openssl: upgrade to 3.0.1

Major changes in 3.0.1: * Fixed invalid handling of X509_verify_cert() internal errors in libssl ([CVE-2021-4044]) * Allow fetching an operation from the provider that owns an unexportable key as a fallback if that is still allowed by the property query. Drop patches which were backported. Add sed to openssl-ptest as the tests use 'sed -u', which isn't supported by busybox. Ensure that we package the dummy async engine, needed by the test suite. (From OE-Core rev: 5cd40648b0ba88cd9905800e748ae98f08c10ac7) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Ross Burton <ross@burtonini.com> 2021-12-20 18:05:59 +0000
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-12-21 12:01:41 +0000
commit: 42298b2978bb74e128bff2ca1ed8e5fecf2ff6f9 (patch)
tree: 91b6008a1c4f85594b30b477cf75cb4fcca9895e /meta/recipes-connectivity/openssl
parent: 06b027b928e4955f1391f1931e18746be76ff57f (diff)
download: poky-42298b2978bb74e128bff2ca1ed8e5fecf2ff6f9.tar.gz
3 files changed, 9 insertions, 148 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/0001-Fix-EVP_PKEY_CTX_get_rsa_pss_saltlen-no.patch b/meta/recipes-connectivity/openssl/openssl/0001-Fix-EVP_PKEY_CTX_get_rsa_pss_saltlen-no.patch
deleted file mode 100644
index b85a3ad7d2..0000000000
--- a/meta/recipes-connectivity/openssl/openssl/0001-Fix-EVP_PKEY_CTX_get_rsa_pss_saltlen-no.patch
+++ /dev/null
@@ -1,108 +0,0 @@
-Fix EVP_PKEY_CTX_get_rsa_pss_saltlen, and also disable the tests in non-default
-context (required when backporting, not needed with 3.0.1).
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-From 6b5c02f6173e5fd46a3685e676fcb5eee9ac43ea Mon Sep 17 00:00:00 2001
-From: Tom Cosgrove <tom.cosgrove@arm.com>
-Date: Thu, 25 Nov 2021 15:49:26 +0000
-Subject: [PATCH] Fix EVP_PKEY_CTX_get_rsa_pss_saltlen() not returning a value
-When an integer value was specified, it was not being passed back via
-the orig_p2 weirdness.
-Regression test included.
-Reviewed-by: Tomas Mraz <tomas@openssl.org>
-Reviewed-by: Paul Dale <pauli@openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/17136)
---
- crypto/evp/ctrl_params_translate.c | 12 +++++++-----
- test/evp_extra_test.c              | 30 ++++++++++++++++++++++++++++++
- 2 files changed, 37 insertions(+), 5 deletions(-)
-diff --git a/crypto/evp/ctrl_params_translate.c b/crypto/evp/ctrl_params_translate.c
-index 88945e13e6..6638209a8d 100644
--- a/crypto/evp/ctrl_params_translate.c
-+++ b/crypto/evp/ctrl_params_translate.c
-@@ -1379,21 +1379,23 @@ static int fix_rsa_pss_saltlen(enum state state,
-     if ((ctx->action_type == SET && state == PRE_PARAMS_TO_CTRL)
-         || (ctx->action_type == GET && state == POST_CTRL_TO_PARAMS)) {
-         size_t i;
-+        int val;
- 
-         for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
-             if (strcmp(ctx->p2, str_value_map[i].ptr) == 0)
-                 break;
-         }
-        if (i == OSSL_NELEM(str_value_map)) {
-            ctx->p1 = atoi(ctx->p2);
-        } else if (state == POST_CTRL_TO_PARAMS) {
-+
-+        val = i == OSSL_NELEM(str_value_map) ? atoi(ctx->p2)
-+                                             : (int)str_value_map[i].id;
-+        if (state == POST_CTRL_TO_PARAMS) {
-             /*
-              * EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN weirdness explained further
-              * up
-              */
-            *(int *)ctx->orig_p2 = str_value_map[i].id;
-+            *(int *)ctx->orig_p2 = val;
-         } else {
-            ctx->p1 = (int)str_value_map[i].id;
-+            ctx->p1 = val;
-         }
-         ctx->p2 = NULL;
-     }
-diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
-index 83f8902d24..9ad37a2bce 100644
--- a/test/evp_extra_test.c
-+++ b/test/evp_extra_test.c
-@@ -3049,6 +3049,35 @@ static int test_EVP_rsa_pss_with_keygen_bits(void)
-     return ret;
- }
- 
-+static int test_EVP_rsa_pss_set_saltlen(void)
-+{
-+    int ret = 0;
-+    EVP_PKEY *pkey = NULL;
-+    EVP_PKEY_CTX *pkey_ctx = NULL;
-+    EVP_MD *sha256 = NULL;
-+    EVP_MD_CTX *sha256_ctx = NULL;
-+    int saltlen = 9999; /* buggy EVP_PKEY_CTX_get_rsa_pss_saltlen() didn't update this */
-+    const int test_value = 32;
-+
-+    if (nullprov != NULL)
-+        return TEST_skip("Test does not support a non-default library context");
-+
-+    ret = TEST_ptr(pkey = load_example_rsa_key())
-+        && TEST_ptr(sha256 = EVP_MD_fetch(testctx, "sha256", NULL))
-+        && TEST_ptr(sha256_ctx = EVP_MD_CTX_new())
-+        && TEST_true(EVP_DigestSignInit(sha256_ctx, &pkey_ctx, sha256, NULL, pkey))
-+        && TEST_true(EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING))
-+        && TEST_true(EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, test_value))
-+        && TEST_true(EVP_PKEY_CTX_get_rsa_pss_saltlen(pkey_ctx, &saltlen))
-+        && TEST_int_eq(saltlen, test_value);
-+
-+    EVP_MD_CTX_free(sha256_ctx);
-+    EVP_PKEY_free(pkey);
-+    EVP_MD_free(sha256);
-+
-+    return ret;
-+}
-+
- static int success = 1;
- static void md_names(const char *name, void *vctx)
- {
-@@ -3966,6 +3995,7 @@ int setup_tests(void)
-     ADD_ALL_TESTS(test_evp_iv_des, 6);
- #endif
-     ADD_TEST(test_EVP_rsa_pss_with_keygen_bits);
-+    ADD_TEST(test_EVP_rsa_pss_set_saltlen);
- #ifndef OPENSSL_NO_EC
-     ADD_ALL_TESTS(test_ecpub, OSSL_NELEM(ecpub_nids));
- #endif
-- 
-2.25.1
diff --git a/meta/recipes-connectivity/openssl/openssl/armv8-32bit.patch b/meta/recipes-connectivity/openssl/openssl/armv8-32bit.patch
deleted file mode 100644
index 1935651be0..0000000000
--- a/meta/recipes-connectivity/openssl/openssl/armv8-32bit.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-Upstream-Status: Submitted [https://github.com/openssl/openssl/pull/16951]
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-From 5118e96a3dbedde2523e7726fa34af30923a9add Mon Sep 17 00:00:00 2001
-From: Tom Cosgrove <tom.cosgrove@arm.com>
-Date: Tue, 2 Nov 2021 15:26:21 +0000
-Subject: [PATCH] Fix builds on Armv8 systems without AArch64
-This fixes "undefined reference to `aes_gcm_dec_128_kernel' in function
-`armv8_aes_gcm_decrypt'" and similar
-Fixes #16949
---
- include/crypto/aes_platform.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/include/crypto/aes_platform.h b/include/crypto/aes_platform.h
-index 015c3bd4ab91..e95ad5aa5de6 100644
--- a/include/crypto/aes_platform.h
-+++ b/include/crypto/aes_platform.h
-@@ -100,7 +100,7 @@ void AES_xts_decrypt(const unsigned char *inp, unsigned char *out, size_t len,
- #    define AES_PMULL_CAPABLE ((OPENSSL_armcap_P & ARMV8_PMULL) && (OPENSSL_armcap_P & ARMV8_AES))
- #    define AES_GCM_ENC_BYTES 512
- #    define AES_GCM_DEC_BYTES 512
-#    if __ARM_MAX_ARCH__>=8
-+#    if __ARM_MAX_ARCH__>=8 && defined(__aarch64__)
- #     define AES_gcm_encrypt armv8_aes_gcm_encrypt
- #     define AES_gcm_decrypt armv8_aes_gcm_decrypt
- #     define AES_GCM_ASM(gctx) ((gctx)->ctr==aes_v8_ctr32_encrypt_blocks && \
diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.0.bb b/meta/recipes-connectivity/openssl/openssl_3.0.1.bb
index da73ed6bc3..162435480c 100644
--- a/meta/recipes-connectivity/openssl/openssl_3.0.0.bb
+++ b/meta/recipes-connectivity/openssl/openssl_3.0.1.bb
@@ -12,15 +12,13 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
           file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \
           file://afalg.patch \
           file://0001-Configure-do-not-tweak-mips-cflags.patch \
-           file://armv8-32bit.patch \
-           file://0001-Fix-EVP_PKEY_CTX_get_rsa_pss_saltlen-no.patch \
           "
 SRC_URI:append:class-nativesdk = " \
           file://environment.d-openssl.sh \
           "
-SRC_URI[sha256sum] = "59eedfcb46c25214c9bd37ed6078297b4df01d012267fe9e9eee31f61bc70536"
+SRC_URI[sha256sum] = "c311ad853353bce796edad01a862c50a8a587f62e7e2100ef465ab53ec9b06d1"
 inherit lib_package multilib_header multilib_script ptest perlnative
 MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
@@ -194,21 +192,21 @@ do_install_ptest () {
        install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps
        install -d ${D}${PTEST_PATH}/engines
-        install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines
+        install -m755 ${B}/engines/dasync.so ${D}${PTEST_PATH}/engines
        install -m755 ${B}/engines/loader_attic.so ${D}${PTEST_PATH}/engines
+        install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines
        install -d ${D}${PTEST_PATH}/providers
        install -m755 ${B}/providers/legacy.so ${D}${PTEST_PATH}/providers
-        install -d ${D}${PTEST_PATH}/Configurations
+        install -d ${D}${PTEST_PATH}/Configurations
-        cp -rf ${S}/Configurations/* ${D}${PTEST_PATH}/Configurations/
+        cp -rf ${S}/Configurations/* ${D}${PTEST_PATH}/Configurations/
-        # seems to be needed with perl 5.32.1
+        # seems to be needed with perl 5.32.1
-        install -d ${D}${PTEST_PATH}/util/perl/recipes
+        install -d ${D}${PTEST_PATH}/util/perl/recipes
-        cp ${D}${PTEST_PATH}/test/recipes/tconversion.pl ${D}${PTEST_PATH}/util/perl/recipes/
+        cp ${D}${PTEST_PATH}/test/recipes/tconversion.pl ${D}${PTEST_PATH}/util/perl/recipes/
        sed 's|${S}|${PTEST_PATH}|g' -i ${D}${PTEST_PATH}/util/wrap.pl
 }
 # Add the openssl.cnf file to the openssl-conf package. Make the libcrypto
@@ -234,7 +232,7 @@ CONFFILES:openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
 RRECOMMENDS:libcrypto += "openssl-conf"
 RDEPENDS:${PN}-misc = "perl"
-RDEPENDS:${PN}-ptest += "openssl-bin perl perl-modules bash"
+RDEPENDS:${PN}-ptest += "openssl-bin perl perl-modules bash sed"
 RDEPENDS:${PN}-bin += "openssl-conf"
author	Ross Burton <ross@burtonini.com>	2021-12-20 18:05:59 +0000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-12-21 12:01:41 +0000
commit	42298b2978bb74e128bff2ca1ed8e5fecf2ff6f9 (patch)
tree	91b6008a1c4f85594b30b477cf75cb4fcca9895e /meta/recipes-connectivity/openssl
parent	06b027b928e4955f1391f1931e18746be76ff57f (diff)
download	poky-42298b2978bb74e128bff2ca1ed8e5fecf2ff6f9.tar.gz

diff --git a/meta/recipes-connectivity/openssl/openssl/0001-Fix-EVP_PKEY_CTX_get_rsa_pss_saltlen-no.patch b/meta/recipes-connectivity/openssl/openssl/0001-Fix-EVP_PKEY_CTX_get_rsa_pss_saltlen-no.patch deleted file mode 100644 index b85a3ad7d2..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/0001-Fix-EVP_PKEY_CTX_get_rsa_pss_saltlen-no.patch +++ /dev/null
@@ -1,108 +0,0 @@
1	Fix EVP_PKEY_CTX_get_rsa_pss_saltlen, and also disable the tests in non-default
2	context (required when backporting, not needed with 3.0.1).
3
4	Upstream-Status: Backport
5	Signed-off-by: Ross Burton <ross.burton@arm.com>
6
7	From 6b5c02f6173e5fd46a3685e676fcb5eee9ac43ea Mon Sep 17 00:00:00 2001
8	From: Tom Cosgrove <tom.cosgrove@arm.com>
9	Date: Thu, 25 Nov 2021 15:49:26 +0000
10	Subject: [PATCH] Fix EVP_PKEY_CTX_get_rsa_pss_saltlen() not returning a value
11
12	When an integer value was specified, it was not being passed back via
13	the orig_p2 weirdness.
14
15	Regression test included.
16
17	Reviewed-by: Tomas Mraz <tomas@openssl.org>
18	Reviewed-by: Paul Dale <pauli@openssl.org>
19	(Merged from https://github.com/openssl/openssl/pull/17136)
20	---
21	crypto/evp/ctrl_params_translate.c \| 12 +++++++-----
22	test/evp_extra_test.c \| 30 ++++++++++++++++++++++++++++++
23	2 files changed, 37 insertions(+), 5 deletions(-)
24
25	diff --git a/crypto/evp/ctrl_params_translate.c b/crypto/evp/ctrl_params_translate.c
26	index 88945e13e6..6638209a8d 100644
27	--- a/crypto/evp/ctrl_params_translate.c
28	+++ b/crypto/evp/ctrl_params_translate.c
29	@@ -1379,21 +1379,23 @@ static int fix_rsa_pss_saltlen(enum state state,
30	if ((ctx->action_type == SET && state == PRE_PARAMS_TO_CTRL)
31	\|\| (ctx->action_type == GET && state == POST_CTRL_TO_PARAMS)) {
32	size_t i;
33	+ int val;
34
35	for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
36	if (strcmp(ctx->p2, str_value_map[i].ptr) == 0)
37	break;
38	}
39	- if (i == OSSL_NELEM(str_value_map)) {
40	- ctx->p1 = atoi(ctx->p2);
41	- } else if (state == POST_CTRL_TO_PARAMS) {
42	+
43	+ val = i == OSSL_NELEM(str_value_map) ? atoi(ctx->p2)
44	+ : (int)str_value_map[i].id;
45	+ if (state == POST_CTRL_TO_PARAMS) {
46	/*
47	* EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN weirdness explained further
48	* up
49	*/
50	- (int )ctx->orig_p2 = str_value_map[i].id;
51	+ (int )ctx->orig_p2 = val;
52	} else {
53	- ctx->p1 = (int)str_value_map[i].id;
54	+ ctx->p1 = val;
55	}
56	ctx->p2 = NULL;
57	}
58	diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
59	index 83f8902d24..9ad37a2bce 100644
60	--- a/test/evp_extra_test.c
61	+++ b/test/evp_extra_test.c
62	@@ -3049,6 +3049,35 @@ static int test_EVP_rsa_pss_with_keygen_bits(void)
63	return ret;
64	}
65
66	+static int test_EVP_rsa_pss_set_saltlen(void)
67	+{
68	+ int ret = 0;
69	+ EVP_PKEY *pkey = NULL;
70	+ EVP_PKEY_CTX *pkey_ctx = NULL;
71	+ EVP_MD *sha256 = NULL;
72	+ EVP_MD_CTX *sha256_ctx = NULL;
73	+ int saltlen = 9999; /* buggy EVP_PKEY_CTX_get_rsa_pss_saltlen() didn't update this */
74	+ const int test_value = 32;
75	+
76	+ if (nullprov != NULL)
77	+ return TEST_skip("Test does not support a non-default library context");
78	+
79	+ ret = TEST_ptr(pkey = load_example_rsa_key())
80	+ && TEST_ptr(sha256 = EVP_MD_fetch(testctx, "sha256", NULL))
81	+ && TEST_ptr(sha256_ctx = EVP_MD_CTX_new())
82	+ && TEST_true(EVP_DigestSignInit(sha256_ctx, &pkey_ctx, sha256, NULL, pkey))
83	+ && TEST_true(EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING))
84	+ && TEST_true(EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, test_value))
85	+ && TEST_true(EVP_PKEY_CTX_get_rsa_pss_saltlen(pkey_ctx, &saltlen))
86	+ && TEST_int_eq(saltlen, test_value);
87	+
88	+ EVP_MD_CTX_free(sha256_ctx);
89	+ EVP_PKEY_free(pkey);
90	+ EVP_MD_free(sha256);
91	+
92	+ return ret;
93	+}
94	+
95	static int success = 1;
96	static void md_names(const char name, void vctx)
97	{
98	@@ -3966,6 +3995,7 @@ int setup_tests(void)
99	ADD_ALL_TESTS(test_evp_iv_des, 6);
100	#endif
101	ADD_TEST(test_EVP_rsa_pss_with_keygen_bits);
102	+ ADD_TEST(test_EVP_rsa_pss_set_saltlen);
103	#ifndef OPENSSL_NO_EC
104	ADD_ALL_TESTS(test_ecpub, OSSL_NELEM(ecpub_nids));
105	#endif
106	--
107	2.25.1
108


diff --git a/meta/recipes-connectivity/openssl/openssl/armv8-32bit.patch b/meta/recipes-connectivity/openssl/openssl/armv8-32bit.patch deleted file mode 100644 index 1935651be0..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/armv8-32bit.patch +++ /dev/null
@@ -1,29 +0,0 @@
1	Upstream-Status: Submitted [https://github.com/openssl/openssl/pull/16951]
2	Signed-off-by: Ross Burton <ross.burton@arm.com>
3
4	From 5118e96a3dbedde2523e7726fa34af30923a9add Mon Sep 17 00:00:00 2001
5	From: Tom Cosgrove <tom.cosgrove@arm.com>
6	Date: Tue, 2 Nov 2021 15:26:21 +0000
7	Subject: [PATCH] Fix builds on Armv8 systems without AArch64
8
9	This fixes "undefined reference to `aes_gcm_dec_128_kernel' in function
10	`armv8_aes_gcm_decrypt'" and similar
11
12	Fixes #16949
13	---
14	include/crypto/aes_platform.h \| 2 +-
15	1 file changed, 1 insertion(+), 1 deletion(-)
16
17	diff --git a/include/crypto/aes_platform.h b/include/crypto/aes_platform.h
18	index 015c3bd4ab91..e95ad5aa5de6 100644
19	--- a/include/crypto/aes_platform.h
20	+++ b/include/crypto/aes_platform.h
21	@@ -100,7 +100,7 @@ void AES_xts_decrypt(const unsigned char inp, unsigned char out, size_t len,
22	# define AES_PMULL_CAPABLE ((OPENSSL_armcap_P & ARMV8_PMULL) && (OPENSSL_armcap_P & ARMV8_AES))
23	# define AES_GCM_ENC_BYTES 512
24	# define AES_GCM_DEC_BYTES 512
25	-# if __ARM_MAX_ARCH__>=8
26	+# if __ARM_MAX_ARCH__>=8 && defined(__aarch64__)
27	# define AES_gcm_encrypt armv8_aes_gcm_encrypt
28	# define AES_gcm_decrypt armv8_aes_gcm_decrypt
29	# define AES_GCM_ASM(gctx) ((gctx)->ctr==aes_v8_ctr32_encrypt_blocks && \


diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.0.bb b/meta/recipes-connectivity/openssl/openssl_3.0.1.bb index da73ed6bc3..162435480c 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.0.0.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.0.1.bb
@@ -12,15 +12,13 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
12	file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \	12	file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \
13	file://afalg.patch \	13	file://afalg.patch \
14	file://0001-Configure-do-not-tweak-mips-cflags.patch \	14	file://0001-Configure-do-not-tweak-mips-cflags.patch \
15	file://armv8-32bit.patch \
16	file://0001-Fix-EVP_PKEY_CTX_get_rsa_pss_saltlen-no.patch \
17	"	15	"
18		16
19	SRC_URI:append:class-nativesdk = " \	17	SRC_URI:append:class-nativesdk = " \
20	file://environment.d-openssl.sh \	18	file://environment.d-openssl.sh \
21	"	19	"
22		20
23	SRC_URI[sha256sum] = "59eedfcb46c25214c9bd37ed6078297b4df01d012267fe9e9eee31f61bc70536"	21	SRC_URI[sha256sum] = "c311ad853353bce796edad01a862c50a8a587f62e7e2100ef465ab53ec9b06d1"
24		22
25	inherit lib_package multilib_header multilib_script ptest perlnative	23	inherit lib_package multilib_header multilib_script ptest perlnative
26	MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"	24	MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
@@ -194,21 +192,21 @@ do_install_ptest () {
194	install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps	192	install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps
195		193
196	install -d ${D}${PTEST_PATH}/engines	194	install -d ${D}${PTEST_PATH}/engines
197	install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines	195	install -m755 ${B}/engines/dasync.so ${D}${PTEST_PATH}/engines
198	install -m755 ${B}/engines/loader_attic.so ${D}${PTEST_PATH}/engines	196	install -m755 ${B}/engines/loader_attic.so ${D}${PTEST_PATH}/engines
		197	install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines
199		198
200	install -d ${D}${PTEST_PATH}/providers	199	install -d ${D}${PTEST_PATH}/providers
201	install -m755 ${B}/providers/legacy.so ${D}${PTEST_PATH}/providers	200	install -m755 ${B}/providers/legacy.so ${D}${PTEST_PATH}/providers
202		201
203	install -d ${D}${PTEST_PATH}/Configurations	202	install -d ${D}${PTEST_PATH}/Configurations
204	cp -rf ${S}/Configurations/* ${D}${PTEST_PATH}/Configurations/	203	cp -rf ${S}/Configurations/* ${D}${PTEST_PATH}/Configurations/
205		204
206	# seems to be needed with perl 5.32.1	205	# seems to be needed with perl 5.32.1
207	install -d ${D}${PTEST_PATH}/util/perl/recipes	206	install -d ${D}${PTEST_PATH}/util/perl/recipes
208	cp ${D}${PTEST_PATH}/test/recipes/tconversion.pl ${D}${PTEST_PATH}/util/perl/recipes/	207	cp ${D}${PTEST_PATH}/test/recipes/tconversion.pl ${D}${PTEST_PATH}/util/perl/recipes/
209		208
210	sed 's\|${S}\|${PTEST_PATH}\|g' -i ${D}${PTEST_PATH}/util/wrap.pl	209	sed 's\|${S}\|${PTEST_PATH}\|g' -i ${D}${PTEST_PATH}/util/wrap.pl
211
212	}	210	}
213		211
214	# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto	212	# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto
@@ -234,7 +232,7 @@ CONFFILES:openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
234		232
235	RRECOMMENDS:libcrypto += "openssl-conf"	233	RRECOMMENDS:libcrypto += "openssl-conf"
236	RDEPENDS:${PN}-misc = "perl"	234	RDEPENDS:${PN}-misc = "perl"
237	RDEPENDS:${PN}-ptest += "openssl-bin perl perl-modules bash"	235	RDEPENDS:${PN}-ptest += "openssl-bin perl perl-modules bash sed"
238		236
239	RDEPENDS:${PN}-bin += "openssl-conf"	237	RDEPENDS:${PN}-bin += "openssl-conf"
240		238