summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/openssl/openssl
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-connectivity/openssl/openssl')
-rw-r--r--meta/recipes-connectivity/openssl/openssl/0001-Added-handshake-history-reporting-when-test-fails.patch374
-rw-r--r--meta/recipes-connectivity/openssl/openssl/0001-Configure-do-not-tweak-mips-cflags.patch39
-rw-r--r--meta/recipes-connectivity/openssl/openssl/0001-Implement-riscv_vlen_asm-for-riscv32.patch43
-rw-r--r--meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch42
-rw-r--r--meta/recipes-connectivity/openssl/openssl/0001-skip-test_symbol_presence.patch46
-rw-r--r--meta/recipes-connectivity/openssl/openssl/0003-Add-support-for-io_pgetevents_time64-syscall.patch62
-rw-r--r--meta/recipes-connectivity/openssl/openssl/0004-Fixup-support-for-io_pgetevents_time64-syscall.patch99
-rw-r--r--meta/recipes-connectivity/openssl/openssl/afalg.patch31
-rw-r--r--meta/recipes-connectivity/openssl/openssl/reproducible.patch32
-rw-r--r--meta/recipes-connectivity/openssl/openssl/run-ptest2
10 files changed, 479 insertions, 291 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/0001-Added-handshake-history-reporting-when-test-fails.patch b/meta/recipes-connectivity/openssl/openssl/0001-Added-handshake-history-reporting-when-test-fails.patch
new file mode 100644
index 0000000000..aa2e5bb800
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/0001-Added-handshake-history-reporting-when-test-fails.patch
@@ -0,0 +1,374 @@
1From 5ba65051fea0513db0d997f0ab7cafb9826ed74a Mon Sep 17 00:00:00 2001
2From: William Lyu <William.Lyu@windriver.com>
3Date: Fri, 20 Oct 2023 16:22:37 -0400
4Subject: [PATCH] Added handshake history reporting when test fails
5
6Upstream-Status: Submitted [https://github.com/openssl/openssl/pull/22481]
7
8Signed-off-by: William Lyu <William.Lyu@windriver.com>
9---
10 test/helpers/handshake.c | 139 +++++++++++++++++++++++++++++----------
11 test/helpers/handshake.h | 70 +++++++++++++++++++-
12 test/ssl_test.c | 44 +++++++++++++
13 3 files changed, 218 insertions(+), 35 deletions(-)
14
15diff --git a/test/helpers/handshake.c b/test/helpers/handshake.c
16index e0422469e4..ae2ad59dd4 100644
17--- a/test/helpers/handshake.c
18+++ b/test/helpers/handshake.c
19@@ -1,5 +1,5 @@
20 /*
21- * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
22+ * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
23 *
24 * Licensed under the Apache License 2.0 (the "License"). You may not use
25 * this file except in compliance with the License. You can obtain a copy
26@@ -24,6 +24,102 @@
27 #include <netinet/sctp.h>
28 #endif
29
30+/* Shamelessly copied from test/helpers/ssl_test_ctx.c */
31+/* Maps string names to various enumeration type */
32+typedef struct {
33+ const char *name;
34+ int value;
35+} enum_name_map;
36+
37+static const enum_name_map connect_phase_names[] = {
38+ {"Handshake", HANDSHAKE},
39+ {"RenegAppData", RENEG_APPLICATION_DATA},
40+ {"RenegSetup", RENEG_SETUP},
41+ {"RenegHandshake", RENEG_HANDSHAKE},
42+ {"AppData", APPLICATION_DATA},
43+ {"Shutdown", SHUTDOWN},
44+ {"ConnectionDone", CONNECTION_DONE}
45+};
46+
47+static const enum_name_map peer_status_names[] = {
48+ {"PeerSuccess", PEER_SUCCESS},
49+ {"PeerRetry", PEER_RETRY},
50+ {"PeerError", PEER_ERROR},
51+ {"PeerWaiting", PEER_WAITING},
52+ {"PeerTestFail", PEER_TEST_FAILURE}
53+};
54+
55+static const enum_name_map handshake_status_names[] = {
56+ {"HandshakeSuccess", HANDSHAKE_SUCCESS},
57+ {"ClientError", CLIENT_ERROR},
58+ {"ServerError", SERVER_ERROR},
59+ {"InternalError", INTERNAL_ERROR},
60+ {"HandshakeRetry", HANDSHAKE_RETRY}
61+};
62+
63+/* Shamelessly copied from test/helpers/ssl_test_ctx.c */
64+static const char *enum_name(const enum_name_map *enums, size_t num_enums,
65+ int value)
66+{
67+ size_t i;
68+ for (i = 0; i < num_enums; i++) {
69+ if (enums[i].value == value) {
70+ return enums[i].name;
71+ }
72+ }
73+ return "InvalidValue";
74+}
75+
76+const char *handshake_connect_phase_name(connect_phase_t phase)
77+{
78+ return enum_name(connect_phase_names, OSSL_NELEM(connect_phase_names),
79+ (int)phase);
80+}
81+
82+const char *handshake_status_name(handshake_status_t handshake_status)
83+{
84+ return enum_name(handshake_status_names, OSSL_NELEM(handshake_status_names),
85+ (int)handshake_status);
86+}
87+
88+const char *handshake_peer_status_name(peer_status_t peer_status)
89+{
90+ return enum_name(peer_status_names, OSSL_NELEM(peer_status_names),
91+ (int)peer_status);
92+}
93+
94+static void save_loop_history(HANDSHAKE_HISTORY *history,
95+ connect_phase_t phase,
96+ handshake_status_t handshake_status,
97+ peer_status_t server_status,
98+ peer_status_t client_status,
99+ int client_turn_count,
100+ int is_client_turn)
101+{
102+ HANDSHAKE_HISTORY_ENTRY *new_entry = NULL;
103+
104+ /*
105+ * Create a new history entry for a handshake loop with statuses given in
106+ * the arguments. Potentially evicting the oldest entry when the
107+ * ring buffer is full.
108+ */
109+ ++(history->last_idx);
110+ history->last_idx &= MAX_HANDSHAKE_HISTORY_ENTRY_IDX_MASK;
111+
112+ new_entry = &((history->entries)[history->last_idx]);
113+ new_entry->phase = phase;
114+ new_entry->handshake_status = handshake_status;
115+ new_entry->server_status = server_status;
116+ new_entry->client_status = client_status;
117+ new_entry->client_turn_count = client_turn_count;
118+ new_entry->is_client_turn = is_client_turn;
119+
120+ /* Evict the oldest handshake loop entry when the ring buffer is full. */
121+ if (history->entry_count < MAX_HANDSHAKE_HISTORY_ENTRY) {
122+ ++(history->entry_count);
123+ }
124+}
125+
126 HANDSHAKE_RESULT *HANDSHAKE_RESULT_new(void)
127 {
128 HANDSHAKE_RESULT *ret;
129@@ -719,15 +815,6 @@ static void configure_handshake_ssl(SSL *server, SSL *client,
130 SSL_set_post_handshake_auth(client, 1);
131 }
132
133-/* The status for each connection phase. */
134-typedef enum {
135- PEER_SUCCESS,
136- PEER_RETRY,
137- PEER_ERROR,
138- PEER_WAITING,
139- PEER_TEST_FAILURE
140-} peer_status_t;
141-
142 /* An SSL object and associated read-write buffers. */
143 typedef struct peer_st {
144 SSL *ssl;
145@@ -1074,17 +1161,6 @@ static void do_shutdown_step(PEER *peer)
146 }
147 }
148
149-typedef enum {
150- HANDSHAKE,
151- RENEG_APPLICATION_DATA,
152- RENEG_SETUP,
153- RENEG_HANDSHAKE,
154- APPLICATION_DATA,
155- SHUTDOWN,
156- CONNECTION_DONE
157-} connect_phase_t;
158-
159-
160 static int renegotiate_op(const SSL_TEST_CTX *test_ctx)
161 {
162 switch (test_ctx->handshake_mode) {
163@@ -1162,19 +1238,6 @@ static void do_connect_step(const SSL_TEST_CTX *test_ctx, PEER *peer,
164 }
165 }
166
167-typedef enum {
168- /* Both parties succeeded. */
169- HANDSHAKE_SUCCESS,
170- /* Client errored. */
171- CLIENT_ERROR,
172- /* Server errored. */
173- SERVER_ERROR,
174- /* Peers are in inconsistent state. */
175- INTERNAL_ERROR,
176- /* One or both peers not done. */
177- HANDSHAKE_RETRY
178-} handshake_status_t;
179-
180 /*
181 * Determine the handshake outcome.
182 * last_status: the status of the peer to have acted last.
183@@ -1539,6 +1602,10 @@ static HANDSHAKE_RESULT *do_handshake_internal(
184
185 start = time(NULL);
186
187+ save_loop_history(&(ret->history),
188+ phase, status, server.status, client.status,
189+ client_turn_count, client_turn);
190+
191 /*
192 * Half-duplex handshake loop.
193 * Client and server speak to each other synchronously in the same process.
194@@ -1560,6 +1627,10 @@ static HANDSHAKE_RESULT *do_handshake_internal(
195 0 /* server went last */);
196 }
197
198+ save_loop_history(&(ret->history),
199+ phase, status, server.status, client.status,
200+ client_turn_count, client_turn);
201+
202 switch (status) {
203 case HANDSHAKE_SUCCESS:
204 client_turn_count = 0;
205diff --git a/test/helpers/handshake.h b/test/helpers/handshake.h
206index 78b03f9f4b..b9967c2623 100644
207--- a/test/helpers/handshake.h
208+++ b/test/helpers/handshake.h
209@@ -1,5 +1,5 @@
210 /*
211- * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
212+ * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
213 *
214 * Licensed under the Apache License 2.0 (the "License"). You may not use
215 * this file except in compliance with the License. You can obtain a copy
216@@ -12,6 +12,11 @@
217
218 #include "ssl_test_ctx.h"
219
220+#define MAX_HANDSHAKE_HISTORY_ENTRY_BIT 4
221+#define MAX_HANDSHAKE_HISTORY_ENTRY (1 << MAX_HANDSHAKE_HISTORY_ENTRY_BIT)
222+#define MAX_HANDSHAKE_HISTORY_ENTRY_IDX_MASK \
223+ ((1 << MAX_HANDSHAKE_HISTORY_ENTRY_BIT) - 1)
224+
225 typedef struct ctx_data_st {
226 unsigned char *npn_protocols;
227 size_t npn_protocols_len;
228@@ -22,6 +27,63 @@ typedef struct ctx_data_st {
229 char *session_ticket_app_data;
230 } CTX_DATA;
231
232+typedef enum {
233+ HANDSHAKE,
234+ RENEG_APPLICATION_DATA,
235+ RENEG_SETUP,
236+ RENEG_HANDSHAKE,
237+ APPLICATION_DATA,
238+ SHUTDOWN,
239+ CONNECTION_DONE
240+} connect_phase_t;
241+
242+/* The status for each connection phase. */
243+typedef enum {
244+ PEER_SUCCESS,
245+ PEER_RETRY,
246+ PEER_ERROR,
247+ PEER_WAITING,
248+ PEER_TEST_FAILURE
249+} peer_status_t;
250+
251+typedef enum {
252+ /* Both parties succeeded. */
253+ HANDSHAKE_SUCCESS,
254+ /* Client errored. */
255+ CLIENT_ERROR,
256+ /* Server errored. */
257+ SERVER_ERROR,
258+ /* Peers are in inconsistent state. */
259+ INTERNAL_ERROR,
260+ /* One or both peers not done. */
261+ HANDSHAKE_RETRY
262+} handshake_status_t;
263+
264+/* Stores the various status information in a handshake loop. */
265+typedef struct handshake_history_entry_st {
266+ connect_phase_t phase;
267+ handshake_status_t handshake_status;
268+ peer_status_t server_status;
269+ peer_status_t client_status;
270+ int client_turn_count;
271+ int is_client_turn;
272+} HANDSHAKE_HISTORY_ENTRY;
273+
274+typedef struct handshake_history_st {
275+ /* Implemented using ring buffer. */
276+ /*
277+ * The valid entries are |entries[last_idx]|, |entries[last_idx-1]|,
278+ * ..., etc., going up to |entry_count| number of entries. Note that when
279+ * the index into the array |entries| becomes < 0, we wrap around to
280+ * the end of |entries|.
281+ */
282+ HANDSHAKE_HISTORY_ENTRY entries[MAX_HANDSHAKE_HISTORY_ENTRY];
283+ /* The number of valid entries in |entries| array. */
284+ size_t entry_count;
285+ /* The index of the last valid entry in the |entries| array. */
286+ size_t last_idx;
287+} HANDSHAKE_HISTORY;
288+
289 typedef struct handshake_result {
290 ssl_test_result_t result;
291 /* These alerts are in the 2-byte format returned by the info_callback. */
292@@ -77,6 +139,8 @@ typedef struct handshake_result {
293 char *cipher;
294 /* session ticket application data */
295 char *result_session_ticket_app_data;
296+ /* handshake loop history */
297+ HANDSHAKE_HISTORY history;
298 } HANDSHAKE_RESULT;
299
300 HANDSHAKE_RESULT *HANDSHAKE_RESULT_new(void);
301@@ -95,4 +159,8 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
302 CTX_DATA *server2_ctx_data,
303 CTX_DATA *client_ctx_data);
304
305+const char *handshake_connect_phase_name(connect_phase_t phase);
306+const char *handshake_status_name(handshake_status_t handshake_status);
307+const char *handshake_peer_status_name(peer_status_t peer_status);
308+
309 #endif /* OSSL_TEST_HANDSHAKE_HELPER_H */
310diff --git a/test/ssl_test.c b/test/ssl_test.c
311index ea608518f9..9d6b093c81 100644
312--- a/test/ssl_test.c
313+++ b/test/ssl_test.c
314@@ -26,6 +26,44 @@ static OSSL_LIB_CTX *libctx = NULL;
315 /* Currently the section names are of the form test-<number>, e.g. test-15. */
316 #define MAX_TESTCASE_NAME_LENGTH 100
317
318+static void print_handshake_history(const HANDSHAKE_HISTORY *history)
319+{
320+ size_t first_idx;
321+ size_t i;
322+ size_t cur_idx;
323+ const HANDSHAKE_HISTORY_ENTRY *cur_entry;
324+ const char header_template[] = "|%14s|%16s|%16s|%16s|%17s|%14s|";
325+ const char body_template[] = "|%14s|%16s|%16s|%16s|%17d|%14s|";
326+
327+ TEST_info("The following is the server/client state "
328+ "in the most recent %d handshake loops.",
329+ MAX_HANDSHAKE_HISTORY_ENTRY);
330+
331+ TEST_note("=================================================="
332+ "==================================================");
333+ TEST_note(header_template,
334+ "phase", "handshake status", "server status",
335+ "client status", "client turn count", "is client turn");
336+ TEST_note("+--------------+----------------+----------------"
337+ "+----------------+-----------------+--------------+");
338+
339+ first_idx = (history->last_idx - history->entry_count + 1) &
340+ MAX_HANDSHAKE_HISTORY_ENTRY_IDX_MASK;
341+ for (i = 0; i < history->entry_count; ++i) {
342+ cur_idx = (first_idx + i) & MAX_HANDSHAKE_HISTORY_ENTRY_IDX_MASK;
343+ cur_entry = &(history->entries)[cur_idx];
344+ TEST_note(body_template,
345+ handshake_connect_phase_name(cur_entry->phase),
346+ handshake_status_name(cur_entry->handshake_status),
347+ handshake_peer_status_name(cur_entry->server_status),
348+ handshake_peer_status_name(cur_entry->client_status),
349+ cur_entry->client_turn_count,
350+ cur_entry->is_client_turn ? "true" : "false");
351+ }
352+ TEST_note("=================================================="
353+ "==================================================");
354+}
355+
356 static const char *print_alert(int alert)
357 {
358 return alert ? SSL_alert_desc_string_long(alert) : "no alert";
359@@ -388,6 +426,12 @@ static int check_test(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
360 ret &= check_client_sign_type(result, test_ctx);
361 ret &= check_client_ca_names(result, test_ctx);
362 }
363+
364+ /* Print handshake loop history if any check fails. */
365+ if (!ret) {
366+ print_handshake_history(&(result->history));
367+ }
368+
369 return ret;
370 }
371
372--
3732.25.1
374
diff --git a/meta/recipes-connectivity/openssl/openssl/0001-Configure-do-not-tweak-mips-cflags.patch b/meta/recipes-connectivity/openssl/openssl/0001-Configure-do-not-tweak-mips-cflags.patch
new file mode 100644
index 0000000000..502a7aaf32
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/0001-Configure-do-not-tweak-mips-cflags.patch
@@ -0,0 +1,39 @@
1From 0377f0d5b5c1079e3b9a80881f4dcc891cbe9f9a Mon Sep 17 00:00:00 2001
2From: Alexander Kanavin <alex@linutronix.de>
3Date: Tue, 30 May 2023 09:11:27 -0700
4Subject: [PATCH] Configure: do not tweak mips cflags
5
6This conflicts with mips machine definitons from yocto,
7e.g.
8| Error: -mips3 conflicts with the other architecture options, which imply -mips64r2
9
10Upstream-Status: Inappropriate [oe-core specific]
11Signed-off-by: Alexander Kanavin <alex@linutronix.de>
12
13Refreshed for openssl-3.1.1
14Signed-off-by: Tim Orling <tim.orling@konsulko.com>
15---
16 Configure | 10 ----------
17 1 file changed, 10 deletions(-)
18
19diff --git a/Configure b/Configure
20index 4569952..adf019b 100755
21--- a/Configure
22+++ b/Configure
23@@ -1422,16 +1422,6 @@ if ($target =~ /^mingw/ && `$config{CC} --target-help 2>&1` =~ m/-mno-cygwin/m)
24 push @{$config{shared_ldflag}}, "-mno-cygwin";
25 }
26
27-if ($target =~ /linux.*-mips/ && !$disabled{asm}
28- && !grep { $_ =~ /-m(ips|arch=)/ } (@{$config{CFLAGS}})) {
29- # minimally required architecture flags for assembly modules
30- my $value;
31- $value = '-mips2' if ($target =~ /mips32/);
32- $value = '-mips3' if ($target =~ /mips64/);
33- unshift @{$config{cflags}}, $value;
34- unshift @{$config{cxxflags}}, $value if $config{CXX};
35-}
36-
37 # If threads aren't disabled, check how possible they are
38 unless ($disabled{threads}) {
39 if ($auto_threads) {
diff --git a/meta/recipes-connectivity/openssl/openssl/0001-Implement-riscv_vlen_asm-for-riscv32.patch b/meta/recipes-connectivity/openssl/openssl/0001-Implement-riscv_vlen_asm-for-riscv32.patch
new file mode 100644
index 0000000000..e398d1074a
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/0001-Implement-riscv_vlen_asm-for-riscv32.patch
@@ -0,0 +1,43 @@
1From 725b1530456545e8511adc9cbdd265309dffad53 Mon Sep 17 00:00:00 2001
2From: Hongren Zheng <i@zenithal.me>
3Date: Fri, 26 Apr 2024 06:03:43 +0000
4Subject: [PATCH] Implement riscv_vlen_asm for riscv32
5
6riscvcap.c: undefined reference to 'riscv_vlen_asm'
7
8Upstream-Status: Backport [https://github.com/openssl/openssl/pull/24270]
9Signed-off-by: Khem Raj <raj.khem@gmail.com>
10---
11 crypto/riscv32cpuid.pl | 17 +++++++++++++++++
12 1 file changed, 17 insertions(+)
13
14diff --git a/crypto/riscv32cpuid.pl b/crypto/riscv32cpuid.pl
15index 20694e7..ac1c043 100644
16--- a/crypto/riscv32cpuid.pl
17+++ b/crypto/riscv32cpuid.pl
18@@ -84,5 +84,22 @@ OPENSSL_cleanse:
19 ___
20 }
21
22+{
23+my ($ret) = ('a0');
24+$code .= <<___;
25+################################################################################
26+# size_t riscv_vlen_asm(void)
27+# Return VLEN (i.e. the length of a vector register in bits).
28+.p2align 3
29+.globl riscv_vlen_asm
30+.type riscv_vlen_asm,\@function
31+riscv_vlen_asm:
32+ csrr $ret, vlenb
33+ slli $ret, $ret, 3
34+ ret
35+.size riscv_vlen_asm,.-riscv_vlen_asm
36+___
37+}
38+
39 print $code;
40 close STDOUT or die "error closing STDOUT: $!";
41--
422.45.0
43
diff --git a/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch b/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch
index 949c788344..bafdbaa46f 100644
--- a/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch
+++ b/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch
@@ -1,4 +1,4 @@
1From 3e1d00481093e10775eaf69d619c45b32a4aa7dc Mon Sep 17 00:00:00 2001 1From 5985253f2c9025d7c127443a3a9938946f80c2a1 Mon Sep 17 00:00:00 2001
2From: =?UTF-8?q?Martin=20Hundeb=C3=B8ll?= <martin@geanix.com> 2From: =?UTF-8?q?Martin=20Hundeb=C3=B8ll?= <martin@geanix.com>
3Date: Tue, 6 Nov 2018 14:50:47 +0100 3Date: Tue, 6 Nov 2018 14:50:47 +0100
4Subject: [PATCH] buildinfo: strip sysroot and debug-prefix-map from compiler 4Subject: [PATCH] buildinfo: strip sysroot and debug-prefix-map from compiler
@@ -21,20 +21,24 @@ https://patchwork.openembedded.org/patch/147229/
21Upstream-Status: Inappropriate [OE specific] 21Upstream-Status: Inappropriate [OE specific]
22Signed-off-by: Martin Hundebøll <martin@geanix.com> 22Signed-off-by: Martin Hundebøll <martin@geanix.com>
23 23
24
25Update to fix buildpaths qa issue for '-fmacro-prefix-map'. 24Update to fix buildpaths qa issue for '-fmacro-prefix-map'.
26 25
27Signed-off-by: Kai Kang <kai.kang@windriver.com> 26Signed-off-by: Kai Kang <kai.kang@windriver.com>
27
28Update to fix buildpaths qa issue for '-ffile-prefix-map'.
29
30Signed-off-by: Khem Raj <raj.khem@gmail.com>
31
28--- 32---
29 Configurations/unix-Makefile.tmpl | 10 +++++++++- 33 Configurations/unix-Makefile.tmpl | 12 +++++++++++-
30 crypto/build.info | 2 +- 34 crypto/build.info | 2 +-
31 2 files changed, 10 insertions(+), 2 deletions(-) 35 2 files changed, 12 insertions(+), 2 deletions(-)
32 36
33diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl 37Index: openssl-3.0.4/Configurations/unix-Makefile.tmpl
34index 16af4d2087..54c162784c 100644 38===================================================================
35--- a/Configurations/unix-Makefile.tmpl 39--- openssl-3.0.4.orig/Configurations/unix-Makefile.tmpl
36+++ b/Configurations/unix-Makefile.tmpl 40+++ openssl-3.0.4/Configurations/unix-Makefile.tmpl
37@@ -317,13 +317,22 @@ BIN_LDFLAGS={- join(' ', $target{bin_lflags} || (), 41@@ -472,13 +472,23 @@ BIN_LDFLAGS={- join(' ', $target{bin_lfl
38 '$(CNF_LDFLAGS)', '$(LDFLAGS)') -} 42 '$(CNF_LDFLAGS)', '$(LDFLAGS)') -}
39 BIN_EX_LIBS=$(CNF_EX_LIBS) $(EX_LIBS) 43 BIN_EX_LIBS=$(CNF_EX_LIBS) $(EX_LIBS)
40 44
@@ -49,6 +53,7 @@ index 16af4d2087..54c162784c 100644
49+CFLAGS_Q={- for (@{$config{CFLAGS}}) { 53+CFLAGS_Q={- for (@{$config{CFLAGS}}) {
50+ s|-fdebug-prefix-map=[^ ]+|-fdebug-prefix-map=|g; 54+ s|-fdebug-prefix-map=[^ ]+|-fdebug-prefix-map=|g;
51+ s|-fmacro-prefix-map=[^ ]+|-fmacro-prefix-map=|g; 55+ s|-fmacro-prefix-map=[^ ]+|-fmacro-prefix-map=|g;
56+ s|-ffile-prefix-map=[^ ]+|-ffile-prefix-map=|g;
52+ } 57+ }
53+ join(' ', @{$config{CFLAGS}}) -} 58+ join(' ', @{$config{CFLAGS}}) -}
54+ 59+
@@ -58,19 +63,16 @@ index 16af4d2087..54c162784c 100644
58 PERLASM_SCHEME= {- $target{perlasm_scheme} -} 63 PERLASM_SCHEME= {- $target{perlasm_scheme} -}
59 64
60 # For x86 assembler: Set PROCESSOR to 386 if you want to support 65 # For x86 assembler: Set PROCESSOR to 386 if you want to support
61diff --git a/crypto/build.info b/crypto/build.info 66Index: openssl-3.0.4/crypto/build.info
62index b515b7318e..8c9cee2a09 100644 67===================================================================
63--- a/crypto/build.info 68--- openssl-3.0.4.orig/crypto/build.info
64+++ b/crypto/build.info 69+++ openssl-3.0.4/crypto/build.info
65@@ -10,7 +10,7 @@ EXTRA= ../ms/uplink-x86.pl ../ms/uplink.c ../ms/applink.c \ 70@@ -109,7 +109,7 @@ DEFINE[../libcrypto]=$UPLINKDEF
66 ppccpuid.pl pariscid.pl alphacpuid.pl arm64cpuid.pl armv4cpuid.pl
67 71
72 DEPEND[info.o]=buildinf.h
68 DEPEND[cversion.o]=buildinf.h 73 DEPEND[cversion.o]=buildinf.h
69-GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC) $(LIB_CFLAGS) $(CPPFLAGS_Q)" "$(PLATFORM)" 74-GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC) $(LIB_CFLAGS) $(CPPFLAGS_Q)" "$(PLATFORM)"
70+GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC_Q) $(CFLAGS_Q) $(CPPFLAGS_Q)" "$(PLATFORM)" 75+GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC_Q) $(CFLAGS_Q) $(CPPFLAGS_Q)" "$(PLATFORM)"
71 DEPEND[buildinf.h]=../configdata.pm
72 76
73 GENERATE[uplink-x86.s]=../ms/uplink-x86.pl $(PERLASM_SCHEME) 77 GENERATE[uplink-x86.S]=../ms/uplink-x86.pl
74-- 78 GENERATE[uplink-x86_64.s]=../ms/uplink-x86_64.pl
752.19.1
76
diff --git a/meta/recipes-connectivity/openssl/openssl/0001-skip-test_symbol_presence.patch b/meta/recipes-connectivity/openssl/openssl/0001-skip-test_symbol_presence.patch
deleted file mode 100644
index d8d9651b64..0000000000
--- a/meta/recipes-connectivity/openssl/openssl/0001-skip-test_symbol_presence.patch
+++ /dev/null
@@ -1,46 +0,0 @@
1From a9401b2289656c5a36dd1b0ecebf0d23e291ce70 Mon Sep 17 00:00:00 2001
2From: Hongxu Jia <hongxu.jia@windriver.com>
3Date: Tue, 2 Oct 2018 23:58:24 +0800
4Subject: [PATCH] skip test_symbol_presence
5
6We cannot skip `01-test_symbol_presence.t' by configuring option `no-shared'
7as INSTALL told us the shared libraries will not be built.
8
9[INSTALL snip]
10 Notes on shared libraries
11 -------------------------
12
13 For most systems the OpenSSL Configure script knows what is needed to
14 build shared libraries for libcrypto and libssl. On these systems
15 the shared libraries will be created by default. This can be suppressed and
16 only static libraries created by using the "no-shared" option. On systems
17 where OpenSSL does not know how to build shared libraries the "no-shared"
18 option will be forced and only static libraries will be created.
19[INSTALL snip]
20
21Hence directly modification the case to skip it.
22
23Upstream-Status: Inappropriate [OE Specific]
24
25Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
26---
27 test/recipes/01-test_symbol_presence.t | 3 +--
28 1 file changed, 1 insertion(+), 2 deletions(-)
29
30diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t
31index 7f2a2d7..0b93745 100644
32--- a/test/recipes/01-test_symbol_presence.t
33+++ b/test/recipes/01-test_symbol_presence.t
34@@ -14,8 +14,7 @@ use OpenSSL::Test::Utils;
35
36 setup("test_symbol_presence");
37
38-plan skip_all => "Only useful when building shared libraries"
39- if disabled("shared");
40+plan skip_all => "The case needs debug symbols then we just disable it";
41
42 my @libnames = ("crypto", "ssl");
43 my $testcount = scalar @libnames;
44--
452.7.4
46
diff --git a/meta/recipes-connectivity/openssl/openssl/0003-Add-support-for-io_pgetevents_time64-syscall.patch b/meta/recipes-connectivity/openssl/openssl/0003-Add-support-for-io_pgetevents_time64-syscall.patch
deleted file mode 100644
index d62b9344c1..0000000000
--- a/meta/recipes-connectivity/openssl/openssl/0003-Add-support-for-io_pgetevents_time64-syscall.patch
+++ /dev/null
@@ -1,62 +0,0 @@
1From 5b5e2985f355c8e99c196d9ce5d02c15bebadfbc Mon Sep 17 00:00:00 2001
2From: Alistair Francis <alistair.francis@wdc.com>
3Date: Thu, 29 Aug 2019 13:56:21 -0700
4Subject: [PATCH] Add support for io_pgetevents_time64 syscall
5
632-bit architectures that are y2038 safe don't include syscalls that use
732-bit time_t. Instead these architectures have suffixed syscalls that
8always use a 64-bit time_t. In the case of the io_getevents syscall the
9syscall has been replaced with the io_pgetevents_time64 syscall instead.
10
11This patch changes the io_getevents() function to use the correct
12syscall based on the avaliable syscalls and the time_t size. We will
13only use the new 64-bit time_t syscall if the architecture is using a
1464-bit time_t. This is to avoid having to deal with 32/64-bit
15conversions and relying on a 64-bit timespec struct on 32-bit time_t
16platforms. As of Linux 5.3 there are no 32-bit time_t architectures
17without __NR_io_getevents. In the future if a 32-bit time_t architecture
18wants to use the 64-bit syscalls we can handle the conversion.
19
20This fixes build failures on 32-bit RISC-V.
21
22Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
23
24Reviewed-by: Richard Levitte <levitte@openssl.org>
25Reviewed-by: Paul Dale <paul.dale@oracle.com>
26(Merged from https://github.com/openssl/openssl/pull/9819)
27Upstream-Status: Accepted
28---
29 engines/e_afalg.c | 16 ++++++++++++++++
30 1 file changed, 16 insertions(+)
31
32diff --git a/engines/e_afalg.c b/engines/e_afalg.c
33index dacbe358cb..99516cb1bb 100644
34--- a/engines/e_afalg.c
35+++ b/engines/e_afalg.c
36@@ -125,7 +125,23 @@ static ossl_inline int io_getevents(aio_context_t ctx, long min, long max,
37 struct io_event *events,
38 struct timespec *timeout)
39 {
40+#if defined(__NR_io_getevents)
41 return syscall(__NR_io_getevents, ctx, min, max, events, timeout);
42+#elif defined(__NR_io_pgetevents_time64)
43+ /* Let's only support the 64 suffix syscalls for 64-bit time_t.
44+ * This simplifies the code for us as we don't need to use a 64-bit
45+ * version of timespec with a 32-bit time_t and handle converting
46+ * between 64-bit and 32-bit times and check for overflows.
47+ */
48+ if (sizeof(timeout->tv_sec) == 8)
49+ return syscall(__NR_io_pgetevents_time64, ctx, min, max, events, timeout, NULL);
50+ else {
51+ errno = ENOSYS;
52+ return -1;
53+ }
54+#else
55+# error "We require either the io_getevents syscall or __NR_io_pgetevents_time64."
56+#endif
57 }
58
59 static void afalg_waitfd_cleanup(ASYNC_WAIT_CTX *ctx, const void *key,
60--
612.30.1
62
diff --git a/meta/recipes-connectivity/openssl/openssl/0004-Fixup-support-for-io_pgetevents_time64-syscall.patch b/meta/recipes-connectivity/openssl/openssl/0004-Fixup-support-for-io_pgetevents_time64-syscall.patch
deleted file mode 100644
index c8bc6f5c68..0000000000
--- a/meta/recipes-connectivity/openssl/openssl/0004-Fixup-support-for-io_pgetevents_time64-syscall.patch
+++ /dev/null
@@ -1,99 +0,0 @@
1From e5499a3cac1e823c3e0697e8667e952317b70cc8 Mon Sep 17 00:00:00 2001
2From: Alistair Francis <alistair.francis@wdc.com>
3Date: Thu, 4 Mar 2021 12:10:11 -0500
4Subject: [PATCH] Fixup support for io_pgetevents_time64 syscall
5
6This is a fixup for the original commit 5b5e2985f355c8e99c196d9ce5d02c15bebadfbc
7"Add support for io_pgetevents_time64 syscall" that didn't correctly
8work for 32-bit architecutres with a 64-bit time_t that aren't RISC-V.
9
10For a full discussion of the issue see:
11https://github.com/openssl/openssl/commit/5b5e2985f355c8e99c196d9ce5d02c15bebadfbc
12
13Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
14
15Reviewed-by: Tomas Mraz <tomas@openssl.org>
16Reviewed-by: Paul Dale <pauli@openssl.org>
17(Merged from https://github.com/openssl/openssl/pull/14432)
18Upstream-Status: Accepted
19---
20 engines/e_afalg.c | 55 ++++++++++++++++++++++++++++++++++++-----------
21 1 file changed, 42 insertions(+), 13 deletions(-)
22
23diff --git a/engines/e_afalg.c b/engines/e_afalg.c
24index 9480d7c24b..4e9d67db2d 100644
25--- a/engines/e_afalg.c
26+++ b/engines/e_afalg.c
27@@ -124,27 +124,56 @@ static ossl_inline int io_read(aio_context_t ctx, long n, struct iocb **iocb)
28 return syscall(__NR_io_submit, ctx, n, iocb);
29 }
30
31+/* A version of 'struct timespec' with 32-bit time_t and nanoseconds. */
32+struct __timespec32
33+{
34+ __kernel_long_t tv_sec;
35+ __kernel_long_t tv_nsec;
36+};
37+
38 static ossl_inline int io_getevents(aio_context_t ctx, long min, long max,
39 struct io_event *events,
40 struct timespec *timeout)
41 {
42+#if defined(__NR_io_pgetevents_time64)
43+ /* Check if we are a 32-bit architecture with a 64-bit time_t */
44+ if (sizeof(*timeout) != sizeof(struct __timespec32)) {
45+ int ret = syscall(__NR_io_pgetevents_time64, ctx, min, max, events,
46+ timeout, NULL);
47+ if (ret == 0 || errno != ENOSYS)
48+ return ret;
49+ }
50+#endif
51+
52 #if defined(__NR_io_getevents)
53- return syscall(__NR_io_getevents, ctx, min, max, events, timeout);
54-#elif defined(__NR_io_pgetevents_time64)
55- /* Let's only support the 64 suffix syscalls for 64-bit time_t.
56- * This simplifies the code for us as we don't need to use a 64-bit
57- * version of timespec with a 32-bit time_t and handle converting
58- * between 64-bit and 32-bit times and check for overflows.
59- */
60- if (sizeof(timeout->tv_sec) == 8)
61- return syscall(__NR_io_pgetevents_time64, ctx, min, max, events, timeout, NULL);
62+ if (sizeof(*timeout) == sizeof(struct __timespec32))
63+ /*
64+ * time_t matches our architecture length, we can just use
65+ * __NR_io_getevents
66+ */
67+ return syscall(__NR_io_getevents, ctx, min, max, events, timeout);
68 else {
69- errno = ENOSYS;
70- return -1;
71+ /*
72+ * We don't have __NR_io_pgetevents_time64, but we are using a
73+ * 64-bit time_t on a 32-bit architecture. If we can fit the
74+ * timeout value in a 32-bit time_t, then let's do that
75+ * and then use the __NR_io_getevents syscall.
76+ */
77+ if (timeout && timeout->tv_sec == (long)timeout->tv_sec) {
78+ struct __timespec32 ts32;
79+
80+ ts32.tv_sec = (__kernel_long_t) timeout->tv_sec;
81+ ts32.tv_nsec = (__kernel_long_t) timeout->tv_nsec;
82+
83+ return syscall(__NR_io_getevents, ctx, min, max, events, ts32);
84+ } else {
85+ return syscall(__NR_io_getevents, ctx, min, max, events, NULL);
86+ }
87 }
88-#else
89-# error "We require either the io_getevents syscall or __NR_io_pgetevents_time64."
90 #endif
91+
92+ errno = ENOSYS;
93+ return -1;
94 }
95
96 static void afalg_waitfd_cleanup(ASYNC_WAIT_CTX *ctx, const void *key,
97--
982.30.1
99
diff --git a/meta/recipes-connectivity/openssl/openssl/afalg.patch b/meta/recipes-connectivity/openssl/openssl/afalg.patch
deleted file mode 100644
index b7c0e9697f..0000000000
--- a/meta/recipes-connectivity/openssl/openssl/afalg.patch
+++ /dev/null
@@ -1,31 +0,0 @@
1Don't refuse to build afalgeng if cross-compiling or the host kernel is too old.
2
3Upstream-Status: Submitted [hhttps://github.com/openssl/openssl/pull/7688]
4Signed-off-by: Ross Burton <ross.burton@intel.com>
5
6diff --git a/Configure b/Configure
7index 3baa8ce..9ef52ed 100755
8--- a/Configure
9+++ b/Configure
10@@ -1550,20 +1550,7 @@ unless ($disabled{"crypto-mdebug-backtrace"})
11 unless ($disabled{afalgeng}) {
12 $config{afalgeng}="";
13 if (grep { $_ eq 'afalgeng' } @{$target{enable}}) {
14- my $minver = 4*10000 + 1*100 + 0;
15- if ($config{CROSS_COMPILE} eq "") {
16- my $verstr = `uname -r`;
17- my ($ma, $mi1, $mi2) = split("\\.", $verstr);
18- ($mi2) = $mi2 =~ /(\d+)/;
19- my $ver = $ma*10000 + $mi1*100 + $mi2;
20- if ($ver < $minver) {
21- disable('too-old-kernel', 'afalgeng');
22- } else {
23- push @{$config{engdirs}}, "afalg";
24- }
25- } else {
26- disable('cross-compiling', 'afalgeng');
27- }
28+ push @{$config{engdirs}}, "afalg";
29 } else {
30 disable('not-linux', 'afalgeng');
31 }
diff --git a/meta/recipes-connectivity/openssl/openssl/reproducible.patch b/meta/recipes-connectivity/openssl/openssl/reproducible.patch
deleted file mode 100644
index a24260c95d..0000000000
--- a/meta/recipes-connectivity/openssl/openssl/reproducible.patch
+++ /dev/null
@@ -1,32 +0,0 @@
1The value for perl_archname can vary depending on the host, e.g.
2x86_64-linux-gnu-thread-multi or x86_64-linux-thread-multi which
3makes the ptest package non-reproducible. Its unused other than
4these references so drop it.
5
6RP 2020/2/6
7
8Upstream-Status: Pending
9Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
10
11Index: openssl-1.1.1d/Configure
12===================================================================
13--- openssl-1.1.1d.orig/Configure
14+++ openssl-1.1.1d/Configure
15@@ -286,7 +286,7 @@ if (defined env($local_config_envname))
16 # Save away perl command information
17 $config{perl_cmd} = $^X;
18 $config{perl_version} = $Config{version};
19-$config{perl_archname} = $Config{archname};
20+#$config{perl_archname} = $Config{archname};
21
22 $config{prefix}="";
23 $config{openssldir}="";
24@@ -2517,7 +2517,7 @@ _____
25 @{$config{perlargv}}), "\n";
26 print "\nPerl information:\n\n";
27 print ' ',$config{perl_cmd},"\n";
28- print ' ',$config{perl_version},' for ',$config{perl_archname},"\n";
29+ print ' ',$config{perl_version},"\n";
30 }
31 if ($dump || $options) {
32 my $longest = 0;
diff --git a/meta/recipes-connectivity/openssl/openssl/run-ptest b/meta/recipes-connectivity/openssl/openssl/run-ptest
index 3fb22471f8..c89ec5afa1 100644
--- a/meta/recipes-connectivity/openssl/openssl/run-ptest
+++ b/meta/recipes-connectivity/openssl/openssl/run-ptest
@@ -9,4 +9,4 @@ export TOP=.
9# OPENSSL_ENGINES is relative from the test binaries 9# OPENSSL_ENGINES is relative from the test binaries
10export OPENSSL_ENGINES=../engines 10export OPENSSL_ENGINES=../engines
11 11
12perl ./test/run_tests.pl $* | perl -0pe 's#(.*) \.*.ok#PASS: \1#g; s#(.*) \.*.skipped: (.*)#SKIP: \1 (\2)#g; s#(.*) \.*.\nDubious#FAIL: \1#;' 12{ HARNESS_JOBS=4 perl ./test/run_tests.pl $* || echo "FAIL: openssl" ; } | sed -u -r -e '/(.*) \.*.ok/ s/^/PASS: /g' -r -e '/Dubious(.*)/ s/^/FAIL: /g' -e '/(.*) \.*.skipped: (.*)/ s/^/SKIP: /g'
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-07 06:11:52 +0000