[OE-core] [PATCH v2] openssl: Upgrade 1.0.2k -> 1.0.2l
Changhyeok Bae
changhyeok.bae at gmail.com
Sat Jun 10 04:16:15 UTC 2017
test binaries (x86) is included in In openssl-1.0.2l source code and I will
remove those binaries and re-submit.
Thanks
Changhyeok
2017-06-09 22:13 GMT+09:00 Khem Raj <raj.khem at gmail.com>:
>
> On Thu, Jun 8, 2017 at 5:52 AM Changhyeok Bae <changhyeok.bae at gmail.com>
> wrote:
>
>> Dropped obsolete patches, because the new version contains them:
>> - fix-cipher-des-ede3-cfb1.patch
>> - openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
>>
>> Signed-off-by: Changhyeok Bae <changhyeok.bae at gmail.com>
>> ---
>> .../openssl/openssl/fix-cipher-des-ede3-cfb1.patch | 21
>> --------------------
>> ...-pointer-dereference-in-EVP_DigestInit_ex.patch | 23
>> ----------------------
>> .../{openssl_1.0.2k.bb => openssl_1.0.2l.bb} | 8 +++-----
>> 3 files changed, 3 insertions(+), 49 deletions(-)
>> delete mode 100644 meta/recipes-connectivity/openssl/openssl/fix-cipher-
>> des-ede3-cfb1.patch
>> delete mode 100644 meta/recipes-connectivity/
>> openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-
>> EVP_DigestInit_ex.patch
>> rename meta/recipes-connectivity/openssl/{openssl_1.0.2k.bb =>
>> openssl_1.0.2l.bb} (86%)
>>
>> diff --git a/meta/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch
>> b/meta/recipes-connectivity/openssl/openssl/fix-cipher-
>> des-ede3-cfb1.patch
>> deleted file mode 100644
>> index 2a318a4..0000000
>> --- a/meta/recipes-connectivity/openssl/openssl/fix-cipher-
>> des-ede3-cfb1.patch
>> +++ /dev/null
>> @@ -1,21 +0,0 @@
>> -Upstream-Status: Submitted
>> -
>> -This patch adds the fix for one of the ciphers used in openssl, namely
>> -the cipher des-ede3-cfb1. Complete bug log and patch is present here:
>> -http://rt.openssl.org/Ticket/Display.html?id=2867
>> -
>> -Signed-off-by: Muhammad Shakeel <muhammad_shakeel at mentor.com>
>> -
>> -Index: openssl-1.0.2/crypto/evp/e_des3.c
>> -===================================================================
>> ---- openssl-1.0.2.orig/crypto/evp/e_des3.c
>> -+++ openssl-1.0.2/crypto/evp/e_des3.c
>> -@@ -211,7 +211,7 @@ static int des_ede3_cfb1_cipher(EVP_CIPH
>> - size_t n;
>> - unsigned char c[1], d[1];
>> -
>> -- for (n = 0; n < inl; ++n) {
>> -+ for (n = 0; n * 8 < inl; ++n) {
>> - c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
>> - DES_ede3_cfb_encrypt(c, d, 1, 1,
>> - &data(ctx)->ks1, &data(ctx)->ks2,
>> diff --git a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-
>> NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
>> b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-
>> NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
>> deleted file mode 100644
>> index f736e5c..0000000
>> --- a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-
>> NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
>> +++ /dev/null
>> @@ -1,23 +0,0 @@
>> -openssl: avoid NULL pointer dereference in EVP_DigestInit_ex()
>> -
>> -We should avoid accessing the type pointer if it's NULL,
>> -this could happen if ctx->digest is not NULL.
>> -
>> -Upstream-Status: Submitted
>> -http://www.mail-archive.com/openssl-dev@openssl.org/msg32860.html
>> -
>> -Signed-off-by: Xufeng Zhang <xufeng.zhang at windriver.com>
>> ----
>> -Index: openssl-1.0.2h/crypto/evp/digest.c
>> -===================================================================
>> ---- openssl-1.0.2h.orig/crypto/evp/digest.c
>> -+++ openssl-1.0.2h/crypto/evp/digest.c
>> -@@ -211,7 +211,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c
>> - type = ctx->digest;
>> - }
>> - #endif
>> -- if (ctx->digest != type) {
>> -+ if (type && (ctx->digest != type)) {
>> - if (ctx->digest && ctx->digest->ctx_size) {
>> - OPENSSL_free(ctx->md_data);
>> - ctx->md_data = NULL;
>> diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb
>> b/meta/recipes-connectivity/openssl/openssl_1.0.2l.bb
>> similarity index 86%
>> rename from meta/recipes-connectivity/openssl/openssl_1.0.2k.bb
>> rename to meta/recipes-connectivity/openssl/openssl_1.0.2l.bb
>> index 83d1a50..a2ef2ac 100644
>> --- a/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb
>> +++ b/meta/recipes-connectivity/openssl/openssl_1.0.2l.bb
>> @@ -7,7 +7,7 @@ DEPENDS += "cryptodev-linux"
>> CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS"
>> CFLAG_append_class-native = " -fPIC"
>>
>> -LIC_FILES_CHKSUM = "file://LICENSE;md5=27ffa5d74bb5a337056c14b2ef93fbf6"
>> +LIC_FILES_CHKSUM = "file://LICENSE;md5=057d9218c6180e1d9ee407572b2dd225"
>>
>
> What resulted in this change
>
>>
>> export DIRS = "crypto ssl apps engines"
>> export OE_LDFLAGS="${LDFLAGS}"
>> @@ -32,8 +32,6 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \
>> file://debian1.0.2/version-script.patch \
>> file://debian1.0.2/soname.patch \
>> file://openssl_fix_for_x32.patch \
>> - file://fix-cipher-des-ede3-cfb1.patch \
>> - file://openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
>> \
>> file://openssl-fix-des.pod-error.patch \
>> file://Makefiles-ptest.patch \
>> file://ptest-deps.patch \
>> @@ -45,8 +43,8 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \
>> file://Use-SHA256-not-MD5-as-default-digest.patch \
>> file://0001-Fix-build-with-clang-using-external-assembler.patch
>> \
>> "
>> -SRC_URI[md5sum] = "f965fc0bf01bf882b31314b61391ae65"
>> -SRC_URI[sha256sum] = "6b3977c61f2aedf0f96367dcfb5c6e
>> 578cf37e7b8d913b4ecb6643c3cb88d8c0"
>> +SRC_URI[md5sum] = "f85123cd390e864dfbe517e7616e6566"
>> +SRC_URI[sha256sum] = "ce07195b659e75f4e1db4355286007
>> 0061f156a98bb37b672b101ba6e3ddf30c"
>>
>> PACKAGES =+ "${PN}-engines"
>> FILES_${PN}-engines = "${libdir}/ssl/engines/*.so ${libdir}/engines"
>> --
>> 2.7.4
>>
>> --
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core at lists.openembedded.org
>> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>>
>
--
Thanks
Changhyeok
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20170610/5d932415/attachment-0002.html>
More information about the Openembedded-core
mailing list