| Age | Commit message (Collapse) | Author | Files |
|---|
|
Adding perl to the RDEPENDS caused a performance hit to the overall build time since this was
the only package that depended on perl. The openssl-misc package is not installed by default
so use a PACKAGECONFIG which can be overridden to allow the perl scripts along with perl to
be installed.
(From OE-Core master rev: 421e927bd453259f4b3cdbd1676f6e12f97bf34f)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
c_rehash utility is not being installed with openssl.It conveniently
generates hash and symbolic links based on it for CA certificates
stored locally for SSL based server authentication
(From OE-Core master rev: 3c2f9cf615c964e8303fd3e225ea7dd7b5485155)
Signed-off-by: Yasir-Khan <yasir_khan@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
* Add the openssl-conf package to the list of packages to
be created. This package contains the openssl.cnf file
which is used by both the openssl executable in the
openssl package and the libcrypto library.
* This is to avoid messages like:
WARNING: can't open config file: /usr/lib/ssl/openssl.cnf
* When running "openssl req" to request and generate a certificate
the command will fail without the openssl.cnf file being
installed on the target system.
* Made this package an RRECOMMENDS for libcrypto since:
* libcrypto is a RDEPENDS for the openssl package
* Users can specify a configuration file at another
location so it is not stricly required and many
commands will work without it (with warnings)
(From OE-Core master rev: 5c3ec044838e23539f9fe4cc74da4db2e5b59166)
Signed-off-by: Chase Maupin <Chase.Maupin@ti.com>
Signed-off-by: Qiang Chen <qiang.chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
opensslconf.h conflicts between 32-bit and 64-bit versions.
Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
There is no reason to disable exec-stack only for -native builds;
binaries on the target will suffer from the same SELinux ACLs.
OpenSSL does not use executable stack so this option can be disabled
unconditionally.
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add mips64 configure support but assume mips(32) userspace.
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
The overrides virtclass-native and virtclass-nativesdk are deprecated,
which should be replaced by class-native and class-nativesdk.
[YOCTO #3297]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
The latter variable is only applicable for target builds and could
result in passing incompatible options (and/or failing to pass
required options) to ${BUILD_CC} for a virtclass-native build.
Signed-off-by: Phil Blundell <philb@gnu.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Restore INC_PR to r15 to prevent breakage with out of tree openssl
recipes (e.g, meta-oe).
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Addresses CVE-2012-2110
Fixes bug [YOCTO #2368]
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This fix is for dhclient. It needs libcrypto at runtime and if
libcrypto is in libdir, it's path can be inaccessible on systems
where /usr is on nfs for example or dhclient is needed before
/usr is mounted.
Signed-off-by: Andrei Gherzan <andrei@gherzan.ro>
[Fix comment to from /usr -> /lib - sgw]
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Add BN_ADDR for address type instead of using BN_ULONG or unsigned long:
1. For W64, address type is unsigned long long, not unsigned long.
2. For x32, address type is unsigned long , not BN_ULONG.
Added a new targetlinux-x32 in the config file
The do_install() code to move lib/* to lib64 is not needed now with the
enhanced multilib support.
Make the x86-64 assembly syntax compatible with x32 compiler.
Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com>
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* Thanks to meta-oe for this contribution
* Add Patch Upstream-Status info
* Merged the meta-oe version of openssl-1.0.inc with openssl.inc
* Fix make install parallel issue with PARALLEL_MAKEINST = ""
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Without this change the perl path from the build system is used.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There is this discrepency in spelling. Lets fix it in
core. There are lot of layers using SITEINFO_ENDIANNESS
This was shielded since meta-oe had its own copy of
siteinfo class. But that class has now been deleted in
favor of oe-core
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If try to build for an ppc64 target openssl will fail to build since
the configure script didn't know how to handle a 'linux-powerpc64' target.
Signed-off-by: Kumar Gala <galak@kernel.crashing.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If trying to build for an e500v2 target openssl will fail to build since
the configure script didn't know how to handle a 'gnuspe' target.
Signed-off-by: Kumar Gala <galak@kernel.crashing.org>
|
|
Otherwise it will use the openssl internal default of /usr/share/man which may not be correct.
Signed-off-by: Phil Blundell <philb@gnu.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
if libdir is not /usr/lib, e.g /usr/lib64, openssl build will fail
because it still use /usr/lib as library dir.
this patch appends the configure option "--libdir" to specify the correct
library directory
Signed-off-by: Yu Ke <ke.yu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Dexuan Cui <dexuan.cui@intel.com>
|
|
This fixes a build failure when ${prefix}="".
Signed-off-by: Phil Blundell <philb@gnu.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
[YOCTO #979]
from 0.9.8p
fixes CVE-2010-4180, CVE-2010-4252, CVE-2010-0014
Signed-off-by: Qing He <qing.he@intel.com>
|
|
Signed-off-by: Qing He <qing.he@intel.com>
|
|
The -Wall flag was unintentionally removed from the end of the CFLAG var in
089612794d4d8d9c79bd2a4365d6df78371f7f40 by me. This patch puts it back in.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <rpurdie@linux.intel.com>
|
|
The execstack flag gets set on libcrypto.so by default which causes SELinux
to prevent it from being loaded on systems using SELinux, which includes
Fedora. This patch disables the execstack flag. (Note: Red Hat do this in
their openssl packaging.)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
|
|
point to incorrect places
Signed-off-by: Richard Purdie <rpurdie@linux.intel.com>
|
|
[BUGID #281]
Evaluate and update each package in recipes-connectivity to ensure they
have a consistent summary and description.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
Signed-off-by: Richard Purdie <rpurdie@linux.intel.com>
|
