diff options
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl.inc | 5 | ||||
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch | 21 | ||||
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch | 23 | ||||
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl_1.0.2l.bb (renamed from meta/recipes-connectivity/openssl/openssl_1.0.2k.bb) | 8 |
4 files changed, 8 insertions, 49 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl.inc b/meta/recipes-connectivity/openssl/openssl.inc index 3980ec2f44..ce295e8f37 100644 --- a/meta/recipes-connectivity/openssl/openssl.inc +++ b/meta/recipes-connectivity/openssl/openssl.inc | |||
@@ -236,6 +236,11 @@ do_install_ptest () { | |||
236 | # modified again later when stripping them, but that's okay. | 236 | # modified again later when stripping them, but that's okay. |
237 | touch ${D}${PTEST_PATH} | 237 | touch ${D}${PTEST_PATH} |
238 | find ${D}${PTEST_PATH} -type f -print0 | xargs --verbose -0 touch -r ${D}${PTEST_PATH} | 238 | find ${D}${PTEST_PATH} -type f -print0 | xargs --verbose -0 touch -r ${D}${PTEST_PATH} |
239 | |||
240 | # exclude binary files or the package won't install | ||
241 | for d in ssltest_old v3ext x509aux; do | ||
242 | rm -rf ${D}${libdir}/${BPN}/ptest/test/$d | ||
243 | done | ||
239 | } | 244 | } |
240 | 245 | ||
241 | do_install_append_class-native() { | 246 | do_install_append_class-native() { |
diff --git a/meta/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch b/meta/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch deleted file mode 100644 index 2a318a4584..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch +++ /dev/null | |||
@@ -1,21 +0,0 @@ | |||
1 | Upstream-Status: Submitted | ||
2 | |||
3 | This patch adds the fix for one of the ciphers used in openssl, namely | ||
4 | the cipher des-ede3-cfb1. Complete bug log and patch is present here: | ||
5 | http://rt.openssl.org/Ticket/Display.html?id=2867 | ||
6 | |||
7 | Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com> | ||
8 | |||
9 | Index: openssl-1.0.2/crypto/evp/e_des3.c | ||
10 | =================================================================== | ||
11 | --- openssl-1.0.2.orig/crypto/evp/e_des3.c | ||
12 | +++ openssl-1.0.2/crypto/evp/e_des3.c | ||
13 | @@ -211,7 +211,7 @@ static int des_ede3_cfb1_cipher(EVP_CIPH | ||
14 | size_t n; | ||
15 | unsigned char c[1], d[1]; | ||
16 | |||
17 | - for (n = 0; n < inl; ++n) { | ||
18 | + for (n = 0; n * 8 < inl; ++n) { | ||
19 | c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0; | ||
20 | DES_ede3_cfb_encrypt(c, d, 1, 1, | ||
21 | &data(ctx)->ks1, &data(ctx)->ks2, | ||
diff --git a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch deleted file mode 100644 index f736e5c098..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch +++ /dev/null | |||
@@ -1,23 +0,0 @@ | |||
1 | openssl: avoid NULL pointer dereference in EVP_DigestInit_ex() | ||
2 | |||
3 | We should avoid accessing the type pointer if it's NULL, | ||
4 | this could happen if ctx->digest is not NULL. | ||
5 | |||
6 | Upstream-Status: Submitted | ||
7 | http://www.mail-archive.com/openssl-dev@openssl.org/msg32860.html | ||
8 | |||
9 | Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com> | ||
10 | --- | ||
11 | Index: openssl-1.0.2h/crypto/evp/digest.c | ||
12 | =================================================================== | ||
13 | --- openssl-1.0.2h.orig/crypto/evp/digest.c | ||
14 | +++ openssl-1.0.2h/crypto/evp/digest.c | ||
15 | @@ -211,7 +211,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c | ||
16 | type = ctx->digest; | ||
17 | } | ||
18 | #endif | ||
19 | - if (ctx->digest != type) { | ||
20 | + if (type && (ctx->digest != type)) { | ||
21 | if (ctx->digest && ctx->digest->ctx_size) { | ||
22 | OPENSSL_free(ctx->md_data); | ||
23 | ctx->md_data = NULL; | ||
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2l.bb index 83d1a500c2..a2ef2ac8fb 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.0.2l.bb | |||
@@ -7,7 +7,7 @@ DEPENDS += "cryptodev-linux" | |||
7 | CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS" | 7 | CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS" |
8 | CFLAG_append_class-native = " -fPIC" | 8 | CFLAG_append_class-native = " -fPIC" |
9 | 9 | ||
10 | LIC_FILES_CHKSUM = "file://LICENSE;md5=27ffa5d74bb5a337056c14b2ef93fbf6" | 10 | LIC_FILES_CHKSUM = "file://LICENSE;md5=057d9218c6180e1d9ee407572b2dd225" |
11 | 11 | ||
12 | export DIRS = "crypto ssl apps engines" | 12 | export DIRS = "crypto ssl apps engines" |
13 | export OE_LDFLAGS="${LDFLAGS}" | 13 | export OE_LDFLAGS="${LDFLAGS}" |
@@ -32,8 +32,6 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \ | |||
32 | file://debian1.0.2/version-script.patch \ | 32 | file://debian1.0.2/version-script.patch \ |
33 | file://debian1.0.2/soname.patch \ | 33 | file://debian1.0.2/soname.patch \ |
34 | file://openssl_fix_for_x32.patch \ | 34 | file://openssl_fix_for_x32.patch \ |
35 | file://fix-cipher-des-ede3-cfb1.patch \ | ||
36 | file://openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch \ | ||
37 | file://openssl-fix-des.pod-error.patch \ | 35 | file://openssl-fix-des.pod-error.patch \ |
38 | file://Makefiles-ptest.patch \ | 36 | file://Makefiles-ptest.patch \ |
39 | file://ptest-deps.patch \ | 37 | file://ptest-deps.patch \ |
@@ -45,8 +43,8 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \ | |||
45 | file://Use-SHA256-not-MD5-as-default-digest.patch \ | 43 | file://Use-SHA256-not-MD5-as-default-digest.patch \ |
46 | file://0001-Fix-build-with-clang-using-external-assembler.patch \ | 44 | file://0001-Fix-build-with-clang-using-external-assembler.patch \ |
47 | " | 45 | " |
48 | SRC_URI[md5sum] = "f965fc0bf01bf882b31314b61391ae65" | 46 | SRC_URI[md5sum] = "f85123cd390e864dfbe517e7616e6566" |
49 | SRC_URI[sha256sum] = "6b3977c61f2aedf0f96367dcfb5c6e578cf37e7b8d913b4ecb6643c3cb88d8c0" | 47 | SRC_URI[sha256sum] = "ce07195b659e75f4e1db43552860070061f156a98bb37b672b101ba6e3ddf30c" |
50 | 48 | ||
51 | PACKAGES =+ "${PN}-engines" | 49 | PACKAGES =+ "${PN}-engines" |
52 | FILES_${PN}-engines = "${libdir}/ssl/engines/*.so ${libdir}/engines" | 50 | FILES_${PN}-engines = "${libdir}/ssl/engines/*.so ${libdir}/engines" |