<feed xmlns='http://www.w3.org/2005/Atom'>
<title>buildroot/package/openssl, branch 2017.11.2</title>
<subtitle>OpenPOWER buildroot sources</subtitle>
<id>https://git.raptorcs.com/git/buildroot/atom?h=2017.11.2</id>
<link rel='self' href='https://git.raptorcs.com/git/buildroot/atom?h=2017.11.2'/>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/'/>
<updated>2017-11-06T14:17:45+00:00</updated>
<entry>
<title>openssl: disable libressl on uClibc noMMU</title>
<updated>2017-11-06T14:17:45+00:00</updated>
<author>
<name>Thomas Petazzoni</name>
<email>thomas.petazzoni@free-electrons.com</email>
</author>
<published>2017-11-06T09:54:21+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=1f1a242e62c0654893e6563d09eb90a2ae807334'/>
<id>urn:sha1:1f1a242e62c0654893e6563d09eb90a2ae807334</id>
<content type='text'>
uClibc doesn't implement __register_atfork() on noMMU systems, causing
a build failure of libressl. Since openssl is available as an
alternative on such platforms, we just disable libressl on
uClibc/noMMU systems.

Fixes:

/home/thomas/projets/buildroot/output/build/libressl-2.5.5/crypto/.libs/libcrypto.a(arc4random.o): In function `_rs_init.part.1':
arc4random.c:(.text+0x74): undefined reference to `__register_atfork'
collect2: error: ld returned 1 exit status

This build issue is not visible in the autobuilders, because libressl
is only selectable through a choice, which isn't randomized by the
autobuilder logic.

Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>openssl: unconditionally define BR2_PACKAGE_PROVIDES_HOST_OPENSSL</title>
<updated>2017-10-22T12:04:48+00:00</updated>
<author>
<name>Peter Korsgaard</name>
<email>peter@korsgaard.com</email>
</author>
<published>2017-10-22T11:56:01+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=915a627fce1eb9fdb90001131f79aab249742488'/>
<id>urn:sha1:915a627fce1eb9fdb90001131f79aab249742488</id>
<content type='text'>
Fixes:
http://autobuild.buildroot.net/results/207/207d0ca1fe5328e675246c851fcb0d5685f8c0bd/
http://autobuild.buildroot.net/results/546/546a56d6dd39e5e9ecfe25fd36a00510e6c0c45b/

host-openssl may be used without openssl being enabled for the target, so
move BR2_PACKAGE_PROVIDES_HOST_OPENSSL outside the BR2_PACKAGE_OPENSSL
conditional.

While we're at it, add a comment explaining what this magic config symbol does.

Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>openssl: add libressl as a provider</title>
<updated>2017-10-21T19:28:13+00:00</updated>
<author>
<name>Adam Duskett</name>
<email>aduskett@gmail.com</email>
</author>
<published>2017-10-18T02:32:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=791ceb583b3592621031e4241f12932d09e00a3a'/>
<id>urn:sha1:791ceb583b3592621031e4241f12932d09e00a3a</id>
<content type='text'>
At this point, libressl can be added to the openssl virtual package.

- Remove the entry package/libressl/Config.in from package/Config.in
- Remove the file: package/libressl/Config.in
- Add libressl entry to package/openssl/Config.in

Signed-off-by: Adam Duskett &lt;Adamduskett@outlook.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>openssl: introduce BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL</title>
<updated>2017-10-21T19:28:13+00:00</updated>
<author>
<name>Thomas Petazzoni</name>
<email>thomas.petazzoni@free-electrons.com</email>
</author>
<published>2017-10-21T16:21:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=123e0c9fefcf53641b8e80254929d485a1783f36'/>
<id>urn:sha1:123e0c9fefcf53641b8e80254929d485a1783f36</id>
<content type='text'>
Some packages that use openssl are not compatible with libressl, only
with the real openssl (known as libopenssl in Buildroot). So before we
add libressl as a provider for the openssl virtual package, we
introduce a BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL hidden option that
packages incompatible with LibreSSL will be able to select.

This will allow packages that need OpenSSL to continue using "select",
without having to change to using "depends on" dependencies.

Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>openssl: new virtual package</title>
<updated>2017-10-21T19:28:13+00:00</updated>
<author>
<name>Adam Duskett</name>
<email>aduskett@gmail.com</email>
</author>
<published>2017-10-18T02:32:28+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=f974a493f03bf9ab9df9111782e838a70d616a57'/>
<id>urn:sha1:f974a493f03bf9ab9df9111782e838a70d616a57</id>
<content type='text'>
To ease the transition to having both OpenSSL and LibreSSL, there has to be
a new virtual package introduced to handle both.

Instead of making a libssl, and adding OpenSSL and libressl to that package,
it will be far easier to move openssl to libopenssl and to make OpenSSL
a virtual package.  This offers a few advantages:

- BR2_PACKAGE_OPENSSL is still a visible symbol with no dependencies.
- It does not require a huge patch to convert every instance of
  OpenSSL -&gt; libssl)
- Users will be able to update without ever having to select anything new.
- LibreSSL can be added at a later date to the virtual package.

Signed-off-by: Adam Duskett &lt;Adamduskett@outlook.com&gt;
[Thomas: define BR2_PACKAGE_PROVIDES_HOST_OPENSSL to the value
"host-libopenssl" as we always want to use the original OpenSSL for
the host variant.]
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>generic packages: use $(HOST_DIR) instead of $(HOST_DIR)/usr as prefix</title>
<updated>2017-07-05T13:19:02+00:00</updated>
<author>
<name>Arnout Vandecappelle</name>
<email>arnout@mind.be</email>
</author>
<published>2017-07-05T11:14:18+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=15bff58f3e627fc328dd2614fabbbae70113794b'/>
<id>urn:sha1:15bff58f3e627fc328dd2614fabbbae70113794b</id>
<content type='text'>
Remove the redundant usr/ component of the HOST_DIR paths. Since a
previous commit added a symlink from $(HOST_DIR)/usr to $(HOST_DIR),
everything keeps on working.

This is a mechanical change with
git grep -l '\$(HOST_DIR)/usr' | xargs sed -i 's%\(prefix\|PREFIX\)=\("\?\)\$(HOST_DIR)/usr%\1=\2$(HOST_DIR)%g'

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) &lt;arnout@mind.be&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>package/openssl: bump verstion to 1.0.2l</title>
<updated>2017-05-28T12:55:59+00:00</updated>
<author>
<name>Bernd Kuhls</name>
<email>bernd.kuhls@t-online.de</email>
</author>
<published>2017-05-28T10:47:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=0b4f96335b9597ec68c4e560d5eae8ae605cf9ef'/>
<id>urn:sha1:0b4f96335b9597ec68c4e560d5eae8ae605cf9ef</id>
<content type='text'>
According to https://www.openssl.org/news/newslog.html this release
does not contain security fixes.

Signed-off-by: Bernd Kuhls &lt;bernd.kuhls@t-online.de&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>openssl: security bump to version 1.0.2k</title>
<updated>2017-01-26T21:34:36+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo@zacarias.com.ar</email>
</author>
<published>2017-01-26T20:07:56+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=f9a6a2df56012b2ee6d171ca9371910c668bfa78'/>
<id>urn:sha1:f9a6a2df56012b2ee6d171ca9371910c668bfa78</id>
<content type='text'>
Fixes:
CVE-2017-3731 - Truncated packet could crash via OOB read.
CVE-2017-3732 - BN_mod_exp may produce incorrect results on x86_64
CVE-2016-7055 - Montgomery multiplication may produce incorrect results

Signed-off-by: Gustavo Zacarias &lt;gustavo@zacarias.com.ar&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>openssl: use $(HOST_MAKE_ENV) when calling $(MAKE)</title>
<updated>2016-10-22T13:19:24+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo.zacarias@free-electrons.com</email>
</author>
<published>2016-10-17T16:05:59+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=e290ae72024c3db1f1213012bcf8c25f25056be1'/>
<id>urn:sha1:e290ae72024c3db1f1213012bcf8c25f25056be1</id>
<content type='text'>
Signed-off-by: Gustavo Zacarias &lt;gustavo.zacarias@free-electrons.com&gt;
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) &lt;arnout@mind.be&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>openssl: use $(TARGET_MAKE_ENV) when calling $(MAKE)</title>
<updated>2016-10-15T12:16:54+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo.zacarias@free-electrons.com</email>
</author>
<published>2016-10-13T22:13:22+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=a5a74fcdf25b29955e7df669a279edc0fac8a6fa'/>
<id>urn:sha1:a5a74fcdf25b29955e7df669a279edc0fac8a6fa</id>
<content type='text'>
Signed-off-by: Gustavo Zacarias &lt;gustavo.zacarias@free-electrons.com&gt;
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) &lt;arnout@mind.be&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
</feed>
