From ff3db93e53c4f9d56807d3755c799459944e9a87 Mon Sep 17 00:00:00 2001
From: Andrej Valek <andrej.valek@siemens.com>
Date: Thu, 16 Aug 2018 14:27:56 +0200
Subject: openssl: update 1.0.2o -> 1.0.2p

Please see this security advisory:
https://www.openssl.org/news/secadv/20180612.txt

Refresh patches

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 ...build-with-clang-using-external-assembler.patch |   45 -
 .../0001-allow-manpages-to-be-disabled.patch       |   31 -
 ...penssl-force-soft-link-to-avoid-rare-race.patch |   46 -
 .../openssl/openssl-1.0.2o/Makefiles-ptest.patch   |   93 -
 .../Use-SHA256-not-MD5-as-default-digest.patch     |   69 -
 .../openssl-1.0.2o/configure-musl-target.patch     |   25 -
 .../openssl/openssl-1.0.2o/configure-targets.patch |   35 -
 .../openssl-1.0.2o/debian/c_rehash-compat.patch    |   71 -
 .../openssl-1.0.2o/debian/debian-targets.patch     |   73 -
 .../openssl/openssl-1.0.2o/debian/man-dir.patch    |   15 -
 .../openssl-1.0.2o/debian/man-section.patch        |   34 -
 .../openssl/openssl-1.0.2o/debian/no-rpath.patch   |   15 -
 .../openssl-1.0.2o/debian/no-symbolic.patch        |   15 -
 .../openssl/openssl-1.0.2o/debian/pic.patch        |  177 -
 .../debian1.0.2/block_digicert_malaysia.patch      |   29 -
 .../debian1.0.2/block_diginotar.patch              |   68 -
 .../openssl-1.0.2o/debian1.0.2/soname.patch        |   15 -
 .../debian1.0.2/version-script.patch               | 4658 --------------------
 .../engines-install-in-libdir-ssl.patch            |   64 -
 .../openssl/openssl-1.0.2o/oe-ldflags.patch        |   24 -
 .../openssl/openssl-1.0.2o/openssl-c_rehash.sh     |  222 -
 .../openssl-1.0.2o/openssl-fix-des.pod-error.patch |   19 -
 .../openssl-1.0.2o/openssl_fix_for_x32.patch       |   39 -
 .../openssl/openssl-1.0.2o/parallel.patch          |  370 --
 .../openssl/openssl-1.0.2o/ptest-deps.patch        |   34 -
 .../openssl-1.0.2o/ptest_makefile_deps.patch       |  248 --
 .../openssl-1.0.2o/reproducible-cflags.patch       |   20 -
 .../openssl-1.0.2o/reproducible-mkbuildinf.patch   |   21 -
 .../openssl/openssl-1.0.2o/run-ptest               |    2 -
 .../openssl/openssl-1.0.2o/shared-libs.patch       |   41 -
 ...build-with-clang-using-external-assembler.patch |   45 +
 .../0001-allow-manpages-to-be-disabled.patch       |   31 +
 ...penssl-force-soft-link-to-avoid-rare-race.patch |   46 +
 .../openssl/openssl-1.0.2p/Makefiles-ptest.patch   |   89 +
 .../Use-SHA256-not-MD5-as-default-digest.patch     |   69 +
 .../openssl-1.0.2p/configure-musl-target.patch     |   25 +
 .../openssl/openssl-1.0.2p/configure-targets.patch |   35 +
 .../openssl-1.0.2p/debian/c_rehash-compat.patch    |   71 +
 .../openssl-1.0.2p/debian/debian-targets.patch     |   73 +
 .../openssl/openssl-1.0.2p/debian/man-dir.patch    |   15 +
 .../openssl-1.0.2p/debian/man-section.patch        |   34 +
 .../openssl/openssl-1.0.2p/debian/no-rpath.patch   |   15 +
 .../openssl-1.0.2p/debian/no-symbolic.patch        |   15 +
 .../openssl/openssl-1.0.2p/debian/pic.patch        |  177 +
 .../debian1.0.2/block_digicert_malaysia.patch      |   29 +
 .../debian1.0.2/block_diginotar.patch              |   68 +
 .../openssl-1.0.2p/debian1.0.2/soname.patch        |   15 +
 .../debian1.0.2/version-script.patch               | 4658 ++++++++++++++++++++
 .../engines-install-in-libdir-ssl.patch            |   64 +
 .../openssl/openssl-1.0.2p/oe-ldflags.patch        |   24 +
 .../openssl/openssl-1.0.2p/openssl-c_rehash.sh     |  222 +
 .../openssl-1.0.2p/openssl-fix-des.pod-error.patch |   19 +
 .../openssl-1.0.2p/openssl_fix_for_x32.patch       |   39 +
 .../openssl/openssl-1.0.2p/parallel.patch          |  368 ++
 .../openssl/openssl-1.0.2p/ptest-deps.patch        |   34 +
 .../openssl-1.0.2p/ptest_makefile_deps.patch       |  248 ++
 .../openssl-1.0.2p/reproducible-cflags.patch       |   20 +
 .../openssl-1.0.2p/reproducible-mkbuildinf.patch   |   21 +
 .../openssl/openssl-1.0.2p/run-ptest               |    2 +
 .../openssl/openssl-1.0.2p/shared-libs.patch       |   41 +
 .../recipes-connectivity/openssl/openssl_1.0.2o.bb |  344 --
 .../recipes-connectivity/openssl/openssl_1.0.2p.bb |  344 ++
 62 files changed, 6956 insertions(+), 6962 deletions(-)
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/0001-Fix-build-with-clang-using-external-assembler.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/0001-allow-manpages-to-be-disabled.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/0001-openssl-force-soft-link-to-avoid-rare-race.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/Makefiles-ptest.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/Use-SHA256-not-MD5-as-default-digest.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/configure-musl-target.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/configure-targets.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/c_rehash-compat.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/debian-targets.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/man-dir.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/man-section.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/no-rpath.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/no-symbolic.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/pic.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/block_digicert_malaysia.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/block_diginotar.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/soname.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/version-script.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/engines-install-in-libdir-ssl.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/oe-ldflags.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/openssl-c_rehash.sh
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/openssl-fix-des.pod-error.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/openssl_fix_for_x32.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/parallel.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/ptest-deps.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/ptest_makefile_deps.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/reproducible-cflags.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/reproducible-mkbuildinf.patch
 delete mode 100755 meta/recipes-connectivity/openssl/openssl-1.0.2o/run-ptest
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2o/shared-libs.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/0001-Fix-build-with-clang-using-external-assembler.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/0001-allow-manpages-to-be-disabled.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/0001-openssl-force-soft-link-to-avoid-rare-race.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/Makefiles-ptest.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/Use-SHA256-not-MD5-as-default-digest.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/configure-musl-target.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/configure-targets.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/c_rehash-compat.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/debian-targets.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/man-dir.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/man-section.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/no-rpath.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/no-symbolic.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/pic.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/block_digicert_malaysia.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/block_diginotar.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/soname.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/version-script.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/engines-install-in-libdir-ssl.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/oe-ldflags.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/openssl-c_rehash.sh
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/openssl-fix-des.pod-error.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/openssl_fix_for_x32.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/parallel.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/ptest-deps.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/ptest_makefile_deps.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/reproducible-cflags.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/reproducible-mkbuildinf.patch
 create mode 100755 meta/recipes-connectivity/openssl/openssl-1.0.2p/run-ptest
 create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2p/shared-libs.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl_1.0.2o.bb
 create mode 100644 meta/recipes-connectivity/openssl/openssl_1.0.2p.bb

diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/0001-Fix-build-with-clang-using-external-assembler.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/0001-Fix-build-with-clang-using-external-assembler.patch
deleted file mode 100644
index 2270962a6f..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/0001-Fix-build-with-clang-using-external-assembler.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From 2f6026cb8b16cf00726e3c5625c023f196680f07 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Fri, 17 Mar 2017 12:52:08 -0700
-Subject: [PATCH] Fix build with clang using external assembler
-
-Cherry-picked from
-https://github.com/openssl/openssl/commit/11208dcfb9105e8afa37233185decefd45e89e17
-https://github.com/openssl/openssl/commit/fbab8baddef8d3346ae40ff068871e2ddaf10270
-https://github.com/openssl/openssl/commit/6cf412c473d8145562b76219ce3da73b201b3255
-
-Fixes
-
-| ghash-armv4.S: Assembler messages:
-| ghash-armv4.S:81: Error: bad instruction `ldrbpl r12,[r2,r3]'
-| ghash-armv4.S:91: Error: bad instruction `ldrbpl r8,[r0,r3]'
-| ghash-armv4.S:137: Error: bad instruction `ldrbne r12,[r2,#15]'
-| ghash-armv4.S:224: Error: bad instruction `ldrbpl r12,[r0,r3]'
-| clang-4.0: error: assembler command failed with exit code 1 (use -v to see invocation)
-| make[2]: *** [<builtin>: ghash-armv4.o] Error 1
-
-Upstream-Status: Backport
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- crypto/modes/asm/ghash-armv4.pl | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/crypto/modes/asm/ghash-armv4.pl b/crypto/modes/asm/ghash-armv4.pl
-index 8ccc963ef..442fed4da 100644
---- a/crypto/modes/asm/ghash-armv4.pl
-+++ b/crypto/modes/asm/ghash-armv4.pl
-@@ -124,7 +124,10 @@ $code=<<___;
- #include "arm_arch.h"
- 
- .text
-+#if defined(__thumb2__) || defined(__clang__)
-+.syntax	unified
-+#endif
- .code	32
- 
- #ifdef __clang__
- #define ldrplb	ldrbpl
--- 
-2.12.0
-
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/0001-allow-manpages-to-be-disabled.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/0001-allow-manpages-to-be-disabled.patch
deleted file mode 100644
index 3f7d649955..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/0001-allow-manpages-to-be-disabled.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From e1c39b80b01d4d18feeadfdc6e45a3e1dd110634 Mon Sep 17 00:00:00 2001
-From: Andre McCurdy <armccurdy@gmail.com>
-Date: Fri, 27 Jul 2018 21:41:06 +0000
-Subject: [PATCH] allow manpages to be disabled
-
-Define OE_DISABLE_MANPAGES (via environment or the make command line)
-to skip creation and installation of manpages.
-
-Upstream-Status: Inappropriate [configuration]
-
-Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
----
- Makefile.org | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/Makefile.org b/Makefile.org
-index ed98d2a..747d8cb 100644
---- a/Makefile.org
-+++ b/Makefile.org
-@@ -549,7 +549,7 @@ dist:
- 	@$(MAKE) SDIRS='$(SDIRS)' clean
- 	@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar
- 
--install: all install_docs install_sw
-+install: all $(if $(OE_DISABLE_MANPAGES),,install_docs) install_sw
- 
- install_sw:
- 	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
--- 
-1.9.1
-
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/0001-openssl-force-soft-link-to-avoid-rare-race.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/0001-openssl-force-soft-link-to-avoid-rare-race.patch
deleted file mode 100644
index dd1a9b1dd2..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/0001-openssl-force-soft-link-to-avoid-rare-race.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 3d9199423d48766649a2b2ebb3924e892ed16fa4 Mon Sep 17 00:00:00 2001
-From: Randy MacLeod <Randy.MacLeod@windriver.com>
-Date: Tue, 20 Jun 2017 15:32:08 -0400
-Subject: [PATCH] openssl: Force soft link to avoid rare race
-
-This patch works around a rare parallel build race condition. 
-The error seen is:
-
-ln: failed to create symbolic link 'libssl.so': File exists
-make[4]: *** [Makefile.shared:171: link_a.gnu] Error 1
-make[4]: Leaving directory
-'/.../build/tmp-glibc/work/x86_64-linux/openssl-native/1.0.2k-r0/openssl-1.0.2k'
-
-The openssl team is rewriting their build files so it's not
-appropriate for openssl upstream and fixing the root cause of
-the Makefile race condition was also not pursued.
-
-Upstream-Status: Inappropriate [build rules rewrite in progress]
-Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
----
- Makefile.shared | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/Makefile.shared b/Makefile.shared
-index e8d222a..1bff92f 100644
---- a/Makefile.shared
-+++ b/Makefile.shared
-@@ -118,14 +118,14 @@
- 		if [ -n "$$SHLIB_COMPAT" ]; then \
- 			for x in $$SHLIB_COMPAT; do \
- 				( $(SET_X); rm -f $$SHLIB$$x$$SHLIB_SUFFIX; \
--				  ln -s $$prev $$SHLIB$$x$$SHLIB_SUFFIX ); \
-+				  ln -sf $$prev $$SHLIB$$x$$SHLIB_SUFFIX ); \
- 				prev=$$SHLIB$$x$$SHLIB_SUFFIX; \
- 			done; \
- 		fi; \
- 		if [ -n "$$SHLIB_SOVER" ]; then \
- 			[ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
- 			( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
--			  ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
-+			  ln -sf $$prev $$SHLIB$$SHLIB_SUFFIX ); \
- 		fi; \
- 	fi
- 
--- 
-2.9.3
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/Makefiles-ptest.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/Makefiles-ptest.patch
deleted file mode 100644
index 2122fa1fb4..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/Makefiles-ptest.patch
+++ /dev/null
@@ -1,93 +0,0 @@
-From a176c69f4fdfbfa7e4ccb79d91c3b6602da7e69a Mon Sep 17 00:00:00 2001
-From: Anders Roxell <anders.roxell@enea.com>
-Date: Thu, 24 Apr 2014 19:28:25 +0200
-Subject: [PATCH 19/28] openssl: enable ptest support
-
-Add 'buildtest' and 'runtest' targets to Makefile, to build and run tests
-cross-compiled.
-
-Signed-off-by: Anders Roxell <anders.roxell@enea.com>
-Signed-off-by: Maxin B. John <maxin.john@enea.com>
-Upstream-Status: Pending
-
----
- Makefile.org       |  10 +-
- Makefile.org.orig  |   7 +-
- test/Makefile      |  13 +-
- test/Makefile.orig | 987 +++++++++++++++++++++++++++++++++++++++++++++++++++++
- 4 files changed, 1009 insertions(+), 8 deletions(-)
- create mode 100644 test/Makefile.orig
-
-diff --git a/Makefile.org b/Makefile.org
-index 111fbba..8e7936c 100644
---- a/Makefile.org
-+++ b/Makefile.org
-@@ -468,8 +468,16 @@ rehash.time: certs apps
- test:   tests
- 
- tests: rehash
-+	$(MAKE) buildtest
-+	$(MAKE) runtest
-+
-+buildtest:
-+	@(cd test && \
-+	$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf exe apps);
-+
-+runtest:
- 	@(cd test && echo "testing..." && \
--	$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
-+	$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf alltests );
- 	OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
- 
- report:
-diff --git a/test/Makefile b/test/Makefile
-index a1f7eeb..b2984c4 100644
---- a/test/Makefile
-+++ b/test/Makefile
-@@ -150,7 +150,7 @@ tests:	exe apps $(TESTS)
- apps:
- 	@(cd ..; $(MAKE) DIRS=apps all)
- 
--alltests: \
-+all-tests= \
- 	test_des test_idea test_sha test_md4 test_md5 test_hmac \
- 	test_md2 test_mdc2 test_wp \
- 	test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \
-@@ -162,6 +162,11 @@ alltests: \
- 	test_constant_time test_verify_extra test_clienthello test_sslv2conftest \
- 	test_dtls test_bad_dtls test_fatalerr
- 
-+alltests:
-+	@(for i in $(all-tests); do \
-+	( $(MAKE) $$i && echo "PASS: $$i" ) || echo "FAIL: $$i"; \
-+	done)
-+
- test_evp: $(EVPTEST)$(EXE_EXT) evptests.txt
- 	../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
- 
-@@ -230,7 +235,7 @@ test_x509: ../apps/openssl$(EXE_EXT) tx509 testx509.pem v3-cert1.pem v3-cert2.pe
- 	echo test second x509v3 certificate
- 	sh ./tx509 v3-cert2.pem 2>/dev/null
- 
--test_rsa: $(RSATEST)$(EXE_EXT) ../apps/openssl$(EXE_EXT) trsa testrsa.pem
-+test_rsa: ../apps/openssl$(EXE_EXT) trsa testrsa.pem
- 	@sh ./trsa 2>/dev/null
- 	../util/shlib_wrap.sh ./$(RSATEST)
- 
-@@ -331,11 +336,11 @@ test_tsa: ../apps/openssl$(EXE_EXT) testtsa CAtsa.cnf ../util/shlib_wrap.sh
- 	  sh ./testtsa; \
- 	fi
- 
--test_ige: $(IGETEST)$(EXE_EXT)
-+test_ige:
- 	@echo "Test IGE mode"
- 	../util/shlib_wrap.sh ./$(IGETEST)
- 
--test_jpake: $(JPAKETEST)$(EXE_EXT)
-+test_jpake:
- 	@echo "Test JPAKE"
- 	../util/shlib_wrap.sh ./$(JPAKETEST)
- 
--- 
-2.15.1
-
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/Use-SHA256-not-MD5-as-default-digest.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/Use-SHA256-not-MD5-as-default-digest.patch
deleted file mode 100644
index 58c9ee7844..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/Use-SHA256-not-MD5-as-default-digest.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-From d795f5f20a29adecf92c09459a3ee07ffac01a99 Mon Sep 17 00:00:00 2001
-From: Rich Salz <rsalz@akamai.com>
-Date: Sat, 13 Jun 2015 17:03:39 -0400
-Subject: [PATCH] Use SHA256 not MD5 as default digest.
-
-Commit f8547f62c212837dbf44fb7e2755e5774a59a57b upstream.
-
-Upstream-Status: Backport
-Backport from OpenSSL 2.0 to OpenSSL 1.0.2
-Commit f8547f62c212837dbf44fb7e2755e5774a59a57b   
-
-CVE: CVE-2004-2761
-
-    The MD5 Message-Digest Algorithm is not collision resistant,
-    which makes it easier for context-dependent attackers to            
-    conduct spoofing attacks, as demonstrated by attacks on the     
-    use of MD5 in the signature algorithm of an X.509 certificate.     
-
-Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>     
-Signed-off-by: T.O. Radzy Radzykewycz <radzy@windriver.com> 
----
- apps/ca.c   | 2 +-
- apps/dgst.c | 2 +-
- apps/enc.c  | 2 +-
- 3 files changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/apps/ca.c b/apps/ca.c
-index 3b7336c..8f3a84b 100644
---- a/apps/ca.c
-+++ b/apps/ca.c
-@@ -1612,7 +1612,7 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
-     } else
-         BIO_printf(bio_err, "Signature ok\n");
- 
--    if ((rreq = X509_to_X509_REQ(req, NULL, EVP_md5())) == NULL)
-+    if ((rreq = X509_to_X509_REQ(req, NULL, NULL)) == NULL)
-         goto err;
- 
-     ok = do_body(xret, pkey, x509, dgst, sigopts, policy, db, serial, subj,
-diff --git a/apps/dgst.c b/apps/dgst.c
-index 95e5fa3..0d1529f 100644
---- a/apps/dgst.c
-+++ b/apps/dgst.c
-@@ -442,7 +442,7 @@ int MAIN(int argc, char **argv)
-             goto end;
-         }
-         if (md == NULL)
--            md = EVP_md5();
-+            md = EVP_sha256();
-         if (!EVP_DigestInit_ex(mctx, md, impl)) {
-             BIO_printf(bio_err, "Error setting digest %s\n", pname);
-             ERR_print_errors(bio_err);
-diff --git a/apps/enc.c b/apps/enc.c
-index 7b7c70b..a7d944c 100644
---- a/apps/enc.c
-+++ b/apps/enc.c
-@@ -344,7 +344,7 @@ int MAIN(int argc, char **argv)
-     }
- 
-     if (dgst == NULL) {
--        dgst = EVP_md5();
-+        dgst = EVP_sha256();
-     }
- 
-     if (bufsize != NULL) {
--- 
-1.9.1
-
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/configure-musl-target.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/configure-musl-target.patch
deleted file mode 100644
index f357b3f59f..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/configure-musl-target.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-Add musl triplet support
-
-Upstream-Status: Pending
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
-Index: openssl-1.0.2a/Configure
-===================================================================
---- openssl-1.0.2a.orig/Configure
-+++ openssl-1.0.2a/Configure
-@@ -431,7 +431,7 @@ my %table=(
- #
- #       ./Configure linux-armv4 -march=armv6 -D__ARM_MAX_ARCH__=8
- #
--"linux-armv4",	"gcc: -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-armv4", "gcc: -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux-aarch64","gcc: -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${aarch64_asm}:linux64:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- # Configure script adds minimally required -march for assembly support,
- # if no -march was specified at command line. mips32 and mips64 below
-@@ -504,4 +504,6 @@ my %table=(
- "linux-gnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-musleabi-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-musleabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- 
- "linux-avr32","$ENV{'CC'}:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).",
- 
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/configure-targets.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/configure-targets.patch
deleted file mode 100644
index 1e01589722..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/configure-targets.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-Upstream-Status: Inappropriate [embedded specific]
-
-The number of colons are important :)
-
-
----
- Configure |   16 ++++++++++++++++
- 1 file changed, 16 insertions(+)
-
-Index: openssl-1.0.2a/Configure
-===================================================================
---- openssl-1.0.2a.orig/Configure
-+++ openssl-1.0.2a/Configure
-@@ -443,6 +443,21 @@ my %table=(
- "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
- "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
- 
-+ 
-+# Linux on ARM
-+"linux-elf-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-elf-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-gnueabi-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-gnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+
-+"linux-avr32","$ENV{'CC'}:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).",
-+
-+#### Linux on MIPS/MIPS64
-+"linux-mips","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-mips64","$ENV{'CC'}:-DB_ENDIAN -mabi=64 -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-mips64el","$ENV{'CC'}:-DL_ENDIAN -mabi=64 -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-mipsel","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+
- # Android: linux-* but without pointers to headers and libs.
- "android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:".eval{my $asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/c_rehash-compat.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/c_rehash-compat.patch
deleted file mode 100644
index 3820e3e306..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/c_rehash-compat.patch
+++ /dev/null
@@ -1,71 +0,0 @@
-From 83f318d68bbdab1ca898c94576a838cc97df4700 Mon Sep 17 00:00:00 2001
-From: Ludwig Nussel <ludwig.nussel@suse.de>
-Date: Wed, 21 Apr 2010 15:52:10 +0200
-Subject: [PATCH] also create old hash for compatibility
-
-Upstream-Status: Backport [debian]
-
-Index: openssl-1.0.2n/tools/c_rehash.in
-===================================================================
---- openssl-1.0.2n.orig/tools/c_rehash.in
-+++ openssl-1.0.2n/tools/c_rehash.in
-@@ -8,8 +8,6 @@ my $prefix;
- 
- my $openssl = $ENV{OPENSSL} || "openssl";
- my $pwd;
--my $x509hash = "-subject_hash";
--my $crlhash = "-hash";
- my $verbose = 0;
- my $symlink_exists=eval {symlink("",""); 1};
- my $removelinks = 1;
-@@ -18,10 +16,7 @@ my $removelinks = 1;
- while ( $ARGV[0] =~ /^-/ ) {
-     my $flag = shift @ARGV;
-     last if ( $flag eq '--');
--    if ( $flag eq '-old') {
--	    $x509hash = "-subject_hash_old";
--	    $crlhash = "-hash_old";
--    } elsif ( $flag eq '-h') {
-+    if ( $flag eq '-h') {
- 	    help();
-     } elsif ( $flag eq '-n' ) {
- 	    $removelinks = 0;
-@@ -113,7 +108,9 @@ sub hash_dir {
- 			next;
- 		}
- 		link_hash_cert($fname) if($cert);
-+		link_hash_cert_old($fname) if($cert);
- 		link_hash_crl($fname) if($crl);
-+		link_hash_crl_old($fname) if($crl);
- 	}
- }
- 
-@@ -146,6 +143,7 @@ sub check_file {
- 
- sub link_hash_cert {
- 		my $fname = $_[0];
-+		my $x509hash = $_[1] || '-subject_hash';
- 		$fname =~ s/'/'\\''/g;
- 		my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;
- 		chomp $hash;
-@@ -177,10 +175,20 @@ sub link_hash_cert {
- 		$hashlist{$hash} = $fprint;
- }
- 
-+sub link_hash_cert_old {
-+		link_hash_cert($_[0], '-subject_hash_old');
-+}
-+
-+sub link_hash_crl_old {
-+		link_hash_crl($_[0], '-hash_old');
-+}
-+
-+
- # Same as above except for a CRL. CRL links are of the form <hash>.r<n>
- 
- sub link_hash_crl {
- 		my $fname = $_[0];
-+		my $crlhash = $_[1] || "-hash";
- 		$fname =~ s/'/'\\''/g;
- 		my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`;
- 		chomp $hash;
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/debian-targets.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/debian-targets.patch
deleted file mode 100644
index 35d92bedb7..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/debian-targets.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-Upstream-Status: Backport [debian]
-
-Index: openssl-1.0.2n/Configure
-===================================================================
---- openssl-1.0.2n.orig/Configure
-+++ openssl-1.0.2n/Configure
-@@ -133,6 +133,10 @@ my $clang_devteam_warn = "-Wno-unused-pa
- # Warn that "make depend" should be run?
- my $warn_make_depend = 0;
- 
-+# There are no separate CFLAGS/CPPFLAGS/LDFLAGS, set everything in CFLAGS
-+my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . "-Wa,--noexecstack -Wall";
-+$debian_cflags =~ s/\n/ /g;
-+
- my $strict_warnings = 0;
- 
- my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
-@@ -369,6 +373,55 @@ my %table=(
- "osf1-alpha-cc",  "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
- "tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared::-msym:.so",
- 
-+# Debian GNU/* (various architectures)
-+"debian-alpha","gcc:-DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-alpha-ev4","gcc:-DTERMIO ${debian_cflags} -mcpu=ev4::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-alpha-ev5","gcc:-DTERMIO ${debian_cflags} -mcpu=ev5::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-arm64","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-armel","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-armhf","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::",
-+"debian-avr32", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -fomit-frame-pointer::-D_REENTRANT::-ldl:BN_LLONG_BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-kfreebsd-amd64","gcc:-m64 -DL_ENDIAN -DTERMIOS ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-kfreebsd-i386","gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -march=i486::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-hppa","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -mtune=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-ia64","gcc:-DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-i386","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-i386-i486","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags} -march=i486::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-i386-i586","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags} -march=i586::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags} -march=i686::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-m68k","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mips",   "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mipsel",   "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mipsn32",   "mips64-linux-gnuabin32-gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mipsn32el",   "mips64el-linux-gnuabin32-gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mips64",   "mips64-linux-gnuabi64-gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mips64el",   "mips64el-linux-gnuabi64-gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-netbsd-i386",	"gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-netbsd-m68k",	"gcc:-DB_ENDIAN -DTERMIOS ${debian_cflags}::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-netbsd-sparc",	"gcc:-DB_ENDIAN -DTERMIOS ${debian_cflags} -mv8::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-openbsd-alpha","gcc:-DTERMIOS ${debian_cflags}::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-openbsd-i386",  "gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-openbsd-mips","gcc:-DL_ENDIAN ${debian_cflags}::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-or1k", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-powerpcspe","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-ppc64","gcc:-m64 -DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-ppc64el","gcc:-m64 -DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64le:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-s390","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 
-+"debian-s390x","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sh3",   "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sh4",   "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sh3eb",   "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sh4eb",   "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-m32r","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sparc","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -mcpu=v8 -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -mcpu=v9 -Wa,-Av8plus -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sparc64","gcc:-m64 -DB_ENDIAN -DTERMIO ${debian_cflags} -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-x32","gcc:-mx32 -DL_ENDIAN -DTERMIO ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::x32",
-+
- ####
- #### Variety of LINUX:-)
- ####
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/man-dir.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/man-dir.patch
deleted file mode 100644
index 4085e3b1d7..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/man-dir.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-Upstream-Status: Backport [debian]
-
-Index: openssl-1.0.0c/Makefile.org
-===================================================================
---- openssl-1.0.0c.orig/Makefile.org	2010-12-12 16:11:27.000000000 +0100
-+++ openssl-1.0.0c/Makefile.org	2010-12-12 16:11:37.000000000 +0100
-@@ -131,7 +131,7 @@
- 
- MAKEFILE= Makefile
- 
--MANDIR=$(OPENSSLDIR)/man
-+MANDIR=/usr/share/man
- MAN1=1
- MAN3=3
- MANSUFFIX=
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/man-section.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/man-section.patch
deleted file mode 100644
index 21c1d1a4eb..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/man-section.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-Upstream-Status: Backport [debian]
-
-Index: openssl-1.0.0c/Makefile.org
-===================================================================
---- openssl-1.0.0c.orig/Makefile.org	2010-12-12 16:11:37.000000000 +0100
-+++ openssl-1.0.0c/Makefile.org	2010-12-12 16:13:28.000000000 +0100
-@@ -160,7 +160,8 @@
- MANDIR=/usr/share/man
- MAN1=1
- MAN3=3
--MANSUFFIX=
-+MANSUFFIX=ssl
-+MANSECTION=SSL
- HTMLSUFFIX=html
- HTMLDIR=$(OPENSSLDIR)/html
- SHELL=/bin/sh
-@@ -651,7 +652,7 @@
- 		echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
- 		(cd `$(PERL) util/dirname.pl $$i`; \
- 		sh -c "$$pod2man \
--			--section=$$sec --center=OpenSSL \
-+			--section=$${sec}$(MANSECTION) --center=OpenSSL \
- 			--release=$(VERSION) `basename $$i`") \
- 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
- 		$(PERL) util/extract-names.pl < $$i | \
-@@ -668,7 +669,7 @@
- 		echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
- 		(cd `$(PERL) util/dirname.pl $$i`; \
- 		sh -c "$$pod2man \
--			--section=$$sec --center=OpenSSL \
-+			--section=$${sec}$(MANSECTION) --center=OpenSSL \
- 			--release=$(VERSION) `basename $$i`") \
- 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
- 		$(PERL) util/extract-names.pl < $$i | \
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/no-rpath.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/no-rpath.patch
deleted file mode 100644
index 1ccb3b86ee..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/no-rpath.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-Upstream-Status: Backport [debian]
-
-Index: openssl-1.0.0c/Makefile.shared
-===================================================================
---- openssl-1.0.0c.orig/Makefile.shared	2010-08-21 13:36:49.000000000 +0200
-+++ openssl-1.0.0c/Makefile.shared	2010-12-12 16:13:36.000000000 +0100
-@@ -153,7 +153,7 @@
- 	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
- 	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
- 
--DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
-+DO_GNU_APP=LDFLAGS="$(CFLAGS)"
- 
- #This is rather special.  It's a special target with which one can link
- #applications without bothering with any features that have anything to
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/no-symbolic.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/no-symbolic.patch
deleted file mode 100644
index cc4408ab7d..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/no-symbolic.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-Upstream-Status: Backport [debian]
-
-Index: openssl-1.0.0c/Makefile.shared
-===================================================================
---- openssl-1.0.0c.orig/Makefile.shared	2010-12-12 16:13:36.000000000 +0100
-+++ openssl-1.0.0c/Makefile.shared	2010-12-12 16:13:44.000000000 +0100
-@@ -151,7 +151,7 @@
- 	SHLIB_SUFFIX=; \
- 	ALLSYMSFLAGS='-Wl,--whole-archive'; \
- 	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
--	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
-+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
- 
- DO_GNU_APP=LDFLAGS="$(CFLAGS)"
- 
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/pic.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/pic.patch
deleted file mode 100644
index bfda3888bf..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/pic.patch
+++ /dev/null
@@ -1,177 +0,0 @@
-Upstream-Status: Backport [debian]
-
-Index: openssl-1.0.1c/crypto/des/asm/desboth.pl
-===================================================================
---- openssl-1.0.1c.orig/crypto/des/asm/desboth.pl	2001-10-24 23:20:56.000000000 +0200
-+++ openssl-1.0.1c/crypto/des/asm/desboth.pl	2012-07-29 14:15:26.000000000 +0200
-@@ -16,6 +16,11 @@
- 
- 	&push("edi");
- 
-+	&call   (&label("pic_point0"));
-+	&set_label("pic_point0");
-+	&blindpop("ebp");
-+	&add    ("ebp", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]");
-+
- 	&comment("");
- 	&comment("Load the data words");
- 	&mov($L,&DWP(0,"ebx","",0));
-@@ -47,15 +52,21 @@
- 	&mov(&swtmp(2),	(DWC(($enc)?"1":"0")));
- 	&mov(&swtmp(1),	"eax");
- 	&mov(&swtmp(0),	"ebx");
--	&call("DES_encrypt2");
-+	&exch("ebx", "ebp");
-+	&call("DES_encrypt2\@PLT");
-+	&exch("ebx", "ebp");
- 	&mov(&swtmp(2),	(DWC(($enc)?"0":"1")));
- 	&mov(&swtmp(1),	"edi");
- 	&mov(&swtmp(0),	"ebx");
--	&call("DES_encrypt2");
-+	&exch("ebx", "ebp");
-+	&call("DES_encrypt2\@PLT");
-+	&exch("ebx", "ebp");
- 	&mov(&swtmp(2),	(DWC(($enc)?"1":"0")));
- 	&mov(&swtmp(1),	"esi");
- 	&mov(&swtmp(0),	"ebx");
--	&call("DES_encrypt2");
-+	&exch("ebx", "ebp");
-+	&call("DES_encrypt2\@PLT");
-+	&exch("ebx", "ebp");
- 
- 	&stack_pop(3);
- 	&mov($L,&DWP(0,"ebx","",0));
-Index: openssl-1.0.1c/crypto/perlasm/cbc.pl
-===================================================================
---- openssl-1.0.1c.orig/crypto/perlasm/cbc.pl	2011-07-13 08:22:46.000000000 +0200
-+++ openssl-1.0.1c/crypto/perlasm/cbc.pl	2012-07-29 14:15:26.000000000 +0200
-@@ -122,7 +122,11 @@
- 	&mov(&DWP($data_off,"esp","",0),	"eax");	# put in array for call
- 	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
- 
--	&call($enc_func);
-+	&call	(&label("pic_point0"));
-+	&set_label("pic_point0");
-+	&blindpop("ebx");
-+	&add	("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]");
-+	&call("$enc_func\@PLT");
- 
- 	&mov("eax",	&DWP($data_off,"esp","",0));
- 	&mov("ebx",	&DWP($data_off+4,"esp","",0));
-@@ -185,7 +189,11 @@
- 	&mov(&DWP($data_off,"esp","",0),	"eax");	# put in array for call
- 	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
- 
--	&call($enc_func);
-+	&call	(&label("pic_point1"));
-+	&set_label("pic_point1");
-+	&blindpop("ebx");
-+	&add	("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point1") . "]");
-+	&call("$enc_func\@PLT");
- 
- 	&mov("eax",	&DWP($data_off,"esp","",0));
- 	&mov("ebx",	&DWP($data_off+4,"esp","",0));
-@@ -218,7 +226,11 @@
- 	&mov(&DWP($data_off,"esp","",0),	"eax");	# put back
- 	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
- 
--	&call($dec_func);
-+	&call	(&label("pic_point2"));
-+	&set_label("pic_point2");
-+	&blindpop("ebx");
-+	&add	("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point2") . "]");
-+	&call("$dec_func\@PLT");
- 
- 	&mov("eax",	&DWP($data_off,"esp","",0));	# get return
- 	&mov("ebx",	&DWP($data_off+4,"esp","",0));	#
-@@ -261,7 +273,11 @@
- 	&mov(&DWP($data_off,"esp","",0),	"eax");	# put back
- 	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
- 
--	&call($dec_func);
-+	&call	(&label("pic_point3"));
-+	&set_label("pic_point3");
-+	&blindpop("ebx");
-+	&add	("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point3") . "]");
-+	&call("$dec_func\@PLT");
- 
- 	&mov("eax",	&DWP($data_off,"esp","",0));	# get return
- 	&mov("ebx",	&DWP($data_off+4,"esp","",0));	#
-Index: openssl-1.0.1c/crypto/perlasm/x86gas.pl
-===================================================================
---- openssl-1.0.1c.orig/crypto/perlasm/x86gas.pl	2011-12-09 20:16:35.000000000 +0100
-+++ openssl-1.0.1c/crypto/perlasm/x86gas.pl	2012-07-29 14:15:26.000000000 +0200
-@@ -161,6 +161,7 @@
- 	if ($::macosx)	{ push (@out,"$tmp,2\n"); }
- 	elsif ($::elf)	{ push (@out,"$tmp,4\n"); }
- 	else		{ push (@out,"$tmp\n"); }
-+	if ($::elf)	{ push (@out,".hidden\tOPENSSL_ia32cap_P\n"); }
-     }
-     push(@out,$initseg) if ($initseg);
- }
-@@ -218,8 +219,23 @@
-     elsif ($::elf)
-     {	$initseg.=<<___;
- .section	.init
-+___
-+        if ($::pic)
-+	{   $initseg.=<<___;
-+	pushl	%ebx
-+	call	.pic_point0
-+.pic_point0:
-+	popl	%ebx
-+	addl	\$_GLOBAL_OFFSET_TABLE_+[.-.pic_point0],%ebx
-+	call	$f\@PLT
-+	popl	%ebx
-+___
-+	}
-+	else
-+	{   $initseg.=<<___;
- 	call	$f
- ___
-+	}
-     }
-     elsif ($::coff)
-     {   $initseg.=<<___;	# applies to both Cygwin and Mingw
-Index: openssl-1.0.1c/crypto/x86cpuid.pl
-===================================================================
---- openssl-1.0.1c.orig/crypto/x86cpuid.pl	2012-02-28 15:20:34.000000000 +0100
-+++ openssl-1.0.1c/crypto/x86cpuid.pl	2012-07-29 14:15:26.000000000 +0200
-@@ -8,6 +8,8 @@
- 
- for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
- 
-+push(@out, ".hidden OPENSSL_ia32cap_P\n");
-+
- &function_begin("OPENSSL_ia32_cpuid");
- 	&xor	("edx","edx");
- 	&pushf	();
-@@ -139,9 +141,7 @@
- &set_label("nocpuid");
- &function_end("OPENSSL_ia32_cpuid");
- 
--&external_label("OPENSSL_ia32cap_P");
--
--&function_begin_B("OPENSSL_rdtsc","EXTRN\t_OPENSSL_ia32cap_P:DWORD");
-+&function_begin_B("OPENSSL_rdtsc");
- 	&xor	("eax","eax");
- 	&xor	("edx","edx");
- 	&picmeup("ecx","OPENSSL_ia32cap_P");
-@@ -155,7 +155,7 @@
- # This works in Ring 0 only [read DJGPP+MS-DOS+privileged DPMI host],
- # but it's safe to call it on any [supported] 32-bit platform...
- # Just check for [non-]zero return value...
--&function_begin_B("OPENSSL_instrument_halt","EXTRN\t_OPENSSL_ia32cap_P:DWORD");
-+&function_begin_B("OPENSSL_instrument_halt");
- 	&picmeup("ecx","OPENSSL_ia32cap_P");
- 	&bt	(&DWP(0,"ecx"),4);
- 	&jnc	(&label("nohalt"));	# no TSC
-@@ -222,7 +222,7 @@
- 	&ret	();
- &function_end_B("OPENSSL_far_spin");
- 
--&function_begin_B("OPENSSL_wipe_cpu","EXTRN\t_OPENSSL_ia32cap_P:DWORD");
-+&function_begin_B("OPENSSL_wipe_cpu");
- 	&xor	("eax","eax");
- 	&xor	("edx","edx");
- 	&picmeup("ecx","OPENSSL_ia32cap_P");
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/block_digicert_malaysia.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/block_digicert_malaysia.patch
deleted file mode 100644
index c43bcd1c77..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/block_digicert_malaysia.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From: Raphael Geissert <geissert@debian.org>
-Description: make X509_verify_cert indicate that any certificate whose
- name contains "Digicert Sdn. Bhd." (from Malaysia) is revoked.
-Forwarded: not-needed
-Origin: vendor
-Last-Update: 2011-11-05
-
-Upstream-Status: Backport [debian]
-
-
-Index: openssl-1.0.2~beta1/crypto/x509/x509_vfy.c
-===================================================================
---- openssl-1.0.2~beta1.orig/crypto/x509/x509_vfy.c	2014-02-25 00:16:12.488028844 +0100
-+++ openssl-1.0.2~beta1/crypto/x509/x509_vfy.c	2014-02-25 00:16:12.484028929 +0100
-@@ -964,10 +964,11 @@
- 	for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
- 		{
- 		x = sk_X509_value(ctx->chain, i);
--		/* Mark DigiNotar certificates as revoked, no matter
--		 * where in the chain they are.
-+		/* Mark certificates containing the following names as
-+		 * revoked, no matter where in the chain they are.
- 		 */
--		if (x->name && strstr(x->name, "DigiNotar"))
-+		if (x->name && (strstr(x->name, "DigiNotar") ||
-+			strstr(x->name, "Digicert Sdn. Bhd.")))
- 			{
- 			ctx->error = X509_V_ERR_CERT_REVOKED;
- 			ctx->error_depth = i;
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/block_diginotar.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/block_diginotar.patch
deleted file mode 100644
index d81e22cd8d..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/block_diginotar.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-From: Raphael Geissert <geissert@debian.org>
-Description: make X509_verify_cert indicate that any certificate whose
- name contains "DigiNotar" is revoked.
-Forwarded: not-needed
-Origin: vendor
-Last-Update: 2011-09-08
-Bug: http://bugs.debian.org/639744
-Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
-Reviewed-by: Dr Stephen N Henson <shenson@drh-consultancy.co.uk>
-
-This is not meant as final patch.  
-
-Upstream-Status: Backport [debian]
-
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
-Index: openssl-1.0.2g/crypto/x509/x509_vfy.c
-===================================================================
---- openssl-1.0.2g.orig/crypto/x509/x509_vfy.c
-+++ openssl-1.0.2g/crypto/x509/x509_vfy.c
-@@ -119,6 +119,7 @@ static int check_trust(X509_STORE_CTX *c
- static int check_revocation(X509_STORE_CTX *ctx);
- static int check_cert(X509_STORE_CTX *ctx);
- static int check_policy(X509_STORE_CTX *ctx);
-+static int check_ca_blacklist(X509_STORE_CTX *ctx);
- 
- static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
-                          unsigned int *preasons, X509_CRL *crl, X509 *x);
-@@ -489,6 +490,9 @@ int X509_verify_cert(X509_STORE_CTX *ctx
-     if (!ok)
-         goto err;
- 
-+	ok = check_ca_blacklist(ctx);
-+	if(!ok) goto err;
-+
- #ifndef OPENSSL_NO_RFC3779
-     /* RFC 3779 path validation, now that CRL check has been done */
-     ok = v3_asid_validate_path(ctx);
-@@ -996,6 +1000,29 @@ static int check_crl_time(X509_STORE_CTX
-     return 1;
- }
- 
-+static int check_ca_blacklist(X509_STORE_CTX *ctx)
-+	{
-+	X509 *x;
-+	int i;
-+	/* Check all certificates against the blacklist */
-+	for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
-+		{
-+		x = sk_X509_value(ctx->chain, i);
-+		/* Mark DigiNotar certificates as revoked, no matter
-+		 * where in the chain they are.
-+		 */
-+		if (x->name && strstr(x->name, "DigiNotar"))
-+			{
-+			ctx->error = X509_V_ERR_CERT_REVOKED;
-+			ctx->error_depth = i;
-+			ctx->current_cert = x;
-+			if (!ctx->verify_cb(0,ctx))
-+				return 0;
-+			}
-+		}
-+	return 1;
-+	}
-+
- static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
-                       X509 **pissuer, int *pscore, unsigned int *preasons,
-                       STACK_OF(X509_CRL) *crls)
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/soname.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/soname.patch
deleted file mode 100644
index 09dd9eaf86..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/soname.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-Upstream-Status: Inappropriate
-
-Index: openssl-1.0.2d/crypto/opensslv.h
-===================================================================
---- openssl-1.0.2d.orig/crypto/opensslv.h
-+++ openssl-1.0.2d/crypto/opensslv.h
-@@ -88,7 +88,7 @@ extern "C" {
-  * should only keep the versions that are binary compatible with the current.
-  */
- # define SHLIB_VERSION_HISTORY ""
--# define SHLIB_VERSION_NUMBER "1.0.0"
-+# define SHLIB_VERSION_NUMBER "1.0.2"
- 
- 
- #ifdef  __cplusplus
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/version-script.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/version-script.patch
deleted file mode 100644
index e404ee3312..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/version-script.patch
+++ /dev/null
@@ -1,4658 +0,0 @@
-Upstream-Status: Inappropriate
-
-Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/Configure
-===================================================================
---- openssl-1.0.2~beta1.obsolete.0.0498436515490575.orig/Configure	2014-02-24 21:02:30.000000000 +0100
-+++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/Configure	2014-02-24 21:02:30.000000000 +0100
-@@ -1651,6 +1651,8 @@
- 		}
- 	}
- 
-+$shared_ldflag .= " -Wl,--version-script=openssl.ld";
-+
- open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
- unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
- open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
-Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/openssl.ld
-===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/openssl.ld	2014-02-24 22:19:08.601827266 +0100
-@@ -0,0 +1,4608 @@
-+OPENSSL_1.0.2d {
-+	global:
-+		BIO_f_ssl;
-+		BIO_new_buffer_ssl_connect;
-+		BIO_new_ssl;
-+		BIO_new_ssl_connect;
-+		BIO_proxy_ssl_copy_session_id;
-+		BIO_ssl_copy_session_id;
-+		BIO_ssl_shutdown;
-+		d2i_SSL_SESSION;
-+		DTLSv1_client_method;
-+		DTLSv1_method;
-+		DTLSv1_server_method;
-+		ERR_load_SSL_strings;
-+		i2d_SSL_SESSION;
-+		kssl_build_principal_2;
-+		kssl_cget_tkt;
-+		kssl_check_authent;
-+		kssl_ctx_free;
-+		kssl_ctx_new;
-+		kssl_ctx_setkey;
-+		kssl_ctx_setprinc;
-+		kssl_ctx_setstring;
-+		kssl_ctx_show;
-+		kssl_err_set;
-+		kssl_krb5_free_data_contents;
-+		kssl_sget_tkt;
-+		kssl_skip_confound;
-+		kssl_validate_times;
-+		PEM_read_bio_SSL_SESSION;
-+		PEM_read_SSL_SESSION;
-+		PEM_write_bio_SSL_SESSION;
-+		PEM_write_SSL_SESSION;
-+		SSL_accept;
-+		SSL_add_client_CA;
-+		SSL_add_dir_cert_subjects_to_stack;
-+		SSL_add_dir_cert_subjs_to_stk;
-+		SSL_add_file_cert_subjects_to_stack;
-+		SSL_add_file_cert_subjs_to_stk;
-+		SSL_alert_desc_string;
-+		SSL_alert_desc_string_long;
-+		SSL_alert_type_string;
-+		SSL_alert_type_string_long;
-+		SSL_callback_ctrl;
-+		SSL_check_private_key;
-+		SSL_CIPHER_description;
-+		SSL_CIPHER_get_bits;
-+		SSL_CIPHER_get_name;
-+		SSL_CIPHER_get_version;
-+		SSL_clear;
-+		SSL_COMP_add_compression_method;
-+		SSL_COMP_get_compression_methods;
-+		SSL_COMP_get_compress_methods;
-+		SSL_COMP_get_name;
-+		SSL_connect;
-+		SSL_copy_session_id;
-+		SSL_ctrl;
-+		SSL_CTX_add_client_CA;
-+		SSL_CTX_add_session;
-+		SSL_CTX_callback_ctrl;
-+		SSL_CTX_check_private_key;
-+		SSL_CTX_ctrl;
-+		SSL_CTX_flush_sessions;
-+		SSL_CTX_free;
-+		SSL_CTX_get_cert_store;
-+		SSL_CTX_get_client_CA_list;
-+		SSL_CTX_get_client_cert_cb;
-+		SSL_CTX_get_ex_data;
-+		SSL_CTX_get_ex_new_index;
-+		SSL_CTX_get_info_callback;
-+		SSL_CTX_get_quiet_shutdown;
-+		SSL_CTX_get_timeout;
-+		SSL_CTX_get_verify_callback;
-+		SSL_CTX_get_verify_depth;
-+		SSL_CTX_get_verify_mode;
-+		SSL_CTX_load_verify_locations;
-+		SSL_CTX_new;
-+		SSL_CTX_remove_session;
-+		SSL_CTX_sess_get_get_cb;
-+		SSL_CTX_sess_get_new_cb;
-+		SSL_CTX_sess_get_remove_cb;
-+		SSL_CTX_sessions;
-+		SSL_CTX_sess_set_get_cb;
-+		SSL_CTX_sess_set_new_cb;
-+		SSL_CTX_sess_set_remove_cb;
-+		SSL_CTX_set1_param;
-+		SSL_CTX_set_cert_store;
-+		SSL_CTX_set_cert_verify_callback;
-+		SSL_CTX_set_cert_verify_cb;
-+		SSL_CTX_set_cipher_list;
-+		SSL_CTX_set_client_CA_list;
-+		SSL_CTX_set_client_cert_cb;
-+		SSL_CTX_set_client_cert_engine;
-+		SSL_CTX_set_cookie_generate_cb;
-+		SSL_CTX_set_cookie_verify_cb;
-+		SSL_CTX_set_default_passwd_cb;
-+		SSL_CTX_set_default_passwd_cb_userdata;
-+		SSL_CTX_set_default_verify_paths;
-+		SSL_CTX_set_def_passwd_cb_ud;
-+		SSL_CTX_set_def_verify_paths;
-+		SSL_CTX_set_ex_data;
-+		SSL_CTX_set_generate_session_id;
-+		SSL_CTX_set_info_callback;
-+		SSL_CTX_set_msg_callback;
-+		SSL_CTX_set_psk_client_callback;
-+		SSL_CTX_set_psk_server_callback;
-+		SSL_CTX_set_purpose;
-+		SSL_CTX_set_quiet_shutdown;
-+		SSL_CTX_set_session_id_context;
-+		SSL_CTX_set_ssl_version;
-+		SSL_CTX_set_timeout;
-+		SSL_CTX_set_tmp_dh_callback;
-+		SSL_CTX_set_tmp_ecdh_callback;
-+		SSL_CTX_set_tmp_rsa_callback;
-+		SSL_CTX_set_trust;
-+		SSL_CTX_set_verify;
-+		SSL_CTX_set_verify_depth;
-+		SSL_CTX_use_cert_chain_file;
-+		SSL_CTX_use_certificate;
-+		SSL_CTX_use_certificate_ASN1;
-+		SSL_CTX_use_certificate_chain_file;
-+		SSL_CTX_use_certificate_file;
-+		SSL_CTX_use_PrivateKey;
-+		SSL_CTX_use_PrivateKey_ASN1;
-+		SSL_CTX_use_PrivateKey_file;
-+		SSL_CTX_use_psk_identity_hint;
-+		SSL_CTX_use_RSAPrivateKey;
-+		SSL_CTX_use_RSAPrivateKey_ASN1;
-+		SSL_CTX_use_RSAPrivateKey_file;
-+		SSL_do_handshake;
-+		SSL_dup;
-+		SSL_dup_CA_list;
-+		SSLeay_add_ssl_algorithms;
-+		SSL_free;
-+		SSL_get1_session;
-+		SSL_get_certificate;
-+		SSL_get_cipher_list;
-+		SSL_get_ciphers;
-+		SSL_get_client_CA_list;
-+		SSL_get_current_cipher;
-+		SSL_get_current_compression;
-+		SSL_get_current_expansion;
-+		SSL_get_default_timeout;
-+		SSL_get_error;
-+		SSL_get_ex_data;
-+		SSL_get_ex_data_X509_STORE_CTX_idx;
-+		SSL_get_ex_d_X509_STORE_CTX_idx;
-+		SSL_get_ex_new_index;
-+		SSL_get_fd;
-+		SSL_get_finished;
-+		SSL_get_info_callback;
-+		SSL_get_peer_cert_chain;
-+		SSL_get_peer_certificate;
-+		SSL_get_peer_finished;
-+		SSL_get_privatekey;
-+		SSL_get_psk_identity;
-+		SSL_get_psk_identity_hint;
-+		SSL_get_quiet_shutdown;
-+		SSL_get_rbio;
-+		SSL_get_read_ahead;
-+		SSL_get_rfd;
-+		SSL_get_servername;
-+		SSL_get_servername_type;
-+		SSL_get_session;
-+		SSL_get_shared_ciphers;
-+		SSL_get_shutdown;
-+		SSL_get_SSL_CTX;
-+		SSL_get_ssl_method;
-+		SSL_get_verify_callback;
-+		SSL_get_verify_depth;
-+		SSL_get_verify_mode;
-+		SSL_get_verify_result;
-+		SSL_get_version;
-+		SSL_get_wbio;
-+		SSL_get_wfd;
-+		SSL_has_matching_session_id;
-+		SSL_library_init;
-+		SSL_load_client_CA_file;
-+		SSL_load_error_strings;
-+		SSL_new;
-+		SSL_peek;
-+		SSL_pending;
-+		SSL_read;
-+		SSL_renegotiate;
-+		SSL_renegotiate_pending;
-+		SSL_rstate_string;
-+		SSL_rstate_string_long;
-+		SSL_SESSION_cmp;
-+		SSL_SESSION_free;
-+		SSL_SESSION_get_ex_data;
-+		SSL_SESSION_get_ex_new_index;
-+		SSL_SESSION_get_id;
-+		SSL_SESSION_get_time;
-+		SSL_SESSION_get_timeout;
-+		SSL_SESSION_hash;
-+		SSL_SESSION_new;
-+		SSL_SESSION_print;
-+		SSL_SESSION_print_fp;
-+		SSL_SESSION_set_ex_data;
-+		SSL_SESSION_set_time;
-+		SSL_SESSION_set_timeout;
-+		SSL_set1_param;
-+		SSL_set_accept_state;
-+		SSL_set_bio;
-+		SSL_set_cipher_list;
-+		SSL_set_client_CA_list;
-+		SSL_set_connect_state;
-+		SSL_set_ex_data;
-+		SSL_set_fd;
-+		SSL_set_generate_session_id;
-+		SSL_set_info_callback;
-+		SSL_set_msg_callback;
-+		SSL_set_psk_client_callback;
-+		SSL_set_psk_server_callback;
-+		SSL_set_purpose;
-+		SSL_set_quiet_shutdown;
-+		SSL_set_read_ahead;
-+		SSL_set_rfd;
-+		SSL_set_session;
-+		SSL_set_session_id_context;
-+		SSL_set_session_secret_cb;
-+		SSL_set_session_ticket_ext;
-+		SSL_set_session_ticket_ext_cb;
-+		SSL_set_shutdown;
-+		SSL_set_SSL_CTX;
-+		SSL_set_ssl_method;
-+		SSL_set_tmp_dh_callback;
-+		SSL_set_tmp_ecdh_callback;
-+		SSL_set_tmp_rsa_callback;
-+		SSL_set_trust;
-+		SSL_set_verify;
-+		SSL_set_verify_depth;
-+		SSL_set_verify_result;
-+		SSL_set_wfd;
-+		SSL_shutdown;
-+		SSL_state;
-+		SSL_state_string;
-+		SSL_state_string_long;
-+		SSL_use_certificate;
-+		SSL_use_certificate_ASN1;
-+		SSL_use_certificate_file;
-+		SSL_use_PrivateKey;
-+		SSL_use_PrivateKey_ASN1;
-+		SSL_use_PrivateKey_file;
-+		SSL_use_psk_identity_hint;
-+		SSL_use_RSAPrivateKey;
-+		SSL_use_RSAPrivateKey_ASN1;
-+		SSL_use_RSAPrivateKey_file;
-+		SSLv23_client_method;
-+		SSLv23_method;
-+		SSLv23_server_method;
-+		SSLv2_client_method;
-+		SSLv2_method;
-+		SSLv2_server_method;
-+		SSLv3_client_method;
-+		SSLv3_method;
-+		SSLv3_server_method;
-+		SSL_version;
-+		SSL_want;
-+		SSL_write;
-+		TLSv1_client_method;
-+		TLSv1_method;
-+		TLSv1_server_method;
-+
-+
-+		SSLeay;
-+		SSLeay_version;
-+		ASN1_BIT_STRING_asn1_meth;
-+		ASN1_HEADER_free;
-+		ASN1_HEADER_new;
-+		ASN1_IA5STRING_asn1_meth;
-+		ASN1_INTEGER_get;
-+		ASN1_INTEGER_set;
-+		ASN1_INTEGER_to_BN;
-+		ASN1_OBJECT_create;
-+		ASN1_OBJECT_free;
-+		ASN1_OBJECT_new;
-+		ASN1_PRINTABLE_type;
-+		ASN1_STRING_cmp;
-+		ASN1_STRING_dup;
-+		ASN1_STRING_free;
-+		ASN1_STRING_