diff options
Diffstat (limited to 'recipes-connectivity/openssl/openssl-qoriq.inc')
| -rw-r--r-- | recipes-connectivity/openssl/openssl-qoriq.inc | 129 |
1 files changed, 88 insertions, 41 deletions
diff --git a/recipes-connectivity/openssl/openssl-qoriq.inc b/recipes-connectivity/openssl/openssl-qoriq.inc index faccb080d..8c8c03652 100644 --- a/recipes-connectivity/openssl/openssl-qoriq.inc +++ b/recipes-connectivity/openssl/openssl-qoriq.inc | |||
| @@ -8,6 +8,9 @@ SECTION = "libs/network" | |||
| 8 | LICENSE = "openssl" | 8 | LICENSE = "openssl" |
| 9 | LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8" | 9 | LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8" |
| 10 | 10 | ||
| 11 | DEPENDS = "hostperl-runtime-native" | ||
| 12 | DEPENDS_append_class-target = " openssl-native" | ||
| 13 | |||
| 11 | PROVIDES = "openssl" | 14 | PROVIDES = "openssl" |
| 12 | 15 | ||
| 13 | python() { | 16 | python() { |
| @@ -19,8 +22,6 @@ python() { | |||
| 19 | d.appendVar("RREPLACES_%s" % p, p.replace('openssl-qoriq', 'openssl')) | 22 | d.appendVar("RREPLACES_%s" % p, p.replace('openssl-qoriq', 'openssl')) |
| 20 | } | 23 | } |
| 21 | 24 | ||
| 22 | DEPENDS = "perl-native-runtime" | ||
| 23 | |||
| 24 | SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ | 25 | SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ |
| 25 | " | 26 | " |
| 26 | S = "${WORKDIR}/openssl-${PV}" | 27 | S = "${WORKDIR}/openssl-${PV}" |
| @@ -28,37 +29,39 @@ S = "${WORKDIR}/openssl-${PV}" | |||
| 28 | PACKAGECONFIG[perl] = ",,," | 29 | PACKAGECONFIG[perl] = ",,," |
| 29 | 30 | ||
| 30 | AR_append = " r" | 31 | AR_append = " r" |
| 32 | TERMIO_libc-musl = "-DTERMIOS" | ||
| 33 | TERMIO ?= "-DTERMIO" | ||
| 31 | # Avoid binaries being marked as requiring an executable stack since it | 34 | # Avoid binaries being marked as requiring an executable stack since it |
| 32 | # doesn't(which causes and this causes issues with SELinux | 35 | # doesn't(which causes and this causes issues with SELinux |
| 33 | CFLAG = "${@base_conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \ | 36 | CFLAG = "${@base_conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \ |
| 34 | -DTERMIO ${CFLAGS} -Wall -Wa,--noexecstack" | 37 | ${TERMIO} ${CFLAGS} -Wall -Wa,--noexecstack" |
| 35 | |||
| 36 | # -02 does not work on mipsel: ssh hangs when it tries to read /dev/urandom | ||
| 37 | CFLAG_mtx-1 := "${@'${CFLAG}'.replace('-O2', '')}" | ||
| 38 | CFLAG_mtx-2 := "${@'${CFLAG}'.replace('-O2', '')}" | ||
| 39 | 38 | ||
| 40 | export DIRS = "crypto ssl apps" | 39 | export DIRS = "crypto ssl apps" |
| 41 | export EX_LIBS = "-lgcc -ldl" | 40 | export EX_LIBS = "-lgcc -ldl" |
| 42 | export AS = "${CC} -c" | 41 | export AS = "${CC} -c" |
| 43 | EXTRA_OEMAKE = "-e MAKEFLAGS=" | 42 | EXTRA_OEMAKE = "-e MAKEFLAGS=" |
| 44 | 43 | ||
| 45 | inherit pkgconfig siteinfo multilib_header | 44 | inherit pkgconfig siteinfo multilib_header ptest |
| 46 | 45 | ||
| 47 | PACKAGES =+ "libcrypto libssl ${PN}-misc openssl-conf" | 46 | PACKAGES =+ "libcrypto libssl ${PN}-misc ${PN}-conf" |
| 48 | FILES_libcrypto = "${base_libdir}/libcrypto${SOLIBS}" | 47 | FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}" |
| 49 | FILES_libssl = "${libdir}/libssl.so.*" | 48 | FILES_libssl = "${libdir}/libssl${SOLIBS}" |
| 50 | FILES_${PN} =+ " ${libdir}/ssl/*" | 49 | FILES_${PN} =+ " ${libdir}/ssl/*" |
| 51 | FILES_${PN}-misc = "${libdir}/ssl/misc ${bindir}/c_rehash" | 50 | FILES_${PN}-misc = "${libdir}/ssl/misc" |
| 52 | RDEPENDS_${PN}-misc = "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" | 51 | RDEPENDS_${PN}-misc = "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" |
| 53 | FILES_${PN}-dev += "${base_libdir}/libcrypto${SOLIBSDEV}" | ||
| 54 | 52 | ||
| 55 | # Add the openssl.cnf file to the openssl-conf package. Make the libcrypto | 53 | # Add the openssl.cnf file to the openssl-conf package. Make the libcrypto |
| 56 | # package RRECOMMENDS on this package. This will enable the configuration | 54 | # package RRECOMMENDS on this package. This will enable the configuration |
| 57 | # file to be installed for both the base openssl package and the libcrypto | 55 | # file to be installed for both the base openssl package and the libcrypto |
| 58 | # package since the base openssl package depends on the libcrypto package. | 56 | # package since the base openssl package depends on the libcrypto package. |
| 59 | FILES_openssl-conf = "${libdir}/ssl/openssl.cnf" | 57 | FILES_${PN}-conf = "${sysconfdir}/ssl/openssl.cnf" |
| 60 | CONFFILES_openssl-conf = "${libdir}/ssl/openssl.cnf" | 58 | CONFFILES_${PN}-conf = "${sysconfdir}/ssl/openssl.cnf" |
| 61 | RRECOMMENDS_libcrypto += "openssl-conf" | 59 | RRECOMMENDS_libcrypto += "${PN}-conf" |
| 60 | RDEPENDS_${PN}-ptest += "${PN}-misc make perl perl-module-filehandle bc" | ||
| 61 | |||
| 62 | # Remove this to enable SSLv3. SSLv3 is defaulted to disabled due to the POODLE | ||
| 63 | # vulnerability | ||
| 64 | EXTRA_OECONF = " -no-ssl3" | ||
| 62 | 65 | ||
| 63 | do_configure_prepend_darwin () { | 66 | do_configure_prepend_darwin () { |
| 64 | sed -i -e '/version-script=openssl\.ld/d' Configure | 67 | sed -i -e '/version-script=openssl\.ld/d' Configure |
| @@ -71,17 +74,18 @@ do_configure () { | |||
| 71 | ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/ | 74 | ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/ |
| 72 | 75 | ||
| 73 | os=${HOST_OS} | 76 | os=${HOST_OS} |
| 74 | if [ "x$os" = "xlinux-uclibc" ]; then | 77 | case $os in |
| 75 | os=linux | 78 | linux-uclibc |\ |
| 76 | elif [ "x$os" = "xlinux-uclibceabi" ]; then | 79 | linux-uclibceabi |\ |
| 77 | os=linux | 80 | linux-gnueabi |\ |
| 78 | elif [ "x$os" = "xlinux-uclibcspe" ]; then | 81 | linux-uclibcspe |\ |
| 79 | os=linux | 82 | linux-gnuspe |\ |
| 80 | elif [ "x$os" = "xlinux-gnuspe" ]; then | 83 | linux-musl*) |
| 81 | os=linux | 84 | os=linux |
| 82 | elif [ "x$os" = "xlinux-gnueabi" ]; then | 85 | ;; |
| 83 | os=linux | 86 | *) |
| 84 | fi | 87 | ;; |
| 88 | esac | ||
| 85 | target="$os-${HOST_ARCH}" | 89 | target="$os-${HOST_ARCH}" |
| 86 | case $target in | 90 | case $target in |
| 87 | linux-arm) | 91 | linux-arm) |
| @@ -91,7 +95,7 @@ do_configure () { | |||
| 91 | target=linux-elf-armeb | 95 | target=linux-elf-armeb |
| 92 | ;; | 96 | ;; |
| 93 | linux-aarch64*) | 97 | linux-aarch64*) |
| 94 | target=linux-generic64 | 98 | target=linux-aarch64 |
| 95 | ;; | 99 | ;; |
| 96 | linux-sh3) | 100 | linux-sh3) |
| 97 | target=debian-sh3 | 101 | target=debian-sh3 |
| @@ -120,9 +124,12 @@ do_configure () { | |||
| 120 | linux-mipsel) | 124 | linux-mipsel) |
| 121 | target=debian-mipsel | 125 | target=debian-mipsel |
| 122 | ;; | 126 | ;; |
| 123 | linux-*-mips64) | 127 | linux-*-mips64 | linux-mips64) |
| 124 | target=linux-mips | 128 | target=linux-mips |
| 125 | ;; | 129 | ;; |
| 130 | linux-microblaze*|linux-nios2*) | ||
| 131 | target=linux-generic32 | ||
| 132 | ;; | ||
| 126 | linux-powerpc) | 133 | linux-powerpc) |
| 127 | target=linux-ppc | 134 | target=linux-ppc |
| 128 | ;; | 135 | ;; |
| @@ -145,40 +152,80 @@ do_configure () { | |||
| 145 | if [ "x$useprefix" = "x" ]; then | 152 | if [ "x$useprefix" = "x" ]; then |
| 146 | useprefix=/ | 153 | useprefix=/ |
| 147 | fi | 154 | fi |
| 148 | perl ./Configure shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=`basename ${libdir}` $target | 155 | perl ./Configure ${EXTRA_OECONF} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=`basename ${libdir}` $target |
| 156 | } | ||
| 157 | |||
| 158 | do_compile_prepend_class-target () { | ||
| 159 | sed -i 's/\((OPENSSL=\)".*"/\1"openssl"/' Makefile | ||
| 149 | } | 160 | } |
| 150 | 161 | ||
| 151 | do_compile () { | 162 | do_compile () { |
| 152 | oe_runmake | 163 | oe_runmake |
| 153 | } | 164 | } |
| 154 | 165 | ||
| 166 | do_compile_ptest () { | ||
| 167 | oe_runmake buildtest | ||
| 168 | } | ||
| 169 | |||
| 155 | do_install () { | 170 | do_install () { |
| 171 | # Create ${D}/${prefix} to fix parallel issues | ||
| 172 | mkdir -p ${D}/${prefix}/ | ||
| 173 | |||
| 156 | oe_runmake INSTALL_PREFIX="${D}" MANDIR="${mandir}" install | 174 | oe_runmake INSTALL_PREFIX="${D}" MANDIR="${mandir}" install |
| 157 | 175 | ||
| 158 | oe_libinstall -so libcrypto ${D}${libdir} | 176 | oe_libinstall -so libcrypto ${D}${libdir} |
| 159 | oe_libinstall -so libssl ${D}${libdir} | 177 | oe_libinstall -so libssl ${D}${libdir} |
| 160 | 178 | ||
| 161 | # Moving libcrypto to /lib | ||
| 162 | if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then | ||
| 163 | mkdir -p ${D}/${base_libdir}/ | ||
| 164 | mv ${D}${libdir}/libcrypto* ${D}${base_libdir}/ | ||
| 165 | sed -i s#libdir=\$\{exec_prefix\}\/lib#libdir=${base_libdir}# ${D}/${libdir}/pkgconfig/libcrypto.pc | ||
| 166 | fi | ||
| 167 | |||
| 168 | install -d ${D}${includedir} | 179 | install -d ${D}${includedir} |
| 169 | cp --dereference -R include/openssl ${D}${includedir} | 180 | cp --dereference -R include/openssl ${D}${includedir} |
| 170 | 181 | ||
| 182 | install -Dm 0755 ${WORKDIR}/openssl-c_rehash.sh ${D}${bindir}/c_rehash | ||
| 183 | sed -i -e 's,/etc/openssl,${sysconfdir}/ssl,g' ${D}${bindir}/c_rehash | ||
| 184 | |||
| 171 | oe_multilib_header openssl/opensslconf.h | 185 | oe_multilib_header openssl/opensslconf.h |
| 172 | if [ "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" = "perl" ]; then | 186 | if [ "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" = "perl" ]; then |
| 173 | install -m 0755 ${S}/tools/c_rehash ${D}${bindir} | ||
| 174 | sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${bindir}/c_rehash | ||
| 175 | sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/CA.pl | 187 | sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/CA.pl |
| 176 | sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/tsget | 188 | sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/tsget |
| 177 | # The c_rehash utility isn't installed by the normal installation process. | ||
| 178 | else | 189 | else |
| 179 | rm -f ${D}${bindir}/c_rehash | ||
| 180 | rm -f ${D}${libdir}/ssl/misc/CA.pl ${D}${libdir}/ssl/misc/tsget | 190 | rm -f ${D}${libdir}/ssl/misc/CA.pl ${D}${libdir}/ssl/misc/tsget |
| 181 | fi | 191 | fi |
| 192 | |||
| 193 | # Create SSL structure | ||
| 194 | install -d ${D}${sysconfdir}/ssl/ | ||
| 195 | mv ${D}${libdir}/ssl/openssl.cnf \ | ||
| 196 | ${D}${libdir}/ssl/certs \ | ||
| 197 | ${D}${libdir}/ssl/private \ | ||
| 198 | \ | ||
| 199 | ${D}${sysconfdir}/ssl/ | ||
| 200 | ln -sf ${sysconfdir}/ssl/certs ${D}${libdir}/ssl/certs | ||
| 201 | ln -sf ${sysconfdir}/ssl/private ${D}${libdir}/ssl/private | ||
| 202 | ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${libdir}/ssl/openssl.cnf | ||
| 203 | } | ||
| 204 | |||
| 205 | do_install_ptest () { | ||
| 206 | cp -r -L Makefile.org Makefile test ${D}${PTEST_PATH} | ||
| 207 | cp Configure config e_os.h ${D}${PTEST_PATH} | ||
| 208 | cp -r -L include ${D}${PTEST_PATH} | ||
| 209 | ln -sf ${libdir}/libcrypto.a ${D}${PTEST_PATH} | ||
| 210 | ln -sf ${libdir}/libssl.a ${D}${PTEST_PATH} | ||
| 211 | mkdir -p ${D}${PTEST_PATH}/crypto | ||
| 212 | cp crypto/constant_time_locl.h ${D}${PTEST_PATH}/crypto | ||
| 213 | cp -r certs ${D}${PTEST_PATH} | ||
| 214 | mkdir -p ${D}${PTEST_PATH}/apps | ||
| 215 | ln -sf ${libdir}/ssl/misc/CA.sh ${D}${PTEST_PATH}/apps | ||
| 216 | ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${PTEST_PATH}/apps | ||
| 217 | ln -sf ${bindir}/openssl ${D}${PTEST_PATH}/apps | ||
| 218 | cp apps/server2.pem ${D}${PTEST_PATH}/apps | ||
| 219 | mkdir -p ${D}${PTEST_PATH}/util | ||
| 220 | install util/opensslwrap.sh ${D}${PTEST_PATH}/util | ||
| 221 | install util/shlib_wrap.sh ${D}${PTEST_PATH}/util | ||
| 222 | } | ||
| 223 | |||
| 224 | do_install_append_class-native() { | ||
| 225 | create_wrapper ${D}${bindir}/openssl \ | ||
| 226 | OPENSSL_CONF=${libdir}/ssl/openssl.cnf \ | ||
| 227 | SSL_CERT_DIR=${libdir}/ssl/certs \ | ||
| 228 | SSL_CERT_FILE=${libdir}/ssl/cert.pem \ | ||
| 229 | OPENSSL_ENGINES=${libdir}/ssl/engines | ||
| 182 | } | 230 | } |
| 183 | 231 | ||
| 184 | BBCLASSEXTEND = "native nativesdk" | ||