From patchwork Tue Jan 29 09:39:12 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Havelange X-Patchwork-Id: 1032629 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.133; helo=hemlock.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=essensium.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=essensium-com.20150623.gappssmtp.com header.i=@essensium-com.20150623.gappssmtp.com header.b="yiXT5hQM"; dkim-atps=neutral Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43phKz1X04z9sML for ; Tue, 29 Jan 2019 20:39:50 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 53D4A87935; Tue, 29 Jan 2019 09:39:43 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VJYUcYv7zcAm; Tue, 29 Jan 2019 09:39:40 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by hemlock.osuosl.org (Postfix) with ESMTP id 702FF877E9; Tue, 29 Jan 2019 09:39:40 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id 7975F1BF310 for ; Tue, 29 Jan 2019 09:39:38 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 765F981E21 for ; Tue, 29 Jan 2019 09:39:38 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jxFYoGVMMfpQ for ; Tue, 29 Jan 2019 09:39:37 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-ed1-f67.google.com (mail-ed1-f67.google.com [209.85.208.67]) by whitealder.osuosl.org (Postfix) with ESMTPS id E2C1786581 for ; Tue, 29 Jan 2019 09:39:36 +0000 (UTC) Received: by mail-ed1-f67.google.com with SMTP id g22so15409854edr.7 for ; Tue, 29 Jan 2019 01:39:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=essensium-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id; bh=FRT0vhSf9ZppicoJvsUaW3CFl60qqaWTAckTT4nVOWg=; b=yiXT5hQMxL9ULeXbQTWZ+Gk9hKI4krCm1JYuXir0+0eskZ4j3oAVn4xJKMDo3601eD 2jXXVmSCCL9GeSJU54xUDV2FBki2ArnrfmGPuXA47rnS6gxr6GBdRnwUVeQ9jbymOqou oWLBXEJGirFndiGZ6lD2pyL91g4Dti46OM5gXsJTG8AMVkklUdiI+5oMN5RyKuu/Mjv/ NTu4nwEjS3gTi+4NwDN5vyR4NvQYkdQjm3KDS1c1R4CErIiYo6LmWPNNZPUrUmx+2uft AbxlBxOUY5QpzigTbR+vnUhhIrJsJvdvKDxJ+ceqpYx27zGQCNY1y2Imaa5TfVsGOmaE Ed/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=FRT0vhSf9ZppicoJvsUaW3CFl60qqaWTAckTT4nVOWg=; b=rsllXPYoh1N7Hf24Ch5n4WfCIOYEfsgSWC0AouGkxbrl0hTZX2wbLfawstnxJXTrUv P2N1HGFgLH6hdq6sTlmc2d1bBNZ4AByA17vigM4NVjQgvvpgdTIXAiO45+ieGPu/JZk6 ud+Xp+jiaXDQ7ilYoukk5h3ODTcjKVUrItuPiqU1sf/YBK95cudro4e8C7DwVCc9fVG7 J5Ej7948EX8yMVMYO/ByB0Pj5dKNI2/J2dhzeyExMPy7TTSnQK9FKUVl4u5hWQm3jSDT Mb1UcW85CFQm/OqLyhOHMFtPwTSLf2xu2cRyaB0sD6Pmf22YtgIXg0gn6WuVA4np9W0s VgJA== X-Gm-Message-State: AJcUukdfbh0fTg7N31x7EZEKOTG9BLx1Io4tsIqjRhyD4mvd0Hnxfq2j wcaXmtlGEKxCrbt+Je3QNkDamxSHAks= X-Google-Smtp-Source: ALg8bN4dD746Q2hb2NH7qyRVQGfyX+242WROfCsFMECdUv2nAGehve9KDxYjWIYSGNqa7SNEUxQbiw== X-Received: by 2002:a17:906:c355:: with SMTP id ci21mr8604837ejb.67.1548754774845; Tue, 29 Jan 2019 01:39:34 -0800 (PST) Received: from ph-ThinkPad-E560.local.ess-mail.com (ip-188-118-3-185.reverse.destiny.be. [188.118.3.185]) by smtp.gmail.com with ESMTPSA id r8sm13675540edo.11.2019.01.29.01.39.34 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 29 Jan 2019 01:39:34 -0800 (PST) From: Patrick Havelange To: buildroot@buildroot.org Date: Tue, 29 Jan 2019 10:39:12 +0100 Message-Id: <20190129093919.22060-1-patrick.havelange@essensium.com> X-Mailer: git-send-email 2.17.1 Subject: [Buildroot] [PATCH v7 1/8] package/libshout: Add support for openssl 1.1.x X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Patrick Havelange , Vadim Kochan MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" From: Vadim Kochan Added patch from Debian: https://sources.debian.org/data/main/libs/libshout/2.4.1-2/debian/patches/01-libshout-tls-compile-with-OpenSSL-1.1.0.patch Signed-off-by: Vadim Kochan Signed-off-by: Patrick Havelange --- Changes v7: - Restore original link to original patch in commit msg Changes v6: - Added Signed-off-by to the patch --- ...shout-tls-compile-with-OpenSSL-1.1.0.patch | 59 +++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 package/libshout/0003-libshout-tls-compile-with-OpenSSL-1.1.0.patch diff --git a/package/libshout/0003-libshout-tls-compile-with-OpenSSL-1.1.0.patch b/package/libshout/0003-libshout-tls-compile-with-OpenSSL-1.1.0.patch new file mode 100644 index 0000000000..49b71501ed --- /dev/null +++ b/package/libshout/0003-libshout-tls-compile-with-OpenSSL-1.1.0.patch @@ -0,0 +1,59 @@ +From 01fafc449f0de56743d08e7976933c49e2915bfa Mon Sep 17 00:00:00 2001 +From: Sebastian Andrzej Siewior +Date: Wed, 15 Nov 2017 12:46:25 +0000 +Subject: [PATCH] tls: compile with OpenSSL 1.1.0 + +The init functions are not longer required in OpenSSL 1.1 so I dropped +them. + +TLSv1_client_method() should not be used because it enables only the +TLSv1.0 protocol. Better is to use SSLv23_client_method() which enable +all the protocols including TLSv1.2. With this functions SSLv2 and SSLv3 +is theoretically possible but as of today those protocols are usually +build-time disabled. +To avoid all this OpenSSL 1.1 provides TLS_client_method() which is aim +to provide to highest TLS protocol version (same as +SSLv23_client_method() but it is deprecated in 1.1). + +Signed-off-by: Sebastian Andrzej Siewior +Signed-off-by: Patrick Havelange +--- + src/tls.c | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) + +diff --git a/src/tls.c b/src/tls.c +index 4562c7327077..e0e5c1a5f079 100644 +--- a/src/tls.c ++++ b/src/tls.c +@@ -24,6 +24,7 @@ + #endif + + #include ++#include + #include "shout_private.h" + + #ifndef XXX_HAVE_X509_check_host +@@ -61,14 +62,17 @@ shout_tls_t *shout_tls_new(shout_t *self, sock_t socket) + + static inline int tls_setup(shout_tls_t *tls) + { +- SSL_METHOD *meth; +- ++ const SSL_METHOD *meth; ++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER) + SSL_library_init(); + SSL_load_error_strings(); + SSLeay_add_all_algorithms(); +- SSLeay_add_ssl_algorithms(); ++ SSLeay_add_ssl_algorithms(); + +- meth = TLSv1_client_method(); ++ meth = SSLv23_client_method(); ++#else ++ meth = TLS_client_method(); ++#endif + if (!meth) + goto error; + +-- +2.15.0 From patchwork Tue Jan 29 09:39:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Havelange X-Patchwork-Id: 1032634 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.138; helo=whitealder.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=essensium.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=essensium-com.20150623.gappssmtp.com header.i=@essensium-com.20150623.gappssmtp.com header.b="jjw5eHRX"; dkim-atps=neutral Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43phL91SRlz9sDB for ; Tue, 29 Jan 2019 20:40:01 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id A586986866; Tue, 29 Jan 2019 09:39:59 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MX1VhPYPElnt; Tue, 29 Jan 2019 09:39:51 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by whitealder.osuosl.org (Postfix) with ESMTP id 088C586816; Tue, 29 Jan 2019 09:39:49 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by ash.osuosl.org (Postfix) with ESMTP id 588951BF310 for ; Tue, 29 Jan 2019 09:39:44 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 553EA87933 for ; Tue, 29 Jan 2019 09:39:44 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A1nV5Rez6e-m for ; Tue, 29 Jan 2019 09:39:39 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-ed1-f68.google.com (mail-ed1-f68.google.com [209.85.208.68]) by hemlock.osuosl.org (Postfix) with ESMTPS id 140C084F92 for ; Tue, 29 Jan 2019 09:39:38 +0000 (UTC) Received: by mail-ed1-f68.google.com with SMTP id g22so15409916edr.7 for ; Tue, 29 Jan 2019 01:39:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=essensium-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=vwPb3Bty+X+111fC7zYhWqnYFijgjp8SHYvs6c0vsCk=; b=jjw5eHRXSGQBsv3C6x32gjmGOZ2sKlHw04b4If7cdeHv4CWCJ37b5gXd4MEIcOvLH3 Y6h+G5lYGceRPnO8ipxYVTsJLyd8MMDWUHzn62DRF5udc3UohhhxptKdo1/p6H+dNa/9 3+NgU5cFLbB5LHRRO5wiUf91ZpQ0aVcGfQtUQukyvAjMX8HNbEZCAMVJKmpxLbJdxvCy GFPJj3eSloSopBYNrxWbMExYCrPQmSwZJtBbbnF2q6p6GlNn3J1VbAJpcoJzV5eRSIdQ MRJd+RrnnHLl6SjhjYm3fm4lkmiMawGEuFMMl8jIISU2JJ9vJR9KRdnan4CNJw4dK/Oa NMug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=vwPb3Bty+X+111fC7zYhWqnYFijgjp8SHYvs6c0vsCk=; b=HhjHWv68uXTtiYYQIhnun0JykWZRn0oQ0dsdR1AnsAEYi+3HEFht//Qjt1lMiTssk2 1oFsLm3DT8fSUIl1yuzrZqzbDxT4l1JHHLzunx33k/Vj0K/CQYTjepn1Ss/RK4VQRsso Z3rxFkTQRiZI2095PBhkfoQXHq4M/sDMrVDRVGtcaQNXVjV+YlcFOvabxpGBnkSI8BKb 1W1CVdg9z9bpWdj72uNDESCOMB6Qs/4l0hN43yOIdCeqQuHpLeQ2xK2ma9SzjwCFzn+V TpTVzdwDmTvayPuFn5UNMv2/dudUjvFMVaURqSpHmhy7En/TOaSUw2wRc+ond4theMhF AfNQ== X-Gm-Message-State: AJcUukeNWhAJjx7UfI1LBYPhQ/TmWtiyjNsgA4ew2POS+mVapLxNBfN/ 0JKbcPR/gu9wVEMjjaNODNxg5oEY9RU= X-Google-Smtp-Source: ALg8bN7LbFXQXO5IglHozjgTDtyVAZHurhlxfuzL/uKP7t7FJyNTW9tmeLP4s/9+D0/EiiHwFsidQA== X-Received: by 2002:a50:9dc1:: with SMTP id l1mr24810528edk.272.1548754776714; Tue, 29 Jan 2019 01:39:36 -0800 (PST) Received: from ph-ThinkPad-E560.local.ess-mail.com (ip-188-118-3-185.reverse.destiny.be. [188.118.3.185]) by smtp.gmail.com with ESMTPSA id r8sm13675540edo.11.2019.01.29.01.39.35 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 29 Jan 2019 01:39:36 -0800 (PST) From: Patrick Havelange To: buildroot@buildroot.org Date: Tue, 29 Jan 2019 10:39:14 +0100 Message-Id: <20190129093919.22060-3-patrick.havelange@essensium.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190129093919.22060-1-patrick.havelange@essensium.com> References: <20190129093919.22060-1-patrick.havelange@essensium.com> Subject: [Buildroot] [PATCH v7 3/8] package/pound: Fix build with OpenSSL 1.1.x X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Bernd Kuhls , Patrick Havelange MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" From: Bernd Kuhls Signed-off-by: Bernd Kuhls Signed-off-by: Patrick Havelange --- Changes v7: - none Changes v6: - none --- package/pound/0002-fix-openssl-1.1.0.patch | 331 +++++++++++++++++++++ 1 file changed, 331 insertions(+) create mode 100644 package/pound/0002-fix-openssl-1.1.0.patch diff --git a/package/pound/0002-fix-openssl-1.1.0.patch b/package/pound/0002-fix-openssl-1.1.0.patch new file mode 100644 index 0000000000..a94a6386b7 --- /dev/null +++ b/package/pound/0002-fix-openssl-1.1.0.patch @@ -0,0 +1,331 @@ +From a2c9dde4d055ea8942afb150b7fc3a807d4e5d60 Mon Sep 17 00:00:00 2001 +From: Sergey Poznyakoff +Date: Wed, 28 Feb 2018 13:44:01 +0000 +Subject: [PATCH] Support for Openssl 1.1 + +Downloaded from github fork: +https://github.com/graygnuorg/pound/commit/a2c9dde4d055ea8942afb150b7fc3a807d4e5d60 + +This patch was announced on the upstream mailinglist: +http://www.apsis.ch/pound/pound_list/archive/2018/2018-03/1519920322000 + +Signed-off-by: Bernd Kuhls +--- + .gitignore | 15 ++++++++ + config.c | 17 +++++++-- + http.c | 12 ++++++- + pound.h | 4 ++- + svc.c | 101 +++++++++++++++++++++++++++++++++++++++++++---------- + 5 files changed, 125 insertions(+), 24 deletions(-) + create mode 100644 .gitignore + +diff --git a/config.c b/config.c +index d41a3ee..e8fec0f 100644 +--- a/config.c ++++ b/config.c +@@ -174,6 +174,16 @@ conf_fgets(char *buf, const int max) + } + } + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++# define general_name_string(n) \ ++ strndup(ASN1_STRING_get0_data(n->d.dNSName), \ ++ ASN1_STRING_length(n->d.dNSName) + 1) ++#else ++# define general_name_string(n) \ ++ strndup(ASN1_STRING_data(n->d.dNSName), \ ++ ASN1_STRING_length(n->d.dNSName) + 1) ++#endif ++ + unsigned char ** + get_subjectaltnames(X509 *x509, unsigned int *count) + { +@@ -194,8 +204,7 @@ get_subjectaltnames(X509 *x509, unsigned int *count) + name = sk_GENERAL_NAME_pop(san_stack); + switch(name->type) { + case GEN_DNS: +- temp[local_count] = strndup(ASN1_STRING_data(name->d.dNSName), ASN1_STRING_length(name->d.dNSName) +- + 1); ++ temp[local_count] = general_name_string(name); + if(temp[local_count] == NULL) + conf_err("out of memory"); + local_count++; +@@ -565,7 +574,9 @@ parse_service(const char *svc_name) + pthread_mutex_init(&res->mut, NULL); + if(svc_name) + strncpy(res->name, svc_name, KEY_SIZE); +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if((res->sessions = lh_TABNODE_new(t_hash, t_cmp)) == NULL) ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((res->sessions = LHM_lh_new(TABNODE, t)) == NULL) + #else + if((res->sessions = lh_new(LHASH_HASH_FN(t_hash), LHASH_COMP_FN(t_cmp))) == NULL) +diff --git a/http.c b/http.c +index dd211e4..c8e756a 100644 +--- a/http.c ++++ b/http.c +@@ -527,12 +527,22 @@ log_bytes(char *res, const LONG cnt) + + /* Cleanup code. This should really be in the pthread_cleanup_push, except for bugs in some implementations */ + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++# define clear_error() ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L ++# define clear_error() \ ++ if(ssl != NULL) { ERR_clear_error(); ERR_remove_thread_state(NULL); } ++#else ++# define clear_error() \ ++ if(ssl != NULL) { ERR_clear_error(); ERR_remove_state(0); } ++#endif ++ + #define clean_all() { \ + if(ssl != NULL) { BIO_ssl_shutdown(cl); } \ + if(be != NULL) { BIO_flush(be); BIO_reset(be); BIO_free_all(be); be = NULL; } \ + if(cl != NULL) { BIO_flush(cl); BIO_reset(cl); BIO_free_all(cl); cl = NULL; } \ + if(x509 != NULL) { X509_free(x509); x509 = NULL; } \ +- if(ssl != NULL) { ERR_clear_error(); ERR_remove_state(0); } \ ++ clear_error(); \ + } + + /* +diff --git a/pound.h b/pound.h +index fa22c36..9603b91 100644 +--- a/pound.h ++++ b/pound.h +@@ -344,7 +344,9 @@ typedef struct _tn { + /* maximal session key size */ + #define KEY_SIZE 127 + +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ DEFINE_LHASH_OF(TABNODE); ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + DECLARE_LHASH_OF(TABNODE); + #endif + +diff --git a/svc.c b/svc.c +index 60ba488..063b92c 100644 +--- a/svc.c ++++ b/svc.c +@@ -27,10 +27,17 @@ + + #include "pound.h" + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++# define TABNODE_GET_DOWN_LOAD(t) lh_TABNODE_get_down_load(t) ++# define TABNODE_SET_DOWN_LOAD(t,n) lh_TABNODE_set_down_load(t,n) ++#else + #ifndef LHASH_OF + #define LHASH_OF(x) LHASH + #define CHECKED_LHASH_OF(type, h) h + #endif ++# define TABNODE_GET_DOWN_LOAD(t) (CHECKED_LHASH_OF(TABNODE, t)->down_load) ++# define TABNODE_SET_DOWN_LOAD(t,n) (CHECKED_LHASH_OF(TABNODE, t)->down_load = n) ++#endif + + /* + * Add a new key/content pair to a hash table +@@ -58,7 +65,9 @@ t_add(LHASH_OF(TABNODE) *const tab, const char *key, const void *content, const + } + memcpy(t->content, content, cont_len); + t->last_acc = time(NULL); +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if((old = lh_TABNODE_insert(tab, t)) != NULL) { ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((old = LHM_lh_insert(TABNODE, tab, t)) != NULL) { + #else + if((old = (TABNODE *)lh_insert(tab, t)) != NULL) { +@@ -82,7 +91,9 @@ t_find(LHASH_OF(TABNODE) *const tab, char *const key) + TABNODE t, *res; + + t.key = key; +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if((res = lh_TABNODE_retrieve(tab, &t)) != NULL) { ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((res = (TABNODE *)LHM_lh_retrieve(TABNODE, tab, &t)) != NULL) { + #else + if((res = (TABNODE *)lh_retrieve(tab, &t)) != NULL) { +@@ -102,7 +113,9 @@ t_remove(LHASH_OF(TABNODE) *const tab, char *const key) + TABNODE t, *res; + + t.key = key; +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if((res = lh_TABNODE_delete(tab, &t)) != NULL) { ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((res = LHM_lh_delete(TABNODE, tab, &t)) != NULL) { + #else + if((res = (TABNODE *)lh_delete(tab, &t)) != NULL) { +@@ -127,7 +140,9 @@ t_old_doall_arg(TABNODE *t, ALL_ARG *a) + TABNODE *res; + + if(t->last_acc < a->lim) +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if((res = lh_TABNODE_delete(a->tab, t)) != NULL) { ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((res = LHM_lh_delete(TABNODE, a->tab, t)) != NULL) { + #else + if((res = lh_delete(a->tab, t)) != NULL) { +@@ -145,6 +160,10 @@ IMPLEMENT_LHASH_DOALL_ARG_FN(t_old, TABNODE, ALL_ARG) + IMPLEMENT_LHASH_DOALL_ARG_FN(t_old, TABNODE *, ALL_ARG *) + #endif + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++IMPLEMENT_LHASH_DOALL_ARG(TABNODE,ALL_ARG); ++#endif ++ + /* + * Expire all old nodes + */ +@@ -156,14 +175,16 @@ t_expire(LHASH_OF(TABNODE) *const tab, const time_t lim) + + a.tab = tab; + a.lim = lim; +- down_load = CHECKED_LHASH_OF(TABNODE, tab)->down_load; +- CHECKED_LHASH_OF(TABNODE, tab)->down_load = 0; +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++ down_load = TABNODE_GET_DOWN_LOAD(tab); ++ TABNODE_SET_DOWN_LOAD(tab, 0); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ lh_TABNODE_doall_ALL_ARG(tab, t_old_doall_arg, &a); ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + LHM_lh_doall_arg(TABNODE, tab, LHASH_DOALL_ARG_FN(t_old), ALL_ARG, &a); + #else + lh_doall_arg(tab, LHASH_DOALL_ARG_FN(t_old), &a); + #endif +- CHECKED_LHASH_OF(TABNODE, tab)->down_load = down_load; ++ TABNODE_SET_DOWN_LOAD(tab, down_load); + return; + } + +@@ -173,7 +194,9 @@ t_cont_doall_arg(TABNODE *t, ALL_ARG *arg) + TABNODE *res; + + if(memcmp(t->content, arg->content, arg->cont_len) == 0) +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if((res = lh_TABNODE_delete(arg->tab, t)) != NULL) { ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((res = LHM_lh_delete(TABNODE, arg->tab, t)) != NULL) { + #else + if((res = lh_delete(arg->tab, t)) != NULL) { +@@ -203,15 +226,16 @@ t_clean(LHASH_OF(TABNODE) *const tab, void *const content, const size_t cont_len + a.tab = tab; + a.content = content; + a.cont_len = cont_len; +- down_load = CHECKED_LHASH_OF(TABNODE, tab)->down_load; +- CHECKED_LHASH_OF(TABNODE, tab)->down_load = 0; +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++ down_load = TABNODE_GET_DOWN_LOAD(tab); ++ TABNODE_SET_DOWN_LOAD(tab, 0); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ lh_TABNODE_doall_ALL_ARG(tab, t_cont_doall_arg, &a); ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + LHM_lh_doall_arg(TABNODE, tab, LHASH_DOALL_ARG_FN(t_cont), ALL_ARG, &a); + #else + lh_doall_arg(tab, LHASH_DOALL_ARG_FN(t_cont), &a); + #endif +- CHECKED_LHASH_OF(TABNODE, tab)->down_load = down_load; +- return; ++ TABNODE_SET_DOWN_LOAD(tab, down_load); + } + + /* +@@ -1262,6 +1286,31 @@ RSA_tmp_callback(/* not used */SSL *ssl, /* not used */int is_export, int keylen + return res; + } + ++static int ++generate_key(RSA **ret_rsa, unsigned long bits) ++{ ++#if OPENSSL_VERSION_NUMBER > 0x00908000L ++ int rc = 0; ++ RSA *rsa; ++ ++ rsa = RSA_new(); ++ if (rsa) { ++ BIGNUM *bne = BN_new(); ++ if (BN_set_word(bne, RSA_F4)) ++ rc = RSA_generate_key_ex(rsa, bits, bne, NULL); ++ BN_free(bne); ++ if (rc) ++ *ret_rsa = rsa; ++ else ++ RSA_free(rsa); ++ } ++ return rc; ++#else ++ *ret_rsa = RSA_generate_key(bits, RSA_F4, NULL, NULL); ++ return *ret_rsa != NULL; ++#endif ++} ++ + /* + * Periodically regenerate ephemeral RSA keys + * runs every T_RSA_KEYS seconds +@@ -1274,8 +1323,9 @@ do_RSAgen(void) + RSA *t_RSA1024_keys[N_RSA_KEYS]; + + for(n = 0; n < N_RSA_KEYS; n++) { +- t_RSA512_keys[n] = RSA_generate_key(512, RSA_F4, NULL, NULL); +- t_RSA1024_keys[n] = RSA_generate_key(1024, RSA_F4, NULL, NULL); ++ /* FIXME: Error handling */ ++ generate_key(&t_RSA512_keys[n], 512); ++ generate_key(&t_RSA1024_keys[n], 1024); + } + if(ret_val = pthread_mutex_lock(&RSA_mut)) + logmsg(LOG_WARNING, "thr_RSAgen() lock: %s", strerror(ret_val)); +@@ -1329,11 +1379,11 @@ init_timer(void) + * Pre-generate ephemeral RSA keys + */ + for(n = 0; n < N_RSA_KEYS; n++) { +- if((RSA512_keys[n] = RSA_generate_key(512, RSA_F4, NULL, NULL)) == NULL) { ++ if(!generate_key(&RSA512_keys[n], 512)) { + logmsg(LOG_WARNING,"RSA_generate(%d, 512) failed", n); + return; + } +- if((RSA1024_keys[n] = RSA_generate_key(1024, RSA_F4, NULL, NULL)) == NULL) { ++ if(!generate_key(&RSA1024_keys[n], 1024)) { + logmsg(LOG_WARNING,"RSA_generate(%d, 1024) failed", n); + return; + } +@@ -1420,6 +1470,10 @@ IMPLEMENT_LHASH_DOALL_ARG_FN(t_dump, TABNODE, DUMP_ARG) + IMPLEMENT_LHASH_DOALL_ARG_FN(t_dump, TABNODE *, DUMP_ARG *) + #endif + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++IMPLEMENT_LHASH_DOALL_ARG(TABNODE,DUMP_ARG); ++#endif ++ + /* + * write sessions to the control socket + */ +@@ -1430,7 +1484,9 @@ dump_sess(const int control_sock, LHASH_OF(TABNODE) *const sess, BACKEND *const + + a.control_sock = control_sock; + a.backends = backends; +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ lh_TABNODE_doall_DUMP_ARG(sess, t_dump_doall_arg, &a); ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + LHM_lh_doall_arg(TABNODE, sess, LHASH_DOALL_ARG_FN(t_dump), DUMP_ARG, &a); + #else + lh_doall_arg(sess, LHASH_DOALL_ARG_FN(t_dump), &a); +@@ -1664,6 +1720,13 @@ thr_control(void *arg) + } + } + ++#ifndef SSL3_ST_SR_CLNT_HELLO_A ++# define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT) ++#endif ++#ifndef SSL23_ST_SR_CLNT_HELLO_A ++# define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT) ++#endif ++ + void + SSLINFO_callback(const SSL *ssl, int where, int rc) + { From patchwork Tue Jan 29 09:39:15 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Havelange X-Patchwork-Id: 1032631 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.133; helo=hemlock.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=essensium.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=essensium-com.20150623.gappssmtp.com header.i=@essensium-com.20150623.gappssmtp.com header.b="QkUaSfsT"; dkim-atps=neutral Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43phL32FmBz9sDB for ; Tue, 29 Jan 2019 20:39:55 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id AB894878B0; Tue, 29 Jan 2019 09:39:45 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XwFh4vkWJBSb; Tue, 29 Jan 2019 09:39:44 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by hemlock.osuosl.org (Postfix) with ESMTP id 7007287933; Tue, 29 Jan 2019 09:39:44 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by ash.osuosl.org (Postfix) with ESMTP id 1F5981BF310 for ; Tue, 29 Jan 2019 09:39:41 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 1C91924D71 for ; Tue, 29 Jan 2019 09:39:41 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 94heeBxXuco7 for ; Tue, 29 Jan 2019 09:39:39 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-ed1-f67.google.com (mail-ed1-f67.google.com [209.85.208.67]) by silver.osuosl.org (Postfix) with ESMTPS id 8B7922107A for ; Tue, 29 Jan 2019 09:39:39 +0000 (UTC) Received: by mail-ed1-f67.google.com with SMTP id y56so15403277edd.11 for ; Tue, 29 Jan 2019 01:39:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=essensium-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=3mIRoyXhhSw6z5Q4crdjbAnh4wlQLXRRJsbddWbzGek=; b=QkUaSfsT5Uy5KWoc0csFY3+tBms6s1dNs8AJ6IefD7+KMZDoCgXWKHInc2Yt7N4Tdb c0P3HTryYBek2BykX4Pa6oKZeKEBqiZKaIhftgOW1JzGIr2UZtwWj5JHJMwgu8xazUtg oeJfRT5EpeaZs68VaOeEIuEKYTXkCcZqyS0gVDZQ0DecuLIeLjj5CiBZKx5Aww3Ojl+2 po1xt33Xyyrae1dwgZ9Xn8gJNII8bx0hzl05CsK8u760aU7711ClmDXCWp7RAk6u15JH JQE52GqMmq8jGuYOHTP+VUhJPbRryccLn89zn302jnP9C4scXZcI+sKx7Lm7b1Fvvxcm 94NQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=3mIRoyXhhSw6z5Q4crdjbAnh4wlQLXRRJsbddWbzGek=; b=cR7tIKUvxJ1C3Q6Jt3cDMMLMKkVn26nMe9136ddqa+H03JTNkAkDyBPXhuNzfnVZEG h2NZpK/otuefh98ayUtt5D1PUSgDTqgqg2GjxgtbbYlFP9LJ7PTQaajq2FDAtU4STJSN oDk4IAyzfrUZHyo3Q4g1UlbPwLk8hBu+3OjFGXTkU1/Ln7vV4mCnL3unrqc5nm53iCmm jx25r541W6I4HT7XTTjIS0pOWphAZ83i+8t2KYOo8v+YBKk1g09cX7ZAOgcGmbrfFb27 VNSmEvhdzkRfKVje/vSxrEvGCeVz8MNxbFkmd8LfR4mBt83W0nCuxAE4vruCkoS1t3vP Spzg== X-Gm-Message-State: AJcUukctTaT8DpkUyeibRUPORg6lCfgqL5+a5teUHuBC3vvi0fbV8053 O9NTA2uo0xOdrLdaalVRg1EqDAc41zI= X-Google-Smtp-Source: ALg8bN6JTiI1IzfPm+G3T2drauNjrkCkxb7pySLwabfJ6BDKiMqa+dQB8XATB2GVBI3MiRpWBk3htA== X-Received: by 2002:a17:906:418c:: with SMTP id a12mr17639993ejl.10.1548754777661; Tue, 29 Jan 2019 01:39:37 -0800 (PST) Received: from ph-ThinkPad-E560.local.ess-mail.com (ip-188-118-3-185.reverse.destiny.be. [188.118.3.185]) by smtp.gmail.com with ESMTPSA id r8sm13675540edo.11.2019.01.29.01.39.36 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 29 Jan 2019 01:39:37 -0800 (PST) From: Patrick Havelange To: buildroot@buildroot.org Date: Tue, 29 Jan 2019 10:39:15 +0100 Message-Id: <20190129093919.22060-4-patrick.havelange@essensium.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190129093919.22060-1-patrick.havelange@essensium.com> References: <20190129093919.22060-1-patrick.havelange@essensium.com> Subject: [Buildroot] [PATCH v7 4/8] mariadb: use host-openssl from buildroot-system X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Patrick Havelange , Peter Seiderer MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" From: Peter Seiderer - change WITH_SSL for host build from bundled to system (and add host-openssl dependency) to avoid the following configure failure: CMake Error at /usr/share/cmake/Modules/FindPackageHandleStandardArgs.cmake:137 (message): Could NOT find GnuTLS (missing: GNUTLS_LIBRARY GNUTLS_INCLUDE_DIR) (Required is at least version "3.3.24") Call Stack (most recent call first): /usr/share/cmake/Modules/FindPackageHandleStandardArgs.cmake:378 (_FPHSA_FAILURE_MESSAGE) /usr/share/cmake/Modules/FindGnuTLS.cmake:54 (FIND_PACKAGE_HANDLE_STANDARD_ARGS) libmariadb/CMakeLists.txt:298 (FIND_PACKAGE) Signed-off-by: Peter Seiderer Tested-by: Ryan Coe Signed-off-by: Patrick Havelange --- Changes v7: - none Changes v6: - none --- package/mariadb/mariadb.mk | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/package/mariadb/mariadb.mk b/package/mariadb/mariadb.mk index e17649209a..e354a9137c 100644 --- a/package/mariadb/mariadb.mk +++ b/package/mariadb/mariadb.mk @@ -86,7 +86,8 @@ MARIADB_CONF_OPTS += \ -DMYSQL_DATADIR=/var/lib/mysql \ -DMYSQL_UNIX_ADDR=$(MYSQL_SOCKET) -HOST_MARIADB_CONF_OPTS += -DWITH_SSL=OFF +HOST_MARIADB_DEPENDENCIES = host-openssl +HOST_MARIADB_CONF_OPTS += -DWITH_SSL=system # Some helpers must be compiled for host in order to crosscompile mariadb for # the target. They are then included by import_executables.cmake which is From patchwork Tue Jan 29 09:39:16 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Havelange X-Patchwork-Id: 1032627 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=essensium.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=essensium-com.20150623.gappssmtp.com header.i=@essensium-com.20150623.gappssmtp.com header.b="stLDEdwC"; dkim-atps=neutral Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43phKx3lmrz9sDX for ; Tue, 29 Jan 2019 20:39:48 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id ED86485F6E; Tue, 29 Jan 2019 09:39:45 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wC6Zg-fCX4rX; Tue, 29 Jan 2019 09:39:45 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by fraxinus.osuosl.org (Postfix) with ESMTP id 63FFE85F61; Tue, 29 Jan 2019 09:39:45 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by ash.osuosl.org (Postfix) with ESMTP id 367481BF86D for ; Tue, 29 Jan 2019 09:39:41 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 3432085F67 for ; Tue, 29 Jan 2019 09:39:41 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C1pwle-ebxbB for ; Tue, 29 Jan 2019 09:39:40 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-ed1-f65.google.com (mail-ed1-f65.google.com [209.85.208.65]) by fraxinus.osuosl.org (Postfix) with ESMTPS id 2E27185951 for ; Tue, 29 Jan 2019 09:39:40 +0000 (UTC) Received: by mail-ed1-f65.google.com with SMTP id h15so15419504edb.4 for ; Tue, 29 Jan 2019 01:39:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=essensium-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=GIhIGPTaTJ4BseaPuFUfNDZbx+AnzFCbhcmaH7DM2XQ=; b=stLDEdwC++pXF7+zMDe46WeZsIV8ShmH0+icEmCvOHsdGrdchYwMM8d/4CN/aPKXSk eJgzP9xLxvP0ARo2TLYuKXIVNQEZtB/YeVyA04Kiqs1OspahgWSb/bWeXVpWOu2Swguw Mhmwr3nvYmXsggTpNgq6TQlTSxGqmycCil4tFF44RtLVPSpvep25eMrMZj73OV7b/ZZx amoDuJb4X95xSB6N/bKuPS4OLgqA7oOyo3kn5xACH6zRa7gMOyve1z0M8MjZgJElfhGU w3nuBRz2ZXxf653Z4lFFfliv07TTVPbnGN1hcDy8Bs8/cNmARe2v5MHAa/qeIVilsaWl mEaA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=GIhIGPTaTJ4BseaPuFUfNDZbx+AnzFCbhcmaH7DM2XQ=; b=WRkHCzAoyG/MKUEu92L7Ph7kt9x2bC3ktbZ2WA7sN7mGG9xwaRlqLVSAJDqkgt3Sbi sFnhyvggL+q7zraO4f06KIUpi8sj5Zz/NgkRKBxjSzpgWl6V6VgcWlw0LdncHpH750H2 G07D3TY6MJLIIiGMp9ahWikcnxcdVzJjYv5VxyDjwur/s52G/IGl+j7J/IJZLCshRP4k WRcPilecNPGbIJX0U6yuSOZ9Hj+MJ48eXd/4g5iXlf+BWKoPA5KaPkIS9Q0yVc9TjWRS 8JqSN2mEwCRR7V1IULFiCvfWycZR0SsEngVniEVHQsJ9rpJX92H3biET6RkQXtMnBnsg rZfA== X-Gm-Message-State: AJcUukepnWfsf6oVb7pevdGMT87rk1MJ/v3fwKkyMoSaKVtsCh62Cpgc ik480uHt8/upKkighcLJ+4ulDxRTN+U= X-Google-Smtp-Source: ALg8bN6Nv+cMsyjp0eez0hnCXN0o1MXYuzMvZ+48A83ZWFJ8iaYRgqJCS4I8cQDT9WAzq8jqjKcomw== X-Received: by 2002:a17:906:4101:: with SMTP id j1mr9697592ejk.175.1548754778446; Tue, 29 Jan 2019 01:39:38 -0800 (PST) Received: from ph-ThinkPad-E560.local.ess-mail.com (ip-188-118-3-185.reverse.destiny.be. [188.118.3.185]) by smtp.gmail.com with ESMTPSA id r8sm13675540edo.11.2019.01.29.01.39.37 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 29 Jan 2019 01:39:38 -0800 (PST) From: Patrick Havelange To: buildroot@buildroot.org Date: Tue, 29 Jan 2019 10:39:16 +0100 Message-Id: <20190129093919.22060-5-patrick.havelange@essensium.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190129093919.22060-1-patrick.havelange@essensium.com> References: <20190129093919.22060-1-patrick.havelange@essensium.com> Subject: [Buildroot] [PATCH v7 5/8] Introduce the variable BR2_TOOLCHAIN_HAS_UCONTEXT X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Patrick Havelange MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" It is set when the platform exposes the struct ucontext_t. This avoids duplication of logic inside each package requiring the use of that type. Signed-off-by: Patrick Havelange --- Changes v7: - none Changes v6: - Wrap Config.in at 80 char --- package/libsigsegv/Config.in | 11 +---------- toolchain/Config.in | 10 ++++++++++ 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/package/libsigsegv/Config.in b/package/libsigsegv/Config.in index f258dc9e8a..8e89ff5aa4 100644 --- a/package/libsigsegv/Config.in +++ b/package/libsigsegv/Config.in @@ -1,15 +1,6 @@ config BR2_PACKAGE_LIBSIGSEGV_ARCH_SUPPORTS bool - # with glibc/musl, ucontext is available for all supported - # architectures - default y if BR2_TOOLCHAIN_USES_GLIBC - default y if BR2_TOOLCHAIN_USES_MUSL - # with uclibc, ucontext is only available for a subset of the - # supported architectures - default y if BR2_TOOLCHAIN_USES_UCLIBC && \ - (BR2_ARM_CPU_HAS_ARM || BR2_i386 || \ - BR2_mips || BR2_mipsel || BR2_mips64 || BR2_mips64el || \ - BR2_sparc || BR2_x86_64) + default y if BR2_TOOLCHAIN_HAS_UCONTEXT config BR2_PACKAGE_LIBSIGSEGV bool "libsigsegv" diff --git a/toolchain/Config.in b/toolchain/Config.in index baf192c936..275f9f9cdd 100644 --- a/toolchain/Config.in +++ b/toolchain/Config.in @@ -15,10 +15,16 @@ config BR2_TOOLCHAIN_USES_GLIBC select BR2_TOOLCHAIN_HAS_THREADS select BR2_TOOLCHAIN_HAS_THREADS_DEBUG select BR2_TOOLCHAIN_HAS_THREADS_NPTL + select BR2_TOOLCHAIN_HAS_UCONTEXT select BR2_TOOLCHAIN_SUPPORTS_PIE config BR2_TOOLCHAIN_USES_UCLIBC bool + # ucontext is only available for a subset of the supported + # architectures + select BR2_TOOLCHAIN_HAS_UCONTEXT if BR2_ARM_CPU_HAS_ARM || BR2_i386 \ + || BR2_mips || BR2_mipsel || BR2_mips64 || BR2_mips64el \ + || BR2_sparc || BR2_x86_64 select BR2_TOOLCHAIN_SUPPORTS_PIE if !BR2_m68k && !BR2_microblaze && !BR2_STATIC_LIBS config BR2_TOOLCHAIN_USES_MUSL @@ -28,6 +34,7 @@ config BR2_TOOLCHAIN_USES_MUSL select BR2_TOOLCHAIN_HAS_THREADS select BR2_TOOLCHAIN_HAS_THREADS_DEBUG select BR2_TOOLCHAIN_HAS_THREADS_NPTL + select BR2_TOOLCHAIN_HAS_UCONTEXT select BR2_TOOLCHAIN_SUPPORTS_PIE if !BR2_STATIC_LIBS choice @@ -145,6 +152,9 @@ config BR2_TOOLCHAIN_HAS_THREADS_NPTL config BR2_TOOLCHAIN_HAS_SSP bool +config BR2_TOOLCHAIN_HAS_UCONTEXT + bool + config BR2_TOOLCHAIN_SUPPORTS_PIE bool From patchwork Tue Jan 29 09:39:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Havelange X-Patchwork-Id: 1032632 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.136; helo=silver.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=essensium.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=essensium-com.20150623.gappssmtp.com header.i=@essensium-com.20150623.gappssmtp.com header.b="AlsOLuxt"; dkim-atps=neutral Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43phL52Bzhz9sDX for ; Tue, 29 Jan 2019 20:39:56 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id F2EF725C1C; Tue, 29 Jan 2019 09:39:52 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DHLXzO5lGCah; Tue, 29 Jan 2019 09:39:49 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by silver.osuosl.org (Postfix) with ESMTP id AA99824D71; Tue, 29 Jan 2019 09:39:49 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by ash.osuosl.org (Postfix) with ESMTP id 6304D1BF86D for ; Tue, 29 Jan 2019 09:39:44 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 6080585F61 for ; Tue, 29 Jan 2019 09:39:44 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4SYKHGPqM0on for ; Tue, 29 Jan 2019 09:39:41 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-ed1-f51.google.com (mail-ed1-f51.google.com [209.85.208.51]) by fraxinus.osuosl.org (Postfix) with ESMTPS id 6239E85951 for ; Tue, 29 Jan 2019 09:39:41 +0000 (UTC) Received: by mail-ed1-f51.google.com with SMTP id y56so15403332edd.11 for ; Tue, 29 Jan 2019 01:39:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=essensium-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=kdXnDu3xqxgaWOWavLFvgb4JjVpyf7vLe2k/8VhzUT4=; b=AlsOLuxtUtAztjrxNpJB4jcsmdTMLoduBde8Qw+fKDx77QxWLU9IqyNOv0v+ik38KH k0deiADGFSp+QJw8mxIOV74Sx3wTHYZCSgja05LUlOFez6pytLn+9Hi/tIQk7s2N/nnN NuPVQueXFtdobngyNvnOcogbAbQUXa3EyWIKtcw6oXWibW0hvtPFzoHgq2hnL+9DJpG6 e271AgNLD0LC2tS3Mga3tEYRaVbrNoHBZyUmkT9wfb2UZ7mdrAx26JC1GKeGmyzF6oA9 TsKhMG0v9bdRzW5QXBdjgXi/TC1werQTXAO6ziGUAIVS499Dxk3m7FJ3dGdgiAx2OmV7 tzeg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=kdXnDu3xqxgaWOWavLFvgb4JjVpyf7vLe2k/8VhzUT4=; b=to0ojCUEaqDyPkjnqRjnctp4ps9l2TMiYVSjNvyOqHVDvNnLKiQoew2tEXHiQbT9TN jfNk0kyWWiwLdGBlVPaehx1BgrjlYPK619pkQg0dD2hdlUQ8dejc/d0CVK7pcXEv79rH xPeAv2hlGkPSv3NeXDTUGyDHA4GM302E0D6rnMToIvO9rlpvfGSPRyAEZvTaTOyGa4ko qOHatcHtybMNRWRhjaICmUawO0cLAjglrsRQdgAvK+YpgH9Q2xDP51l0JlUyqfiRDbT0 4kjfWUtIs41Hh3nkv/GCc//5ccSR+Wy1/FYvpPE/qXZbFRXUrMWiQKYyurl8v9vmKSCx 11zg== X-Gm-Message-State: AJcUukeuP/NHovwRhGovtKe8xK7NMnO49VMLE4nT5CBTiQVVBxU8Fbop marPISGPhGX3411PDn0YFPR7VPWlsuI= X-Google-Smtp-Source: ALg8bN6NKmkFnTOzPUcfwEZ6uAdfSLFD5qE6JCTMJqkCDCZ5XMOSKoOTCV2M2nf5+xYqtoR1LDurUQ== X-Received: by 2002:a17:906:1350:: with SMTP id x16mr22075909ejb.85.1548754779310; Tue, 29 Jan 2019 01:39:39 -0800 (PST) Received: from ph-ThinkPad-E560.local.ess-mail.com (ip-188-118-3-185.reverse.destiny.be. [188.118.3.185]) by smtp.gmail.com with ESMTPSA id r8sm13675540edo.11.2019.01.29.01.39.38 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 29 Jan 2019 01:39:38 -0800 (PST) From: Patrick Havelange To: buildroot@buildroot.org Date: Tue, 29 Jan 2019 10:39:17 +0100 Message-Id: <20190129093919.22060-6-patrick.havelange@essensium.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190129093919.22060-1-patrick.havelange@essensium.com> References: <20190129093919.22060-1-patrick.havelange@essensium.com> Subject: [Buildroot] [PATCH v7 6/8] package/thrift: bump to 0.12.0, add support for openssl 1.1.x X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Patrick Havelange MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Switching to CMake as the autotools are not crosscompiler compatible. Removed the patches related to autotools as no longer used. Added patch to avoid linker issue. Added license hash. Signed-off-by: Patrick Havelange --- Changes v7: - none Changes v6: - Commit msg - Use SHA256 instead of md5 --- ...ipedTransport-peek-to-avoid-linker-e.patch | 31 +++++++ package/thrift/0001-libevent-cross.patch | 16 ---- package/thrift/0002-autoreconf.patch | 28 ------- package/thrift/0003-zlib-cross.patch | 16 ---- ...k-minimum-required-version-of-automa.patch | 47 ----------- .../0005-configure.ac-C-11-is-optional.patch | 28 ------- package/thrift/thrift.hash | 6 +- package/thrift/thrift.mk | 84 +++++++++---------- 8 files changed, 73 insertions(+), 183 deletions(-) create mode 100644 package/thrift/0001-Force-to-keep-TPipedTransport-peek-to-avoid-linker-e.patch delete mode 100644 package/thrift/0001-libevent-cross.patch delete mode 100644 package/thrift/0002-autoreconf.patch delete mode 100644 package/thrift/0003-zlib-cross.patch delete mode 100644 package/thrift/0004-THRIFT-3071-check-minimum-required-version-of-automa.patch delete mode 100644 package/thrift/0005-configure.ac-C-11-is-optional.patch diff --git a/package/thrift/0001-Force-to-keep-TPipedTransport-peek-to-avoid-linker-e.patch b/package/thrift/0001-Force-to-keep-TPipedTransport-peek-to-avoid-linker-e.patch new file mode 100644 index 0000000000..92c55d05a4 --- /dev/null +++ b/package/thrift/0001-Force-to-keep-TPipedTransport-peek-to-avoid-linker-e.patch @@ -0,0 +1,31 @@ +From f87ae3963e651fe9f4b3125192c77aae86c007e0 Mon Sep 17 00:00:00 2001 +From: Patrick Havelange +Date: Mon, 21 Jan 2019 09:49:23 +0100 +Subject: [PATCH] Force to keep TPipedTransport::peek() to avoid linker error. + +Otherwise got the "defined in discarded section" linker error +with x86-64-musl toolchain. This is probably a toolchain issue - the +compiler shouldn't remove that function. + +Signed-off-by: Patrick Havelange +Upstream-status: Not Applicable +--- + lib/cpp/src/thrift/transport/TTransportUtils.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/cpp/src/thrift/transport/TTransportUtils.h b/lib/cpp/src/thrift/transport/TTransportUtils.h +index f3b4c5a..7589182 100644 +--- a/lib/cpp/src/thrift/transport/TTransportUtils.h ++++ b/lib/cpp/src/thrift/transport/TTransportUtils.h +@@ -114,7 +114,7 @@ public: + + bool isOpen() { return srcTrans_->isOpen(); } + +- bool peek() { ++ bool __attribute__ ((used)) peek() { + if (rPos_ >= rLen_) { + // Double the size of the underlying buffer if it is full + if (rLen_ == rBufSize_) { +-- +2.17.1 + diff --git a/package/thrift/0001-libevent-cross.patch b/package/thrift/0001-libevent-cross.patch deleted file mode 100644 index f07caa762a..0000000000 --- a/package/thrift/0001-libevent-cross.patch +++ /dev/null @@ -1,16 +0,0 @@ -Make it cross-compile happy the hard way, there's no clean way. - -Signed-off-by: Gustavo Zacarias - -diff -Nura thrift-0.9.1.orig/aclocal/ax_lib_event.m4 thrift-0.9.1/aclocal/ax_lib_event.m4 ---- thrift-0.9.1.orig/aclocal/ax_lib_event.m4 2013-08-15 11:04:29.000000000 -0300 -+++ thrift-0.9.1/aclocal/ax_lib_event.m4 2013-10-07 20:40:44.076435613 -0300 -@@ -75,7 +75,7 @@ - AC_LANG_PUSH([C]) - dnl This can be changed to AC_LINK_IFELSE if you are cross-compiling, - dnl but then the version cannot be checked. -- AC_RUN_IFELSE([AC_LANG_PROGRAM([[ -+ AC_LINK_IFELSE([AC_LANG_PROGRAM([[ - #include - #include - ]], [[ diff --git a/package/thrift/0002-autoreconf.patch b/package/thrift/0002-autoreconf.patch deleted file mode 100644 index 1a52f7c70d..0000000000 --- a/package/thrift/0002-autoreconf.patch +++ /dev/null @@ -1,28 +0,0 @@ -Fillers to make autoreconf (automake) happy. - -Signed-off-by: Gustavo Zacarias - -diff -Nura thrift-0.9.2.orig/AUTHORS thrift-0.9.2/AUTHORS ---- thrift-0.9.2.orig/AUTHORS 1969-12-31 21:00:00.000000000 -0300 -+++ thrift-0.9.2/AUTHORS 2014-12-05 14:46:20.431211224 -0300 -@@ -0,0 +1,2 @@ -+ -+ -diff -Nura thrift-0.9.2.orig/ChangeLog thrift-0.9.2/ChangeLog ---- thrift-0.9.2.orig/ChangeLog 1969-12-31 21:00:00.000000000 -0300 -+++ thrift-0.9.2/ChangeLog 2014-12-05 14:46:34.290686170 -0300 -@@ -0,0 +1,2 @@ -+ -+ -diff -Nura thrift-0.9.2.orig/NEWS thrift-0.9.2/NEWS ---- thrift-0.9.2.orig/NEWS 1969-12-31 21:00:00.000000000 -0300 -+++ thrift-0.9.2/NEWS 2014-12-05 14:46:32.308618241 -0300 -@@ -0,0 +1,2 @@ -+ -+ -diff -Nura thrift-0.9.2.orig/README thrift-0.9.2/README ---- thrift-0.9.2.orig/README 1969-12-31 21:00:00.000000000 -0300 -+++ thrift-0.9.2/README 2014-12-05 14:46:28.305481028 -0300 -@@ -0,0 +1,2 @@ -+ -+ diff --git a/package/thrift/0003-zlib-cross.patch b/package/thrift/0003-zlib-cross.patch deleted file mode 100644 index 3af39c4691..0000000000 --- a/package/thrift/0003-zlib-cross.patch +++ /dev/null @@ -1,16 +0,0 @@ -Make zlib version detection cross-compile happy. - -Signed-off-by: Gustavo Zacarias - -diff -Nura thrift-0.9.1.orig/aclocal/ax_lib_zlib.m4 thrift-0.9.1/aclocal/ax_lib_zlib.m4 ---- thrift-0.9.1.orig/aclocal/ax_lib_zlib.m4 2013-08-15 11:04:29.000000000 -0300 -+++ thrift-0.9.1/aclocal/ax_lib_zlib.m4 2013-10-07 20:47:44.523177973 -0300 -@@ -73,7 +73,7 @@ - # (defined in the library). - AC_LANG_PUSH([C]) - dnl This can be changed to AC_LINK_IFELSE if you are cross-compiling. -- AC_RUN_IFELSE([AC_LANG_PROGRAM([[ -+ AC_LINK_IFELSE([AC_LANG_PROGRAM([[ - #include - #if ZLIB_VERNUM >= 0x$WANT_ZLIB_VERSION - #else diff --git a/package/thrift/0004-THRIFT-3071-check-minimum-required-version-of-automa.patch b/package/thrift/0004-THRIFT-3071-check-minimum-required-version-of-automa.patch deleted file mode 100644 index ec2e22566c..0000000000 --- a/package/thrift/0004-THRIFT-3071-check-minimum-required-version-of-automa.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 9b03d2b02d32302008d2bd0218b31b9a0ca5a748 Mon Sep 17 00:00:00 2001 -From: Jens Geyer -Date: Fri, 3 Apr 2015 12:37:03 +0200 -Subject: [PATCH] THRIFT-3071 check minimum required version of automake in bootstrap.sh -Client: Build process -Patch: James E. King, III - -This closes #421 - -- remove a warning when using libtool - -"libtoolize: Consider adding 'AC_CONFIG_MACRO_DIRS([./aclocal])' to configure.ac," - -[Romain: - - This is upstream commit 4aa95df383bfa13c46a4dc0b41672ec29d476300 - - remove the part for bootstrap.sh which is not - bundled in thrift archive. - - fix the commit log accordingly] - -Signed-off-by: Romain Naour ---- - configure.ac | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/configure.ac b/configure.ac -index 5fa611e..8daeb03 100755 ---- a/configure.ac -+++ b/configure.ac -@@ -18,6 +18,7 @@ - # - - AC_PREREQ(2.65) -+AC_CONFIG_MACRO_DIR([./aclocal]) - - AC_INIT([thrift], [0.9.2]) - -@@ -540,6 +541,7 @@ AC_CHECK_FUNCS([memset]) - AC_CHECK_FUNCS([mkdir]) - AC_CHECK_FUNCS([realpath]) - AC_CHECK_FUNCS([select]) -+AC_CHECK_FUNCS([setlocale]) - AC_CHECK_FUNCS([socket]) - AC_CHECK_FUNCS([strchr]) - AC_CHECK_FUNCS([strdup]) --- -1.9.3 - diff --git a/package/thrift/0005-configure.ac-C-11-is-optional.patch b/package/thrift/0005-configure.ac-C-11-is-optional.patch deleted file mode 100644 index 9ed7e0a691..0000000000 --- a/package/thrift/0005-configure.ac-C-11-is-optional.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 9c3a7e79b256730dd85a7acadbaf57ab018b3127 Mon Sep 17 00:00:00 2001 -From: Romain Naour -Date: Tue, 7 Apr 2015 07:37:26 +0200 -Subject: [PATCH] configure.ac: C++11 is optional - -Thrift build fine whitout c++11 support. - -Signed-off-by: Romain Naour ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index 8daeb03..bfd49ae 100755 ---- a/configure.ac -+++ b/configure.ac -@@ -99,7 +99,7 @@ AC_PROG_AWK - AC_PROG_RANLIB - - AC_LANG([C++]) --AX_CXX_COMPILE_STDCXX_11([noext]) -+AX_CXX_COMPILE_STDCXX_11([noext], [optional]) - - AC_ARG_ENABLE([libs], - AS_HELP_STRING([--enable-libs], [build the Apache Thrift libraries [default=yes]]), --- -1.9.3 - diff --git a/package/thrift/thrift.hash b/package/thrift/thrift.hash index 811aa988e3..7aca8b5a7e 100644 --- a/package/thrift/thrift.hash +++ b/package/thrift/thrift.hash @@ -1,2 +1,4 @@ -# From https://www.apache.org/dist/thrift/0.9.2/thrift-0.9.2.tar.gz.md5 -md5 89f63cc4d0100912f4a1f8a9dee63678 thrift-0.9.2.tar.gz +# From https://www.apache.org/dist/thrift/0.12.0/thrift-0.12.0.tar.gz.sha256 +sha256 c336099532b765a6815173f62df0ed897528a9d551837d627c1f87fadad90428 thrift-0.12.0.tar.gz +# License files, locally calculated +sha256 23df881cec3192d1f4474633c14eb2ec30a45b84f8daeb82b9de5d2bd3ac8218 LICENSE diff --git a/package/thrift/thrift.mk b/package/thrift/thrift.mk index 741d33f571..8a284229a1 100644 --- a/package/thrift/thrift.mk +++ b/package/thrift/thrift.mk @@ -4,75 +4,67 @@ # ################################################################################ -THRIFT_VERSION = 0.9.2 +THRIFT_VERSION = 0.12.0 THRIFT_SITE = http://www.us.apache.org/dist/thrift/$(THRIFT_VERSION) -THRIFT_DEPENDENCIES = host-autoconf-archive host-pkgconf host-thrift boost \ +THRIFT_LICENSE = Apache-2.0 +THRIFT_LICENSE_FILES = LICENSE + +THRIFT_DEPENDENCIES = host-pkgconf host-thrift boost \ libevent openssl zlib THRIFT_INSTALL_STAGING = YES -HOST_THRIFT_DEPENDENCIES = host-autoconf-archive host-bison host-boost \ +HOST_THRIFT_DEPENDENCIES = host-bison host-boost \ host-flex host-libevent host-openssl host-pkgconf host-zlib -THRIFT_CONF_OPTS = --with-sysroot=$(STAGING_DIR) \ - --with-boost \ - --with-boost-libdir=$(STAGING_DIR)/usr/lib \ - --disable-tests \ - --disable-tutorial -HOST_THRIFT_CONF_OPTS = --with-sysroot=$(HOST_DIR) \ - --disable-tests \ - --disable-tutorial -THRIFT_AUTORECONF = YES -THRIFT_AUTORECONF_OPTS = -I $(HOST_DIR)/share/autoconf-archive -THRIFT_LICENSE = Apache-2.0 -THRIFT_LICENSE_FILES = LICENSE +THRIFT_COMMON_CONF_OPTS = -DBUILD_TUTORIALS=OFF \ + -DBUILD_TESTING=OFF \ + -DWITH_PYTHON=OFF \ + -DWITH_JAVA=OFF \ + -DWITH_QT5=OFF + +THRIFT_CONF_OPTS = $(THRIFT_COMMON_CONF_OPTS) -DBUILD_COMPILER=OFF +HOST_THRIFT_CONF_OPTS = $(THRIFT_COMMON_CONF_OPTS) -DBUILD_COMPILER=ON # relocation truncated to fit: R_68K_GOT16O ifeq ($(BR2_m68k_cf),y) THRIFT_CONF_ENV += CXXFLAGS="$(TARGET_CXXFLAGS) -mxgot" endif +# thrift doesn't use the regular flags BUILD_{STATIC,SHARED}_LIBS ifeq ($(BR2_STATIC_LIBS),y) # openssl uses zlib, so we need to explicitly link with it when static THRIFT_CONF_ENV += LIBS=-lz +THRIFT_CONF_OPTS += -DWITH_STATIC_LIB=ON -DWITH_BOOST_STATIC=ON -DWITH_SHARED_LIB=OFF +else ifeq ($(BR2_SHARED_LIBS),y) +THRIFT_CONF_OPTS += -DWITH_STATIC_LIB=OFF -DWITH_BOOST_STATIC=OFF -DWITH_SHARED_LIB=ON +else +# BR2_SHARED_STATIC_LIBS +THRIFT_CONF_OPTS += -DWITH_STATIC_LIB=ON -DWITH_BOOST_STATIC=OFF -DWITH_SHARED_LIB=ON endif -# Language selection -# The generator (host tool) works with all of them regardless -# This is just for the libraries / bindings -THRIFT_LANG_CONF_OPTS += --without-csharp --without-java --without-erlang \ - --without-python --without-perl --without-php --without-php_extension \ - --without-ruby --without-haskell --without-go --without-d \ - --without-qt4 --without-lua -HOST_THRIFT_CONF_OPTS += $(THRIFT_LANG_CONF_OPTS) --without-c_glib -THRIFT_CONF_OPTS += $(THRIFT_LANG_CONF_OPTS) +# Language selection for the compiler +HOST_THRIFT_CONF_OPTS += -DTHRIFT_COMPILER_CSHARP=OFF \ + -DTHRIFT_COMPILER_JAVA=OFF \ + -DTHRIFT_COMPILER_ERL=OFF \ + -DTHRIFT_COMPILER_PY=OFF \ + -DTHRIFT_COMPILER_PERL=OFF \ + -DTHRIFT_COMPILER_PHP=OFF \ + -DTHRIFT_COMPILER_RB=OFF \ + -DTHRIFT_COMPILER_HS=OFF \ + -DTHRIFT_COMPILER_GO=OFF \ + -DTHRIFT_COMPILER_D=OFF \ + -DTHRIFT_COMPILER_LUA=OFF \ + -DBUILD_C_GLIB=OFF # C bindings ifeq ($(BR2_PACKAGE_LIBGLIB2),y) THRIFT_DEPENDENCIES += libglib2 +THRIFT_CONF_OPTS += -DBUILD_C_GLIB=ON else -THRIFT_CONF_OPTS += --without-c_glib +THRIFT_CONF_OPTS += -DBUILD_C_GLIB=OFF endif -# De-hardcode THRIFT for cross compiling -define THRIFT_TOOL_NO_HARDCODE - for f in `find $(@D) -name Makefile.am -type f`; do \ - $(SED) "/^THRIFT =/d" $$f; \ - done - $(SED) "s:top_builddir)/compiler/cpp/thrift:THRIFT):" $(@D)/tutorial/Makefile.am -endef - -THRIFT_POST_PATCH_HOOKS += THRIFT_TOOL_NO_HARDCODE - -define THRIFT_BUILD_CMDS - $(TARGET_MAKE_ENV) $(MAKE) THRIFT=$(HOST_DIR)/bin/thrift -C $(@D) -endef - -# Install runtime only -define THRIFT_INSTALL_TARGET_CMDS - $(TARGET_MAKE_ENV) $(MAKE) -C $(@D)/lib DESTDIR=$(TARGET_DIR) install -endef - -$(eval $(autotools-package)) -$(eval $(host-autotools-package)) +$(eval $(cmake-package)) +$(eval $(host-cmake-package)) # to be used by other packages THRIFT = $(HOST_DIR)/bin/thrift From patchwork Tue Jan 29 09:39:18 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Havelange X-Patchwork-Id: 1032630 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.138; helo=whitealder.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=essensium.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=essensium-com.20150623.gappssmtp.com header.i=@essensium-com.20150623.gappssmtp.com header.b="k6kD3CIs"; dkim-atps=neutral Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43phL13K39z9sDB for ; Tue, 29 Jan 2019 20:39:53 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 39FF38683C; Tue, 29 Jan 2019 09:39:50 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jwviXkvym8FB; Tue, 29 Jan 2019 09:39:48 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by whitealder.osuosl.org (Postfix) with ESMTP id 3EA5386581; Tue, 29 Jan 2019 09:39:48 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id CFF821BF310 for ; Tue, 29 Jan 2019 09:39:43 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id CC97B81E21 for ; Tue, 29 Jan 2019 09:39:43 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eYV7nezLQIpn for ; Tue, 29 Jan 2019 09:39:42 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-ed1-f54.google.com (mail-ed1-f54.google.com [209.85.208.54]) by whitealder.osuosl.org (Postfix) with ESMTPS id 35D6D867DF for ; Tue, 29 Jan 2019 09:39:42 +0000 (UTC) Received: by mail-ed1-f54.google.com with SMTP id d39so15390471edb.12 for ; Tue, 29 Jan 2019 01:39:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=essensium-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=ovAONT/mlEyLlRXq949Y5IPyfF4dGVBFHtJfkdIIG8g=; b=k6kD3CIs3H6l26ZZ5Gt27rQGofiGbPNQdWOW/+MT5Z23f8TySi6YD3w6+p6/yxuag+ IPNM25fhznvBErYVGG4rvMtIWxHpIUz+/ztWaDsZn0g3A4FJf9+udYGoQ5M0p175lBjc BPU5psl+sU5Ab20TpXukjuPar2BFSd9STTFEmRNjBgDzdJoGnKoso0S00vIbFqo4YKpk aARGSEkTOOQ5A7m8YsKCc1X8yxoAeYSxjGL9e8N9cb2UN/UuS7nnLPz+pTvTX9XZ7VP4 7U2oaSFuW8cFllA8NSQIaY4ow8RcDe3ontlEABxAlxSwTa0lfzEB2A4Kl8ExKPOgzg8a jKmA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=ovAONT/mlEyLlRXq949Y5IPyfF4dGVBFHtJfkdIIG8g=; b=BrFQvoG1M1enldIkU0yf+kfjrm5S9KEU4EhbtUKHOKzxmdrIZ/Y+PW1p9jPVyPuhzb QsAU+P+DPrQFKrVepDvA+hiYOhvPfHua8hcgktL04fHeGKRUoIJa9CDwa+sEDUsUJyDy dVnd5iliEw50Me9A+x/BYR4IeJ0EakwV43kvZ/kWmAn7M5gIk+tolNQhyGQWjYWRB1WO VQ9wtZa2Jdl0IjNWumPxj/i7L2GhATkcD8JJF8xnV7Tseuf3UGd2srxlTo4gosBmiv/H 9xgKgV/RMGqgXcG+B1frwmdWDacUirznwAF49A5TzydmuMBLKbt6CKDS7v8nXcBNcovW quJA== X-Gm-Message-State: AJcUukcE7SGkERuvuJNBN9ujimKVCR1Yc23+D/7oI2tk28uzkGni6IS2 gGz5rTH3wd729nOh0jsmuGCVO4JtBXg= X-Google-Smtp-Source: ALg8bN6HLO5xk4I2d3C8IlM+zUhH5fTCXskoIV90M3lfydtnYQ5Mbod4syQIM/S7+0vXWCwm0MQ+IQ== X-Received: by 2002:a17:906:f212:: with SMTP id gt18mr22197672ejb.201.1548754780092; Tue, 29 Jan 2019 01:39:40 -0800 (PST) Received: from ph-ThinkPad-E560.local.ess-mail.com (ip-188-118-3-185.reverse.destiny.be. [188.118.3.185]) by smtp.gmail.com with ESMTPSA id r8sm13675540edo.11.2019.01.29.01.39.39 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 29 Jan 2019 01:39:39 -0800 (PST) From: Patrick Havelange To: buildroot@buildroot.org Date: Tue, 29 Jan 2019 10:39:18 +0100 Message-Id: <20190129093919.22060-7-patrick.havelange@essensium.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190129093919.22060-1-patrick.havelange@essensium.com> References: <20190129093919.22060-1-patrick.havelange@essensium.com> Subject: [Buildroot] [PATCH v7 7/8] package/rtmpdump: Fix compilation issues with openssl 1.1.x X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Patrick Havelange , Vadim Kochan MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" From: Vadim Kochan Upstream is dead, other distros use gnutls exclusively, so patch is not sent upstream. Signed-off-by: Vadim Kochan Signed-off-by: Patrick Havelange --- Changes v7: - none Changes v6: - Commit msg --- ...p-Fix-compilation-with-openssl-1.1.x.patch | 276 ++++++++++++++++++ 1 file changed, 276 insertions(+) create mode 100644 package/rtmpdump/0001-librtmp-Fix-compilation-with-openssl-1.1.x.patch diff --git a/package/rtmpdump/0001-librtmp-Fix-compilation-with-openssl-1.1.x.patch b/package/rtmpdump/0001-librtmp-Fix-compilation-with-openssl-1.1.x.patch new file mode 100644 index 0000000000..44e70b495a --- /dev/null +++ b/package/rtmpdump/0001-librtmp-Fix-compilation-with-openssl-1.1.x.patch @@ -0,0 +1,276 @@ +From f3ca4b9450e273afc5b773e5e5637b7fcbc71dd8 Mon Sep 17 00:00:00 2001 +From: Vadim Kochan +Date: Fri, 18 Jan 2019 01:15:33 +0200 +Subject: [PATCH] librtmp: Fix compilation with openssl 1.1.x + +Signed-off-by: Vadim Kochan +--- + librtmp/dh.h | 70 +++++++++++++++++++++++++++++++++++++++++++---------- + librtmp/handshake.h | 13 ++++++---- + librtmp/hashswf.c | 18 +++++++++----- + librtmp/rtmp.c | 4 +-- + 4 files changed, 78 insertions(+), 27 deletions(-) + +diff --git a/librtmp/dh.h b/librtmp/dh.h +index 5fc3f32..2cf6b8c 100644 +--- a/librtmp/dh.h ++++ b/librtmp/dh.h +@@ -186,6 +186,32 @@ typedef BIGNUM * MP_t; + #define MDH_free(dh) DH_free(dh) + #define MDH_generate_key(dh) DH_generate_key(dh) + #define MDH_compute_key(secret, seclen, pub, dh) DH_compute_key(secret, pub, dh) ++#define MDH_set_g(dh, g) DH_set0_pqg(dh, NULL, NULL, g) ++#define MDH_set_p(dh, p) DH_set0_pqg(dh, p, NULL, NULL) ++#define MDH_set_len(dh, l) DH_set_length(dh, l) ++#define MDH_set_pub_key(dh, pub) DH_set0_key(dh, pub, NULL) ++#define MDH_set_priv_key(dh, priv) DH_set0_key(dh, NULL, priv) ++ ++static inline BIGNUM *MDH_get_p(DH *dh) ++{ ++ const BIGNUM *p; ++ DH_get0_pqg(dh, &p, NULL, NULL); ++ return (BIGNUM *) p; ++} ++ ++static inline BIGNUM *MDH_get_pub_key(DH *dh) ++{ ++ const BIGNUM *pub; ++ DH_get0_key(dh, &pub, NULL); ++ return (BIGNUM *) pub; ++} ++ ++static inline BIGNUM *MDH_get_priv_key(DH *dh) ++{ ++ const BIGNUM *priv; ++ DH_get0_key(dh, NULL, &priv); ++ return (BIGNUM *) priv; ++} + + #endif + +@@ -249,24 +275,28 @@ DHInit(int nKeyBits) + { + size_t res; + MDH *dh = MDH_new(); ++ MP_t g, p; + + if (!dh) + goto failed; + +- MP_new(dh->g); ++ MP_new(g); + +- if (!dh->g) ++ if (g) + goto failed; + +- MP_gethex(dh->p, P1024, res); /* prime P1024, see dhgroups.h */ ++ MDH_set_g(dh, g); ++ p = MDH_get_p(dh); ++ MP_gethex(p, P1024, res); /* prime P1024, see dhgroups.h */ + if (!res) + { + goto failed; + } + +- MP_set_w(dh->g, 2); /* base 2 */ ++ MDH_set_p(dh, p); ++ MP_set_w(g, 2); /* base 2 */ ++ MDH_set_len(dh, nKeyBits); + +- dh->length = nKeyBits; + return dh; + + failed: +@@ -286,6 +316,9 @@ DHGenerateKey(MDH *dh) + while (!res) + { + MP_t q1 = NULL; ++ MP_t priv_key; ++ MP_t pub_key; ++ MP_t p; + + if (!MDH_generate_key(dh)) + return 0; +@@ -293,12 +326,17 @@ DHGenerateKey(MDH *dh) + MP_gethex(q1, Q1024, res); + assert(res); + +- res = isValidPublicKey(dh->pub_key, dh->p, q1); ++ priv_key = MDH_get_priv_key(dh); ++ pub_key = MDH_get_pub_key(dh); ++ p = MDH_get_p(dh); ++ ++ res = isValidPublicKey(pub_key, p, q1); + if (!res) + { +- MP_free(dh->pub_key); +- MP_free(dh->priv_key); +- dh->pub_key = dh->priv_key = 0; ++ MP_free(pub_key); ++ MP_free(priv_key); ++ MDH_set_pub_key(dh, NULL); ++ MDH_set_priv_key(dh, NULL); + } + + MP_free(q1); +@@ -313,16 +351,22 @@ DHGenerateKey(MDH *dh) + static int + DHGetPublicKey(MDH *dh, uint8_t *pubkey, size_t nPubkeyLen) + { ++ MP_t pub_key; + int len; +- if (!dh || !dh->pub_key) ++ ++ if (!dh) ++ return 0; ++ ++ pub_key = MDH_get_pub_key(dh); ++ if (!pub_key) + return 0; + +- len = MP_bytes(dh->pub_key); ++ len = MP_bytes(pub_key); + if (len <= 0 || len > (int) nPubkeyLen) + return 0; + + memset(pubkey, 0, nPubkeyLen); +- MP_setbin(dh->pub_key, pubkey + (nPubkeyLen - len), len); ++ MP_setbin(pub_key, pubkey + (nPubkeyLen - len), len); + return 1; + } + +@@ -364,7 +408,7 @@ DHComputeSharedSecretKey(MDH *dh, uint8_t *pubkey, size_t nPubkeyLen, + MP_gethex(q1, Q1024, len); + assert(len); + +- if (isValidPublicKey(pubkeyBn, dh->p, q1)) ++ if (isValidPublicKey(pubkeyBn, MDH_get_p(dh), q1)) + res = MDH_compute_key(secret, nPubkeyLen, pubkeyBn, dh); + else + res = -1; +diff --git a/librtmp/handshake.h b/librtmp/handshake.h +index 0438486..1e84b3a 100644 +--- a/librtmp/handshake.h ++++ b/librtmp/handshake.h +@@ -69,9 +69,9 @@ typedef struct arcfour_ctx* RC4_handle; + #if OPENSSL_VERSION_NUMBER < 0x0090800 || !defined(SHA256_DIGEST_LENGTH) + #error Your OpenSSL is too old, need 0.9.8 or newer with SHA256 + #endif +-#define HMAC_setup(ctx, key, len) HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, key, len, EVP_sha256(), 0) +-#define HMAC_crunch(ctx, buf, len) HMAC_Update(&ctx, buf, len) +-#define HMAC_finish(ctx, dig, dlen) HMAC_Final(&ctx, dig, &dlen); HMAC_CTX_cleanup(&ctx) ++#define HMAC_setup(ctx, key, len) HMAC_CTX_reset(ctx); HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0) ++#define HMAC_crunch(ctx, buf, len) HMAC_Update(ctx, buf, len) ++#define HMAC_finish(ctx, dig, dlen) HMAC_Final(ctx, dig, &dlen); + + typedef RC4_KEY * RC4_handle; + #define RC4_alloc(h) *h = malloc(sizeof(RC4_KEY)) +@@ -117,7 +117,7 @@ static void InitRC4Encryption + { + uint8_t digest[SHA256_DIGEST_LENGTH]; + unsigned int digestLen = 0; +- HMAC_CTX ctx; ++ HMAC_CTX *ctx = HMAC_CTX_new(); + + RC4_alloc(rc4keyIn); + RC4_alloc(rc4keyOut); +@@ -139,6 +139,8 @@ static void InitRC4Encryption + RTMP_LogHex(RTMP_LOGDEBUG, digest, 16); + + RC4_setkey(*rc4keyIn, 16, digest); ++ ++ HMAC_CTX_free(ctx); + } + + typedef unsigned int (getoff)(uint8_t *buf, unsigned int len); +@@ -266,12 +268,13 @@ HMACsha256(const uint8_t *message, size_t messageLen, const uint8_t *key, + size_t keylen, uint8_t *digest) + { + unsigned int digestLen; +- HMAC_CTX ctx; ++ HMAC_CTX *ctx = HMAC_CTX_new(); + + HMAC_setup(ctx, key, keylen); + HMAC_crunch(ctx, message, messageLen); + HMAC_finish(ctx, digest, digestLen); + ++ HMAC_CTX_free(ctx); + assert(digestLen == 32); + } + +diff --git a/librtmp/hashswf.c b/librtmp/hashswf.c +index 9f4e2c0..ba2c228 100644 +--- a/librtmp/hashswf.c ++++ b/librtmp/hashswf.c +@@ -57,10 +57,10 @@ + #include + #include + #include +-#define HMAC_setup(ctx, key, len) HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, (unsigned char *)key, len, EVP_sha256(), 0) +-#define HMAC_crunch(ctx, buf, len) HMAC_Update(&ctx, (unsigned char *)buf, len) +-#define HMAC_finish(ctx, dig, dlen) HMAC_Final(&ctx, (unsigned char *)dig, &dlen); +-#define HMAC_close(ctx) HMAC_CTX_cleanup(&ctx) ++#define HMAC_setup(ctx, key, len) HMAC_CTX_reset(ctx); HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0) ++#define HMAC_crunch(ctx, buf, len) HMAC_Update(ctx, (unsigned char *)buf, len) ++#define HMAC_finish(ctx, dig, dlen) HMAC_Final(ctx, (unsigned char *)dig, &dlen); ++#define HMAC_close(ctx) + #endif + + extern void RTMP_TLS_Init(); +@@ -289,7 +289,7 @@ leave: + struct info + { + z_stream *zs; +- HMAC_CTX ctx; ++ HMAC_CTX *ctx; + int first; + int zlib; + int size; +@@ -582,6 +582,10 @@ RTMP_HashSWF(const char *url, unsigned int *size, unsigned char *hash, + } + + in.first = 1; ++ in.ctx = HMAC_CTX_new(); ++ if (!in.ctx) ++ goto out; ++ + HMAC_setup(in.ctx, "Genuine Adobe Flash Player 001", 30); + inflateInit(&zs); + in.zs = &zs; +@@ -621,7 +625,7 @@ RTMP_HashSWF(const char *url, unsigned int *size, unsigned char *hash, + "%s: couldn't open %s for writing, errno %d (%s)", + __FUNCTION__, path, err, strerror(err)); + ret = -1; +- goto out; ++ goto free_ctx; + } + fseek(f, 0, SEEK_END); + q = strchr(url, '?'); +@@ -649,6 +653,8 @@ RTMP_HashSWF(const char *url, unsigned int *size, unsigned char *hash, + } + } + HMAC_close(in.ctx); ++free_ctx: ++ HMAC_CTX_free(in.ctx); + out: + free(path); + if (f) +diff --git a/librtmp/rtmp.c b/librtmp/rtmp.c +index a2863b0..c995568 100644 +--- a/librtmp/rtmp.c ++++ b/librtmp/rtmp.c +@@ -245,9 +245,7 @@ RTMP_TLS_Init() + "ca.pem", GNUTLS_X509_FMT_PEM); + #elif !defined(NO_SSL) /* USE_OPENSSL */ + /* libcrypto doesn't need anything special */ +- SSL_load_error_strings(); +- SSL_library_init(); +- OpenSSL_add_all_digests(); ++ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); + RTMP_TLS_ctx = SSL_CTX_new(SSLv23_method()); + SSL_CTX_set_options(RTMP_TLS_ctx, SSL_OP_ALL); + SSL_CTX_set_default_verify_paths(RTMP_TLS_ctx); +-- +2.14.1 + From patchwork Tue Jan 29 09:39:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Patrick Havelange X-Patchwork-Id: 1032633 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.133; helo=hemlock.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=essensium.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=essensium-com.20150623.gappssmtp.com header.i=@essensium-com.20150623.gappssmtp.com header.b="XwgLvzlK"; dkim-atps=neutral Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43phL739Gmz9sDX for ; Tue, 29 Jan 2019 20:39:59 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id B6054878CD; Tue, 29 Jan 2019 09:39:54 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GA+crJWx+h92; Tue, 29 Jan 2019 09:39:50 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by hemlock.osuosl.org (Postfix) with ESMTP id 67FE3877E9; Tue, 29 Jan 2019 09:39:50 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by ash.osuosl.org (Postfix) with ESMTP id DA6361BF310 for ; Tue, 29 Jan 2019 09:39:47 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id D2D4B877E2 for ; Tue, 29 Jan 2019 09:39:47 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id th0m6+YWyAfa for ; Tue, 29 Jan 2019 09:39:44 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-ed1-f43.google.com (mail-ed1-f43.google.com [209.85.208.43]) by hemlock.osuosl.org (Postfix) with ESMTPS id A37D4877E9 for ; Tue, 29 Jan 2019 09:39:43 +0000 (UTC) Received: by mail-ed1-f43.google.com with SMTP id y56so15403412edd.11 for ; Tue, 29 Jan 2019 01:39:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=essensium-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=/OEuah1lNCdpVReLNXeMYrvVlOIeD0rYzPLdwXeW9pA=; b=XwgLvzlKEXA0wHUDeW5w46Vj9y3QZdua9V38E+Hw6rGIEHmaGJvD8qVJXnl4ZjAmr8 mRa/oqwru/W8qOFHBXqHBhQiwBGcX1Fpuq8mDgqEb+dPERoJJrdbrzAiTAiNXzgE3J6U E0YZi4rR/R/JleftXrn7frw/cuw8CPfX8gaBz5tM90XfW047TOFFJfYLYR1WJ2cbKPsX /WTSP9pUAHFere5Qx1p3oS49VSA/DuyjGxdxbycSvj7Gryh6Im83TybYFDFGAQKiwOa8 TurvRcBIVdr1jpoyzDeeznBVlfstSrEvg4E3CC4gM2B6jL8km4jSVD47w7UdscvbkGeb z3Nw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=/OEuah1lNCdpVReLNXeMYrvVlOIeD0rYzPLdwXeW9pA=; b=lFr8hzQuUryRVnllSn9nS1L1gjJPLZl4DIOR63g/chM9xf1w6HcGQTbpHwWq4y0eqN wmwN2rH3bpjHnkmvO3nwSK+F/4AP2+tJmyNQlD2GrSSc6cgYh6wUkmcFc3vWzBFKF7bs 6gMbJQucpiGXqohWXDU56Rt7eXC/C86dUiYgZ3eeObUfjPZJp9plzvqdqcuhYC+/gWuf pAqd6S6Gjt5SAd5cwTo8RAaa3JUKUnueHBpUXYSbb6a+KAQGajChstfETEQ15HFhwd3j wePIigyVP05RdtpR8EOWS3tf/NP9wIp93roWzyt8lfRmaQOZNOdUe2jpZ9kMa94fOtbh IBYQ== X-Gm-Message-State: AJcUukf2v2mb7c5BaMUej1RAVctO2daUVSMN9xfYx9KcM9Kiqw4gjsh6 31Hq0ujKehYeMwHnj+ms8bVHwpRTQK4= X-Google-Smtp-Source: ALg8bN7Frf6fzMbITsI+7QyTm6PhYpx610gOZfMaHD0UgahMdZ5vyWPggUoRMJijAg/Sk8iLOX5WFg== X-Received: by 2002:aa7:d35a:: with SMTP id m26mr24067642edr.244.1548754781269; Tue, 29 Jan 2019 01:39:41 -0800 (PST) Received: from ph-ThinkPad-E560.local.ess-mail.com (ip-188-118-3-185.reverse.destiny.be. [188.118.3.185]) by smtp.gmail.com with ESMTPSA id r8sm13675540edo.11.2019.01.29.01.39.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 29 Jan 2019 01:39:40 -0800 (PST) From: Patrick Havelange To: buildroot@buildroot.org Date: Tue, 29 Jan 2019 10:39:19 +0100 Message-Id: <20190129093919.22060-8-patrick.havelange@essensium.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190129093919.22060-1-patrick.havelange@essensium.com> References: <20190129093919.22060-1-patrick.havelange@essensium.com> MIME-Version: 1.0 Subject: [Buildroot] [PATCH v7 8/8] libopenssl: bump version to 1.1.1a X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Patrick Havelange , Peter Seiderer , Vadim Kochan Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" From: Peter Seiderer - use BR2_TOOLCHAIN_HAS_UCONTEXT This is used to set -DOPENSSL_NO_ASYNC if needed. - apply the CFLAGS correctly when compiling with -Os (bugfix). - use -latomic when needed This fixes the build for br-sparc-uclibc-2018.05 - don't use madvise() if no MMU Trying to do so results in undefined reference to madvise() as it is not available on uclibc without MMU. The original openssl code checks if a macro used in the madvise call is defined. The problem comes from the fact that the code in crypto/mem_sec.c also includes a kernel header defining the same macro unconditionally. Thus the check is always true in that case. Upstream: https://github.com/openssl/openssl/pull/8089 - don't compile test/fuzzers These binaries introduced with 1.1.x sometimes do not compile. This is the case with the br-arm-cortex-m4-full toolchain - don't build ocsp daemon if no MMU. Patch from Richard Levitte. - correctly enable cryptodev engine Thanks to Arnout Vandecappelle for spotting this. - remove all parallel build patches (openssl build-system changed) - rebased 0001-Dont-waste-time-building-manpages-if-we-re-not-going.patch to apply to Configurations/unix-Makefile.tmpl (Makefile template) - removed 0002-cryptodev-Fix-issue-with-signature-generation.patch (upstream applied) - rebased 0003-Reproducible-build-do-not-leak-compiler-path.patch to apply to crypto/build.info (Makefile template) - fix musl/uclibc build failure, use '-DOPENSSL_NO_ASYNC' - remove legacy enable-tlsext configure option - remove target/host libdir configure options, fixes openssl.pc installation path, fixes wget compile - change legacy INSTALL_PREFIX to DESTDIR - remove 'libraries gets installed read only, so strip fails' workaround (not needed anymore) - change engine directory from /usr/lib/engines to /usr/lib/engines-1.1 - change license file hash, no license change, only the following hint was removed: Actually both licenses are BSD-style Open Source licenses. In case of any license issues related to OpenSSL please contact openssl-core@openssl.org. Signed-off-by: Peter Seiderer Tested-by: Ryan Coe Signed-off-by: Vadim Kochan Signed-off-by: Patrick Havelange --- Changes v6 -> v7: - none Changes v5 -> v6: - use BR2_TOOLCHAIN_HAS_UCONTEXT - apply the CFLAGS correctly - use -latomic when needed - don't use madvise() if no MMU - don't compile test/fuzzers - don't build ocsp daemon if no MMU - correctly enable cryptodev engine - remove explicit rpath argument Changes v4 -> v5: - remove libdir config options (suggested by Arnout Vandecappelle) Changes v3 -> v4: - bump version to 1.1.1a - remove all parallel build patches hash file entries - re-remove 0004-Revert-util-dofile.pl-only-quote-stuff-that-actually.patch (upstream applied) - fix hist library install path - removed 0002-cryptodev-Fix-issue-with-signature-generation.patch (upstram applied) - remove follow up patch for openssh (not longer needed since version bump to 7.9p1, see https://www.openssh.com/releasenotes.html Portability) Changes v2 -> v3: - no changes Changes v1 -> v2: - add OPENSSL_NO_ASYNC workaround for musl compile too (suggested by Bernd Kuhls) - fix host-libopenssl compile (reported by Ryan Coe) by setting rpath (suggested by Ryan Coe) - fix 0001-Dont-waste-time-building-manpages-if-we-re-not-going.patch and 0003-Reproducible-build-do-not-leak-compiler-path.patch to apply to the Makefile templates (instead of re-generated Makefile) (reported by Ryan Coe) - add 0004-Revert-util-dofile.pl-only-quote-stuff-that-actually.patch (suggested by Bernd Kuhls) Signed-off-by: Patrick Havelange --- ...building-manpages-if-we-re-not-going.patch | 34 +- ...-Fix-issue-with-signature-generation.patch | 450 ------------------ ...ible-build-do-not-leak-compiler-path.patch | 31 +- ...ENSSL_NO_MADVISE-to-disable-call-to-.patch | 27 ++ ...the-same-HAVE_FORK-NO_FORK-as-in-spe.patch | 46 ++ package/libopenssl/libopenssl.hash | 15 +- package/libopenssl/libopenssl.mk | 59 ++- 7 files changed, 147 insertions(+), 515 deletions(-) delete mode 100644 package/libopenssl/0002-cryptodev-Fix-issue-with-signature-generation.patch create mode 100644 package/libopenssl/0004-Introduce-the-OPENSSL_NO_MADVISE-to-disable-call-to-.patch create mode 100644 package/libopenssl/0005-apps-ocsp.c-Use-the-same-HAVE_FORK-NO_FORK-as-in-spe.patch diff --git a/package/libopenssl/0001-Dont-waste-time-building-manpages-if-we-re-not-going.patch b/package/libopenssl/0001-Dont-waste-time-building-manpages-if-we-re-not-going.patch index 10d2b7526c..f20b6f0834 100644 --- a/package/libopenssl/0001-Dont-waste-time-building-manpages-if-we-re-not-going.patch +++ b/package/libopenssl/0001-Dont-waste-time-building-manpages-if-we-re-not-going.patch @@ -1,27 +1,31 @@ -From 389efb564fa1453a9da835393eec9006bfae2a52 Mon Sep 17 00:00:00 2001 +From d8f104bffb0c4acb8c5fcdf49628f7d02ed48f7f Mon Sep 17 00:00:00 2001 From: Mike Frysinger Date: Sat, 16 May 2015 18:53:51 +0200 -Subject: Dont waste time building manpages if we're not going to use em. +Subject: [PATCH] Dont waste time building manpages if we're not going to use + em. Signed-off-by: Ryan Barnett [Gustavo: update for parallel-build] + +[rebased on openssl-1.1.0h] +Signed-off-by: Peter Seiderer --- - Makefile.org | 2 +- + Configurations/unix-Makefile.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -diff --git a/Makefile.org b/Makefile.org -index 60f07cc..976ceaf 100644 ---- a/Makefile.org -+++ b/Makefile.org -@@ -527,7 +527,7 @@ dist: - dist_pem_h: - (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) +diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl +index 40cf2c3..777d9ca 100644 +--- a/Configurations/unix-Makefile.tmpl ++++ b/Configurations/unix-Makefile.tmpl +@@ -268,7 +268,7 @@ list-tests: + @echo "Tests are not supported with your chosen Configure options" + @ : {- output_on() if !$disabled{tests}; "" -} + +-install: install_sw install_ssldirs install_docs ++install: install_sw install_ssldirs --install: install_docs install_sw -+install: install_sw + uninstall: uninstall_docs uninstall_sw - install_sw: - @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ -- -1.9.1 +2.16.3 diff --git a/package/libopenssl/0002-cryptodev-Fix-issue-with-signature-generation.patch b/package/libopenssl/0002-cryptodev-Fix-issue-with-signature-generation.patch deleted file mode 100644 index 47295500c0..0000000000 --- a/package/libopenssl/0002-cryptodev-Fix-issue-with-signature-generation.patch +++ /dev/null @@ -1,450 +0,0 @@ -From 90fd7e8f1a316cda86ee442b43fcd7d5e5baeede Mon Sep 17 00:00:00 2001 -From: Gustavo Zacarias -Date: Sat, 16 May 2015 18:55:08 +0200 -Subject: cryptodev: Fix issue with signature generation - -Forward port of 0001-cryptodev-Fix-issue-with-signature-generation.patch -from http://rt.openssl.org/Ticket/Display.html?id=2770&user=guest&pass=guest -It was originally targetted at 1.0.2-beta3. - -Without this patch digest acceleration via cryptodev is broken. - -Signed-off-by: Gustavo Zacarias -Signed-off-by: Ryan Barnett ---- - crypto/engine/eng_cryptodev.c | 195 +++++++++++++++++++++++++++++++----------- - 1 file changed, 146 insertions(+), 49 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index 926d95c..7021d9a 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -2,6 +2,7 @@ - * Copyright (c) 2002 Bob Beck - * Copyright (c) 2002 Theo de Raadt - * Copyright (c) 2002 Markus Friedl -+ * Copyright (c) 2012 Nikos Mavrogiannopoulos - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without -@@ -72,7 +73,6 @@ struct dev_crypto_state { - struct session_op d_sess; - int d_fd; - # ifdef USE_CRYPTODEV_DIGESTS -- char dummy_mac_key[HASH_MAX_LEN]; - unsigned char digest_res[HASH_MAX_LEN]; - char *mac_data; - int mac_len; -@@ -189,8 +189,10 @@ static struct { - static struct { - int id; - int nid; -- int keylen; -+ int digestlen; - } digests[] = { -+#if 0 -+ /* HMAC is not supported */ - { - CRYPTO_MD5_HMAC, NID_hmacWithMD5, 16 - }, -@@ -198,15 +200,15 @@ static struct { - CRYPTO_SHA1_HMAC, NID_hmacWithSHA1, 20 - }, - { -- CRYPTO_RIPEMD160_HMAC, NID_ripemd160, 16 -- /* ? */ -+ CRYPTO_SHA2_256_HMAC, NID_hmacWithSHA256, 32 - }, - { -- CRYPTO_MD5_KPDK, NID_undef, 0 -+ CRYPTO_SHA2_384_HMAC, NID_hmacWithSHA384, 48 - }, - { -- CRYPTO_SHA1_KPDK, NID_undef, 0 -+ CRYPTO_SHA2_512_HMAC, NID_hmacWithSHA512, 64 - }, -+#endif - { - CRYPTO_MD5, NID_md5, 16 - }, -@@ -214,6 +216,15 @@ static struct { - CRYPTO_SHA1, NID_sha1, 20 - }, - { -+ CRYPTO_SHA2_256, NID_sha256, 32 -+ }, -+ { -+ CRYPTO_SHA2_384, NID_sha384, 48 -+ }, -+ { -+ CRYPTO_SHA2_512, NID_sha512, 64 -+ }, -+ { - 0, NID_undef, 0 - }, - }; -@@ -288,13 +299,14 @@ static int get_cryptodev_ciphers(const int **cnids) - static int nids[CRYPTO_ALGORITHM_MAX]; - struct session_op sess; - int fd, i, count = 0; -+ unsigned char fake_key[CRYPTO_CIPHER_MAX_KEY_LEN]; - - if ((fd = get_dev_crypto()) < 0) { - *cnids = NULL; - return (0); - } - memset(&sess, 0, sizeof(sess)); -- sess.key = (caddr_t) "123456789abcdefghijklmno"; -+ sess.key = (void*)fake_key; - - for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { - if (ciphers[i].nid == NID_undef) -@@ -327,18 +339,19 @@ static int get_cryptodev_digests(const int **cnids) - static int nids[CRYPTO_ALGORITHM_MAX]; - struct session_op sess; - int fd, i, count = 0; -+ unsigned char fake_key[CRYPTO_CIPHER_MAX_KEY_LEN]; - - if ((fd = get_dev_crypto()) < 0) { - *cnids = NULL; - return (0); - } - memset(&sess, 0, sizeof(sess)); -- sess.mackey = (caddr_t) "123456789abcdefghijklmno"; -+ sess.mackey = fake_key; - for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { - if (digests[i].nid == NID_undef) - continue; - sess.mac = digests[i].id; -- sess.mackeylen = digests[i].keylen; -+ sess.mackeylen = 8; - sess.cipher = 0; - if (ioctl(fd, CIOCGSESSION, &sess) != -1 && - ioctl(fd, CIOCFSESSION, &sess.ses) != -1) -@@ -424,14 +437,14 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - cryp.ses = sess->ses; - cryp.flags = 0; - cryp.len = inl; -- cryp.src = (caddr_t) in; -- cryp.dst = (caddr_t) out; -+ cryp.src = (void*) in; -+ cryp.dst = (void*) out; - cryp.mac = 0; - - cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; - - if (ctx->cipher->iv_len) { -- cryp.iv = (caddr_t) ctx->iv; -+ cryp.iv = (void*) ctx->iv; - if (!ctx->encrypt) { - iiv = in + inl - ctx->cipher->iv_len; - memcpy(save_iv, iiv, ctx->cipher->iv_len); -@@ -483,7 +496,7 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - if ((state->d_fd = get_dev_crypto()) < 0) - return (0); - -- sess->key = (caddr_t) key; -+ sess->key = (void*)key; - sess->keylen = ctx->key_len; - sess->cipher = cipher; - -@@ -749,16 +762,6 @@ static int digest_nid_to_cryptodev(int nid) - return (0); - } - --static int digest_key_length(int nid) --{ -- int i; -- -- for (i = 0; digests[i].id; i++) -- if (digests[i].nid == nid) -- return digests[i].keylen; -- return (0); --} -- - static int cryptodev_digest_init(EVP_MD_CTX *ctx) - { - struct dev_crypto_state *state = ctx->md_data; -@@ -769,7 +772,6 @@ static int cryptodev_digest_init(EVP_MD_CTX *ctx) - printf("cryptodev_digest_init: Can't get digest \n"); - return (0); - } -- - memset(state, 0, sizeof(struct dev_crypto_state)); - - if ((state->d_fd = get_dev_crypto()) < 0) { -@@ -777,8 +779,8 @@ static int cryptodev_digest_init(EVP_MD_CTX *ctx) - return (0); - } - -- sess->mackey = state->dummy_mac_key; -- sess->mackeylen = digest_key_length(ctx->digest->type); -+ sess->mackey = NULL; -+ sess->mackeylen = 0; - sess->mac = digest; - - if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) { -@@ -794,8 +796,8 @@ static int cryptodev_digest_init(EVP_MD_CTX *ctx) - static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data, - size_t count) - { -- struct crypt_op cryp; - struct dev_crypto_state *state = ctx->md_data; -+ struct crypt_op cryp; - struct session_op *sess = &state->d_sess; - - if (!data || state->d_fd < 0) { -@@ -804,7 +806,7 @@ static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data, - } - - if (!count) { -- return (0); -+ return (1); - } - - if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) { -@@ -828,9 +830,9 @@ static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data, - cryp.ses = sess->ses; - cryp.flags = 0; - cryp.len = count; -- cryp.src = (caddr_t) data; -+ cryp.src = (void*) data; - cryp.dst = NULL; -- cryp.mac = (caddr_t) state->digest_res; -+ cryp.mac = (void*) state->digest_res; - if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) { - printf("cryptodev_digest_update: digest failed\n"); - return (0); -@@ -844,8 +846,6 @@ static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md) - struct dev_crypto_state *state = ctx->md_data; - struct session_op *sess = &state->d_sess; - -- int ret = 1; -- - if (!md || state->d_fd < 0) { - printf("cryptodev_digest_final: illegal input\n"); - return (0); -@@ -859,7 +859,7 @@ static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md) - cryp.len = state->mac_len; - cryp.src = state->mac_data; - cryp.dst = NULL; -- cryp.mac = (caddr_t) md; -+ cryp.mac = (void*)md; - if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) { - printf("cryptodev_digest_final: digest failed\n"); - return (0); -@@ -870,7 +870,7 @@ static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md) - - memcpy(md, state->digest_res, ctx->digest->md_size); - -- return (ret); -+ return 1; - } - - static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx) -@@ -921,8 +921,8 @@ static int cryptodev_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from) - - digest = digest_nid_to_cryptodev(to->digest->type); - -- sess->mackey = dstate->dummy_mac_key; -- sess->mackeylen = digest_key_length(to->digest->type); -+ sess->mackey = NULL; -+ sess->mackeylen = 0; - sess->mac = digest; - - dstate->d_fd = get_dev_crypto(); -@@ -947,32 +947,116 @@ static int cryptodev_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from) - - const EVP_MD cryptodev_sha1 = { - NID_sha1, -- NID_undef, -+ NID_sha1WithRSAEncryption, - SHA_DIGEST_LENGTH, -+#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT) -+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE| -+ EVP_MD_FLAG_DIGALGID_ABSENT| -+#endif - EVP_MD_FLAG_ONESHOT, - cryptodev_digest_init, - cryptodev_digest_update, - cryptodev_digest_final, - cryptodev_digest_copy, - cryptodev_digest_cleanup, -- EVP_PKEY_NULL_method, -+ EVP_PKEY_RSA_method, - SHA_CBLOCK, -- sizeof(struct dev_crypto_state), -+ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), - }; - --const EVP_MD cryptodev_md5 = { -+static const EVP_MD cryptodev_sha256 = { -+ NID_sha256, -+ NID_sha256WithRSAEncryption, -+ SHA256_DIGEST_LENGTH, -+#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT) -+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE| -+ EVP_MD_FLAG_DIGALGID_ABSENT| -+#endif -+ EVP_MD_FLAG_ONESHOT, -+ cryptodev_digest_init, -+ cryptodev_digest_update, -+ cryptodev_digest_final, -+ cryptodev_digest_copy, -+ cryptodev_digest_cleanup, -+ EVP_PKEY_RSA_method, -+ SHA256_CBLOCK, -+ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), -+}; -+ -+static const EVP_MD cryptodev_sha224 = { -+ NID_sha224, -+ NID_sha224WithRSAEncryption, -+ SHA224_DIGEST_LENGTH, -+#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT) -+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE| -+ EVP_MD_FLAG_DIGALGID_ABSENT| -+#endif -+ EVP_MD_FLAG_ONESHOT, -+ cryptodev_digest_init, -+ cryptodev_digest_update, -+ cryptodev_digest_final, -+ cryptodev_digest_copy, -+ cryptodev_digest_cleanup, -+ EVP_PKEY_RSA_method, -+ SHA256_CBLOCK, -+ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), -+}; -+ -+static const EVP_MD cryptodev_sha384 = { -+ NID_sha384, -+ NID_sha384WithRSAEncryption, -+ SHA384_DIGEST_LENGTH, -+#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT) -+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE| -+ EVP_MD_FLAG_DIGALGID_ABSENT| -+#endif -+ EVP_MD_FLAG_ONESHOT, -+ cryptodev_digest_init, -+ cryptodev_digest_update, -+ cryptodev_digest_final, -+ cryptodev_digest_copy, -+ cryptodev_digest_cleanup, -+ EVP_PKEY_RSA_method, -+ SHA512_CBLOCK, -+ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), -+}; -+ -+static const EVP_MD cryptodev_sha512 = { -+ NID_sha512, -+ NID_sha512WithRSAEncryption, -+ SHA512_DIGEST_LENGTH, -+#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT) -+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE| -+ EVP_MD_FLAG_DIGALGID_ABSENT| -+#endif -+ EVP_MD_FLAG_ONESHOT, -+ cryptodev_digest_init, -+ cryptodev_digest_update, -+ cryptodev_digest_final, -+ cryptodev_digest_copy, -+ cryptodev_digest_cleanup, -+ EVP_PKEY_RSA_method, -+ SHA512_CBLOCK, -+ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), -+}; -+ -+static const EVP_MD cryptodev_md5 = { - NID_md5, -- NID_undef, -+ NID_md5WithRSAEncryption, - 16 /* MD5_DIGEST_LENGTH */ , -+#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT) -+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE| -+ EVP_MD_FLAG_DIGALGID_ABSENT| -+#endif - EVP_MD_FLAG_ONESHOT, - cryptodev_digest_init, - cryptodev_digest_update, - cryptodev_digest_final, - cryptodev_digest_copy, - cryptodev_digest_cleanup, -- EVP_PKEY_NULL_method, -+ EVP_PKEY_RSA_method, - 64 /* MD5_CBLOCK */ , -- sizeof(struct dev_crypto_state), -+ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), - }; - - # endif /* USE_CRYPTODEV_DIGESTS */ -@@ -992,6 +1076,18 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, - case NID_sha1: - *digest = &cryptodev_sha1; - break; -+ case NID_sha224: -+ *digest = &cryptodev_sha224; -+ break; -+ case NID_sha256: -+ *digest = &cryptodev_sha256; -+ break; -+ case NID_sha384: -+ *digest = &cryptodev_sha384; -+ break; -+ case NID_sha512: -+ *digest = &cryptodev_sha512; -+ break; - default: - # endif /* USE_CRYPTODEV_DIGESTS */ - *digest = NULL; -@@ -1022,7 +1118,7 @@ static int bn2crparam(const BIGNUM *a, struct crparam *crp) - return (1); - memset(b, 0, bytes); - -- crp->crp_p = (caddr_t) b; -+ crp->crp_p = (void*) b; - crp->crp_nbits = bits; - - for (i = 0, j = 0; i < a->top; i++) { -@@ -1277,7 +1373,7 @@ static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, - kop.crk_op = CRK_DSA_SIGN; - - /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ -- kop.crk_param[0].crp_p = (caddr_t) dgst; -+ kop.crk_param[0].crp_p = (void*)dgst; - kop.crk_param[0].crp_nbits = dlen * 8; - if (bn2crparam(dsa->p, &kop.crk_param[1])) - goto err; -@@ -1317,7 +1413,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, - kop.crk_op = CRK_DSA_VERIFY; - - /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ -- kop.crk_param[0].crp_p = (caddr_t) dgst; -+ kop.crk_param[0].crp_p = (void*)dgst; - kop.crk_param[0].crp_nbits = dlen * 8; - if (bn2crparam(dsa->p, &kop.crk_param[1])) - goto err; -@@ -1398,9 +1494,10 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) - goto err; - kop.crk_iparams = 3; - -- kop.crk_param[3].crp_p = (caddr_t) key; -- kop.crk_param[3].crp_nbits = keylen * 8; -+ kop.crk_param[3].crp_p = (void*) key; -+ kop.crk_param[3].crp_nbits = keylen; - kop.crk_oparams = 1; -+ dhret = keylen / 8; - - if (ioctl(fd, CIOCKEY, &kop) == -1) { - const DH_METHOD *meth = DH_OpenSSL(); -@@ -1470,7 +1567,7 @@ void ENGINE_load_cryptodev(void) - put_dev_crypto(fd); - - if (!ENGINE_set_id(engine, "cryptodev") || -- !ENGINE_set_name(engine, "BSD cryptodev engine") || -+ !ENGINE_set_name(engine, "cryptodev engine") || - !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || - !ENGINE_set_digests(engine, cryptodev_engine_digests) || - !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) || --- -1.9.1 - diff --git a/package/libopenssl/0003-Reproducible-build-do-not-leak-compiler-path.patch b/package/libopenssl/0003-Reproducible-build-do-not-leak-compiler-path.patch index eff72c548a..820c2addf1 100644 --- a/package/libopenssl/0003-Reproducible-build-do-not-leak-compiler-path.patch +++ b/package/libopenssl/0003-Reproducible-build-do-not-leak-compiler-path.patch @@ -1,26 +1,29 @@ -From 875fcad2ad84877763cba86c1265b57679b878b0 Mon Sep 17 00:00:00 2001 +From b70be8c65365a8fc564226360d45adbbb29fc0af Mon Sep 17 00:00:00 2001 From: Peter Seiderer Date: Tue, 24 Oct 2017 16:58:32 +0200 Subject: [PATCH] Reproducible build: do not leak compiler path +Signed-off-by: Peter Seiderer + +[Rebased on openssl-1.1.1.a] Signed-off-by: Peter Seiderer --- - crypto/Makefile | 2 +- + crypto/build.info | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -diff --git a/crypto/Makefile b/crypto/Makefile -index 7869996..7e63291 100644 ---- a/crypto/Makefile -+++ b/crypto/Makefile -@@ -55,7 +55,7 @@ top: - all: shared +diff --git a/crypto/build.info b/crypto/build.info +index 2c619c6..49ca6ab 100644 +--- a/crypto/build.info ++++ b/crypto/build.info +@@ -10,7 +10,7 @@ EXTRA= ../ms/uplink-x86.pl ../ms/uplink.c ../ms/applink.c \ + ppccpuid.pl pariscid.pl alphacpuid.pl arm64cpuid.pl armv4cpuid.pl - buildinf.h: ../Makefile -- $(PERL) $(TOP)/util/mkbuildinf.pl "$(CC) $(CFLAGS)" "$(PLATFORM)" >buildinf.h -+ $(PERL) $(TOP)/util/mkbuildinf.pl "$$(basename $(CC)) $(CFLAGS)" "$(PLATFORM)" >buildinf.h + DEPEND[cversion.o]=buildinf.h +-GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC) $(LIB_CFLAGS) $(CPPFLAGS_Q)" "$(PLATFORM)" ++GENERATE[buildinf.h]=../util/mkbuildinf.pl "$$(basename $(CC)) $(LIB_CFLAGS) $(CPPFLAGS_Q)" "$(PLATFORM)" + DEPEND[buildinf.h]=../configdata.pm - x86cpuid.s: x86cpuid.pl perlasm/x86asm.pl - $(PERL) x86cpuid.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@ + GENERATE[uplink-x86.s]=../ms/uplink-x86.pl $(PERLASM_SCHEME) -- -2.11.0 +2.20.1 diff --git a/package/libopenssl/0004-Introduce-the-OPENSSL_NO_MADVISE-to-disable-call-to-.patch b/package/libopenssl/0004-Introduce-the-OPENSSL_NO_MADVISE-to-disable-call-to-.patch new file mode 100644 index 0000000000..c51a3cd684 --- /dev/null +++ b/package/libopenssl/0004-Introduce-the-OPENSSL_NO_MADVISE-to-disable-call-to-.patch @@ -0,0 +1,27 @@ +From 1281ffc7959bd2070563e17a52ee4424196d885c Mon Sep 17 00:00:00 2001 +From: Patrick Havelange +Date: Wed, 23 Jan 2019 12:21:21 +0100 +Subject: [PATCH] Introduce the OPENSSL_NO_MADVISE to disable call to madvise() + +Upstream: https://github.com/openssl/openssl/pull/8089 +Signed-off-by: Patrick Havelange +--- + crypto/mem_sec.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c +index 9e0f670..32c7282 100644 +--- a/crypto/mem_sec.c ++++ b/crypto/mem_sec.c +@@ -485,7 +485,7 @@ static int sh_init(size_t size, int minsize) + if (mlock(sh.arena, sh.arena_size) < 0) + ret = 2; + #endif +-#ifdef MADV_DONTDUMP ++#if defined(MADV_DONTDUMP) && !defined(OPENSSL_NO_MADVISE) + if (madvise(sh.arena, sh.arena_size, MADV_DONTDUMP) < 0) + ret = 2; + #endif +-- +2.17.1 + diff --git a/package/libopenssl/0005-apps-ocsp.c-Use-the-same-HAVE_FORK-NO_FORK-as-in-spe.patch b/package/libopenssl/0005-apps-ocsp.c-Use-the-same-HAVE_FORK-NO_FORK-as-in-spe.patch new file mode 100644 index 0000000000..83989fe742 --- /dev/null +++ b/package/libopenssl/0005-apps-ocsp.c-Use-the-same-HAVE_FORK-NO_FORK-as-in-spe.patch @@ -0,0 +1,46 @@ +From 4c992673890f1d1ecb9aa46112b2ca80db016b67 Mon Sep 17 00:00:00 2001 +From: Richard Levitte +Date: Mon, 12 Nov 2018 18:16:27 +0100 +Subject: [PATCH] apps/ocsp.c Use the same HAVE_FORK / NO_FORK as in speed.c + +This allows the user to override our defaults if needed, and in a +consistent manner. + +Partial fix for #7607 + +Upstream: https://github.com/openssl/openssl/pull/7624 +Signed-off-by: Patrick Havelange +--- + apps/ocsp.c | 16 +++++++++++++++- + 1 file changed, 15 insertions(+), 1 deletion(-) + +diff --git a/apps/ocsp.c b/apps/ocsp.c +index 7fd78624bb..315b072932 100644 +--- a/apps/ocsp.c ++++ b/apps/ocsp.c +@@ -36,7 +36,21 @@ NON_EMPTY_TRANSLATION_UNIT + # include + # include + +-# if defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_NO_SOCK) \ ++#ifndef HAVE_FORK ++# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) ++# define HAVE_FORK 0 ++# else ++# define HAVE_FORK 1 ++# endif ++#endif ++ ++#if HAVE_FORK ++# undef NO_FORK ++#else ++# define NO_FORK ++#endif ++ ++# if !defined(NO_FORK) && !defined(OPENSSL_NO_SOCK) \ + && !defined(OPENSSL_NO_POSIX_IO) + # define OCSP_DAEMON + # include +-- +2.17.1 + diff --git a/package/libopenssl/libopenssl.hash b/package/libopenssl/libopenssl.hash index 83fb8bd513..568d7e8b52 100644 --- a/package/libopenssl/libopenssl.hash +++ b/package/libopenssl/libopenssl.hash @@ -1,10 +1,5 @@ -# From https://www.openssl.org/source/openssl-1.0.2q.tar.gz.sha256 -sha256 5744cfcbcec2b1b48629f7354203bc1e5e9b5466998bbccc5b5fcde3b18eb684 openssl-1.0.2q.tar.gz -# From https://www.openssl.org/source/openssl-1.0.2q.tar.gz.sha1 -sha1 692f5f2f1b114f8adaadaa3e7be8cce1907f38c5 openssl-1.0.2q.tar.gz -# Locally computed -sha256 eddd8a5123748052c598214487ac178e4bfa4e31ba2ec520c70d59c8c5bfa2e9 openssl-1.0.2a-parallel-install-dirs.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d -sha256 147c3eeaad614c044749ea527cb433eae5e2d5cad34a78c6ba61cd967bfbe01f openssl-1.0.2a-parallel-obj-headers.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d -sha256 30cb49489de5041841a74da9155cd4fabfbce33237262ba7cd23974314ae2956 openssl-1.0.2a-parallel-symlinking.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d -sha256 deaf6f3af41874ecc6d63841ea14b8e6c71cea81d4a511a754bc90c9a993147f openssl-1.0.2d-parallel-build.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d -sha256 c8f60f4842bbad0353f5d81620e72b168b5638ca3a0a999f5da113b22491612e LICENSE +# From https://www.openssl.org/source/openssl-1.1.1a.tar.gz.sha256 +sha256 fc20130f8b7cbd2fb918b2f14e2f429e109c31ddd0fb38fc5d71d9ffed3f9f41 openssl-1.1.1a.tar.gz + +# License files +sha256 350c7817af2ef980d3f3922bc5e0bb6a9d9f6cc21e784a699bcd2a31c74a84b1 LICENSE diff --git a/package/libopenssl/libopenssl.mk b/package/libopenssl/libopenssl.mk index dc15abf66a..0bfc74ed0e 100644 --- a/package/libopenssl/libopenssl.mk +++ b/package/libopenssl/libopenssl.mk @@ -4,7 +4,7 @@ # ################################################################################ -LIBOPENSSL_VERSION = 1.0.2q +LIBOPENSSL_VERSION = 1.1.1a LIBOPENSSL_SITE = https://www.openssl.org/source LIBOPENSSL_SOURCE = openssl-$(LIBOPENSSL_VERSION).tar.gz LIBOPENSSL_LICENSE = OpenSSL or SSLeay @@ -15,11 +15,6 @@ HOST_LIBOPENSSL_DEPENDENCIES = host-zlib LIBOPENSSL_TARGET_ARCH = generic32 LIBOPENSSL_CFLAGS = $(TARGET_CFLAGS) LIBOPENSSL_PROVIDES = openssl -LIBOPENSSL_PATCH = \ - https://gitweb.gentoo.org/repo/gentoo.git/plain/dev-libs/openssl/files/openssl-1.0.2d-parallel-build.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d \ - https://gitweb.gentoo.org/repo/gentoo.git/plain/dev-libs/openssl/files/openssl-1.0.2a-parallel-obj-headers.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d \ - https://gitweb.gentoo.org/repo/gentoo.git/plain/dev-libs/openssl/files/openssl-1.0.2a-parallel-install-dirs.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d \ - https://gitweb.gentoo.org/repo/gentoo.git/plain/dev-libs/openssl/files/openssl-1.0.2a-parallel-symlinking.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d # relocation truncated to fit: R_68K_GOT16O ifeq ($(BR2_m68k_cf),y) @@ -27,14 +22,31 @@ LIBOPENSSL_CFLAGS += -mxgot endif ifeq ($(BR2_USE_MMU),) -LIBOPENSSL_CFLAGS += -DHAVE_FORK=0 +LIBOPENSSL_CFLAGS += -DHAVE_FORK=0 -DOPENSSL_NO_MADVISE endif ifeq ($(BR2_PACKAGE_HAS_CRYPTODEV),y) -LIBOPENSSL_CFLAGS += -DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS LIBOPENSSL_DEPENDENCIES += cryptodev endif +# fixes the following build failures: +# +# - musl +# ./libcrypto.so: undefined reference to `getcontext' +# ./libcrypto.so: undefined reference to `setcontext' +# ./libcrypto.so: undefined reference to `makecontext' +# +# - uclibc: +# crypto/async/arch/../arch/async_posix.h:32:5: error: unknown type name ‘ucontext_t’ +# + +ifeq ($(BR2_TOOLCHAIN_USES_MUSL),y) +LIBOPENSSL_CFLAGS += -DOPENSSL_NO_ASYNC +endif +ifeq ($(BR2_TOOLCHAIN_HAS_UCONTEXT),) +LIBOPENSSL_CFLAGS += -DOPENSSL_NO_ASYNC +endif + # Some architectures are optimized in OpenSSL # Doesn't work for thumb-only (Cortex-M?) ifeq ($(BR2_ARM_CPU_HAS_ARM),y) @@ -65,11 +77,13 @@ define HOST_LIBOPENSSL_CONFIGURE_CMDS ./config \ --prefix=$(HOST_DIR) \ --openssldir=$(HOST_DIR)/etc/ssl \ - --libdir=/lib \ + no-tests \ + no-fuzz-libfuzzer \ + no-fuzz-afl \ shared \ zlib-dynamic \ ) - $(SED) "s#-O[0-9]#$(HOST_CFLAGS)#" $(@D)/Makefile + $(SED) "s#-O[0-9s]#$(HOST_CFLAGS)#" $(@D)/Makefile endef define LIBOPENSSL_CONFIGURE_CMDS @@ -80,18 +94,21 @@ define LIBOPENSSL_CONFIGURE_CMDS linux-$(LIBOPENSSL_TARGET_ARCH) \ --prefix=/usr \ --openssldir=/etc/ssl \ - --libdir=/lib \ + $(if $(BR2_TOOLCHAIN_HAS_LIBATOMIC),-latomic) \ $(if $(BR2_TOOLCHAIN_HAS_THREADS),threads,no-threads) \ $(if $(BR2_STATIC_LIBS),no-shared,shared) \ + $(if $(BR2_PACKAGE_HAS_CRYPTODEV),enable-devcryptoeng) \ no-rc5 \ enable-camellia \ enable-mdc2 \ - enable-tlsext \ + no-tests \ + no-fuzz-libfuzzer \ + no-fuzz-afl \ $(if $(BR2_STATIC_LIBS),zlib,zlib-dynamic) \ $(if $(BR2_STATIC_LIBS),no-dso) \ ) $(SED) "s#-march=[-a-z0-9] ##" -e "s#-mcpu=[-a-z0-9] ##g" $(@D)/Makefile - $(SED) "s#-O[0-9]#$(LIBOPENSSL_CFLAGS)#" $(@D)/Makefile + $(SED) "s#-O[0-9s]#$(LIBOPENSSL_CFLAGS)#" $(@D)/Makefile $(SED) "s# build_tests##" $(@D)/Makefile endef @@ -112,7 +129,7 @@ define LIBOPENSSL_BUILD_CMDS endef define LIBOPENSSL_INSTALL_STAGING_CMDS - $(TARGET_MAKE_ENV) $(MAKE) -C $(@D) INSTALL_PREFIX=$(STAGING_DIR) install + $(TARGET_MAKE_ENV) $(MAKE) -C $(@D) DESTDIR=$(STAGING_DIR) install endef define HOST_LIBOPENSSL_INSTALL_CMDS @@ -120,7 +137,7 @@ define HOST_LIBOPENSSL_INSTALL_CMDS endef define LIBOPENSSL_INSTALL_TARGET_CMDS - $(TARGET_MAKE_ENV) $(MAKE) -C $(@D) INSTALL_PREFIX=$(TARGET_DIR) install + $(TARGET_MAKE_ENV) $(MAKE) -C $(@D) DESTDIR=$(TARGET_DIR) install rm -rf $(TARGET_DIR)/usr/lib/ssl rm -f $(TARGET_DIR)/usr/bin/c_rehash endef @@ -135,16 +152,6 @@ endef LIBOPENSSL_POST_INSTALL_STAGING_HOOKS += LIBOPENSSL_FIXUP_STATIC_PKGCONFIG endif -ifneq ($(BR2_STATIC_LIBS),y) -# libraries gets installed read only, so strip fails -define LIBOPENSSL_INSTALL_FIXUPS_SHARED - chmod +w $(TARGET_DIR)/usr/lib/engines/lib*.so - for i in $(addprefix $(TARGET_DIR)/usr/lib/,libcrypto.so.* libssl.so.*); \ - do chmod +w $$i; done -endef -LIBOPENSSL_POST_INSTALL_TARGET_HOOKS += LIBOPENSSL_INSTALL_FIXUPS_SHARED -endif - ifeq ($(BR2_PACKAGE_PERL),) define LIBOPENSSL_REMOVE_PERL_SCRIPTS $(RM) -f $(TARGET_DIR)/etc/ssl/misc/{CA.pl,tsget} @@ -162,7 +169,7 @@ endif ifneq ($(BR2_PACKAGE_LIBOPENSSL_ENGINES),y) define LIBOPENSSL_REMOVE_LIBOPENSSL_ENGINES - rm -rf $(TARGET_DIR)/usr/lib/engines + rm -rf $(TARGET_DIR)/usr/lib/engines-1.1 endef LIBOPENSSL_POST_INSTALL_TARGET_HOOKS += LIBOPENSSL_REMOVE_LIBOPENSSL_ENGINES endif