<feed xmlns='http://www.w3.org/2005/Atom'>
<title>buildroot/package/openssl/Config.in, branch 2017.11</title>
<subtitle>OpenPOWER buildroot sources</subtitle>
<id>https://git.raptorcs.com/git/buildroot/atom?h=2017.11</id>
<link rel='self' href='https://git.raptorcs.com/git/buildroot/atom?h=2017.11'/>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/'/>
<updated>2017-11-06T14:17:45+00:00</updated>
<entry>
<title>openssl: disable libressl on uClibc noMMU</title>
<updated>2017-11-06T14:17:45+00:00</updated>
<author>
<name>Thomas Petazzoni</name>
<email>thomas.petazzoni@free-electrons.com</email>
</author>
<published>2017-11-06T09:54:21+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=1f1a242e62c0654893e6563d09eb90a2ae807334'/>
<id>urn:sha1:1f1a242e62c0654893e6563d09eb90a2ae807334</id>
<content type='text'>
uClibc doesn't implement __register_atfork() on noMMU systems, causing
a build failure of libressl. Since openssl is available as an
alternative on such platforms, we just disable libressl on
uClibc/noMMU systems.

Fixes:

/home/thomas/projets/buildroot/output/build/libressl-2.5.5/crypto/.libs/libcrypto.a(arc4random.o): In function `_rs_init.part.1':
arc4random.c:(.text+0x74): undefined reference to `__register_atfork'
collect2: error: ld returned 1 exit status

This build issue is not visible in the autobuilders, because libressl
is only selectable through a choice, which isn't randomized by the
autobuilder logic.

Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>openssl: unconditionally define BR2_PACKAGE_PROVIDES_HOST_OPENSSL</title>
<updated>2017-10-22T12:04:48+00:00</updated>
<author>
<name>Peter Korsgaard</name>
<email>peter@korsgaard.com</email>
</author>
<published>2017-10-22T11:56:01+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=915a627fce1eb9fdb90001131f79aab249742488'/>
<id>urn:sha1:915a627fce1eb9fdb90001131f79aab249742488</id>
<content type='text'>
Fixes:
http://autobuild.buildroot.net/results/207/207d0ca1fe5328e675246c851fcb0d5685f8c0bd/
http://autobuild.buildroot.net/results/546/546a56d6dd39e5e9ecfe25fd36a00510e6c0c45b/

host-openssl may be used without openssl being enabled for the target, so
move BR2_PACKAGE_PROVIDES_HOST_OPENSSL outside the BR2_PACKAGE_OPENSSL
conditional.

While we're at it, add a comment explaining what this magic config symbol does.

Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>openssl: add libressl as a provider</title>
<updated>2017-10-21T19:28:13+00:00</updated>
<author>
<name>Adam Duskett</name>
<email>aduskett@gmail.com</email>
</author>
<published>2017-10-18T02:32:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=791ceb583b3592621031e4241f12932d09e00a3a'/>
<id>urn:sha1:791ceb583b3592621031e4241f12932d09e00a3a</id>
<content type='text'>
At this point, libressl can be added to the openssl virtual package.

- Remove the entry package/libressl/Config.in from package/Config.in
- Remove the file: package/libressl/Config.in
- Add libressl entry to package/openssl/Config.in

Signed-off-by: Adam Duskett &lt;Adamduskett@outlook.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>openssl: introduce BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL</title>
<updated>2017-10-21T19:28:13+00:00</updated>
<author>
<name>Thomas Petazzoni</name>
<email>thomas.petazzoni@free-electrons.com</email>
</author>
<published>2017-10-21T16:21:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=123e0c9fefcf53641b8e80254929d485a1783f36'/>
<id>urn:sha1:123e0c9fefcf53641b8e80254929d485a1783f36</id>
<content type='text'>
Some packages that use openssl are not compatible with libressl, only
with the real openssl (known as libopenssl in Buildroot). So before we
add libressl as a provider for the openssl virtual package, we
introduce a BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL hidden option that
packages incompatible with LibreSSL will be able to select.

This will allow packages that need OpenSSL to continue using "select",
without having to change to using "depends on" dependencies.

Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>openssl: new virtual package</title>
<updated>2017-10-21T19:28:13+00:00</updated>
<author>
<name>Adam Duskett</name>
<email>aduskett@gmail.com</email>
</author>
<published>2017-10-18T02:32:28+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=f974a493f03bf9ab9df9111782e838a70d616a57'/>
<id>urn:sha1:f974a493f03bf9ab9df9111782e838a70d616a57</id>
<content type='text'>
To ease the transition to having both OpenSSL and LibreSSL, there has to be
a new virtual package introduced to handle both.

Instead of making a libssl, and adding OpenSSL and libressl to that package,
it will be far easier to move openssl to libopenssl and to make OpenSSL
a virtual package.  This offers a few advantages:

- BR2_PACKAGE_OPENSSL is still a visible symbol with no dependencies.
- It does not require a huge patch to convert every instance of
  OpenSSL -&gt; libssl)
- Users will be able to update without ever having to select anything new.
- LibreSSL can be added at a later date to the virtual package.

Signed-off-by: Adam Duskett &lt;Adamduskett@outlook.com&gt;
[Thomas: define BR2_PACKAGE_PROVIDES_HOST_OPENSSL to the value
"host-libopenssl" as we always want to use the original OpenSSL for
the host variant.]
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>openssl: drop !static dependency from OPENSSL_BIN option</title>
<updated>2015-07-09T06:55:16+00:00</updated>
<author>
<name>Peter Korsgaard</name>
<email>peter@korsgaard.com</email>
</author>
<published>2015-07-09T06:55:16+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=ecd8e9b238fdac958a9174984c8e64e79c866ebe'/>
<id>urn:sha1:ecd8e9b238fdac958a9174984c8e64e79c866ebe</id>
<content type='text'>
The dependency doesn't make sense now that the option only controls if the
built binary gets installed into the target or not, so drop it.

Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>openssl: always build apps</title>
<updated>2015-07-06T15:09:45+00:00</updated>
<author>
<name>Benoît Thébaudeau</name>
<email>benoit@wsystem.com</email>
</author>
<published>2015-07-06T13:06:08+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=a7bc0b96233900a4f36cbb333c12ad64b03f8db9'/>
<id>urn:sha1:a7bc0b96233900a4f36cbb333c12ad64b03f8db9</id>
<content type='text'>
Now that building the openssl binary without MMU is supported, the only
reason left for not building apps if the openssl binary is disabled is
to save build time. Moreover, the commit
720893b62510438237b9923d744dd079ddb4f67d "openssl: disable apps for
NOMMU", which added this behavior, had a side effect: the scripts from
apps (CA.pl, CA.sh and tsget) and the default configuration file
(openssl.cnf) were no longer installed, which is not advertized by the
BR2_PACKAGE_OPENSSL_BIN option. CA.pl and CA.sh use the openssl binary,
so not installing them without the latter makes sense. But tsget does
not use the openssl binary, and openssl.cnf can be used by libcrypto, so
it is preferable to handle BR2_PACKAGE_OPENSSL_BIN like before the
commit mentioned above, i.e. to always build and install apps and to
just remove the openssl binary afterwards if needed.

This is what the current commit does, but installing only the helper
scripts having their dependencies (perl or the openssl binary)
satisfied. The help text is updated accordingly.

Signed-off-by: Benoît Thébaudeau &lt;benoit@wsystem.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>openssl: support building the binary without MMU</title>
<updated>2015-06-30T14:44:12+00:00</updated>
<author>
<name>Benoît Thébaudeau</name>
<email>benoit@wsystem.com</email>
</author>
<published>2015-06-19T10:54:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=c8937ade4bc29fd8a502b8e9cd0b392a7e76fa30'/>
<id>urn:sha1:c8937ade4bc29fd8a502b8e9cd0b392a7e76fa30</id>
<content type='text'>
The commit 720893b62510438237b9923d744dd079ddb4f67d "openssl: disable
apps for NOMMU" prevented the openssl binary from being built without
MMU in order to fix a build failure without fork(). However, openssl is
designed to support the lack of fork() with -DHAVE_FORK=0, so allow the
openssl binary to be enabled without MMU thanks to this option.

Signed-off-by: Benoît Thébaudeau &lt;benoit@wsystem.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>package/openssl: bin/openssl depends on dynamic linking</title>
<updated>2015-04-19T09:38:37+00:00</updated>
<author>
<name>Bernd Kuhls</name>
<email>bernd.kuhls@t-online.de</email>
</author>
<published>2015-04-12T15:06:36+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=ffd5125be14dbd1293571267a76a76eea3ede188'/>
<id>urn:sha1:ffd5125be14dbd1293571267a76a76eea3ede188</id>
<content type='text'>
Fixes
/home/br/br3/output/host/usr/lib/gcc/i586-buildroot-linux-uclibc/4.8.4/../../../../i586-buildroot-linux-uclibc/bin/ld: cannot find -ldl

using this defconfig

BR2_STATIC_LIBS=y
BR2_PACKAGE_OPENSSL=y
BR2_PACKAGE_OPENSSL_BIN=y

Quoting PROBLEMS:
"We don't have framework to associate -ldl with no-dso, therefore the only
way is to edit Makefile right after ./config no-dso and remove -ldl from
EX_LIBS line."

To not make the build procedure more complicated disable static building of
bin/openssl.

[Thomas: add corresponding kconfig comment.]

Signed-off-by: Bernd Kuhls &lt;bernd.kuhls@t-online.de&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>Config.in files: use if/endif instead of 'depends on' for main symbol</title>
<updated>2013-12-25T11:21:39+00:00</updated>
<author>
<name>Thomas De Schampheleire</name>
<email>patrickdepinguin@gmail.com</email>
</author>
<published>2013-12-20T21:31:30+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=35eaed8d07bdc73a83990bc306fcdb08b2e70eaf'/>
<id>urn:sha1:35eaed8d07bdc73a83990bc306fcdb08b2e70eaf</id>
<content type='text'>
In the Config.in file of package foo, it often happens that there are other
symbols besides BR2_PACKAGE_FOO. Typically, these symbols only make sense
when foo itself is enabled. There are two ways to express this: with
    depends on BR2_PACKAGE_FOO
in each extra symbol, or with
    if BR2_PACKAGE_FOO
        ...
    endif
around the entire set of extra symbols.

The if/endif approach avoids the repetition of 'depends on' statements on
multiple symbols, so this is clearly preferred. But even when there is only
one extra symbol, if/endif is a more logical choice:
- it is future-proof for when extra symbols are added
- it allows to have just one strategy instead of two (less confusion)

This patch modifies the Config.in files accordingly.

Signed-off-by: Thomas De Schampheleire &lt;thomas.de.schampheleire@gmail.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
</feed>
