build: backport patches for build with OpenSSL 1.1

freifunk-gluon · May 9, 2017 · b6a22ce · b6a22ce
1 parent 03fc7b8
commit b6a22ce
Show file tree

Hide file tree

Showing 53 changed files with 434 additions and 30 deletions.
diff --git a/...IPv6-builtin-if-selected-saves-30KB.patch → ...IPv6-builtin-if-selected-saves-30KB.patch b/...IPv6-builtin-if-selected-saves-30KB.patch → ...IPv6-builtin-if-selected-saves-30KB.patch
diff --git a/patches/openwrt/0049-tools-cmake-fix-parallel-build-with-Make-4.2.patch b/patches/openwrt/0049-tools-cmake-fix-parallel-build-with-Make-4.2.patch
diff --git a/...ages-with-multiple-PROVIDES-entries.patch → ...ages-with-multiple-PROVIDES-entries.patch b/...ages-with-multiple-PROVIDES-entries.patch → ...ages-with-multiple-PROVIDES-entries.patch
diff --git a/...od-crypto-core-and-kmod-crypto-arc4.patch → ...od-crypto-core-and-kmod-crypto-arc4.patch b/...od-crypto-core-and-kmod-crypto-arc4.patch → ...od-crypto-core-and-kmod-crypto-arc4.patch
diff --git a/...n-hexdump-for-image-build-signature.patch → ...n-hexdump-for-image-build-signature.patch b/...n-hexdump-for-image-build-signature.patch → ...n-hexdump-for-image-build-signature.patch
diff --git a/...054-mt76-fix-build-with-kernel-3.18.patch → ...053-mt76-fix-build-with-kernel-3.18.patch b/...054-mt76-fix-build-with-kernel-3.18.patch → ...053-mt76-fix-build-with-kernel-3.18.patch
diff --git a/...-Support-LEDs-on-D-Link-DIR-860L-B1.patch → ...-Support-LEDs-on-D-Link-DIR-860L-B1.patch b/...-Support-LEDs-on-D-Link-DIR-860L-B1.patch → ...-Support-LEDs-on-D-Link-DIR-860L-B1.patch
diff --git a/...-known-to-userspace-for-DIR-860L-B1.patch → ...-known-to-userspace-for-DIR-860L-B1.patch b/...-known-to-userspace-for-DIR-860L-B1.patch → ...-known-to-userspace-for-DIR-860L-B1.patch
diff --git a/...AN-WAN-MAC-addresses-on-DIR-860L-B1.patch → ...AN-WAN-MAC-addresses-on-DIR-860L-B1.patch b/...AN-WAN-MAC-addresses-on-DIR-860L-B1.patch → ...AN-WAN-MAC-addresses-on-DIR-860L-B1.patch
diff --git a/...support-for-TP-LINK-TL-WR842N-ND-v3.patch → ...support-for-TP-LINK-TL-WR842N-ND-v3.patch b/...support-for-TP-LINK-TL-WR842N-ND-v3.patch → ...support-for-TP-LINK-TL-WR842N-ND-v3.patch
diff --git a/...-x86-generic-enable-CONFIG_SATA_VIA.patch → ...-x86-generic-enable-CONFIG_SATA_VIA.patch b/...-x86-generic-enable-CONFIG_SATA_VIA.patch → ...-x86-generic-enable-CONFIG_SATA_VIA.patch
diff --git a/...cy-of-install-shared-so-make-target.patch → ...cy-of-install-shared-so-make-target.patch b/...cy-of-install-shared-so-make-target.patch → ...cy-of-install-shared-so-make-target.patch
diff --git a/...-detection-for-D-Link-DIR-505-A1-A2.patch → ...-detection-for-D-Link-DIR-505-A1-A2.patch b/...-detection-for-D-Link-DIR-505-A1-A2.patch → ...-detection-for-D-Link-DIR-505-A1-A2.patch
diff --git a/...05-status-LED-as-ethernet-indicator.patch → ...05-status-LED-as-ethernet-indicator.patch b/...05-status-LED-as-ethernet-indicator.patch → ...05-status-LED-as-ethernet-indicator.patch
diff --git a/...0-enable-LNA-for-CPE210-220-510-520.patch → ...0-enable-LNA-for-CPE210-220-510-520.patch b/...0-enable-LNA-for-CPE210-220-510-520.patch → ...0-enable-LNA-for-CPE210-220-510-520.patch
diff --git a/...e-into-2-profiles-cpe210-and-cpe510.patch → ...e-into-2-profiles-cpe210-and-cpe510.patch b/...e-into-2-profiles-cpe210-and-cpe510.patch → ...e-into-2-profiles-cpe210-and-cpe510.patch
diff --git a/...f518d5e2b7d6526fd7a87a88a268030694a.patch → ...f518d5e2b7d6526fd7a87a88a268030694a.patch b/...f518d5e2b7d6526fd7a87a88a268030694a.patch → ...f518d5e2b7d6526fd7a87a88a268030694a.patch
diff --git a/...xx-split-CPE210-from-CPE510-profile.patch → ...xx-split-CPE210-from-CPE510-profile.patch b/...xx-split-CPE210-from-CPE510-profile.patch → ...xx-split-CPE210-from-CPE510-profile.patch
diff --git a/...5c21ae0ede4e15e66cbd801b9fb502531df.patch → ...5c21ae0ede4e15e66cbd801b9fb502531df.patch b/...5c21ae0ede4e15e66cbd801b9fb502531df.patch → ...5c21ae0ede4e15e66cbd801b9fb502531df.patch
diff --git a/...71xx-Added-support-for-TL-WA801NDv3.patch → ...71xx-Added-support-for-TL-WA801NDv3.patch b/...71xx-Added-support-for-TL-WA801NDv3.patch → ...71xx-Added-support-for-TL-WA801NDv3.patch
diff --git a/...2bc0ea4010ddbfbd738453c9db70988a57c.patch → ...2bc0ea4010ddbfbd738453c9db70988a57c.patch b/...2bc0ea4010ddbfbd738453c9db70988a57c.patch → ...2bc0ea4010ddbfbd738453c9db70988a57c.patch
diff --git a/...upport-for-new-TP-Link-region-codes.patch → ...upport-for-new-TP-Link-region-codes.patch b/...upport-for-new-TP-Link-region-codes.patch → ...upport-for-new-TP-Link-region-codes.patch
diff --git a/...are-add-ath10k-firmware-qca988x-11s.patch → ...are-add-ath10k-firmware-qca988x-11s.patch b/...are-add-ath10k-firmware-qca988x-11s.patch → ...are-add-ath10k-firmware-qca988x-11s.patch
diff --git a/...e-compensation-support-patch-FS-111.patch → ...e-compensation-support-patch-FS-111.patch b/...e-compensation-support-patch-FS-111.patch → ...e-compensation-support-patch-FS-111.patch
diff --git a/...ng-patch-until-it-is-fixed-properly.patch → ...ng-patch-until-it-is-fixed-properly.patch b/...ng-patch-until-it-is-fixed-properly.patch → ...ng-patch-until-it-is-fixed-properly.patch
diff --git a/...gion-code-for-TP-Link-TL-WA901ND-v4.patch → ...gion-code-for-TP-Link-TL-WA901ND-v4.patch b/...gion-code-for-TP-Link-TL-WA901ND-v4.patch → ...gion-code-for-TP-Link-TL-WA901ND-v4.patch
diff --git a/...x-error-in-etc-uci-defaults-01_leds.patch → ...x-error-in-etc-uci-defaults-01_leds.patch b/...x-error-in-etc-uci-defaults-01_leds.patch → ...x-error-in-etc-uci-defaults-01_leds.patch
diff --git a/...y-images-for-TP-Link-TL-WR841ND-v11.patch → ...y-images-for-TP-Link-TL-WR841ND-v11.patch b/...y-images-for-TP-Link-TL-WR841ND-v11.patch → ...y-images-for-TP-Link-TL-WR841ND-v11.patch
diff --git a/...penwrt/0077-x86-64-add-pata-drivers.patch → ...penwrt/0076-x86-64-add-pata-drivers.patch b/...penwrt/0077-x86-64-add-pata-drivers.patch → ...penwrt/0076-x86-64-add-pata-drivers.patch
diff --git a/...8-x86-add-mmc-drivers-to-generic-64.patch → ...7-x86-add-mmc-drivers-to-generic-64.patch b/...8-x86-add-mmc-drivers-to-generic-64.patch → ...7-x86-add-mmc-drivers-to-generic-64.patch
diff --git a/...pio_get-to-return-0-or-1-on-success.patch → ...pio_get-to-return-0-or-1-on-success.patch b/...pio_get-to-return-0-or-1-on-success.patch → ...pio_get-to-return-0-or-1-on-success.patch
diff --git a/...lickering-on-devices-using-rsslieds.patch → ...lickering-on-devices-using-rsslieds.patch b/...lickering-on-devices-using-rsslieds.patch → ...lickering-on-devices-using-rsslieds.patch
diff --git a/...ernel-add-at803x-fix-for-sgmii-mode.patch → ...ernel-add-at803x-fix-for-sgmii-mode.patch b/...ernel-add-at803x-fix-for-sgmii-mode.patch → ...ernel-add-at803x-fix-for-sgmii-mode.patch
diff --git a/...ysupgrade-support-for-TL-WA801ND-v3.patch → ...ysupgrade-support-for-TL-WA801ND-v3.patch b/...ysupgrade-support-for-TL-WA801ND-v3.patch → ...ysupgrade-support-for-TL-WA801ND-v3.patch
diff --git a/...etection-for-TP-Link-Pharos-devices.patch → ...etection-for-TP-Link-Pharos-devices.patch b/...etection-for-TP-Link-Pharos-devices.patch → ...etection-for-TP-Link-Pharos-devices.patch
diff --git a/...dd-Support-for-TP-LINK-TL-WR940N-v4.patch → ...dd-Support-for-TP-LINK-TL-WR940N-v4.patch b/...dd-Support-for-TP-LINK-TL-WR940N-v4.patch → ...dd-Support-for-TP-LINK-TL-WR940N-v4.patch
diff --git a/...to-more-generic-mktplinkfw-combined.patch → ...to-more-generic-mktplinkfw-combined.patch b/...to-more-generic-mktplinkfw-combined.patch → ...to-more-generic-mktplinkfw-combined.patch
diff --git a/...rt-for-TL-WR1043ND-v4-to-mktplinkfw.patch → ...rt-for-TL-WR1043ND-v4-to-mktplinkfw.patch b/...rt-for-TL-WR1043ND-v4-to-mktplinkfw.patch → ...rt-for-TL-WR1043ND-v4-to-mktplinkfw.patch
diff --git a/...add-support-for-TP-LINK-WR1043ND-v4.patch → ...add-support-for-TP-LINK-WR1043ND-v4.patch b/...add-support-for-TP-LINK-WR1043ND-v4.patch → ...add-support-for-TP-LINK-WR1043ND-v4.patch
diff --git a/...tching-of-the-ath-regulatory-domain.patch → ...tching-of-the-ath-regulatory-domain.patch b/...tching-of-the-ath-regulatory-domain.patch → ...tching-of-the-ath-regulatory-domain.patch
diff --git a/...serve-partition-table-on-sysupgrade.patch → ...serve-partition-table-on-sysupgrade.patch b/...serve-partition-table-on-sysupgrade.patch → ...serve-partition-table-on-sysupgrade.patch
diff --git a/...-make-sysupgrade-work-without-partx.patch → ...-make-sysupgrade-work-without-partx.patch b/...-make-sysupgrade-work-without-partx.patch → ...-make-sysupgrade-work-without-partx.patch
diff --git a/...search-PARTUUID-in-any-block-device.patch → ...search-PARTUUID-in-any-block-device.patch b/...search-PARTUUID-in-any-block-device.patch → ...search-PARTUUID-in-any-block-device.patch
diff --git a/...-partition-discovery-for-sysupgrade.patch → ...-partition-discovery-for-sysupgrade.patch b/...-partition-discovery-for-sysupgrade.patch → ...-partition-discovery-for-sysupgrade.patch
diff --git a/...oad.pl-Use-CDN-for-kernel-downloads.patch → ...oad.pl-Use-CDN-for-kernel-downloads.patch b/...oad.pl-Use-CDN-for-kernel-downloads.patch → ...oad.pl-Use-CDN-for-kernel-downloads.patch
diff --git a/...ve-sysupgrade.tgz-only-if-it-exists.patch → ...ve-sysupgrade.tgz-only-if-it-exists.patch b/...ve-sysupgrade.tgz-only-if-it-exists.patch → ...ve-sysupgrade.tgz-only-if-it-exists.patch
diff --git a/...form-upgrade-functions-to-common.sh.patch → ...form-upgrade-functions-to-common.sh.patch b/...form-upgrade-functions-to-common.sh.patch → ...form-upgrade-functions-to-common.sh.patch
diff --git a/...pgrades-on-disks-with-4k-block-size.patch → ...pgrades-on-disks-with-4k-block-size.patch b/...pgrades-on-disks-with-4k-block-size.patch → ...pgrades-on-disks-with-4k-block-size.patch
diff --git a/...riggering-of-interface-update-event.patch → ...riggering-of-interface-update-event.patch b/...riggering-of-interface-update-event.patch → ...riggering-of-interface-update-event.patch
diff --git a/...ort-MSG_PEEK-with-truncated-buffers.patch → ...ort-MSG_PEEK-with-truncated-buffers.patch b/...ort-MSG_PEEK-with-truncated-buffers.patch → ...ort-MSG_PEEK-with-truncated-buffers.patch
diff --git a/patches/openwrt/0098-tools-mkimage-fix-build-with-OpenSSL-1.1.x-FS-182.patch b/patches/openwrt/0098-tools-mkimage-fix-build-with-OpenSSL-1.1.x-FS-182.patch
@@ -0,0 +1,115 @@
+From: Jo-Philipp Wich <jo@mein.io>
+Date: Wed, 30 Nov 2016 18:09:05 +0100
+Subject: tools: mkimage: fix build with OpenSSL 1.1.x (FS#182)
+
+The OpenSSL 1.1.x version series undergone some major API changes which made
+the RSA structure opaque and deprecated a number of methods, so add some
+conditional compat code to make the u-boot source build again.
+
+Signed-off-by: Jo-Philipp Wich <jo@mein.io>
+
+Backport of LEDE 70b104f98c0657323b28fce140b73a94bf3eb756
+
+diff --git a/tools/mkimage/patches/210-openssl-1.1.x-compat.patch b/tools/mkimage/patches/210-openssl-1.1.x-compat.patch
+new file mode 100644
+index 0000000000000000000000000000000000000000..fa7c99f39b0a65f0d784473ca9b8fde836e4fa6e
+--- /dev/null
++++ b/tools/mkimage/patches/210-openssl-1.1.x-compat.patch
+@@ -0,0 +1,97 @@
++--- a/lib/rsa/rsa-sign.c
+++++ b/lib/rsa/rsa-sign.c
++@@ -15,10 +15,25 @@
++ #include <openssl/ssl.h>
++ #include <openssl/evp.h>
++ 
++-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+++#if OPENSSL_VERSION_NUMBER < 0x10000000L
+++#define HAVE_ERR_REMOVE_STATE
+++#elif OPENSSL_VERSION_NUMBER < 0x10100000L
++ #define HAVE_ERR_REMOVE_THREAD_STATE
++ #endif
++ 
+++#if OPENSSL_VERSION_NUMBER < 0x10100005L
+++static void RSA_get0_key(const RSA *r,
+++                         const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
+++{
+++   if (n != NULL)
+++       *n = r->n;
+++   if (e != NULL)
+++       *e = r->e;
+++   if (d != NULL)
+++       *d = r->d;
+++}
+++#endif
+++
++ static int rsa_err(const char *msg)
++ {
++ 	unsigned long sslErr = ERR_get_error();
++@@ -154,7 +169,8 @@ static void rsa_remove(void)
++ 	ERR_free_strings();
++ #ifdef HAVE_ERR_REMOVE_THREAD_STATE
++ 	ERR_remove_thread_state(NULL);
++-#else
+++#endif
+++#ifdef HAVE_ERR_REMOVE_STATE
++ 	ERR_remove_state(0);
++ #endif
++ 	EVP_cleanup();
++@@ -210,7 +226,6 @@ static int rsa_sign_with_key(RSA *rsa, s
++ 		ret = rsa_err("Could not obtain signature");
++ 		goto err_sign;
++ 	}
++-	EVP_MD_CTX_cleanup(context);
++ 	EVP_MD_CTX_destroy(context);
++ 	EVP_PKEY_free(key);
++ 
++@@ -270,23 +285,26 @@ static int rsa_get_exponent(RSA *key, ui
++ 	BIGNUM *bn_te;
++ 	uint64_t te;
++ 
+++	const BIGNUM *bn_e;
+++	RSA_get0_key(key, NULL, &bn_e, NULL);
+++
++ 	ret = -EINVAL;
++ 	bn_te = NULL;
++ 
++ 	if (!e)
++ 		goto cleanup;
++ 
++-	if (BN_num_bits(key->e) > 64)
+++	if (BN_num_bits(bn_e) > 64)
++ 		goto cleanup;
++ 
++-	*e = BN_get_word(key->e);
+++	*e = BN_get_word(bn_e);
++ 
++-	if (BN_num_bits(key->e) < 33) {
+++	if (BN_num_bits(bn_e) < 33) {
++ 		ret = 0;
++ 		goto cleanup;
++ 	}
++ 
++-	bn_te = BN_dup(key->e);
+++	bn_te = BN_dup(bn_e);
++ 	if (!bn_te)
++ 		goto cleanup;
++ 
++@@ -319,6 +337,9 @@ int rsa_get_params(RSA *key, uint64_t *e
++ 	BN_CTX *bn_ctx = BN_CTX_new();
++ 	int ret = 0;
++ 
+++	const BIGNUM *bn_n;
+++	RSA_get0_key(key, &bn_n, NULL, NULL);
+++
++ 	/* Initialize BIGNUMs */
++ 	big1 = BN_new();
++ 	big2 = BN_new();
++@@ -337,7 +358,7 @@ int rsa_get_params(RSA *key, uint64_t *e
++ 	if (0 != rsa_get_exponent(key, exponent))
++ 		ret = -1;
++ 
++-	if (!BN_copy(n, key->n) || !BN_set_word(big1, 1L) ||
+++	if (!BN_copy(n, bn_n) || !BN_set_word(big1, 1L) ||
++ 	    !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L))
++ 		ret = -1;
++ 
diff --git a/patches/openwrt/0099-mkimage-fix-openssl-1.1.x-compat-fix-with-libressl.patch b/patches/openwrt/0099-mkimage-fix-openssl-1.1.x-compat-fix-with-libressl.patch
@@ -0,0 +1,24 @@
+From: Felix Fietkau <nbd@nbd.name>
+Date: Wed, 30 Nov 2016 20:24:31 +0100
+Subject: mkimage: fix openssl 1.1.x compat fix with libressl
+
+libressl sets OPENSSL_VERSION_NUMBER to 0x20000000L, which breaks API
+checks based on it.
+
+Signed-off-by: Felix Fietkau <nbd@nbd.name>
+
+Backport of e678c9f764c37f963e6667777b6a05bddcf05ea5
+
+diff --git a/tools/mkimage/patches/210-openssl-1.1.x-compat.patch b/tools/mkimage/patches/210-openssl-1.1.x-compat.patch
+index fa7c99f39b0a65f0d784473ca9b8fde836e4fa6e..b1bc08856ea13b04d2aba58b551c3dcf2f1d2a0b 100644
+--- a/tools/mkimage/patches/210-openssl-1.1.x-compat.patch
++++ b/tools/mkimage/patches/210-openssl-1.1.x-compat.patch
+@@ -11,7 +11,7 @@
+  #define HAVE_ERR_REMOVE_THREAD_STATE
+  #endif
+
+-+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+++#if (OPENSSL_VERSION_NUMBER < 0x10100005L) || defined(LIBRESSL_VERSION_NUMBER)
+ +static void RSA_get0_key(const RSA *r,
+ +                         const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
+ +{