[OE-core] [PATCH] openssl: Upgrade 1.0.2k -> 1.0.2l

Jussi Kukkonen jussi.kukkonen at intel.com
Thu Jun 8 10:54:31 UTC 2017 

On 8 June 2017 at 11:18, Changhyeok Bae <changhyeok.bae at gmail.com> wrote:

> Patch fix-cipher-des-ede3-cfb1.patch was removed as it is included
> in this release.
>
> Signed-off-by: Changhyeok Bae <changhyeok.bae at gmail.com>
> ---
>  .../openssl/openssl/fix-cipher-des-ede3-cfb1.patch  | 21
> ---------------------
>  .../{openssl_1.0.2k.bb => openssl_1.0.2l.bb}        |  7 +++----
>  2 files changed, 3 insertions(+), 25 deletions(-)
>  delete mode 100644 meta/recipes-connectivity/openssl/openssl/fix-cipher-
> des-ede3-cfb1.patch
>  rename meta/recipes-connectivity/openssl/{openssl_1.0.2k.bb =>
> openssl_1.0.2l.bb} (90%)
>
> diff --git a/meta/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch
> b/meta/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch
> deleted file mode 100644
> index 2a318a4..0000000
> --- a/meta/recipes-connectivity/openssl/openssl/fix-cipher-
> des-ede3-cfb1.patch
> +++ /dev/null
> @@ -1,21 +0,0 @@
> -Upstream-Status: Submitted
> -
> -This patch adds the fix for one of the ciphers used in openssl, namely
> -the cipher des-ede3-cfb1. Complete bug log and patch is present here:
> -http://rt.openssl.org/Ticket/Display.html?id=2867
> -
> -Signed-off-by: Muhammad Shakeel <muhammad_shakeel at mentor.com>
> -
> -Index: openssl-1.0.2/crypto/evp/e_des3.c
> -===================================================================
> ---- openssl-1.0.2.orig/crypto/evp/e_des3.c
> -+++ openssl-1.0.2/crypto/evp/e_des3.c
> -@@ -211,7 +211,7 @@ static int des_ede3_cfb1_cipher(EVP_CIPH
> -     size_t n;
> -     unsigned char c[1], d[1];
> -
> --    for (n = 0; n < inl; ++n) {
> -+    for (n = 0; n * 8 < inl; ++n) {
> -         c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
> -         DES_ede3_cfb_encrypt(c, d, 1, 1,
> -                              &data(ctx)->ks1, &data(ctx)->ks2,
> diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb
> b/meta/recipes-connectivity/openssl/openssl_1.0.2l.bb
> similarity index 90%
> rename from meta/recipes-connectivity/openssl/openssl_1.0.2k.bb
> rename to meta/recipes-connectivity/openssl/openssl_1.0.2l.bb
> index 83d1a50..6390746 100644
> --- a/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb
> +++ b/meta/recipes-connectivity/openssl/openssl_1.0.2l.bb
> @@ -7,7 +7,7 @@ DEPENDS += "cryptodev-linux"
>  CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS"
>  CFLAG_append_class-native = " -fPIC"
>
> -LIC_FILES_CHKSUM = "file://LICENSE;md5=27ffa5d74bb5a337056c14b2ef93fbf6"
> +LIC_FILES_CHKSUM = "file://LICENSE;md5=057d9218c6180e1d9ee407572b2dd225"
>
>  export DIRS = "crypto ssl apps engines"
>  export OE_LDFLAGS="${LDFLAGS}"
> @@ -32,7 +32,6 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \
>              file://debian1.0.2/version-script.patch \
>              file://debian1.0.2/soname.patch \
>              file://openssl_fix_for_x32.patch \
> -            file://fix-cipher-des-ede3-cfb1.patch \
>              file://openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
> \
>

I think the patch mentioned above has been obsolete for many releases as
well: see
https://github.com/openssl/openssl/commit/ff2459b91877959bc1a3a8a927c6b5f473530f86

Cheers,
  Jussi


             file://openssl-fix-des.pod-error.patch \
>              file://Makefiles-ptest.patch \
> @@ -45,8 +44,8 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \
>              file://Use-SHA256-not-MD5-as-default-digest.patch \
>              file://0001-Fix-build-with-clang-using-external-assembler.patch
> \
>              "
> -SRC_URI[md5sum] = "f965fc0bf01bf882b31314b61391ae65"
> -SRC_URI[sha256sum] = "6b3977c61f2aedf0f96367dcfb5c6e
> 578cf37e7b8d913b4ecb6643c3cb88d8c0"
> +SRC_URI[md5sum] = "f85123cd390e864dfbe517e7616e6566"
> +SRC_URI[sha256sum] = "ce07195b659e75f4e1db4355286007
> 0061f156a98bb37b672b101ba6e3ddf30c"
>
>  PACKAGES =+ "${PN}-engines"
>  FILES_${PN}-engines = "${libdir}/ssl/engines/*.so ${libdir}/engines"
> --
> 2.7.4
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core at lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20170608/5d58c8a3/attachment-0002.html>

More information about the Openembedded-core mailing list