Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
build: backport patches for build with OpenSSL 1.1
- Loading branch information
Showing
53 changed files
with
434 additions
and
30 deletions.
There are no files selected for viewing
File renamed without changes.
30 changes: 0 additions & 30 deletions
30
patches/openwrt/0049-tools-cmake-fix-parallel-build-with-Make-4.2.patch
This file was deleted.
Oops, something went wrong.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
115 changes: 115 additions & 0 deletions
115
patches/openwrt/0098-tools-mkimage-fix-build-with-OpenSSL-1.1.x-FS-182.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,115 @@ | ||
From: Jo-Philipp Wich <jo@mein.io> | ||
Date: Wed, 30 Nov 2016 18:09:05 +0100 | ||
Subject: tools: mkimage: fix build with OpenSSL 1.1.x (FS#182) | ||
|
||
The OpenSSL 1.1.x version series undergone some major API changes which made | ||
the RSA structure opaque and deprecated a number of methods, so add some | ||
conditional compat code to make the u-boot source build again. | ||
|
||
Signed-off-by: Jo-Philipp Wich <jo@mein.io> | ||
|
||
Backport of LEDE 70b104f98c0657323b28fce140b73a94bf3eb756 | ||
|
||
diff --git a/tools/mkimage/patches/210-openssl-1.1.x-compat.patch b/tools/mkimage/patches/210-openssl-1.1.x-compat.patch | ||
new file mode 100644 | ||
index 0000000000000000000000000000000000000000..fa7c99f39b0a65f0d784473ca9b8fde836e4fa6e | ||
--- /dev/null | ||
+++ b/tools/mkimage/patches/210-openssl-1.1.x-compat.patch | ||
@@ -0,0 +1,97 @@ | ||
+--- a/lib/rsa/rsa-sign.c | ||
++++ b/lib/rsa/rsa-sign.c | ||
+@@ -15,10 +15,25 @@ | ||
+ #include <openssl/ssl.h> | ||
+ #include <openssl/evp.h> | ||
+ | ||
+-#if OPENSSL_VERSION_NUMBER >= 0x10000000L | ||
++#if OPENSSL_VERSION_NUMBER < 0x10000000L | ||
++#define HAVE_ERR_REMOVE_STATE | ||
++#elif OPENSSL_VERSION_NUMBER < 0x10100000L | ||
+ #define HAVE_ERR_REMOVE_THREAD_STATE | ||
+ #endif | ||
+ | ||
++#if OPENSSL_VERSION_NUMBER < 0x10100005L | ||
++static void RSA_get0_key(const RSA *r, | ||
++ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) | ||
++{ | ||
++ if (n != NULL) | ||
++ *n = r->n; | ||
++ if (e != NULL) | ||
++ *e = r->e; | ||
++ if (d != NULL) | ||
++ *d = r->d; | ||
++} | ||
++#endif | ||
++ | ||
+ static int rsa_err(const char *msg) | ||
+ { | ||
+ unsigned long sslErr = ERR_get_error(); | ||
+@@ -154,7 +169,8 @@ static void rsa_remove(void) | ||
+ ERR_free_strings(); | ||
+ #ifdef HAVE_ERR_REMOVE_THREAD_STATE | ||
+ ERR_remove_thread_state(NULL); | ||
+-#else | ||
++#endif | ||
++#ifdef HAVE_ERR_REMOVE_STATE | ||
+ ERR_remove_state(0); | ||
+ #endif | ||
+ EVP_cleanup(); | ||
+@@ -210,7 +226,6 @@ static int rsa_sign_with_key(RSA *rsa, s | ||
+ ret = rsa_err("Could not obtain signature"); | ||
+ goto err_sign; | ||
+ } | ||
+- EVP_MD_CTX_cleanup(context); | ||
+ EVP_MD_CTX_destroy(context); | ||
+ EVP_PKEY_free(key); | ||
+ | ||
+@@ -270,23 +285,26 @@ static int rsa_get_exponent(RSA *key, ui | ||
+ BIGNUM *bn_te; | ||
+ uint64_t te; | ||
+ | ||
++ const BIGNUM *bn_e; | ||
++ RSA_get0_key(key, NULL, &bn_e, NULL); | ||
++ | ||
+ ret = -EINVAL; | ||
+ bn_te = NULL; | ||
+ | ||
+ if (!e) | ||
+ goto cleanup; | ||
+ | ||
+- if (BN_num_bits(key->e) > 64) | ||
++ if (BN_num_bits(bn_e) > 64) | ||
+ goto cleanup; | ||
+ | ||
+- *e = BN_get_word(key->e); | ||
++ *e = BN_get_word(bn_e); | ||
+ | ||
+- if (BN_num_bits(key->e) < 33) { | ||
++ if (BN_num_bits(bn_e) < 33) { | ||
+ ret = 0; | ||
+ goto cleanup; | ||
+ } | ||
+ | ||
+- bn_te = BN_dup(key->e); | ||
++ bn_te = BN_dup(bn_e); | ||
+ if (!bn_te) | ||
+ goto cleanup; | ||
+ | ||
+@@ -319,6 +337,9 @@ int rsa_get_params(RSA *key, uint64_t *e | ||
+ BN_CTX *bn_ctx = BN_CTX_new(); | ||
+ int ret = 0; | ||
+ | ||
++ const BIGNUM *bn_n; | ||
++ RSA_get0_key(key, &bn_n, NULL, NULL); | ||
++ | ||
+ /* Initialize BIGNUMs */ | ||
+ big1 = BN_new(); | ||
+ big2 = BN_new(); | ||
+@@ -337,7 +358,7 @@ int rsa_get_params(RSA *key, uint64_t *e | ||
+ if (0 != rsa_get_exponent(key, exponent)) | ||
+ ret = -1; | ||
+ | ||
+- if (!BN_copy(n, key->n) || !BN_set_word(big1, 1L) || | ||
++ if (!BN_copy(n, bn_n) || !BN_set_word(big1, 1L) || | ||
+ !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L)) | ||
+ ret = -1; | ||
+ |
24 changes: 24 additions & 0 deletions
24
patches/openwrt/0099-mkimage-fix-openssl-1.1.x-compat-fix-with-libressl.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
From: Felix Fietkau <nbd@nbd.name> | ||
Date: Wed, 30 Nov 2016 20:24:31 +0100 | ||
Subject: mkimage: fix openssl 1.1.x compat fix with libressl | ||
|
||
libressl sets OPENSSL_VERSION_NUMBER to 0x20000000L, which breaks API | ||
checks based on it. | ||
|
||
Signed-off-by: Felix Fietkau <nbd@nbd.name> | ||
|
||
Backport of e678c9f764c37f963e6667777b6a05bddcf05ea5 | ||
|
||
diff --git a/tools/mkimage/patches/210-openssl-1.1.x-compat.patch b/tools/mkimage/patches/210-openssl-1.1.x-compat.patch | ||
index fa7c99f39b0a65f0d784473ca9b8fde836e4fa6e..b1bc08856ea13b04d2aba58b551c3dcf2f1d2a0b 100644 | ||
--- a/tools/mkimage/patches/210-openssl-1.1.x-compat.patch | ||
+++ b/tools/mkimage/patches/210-openssl-1.1.x-compat.patch | ||
@@ -11,7 +11,7 @@ | ||
#define HAVE_ERR_REMOVE_THREAD_STATE | ||
#endif | ||
|
||
-+#if OPENSSL_VERSION_NUMBER < 0x10100005L | ||
++#if (OPENSSL_VERSION_NUMBER < 0x10100005L) || defined(LIBRESSL_VERSION_NUMBER) | ||
+static void RSA_get0_key(const RSA *r, | ||
+ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) | ||
+{ |
Oops, something went wrong.