summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSona Sarmadi <sona.sarmadi@enea.com>2016-05-09 11:29:01 (GMT)
committerTudor Florea <tudor.florea@enea.com>2016-05-10 08:26:16 (GMT)
commit94e9e6a21b26c8bd0b194d4c2a65cbcb9464a553 (patch)
tree9d5cf6f89dadcdf9365e632962b393c9fb35c828
parent9c5b66788d746491a471bed3c7c7333862f95ea7 (diff)
downloadpoky-dizzy-enea.tar.gz
OpenSSL: Upgrade to 1.0.1t to fix multiple CVEsdizzy-enea
Upgrade 1.0.1p --> 1.0.1t addresses following vulnerabilities: CVE-2016-2107 CVE-2016-2108 CVE-2016-2105 CVE-2016-2106 CVE-2016-2109 CVE-2016-2176 Reference: URL for the OpenSSL Security Advisory: https://www.openssl.org/news/secadv/20160503.txt Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
-rw-r--r--meta/recipes-connectivity/openssl/openssl/debian/man-section.patch17
-rw-r--r--meta/recipes-connectivity/openssl/openssl/debian/version-script.patch80
-rw-r--r--meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch14
-rw-r--r--meta/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch76
-rw-r--r--meta/recipes-connectivity/openssl/openssl_1.0.1t.bb (renamed from meta/recipes-connectivity/openssl/openssl_1.0.1p.bb)9
5 files changed, 97 insertions, 99 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/debian/man-section.patch b/meta/recipes-connectivity/openssl/openssl/debian/man-section.patch
index 21c1d1a..1bd42ef 100644
--- a/meta/recipes-connectivity/openssl/openssl/debian/man-section.patch
+++ b/meta/recipes-connectivity/openssl/openssl/debian/man-section.patch
@@ -1,9 +1,10 @@
1Upstream-Status: Backport [debian] 1Upstream-Status: Backport [debian]
2 2
3Index: openssl-1.0.0c/Makefile.org 3Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
4=================================================================== 4---
5--- openssl-1.0.0c.orig/Makefile.org 2010-12-12 16:11:37.000000000 +0100 5diff -ruN a/Makefile.org b/Makefile.org
6+++ openssl-1.0.0c/Makefile.org 2010-12-12 16:13:28.000000000 +0100 6--- a/Makefile.org 2016-05-04 08:24:51.982013676 +0200
7+++ b/Makefile.org 2016-05-04 08:35:43.581929188 +0200
7@@ -160,7 +160,8 @@ 8@@ -160,7 +160,8 @@
8 MANDIR=/usr/share/man 9 MANDIR=/usr/share/man
9 MAN1=1 10 MAN1=1
@@ -14,21 +15,21 @@ Index: openssl-1.0.0c/Makefile.org
14 HTMLSUFFIX=html 15 HTMLSUFFIX=html
15 HTMLDIR=$(OPENSSLDIR)/html 16 HTMLDIR=$(OPENSSLDIR)/html
16 SHELL=/bin/sh 17 SHELL=/bin/sh
17@@ -651,7 +652,7 @@ 18@@ -650,7 +651,7 @@
18 echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \ 19 echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
19 (cd `$(PERL) util/dirname.pl $$i`; \ 20 (cd `$(PERL) util/dirname.pl $$i`; \
20 sh -c "$$pod2man \ 21 sh -c "$$pod2man \
21- --section=$$sec --center=OpenSSL \ 22- --section=$$sec --center=OpenSSL \
22+ --section=$${sec}$(MANSECTION) --center=OpenSSL \ 23+ --section=$${sec}$(MANSECTION) --center=OpenSSL \
23 --release=$(VERSION) `basename $$i`") \ 24 --release=$(VERSION) `basename $$i`") \
24 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \ 25 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
25 $(PERL) util/extract-names.pl < $$i | \ 26 $(PERL) util/extract-names.pl < $$i | \
26@@ -668,7 +669,7 @@ 27@@ -667,7 +668,7 @@
27 echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \ 28 echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
28 (cd `$(PERL) util/dirname.pl $$i`; \ 29 (cd `$(PERL) util/dirname.pl $$i`; \
29 sh -c "$$pod2man \ 30 sh -c "$$pod2man \
30- --section=$$sec --center=OpenSSL \ 31- --section=$$sec --center=OpenSSL \
31+ --section=$${sec}$(MANSECTION) --center=OpenSSL \ 32+ --section=$${sec}$(MANSECTION) --center=OpenSSL \
32 --release=$(VERSION) `basename $$i`") \ 33 --release=$(VERSION) `basename $$i`") \
33 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \ 34 > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
34 $(PERL) util/extract-names.pl < $$i | \ 35 $(PERL) util/extract-names.pl < $$i | \
diff --git a/meta/recipes-connectivity/openssl/openssl/debian/version-script.patch b/meta/recipes-connectivity/openssl/openssl/debian/version-script.patch
index ece8b9b..ac78adb 100644
--- a/meta/recipes-connectivity/openssl/openssl/debian/version-script.patch
+++ b/meta/recipes-connectivity/openssl/openssl/debian/version-script.patch
@@ -1,10 +1,11 @@
1Upstream-Status: Backport [debian] 1Upstream-Status: Backport [debian]
2 2
3Index: openssl-1.0.1d/Configure 3Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
4=================================================================== 4---
5--- openssl-1.0.1d.orig/Configure 2013-02-06 19:41:43.000000000 +0100 5diff -ruN a/Configure b/Configure
6+++ openssl-1.0.1d/Configure 2013-02-06 19:41:43.000000000 +0100 6--- a/Configure 2016-05-09 12:05:53.135685172 +0200
7@@ -1621,6 +1621,8 @@ 7+++ b/Configure 2016-05-09 12:07:43.962952937 +0200
8@@ -1667,6 +1667,8 @@
8 } 9 }
9 } 10 }
10 11
@@ -13,11 +14,38 @@ Index: openssl-1.0.1d/Configure
13 open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n"; 14 open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
14 unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new"; 15 unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
15 open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n"; 16 open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
16Index: openssl-1.0.1d/openssl.ld 17diff -ruN a/engines/ccgost/openssl.ld b/engines/ccgost/openssl.ld
17=================================================================== 18--- a/engines/ccgost/openssl.ld 1970-01-01 01:00:00.000000000 +0100
18--- /dev/null 1970-01-01 00:00:00.000000000 +0000 19+++ b/engines/ccgost/openssl.ld 2016-05-09 12:07:44.034949863 +0200
19+++ openssl-1.0.1d/openssl.ld 2013-02-06 19:44:25.000000000 +0100 20@@ -0,0 +1,10 @@
20@@ -0,0 +1,4620 @@ 21+OPENSSL_1.0.0 {
22+ global:
23+ bind_engine;
24+ v_check;
25+ OPENSSL_init;
26+ OPENSSL_finish;
27+ local:
28+ *;
29+};
30+
31diff -ruN a/engines/openssl.ld b/engines/openssl.ld
32--- a/engines/openssl.ld 1970-01-01 01:00:00.000000000 +0100
33+++ b/engines/openssl.ld 2016-05-09 12:07:43.990951742 +0200
34@@ -0,0 +1,10 @@
35+OPENSSL_1.0.0 {
36+ global:
37+ bind_engine;
38+ v_check;
39+ OPENSSL_init;
40+ OPENSSL_finish;
41+ local:
42+ *;
43+};
44+
45diff -ruN a/openssl.ld b/openssl.ld
46--- a/openssl.ld 1970-01-01 01:00:00.000000000 +0100
47+++ b/openssl.ld 2016-05-09 12:34:19.174771028 +0200
48@@ -0,0 +1,4622 @@
21+OPENSSL_1.0.0 { 49+OPENSSL_1.0.0 {
22+ global: 50+ global:
23+ BIO_f_ssl; 51+ BIO_f_ssl;
@@ -4526,6 +4554,8 @@ Index: openssl-1.0.1d/openssl.ld
4526+ SSL_SESSION_get_compress_id; 4554+ SSL_SESSION_get_compress_id;
4527+ 4555+
4528+ SRP_VBASE_get_by_user; 4556+ SRP_VBASE_get_by_user;
4557+ SRP_VBASE_get1_by_user;
4558+ SRP_user_pwd_free;
4529+ SRP_Calc_server_key; 4559+ SRP_Calc_server_key;
4530+ SRP_create_verifier; 4560+ SRP_create_verifier;
4531+ SRP_create_verifier_BN; 4561+ SRP_create_verifier_BN;
@@ -4638,33 +4668,3 @@ Index: openssl-1.0.1d/openssl.ld
4638+ CRYPTO_memcmp; 4668+ CRYPTO_memcmp;
4639+} OPENSSL_1.0.1; 4669+} OPENSSL_1.0.1;
4640+ 4670+
4641Index: openssl-1.0.1d/engines/openssl.ld
4642===================================================================
4643--- /dev/null 1970-01-01 00:00:00.000000000 +0000
4644+++ openssl-1.0.1d/engines/openssl.ld 2013-02-06 19:41:43.000000000 +0100
4645@@ -0,0 +1,10 @@
4646+OPENSSL_1.0.0 {
4647+ global:
4648+ bind_engine;
4649+ v_check;
4650+ OPENSSL_init;
4651+ OPENSSL_finish;
4652+ local:
4653+ *;
4654+};
4655+
4656Index: openssl-1.0.1d/engines/ccgost/openssl.ld
4657===================================================================
4658--- /dev/null 1970-01-01 00:00:00.000000000 +0000
4659+++ openssl-1.0.1d/engines/ccgost/openssl.ld 2013-02-06 19:41:43.000000000 +0100
4660@@ -0,0 +1,10 @@
4661+OPENSSL_1.0.0 {
4662+ global:
4663+ bind_engine;
4664+ v_check;
4665+ OPENSSL_init;
4666+ OPENSSL_finish;
4667+ local:
4668+ *;
4669+};
4670+
diff --git a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
index 36aa442..57e39eb 100644
--- a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
+++ b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
@@ -10,15 +10,19 @@ Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
10 10
11ported the patch to the 1.0.0m version 11ported the patch to the 1.0.0m version
12Signed-off-by: Brendan Le Foll <brendan.le.foll@intel.com> 2015/03/24 12Signed-off-by: Brendan Le Foll <brendan.le.foll@intel.com> 2015/03/24
13
14Ported the patch to 1.0.1t version.
15Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
13--- 16---
14--- a/crypto/evp/digest.c 17diff -ruN a/crypto/evp/digest.c b/crypto/evp/digest.c
15+++ b/crypto/evp/digest.c 18--- a/crypto/evp/digest.c 2016-05-03 15:49:00.000000000 +0200
16@@ -199,7 +199,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) 19+++ b/crypto/evp/digest.c 2016-05-04 09:17:47.629259835 +0200
20@@ -199,7 +199,7 @@
17 type = ctx->digest; 21 type = ctx->digest;
18 } 22 }
19 #endif 23 #endif
20- if (ctx->digest != type) { 24- if (ctx->digest != type) {
21+ if (type && (ctx->digest != type)) { 25+ if (type && (ctx->digest != type)) {
22 if (ctx->digest && ctx->digest->ctx_size) 26 if (ctx->digest && ctx->digest->ctx_size) {
23 OPENSSL_free(ctx->md_data); 27 OPENSSL_free(ctx->md_data);
24 ctx->digest = type; 28 ctx->md_data = NULL;
diff --git a/meta/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch b/meta/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch
index ab1434a..59a4b7c 100644
--- a/meta/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch
+++ b/meta/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch
@@ -9,22 +9,24 @@ Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/12/01
9 9
10ported the patch to the 1.0.0m version 10ported the patch to the 1.0.0m version
11Signed-off-by: Brendan Le Foll <brendan.le.foll@intel.com> 2015/03/24 11Signed-off-by: Brendan Le Foll <brendan.le.foll@intel.com> 2015/03/24
12Index: openssl-1.0.1e/Configure 12
13=================================================================== 13Ported the patch to 1.0.1t version.
14--- openssl-1.0.1e.orig/Configure 14Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> 2016/05/09
15+++ openssl-1.0.1e/Configure 15---
16@@ -402,6 +402,7 @@ my %table=( 16diff -ruN a/Configure b/Configure
17--- a/Configure 2016-05-04 08:24:51.630028856 +0200
18+++ b/Configure 2016-05-04 09:09:14.987332751 +0200
19@@ -417,6 +417,7 @@
17 "linux-ia64-ecc","ecc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 20 "linux-ia64-ecc","ecc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
18 "linux-ia64-icc","icc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 21 "linux-ia64-icc","icc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
19 "linux-x86_64", "gcc:-m64 -DL_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", 22 "linux-x86_64", "gcc:-m64 -DL_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
20+"linux-x32", "gcc:-mx32 -DL_ENDIAN -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::x32", 23+"linux-x32", "gcc:-mx32 -DL_ENDIAN -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::x32",
24 "linux-x86_64-clang","clang: -m64 -DL_ENDIAN -O3 -Wall -Qunused-arguments::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
21 "linux64-s390x", "gcc:-m64 -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", 25 "linux64-s390x", "gcc:-m64 -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
22 #### So called "highgprs" target for z/Architecture CPUs 26 #### So called "highgprs" target for z/Architecture CPUs
23 # "Highgprs" is kernel feature first implemented in Linux 2.6.32, see 27diff -ruN a/crypto/bn/asm/x86_64-gcc.c b/crypto/bn/asm/x86_64-gcc.c
24Index: openssl-1.0.1e/crypto/bn/asm/x86_64-gcc.c 28--- a/crypto/bn/asm/x86_64-gcc.c 2016-05-03 15:49:00.000000000 +0200
25=================================================================== 29+++ b/crypto/bn/asm/x86_64-gcc.c 2016-05-04 09:07:52.974863300 +0200
26--- openssl-1.0.1e.orig/crypto/bn/asm/x86_64-gcc.c
27+++ openssl-1.0.1e/crypto/bn/asm/x86_64-gcc.c
28@@ -55,7 +55,7 @@ 30@@ -55,7 +55,7 @@
29 * machine. 31 * machine.
30 */ 32 */
@@ -34,30 +36,8 @@ Index: openssl-1.0.1e/crypto/bn/asm/x86_64-gcc.c
34 # define BN_ULONG unsigned long long 36 # define BN_ULONG unsigned long long
35 # else 37 # else
36 # define BN_ULONG unsigned long 38 # define BN_ULONG unsigned long
37Index: openssl-1.0.1e/crypto/bn/bn.h
38===================================================================
39--- openssl-1.0.1e.orig/crypto/bn/bn.h
40+++ openssl-1.0.1e/crypto/bn/bn.h
41@@ -173,6 +173,13 @@ extern "C" {
42 # endif
43 # endif
44
45+/* Address type. */
46+# ifdef _WIN64
47+# define BN_ADDR unsigned long long
48+# else
49+# define BN_ADDR unsigned long
50+# endif
51+
52 /*
53 * assuming long is 64bit - this is the DEC Alpha unsigned long long is only
54 * 64 bits :-(, don't define BN_LLONG for the DEC Alpha
55Index: openssl-1.0.1e/crypto/bn/asm/x86_64-gcc.c
56===================================================================
57--- openssl-1.0.1m/crypto/bn/asm/x86_64-gcc.c 2015-03-19 13:37:10.000000000 +0000
58+++ openssl-1.0.1m-modif/crypto/bn/asm/x86_64-gcc.c 2015-04-14 17:09:11.876533194 +0100
59@@ -211,9 +211,9 @@ 39@@ -211,9 +211,9 @@
60 40
61 asm volatile (" subq %2,%2 \n" 41 asm volatile (" subq %2,%2 \n"
62 ".p2align 4 \n" 42 ".p2align 4 \n"
63- "1: movq (%4,%2,8),%0 \n" 43- "1: movq (%4,%2,8),%0 \n"
@@ -70,7 +50,7 @@ Index: openssl-1.0.1e/crypto/bn/asm/x86_64-gcc.c
70 " loop 1b \n" 50 " loop 1b \n"
71 " sbbq %0,%0 \n":"=&a" (ret), "+c"(n), 51 " sbbq %0,%0 \n":"=&a" (ret), "+c"(n),
72@@ -235,9 +235,9 @@ 52@@ -235,9 +235,9 @@
73 53
74 asm volatile (" subq %2,%2 \n" 54 asm volatile (" subq %2,%2 \n"
75 ".p2align 4 \n" 55 ".p2align 4 \n"
76- "1: movq (%4,%2,8),%0 \n" 56- "1: movq (%4,%2,8),%0 \n"
@@ -81,12 +61,11 @@ Index: openssl-1.0.1e/crypto/bn/asm/x86_64-gcc.c
81+ " movq %0,(%q3,%2,8) \n" 61+ " movq %0,(%q3,%2,8) \n"
82 " leaq 1(%2),%2 \n" 62 " leaq 1(%2),%2 \n"
83 " loop 1b \n" 63 " loop 1b \n"
84 " sbbq %0,%0 \n":"=&a" (ret), "+c"(n) 64 " sbbq %0,%0 \n":"=&a" (ret), "+c"(n),
85Index: openssl-1.0.1e/crypto/bn/bn_exp.c 65diff -ruN a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
86=================================================================== 66--- a/crypto/bn/bn_exp.c 2016-05-03 15:49:00.000000000 +0200
87--- openssl-1.0.1e.orig/crypto/bn/bn_exp.c 67+++ b/crypto/bn/bn_exp.c 2016-05-04 09:07:52.974863300 +0200
88+++ openssl-1.0.1e/crypto/bn/bn_exp.c 68@@ -622,7 +622,7 @@
89@@ -572,7 +572,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top,
90 * multiple. 69 * multiple.
91 */ 70 */
92 #define MOD_EXP_CTIME_ALIGN(x_) \ 71 #define MOD_EXP_CTIME_ALIGN(x_) \
@@ -95,3 +74,20 @@ Index: openssl-1.0.1e/crypto/bn/bn_exp.c
95 74
96 /* 75 /*
97 * This variant of BN_mod_exp_mont() uses fixed windows and the special 76 * This variant of BN_mod_exp_mont() uses fixed windows and the special
77diff -ruN a/crypto/bn/bn.h b/crypto/bn/bn.h
78--- a/crypto/bn/bn.h 2016-05-03 15:49:00.000000000 +0200
79+++ b/crypto/bn/bn.h 2016-05-04 09:07:52.974863300 +0200
80@@ -174,6 +174,13 @@
81 # endif
82 # endif
83
84+/* Address type. */
85+# ifdef _WIN64
86+# define BN_ADDR unsigned long long
87+# else
88+# define BN_ADDR unsigned long
89+# endif
90+
91 /*
92 * assuming long is 64bit - this is the DEC Alpha unsigned long long is only
93 * 64 bits :-(, don't define BN_LLONG for the DEC Alpha
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.1p.bb b/meta/recipes-connectivity/openssl/openssl_1.0.1t.bb
index 0fa3572..1737730 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.1p.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.1t.bb
@@ -6,7 +6,7 @@ DEPENDS += "cryptodev-linux"
6 6
7CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS" 7CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS"
8 8
9LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8" 9LIC_FILES_CHKSUM = "file://LICENSE;md5=27ffa5d74bb5a337056c14b2ef93fbf6"
10 10
11export DIRS = "crypto ssl apps engines" 11export DIRS = "crypto ssl apps engines"
12export OE_LDFLAGS="${LDFLAGS}" 12export OE_LDFLAGS="${LDFLAGS}"
@@ -34,13 +34,10 @@ SRC_URI += "file://configure-targets.patch \
34 file://Makefiles-ptest.patch \ 34 file://Makefiles-ptest.patch \
35 file://ptest-deps.patch \ 35 file://ptest-deps.patch \
36 file://run-ptest \ 36 file://run-ptest \
37 file://CVE-2015-3194-Add-PSS-parameter-check.patch \
38 file://CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch \
39 file://CVE-2016-0800.patch \
40 " 37 "
41 38
42SRC_URI[md5sum] = "7563e92327199e0067ccd0f79f436976" 39SRC_URI[md5sum] = "9837746fcf8a6727d46d22ca35953da1"
43SRC_URI[sha256sum] = "bd5ee6803165c0fb60bbecbacacf244f1f90d2aa0d71353af610c29121e9b2f1" 40SRC_URI[sha256sum] = "4a6ee491a2fdb22e519c76fdc2a628bb3cec12762cd456861d207996c8a07088"
44 41
45PACKAGES =+ " \ 42PACKAGES =+ " \
46 ${PN}-engines \ 43 ${PN}-engines \