* [PATCH 1/9] openssl_1.0: merge openssl10.inc into the openssl_1.0.2o.bb recipe
@ 2018-07-24 2:38 Andre McCurdy
2018-07-24 2:38 ` [PATCH 2/9] openssl_1.0: minor recipe formatting tweaks etc Andre McCurdy
` (7 more replies)
0 siblings, 8 replies; 9+ messages in thread
From: Andre McCurdy @ 2018-07-24 2:38 UTC (permalink / raw)
To: openembedded-core
The openssl10.inc include file only has one user, so we can improve
maintainability by merging the include file into the recipe which
uses it.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
---
meta/recipes-connectivity/openssl/openssl10.inc | 296 --------------------
.../recipes-connectivity/openssl/openssl_1.0.2o.bb | 310 ++++++++++++++++++++-
2 files changed, 300 insertions(+), 306 deletions(-)
delete mode 100644 meta/recipes-connectivity/openssl/openssl10.inc
diff --git a/meta/recipes-connectivity/openssl/openssl10.inc b/meta/recipes-connectivity/openssl/openssl10.inc
deleted file mode 100644
index 1f8834f..0000000
--- a/meta/recipes-connectivity/openssl/openssl10.inc
+++ /dev/null
@@ -1,296 +0,0 @@
-SUMMARY = "Secure Socket Layer"
-DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools."
-HOMEPAGE = "http://www.openssl.org/"
-BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html"
-SECTION = "libs/network"
-
-# "openssl | SSLeay" dual license
-LICENSE = "openssl"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8"
-
-DEPENDS = "makedepend-native hostperl-runtime-native"
-DEPENDS_append_class-target = " openssl-native"
-
-PROVIDES += "openssl10"
-
-SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
- "
-S = "${WORKDIR}/openssl-${PV}"
-UPSTREAM_CHECK_REGEX = "openssl-(?P<pver>1\.0.+)\.tar"
-
-PACKAGECONFIG ?= "cryptodev-linux"
-PACKAGECONFIG[perl] = ",,,"
-PACKAGECONFIG[cryptodev-linux] = "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS,,cryptodev-linux"
-
-TERMIO_libc-musl = "-DTERMIOS"
-TERMIO ?= "-DTERMIO"
-# Avoid binaries being marked as requiring an executable stack since it
-# doesn't(which causes and this causes issues with SELinux
-CFLAG = "${@oe.utils.conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \
- ${TERMIO} ${CFLAGS} -Wall -Wa,--noexecstack"
-
-export DIRS = "crypto ssl apps"
-export EX_LIBS = "-lgcc -ldl"
-export AS = "${CC} -c"
-
-# openssl fails with ccache: https://bugzilla.yoctoproject.org/show_bug.cgi?id=12810
-CCACHE = ""
-
-inherit pkgconfig siteinfo multilib_header ptest relative_symlinks
-
-PACKAGES =+ "libcrypto libssl ${PN}-misc openssl-conf"
-FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}"
-FILES_libssl = "${libdir}/libssl${SOLIBS}"
-FILES_${PN} =+ " ${libdir}/ssl/*"
-FILES_${PN}-misc = "${libdir}/ssl/misc"
-RDEPENDS_${PN}-misc = "${@bb.utils.filter('PACKAGECONFIG', 'perl', d)}"
-
-# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto
-# package RRECOMMENDS on this package. This will enable the configuration
-# file to be installed for both the base openssl package and the libcrypto
-# package since the base openssl package depends on the libcrypto package.
-FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
-CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
-RRECOMMENDS_libcrypto += "openssl-conf"
-RDEPENDS_${PN}-ptest += "${PN}-misc make perl perl-module-filehandle bc"
-
-# Remove this to enable SSLv3. SSLv3 is defaulted to disabled due to the POODLE
-# vulnerability
-EXTRA_OECONF = " -no-ssl3"
-
-do_configure_prepend_darwin () {
- sed -i -e '/version-script=openssl\.ld/d' Configure
-}
-
-do_configure () {
- cd util
- perl perlpath.pl ${STAGING_BINDIR_NATIVE}
- cd ..
- ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/
-
- os=${HOST_OS}
- case $os in
- linux-gnueabi |\
- linux-gnuspe |\
- linux-musleabi |\
- linux-muslspe |\
- linux-musl )
- os=linux
- ;;
- *)
- ;;
- esac
- target="$os-${HOST_ARCH}"
- case $target in
- linux-arm)
- target=linux-armv4
- ;;
- linux-armeb)
- target=linux-elf-armeb
- ;;
- linux-aarch64*)
- target=linux-aarch64
- ;;
- linux-sh3)
- target=debian-sh3
- ;;
- linux-sh4)
- target=debian-sh4
- ;;
- linux-i486)
- target=debian-i386-i486
- ;;
- linux-i586 | linux-viac3)
- target=debian-i386-i586
- ;;
- linux-i686)
- target=debian-i386-i686/cmov
- ;;
- linux-gnux32-x86_64 | linux-muslx32-x86_64 )
- target=linux-x32
- ;;
- linux-gnu64-x86_64)
- target=linux-x86_64
- ;;
- linux-gnun32-mips*el)
- target=debian-mipsn32el
- ;;
- linux-gnun32-mips*)
- target=debian-mipsn32
- ;;
- linux-mips*64*el)
- target=debian-mips64el
- ;;
- linux-mips*64*)
- target=debian-mips64
- ;;
- linux-mips*el)
- target=debian-mipsel
- ;;
- linux-mips*)
- target=debian-mips
- ;;
- linux-microblaze*|linux-nios2*|linux-gnu*ilp32**)
- target=linux-generic32
- ;;
- linux-powerpc)
- target=linux-ppc
- ;;
- linux-powerpc64)
- target=linux-ppc64
- ;;
- linux-riscv64)
- target=linux-generic64
- ;;
- linux-riscv32)
- target=linux-generic32
- ;;
- linux-supersparc)
- target=linux-sparcv8
- ;;
- linux-sparc)
- target=linux-sparcv8
- ;;
- darwin-i386)
- target=darwin-i386-cc
- ;;
- esac
- # inject machine-specific flags
- sed -i -e "s|^\(\"$target\",\s*\"[^:]\+\):\([^:]\+\)|\1:${CFLAG}|g" Configure
- useprefix=${prefix}
- if [ "x$useprefix" = "x" ]; then
- useprefix=/
- fi
- libdirleaf="$(echo ${libdir} | sed s:$useprefix::)"
- perl ./Configure ${EXTRA_OECONF} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=${libdirleaf} $target
-}
-
-do_compile_prepend_class-target () {
- sed -i 's/\((OPENSSL=\)".*"/\1"openssl"/' Makefile
- oe_runmake depend
- cc_sanitized=`echo "${CC} ${CFLAG}" | sed -e 's,--sysroot=${STAGING_DIR_TARGET},,g' -e 's|${DEBUG_PREFIX_MAP}||g'`
- oe_runmake CC_INFO="${cc_sanitized}"
-}
-
-do_compile () {
- oe_runmake depend
- oe_runmake
-}
-
-do_compile_ptest () {
- # build dependencies for test directory too
- export DIRS="$DIRS test"
- oe_runmake depend
- oe_runmake buildtest
-}
-
-do_install () {
- # Create ${D}/${prefix} to fix parallel issues
- mkdir -p ${D}/${prefix}/
-
- oe_runmake INSTALL_PREFIX="${D}" MANDIR="${mandir}" install
-
- oe_libinstall -so libcrypto ${D}${libdir}
- oe_libinstall -so libssl ${D}${libdir}
-
- install -d ${D}${includedir}
- cp --dereference -R include/openssl ${D}${includedir}
-
- install -Dm 0755 ${WORKDIR}/openssl-c_rehash.sh ${D}${bindir}/c_rehash
- sed -i -e 's,/etc/openssl,${sysconfdir}/ssl,g' ${D}${bindir}/c_rehash
-
- oe_multilib_header openssl/opensslconf.h
- if [ "${@bb.utils.filter('PACKAGECONFIG', 'perl', d)}" ]; then
- sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/CA.pl
- sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/tsget
- else
- rm -f ${D}${libdir}/ssl/misc/CA.pl ${D}${libdir}/ssl/misc/tsget
- fi
-
- # Create SSL structure
- install -d ${D}${sysconfdir}/ssl/
- mv ${D}${libdir}/ssl/openssl.cnf \
- ${D}${libdir}/ssl/certs \
- ${D}${libdir}/ssl/private \
- \
- ${D}${sysconfdir}/ssl/
- ln -sf ${sysconfdir}/ssl/certs ${D}${libdir}/ssl/certs
- ln -sf ${sysconfdir}/ssl/private ${D}${libdir}/ssl/private
- ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${libdir}/ssl/openssl.cnf
-
- # Rename man pages to prefix openssl10-*
- for f in `find ${D}${mandir} -type f`; do
- mv $f $(dirname $f)/openssl10-$(basename $f)
- done
- for f in `find ${D}${mandir} -type l`; do
- ln_f=`readlink $f`
- rm -f $f
- ln -s openssl10-$ln_f $(dirname $f)/openssl10-$(basename $f)
- done
-}
-
-do_install_ptest () {
- cp -r -L Makefile.org Makefile test ${D}${PTEST_PATH}
-
- # Replace the path to native perl with the path to target perl
- sed -i 's,^PERL=.*,PERL=${bindir}/perl,' ${D}${PTEST_PATH}/Makefile
-
- cp Configure config e_os.h ${D}${PTEST_PATH}
- cp -r -L include ${D}${PTEST_PATH}
- ln -sf ${libdir}/libcrypto.a ${D}${PTEST_PATH}
- ln -sf ${libdir}/libssl.a ${D}${PTEST_PATH}
- mkdir -p ${D}${PTEST_PATH}/crypto
- cp crypto/constant_time_locl.h ${D}${PTEST_PATH}/crypto
- cp -r certs ${D}${PTEST_PATH}
- mkdir -p ${D}${PTEST_PATH}/apps
- ln -sf ${libdir}/ssl/misc/CA.sh ${D}${PTEST_PATH}/apps
- ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${PTEST_PATH}/apps
- ln -sf ${bindir}/openssl ${D}${PTEST_PATH}/apps
- cp apps/server.pem ${D}${PTEST_PATH}/apps
- cp apps/server2.pem ${D}${PTEST_PATH}/apps
- mkdir -p ${D}${PTEST_PATH}/util
- install util/opensslwrap.sh ${D}${PTEST_PATH}/util
- install util/shlib_wrap.sh ${D}${PTEST_PATH}/util
- # Time stamps are relevant for "make alltests", otherwise
- # make may try to recompile binaries. Not only must the
- # binary files be newer than the sources, they also must
- # be more recent than the header files in /usr/include.
- #
- # Using "cp -a" is not sufficient, because do_install
- # does not preserve the original time stamps.
- #
- # So instead of using the original file stamps, we set
- # the current time for all files. Binaries will get
- # modified again later when stripping them, but that's okay.
- touch ${D}${PTEST_PATH}
- find ${D}${PTEST_PATH} -type f -print0 | xargs --verbose -0 touch -r ${D}${PTEST_PATH}
-
- # exclude binary files or the package won't install
- for d in ssltest_old v3ext x509aux; do
- rm -rf ${D}${libdir}/${BPN}/ptest/test/$d
- done
-
- # Remove build host references
- sed -i \
- -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \
- -e 's|${DEBUG_PREFIX_MAP}||g' \
- ${D}${PTEST_PATH}/Makefile ${D}${PTEST_PATH}/Configure
-}
-
-do_install_append_class-native() {
- create_wrapper ${D}${bindir}/openssl \
- OPENSSL_CONF=${libdir}/ssl/openssl.cnf \
- SSL_CERT_DIR=${libdir}/ssl/certs \
- SSL_CERT_FILE=${libdir}/ssl/cert.pem \
- OPENSSL_ENGINES=${libdir}/ssl/engines
-}
-
-do_install_append_class-nativesdk() {
- mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d
- install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
-}
-
-FILES_${PN}_append_class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh"
-
-BBCLASSEXTEND = "native nativesdk"
-
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
index 7cae553..619f3d8 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
@@ -1,17 +1,20 @@
-require openssl10.inc
-
-# For target side versions of openssl enable support for OCF Linux driver
-# if they are available.
-
-CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS"
-CFLAG_append_class-native = " -fPIC"
+SUMMARY = "Secure Socket Layer"
+DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools."
+HOMEPAGE = "http://www.openssl.org/"
+BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html"
+SECTION = "libs/network"
+# "openssl | SSLeay" dual license
+LICENSE = "openssl"
LIC_FILES_CHKSUM = "file://LICENSE;md5=f475368924827d06d4b416111c8bdb77"
-export DIRS = "crypto ssl apps engines"
-export OE_LDFLAGS="${LDFLAGS}"
+DEPENDS = "makedepend-native hostperl-runtime-native"
+DEPENDS_append_class-target = " openssl-native"
+
+PROVIDES += "openssl10"
-SRC_URI += "file://find.pl;subdir=openssl-${PV}/util/ \
+SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
+ file://find.pl;subdir=openssl-${PV}/util/ \
file://run-ptest \
file://openssl-c_rehash.sh \
file://configure-targets.patch \
@@ -55,9 +58,64 @@ SRC_URI_append_class-nativesdk = " \
SRC_URI[md5sum] = "44279b8557c3247cbe324e2322ecd114"
SRC_URI[sha256sum] = "ec3f5c9714ba0fd45cb4e087301eb1336c317e0d20b575a125050470e8089e4d"
+S = "${WORKDIR}/openssl-${PV}"
+UPSTREAM_CHECK_REGEX = "openssl-(?P<pver>1\.0.+)\.tar"
+
+PACKAGECONFIG ?= "cryptodev-linux"
+PACKAGECONFIG[perl] = ",,,"
+PACKAGECONFIG[cryptodev-linux] = "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS,,cryptodev-linux"
+
+TERMIO_libc-musl = "-DTERMIOS"
+TERMIO ?= "-DTERMIO"
+# Avoid binaries being marked as requiring an executable stack since it
+# doesn't(which causes and this causes issues with SELinux
+CFLAG = "${@oe.utils.conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \
+ ${TERMIO} ${CFLAGS} -Wall -Wa,--noexecstack"
+
+# For target side versions of openssl enable support for OCF Linux driver
+# if they are available.
+
+CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS"
+CFLAG_append_class-native = " -fPIC"
+
+export DIRS = "crypto ssl apps engines"
+export EX_LIBS = "-lgcc -ldl"
+export AS = "${CC} -c"
+
+export OE_LDFLAGS = "${LDFLAGS}"
+
+# openssl fails with ccache: https://bugzilla.yoctoproject.org/show_bug.cgi?id=12810
+CCACHE = ""
+
+inherit pkgconfig siteinfo multilib_header ptest relative_symlinks
+
+PACKAGES =+ "libcrypto libssl ${PN}-misc openssl-conf"
+FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}"
+FILES_libssl = "${libdir}/libssl${SOLIBS}"
+FILES_${PN} =+ " ${libdir}/ssl/*"
+FILES_${PN}-misc = "${libdir}/ssl/misc"
+RDEPENDS_${PN}-misc = "${@bb.utils.filter('PACKAGECONFIG', 'perl', d)}"
+
+# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto
+# package RRECOMMENDS on this package. This will enable the configuration
+# file to be installed for both the base openssl package and the libcrypto
+# package since the base openssl package depends on the libcrypto package.
+FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
+CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
+RRECOMMENDS_libcrypto += "openssl-conf"
+RDEPENDS_${PN}-ptest += "${PN}-misc make perl perl-module-filehandle bc"
+
PACKAGES =+ "${PN}-engines"
FILES_${PN}-engines = "${libdir}/ssl/engines/*.so ${libdir}/engines"
+# Remove this to enable SSLv3. SSLv3 is defaulted to disabled due to the POODLE
+# vulnerability
+EXTRA_OECONF = " -no-ssl3"
+
+do_configure_prepend_darwin () {
+ sed -i -e '/version-script=openssl\.ld/d' Configure
+}
+
# The crypto_use_bigint patch means that perl's bignum module needs to be
# installed, but some distributions (for example Fedora 23) don't ship it by
# default. As the resulting error is very misleading check for bignum before
@@ -67,3 +125,235 @@ do_configure_prepend() {
bbfatal "The perl module 'bignum' was not found but this is required to build openssl. Please install this module (often packaged as perl-bignum) and re-run bitbake."
fi
}
+
+do_configure () {
+ cd util
+ perl perlpath.pl ${STAGING_BINDIR_NATIVE}
+ cd ..
+ ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/
+
+ os=${HOST_OS}
+ case $os in
+ linux-gnueabi |\
+ linux-gnuspe |\
+ linux-musleabi |\
+ linux-muslspe |\
+ linux-musl )
+ os=linux
+ ;;
+ *)
+ ;;
+ esac
+ target="$os-${HOST_ARCH}"
+ case $target in
+ linux-arm)
+ target=linux-armv4
+ ;;
+ linux-armeb)
+ target=linux-elf-armeb
+ ;;
+ linux-aarch64*)
+ target=linux-aarch64
+ ;;
+ linux-sh3)
+ target=debian-sh3
+ ;;
+ linux-sh4)
+ target=debian-sh4
+ ;;
+ linux-i486)
+ target=debian-i386-i486
+ ;;
+ linux-i586 | linux-viac3)
+ target=debian-i386-i586
+ ;;
+ linux-i686)
+ target=debian-i386-i686/cmov
+ ;;
+ linux-gnux32-x86_64 | linux-muslx32-x86_64 )
+ target=linux-x32
+ ;;
+ linux-gnu64-x86_64)
+ target=linux-x86_64
+ ;;
+ linux-gnun32-mips*el)
+ target=debian-mipsn32el
+ ;;
+ linux-gnun32-mips*)
+ target=debian-mipsn32
+ ;;
+ linux-mips*64*el)
+ target=debian-mips64el
+ ;;
+ linux-mips*64*)
+ target=debian-mips64
+ ;;
+ linux-mips*el)
+ target=debian-mipsel
+ ;;
+ linux-mips*)
+ target=debian-mips
+ ;;
+ linux-microblaze*|linux-nios2*|linux-gnu*ilp32**)
+ target=linux-generic32
+ ;;
+ linux-powerpc)
+ target=linux-ppc
+ ;;
+ linux-powerpc64)
+ target=linux-ppc64
+ ;;
+ linux-riscv64)
+ target=linux-generic64
+ ;;
+ linux-riscv32)
+ target=linux-generic32
+ ;;
+ linux-supersparc)
+ target=linux-sparcv8
+ ;;
+ linux-sparc)
+ target=linux-sparcv8
+ ;;
+ darwin-i386)
+ target=darwin-i386-cc
+ ;;
+ esac
+ # inject machine-specific flags
+ sed -i -e "s|^\(\"$target\",\s*\"[^:]\+\):\([^:]\+\)|\1:${CFLAG}|g" Configure
+ useprefix=${prefix}
+ if [ "x$useprefix" = "x" ]; then
+ useprefix=/
+ fi
+ libdirleaf="$(echo ${libdir} | sed s:$useprefix::)"
+ perl ./Configure ${EXTRA_OECONF} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=${libdirleaf} $target
+}
+
+do_compile_prepend_class-target () {
+ sed -i 's/\((OPENSSL=\)".*"/\1"openssl"/' Makefile
+ oe_runmake depend
+ cc_sanitized=`echo "${CC} ${CFLAG}" | sed -e 's,--sysroot=${STAGING_DIR_TARGET},,g' -e 's|${DEBUG_PREFIX_MAP}||g'`
+ oe_runmake CC_INFO="${cc_sanitized}"
+}
+
+do_compile () {
+ oe_runmake depend
+ oe_runmake
+}
+
+do_compile_ptest () {
+ # build dependencies for test directory too
+ export DIRS="$DIRS test"
+ oe_runmake depend
+ oe_runmake buildtest
+}
+
+do_install () {
+ # Create ${D}/${prefix} to fix parallel issues
+ mkdir -p ${D}/${prefix}/
+
+ oe_runmake INSTALL_PREFIX="${D}" MANDIR="${mandir}" install
+
+ oe_libinstall -so libcrypto ${D}${libdir}
+ oe_libinstall -so libssl ${D}${libdir}
+
+ install -d ${D}${includedir}
+ cp --dereference -R include/openssl ${D}${includedir}
+
+ install -Dm 0755 ${WORKDIR}/openssl-c_rehash.sh ${D}${bindir}/c_rehash
+ sed -i -e 's,/etc/openssl,${sysconfdir}/ssl,g' ${D}${bindir}/c_rehash
+
+ oe_multilib_header openssl/opensslconf.h
+ if [ "${@bb.utils.filter('PACKAGECONFIG', 'perl', d)}" ]; then
+ sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/CA.pl
+ sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/tsget
+ else
+ rm -f ${D}${libdir}/ssl/misc/CA.pl ${D}${libdir}/ssl/misc/tsget
+ fi
+
+ # Create SSL structure
+ install -d ${D}${sysconfdir}/ssl/
+ mv ${D}${libdir}/ssl/openssl.cnf \
+ ${D}${libdir}/ssl/certs \
+ ${D}${libdir}/ssl/private \
+ \
+ ${D}${sysconfdir}/ssl/
+ ln -sf ${sysconfdir}/ssl/certs ${D}${libdir}/ssl/certs
+ ln -sf ${sysconfdir}/ssl/private ${D}${libdir}/ssl/private
+ ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${libdir}/ssl/openssl.cnf
+
+ # Rename man pages to prefix openssl10-*
+ for f in `find ${D}${mandir} -type f`; do
+ mv $f $(dirname $f)/openssl10-$(basename $f)
+ done
+ for f in `find ${D}${mandir} -type l`; do
+ ln_f=`readlink $f`
+ rm -f $f
+ ln -s openssl10-$ln_f $(dirname $f)/openssl10-$(basename $f)
+ done
+}
+
+do_install_ptest () {
+ cp -r -L Makefile.org Makefile test ${D}${PTEST_PATH}
+
+ # Replace the path to native perl with the path to target perl
+ sed -i 's,^PERL=.*,PERL=${bindir}/perl,' ${D}${PTEST_PATH}/Makefile
+
+ cp Configure config e_os.h ${D}${PTEST_PATH}
+ cp -r -L include ${D}${PTEST_PATH}
+ ln -sf ${libdir}/libcrypto.a ${D}${PTEST_PATH}
+ ln -sf ${libdir}/libssl.a ${D}${PTEST_PATH}
+ mkdir -p ${D}${PTEST_PATH}/crypto
+ cp crypto/constant_time_locl.h ${D}${PTEST_PATH}/crypto
+ cp -r certs ${D}${PTEST_PATH}
+ mkdir -p ${D}${PTEST_PATH}/apps
+ ln -sf ${libdir}/ssl/misc/CA.sh ${D}${PTEST_PATH}/apps
+ ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${PTEST_PATH}/apps
+ ln -sf ${bindir}/openssl ${D}${PTEST_PATH}/apps
+ cp apps/server.pem ${D}${PTEST_PATH}/apps
+ cp apps/server2.pem ${D}${PTEST_PATH}/apps
+ mkdir -p ${D}${PTEST_PATH}/util
+ install util/opensslwrap.sh ${D}${PTEST_PATH}/util
+ install util/shlib_wrap.sh ${D}${PTEST_PATH}/util
+ # Time stamps are relevant for "make alltests", otherwise
+ # make may try to recompile binaries. Not only must the
+ # binary files be newer than the sources, they also must
+ # be more recent than the header files in /usr/include.
+ #
+ # Using "cp -a" is not sufficient, because do_install
+ # does not preserve the original time stamps.
+ #
+ # So instead of using the original file stamps, we set
+ # the current time for all files. Binaries will get
+ # modified again later when stripping them, but that's okay.
+ touch ${D}${PTEST_PATH}
+ find ${D}${PTEST_PATH} -type f -print0 | xargs --verbose -0 touch -r ${D}${PTEST_PATH}
+
+ # exclude binary files or the package won't install
+ for d in ssltest_old v3ext x509aux; do
+ rm -rf ${D}${libdir}/${BPN}/ptest/test/$d
+ done
+
+ # Remove build host references
+ sed -i \
+ -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \
+ -e 's|${DEBUG_PREFIX_MAP}||g' \
+ ${D}${PTEST_PATH}/Makefile ${D}${PTEST_PATH}/Configure
+}
+
+do_install_append_class-native() {
+ create_wrapper ${D}${bindir}/openssl \
+ OPENSSL_CONF=${libdir}/ssl/openssl.cnf \
+ SSL_CERT_DIR=${libdir}/ssl/certs \
+ SSL_CERT_FILE=${libdir}/ssl/cert.pem \
+ OPENSSL_ENGINES=${libdir}/ssl/engines
+}
+
+do_install_append_class-nativesdk() {
+ mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d
+ install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
+}
+
+FILES_${PN}_append_class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh"
+
+BBCLASSEXTEND = "native nativesdk"
--
1.9.1
^ permalink raw reply related [flat|nested] 9+ messages in thread* [PATCH 2/9] openssl_1.0: minor recipe formatting tweaks etc
2018-07-24 2:38 [PATCH 1/9] openssl_1.0: merge openssl10.inc into the openssl_1.0.2o.bb recipe Andre McCurdy
@ 2018-07-24 2:38 ` Andre McCurdy
2018-07-24 2:38 ` [PATCH 3/9] openssl_1.0: drop curly brackets from shell local variables Andre McCurdy
` (6 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Andre McCurdy @ 2018-07-24 2:38 UTC (permalink / raw)
To: openembedded-core
Drop redundant setting of S to its default value, fix inconsistent
indent and re-order variables to align more closely to the OE
style-guide.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
---
.../recipes-connectivity/openssl/openssl_1.0.2o.bb | 121 +++++++++++----------
1 file changed, 61 insertions(+), 60 deletions(-)
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
index 619f3d8..7f32d09 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
@@ -46,7 +46,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
file://0001-openssl-force-soft-link-to-avoid-rare-race.patch \
"
-SRC_URI_append_class-target = "\
+SRC_URI_append_class-target = " \
file://reproducible-cflags.patch \
file://reproducible-mkbuildinf.patch \
"
@@ -58,75 +58,55 @@ SRC_URI_append_class-nativesdk = " \
SRC_URI[md5sum] = "44279b8557c3247cbe324e2322ecd114"
SRC_URI[sha256sum] = "ec3f5c9714ba0fd45cb4e087301eb1336c317e0d20b575a125050470e8089e4d"
-S = "${WORKDIR}/openssl-${PV}"
UPSTREAM_CHECK_REGEX = "openssl-(?P<pver>1\.0.+)\.tar"
+inherit pkgconfig siteinfo multilib_header ptest relative_symlinks
+
PACKAGECONFIG ?= "cryptodev-linux"
PACKAGECONFIG[perl] = ",,,"
PACKAGECONFIG[cryptodev-linux] = "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS,,cryptodev-linux"
-TERMIO_libc-musl = "-DTERMIOS"
-TERMIO ?= "-DTERMIO"
-# Avoid binaries being marked as requiring an executable stack since it
-# doesn't(which causes and this causes issues with SELinux
-CFLAG = "${@oe.utils.conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \
- ${TERMIO} ${CFLAGS} -Wall -Wa,--noexecstack"
-
-# For target side versions of openssl enable support for OCF Linux driver
-# if they are available.
-
-CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS"
-CFLAG_append_class-native = " -fPIC"
+# Remove this to enable SSLv3. SSLv3 is defaulted to disabled due to the POODLE
+# vulnerability
+EXTRA_OECONF = "-no-ssl3"
export DIRS = "crypto ssl apps engines"
-export EX_LIBS = "-lgcc -ldl"
export AS = "${CC} -c"
-
+export EX_LIBS = "-lgcc -ldl"
export OE_LDFLAGS = "${LDFLAGS}"
# openssl fails with ccache: https://bugzilla.yoctoproject.org/show_bug.cgi?id=12810
CCACHE = ""
-inherit pkgconfig siteinfo multilib_header ptest relative_symlinks
+TERMIO ?= "-DTERMIO"
+TERMIO_libc-musl = "-DTERMIOS"
-PACKAGES =+ "libcrypto libssl ${PN}-misc openssl-conf"
-FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}"
-FILES_libssl = "${libdir}/libssl${SOLIBS}"
-FILES_${PN} =+ " ${libdir}/ssl/*"
-FILES_${PN}-misc = "${libdir}/ssl/misc"
-RDEPENDS_${PN}-misc = "${@bb.utils.filter('PACKAGECONFIG', 'perl', d)}"
+CFLAG = "${@oe.utils.conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \
+ ${TERMIO} ${CFLAGS} -Wall"
-# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto
-# package RRECOMMENDS on this package. This will enable the configuration
-# file to be installed for both the base openssl package and the libcrypto
-# package since the base openssl package depends on the libcrypto package.
-FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
-CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
-RRECOMMENDS_libcrypto += "openssl-conf"
-RDEPENDS_${PN}-ptest += "${PN}-misc make perl perl-module-filehandle bc"
+# Avoid binaries being marked as requiring an executable stack since they don't
+# (and it causes issues with SELinux)
+CFLAG += "-Wa,--noexecstack"
-PACKAGES =+ "${PN}-engines"
-FILES_${PN}-engines = "${libdir}/ssl/engines/*.so ${libdir}/engines"
+# For target side versions of openssl enable support for OCF Linux driver
+# if they are available.
+CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS"
-# Remove this to enable SSLv3. SSLv3 is defaulted to disabled due to the POODLE
-# vulnerability
-EXTRA_OECONF = " -no-ssl3"
+CFLAG_append_class-native = " -fPIC"
do_configure_prepend_darwin () {
sed -i -e '/version-script=openssl\.ld/d' Configure
}
-# The crypto_use_bigint patch means that perl's bignum module needs to be
-# installed, but some distributions (for example Fedora 23) don't ship it by
-# default. As the resulting error is very misleading check for bignum before
-# building.
-do_configure_prepend() {
+do_configure () {
+ # The crypto_use_bigint patch means that perl's bignum module needs to be
+ # installed, but some distributions (for example Fedora 23) don't ship it by
+ # default. As the resulting error is very misleading check for bignum before
+ # building.
if ! perl -Mbigint -e true; then
bbfatal "The perl module 'bignum' was not found but this is required to build openssl. Please install this module (often packaged as perl-bignum) and re-run bitbake."
fi
-}
-do_configure () {
cd util
perl perlpath.pl ${STAGING_BINDIR_NATIVE}
cd ..
@@ -141,7 +121,7 @@ do_configure () {
linux-musl )
os=linux
;;
- *)
+ *)
;;
esac
target="$os-${HOST_ARCH}"
@@ -203,12 +183,12 @@ do_configure () {
linux-powerpc64)
target=linux-ppc64
;;
- linux-riscv64)
- target=linux-generic64
- ;;
linux-riscv32)
target=linux-generic32
;;
+ linux-riscv64)
+ target=linux-generic64
+ ;;
linux-supersparc)
target=linux-sparcv8
;;
@@ -219,19 +199,21 @@ do_configure () {
target=darwin-i386-cc
;;
esac
+
# inject machine-specific flags
sed -i -e "s|^\(\"$target\",\s*\"[^:]\+\):\([^:]\+\)|\1:${CFLAG}|g" Configure
- useprefix=${prefix}
- if [ "x$useprefix" = "x" ]; then
- useprefix=/
- fi
+
+ useprefix=${prefix}
+ if [ "x$useprefix" = "x" ]; then
+ useprefix=/
+ fi
libdirleaf="$(echo ${libdir} | sed s:$useprefix::)"
perl ./Configure ${EXTRA_OECONF} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=${libdirleaf} $target
}
do_compile_prepend_class-target () {
- sed -i 's/\((OPENSSL=\)".*"/\1"openssl"/' Makefile
- oe_runmake depend
+ sed -i 's/\((OPENSSL=\)".*"/\1"openssl"/' Makefile
+ oe_runmake depend
cc_sanitized=`echo "${CC} ${CFLAG}" | sed -e 's,--sysroot=${STAGING_DIR_TARGET},,g' -e 's|${DEBUG_PREFIX_MAP}||g'`
oe_runmake CC_INFO="${cc_sanitized}"
}
@@ -296,8 +278,8 @@ do_install () {
do_install_ptest () {
cp -r -L Makefile.org Makefile test ${D}${PTEST_PATH}
- # Replace the path to native perl with the path to target perl
- sed -i 's,^PERL=.*,PERL=${bindir}/perl,' ${D}${PTEST_PATH}/Makefile
+ # Replace the path to native perl with the path to target perl
+ sed -i 's,^PERL=.*,PERL=${bindir}/perl,' ${D}${PTEST_PATH}/Makefile
cp Configure config e_os.h ${D}${PTEST_PATH}
cp -r -L include ${D}${PTEST_PATH}
@@ -336,9 +318,9 @@ do_install_ptest () {
# Remove build host references
sed -i \
- -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \
- -e 's|${DEBUG_PREFIX_MAP}||g' \
- ${D}${PTEST_PATH}/Makefile ${D}${PTEST_PATH}/Configure
+ -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \
+ -e 's|${DEBUG_PREFIX_MAP}||g' \
+ ${D}${PTEST_PATH}/Makefile ${D}${PTEST_PATH}/Configure
}
do_install_append_class-native() {
@@ -350,10 +332,29 @@ do_install_append_class-native() {
}
do_install_append_class-nativesdk() {
- mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d
- install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
+ mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d
+ install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
}
+# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto
+# package RRECOMMENDS on this package. This will enable the configuration
+# file to be installed for both the base openssl package and the libcrypto
+# package since the base openssl package depends on the libcrypto package.
+
+PACKAGES =+ "libcrypto libssl openssl-conf ${PN}-engines ${PN}-misc"
+
+FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}"
+FILES_libssl = "${libdir}/libssl${SOLIBS}"
+FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
+FILES_${PN}-engines = "${libdir}/ssl/engines/*.so ${libdir}/engines"
+FILES_${PN}-misc = "${libdir}/ssl/misc"
+FILES_${PN} =+ "${libdir}/ssl/*"
FILES_${PN}_append_class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh"
+CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
+
+RRECOMMENDS_libcrypto += "openssl-conf"
+RDEPENDS_${PN}-misc = "${@bb.utils.filter('PACKAGECONFIG', 'perl', d)}"
+RDEPENDS_${PN}-ptest += "${PN}-misc make perl perl-module-filehandle bc"
+
BBCLASSEXTEND = "native nativesdk"
--
1.9.1
^ permalink raw reply related [flat|nested] 9+ messages in thread* [PATCH 3/9] openssl_1.0: drop curly brackets from shell local variables
2018-07-24 2:38 [PATCH 1/9] openssl_1.0: merge openssl10.inc into the openssl_1.0.2o.bb recipe Andre McCurdy
2018-07-24 2:38 ` [PATCH 2/9] openssl_1.0: minor recipe formatting tweaks etc Andre McCurdy
@ 2018-07-24 2:38 ` Andre McCurdy
2018-07-24 2:38 ` [PATCH 4/9] openssl_1.0: fix cryptodev-linux PACKAGECONFIG support Andre McCurdy
` (5 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Andre McCurdy @ 2018-07-24 2:38 UTC (permalink / raw)
To: openembedded-core
Make clear distinction between local variables and bitbake variables.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
---
meta/recipes-connectivity/openssl/openssl_1.0.2o.bb | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
index 7f32d09..9bc9e64 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
@@ -208,14 +208,14 @@ do_configure () {
useprefix=/
fi
libdirleaf="$(echo ${libdir} | sed s:$useprefix::)"
- perl ./Configure ${EXTRA_OECONF} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=${libdirleaf} $target
+ perl ./Configure ${EXTRA_OECONF} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=$libdirleaf $target
}
do_compile_prepend_class-target () {
sed -i 's/\((OPENSSL=\)".*"/\1"openssl"/' Makefile
oe_runmake depend
cc_sanitized=`echo "${CC} ${CFLAG}" | sed -e 's,--sysroot=${STAGING_DIR_TARGET},,g' -e 's|${DEBUG_PREFIX_MAP}||g'`
- oe_runmake CC_INFO="${cc_sanitized}"
+ oe_runmake CC_INFO="$cc_sanitized"
}
do_compile () {
--
1.9.1
^ permalink raw reply related [flat|nested] 9+ messages in thread* [PATCH 4/9] openssl_1.0: fix cryptodev-linux PACKAGECONFIG support
2018-07-24 2:38 [PATCH 1/9] openssl_1.0: merge openssl10.inc into the openssl_1.0.2o.bb recipe Andre McCurdy
2018-07-24 2:38 ` [PATCH 2/9] openssl_1.0: minor recipe formatting tweaks etc Andre McCurdy
2018-07-24 2:38 ` [PATCH 3/9] openssl_1.0: drop curly brackets from shell local variables Andre McCurdy
@ 2018-07-24 2:38 ` Andre McCurdy
2018-07-24 2:38 ` [PATCH 5/9] openssl_1.0: drop leading "-" from no-ssl3 config option Andre McCurdy
` (4 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Andre McCurdy @ 2018-07-24 2:38 UTC (permalink / raw)
To: openembedded-core
Since openssl isn't an autotools recipe, defining cryptodev-linux
related config options via PACKAGECONFIG hasn't worked correctly
since PACKAGECONFIG_CONFARGS stopped being automatically appended to
EXTRA_OECONF in 2016:
http://git.openembedded.org/openembedded-core/commit/?id=c98fb5f5129e71829ffab4449b3d28082bc95ab4
The issue appears to have been hidden as the flags are also hardcoded
in CFLAG - and therefore always enabled, regardless of the state of
the PACKAGECONFIG option. Fix by passing both EXTRA_OECONF and
PACKAGECONFIG_CONFARGS when running the openssl Configure script.
Although the openssl 1.1 recipe doesn't contain any PACKAGECONFIG
options yet, pre-emptively make the same fix there too.
Also only enable cryptodev-linux by default for target builds (based
on the historical comments in the recipe, that seems to have been the
original intention).
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
---
meta/recipes-connectivity/openssl/openssl_1.0.2o.bb | 9 ++++-----
meta/recipes-connectivity/openssl/openssl_1.1.0h.bb | 2 +-
2 files changed, 5 insertions(+), 6 deletions(-)
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
index 9bc9e64..d9e9c84 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
@@ -63,6 +63,9 @@ UPSTREAM_CHECK_REGEX = "openssl-(?P<pver>1\.0.+)\.tar"
inherit pkgconfig siteinfo multilib_header ptest relative_symlinks
PACKAGECONFIG ?= "cryptodev-linux"
+PACKAGECONFIG_class-native = ""
+PACKAGECONFIG_class-nativesdk = ""
+
PACKAGECONFIG[perl] = ",,,"
PACKAGECONFIG[cryptodev-linux] = "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS,,cryptodev-linux"
@@ -88,10 +91,6 @@ CFLAG = "${@oe.utils.conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB
# (and it causes issues with SELinux)
CFLAG += "-Wa,--noexecstack"
-# For target side versions of openssl enable support for OCF Linux driver
-# if they are available.
-CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS"
-
CFLAG_append_class-native = " -fPIC"
do_configure_prepend_darwin () {
@@ -208,7 +207,7 @@ do_configure () {
useprefix=/
fi
libdirleaf="$(echo ${libdir} | sed s:$useprefix::)"
- perl ./Configure ${EXTRA_OECONF} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=$libdirleaf $target
+ perl ./Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=$libdirleaf $target
}
do_compile_prepend_class-target () {
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb b/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb
index 8d445e4..c0aaaf6 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb
@@ -126,7 +126,7 @@ do_configure () {
useprefix=/
fi
libdirleaf="$(echo ${libdir} | sed s:$useprefix::)"
- perl ./Configure ${EXTRA_OECONF} --prefix=$useprefix --openssldir=${libdir}/ssl-1.1 --libdir=${libdirleaf} $target
+ perl ./Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} --prefix=$useprefix --openssldir=${libdir}/ssl-1.1 --libdir=${libdirleaf} $target
}
do_install () {
--
1.9.1
^ permalink raw reply related [flat|nested] 9+ messages in thread* [PATCH 5/9] openssl_1.0: drop leading "-" from no-ssl3 config option
2018-07-24 2:38 [PATCH 1/9] openssl_1.0: merge openssl10.inc into the openssl_1.0.2o.bb recipe Andre McCurdy
` (2 preceding siblings ...)
2018-07-24 2:38 ` [PATCH 4/9] openssl_1.0: fix cryptodev-linux PACKAGECONFIG support Andre McCurdy
@ 2018-07-24 2:38 ` Andre McCurdy
2018-07-24 2:38 ` [PATCH 6/9] openssl_1.0: avoid running make twice for target do_compile() Andre McCurdy
` (3 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Andre McCurdy @ 2018-07-24 2:38 UTC (permalink / raw)
To: openembedded-core
Although passing -no-ssl3 works, comments in the openssl Configure
script suggest doing so isn't really correct:
s /^-no-/no-/; # some people just can't read the instructions
The documented way to pass no-<cipher> config options is without a
leading "-"
https://github.com/openssl/openssl/blob/OpenSSL_1_0_2-stable/INSTALL
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
---
meta/recipes-connectivity/openssl/openssl_1.0.2o.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
index d9e9c84..58627b0 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
@@ -71,7 +71,7 @@ PACKAGECONFIG[cryptodev-linux] = "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS,,cryp
# Remove this to enable SSLv3. SSLv3 is defaulted to disabled due to the POODLE
# vulnerability
-EXTRA_OECONF = "-no-ssl3"
+EXTRA_OECONF = "no-ssl3"
export DIRS = "crypto ssl apps engines"
export AS = "${CC} -c"
--
1.9.1
^ permalink raw reply related [flat|nested] 9+ messages in thread* [PATCH 6/9] openssl_1.0: avoid running make twice for target do_compile()
2018-07-24 2:38 [PATCH 1/9] openssl_1.0: merge openssl10.inc into the openssl_1.0.2o.bb recipe Andre McCurdy
` (3 preceding siblings ...)
2018-07-24 2:38 ` [PATCH 5/9] openssl_1.0: drop leading "-" from no-ssl3 config option Andre McCurdy
@ 2018-07-24 2:38 ` Andre McCurdy
2018-07-24 2:38 ` [PATCH 7/9] openssl: remove uclibc remnants Andre McCurdy
` (2 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Andre McCurdy @ 2018-07-24 2:38 UTC (permalink / raw)
To: openembedded-core
Currently target builds call make twice as part of do_compile(). It
appears to be an accidental side effect of needing to only pass
CC_INFO on the make command line for target builds, since CC_INFO is
only referenced by the reproducible build patches.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
---
meta/recipes-connectivity/openssl/openssl_1.0.2o.bb | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
index 58627b0..9e5e7ec 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
@@ -210,16 +210,16 @@ do_configure () {
perl ./Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=$libdirleaf $target
}
-do_compile_prepend_class-target () {
- sed -i 's/\((OPENSSL=\)".*"/\1"openssl"/' Makefile
+do_compile () {
oe_runmake depend
- cc_sanitized=`echo "${CC} ${CFLAG}" | sed -e 's,--sysroot=${STAGING_DIR_TARGET},,g' -e 's|${DEBUG_PREFIX_MAP}||g'`
- oe_runmake CC_INFO="$cc_sanitized"
+ oe_runmake
}
-do_compile () {
+do_compile_class-target () {
+ sed -i 's/\((OPENSSL=\)".*"/\1"openssl"/' Makefile
oe_runmake depend
- oe_runmake
+ cc_sanitized=`echo "${CC} ${CFLAG}" | sed -e 's,--sysroot=${STAGING_DIR_TARGET},,g' -e 's|${DEBUG_PREFIX_MAP}||g'`
+ oe_runmake CC_INFO="$cc_sanitized"
}
do_compile_ptest () {
--
1.9.1
^ permalink raw reply related [flat|nested] 9+ messages in thread* [PATCH 7/9] openssl: remove uclibc remnants
2018-07-24 2:38 [PATCH 1/9] openssl_1.0: merge openssl10.inc into the openssl_1.0.2o.bb recipe Andre McCurdy
` (4 preceding siblings ...)
2018-07-24 2:38 ` [PATCH 6/9] openssl_1.0: avoid running make twice for target do_compile() Andre McCurdy
@ 2018-07-24 2:38 ` Andre McCurdy
2018-07-24 2:38 ` [PATCH 8/9] openssl: support musl-x32 build Andre McCurdy
2018-07-24 2:38 ` [PATCH 9/9] openssl: minor indent fixes Andre McCurdy
7 siblings, 0 replies; 9+ messages in thread
From: Andre McCurdy @ 2018-07-24 2:38 UTC (permalink / raw)
To: openembedded-core
Align the openssl 1.1 recipe with changes made to openssl 1.0:
http://git.openembedded.org/openembedded-core/commit/?id=e01e7c543a559c8926d72159b5cd55db0c661434
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
---
meta/recipes-connectivity/openssl/openssl_1.1.0h.bb | 3 ---
1 file changed, 3 deletions(-)
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb b/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb
index c0aaaf6..a2f5d67 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb
@@ -37,10 +37,7 @@ EXTRA_OECONF_append_libc-musl = " -DOPENSSL_NO_ASYNC"
do_configure () {
os=${HOST_OS}
case $os in
- linux-uclibc |\
- linux-uclibceabi |\
linux-gnueabi |\
- linux-uclibcspe |\
linux-gnuspe |\
linux-musl*)
os=linux
--
1.9.1
^ permalink raw reply related [flat|nested] 9+ messages in thread* [PATCH 8/9] openssl: support musl-x32 build
2018-07-24 2:38 [PATCH 1/9] openssl_1.0: merge openssl10.inc into the openssl_1.0.2o.bb recipe Andre McCurdy
` (5 preceding siblings ...)
2018-07-24 2:38 ` [PATCH 7/9] openssl: remove uclibc remnants Andre McCurdy
@ 2018-07-24 2:38 ` Andre McCurdy
2018-07-24 2:38 ` [PATCH 9/9] openssl: minor indent fixes Andre McCurdy
7 siblings, 0 replies; 9+ messages in thread
From: Andre McCurdy @ 2018-07-24 2:38 UTC (permalink / raw)
To: openembedded-core
Align the openssl 1.1 recipe with changes made to openssl 1.0:
http://git.openembedded.org/openembedded-core/commit/?id=a072d4620db462c5d3459441d5684cfd99938400
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
---
meta/recipes-connectivity/openssl/openssl_1.1.0h.bb | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb b/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb
index a2f5d67..5dc2966 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb
@@ -39,7 +39,9 @@ do_configure () {
case $os in
linux-gnueabi |\
linux-gnuspe |\
- linux-musl*)
+ linux-musleabi |\
+ linux-muslspe |\
+ linux-musl )
os=linux
;;
*)
@@ -71,7 +73,7 @@ do_configure () {
linux-i686)
target=linux-elf
;;
- linux-gnux32-x86_64)
+ linux-gnux32-x86_64 | linux-muslx32-x86_64 )
target=linux-x32
;;
linux-gnu64-x86_64)
--
1.9.1
^ permalink raw reply related [flat|nested] 9+ messages in thread* [PATCH 9/9] openssl: minor indent fixes
2018-07-24 2:38 [PATCH 1/9] openssl_1.0: merge openssl10.inc into the openssl_1.0.2o.bb recipe Andre McCurdy
` (6 preceding siblings ...)
2018-07-24 2:38 ` [PATCH 8/9] openssl: support musl-x32 build Andre McCurdy
@ 2018-07-24 2:38 ` Andre McCurdy
7 siblings, 0 replies; 9+ messages in thread
From: Andre McCurdy @ 2018-07-24 2:38 UTC (permalink / raw)
To: openembedded-core
Fix inconsistent indent (and also make the openssl 1.1 recipe more
consistent and consistent with the openssl 1.0 recipe).
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
---
.../recipes-connectivity/openssl/openssl_1.1.0h.bb | 69 +++++++++++-----------
1 file changed, 35 insertions(+), 34 deletions(-)
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb b/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb
index 5dc2966..a7cd6a4 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb
@@ -44,7 +44,7 @@ do_configure () {
linux-musl )
os=linux
;;
- *)
+ *)
;;
esac
target="$os-${HOST_ARCH}"
@@ -80,21 +80,21 @@ do_configure () {
target=linux-x86_64
;;
linux-mips)
- # specifying TARGET_CC_ARCH prevents openssl from (incorrectly) adding target architecture flags
+ # specifying TARGET_CC_ARCH prevents openssl from (incorrectly) adding target architecture flags
target="linux-mips32 ${TARGET_CC_ARCH}"
;;
linux-mipsel)
target="linux-mips32 ${TARGET_CC_ARCH}"
;;
- linux-gnun32-mips*)
- target=linux-mips64
- ;;
- linux-*-mips64 | linux-mips64)
- target=linux64-mips64
- ;;
- linux-*-mips64el | linux-mips64el)
- target=linux64-mips64
- ;;
+ linux-gnun32-mips*)
+ target=linux-mips64
+ ;;
+ linux-*-mips64 | linux-mips64)
+ target=linux64-mips64
+ ;;
+ linux-*-mips64el | linux-mips64el)
+ target=linux64-mips64
+ ;;
linux-microblaze*|linux-nios2*)
target=linux-generic32
;;
@@ -104,12 +104,12 @@ do_configure () {
linux-powerpc64)
target=linux-ppc64
;;
- linux-riscv64)
- target=linux-generic64
- ;;
linux-riscv32)
target=linux-generic32
;;
+ linux-riscv64)
+ target=linux-generic64
+ ;;
linux-supersparc)
target=linux-sparcv9
;;
@@ -120,40 +120,41 @@ do_configure () {
target=darwin-i386-cc
;;
esac
- useprefix=${prefix}
- if [ "x$useprefix" = "x" ]; then
- useprefix=/
- fi
+
+ useprefix=${prefix}
+ if [ "x$useprefix" = "x" ]; then
+ useprefix=/
+ fi
libdirleaf="$(echo ${libdir} | sed s:$useprefix::)"
- perl ./Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} --prefix=$useprefix --openssldir=${libdir}/ssl-1.1 --libdir=${libdirleaf} $target
+ perl ./Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} --prefix=$useprefix --openssldir=${libdir}/ssl-1.1 --libdir=$libdirleaf $target
}
do_install () {
- oe_runmake DESTDIR="${D}" MANDIR="${mandir}" MANSUFFIX=ssl install
- oe_multilib_header openssl/opensslconf.h
+ oe_runmake DESTDIR="${D}" MANDIR="${mandir}" MANSUFFIX=ssl install
+ oe_multilib_header openssl/opensslconf.h
}
do_install_append_class-native () {
- # Install a custom version of c_rehash that can handle sysroots properly.
- # This version is used for example when installing ca-certificates during
- # image creation.
- install -Dm 0755 ${WORKDIR}/openssl-c_rehash.sh ${D}${bindir}/c_rehash
- sed -i -e 's,/etc/openssl,${sysconfdir}/ssl,g' ${D}${bindir}/c_rehash
+ # Install a custom version of c_rehash that can handle sysroots properly.
+ # This version is used for example when installing ca-certificates during
+ # image creation.
+ install -Dm 0755 ${WORKDIR}/openssl-c_rehash.sh ${D}${bindir}/c_rehash
+ sed -i -e 's,/etc/openssl,${sysconfdir}/ssl,g' ${D}${bindir}/c_rehash
}
do_install_append_class-nativesdk () {
- mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d
- install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
+ mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d
+ install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
}
do_install_ptest() {
- cp -r * ${D}${PTEST_PATH}
+ cp -r * ${D}${PTEST_PATH}
- # Putting .so files in ptest package will mess up the dependencies of the main openssl package
- # so we rename them to .so.ptest and patch the test accordingly
- mv ${D}${PTEST_PATH}/libcrypto.so ${D}${PTEST_PATH}/libcrypto.so.ptest
- mv ${D}${PTEST_PATH}/libssl.so ${D}${PTEST_PATH}/libssl.so.ptest
- sed -i 's/$target{shared_extension_simple}/".so.ptest"/' ${D}${PTEST_PATH}/test/recipes/90-test_shlibload.t
+ # Putting .so files in ptest package will mess up the dependencies of the main openssl package
+ # so we rename them to .so.ptest and patch the test accordingly
+ mv ${D}${PTEST_PATH}/libcrypto.so ${D}${PTEST_PATH}/libcrypto.so.ptest
+ mv ${D}${PTEST_PATH}/libssl.so ${D}${PTEST_PATH}/libssl.so.ptest
+ sed -i 's/$target{shared_extension_simple}/".so.ptest"/' ${D}${PTEST_PATH}/test/recipes/90-test_shlibload.t
}
PACKAGES =+ "${PN}-engines"
--
1.9.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
end of thread, other threads:[~2018-07-24 2:39 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-07-24 2:38 [PATCH 1/9] openssl_1.0: merge openssl10.inc into the openssl_1.0.2o.bb recipe Andre McCurdy
2018-07-24 2:38 ` [PATCH 2/9] openssl_1.0: minor recipe formatting tweaks etc Andre McCurdy
2018-07-24 2:38 ` [PATCH 3/9] openssl_1.0: drop curly brackets from shell local variables Andre McCurdy
2018-07-24 2:38 ` [PATCH 4/9] openssl_1.0: fix cryptodev-linux PACKAGECONFIG support Andre McCurdy
2018-07-24 2:38 ` [PATCH 5/9] openssl_1.0: drop leading "-" from no-ssl3 config option Andre McCurdy
2018-07-24 2:38 ` [PATCH 6/9] openssl_1.0: avoid running make twice for target do_compile() Andre McCurdy
2018-07-24 2:38 ` [PATCH 7/9] openssl: remove uclibc remnants Andre McCurdy
2018-07-24 2:38 ` [PATCH 8/9] openssl: support musl-x32 build Andre McCurdy
2018-07-24 2:38 ` [PATCH 9/9] openssl: minor indent fixes Andre McCurdy
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.