diff options
author | Cristian Stoica <cristian.stoica@nxp.com> | 2016-01-25 13:33:46 +0200 |
---|---|---|
committer | Otavio Salvador <otavio@ossystems.com.br> | 2016-08-12 11:41:02 -0300 |
commit | 0579a92e1ff03656e1c6089714a3be4244622ef0 (patch) | |
tree | 125a6912e920cd54ac31f2e2e44a57f227f048e6 /recipes-connectivity/openssl/openssl-qoriq.inc | |
parent | b8e3085e4e9608b301121c7065c84a3e51b94c74 (diff) | |
download | meta-freescale-0579a92e1ff03656e1c6089714a3be4244622ef0.tar.gz |
openssl-qoriq: upgrade to 1.0.2h plus fsl patches
Based on oe-core openssl-1.0.2h, revision:
e49d337 meta: update patch metadata
extended with patches from fsl to enable more features.
Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com>
Diffstat (limited to 'recipes-connectivity/openssl/openssl-qoriq.inc')
-rw-r--r-- | recipes-connectivity/openssl/openssl-qoriq.inc | 129 |
1 files changed, 88 insertions, 41 deletions
diff --git a/recipes-connectivity/openssl/openssl-qoriq.inc b/recipes-connectivity/openssl/openssl-qoriq.inc index faccb080..8c8c0365 100644 --- a/recipes-connectivity/openssl/openssl-qoriq.inc +++ b/recipes-connectivity/openssl/openssl-qoriq.inc | |||
@@ -8,6 +8,9 @@ SECTION = "libs/network" | |||
8 | LICENSE = "openssl" | 8 | LICENSE = "openssl" |
9 | LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8" | 9 | LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8" |
10 | 10 | ||
11 | DEPENDS = "hostperl-runtime-native" | ||
12 | DEPENDS_append_class-target = " openssl-native" | ||
13 | |||
11 | PROVIDES = "openssl" | 14 | PROVIDES = "openssl" |
12 | 15 | ||
13 | python() { | 16 | python() { |
@@ -19,8 +22,6 @@ python() { | |||
19 | d.appendVar("RREPLACES_%s" % p, p.replace('openssl-qoriq', 'openssl')) | 22 | d.appendVar("RREPLACES_%s" % p, p.replace('openssl-qoriq', 'openssl')) |
20 | } | 23 | } |
21 | 24 | ||
22 | DEPENDS = "perl-native-runtime" | ||
23 | |||
24 | SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ | 25 | SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ |
25 | " | 26 | " |
26 | S = "${WORKDIR}/openssl-${PV}" | 27 | S = "${WORKDIR}/openssl-${PV}" |
@@ -28,37 +29,39 @@ S = "${WORKDIR}/openssl-${PV}" | |||
28 | PACKAGECONFIG[perl] = ",,," | 29 | PACKAGECONFIG[perl] = ",,," |
29 | 30 | ||
30 | AR_append = " r" | 31 | AR_append = " r" |
32 | TERMIO_libc-musl = "-DTERMIOS" | ||
33 | TERMIO ?= "-DTERMIO" | ||
31 | # Avoid binaries being marked as requiring an executable stack since it | 34 | # Avoid binaries being marked as requiring an executable stack since it |
32 | # doesn't(which causes and this causes issues with SELinux | 35 | # doesn't(which causes and this causes issues with SELinux |
33 | CFLAG = "${@base_conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \ | 36 | CFLAG = "${@base_conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \ |
34 | -DTERMIO ${CFLAGS} -Wall -Wa,--noexecstack" | 37 | ${TERMIO} ${CFLAGS} -Wall -Wa,--noexecstack" |
35 | |||
36 | # -02 does not work on mipsel: ssh hangs when it tries to read /dev/urandom | ||
37 | CFLAG_mtx-1 := "${@'${CFLAG}'.replace('-O2', '')}" | ||
38 | CFLAG_mtx-2 := "${@'${CFLAG}'.replace('-O2', '')}" | ||
39 | 38 | ||
40 | export DIRS = "crypto ssl apps" | 39 | export DIRS = "crypto ssl apps" |
41 | export EX_LIBS = "-lgcc -ldl" | 40 | export EX_LIBS = "-lgcc -ldl" |
42 | export AS = "${CC} -c" | 41 | export AS = "${CC} -c" |
43 | EXTRA_OEMAKE = "-e MAKEFLAGS=" | 42 | EXTRA_OEMAKE = "-e MAKEFLAGS=" |
44 | 43 | ||
45 | inherit pkgconfig siteinfo multilib_header | 44 | inherit pkgconfig siteinfo multilib_header ptest |
46 | 45 | ||
47 | PACKAGES =+ "libcrypto libssl ${PN}-misc openssl-conf" | 46 | PACKAGES =+ "libcrypto libssl ${PN}-misc ${PN}-conf" |
48 | FILES_libcrypto = "${base_libdir}/libcrypto${SOLIBS}" | 47 | FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}" |
49 | FILES_libssl = "${libdir}/libssl.so.*" | 48 | FILES_libssl = "${libdir}/libssl${SOLIBS}" |
50 | FILES_${PN} =+ " ${libdir}/ssl/*" | 49 | FILES_${PN} =+ " ${libdir}/ssl/*" |
51 | FILES_${PN}-misc = "${libdir}/ssl/misc ${bindir}/c_rehash" | 50 | FILES_${PN}-misc = "${libdir}/ssl/misc" |
52 | RDEPENDS_${PN}-misc = "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" | 51 | RDEPENDS_${PN}-misc = "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" |
53 | FILES_${PN}-dev += "${base_libdir}/libcrypto${SOLIBSDEV}" | ||
54 | 52 | ||
55 | # Add the openssl.cnf file to the openssl-conf package. Make the libcrypto | 53 | # Add the openssl.cnf file to the openssl-conf package. Make the libcrypto |
56 | # package RRECOMMENDS on this package. This will enable the configuration | 54 | # package RRECOMMENDS on this package. This will enable the configuration |
57 | # file to be installed for both the base openssl package and the libcrypto | 55 | # file to be installed for both the base openssl package and the libcrypto |
58 | # package since the base openssl package depends on the libcrypto package. | 56 | # package since the base openssl package depends on the libcrypto package. |
59 | FILES_openssl-conf = "${libdir}/ssl/openssl.cnf" | 57 | FILES_${PN}-conf = "${sysconfdir}/ssl/openssl.cnf" |
60 | CONFFILES_openssl-conf = "${libdir}/ssl/openssl.cnf" | 58 | CONFFILES_${PN}-conf = "${sysconfdir}/ssl/openssl.cnf" |
61 | RRECOMMENDS_libcrypto += "openssl-conf" | 59 | RRECOMMENDS_libcrypto += "${PN}-conf" |
60 | RDEPENDS_${PN}-ptest += "${PN}-misc make perl perl-module-filehandle bc" | ||
61 | |||
62 | # Remove this to enable SSLv3. SSLv3 is defaulted to disabled due to the POODLE | ||
63 | # vulnerability | ||
64 | EXTRA_OECONF = " -no-ssl3" | ||
62 | 65 | ||
63 | do_configure_prepend_darwin () { | 66 | do_configure_prepend_darwin () { |
64 | sed -i -e '/version-script=openssl\.ld/d' Configure | 67 | sed -i -e '/version-script=openssl\.ld/d' Configure |
@@ -71,17 +74,18 @@ do_configure () { | |||
71 | ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/ | 74 | ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/ |
72 | 75 | ||
73 | os=${HOST_OS} | 76 | os=${HOST_OS} |
74 | if [ "x$os" = "xlinux-uclibc" ]; then | 77 | case $os in |
75 | os=linux | 78 | linux-uclibc |\ |
76 | elif [ "x$os" = "xlinux-uclibceabi" ]; then | 79 | linux-uclibceabi |\ |
77 | os=linux | 80 | linux-gnueabi |\ |
78 | elif [ "x$os" = "xlinux-uclibcspe" ]; then | 81 | linux-uclibcspe |\ |
79 | os=linux | 82 | linux-gnuspe |\ |
80 | elif [ "x$os" = "xlinux-gnuspe" ]; then | 83 | linux-musl*) |
81 | os=linux | 84 | os=linux |
82 | elif [ "x$os" = "xlinux-gnueabi" ]; then | 85 | ;; |
83 | os=linux | 86 | *) |
84 | fi | 87 | ;; |
88 | esac | ||
85 | target="$os-${HOST_ARCH}" | 89 | target="$os-${HOST_ARCH}" |
86 | case $target in | 90 | case $target in |
87 | linux-arm) | 91 | linux-arm) |
@@ -91,7 +95,7 @@ do_configure () { | |||
91 | target=linux-elf-armeb | 95 | target=linux-elf-armeb |
92 | ;; | 96 | ;; |
93 | linux-aarch64*) | 97 | linux-aarch64*) |
94 | target=linux-generic64 | 98 | target=linux-aarch64 |
95 | ;; | 99 | ;; |
96 | linux-sh3) | 100 | linux-sh3) |
97 | target=debian-sh3 | 101 | target=debian-sh3 |
@@ -120,9 +124,12 @@ do_configure () { | |||
120 | linux-mipsel) | 124 | linux-mipsel) |
121 | target=debian-mipsel | 125 | target=debian-mipsel |
122 | ;; | 126 | ;; |
123 | linux-*-mips64) | 127 | linux-*-mips64 | linux-mips64) |
124 | target=linux-mips | 128 | target=linux-mips |
125 | ;; | 129 | ;; |
130 | linux-microblaze*|linux-nios2*) | ||
131 | target=linux-generic32 | ||
132 | ;; | ||
126 | linux-powerpc) | 133 | linux-powerpc) |
127 | target=linux-ppc | 134 | target=linux-ppc |
128 | ;; | 135 | ;; |
@@ -145,40 +152,80 @@ do_configure () { | |||
145 | if [ "x$useprefix" = "x" ]; then | 152 | if [ "x$useprefix" = "x" ]; then |
146 | useprefix=/ | 153 | useprefix=/ |
147 | fi | 154 | fi |
148 | perl ./Configure shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=`basename ${libdir}` $target | 155 | perl ./Configure ${EXTRA_OECONF} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=`basename ${libdir}` $target |
156 | } | ||
157 | |||
158 | do_compile_prepend_class-target () { | ||
159 | sed -i 's/\((OPENSSL=\)".*"/\1"openssl"/' Makefile | ||
149 | } | 160 | } |
150 | 161 | ||
151 | do_compile () { | 162 | do_compile () { |
152 | oe_runmake | 163 | oe_runmake |
153 | } | 164 | } |
154 | 165 | ||
166 | do_compile_ptest () { | ||
167 | oe_runmake buildtest | ||
168 | } | ||
169 | |||
155 | do_install () { | 170 | do_install () { |
171 | # Create ${D}/${prefix} to fix parallel issues | ||
172 | mkdir -p ${D}/${prefix}/ | ||
173 | |||
156 | oe_runmake INSTALL_PREFIX="${D}" MANDIR="${mandir}" install | 174 | oe_runmake INSTALL_PREFIX="${D}" MANDIR="${mandir}" install |
157 | 175 | ||
158 | oe_libinstall -so libcrypto ${D}${libdir} | 176 | oe_libinstall -so libcrypto ${D}${libdir} |
159 | oe_libinstall -so libssl ${D}${libdir} | 177 | oe_libinstall -so libssl ${D}${libdir} |
160 | 178 | ||
161 | # Moving libcrypto to /lib | ||
162 | if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then | ||
163 | mkdir -p ${D}/${base_libdir}/ | ||
164 | mv ${D}${libdir}/libcrypto* ${D}${base_libdir}/ | ||
165 | sed -i s#libdir=\$\{exec_prefix\}\/lib#libdir=${base_libdir}# ${D}/${libdir}/pkgconfig/libcrypto.pc | ||
166 | fi | ||
167 | |||
168 | install -d ${D}${includedir} | 179 | install -d ${D}${includedir} |
169 | cp --dereference -R include/openssl ${D}${includedir} | 180 | cp --dereference -R include/openssl ${D}${includedir} |
170 | 181 | ||
182 | install -Dm 0755 ${WORKDIR}/openssl-c_rehash.sh ${D}${bindir}/c_rehash | ||
183 | sed -i -e 's,/etc/openssl,${sysconfdir}/ssl,g' ${D}${bindir}/c_rehash | ||
184 | |||
171 | oe_multilib_header openssl/opensslconf.h | 185 | oe_multilib_header openssl/opensslconf.h |
172 | if [ "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" = "perl" ]; then | 186 | if [ "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" = "perl" ]; then |
173 | install -m 0755 ${S}/tools/c_rehash ${D}${bindir} | ||
174 | sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${bindir}/c_rehash | ||
175 | sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/CA.pl | 187 | sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/CA.pl |
176 | sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/tsget | 188 | sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/tsget |
177 | # The c_rehash utility isn't installed by the normal installation process. | ||
178 | else | 189 | else |
179 | rm -f ${D}${bindir}/c_rehash | ||
180 | rm -f ${D}${libdir}/ssl/misc/CA.pl ${D}${libdir}/ssl/misc/tsget | 190 | rm -f ${D}${libdir}/ssl/misc/CA.pl ${D}${libdir}/ssl/misc/tsget |
181 | fi | 191 | fi |
192 | |||
193 | # Create SSL structure | ||
194 | install -d ${D}${sysconfdir}/ssl/ | ||
195 | mv ${D}${libdir}/ssl/openssl.cnf \ | ||
196 | ${D}${libdir}/ssl/certs \ | ||
197 | ${D}${libdir}/ssl/private \ | ||
198 | \ | ||
199 | ${D}${sysconfdir}/ssl/ | ||
200 | ln -sf ${sysconfdir}/ssl/certs ${D}${libdir}/ssl/certs | ||
201 | ln -sf ${sysconfdir}/ssl/private ${D}${libdir}/ssl/private | ||
202 | ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${libdir}/ssl/openssl.cnf | ||
203 | } | ||
204 | |||
205 | do_install_ptest () { | ||
206 | cp -r -L Makefile.org Makefile test ${D}${PTEST_PATH} | ||
207 | cp Configure config e_os.h ${D}${PTEST_PATH} | ||
208 | cp -r -L include ${D}${PTEST_PATH} | ||
209 | ln -sf ${libdir}/libcrypto.a ${D}${PTEST_PATH} | ||
210 | ln -sf ${libdir}/libssl.a ${D}${PTEST_PATH} | ||
211 | mkdir -p ${D}${PTEST_PATH}/crypto | ||
212 | cp crypto/constant_time_locl.h ${D}${PTEST_PATH}/crypto | ||
213 | cp -r certs ${D}${PTEST_PATH} | ||
214 | mkdir -p ${D}${PTEST_PATH}/apps | ||
215 | ln -sf ${libdir}/ssl/misc/CA.sh ${D}${PTEST_PATH}/apps | ||
216 | ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${PTEST_PATH}/apps | ||
217 | ln -sf ${bindir}/openssl ${D}${PTEST_PATH}/apps | ||
218 | cp apps/server2.pem ${D}${PTEST_PATH}/apps | ||
219 | mkdir -p ${D}${PTEST_PATH}/util | ||
220 | install util/opensslwrap.sh ${D}${PTEST_PATH}/util | ||
221 | install util/shlib_wrap.sh ${D}${PTEST_PATH}/util | ||
222 | } | ||
223 | |||
224 | do_install_append_class-native() { | ||
225 | create_wrapper ${D}${bindir}/openssl \ | ||
226 | OPENSSL_CONF=${libdir}/ssl/openssl.cnf \ | ||
227 | SSL_CERT_DIR=${libdir}/ssl/certs \ | ||
228 | SSL_CERT_FILE=${libdir}/ssl/cert.pem \ | ||
229 | OPENSSL_ENGINES=${libdir}/ssl/engines | ||
182 | } | 230 | } |
183 | 231 | ||
184 | BBCLASSEXTEND = "native nativesdk" | ||