diff options
| author | Peter Marko <peter.marko@siemens.com> | 2025-02-11 19:36:14 +0100 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2025-02-15 06:04:44 -0800 |
| commit | 3d029078fe1b6af21ba753ad417b0511a7041f1c (patch) | |
| tree | 57ed90cd69fec79dba1bfd9ea2a66954bef27d88 /meta/recipes-connectivity | |
| parent | d49f124652a78bea033358aac079e1b6d81c7000 (diff) | |
| download | poky-3d029078fe1b6af21ba753ad417b0511a7041f1c.tar.gz | |
openssl: upgrade 3.0.15 -> 3.0.16
Release information:
https://github.com/openssl/openssl/blob/openssl-3.0/NEWS.md#major-changes-between-openssl-3015-and-openssl-3016-11-feb-2025
All CVEs were already patched, so this upgrade fixes only minor bugs.
Remove CVE patches included in the new version.
(From OE-Core rev: 68c01710e3522af317f8fe09465b56e6aca01615)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/recipes-connectivity')
| -rw-r--r-- | meta/recipes-connectivity/openssl/openssl/CVE-2024-13176.patch | 125 | ||||
| -rwxr-xr-x | meta/recipes-connectivity/openssl/openssl/CVE-2024-9143.patch | 202 | ||||
| -rw-r--r-- | meta/recipes-connectivity/openssl/openssl_3.0.16.bb (renamed from meta/recipes-connectivity/openssl/openssl_3.0.15.bb) | 4 |
3 files changed, 1 insertions, 330 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-13176.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-13176.patch deleted file mode 100644 index 0076003db1..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/CVE-2024-13176.patch +++ /dev/null | |||
| @@ -1,125 +0,0 @@ | |||
| 1 | From 07272b05b04836a762b4baa874958af51d513844 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Tomas Mraz <tomas@openssl.org> | ||
| 3 | Date: Wed, 15 Jan 2025 18:27:02 +0100 | ||
| 4 | Subject: [PATCH] Fix timing side-channel in ECDSA signature computation | ||
| 5 | |||
| 6 | There is a timing signal of around 300 nanoseconds when the top word of | ||
| 7 | the inverted ECDSA nonce value is zero. This can happen with significant | ||
| 8 | probability only for some of the supported elliptic curves. In particular | ||
| 9 | the NIST P-521 curve is affected. To be able to measure this leak, the | ||
| 10 | attacker process must either be located in the same physical computer or | ||
| 11 | must have a very fast network connection with low latency. | ||
| 12 | |||
| 13 | Attacks on ECDSA nonce are also known as Minerva attack. | ||
| 14 | |||
| 15 | Fixes CVE-2024-13176 | ||
| 16 | |||
| 17 | Reviewed-by: Tim Hudson <tjh@openssl.org> | ||
| 18 | Reviewed-by: Neil Horman <nhorman@openssl.org> | ||
| 19 | Reviewed-by: Paul Dale <ppzgs1@gmail.com> | ||
| 20 | (Merged from https://github.com/openssl/openssl/pull/26429) | ||
| 21 | |||
| 22 | (cherry picked from commit 63c40a66c5dc287485705d06122d3a6e74a6a203) | ||
| 23 | |||
| 24 | CVE: CVE-2024-13176 | ||
| 25 | Upstream-Status: Backport [https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844] | ||
| 26 | Signed-off-by: Peter Marko <peter.marko@siemens.com> | ||
| 27 | --- | ||
| 28 | crypto/bn/bn_exp.c | 21 +++++++++++++++------ | ||
| 29 | crypto/ec/ec_lib.c | 7 ++++--- | ||
| 30 | include/crypto/bn.h | 3 +++ | ||
| 31 | 3 files changed, 22 insertions(+), 9 deletions(-) | ||
| 32 | |||
| 33 | diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c | ||
| 34 | index 598a592ca1397..d84c7de18a6b6 100644 | ||
| 35 | --- a/crypto/bn/bn_exp.c | ||
| 36 | +++ b/crypto/bn/bn_exp.c | ||
| 37 | @@ -606,7 +606,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top, | ||
| 38 | * out by Colin Percival, | ||
| 39 | * http://www.daemonology.net/hyperthreading-considered-harmful/) | ||
| 40 | */ | ||
| 41 | -int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, | ||
| 42 | +int bn_mod_exp_mont_fixed_top(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, | ||
| 43 | const BIGNUM *m, BN_CTX *ctx, | ||
| 44 | BN_MONT_CTX *in_mont) | ||
| 45 | { | ||
| 46 | @@ -623,10 +623,6 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, | ||
| 47 | unsigned int t4 = 0; | ||
| 48 | #endif | ||
| 49 | |||
| 50 | - bn_check_top(a); | ||
| 51 | - bn_check_top(p); | ||
| 52 | - bn_check_top(m); | ||
| 53 | - | ||
| 54 | if (!BN_is_odd(m)) { | ||
| 55 | ERR_raise(ERR_LIB_BN, BN_R_CALLED_WITH_EVEN_MODULUS); | ||
| 56 | return 0; | ||
| 57 | @@ -1146,7 +1142,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, | ||
| 58 | goto err; | ||
| 59 | } else | ||
| 60 | #endif | ||
| 61 | - if (!BN_from_montgomery(rr, &tmp, mont, ctx)) | ||
| 62 | + if (!bn_from_mont_fixed_top(rr, &tmp, mont, ctx)) | ||
| 63 | goto err; | ||
| 64 | ret = 1; | ||
| 65 | err: | ||
| 66 | @@ -1160,6 +1156,19 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, | ||
| 67 | return ret; | ||
| 68 | } | ||
| 69 | |||
| 70 | +int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, | ||
| 71 | + const BIGNUM *m, BN_CTX *ctx, | ||
| 72 | + BN_MONT_CTX *in_mont) | ||
| 73 | +{ | ||
| 74 | + bn_check_top(a); | ||
| 75 | + bn_check_top(p); | ||
| 76 | + bn_check_top(m); | ||
| 77 | + if (!bn_mod_exp_mont_fixed_top(rr, a, p, m, ctx, in_mont)) | ||
| 78 | + return 0; | ||
| 79 | + bn_correct_top(rr); | ||
| 80 | + return 1; | ||
| 81 | +} | ||
| 82 | + | ||
| 83 | int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, | ||
| 84 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) | ||
| 85 | { | ||
| 86 | diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c | ||
| 87 | index b1696d93bd6dd..1f0bf1ec795fa 100644 | ||
| 88 | --- a/crypto/ec/ec_lib.c | ||
| 89 | +++ b/crypto/ec/ec_lib.c | ||
| 90 | @@ -20,6 +20,7 @@ | ||
| 91 | #include <openssl/err.h> | ||
| 92 | #include <openssl/opensslv.h> | ||
| 93 | #include "crypto/ec.h" | ||
| 94 | +#include "crypto/bn.h" | ||
| 95 | #include "internal/nelem.h" | ||
| 96 | #include "ec_local.h" | ||
| 97 | |||
| 98 | @@ -1262,10 +1263,10 @@ static int ec_field_inverse_mod_ord(const EC_GROUP *group, BIGNUM *r, | ||
| 99 | if (!BN_sub(e, group->order, e)) | ||
| 100 | goto err; | ||
| 101 | /*- | ||
| 102 | - * Exponent e is public. | ||
| 103 | - * No need for scatter-gather or BN_FLG_CONSTTIME. | ||
| 104 | + * Although the exponent is public we want the result to be | ||
| 105 | + * fixed top. | ||
| 106 | */ | ||
| 107 | - if (!BN_mod_exp_mont(r, x, e, group->order, ctx, group->mont_data)) | ||
| 108 | + if (!bn_mod_exp_mont_fixed_top(r, x, e, group->order, ctx, group->mont_data)) | ||
| 109 | goto err; | ||
| 110 | |||
| 111 | ret = 1; | ||
| 112 | diff --git a/include/crypto/bn.h b/include/crypto/bn.h | ||
| 113 | index c5f328156d3a9..59a629b9f6288 100644 | ||
| 114 | --- a/include/crypto/bn.h | ||
| 115 | +++ b/include/crypto/bn.h | ||
| 116 | @@ -73,6 +73,9 @@ int bn_set_words(BIGNUM *a, const BN_ULONG *words, int num_words); | ||
| 117 | */ | ||
| 118 | int bn_mul_mont_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, | ||
| 119 | BN_MONT_CTX *mont, BN_CTX *ctx); | ||
| 120 | +int bn_mod_exp_mont_fixed_top(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, | ||
| 121 | + const BIGNUM *m, BN_CTX *ctx, | ||
| 122 | + BN_MONT_CTX *in_mont); | ||
| 123 | int bn_to_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont, | ||
| 124 | BN_CTX *ctx); | ||
| 125 | int bn_from_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont, | ||
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-9143.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-9143.patch deleted file mode 100755 index c72a4193c6..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/CVE-2024-9143.patch +++ /dev/null | |||
| @@ -1,202 +0,0 @@ | |||
| 1 | From 72ae83ad214d2eef262461365a1975707f862712 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Viktor Dukhovni <viktor@openssl.org> | ||
| 3 | Date: Thu, 19 Sep 2024 01:02:40 +1000 | ||
| 4 | Subject: [PATCH] Harden BN_GF2m_poly2arr against misuse. | ||
| 5 | |||
| 6 | The BN_GF2m_poly2arr() function converts characteristic-2 field | ||
| 7 | (GF_{2^m}) Galois polynomials from a representation as a BIGNUM bitmask, | ||
| 8 | to a compact array with just the exponents of the non-zero terms. | ||
| 9 | |||
| 10 | These polynomials are then used in BN_GF2m_mod_arr() to perform modular | ||
| 11 | reduction. A precondition of calling BN_GF2m_mod_arr() is that the | ||
| 12 | polynomial must have a non-zero constant term (i.e. the array has `0` as | ||
| 13 | its final element). | ||
| 14 | |||
| 15 | Internally, callers of BN_GF2m_poly2arr() did not verify that | ||
| 16 | precondition, and binary EC curve parameters with an invalid polynomial | ||
| 17 | could lead to out of bounds memory reads and writes in BN_GF2m_mod_arr(). | ||
| 18 | |||
| 19 | The precondition is always true for polynomials that arise from the | ||
| 20 | standard form of EC parameters for characteristic-two fields (X9.62). | ||
| 21 | See the "Finite Field Identification" section of: | ||
| 22 | |||
| 23 | https://www.itu.int/ITU-T/formal-language/itu-t/x/x894/2018-cor1/ANSI-X9-62.html | ||
| 24 | |||
| 25 | The OpenSSL GF(2^m) code supports only the trinomial and pentanomial | ||
| 26 | basis X9.62 forms. | ||
| 27 | |||
| 28 | This commit updates BN_GF2m_poly2arr() to return `0` (failure) when | ||
| 29 | the constant term is zero (i.e. the input bitmask BIGNUM is not odd). | ||
| 30 | |||
| 31 | Additionally, the return value is made unambiguous when there is not | ||
| 32 | enough space to also pad the array with a final `-1` sentinel value. | ||
| 33 | The return value is now always the number of elements (including the | ||
| 34 | final `-1`) that would be filled when the output array is sufficiently | ||
| 35 | large. Previously the same count was returned both when the array has | ||
| 36 | just enough room for the final `-1` and when it had only enough space | ||
| 37 | for non-sentinel values. | ||
| 38 | |||
| 39 | Finally, BN_GF2m_poly2arr() is updated to reject polynomials whose | ||
| 40 | degree exceeds `OPENSSL_ECC_MAX_FIELD_BITS`, this guards against | ||
| 41 | CPU exhausition attacks via excessively large inputs. | ||
| 42 | |||
| 43 | The above issues do not arise in processing X.509 certificates. These | ||
| 44 | generally have EC keys from "named curves", and RFC5840 (Section 2.1.1) | ||
| 45 | disallows explicit EC parameters. The TLS code in OpenSSL enforces this | ||
| 46 | constraint only after the certificate is decoded, but, even if explicit | ||
| 47 | parameters are specified, they are in X9.62 form, which cannot represent | ||
| 48 | problem values as noted above. | ||
| 49 | |||
| 50 | Initially reported as oss-fuzz issue 71623. | ||
| 51 | |||
| 52 | A closely related issue was earlier reported in | ||
| 53 | <https://github.com/openssl/openssl/issues/19826>. | ||
| 54 | |||
| 55 | Severity: Low, CVE-2024-9143 | ||
| 56 | |||
| 57 | Reviewed-by: Matt Caswell <matt@openssl.org> | ||
| 58 | Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> | ||
| 59 | Reviewed-by: Paul Dale <ppzgs1@gmail.com> | ||
| 60 | Reviewed-by: Tomas Mraz <tomas@openssl.org> | ||
| 61 | (Merged from https://github.com/openssl/openssl/pull/25639) | ||
| 62 | |||
| 63 | (cherry picked from commit 8e008cb8b23ec7dc75c45a66eeed09c815b11cd2) | ||
| 64 | |||
| 65 | CVE: CVE-2024-9143 | ||
| 66 | Upstream-Status: Backport [https://github.com/openssl/openssl/commit/72ae83ad214d2eef262461365a1975707f862712] | ||
| 67 | Signed-off-by: Peter Marko <peter.marko@siemens.com> | ||
| 68 | --- | ||
| 69 | crypto/bn/bn_gf2m.c | 28 +++++++++++++++------- | ||
| 70 | test/ec_internal_test.c | 51 +++++++++++++++++++++++++++++++++++++++++ | ||
| 71 | 2 files changed, 71 insertions(+), 8 deletions(-) | ||
| 72 | |||
| 73 | diff --git a/crypto/bn/bn_gf2m.c b/crypto/bn/bn_gf2m.c | ||
| 74 | index c811ae82d6b15..bcc66613cc14d 100644 | ||
| 75 | --- a/crypto/bn/bn_gf2m.c | ||
| 76 | +++ b/crypto/bn/bn_gf2m.c | ||
| 77 | @@ -15,6 +15,7 @@ | ||
| 78 | #include "bn_local.h" | ||
| 79 | |||
| 80 | #ifndef OPENSSL_NO_EC2M | ||
| 81 | +# include <openssl/ec.h> | ||
| 82 | |||
| 83 | /* | ||
| 84 | * Maximum number of iterations before BN_GF2m_mod_solve_quad_arr should | ||
| 85 | @@ -1140,16 +1141,26 @@ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
| 86 | /* | ||
| 87 | * Convert the bit-string representation of a polynomial ( \sum_{i=0}^n a_i * | ||
| 88 | * x^i) into an array of integers corresponding to the bits with non-zero | ||
| 89 | - * coefficient. Array is terminated with -1. Up to max elements of the array | ||
| 90 | - * will be filled. Return value is total number of array elements that would | ||
| 91 | - * be filled if array was large enough. | ||
| 92 | + * coefficient. The array is intended to be suitable for use with | ||
| 93 | + * `BN_GF2m_mod_arr()`, and so the constant term of the polynomial must not be | ||
| 94 | + * zero. This translates to a requirement that the input BIGNUM `a` is odd. | ||
| 95 | + * | ||
| 96 | + * Given sufficient room, the array is terminated with -1. Up to max elements | ||
| 97 | + * of the array will be filled. | ||
| 98 | + * | ||
| 99 | + * The return value is total number of array elements that would be filled if | ||
| 100 | + * array was large enough, including the terminating `-1`. It is `0` when `a` | ||
| 101 | + * is not odd or the constant term is zero contrary to requirement. | ||
| 102 | + * | ||
| 103 | + * The return value is also `0` when the leading exponent exceeds | ||
| 104 | + * `OPENSSL_ECC_MAX_FIELD_BITS`, this guards against CPU exhaustion attacks, | ||
| 105 | */ | ||
| 106 | int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max) | ||
| 107 | { | ||
| 108 | int i, j, k = 0; | ||
| 109 | BN_ULONG mask; | ||
| 110 | |||
| 111 | - if (BN_is_zero(a)) | ||
| 112 | + if (!BN_is_odd(a)) | ||
| 113 | return 0; | ||
| 114 | |||
| 115 | for (i = a->top - 1; i >= 0; i--) { | ||
| 116 | @@ -1167,12 +1178,13 @@ int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max) | ||
| 117 | } | ||
| 118 | } | ||
| 119 | |||
| 120 | - if (k < max) { | ||
| 121 | + if (k > 0 && p[0] > OPENSSL_ECC_MAX_FIELD_BITS) | ||
| 122 | + return 0; | ||
| 123 | + | ||
| 124 | + if (k < max) | ||
| 125 | p[k] = -1; | ||
| 126 | - k++; | ||
| 127 | - } | ||
| 128 | |||
| 129 | - return k; | ||
| 130 | + return k + 1; | ||
| 131 | } | ||
| 132 | |||
| 133 | /* | ||
| 134 | diff --git a/test/ec_internal_test.c b/test/ec_internal_test.c | ||
| 135 | index 8c2cd05631696..02cfd4e9d8858 100644 | ||
| 136 | --- a/test/ec_internal_test.c | ||
| 137 | +++ b/test/ec_internal_test.c | ||
| 138 | @@ -155,6 +155,56 @@ static int field_tests_ecp_mont(void) | ||
| 139 | } | ||
| 140 | |||
| 141 | #ifndef OPENSSL_NO_EC2M | ||
| 142 | +/* Test that decoding of invalid GF2m field parameters fails. */ | ||
| 143 | +static int ec2m_field_sanity(void) | ||
| 144 | +{ | ||
| 145 | + int ret = 0; | ||
| 146 | + BN_CTX *ctx = BN_CTX_new(); | ||
| 147 | + BIGNUM *p, *a, *b; | ||
| 148 | + EC_GROUP *group1 = NULL, *group2 = NULL, *group3 = NULL; | ||
| 149 | + | ||
| 150 | + TEST_info("Testing GF2m hardening\n"); | ||
| 151 | + | ||
| 152 | + BN_CTX_start(ctx); | ||
| 153 | + p = BN_CTX_get(ctx); | ||
| 154 | + a = BN_CTX_get(ctx); | ||
| 155 | + if (!TEST_ptr(b = BN_CTX_get(ctx)) | ||
| 156 | + || !TEST_true(BN_one(a)) | ||
| 157 | + || !TEST_true(BN_one(b))) | ||
| 158 | + goto out; | ||
| 159 | + | ||
| 160 | + /* Even pentanomial value should be rejected */ | ||
| 161 | + if (!TEST_true(BN_set_word(p, 0xf2))) | ||
| 162 | + goto out; | ||
| 163 | + if (!TEST_ptr_null(group1 = EC_GROUP_new_curve_GF2m(p, a, b, ctx))) | ||
| 164 | + TEST_error("Zero constant term accepted in GF2m polynomial"); | ||
| 165 | + | ||
| 166 | + /* Odd hexanomial should also be rejected */ | ||
| 167 | + if (!TEST_true(BN_set_word(p, 0xf3))) | ||
| 168 | + goto out; | ||
| 169 | + if (!TEST_ptr_null(group2 = EC_GROUP_new_curve_GF2m(p, a, b, ctx))) | ||
| 170 | + TEST_error("Hexanomial accepted as GF2m polynomial"); | ||
| 171 | + | ||
| 172 | + /* Excessive polynomial degree should also be rejected */ | ||
| 173 | + if (!TEST_true(BN_set_word(p, 0x71)) | ||
| 174 | + || !TEST_true(BN_set_bit(p, OPENSSL_ECC_MAX_FIELD_BITS + 1))) | ||
| 175 | + goto out; | ||
| 176 | + if (!TEST_ptr_null(group3 = EC_GROUP_new_curve_GF2m(p, a, b, ctx))) | ||
| 177 | + TEST_error("GF2m polynomial degree > %d accepted", | ||
| 178 | + OPENSSL_ECC_MAX_FIELD_BITS); | ||
| 179 | + | ||
| 180 | + ret = group1 == NULL && group2 == NULL && group3 == NULL; | ||
| 181 | + | ||
| 182 | + out: | ||
| 183 | + EC_GROUP_free(group1); | ||
| 184 | + EC_GROUP_free(group2); | ||
| 185 | + EC_GROUP_free(group3); | ||
| 186 | + BN_CTX_end(ctx); | ||
| 187 | + BN_CTX_free(ctx); | ||
| 188 | + | ||
| 189 | + return ret; | ||
| 190 | +} | ||
| 191 | + | ||
| 192 | /* test EC_GF2m_simple_method directly */ | ||
| 193 | static int field_tests_ec2_simple(void) | ||
| 194 | { | ||
| 195 | @@ -443,6 +493,7 @@ int setup_tests(void) | ||
| 196 | ADD_TEST(field_tests_ecp_simple); | ||
| 197 | ADD_TEST(field_tests_ecp_mont); | ||
| 198 | #ifndef OPENSSL_NO_EC2M | ||
| 199 | + ADD_TEST(ec2m_field_sanity); | ||
| 200 | ADD_TEST(field_tests_ec2_simple); | ||
| 201 | #endif | ||
| 202 | ADD_ALL_TESTS(field_tests_default, crv_len); | ||
diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.15.bb b/meta/recipes-connectivity/openssl/openssl_3.0.16.bb index 295f05729f..a9fffd18ba 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.0.15.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.0.16.bb | |||
| @@ -12,15 +12,13 @@ SRC_URI = "https://github.com/openssl/openssl/releases/download/openssl-${PV}/op | |||
| 12 | file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ | 12 | file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ |
| 13 | file://afalg.patch \ | 13 | file://afalg.patch \ |
| 14 | file://0001-Configure-do-not-tweak-mips-cflags.patch \ | 14 | file://0001-Configure-do-not-tweak-mips-cflags.patch \ |
| 15 | file://CVE-2024-9143.patch \ | ||
| 16 | file://CVE-2024-13176.patch \ | ||
| 17 | " | 15 | " |
| 18 | 16 | ||
| 19 | SRC_URI:append:class-nativesdk = " \ | 17 | SRC_URI:append:class-nativesdk = " \ |
| 20 | file://environment.d-openssl.sh \ | 18 | file://environment.d-openssl.sh \ |
| 21 | " | 19 | " |
| 22 | 20 | ||
| 23 | SRC_URI[sha256sum] = "23c666d0edf20f14249b3d8f0368acaee9ab585b09e1de82107c66e1f3ec9533" | 21 | SRC_URI[sha256sum] = "57e03c50feab5d31b152af2b764f10379aecd8ee92f16c985983ce4a99f7ef86" |
| 24 | 22 | ||
| 25 | inherit lib_package multilib_header multilib_script ptest perlnative | 23 | inherit lib_package multilib_header multilib_script ptest perlnative |
| 26 | MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" | 24 | MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" |
