summaryrefslogtreecommitdiff
path: root/recipes-connectivity
diff options
context:
space:
mode:
Diffstat (limited to 'recipes-connectivity')
-rw-r--r--recipes-connectivity/openssl/openssl/0001-eng_dyn-Avoid-spurious-errors-when-checking-for-3.x-.patch67
-rw-r--r--recipes-connectivity/openssl/openssl_1.1.1o.bb (renamed from recipes-connectivity/openssl/openssl_1.1.1n.bb)3
2 files changed, 1 insertions, 69 deletions
diff --git a/recipes-connectivity/openssl/openssl/0001-eng_dyn-Avoid-spurious-errors-when-checking-for-3.x-.patch b/recipes-connectivity/openssl/openssl/0001-eng_dyn-Avoid-spurious-errors-when-checking-for-3.x-.patch
deleted file mode 100644
index c074d30..0000000
--- a/recipes-connectivity/openssl/openssl/0001-eng_dyn-Avoid-spurious-errors-when-checking-for-3.x-.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-From d6bf4a2218aeb246ba7d34f02e895c37569c8265 Mon Sep 17 00:00:00 2001
-From: Tomas Mraz <tomas@openssl.org>
-Date: Wed, 16 Mar 2022 12:09:52 +0100
-Subject: [PATCH] eng_dyn: Avoid spurious errors when checking for 3.x engine
-
-Reviewed-by: Paul Dale <pauli@openssl.org>
-Reviewed-by: Richard Levitte <levitte@openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/17902)
----
- crypto/engine/eng_dyn.c | 33 ++++++++++++++++++++++-----------
- 1 file changed, 22 insertions(+), 11 deletions(-)
-
-diff --git a/crypto/engine/eng_dyn.c b/crypto/engine/eng_dyn.c
-index 6a0ddc162d..27d7b893cd 100644
---- a/crypto/engine/eng_dyn.c
-+++ b/crypto/engine/eng_dyn.c
-@@ -393,6 +393,26 @@ static int int_load(dynamic_data_ctx *ctx)
- return 0;
- }
-
-+/*
-+ * Unfortunately the version checker does not distinguish between
-+ * engines built for openssl 1.1.x and openssl 3.x, but loading
-+ * an engine that is built for openssl 3.x will cause a fatal
-+ * error. Detect such engines, since EVP_PKEY_get_base_id is exported
-+ * as a function in openssl 3.x, while it is named EVP_PKEY_base_id
-+ * in openssl 1.1.x. Therefore we take the presence of that symbol
-+ * as an indication that the engine will be incompatible.
-+ */
-+static int using_libcrypto_3(dynamic_data_ctx *ctx)
-+{
-+ int ret;
-+
-+ ERR_set_mark();
-+ ret = DSO_bind_func(ctx->dynamic_dso, "EVP_PKEY_get_base_id") != NULL;
-+ ERR_pop_to_mark();
-+
-+ return ret;
-+}
-+
- static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx)
- {
- ENGINE cpy;
-@@ -442,18 +462,9 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx)
- /*
- * We fail if the version checker veto'd the load *or* if it is
- * deferring to us (by returning its version) and we think it is too
-- * old.
-- * Unfortunately the version checker does not distinguish between
-- * engines built for openssl 1.1.x and openssl 3.x, but loading
-- * an engine that is built for openssl 3.x will cause a fatal
-- * error. Detect such engines, since EVP_PKEY_get_base_id is exported
-- * as a function in openssl 3.x, while it is named EVP_PKEY_base_id
-- * in openssl 1.1.x. Therefore we take the presence of that symbol
-- * as an indication that the engine will be incompatible.
-+ * old. Also fail if this is engine for openssl 3.x.
- */
-- if (vcheck_res < OSSL_DYNAMIC_OLDEST
-- || DSO_bind_func(ctx->dynamic_dso,
-- "EVP_PKEY_get_base_id") != NULL) {
-+ if (vcheck_res < OSSL_DYNAMIC_OLDEST || using_libcrypto_3(ctx)) {
- /* Fail */
- ctx->bind_engine = NULL;
- ctx->v_check = NULL;
---
-2.25.1
-
diff --git a/recipes-connectivity/openssl/openssl_1.1.1n.bb b/recipes-connectivity/openssl/openssl_1.1.1o.bb
index 434e7b1..c69bd56 100644
--- a/recipes-connectivity/openssl/openssl_1.1.1n.bb
+++ b/recipes-connectivity/openssl/openssl_1.1.1o.bb
@@ -15,7 +15,6 @@ SRC_URI = "https://www.openssl.org/source/openssl-${PV}.tar.gz \
file://run-ptest \
file://0001-skip-test_symbol_presence.patch \
file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \
- file://0001-eng_dyn-Avoid-spurious-errors-when-checking-for-3.x-.patch \
file://afalg.patch \
file://reproducible.patch \
"
@@ -24,7 +23,7 @@ SRC_URI_append_class-nativesdk = " \
file://environment.d-openssl.sh \
"
-SRC_URI[sha256sum] = "40dceb51a4f6a5275bde0e6bf20ef4b91bfc32ed57c0552e2e8e15463372b17a"
+SRC_URI[sha256sum] = "9384a2b0570dd80358841464677115df785edb941c71211f75076d72fe6b438f"
inherit lib_package multilib_header multilib_script ptest
MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"