openssl: Upgrade to v1.0.1g

The trigger for the upgrade was the serious "heartbleed" vulnerability (CVE-2014-0160). More information: http://www.itnews.com.au/News/382068,serious-openssl-bug-renders-websites-wide-open.aspx Dropped obsolete patches, because the new version contains them: 0001-Fix-for-TLS-record-tampering-bug-CVE-2013-4353.patch 0001-Fix-DTLS-retransmission-from-previous-session.patch 0001-Use-version-in-SSL_METHOD-not-SSL-structure.patch Modified 2 patches (small changes), in order to apply properly: initial-aarch64-bits.patch openssl-fix-doc.patch Addresses CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 (From OE-Core rev: ff52836e1838590eeec7d7658e15b21d83cf8455) Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Cristiana Voicu <cristiana.voicu@intel.com> 2014-04-08 14:49:48 +0300
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2014-04-08 17:45:09 +0100
commit: 5dd1d7566964c90d33c0c44f569d9336fb0724ce (patch)
tree: 6c9516db6873f1254723cbeeca204a43d5d410ba /meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch
parent: c0ac09ab49d7a2b9cc7601ceef2852d690cdf3d1 (diff)
download: poky-5dd1d7566964c90d33c0c44f569d9336fb0724ce.tar.gz
1 files changed, 56 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch b/meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch
new file mode 100644
index 0000000000..d8a6f1a23c
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch
@@ -0,0 +1,56 @@
+Upstream-Status: Inappropriate [configuration]
+Index: openssl-1.0.0/engines/Makefile
+===================================================================
+--- openssl-1.0.0.orig/engines/Makefile
+++ openssl-1.0.0/engines/Makefile
+@@ -107,7 +107,7 @@
+        @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+        @if [ -n "$(SHARED_LIBS)" ]; then \
+                set -e; \
+-               $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines; \
+               $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines; \
+                for l in $(LIBNAMES); do \
+                        ( echo installing $$l; \
+                          pfx=lib; \
+@@ -119,13 +119,13 @@
+                                *DSO_WIN32*)    sfx="eay32.dll"; pfx=;; \
+                                *)              sfx=".bad";;    \
+                                esac; \
+-                               cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
+                               cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \
+                          else \
+                                sfx=".so"; \
+-                               cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
+                               cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \
+                          fi; \
+-                         chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
+-                         mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
+                         chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \
+                         mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx ); \
+                done; \
+        fi
+        @target=install; $(RECURSIVE_MAKE)
+Index: openssl-1.0.0/engines/ccgost/Makefile
+===================================================================
+--- openssl-1.0.0.orig/engines/ccgost/Makefile
+++ openssl-1.0.0/engines/ccgost/Makefile
+@@ -53,13 +53,13 @@
+                        *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \
+                        *) sfx=".bad";; \
+                        esac; \
+-                       cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+                       cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+                else \
+                        sfx=".so"; \
+-                       cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+                       cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+                fi; \
+-               chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+-               mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \
+               chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+               mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx; \
+        fi
+ 
+ links:
author	Cristiana Voicu <cristiana.voicu@intel.com>	2014-04-08 14:49:48 +0300
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-04-08 17:45:09 +0100
commit	5dd1d7566964c90d33c0c44f569d9336fb0724ce (patch)
tree	6c9516db6873f1254723cbeeca204a43d5d410ba /meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch
parent	c0ac09ab49d7a2b9cc7601ceef2852d690cdf3d1 (diff)
download	poky-5dd1d7566964c90d33c0c44f569d9336fb0724ce.tar.gz

diff --git a/meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch b/meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch new file mode 100644 index 0000000000..d8a6f1a23c --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch
@@ -0,0 +1,56 @@
	1	Upstream-Status: Inappropriate [configuration]
	2
	3
	4	Index: openssl-1.0.0/engines/Makefile
	5	===================================================================
	6	--- openssl-1.0.0.orig/engines/Makefile
	7	+++ openssl-1.0.0/engines/Makefile
	8	@@ -107,7 +107,7 @@
	9	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
	10	@if [ -n "$(SHARED_LIBS)" ]; then \
	11	set -e; \
	12	- $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines; \
	13	+ $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines; \
	14	for l in $(LIBNAMES); do \
	15	( echo installing $$l; \
	16	pfx=lib; \
	17	@@ -119,13 +119,13 @@
	18	DSO_WIN32) sfx="eay32.dll"; pfx=;; \
	19	*) sfx=".bad";; \
	20	esac; \
	21	- cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
	22	+ cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \
	23	else \
	24	sfx=".so"; \
	25	- cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
	26	+ cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \
	27	fi; \
	28	- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
	29	- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
	30	+ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \
	31	+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx ); \
	32	done; \
	33	fi
	34	@target=install; $(RECURSIVE_MAKE)
	35	Index: openssl-1.0.0/engines/ccgost/Makefile
	36	===================================================================
	37	--- openssl-1.0.0.orig/engines/ccgost/Makefile
	38	+++ openssl-1.0.0/engines/ccgost/Makefile
	39	@@ -53,13 +53,13 @@
	40	DSO_WIN32) sfx="eay32.dll"; pfx=;; \
	41	*) sfx=".bad";; \
	42	esac; \
	43	- cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
	44	+ cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \
	45	else \
	46	sfx=".so"; \
	47	- cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
	48	+ cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \
	49	fi; \
	50	- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
	51	- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \
	52	+ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \
	53	+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx; \
	54	fi
	55
	56	links: