summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/openssl
diff options
context:
space:
mode:
authorRoss Burton <ross.burton@intel.com>2018-03-09 20:55:44 +0200
committerRichard Purdie <richard.purdie@linuxfoundation.org>2018-03-11 06:27:00 -0700
commit5a78036d08b2c3255ad5ccd1bfb4080e13c9f317 (patch)
tree673315027a05a4e42e6c80f877035c79a7ea7601 /meta/recipes-connectivity/openssl
parent7187b63c19acc16c736643639dc479c119f85b16 (diff)
downloadpoky-5a78036d08b2c3255ad5ccd1bfb4080e13c9f317.tar.gz
openssl: refresh patches
The patch tool will apply patches by default with "fuzz", which is where if the hunk context isn't present but what is there is close enough, it will force the patch in. Whilst this is useful when there's just whitespace changes, when applied to source it is possible for a patch applied with fuzz to produce broken code which still compiles (see #10450). This is obviously bad. We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For that to be realistic the existing patches with fuzz need to be rebased and reviewed. (From OE-Core rev: 7baba7a19c5610a63ccbfd6a2238667772b32118) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/openssl')
-rw-r--r--meta/recipes-connectivity/openssl/openssl-1.0.2n/debian/c_rehash-compat.patch10
-rw-r--r--meta/recipes-connectivity/openssl/openssl-1.0.2n/debian/debian-targets.patch14
2 files changed, 12 insertions, 12 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2n/debian/c_rehash-compat.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2n/debian/c_rehash-compat.patch
index 68e54d561e..3820e3e306 100644
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2n/debian/c_rehash-compat.patch
+++ b/meta/recipes-connectivity/openssl/openssl-1.0.2n/debian/c_rehash-compat.patch
@@ -5,10 +5,10 @@ Subject: [PATCH] also create old hash for compatibility
5 5
6Upstream-Status: Backport [debian] 6Upstream-Status: Backport [debian]
7 7
8diff --git a/tools/c_rehash.in b/tools/c_rehash.in 8Index: openssl-1.0.2n/tools/c_rehash.in
9index b086ff9..b777d79 100644 9===================================================================
10--- a/tools/c_rehash.in 10--- openssl-1.0.2n.orig/tools/c_rehash.in
11+++ b/tools/c_rehash.in 11+++ openssl-1.0.2n/tools/c_rehash.in
12@@ -8,8 +8,6 @@ my $prefix; 12@@ -8,8 +8,6 @@ my $prefix;
13 13
14 my $openssl = $ENV{OPENSSL} || "openssl"; 14 my $openssl = $ENV{OPENSSL} || "openssl";
@@ -48,7 +48,7 @@ index b086ff9..b777d79 100644
48 $fname =~ s/'/'\\''/g; 48 $fname =~ s/'/'\\''/g;
49 my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`; 49 my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;
50 chomp $hash; 50 chomp $hash;
51@@ -176,11 +174,21 @@ sub link_hash_cert { 51@@ -177,10 +175,20 @@ sub link_hash_cert {
52 $hashlist{$hash} = $fprint; 52 $hashlist{$hash} = $fprint;
53 } 53 }
54 54
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2n/debian/debian-targets.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2n/debian/debian-targets.patch
index 39d4328184..35d92bedb7 100644
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2n/debian/debian-targets.patch
+++ b/meta/recipes-connectivity/openssl/openssl-1.0.2n/debian/debian-targets.patch
@@ -1,12 +1,12 @@
1Upstream-Status: Backport [debian] 1Upstream-Status: Backport [debian]
2 2
3Index: openssl-1.0.2/Configure 3Index: openssl-1.0.2n/Configure
4=================================================================== 4===================================================================
5--- openssl-1.0.2.orig/Configure 5--- openssl-1.0.2n.orig/Configure
6+++ openssl-1.0.2/Configure 6+++ openssl-1.0.2n/Configure
7@@ -107,6 +107,10 @@ my $gcc_devteam_warn = "-Wall -pedantic 7@@ -133,6 +133,10 @@ my $clang_devteam_warn = "-Wno-unused-pa
8 8 # Warn that "make depend" should be run?
9 my $clang_disabled_warnings = "-Wno-language-extension-token -Wno-extended-offsetof -Wno-padded -Wno-shorten-64-to-32 -Wno-format-nonliteral -Wno-missing-noreturn -Wno-unused-parameter -Wno-sign-conversion -Wno-unreachable-code -Wno-conversion -Wno-documentation -Wno-missing-variable-declarations -Wno-cast-align -Wno-incompatible-pointer-types-discards-qualifiers -Wno-missing-variable-declarations -Wno-missing-field-initializers -Wno-unused-macros -Wno-disabled-macro-expansion -Wno-conditional-uninitialized -Wno-switch-enum"; 9 my $warn_make_depend = 0;
10 10
11+# There are no separate CFLAGS/CPPFLAGS/LDFLAGS, set everything in CFLAGS 11+# There are no separate CFLAGS/CPPFLAGS/LDFLAGS, set everything in CFLAGS
12+my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . "-Wa,--noexecstack -Wall"; 12+my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . "-Wa,--noexecstack -Wall";
@@ -15,7 +15,7 @@ Index: openssl-1.0.2/Configure
15 my $strict_warnings = 0; 15 my $strict_warnings = 0;
16 16
17 my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL"; 17 my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
18@@ -343,6 +347,55 @@ my %table=( 18@@ -369,6 +373,55 @@ my %table=(
19 "osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so", 19 "osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
20 "tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared::-msym:.so", 20 "tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared::-msym:.so",
21 21