diff options
author | Alexander Kanavin <alexander.kanavin@linux.intel.com> | 2017-08-08 18:30:48 +0300 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-08-13 09:27:38 +0100 |
commit | e326733d69181a03af7a4f837ea78fce348fdf00 (patch) | |
tree | f2b049b04bf94693ad017ac68df139b4ed655c65 /meta/recipes-connectivity/openssl/openssl.inc | |
parent | 04891b31e62f37e692647399fa3534d3dd4ab7f9 (diff) | |
download | poky-e326733d69181a03af7a4f837ea78fce348fdf00.tar.gz |
openssl: add a 1.1 version
Existing openssl 1.0 recipe is renamed to openssl10; it will
continue to be provided for as long as upstream supports it
(and there are still several recipes which do not work with openssl
1.1 due to API differences).
A few files (such as openssl binary) are no longer installed by openssl 1.0,
because they clash with openssl 1.1.
(From OE-Core rev: da1183f9fa5e06fbe66b5b31eb3313d5d35d11e3)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/openssl/openssl.inc')
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl.inc | 256 |
1 files changed, 0 insertions, 256 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl.inc b/meta/recipes-connectivity/openssl/openssl.inc deleted file mode 100644 index 0d6442e564..0000000000 --- a/meta/recipes-connectivity/openssl/openssl.inc +++ /dev/null | |||
@@ -1,256 +0,0 @@ | |||
1 | SUMMARY = "Secure Socket Layer" | ||
2 | DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools." | ||
3 | HOMEPAGE = "http://www.openssl.org/" | ||
4 | BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html" | ||
5 | SECTION = "libs/network" | ||
6 | |||
7 | # "openssl | SSLeay" dual license | ||
8 | LICENSE = "openssl" | ||
9 | LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8" | ||
10 | |||
11 | DEPENDS = "makedepend-native hostperl-runtime-native" | ||
12 | DEPENDS_append_class-target = " openssl-native" | ||
13 | |||
14 | SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ | ||
15 | " | ||
16 | S = "${WORKDIR}/openssl-${PV}" | ||
17 | |||
18 | PACKAGECONFIG[perl] = ",,," | ||
19 | |||
20 | TERMIO_libc-musl = "-DTERMIOS" | ||
21 | TERMIO ?= "-DTERMIO" | ||
22 | # Avoid binaries being marked as requiring an executable stack since it | ||
23 | # doesn't(which causes and this causes issues with SELinux | ||
24 | CFLAG = "${@base_conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \ | ||
25 | ${TERMIO} ${CFLAGS} -Wall -Wa,--noexecstack" | ||
26 | |||
27 | export DIRS = "crypto ssl apps" | ||
28 | export EX_LIBS = "-lgcc -ldl" | ||
29 | export AS = "${CC} -c" | ||
30 | |||
31 | inherit pkgconfig siteinfo multilib_header ptest relative_symlinks | ||
32 | |||
33 | PACKAGES =+ "libcrypto libssl ${PN}-misc openssl-conf" | ||
34 | FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}" | ||
35 | FILES_libssl = "${libdir}/libssl${SOLIBS}" | ||
36 | FILES_${PN} =+ " ${libdir}/ssl/*" | ||
37 | FILES_${PN}-misc = "${libdir}/ssl/misc" | ||
38 | RDEPENDS_${PN}-misc = "${@bb.utils.filter('PACKAGECONFIG', 'perl', d)}" | ||
39 | |||
40 | PROVIDES += "openssl10" | ||
41 | |||
42 | # Add the openssl.cnf file to the openssl-conf package. Make the libcrypto | ||
43 | # package RRECOMMENDS on this package. This will enable the configuration | ||
44 | # file to be installed for both the base openssl package and the libcrypto | ||
45 | # package since the base openssl package depends on the libcrypto package. | ||
46 | FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf" | ||
47 | CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf" | ||
48 | RRECOMMENDS_libcrypto += "openssl-conf" | ||
49 | RDEPENDS_${PN}-ptest += "${PN}-misc make perl perl-module-filehandle bc" | ||
50 | |||
51 | # Remove this to enable SSLv3. SSLv3 is defaulted to disabled due to the POODLE | ||
52 | # vulnerability | ||
53 | EXTRA_OECONF = " -no-ssl3" | ||
54 | |||
55 | do_configure_prepend_darwin () { | ||
56 | sed -i -e '/version-script=openssl\.ld/d' Configure | ||
57 | } | ||
58 | |||
59 | do_configure () { | ||
60 | cd util | ||
61 | perl perlpath.pl ${STAGING_BINDIR_NATIVE} | ||
62 | cd .. | ||
63 | ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/ | ||
64 | |||
65 | os=${HOST_OS} | ||
66 | case $os in | ||
67 | linux-gnueabi |\ | ||
68 | linux-gnuspe |\ | ||
69 | linux-musleabi |\ | ||
70 | linux-muslspe |\ | ||
71 | linux-musl ) | ||
72 | os=linux | ||
73 | ;; | ||
74 | *) | ||
75 | ;; | ||
76 | esac | ||
77 | target="$os-${HOST_ARCH}" | ||
78 | case $target in | ||
79 | linux-arm) | ||
80 | target=linux-armv4 | ||
81 | ;; | ||
82 | linux-armeb) | ||
83 | target=linux-elf-armeb | ||
84 | ;; | ||
85 | linux-aarch64*) | ||
86 | target=linux-aarch64 | ||
87 | ;; | ||
88 | linux-sh3) | ||
89 | target=debian-sh3 | ||
90 | ;; | ||
91 | linux-sh4) | ||
92 | target=debian-sh4 | ||
93 | ;; | ||
94 | linux-i486) | ||
95 | target=debian-i386-i486 | ||
96 | ;; | ||
97 | linux-i586 | linux-viac3) | ||
98 | target=debian-i386-i586 | ||
99 | ;; | ||
100 | linux-i686) | ||
101 | target=debian-i386-i686/cmov | ||
102 | ;; | ||
103 | linux-gnux32-x86_64 | linux-muslx32-x86_64 ) | ||
104 | target=linux-x32 | ||
105 | ;; | ||
106 | linux-gnu64-x86_64) | ||
107 | target=linux-x86_64 | ||
108 | ;; | ||
109 | linux-gnun32-mips*el) | ||
110 | target=debian-mipsn32el | ||
111 | ;; | ||
112 | linux-gnun32-mips*) | ||
113 | target=debian-mipsn32 | ||
114 | ;; | ||
115 | linux-mips*64*el) | ||
116 | target=debian-mips64el | ||
117 | ;; | ||
118 | linux-mips*64*) | ||
119 | target=debian-mips64 | ||
120 | ;; | ||
121 | linux-mips*el) | ||
122 | target=debian-mipsel | ||
123 | ;; | ||
124 | linux-mips*) | ||
125 | target=debian-mips | ||
126 | ;; | ||
127 | linux-microblaze*|linux-nios2*) | ||
128 | target=linux-generic32 | ||
129 | ;; | ||
130 | linux-powerpc) | ||
131 | target=linux-ppc | ||
132 | ;; | ||
133 | linux-powerpc64) | ||
134 | target=linux-ppc64 | ||
135 | ;; | ||
136 | linux-supersparc) | ||
137 | target=linux-sparcv8 | ||
138 | ;; | ||
139 | linux-sparc) | ||
140 | target=linux-sparcv8 | ||
141 | ;; | ||
142 | darwin-i386) | ||
143 | target=darwin-i386-cc | ||
144 | ;; | ||
145 | esac | ||
146 | # inject machine-specific flags | ||
147 | sed -i -e "s|^\(\"$target\",\s*\"[^:]\+\):\([^:]\+\)|\1:${CFLAG}|g" Configure | ||
148 | useprefix=${prefix} | ||
149 | if [ "x$useprefix" = "x" ]; then | ||
150 | useprefix=/ | ||
151 | fi | ||
152 | perl ./Configure ${EXTRA_OECONF} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=`basename ${libdir}` $target | ||
153 | } | ||
154 | |||
155 | do_compile_prepend_class-target () { | ||
156 | sed -i 's/\((OPENSSL=\)".*"/\1"openssl"/' Makefile | ||
157 | } | ||
158 | |||
159 | do_compile () { | ||
160 | oe_runmake depend | ||
161 | oe_runmake | ||
162 | } | ||
163 | |||
164 | do_compile_ptest () { | ||
165 | # build dependencies for test directory too | ||
166 | export DIRS="$DIRS test" | ||
167 | oe_runmake depend | ||
168 | oe_runmake buildtest | ||
169 | } | ||
170 | |||
171 | do_install () { | ||
172 | # Create ${D}/${prefix} to fix parallel issues | ||
173 | mkdir -p ${D}/${prefix}/ | ||
174 | |||
175 | oe_runmake INSTALL_PREFIX="${D}" MANDIR="${mandir}" install | ||
176 | |||
177 | oe_libinstall -so libcrypto ${D}${libdir} | ||
178 | oe_libinstall -so libssl ${D}${libdir} | ||
179 | |||
180 | install -d ${D}${includedir} | ||
181 | cp --dereference -R include/openssl ${D}${includedir} | ||
182 | |||
183 | install -Dm 0755 ${WORKDIR}/openssl-c_rehash.sh ${D}${bindir}/c_rehash | ||
184 | sed -i -e 's,/etc/openssl,${sysconfdir}/ssl,g' ${D}${bindir}/c_rehash | ||
185 | |||
186 | oe_multilib_header openssl/opensslconf.h | ||
187 | if [ "${@bb.utils.filter('PACKAGECONFIG', 'perl', d)}" ]; then | ||
188 | sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/CA.pl | ||
189 | sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/tsget | ||
190 | else | ||
191 | rm -f ${D}${libdir}/ssl/misc/CA.pl ${D}${libdir}/ssl/misc/tsget | ||
192 | fi | ||
193 | |||
194 | # Create SSL structure | ||
195 | install -d ${D}${sysconfdir}/ssl/ | ||
196 | mv ${D}${libdir}/ssl/openssl.cnf \ | ||
197 | ${D}${libdir}/ssl/certs \ | ||
198 | ${D}${libdir}/ssl/private \ | ||
199 | \ | ||
200 | ${D}${sysconfdir}/ssl/ | ||
201 | ln -sf ${sysconfdir}/ssl/certs ${D}${libdir}/ssl/certs | ||
202 | ln -sf ${sysconfdir}/ssl/private ${D}${libdir}/ssl/private | ||
203 | ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${libdir}/ssl/openssl.cnf | ||
204 | } | ||
205 | |||
206 | do_install_ptest () { | ||
207 | cp -r -L Makefile.org Makefile test ${D}${PTEST_PATH} | ||
208 | |||
209 | # Replace the path to native perl with the path to target perl | ||
210 | sed -i 's,^PERL=.*,PERL=${bindir}/perl,' ${D}${PTEST_PATH}/Makefile | ||
211 | |||
212 | cp Configure config e_os.h ${D}${PTEST_PATH} | ||
213 | cp -r -L include ${D}${PTEST_PATH} | ||
214 | ln -sf ${libdir}/libcrypto.a ${D}${PTEST_PATH} | ||
215 | ln -sf ${libdir}/libssl.a ${D}${PTEST_PATH} | ||
216 | mkdir -p ${D}${PTEST_PATH}/crypto | ||
217 | cp crypto/constant_time_locl.h ${D}${PTEST_PATH}/crypto | ||
218 | cp -r certs ${D}${PTEST_PATH} | ||
219 | mkdir -p ${D}${PTEST_PATH}/apps | ||
220 | ln -sf ${libdir}/ssl/misc/CA.sh ${D}${PTEST_PATH}/apps | ||
221 | ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${PTEST_PATH}/apps | ||
222 | ln -sf ${bindir}/openssl ${D}${PTEST_PATH}/apps | ||
223 | cp apps/server.pem ${D}${PTEST_PATH}/apps | ||
224 | cp apps/server2.pem ${D}${PTEST_PATH}/apps | ||
225 | mkdir -p ${D}${PTEST_PATH}/util | ||
226 | install util/opensslwrap.sh ${D}${PTEST_PATH}/util | ||
227 | install util/shlib_wrap.sh ${D}${PTEST_PATH}/util | ||
228 | # Time stamps are relevant for "make alltests", otherwise | ||
229 | # make may try to recompile binaries. Not only must the | ||
230 | # binary files be newer than the sources, they also must | ||
231 | # be more recent than the header files in /usr/include. | ||
232 | # | ||
233 | # Using "cp -a" is not sufficient, because do_install | ||
234 | # does not preserve the original time stamps. | ||
235 | # | ||
236 | # So instead of using the original file stamps, we set | ||
237 | # the current time for all files. Binaries will get | ||
238 | # modified again later when stripping them, but that's okay. | ||
239 | touch ${D}${PTEST_PATH} | ||
240 | find ${D}${PTEST_PATH} -type f -print0 | xargs --verbose -0 touch -r ${D}${PTEST_PATH} | ||
241 | |||
242 | # exclude binary files or the package won't install | ||
243 | for d in ssltest_old v3ext x509aux; do | ||
244 | rm -rf ${D}${libdir}/${BPN}/ptest/test/$d | ||
245 | done | ||
246 | } | ||
247 | |||
248 | do_install_append_class-native() { | ||
249 | create_wrapper ${D}${bindir}/openssl \ | ||
250 | OPENSSL_CONF=${libdir}/ssl/openssl.cnf \ | ||
251 | SSL_CERT_DIR=${libdir}/ssl/certs \ | ||
252 | SSL_CERT_FILE=${libdir}/ssl/cert.pem \ | ||
253 | OPENSSL_ENGINES=${libdir}/ssl/engines | ||
254 | } | ||
255 | |||
256 | BBCLASSEXTEND = "native nativesdk" | ||