aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKoen Kooi <koen.kooi@linaro.org>2016-01-12 08:49:32 +0100
committerKoen Kooi <koen.kooi@linaro.org>2016-01-12 08:50:39 +0100
commit346c76e9fa41b5f11f76193a6762da288fa48efe (patch)
tree21a2f27162d4b748f2a822dbedb14b0d7aa2b42a
parent697174bacf597826260ffdb473c95e317e0a1374 (diff)
downloadmeta-linaro-16.01.tar.gz
openssl: import 1.0.2e from OE-core16.01
We only need to add the ilp32 bits to the .inc but that requires overlaying the whole recipe Change-Id: Ie9ba5683cae556e41c260792c86204e82bad0ec8 Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl.inc26
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/Makefiles-ptest.patch36
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/configure-musl-target.patch27
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/configure-targets.patch39
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch35
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/debian/c_rehash-compat.patch62
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/debian/debian-targets.patch25
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/debian/make-targets.patch15
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/debian/version-script.patch311
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/debian1.0.2/block_digicert_malaysia.patch29
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/debian1.0.2/block_diginotar.patch67
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/engines-install-in-libdir-ssl.patch42
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/fix-cipher-des-ede3-cfb1.patch21
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/initial-aarch64-bits.patch120
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/openssl-1.0.2a-x32-asm.patch46
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch22
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch39
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/openssl-fix-link.patch35
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/openssl_fix_for_x32.patch85
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/ptest-deps.patch16
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl/ptest_makefile_deps.patch248
-rw-r--r--meta-ilp32/recipes-overlayed/openssl/openssl_1.0.2e.bb (renamed from meta-ilp32/recipes-overlayed/openssl/openssl_1.0.1k.bb)48
22 files changed, 819 insertions, 575 deletions
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl.inc b/meta-ilp32/recipes-overlayed/openssl/openssl.inc
index 70af9690..05f05c89 100644
--- a/meta-ilp32/recipes-overlayed/openssl/openssl.inc
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl.inc
@@ -8,7 +8,7 @@ SECTION = "libs/network"
LICENSE = "openssl"
LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8"
-DEPENDS = "perl-native-runtime"
+DEPENDS = "hostperl-runtime-native"
DEPENDS_append_class-target = " openssl-native"
SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
@@ -18,10 +18,12 @@ S = "${WORKDIR}/openssl-${PV}"
PACKAGECONFIG[perl] = ",,,"
AR_append = " r"
+TERMIO_libc-musl = "-DTERMIOS"
+TERMIO ?= "-DTERMIO"
# Avoid binaries being marked as requiring an executable stack since it
# doesn't(which causes and this causes issues with SELinux
CFLAG = "${@base_conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \
- -DTERMIO ${CFLAGS} -Wall -Wa,--noexecstack"
+ ${TERMIO} ${CFLAGS} -Wall -Wa,--noexecstack"
# -02 does not work on mipsel: ssh hangs when it tries to read /dev/urandom
CFLAG_mtx-1 := "${@'${CFLAG}'.replace('-O2', '')}"
@@ -118,10 +120,10 @@ do_configure () {
linux-mipsel)
target=debian-mipsel
;;
- linux-*-mips64)
+ linux-*-mips64 | linux-mips64)
target=linux-mips
;;
- linux-microblaze*)
+ linux-microblaze*|linux-nios2*)
target=linux-generic32
;;
linux-powerpc)
@@ -194,19 +196,25 @@ do_install () {
}
do_install_ptest () {
- cp -r Makefile test ${D}${PTEST_PATH}
+ cp -r -L Makefile.org Makefile test ${D}${PTEST_PATH}
+ cp Configure config e_os.h ${D}${PTEST_PATH}
+ cp -r -L include ${D}${PTEST_PATH}
+ ln -sf ${base_libdir}/libcrypto.a ${D}${PTEST_PATH}
+ ln -sf ${libdir}/libssl.a ${D}${PTEST_PATH}
+ mkdir -p ${D}${PTEST_PATH}/crypto
+ cp crypto/constant_time_locl.h ${D}${PTEST_PATH}/crypto
cp -r certs ${D}${PTEST_PATH}
mkdir -p ${D}${PTEST_PATH}/apps
- ln -sf /usr/lib/ssl/misc/CA.sh ${D}${PTEST_PATH}/apps
- ln -sf /usr/lib/ssl/openssl.cnf ${D}${PTEST_PATH}/apps
- ln -sf /usr/bin/openssl ${D}${PTEST_PATH}/apps
+ ln -sf ${libdir}/ssl/misc/CA.sh ${D}${PTEST_PATH}/apps
+ ln -sf ${libdir}/ssl/openssl.cnf ${D}${PTEST_PATH}/apps
+ ln -sf ${bindir}/openssl ${D}${PTEST_PATH}/apps
cp apps/server2.pem ${D}${PTEST_PATH}/apps
mkdir -p ${D}${PTEST_PATH}/util
install util/opensslwrap.sh ${D}${PTEST_PATH}/util
install util/shlib_wrap.sh ${D}${PTEST_PATH}/util
}
-do_install_append_virtclass-native() {
+do_install_append_class-native() {
create_wrapper ${D}${bindir}/openssl \
OPENSSL_CONF=${libdir}/ssl/openssl.cnf \
SSL_CERT_DIR=${libdir}/ssl/certs \
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/Makefiles-ptest.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/Makefiles-ptest.patch
index ac53a914..249446a5 100644
--- a/meta-ilp32/recipes-overlayed/openssl/openssl/Makefiles-ptest.patch
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl/Makefiles-ptest.patch
@@ -5,10 +5,11 @@ Signed-off-by: Anders Roxell <anders.roxell@enea.com>
Signed-off-by: Maxin B. John <maxin.john@enea.com>
Upstream-Status: Pending
---
-diff -uNr a/Makefile b/Makefile
---- a/Makefile.org 2012-05-10 17:06:02.000000000 +0200
-+++ b/Makefile.org 2012-10-27 00:05:55.359424024 +0200
-@@ -411,8 +411,16 @@
+Index: openssl-1.0.2/Makefile.org
+===================================================================
+--- openssl-1.0.2.orig/Makefile.org
++++ openssl-1.0.2/Makefile.org
+@@ -451,8 +451,16 @@ rehash.time: certs apps
test: tests
tests: rehash
@@ -26,11 +27,11 @@ diff -uNr a/Makefile b/Makefile
OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
report:
-diff --git a/test/Makefile b/test/Makefile
-index 3912f82..1696767 100644
---- a/test/Makefile
-+++ b/test/Makefile
-@@ -128,7 +128,7 @@ tests: exe apps $(TESTS)
+Index: openssl-1.0.2/test/Makefile
+===================================================================
+--- openssl-1.0.2.orig/test/Makefile
++++ openssl-1.0.2/test/Makefile
+@@ -137,7 +137,7 @@ tests: exe apps $(TESTS)
apps:
@(cd ..; $(MAKE) DIRS=apps all)
@@ -39,28 +40,28 @@ index 3912f82..1696767 100644
test_des test_idea test_sha test_md4 test_md5 test_hmac \
test_md2 test_mdc2 test_wp \
test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \
-@@ -138,6 +138,11 @@ alltests: \
- test_ss test_ca test_engine test_evp test_ssl test_tsa test_ige \
- test_jpake test_cms
+@@ -148,6 +148,11 @@ alltests: \
+ test_jpake test_srp test_cms test_ocsp test_v3name test_heartbeat \
+ test_constant_time
+alltests:
+ @(for i in $(all-tests); do \
+ ( $(MAKE) $$i && echo "PASS: $$i" ) || echo "FAIL: $$i"; \
+ done)
+
- test_evp:
+ test_evp: $(EVPTEST)$(EXE_EXT) evptests.txt
../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
-@@ -203,7 +208,7 @@ test_x509:
+@@ -213,7 +218,7 @@ test_x509: ../apps/openssl$(EXE_EXT) tx5
echo test second x509v3 certificate
sh ./tx509 v3-cert2.pem 2>/dev/null
--test_rsa: $(RSATEST)$(EXE_EXT)
-+test_rsa:
+-test_rsa: $(RSATEST)$(EXE_EXT) ../apps/openssl$(EXE_EXT) trsa testrsa.pem
++test_rsa: ../apps/openssl$(EXE_EXT) trsa testrsa.pem
@sh ./trsa 2>/dev/null
../util/shlib_wrap.sh ./$(RSATEST)
-@@ -298,11 +303,11 @@ test_tsa:
+@@ -313,11 +318,11 @@ test_tsa: ../apps/openssl$(EXE_EXT) test
sh ./testtsa; \
fi
@@ -73,3 +74,4 @@ index 3912f82..1696767 100644
+test_jpake:
@echo "Test JPAKE"
../util/shlib_wrap.sh ./$(JPAKETEST)
+
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/configure-musl-target.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/configure-musl-target.patch
new file mode 100644
index 00000000..613dc7b7
--- /dev/null
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl/configure-musl-target.patch
@@ -0,0 +1,27 @@
+Add musl triplet support
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+Index: openssl-1.0.2a/Configure
+===================================================================
+--- openssl-1.0.2a.orig/Configure
++++ openssl-1.0.2a/Configure
+@@ -431,7 +431,7 @@ my %table=(
+ #
+ # ./Configure linux-armv4 -march=armv6 -D__ARM_MAX_ARCH__=8
+ #
+-"linux-armv4", "gcc: -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-armv4", "gcc: -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-aarch64","gcc: -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${aarch64_asm}:linux64:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ # Configure script adds minimally required -march for assembly support,
+ # if no -march was specified at command line. mips32 and mips64 below
+@@ -504,6 +504,8 @@ my %table=(
+ "linux-gnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-uclibceabi-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-uclibceabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-musleabi-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-musleabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+ "linux-avr32","$ENV{'CC'}:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).",
+
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/configure-targets.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/configure-targets.patch
index c1f3d087..691e74af 100644
--- a/meta-ilp32/recipes-overlayed/openssl/openssl/configure-targets.patch
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl/configure-targets.patch
@@ -7,28 +7,31 @@ The number of colons are important :)
Configure | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
---- a/Configure
-+++ b/Configure
-@@ -403,6 +403,22 @@ my %table=(
- "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
- "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+Index: openssl-1.0.2a/Configure
+===================================================================
+--- openssl-1.0.2a.orig/Configure
++++ openssl-1.0.2a/Configure
+@@ -443,6 +443,23 @@ my %table=(
+ "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+ "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
-+ # Linux on ARM
-+"linux-elf-arm","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-elf-armeb","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-gnueabi-arm","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-gnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-uclibceabi-arm","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-uclibceabi-armeb","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++
++# Linux on ARM
++"linux-elf-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-elf-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-gnueabi-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-gnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-uclibceabi-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-uclibceabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
-+"linux-avr32","$ENV{'CC'}:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).",
++"linux-avr32","$ENV{'CC'}:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).",
+
+#### Linux on MIPS/MIPS64
-+"linux-mips","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-mips64","$ENV{'CC'}:-DB_ENDIAN -DTERMIO -mabi=64 -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-mips64el","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -mabi=64 -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-mipsel","$ENV{'CC'}:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-mips","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-mips64","$ENV{'CC'}:-DB_ENDIAN -mabi=64 -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-mips64el","$ENV{'CC'}:-DL_ENDIAN -mabi=64 -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-mipsel","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
- # Android: linux-* but without -DTERMIO and pointers to headers and libs.
+ # Android: linux-* but without pointers to headers and libs.
"android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:".eval{my $asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch
new file mode 100644
index 00000000..af3989f6
--- /dev/null
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch
@@ -0,0 +1,35 @@
+Upstream-Status: Backport
+
+When building on x32 systems where the default type is 32bit, make sure
+we can transparently represent 64bit integers. Otherwise we end up with
+build errors like:
+/usr/bin/perl asm/ghash-x86_64.pl elf > ghash-x86_64.s
+Integer overflow in hexadecimal number at asm/../../perlasm/x86_64-xlate.pl line 201, <> line 890.
+...
+ghash-x86_64.s: Assembler messages:
+ghash-x86_64.s:890: Error: junk '.15473355479995e+19' after expression
+
+We don't enable this globally as there are some cases where we'd get
+32bit values interpreted as unsigned when we need them as signed.
+
+Reported-by: Bertrand Jacquin <bertrand@jacquin.bzh>
+URL: https://bugs.gentoo.org/542618
+
+Signed-off-By: Armin Kuster <akuster@mvista.com>
+
+Index: openssl-1.0.2a/crypto/perlasm/x86_64-xlate.pl
+===================================================================
+--- openssl-1.0.2a.orig/crypto/perlasm/x86_64-xlate.pl
++++ openssl-1.0.2a/crypto/perlasm/x86_64-xlate.pl
+@@ -194,7 +194,10 @@ my %globals;
+ }
+ sub out {
+ my $self = shift;
+-
++ # When building on x32 ABIs, the expanded hex value might be too
++ # big to fit into 32bits. Enable transparent 64bit support here
++ # so we can safely print it out.
++ use bigint;
+ if ($gas) {
+ # Solaris /usr/ccs/bin/as can't handle multiplications
+ # in $self->{value}
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/debian/c_rehash-compat.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/debian/c_rehash-compat.patch
index ac1b19b9..68e54d56 100644
--- a/meta-ilp32/recipes-overlayed/openssl/openssl/debian/c_rehash-compat.patch
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl/debian/c_rehash-compat.patch
@@ -1,38 +1,54 @@
-Upstream-Status: Backport [debian]
-
From 83f318d68bbdab1ca898c94576a838cc97df4700 Mon Sep 17 00:00:00 2001
From: Ludwig Nussel <ludwig.nussel@suse.de>
Date: Wed, 21 Apr 2010 15:52:10 +0200
Subject: [PATCH] also create old hash for compatibility
----
- tools/c_rehash.in | 8 +++++++-
- 1 files changed, 7 insertions(+), 1 deletions(-)
+Upstream-Status: Backport [debian]
-Index: openssl-1.0.0d/tools/c_rehash.in
-===================================================================
---- openssl-1.0.0d.orig/tools/c_rehash.in 2011-04-13 20:41:28.000000000 +0000
-+++ openssl-1.0.0d/tools/c_rehash.in 2011-04-13 20:41:28.000000000 +0000
-@@ -86,6 +86,7 @@
- }
+diff --git a/tools/c_rehash.in b/tools/c_rehash.in
+index b086ff9..b777d79 100644
+--- a/tools/c_rehash.in
++++ b/tools/c_rehash.in
+@@ -8,8 +8,6 @@ my $prefix;
+
+ my $openssl = $ENV{OPENSSL} || "openssl";
+ my $pwd;
+-my $x509hash = "-subject_hash";
+-my $crlhash = "-hash";
+ my $verbose = 0;
+ my $symlink_exists=eval {symlink("",""); 1};
+ my $removelinks = 1;
+@@ -18,10 +16,7 @@ my $removelinks = 1;
+ while ( $ARGV[0] =~ /^-/ ) {
+ my $flag = shift @ARGV;
+ last if ( $flag eq '--');
+- if ( $flag eq '-old') {
+- $x509hash = "-subject_hash_old";
+- $crlhash = "-hash_old";
+- } elsif ( $flag eq '-h') {
++ if ( $flag eq '-h') {
+ help();
+ } elsif ( $flag eq '-n' ) {
+ $removelinks = 0;
+@@ -113,7 +108,9 @@ sub hash_dir {
+ next;
}
link_hash_cert($fname) if($cert);
+ link_hash_cert_old($fname) if($cert);
link_hash_crl($fname) if($crl);
++ link_hash_crl_old($fname) if($crl);
}
}
-@@ -119,8 +120,9 @@
+
+@@ -146,6 +143,7 @@ sub check_file {
sub link_hash_cert {
my $fname = $_[0];
-+ my $hashopt = $_[1] || '-subject_hash';
++ my $x509hash = $_[1] || '-subject_hash';
$fname =~ s/'/'\\''/g;
-- my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in "$fname"`;
-+ my ($hash, $fprint) = `"$openssl" x509 $hashopt -fingerprint -noout -in "$fname"`;
+ my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;
chomp $hash;
- chomp $fprint;
- $fprint =~ s/^.*=//;
-@@ -150,6 +152,10 @@
+@@ -176,11 +174,21 @@ sub link_hash_cert {
$hashlist{$hash} = $fprint;
}
@@ -40,6 +56,16 @@ Index: openssl-1.0.0d/tools/c_rehash.in
+ link_hash_cert($_[0], '-subject_hash_old');
+}
+
++sub link_hash_crl_old {
++ link_hash_crl($_[0], '-hash_old');
++}
++
++
# Same as above except for a CRL. CRL links are of the form <hash>.r<n>
sub link_hash_crl {
+ my $fname = $_[0];
++ my $crlhash = $_[1] || "-hash";
+ $fname =~ s/'/'\\''/g;
+ my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`;
+ chomp $hash;
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/debian/debian-targets.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/debian/debian-targets.patch
index 8101edf0..39d43281 100644
--- a/meta-ilp32/recipes-overlayed/openssl/openssl/debian/debian-targets.patch
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl/debian/debian-targets.patch
@@ -1,12 +1,12 @@
Upstream-Status: Backport [debian]
-Index: openssl-1.0.1/Configure
+Index: openssl-1.0.2/Configure
===================================================================
---- openssl-1.0.1.orig/Configure 2012-03-17 15:37:54.000000000 +0000
-+++ openssl-1.0.1/Configure 2012-03-17 16:13:49.000000000 +0000
-@@ -105,6 +105,10 @@
+--- openssl-1.0.2.orig/Configure
++++ openssl-1.0.2/Configure
+@@ -107,6 +107,10 @@ my $gcc_devteam_warn = "-Wall -pedantic
- my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED";
+ my $clang_disabled_warnings = "-Wno-language-extension-token -Wno-extended-offsetof -Wno-padded -Wno-shorten-64-to-32 -Wno-format-nonliteral -Wno-missing-noreturn -Wno-unused-parameter -Wno-sign-conversion -Wno-unreachable-code -Wno-conversion -Wno-documentation -Wno-missing-variable-declarations -Wno-cast-align -Wno-incompatible-pointer-types-discards-qualifiers -Wno-missing-variable-declarations -Wno-missing-field-initializers -Wno-unused-macros -Wno-disabled-macro-expansion -Wno-conditional-uninitialized -Wno-switch-enum";
+# There are no separate CFLAGS/CPPFLAGS/LDFLAGS, set everything in CFLAGS
+my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . "-Wa,--noexecstack -Wall";
@@ -15,7 +15,7 @@ Index: openssl-1.0.1/Configure
my $strict_warnings = 0;
my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
-@@ -338,6 +342,48 @@
+@@ -343,6 +347,55 @@ my %table=(
"osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
"tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared::-msym:.so",
@@ -23,9 +23,9 @@ Index: openssl-1.0.1/Configure
+"debian-alpha","gcc:-DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-alpha-ev4","gcc:-DTERMIO ${debian_cflags} -mcpu=ev4::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-alpha-ev5","gcc:-DTERMIO ${debian_cflags} -mcpu=ev5::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-armeb","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-armel","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-armhf","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-arm64","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-armel","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-armhf","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::",
+"debian-avr32", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -fomit-frame-pointer::-D_REENTRANT::-ldl:BN_LLONG_BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-kfreebsd-amd64","gcc:-m64 -DL_ENDIAN -DTERMIOS ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -40,15 +40,21 @@ Index: openssl-1.0.1/Configure
+"debian-m68k","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-mips", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-mipsel", "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mipsn32", "mips64-linux-gnuabin32-gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mipsn32el", "mips64el-linux-gnuabin32-gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mips64", "mips64-linux-gnuabi64-gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mips64el", "mips64el-linux-gnuabi64-gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-netbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-netbsd-m68k", "gcc:-DB_ENDIAN -DTERMIOS ${debian_cflags}::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS ${debian_cflags} -mv8::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-openbsd-alpha","gcc:-DTERMIOS ${debian_cflags}::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-openbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-openbsd-mips","gcc:-DL_ENDIAN ${debian_cflags}::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-or1k", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-powerpcspe","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-ppc64","gcc:-m64 -DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-ppc64el","gcc:-m64 -DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64le:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-s390","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-s390x","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-sh3", "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -60,6 +66,7 @@ Index: openssl-1.0.1/Configure
+"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -mcpu=v8 -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -mcpu=v9 -Wa,-Av8plus -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-sparc64","gcc:-m64 -DB_ENDIAN -DTERMIO ${debian_cflags} -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-x32","gcc:-mx32 -DL_ENDIAN -DTERMIO ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::x32",
+
####
#### Variety of LINUX:-)
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/debian/make-targets.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/debian/make-targets.patch
deleted file mode 100644
index ee0a62c3..00000000
--- a/meta-ilp32/recipes-overlayed/openssl/openssl/debian/make-targets.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-Upstream-Status: Backport [debian]
-
-Index: openssl-1.0.1/Makefile.org
-===================================================================
---- openssl-1.0.1.orig/Makefile.org 2012-03-17 09:41:07.000000000 +0000
-+++ openssl-1.0.1/Makefile.org 2012-03-17 09:41:21.000000000 +0000
-@@ -135,7 +135,7 @@
-
- BASEADDR=
-
--DIRS= crypto ssl engines apps test tools
-+DIRS= crypto ssl engines apps tools
- ENGDIRS= ccgost
- SHLIBDIRS= crypto ssl
-
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/debian/version-script.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/debian/version-script.patch
index ece8b9b4..a2491800 100644
--- a/meta-ilp32/recipes-overlayed/openssl/openssl/debian/version-script.patch
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl/debian/version-script.patch
@@ -1,10 +1,8 @@
-Upstream-Status: Backport [debian]
-
-Index: openssl-1.0.1d/Configure
+Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/Configure
===================================================================
---- openssl-1.0.1d.orig/Configure 2013-02-06 19:41:43.000000000 +0100
-+++ openssl-1.0.1d/Configure 2013-02-06 19:41:43.000000000 +0100
-@@ -1621,6 +1621,8 @@
+--- openssl-1.0.2~beta1.obsolete.0.0498436515490575.orig/Configure 2014-02-24 21:02:30.000000000 +0100
++++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/Configure 2014-02-24 21:02:30.000000000 +0100
+@@ -1651,6 +1651,8 @@
}
}
@@ -13,11 +11,11 @@ Index: openssl-1.0.1d/Configure
open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
-Index: openssl-1.0.1d/openssl.ld
+Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/openssl.ld
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1d/openssl.ld 2013-02-06 19:44:25.000000000 +0100
-@@ -0,0 +1,4620 @@
++++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/openssl.ld 2014-02-24 22:19:08.601827266 +0100
+@@ -0,0 +1,4615 @@
+OPENSSL_1.0.0 {
+ global:
+ BIO_f_ssl;
@@ -2229,20 +2227,16 @@ Index: openssl-1.0.1d/openssl.ld
+ ERR_load_COMP_strings;
+ PKCS12_item_decrypt_d2i;
+ ASN1_UTF8STRING_it;
-+ ASN1_UTF8STRING_it;
+ ENGINE_unregister_ciphers;
+ ENGINE_get_ciphers;
+ d2i_OCSP_BASICRESP;
+ KRB5_CHECKSUM_it;
-+ KRB5_CHECKSUM_it;
+ EC_POINT_add;
+ ASN1_item_ex_i2d;
+ OCSP_CERTID_it;
-+ OCSP_CERTID_it;
+ d2i_OCSP_RESPBYTES;
+ X509V3_add1_i2d;
+ PKCS7_ENVELOPE_it;
-+ PKCS7_ENVELOPE_it;
+ UI_add_input_boolean;
+ ENGINE_unregister_RSA;
+ X509V3_EXT_nconf;
@@ -2254,19 +2248,15 @@ Index: openssl-1.0.1d/openssl.ld
+ ENGINE_register_all_RAND;
+ ENGINE_load_dynamic;
+ PBKDF2PARAM_it;
-+ PBKDF2PARAM_it;
+ EXTENDED_KEY_USAGE_new;
+ EC_GROUP_clear_free;
+ OCSP_sendreq_bio;
+ ASN1_item_digest;
+ OCSP_BASICRESP_delete_ext;
+ OCSP_SIGNATURE_it;
-+ OCSP_SIGNATURE_it;
-+ X509_CRL_it;
+ X509_CRL_it;
+ OCSP_BASICRESP_add_ext;
+ KRB5_ENCKEY_it;
-+ KRB5_ENCKEY_it;
+ UI_method_set_closer;
+ X509_STORE_set_purpose;
+ i2d_ASN1_GENERALSTRING;
@@ -2277,7 +2267,6 @@ Index: openssl-1.0.1d/openssl.ld
+ OCSP_REQUEST_get_ext_by_OBJ;
+ _ossl_old_des_random_key;
+ ASN1_T61STRING_it;
-+ ASN1_T61STRING_it;
+ EC_GROUP_method_of;
+ i2d_KRB5_APREQ;
+ _ossl_old_des_encrypt;
@@ -2293,7 +2282,6 @@ Index: openssl-1.0.1d/openssl.ld
+ OCSP_SINGLERESP_get_ext_count;
+ UI_ctrl;
+ _shadow_DES_rw_mode;
-+ _shadow_DES_rw_mode;
+ asn1_do_adb;
+ ASN1_template_i2d;
+ ENGINE_register_DH;
@@ -2307,8 +2295,6 @@ Index: openssl-1.0.1d/openssl.ld
+ KRB5_ENCKEY_free;
+ OCSP_resp_get0;
+ GENERAL_NAME_it;
-+ GENERAL_NAME_it;
-+ ASN1_GENERALIZEDTIME_it;
+ ASN1_GENERALIZEDTIME_it;
+ X509_STORE_set_flags;
+ EC_POINT_set_compressed_coordinates_GFp;
@@ -2330,21 +2316,18 @@ Index: openssl-1.0.1d/openssl.ld
+ EC_POINT_set_affine_coords_GFp;
+ _ossl_old_des_options;
+ SXNET_it;
-+ SXNET_it;
+ UI_dup_input_boolean;
+ PKCS12_add_CSPName_asc;
+ EC_POINT_is_at_infinity;
+ ENGINE_load_cryptodev;
+ DSO_convert_filename;
+ POLICYQUALINFO_it;
-+ POLICYQUALINFO_it;
+ ENGINE_register_ciphers;
+ BN_mod_lshift_quick;
+ DSO_set_filename;
+ ASN1_item_free;
+ KRB5_TKTBODY_free;
+ AUTHORITY_KEYID_it;
-+ AUTHORITY_KEYID_it;
+ KRB5_APREQBODY_new;
+ X509V3_EXT_REQ_add_nconf;
+ ENGINE_ctrl_cmd_string;
@@ -2352,19 +2335,15 @@ Index: openssl-1.0.1d/openssl.ld
+ EVP_MD_CTX_init;
+ EXTENDED_KEY_USAGE_free;
+ PKCS7_ATTR_SIGN_it;
-+ PKCS7_ATTR_SIGN_it;
+ UI_add_error_string;
+ KRB5_CHECKSUM_free;
+ OCSP_REQUEST_get_ext;
+ ENGINE_load_ubsec;
+ ENGINE_register_all_digests;
+ PKEY_USAGE_PERIOD_it;
-+ PKEY_USAGE_PERIOD_it;
+ PKCS12_unpack_authsafes;
+ ASN1_item_unpack;
+ NETSCAPE_SPKAC_it;
-+ NETSCAPE_SPKAC_it;
-+ X509_REVOKED_it;
+ X509_REVOKED_it;
+ ASN1_STRING_encode;
+ EVP_aes_128_ecb;
@@ -2376,7 +2355,6 @@ Index: openssl-1.0.1d/openssl.ld
+ UI_dup_info_string;
+ _ossl_old_des_xwhite_in2out;
+ PKCS12_it;
-+ PKCS12_it;
+ OCSP_SINGLERESP_get_ext_by_critical;
+ OCSP_SINGLERESP_get_ext_by_crit;
+ OCSP_CERTSTATUS_free;
@@ -2395,10 +2373,8 @@ Index: openssl-1.0.1d/openssl.ld
+ ENGINE_unregister_DSA;
+ _ossl_old_des_key_sched;
+ X509_EXTENSION_it;
-+ X509_EXTENSION_it;
+ i2d_KRB5_AUTHENT;
+ SXNETID_it;
-+ SXNETID_it;
+ d2i_OCSP_SINGLERESP;
+ EDIPARTYNAME_new;
+ PKCS12_certbag2x509;
@@ -2409,10 +2385,8 @@ Index: openssl-1.0.1d/openssl.ld
+ d2i_KRB5_APREQBODY;
+ UI_method_get_flusher;
+ X509_PUBKEY_it;
-+ X509_PUBKEY_it;
+ _ossl_old_des_enc_read;
+ PKCS7_ENCRYPT_it;
-+ PKCS7_ENCRYPT_it;
+ i2d_OCSP_RESPONSE;
+ EC_GROUP_get_cofactor;
+ PKCS12_unpack_p7data;
@@ -2430,10 +2404,8 @@ Index: openssl-1.0.1d/openssl.ld
+ PKCS12_item_i2d_encrypt;
+ X509_add1_ext_i2d;
+ PKCS7_SIGNER_INFO_it;
-+ PKCS7_SIGNER_INFO_it;
+ KRB5_PRINCNAME_new;
+ PKCS12_SAFEBAG_it;
-+ PKCS12_SAFEBAG_it;
+ EC_GROUP_get_order;
+ d2i_OCSP_RESPID;
+ OCSP_request_verify;
@@ -2448,42 +2420,32 @@ Index: openssl-1.0.1d/openssl.ld
+ EVP_MD_CTX_create;
+ OCSP_resp_find_status;
+ X509_ALGOR_it;
-+ X509_ALGOR_it;
-+ ASN1_TIME_it;
+ ASN1_TIME_it;
+ OCSP_request_set1_name;
+ OCSP_ONEREQ_get_ext_count;
+ UI_get0_result;
+ PKCS12_AUTHSAFES_it;
-+ PKCS12_AUTHSAFES_it;
+ EVP_aes_256_ecb;
+ PKCS12_pack_authsafes;
+ ASN1_IA5STRING_it;
-+ ASN1_IA5STRING_it;
+ UI_get_input_flags;
+ EC_GROUP_set_generator;
+ _ossl_old_des_string_to_2keys;
+ OCSP_CERTID_free;
+ X509_CERT_AUX_it;
-+ X509_CERT_AUX_it;
-+ CERTIFICATEPOLICIES_it;
+ CERTIFICATEPOLICIES_it;
+ _ossl_old_des_ede3_cbc_encrypt;
+ RAND_set_rand_engine;
+ DSO_get_loaded_filename;
+ X509_ATTRIBUTE_it;
-+ X509_ATTRIBUTE_it;
+ OCSP_ONEREQ_get_ext_by_NID;
+ PKCS12_decrypt_skey;
+ KRB5_AUTHENT_it;
-+ KRB5_AUTHENT_it;
+ UI_dup_error_string;
+ RSAPublicKey_it;
-+ RSAPublicKey_it;
+ i2d_OCSP_REQUEST;
+ PKCS12_x509crl2certbag;
+ OCSP_SERVICELOC_it;
-+ OCSP_SERVICELOC_it;
+ ASN1_item_sign;
+ X509_CRL_set_issuer_name;
+ OBJ_NAME_do_all_sorted;
@@ -2494,30 +2456,23 @@ Index: openssl-1.0.1d/openssl.ld
+ ENGINE_get_digest;
+ OCSP_RESPONSE_print;
+ KRB5_TKTBODY_it;
-+ KRB5_TKTBODY_it;
+ ACCESS_DESCRIPTION_it;
-+ ACCESS_DESCRIPTION_it;
-+ PKCS7_ISSUER_AND_SERIAL_it;
+ PKCS7_ISSUER_AND_SERIAL_it;
+ PBE2PARAM_it;
-+ PBE2PARAM_it;
+ PKCS12_certbag2x509crl;
+ PKCS7_SIGNED_it;
-+ PKCS7_SIGNED_it;
+ ENGINE_get_cipher;
+ i2d_OCSP_CRLID;
+ OCSP_SINGLERESP_new;
+ ENGINE_cmd_is_executable;
+ RSA_up_ref;
+ ASN1_GENERALSTRING_it;
-+ ASN1_GENERALSTRING_it;
+ ENGINE_register_DSA;
+ X509V3_EXT_add_nconf_sk;
+ ENGINE_set_load_pubkey_function;
+ PKCS8_decrypt;
+ PEM_bytes_read_bio;
+ DIRECTORYSTRING_it;
-+ DIRECTORYSTRING_it;
+ d2i_OCSP_CRLID;
+ EC_POINT_is_on_curve;
+ CRYPTO_set_locked_mem_ex_functions;
@@ -2525,7 +2480,6 @@ Index: openssl-1.0.1d/openssl.ld
+ d2i_KRB5_CHECKSUM;
+ ASN1_item_dup;
+ X509_it;
-+ X509_it;
+ BN_mod_add;
+ KRB5_AUTHDATA_free;
+ _ossl_old_des_cbc_cksum;
@@ -2534,7 +2488,6 @@ Index: openssl-1.0.1d/openssl.ld
+ EC_POINT_get_Jprojective_coordinates_GFp;
+ EC_POINT_get_Jproj_coords_GFp;
+ ZLONG_it;
-+ ZLONG_it;
+ CRYPTO_get_locked_mem_ex_functions;
+ CRYPTO_get_locked_mem_ex_funcs;
+ ASN1_TIME_check;
@@ -2544,41 +2497,30 @@ Index: openssl-1.0.1d/openssl.ld
+ _ossl_old_des_ede3_cfb64_encrypt;
+ _ossl_odes_ede3_cfb64_encrypt;
+ ASN1_BMPSTRING_it;
-+ ASN1_BMPSTRING_it;
+ ASN1_tag2bit;
+ UI_method_set_flusher;
+ X509_ocspid_print;
+ KRB5_ENCDATA_it;
-+ KRB5_ENCDATA_it;
+ ENGINE_get_load_pubkey_function;
+ UI_add_user_data;
+ OCSP_REQUEST_delete_ext;
+ UI_get_method;
+ OCSP_ONEREQ_free;
+ ASN1_PRINTABLESTRING_it;
-+ ASN1_PRINTABLESTRING_it;
+ X509_CRL_set_nextUpdate;
+ OCSP_REQUEST_it;
-+ OCSP_REQUEST_it;
-+ OCSP_BASICRESP_it;
+ OCSP_BASICRESP_it;
+ AES_ecb_encrypt;
+ BN_mod_sqr;
+ NETSCAPE_CERT_SEQUENCE_it;
-+ NETSCAPE_CERT_SEQUENCE_it;
-+ GENERAL_NAMES_it;
+ GENERAL_NAMES_it;
+ AUTHORITY_INFO_ACCESS_it;
-+ AUTHORITY_INFO_ACCESS_it;
-+ ASN1_FBOOLEAN_it;
+ ASN1_FBOOLEAN_it;
+ UI_set_ex_data;
+ _ossl_old_des_string_to_key;
+ ENGINE_register_all_RSA;
+ d2i_KRB5_PRINCNAME;
+ OCSP_RESPBYTES_it;
-+ OCSP_RESPBYTES_it;
-+ X509_CINF_it;
+ X509_CINF_it;
+ ENGINE_unregister_digests;
+ d2i_EDIPARTYNAME;
@@ -2588,7 +2530,6 @@ Index: openssl-1.0.1d/openssl.ld
+ OCSP_RESPDATA_free;
+ d2i_KRB5_TICKET;
+ OTHERNAME_it;
-+ OTHERNAME_it;
+ EVP_MD_CTX_cleanup;
+ d2i_ASN1_GENERALSTRING;
+ X509_CRL_set_version;
@@ -2598,7 +2539,6 @@ Index: openssl-1.0.1d/openssl.ld
+ OCSP_REQUEST_free;
+ OCSP_REQUEST_add1_ext_i2d;
+ X509_VAL_it;
-+ X509_VAL_it;
+ EC_POINTs_make_affine;
+ EC_POINT_mul;
+ X509V3_EXT_add_nconf;
@@ -2606,7 +2546,6 @@ Index: openssl-1.0.1d/openssl.ld
+ X509_CRL_add1_ext_i2d;
+ _ossl_old_des_fcrypt;
+ DISPLAYTEXT_it;
-+ DISPLAYTEXT_it;
+ X509_CRL_set_lastUpdate;
+ OCSP_BASICRESP_free;
+ OCSP_BASICRESP_add1_ext_i2d;
@@ -2619,7 +2558,6 @@ Index: openssl-1.0.1d/openssl.ld
+ UI_get0_result_string;
+ ASN1_GENERALSTRING_new;
+ X509_SIG_it;
-+ X509_SIG_it;
+ ERR_set_implementation;
+ ERR_load_EC_strings;
+ UI_get0_action_string;
@@ -2634,35 +2572,27 @@ Index: openssl-1.0.1d/openssl.ld
+ OCSP_ONEREQ_get_ext_by_OBJ;
+ ASN1_primitive_new;
+ ASN1_PRINTABLE_it;
-+ ASN1_PRINTABLE_it;
+ EVP_aes_192_ecb;
+ OCSP_SIGNATURE_new;
+ LONG_it;
-+ LONG_it;
-+ ASN1_VISIBLESTRING_it;
+ ASN1_VISIBLESTRING_it;
+ OCSP_SINGLERESP_add1_ext_i2d;
+ d2i_OCSP_CERTID;
+ ASN1_item_d2i_fp;
+ CRL_DIST_POINTS_it;
-+ CRL_DIST_POINTS_it;
+ GENERAL_NAME_print;
+ OCSP_SINGLERESP_delete_ext;
+ PKCS12_SAFEBAGS_it;
-+ PKCS12_SAFEBAGS_it;
+ d2i_OCSP_SIGNATURE;
+ OCSP_request_add1_nonce;
+ ENGINE_set_cmd_defns;
+ OCSP_SERVICELOC_free;
+ EC_GROUP_free;
+ ASN1_BIT_STRING_it;
-+ ASN1_BIT_STRING_it;
-+ X509_REQ_it;
+ X509_REQ_it;
+ _ossl_old_des_cbc_encrypt;
+ ERR_unload_strings;
+ PKCS7_SIGN_ENVELOPE_it;
-+ PKCS7_SIGN_ENVELOPE_it;
+ EDIPARTYNAME_free;
+ OCSP_REQINFO_free;
+ EC_GROUP_new_curve_GFp;
@@ -2687,7 +2617,6 @@ Index: openssl-1.0.1d/openssl.ld
+ OCSP_CRLID_free;
+ OCSP_BASICRESP_get1_ext_d2i;
+ RSAPrivateKey_it;
-+ RSAPrivateKey_it;
+ ENGINE_register_all_DH;
+ i2d_EDIPARTYNAME;
+ EC_POINT_get_affine_coordinates_GFp;
@@ -2695,10 +2624,8 @@ Index: openssl-1.0.1d/openssl.ld
+ OCSP_CRLID_new;
+ ENGINE_get_flags;
+ OCSP_ONEREQ_it;
-+ OCSP_ONEREQ_it;
+ UI_process;
+ ASN1_INTEGER_it;
-+ ASN1_INTEGER_it;
+ EVP_CipherInit_ex;
+ UI_get_string_type;
+ ENGINE_unregister_DH;
@@ -2707,7 +2634,6 @@ Index: openssl-1.0.1d/openssl.ld
+ bn_dup_expand;
+ OCSP_cert_id_new;
+ BASIC_CONSTRAINTS_it;
-+ BASIC_CONSTRAINTS_it;
+ BN_mod_add_quick;
+ EC_POINT_new;
+ EVP_MD_CTX_destroy;
@@ -2717,7 +2643,6 @@ Index: openssl-1.0.1d/openssl.ld
+ EC_POINT_free;
+ DH_up_ref;
+ X509_NAME_ENTRY_it;
-+ X509_NAME_ENTRY_it;
+ UI_get_ex_new_index;
+ BN_mod_sub_quick;
+ OCSP_ONEREQ_add_ext;
@@ -2730,7 +2655,6 @@ Index: openssl-1.0.1d/openssl.ld
+ ENGINE_register_complete;
+ X509V3_EXT_nconf_nid;
+ ASN1_SEQUENCE_it;
-+ ASN1_SEQUENCE_it;
+ UI_set_default_method;
+ RAND_query_egd_bytes;
+ UI_method_get_writer;
@@ -2738,8 +2662,6 @@ Index: openssl-1.0.1d/openssl.ld
+ PEM_def_callback;
+ ENGINE_cleanup;
+ DIST_POINT_it;
-+ DIST_POINT_it;
-+ OCSP_SINGLERESP_it;
+ OCSP_SINGLERESP_it;
+ d2i_KRB5_TKTBODY;
+ EC_POINT_cmp;
@@ -2758,24 +2680,20 @@ Index: openssl-1.0.1d/openssl.ld
+ OCSP_cert_to_id;
+ OCSP_RESPID_new;
+ OCSP_RESPDATA_it;
-+ OCSP_RESPDATA_it;
+ d2i_OCSP_RESPDATA;
+ ENGINE_register_all_complete;
+ OCSP_check_validity;
+ PKCS12_BAGS_it;
-+ PKCS12_BAGS_it;
+ OCSP_url_svcloc_new;
+ ASN1_template_free;
+ OCSP_SINGLERESP_add_ext;
+ KRB5_AUTHENTBODY_it;
-+ KRB5_AUTHENTBODY_it;
+ X509_supported_extension;
+ i2d_KRB5_AUTHDATA;
+ UI_method_get_opener;
+ ENGINE_set_ex_data;
+ OCSP_REQUEST_print;
+ CBIGNUM_it;
-+ CBIGNUM_it;
+ KRB5_TICKET_new;
+ KRB5_APREQ_new;
+ EC_GROUP_get_curve_GFp;
@@ -2785,27 +2703,20 @@ Index: openssl-1.0.1d/openssl.ld
+ OCSP_single_get0_status;
+ BN_swap;
+ POLICYINFO_it;
-+ POLICYINFO_it;
+ ENGINE_set_destroy_function;
+ asn1_enc_free;
+ OCSP_RESPID_it;
-+ OCSP_RESPID_it;
+ EC_GROUP_new;
+ EVP_aes_256_cbc;
+ i2d_KRB5_PRINCNAME;
+ _ossl_old_des_encrypt2;
+ _ossl_old_des_encrypt3;
+ PKCS8_PRIV_KEY_INFO_it;
-+ PKCS8_PRIV_KEY_INFO_it;
-+ OCSP_REQINFO_it;
+ OCSP_REQINFO_it;
+ PBEPARAM_it;
-+ PBEPARAM_it;
+ KRB5_AUTHENTBODY_new;
+ X509_CRL_add0_revoked;
+ EDIPARTYNAME_it;
-+ EDIPARTYNAME_it;
-+ NETSCAPE_SPKI_it;
+ NETSCAPE_SPKI_it;
+ UI_get0_test_string;
+ ENGINE_get_cipher_engine;
@@ -2817,14 +2728,12 @@ Index: openssl-1.0.1d/openssl.ld
+ UI_method_get_reader;
+ OCSP_BASICRESP_get_ext_count;
+ ASN1_ENUMERATED_it;
-+ ASN1_ENUMERATED_it;
+ UI_set_result;
+ i2d_KRB5_TICKET;
+ X509_print_ex_fp;
+ EVP_CIPHER_CTX_set_padding;
+ d2i_OCSP_RESPONSE;
+ ASN1_UTCTIME_it;
-+ ASN1_UTCTIME_it;
+ _ossl_old_des_enc_write;
+ OCSP_RESPONSE_new;
+ AES_set_encrypt_key;
@@ -2834,14 +2743,11 @@ Index: openssl-1.0.1d/openssl.ld
+ OCSP_onereq_get0_id;
+ ENGINE_set_default_ciphers;
+ NOTICEREF_it;
-+ NOTICEREF_it;
+ X509V3_EXT_CRL_add_nconf;
+ OCSP_REVOKEDINFO_it;
-+ OCSP_REVOKEDINFO_it;
+ AES_encrypt;
+ OCSP_REQUEST_new;
+ ASN1_ANY_it;
-+ ASN1_ANY_it;
+ CRYPTO_ex_data_new_class;
+ _ossl_old_des_ncbc_encrypt;
+ i2d_KRB5_TKTBODY;
@@ -2864,19 +2770,15 @@ Index: openssl-1.0.1d/openssl.ld
+ ENGINE_load_nuron;
+ _ossl_old_des_pcbc_encrypt;
+ PKCS12_MAC_DATA_it;
-+ PKCS12_MAC_DATA_it;
+ OCSP_accept_responses_new;
+ asn1_do_lock;
+ PKCS7_ATTR_VERIFY_it;
-+ PKCS7_ATTR_VERIFY_it;
-+ KRB5_APREQBODY_it;
+ KRB5_APREQBODY_it;
+ i2d_OCSP_SINGLERESP;
+ ASN1_item_ex_new;
+ UI_add_verify_string;
+ _ossl_old_des_set_key;
+ KRB5_PRINCNAME_it;
-+ KRB5_PRINCNAME_it;
+ EVP_DecryptInit_ex;
+ i2d_OCSP_CERTID;
+ ASN1_item_d2i_bio;
@@ -2890,20 +2792,17 @@ Index: openssl-1.0.1d/openssl.ld
+ OCSP_BASICRESP_new;
+ OCSP_REQUEST_get_ext_by_NID;
+ KRB5_APREQ_it;
-+ KRB5_APREQ_it;
+ ENGINE_get_destroy_function;
+ CONF_set_nconf;
+ ASN1_PRINTABLE_free;
+ OCSP_BASICRESP_get_ext_by_NID;
+ DIST_POINT_NAME_it;
-+ DIST_POINT_NAME_it;
+ X509V3_extensions_print;
+ _ossl_old_des_cfb64_encrypt;
+ X509_REVOKED_add1_ext_i2d;
+ _ossl_old_des_ofb_encrypt;
+ KRB5_TKTBODY_new;
+ ASN1_OCTET_STRING_it;
-+ ASN1_OCTET_STRING_it;
+ ERR_load_UI_strings;
+ i2d_KRB5_ENCKEY;
+ ASN1_template_new;
@@ -2911,8 +2810,6 @@ Index: openssl-1.0.1d/openssl.ld
+ ASN1_item_i2d_fp;
+ KRB5_PRINCNAME_free;
+ PKCS7_RECIP_INFO_it;
-+ PKCS7_RECIP_INFO_it;
-+ EXTENDED_KEY_USAGE_it;
+ EXTENDED_KEY_USAGE_it;
+ EC_GFp_simple_method;
+ EC_GROUP_precompute_mult;
@@ -2920,42 +2817,33 @@ Index: openssl-1.0.1d/openssl.ld
+ UI_method_set_writer;
+ KRB5_AUTHENT_new;
+ X509_CRL_INFO_it;
-+ X509_CRL_INFO_it;
+ DSO_set_name_converter;
+ AES_set_decrypt_key;
+ PKCS7_DIGEST_it;
-+ PKCS7_DIGEST_it;
+ PKCS12_x5092certbag;
+ EVP_DigestInit_ex;
+ i2a_ACCESS_DESCRIPTION;
+ OCSP_RESPONSE_it;
-+ OCSP_RESPONSE_it;
-+ PKCS7_ENC_CONTENT_it;
+ PKCS7_ENC_CONTENT_it;
+ OCSP_request_add0_id;
+ EC_POINT_make_affine;
+ DSO_get_filename;
+ OCSP_CERTSTATUS_it;
-+ OCSP_CERTSTATUS_it;
+ OCSP_request_add1_cert;
+ UI_get0_output_string;
+ UI_dup_verify_string;
+ BN_mod_lshift;
+ KRB5_AUTHDATA_it;
-+ KRB5_AUTHDATA_it;
+ asn1_set_choice_selector;
+ OCSP_basic_add1_status;
+ OCSP_RESPID_free;
+ asn1_get_field_ptr;
+ UI_add_input_string;
+ OCSP_CRLID_it;
-+ OCSP_CRLID_it;
+ i2d_KRB5_AUTHENTBODY;
+ OCSP_REQUEST_get_ext_count;
+ ENGINE_load_atalla;
+ X509_NAME_it;
-+ X509_NAME_it;
-+ USERNOTICE_it;
+ USERNOTICE_it;
+ OCSP_REQINFO_new;
+ OCSP_BASICRESP_get_ext;
@@ -2965,33 +2853,27 @@ Index: openssl-1.0.1d/openssl.ld
+ i2d_KRB5_ENCDATA;
+ X509_PURPOSE_set;
+ X509_REQ_INFO_it;
-+ X509_REQ_INFO_it;
+ UI_method_set_opener;
+ ASN1_item_ex_free;
+ ASN1_BOOLEAN_it;
-+ ASN1_BOOLEAN_it;
+ ENGINE_get_table_flags;
+ UI_create_method;
+ OCSP_ONEREQ_add1_ext_i2d;
+ _shadow_DES_check_key;
-+ _shadow_DES_check_key;
+ d2i_OCSP_REQINFO;
+ UI_add_info_string;
+ UI_get_result_minsize;
+ ASN1_NULL_it;
-+ ASN1_NULL_it;
+ BN_mod_lshift1;
+ d2i_OCSP_ONEREQ;
+ OCSP_ONEREQ_new;
+ KRB5_TICKET_it;
-+ KRB5_TICKET_it;
+ EVP_aes_192_cbc;
+ KRB5_TICKET_free;
+ UI_new;
+ OCSP_response_create;
+ _ossl_old_des_xcbc_encrypt;
+ PKCS7_it;
-+ PKCS7_it;
+ OCSP_REQUEST_get_ext_by_critical;
+ OCSP_REQUEST_get_ext_by_crit;
+ ENGINE_set_flags;
@@ -3000,11 +2882,9 @@ Index: openssl-1.0.1d/openssl.ld
+ EVP_Digest;
+ OCSP_ONEREQ_delete_ext;
+ ASN1_TBOOLEAN_it;
-+ ASN1_TBOOLEAN_it;
+ ASN1_item_new;
+ ASN1_TIME_to_generalizedtime;
+ BIGNUM_it;
-+ BIGNUM_it;
+ AES_cbc_encrypt;
+ ENGINE_get_load_privkey_function;
+ ENGINE_get_load_privkey_fn;
@@ -3016,7 +2896,6 @@ Index: openssl-1.0.1d/openssl.ld
+ EC_POINT_point2oct;
+ KRB5_APREQ_free;
+ ASN1_OBJECT_it;
-+ ASN1_OBJECT_it;
+ OCSP_crlID_new;
+ OCSP_crlID2_new;
+ CONF_modules_load_file;
@@ -3074,7 +2953,6 @@ Index: openssl-1.0.1d/openssl.ld
+ i2d_ASN1_UNIVERSALSTRING;
+ ASN1_UNIVERSALSTRING_free;
+ ASN1_UNIVERSALSTRING_it;
-+ ASN1_UNIVERSALSTRING_it;
+ d2i_ASN1_UNIVERSALSTRING;
+ EVP_des_ede3_ecb;
+ X509_REQ_print_ex;
@@ -3130,14 +3008,12 @@ Index: openssl-1.0.1d/openssl.ld
+ HMAC_CTX_set_flags;
+ d2i_PROXY_CERT_INFO_EXTENSION;
+ PROXY_POLICY_it;
-+ PROXY_POLICY_it;
+ i2d_PROXY_POLICY;
+ i2d_PROXY_CERT_INFO_EXTENSION;
+ d2i_PROXY_POLICY;
+ PROXY_CERT_INFO_EXTENSION_new;
+ PROXY_CERT_INFO_EXTENSION_free;
+ PROXY_CERT_INFO_EXTENSION_it;
-+ PROXY_CERT_INFO_EXTENSION_it;
+ PROXY_POLICY_free;
+ PROXY_POLICY_new;
+ BN_MONT_CTX_set_locked;
@@ -3174,7 +3050,6 @@ Index: openssl-1.0.1d/openssl.ld
+ BN_BLINDING_get_thread_id;
+ X509_STORE_CTX_set0_param;
+ POLICY_MAPPING_it;
-+ POLICY_MAPPING_it;
+ STORE_parse_attrs_start;
+ POLICY_CONSTRAINTS_free;
+ EVP_PKEY_add1_attr_by_NID;
@@ -3183,7 +3058,6 @@ Index: openssl-1.0.1d/openssl.ld
+ STORE_set_method;
+ GENERAL_SUBTREE_free;
+ NAME_CONSTRAINTS_it;
-+ NAME_CONSTRAINTS_it;
+ ECDH_get_default_method;
+ PKCS12_add_safe;
+ EC_KEY_new_by_curve_name;
@@ -3226,7 +3100,6 @@ Index: openssl-1.0.1d/openssl.ld
+ ENGINE_get_default_ECDH;
+ EC_KEY_get_conv_form;
+ ASN1_OCTET_STRING_NDEF_it;
-+ ASN1_OCTET_STRING_NDEF_it;
+ STORE_delete_public_key;
+ STORE_get_public_key;
+ STORE_modify_arbitrary;
@@ -3383,7 +3256,6 @@ Index: openssl-1.0.1d/openssl.ld
+ ENGINE_load_padlock;
+ EC_GROUP_set_curve_name;
+ X509_CERT_PAIR_it;
-+ X509_CERT_PAIR_it;
+ STORE_meth_get_revoke_fn;
+ STORE_method_get_revoke_function;
+ STORE_method_set_get_function;
@@ -3510,7 +3382,6 @@ Index: openssl-1.0.1d/openssl.ld
+ pqueue_pop;
+ STORE_ATTR_INFO_get0_cstr;
+ POLICY_CONSTRAINTS_it;
-+ POLICY_CONSTRAINTS_it;
+ STORE_get_ex_new_index;
+ EVP_PKEY_get_attr_by_OBJ;
+ X509_VERIFY_PARAM_add0_policy;
@@ -3558,8 +3429,6 @@ Index: openssl-1.0.1d/openssl.ld
+ STORE_modify_crl;
+ STORE_list_private_key_start;
+ POLICY_MAPPINGS_it;
-+ POLICY_MAPPINGS_it;
-+ GENERAL_SUBTREE_it;
+ GENERAL_SUBTREE_it;
+ EC_GROUP_get_curve_name;
+ PEM_write_X509_CERT_PAIR;
@@ -3692,15 +3561,12 @@ Index: openssl-1.0.1d/openssl.ld
+ BIO_set_callback_arg;
+ v3_addr_add_prefix;
+ IPAddressOrRange_it;
-+ IPAddressOrRange_it;
+ BIO_set_flags;
+ ASIdentifiers_it;
-+ ASIdentifiers_it;
+ v3_addr_get_range;
+ BIO_method_type;
+ v3_addr_inherits;
+ IPAddressChoice_it;
-+ IPAddressChoice_it;
+ AES_ige_encrypt;
+ v3_addr_add_range;
+ EVP_CIPHER_CTX_nid;
@@ -3721,7 +3587,6 @@ Index: openssl-1.0.1d/openssl.ld
+ BIO_clear_flags;
+ i2d_ASRange;
+ IPAddressRange_it;
-+ IPAddressRange_it;
+ IPAddressChoice_new;
+ ASIdentifierChoice_new;
+ ASRange_free;
@@ -3742,7 +3607,6 @@ Index: openssl-1.0.1d/openssl.ld
+ BIO_test_flags;
+ i2d_ASIdentifierChoice;
+ ASRange_it;
-+ ASRange_it;
+ d2i_ASIdentifiers;
+ ASRange_new;
+ d2i_IPAddressChoice;
@@ -3751,7 +3615,6 @@ Index: openssl-1.0.1d/openssl.ld
+ EVP_Cipher;
+ i2d_IPAddressOrRange;
+ ASIdOrRange_it;
-+ ASIdOrRange_it;
+ EVP_CIPHER_nid;
+ i2d_IPAddressChoice;
+ EVP_CIPHER_CTX_block_size;
@@ -3762,7 +3625,6 @@ Index: openssl-1.0.1d/openssl.ld
+ v3_addr_is_canonical;
+ i2d_IPAddressRange;
+ IPAddressFamily_it;
-+ IPAddressFamily_it;
+ v3_asid_inherits;
+ EVP_CIPHER_CTX_cipher;
+ EVP_CIPHER_CTX_get_app_data;
@@ -3772,7 +3634,6 @@ Index: openssl-1.0.1d/openssl.ld
+ d2i_IPAddressOrRange;
+ v3_addr_canonize;
+ ASIdentifierChoice_it;
-+ ASIdentifierChoice_it;
+ EVP_MD_CTX_md;
+ d2i_ASIdentifierChoice;
+ BIO_method_name;
@@ -3795,7 +3656,6 @@ Index: openssl-1.0.1d/openssl.ld
+ SEED_set_key;
+ EVP_seed_cfb128;
+ X509_EXTENSIONS_it;
-+ X509_EXTENSIONS_it;
+ X509_get1_ocsp;
+ OCSP_REQ_CTX_free;
+ i2d_X509_EXTENSIONS;
@@ -3803,7 +3663,6 @@ Index: openssl-1.0.1d/openssl.ld
+ OCSP_sendreq_new;
+ d2i_X509_EXTENSIONS;
+ X509_ALGORS_it;
-+ X509_ALGORS_it;
+ X509_ALGOR_get0;
+ X509_ALGOR_set0;
+ AES_unwrap_key;
@@ -3848,7 +3707,6 @@ Index: openssl-1.0.1d/openssl.ld
+ CMS_SignerInfo_verify;
+ CMS_data;
+ CMS_ContentInfo_it;
-+ CMS_ContentInfo_it;
+ d2i_CMS_ReceiptRequest;
+ CMS_compress;
+ CMS_digest_create;
@@ -3893,7 +3751,6 @@ Index: openssl-1.0.1d/openssl.ld
+ CMS_RecipientInfo_kekri_get0_id;
+ CMS_verify_receipt;
+ CMS_ReceiptRequest_it;
-+ CMS_ReceiptRequest_it;
+ PEM_read_bio_CMS;
+ CMS_get1_crls;
+ CMS_add0_recipient_key;
@@ -4032,7 +3889,6 @@ Index: openssl-1.0.1d/openssl.ld
+ TS_REQ_dup;
+ GENERAL_NAME_dup;
+ ASN1_SEQUENCE_ANY_it;
-+ ASN1_SEQUENCE_ANY_it;
+ WHIRLPOOL;
+ X509_STORE_get1_crls;
+ ENGINE_get_pkey_asn1_meth;
@@ -4103,7 +3959,6 @@ Index: openssl-1.0.1d/openssl.ld
+ DIST_POINT_set_dpname;
+ i2d_ISSUING_DIST_POINT;
+ ASN1_SET_ANY_it;
-+ ASN1_SET_ANY_it;
+ EVP_PKEY_CTX_get_data;
+ TS_STATUS_INFO_print_bio;
+ EVP_PKEY_derive_init;
@@ -4263,7 +4118,6 @@ Index: openssl-1.0.1d/openssl.ld
+ EVP_DigestSignFinal;
+ TS_RESP_CTX_set_def_policy;
+ NETSCAPE_X509_it;
-+ NETSCAPE_X509_it;
+ TS_RESP_create_response;
+ PKCS7_SIGNER_INFO_get0_algs;
+ TS_TST_INFO_get_nonce;
@@ -4322,7 +4176,6 @@ Index: openssl-1.0.1d/openssl.ld
+ EVP_CIPHER_do_all_sorted;
+ EVP_PKEY_CTX_free;
+ ISSUING_DIST_POINT_it;
-+ ISSUING_DIST_POINT_it;
+ d2i_TS_MSG_IMPRINT_fp;
+ X509_STORE_get1_certs;
+ EVP_PKEY_CTX_get_operation;
@@ -4615,7 +4468,6 @@ Index: openssl-1.0.1d/openssl.ld
+ X509_signature_dump;
+ d2i_RSA_PSS_PARAMS;
+ RSA_PSS_PARAMS_it;
-+ RSA_PSS_PARAMS_it;
+ RSA_PSS_PARAMS_free;
+ X509_sign_ctx;
+ i2d_RSA_PSS_PARAMS;
@@ -4638,10 +4490,151 @@ Index: openssl-1.0.1d/openssl.ld
+ CRYPTO_memcmp;
+} OPENSSL_1.0.1;
+
-Index: openssl-1.0.1d/engines/openssl.ld
++OPENSSL_1.0.2 {
++ global:
++ SSL_CTX_set_alpn_protos;
++ SSL_set_alpn_protos;
++ SSL_CTX_set_alpn_select_cb;
++ SSL_get0_alpn_selected;
++ SSL_CTX_set_custom_cli_ext;
++ SSL_CTX_set_custom_srv_ext;
++ SSL_CTX_set_srv_supp_data;
++ SSL_CTX_set_cli_supp_data;
++ SSL_set_cert_cb;
++ SSL_CTX_use_serverinfo;
++ SSL_CTX_use_serverinfo_file;
++ SSL_CTX_set_cert_cb;
++ SSL_CTX_get0_param;
++ SSL_get0_param;
++ SSL_certs_clear;
++ DTLSv1_2_method;
++ DTLSv1_2_server_method;
++ DTLSv1_2_client_method;
++ DTLS_method;
++ DTLS_server_method;
++ DTLS_client_method;
++ SSL_CTX_get_ssl_method;
++ SSL_CTX_get0_certificate;
++ SSL_CTX_get0_privatekey;
++ SSL_COMP_set0_compression_methods;
++ SSL_COMP_free_compression_methods;
++ SSL_CIPHER_find;
++ SSL_is_server;
++ SSL_CONF_CTX_new;
++ SSL_CONF_CTX_finish;
++ SSL_CONF_CTX_free;
++ SSL_CONF_CTX_set_flags;
++ SSL_CONF_CTX_clear_flags;
++ SSL_CONF_CTX_set1_prefix;
++ SSL_CONF_CTX_set_ssl;
++ SSL_CONF_CTX_set_ssl_ctx;
++ SSL_CONF_cmd;
++ SSL_CONF_cmd_argv;
++ SSL_CONF_cmd_value_type;
++ SSL_trace;
++ SSL_CIPHER_standard_name;
++ SSL_get_tlsa_record_byname;
++ ASN1_TIME_diff;
++ BIO_hex_string;
++ CMS_RecipientInfo_get0_pkey_ctx;
++ CMS_RecipientInfo_encrypt;
++ CMS_SignerInfo_get0_pkey_ctx;
++ CMS_SignerInfo_get0_md_ctx;
++ CMS_SignerInfo_get0_signature;
++ CMS_RecipientInfo_kari_get0_alg;
++ CMS_RecipientInfo_kari_get0_reks;
++ CMS_RecipientInfo_kari_get0_orig_id;
++ CMS_RecipientInfo_kari_orig_id_cmp;
++ CMS_RecipientEncryptedKey_get0_id;
++ CMS_RecipientEncryptedKey_cert_cmp;
++ CMS_RecipientInfo_kari_set0_pkey;
++ CMS_RecipientInfo_kari_get0_ctx;
++ CMS_RecipientInfo_kari_decrypt;
++ CMS_SharedInfo_encode;
++ DH_compute_key_padded;
++ d2i_DHxparams;
++ i2d_DHxparams;
++ DH_get_1024_160;
++ DH_get_2048_224;
++ DH_get_2048_256;
++ DH_KDF_X9_42;
++ ECDH_KDF_X9_62;
++ ECDSA_METHOD_new;
++ ECDSA_METHOD_free;
++ ECDSA_METHOD_set_app_data;
++ ECDSA_METHOD_get_app_data;
++ ECDSA_METHOD_set_sign;
++ ECDSA_METHOD_set_sign_setup;
++ ECDSA_METHOD_set_verify;
++ ECDSA_METHOD_set_flags;
++ ECDSA_METHOD_set_name;
++ EVP_des_ede3_wrap;
++ EVP_aes_128_wrap;
++ EVP_aes_192_wrap;
++ EVP_aes_256_wrap;
++ EVP_aes_128_cbc_hmac_sha256;
++ EVP_aes_256_cbc_hmac_sha256;
++ CRYPTO_128_wrap;
++ CRYPTO_128_unwrap;
++ OCSP_REQ_CTX_nbio;
++ OCSP_REQ_CTX_new;
++ OCSP_set_max_response_length;
++ OCSP_REQ_CTX_i2d;
++ OCSP_REQ_CTX_nbio_d2i;
++ OCSP_REQ_CTX_get0_mem_bio;
++ OCSP_REQ_CTX_http;
++ RSA_padding_add_PKCS1_OAEP_mgf1;
++ RSA_padding_check_PKCS1_OAEP_mgf1;
++ RSA_OAEP_PARAMS_free;
++ RSA_OAEP_PARAMS_it;
++ RSA_OAEP_PARAMS_new;
++ SSL_get_sigalgs;
++ SSL_get_shared_sigalgs;
++ SSL_check_chain;
++ X509_chain_up_ref;
++ X509_http_nbio;
++ X509_CRL_http_nbio;
++ X509_REVOKED_dup;
++ i2d_re_X509_tbs;
++ X509_get0_signature;
++ X509_get_signature_nid;
++ X509_CRL_diff;
++ X509_chain_check_suiteb;
++ X509_CRL_check_suiteb;
++ X509_check_host;
++ X509_check_email;
++ X509_check_ip;
++ X509_check_ip_asc;
++ X509_STORE_set_lookup_crls_cb;
++ X509_STORE_CTX_get0_store;
++ X509_VERIFY_PARAM_set1_host;
++ X509_VERIFY_PARAM_add1_host;
++ X509_VERIFY_PARAM_set_hostflags;
++ X509_VERIFY_PARAM_get0_peername;
++ X509_VERIFY_PARAM_set1_email;
++ X509_VERIFY_PARAM_set1_ip;
++ X509_VERIFY_PARAM_set1_ip_asc;
++ X509_VERIFY_PARAM_get0_name;
++ X509_VERIFY_PARAM_get_count;
++ X509_VERIFY_PARAM_get0;
++ X509V3_EXT_free;
++ EC_GROUP_get_mont_data;
++ EC_curve_nid2nist;
++ EC_curve_nist2nid;
++ PEM_write_bio_DHxparams;
++ PEM_write_DHxparams;
++ SSL_CTX_add_client_custom_ext;
++ SSL_CTX_add_server_custom_ext;
++ SSL_extension_supported;
++ BUF_strnlen;
++ sk_deep_copy;
++ SSL_test_functions;
++} OPENSSL_1.0.1d;
++
+Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/openssl.ld
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1d/engines/openssl.ld 2013-02-06 19:41:43.000000000 +0100
++++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/openssl.ld 2014-02-24 21:02:30.000000000 +0100
@@ -0,0 +1,10 @@
+OPENSSL_1.0.0 {
+ global:
@@ -4653,10 +4646,10 @@ Index: openssl-1.0.1d/engines/openssl.ld
+ *;
+};
+
-Index: openssl-1.0.1d/engines/ccgost/openssl.ld
+Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/ccgost/openssl.ld
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1d/engines/ccgost/openssl.ld 2013-02-06 19:41:43.000000000 +0100
++++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/ccgost/openssl.ld 2014-02-24 21:02:30.000000000 +0100
@@ -0,0 +1,10 @@
+OPENSSL_1.0.0 {
+ global:
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/debian1.0.2/block_digicert_malaysia.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/debian1.0.2/block_digicert_malaysia.patch
new file mode 100644
index 00000000..c43bcd1c
--- /dev/null
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl/debian1.0.2/block_digicert_malaysia.patch
@@ -0,0 +1,29 @@
+From: Raphael Geissert <geissert@debian.org>
+Description: make X509_verify_cert indicate that any certificate whose
+ name contains "Digicert Sdn. Bhd." (from Malaysia) is revoked.
+Forwarded: not-needed
+Origin: vendor
+Last-Update: 2011-11-05
+
+Upstream-Status: Backport [debian]
+
+
+Index: openssl-1.0.2~beta1/crypto/x509/x509_vfy.c
+===================================================================
+--- openssl-1.0.2~beta1.orig/crypto/x509/x509_vfy.c 2014-02-25 00:16:12.488028844 +0100
++++ openssl-1.0.2~beta1/crypto/x509/x509_vfy.c 2014-02-25 00:16:12.484028929 +0100
+@@ -964,10 +964,11 @@
+ for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
+ {
+ x = sk_X509_value(ctx->chain, i);
+- /* Mark DigiNotar certificates as revoked, no matter
+- * where in the chain they are.
++ /* Mark certificates containing the following names as
++ * revoked, no matter where in the chain they are.
+ */
+- if (x->name && strstr(x->name, "DigiNotar"))
++ if (x->name && (strstr(x->name, "DigiNotar") ||
++ strstr(x->name, "Digicert Sdn. Bhd.")))
+ {
+ ctx->error = X509_V_ERR_CERT_REVOKED;
+ ctx->error_depth = i;
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/debian1.0.2/block_diginotar.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/debian1.0.2/block_diginotar.patch
new file mode 100644
index 00000000..0c1a0b65
--- /dev/null
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl/debian1.0.2/block_diginotar.patch
@@ -0,0 +1,67 @@
+From: Raphael Geissert <geissert@debian.org>
+Description: make X509_verify_cert indicate that any certificate whose
+ name contains "DigiNotar" is revoked.
+Forwarded: not-needed
+Origin: vendor
+Last-Update: 2011-09-08
+Bug: http://bugs.debian.org/639744
+Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
+Reviewed-by: Dr Stephen N Henson <shenson@drh-consultancy.co.uk>
+
+This is not meant as final patch.
+
+Upstream-Status: Backport [debian]
+
+
+Index: openssl-1.0.2/crypto/x509/x509_vfy.c
+===================================================================
+--- openssl-1.0.2.orig/crypto/x509/x509_vfy.c
++++ openssl-1.0.2/crypto/x509/x509_vfy.c
+@@ -119,6 +119,7 @@ static int check_trust(X509_STORE_CTX *c
+ static int check_revocation(X509_STORE_CTX *ctx);
+ static int check_cert(X509_STORE_CTX *ctx);
+ static int check_policy(X509_STORE_CTX *ctx);
++static int check_ca_blacklist(X509_STORE_CTX *ctx);
+
+ static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
+ unsigned int *preasons, X509_CRL *crl, X509 *x);
+@@ -438,6 +439,9 @@ int X509_verify_cert(X509_STORE_CTX *ctx
+ if (!ok)
+ goto end;
+
++ ok = check_ca_blacklist(ctx);
++ if(!ok) goto end;
++
+ #ifndef OPENSSL_NO_RFC3779
+ /* RFC 3779 path validation, now that CRL check has been done */
+ ok = v3_asid_validate_path(ctx);
+@@ -938,6 +942,29 @@ static int check_crl_time(X509_STORE_CTX
+ return 1;
+ }
+
++static int check_ca_blacklist(X509_STORE_CTX *ctx)
++ {
++ X509 *x;
++ int i;
++ /* Check all certificates against the blacklist */
++ for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
++ {
++ x = sk_X509_value(ctx->chain, i);
++ /* Mark DigiNotar certificates as revoked, no matter
++ * where in the chain they are.
++ */
++ if (x->name && strstr(x->name, "DigiNotar"))
++ {
++ ctx->error = X509_V_ERR_CERT_REVOKED;
++ ctx->error_depth = i;
++ ctx->current_cert = x;
++ if (!ctx->verify_cb(0,ctx))
++ return 0;
++ }
++ }
++ return 1;
++ }
++
+ static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
+ X509 **pissuer, int *pscore, unsigned int *preasons,
+ STACK_OF(X509_CRL) *crls)
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/engines-install-in-libdir-ssl.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/engines-install-in-libdir-ssl.patch
index d8a6f1a2..a5746483 100644
--- a/meta-ilp32/recipes-overlayed/openssl/openssl/engines-install-in-libdir-ssl.patch
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl/engines-install-in-libdir-ssl.patch
@@ -1,11 +1,11 @@
Upstream-Status: Inappropriate [configuration]
-Index: openssl-1.0.0/engines/Makefile
+Index: openssl-1.0.2/engines/Makefile
===================================================================
---- openssl-1.0.0.orig/engines/Makefile
-+++ openssl-1.0.0/engines/Makefile
-@@ -107,7 +107,7 @@
+--- openssl-1.0.2.orig/engines/Makefile
++++ openssl-1.0.2/engines/Makefile
+@@ -107,13 +107,13 @@ install:
@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
@if [ -n "$(SHARED_LIBS)" ]; then \
set -e; \
@@ -14,16 +14,19 @@ Index: openssl-1.0.0/engines/Makefile
for l in $(LIBNAMES); do \
( echo installing $$l; \
pfx=lib; \
-@@ -119,13 +119,13 @@
+ if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
+ sfx=".so"; \
+- cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
++ cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \
+ else \
+ case "$(CFLAGS)" in \
+ *DSO_BEOS*) sfx=".so";; \
+@@ -122,10 +122,10 @@ install:
*DSO_WIN32*) sfx="eay32.dll"; pfx=;; \
*) sfx=".bad";; \
esac; \
- cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
+ cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \
- else \
- sfx=".so"; \
-- cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
-+ cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \
fi; \
- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
@@ -32,20 +35,25 @@ Index: openssl-1.0.0/engines/Makefile
done; \
fi
@target=install; $(RECURSIVE_MAKE)
-Index: openssl-1.0.0/engines/ccgost/Makefile
+Index: openssl-1.0.2/engines/ccgost/Makefile
===================================================================
---- openssl-1.0.0.orig/engines/ccgost/Makefile
-+++ openssl-1.0.0/engines/ccgost/Makefile
-@@ -53,13 +53,13 @@
+--- openssl-1.0.2.orig/engines/ccgost/Makefile
++++ openssl-1.0.2/engines/ccgost/Makefile
+@@ -47,7 +47,7 @@ install:
+ pfx=lib; \
+ if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
+ sfx=".so"; \
+- cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
++ cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+ else \
+ case "$(CFLAGS)" in \
+ *DSO_BEOS*) sfx=".so";; \
+@@ -56,10 +56,10 @@ install:
*DSO_WIN32*) sfx="eay32.dll"; pfx=;; \
*) sfx=".bad";; \
esac; \
- cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+ cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \
- else \
- sfx=".so"; \
-- cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
-+ cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \
fi; \
- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/fix-cipher-des-ede3-cfb1.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/fix-cipher-des-ede3-cfb1.patch
index f0e17784..06d1ea69 100644
--- a/meta-ilp32/recipes-overlayed/openssl/openssl/fix-cipher-des-ede3-cfb1.patch
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl/fix-cipher-des-ede3-cfb1.patch
@@ -6,17 +6,16 @@ http://rt.openssl.org/Ticket/Display.html?id=2867
Signed-Off-By: Muhammad Shakeel <muhammad_shakeel@mentor.com>
-diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
-index 3232cfe..df84922 100644
+Index: openssl-1.0.2/crypto/evp/e_des3.c
===================================================================
---- a/crypto/evp/e_des3.c
-+++ b/crypto/evp/e_des3.c
-@@ -173,7 +173,7 @@ static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+--- openssl-1.0.2.orig/crypto/evp/e_des3.c
++++ openssl-1.0.2/crypto/evp/e_des3.c
+@@ -211,7 +211,7 @@ static int des_ede3_cfb1_cipher(EVP_CIPH
size_t n;
- unsigned char c[1],d[1];
+ unsigned char c[1], d[1];
-- for(n=0 ; n < inl ; ++n)
-+ for(n=0 ; n < inl*8 ; ++n)
- {
- c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
- DES_ede3_cfb_encrypt(c,d,1,1,
+- for (n = 0; n < inl; ++n) {
++ for (n = 0; n * 8 < inl; ++n) {
+ c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
+ DES_ede3_cfb_encrypt(c, d, 1, 1,
+ &data(ctx)->ks1, &data(ctx)->ks2,
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/initial-aarch64-bits.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/initial-aarch64-bits.patch
deleted file mode 100644
index 770097db..00000000
--- a/meta-ilp32/recipes-overlayed/openssl/openssl/initial-aarch64-bits.patch
+++ /dev/null
@@ -1,120 +0,0 @@
-From: Andy Polyakov <appro@openssl.org>
-Date: Sun, 13 Oct 2013 17:15:15 +0000 (+0200)
-Subject: Initial aarch64 bits.
-X-Git-Url: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=039081b80977e2a5de84e1f88f8b4d025b559956
-
-Initial aarch64 bits.
-Upstream-Status: backport (will be included in 1.0.2)
----
- crypto/bn/bn_lcl.h | 9 +++++++++
- crypto/md32_common.h | 18 ++++++++++++++++++
- crypto/modes/modes_lcl.h | 8 ++++++++
- crypto/sha/sha512.c | 13 +++++++++++++
- 4 files changed, 48 insertions(+)
-
-Index: openssl-1.0.1f/crypto/bn/bn_lcl.h
-===================================================================
---- openssl-1.0.1f.orig/crypto/bn/bn_lcl.h 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/crypto/bn/bn_lcl.h 2014-02-28 10:37:55.495979037 +0200
-@@ -300,6 +300,15 @@
- : "r"(a), "r"(b));
- # endif
- # endif
-+# elif defined(__aarch64__) && defined(SIXTY_FOUR_BIT_LONG)
-+# if defined(__GNUC__) && __GNUC__>=2
-+# define BN_UMULT_HIGH(a,b) ({ \
-+ register BN_ULONG ret; \
-+ asm ("umulh %0,%1,%2" \
-+ : "=r"(ret) \
-+ : "r"(a), "r"(b)); \
-+ ret; })
-+# endif
- # endif /* cpu */
- #endif /* OPENSSL_NO_ASM */
-
-Index: openssl-1.0.1f/crypto/md32_common.h
-===================================================================
---- openssl-1.0.1f.orig/crypto/md32_common.h 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/crypto/md32_common.h 2014-02-28 10:39:21.751979107 +0200
-@@ -213,6 +213,24 @@
- asm ("bswapl %0":"=r"(r):"0"(r)); \
- *((unsigned int *)(c))=r; (c)+=4; r; })
- # endif
-+# elif defined(__aarch64__)
-+# if defined(__BYTE_ORDER__)
-+# if defined(__ORDER_LITTLE_ENDIAN__) && __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__
-+# define HOST_c2l(c,l) ({ unsigned int r; \
-+ asm ("rev %w0,%w1" \
-+ :"=r"(r) \
-+ :"r"(*((const unsigned int *)(c))));\
-+ (c)+=4; (l)=r; })
-+# define HOST_l2c(l,c) ({ unsigned int r; \
-+ asm ("rev %w0,%w1" \
-+ :"=r"(r) \
-+ :"r"((unsigned int)(l)));\
-+ *((unsigned int *)(c))=r; (c)+=4; r; })
-+# elif defined(__ORDER_BIG_ENDIAN__) && __BYTE_ORDER__==__ORDER_BIG_ENDIAN__
-+# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, (l))
-+# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, (l))
-+# endif
-+# endif
- # endif
- # endif
- #endif
-Index: openssl-1.0.1f/crypto/modes/modes_lcl.h
-===================================================================
---- openssl-1.0.1f.orig/crypto/modes/modes_lcl.h 2014-02-28 10:47:48.731979011 +0200
-+++ openssl-1.0.1f/crypto/modes/modes_lcl.h 2014-02-28 10:48:49.707978919 +0200
-@@ -29,6 +29,7 @@
- #if defined(__i386) || defined(__i386__) || \
- defined(__x86_64) || defined(__x86_64__) || \
- defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \
-+ defined(__aarch64__) || \
- defined(__s390__) || defined(__s390x__)
- # undef STRICT_ALIGNMENT
- #endif
-@@ -50,6 +51,13 @@
- # define BSWAP4(x) ({ u32 ret=(x); \
- asm ("bswapl %0" \
- : "+r"(ret)); ret; })
-+# elif defined(__aarch64__)
-+# define BSWAP8(x) ({ u64 ret; \
-+ asm ("rev %0,%1" \
-+ : "=r"(ret) : "r"(x)); ret; })
-+# define BSWAP4(x) ({ u32 ret; \
-+ asm ("rev %w0,%w1" \
-+ : "=r"(ret) : "r"(x)); ret; })
- # elif (defined(__arm__) || defined(__arm)) && !defined(STRICT_ALIGNMENT)
- # define BSWAP8(x) ({ u32 lo=(u64)(x)>>32,hi=(x); \
- asm ("rev %0,%0; rev %1,%1" \
-Index: openssl-1.0.1f/crypto/sha/sha512.c
-===================================================================
---- openssl-1.0.1f.orig/crypto/sha/sha512.c 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/crypto/sha/sha512.c 2014-02-28 10:52:14.579978981 +0200
-@@ -55,6 +55,7 @@
- #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
- defined(__x86_64) || defined(_M_AMD64) || defined(_M_X64) || \
- defined(__s390__) || defined(__s390x__) || \
-+ defined(__aarch64__) || \
- defined(SHA512_ASM)
- #define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
- #endif
-@@ -347,6 +348,18 @@
- asm ("rotrdi %0,%1,%2" \
- : "=r"(ret) \
- : "r"(a),"K"(n)); ret; })
-+# elif defined(__aarch64__)
-+# define ROTR(a,n) ({ SHA_LONG64 ret; \
-+ asm ("ror %0,%1,%2" \
-+ : "=r"(ret) \
-+ : "r"(a),"I"(n)); ret; })
-+# if defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__) && \
-+ __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__
-+# define PULL64(x) ({ SHA_LONG64 ret; \
-+ asm ("rev %0,%1" \
-+ : "=r"(ret) \
-+ : "r"(*((const SHA_LONG64 *)(&(x))))); ret; })
-+# endif
- # endif
- # elif defined(_MSC_VER)
- # if defined(_WIN64) /* applies to both IA-64 and AMD64 */
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/openssl-1.0.2a-x32-asm.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/openssl-1.0.2a-x32-asm.patch
new file mode 100644
index 00000000..1e5bfa17
--- /dev/null
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl/openssl-1.0.2a-x32-asm.patch
@@ -0,0 +1,46 @@
+https://rt.openssl.org/Ticket/Display.html?id=3759&user=guest&pass=guest
+
+From 6257d59b3a68d2feb9d64317a1c556dc3813ee61 Mon Sep 17 00:00:00 2001
+From: Mike Frysinger <vapier@gentoo.org>
+Date: Sat, 21 Mar 2015 06:01:25 -0400
+Subject: [PATCH] crypto: use bigint in x86-64 perl
+
+Upstream-Status: Pending
+Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
+
+When building on x32 systems where the default type is 32bit, make sure
+we can transparently represent 64bit integers. Otherwise we end up with
+build errors like:
+/usr/bin/perl asm/ghash-x86_64.pl elf > ghash-x86_64.s
+Integer overflow in hexadecimal number at asm/../../perlasm/x86_64-xlate.pl line 201, <> line 890.
+...
+ghash-x86_64.s: Assembler messages:
+ghash-x86_64.s:890: Error: junk '.15473355479995e+19' after expression
+
+We don't enable this globally as there are some cases where we'd get
+32bit values interpreted as unsigned when we need them as signed.
+
+Reported-by: Bertrand Jacquin <bertrand@jacquin.bzh>
+URL: https://bugs.gentoo.org/542618
+---
+ crypto/perlasm/x86_64-xlate.pl | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/crypto/perlasm/x86_64-xlate.pl b/crypto/perlasm/x86_64-xlate.pl
+index aae8288..0bf9774 100755
+--- a/crypto/perlasm/x86_64-xlate.pl
++++ b/crypto/perlasm/x86_64-xlate.pl
+@@ -195,6 +195,10 @@ my %globals;
+ sub out {
+ my $self = shift;
+
++ # When building on x32 ABIs, the expanded hex value might be too
++ # big to fit into 32bits. Enable transparent 64bit support here
++ # so we can safely print it out.
++ use bigint;
+ if ($gas) {
+ # Solaris /usr/ccs/bin/as can't handle multiplications
+ # in $self->{value}
+--
+2.3.3
+
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
index c161e62f..cebc8cf0 100644
--- a/meta-ilp32/recipes-overlayed/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
@@ -8,14 +8,16 @@ http://www.mail-archive.com/openssl-dev@openssl.org/msg32860.html
Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
---
---- a/crypto/evp/digest.c
-+++ b/crypto/evp/digest.c
-@@ -199,7 +199,7 @@
- return 0;
- }
+Index: openssl-1.0.2/crypto/evp/digest.c
+===================================================================
+--- openssl-1.0.2.orig/crypto/evp/digest.c
++++ openssl-1.0.2/crypto/evp/digest.c
+@@ -208,7 +208,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c
+ return 0;
+ }
#endif
-- if (ctx->digest != type)
-+ if (type && (ctx->digest != type))
- {
- if (ctx->digest && ctx->digest->ctx_size)
- OPENSSL_free(ctx->md_data);
+- if (ctx->digest != type) {
++ if (type && (ctx->digest != type)) {
+ if (ctx->digest && ctx->digest->ctx_size)
+ OPENSSL_free(ctx->md_data);
+ ctx->digest = type;
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch
deleted file mode 100644
index 3e93fe4e..00000000
--- a/meta-ilp32/recipes-overlayed/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-openssl: avoid NULL pointer dereference in dh_pub_encode()/dsa_pub_encode()
-
-We should avoid accessing the pointer if ASN1_STRING_new()
-allocates memory failed.
-
-Upstream-Status: Submitted
-http://www.mail-archive.com/openssl-dev@openssl.org/msg32859.html
-
-Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
----
---- a/crypto/dh/dh_ameth.c
-+++ b/crypto/dh/dh_ameth.c
-@@ -139,6 +139,12 @@
- dh=pkey->pkey.dh;
-
- str = ASN1_STRING_new();
-+ if (!str)
-+ {
-+ DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-+ goto err;
-+ }
-+
- str->length = i2d_DHparams(dh, &str->data);
- if (str->length <= 0)
- {
---- a/crypto/dsa/dsa_ameth.c
-+++ b/crypto/dsa/dsa_ameth.c
-@@ -148,6 +148,11 @@
- {
- ASN1_STRING *str;
- str = ASN1_STRING_new();
-+ if (!str)
-+ {
-+ DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-+ goto err;
-+ }
- str->length = i2d_DSAparams(dsa, &str->data);
- if (str->length <= 0)
- {
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/openssl-fix-link.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/openssl-fix-link.patch
deleted file mode 100644
index 154106cb..00000000
--- a/meta-ilp32/recipes-overlayed/openssl/openssl/openssl-fix-link.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From aabfb6f78af8e337d3239142117ba303fce55e7e Mon Sep 17 00:00:00 2001
-From: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
-Date: Thu, 22 Sep 2011 08:55:26 +0200
-Subject: [PATCH] fix the parallel build regarding shared libraries.
-
-Upstream-Status: Pending
----
- .../openssl-1.0.0e/Makefile.org | 8 ++++----
- 1 files changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/Makefile.org
-index 3c7aea1..6326cd6 100644
---- a/Makefile.org
-+++ b/Makefile.org
-@@ -243,13 +243,13 @@ build_libs: build_crypto build_ssl build_engines
-
- build_crypto:
- @dir=crypto; target=all; $(BUILD_ONE_CMD)
--build_ssl:
-+build_ssl: build_crypto
- @dir=ssl; target=all; $(BUILD_ONE_CMD)
--build_engines:
-+build_engines: build_crypto
- @dir=engines; target=all; $(BUILD_ONE_CMD)
--build_apps:
-+build_apps: build_crypto build_ssl
- @dir=apps; target=all; $(BUILD_ONE_CMD)
--build_tests:
-+build_tests: build_crypto build_ssl
- @dir=test; target=all; $(BUILD_ONE_CMD)
- build_tools:
- @dir=tools; target=all; $(BUILD_ONE_CMD)
---
-1.6.6.1
-
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/openssl_fix_for_x32.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/openssl_fix_for_x32.patch
index 93ce0343..cbce32c8 100644
--- a/meta-ilp32/recipes-overlayed/openssl/openssl/openssl_fix_for_x32.patch
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl/openssl_fix_for_x32.patch
@@ -6,64 +6,13 @@ Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/07/13
ported the patch to the 1.0.0e version
Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/12/01
-Index: openssl-1.0.1e/Configure
+Index: openssl-1.0.2/crypto/bn/bn.h
===================================================================
---- openssl-1.0.1e.orig/Configure
-+++ openssl-1.0.1e/Configure
-@@ -402,6 +402,7 @@ my %table=(
- "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-+"linux-x32", "gcc:-mx32 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::x32",
- "linux64-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
- #### So called "highgprs" target for z/Architecture CPUs
- # "Highgprs" is kernel feature first implemented in Linux 2.6.32, see
-Index: openssl-1.0.1e/crypto/bn/asm/x86_64-gcc.c
-===================================================================
---- openssl-1.0.1e.orig/crypto/bn/asm/x86_64-gcc.c
-+++ openssl-1.0.1e/crypto/bn/asm/x86_64-gcc.c
-@@ -55,7 +55,7 @@
- * machine.
- */
-
--#ifdef _WIN64
-+#if defined _WIN64 || !defined __LP64__
- #define BN_ULONG unsigned long long
- #else
- #define BN_ULONG unsigned long
-@@ -192,9 +192,9 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con
- asm (
- " subq %2,%2 \n"
- ".p2align 4 \n"
-- "1: movq (%4,%2,8),%0 \n"
-- " adcq (%5,%2,8),%0 \n"
-- " movq %0,(%3,%2,8) \n"
-+ "1: movq (%q4,%2,8),%0 \n"
-+ " adcq (%q5,%2,8),%0 \n"
-+ " movq %0,(%q3,%2,8) \n"
- " leaq 1(%2),%2 \n"
- " loop 1b \n"
- " sbbq %0,%0 \n"
-@@ -215,9 +215,9 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con
- asm (
- " subq %2,%2 \n"
- ".p2align 4 \n"
-- "1: movq (%4,%2,8),%0 \n"
-- " sbbq (%5,%2,8),%0 \n"
-- " movq %0,(%3,%2,8) \n"
-+ "1: movq (%q4,%2,8),%0 \n"
-+ " sbbq (%q5,%2,8),%0 \n"
-+ " movq %0,(%q3,%2,8) \n"
- " leaq 1(%2),%2 \n"
- " loop 1b \n"
- " sbbq %0,%0 \n"
-Index: openssl-1.0.1e/crypto/bn/bn.h
-===================================================================
---- openssl-1.0.1e.orig/crypto/bn/bn.h
-+++ openssl-1.0.1e/crypto/bn/bn.h
-@@ -172,6 +172,13 @@ extern "C" {
+--- openssl-1.0.2.orig/crypto/bn/bn.h
++++ openssl-1.0.2/crypto/bn/bn.h
+@@ -173,6 +173,13 @@ extern "C" {
+ # endif
# endif
- #endif
+/* Address type. */
+#ifdef _WIN64
@@ -72,19 +21,19 @@ Index: openssl-1.0.1e/crypto/bn/bn.h
+#define BN_ADDR unsigned long
+#endif
+
- /* assuming long is 64bit - this is the DEC Alpha
- * unsigned long long is only 64 bits :-(, don't define
- * BN_LLONG for the DEC Alpha */
-Index: openssl-1.0.1e/crypto/bn/bn_exp.c
+ /*
+ * assuming long is 64bit - this is the DEC Alpha unsigned long long is only
+ * 64 bits :-(, don't define BN_LLONG for the DEC Alpha
+Index: openssl-1.0.2/crypto/bn/bn_exp.c
===================================================================
---- openssl-1.0.1e.orig/crypto/bn/bn_exp.c
-+++ openssl-1.0.1e/crypto/bn/bn_exp.c
-@@ -567,7 +567,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBU
-
- /* Given a pointer value, compute the next address that is a cache line multiple. */
+--- openssl-1.0.2.orig/crypto/bn/bn_exp.c
++++ openssl-1.0.2/crypto/bn/bn_exp.c
+@@ -638,7 +638,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBU
+ * multiple.
+ */
#define MOD_EXP_CTIME_ALIGN(x_) \
-- ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
+- ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
+ ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ADDR)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
- /* This variant of BN_mod_exp_mont() uses fixed windows and the special
- * precomputation memory layout to limit data-dependency to a minimum
+ /*
+ * This variant of BN_mod_exp_mont() uses fixed windows and the special
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/ptest-deps.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/ptest-deps.patch
index 527e10c5..ef6d1793 100644
--- a/meta-ilp32/recipes-overlayed/openssl/openssl/ptest-deps.patch
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl/ptest-deps.patch
@@ -10,11 +10,11 @@ Upstream-Status: Inappropriate [config]
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
-diff --git a/test/Makefile b/test/Makefile
-index e6fcfb4..5ae043b 100644
---- a/test/Makefile
-+++ b/test/Makefile
-@@ -322,11 +322,11 @@ test_cms:
+Index: openssl-1.0.2/test/Makefile
+===================================================================
+--- openssl-1.0.2.orig/test/Makefile
++++ openssl-1.0.2/test/Makefile
+@@ -330,7 +330,7 @@ test_cms: ../apps/openssl$(EXE_EXT) cms-
@echo "CMS consistency test"
$(PERL) cms-test.pl
@@ -23,8 +23,12 @@ index e6fcfb4..5ae043b 100644
@echo "Test SRP"
../util/shlib_wrap.sh ./srptest
+@@ -342,7 +342,7 @@ test_v3name: $(V3NAMETEST)$(EXE_EXT)
+ @echo "Test X509v3_check_*"
+ ../util/shlib_wrap.sh ./$(V3NAMETEST)
+
-test_heartbeat: $(HEARTBEATTEST)$(EXE_EXT)
+test_heartbeat:
../util/shlib_wrap.sh ./$(HEARTBEATTEST)
- lint:
+ test_constant_time: $(CONSTTIMETEST)$(EXE_EXT)
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl/ptest_makefile_deps.patch b/meta-ilp32/recipes-overlayed/openssl/openssl/ptest_makefile_deps.patch
new file mode 100644
index 00000000..4202e61d
--- /dev/null
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl/ptest_makefile_deps.patch
@@ -0,0 +1,248 @@
+Additional Makefile dependencies removal for test targets
+
+Removing the dependency check for test targets as these tests are
+causing a number of failures and "noise" during ptest execution.
+
+Upstream-Status: Inappropriate [config]
+
+Signed-off-by: Maxin B. John <maxin.john@intel.com>
+
+diff -Naur openssl-1.0.2d-orig/test/Makefile openssl-1.0.2d/test/Makefile
+--- openssl-1.0.2d-orig/test/Makefile 2015-09-28 12:50:41.530022979 +0300
++++ openssl-1.0.2d/test/Makefile 2015-09-28 12:57:45.930717240 +0300
+@@ -155,67 +155,67 @@
+ ( $(MAKE) $$i && echo "PASS: $$i" ) || echo "FAIL: $$i"; \
+ done)
+
+-test_evp: $(EVPTEST)$(EXE_EXT) evptests.txt
++test_evp:
+ ../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
+
+-test_evp_extra: $(EVPEXTRATEST)$(EXE_EXT)
++test_evp_extra:
+ ../util/shlib_wrap.sh ./$(EVPEXTRATEST)
+
+-test_des: $(DESTEST)$(EXE_EXT)
++test_des:
+ ../util/shlib_wrap.sh ./$(DESTEST)
+
+-test_idea: $(IDEATEST)$(EXE_EXT)
++test_idea:
+ ../util/shlib_wrap.sh ./$(IDEATEST)
+
+-test_sha: $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT)
++test_sha:
+ ../util/shlib_wrap.sh ./$(SHATEST)
+ ../util/shlib_wrap.sh ./$(SHA1TEST)
+ ../util/shlib_wrap.sh ./$(SHA256TEST)
+ ../util/shlib_wrap.sh ./$(SHA512TEST)
+
+-test_mdc2: $(MDC2TEST)$(EXE_EXT)
++test_mdc2:
+ ../util/shlib_wrap.sh ./$(MDC2TEST)
+
+-test_md5: $(MD5TEST)$(EXE_EXT)
++test_md5:
+ ../util/shlib_wrap.sh ./$(MD5TEST)
+
+-test_md4: $(MD4TEST)$(EXE_EXT)
++test_md4:
+ ../util/shlib_wrap.sh ./$(MD4TEST)
+
+-test_hmac: $(HMACTEST)$(EXE_EXT)
++test_hmac:
+ ../util/shlib_wrap.sh ./$(HMACTEST)
+
+-test_wp: $(WPTEST)$(EXE_EXT)
++test_wp:
+ ../util/shlib_wrap.sh ./$(WPTEST)
+
+-test_md2: $(MD2TEST)$(EXE_EXT)
++test_md2:
+ ../util/shlib_wrap.sh ./$(MD2TEST)
+
+-test_rmd: $(RMDTEST)$(EXE_EXT)
++test_rmd:
+ ../util/shlib_wrap.sh ./$(RMDTEST)
+
+-test_bf: $(BFTEST)$(EXE_EXT)
++test_bf:
+ ../util/shlib_wrap.sh ./$(BFTEST)
+
+-test_cast: $(CASTTEST)$(EXE_EXT)
++test_cast:
+ ../util/shlib_wrap.sh ./$(CASTTEST)
+
+-test_rc2: $(RC2TEST)$(EXE_EXT)
++test_rc2:
+ ../util/shlib_wrap.sh ./$(RC2TEST)
+
+-test_rc4: $(RC4TEST)$(EXE_EXT)
++test_rc4:
+ ../util/shlib_wrap.sh ./$(RC4TEST)
+
+-test_rc5: $(RC5TEST)$(EXE_EXT)
++test_rc5:
+ ../util/shlib_wrap.sh ./$(RC5TEST)
+
+-test_rand: $(RANDTEST)$(EXE_EXT)
++test_rand:
+ ../util/shlib_wrap.sh ./$(RANDTEST)
+
+-test_enc: ../apps/openssl$(EXE_EXT) testenc
++test_enc:
+ @sh ./testenc
+
+-test_x509: ../apps/openssl$(EXE_EXT) tx509 testx509.pem v3-cert1.pem v3-cert2.pem
++test_x509:
+ echo test normal x509v1 certificate
+ sh ./tx509 2>/dev/null
+ echo test first x509v3 certificate
+@@ -223,25 +223,25 @@
+ echo test second x509v3 certificate
+ sh ./tx509 v3-cert2.pem 2>/dev/null
+
+-test_rsa: ../apps/openssl$(EXE_EXT) trsa testrsa.pem
++test_rsa:
+ @sh ./trsa 2>/dev/null
+ ../util/shlib_wrap.sh ./$(RSATEST)
+
+-test_crl: ../apps/openssl$(EXE_EXT) tcrl testcrl.pem
++test_crl:
+ @sh ./tcrl 2>/dev/null
+
+-test_sid: ../apps/openssl$(EXE_EXT) tsid testsid.pem
++test_sid:
+ @sh ./tsid 2>/dev/null
+
+-test_req: ../apps/openssl$(EXE_EXT) treq testreq.pem testreq2.pem
++test_req:
+ @sh ./treq 2>/dev/null
+ @sh ./treq testreq2.pem 2>/dev/null
+
+-test_pkcs7: ../apps/openssl$(EXE_EXT) tpkcs7 tpkcs7d testp7.pem pkcs7-1.pem
++test_pkcs7:
+ @sh ./tpkcs7 2>/dev/null
+ @sh ./tpkcs7d 2>/dev/null
+
+-test_bn: $(BNTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) bctest
++test_bn:
+ @echo starting big number library test, could take a while...
+ @../util/shlib_wrap.sh ./$(BNTEST) >tmp.bntest
+ @echo quit >>tmp.bntest
+@@ -250,33 +250,33 @@
+ @echo 'test a^b%c implementations'
+ ../util/shlib_wrap.sh ./$(EXPTEST)
+
+-test_ec: $(ECTEST)$(EXE_EXT)
++test_ec:
+ @echo 'test elliptic curves'
+ ../util/shlib_wrap.sh ./$(ECTEST)
+
+-test_ecdsa: $(ECDSATEST)$(EXE_EXT)
++test_ecdsa:
+ @echo 'test ecdsa'
+ ../util/shlib_wrap.sh ./$(ECDSATEST)
+
+-test_ecdh: $(ECDHTEST)$(EXE_EXT)
++test_ecdh:
+ @echo 'test ecdh'
+ ../util/shlib_wrap.sh ./$(ECDHTEST)
+
+-test_verify: ../apps/openssl$(EXE_EXT)
++test_verify:
+ @echo "The following command should have some OK's and some failures"
+ @echo "There are definitly a few expired certificates"
+ ../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs/demo ../certs/demo/*.pem
+
+-test_dh: $(DHTEST)$(EXE_EXT)
++test_dh:
+ @echo "Generate a set of DH parameters"
+ ../util/shlib_wrap.sh ./$(DHTEST)
+
+-test_dsa: $(DSATEST)$(EXE_EXT)
++test_dsa:
+ @echo "Generate a set of DSA parameters"
+ ../util/shlib_wrap.sh ./$(DSATEST)
+ ../util/shlib_wrap.sh ./$(DSATEST) -app2_1
+
+-test_gen testreq.pem: ../apps/openssl$(EXE_EXT) testgen test.cnf
++test_gen testreq.pem:
+ @echo "Generate and verify a certificate request"
+ @sh ./testgen
+
+@@ -288,13 +288,11 @@
+ @cat certCA.ss certU.ss > intP1.ss
+ @cat certCA.ss certU.ss certP1.ss > intP2.ss
+
+-test_engine: $(ENGINETEST)$(EXE_EXT)
++test_engine:
+ @echo "Manipulate the ENGINE structures"
+ ../util/shlib_wrap.sh ./$(ENGINETEST)
+
+-test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
+- intP1.ss intP2.ss $(SSLTEST)$(EXE_EXT) testssl testsslproxy \
+- ../apps/server2.pem serverinfo.pem
++test_ssl:
+ @echo "test SSL protocol"
+ @if [ -n "$(FIPSCANLIB)" ]; then \
+ sh ./testfipsssl keyU.ss certU.ss certCA.ss; \
+@@ -304,7 +302,7 @@
+ @sh ./testsslproxy keyP1.ss certP1.ss intP1.ss
+ @sh ./testsslproxy keyP2.ss certP2.ss intP2.ss
+
+-test_ca: ../apps/openssl$(EXE_EXT) testca CAss.cnf Uss.cnf
++test_ca:
+ @if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
+ echo "skipping CA.sh test -- requires RSA"; \
+ else \
+@@ -312,11 +310,11 @@
+ sh ./testca; \
+ fi
+
+-test_aes: #$(AESTEST)
++test_aes:
+ # @echo "test Rijndael"
+ # ../util/shlib_wrap.sh ./$(AESTEST)
+
+-test_tsa: ../apps/openssl$(EXE_EXT) testtsa CAtsa.cnf ../util/shlib_wrap.sh
++test_tsa:
+ @if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
+ echo "skipping testtsa test -- requires RSA"; \
+ else \
+@@ -331,7 +329,7 @@
+ @echo "Test JPAKE"
+ ../util/shlib_wrap.sh ./$(JPAKETEST)
+
+-test_cms: ../apps/openssl$(EXE_EXT) cms-test.pl smcont.txt
++test_cms:
+ @echo "CMS consistency test"
+ $(PERL) cms-test.pl
+
+@@ -339,22 +337,22 @@
+ @echo "Test SRP"
+ ../util/shlib_wrap.sh ./srptest
+
+-test_ocsp: ../apps/openssl$(EXE_EXT) tocsp
++test_ocsp:
+ @echo "Test OCSP"
+ @sh ./tocsp
+
+-test_v3name: $(V3NAMETEST)$(EXE_EXT)
++test_v3name:
+ @echo "Test X509v3_check_*"
+ ../util/shlib_wrap.sh ./$(V3NAMETEST)
+
+ test_heartbeat:
+ ../util/shlib_wrap.sh ./$(HEARTBEATTEST)
+
+-test_constant_time: $(CONSTTIMETEST)$(EXE_EXT)
++test_constant_time:
+ @echo "Test constant time utilites"
+ ../util/shlib_wrap.sh ./$(CONSTTIMETEST)
+
+-test_verify_extra: $(VERIFYEXTRATEST)$(EXE_EXT)
++test_verify_extra:
+ @echo $(START) $@
+ ../util/shlib_wrap.sh ./$(VERIFYEXTRATEST)
+
diff --git a/meta-ilp32/recipes-overlayed/openssl/openssl_1.0.1k.bb b/meta-ilp32/recipes-overlayed/openssl/openssl_1.0.2e.bb
index 16ffc58a..d2a265a7 100644
--- a/meta-ilp32/recipes-overlayed/openssl/openssl_1.0.1k.bb
+++ b/meta-ilp32/recipes-overlayed/openssl/openssl_1.0.2e.bb
@@ -11,47 +11,47 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8"
export DIRS = "crypto ssl apps engines"
export OE_LDFLAGS="${LDFLAGS}"
-SRC_URI += "file://configure-targets.patch \
+SRC_URI += "file://find.pl;subdir=${BP}/util/ \
+ file://run-ptest \
+ file://configure-targets.patch \
file://shared-libs.patch \
file://oe-ldflags.patch \
file://engines-install-in-libdir-ssl.patch \
- file://openssl-fix-link.patch \
- file://debian/version-script.patch \
- file://debian/pic.patch \
- file://debian/c_rehash-compat.patch \
+ file://debian1.0.2/block_diginotar.patch \
+ file://debian1.0.2/block_digicert_malaysia.patch \
file://debian/ca.patch \
- file://debian/make-targets.patch \
- file://debian/no-rpath.patch \
+ file://debian/c_rehash-compat.patch \
+ file://debian/debian-targets.patch \
file://debian/man-dir.patch \
file://debian/man-section.patch \
+ file://debian/no-rpath.patch \
file://debian/no-symbolic.patch \
- file://debian/debian-targets.patch \
+ file://debian/pic.patch \
+ file://debian/version-script.patch \
file://openssl_fix_for_x32.patch \
file://fix-cipher-des-ede3-cfb1.patch \
file://openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch \
- file://openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch \
- file://initial-aarch64-bits.patch \
- file://find.pl \
file://openssl-fix-des.pod-error.patch \
file://Makefiles-ptest.patch \
file://ptest-deps.patch \
- file://run-ptest \
+ file://crypto_use_bigint_in_x86-64_perl.patch \
+ file://openssl-1.0.2a-x32-asm.patch \
+ file://ptest_makefile_deps.patch \
+ file://configure-musl-target.patch \
"
-SRC_URI[md5sum] = "d4f002bd22a56881340105028842ae1f"
-SRC_URI[sha256sum] = "8f9faeaebad088e772f4ef5e38252d472be4d878c6b3a2718c10a4fcebe7a41c"
-
-PACKAGES =+ " \
- ${PN}-engines \
- ${PN}-engines-dbg \
- "
+SRC_URI[md5sum] = "5262bfa25b60ed9de9f28d5d52d77fc5"
+SRC_URI[sha256sum] = "e23ccafdb75cfcde782da0151731aa2185195ac745eea3846133f2e05c0e0bff"
+PACKAGES =+ "${PN}-engines"
FILES_${PN}-engines = "${libdir}/ssl/engines/*.so ${libdir}/engines"
-FILES_${PN}-engines-dbg = "${libdir}/ssl/engines/.debug"
-
-PARALLEL_MAKE = ""
-PARALLEL_MAKEINST = ""
+# The crypto_use_bigint patch means that perl's bignum module needs to be
+# installed, but some distributions (for example Fedora 23) don't ship it by
+# default. As the resulting error is very misleading check for bignum before
+# building.
do_configure_prepend() {
- cp ${WORKDIR}/find.pl ${S}/util/find.pl
+ if ! perl -Mbigint -e true; then
+ bbfatal "The perl module 'bignum' was not found but this is required to build openssl. Please install this module (often packaged as perl-bignum) and re-run bitbake."
+ fi
}