From: Robert Yang <liezhi.yang@windriver.com>
To: Saul Wold <sgw@linux.intel.com>,
<openembedded-core@lists.openembedded.org>
Subject: Re: [PATCH] openssl: Upgrade to 1.0.2
Date: Thu, 12 Mar 2015 14:18:27 +0800 [thread overview]
Message-ID: <55012FB3.2030404@windriver.com> (raw)
In-Reply-To: <1425491208-7670-1-git-send-email-sgw@linux.intel.com>
I met this error when building openflow in meta-networking, I guess it maybe
related to the upgraded:
x86_64-wrs-linux-gcc -m64 -march=core2 -mtune=core2 -msse3 -mfpmath=sse
--sysroot=/buildarea/lyang1/test_qemux86-64/bitbake_build/tmp/sysroots/qemux86-64 -Wstrict-prototypes
-O2 -pipe -g -feliminate-unused-debug-types -Wall -Wno-sign-compare
-Wpointer-arith -Wdeclaration-after-statement -Wformat-security -Wswitch-enum
-Wunused-parameter -Wstrict-aliasing -Wbad-function-cast -Wcast-align
-Wstrict-prototypes -Wold-style-definition -Wmissing-prototypes
-Wmissing-field-initializers -Wno-override-init -export-dynamic -Wl,-O1
-Wl,--hash-style=gnu -Wl,--as-needed -o secchan/ofprotocol secchan/discovery.o
secchan/emerg-flow.o secchan/fail-open.o secchan/failover.o secchan/in-band.o
secchan/port-watcher.o secchan/protocol-stat.o secchan/ratelimit.o
secchan/secchan.o secchan/status.o secchan/stp-secchan.o lib/libopenflow.a -ldl
-L/buildarea/lyang1/test_qemux86-64/bitbake_build/tmp/sysroots/qemux86-64/usr/lib64
-lssl
/buildarea/lyang1/test_qemux86-64/bitbake_build/tmp/sysroots/x86_64-linux/usr/libexec/x86_64-wrs-linux/gcc/x86_64-wrs-linux/4.9.2/ld:
lib/libopenflow.a(vconn-ssl.o): undefined reference to symbol
'ERR_error_string@@OPENSSL_1.0.0'
/buildarea/lyang1/test_qemux86-64/bitbake_build/tmp/sysroots/qemux86-64/lib64/libcrypto.so.1.0.0:
error adding symbols: DSO missing from command line
collect2: error: ld returned 1 exit status
// Robert
On 03/05/2015 01:46 AM, Saul Wold wrote:
> Rebased numerous patches
> removed aarch64 initial work since it's part of upstream now
> Imported a few additional patches from Debian to support the version-script
> and blacklist additional bad certificates.
>
> Signed-off-by: Saul Wold <sgw@linux.intel.com>
> ---
> .../openssl/openssl/Makefiles-ptest.patch | 36 +--
> .../openssl/openssl/debian/c_rehash-compat.patch | 58 +++-
> .../openssl/openssl/debian/debian-targets.patch | 25 +-
> .../openssl/openssl/debian/version-script.patch | 311 ++++++++++-----------
> .../debian1.0.2/block_digicert_malaysia.patch | 29 ++
> .../openssl/debian1.0.2/block_diginotar.patch | 67 +++++
> .../openssl/openssl/debian1.0.2/padlock_conf.patch | 31 ++
> .../openssl/engines-install-in-libdir-ssl.patch | 42 +--
> .../openssl/openssl/fix-cipher-des-ede3-cfb1.patch | 21 +-
> .../openssl/openssl/initial-aarch64-bits.patch | 120 --------
> ...-pointer-dereference-in-EVP_DigestInit_ex.patch | 22 +-
> ...NULL-pointer-dereference-in-dh_pub_encode.patch | 41 +--
> .../openssl/openssl/openssl_fix_for_x32.patch | 85 ++----
> .../openssl/openssl/ptest-deps.patch | 16 +-
> .../openssl/update-version-script-for-1.0.2.patch | 66 +++++
> .../{openssl_1.0.1k.bb => openssl_1.0.2.bb} | 19 +-
> 16 files changed, 522 insertions(+), 467 deletions(-)
> create mode 100644 meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_digicert_malaysia.patch
> create mode 100644 meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch
> create mode 100644 meta/recipes-connectivity/openssl/openssl/debian1.0.2/padlock_conf.patch
> delete mode 100644 meta/recipes-connectivity/openssl/openssl/initial-aarch64-bits.patch
> create mode 100644 meta/recipes-connectivity/openssl/openssl/update-version-script-for-1.0.2.patch
> rename meta/recipes-connectivity/openssl/{openssl_1.0.1k.bb => openssl_1.0.2.bb} (84%)
>
> diff --git a/meta/recipes-connectivity/openssl/openssl/Makefiles-ptest.patch b/meta/recipes-connectivity/openssl/openssl/Makefiles-ptest.patch
> index ac53a91..249446a 100644
> --- a/meta/recipes-connectivity/openssl/openssl/Makefiles-ptest.patch
> +++ b/meta/recipes-connectivity/openssl/openssl/Makefiles-ptest.patch
> @@ -5,10 +5,11 @@ Signed-off-by: Anders Roxell <anders.roxell@enea.com>
> Signed-off-by: Maxin B. John <maxin.john@enea.com>
> Upstream-Status: Pending
> ---
> -diff -uNr a/Makefile b/Makefile
> ---- a/Makefile.org 2012-05-10 17:06:02.000000000 +0200
> -+++ b/Makefile.org 2012-10-27 00:05:55.359424024 +0200
> -@@ -411,8 +411,16 @@
> +Index: openssl-1.0.2/Makefile.org
> +===================================================================
> +--- openssl-1.0.2.orig/Makefile.org
> ++++ openssl-1.0.2/Makefile.org
> +@@ -451,8 +451,16 @@ rehash.time: certs apps
> test: tests
>
> tests: rehash
> @@ -26,11 +27,11 @@ diff -uNr a/Makefile b/Makefile
> OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
>
> report:
> -diff --git a/test/Makefile b/test/Makefile
> -index 3912f82..1696767 100644
> ---- a/test/Makefile
> -+++ b/test/Makefile
> -@@ -128,7 +128,7 @@ tests: exe apps $(TESTS)
> +Index: openssl-1.0.2/test/Makefile
> +===================================================================
> +--- openssl-1.0.2.orig/test/Makefile
> ++++ openssl-1.0.2/test/Makefile
> +@@ -137,7 +137,7 @@ tests: exe apps $(TESTS)
> apps:
> @(cd ..; $(MAKE) DIRS=apps all)
>
> @@ -39,28 +40,28 @@ index 3912f82..1696767 100644
> test_des test_idea test_sha test_md4 test_md5 test_hmac \
> test_md2 test_mdc2 test_wp \
> test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \
> -@@ -138,6 +138,11 @@ alltests: \
> - test_ss test_ca test_engine test_evp test_ssl test_tsa test_ige \
> - test_jpake test_cms
> +@@ -148,6 +148,11 @@ alltests: \
> + test_jpake test_srp test_cms test_ocsp test_v3name test_heartbeat \
> + test_constant_time
>
> +alltests:
> + @(for i in $(all-tests); do \
> + ( $(MAKE) $$i && echo "PASS: $$i" ) || echo "FAIL: $$i"; \
> + done)
> +
> - test_evp:
> + test_evp: $(EVPTEST)$(EXE_EXT) evptests.txt
> ../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
>
> -@@ -203,7 +208,7 @@ test_x509:
> +@@ -213,7 +218,7 @@ test_x509: ../apps/openssl$(EXE_EXT) tx5
> echo test second x509v3 certificate
> sh ./tx509 v3-cert2.pem 2>/dev/null
>
> --test_rsa: $(RSATEST)$(EXE_EXT)
> -+test_rsa:
> +-test_rsa: $(RSATEST)$(EXE_EXT) ../apps/openssl$(EXE_EXT) trsa testrsa.pem
> ++test_rsa: ../apps/openssl$(EXE_EXT) trsa testrsa.pem
> @sh ./trsa 2>/dev/null
> ../util/shlib_wrap.sh ./$(RSATEST)
>
> -@@ -298,11 +303,11 @@ test_tsa:
> +@@ -313,11 +318,11 @@ test_tsa: ../apps/openssl$(EXE_EXT) test
> sh ./testtsa; \
> fi
>
> @@ -73,3 +74,4 @@ index 3912f82..1696767 100644
> +test_jpake:
> @echo "Test JPAKE"
> ../util/shlib_wrap.sh ./$(JPAKETEST)
> +
> diff --git a/meta/recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch b/meta/recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch
> index ac1b19b..3943e2c 100644
> --- a/meta/recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch
> +++ b/meta/recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch
> @@ -1,38 +1,58 @@
> -Upstream-Status: Backport [debian]
> -
> From 83f318d68bbdab1ca898c94576a838cc97df4700 Mon Sep 17 00:00:00 2001
> From: Ludwig Nussel <ludwig.nussel@suse.de>
> Date: Wed, 21 Apr 2010 15:52:10 +0200
> Subject: [PATCH] also create old hash for compatibility
>
> +Upstream-Status: Backport [debian]
> +
> ---
> tools/c_rehash.in | 8 +++++++-
> 1 files changed, 7 insertions(+), 1 deletions(-)
>
> -Index: openssl-1.0.0d/tools/c_rehash.in
> +Index: openssl-1.0.2~beta3/tools/c_rehash.in
> ===================================================================
> ---- openssl-1.0.0d.orig/tools/c_rehash.in 2011-04-13 20:41:28.000000000 +0000
> -+++ openssl-1.0.0d/tools/c_rehash.in 2011-04-13 20:41:28.000000000 +0000
> -@@ -86,6 +86,7 @@
> - }
> +--- openssl-1.0.2~beta3.orig/tools/c_rehash.in
> ++++ openssl-1.0.2~beta3/tools/c_rehash.in
> +@@ -8,8 +8,6 @@ my $prefix;
> +
> + my $openssl = $ENV{OPENSSL} || "openssl";
> + my $pwd;
> +-my $x509hash = "-subject_hash";
> +-my $crlhash = "-hash";
> + my $verbose = 0;
> + my $symlink_exists=eval {symlink("",""); 1};
> + my $removelinks = 1;
> +@@ -18,10 +16,7 @@ my $removelinks = 1;
> + while ( $ARGV[0] =~ '-.*' ) {
> + my $flag = shift @ARGV;
> + last if ( $flag eq '--');
> +- if ( $flag =~ /-old/) {
> +- $x509hash = "-subject_hash_old";
> +- $crlhash = "-hash_old";
> +- } elsif ( $flag =~ /-h/) {
> ++ if ( $flag =~ /-h/) {
> + help();
> + } elsif ( $flag eq '-n' ) {
> + $removelinks = 0;
> +@@ -113,7 +108,9 @@ sub hash_dir {
> + next;
> }
> link_hash_cert($fname) if($cert);
> + link_hash_cert_old($fname) if($cert);
> link_hash_crl($fname) if($crl);
> ++ link_hash_crl_old($fname) if($crl);
> }
> }
> -@@ -119,8 +120,9 @@
> +
> +@@ -146,6 +143,7 @@ sub check_file {
>
> sub link_hash_cert {
> my $fname = $_[0];
> -+ my $hashopt = $_[1] || '-subject_hash';
> ++ my $x509hash = $_[1] || '-subject_hash';
> $fname =~ s/'/'\\''/g;
> -- my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in "$fname"`;
> -+ my ($hash, $fprint) = `"$openssl" x509 $hashopt -fingerprint -noout -in "$fname"`;
> + my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;
> chomp $hash;
> - chomp $fprint;
> - $fprint =~ s/^.*=//;
> -@@ -150,6 +152,10 @@
> +@@ -177,10 +175,20 @@ sub link_hash_cert {
> $hashlist{$hash} = $fprint;
> }
>
> @@ -40,6 +60,16 @@ Index: openssl-1.0.0d/tools/c_rehash.in
> + link_hash_cert($_[0], '-subject_hash_old');
> +}
> +
> ++sub link_hash_crl_old {
> ++ link_hash_crl($_[0], '-hash_old');
> ++}
> ++
> ++
> # Same as above except for a CRL. CRL links are of the form <hash>.r<n>
>
> sub link_hash_crl {
> + my $fname = $_[0];
> ++ my $crlhash = $_[1] || "-hash";
> + $fname =~ s/'/'\\''/g;
> + my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`;
> + chomp $hash;
> diff --git a/meta/recipes-connectivity/openssl/openssl/debian/debian-targets.patch b/meta/recipes-connectivity/openssl/openssl/debian/debian-targets.patch
> index 8101edf..39d4328 100644
> --- a/meta/recipes-connectivity/openssl/openssl/debian/debian-targets.patch
> +++ b/meta/recipes-connectivity/openssl/openssl/debian/debian-targets.patch
> @@ -1,12 +1,12 @@
> Upstream-Status: Backport [debian]
>
> -Index: openssl-1.0.1/Configure
> +Index: openssl-1.0.2/Configure
> ===================================================================
> ---- openssl-1.0.1.orig/Configure 2012-03-17 15:37:54.000000000 +0000
> -+++ openssl-1.0.1/Configure 2012-03-17 16:13:49.000000000 +0000
> -@@ -105,6 +105,10 @@
> +--- openssl-1.0.2.orig/Configure
> ++++ openssl-1.0.2/Configure
> +@@ -107,6 +107,10 @@ my $gcc_devteam_warn = "-Wall -pedantic
>
> - my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED";
> + my $clang_disabled_warnings = "-Wno-language-extension-token -Wno-extended-offsetof -Wno-padded -Wno-shorten-64-to-32 -Wno-format-nonliteral -Wno-missing-noreturn -Wno-unused-parameter -Wno-sign-conversion -Wno-unreachable-code -Wno-conversion -Wno-documentation -Wno-missing-variable-declarations -Wno-cast-align -Wno-incompatible-pointer-types-discards-qualifiers -Wno-missing-variable-declarations -Wno-missing-field-initializers -Wno-unused-macros -Wno-disabled-macro-expansion -Wno-conditional-uninitialized -Wno-switch-enum";
>
> +# There are no separate CFLAGS/CPPFLAGS/LDFLAGS, set everything in CFLAGS
> +my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . "-Wa,--noexecstack -Wall";
> @@ -15,7 +15,7 @@ Index: openssl-1.0.1/Configure
> my $strict_warnings = 0;
>
> my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
> -@@ -338,6 +342,48 @@
> +@@ -343,6 +347,55 @@ my %table=(
> "osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
> "tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared::-msym:.so",
>
> @@ -23,9 +23,9 @@ Index: openssl-1.0.1/Configure
> +"debian-alpha","gcc:-DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-alpha-ev4","gcc:-DTERMIO ${debian_cflags} -mcpu=ev4::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-alpha-ev5","gcc:-DTERMIO ${debian_cflags} -mcpu=ev5::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> -+"debian-armeb","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> -+"debian-armel","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> -+"debian-armhf","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> ++"debian-arm64","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> ++"debian-armel","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> ++"debian-armhf","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::",
> +"debian-avr32", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -fomit-frame-pointer::-D_REENTRANT::-ldl:BN_LLONG_BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-kfreebsd-amd64","gcc:-m64 -DL_ENDIAN -DTERMIOS ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> @@ -40,15 +40,21 @@ Index: openssl-1.0.1/Configure
> +"debian-m68k","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-mips", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-mipsel", "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> ++"debian-mipsn32", "mips64-linux-gnuabin32-gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> ++"debian-mipsn32el", "mips64el-linux-gnuabin32-gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> ++"debian-mips64", "mips64-linux-gnuabi64-gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> ++"debian-mips64el", "mips64el-linux-gnuabi64-gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-netbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-netbsd-m68k", "gcc:-DB_ENDIAN -DTERMIOS ${debian_cflags}::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS ${debian_cflags} -mv8::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-openbsd-alpha","gcc:-DTERMIOS ${debian_cflags}::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-openbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-openbsd-mips","gcc:-DL_ENDIAN ${debian_cflags}::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> ++"debian-or1k", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-powerpcspe","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-ppc64","gcc:-m64 -DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> ++"debian-ppc64el","gcc:-m64 -DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64le:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-s390","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-s390x","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-sh3", "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> @@ -60,6 +66,7 @@ Index: openssl-1.0.1/Configure
> +"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -mcpu=v8 -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -mcpu=v9 -Wa,-Av8plus -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> +"debian-sparc64","gcc:-m64 -DB_ENDIAN -DTERMIO ${debian_cflags} -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> ++"debian-x32","gcc:-mx32 -DL_ENDIAN -DTERMIO ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::x32",
> +
> ####
> #### Variety of LINUX:-)
> diff --git a/meta/recipes-connectivity/openssl/openssl/debian/version-script.patch b/meta/recipes-connectivity/openssl/openssl/debian/version-script.patch
> index ece8b9b..a249180 100644
> --- a/meta/recipes-connectivity/openssl/openssl/debian/version-script.patch
> +++ b/meta/recipes-connectivity/openssl/openssl/debian/version-script.patch
> @@ -1,10 +1,8 @@
> -Upstream-Status: Backport [debian]
> -
> -Index: openssl-1.0.1d/Configure
> +Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/Configure
> ===================================================================
> ---- openssl-1.0.1d.orig/Configure 2013-02-06 19:41:43.000000000 +0100
> -+++ openssl-1.0.1d/Configure 2013-02-06 19:41:43.000000000 +0100
> -@@ -1621,6 +1621,8 @@
> +--- openssl-1.0.2~beta1.obsolete.0.0498436515490575.orig/Configure 2014-02-24 21:02:30.000000000 +0100
> ++++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/Configure 2014-02-24 21:02:30.000000000 +0100
> +@@ -1651,6 +1651,8 @@
> }
> }
>
> @@ -13,11 +11,11 @@ Index: openssl-1.0.1d/Configure
> open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
> unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
> open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
> -Index: openssl-1.0.1d/openssl.ld
> +Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/openssl.ld
> ===================================================================
> --- /dev/null 1970-01-01 00:00:00.000000000 +0000
> -+++ openssl-1.0.1d/openssl.ld 2013-02-06 19:44:25.000000000 +0100
> -@@ -0,0 +1,4620 @@
> ++++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/openssl.ld 2014-02-24 22:19:08.601827266 +0100
> +@@ -0,0 +1,4615 @@
> +OPENSSL_1.0.0 {
> + global:
> + BIO_f_ssl;
> @@ -2229,20 +2227,16 @@ Index: openssl-1.0.1d/openssl.ld
> + ERR_load_COMP_strings;
> + PKCS12_item_decrypt_d2i;
> + ASN1_UTF8STRING_it;
> -+ ASN1_UTF8STRING_it;
> + ENGINE_unregister_ciphers;
> + ENGINE_get_ciphers;
> + d2i_OCSP_BASICRESP;
> + KRB5_CHECKSUM_it;
> -+ KRB5_CHECKSUM_it;
> + EC_POINT_add;
> + ASN1_item_ex_i2d;
> + OCSP_CERTID_it;
> -+ OCSP_CERTID_it;
> + d2i_OCSP_RESPBYTES;
> + X509V3_add1_i2d;
> + PKCS7_ENVELOPE_it;
> -+ PKCS7_ENVELOPE_it;
> + UI_add_input_boolean;
> + ENGINE_unregister_RSA;
> + X509V3_EXT_nconf;
> @@ -2254,19 +2248,15 @@ Index: openssl-1.0.1d/openssl.ld
> + ENGINE_register_all_RAND;
> + ENGINE_load_dynamic;
> + PBKDF2PARAM_it;
> -+ PBKDF2PARAM_it;
> + EXTENDED_KEY_USAGE_new;
> + EC_GROUP_clear_free;
> + OCSP_sendreq_bio;
> + ASN1_item_digest;
> + OCSP_BASICRESP_delete_ext;
> + OCSP_SIGNATURE_it;
> -+ OCSP_SIGNATURE_it;
> -+ X509_CRL_it;
> + X509_CRL_it;
> + OCSP_BASICRESP_add_ext;
> + KRB5_ENCKEY_it;
> -+ KRB5_ENCKEY_it;
> + UI_method_set_closer;
> + X509_STORE_set_purpose;
> + i2d_ASN1_GENERALSTRING;
> @@ -2277,7 +2267,6 @@ Index: openssl-1.0.1d/openssl.ld
> + OCSP_REQUEST_get_ext_by_OBJ;
> + _ossl_old_des_random_key;
> + ASN1_T61STRING_it;
> -+ ASN1_T61STRING_it;
> + EC_GROUP_method_of;
> + i2d_KRB5_APREQ;
> + _ossl_old_des_encrypt;
> @@ -2293,7 +2282,6 @@ Index: openssl-1.0.1d/openssl.ld
> + OCSP_SINGLERESP_get_ext_count;
> + UI_ctrl;
> + _shadow_DES_rw_mode;
> -+ _shadow_DES_rw_mode;
> + asn1_do_adb;
> + ASN1_template_i2d;
> + ENGINE_register_DH;
> @@ -2307,8 +2295,6 @@ Index: openssl-1.0.1d/openssl.ld
> + KRB5_ENCKEY_free;
> + OCSP_resp_get0;
> + GENERAL_NAME_it;
> -+ GENERAL_NAME_it;
> -+ ASN1_GENERALIZEDTIME_it;
> + ASN1_GENERALIZEDTIME_it;
> + X509_STORE_set_flags;
> + EC_POINT_set_compressed_coordinates_GFp;
> @@ -2330,21 +2316,18 @@ Index: openssl-1.0.1d/openssl.ld
> + EC_POINT_set_affine_coords_GFp;
> + _ossl_old_des_options;
> + SXNET_it;
> -+ SXNET_it;
> + UI_dup_input_boolean;
> + PKCS12_add_CSPName_asc;
> + EC_POINT_is_at_infinity;
> + ENGINE_load_cryptodev;
> + DSO_convert_filename;
> + POLICYQUALINFO_it;
> -+ POLICYQUALINFO_it;
> + ENGINE_register_ciphers;
> + BN_mod_lshift_quick;
> + DSO_set_filename;
> + ASN1_item_free;
> + KRB5_TKTBODY_free;
> + AUTHORITY_KEYID_it;
> -+ AUTHORITY_KEYID_it;
> + KRB5_APREQBODY_new;
> + X509V3_EXT_REQ_add_nconf;
> + ENGINE_ctrl_cmd_string;
> @@ -2352,19 +2335,15 @@ Index: openssl-1.0.1d/openssl.ld
> + EVP_MD_CTX_init;
> + EXTENDED_KEY_USAGE_free;
> + PKCS7_ATTR_SIGN_it;
> -+ PKCS7_ATTR_SIGN_it;
> + UI_add_error_string;
> + KRB5_CHECKSUM_free;
> + OCSP_REQUEST_get_ext;
> + ENGINE_load_ubsec;
> + ENGINE_register_all_digests;
> + PKEY_USAGE_PERIOD_it;
> -+ PKEY_USAGE_PERIOD_it;
> + PKCS12_unpack_authsafes;
> + ASN1_item_unpack;
> + NETSCAPE_SPKAC_it;
> -+ NETSCAPE_SPKAC_it;
> -+ X509_REVOKED_it;
> + X509_REVOKED_it;
> + ASN1_STRING_encode;
> + EVP_aes_128_ecb;
> @@ -2376,7 +2355,6 @@ Index: openssl-1.0.1d/openssl.ld
> + UI_dup_info_string;
> + _ossl_old_des_xwhite_in2out;
> + PKCS12_it;
> -+ PKCS12_it;
> + OCSP_SINGLERESP_get_ext_by_critical;
> + OCSP_SINGLERESP_get_ext_by_crit;
> + OCSP_CERTSTATUS_free;
> @@ -2395,10 +2373,8 @@ Index: openssl-1.0.1d/openssl.ld
> + ENGINE_unregister_DSA;
> + _ossl_old_des_key_sched;
> + X509_EXTENSION_it;
> -+ X509_EXTENSION_it;
> + i2d_KRB5_AUTHENT;
> + SXNETID_it;
> -+ SXNETID_it;
> + d2i_OCSP_SINGLERESP;
> + EDIPARTYNAME_new;
> + PKCS12_certbag2x509;
> @@ -2409,10 +2385,8 @@ Index: openssl-1.0.1d/openssl.ld
> + d2i_KRB5_APREQBODY;
> + UI_method_get_flusher;
> + X509_PUBKEY_it;
> -+ X509_PUBKEY_it;
> + _ossl_old_des_enc_read;
> + PKCS7_ENCRYPT_it;
> -+ PKCS7_ENCRYPT_it;
> + i2d_OCSP_RESPONSE;
> + EC_GROUP_get_cofactor;
> + PKCS12_unpack_p7data;
> @@ -2430,10 +2404,8 @@ Index: openssl-1.0.1d/openssl.ld
> + PKCS12_item_i2d_encrypt;
> + X509_add1_ext_i2d;
> + PKCS7_SIGNER_INFO_it;
> -+ PKCS7_SIGNER_INFO_it;
> + KRB5_PRINCNAME_new;
> + PKCS12_SAFEBAG_it;
> -+ PKCS12_SAFEBAG_it;
> + EC_GROUP_get_order;
> + d2i_OCSP_RESPID;
> + OCSP_request_verify;
> @@ -2448,42 +2420,32 @@ Index: openssl-1.0.1d/openssl.ld
> + EVP_MD_CTX_create;
> + OCSP_resp_find_status;
> + X509_ALGOR_it;
> -+ X509_ALGOR_it;
> -+ ASN1_TIME_it;
> + ASN1_TIME_it;
> + OCSP_request_set1_name;
> + OCSP_ONEREQ_get_ext_count;
> + UI_get0_result;
> + PKCS12_AUTHSAFES_it;
> -+ PKCS12_AUTHSAFES_it;
> + EVP_aes_256_ecb;
> + PKCS12_pack_authsafes;
> + ASN1_IA5STRING_it;
> -+ ASN1_IA5STRING_it;
> + UI_get_input_flags;
> + EC_GROUP_set_generator;
> + _ossl_old_des_string_to_2keys;
> + OCSP_CERTID_free;
> + X509_CERT_AUX_it;
> -+ X509_CERT_AUX_it;
> -+ CERTIFICATEPOLICIES_it;
> + CERTIFICATEPOLICIES_it;
> + _ossl_old_des_ede3_cbc_encrypt;
> + RAND_set_rand_engine;
> + DSO_get_loaded_filename;
> + X509_ATTRIBUTE_it;
> -+ X509_ATTRIBUTE_it;
> + OCSP_ONEREQ_get_ext_by_NID;
> + PKCS12_decrypt_skey;
> + KRB5_AUTHENT_it;
> -+ KRB5_AUTHENT_it;
> + UI_dup_error_string;
> + RSAPublicKey_it;
> -+ RSAPublicKey_it;
> + i2d_OCSP_REQUEST;
> + PKCS12_x509crl2certbag;
> + OCSP_SERVICELOC_it;
> -+ OCSP_SERVICELOC_it;
> + ASN1_item_sign;
> + X509_CRL_set_issuer_name;
> + OBJ_NAME_do_all_sorted;
> @@ -2494,30 +2456,23 @@ Index: openssl-1.0.1d/openssl.ld
> + ENGINE_get_digest;
> + OCSP_RESPONSE_print;
> + KRB5_TKTBODY_it;
> -+ KRB5_TKTBODY_it;
> + ACCESS_DESCRIPTION_it;
> -+ ACCESS_DESCRIPTION_it;
> -+ PKCS7_ISSUER_AND_SERIAL_it;
> + PKCS7_ISSUER_AND_SERIAL_it;
> + PBE2PARAM_it;
> -+ PBE2PARAM_it;
> + PKCS12_certbag2x509crl;
> + PKCS7_SIGNED_it;
> -+ PKCS7_SIGNED_it;
> + ENGINE_get_cipher;
> + i2d_OCSP_CRLID;
> + OCSP_SINGLERESP_new;
> + ENGINE_cmd_is_executable;
> + RSA_up_ref;
> + ASN1_GENERALSTRING_it;
> -+ ASN1_GENERALSTRING_it;
> + ENGINE_register_DSA;
> + X509V3_EXT_add_nconf_sk;
> + ENGINE_set_load_pubkey_function;
> + PKCS8_decrypt;
> + PEM_bytes_read_bio;
> + DIRECTORYSTRING_it;
> -+ DIRECTORYSTRING_it;
> + d2i_OCSP_CRLID;
> + EC_POINT_is_on_curve;
> + CRYPTO_set_locked_mem_ex_functions;
> @@ -2525,7 +2480,6 @@ Index: openssl-1.0.1d/openssl.ld
> + d2i_KRB5_CHECKSUM;
> + ASN1_item_dup;
> + X509_it;
> -+ X509_it;
> + BN_mod_add;
> + KRB5_AUTHDATA_free;
> + _ossl_old_des_cbc_cksum;
> @@ -2534,7 +2488,6 @@ Index: openssl-1.0.1d/openssl.ld
> + EC_POINT_get_Jprojective_coordinates_GFp;
> + EC_POINT_get_Jproj_coords_GFp;
> + ZLONG_it;
> -+ ZLONG_it;
> + CRYPTO_get_locked_mem_ex_functions;
> + CRYPTO_get_locked_mem_ex_funcs;
> + ASN1_TIME_check;
> @@ -2544,41 +2497,30 @@ Index: openssl-1.0.1d/openssl.ld
> + _ossl_old_des_ede3_cfb64_encrypt;
> + _ossl_odes_ede3_cfb64_encrypt;
> + ASN1_BMPSTRING_it;
> -+ ASN1_BMPSTRING_it;
> + ASN1_tag2bit;
> + UI_method_set_flusher;
> + X509_ocspid_print;
> + KRB5_ENCDATA_it;
> -+ KRB5_ENCDATA_it;
> + ENGINE_get_load_pubkey_function;
> + UI_add_user_data;
> + OCSP_REQUEST_delete_ext;
> + UI_get_method;
> + OCSP_ONEREQ_free;
> + ASN1_PRINTABLESTRING_it;
> -+ ASN1_PRINTABLESTRING_it;
> + X509_CRL_set_nextUpdate;
> + OCSP_REQUEST_it;
> -+ OCSP_REQUEST_it;
> -+ OCSP_BASICRESP_it;
> + OCSP_BASICRESP_it;
> + AES_ecb_encrypt;
> + BN_mod_sqr;
> + NETSCAPE_CERT_SEQUENCE_it;
> -+ NETSCAPE_CERT_SEQUENCE_it;
> -+ GENERAL_NAMES_it;
> + GENERAL_NAMES_it;
> + AUTHORITY_INFO_ACCESS_it;
> -+ AUTHORITY_INFO_ACCESS_it;
> -+ ASN1_FBOOLEAN_it;
> + ASN1_FBOOLEAN_it;
> + UI_set_ex_data;
> + _ossl_old_des_string_to_key;
> + ENGINE_register_all_RSA;
> + d2i_KRB5_PRINCNAME;
> + OCSP_RESPBYTES_it;
> -+ OCSP_RESPBYTES_it;
> -+ X509_CINF_it;
> + X509_CINF_it;
> + ENGINE_unregister_digests;
> + d2i_EDIPARTYNAME;
> @@ -2588,7 +2530,6 @@ Index: openssl-1.0.1d/openssl.ld
> + OCSP_RESPDATA_free;
> + d2i_KRB5_TICKET;
> + OTHERNAME_it;
> -+ OTHERNAME_it;
> + EVP_MD_CTX_cleanup;
> + d2i_ASN1_GENERALSTRING;
> + X509_CRL_set_version;
> @@ -2598,7 +2539,6 @@ Index: openssl-1.0.1d/openssl.ld
> + OCSP_REQUEST_free;
> + OCSP_REQUEST_add1_ext_i2d;
> + X509_VAL_it;
> -+ X509_VAL_it;
> + EC_POINTs_make_affine;
> + EC_POINT_mul;
> + X509V3_EXT_add_nconf;
> @@ -2606,7 +2546,6 @@ Index: openssl-1.0.1d/openssl.ld
> + X509_CRL_add1_ext_i2d;
> + _ossl_old_des_fcrypt;
> + DISPLAYTEXT_it;
> -+ DISPLAYTEXT_it;
> + X509_CRL_set_lastUpdate;
> + OCSP_BASICRESP_free;
> + OCSP_BASICRESP_add1_ext_i2d;
> @@ -2619,7 +2558,6 @@ Index: openssl-1.0.1d/openssl.ld
> + UI_get0_result_string;
> + ASN1_GENERALSTRING_new;
> + X509_SIG_it;
> -+ X509_SIG_it;
> + ERR_set_implementation;
> + ERR_load_EC_strings;
> + UI_get0_action_string;
> @@ -2634,35 +2572,27 @@ Index: openssl-1.0.1d/openssl.ld
> + OCSP_ONEREQ_get_ext_by_OBJ;
> + ASN1_primitive_new;
> + ASN1_PRINTABLE_it;
> -+ ASN1_PRINTABLE_it;
> + EVP_aes_192_ecb;
> + OCSP_SIGNATURE_new;
> + LONG_it;
> -+ LONG_it;
> -+ ASN1_VISIBLESTRING_it;
> + ASN1_VISIBLESTRING_it;
> + OCSP_SINGLERESP_add1_ext_i2d;
> + d2i_OCSP_CERTID;
> + ASN1_item_d2i_fp;
> + CRL_DIST_POINTS_it;
> -+ CRL_DIST_POINTS_it;
> + GENERAL_NAME_print;
> + OCSP_SINGLERESP_delete_ext;
> + PKCS12_SAFEBAGS_it;
> -+ PKCS12_SAFEBAGS_it;
> + d2i_OCSP_SIGNATURE;
> + OCSP_request_add1_nonce;
> + ENGINE_set_cmd_defns;
> + OCSP_SERVICELOC_free;
> + EC_GROUP_free;
> + ASN1_BIT_STRING_it;
> -+ ASN1_BIT_STRING_it;
> -+ X509_REQ_it;
> + X509_REQ_it;
> + _ossl_old_des_cbc_encrypt;
> + ERR_unload_strings;
> + PKCS7_SIGN_ENVELOPE_it;
> -+ PKCS7_SIGN_ENVELOPE_it;
> + EDIPARTYNAME_free;
> + OCSP_REQINFO_free;
> + EC_GROUP_new_curve_GFp;
> @@ -2687,7 +2617,6 @@ Index: openssl-1.0.1d/openssl.ld
> + OCSP_CRLID_free;
> + OCSP_BASICRESP_get1_ext_d2i;
> + RSAPrivateKey_it;
> -+ RSAPrivateKey_it;
> + ENGINE_register_all_DH;
> + i2d_EDIPARTYNAME;
> + EC_POINT_get_affine_coordinates_GFp;
> @@ -2695,10 +2624,8 @@ Index: openssl-1.0.1d/openssl.ld
> + OCSP_CRLID_new;
> + ENGINE_get_flags;
> + OCSP_ONEREQ_it;
> -+ OCSP_ONEREQ_it;
> + UI_process;
> + ASN1_INTEGER_it;
> -+ ASN1_INTEGER_it;
> + EVP_CipherInit_ex;
> + UI_get_string_type;
> + ENGINE_unregister_DH;
> @@ -2707,7 +2634,6 @@ Index: openssl-1.0.1d/openssl.ld
> + bn_dup_expand;
> + OCSP_cert_id_new;
> + BASIC_CONSTRAINTS_it;
> -+ BASIC_CONSTRAINTS_it;
> + BN_mod_add_quick;
> + EC_POINT_new;
> + EVP_MD_CTX_destroy;
> @@ -2717,7 +2643,6 @@ Index: openssl-1.0.1d/openssl.ld
> + EC_POINT_free;
> + DH_up_ref;
> + X509_NAME_ENTRY_it;
> -+ X509_NAME_ENTRY_it;
> + UI_get_ex_new_index;
> + BN_mod_sub_quick;
> + OCSP_ONEREQ_add_ext;
> @@ -2730,7 +2655,6 @@ Index: openssl-1.0.1d/openssl.ld
> + ENGINE_register_complete;
> + X509V3_EXT_nconf_nid;
> + ASN1_SEQUENCE_it;
> -+ ASN1_SEQUENCE_it;
> + UI_set_default_method;
> + RAND_query_egd_bytes;
> + UI_method_get_writer;
> @@ -2738,8 +2662,6 @@ Index: openssl-1.0.1d/openssl.ld
> + PEM_def_callback;
> + ENGINE_cleanup;
> + DIST_POINT_it;
> -+ DIST_POINT_it;
> -+ OCSP_SINGLERESP_it;
> + OCSP_SINGLERESP_it;
> + d2i_KRB5_TKTBODY;
> + EC_POINT_cmp;
> @@ -2758,24 +2680,20 @@ Index: openssl-1.0.1d/openssl.ld
> + OCSP_cert_to_id;
> + OCSP_RESPID_new;
> + OCSP_RESPDATA_it;
> -+ OCSP_RESPDATA_it;
> + d2i_OCSP_RESPDATA;
> + ENGINE_register_all_complete;
> + OCSP_check_validity;
> + PKCS12_BAGS_it;
> -+ PKCS12_BAGS_it;
> + OCSP_url_svcloc_new;
> + ASN1_template_free;
> + OCSP_SINGLERESP_add_ext;
> + KRB5_AUTHENTBODY_it;
> -+ KRB5_AUTHENTBODY_it;
> + X509_supported_extension;
> + i2d_KRB5_AUTHDATA;
> + UI_method_get_opener;
> + ENGINE_set_ex_data;
> + OCSP_REQUEST_print;
> + CBIGNUM_it;
> -+ CBIGNUM_it;
> + KRB5_TICKET_new;
> + KRB5_APREQ_new;
> + EC_GROUP_get_curve_GFp;
> @@ -2785,27 +2703,20 @@ Index: openssl-1.0.1d/openssl.ld
> + OCSP_single_get0_status;
> + BN_swap;
> + POLICYINFO_it;
> -+ POLICYINFO_it;
> + ENGINE_set_destroy_function;
> + asn1_enc_free;
> + OCSP_RESPID_it;
> -+ OCSP_RESPID_it;
> + EC_GROUP_new;
> + EVP_aes_256_cbc;
> + i2d_KRB5_PRINCNAME;
> + _ossl_old_des_encrypt2;
> + _ossl_old_des_encrypt3;
> + PKCS8_PRIV_KEY_INFO_it;
> -+ PKCS8_PRIV_KEY_INFO_it;
> -+ OCSP_REQINFO_it;
> + OCSP_REQINFO_it;
> + PBEPARAM_it;
> -+ PBEPARAM_it;
> + KRB5_AUTHENTBODY_new;
> + X509_CRL_add0_revoked;
> + EDIPARTYNAME_it;
> -+ EDIPARTYNAME_it;
> -+ NETSCAPE_SPKI_it;
> + NETSCAPE_SPKI_it;
> + UI_get0_test_string;
> + ENGINE_get_cipher_engine;
> @@ -2817,14 +2728,12 @@ Index: openssl-1.0.1d/openssl.ld
> + UI_method_get_reader;
> + OCSP_BASICRESP_get_ext_count;
> + ASN1_ENUMERATED_it;
> -+ ASN1_ENUMERATED_it;
> + UI_set_result;
> + i2d_KRB5_TICKET;
> + X509_print_ex_fp;
> + EVP_CIPHER_CTX_set_padding;
> + d2i_OCSP_RESPONSE;
> + ASN1_UTCTIME_it;
> -+ ASN1_UTCTIME_it;
> + _ossl_old_des_enc_write;
> + OCSP_RESPONSE_new;
> + AES_set_encrypt_key;
> @@ -2834,14 +2743,11 @@ Index: openssl-1.0.1d/openssl.ld
> + OCSP_onereq_get0_id;
> + ENGINE_set_default_ciphers;
> + NOTICEREF_it;
> -+ NOTICEREF_it;
> + X509V3_EXT_CRL_add_nconf;
> + OCSP_REVOKEDINFO_it;
> -+ OCSP_REVOKEDINFO_it;
> + AES_encrypt;
> + OCSP_REQUEST_new;
> + ASN1_ANY_it;
> -+ ASN1_ANY_it;
> + CRYPTO_ex_data_new_class;
> + _ossl_old_des_ncbc_encrypt;
> + i2d_KRB5_TKTBODY;
> @@ -2864,19 +2770,15 @@ Index: openssl-1.0.1d/openssl.ld
> + ENGINE_load_nuron;
> + _ossl_old_des_pcbc_encrypt;
> + PKCS12_MAC_DATA_it;
> -+ PKCS12_MAC_DATA_it;
> + OCSP_accept_responses_new;
> + asn1_do_lock;
> + PKCS7_ATTR_VERIFY_it;
> -+ PKCS7_ATTR_VERIFY_it;
> -+ KRB5_APREQBODY_it;
> + KRB5_APREQBODY_it;
> + i2d_OCSP_SINGLERESP;
> + ASN1_item_ex_new;
> + UI_add_verify_string;
> + _ossl_old_des_set_key;
> + KRB5_PRINCNAME_it;
> -+ KRB5_PRINCNAME_it;
> + EVP_DecryptInit_ex;
> + i2d_OCSP_CERTID;
> + ASN1_item_d2i_bio;
> @@ -2890,20 +2792,17 @@ Index: openssl-1.0.1d/openssl.ld
> + OCSP_BASICRESP_new;
> + OCSP_REQUEST_get_ext_by_NID;
> + KRB5_APREQ_it;
> -+ KRB5_APREQ_it;
> + ENGINE_get_destroy_function;
> + CONF_set_nconf;
> + ASN1_PRINTABLE_free;
> + OCSP_BASICRESP_get_ext_by_NID;
> + DIST_POINT_NAME_it;
> -+ DIST_POINT_NAME_it;
> + X509V3_extensions_print;
> + _ossl_old_des_cfb64_encrypt;
> + X509_REVOKED_add1_ext_i2d;
> + _ossl_old_des_ofb_encrypt;
> + KRB5_TKTBODY_new;
> + ASN1_OCTET_STRING_it;
> -+ ASN1_OCTET_STRING_it;
> + ERR_load_UI_strings;
> + i2d_KRB5_ENCKEY;
> + ASN1_template_new;
> @@ -2911,8 +2810,6 @@ Index: openssl-1.0.1d/openssl.ld
> + ASN1_item_i2d_fp;
> + KRB5_PRINCNAME_free;
> + PKCS7_RECIP_INFO_it;
> -+ PKCS7_RECIP_INFO_it;
> -+ EXTENDED_KEY_USAGE_it;
> + EXTENDED_KEY_USAGE_it;
> + EC_GFp_simple_method;
> + EC_GROUP_precompute_mult;
> @@ -2920,42 +2817,33 @@ Index: openssl-1.0.1d/openssl.ld
> + UI_method_set_writer;
> + KRB5_AUTHENT_new;
> + X509_CRL_INFO_it;
> -+ X509_CRL_INFO_it;
> + DSO_set_name_converter;
> + AES_set_decrypt_key;
> + PKCS7_DIGEST_it;
> -+ PKCS7_DIGEST_it;
> + PKCS12_x5092certbag;
> + EVP_DigestInit_ex;
> + i2a_ACCESS_DESCRIPTION;
> + OCSP_RESPONSE_it;
> -+ OCSP_RESPONSE_it;
> -+ PKCS7_ENC_CONTENT_it;
> + PKCS7_ENC_CONTENT_it;
> + OCSP_request_add0_id;
> + EC_POINT_make_affine;
> + DSO_get_filename;
> + OCSP_CERTSTATUS_it;
> -+ OCSP_CERTSTATUS_it;
> + OCSP_request_add1_cert;
> + UI_get0_output_string;
> + UI_dup_verify_string;
> + BN_mod_lshift;
> + KRB5_AUTHDATA_it;
> -+ KRB5_AUTHDATA_it;
> + asn1_set_choice_selector;
> + OCSP_basic_add1_status;
> + OCSP_RESPID_free;
> + asn1_get_field_ptr;
> + UI_add_input_string;
> + OCSP_CRLID_it;
> -+ OCSP_CRLID_it;
> + i2d_KRB5_AUTHENTBODY;
> + OCSP_REQUEST_get_ext_count;
> + ENGINE_load_atalla;
> + X509_NAME_it;
> -+ X509_NAME_it;
> -+ USERNOTICE_it;
> + USERNOTICE_it;
> + OCSP_REQINFO_new;
> + OCSP_BASICRESP_get_ext;
> @@ -2965,33 +2853,27 @@ Index: openssl-1.0.1d/openssl.ld
> + i2d_KRB5_ENCDATA;
> + X509_PURPOSE_set;
> + X509_REQ_INFO_it;
> -+ X509_REQ_INFO_it;
> + UI_method_set_opener;
> + ASN1_item_ex_free;
> + ASN1_BOOLEAN_it;
> -+ ASN1_BOOLEAN_it;
> + ENGINE_get_table_flags;
> + UI_create_method;
> + OCSP_ONEREQ_add1_ext_i2d;
> + _shadow_DES_check_key;
> -+ _shadow_DES_check_key;
> + d2i_OCSP_REQINFO;
> + UI_add_info_string;
> + UI_get_result_minsize;
> + ASN1_NULL_it;
> -+ ASN1_NULL_it;
> + BN_mod_lshift1;
> + d2i_OCSP_ONEREQ;
> + OCSP_ONEREQ_new;
> + KRB5_TICKET_it;
> -+ KRB5_TICKET_it;
> + EVP_aes_192_cbc;
> + KRB5_TICKET_free;
> + UI_new;
> + OCSP_response_create;
> + _ossl_old_des_xcbc_encrypt;
> + PKCS7_it;
> -+ PKCS7_it;
> + OCSP_REQUEST_get_ext_by_critical;
> + OCSP_REQUEST_get_ext_by_crit;
> + ENGINE_set_flags;
> @@ -3000,11 +2882,9 @@ Index: openssl-1.0.1d/openssl.ld
> + EVP_Digest;
> + OCSP_ONEREQ_delete_ext;
> + ASN1_TBOOLEAN_it;
> -+ ASN1_TBOOLEAN_it;
> + ASN1_item_new;
> + ASN1_TIME_to_generalizedtime;
> + BIGNUM_it;
> -+ BIGNUM_it;
> + AES_cbc_encrypt;
> + ENGINE_get_load_privkey_function;
> + ENGINE_get_load_privkey_fn;
> @@ -3016,7 +2896,6 @@ Index: openssl-1.0.1d/openssl.ld
> + EC_POINT_point2oct;
> + KRB5_APREQ_free;
> + ASN1_OBJECT_it;
> -+ ASN1_OBJECT_it;
> + OCSP_crlID_new;
> + OCSP_crlID2_new;
> + CONF_modules_load_file;
> @@ -3074,7 +2953,6 @@ Index: openssl-1.0.1d/openssl.ld
> + i2d_ASN1_UNIVERSALSTRING;
> + ASN1_UNIVERSALSTRING_free;
> + ASN1_UNIVERSALSTRING_it;
> -+ ASN1_UNIVERSALSTRING_it;
> + d2i_ASN1_UNIVERSALSTRING;
> + EVP_des_ede3_ecb;
> + X509_REQ_print_ex;
> @@ -3130,14 +3008,12 @@ Index: openssl-1.0.1d/openssl.ld
> + HMAC_CTX_set_flags;
> + d2i_PROXY_CERT_INFO_EXTENSION;
> + PROXY_POLICY_it;
> -+ PROXY_POLICY_it;
> + i2d_PROXY_POLICY;
> + i2d_PROXY_CERT_INFO_EXTENSION;
> + d2i_PROXY_POLICY;
> + PROXY_CERT_INFO_EXTENSION_new;
> + PROXY_CERT_INFO_EXTENSION_free;
> + PROXY_CERT_INFO_EXTENSION_it;
> -+ PROXY_CERT_INFO_EXTENSION_it;
> + PROXY_POLICY_free;
> + PROXY_POLICY_new;
> + BN_MONT_CTX_set_locked;
> @@ -3174,7 +3050,6 @@ Index: openssl-1.0.1d/openssl.ld
> + BN_BLINDING_get_thread_id;
> + X509_STORE_CTX_set0_param;
> + POLICY_MAPPING_it;
> -+ POLICY_MAPPING_it;
> + STORE_parse_attrs_start;
> + POLICY_CONSTRAINTS_free;
> + EVP_PKEY_add1_attr_by_NID;
> @@ -3183,7 +3058,6 @@ Index: openssl-1.0.1d/openssl.ld
> + STORE_set_method;
> + GENERAL_SUBTREE_free;
> + NAME_CONSTRAINTS_it;
> -+ NAME_CONSTRAINTS_it;
> + ECDH_get_default_method;
> + PKCS12_add_safe;
> + EC_KEY_new_by_curve_name;
> @@ -3226,7 +3100,6 @@ Index: openssl-1.0.1d/openssl.ld
> + ENGINE_get_default_ECDH;
> + EC_KEY_get_conv_form;
> + ASN1_OCTET_STRING_NDEF_it;
> -+ ASN1_OCTET_STRING_NDEF_it;
> + STORE_delete_public_key;
> + STORE_get_public_key;
> + STORE_modify_arbitrary;
> @@ -3383,7 +3256,6 @@ Index: openssl-1.0.1d/openssl.ld
> + ENGINE_load_padlock;
> + EC_GROUP_set_curve_name;
> + X509_CERT_PAIR_it;
> -+ X509_CERT_PAIR_it;
> + STORE_meth_get_revoke_fn;
> + STORE_method_get_revoke_function;
> + STORE_method_set_get_function;
> @@ -3510,7 +3382,6 @@ Index: openssl-1.0.1d/openssl.ld
> + pqueue_pop;
> + STORE_ATTR_INFO_get0_cstr;
> + POLICY_CONSTRAINTS_it;
> -+ POLICY_CONSTRAINTS_it;
> + STORE_get_ex_new_index;
> + EVP_PKEY_get_attr_by_OBJ;
> + X509_VERIFY_PARAM_add0_policy;
> @@ -3558,8 +3429,6 @@ Index: openssl-1.0.1d/openssl.ld
> + STORE_modify_crl;
> + STORE_list_private_key_start;
> + POLICY_MAPPINGS_it;
> -+ POLICY_MAPPINGS_it;
> -+ GENERAL_SUBTREE_it;
> + GENERAL_SUBTREE_it;
> + EC_GROUP_get_curve_name;
> + PEM_write_X509_CERT_PAIR;
> @@ -3692,15 +3561,12 @@ Index: openssl-1.0.1d/openssl.ld
> + BIO_set_callback_arg;
> + v3_addr_add_prefix;
> + IPAddressOrRange_it;
> -+ IPAddressOrRange_it;
> + BIO_set_flags;
> + ASIdentifiers_it;
> -+ ASIdentifiers_it;
> + v3_addr_get_range;
> + BIO_method_type;
> + v3_addr_inherits;
> + IPAddressChoice_it;
> -+ IPAddressChoice_it;
> + AES_ige_encrypt;
> + v3_addr_add_range;
> + EVP_CIPHER_CTX_nid;
> @@ -3721,7 +3587,6 @@ Index: openssl-1.0.1d/openssl.ld
> + BIO_clear_flags;
> + i2d_ASRange;
> + IPAddressRange_it;
> -+ IPAddressRange_it;
> + IPAddressChoice_new;
> + ASIdentifierChoice_new;
> + ASRange_free;
> @@ -3742,7 +3607,6 @@ Index: openssl-1.0.1d/openssl.ld
> + BIO_test_flags;
> + i2d_ASIdentifierChoice;
> + ASRange_it;
> -+ ASRange_it;
> + d2i_ASIdentifiers;
> + ASRange_new;
> + d2i_IPAddressChoice;
> @@ -3751,7 +3615,6 @@ Index: openssl-1.0.1d/openssl.ld
> + EVP_Cipher;
> + i2d_IPAddressOrRange;
> + ASIdOrRange_it;
> -+ ASIdOrRange_it;
> + EVP_CIPHER_nid;
> + i2d_IPAddressChoice;
> + EVP_CIPHER_CTX_block_size;
> @@ -3762,7 +3625,6 @@ Index: openssl-1.0.1d/openssl.ld
> + v3_addr_is_canonical;
> + i2d_IPAddressRange;
> + IPAddressFamily_it;
> -+ IPAddressFamily_it;
> + v3_asid_inherits;
> + EVP_CIPHER_CTX_cipher;
> + EVP_CIPHER_CTX_get_app_data;
> @@ -3772,7 +3634,6 @@ Index: openssl-1.0.1d/openssl.ld
> + d2i_IPAddressOrRange;
> + v3_addr_canonize;
> + ASIdentifierChoice_it;
> -+ ASIdentifierChoice_it;
> + EVP_MD_CTX_md;
> + d2i_ASIdentifierChoice;
> + BIO_method_name;
> @@ -3795,7 +3656,6 @@ Index: openssl-1.0.1d/openssl.ld
> + SEED_set_key;
> + EVP_seed_cfb128;
> + X509_EXTENSIONS_it;
> -+ X509_EXTENSIONS_it;
> + X509_get1_ocsp;
> + OCSP_REQ_CTX_free;
> + i2d_X509_EXTENSIONS;
> @@ -3803,7 +3663,6 @@ Index: openssl-1.0.1d/openssl.ld
> + OCSP_sendreq_new;
> + d2i_X509_EXTENSIONS;
> + X509_ALGORS_it;
> -+ X509_ALGORS_it;
> + X509_ALGOR_get0;
> + X509_ALGOR_set0;
> + AES_unwrap_key;
> @@ -3848,7 +3707,6 @@ Index: openssl-1.0.1d/openssl.ld
> + CMS_SignerInfo_verify;
> + CMS_data;
> + CMS_ContentInfo_it;
> -+ CMS_ContentInfo_it;
> + d2i_CMS_ReceiptRequest;
> + CMS_compress;
> + CMS_digest_create;
> @@ -3893,7 +3751,6 @@ Index: openssl-1.0.1d/openssl.ld
> + CMS_RecipientInfo_kekri_get0_id;
> + CMS_verify_receipt;
> + CMS_ReceiptRequest_it;
> -+ CMS_ReceiptRequest_it;
> + PEM_read_bio_CMS;
> + CMS_get1_crls;
> + CMS_add0_recipient_key;
> @@ -4032,7 +3889,6 @@ Index: openssl-1.0.1d/openssl.ld
> + TS_REQ_dup;
> + GENERAL_NAME_dup;
> + ASN1_SEQUENCE_ANY_it;
> -+ ASN1_SEQUENCE_ANY_it;
> + WHIRLPOOL;
> + X509_STORE_get1_crls;
> + ENGINE_get_pkey_asn1_meth;
> @@ -4103,7 +3959,6 @@ Index: openssl-1.0.1d/openssl.ld
> + DIST_POINT_set_dpname;
> + i2d_ISSUING_DIST_POINT;
> + ASN1_SET_ANY_it;
> -+ ASN1_SET_ANY_it;
> + EVP_PKEY_CTX_get_data;
> + TS_STATUS_INFO_print_bio;
> + EVP_PKEY_derive_init;
> @@ -4263,7 +4118,6 @@ Index: openssl-1.0.1d/openssl.ld
> + EVP_DigestSignFinal;
> + TS_RESP_CTX_set_def_policy;
> + NETSCAPE_X509_it;
> -+ NETSCAPE_X509_it;
> + TS_RESP_create_response;
> + PKCS7_SIGNER_INFO_get0_algs;
> + TS_TST_INFO_get_nonce;
> @@ -4322,7 +4176,6 @@ Index: openssl-1.0.1d/openssl.ld
> + EVP_CIPHER_do_all_sorted;
> + EVP_PKEY_CTX_free;
> + ISSUING_DIST_POINT_it;
> -+ ISSUING_DIST_POINT_it;
> + d2i_TS_MSG_IMPRINT_fp;
> + X509_STORE_get1_certs;
> + EVP_PKEY_CTX_get_operation;
> @@ -4615,7 +4468,6 @@ Index: openssl-1.0.1d/openssl.ld
> + X509_signature_dump;
> + d2i_RSA_PSS_PARAMS;
> + RSA_PSS_PARAMS_it;
> -+ RSA_PSS_PARAMS_it;
> + RSA_PSS_PARAMS_free;
> + X509_sign_ctx;
> + i2d_RSA_PSS_PARAMS;
> @@ -4638,10 +4490,151 @@ Index: openssl-1.0.1d/openssl.ld
> + CRYPTO_memcmp;
> +} OPENSSL_1.0.1;
> +
> -Index: openssl-1.0.1d/engines/openssl.ld
> ++OPENSSL_1.0.2 {
> ++ global:
> ++ SSL_CTX_set_alpn_protos;
> ++ SSL_set_alpn_protos;
> ++ SSL_CTX_set_alpn_select_cb;
> ++ SSL_get0_alpn_selected;
> ++ SSL_CTX_set_custom_cli_ext;
> ++ SSL_CTX_set_custom_srv_ext;
> ++ SSL_CTX_set_srv_supp_data;
> ++ SSL_CTX_set_cli_supp_data;
> ++ SSL_set_cert_cb;
> ++ SSL_CTX_use_serverinfo;
> ++ SSL_CTX_use_serverinfo_file;
> ++ SSL_CTX_set_cert_cb;
> ++ SSL_CTX_get0_param;
> ++ SSL_get0_param;
> ++ SSL_certs_clear;
> ++ DTLSv1_2_method;
> ++ DTLSv1_2_server_method;
> ++ DTLSv1_2_client_method;
> ++ DTLS_method;
> ++ DTLS_server_method;
> ++ DTLS_client_method;
> ++ SSL_CTX_get_ssl_method;
> ++ SSL_CTX_get0_certificate;
> ++ SSL_CTX_get0_privatekey;
> ++ SSL_COMP_set0_compression_methods;
> ++ SSL_COMP_free_compression_methods;
> ++ SSL_CIPHER_find;
> ++ SSL_is_server;
> ++ SSL_CONF_CTX_new;
> ++ SSL_CONF_CTX_finish;
> ++ SSL_CONF_CTX_free;
> ++ SSL_CONF_CTX_set_flags;
> ++ SSL_CONF_CTX_clear_flags;
> ++ SSL_CONF_CTX_set1_prefix;
> ++ SSL_CONF_CTX_set_ssl;
> ++ SSL_CONF_CTX_set_ssl_ctx;
> ++ SSL_CONF_cmd;
> ++ SSL_CONF_cmd_argv;
> ++ SSL_CONF_cmd_value_type;
> ++ SSL_trace;
> ++ SSL_CIPHER_standard_name;
> ++ SSL_get_tlsa_record_byname;
> ++ ASN1_TIME_diff;
> ++ BIO_hex_string;
> ++ CMS_RecipientInfo_get0_pkey_ctx;
> ++ CMS_RecipientInfo_encrypt;
> ++ CMS_SignerInfo_get0_pkey_ctx;
> ++ CMS_SignerInfo_get0_md_ctx;
> ++ CMS_SignerInfo_get0_signature;
> ++ CMS_RecipientInfo_kari_get0_alg;
> ++ CMS_RecipientInfo_kari_get0_reks;
> ++ CMS_RecipientInfo_kari_get0_orig_id;
> ++ CMS_RecipientInfo_kari_orig_id_cmp;
> ++ CMS_RecipientEncryptedKey_get0_id;
> ++ CMS_RecipientEncryptedKey_cert_cmp;
> ++ CMS_RecipientInfo_kari_set0_pkey;
> ++ CMS_RecipientInfo_kari_get0_ctx;
> ++ CMS_RecipientInfo_kari_decrypt;
> ++ CMS_SharedInfo_encode;
> ++ DH_compute_key_padded;
> ++ d2i_DHxparams;
> ++ i2d_DHxparams;
> ++ DH_get_1024_160;
> ++ DH_get_2048_224;
> ++ DH_get_2048_256;
> ++ DH_KDF_X9_42;
> ++ ECDH_KDF_X9_62;
> ++ ECDSA_METHOD_new;
> ++ ECDSA_METHOD_free;
> ++ ECDSA_METHOD_set_app_data;
> ++ ECDSA_METHOD_get_app_data;
> ++ ECDSA_METHOD_set_sign;
> ++ ECDSA_METHOD_set_sign_setup;
> ++ ECDSA_METHOD_set_verify;
> ++ ECDSA_METHOD_set_flags;
> ++ ECDSA_METHOD_set_name;
> ++ EVP_des_ede3_wrap;
> ++ EVP_aes_128_wrap;
> ++ EVP_aes_192_wrap;
> ++ EVP_aes_256_wrap;
> ++ EVP_aes_128_cbc_hmac_sha256;
> ++ EVP_aes_256_cbc_hmac_sha256;
> ++ CRYPTO_128_wrap;
> ++ CRYPTO_128_unwrap;
> ++ OCSP_REQ_CTX_nbio;
> ++ OCSP_REQ_CTX_new;
> ++ OCSP_set_max_response_length;
> ++ OCSP_REQ_CTX_i2d;
> ++ OCSP_REQ_CTX_nbio_d2i;
> ++ OCSP_REQ_CTX_get0_mem_bio;
> ++ OCSP_REQ_CTX_http;
> ++ RSA_padding_add_PKCS1_OAEP_mgf1;
> ++ RSA_padding_check_PKCS1_OAEP_mgf1;
> ++ RSA_OAEP_PARAMS_free;
> ++ RSA_OAEP_PARAMS_it;
> ++ RSA_OAEP_PARAMS_new;
> ++ SSL_get_sigalgs;
> ++ SSL_get_shared_sigalgs;
> ++ SSL_check_chain;
> ++ X509_chain_up_ref;
> ++ X509_http_nbio;
> ++ X509_CRL_http_nbio;
> ++ X509_REVOKED_dup;
> ++ i2d_re_X509_tbs;
> ++ X509_get0_signature;
> ++ X509_get_signature_nid;
> ++ X509_CRL_diff;
> ++ X509_chain_check_suiteb;
> ++ X509_CRL_check_suiteb;
> ++ X509_check_host;
> ++ X509_check_email;
> ++ X509_check_ip;
> ++ X509_check_ip_asc;
> ++ X509_STORE_set_lookup_crls_cb;
> ++ X509_STORE_CTX_get0_store;
> ++ X509_VERIFY_PARAM_set1_host;
> ++ X509_VERIFY_PARAM_add1_host;
> ++ X509_VERIFY_PARAM_set_hostflags;
> ++ X509_VERIFY_PARAM_get0_peername;
> ++ X509_VERIFY_PARAM_set1_email;
> ++ X509_VERIFY_PARAM_set1_ip;
> ++ X509_VERIFY_PARAM_set1_ip_asc;
> ++ X509_VERIFY_PARAM_get0_name;
> ++ X509_VERIFY_PARAM_get_count;
> ++ X509_VERIFY_PARAM_get0;
> ++ X509V3_EXT_free;
> ++ EC_GROUP_get_mont_data;
> ++ EC_curve_nid2nist;
> ++ EC_curve_nist2nid;
> ++ PEM_write_bio_DHxparams;
> ++ PEM_write_DHxparams;
> ++ SSL_CTX_add_client_custom_ext;
> ++ SSL_CTX_add_server_custom_ext;
> ++ SSL_extension_supported;
> ++ BUF_strnlen;
> ++ sk_deep_copy;
> ++ SSL_test_functions;
> ++} OPENSSL_1.0.1d;
> ++
> +Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/openssl.ld
> ===================================================================
> --- /dev/null 1970-01-01 00:00:00.000000000 +0000
> -+++ openssl-1.0.1d/engines/openssl.ld 2013-02-06 19:41:43.000000000 +0100
> ++++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/openssl.ld 2014-02-24 21:02:30.000000000 +0100
> @@ -0,0 +1,10 @@
> +OPENSSL_1.0.0 {
> + global:
> @@ -4653,10 +4646,10 @@ Index: openssl-1.0.1d/engines/openssl.ld
> + *;
> +};
> +
> -Index: openssl-1.0.1d/engines/ccgost/openssl.ld
> +Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/ccgost/openssl.ld
> ===================================================================
> --- /dev/null 1970-01-01 00:00:00.000000000 +0000
> -+++ openssl-1.0.1d/engines/ccgost/openssl.ld 2013-02-06 19:41:43.000000000 +0100
> ++++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/ccgost/openssl.ld 2014-02-24 21:02:30.000000000 +0100
> @@ -0,0 +1,10 @@
> +OPENSSL_1.0.0 {
> + global:
> diff --git a/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_digicert_malaysia.patch b/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_digicert_malaysia.patch
> new file mode 100644
> index 0000000..c43bcd1
> --- /dev/null
> +++ b/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_digicert_malaysia.patch
> @@ -0,0 +1,29 @@
> +From: Raphael Geissert <geissert@debian.org>
> +Description: make X509_verify_cert indicate that any certificate whose
> + name contains "Digicert Sdn. Bhd." (from Malaysia) is revoked.
> +Forwarded: not-needed
> +Origin: vendor
> +Last-Update: 2011-11-05
> +
> +Upstream-Status: Backport [debian]
> +
> +
> +Index: openssl-1.0.2~beta1/crypto/x509/x509_vfy.c
> +===================================================================
> +--- openssl-1.0.2~beta1.orig/crypto/x509/x509_vfy.c 2014-02-25 00:16:12.488028844 +0100
> ++++ openssl-1.0.2~beta1/crypto/x509/x509_vfy.c 2014-02-25 00:16:12.484028929 +0100
> +@@ -964,10 +964,11 @@
> + for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
> + {
> + x = sk_X509_value(ctx->chain, i);
> +- /* Mark DigiNotar certificates as revoked, no matter
> +- * where in the chain they are.
> ++ /* Mark certificates containing the following names as
> ++ * revoked, no matter where in the chain they are.
> + */
> +- if (x->name && strstr(x->name, "DigiNotar"))
> ++ if (x->name && (strstr(x->name, "DigiNotar") ||
> ++ strstr(x->name, "Digicert Sdn. Bhd.")))
> + {
> + ctx->error = X509_V_ERR_CERT_REVOKED;
> + ctx->error_depth = i;
> diff --git a/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch b/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch
> new file mode 100644
> index 0000000..0c1a0b6
> --- /dev/null
> +++ b/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch
> @@ -0,0 +1,67 @@
> +From: Raphael Geissert <geissert@debian.org>
> +Description: make X509_verify_cert indicate that any certificate whose
> + name contains "DigiNotar" is revoked.
> +Forwarded: not-needed
> +Origin: vendor
> +Last-Update: 2011-09-08
> +Bug: http://bugs.debian.org/639744
> +Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
> +Reviewed-by: Dr Stephen N Henson <shenson@drh-consultancy.co.uk>
> +
> +This is not meant as final patch.
> +
> +Upstream-Status: Backport [debian]
> +
> +
> +Index: openssl-1.0.2/crypto/x509/x509_vfy.c
> +===================================================================
> +--- openssl-1.0.2.orig/crypto/x509/x509_vfy.c
> ++++ openssl-1.0.2/crypto/x509/x509_vfy.c
> +@@ -119,6 +119,7 @@ static int check_trust(X509_STORE_CTX *c
> + static int check_revocation(X509_STORE_CTX *ctx);
> + static int check_cert(X509_STORE_CTX *ctx);
> + static int check_policy(X509_STORE_CTX *ctx);
> ++static int check_ca_blacklist(X509_STORE_CTX *ctx);
> +
> + static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
> + unsigned int *preasons, X509_CRL *crl, X509 *x);
> +@@ -438,6 +439,9 @@ int X509_verify_cert(X509_STORE_CTX *ctx
> + if (!ok)
> + goto end;
> +
> ++ ok = check_ca_blacklist(ctx);
> ++ if(!ok) goto end;
> ++
> + #ifndef OPENSSL_NO_RFC3779
> + /* RFC 3779 path validation, now that CRL check has been done */
> + ok = v3_asid_validate_path(ctx);
> +@@ -938,6 +942,29 @@ static int check_crl_time(X509_STORE_CTX
> + return 1;
> + }
> +
> ++static int check_ca_blacklist(X509_STORE_CTX *ctx)
> ++ {
> ++ X509 *x;
> ++ int i;
> ++ /* Check all certificates against the blacklist */
> ++ for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
> ++ {
> ++ x = sk_X509_value(ctx->chain, i);
> ++ /* Mark DigiNotar certificates as revoked, no matter
> ++ * where in the chain they are.
> ++ */
> ++ if (x->name && strstr(x->name, "DigiNotar"))
> ++ {
> ++ ctx->error = X509_V_ERR_CERT_REVOKED;
> ++ ctx->error_depth = i;
> ++ ctx->current_cert = x;
> ++ if (!ctx->verify_cb(0,ctx))
> ++ return 0;
> ++ }
> ++ }
> ++ return 1;
> ++ }
> ++
> + static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
> + X509 **pissuer, int *pscore, unsigned int *preasons,
> + STACK_OF(X509_CRL) *crls)
> diff --git a/meta/recipes-connectivity/openssl/openssl/debian1.0.2/padlock_conf.patch b/meta/recipes-connectivity/openssl/openssl/debian1.0.2/padlock_conf.patch
> new file mode 100644
> index 0000000..61dcf45
> --- /dev/null
> +++ b/meta/recipes-connectivity/openssl/openssl/debian1.0.2/padlock_conf.patch
> @@ -0,0 +1,31 @@
> +
> +Upstream-Status: Backport [debian]
> +
> +--- openssl/apps/openssl.cnf.orig 2012-06-06 00:45:56.000000000 +0200
> ++++ openssl/apps/openssl.cnf 2012-06-06 00:46:46.000000000 +0200
> +@@ -19,6 +19,8 @@
> + # (Alternatively, use a configuration file that has only
> + # X.509v3 extensions in its main [= default] section.)
> +
> ++openssl_conf = openssl_def
> ++
> + [ new_oids ]
> +
> + # We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
> +@@ -348,3 +350,16 @@
> + # (optional, default: no)
> + ess_cert_id_chain = no # Must the ESS cert id chain be included?
> + # (optional, default: no)
> ++
> ++[openssl_def]
> ++engines = engine_section
> ++
> ++[engine_section]
> ++padlock = padlock_section
> ++
> ++[padlock_section]
> ++soft_load=1
> ++init=1
> ++default_algorithms = ALL
> ++dynamic_path=padlock
> ++
> diff --git a/meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch b/meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch
> index d8a6f1a..a574648 100644
> --- a/meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch
> +++ b/meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch
> @@ -1,11 +1,11 @@
> Upstream-Status: Inappropriate [configuration]
>
>
> -Index: openssl-1.0.0/engines/Makefile
> +Index: openssl-1.0.2/engines/Makefile
> ===================================================================
> ---- openssl-1.0.0.orig/engines/Makefile
> -+++ openssl-1.0.0/engines/Makefile
> -@@ -107,7 +107,7 @@
> +--- openssl-1.0.2.orig/engines/Makefile
> ++++ openssl-1.0.2/engines/Makefile
> +@@ -107,13 +107,13 @@ install:
> @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
> @if [ -n "$(SHARED_LIBS)" ]; then \
> set -e; \
> @@ -14,16 +14,19 @@ Index: openssl-1.0.0/engines/Makefile
> for l in $(LIBNAMES); do \
> ( echo installing $$l; \
> pfx=lib; \
> -@@ -119,13 +119,13 @@
> + if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
> + sfx=".so"; \
> +- cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
> ++ cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \
> + else \
> + case "$(CFLAGS)" in \
> + *DSO_BEOS*) sfx=".so";; \
> +@@ -122,10 +122,10 @@ install:
> *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \
> *) sfx=".bad";; \
> esac; \
> - cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
> + cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \
> - else \
> - sfx=".so"; \
> -- cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
> -+ cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \
> fi; \
> - chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
> - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
> @@ -32,20 +35,25 @@ Index: openssl-1.0.0/engines/Makefile
> done; \
> fi
> @target=install; $(RECURSIVE_MAKE)
> -Index: openssl-1.0.0/engines/ccgost/Makefile
> +Index: openssl-1.0.2/engines/ccgost/Makefile
> ===================================================================
> ---- openssl-1.0.0.orig/engines/ccgost/Makefile
> -+++ openssl-1.0.0/engines/ccgost/Makefile
> -@@ -53,13 +53,13 @@
> +--- openssl-1.0.2.orig/engines/ccgost/Makefile
> ++++ openssl-1.0.2/engines/ccgost/Makefile
> +@@ -47,7 +47,7 @@ install:
> + pfx=lib; \
> + if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
> + sfx=".so"; \
> +- cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
> ++ cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \
> + else \
> + case "$(CFLAGS)" in \
> + *DSO_BEOS*) sfx=".so";; \
> +@@ -56,10 +56,10 @@ install:
> *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \
> *) sfx=".bad";; \
> esac; \
> - cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
> + cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \
> - else \
> - sfx=".so"; \
> -- cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
> -+ cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \
> fi; \
> - chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
> - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \
> diff --git a/meta/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch b/meta/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch
> index f0e1778..06d1ea6 100644
> --- a/meta/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch
> +++ b/meta/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch
> @@ -6,17 +6,16 @@ http://rt.openssl.org/Ticket/Display.html?id=2867
>
> Signed-Off-By: Muhammad Shakeel <muhammad_shakeel@mentor.com>
>
> -diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
> -index 3232cfe..df84922 100644
> +Index: openssl-1.0.2/crypto/evp/e_des3.c
> ===================================================================
> ---- a/crypto/evp/e_des3.c
> -+++ b/crypto/evp/e_des3.c
> -@@ -173,7 +173,7 @@ static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
> +--- openssl-1.0.2.orig/crypto/evp/e_des3.c
> ++++ openssl-1.0.2/crypto/evp/e_des3.c
> +@@ -211,7 +211,7 @@ static int des_ede3_cfb1_cipher(EVP_CIPH
> size_t n;
> - unsigned char c[1],d[1];
> + unsigned char c[1], d[1];
>
> -- for(n=0 ; n < inl ; ++n)
> -+ for(n=0 ; n < inl*8 ; ++n)
> - {
> - c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
> - DES_ede3_cfb_encrypt(c,d,1,1,
> +- for (n = 0; n < inl; ++n) {
> ++ for (n = 0; n * 8 < inl; ++n) {
> + c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
> + DES_ede3_cfb_encrypt(c, d, 1, 1,
> + &data(ctx)->ks1, &data(ctx)->ks2,
> diff --git a/meta/recipes-connectivity/openssl/openssl/initial-aarch64-bits.patch b/meta/recipes-connectivity/openssl/openssl/initial-aarch64-bits.patch
> deleted file mode 100644
> index 770097d..0000000
> --- a/meta/recipes-connectivity/openssl/openssl/initial-aarch64-bits.patch
> +++ /dev/null
> @@ -1,120 +0,0 @@
> -From: Andy Polyakov <appro@openssl.org>
> -Date: Sun, 13 Oct 2013 17:15:15 +0000 (+0200)
> -Subject: Initial aarch64 bits.
> -X-Git-Url: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=039081b80977e2a5de84e1f88f8b4d025b559956
> -
> -Initial aarch64 bits.
> -Upstream-Status: backport (will be included in 1.0.2)
> ----
> - crypto/bn/bn_lcl.h | 9 +++++++++
> - crypto/md32_common.h | 18 ++++++++++++++++++
> - crypto/modes/modes_lcl.h | 8 ++++++++
> - crypto/sha/sha512.c | 13 +++++++++++++
> - 4 files changed, 48 insertions(+)
> -
> -Index: openssl-1.0.1f/crypto/bn/bn_lcl.h
> -===================================================================
> ---- openssl-1.0.1f.orig/crypto/bn/bn_lcl.h 2014-01-06 15:47:42.000000000 +0200
> -+++ openssl-1.0.1f/crypto/bn/bn_lcl.h 2014-02-28 10:37:55.495979037 +0200
> -@@ -300,6 +300,15 @@
> - : "r"(a), "r"(b));
> - # endif
> - # endif
> -+# elif defined(__aarch64__) && defined(SIXTY_FOUR_BIT_LONG)
> -+# if defined(__GNUC__) && __GNUC__>=2
> -+# define BN_UMULT_HIGH(a,b) ({ \
> -+ register BN_ULONG ret; \
> -+ asm ("umulh %0,%1,%2" \
> -+ : "=r"(ret) \
> -+ : "r"(a), "r"(b)); \
> -+ ret; })
> -+# endif
> - # endif /* cpu */
> - #endif /* OPENSSL_NO_ASM */
> -
> -Index: openssl-1.0.1f/crypto/md32_common.h
> -===================================================================
> ---- openssl-1.0.1f.orig/crypto/md32_common.h 2014-01-06 15:47:42.000000000 +0200
> -+++ openssl-1.0.1f/crypto/md32_common.h 2014-02-28 10:39:21.751979107 +0200
> -@@ -213,6 +213,24 @@
> - asm ("bswapl %0":"=r"(r):"0"(r)); \
> - *((unsigned int *)(c))=r; (c)+=4; r; })
> - # endif
> -+# elif defined(__aarch64__)
> -+# if defined(__BYTE_ORDER__)
> -+# if defined(__ORDER_LITTLE_ENDIAN__) && __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__
> -+# define HOST_c2l(c,l) ({ unsigned int r; \
> -+ asm ("rev %w0,%w1" \
> -+ :"=r"(r) \
> -+ :"r"(*((const unsigned int *)(c))));\
> -+ (c)+=4; (l)=r; })
> -+# define HOST_l2c(l,c) ({ unsigned int r; \
> -+ asm ("rev %w0,%w1" \
> -+ :"=r"(r) \
> -+ :"r"((unsigned int)(l)));\
> -+ *((unsigned int *)(c))=r; (c)+=4; r; })
> -+# elif defined(__ORDER_BIG_ENDIAN__) && __BYTE_ORDER__==__ORDER_BIG_ENDIAN__
> -+# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, (l))
> -+# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, (l))
> -+# endif
> -+# endif
> - # endif
> - # endif
> - #endif
> -Index: openssl-1.0.1f/crypto/modes/modes_lcl.h
> -===================================================================
> ---- openssl-1.0.1f.orig/crypto/modes/modes_lcl.h 2014-02-28 10:47:48.731979011 +0200
> -+++ openssl-1.0.1f/crypto/modes/modes_lcl.h 2014-02-28 10:48:49.707978919 +0200
> -@@ -29,6 +29,7 @@
> - #if defined(__i386) || defined(__i386__) || \
> - defined(__x86_64) || defined(__x86_64__) || \
> - defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \
> -+ defined(__aarch64__) || \
> - defined(__s390__) || defined(__s390x__)
> - # undef STRICT_ALIGNMENT
> - #endif
> -@@ -50,6 +51,13 @@
> - # define BSWAP4(x) ({ u32 ret=(x); \
> - asm ("bswapl %0" \
> - : "+r"(ret)); ret; })
> -+# elif defined(__aarch64__)
> -+# define BSWAP8(x) ({ u64 ret; \
> -+ asm ("rev %0,%1" \
> -+ : "=r"(ret) : "r"(x)); ret; })
> -+# define BSWAP4(x) ({ u32 ret; \
> -+ asm ("rev %w0,%w1" \
> -+ : "=r"(ret) : "r"(x)); ret; })
> - # elif (defined(__arm__) || defined(__arm)) && !defined(STRICT_ALIGNMENT)
> - # define BSWAP8(x) ({ u32 lo=(u64)(x)>>32,hi=(x); \
> - asm ("rev %0,%0; rev %1,%1" \
> -Index: openssl-1.0.1f/crypto/sha/sha512.c
> -===================================================================
> ---- openssl-1.0.1f.orig/crypto/sha/sha512.c 2014-01-06 15:47:42.000000000 +0200
> -+++ openssl-1.0.1f/crypto/sha/sha512.c 2014-02-28 10:52:14.579978981 +0200
> -@@ -55,6 +55,7 @@
> - #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
> - defined(__x86_64) || defined(_M_AMD64) || defined(_M_X64) || \
> - defined(__s390__) || defined(__s390x__) || \
> -+ defined(__aarch64__) || \
> - defined(SHA512_ASM)
> - #define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
> - #endif
> -@@ -347,6 +348,18 @@
> - asm ("rotrdi %0,%1,%2" \
> - : "=r"(ret) \
> - : "r"(a),"K"(n)); ret; })
> -+# elif defined(__aarch64__)
> -+# define ROTR(a,n) ({ SHA_LONG64 ret; \
> -+ asm ("ror %0,%1,%2" \
> -+ : "=r"(ret) \
> -+ : "r"(a),"I"(n)); ret; })
> -+# if defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__) && \
> -+ __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__
> -+# define PULL64(x) ({ SHA_LONG64 ret; \
> -+ asm ("rev %0,%1" \
> -+ : "=r"(ret) \
> -+ : "r"(*((const SHA_LONG64 *)(&(x))))); ret; })
> -+# endif
> - # endif
> - # elif defined(_MSC_VER)
> - # if defined(_WIN64) /* applies to both IA-64 and AMD64 */
> diff --git a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
> index c161e62..cebc8cf 100644
> --- a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
> +++ b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
> @@ -8,14 +8,16 @@ http://www.mail-archive.com/openssl-dev@openssl.org/msg32860.html
>
> Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
> ---
> ---- a/crypto/evp/digest.c
> -+++ b/crypto/evp/digest.c
> -@@ -199,7 +199,7 @@
> - return 0;
> - }
> +Index: openssl-1.0.2/crypto/evp/digest.c
> +===================================================================
> +--- openssl-1.0.2.orig/crypto/evp/digest.c
> ++++ openssl-1.0.2/crypto/evp/digest.c
> +@@ -208,7 +208,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c
> + return 0;
> + }
> #endif
> -- if (ctx->digest != type)
> -+ if (type && (ctx->digest != type))
> - {
> - if (ctx->digest && ctx->digest->ctx_size)
> - OPENSSL_free(ctx->md_data);
> +- if (ctx->digest != type) {
> ++ if (type && (ctx->digest != type)) {
> + if (ctx->digest && ctx->digest->ctx_size)
> + OPENSSL_free(ctx->md_data);
> + ctx->digest = type;
> diff --git a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch
> index 3e93fe4..d7047bb 100644
> --- a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch
> +++ b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch
> @@ -8,32 +8,19 @@ http://www.mail-archive.com/openssl-dev@openssl.org/msg32859.html
>
> Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
> ---
> ---- a/crypto/dh/dh_ameth.c
> -+++ b/crypto/dh/dh_ameth.c
> -@@ -139,6 +139,12 @@
> - dh=pkey->pkey.dh;
> +Index: openssl-1.0.2/crypto/dh/dh_ameth.c
> +===================================================================
> +--- openssl-1.0.2.orig/crypto/dh/dh_ameth.c
> ++++ openssl-1.0.2/crypto/dh/dh_ameth.c
> +@@ -161,6 +161,11 @@ static int dh_pub_encode(X509_PUBKEY *pk
> + dh = pkey->pkey.dh;
>
> - str = ASN1_STRING_new();
> -+ if (!str)
> -+ {
> -+ DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
> -+ goto err;
> -+ }
> + str = ASN1_STRING_new();
> ++ if (!str) {
> ++ DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
> ++ goto err;
> ++ }
> +
> - str->length = i2d_DHparams(dh, &str->data);
> - if (str->length <= 0)
> - {
> ---- a/crypto/dsa/dsa_ameth.c
> -+++ b/crypto/dsa/dsa_ameth.c
> -@@ -148,6 +148,11 @@
> - {
> - ASN1_STRING *str;
> - str = ASN1_STRING_new();
> -+ if (!str)
> -+ {
> -+ DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
> -+ goto err;
> -+ }
> - str->length = i2d_DSAparams(dsa, &str->data);
> - if (str->length <= 0)
> - {
> + str->length = i2d_dhp(pkey, dh, &str->data);
> + if (str->length <= 0) {
> + DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
> diff --git a/meta/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch b/meta/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch
> index 93ce034..cbce32c 100644
> --- a/meta/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch
> +++ b/meta/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch
> @@ -6,64 +6,13 @@ Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/07/13
>
> ported the patch to the 1.0.0e version
> Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/12/01
> -Index: openssl-1.0.1e/Configure
> +Index: openssl-1.0.2/crypto/bn/bn.h
> ===================================================================
> ---- openssl-1.0.1e.orig/Configure
> -+++ openssl-1.0.1e/Configure
> -@@ -402,6 +402,7 @@ my %table=(
> - "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> - "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
> - "linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
> -+"linux-x32", "gcc:-mx32 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::x32",
> - "linux64-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
> - #### So called "highgprs" target for z/Architecture CPUs
> - # "Highgprs" is kernel feature first implemented in Linux 2.6.32, see
> -Index: openssl-1.0.1e/crypto/bn/asm/x86_64-gcc.c
> -===================================================================
> ---- openssl-1.0.1e.orig/crypto/bn/asm/x86_64-gcc.c
> -+++ openssl-1.0.1e/crypto/bn/asm/x86_64-gcc.c
> -@@ -55,7 +55,7 @@
> - * machine.
> - */
> -
> --#ifdef _WIN64
> -+#if defined _WIN64 || !defined __LP64__
> - #define BN_ULONG unsigned long long
> - #else
> - #define BN_ULONG unsigned long
> -@@ -192,9 +192,9 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con
> - asm (
> - " subq %2,%2 \n"
> - ".p2align 4 \n"
> -- "1: movq (%4,%2,8),%0 \n"
> -- " adcq (%5,%2,8),%0 \n"
> -- " movq %0,(%3,%2,8) \n"
> -+ "1: movq (%q4,%2,8),%0 \n"
> -+ " adcq (%q5,%2,8),%0 \n"
> -+ " movq %0,(%q3,%2,8) \n"
> - " leaq 1(%2),%2 \n"
> - " loop 1b \n"
> - " sbbq %0,%0 \n"
> -@@ -215,9 +215,9 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con
> - asm (
> - " subq %2,%2 \n"
> - ".p2align 4 \n"
> -- "1: movq (%4,%2,8),%0 \n"
> -- " sbbq (%5,%2,8),%0 \n"
> -- " movq %0,(%3,%2,8) \n"
> -+ "1: movq (%q4,%2,8),%0 \n"
> -+ " sbbq (%q5,%2,8),%0 \n"
> -+ " movq %0,(%q3,%2,8) \n"
> - " leaq 1(%2),%2 \n"
> - " loop 1b \n"
> - " sbbq %0,%0 \n"
> -Index: openssl-1.0.1e/crypto/bn/bn.h
> -===================================================================
> ---- openssl-1.0.1e.orig/crypto/bn/bn.h
> -+++ openssl-1.0.1e/crypto/bn/bn.h
> -@@ -172,6 +172,13 @@ extern "C" {
> +--- openssl-1.0.2.orig/crypto/bn/bn.h
> ++++ openssl-1.0.2/crypto/bn/bn.h
> +@@ -173,6 +173,13 @@ extern "C" {
> + # endif
> # endif
> - #endif
>
> +/* Address type. */
> +#ifdef _WIN64
> @@ -72,19 +21,19 @@ Index: openssl-1.0.1e/crypto/bn/bn.h
> +#define BN_ADDR unsigned long
> +#endif
> +
> - /* assuming long is 64bit - this is the DEC Alpha
> - * unsigned long long is only 64 bits :-(, don't define
> - * BN_LLONG for the DEC Alpha */
> -Index: openssl-1.0.1e/crypto/bn/bn_exp.c
> + /*
> + * assuming long is 64bit - this is the DEC Alpha unsigned long long is only
> + * 64 bits :-(, don't define BN_LLONG for the DEC Alpha
> +Index: openssl-1.0.2/crypto/bn/bn_exp.c
> ===================================================================
> ---- openssl-1.0.1e.orig/crypto/bn/bn_exp.c
> -+++ openssl-1.0.1e/crypto/bn/bn_exp.c
> -@@ -567,7 +567,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBU
> -
> - /* Given a pointer value, compute the next address that is a cache line multiple. */
> +--- openssl-1.0.2.orig/crypto/bn/bn_exp.c
> ++++ openssl-1.0.2/crypto/bn/bn_exp.c
> +@@ -638,7 +638,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBU
> + * multiple.
> + */
> #define MOD_EXP_CTIME_ALIGN(x_) \
> -- ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
> +- ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
> + ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ADDR)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
>
> - /* This variant of BN_mod_exp_mont() uses fixed windows and the special
> - * precomputation memory layout to limit data-dependency to a minimum
> + /*
> + * This variant of BN_mod_exp_mont() uses fixed windows and the special
> diff --git a/meta/recipes-connectivity/openssl/openssl/ptest-deps.patch b/meta/recipes-connectivity/openssl/openssl/ptest-deps.patch
> index 527e10c..ef6d179 100644
> --- a/meta/recipes-connectivity/openssl/openssl/ptest-deps.patch
> +++ b/meta/recipes-connectivity/openssl/openssl/ptest-deps.patch
> @@ -10,11 +10,11 @@ Upstream-Status: Inappropriate [config]
>
> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
>
> -diff --git a/test/Makefile b/test/Makefile
> -index e6fcfb4..5ae043b 100644
> ---- a/test/Makefile
> -+++ b/test/Makefile
> -@@ -322,11 +322,11 @@ test_cms:
> +Index: openssl-1.0.2/test/Makefile
> +===================================================================
> +--- openssl-1.0.2.orig/test/Makefile
> ++++ openssl-1.0.2/test/Makefile
> +@@ -330,7 +330,7 @@ test_cms: ../apps/openssl$(EXE_EXT) cms-
> @echo "CMS consistency test"
> $(PERL) cms-test.pl
>
> @@ -23,8 +23,12 @@ index e6fcfb4..5ae043b 100644
> @echo "Test SRP"
> ../util/shlib_wrap.sh ./srptest
>
> +@@ -342,7 +342,7 @@ test_v3name: $(V3NAMETEST)$(EXE_EXT)
> + @echo "Test X509v3_check_*"
> + ../util/shlib_wrap.sh ./$(V3NAMETEST)
> +
> -test_heartbeat: $(HEARTBEATTEST)$(EXE_EXT)
> +test_heartbeat:
> ../util/shlib_wrap.sh ./$(HEARTBEATTEST)
>
> - lint:
> + test_constant_time: $(CONSTTIMETEST)$(EXE_EXT)
> diff --git a/meta/recipes-connectivity/openssl/openssl/update-version-script-for-1.0.2.patch b/meta/recipes-connectivity/openssl/openssl/update-version-script-for-1.0.2.patch
> new file mode 100644
> index 0000000..fcfccfa
> --- /dev/null
> +++ b/meta/recipes-connectivity/openssl/openssl/update-version-script-for-1.0.2.patch
> @@ -0,0 +1,66 @@
> +Index: openssl-1.0.2/openssl.ld
> +===================================================================
> +--- openssl-1.0.2.orig/openssl.ld
> ++++ openssl-1.0.2/openssl.ld
> +@@ -4618,3 +4618,61 @@ OPENSSL_1.0.1d {
> + CRYPTO_memcmp;
> + } OPENSSL_1.0.1;
> +
> ++OPENSSL_1.0.2 {
> ++ global:
> ++ ASN1_TIME_diff;
> ++ CMS_RecipientInfo_get0_pkey_ctx;
> ++ CMS_RecipientInfo_kari_get0_ctx;
> ++ CMS_SignerInfo_get0_pkey_ctx;
> ++ DH_get_1024_160;
> ++ DH_get_2048_224;
> ++ DH_get_2048_256;
> ++ DTLS_client_method;
> ++ DTLS_server_method;
> ++ DTLSv1_2_client_method;
> ++ DTLSv1_2_server_method;
> ++ EC_curve_nid2nist;
> ++ EC_curve_nist2nid;
> ++ EVP_aes_128_cbc_hmac_sha256;
> ++ EVP_aes_128_wrap;
> ++ EVP_aes_192_wrap;
> ++ EVP_aes_256_cbc_hmac_sha256;
> ++ EVP_aes_256_wrap;
> ++ EVP_des_ede3_wrap;
> ++ OCSP_REQ_CTX_http;
> ++ OCSP_REQ_CTX_new;
> ++ PEM_write_bio_DHxparams;
> ++ SSL_CIPHER_find;
> ++ SSL_CONF_CTX_finish;
> ++ SSL_CONF_CTX_free;
> ++ SSL_CONF_CTX_new;
> ++ SSL_CONF_CTX_set_flags;
> ++ SSL_CONF_CTX_set_ssl_ctx;
> ++ SSL_CONF_cmd;
> ++ SSL_CONF_cmd_argv;
> ++ SSL_CTX_add_client_custom_ext;
> ++ SSL_CTX_add_server_custom_ext;
> ++ SSL_CTX_set_alpn_protos;
> ++ SSL_CTX_set_alpn_select_cb;
> ++ SSL_CTX_set_cert_cb;
> ++ SSL_CTX_use_serverinfo_file;
> ++ SSL_certs_clear;
> ++ SSL_check_chain;
> ++ SSL_get0_alpn_selected;
> ++ SSL_get_shared_sigalgs;
> ++ SSL_get_sigalgs;
> ++ SSL_is_server;
> ++ X509_CRL_diff;
> ++ X509_CRL_http_nbio;
> ++ X509_STORE_set_lookup_crls_cb;
> ++ X509_VERIFY_PARAM_set1_email;
> ++ X509_VERIFY_PARAM_set1_host;
> ++ X509_VERIFY_PARAM_set1_ip_asc;
> ++ X509_chain_check_suiteb;
> ++ X509_chain_up_ref;
> ++ X509_check_email;
> ++ X509_check_host;
> ++ X509_check_ip_asc;
> ++ X509_get_signature_nid;
> ++ X509_http_nbio;
> ++} OPENSSL_1.0.1d;
> diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.1k.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2.bb
> similarity index 84%
> rename from meta/recipes-connectivity/openssl/openssl_1.0.1k.bb
> rename to meta/recipes-connectivity/openssl/openssl_1.0.2.bb
> index 16ffc58..79537f9 100644
> --- a/meta/recipes-connectivity/openssl/openssl_1.0.1k.bb
> +++ b/meta/recipes-connectivity/openssl/openssl_1.0.2.bb
> @@ -16,21 +16,22 @@ SRC_URI += "file://configure-targets.patch \
> file://oe-ldflags.patch \
> file://engines-install-in-libdir-ssl.patch \
> file://openssl-fix-link.patch \
> - file://debian/version-script.patch \
> - file://debian/pic.patch \
> - file://debian/c_rehash-compat.patch \
> + file://debian1.0.2/block_diginotar.patch \
> + file://debian1.0.2/block_digicert_malaysia.patch \
> + file://debian1.0.2/padlock_conf.patch \
> file://debian/ca.patch \
> - file://debian/make-targets.patch \
> - file://debian/no-rpath.patch \
> + file://debian/c_rehash-compat.patch \
> + file://debian/debian-targets.patch \
> file://debian/man-dir.patch \
> file://debian/man-section.patch \
> + file://debian/no-rpath.patch \
> file://debian/no-symbolic.patch \
> - file://debian/debian-targets.patch \
> + file://debian/pic.patch \
> + file://debian/version-script.patch \
> file://openssl_fix_for_x32.patch \
> file://fix-cipher-des-ede3-cfb1.patch \
> file://openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch \
> file://openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch \
> - file://initial-aarch64-bits.patch \
> file://find.pl \
> file://openssl-fix-des.pod-error.patch \
> file://Makefiles-ptest.patch \
> @@ -38,8 +39,8 @@ SRC_URI += "file://configure-targets.patch \
> file://run-ptest \
> "
>
> -SRC_URI[md5sum] = "d4f002bd22a56881340105028842ae1f"
> -SRC_URI[sha256sum] = "8f9faeaebad088e772f4ef5e38252d472be4d878c6b3a2718c10a4fcebe7a41c"
> +SRC_URI[md5sum] = "38373013fc85c790aabf8837969c5eba"
> +SRC_URI[sha256sum] = "8c48baf3babe0d505d16cfc0cf272589c66d3624264098213db0fb00034728e9"
>
> PACKAGES =+ " \
> ${PN}-engines \
>
next prev parent reply other threads:[~2015-03-12 6:18 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-04 17:46 [PATCH] openssl: Upgrade to 1.0.2 Saul Wold
2015-03-12 6:18 ` Robert Yang [this message]
2015-03-12 19:17 ` Saul Wold
2015-03-16 6:21 ` Robert Yang
2015-03-13 13:46 ` Martin Jansa
2015-03-16 5:41 ` Saul Wold
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55012FB3.2030404@windriver.com \
--to=liezhi.yang@windriver.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=sgw@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.