6a9ed9156172bb09e18c54cd94e5ceb9a4 Mon Sep 17 00:00:00 2001 +From: Eneas U de Queiroz +Date: Mon, 21 May 2018 10:23:52 -0300 +Subject: [PATCH] Make it build using OpenSSL 1.1.0 + +This is a backport of @kroeckx patch that was merged in +release-2.1.7-rc: + + Rebased (azat): + - tabs instead of whitespaces + - make openssl-compat.h safe for complex expressions + - do not call sk_SSL_COMP_free() in 1.1 (fixes double free) + +Signed-off-by: Eneas U de Queiroz +--- + bufferevent_openssl.c | 62 +++++++++++++++++++++++++-------------------------- + openssl-compat.h | 33 +++++++++++++++++++++++++++ + 2 files changed, 63 insertions(+), 32 deletions(-) + create mode 100644 openssl-compat.h + +diff --git a/bufferevent_openssl.c b/bufferevent_openssl.c +index 7582d9b4..5b177f0b 100644 +--- a/bufferevent_openssl.c ++++ b/bufferevent_openssl.c +@@ -60,6 +60,7 @@ + #include + #include + #include ++#include "openssl-compat.h" + + /* + * Define an OpenSSL bio that targets a bufferevent. +@@ -103,10 +104,8 @@ print_err(int val) + static int + bio_bufferevent_new(BIO *b) + { +- b->init = 0; +- b->num = -1; +- b->ptr = NULL; /* We'll be putting the bufferevent in this field.*/ +- b->flags = 0; ++ BIO_set_init(b, 0); ++ BIO_set_data(b, NULL); /* We'll be putting the bufferevent in this field.*/ + return 1; + } + +@@ -116,12 +115,10 @@ bio_bufferevent_free(BIO *b) + { + if (!b) + return 0; +- if (b->shutdown) { +- if (b->init && b->ptr) +- bufferevent_free(b->ptr); +- b->init = 0; +- b->flags = 0; +- b->ptr = NULL; ++ if (BIO_get_shutdown(b)) { ++ if (BIO_get_init(b) && BIO_get_data(b)) ++ bufferevent_free(BIO_get_data(b)); ++ BIO_free(b); + } + return 1; + } +@@ -137,10 +134,10 @@ bio_bufferevent_read(BIO *b, char *out, int outlen) + + if (!out) + return 0; +- if (!b->ptr) ++ if (!BIO_get_data(b)) + return -1; + +- input = bufferevent_get_input(b->ptr); ++ input = bufferevent_get_input(BIO_get_data(b)); + if (evbuffer_get_length(input) == 0) { + /* If there's no data to read, say so. */ + BIO_set_retry_read(b); +@@ -156,13 +153,13 @@ bio_bufferevent_read(BIO *b, char *out, int outlen) + static int + bio_bufferevent_write(BIO *b, const char *in, int inlen) + { +- struct bufferevent *bufev = b->ptr; ++ struct bufferevent *bufev = BIO_get_data(b); + struct evbuffer *output; + size_t outlen; + + BIO_clear_retry_flags(b); + +- if (!b->ptr) ++ if (!BIO_get_data(b)) + return -1; + + output = bufferevent_get_output(bufev); +@@ -188,15 +185,15 @@ bio_bufferevent_write(BIO *b, const char *in, int inlen) + static long + bio_bufferevent_ctrl(BIO *b, int cmd, long num, void *ptr) + { +- struct bufferevent *bufev = b->ptr; ++ struct bufferevent *bufev = BIO_get_data(b); + long ret = 1; + + switch (cmd) { + case BIO_CTRL_GET_CLOSE: +- ret = b->shutdown; ++ ret = BIO_get_shutdown(b); + break; + case BIO_CTRL_SET_CLOSE: +- b->shutdown = (int)num; ++ BIO_set_shutdown(b, (int)num); + break; + case BIO_CTRL_PENDING: + ret = evbuffer_get_length(bufferevent_get_input(bufev)) != 0; +@@ -225,23 +222,24 @@ bio_bufferevent_puts(BIO *b, const char *s) + } + + /* Method table for the bufferevent BIO */ +-static BIO_METHOD methods_bufferevent = { +- BIO_TYPE_LIBEVENT, "bufferevent", +- bio_bufferevent_write, +- bio_bufferevent_read, +- bio_bufferevent_puts, +- NULL /* bio_bufferevent_gets */, +- bio_bufferevent_ctrl, +- bio_bufferevent_new, +- bio_bufferevent_free, +- NULL /* callback_ctrl */, +-}; ++static BIO_METHOD *methods_bufferevent; + + /* Return the method table for the bufferevents BIO */ + static BIO_METHOD * + BIO_s_bufferevent(void) + { +- return &methods_bufferevent; ++ if (methods_bufferevent == NULL) { ++ methods_bufferevent = BIO_meth_new(BIO_TYPE_LIBEVENT, "bufferevent"); ++ if (methods_bufferevent == NULL) ++ return NULL; ++ BIO_meth_set_write(methods_bufferevent, bio_bufferevent_write); ++ BIO_meth_set_read(methods_bufferevent, bio_bufferevent_read); ++ BIO_meth_set_puts(methods_bufferevent, bio_bufferevent_puts); ++ BIO_meth_set_ctrl(methods_bufferevent, bio_bufferevent_ctrl); ++ BIO_meth_set_create(methods_bufferevent, bio_bufferevent_new); ++ BIO_meth_set_destroy(methods_bufferevent, bio_bufferevent_free); ++ } ++ return methods_bufferevent; + } + + /* Create a new BIO to wrap communication around a bufferevent. If close_flag +@@ -254,9 +252,9 @@ BIO_new_bufferevent(struct bufferevent *bufferevent, int close_flag) + return NULL; + if (!(result = BIO_new(BIO_s_bufferevent()))) + return NULL; +- result->init = 1; +- result->ptr = bufferevent; +- result->shutdown = close_flag ? 1 : 0; ++ BIO_set_init(result, 1); ++ BIO_set_data(result, bufferevent); ++ BIO_set_shutdown(result, close_flag ? 1 : 0); + return result; + } + +diff --git a/openssl-compat.h b/openssl-compat.h +new file mode 100644 +index 00000000..628f5661 +--- /dev/null ++++ b/openssl-compat.h +@@ -0,0 +1,33 @@ ++#ifndef OPENSSL_COMPAT_H ++#define OPENSSL_COMPAT_H ++ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ ++static BIO_METHOD *BIO_meth_new(int type, const char *name) ++{ ++ BIO_METHOD *biom = calloc(1, sizeof(BIO_METHOD)); ++ ++ if (biom != NULL) { ++ biom->type = type; ++ biom->name = name; ++ } ++ return biom; ++} ++ ++#define BIO_meth_set_write(b, f) (b)->bwrite = (f) ++#define BIO_meth_set_read(b, f) (b)->bread = (f) ++#define BIO_meth_set_puts(b, f) (b)->bputs = (f) ++#define BIO_meth_set_ctrl(b, f) (b)->ctrl = (f) ++#define BIO_meth_set_create(b, f) (b)->create = (f) ++#define BIO_meth_set_destroy(b, f) (b)->destroy = (f) ++ ++#define BIO_set_init(b, val) (b)->init = (val) ++#define BIO_set_data(b, val) (b)->ptr = (val) ++#define BIO_set_shutdown(b, val) (b)->shutdown = (val) ++#define BIO_get_init(b) (b)->init ++#define BIO_get_data(b) (b)->ptr ++#define BIO_get_shutdown(b) (b)->shutdown ++ ++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ ++ ++#endif /* OPENSSL_COMPAT_H */ +-- +2.16.1 + From patchwork Tue May 22 12:03:38 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Richard via openwrt-devel X-Patchwork-Id: 918221 X-Patchwork-Delegate: blogic@openwrt.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=lists.openwrt.org Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="HSJ2r4AN"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40qvSH6HGRz9s55 for ; Tue, 22 May 2018 22:03:43 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Date:Sender:Content-Type: Subject:List-Help:Reply-To:List-Archive:List-Unsubscribe:List-Subscribe:Cc: From:List-Post:List-Id:Message-ID:MIME-Version:References:In-Reply-To:To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=QX8CkSIHDJQHrDv5EOBXftMqgiBR9fBtWEP59MudoTI=; b=HSJ2r4AN9Qg5sxzMPotr4AbVL gUaovRY6+7DIaAJEBA8Xu1TZ7RF15BDdrXfr1A5mpz2p0J7Es3LnRJsRdws2P2fRxKr07kwLgabZa 28Sz5B6Hx50hXvY/FN/42lf7u9j/annXauqPZ/w/lNWA8vktyv6FIA5ZH3dfs7N2PA4KyHba7J576 i+DCc4w+Cv2Hw9bX/Q10bm+Sn2XHFa9pQGgSNigM9uh+RNIzaFoX3e9ahPJxKVW5/hjRftzbFyh9s Hczd5qIzcUpusNKwVjddkI+cDNDyzwhuwT0gSpEqzd95nc0doD+yrt+1MjjOFmHZuuSYn8Qr+6coG XCO/vyqsA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fL60w-0007Mi-6b; Tue, 22 May 2018 12:03:38 +0000 To: openwrt-devel@lists.openwrt.org In-Reply-To: <20180522120215.13360-1-cote2004-github@yahoo.com> References: <30f4d3c4-ed06-521a-28ee-d5b2e61ce667@phrozen.org> <20180522120215.13360-1-cote2004-github@yahoo.com> MIME-Version: 1.0 Message-ID: List-Id: List-Post: X-Patchwork-Original-From: Eneas U de Queiroz via openwrt-devel From: Thomas Richard via openwrt-devel Precedence: list Cc: Eneas U de Queiroz , John Crispin X-Mailman-Version: 2.1.21 X-BeenThere: openwrt-devel@lists.openwrt.org List-Subscribe: , List-Unsubscribe: , List-Archive: Reply-To: Eneas U de Queiroz List-Help: Subject: [OpenWrt-Devel] [PATCH 3/4] adb: added patch for openssl 1.1.0 compatibility Sender: "openwrt-devel" Date: Tue, 22 May 2018 12:03:38 +0000 Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. Signed-off-by: Eneas U de Queiroz --- package/utils/adb/patches/010-openssl-1.1.patch | 28 +++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 package/utils/adb/patches/010-openssl-1.1.patch diff --git a/package/utils/adb/patches/010-openssl-1.1.patch b/package/utils/adb/patches/010-openssl-1.1.patch new file mode 100644 index 0000000000..e4df372a34 --- /dev/null +++ b/package/utils/adb/patches/010-openssl-1.1.patch @@ -0,0 +1,28 @@ +--- a/adb/adb_auth_host.c ++++ b/adb/adb_auth_host.c +@@ -83,7 +83,13 @@ static int RSA_to_RSAPublicKey(RSA *rsa, + } + + BN_set_bit(r32, 32); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ const BIGNUM *rsa_n, *rsa_e; ++ RSA_get0_key(rsa, &rsa_n, &rsa_e, NULL); ++ BN_copy(n, rsa_n); ++#else + BN_copy(n, rsa->n); ++#endif + BN_set_bit(r, RSANUMWORDS * 32); + BN_mod_sqr(rr, r, n, ctx); + BN_div(NULL, rem, n, r32, ctx); +@@ -97,7 +103,11 @@ static int RSA_to_RSAPublicKey(RSA *rsa, + BN_div(n, rem, n, r32, ctx); + pkey->n[i] = BN_get_word(rem); + } ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ pkey->exponent = BN_get_word(rsa_e); ++#else + pkey->exponent = BN_get_word(rsa->e); ++#endif + + out: + BN_free(n0inv); From patchwork Tue May 22 12:04:07 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Richard via openwrt-devel X-Patchwork-Id: 918222 X-Patchwork-Delegate: blogic@openwrt.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=lists.openwrt.org Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="If8Jo54d"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40qvSp6kWzz9s55 for ; Tue, 22 May 2018 22:04:10 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Date:Sender:Content-Type: Subject:List-Help:Reply-To:List-Archive:List-Unsubscribe:List-Subscribe:Cc: From:List-Post:List-Id:Message-ID:MIME-Version:References:In-Reply-To:To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=dqKImjtxuPPhBFY/W7H3TZxdLl549klZHk/QVyoRQ4A=; b=If8Jo54d4QYuZ527QkyhT/P4W MCnsmqgTysoNk3nQUlpU/V0dKAukGy/qvhY0t5J5lzJsYu2NLGrc49rMwNkiUeiVMfbIOvSC0uO9r MP9Ic6XhCy+R89WShRkDgecnRV7Q9qj27y8KDOnbdZP+39PxNVpB8p8MlkK3px9lj9YQRa12VRNzY G0nymjKP3u4jqlYA2iLPp4eLfqXX0juC2yAN54USTSH9/2WhnzlEIajIkoD00W59ItVgW7qARPXiB 0bAvMACFYJxoc6rWfiDFJyMhQhtpjm80D3sj8w2FLCJ1nPzmJVnegrNommEKfAW3Gi5UVhLr6viSz cLLyYK9XQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fL61P-0007c3-5t; Tue, 22 May 2018 12:04:07 +0000 To: openwrt-devel@lists.openwrt.org In-Reply-To: <20180522120215.13360-1-cote2004-github@yahoo.com> References: <30f4d3c4-ed06-521a-28ee-d5b2e61ce667@phrozen.org> <20180522120215.13360-1-cote2004-github@yahoo.com> MIME-Version: 1.0 Message-ID: List-Id: List-Post: X-Patchwork-Original-From: Eneas U de Queiroz via openwrt-devel From: Thomas Richard via openwrt-devel Precedence: list Cc: Eneas U de Queiroz , John Crispin X-Mailman-Version: 2.1.21 X-BeenThere: openwrt-devel@lists.openwrt.org List-Subscribe: , List-Unsubscribe: , List-Archive: Reply-To: Eneas U de Queiroz List-Help: Subject: [OpenWrt-Devel] [PATCH 4/4] ustream-ssl: openssl-1.1 compatibility Sender: "openwrt-devel" Date: Tue, 22 May 2018 12:04:07 +0000 Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. Patch to compile ustream-ssl with openssl-1.1.0. Signed-off-by: Eneas U de Queiroz --- ustream-io-openssl.c | 37 +++++++++++++++++++++++++++++++++++++ ustream-openssl.c | 12 +++++++++++- 2 files changed, 48 insertions(+), 1 deletion(-) diff --git a/ustream-io-openssl.c b/ustream-io-openssl.c index 6711055..73a2ba6 100644 --- a/ustream-io-openssl.c +++ b/ustream-io-openssl.c @@ -26,10 +26,16 @@ static int s_ustream_new(BIO *b) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + BIO_set_init(b, 1); + BIO_set_data(b, NULL); + BIO_set_shutdown(b, 0); +#else b->init = 1; b->num = 0; b->ptr = NULL; b->flags = 0; +#endif return 1; } @@ -39,9 +45,15 @@ s_ustream_free(BIO *b) if (!b) return 0; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + BIO_set_data(b, NULL); + BIO_set_init(b, 0); + BIO_set_shutdown(b, 0); +#else b->ptr = NULL; b->init = 0; b->flags = 0; +#endif return 1; } @@ -55,7 +67,11 @@ s_ustream_read(BIO *b, char *buf, int len) if (!buf || len <= 0) return 0; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + s = (struct ustream *)BIO_get_data(b); +#else s = (struct ustream *)b->ptr; +#endif if (!s) return 0; @@ -84,7 +100,11 @@ s_ustream_write(BIO *b, const char *buf, int len) if (!buf || len <= 0) return 0; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + s = (struct ustream *)BIO_get_data(b); +#else s = (struct ustream *)b->ptr; +#endif if (!s) return 0; @@ -116,6 +136,7 @@ static long s_ustream_ctrl(BIO *b, int cmd, long num, void *ptr) }; } +#if OPENSSL_VERSION_NUMBER < 0x10100000L static BIO_METHOD methods_ustream = { 100 | BIO_TYPE_SOURCE_SINK, "ustream", @@ -128,13 +149,29 @@ static BIO_METHOD methods_ustream = { s_ustream_free, NULL, }; +#endif static BIO *ustream_bio_new(struct ustream *s) { BIO *bio; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + BIO_METHOD *methods_ustream; + + methods_ustream = BIO_meth_new(BIO_get_new_index() | BIO_TYPE_SOURCE_SINK, "ustream"); + BIO_meth_set_write(methods_ustream, s_ustream_write); + BIO_meth_set_read(methods_ustream, s_ustream_read); + BIO_meth_set_puts(methods_ustream, s_ustream_puts); + BIO_meth_set_gets(methods_ustream, s_ustream_gets); + BIO_meth_set_ctrl(methods_ustream, s_ustream_ctrl); + BIO_meth_set_create(methods_ustream, s_ustream_new); + BIO_meth_set_destroy(methods_ustream, s_ustream_free); + bio = BIO_new(methods_ustream); + BIO_set_data(bio, s); +#else bio = BIO_new(&methods_ustream); bio->ptr = s; +#endif return bio; } diff --git a/ustream-openssl.c b/ustream-openssl.c index eb03dab..52b7c21 100644 --- a/ustream-openssl.c +++ b/ustream-openssl.c @@ -38,11 +38,17 @@ __ustream_ssl_context_new(bool server) if (server) #ifdef CYASSL_OPENSSL_H_ m = SSLv23_server_method(); +#elif OPENSSL_VERSION_NUMBER >= 0x10100000L + m = TLS_server_method(); #else m = TLSv1_2_server_method(); #endif else +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + m = TLS_client_method(); +#else m = SSLv23_client_method(); +#endif c = SSL_CTX_new((void *) m); if (!c) @@ -52,8 +58,12 @@ __ustream_ssl_context_new(bool server) #ifndef OPENSSL_NO_ECDH SSL_CTX_set_ecdh_auto(c, 1); #endif - if (server) + if (server) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + SSL_CTX_set_min_proto_version(c, TLS1_2_VERSION); +#endif SSL_CTX_set_cipher_list(c, "DEFAULT:!RC4:@STRENGTH"); + } SSL_CTX_set_quiet_shutdown(c, 1); return (void *) c;