75 files changed, 2380 insertions, 770 deletions

diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/android-tools-adbd.service b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/android-tools-adbd.service
index 88ed6871d..ddf8d7f74 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/android-tools-adbd.service
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/android-tools-adbd.service
@@ -1,12 +1,13 @@
 [Unit]
 Description=Android Debug Bridge
+ConditionPathExists=/var/usb-debugging-enabled
+Before=android-system.service
 
 [Service]
 Type=simple
 Restart=on-failure
-ExecStartPre=/usr/bin/android-gadget-setup adb
+ExecStartPre=-/usr/bin/android-gadget-setup adb
 ExecStart=/usr/bin/adbd
-StandardOutput=null
 
 [Install]
 WantedBy=basic.target
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0001-adb-remove-selinux-extensions.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0001-adb-remove-selinux-extensions.patch
new file mode 100644
index 000000000..7d20c5068
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0001-adb-remove-selinux-extensions.patch
@@ -0,0 +1,44 @@
+From 7b7200727413ca4a9bb132221c543ec033dffafa Mon Sep 17 00:00:00 2001
+From: Sergio Schvezov <sergio.schvezov@canonical.com>
+Date: Wed, 7 Sep 2016 12:58:47 +0300
+Subject: [PATCH] adb: remove selinux extensions
+
+* drop useless includes of Android SELINUX extensions
+* avoids having to clone another module
+* this should be sent upstream
+
+Upstream-Status: Inappropriate
+
+Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
+---
+ adb/file_sync_service.c | 3 ---
+ 1 file changed, 3 deletions(-)
+
+diff --git a/adb/file_sync_service.c b/adb/file_sync_service.c
+index 7933858516..3cbd0cd863 100644
+--- a/adb/file_sync_service.c
++++ b/adb/file_sync_service.c
+@@ -26,7 +26,6 @@
+ 
+ #include <errno.h>
+ #include <private/android_filesystem_config.h>
+-#include <selinux/android.h>
+ #include "sysdeps.h"
+ 
+ #define TRACE_TAG  TRACE_SYNC
+@@ -73,7 +72,6 @@ static int mkdirs(char *name)
+                 *x = '/';
+                 return ret;
+             }
+-            selinux_android_restorecon(name, 0);
+         }
+         *x++ = '/';
+     }
+@@ -251,7 +249,6 @@ static int handle_send_file(int s, char *path, uid_t uid,
+     if(fd >= 0) {
+         struct utimbuf u;
+         adb_close(fd);
+-        selinux_android_restorecon(path, 0);
+         u.actime = timestamp;
+         u.modtime = timestamp;
+         utime(path, &u);
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/use-local-socket.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0002-adb-Use-local-sockets-where-appropriate.patch
index 7facd61b9..3627110ad 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/use-local-socket.patch
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0002-adb-Use-local-sockets-where-appropriate.patch
@@ -1,15 +1,19 @@
-Subject: adb: Use local sockets where appropriate
-Author: Hilko Bengen <bengen@debian.org>
+From d855f042ca09a358cebe2d3c1d29d512afd7ebb8 Mon Sep 17 00:00:00 2001
+From: Hilko Bengen <bengen@debian.org>
+Date: Wed, 7 Sep 2016 12:58:47 +0300
+Subject: [PATCH] adb: Use local sockets where appropriate
 
 Upstream-Status: Inappropriate
 ---
- system/core/adb/adb.c             |    6 +++++-
- system/core/adb/adb_client.c      |    5 +++--
- system/core/adb/transport_local.c |    3 ++-
+ adb/adb.c             | 6 +++++-
+ adb/adb_client.c      | 5 +++--
+ adb/transport_local.c | 3 ++-
  3 files changed, 10 insertions(+), 4 deletions(-)
 
---- a/system/core/adb/adb.c
-+++ b/system/core/adb/adb.c
+diff --git a/adb/adb.c b/adb/adb.c
+index 10a1e0da26..027edd9359 100644
+--- a/adb/adb.c
++++ b/adb/adb.c
 @@ -1230,7 +1230,11 @@ int launch_server(int server_port)
   */
  void build_local_name(char* target_str, size_t target_size, int server_port)
@@ -23,8 +27,10 @@ Upstream-Status: Inappropriate
  }
  
  #if !ADB_HOST
---- a/system/core/adb/adb_client.c
-+++ b/system/core/adb/adb_client.c
+diff --git a/adb/adb_client.c b/adb/adb_client.c
+index eb1720d22c..a383faefe3 100644
+--- a/adb/adb_client.c
++++ b/adb/adb_client.c
 @@ -185,12 +185,12 @@ int _adb_connect(const char *service)
          strcpy(__adb_error, "service name too long");
          return -1;
@@ -48,9 +54,11 @@ Upstream-Status: Inappropriate
      if(writex(fd, tmp, 4) || writex(fd, service, len)) {
          strcpy(__adb_error, "write failure during connection");
          adb_close(fd);
---- a/system/core/adb/transport_local.c
-+++ b/system/core/adb/transport_local.c
-@@ -121,7 +121,8 @@ int local_connect_arbitrary_ports(int co
+diff --git a/adb/transport_local.c b/adb/transport_local.c
+index 948cc15812..71582a8c88 100644
+--- a/adb/transport_local.c
++++ b/adb/transport_local.c
+@@ -121,7 +121,8 @@ int local_connect_arbitrary_ports(int console_port, int adb_port)
      }
  #endif
      if (fd < 0) {
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0003-adb-define-shell-command.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0003-adb-define-shell-command.patch
new file mode 100644
index 000000000..cf1d9cbc3
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0003-adb-define-shell-command.patch
@@ -0,0 +1,29 @@
+From 4421c2e19946dcd651fd8ac022b96627fc526149 Mon Sep 17 00:00:00 2001
+From: Fathi Boudra <fabo@debian.org>
+Date: Wed, 7 Sep 2016 12:58:47 +0300
+Subject: [PATCH] adb: define shell command
+
+we intend to run on Linux system so the shell is always /bin/sh,
+for the host or the target.
+
+Upstream-Status: Inappropriate
+---
+ adb/services.c | 4 ----
+ 1 file changed, 4 deletions(-)
+
+diff --git a/adb/services.c b/adb/services.c
+index 21b08dc201..d44b0c5068 100644
+--- a/adb/services.c
++++ b/adb/services.c
+@@ -299,11 +299,7 @@ static int create_subproc_raw(const char *cmd, const char *arg0, const char *arg
+ }
+ #endif  /* !ABD_HOST */
+ 
+-#if ADB_HOST
+ #define SHELL_COMMAND "/bin/sh"
+-#else
+-#define SHELL_COMMAND "/system/bin/sh"
+-#endif
+ 
+ #if !ADB_HOST
+ static void subproc_waiter_service(int fd, void *cookie)
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/fix-big-endian-build.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0004-adb-Fix-build-on-big-endian-systems.patch
index 8deaf3a3d..79e9d4d3b 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/fix-big-endian-build.patch
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0004-adb-Fix-build-on-big-endian-systems.patch
@@ -1,4 +1,7 @@
-Fix build on big endian systems
+From 548b8ca62c64a16305929e2eaf3d546d48de9c25 Mon Sep 17 00:00:00 2001
+From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+Date: Tue, 21 Feb 2017 19:46:24 +0100
+Subject: [PATCH] adb: Fix build on big endian systems
 
 The usb_linux_client.c file defines cpu_to_le16/32 by using the C
 library htole16/32 function calls. However, cpu_to_le16/32 are used
@@ -14,11 +17,14 @@ To solve this, we simply open-code cpu_to_le16/32 in a way that allows
 them to be used when initializing structures.
 
 Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+---
+ adb/usb_linux_client.c | 11 +++++++++--
+ 1 file changed, 9 insertions(+), 2 deletions(-)
 
-Index: b/system/core/adb/usb_linux_client.c
-===================================================================
---- a/system/core/adb/usb_linux_client.c
-+++ b/system/core/adb/usb_linux_client.c
+diff --git a/adb/usb_linux_client.c b/adb/usb_linux_client.c
+index 8426e0ea14..6e8b5bbbd2 100644
+--- a/adb/usb_linux_client.c
++++ b/adb/usb_linux_client.c
 @@ -34,8 +34,15 @@
  #define MAX_PACKET_SIZE_FS	64
  #define MAX_PACKET_SIZE_HS	512
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/0001-add-base64-implementation.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0005-adb-add-base64-implementation.patch
index 680d21f3a..fcd4ae238 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/0001-add-base64-implementation.patch
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0005-adb-add-base64-implementation.patch
@@ -1,21 +1,21 @@
-From bbeb72f11c64f190b23abbed5f44311bd021bdc9 Mon Sep 17 00:00:00 2001
+From 753bcb5971401b82fb2e6197d31c9e386f6d0392 Mon Sep 17 00:00:00 2001
 From: Khem Raj <raj.khem@gmail.com>
 Date: Fri, 15 Sep 2017 15:46:38 -0700
-Subject: [PATCH 1/2] add base64 implementation
+Subject: [PATCH] adb: add base64 implementation
 
 musl needs it
 
 Signed-off-by: Khem Raj <raj.khem@gmail.com>
 ---
- system/core/adb/adb_auth_client.c |   2 +-
- system/core/adb/base64.c          | 315 ++++++++++++++++++++++++++++++++++++++
+ adb/adb_auth_client.c |   2 +-
+ adb/base64.c          | 315 ++++++++++++++++++++++++++++++++++++++++++
  2 files changed, 316 insertions(+), 1 deletion(-)
- create mode 100644 system/core/adb/base64.c
+ create mode 100644 adb/base64.c
 
-diff --git a/system/core/adb/adb_auth_client.c b/system/core/adb/adb_auth_client.c
-index 55e9dca..104b413 100644
---- a/system/core/adb/adb_auth_client.c
-+++ b/system/core/adb/adb_auth_client.c
+diff --git a/adb/adb_auth_client.c b/adb/adb_auth_client.c
+index 55e9dcad19..104b413b8b 100644
+--- a/adb/adb_auth_client.c
++++ b/adb/adb_auth_client.c
 @@ -75,7 +75,7 @@ static void read_keys(const char *file, struct listnode *list)
          if (sep)
              *sep = '\0';
@@ -25,11 +25,11 @@ index 55e9dca..104b413 100644
          if (ret != sizeof(key->key)) {
              D("%s: Invalid base64 data ret=%d\n", file, ret);
              free(key);
-diff --git a/system/core/adb/base64.c b/system/core/adb/base64.c
+diff --git a/adb/base64.c b/adb/base64.c
 new file mode 100644
-index 0000000..95da284
+index 0000000000..95da284d0d
 --- /dev/null
-+++ b/system/core/adb/base64.c
++++ b/adb/base64.c
 @@ -0,0 +1,315 @@
 +/*
 + * Copyright (c) 1996-1999 by Internet Software Consortium.
@@ -346,6 +346,3 @@ index 0000000..95da284
 +	return (tarindex);
 +}
 +
--- 
-2.14.1
-
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/0002-adb-Musl-fixes.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0006-adb-Musl-fixes.patch
index c7aebb641..b5d383f38 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/0002-adb-Musl-fixes.patch
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0006-adb-Musl-fixes.patch
@@ -1,7 +1,7 @@
-From f8653ed0ede4aa781ab758fcd44fdc05ffbe0b0a Mon Sep 17 00:00:00 2001
+From 62d957a1271c88ec08d67984fbe31601f0bd41a9 Mon Sep 17 00:00:00 2001
 From: Khem Raj <raj.khem@gmail.com>
 Date: Fri, 15 Sep 2017 15:50:57 -0700
-Subject: [PATCH 2/2] adb: Musl fixes
+Subject: [PATCH] adb: Musl fixes
 
 __nonnull is gcc specific
 include sys/types.h for size_t
@@ -9,16 +9,16 @@ Do not redefine close() and lseek()
 
 Signed-off-by: Khem Raj <raj.khem@gmail.com>
 ---
- system/core/adb/adb.h                    |  2 ++
- system/core/adb/disable_verity_service.c | 13 ++++++++-----
- system/core/adb/framebuffer_service.c    |  7 ++++---
- system/core/adb/sysdeps.h                | 12 ++++++------
+ adb/adb.h                    |  2 ++
+ adb/disable_verity_service.c | 13 ++++++++-----
+ adb/framebuffer_service.c    |  7 ++++---
+ adb/sysdeps.h                | 12 ++++++------
  4 files changed, 20 insertions(+), 14 deletions(-)
 
-diff --git a/system/core/adb/adb.h b/system/core/adb/adb.h
-index 44e5981..bcdc49f 100644
---- a/system/core/adb/adb.h
-+++ b/system/core/adb/adb.h
+diff --git a/adb/adb.h b/adb/adb.h
+index 44e5981bdc..bcdc49f63c 100644
+--- a/adb/adb.h
++++ b/adb/adb.h
 @@ -18,7 +18,9 @@
  #define __ADB_H
  
@@ -29,10 +29,10 @@ index 44e5981..bcdc49f 100644
  #include "adb_trace.h"
  #include "transport.h"  /* readx(), writex() */
  
-diff --git a/system/core/adb/disable_verity_service.c b/system/core/adb/disable_verity_service.c
-index ed3da52..29fa3d6 100644
---- a/system/core/adb/disable_verity_service.c
-+++ b/system/core/adb/disable_verity_service.c
+diff --git a/adb/disable_verity_service.c b/adb/disable_verity_service.c
+index ed3da52108..29fa3d65a9 100644
+--- a/adb/disable_verity_service.c
++++ b/adb/disable_verity_service.c
 @@ -14,25 +14,28 @@
   * limitations under the License.
   */
@@ -67,10 +67,10 @@ index ed3da52..29fa3d6 100644
  static void write_console(int fd, const char* format, ...)
  {
      char buffer[256];
-diff --git a/system/core/adb/framebuffer_service.c b/system/core/adb/framebuffer_service.c
-index 8cbe840..8f0ccfb 100644
---- a/system/core/adb/framebuffer_service.c
-+++ b/system/core/adb/framebuffer_service.c
+diff --git a/adb/framebuffer_service.c b/adb/framebuffer_service.c
+index 8cbe8403cc..8f0ccfb7aa 100644
+--- a/adb/framebuffer_service.c
++++ b/adb/framebuffer_service.c
 @@ -14,6 +14,10 @@
   * limitations under the License.
   */
@@ -92,10 +92,10 @@ index 8cbe840..8f0ccfb 100644
  #include <linux/fb.h>
  #include <sys/ioctl.h>
  #include <sys/mman.h>
-diff --git a/system/core/adb/sysdeps.h b/system/core/adb/sysdeps.h
-index cc1f839..ea39ac3 100644
---- a/system/core/adb/sysdeps.h
-+++ b/system/core/adb/sysdeps.h
+diff --git a/adb/sysdeps.h b/adb/sysdeps.h
+index cc1f839e9f..ea39ac39cc 100644
+--- a/adb/sysdeps.h
++++ b/adb/sysdeps.h
 @@ -123,8 +123,8 @@ static __inline__ int  unix_close(int fd)
  {
      return close(fd);
@@ -129,6 +129,3 @@ index cc1f839..ea39ac3 100644
  
  static __inline__  int    adb_unlink(const char*  path)
  {
--- 
-2.14.1
-
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0007-adb-usb_linux.c-fix-build-with-glibc-2.28.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0007-adb-usb_linux.c-fix-build-with-glibc-2.28.patch
new file mode 100644
index 000000000..e02a95687
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0007-adb-usb_linux.c-fix-build-with-glibc-2.28.patch
@@ -0,0 +1,24 @@
+From de393bba41c8feff932c77d6c30233945f380d42 Mon Sep 17 00:00:00 2001
+From: Martin Jansa <Martin.Jansa@gmail.com>
+Date: Sat, 11 Aug 2018 13:23:37 +0000
+Subject: [PATCH] adb: usb_linux.c: fix build with glibc-2.28
+
+* include sysmacros for major, minor
+
+Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
+---
+ adb/usb_linux.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/adb/usb_linux.c b/adb/usb_linux.c
+index f16bdd0361..c8a7732441 100644
+--- a/adb/usb_linux.c
++++ b/adb/usb_linux.c
+@@ -22,6 +22,7 @@
+ #include <sys/ioctl.h>
+ #include <sys/types.h>
+ #include <sys/time.h>
++#include <sys/sysmacros.h>
+ #include <dirent.h>
+ #include <fcntl.h>
+ #include <errno.h>
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0008-adb-Allow-adbd-to-be-ran-as-root.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0008-adb-Allow-adbd-to-be-ran-as-root.patch
new file mode 100644
index 000000000..7d223e05f
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0008-adb-Allow-adbd-to-be-ran-as-root.patch
@@ -0,0 +1,21 @@
+From 3a788e9168c9b9eac66c4fa479413f4a95c61be4 Mon Sep 17 00:00:00 2001
+From: Florent Revest <revestflo@gmail.com>
+Date: Mon, 30 Oct 2017 21:05:46 +0100
+Subject: [PATCH] adb: Allow adbd to be ran as root
+
+---
+ adb/adb.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/adb/adb.c b/adb/adb.c
+index 027edd9359..e0f7ecde45 100644
+--- a/adb/adb.c
++++ b/adb/adb.c
+@@ -1271,6 +1271,7 @@ static int should_drop_privileges() {
+     int secure = 0;
+     char value[PROPERTY_VALUE_MAX];
+ 
++    return 0;
+    /* run adbd in secure mode if ro.secure is set and
+     ** we are not in the emulator
+     */
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/mkbootimg-Add-dt-parameter-to-specify-DT-image.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0009-mkbootimg-Add-dt-parameter-to-specify-DT-image.patch
index 35bb766a7..a4dc6e1e3 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/mkbootimg-Add-dt-parameter-to-specify-DT-image.patch
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0009-mkbootimg-Add-dt-parameter-to-specify-DT-image.patch
@@ -1,21 +1,21 @@
-From cc5e7b02a3be57709a1aed6e34be100b82a71620 Mon Sep 17 00:00:00 2001
+From dd195778a9930b7967b21a3b8eb390b70253dbad Mon Sep 17 00:00:00 2001
 From: David Ng <dave@codeaurora.org>
 Date: Fri, 27 Jul 2012 17:15:03 -0700
-Subject: [PATCH 1/2] mkbootimg: Add --dt parameter to specify DT image
+Subject: [PATCH] mkbootimg: Add --dt parameter to specify DT image
 
 New optional --dt parameter to specify a kernel device
 tree image.
 
-Change-Id: Ie29a11cbf4138426bfd19ae486d69a5fcbd8f442
-
 Upstream-Status: Inappropriate
 ---
- system/core/mkbootimg/bootimg.h   |    7 +++++--
- system/core/mkbootimg/mkbootimg.c |   21 +++++++++++++++++++++
+ mkbootimg/bootimg.h   |  7 +++++--
+ mkbootimg/mkbootimg.c | 21 +++++++++++++++++++++
  2 files changed, 26 insertions(+), 2 deletions(-)
 
---- a/system/core/mkbootimg/bootimg.h
-+++ b/system/core/mkbootimg/bootimg.h
+diff --git a/mkbootimg/bootimg.h b/mkbootimg/bootimg.h
+index 9171d85a7b..308c537d6b 100644
+--- a/mkbootimg/bootimg.h
++++ b/mkbootimg/bootimg.h
 @@ -41,8 +41,8 @@ struct boot_img_hdr
  
      unsigned tags_addr;    /* physical addr for kernel tags */
@@ -41,8 +41,10 @@ Upstream-Status: Inappropriate
  **
  ** 0. all entities are page_size aligned in flash
  ** 1. kernel and ramdisk are required (size != 0)
---- a/system/core/mkbootimg/mkbootimg.c
-+++ b/system/core/mkbootimg/mkbootimg.c
+diff --git a/mkbootimg/mkbootimg.c b/mkbootimg/mkbootimg.c
+index fc92b4dc30..658052cdf2 100644
+--- a/mkbootimg/mkbootimg.c
++++ b/mkbootimg/mkbootimg.c
 @@ -65,6 +65,7 @@ int usage(void)
              "       [ --board <boardname> ]\n"
              "       [ --base <address> ]\n"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0010-Use-linux-capability.h-on-linux-systems-too.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0010-Use-linux-capability.h-on-linux-systems-too.patch
new file mode 100644
index 000000000..2c607ff67
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0010-Use-linux-capability.h-on-linux-systems-too.patch
@@ -0,0 +1,23 @@
+From ef743c9c3c7452ae904a5c343ee2b759ab3a87cb Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Lo=C3=AFc=20Minier?= <loic.minier@ubuntu.com>
+Date: Wed, 7 Sep 2016 12:58:47 +0300
+Subject: [PATCH] Use linux/capability.h on linux systems too
+
+Upstream-Status: Inappropriate
+---
+ include/private/android_filesystem_config.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/include/private/android_filesystem_config.h b/include/private/android_filesystem_config.h
+index 2f528b95c8..3e0b00928e 100644
+--- a/include/private/android_filesystem_config.h
++++ b/include/private/android_filesystem_config.h
+@@ -27,7 +27,7 @@
+ #include <sys/types.h>
+ #include <stdint.h>
+ 
+-#ifdef HAVE_ANDROID_OS
++#if defined(HAVE_ANDROID_OS) || defined(__linux__)
+ #include <linux/capability.h>
+ #else
+ #include "android_filesystem_capability.h"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/remove-bionic-android.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0011-Remove-bionic-specific-calls.patch
index e933724cf..5b18f461a 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/remove-bionic-android.patch
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0011-Remove-bionic-specific-calls.patch
@@ -1,15 +1,19 @@
-Description: remove bionic specific calls
-Author: Fathi Boudra <fabo@debian.org>
+From 9eff8799831961c0edf6e37e5d4cbf43baa7c748 Mon Sep 17 00:00:00 2001
+From: Fathi Boudra <fabo@debian.org>
+Date: Wed, 7 Sep 2016 12:58:47 +0300
+Subject: [PATCH] Remove bionic specific calls
 
 Upstream-Status: Inappropriate
 ---
- system/core/include/cutils/properties.h |    1 -
- system/core/libcutils/properties.c      |    2 +-
- system/core/liblog/logd_write.c         |    5 +++++
+ include/cutils/properties.h | 1 -
+ libcutils/properties.c      | 2 +-
+ liblog/logd_write.c         | 5 +++++
  3 files changed, 6 insertions(+), 2 deletions(-)
 
---- a/system/core/include/cutils/properties.h
-+++ b/system/core/include/cutils/properties.h
+diff --git a/include/cutils/properties.h b/include/cutils/properties.h
+index 798db8b36f..7d01f28d6e 100644
+--- a/include/cutils/properties.h
++++ b/include/cutils/properties.h
 @@ -19,7 +19,6 @@
  
  #include <sys/cdefs.h>
@@ -18,8 +22,26 @@ Upstream-Status: Inappropriate
  #include <stdint.h>
  
  #ifdef __cplusplus
---- a/system/core/liblog/logd_write.c
-+++ b/system/core/liblog/logd_write.c
+diff --git a/libcutils/properties.c b/libcutils/properties.c
+index b283658aa4..4151e7882c 100644
+--- a/libcutils/properties.c
++++ b/libcutils/properties.c
+@@ -104,10 +104,10 @@ int32_t property_get_int32(const char *key, int32_t default_value) {
+     return (int32_t)property_get_imax(key, INT32_MIN, INT32_MAX, default_value);
+ }
+ 
++#undef HAVE_LIBC_SYSTEM_PROPERTIES
+ #ifdef HAVE_LIBC_SYSTEM_PROPERTIES
+ 
+ #define _REALLY_INCLUDE_SYS__SYSTEM_PROPERTIES_H_
+-#include <sys/_system_properties.h>
+ 
+ int property_set(const char *key, const char *value)
+ {
+diff --git a/liblog/logd_write.c b/liblog/logd_write.c
+index b2668cedb7..f5a44fe901 100644
+--- a/liblog/logd_write.c
++++ b/liblog/logd_write.c
 @@ -23,6 +23,7 @@
  #include <stdlib.h>
  #include <string.h>
@@ -28,7 +50,7 @@ Upstream-Status: Inappropriate
  #include <sys/types.h>
  #if (FAKE_LOG_DEVICE == 0)
  #include <sys/socket.h>
-@@ -205,7 +206,11 @@ static int __write_to_log_kernel(log_id_
+@@ -205,7 +206,11 @@ static int __write_to_log_kernel(log_id_t log_id, struct iovec *vec, size_t nr)
      realtime_ts.tv_nsec = ts.tv_nsec;
  
      log_id_buf = log_id;
@@ -40,28 +62,3 @@ Upstream-Status: Inappropriate
  
      newVec[0].iov_base   = (unsigned char *) &log_id_buf;
      newVec[0].iov_len    = sizeof_log_id_t;
---- a/system/core/libcutils/properties.c
-+++ b/system/core/libcutils/properties.c
-@@ -104,10 +104,10 @@ int32_t property_get_int32(const char *k
-     return (int32_t)property_get_imax(key, INT32_MIN, INT32_MAX, default_value);
- }
- 
-+#undef HAVE_LIBC_SYSTEM_PROPERTIES
- #ifdef HAVE_LIBC_SYSTEM_PROPERTIES
- 
- #define _REALLY_INCLUDE_SYS__SYSTEM_PROPERTIES_H_
--#include <sys/_system_properties.h>
- 
- int property_set(const char *key, const char *value)
- {
---- a/external/libselinux/src/procattr.c
-+++ b/external/libselinux/src/procattr.c
-@@ -8,7 +8,7 @@
- #include "selinux_internal.h"
- #include "policy.h"
- 
--#ifdef HOST
-+#ifndef __BIONIC__
- static pid_t gettid(void)
- {
- 	return syscall(__NR_gettid);
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0012-Fix-implicit-declaration-of-stlcat-strlcopy-function.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0012-Fix-implicit-declaration-of-stlcat-strlcopy-function.patch
new file mode 100644
index 000000000..b0feb6592
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/core/0012-Fix-implicit-declaration-of-stlcat-strlcopy-function.patch
@@ -0,0 +1,50 @@
+From cd4525d760c6f88c9bf85f7bf488da79cd0d3264 Mon Sep 17 00:00:00 2001
+From: Fathi Boudra <fabo@debian.org>
+Date: Wed, 7 Sep 2016 12:58:47 +0300
+Subject: [PATCH] Fix implicit declaration of stlcat/strlcopy functions
+
+Upstream-Status: Inappropriate
+---
+ adb/adb.c                | 1 +
+ fs_mgr/fs_mgr_fstab.c    | 2 +-
+ include/cutils/sockets.h | 2 +-
+ 3 files changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/adb/adb.c b/adb/adb.c
+index e0f7ecde45..aaefd9b401 100644
+--- a/adb/adb.c
++++ b/adb/adb.c
+@@ -41,6 +41,7 @@
+ #include <sys/prctl.h>
+ #include <getopt.h>
+ #include <selinux/selinux.h>
++#include <grp.h>
+ #else
+ #include "usb_vendors.h"
+ #endif
+diff --git a/fs_mgr/fs_mgr_fstab.c b/fs_mgr/fs_mgr_fstab.c
+index edd9591164..9ddb4643b5 100644
+--- a/fs_mgr/fs_mgr_fstab.c
++++ b/fs_mgr/fs_mgr_fstab.c
+@@ -17,7 +17,7 @@
+ #include <ctype.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+-#include <string.h>
++#include <bsd/string.h>
+ #include <sys/mount.h>
+ 
+ #include "fs_mgr_priv.h"
+diff --git a/include/cutils/sockets.h b/include/cutils/sockets.h
+index daf43ec944..d3270c69e7 100644
+--- a/include/cutils/sockets.h
++++ b/include/cutils/sockets.h
+@@ -19,7 +19,7 @@
+ 
+ #include <errno.h>
+ #include <stdlib.h>
+-#include <string.h>
++#include <bsd/string.h>
+ #include <stdbool.h>
+ 
+ #ifdef HAVE_WINSOCK
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/define-shell-command.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/define-shell-command.patch
deleted file mode 100644
index 8381967c4..000000000
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/define-shell-command.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-Description: we intend to run on Linux system so the shell is always /bin/sh,
-             for the host or the target.
-Author: Fathi Boudra <fabo@debian.org>
-
-Upstream-Status: Inappropriate
----
- system/core/adb/services.c |    4 ----
- 1 file changed, 4 deletions(-)
-
---- a/system/core/adb/services.c
-+++ b/system/core/adb/services.c
-@@ -299,11 +299,7 @@ static int create_subproc_raw(const char
- }
- #endif  /* !ABD_HOST */
- 
--#if ADB_HOST
- #define SHELL_COMMAND "/bin/sh"
--#else
--#define SHELL_COMMAND "/system/bin/sh"
--#endif
- 
- #if !ADB_HOST
- static void subproc_waiter_service(int fd, void *cookie)
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/extras/0001-ext4_utils-remove-selinux-extensions.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/extras/0001-ext4_utils-remove-selinux-extensions.patch
new file mode 100644
index 000000000..4a19a5d65
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/extras/0001-ext4_utils-remove-selinux-extensions.patch
@@ -0,0 +1,39 @@
+From 354604da9d152f1931e91991d3f34197fc8fc759 Mon Sep 17 00:00:00 2001
+From: Sergio Schvezov <sergio.schvezov@canonical.com>
+Date: Tue, 2 Oct 2018 16:36:54 +0000
+Subject: [PATCH] ext4_utils: remove selinux extensions
+
+* drop useless includes of Android SELINUX extensions
+* avoids having to clone another module
+* this should be sent upstream
+
+Upstream-Status: Inappropriate
+---
+ ext4_utils/make_ext4fs.c      | 1 -
+ ext4_utils/make_ext4fs_main.c | 1 -
+ 2 files changed, 2 deletions(-)
+
+diff --git a/ext4_utils/make_ext4fs.c b/ext4_utils/make_ext4fs.c
+index 2f89ae8a0..732afbed7 100644
+--- a/ext4_utils/make_ext4fs.c
++++ b/ext4_utils/make_ext4fs.c
+@@ -62,7 +62,6 @@
+ 
+ #include <selinux/selinux.h>
+ #include <selinux/label.h>
+-#include <selinux/android.h>
+ 
+ #define O_BINARY 0
+ 
+diff --git a/ext4_utils/make_ext4fs_main.c b/ext4_utils/make_ext4fs_main.c
+index a6c5f6160..f8e7b9da9 100644
+--- a/ext4_utils/make_ext4fs_main.c
++++ b/ext4_utils/make_ext4fs_main.c
+@@ -32,7 +32,6 @@
+ #ifndef USE_MINGW
+ #include <selinux/selinux.h>
+ #include <selinux/label.h>
+-#include <selinux/android.h>
+ #else
+ struct selabel_handle;
+ #endif
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/preserve-ownership.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/extras/0002-ext4_utils-add-o-argument-to-preserve-ownership.patch
index 5c9039719..3b50ffbf3 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/preserve-ownership.patch
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/extras/0002-ext4_utils-add-o-argument-to-preserve-ownership.patch
@@ -1,24 +1,21 @@
-From aa669312a380611d280d126cb509fa282080707e Mon Sep 17 00:00:00 2001
+From b9254539811ce912bfd16dd1d185eba7a10cceff Mon Sep 17 00:00:00 2001
 From: Markus Mayer <mmayer@mmayer.net>
 Date: Wed, 7 Sep 2016 12:58:47 +0300
-Subject: [PATCH] android-tools: add recipe from AOSP tag android-5.1.1_r37
-
-Description: add -o argument to preserve ownership
+Subject: [PATCH] ext4_utils: add -o argument to preserve ownership
 
 See also https://android-review.googlesource.com/#/c/100312/
 
 Upstream-Status: Inappropriate
-
 ---
  ext4_utils/make_ext4fs.c      |  6 ++++++
  ext4_utils/make_ext4fs_main.c | 10 ++++++++--
  2 files changed, 14 insertions(+), 2 deletions(-)
 
 diff --git a/ext4_utils/make_ext4fs.c b/ext4_utils/make_ext4fs.c
-index 2f89ae8a..cc41d623 100644
+index 732afbed7..2cbf04399 100644
 --- a/ext4_utils/make_ext4fs.c
 +++ b/ext4_utils/make_ext4fs.c
-@@ -68,6 +68,8 @@
+@@ -67,6 +67,8 @@
  
  #endif
  
@@ -27,7 +24,7 @@ index 2f89ae8a..cc41d623 100644
  /* TODO: Not implemented:
     Allocating blocks in the same block group as the file inode
     Hash or binary tree directories
-@@ -186,6 +188,10 @@ static u32 build_directory_structure(const char *full_path, const char *dir_path
+@@ -185,6 +187,10 @@ static u32 build_directory_structure(const char *full_path, const char *dir_path
  		} else {
  			dentries[i].mtime = fixed_time;
  		}
@@ -39,10 +36,10 @@ index 2f89ae8a..cc41d623 100644
  		if (fs_config_func != NULL) {
  #ifdef ANDROID
 diff --git a/ext4_utils/make_ext4fs_main.c b/ext4_utils/make_ext4fs_main.c
-index a6c5f616..7af0dddf 100644
+index f8e7b9da9..e82d43277 100644
 --- a/ext4_utils/make_ext4fs_main.c
 +++ b/ext4_utils/make_ext4fs_main.c
-@@ -48,13 +48,15 @@ struct selabel_handle;
+@@ -47,13 +47,15 @@ struct selabel_handle;
  extern struct fs_info info;
  
  
@@ -59,7 +56,7 @@ index a6c5f616..7af0dddf 100644
  	fprintf(stderr, "    <filename> [<directory>]\n");
  }
  
-@@ -80,7 +82,7 @@ int main(int argc, char **argv)
+@@ -79,7 +81,7 @@ int main(int argc, char **argv)
  	struct selinux_opt seopts[] = { { SELABEL_OPT_PATH, "" } };
  #endif
  
@@ -68,7 +65,7 @@ index a6c5f616..7af0dddf 100644
  		switch (opt) {
  		case 'l':
  			info.len = parse_num(optarg);
-@@ -143,6 +145,10 @@ int main(int argc, char **argv)
+@@ -142,6 +144,10 @@ int main(int argc, char **argv)
  			}
  #endif
  			break;
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/.gitignore b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/gitignore
index b034c10a1..b034c10a1 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/.gitignore
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/gitignore
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/implicit-declaration-function-strlcat-strlcopy.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/implicit-declaration-function-strlcat-strlcopy.patch
deleted file mode 100644
index 64db6168c..000000000
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/implicit-declaration-function-strlcat-strlcopy.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-Description: fix implicit declaration of stlcat/strlcopy functions.
-Author: Fathi Boudra <fabo@debian.org>
-
-Upstream-Status: Inappropriate
----
- system/core/adb/adb.c                |    1 +
- system/core/fs_mgr/fs_mgr_fstab.c    |    2 +-
- system/core/include/cutils/sockets.h |    2 +-
- 3 files changed, 3 insertions(+), 2 deletions(-)
-
---- a/system/core/fs_mgr/fs_mgr_fstab.c
-+++ b/system/core/fs_mgr/fs_mgr_fstab.c
-@@ -17,7 +17,7 @@
- #include <ctype.h>
- #include <stdio.h>
- #include <stdlib.h>
--#include <string.h>
-+#include <bsd/string.h>
- #include <sys/mount.h>
- 
- #include "fs_mgr_priv.h"
---- a/system/core/include/cutils/sockets.h
-+++ b/system/core/include/cutils/sockets.h
-@@ -19,7 +19,7 @@
- 
- #include <errno.h>
- #include <stdlib.h>
--#include <string.h>
-+#include <bsd/string.h>
- #include <stdbool.h>
- 
- #ifdef HAVE_WINSOCK
---- a/system/core/adb/adb.c
-+++ b/system/core/adb/adb.c
-@@ -41,6 +41,7 @@
- #include <sys/prctl.h>
- #include <getopt.h>
- #include <selinux/selinux.h>
-+#include <grp.h>
- #else
- #include "usb_vendors.h"
- #endif
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/libselinux/0001-Remove-bionic-specific-calls.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/libselinux/0001-Remove-bionic-specific-calls.patch
new file mode 100644
index 000000000..9de2593df
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/libselinux/0001-Remove-bionic-specific-calls.patch
@@ -0,0 +1,25 @@
+From 36654a4484117e5f4d63a810c0d94bc9c7ee3a83 Mon Sep 17 00:00:00 2001
+From: Fathi Boudra <fabo@debian.org>
+Date: Tue, 2 Oct 2018 16:36:54 +0000
+Subject: [PATCH] Remove bionic specific calls
+
+Upstream-Status: Inappropriate
+
+Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
+---
+ src/procattr.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/procattr.c b/src/procattr.c
+index f350808..761cf8e 100644
+--- a/src/procattr.c
++++ b/src/procattr.c
+@@ -8,7 +8,7 @@
+ #include "selinux_internal.h"
+ #include "policy.h"
+ 
+-#ifdef HOST
++#ifndef __BIONIC__
+ static pid_t gettid(void)
+ {
+ 	return syscall(__NR_gettid);
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/remove-selinux-android.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/remove-selinux-android.patch
deleted file mode 100644
index d4a37f82b..000000000
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/remove-selinux-android.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-Subject: drop useless includes of Android SELINUX extensions; avoids having to clone another module; this should be sent upstream
-Author: Sergio Schvezov <sergio.schvezov@canonical.com>
-
-Upstream-Status: Inappropriate
----
- system/core/adb/file_sync_service.c         |    3 ---
- system/extras/ext4_utils/make_ext4fs.c      |    1 -
- system/extras/ext4_utils/make_ext4fs_main.c |    1 -
- 3 files changed, 5 deletions(-)
-
---- a/system/extras/ext4_utils/make_ext4fs.c
-+++ b/system/extras/ext4_utils/make_ext4fs.c
-@@ -62,7 +62,6 @@
- 
- #include <selinux/selinux.h>
- #include <selinux/label.h>
--#include <selinux/android.h>
- 
- #define O_BINARY 0
- 
---- a/system/extras/ext4_utils/make_ext4fs_main.c
-+++ b/system/extras/ext4_utils/make_ext4fs_main.c
-@@ -32,7 +32,6 @@
- #ifndef USE_MINGW
- #include <selinux/selinux.h>
- #include <selinux/label.h>
--#include <selinux/android.h>
- #else
- struct selabel_handle;
- #endif
---- a/system/core/adb/file_sync_service.c
-+++ b/system/core/adb/file_sync_service.c
-@@ -26,7 +26,6 @@
- 
- #include <errno.h>
- #include <private/android_filesystem_config.h>
--#include <selinux/android.h>
- #include "sysdeps.h"
- 
- #define TRACE_TAG  TRACE_SYNC
-@@ -73,7 +72,6 @@ static int mkdirs(char *name)
-                 *x = '/';
-                 return ret;
-             }
--            selinux_android_restorecon(name, 0);
-         }
-         *x++ = '/';
-     }
-@@ -251,7 +249,6 @@ static int handle_send_file(int s, char
-     if(fd >= 0) {
-         struct utimbuf u;
-         adb_close(fd);
--        selinux_android_restorecon(path, 0);
-         u.actime = timestamp;
-         u.modtime = timestamp;
-         utime(path, &u);
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/use-capability.patch b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/use-capability.patch
deleted file mode 100644
index b8ebe09dc..000000000
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools/use-capability.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-Subject: use linux/capability.h on linux systems too
-Author: Loïc Minier <loic.minier@ubuntu.com>
-
-Upstream-Status: Inappropriate
----
- system/core/include/private/android_filesystem_config.h |    2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/system/core/include/private/android_filesystem_config.h
-+++ b/system/core/include/private/android_filesystem_config.h
-@@ -27,7 +27,7 @@
- #include <sys/types.h>
- #include <stdint.h>
- 
--#ifdef HAVE_ANDROID_OS
-+#if defined(HAVE_ANDROID_OS) || defined(__linux__)
- #include <linux/capability.h>
- #else
- #include "android_filesystem_capability.h"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb
index 780ecaa11..2604f65e1 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb
@@ -7,14 +7,10 @@ LIC_FILES_CHKSUM = " \
     file://${COMMON_LICENSE_DIR}/BSD-2-Clause;md5=8bef8e6712b1be5aa76af1ebde9d6378 \
     file://${COMMON_LICENSE_DIR}/BSD-3-Clause;md5=550794465ba0ec5312d6919e203a55f9 \
 "
-DEPENDS = "libbsd libpcre openssl zlib libcap"
+DEPENDS = "libbsd libpcre zlib libcap"
+DEPENDS_append_class-target = " openssl10"
 
 ANDROID_MIRROR = "android.googlesource.com"
-CORE_REPO = "${ANDROID_MIRROR}/platform/system/core"
-EXTRAS_REPO = "${ANDROID_MIRROR}/platform/system/extras"
-LIBHARDWARE_REPO = "${ANDROID_MIRROR}/platform/hardware/libhardware"
-LIBSELINUX_REPO = "${ANDROID_MIRROR}/platform/external/libselinux"
-BUILD_REPO = "${ANDROID_MIRROR}/platform/build"
 
 # matches with android-5.1.1_r37
 SRCREV_core = "2314b110bdebdbfd2d94c502282f9e57c849897e"
@@ -24,24 +20,28 @@ SRCREV_libselinux = "07e9e1339ad1ba608acfba9dce2d0f474b252feb"
 SRCREV_build = "16e987def3d7d8f7d30805eb95cef69e52a87dbc"
 
 SRC_URI = " \
-    git://${CORE_REPO};name=core;protocol=https;nobranch=1;destsuffix=git/system/core \
-    git://${EXTRAS_REPO};name=extras;protocol=https;nobranch=1;destsuffix=git/system/extras \
-    git://${LIBHARDWARE_REPO};name=libhardware;protocol=https;nobranch=1;destsuffix=git/hardware/libhardware \
-    git://${LIBSELINUX_REPO};name=libselinux;protocol=https;nobranch=1;destsuffix=git/external/libselinux \
-    git://${BUILD_REPO};name=build;protocol=https;nobranch=1;destsuffix=git/build \
-    file://remove-selinux-android.patch \
-    file://use-capability.patch \
-    file://use-local-socket.patch \
-    file://preserve-ownership.patch;patchdir=system/extras \
-    file://mkbootimg-Add-dt-parameter-to-specify-DT-image.patch \
-    file://remove-bionic-android.patch \
-    file://define-shell-command.patch \
-    file://implicit-declaration-function-strlcat-strlcopy.patch \
-    file://fix-big-endian-build.patch \
-    file://0001-add-base64-implementation.patch \
-    file://0002-adb-Musl-fixes.patch \
+    git://${ANDROID_MIRROR}/platform/system/core;name=core;protocol=https;nobranch=1;destsuffix=git/system/core \
+    git://${ANDROID_MIRROR}/platform/system/extras;name=extras;protocol=https;nobranch=1;destsuffix=git/system/extras \
+    git://${ANDROID_MIRROR}/platform/hardware/libhardware;name=libhardware;protocol=https;nobranch=1;destsuffix=git/hardware/libhardware \
+    git://${ANDROID_MIRROR}/platform/external/libselinux;name=libselinux;protocol=https;nobranch=1;destsuffix=git/external/libselinux \
+    git://${ANDROID_MIRROR}/platform/build;name=build;protocol=https;nobranch=1;destsuffix=git/build \
+    file://core/0001-adb-remove-selinux-extensions.patch;patchdir=system/core \
+    file://core/0002-adb-Use-local-sockets-where-appropriate.patch;patchdir=system/core \
+    file://core/0003-adb-define-shell-command.patch;patchdir=system/core \
+    file://core/0004-adb-Fix-build-on-big-endian-systems.patch;patchdir=system/core \
+    file://core/0005-adb-add-base64-implementation.patch;patchdir=system/core \
+    file://core/0006-adb-Musl-fixes.patch;patchdir=system/core \
+    file://core/0007-adb-usb_linux.c-fix-build-with-glibc-2.28.patch;patchdir=system/core \
+    file://core/0008-adb-Allow-adbd-to-be-ran-as-root.patch;patchdir=system/core \
+    file://core/0009-mkbootimg-Add-dt-parameter-to-specify-DT-image.patch;patchdir=system/core \
+    file://core/0010-Use-linux-capability.h-on-linux-systems-too.patch;patchdir=system/core \
+    file://core/0011-Remove-bionic-specific-calls.patch;patchdir=system/core \
+    file://core/0012-Fix-implicit-declaration-of-stlcat-strlcopy-function.patch;patchdir=system/core \
+    file://extras/0001-ext4_utils-remove-selinux-extensions.patch;patchdir=system/extras \
+    file://extras/0002-ext4_utils-add-o-argument-to-preserve-ownership.patch;patchdir=system/extras \
+    file://libselinux/0001-Remove-bionic-specific-calls.patch;patchdir=external/libselinux \
     file://android-tools-adbd.service \
-    file://.gitignore;subdir=git \
+    file://gitignore \
     file://adb.mk;subdir=${BPN} \
     file://adbd.mk;subdir=${BPN} \
     file://ext4_utils.mk;subdir=${BPN} \
@@ -49,6 +49,7 @@ SRC_URI = " \
     file://mkbootimg.mk;subdir=${BPN} \
 "
 
+
 S = "${WORKDIR}/git"
 B = "${WORKDIR}/${BPN}"
 
@@ -71,6 +72,8 @@ TOOLS_class-native = "fastboot ext4_utils mkbootimg"
 TOOLS_class-nativesdk = "fastboot ext4_utils mkbootimg"
 
 do_compile() {
+    cp ${WORKDIR}/gitignore ${S}/.gitignore
+
     # Setting both variables below causing our makefiles to not work with
     # implicit make rules
     unset CFLAGS
diff --git a/meta-openembedded/meta-oe/recipes-devtools/breakpad/breakpad/0001-disable-calls-to-getcontext-with-musl.patch b/meta-openembedded/meta-oe/recipes-devtools/breakpad/breakpad/0001-disable-calls-to-getcontext-with-musl.patch
index c762754ad..bc79727ed 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/breakpad/breakpad/0001-disable-calls-to-getcontext-with-musl.patch
+++ b/meta-openembedded/meta-oe/recipes-devtools/breakpad/breakpad/0001-disable-calls-to-getcontext-with-musl.patch
@@ -8,11 +8,11 @@ Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
  src/client/linux/handler/exception_handler.cc | 17 +++++++++++++++++
  1 file changed, 17 insertions(+)
 
-diff --git a/src/client/linux/handler/exception_handler.cc b/src/client/linux/handler/exception_handler.cc
-index cca023f..f3e460c 100644
---- a/src/client/linux/handler/exception_handler.cc
-+++ b/src/client/linux/handler/exception_handler.cc
-@@ -495,7 +495,19 @@ bool ExceptionHandler::SimulateSignalDelivery(int sig) {
+Index: git/src/client/linux/handler/exception_handler.cc
+===================================================================
+--- git.orig/src/client/linux/handler/exception_handler.cc
++++ git/src/client/linux/handler/exception_handler.cc
+@@ -495,7 +495,19 @@ bool ExceptionHandler::SimulateSignalDel
    siginfo.si_code = SI_USER;
    siginfo.si_pid = getpid();
    ucontext_t context;
@@ -42,11 +42,8 @@ index cca023f..f3e460c 100644
      return false;
 +#else
 +  // Extreme hack - see comments above.
-+  memset (&context.context, 0, sizeof(&context.context));
++  memset (&context.context, 0, sizeof(context.context));
 +#endif
  
  #if defined(__i386__)
    // In CPUFillFromUContext in minidumpwriter.cc the stack pointer is retrieved
--- 
-1.9.1
-
diff --git a/meta-openembedded/meta-oe/recipes-devtools/capnproto/capnproto_0.6.1.bb b/meta-openembedded/meta-oe/recipes-devtools/capnproto/capnproto_0.6.1.bb
index ffbe73fee..6ca3613db 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/capnproto/capnproto_0.6.1.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/capnproto/capnproto_0.6.1.bb
@@ -2,25 +2,23 @@ SUMMARY = "Cap'n Proto serialization/RPC system"
 DESCRIPTION = "Cap’n Proto is an insanely fast data interchange format and capability-based RPC system. "
 HOMEPAGE = "https://github.com/sandstorm-io/capnproto"
 SECTION = "console/tools"
-
 LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://../LICENSE;md5=0a5b5b742baf10cc1c158579eba7fb1d"
 
-SRCREV = "c949a18da5f041a36cc218c5c4b79c7705999b4f"
 SRC_URI = "git://github.com/sandstorm-io/capnproto.git;branch=release-${PV}"
+SRCREV = "c949a18da5f041a36cc218c5c4b79c7705999b4f"
+
+S = "${WORKDIR}/git/c++"
+
+inherit cmake
 
 EXTRA_OECMAKE += "\
     -DBUILD_TESTING=OFF \
 "
 
-inherit cmake
-
-S = "${WORKDIR}/git/c++"
+FILES_${PN}-compiler = "${bindir}"
 
 PACKAGE_BEFORE_PN = "${PN}-compiler"
 RDEPENDS_${PN}-dev += "${PN}-compiler"
 
-FILES_${PN}-dev += "${libdir}/cmake"
-FILES_${PN}-compiler = "${bindir}"
-
 BBCLASSEXTEND = "native nativesdk"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/cpuid/cpuid_20170122.bb b/meta-openembedded/meta-oe/recipes-devtools/cpuid/cpuid_20180519.bb
index 7a70f7576..533a00026 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/cpuid/cpuid_20170122.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/cpuid/cpuid_20180519.bb
@@ -6,17 +6,16 @@ UMC, NexGen, Rise, and SiS CPUs"
 LICENSE = "GPLv2"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263"
 
-SRC_URI = "http://www.etallen.com/${BPN}/${BP}.src.tar.gz"
-SRC_URI[md5sum] = "1c46a6662626c5a6eaca626f23a5a7d7"
-SRC_URI[sha256sum] = "667612aae6704341dd10844e97c84c5c5c8700817a5937a3c293b55013bc4865"
+SRC_URI = "http://www.etallen.com/${BPN}/${BP}.src.tar.gz \
+           "
+SRC_URI[md5sum] = "b3b4e44ef49575043a91def0207dcc76"
+SRC_URI[sha256sum] = "967823be36f23cbc972eb0aa882d069c1d155a5978990ac3bcf425e6a2e7ff9a"
 
 COMPATIBLE_HOST = "(i.86|x86_64).*-linux"
 
 # The install rule from the Makefile has hardcoded paths, so we duplicate
 # the actions to accommodate different paths.
 do_install () {
-    install -d -m755 ${D}/${bindir}
-    install -m755 ${B}/cpuid ${D}/${bindir}/cpuid
-    install -d -m755 ${D}/${mandir}
-    install -m444 ${B}/cpuid.man.gz ${D}/${mandir}
+    install -D -m 0755 ${B}/cpuid ${D}/${bindir}/cpuid
+    install -D -m 0444 ${B}/cpuid.man.gz ${D}/${mandir}
 }
diff --git a/meta-openembedded/meta-oe/recipes-devtools/glade/glade_3.20.2.bb b/meta-openembedded/meta-oe/recipes-devtools/glade/glade_3.22.1.bb
index 95e1737c5..bd4b586f1 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/glade/glade_3.20.2.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/glade/glade_3.22.1.bb
@@ -13,11 +13,11 @@ inherit distro_features_check autotools pkgconfig gnomebase gobject-introspectio
 
 REQUIRED_DISTRO_FEATURES = "x11"
 
-SRC_URI = "http://ftp.gnome.org/pub/GNOME/sources/glade/3.20/glade-${PV}.tar.xz \
+SRC_URI = "http://ftp.gnome.org/pub/GNOME/sources/glade/3.22/glade-${PV}.tar.xz \
            file://remove-yelp-help-rules-var.patch \
           "
-SRC_URI[md5sum] = "d3dd9ba33c7d7c854ab207e1ba844dda"
-SRC_URI[sha256sum] = "07d1545570951aeded20e9fdc6d3d8a56aeefe2538734568c5335be336c6abed"
+SRC_URI[md5sum] = "226802cf3b06861240524805aa6fe6ff"
+SRC_URI[sha256sum] = "dff89a2ef2eaf000ff2a46979978d03cb9202cb04668e01d0ea5c5bb5547e39a"
 
 EXTRA_OECONF += "--disable-man-pages"
 
diff --git a/meta-openembedded/meta-oe/recipes-devtools/json-spirit/json-spirit_4.08.bb b/meta-openembedded/meta-oe/recipes-devtools/json-spirit/json-spirit_4.08.bb
index c7c1ad1ec..d6e42c81d 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/json-spirit/json-spirit_4.08.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/json-spirit/json-spirit_4.08.bb
@@ -9,6 +9,8 @@ PRIORITY = "optional"
 LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=278ef6183dec4aae1524fccc4b0113c9"
 
+DEPENDS = "boost"
+
 SRC_URI = "file://json_spirit_v${PV}.zip \
            file://0001-Adjust-the-cmake-files.patch \
            file://0001-Link-to-libatomic.patch \
@@ -16,10 +18,6 @@ SRC_URI = "file://json_spirit_v${PV}.zip \
 
 S = "${WORKDIR}/json_spirit_v${PV}"
 
-DEPENDS = "boost"
-
 inherit cmake
 
-FILES_${PN}-dev += "${datadir}/cmake/Modules/FindLibJsonSpirit.cmake"
-
 BBCLASSEXTEND = "nativesdk"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/kconfig-frontends/kconfig-frontends_4.11.0.1.bb b/meta-openembedded/meta-oe/recipes-devtools/kconfig-frontends/kconfig-frontends_4.11.0.1.bb
index df08b8b11..de9a6eb99 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/kconfig-frontends/kconfig-frontends_4.11.0.1.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/kconfig-frontends/kconfig-frontends_4.11.0.1.bb
@@ -11,7 +11,7 @@ HOMEPAGE = "http://ymorin.is-a-geek.org/projects/kconfig-frontends"
 LICENSE = "GPL-2.0"
 LIC_FILES_CHKSUM = "file://COPYING;md5=9b8cf60ff39767ff04b671fca8302408"
 SECTION = "devel"
-DEPENDS += "ncurses flex bison gperf-native"
+DEPENDS += "ncurses flex bison gperf-native bison-native"
 RDEPENDS_${PN} += "python3 bash"
 SRC_URI = "git://ymorin.is-a-geek.org/kconfig-frontends;branch=4.11.x \
 	   file://0001-Makefile-ensure-frontends-exits-before-writing-into-.patch \
diff --git a/meta-openembedded/meta-oe/recipes-devtools/lapack/lapack_3.8.0.bb b/meta-openembedded/meta-oe/recipes-devtools/lapack/lapack_3.8.0.bb
new file mode 100644
index 000000000..7544744b3
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/lapack/lapack_3.8.0.bb
@@ -0,0 +1,24 @@
+SUMMARY = "Linear Algebra PACKage"
+URL = "http://www.netlib.org/lapack"
+LICENSE = "BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=930f8aa500a47c7dab0f8efb5a1c9a40"
+
+# Recipe needs FORTRAN support (copied from conf/local.conf.sample.extended)
+# Enabling FORTRAN
+# Note this is not officially supported and is just illustrated here to
+# show an example of how it can be done
+# You'll also need your fortran recipe to depend on libgfortran
+#FORTRAN_forcevariable = ",fortran"
+#RUNTIMETARGET_append_pn-gcc-runtime = " libquadmath"
+
+DEPENDS = "libgfortran"
+
+SRC_URI = "http://www.netlib.org/lapack/lapack-${PV}.tar.gz"
+SRC_URI[md5sum] = "96591affdbf58c450d45c1daa540dbd2"
+SRC_URI[sha256sum] = "deb22cc4a6120bff72621155a9917f485f96ef8319ac074a7afbc68aab88bcf6"
+
+EXTRA_OECMAKE = " -DBUILD_SHARED_LIBS=ON "
+OECMAKE_GENERATOR = "Unix Makefiles"
+
+inherit cmake pkgconfig
+EXCLUDE_FROM_WORLD = "1"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/libedit/libedit_20170329-3.1.bb b/meta-openembedded/meta-oe/recipes-devtools/libedit/libedit_20180525-3.1.bb
index fc2467112..8cc0e959e 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/libedit/libedit_20170329-3.1.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/libedit/libedit_20180525-3.1.bb
@@ -15,7 +15,7 @@ FETCHCMD_wget += "-U bitbake"
 SRC_URI = "http://www.thrysoee.dk/editline/${BPN}-${PV}.tar.gz \
            file://stdc-predef.patch \
           "
-SRC_URI[md5sum] = "c57a0690e62ef523c083598730272cfd"
-SRC_URI[sha256sum] = "91f2d90fbd2a048ff6dad7131d9a39e690fd8a8fd982a353f1333dd4017dd4be"
+SRC_URI[md5sum] = "97679319742f45d6cdcd6075511b14ac"
+SRC_URI[sha256sum] = "c41bea8fd140fb57ba67a98ec1d8ae0b8ffa82f4aba9c35a87e5a9499e653116"
 
 S = "${WORKDIR}/${BPN}-${PV}"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/libfribidi/fribidi_0.19.7.bb b/meta-openembedded/meta-oe/recipes-devtools/libfribidi/fribidi_0.19.7.bb
deleted file mode 100644
index 423a9148a..000000000
--- a/meta-openembedded/meta-oe/recipes-devtools/libfribidi/fribidi_0.19.7.bb
+++ /dev/null
@@ -1,20 +0,0 @@
-SUMMARY = "Fribidi library for bidirectional text"
-SECTION = "libs"
-LICENSE = "LGPLv2.1"
-LIC_FILES_CHKSUM = "file://COPYING;md5=a916467b91076e631dd8edb7424769c7"
-BBCLASSEXTEND = "native"
-
-PROVIDES = "libfribidi"
-DEPENDS = "glib-2.0 libpcre"
-
-inherit autotools lib_package pkgconfig
-
-CFLAGS_append = "  -DPAGE_SIZE=4096 "
-SECURITY_CFLAGS_remove_toolchain-clang = "-D_FORTIFY_SOURCE=2"
-
-SRC_URI = "http://fribidi.org/download/fribidi-${PV}.tar.bz2"
-
-SRC_URI[md5sum] = "6c7e7cfdd39c908f7ac619351c1c5c23"
-SRC_URI[sha256sum] = "08222a6212bbc2276a2d55c3bf370109ae4a35b689acbc66571ad2a670595a8e"
-
-CVE_PRODUCT = "gnu_fribidi"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/librcf/librcf_2.2.0.0.bb b/meta-openembedded/meta-oe/recipes-devtools/librcf/librcf_2.2.0.0.bb
index 267c0e79f..dcd47a4e6 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/librcf/librcf_2.2.0.0.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/librcf/librcf_2.2.0.0.bb
@@ -47,7 +47,6 @@ PACKAGECONFIG[demos] = "-DLIBRCF_BUILD_DEMOS=ON,-DLIBRCF_BUILD_DEMOS=OFF,"
 PACKAGES =+ "${@bb.utils.contains('PACKAGECONFIG', 'demos', '${PN}-demos', '', d)}"
 
 FILES_${PN}-demos = "${bindir}/*"
-FILES_${PN}-dev += "${datadir}/cmake/Modules/FindLibRcf.cmake"
 
 BBCLASSEXTEND = "nativesdk"
 
diff --git a/meta-openembedded/meta-oe/recipes-devtools/log4cplus/log4cplus_1.2.0.bb b/meta-openembedded/meta-oe/recipes-devtools/log4cplus/log4cplus_2.0.2.bb
index 31ab9a69c..d17d15c92 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/log4cplus/log4cplus_1.2.0.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/log4cplus/log4cplus_2.0.2.bb
@@ -4,11 +4,14 @@ HOMEPAGE = "http://sourceforge.net/projects/log4cplus/"
 BUGTRACKER = "http://sourceforge.net/p/log4cplus/bugs/"
 
 LICENSE = "Apache-2.0 & BSD-2-Clause"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=cedaa287ececcb94f9f2880d9c4ef085"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=41e8e060c26822886b592ab4765c756b"
 
 SRC_URI = "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}-stable/${PV}/${BP}.tar.gz"
-SRC_URI[md5sum] = "e250f0f431c0723f8b625323e7b6465d"
-SRC_URI[sha256sum] = "ad5ec3b62f2f0bdc7f06fa398bde61091fd2493e91059e17315b5197420dcf04"
+SRC_URI[md5sum] = "b3bbeb2dc3e170768430cf87583016f8"
+SRC_URI[sha256sum] = "10539f2315271d370c7bc6a2b4808cbe369279837f4539ce5c789e456489fc62"
+
+UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/log4cplus/files/log4cplus-stable/"
+UPSTREAM_CHECK_REGEX = "log4cplus-stable/(?P<pver>\d+(\.\d+)+)/"
 
 inherit autotools pkgconfig
 
diff --git a/meta-openembedded/meta-oe/recipes-devtools/lshw/files/0001-Makefile-Fix-cross-compilation.patch b/meta-openembedded/meta-oe/recipes-devtools/lshw/files/0001-Makefile-Fix-cross-compilation.patch
new file mode 100644
index 000000000..6db6ab95e
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/lshw/files/0001-Makefile-Fix-cross-compilation.patch
@@ -0,0 +1,57 @@
+From 62f9ed95b5d0feab426bff452be793c62a6b795a Mon Sep 17 00:00:00 2001
+From: Krzysztof Kozlowski <krzk@kernel.org>
+Date: Wed, 6 Jun 2018 12:49:21 +0200
+Subject: [PATCH 1/2] Makefile: Fix cross compilation
+
+Allow building on ARMv7 and ARMv8.
+
+Upstream-Status: Submitted
+Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
+---
+ src/Makefile      | 2 +-
+ src/core/Makefile | 2 +-
+ src/gui/Makefile  | 4 ++--
+ 3 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/src/Makefile b/src/Makefile
+index b50586bc9234..654b786dd899 100644
+--- a/src/Makefile
++++ b/src/Makefile
+@@ -18,7 +18,7 @@ export MANDIR
+ export DATADIR
+ export SQLITE
+ 
+-CXX?=c++
++CXX?=$(CROSS_COMPILE)c++
+ INCLUDES=-I./core/
+ DEFINES=-DPREFIX=\"$(PREFIX)\" -DSBINDIR=\"$(SBINDIR)\" -DMANDIR=\"$(MANDIR)\" -DDATADIR=\"$(DATADIR)\"
+ CXXFLAGS=-g -Wall -g $(INCLUDES) $(DEFINES) $(RPM_OPT_FLAGS)
+diff --git a/src/core/Makefile b/src/core/Makefile
+index 5bf5a69cc6a6..2bd1b94c4175 100644
+--- a/src/core/Makefile
++++ b/src/core/Makefile
+@@ -1,6 +1,6 @@
+ PACKAGENAME?=lshw
+ 
+-CXX=c++
++CXX?=$(CROSS_COMPILE)c++
+ INCLUDES=
+ DEFINES=-DPREFIX=\"$(PREFIX)\" -DSBINDIR=\"$(SBINDIR)\" -DMANDIR=\"$(MANDIR)\" -DDATADIR=\"$(DATADIR)\"
+ CXXFLAGS?=-g -Wall $(INCLUDES) $(DEFINES) $(RPM_OPT_FLAGS)
+diff --git a/src/gui/Makefile b/src/gui/Makefile
+index 332ce5704819..b0f925490356 100644
+--- a/src/gui/Makefile
++++ b/src/gui/Makefile
+@@ -1,7 +1,7 @@
+ PACKAGENAME?=lshw
+ 
+-CXX?=c++
+-CC?=cc
++CXX?=$(CROSS_COMPILE)c++
++CC?=$(CROSS_COMPILE)cc
+ STRIP?=strip
+ OBJCOPY?=objcopy
+ 
+-- 
+2.7.4
+
diff --git a/meta-openembedded/meta-oe/recipes-devtools/lshw/files/0002-Makefile-Use-supplied-LDFLAGS-to-silence-OE-GNU_HASH.patch b/meta-openembedded/meta-oe/recipes-devtools/lshw/files/0002-Makefile-Use-supplied-LDFLAGS-to-silence-OE-GNU_HASH.patch
new file mode 100644
index 000000000..d3da01b40
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/lshw/files/0002-Makefile-Use-supplied-LDFLAGS-to-silence-OE-GNU_HASH.patch
@@ -0,0 +1,34 @@
+From 75667f8a0ae4f1689ff03eb1768b1ee8cdfbf00d Mon Sep 17 00:00:00 2001
+From: Krzysztof Kozlowski <krzk@kernel.org>
+Date: Wed, 6 Jun 2018 12:49:30 +0200
+Subject: [PATCH 2/2] Makefile: Use supplied LDFLAGS to silence OE GNU_HASH QA
+ warning
+
+Fix OpenEmbedded/Yocto QA warning:
+
+    ERROR: lshw-02.16-r1 do_package_qa: QA Issue: No GNU_HASH in the elf binary: 'build/tmp/work/cortexa5hf-neon-poky-linux-gnueabi/lshw/02.16-r1/packages-split/lshw/usr/sbin/lshw' [ldflags]
+    ERROR: lshw-02.16-r1 do_package_qa: QA run found fatal errors. Please consider fixing them.
+    ERROR: lshw-02.16-r1 do_package_qa: Function failed: do_package_qa
+
+Upstream-Status: Submitted
+Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
+---
+ src/Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/Makefile b/src/Makefile
+index 654b786dd899..a441ba2bb666 100644
+--- a/src/Makefile
++++ b/src/Makefile
+@@ -25,7 +25,7 @@ CXXFLAGS=-g -Wall -g $(INCLUDES) $(DEFINES) $(RPM_OPT_FLAGS)
+ ifeq ($(SQLITE), 1)
+ 	CXXFLAGS+= -DSQLITE $(shell pkg-config --cflags sqlite3)
+ endif
+-LDFLAGS=-L./core/ -g
++LDFLAGS+=-L./core/ -g
+ ifneq ($(shell $(LD) --help 2| grep -- --as-needed), )
+ 	LDFLAGS+= -Wl,--as-needed
+ endif
+-- 
+2.7.4
+
diff --git a/meta-openembedded/meta-oe/recipes-devtools/lshw/files/0003-sysfs-Fix-basename-build-with-musl.patch b/meta-openembedded/meta-oe/recipes-devtools/lshw/files/0003-sysfs-Fix-basename-build-with-musl.patch
new file mode 100644
index 000000000..34924939d
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/lshw/files/0003-sysfs-Fix-basename-build-with-musl.patch
@@ -0,0 +1,92 @@
+From a89f2ba8496994c8b5e28a89202df15d64c648f9 Mon Sep 17 00:00:00 2001
+From: Krzysztof Kozlowski <krzk@kernel.org>
+Date: Wed, 6 Jun 2018 12:47:02 +0200
+Subject: [PATCH] sysfs: Fix basename() build with musl
+
+musl provides only standard basename() which accepts non-const string.
+This fixes build error with musl C library:
+
+    | sysfs.cc: In function 'std::__cxx11::string sysfs_getbustype(const string&)':
+    | sysfs.cc:102:21: error: 'basename' was not declared in this scope
+    |        "/devices/" + basename(path.c_str());
+    |                      ^~~~~~~~
+
+Upstream-Status: Submitted
+Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
+---
+ src/core/dasd.cc  | 3 ++-
+ src/core/sysfs.cc | 9 +++++----
+ 2 files changed, 7 insertions(+), 5 deletions(-)
+
+diff --git a/src/core/dasd.cc b/src/core/dasd.cc
+index 626b8a872b0f..b27844215cc4 100644
+--- a/src/core/dasd.cc
++++ b/src/core/dasd.cc
+@@ -2,6 +2,7 @@
+ #include "osutils.h"
+ #include "dasd.h"
+ #include <glob.h>
++#include <libgen.h>
+ #include <string.h>
+ #include <fcntl.h>
+ #include <unistd.h>
+@@ -42,7 +43,7 @@ bool scan_dasd(hwNode & n)
+   {
+     for(dev_num=0;dev_num<devices.gl_pathc;dev_num++)
+     {
+-      dev_name = basename(devices.gl_pathv[dev_num]);
++      dev_name = basename(const_cast<char *>(devices.gl_pathv[dev_num]));
+       for (std::vector<std::string>::iterator it = sysfs_attribs.begin(); it != sysfs_attribs.end(); ++it)
+       {
+         std::string attrib_fname = std::string(SYSFS_PREFIX) + dev_name + "/device/" + *it;
+diff --git a/src/core/sysfs.cc b/src/core/sysfs.cc
+index acc9d0056d5e..c56bab7b3b9f 100644
+--- a/src/core/sysfs.cc
++++ b/src/core/sysfs.cc
+@@ -7,6 +7,7 @@
+ #include "version.h"
+ #include "sysfs.h"
+ #include "osutils.h"
++#include <libgen.h>
+ #include <limits.h>
+ #include <unistd.h>
+ #include <stdlib.h>
+@@ -99,7 +100,7 @@ static string sysfs_getbustype(const string & path)
+   {
+     devname =
+       string(fs.path + "/bus/") + string(namelist[i]->d_name) +
+-      "/devices/" + basename(path.c_str());
++      "/devices/" + basename(const_cast<char *>(path.c_str()));
+ 
+     if (samefile(devname, path))
+       return string(namelist[i]->d_name);
+@@ -139,7 +140,7 @@ static string sysfstobusinfo(const string & path)
+ 
+   if (bustype == "virtio")
+   {
+-    string name = basename(path.c_str());
++    string name = basename(const_cast<char *>(path.c_str()));
+     if (name.compare(0, 6, "virtio") == 0)
+       return "virtio@" + name.substr(6);
+     else
+@@ -207,7 +208,7 @@ string entry::driver() const
+   string driverlink = This->devpath + "/driver";
+   if (!exists(driverlink))
+     return "";
+-  return basename(readlink(driverlink).c_str());
++  return basename(const_cast<char *>(readlink(driverlink).c_str()));
+ }
+ 
+ 
+@@ -288,7 +289,7 @@ string entry::name_in_class(const string & classname) const
+ 
+ string entry::name() const
+ {
+-  return basename(This->devpath.c_str());
++  return basename(const_cast<char *>(This->devpath.c_str()));
+ }
+ 
+ 
+-- 
+2.7.4
+
diff --git a/meta-openembedded/meta-oe/recipes-devtools/lshw/lshw_02.18.bb b/meta-openembedded/meta-oe/recipes-devtools/lshw/lshw_02.18.bb
new file mode 100644
index 000000000..b344fbf32
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/lshw/lshw_02.18.bb
@@ -0,0 +1,32 @@
+DESCRIPTION = "A small tool to provide detailed information on the hardware \
+configuration of the machine. It can report exact memory configuration, \
+firmware version, mainboard configuration, CPU version and speed, cache \
+configuration, bus speed, etc. on DMI-capable or EFI systems."
+SUMMARY = "Hardware lister"
+HOMEPAGE = "http://ezix.org/project/wiki/HardwareLiSter"
+SECTION = "console/tools"
+
+LICENSE = "GPLv2+"
+LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
+
+COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux"
+
+SRC_URI = " \
+    http://ezix.org/software/files/lshw-B.${PV}.tar.gz \
+    file://0001-Makefile-Fix-cross-compilation.patch \
+    file://0002-Makefile-Use-supplied-LDFLAGS-to-silence-OE-GNU_HASH.patch \
+    file://0003-sysfs-Fix-basename-build-with-musl.patch \
+"
+SRC_URI[md5sum] = "8671c6d94d6324a744b7f21f1bfecfd2"
+SRC_URI[sha256sum] = "ae22ef11c934364be4fd2a0a1a7aadf4495a0251ec6979da280d342a89ca3c2f"
+
+S = "${WORKDIR}/lshw-B.${PV}"
+
+do_compile() {
+    # build core only - don't ship gui
+    oe_runmake -C src core
+}
+
+do_install() {
+    oe_runmake install DESTDIR=${D}
+}
diff --git a/meta-openembedded/meta-oe/recipes-devtools/ltrace/ltrace_git.bb b/meta-openembedded/meta-oe/recipes-devtools/ltrace/ltrace_git.bb
index abe015de2..f4033f7c2 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/ltrace/ltrace_git.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/ltrace/ltrace_git.bb
@@ -15,7 +15,7 @@ SRCREV = "c22d359433b333937ee3d803450dc41998115685"
 
 DEPENDS = "elfutils"
 RDEPENDS_${PN} = "elfutils"
-SRC_URI = "git://anonscm.debian.org/collab-maint/ltrace.git;branch=master \
+SRC_URI = "git://github.com/sparkleholic/ltrace.git;branch=master;protocol=http \
            file://configure-allow-to-disable-selinux-support.patch \
            file://0001-replace-readdir_r-with-readdir.patch \
            file://0001-Use-correct-enum-type.patch \
diff --git a/meta-openembedded/meta-oe/recipes-devtools/luajit/luajit_2.0.5.bb b/meta-openembedded/meta-oe/recipes-devtools/luajit/luajit_2.0.5.bb
index 1d69b3c12..3052eb048 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/luajit/luajit_2.0.5.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/luajit/luajit_2.0.5.bb
@@ -3,14 +3,14 @@ LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=10a96c93403affcc34765f4c2612bc22"
 HOMEPAGE = "http://luajit.org"
 
-SRC_URI = "http://luajit.org/download/LuaJIT-${PV}.tar.gz \
+PV .= "+git${SRCPV}"
+SRCREV = "02b521981a1ab919ff2cd4d9bcaee80baf77dce2"
+SRC_URI = "git://luajit.org/git/luajit-2.0.git;protocol=http \
            file://0001-Do-not-strip-automatically-this-leaves-the-stripping.patch \
            file://clang.patch \
 "
-SRC_URI[md5sum] = "48353202cbcacab84ee41a5a70ea0a2c"
-SRC_URI[sha256sum] = "874b1f8297c697821f561f9b73b57ffd419ed8f4278c82e05b48806d30c1e979"
 
-S = "${WORKDIR}/LuaJIT-${PV}"
+S = "${WORKDIR}/git"
 
 inherit pkgconfig binconfig siteinfo
 
@@ -49,7 +49,6 @@ EXTRA_OEMAKE = "\
     'TARGET_SHLDFLAGS=${LDFLAGS}' \
     'HOST_CC=${BUILD_CC}' \
     'HOST_CFLAGS=${BUILD_CFLAGS}' \
-    'HOST_LDFLAGS=${BUILD_LDFLAGS}' \
     \
     'PREFIX=${prefix}' \
     'MULTILIB=${baselib}' \
diff --git a/meta-openembedded/meta-oe/recipes-devtools/mercurial/mercurial_4.4.bb b/meta-openembedded/meta-oe/recipes-devtools/mercurial/mercurial_4.6.1.bb
index 90524974b..13710aaea 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/mercurial/mercurial_4.4.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/mercurial/mercurial_4.6.1.bb
@@ -10,8 +10,8 @@ RDEPENDS_${PN} = "python python-modules"
 inherit python-dir
 
 SRC_URI = "https://www.mercurial-scm.org/release/${BP}.tar.gz"
-SRC_URI[md5sum] = "c1d9fad1b7ed7077b0d4ae82e71154db"
-SRC_URI[sha256sum] = "234af4a67565c85923b0a1910c704ab44bcf12f69b85532687208776563d87de"
+SRC_URI[md5sum] = "f9b2e4a3b5901ef744fa3abe4196e97e"
+SRC_URI[sha256sum] = "89fa8ecbc8aa6e48e98f9803a1683ba91367124295dba2407b28c34ca621108d"
 
 S = "${WORKDIR}/mercurial-${PV}"
 
diff --git a/meta-openembedded/meta-oe/recipes-devtools/msgpack/msgpack-c_2.1.5.bb b/meta-openembedded/meta-oe/recipes-devtools/msgpack/msgpack-c_2.1.5.bb
index 02c0cd296..690a7f444 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/msgpack/msgpack-c_2.1.5.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/msgpack/msgpack-c_2.1.5.bb
@@ -9,14 +9,11 @@ LIC_FILES_CHKSUM = "file://NOTICE;md5=7a858c074723608e08614061dc044352 \
 
 PV .= "+git${SRCPV}"
 
-SRCREV = "208595b2620cf6260ce3d6d4cf8543f13b206449"
-
 SRC_URI = "git://github.com/msgpack/msgpack-c \
            file://0001-Fix-Werror-class-memaccess.patch \
            "
-
-inherit cmake pkgconfig
+SRCREV = "208595b2620cf6260ce3d6d4cf8543f13b206449"
 
 S = "${WORKDIR}/git"
 
-FILES_${PN}-dev += "${libdir}/cmake/msgpack/*.cmake"
+inherit cmake pkgconfig
diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_8.9.4.bb b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_8.12.0.bb
index 8930cd902..8c3397821 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_8.9.4.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_8.12.0.bb
@@ -1,9 +1,11 @@
 DESCRIPTION = "nodeJS Evented I/O for V8 JavaScript"
 HOMEPAGE = "http://nodejs.org"
 LICENSE = "MIT & BSD & Artistic-2.0"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=270f7477a1705f7cd3e29d3d4512915d"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=fde91d5c5bbd1e0389623e1ac018d9e8"
 
-DEPENDS = "openssl10 zlib"
+DEPENDS = "openssl zlib icu"
+
+inherit pkgconfig
 
 COMPATIBLE_MACHINE_armv4 = "(!.*armv4).*"
 COMPATIBLE_MACHINE_armv5 = "(!.*armv5).*"
@@ -12,8 +14,8 @@ COMPATIBLE_MACHINE_mips64 = "(!.*mips64).*"
 SRC_URI = "http://nodejs.org/dist/v${PV}/node-v${PV}.tar.xz \
            file://0001-Disable-running-gyp-files-for-bundled-deps.patch \
 "
-SRC_URI[md5sum] = "631ed102fe58c13cf63bc92a68cf4759"
-SRC_URI[sha256sum] = "6cdcde9c9c1ca9f450a0b24eafa229ca759e576daa0fae892ce74d541ecdc86f"
+SRC_URI[md5sum] = "8b3abd033dae96b6fadcb6a872a44d3c"
+SRC_URI[sha256sum] = "5a9dff58016c18fb4bf902d963b124ff058a550ebcd9840c677757387bce419a"
 
 S = "${WORKDIR}/node-v${PV}"
 
@@ -44,7 +46,7 @@ do_configure () {
     export LD="${CXX}"
     GYP_DEFINES="${GYP_DEFINES}" export GYP_DEFINES
     # $TARGET_ARCH settings don't match --dest-cpu settings
-   ./configure --prefix=${prefix} --without-intl --without-snapshot --shared-openssl --shared-zlib \
+   ./configure --prefix=${prefix} --with-intl=system-icu --without-snapshot --shared-openssl --shared-zlib \
                --dest-cpu="${@map_nodejs_arch(d.getVar('TARGET_ARCH'), d)}" \
                --dest-os=linux \
                ${ARCHFLAGS}
diff --git a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0001-Add-fallthrough-comments.patch b/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0001-Add-fallthrough-comments.patch
deleted file mode 100644
index 644146c4d..000000000
--- a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0001-Add-fallthrough-comments.patch
+++ /dev/null
@@ -1,155 +0,0 @@
-From 8f85163b030e7b957648f90cd8fa599fb04d5d65 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Fri, 16 Jun 2017 23:32:49 -0700
-Subject: [PATCH 1/5] Add fallthrough comments
-
-Fixes
-
-src/svf/svf.c:663:7: error: this statement may fall through [-Werror=implicit-fallthrough=]
-     i = -1;
-     ~~^~~~
-
-Upstream-Status: Pending
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- src/flash/mflash.c            | 3 ++-
- src/flash/nand/mx3.c          | 1 +
- src/jtag/drivers/ftdi.c       | 1 +
- src/svf/svf.c                 | 2 ++
- src/target/arm_adi_v5.c       | 9 +++++++++
- src/target/arm_disassembler.c | 1 +
- src/target/target.c           | 1 +
- 7 files changed, 17 insertions(+), 1 deletion(-)
-
-diff --git a/src/flash/mflash.c b/src/flash/mflash.c
-index b69995542..3254a3d56 100644
---- a/src/flash/mflash.c
-+++ b/src/flash/mflash.c
-@@ -259,10 +259,11 @@ static int mg_dsk_wait(mg_io_type_wait wait_local, uint32_t time_var)
- 				case mg_io_wait_rdy:
- 					if (status & mg_io_rbit_status_ready)
- 						return ERROR_OK;
--
-+					/* fallthru */
- 				case mg_io_wait_drq:
- 					if (status & mg_io_rbit_status_data_req)
- 						return ERROR_OK;
-+					/* fallthru */
- 
- 				default:
- 					break;
-diff --git a/src/flash/nand/mx3.c b/src/flash/nand/mx3.c
-index b61e47535..0a55929ed 100644
---- a/src/flash/nand/mx3.c
-+++ b/src/flash/nand/mx3.c
-@@ -281,6 +281,7 @@ static int imx31_command(struct nand_device *nand, uint8_t command)
- 			 * offset == one half of page size
- 			 */
- 			in_sram_address = MX3_NF_MAIN_BUFFER0 + (nand->page_size >> 1);
-+			/* fallthru */
- 		default:
- 			in_sram_address = MX3_NF_MAIN_BUFFER0;
- 	}
-diff --git a/src/jtag/drivers/ftdi.c b/src/jtag/drivers/ftdi.c
-index 00fe37faf..20f17d810 100644
---- a/src/jtag/drivers/ftdi.c
-+++ b/src/jtag/drivers/ftdi.c
-@@ -855,6 +855,7 @@ COMMAND_HANDLER(ftdi_handle_set_signal_command)
- 			ftdi_set_signal(sig, *CMD_ARGV[1]);
- 			break;
- 		}
-+		/* fallthru */
- 	default:
- 		LOG_ERROR("unknown signal level '%s', use 0, 1 or z", CMD_ARGV[1]);
- 		return ERROR_COMMAND_SYNTAX_ERROR;
-diff --git a/src/svf/svf.c b/src/svf/svf.c
-index e7e815c10..7b261cc72 100644
---- a/src/svf/svf.c
-+++ b/src/svf/svf.c
-@@ -661,11 +661,13 @@ static int svf_read_command_from_file(FILE *fd)
- 				if (svf_getline(&svf_read_line, &svf_read_line_size, svf_fd) <= 0)
- 					return ERROR_FAIL;
- 				i = -1;
-+				/* fallthru */
- 			case '\r':
- 				slash = 0;
- 				/* Don't save '\r' and '\n' if no data is parsed */
- 				if (!cmd_pos)
- 					break;
-+				/* fallthru */
- 			default:
- 				/* The parsing code currently expects a space
- 				 * before parentheses -- "TDI (123)".  Also a
-diff --git a/src/target/arm_adi_v5.c b/src/target/arm_adi_v5.c
-index eafc2ddc0..d444db2b1 100644
---- a/src/target/arm_adi_v5.c
-+++ b/src/target/arm_adi_v5.c
-@@ -346,10 +346,13 @@ static int mem_ap_write(struct adiv5_ap *ap, const uint8_t *buffer, uint32_t siz
- 			case 4:
- 				outvalue |= (uint32_t)*buffer++ << 8 * (address++ & 3);
- 				outvalue |= (uint32_t)*buffer++ << 8 * (address++ & 3);
-+				/* fallthru */
- 			case 2:
- 				outvalue |= (uint32_t)*buffer++ << 8 * (address++ & 3);
-+				/* fallthru */
- 			case 1:
- 				outvalue |= (uint32_t)*buffer++ << 8 * (address++ & 3);
-+				/* fallthru */
- 			}
- 		}
- 
-@@ -509,20 +512,26 @@ static int mem_ap_read(struct adiv5_ap *ap, uint8_t *buffer, uint32_t size, uint
- 			case 4:
- 				*buffer++ = *read_ptr >> 8 * (3 - (address++ & 3));
- 				*buffer++ = *read_ptr >> 8 * (3 - (address++ & 3));
-+				/* fallthru */
- 			case 2:
- 				*buffer++ = *read_ptr >> 8 * (3 - (address++ & 3));
-+				/* fallthru */
- 			case 1:
- 				*buffer++ = *read_ptr >> 8 * (3 - (address++ & 3));
-+				/* fallthru */
- 			}
- 		} else {
- 			switch (this_size) {
- 			case 4:
- 				*buffer++ = *read_ptr >> 8 * (address++ & 3);
- 				*buffer++ = *read_ptr >> 8 * (address++ & 3);
-+				/* fallthru */
- 			case 2:
- 				*buffer++ = *read_ptr >> 8 * (address++ & 3);
-+				/* fallthru */
- 			case 1:
- 				*buffer++ = *read_ptr >> 8 * (address++ & 3);
-+				/* fallthru */
- 			}
- 		}
- 
-diff --git a/src/target/arm_disassembler.c b/src/target/arm_disassembler.c
-index 5277b94d8..2eb21ea33 100644
---- a/src/target/arm_disassembler.c
-+++ b/src/target/arm_disassembler.c
-@@ -3299,6 +3299,7 @@ static int t2ev_data_immed(uint32_t opcode, uint32_t address,
- 		case 0x10:
- 		case 0x12:
- 			is_signed = true;
-+			/* fallthru */
- 		case 0x18:
- 		case 0x1a:
- 			/* signed/unsigned saturated add */
-diff --git a/src/target/target.c b/src/target/target.c
-index e04ecc470..597b4b13d 100644
---- a/src/target/target.c
-+++ b/src/target/target.c
-@@ -3684,6 +3684,7 @@ COMMAND_HANDLER(handle_bp_command)
- 				addr = 0;
- 				return handle_bp_command_set(CMD_CTX, addr, asid, length, hw);
- 			}
-+			/* fallthru */
- 
- 		case 4:
- 			hw = BKPT_HARD;
--- 
-2.13.1
-
diff --git a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0001-Fix-libusb-1.0.22-deprecated-libusb_set_debug-with-l.patch b/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0001-Fix-libusb-1.0.22-deprecated-libusb_set_debug-with-l.patch
new file mode 100644
index 000000000..c5b9083dc
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0001-Fix-libusb-1.0.22-deprecated-libusb_set_debug-with-l.patch
@@ -0,0 +1,39 @@
+From b95a996bfb281104b68ec66f32ebb79db519a4a8 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Thu, 31 May 2018 21:06:46 -0700
+Subject: [PATCH] Fix libusb-1.0.22 deprecated libusb_set_debug with
+ libusb_set_option
+
+libusb_set_debug is deprecated in libusb >= 1.0.22 therefore replace
+with equivalent libusb_set_option()  API
+
+see libusb commit for more details
+
+https://github.com/libusb/libusb/commit/539f22e2fd916558d11ab9a66f10f461c5593168
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+Upstream-Status: Submitted [http://openocd.zylin.com/#/c/4540/]
+ src/jtag/drivers/xds110.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/jtag/drivers/xds110.c b/src/jtag/drivers/xds110.c
+index 90b699027..9bfe02ea8 100644
+--- a/src/jtag/drivers/xds110.c
++++ b/src/jtag/drivers/xds110.c
+@@ -367,8 +367,11 @@ static bool usb_connect(void)
+ 
+ 		/* Set libusb to auto detach kernel and disable debug messages */
+ 		(void)libusb_set_auto_detach_kernel_driver(dev, 1);
++#if LIBUSB_API_VERSION >= 0x01000106
++		libusb_set_option(ctx, LIBUSB_OPTION_LOG_LEVEL, LIBUSB_LOG_LEVEL_NONE);
++#else
+ 		libusb_set_debug(ctx, LIBUSB_LOG_LEVEL_NONE);
+-
++#endif
+ 		/* Claim the debug interface on the XDS110 */
+ 		result = libusb_claim_interface(dev, INTERFACE_DEBUG);
+ 	} else {
+-- 
+2.17.1
+
diff --git a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0002-Workaround-new-warnings-generated-by-GCC-7.patch b/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0002-Workaround-new-warnings-generated-by-GCC-7.patch
deleted file mode 100644
index aa99735f6..000000000
--- a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0002-Workaround-new-warnings-generated-by-GCC-7.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-From 8daaa8c27794653d02854c5982669a7638473224 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Fri, 16 Jun 2017 23:52:46 -0700
-Subject: [PATCH 2/5] Workaround new warnings generated by GCC 7
-
-src/flash/nor/xmc4xxx.c: In function 'xmc4xxx_get_info_command':
-src/flash/nor/xmc4xxx.c:939:43: error: '%d' directive output may be truncated writing between 1 and 10 bytes into a region of size 6 [-Werror=format-truncation=]
-     snprintf(otp_str, sizeof(otp_str), "- %d\n", i);
-                                           ^~
-src/flash/nor/xmc4xxx.c:939:40: note: directive argument in the range [0, 2147483647]
-     snprintf(otp_str, sizeof(otp_str), "- %d\n", i);
-                                        ^~~~~~~~
-src/flash/nor/xmc4xxx.c:939:5: note: 'snprintf' output between 5 and 14 bytes into a destination of size 8
-     snprintf(otp_str, sizeof(otp_str), "- %d\n", i);
-     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-Upstream-Status: Pending
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- src/flash/nor/xmc4xxx.c | 2 +-
- src/target/arm_adi_v5.c | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/flash/nor/xmc4xxx.c b/src/flash/nor/xmc4xxx.c
-index 02df46a3f..e6c398ff9 100644
---- a/src/flash/nor/xmc4xxx.c
-+++ b/src/flash/nor/xmc4xxx.c
-@@ -931,7 +931,7 @@ static int xmc4xxx_get_info_command(struct flash_bank *bank, char *buf, int buf_
- 
- 	/* If OTP Write protection is enabled (User 2), list each
- 	 * sector that has it enabled */
--	char otp_str[8];
-+	char otp_str[14];
- 	if (otp_enabled) {
- 		strcat(prot_str, "\nOTP Protection is enabled for sectors:\n");
- 		for (int i = 0; i < bank->num_sectors; i++) {
-diff --git a/src/target/arm_adi_v5.c b/src/target/arm_adi_v5.c
-index d444db2b1..d0d95121f 100644
---- a/src/target/arm_adi_v5.c
-+++ b/src/target/arm_adi_v5.c
-@@ -1062,7 +1062,7 @@ static int dap_rom_display(struct command_context *cmd_ctx,
- 	int retval;
- 	uint64_t pid;
- 	uint32_t cid;
--	char tabs[7] = "";
-+	char tabs[16] = "";
- 
- 	if (depth > 16) {
- 		command_print(cmd_ctx, "\tTables too deep");
--- 
-2.13.1
-
diff --git a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0003-armv7a-Add-missing-break-to-fix-fallthrough-warning.patch b/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0003-armv7a-Add-missing-break-to-fix-fallthrough-warning.patch
deleted file mode 100644
index bcfbfc92b..000000000
--- a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0003-armv7a-Add-missing-break-to-fix-fallthrough-warning.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 8e5051e83fedb078170565a24d1f5de6c2ce4428 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Sat, 17 Jun 2017 00:01:51 -0700
-Subject: [PATCH 3/5] armv7a: Add missing break to fix fallthrough warning
-
-Upstream-Status: Pending
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- src/target/armv7a.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/target/armv7a.c b/src/target/armv7a.c
-index 6021def4e..bad806b3d 100644
---- a/src/target/armv7a.c
-+++ b/src/target/armv7a.c
-@@ -355,6 +355,7 @@ int armv7a_mmu_translate_va_pa(struct target *target, uint32_t va,
- 				break;
- 			case 7:
- 				LOG_INFO("inner: Write-Back, no Write-Allocate");
-+				break;
- 
- 			default:
- 				LOG_INFO("inner: %" PRIx32 " ???", INNER);
--- 
-2.13.1
-
diff --git a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0004-Fix-overflow-warning.patch b/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0004-Fix-overflow-warning.patch
deleted file mode 100644
index bfc5627c1..000000000
--- a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0004-Fix-overflow-warning.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From d3ca56370a2be7e737d48bd14d474d790a0ab8ac Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Sat, 17 Jun 2017 00:04:00 -0700
-Subject: [PATCH 4/5] Fix overflow warning
-
-Remove an empty space which makes it fit into 11 byte string
-
-Upstream-Status: Pending
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- src/target/nds32_cmd.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/target/nds32_cmd.c b/src/target/nds32_cmd.c
-index edb4872e4..73355073c 100644
---- a/src/target/nds32_cmd.c
-+++ b/src/target/nds32_cmd.c
-@@ -821,7 +821,7 @@ static int jim_nds32_bulk_read(Jim_Interp *interp, int argc, Jim_Obj * const *ar
- 	jim_wide i;
- 	Jim_SetResult(interp, Jim_NewEmptyStringObj(interp));
- 	for (i = 0; i < count; i++) {
--		sprintf(data_str, "0x%08" PRIx32 " ", data[i]);
-+		sprintf(data_str, "0x%08" PRIx32 "", data[i]);
- 		Jim_AppendStrings(interp, Jim_GetResult(interp), data_str, NULL);
- 	}
- 
--- 
-2.13.1
-
diff --git a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0005-command-Move-the-fall-through-comment-to-right-scope.patch b/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0005-command-Move-the-fall-through-comment-to-right-scope.patch
deleted file mode 100644
index 60f75da2c..000000000
--- a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd/0005-command-Move-the-fall-through-comment-to-right-scope.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 29dbf92ffdbdda29662b4190a2f8eb09caad8b51 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Sat, 17 Jun 2017 00:06:32 -0700
-Subject: [PATCH 5/5] command: Move the fall through comment to right scope
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- src/helper/command.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/helper/command.c b/src/helper/command.c
-index 5deaee859..287c14857 100644
---- a/src/helper/command.c
-+++ b/src/helper/command.c
-@@ -1456,8 +1456,8 @@ COMMAND_HELPER(handle_command_parse_bool, bool *out, const char *label)
- 				LOG_ERROR("%s: argument '%s' is not valid", CMD_NAME, in);
- 				return ERROR_COMMAND_SYNTAX_ERROR;
- 			}
--			/* fall through */
- 		}
-+		/* fall through */
- 		case 0:
- 			LOG_INFO("%s is %s", label, *out ? "enabled" : "disabled");
- 			break;
--- 
-2.13.1
-
diff --git a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd_git.bb b/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd_git.bb
index 1a15e53b8..21a86de39 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd_git.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd_git.bb
@@ -9,17 +9,14 @@ SRC_URI = " \
     git://repo.or.cz/r/git2cl.git;protocol=http;destsuffix=tools/git2cl;name=git2cl \
     git://repo.or.cz/r/jimtcl.git;protocol=http;destsuffix=git/jimtcl;name=jimtcl \
     git://repo.or.cz/r/libjaylink.git;protocol=http;destsuffix=git/src/jtag/drivers/libjaylink;name=libjaylink \
-    file://0001-Add-fallthrough-comments.patch \
-    file://0002-Workaround-new-warnings-generated-by-GCC-7.patch \
-    file://0003-armv7a-Add-missing-break-to-fix-fallthrough-warning.patch \
-    file://0004-Fix-overflow-warning.patch \
-    file://0005-command-Move-the-fall-through-comment-to-right-scope.patch \
+    file://0001-Fix-libusb-1.0.22-deprecated-libusb_set_debug-with-l.patch \
 "
+
 SRCREV_FORMAT = "openocd"
-SRCREV_openocd = "1025be363e2bf42f1613083223a2322cc3a9bd4c"
+SRCREV_openocd = "cdf1e826eb23c29de1019ce64125f644f01b0afe"
 SRCREV_git2cl = "8373c9f74993e218a08819cbcdbab3f3564bbeba"
 SRCREV_jimtcl = "a9bf5975fd0f89974d689a2d9ebd0873c8d64787"
-SRCREV_libjaylink = "699b7001d34a79c8e7064503dde1bede786fd7f0"
+SRCREV_libjaylink = "8645845c1abebd004e991ba9a7f808f4fd0c608b"
 
 PV = "0.10+gitr${SRCPV}"
 S = "${WORKDIR}/git"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/pax-utils/pax-utils_1.2.2.bb b/meta-openembedded/meta-oe/recipes-devtools/pax-utils/pax-utils_1.2.2.bb
new file mode 100644
index 000000000..9635a5e70
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/pax-utils/pax-utils_1.2.2.bb
@@ -0,0 +1,36 @@
+SUMMARY = "Security-focused ELF files checking tool"
+DESCRIPTION = "This is a small set of various PaX aware and related \
+utilities for ELF binaries. It can check ELF binary files and running \
+processes for issues that might be relevant when using ELF binaries \
+along with PaX, such as non-PIC code or executable stack and heap."
+HOMEPAGE = "http://www.gentoo.org/proj/en/hardened/pax-utils.xml"
+LICENSE = "GPLv2+"
+LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a"
+
+SRC_URI = "https://dev.gentoo.org/~vapier/dist/pax-utils-${PV}.tar.xz"
+SRC_URI[md5sum] = "a580468318f0ff42edf4a8cd314cc942"
+SRC_URI[sha256sum] = "7f4a7f8db6b4743adde7582fa48992ad01776796fcde030683732f56221337d9"
+
+RDEPENDS_${PN} += "bash"
+
+export GNULIB_OVERRIDES_WINT_T = "0"
+
+do_configure_prepend() {
+    touch ${S}/NEWS ${S}/AUTHORS ${S}/ChangeLog ${S}/README
+}
+
+do_install() {
+    oe_runmake PREFIX=${D}${prefix} DESTDIR=${D} install
+}
+
+BBCLASSEXTEND = "native"
+
+inherit autotools pkgconfig
+
+PACKAGECONFIG ??= ""
+
+PACKAGECONFIG[libcap] = "--with-caps, --without-caps, libcap"
+PACKAGECONFIG[libseccomp] = "--with-seccomp, --without-seccomp, libseccomp"
+PACKAGECONFIG[pyelftools] = "--with-python, --without-python,, pyelftools"
+
+EXTRA_OECONF += "--enable-largefile"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/perl/ipc-run_0.96.bb b/meta-openembedded/meta-oe/recipes-devtools/perl/ipc-run_20180523.0.bb
index 08c966da9..c812ae137 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/perl/ipc-run_0.96.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/perl/ipc-run_20180523.0.bb
@@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=0ebd37caf53781e8b7223e6b99b63f4e"
 DEPENDS = "perl"
 
 SRC_URI = "git://github.com/toddr/IPC-Run.git"
-SRCREV = "96066366ac8c401dff9c979d04f25dc8219ffcc1"
+SRCREV = "0b409702490729eeb97ae65f5b94d949ec083134"
 
 S = "${WORKDIR}/git"
 
diff --git a/meta-openembedded/meta-oe/recipes-devtools/php/php.inc b/meta-openembedded/meta-oe/recipes-devtools/php/php.inc
index 066b97cd2..bfd0ddfb8 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/php/php.inc
+++ b/meta-openembedded/meta-oe/recipes-devtools/php/php.inc
@@ -5,8 +5,7 @@ SECTION = "console/network"
 LICENSE = "PHP-3.0"
 
 BBCLASSEXTEND = "native"
-DEPENDS = "zlib bzip2 libxml2 virtual/libiconv php-native lemon-native \
-           openssl"
+DEPENDS = "zlib bzip2 libxml2 virtual/libiconv php-native lemon-native"
 DEPENDS_class-native = "zlib-native libxml2-native"
 
 PHP_MAJOR_VERSION = "${@d.getVar('PV', True).split('.')[0]}"
@@ -59,7 +58,7 @@ EXTRA_OECONF = "--enable-mbstring \
                 ${COMMON_EXTRA_OECONF} \
 "
 
-CACHED_CONFIGUREVARS += "ac_cv_func_dlopen=yes ac_cv_lib_dl_dlopen=yes"
+CACHED_CONFIGUREVARS += "ac_cv_func_dlopen=no ac_cv_lib_dl_dlopen=yes"
 
 EXTRA_OECONF_class-native = " \
                 --with-zlib=${STAGING_LIBDIR_NATIVE}/.. \
@@ -67,7 +66,7 @@ EXTRA_OECONF_class-native = " \
                 ${COMMON_EXTRA_OECONF} \
 "
 
-PACKAGECONFIG ??= "mysql sqlite3 imap opcache \
+PACKAGECONFIG ??= "mysql sqlite3 imap opcache openssl \
                    ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 pam', d)} \
 "
 PACKAGECONFIG_class-native = ""
@@ -80,7 +79,7 @@ PACKAGECONFIG[mysql] = "--with-mysql=${STAGING_DIR_TARGET}${prefix} \
 
 PACKAGECONFIG[sqlite3] = "--with-sqlite3=${STAGING_LIBDIR}/.. \
                           --with-pdo-sqlite=${STAGING_LIBDIR}/.. \
-                          , \
+                          ,--without-sqlite3 --without-pdo-sqlite \
                           ,sqlite3"
 PACKAGECONFIG[pgsql] = "--with-pgsql=${STAGING_DIR_TARGET}${exec_prefix},--without-pgsql,postgresql"
 PACKAGECONFIG[soap] = "--enable-libxml --enable-soap, --disable-soap, libxml2"
@@ -91,7 +90,8 @@ PACKAGECONFIG[imap] = "--with-imap=${STAGING_DIR_HOST} \
                        ,--without-imap --without-imap-ssl \
                        ,uw-imap"
 PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
-PACKAGECONFIG[opcache] = ",--disable-opcache"
+PACKAGECONFIG[opcache] = "--enable-opcache,--disable-opcache"
+PACKAGECONFIG[openssl] = "--with-openssl,--without-openssl,openssl"
 
 export PHP_NATIVE_DIR = "${STAGING_BINDIR_NATIVE}"
 export PHP_PEAR_PHP_BIN = "${STAGING_BINDIR_NATIVE}/php"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/php/php/0001-PHP-5.6-LibSSL-1.1-compatibility.patch b/meta-openembedded/meta-oe/recipes-devtools/php/php/0001-PHP-5.6-LibSSL-1.1-compatibility.patch
new file mode 100644
index 000000000..ac8365b8e
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/php/php/0001-PHP-5.6-LibSSL-1.1-compatibility.patch
@@ -0,0 +1,1285 @@
+Subject: [PATCH] PHP 5.6 - LibSSL 1.1 compatibility
+
+This patch does not try to backport the 7.1 openssl module, it is the
+improved version of the 5.6 original openssl module.
+
+https://github.com/oerdnj/deb.sury.org/issues/566
+http://zettasystem.com/PHP-5.6.31-OpenSSL-1.1.0-compatibility-20170801.patch
+
+Upstream-Status: Deny [https://github.com/php/php-src/pull/2667]
+Reason: As PHP 5.6 is no longer actively supported only security fixes
+may land on this branch. As this change does not fall in this category,
+I'm closing this PR. (All higher versions of PHP already have OpenSSL
+1.1 support.)
+
+Author: zsalab@github https://github.com/zsalab
+
+Only port source modification, do not include the test case
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ ext/openssl/openssl.c | 683 +++++++++++++++++++++++++++++++++++++-------------
+ ext/openssl/xp_ssl.c  |  18 +-
+ ext/phar/util.c       |  13 +-
+ 3 files changed, 527 insertions(+), 187 deletions(-)
+
+diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
+index a78a8fb..b53114c 100644
+--- a/ext/openssl/openssl.c
++++ b/ext/openssl/openssl.c
+@@ -42,6 +42,12 @@
+ 
+ /* OpenSSL includes */
+ #include <openssl/evp.h>
++#if OPENSSL_VERSION_NUMBER >= 0x10002000L
++#include <openssl/bn.h>
++#include <openssl/rsa.h>
++#include <openssl/dsa.h>
++#include <openssl/dh.h>
++#endif
+ #include <openssl/x509.h>
+ #include <openssl/x509v3.h>
+ #include <openssl/crypto.h>
+@@ -531,6 +537,133 @@ zend_module_entry openssl_module_entry = {
+ ZEND_GET_MODULE(openssl)
+ #endif
+ 
++/* {{{ OpenSSL compatibility functions and macros */
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER)
++#define EVP_PKEY_get0_RSA(_pkey) _pkey->pkey.rsa
++#define EVP_PKEY_get0_DH(_pkey) _pkey->pkey.dh
++#define EVP_PKEY_get0_DSA(_pkey) _pkey->pkey.dsa
++#define EVP_PKEY_get0_EC_KEY(_pkey) _pkey->pkey.ec
++
++static int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
++{
++	r->n = n;
++	r->e = e;
++	r->d = d;
++
++	return 1;
++}
++
++static int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q)
++{
++	r->p = p;
++	r->q = q;
++
++	return 1;
++}
++
++static int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp)
++{
++	r->dmp1 = dmp1;
++	r->dmq1 = dmq1;
++	r->iqmp = iqmp;
++
++	return 1;
++}
++
++static void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
++{
++	*n = r->n;
++	*e = r->e;
++	*d = r->d;
++}
++
++static void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q)
++{
++	*p = r->p;
++	*q = r->q;
++}
++
++static void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp)
++{
++	*dmp1 = r->dmp1;
++	*dmq1 = r->dmq1;
++	*iqmp = r->iqmp;
++}
++
++static void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
++{
++	*p = dh->p;
++	*q = dh->q;
++	*g = dh->g;
++}
++
++static int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
++{
++	dh->p = p;
++	dh->q = q;
++	dh->g = g;
++
++	return 1;
++}
++
++static void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
++{
++	*pub_key = dh->pub_key;
++	*priv_key = dh->priv_key;
++}
++
++static int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key)
++{
++	dh->pub_key = pub_key;
++	dh->priv_key = priv_key;
++
++	return 1;
++}
++
++static void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
++{
++	*p = d->p;
++	*q = d->q;
++	*g = d->g;
++}
++
++int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g)
++{
++	d->p = p;
++	d->q = q;
++	d->g = g;
++
++	return 1;
++}
++
++static void DSA_get0_key(const DSA *d, const BIGNUM **pub_key, const BIGNUM **priv_key)
++{
++	*pub_key = d->pub_key;
++	*priv_key = d->priv_key;
++}
++
++int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key)
++{
++	d->pub_key = pub_key;
++	d->priv_key = priv_key;
++
++	return 1;
++}
++
++#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined (LIBRESSL_VERSION_NUMBER)
++#define EVP_PKEY_id(_pkey) _pkey->type
++#define EVP_PKEY_base_id(_key) EVP_PKEY_type(_key->type)
++
++static int X509_get_signature_nid(const X509 *x)
++{
++	return OBJ_obj2nid(x->sig_alg->algorithm);
++}
++
++#endif
++
++#endif
++/* }}} */
++
+ static int le_key;
+ static int le_x509;
+ static int le_csr;
+@@ -825,7 +958,7 @@ static int add_oid_section(struct php_x509_request * req TSRMLS_DC) /* {{{ */
+ 	}
+ 	for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
+ 		cnf = sk_CONF_VALUE_value(sktmp, i);
+-		if (OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
++		if (OBJ_sn2nid(cnf->name) == NID_undef && OBJ_ln2nid(cnf->name) == NID_undef && OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
+ 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "problem creating object %s=%s", cnf->name, cnf->value);
+ 			return FAILURE;
+ 		}
+@@ -967,7 +1100,7 @@ static void php_openssl_dispose_config(struct php_x509_request * req TSRMLS_DC)
+ }
+ /* }}} */
+ 
+-#ifdef PHP_WIN32
++#if defined(PHP_WIN32) || (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER))
+ #define PHP_OPENSSL_RAND_ADD_TIME() ((void) 0)
+ #else
+ #define PHP_OPENSSL_RAND_ADD_TIME() php_openssl_rand_add_timeval()
+@@ -1053,9 +1186,11 @@ static EVP_MD * php_openssl_get_evp_md_from_algo(long algo) { /* {{{ */
+ 			mdtype = (EVP_MD *) EVP_md2();
+ 			break;
+ #endif
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER)
+ 		case OPENSSL_ALGO_DSS1:
+ 			mdtype = (EVP_MD *) EVP_dss1();
+ 			break;
++#endif
+ #if OPENSSL_VERSION_NUMBER >= 0x0090708fL
+ 		case OPENSSL_ALGO_SHA224:
+ 			mdtype = (EVP_MD *) EVP_sha224();
+@@ -1146,6 +1281,12 @@ PHP_MINIT_FUNCTION(openssl)
+ 	OpenSSL_add_all_digests();
+ 	OpenSSL_add_all_algorithms();
+ 
++#if !defined(OPENSSL_NO_AES) && defined(EVP_CIPH_CCM_MODE) && OPENSSL_VERSION_NUMBER < 0x100020000
++	EVP_add_cipher(EVP_aes_128_ccm());
++	EVP_add_cipher(EVP_aes_192_ccm());
++	EVP_add_cipher(EVP_aes_256_ccm());
++#endif
++
+ 	SSL_load_error_strings();
+ 
+ 	/* register a resource id number with OpenSSL so that we can map SSL -> stream structures in
+@@ -1173,7 +1314,9 @@ PHP_MINIT_FUNCTION(openssl)
+ #ifdef HAVE_OPENSSL_MD2_H
+ 	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_MD2", OPENSSL_ALGO_MD2, CONST_CS|CONST_PERSISTENT);
+ #endif
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER)
+ 	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_DSS1", OPENSSL_ALGO_DSS1, CONST_CS|CONST_PERSISTENT);
++#endif
+ #if OPENSSL_VERSION_NUMBER >= 0x0090708fL
+ 	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA224", OPENSSL_ALGO_SHA224, CONST_CS|CONST_PERSISTENT);
+ 	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA256", OPENSSL_ALGO_SHA256, CONST_CS|CONST_PERSISTENT);
+@@ -1251,7 +1394,9 @@ PHP_MINIT_FUNCTION(openssl)
+ 	}
+ 
+ 	php_stream_xport_register("ssl", php_openssl_ssl_socket_factory TSRMLS_CC);
++#ifndef OPENSSL_NO_SSL3
+ 	php_stream_xport_register("sslv3", php_openssl_ssl_socket_factory TSRMLS_CC);
++#endif
+ #ifndef OPENSSL_NO_SSL2
+ 	php_stream_xport_register("sslv2", php_openssl_ssl_socket_factory TSRMLS_CC);
+ #endif
+@@ -1308,7 +1453,9 @@ PHP_MSHUTDOWN_FUNCTION(openssl)
+ #ifndef OPENSSL_NO_SSL2
+ 	php_stream_xport_unregister("sslv2" TSRMLS_CC);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ 	php_stream_xport_unregister("sslv3" TSRMLS_CC);
++#endif
+ 	php_stream_xport_unregister("tls" TSRMLS_CC);
+ 	php_stream_xport_unregister("tlsv1.0" TSRMLS_CC);
+ #if OPENSSL_VERSION_NUMBER >= 0x10001001L
+@@ -1893,6 +2040,7 @@ static int openssl_x509v3_subjectAltName(BIO *bio, X509_EXTENSION *extension)
+ {
+ 	GENERAL_NAMES *names;
+ 	const X509V3_EXT_METHOD *method = NULL;
++	ASN1_OCTET_STRING *extension_data;
+ 	long i, length, num;
+ 	const unsigned char *p;
+ 
+@@ -1901,8 +2049,9 @@ static int openssl_x509v3_subjectAltName(BIO *bio, X509_EXTENSION *extension)
+ 		return -1;
+ 	}
+ 
+-	p = extension->value->data;
+-	length = extension->value->length;
++	extension_data = X509_EXTENSION_get_data(extension);
++	p = extension_data->data;
++	length = extension_data->length;
+ 	if (method->it) {
+ 		names = (GENERAL_NAMES*)(ASN1_item_d2i(NULL, &p, length,
+ 						       ASN1_ITEM_ptr(method->it)));
+@@ -1965,6 +2114,8 @@ PHP_FUNCTION(openssl_x509_parse)
+ 	char * tmpstr;
+ 	zval * subitem;
+ 	X509_EXTENSION *extension;
++	X509_NAME *subject_name;
++	char *cert_name;
+ 	char *extname;
+ 	BIO  *bio_out;
+ 	BUF_MEM *bio_buf;
+@@ -1979,10 +2130,10 @@ PHP_FUNCTION(openssl_x509_parse)
+ 	}
+ 	array_init(return_value);
+ 
+-	if (cert->name) {
+-		add_assoc_string(return_value, "name", cert->name, 1);
+-	}
+-/*	add_assoc_bool(return_value, "valid", cert->valid); */
++	subject_name = X509_get_subject_name(cert);
++	cert_name = X509_NAME_oneline(subject_name, NULL, 0);
++	add_assoc_string(return_value, "name", cert_name, 1);
++	OPENSSL_free(cert_name);
+ 
+ 	add_assoc_name_entry(return_value, "subject", 		X509_get_subject_name(cert), useshortnames TSRMLS_CC);
+ 	/* hash as used in CA directories to lookup cert by subject name */
+@@ -2008,7 +2159,7 @@ PHP_FUNCTION(openssl_x509_parse)
+ 		add_assoc_string(return_value, "alias", tmpstr, 1);
+ 	}
+ 
+-	sig_nid = OBJ_obj2nid((cert)->sig_alg->algorithm);
++	sig_nid = X509_get_signature_nid(cert);
+ 	add_assoc_string(return_value, "signatureTypeSN", (char*)OBJ_nid2sn(sig_nid), 1);
+ 	add_assoc_string(return_value, "signatureTypeLN", (char*)OBJ_nid2ln(sig_nid), 1);
+ 	add_assoc_long(return_value, "signatureTypeNID", sig_nid);
+@@ -3217,7 +3368,21 @@ PHP_FUNCTION(openssl_csr_get_public_key)
+ 		RETURN_FALSE;
+ 	}
+ 
+-	tpubkey=X509_REQ_get_pubkey(csr);
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++	/* Due to changes in OpenSSL 1.1 related to locking when decoding CSR,
++	 * the pub key is not changed after assigning. It means if we pass
++	 * a private key, it will be returned including the private part.
++	 * If we duplicate it, then we get just the public part which is
++	 * the same behavior as for OpenSSL 1.0 */
++	csr = X509_REQ_dup(csr);
++#endif
++	/* Retrieve the public key from the CSR */
++	tpubkey = X509_REQ_get_pubkey(csr);
++
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++	/* We need to free the CSR as it was duplicated */
++	X509_REQ_free(csr);
++#endif
+ 	RETVAL_RESOURCE(zend_list_insert(tpubkey, le_key TSRMLS_CC));
+ 	return;
+ }
+@@ -3482,13 +3647,20 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey TSRMLS_DC)
+ {
+ 	assert(pkey != NULL);
+ 
+-	switch (pkey->type) {
++	switch (EVP_PKEY_id(pkey)) {
+ #ifndef NO_RSA
+ 		case EVP_PKEY_RSA:
+ 		case EVP_PKEY_RSA2:
+-			assert(pkey->pkey.rsa != NULL);
+-			if (pkey->pkey.rsa != NULL && (NULL == pkey->pkey.rsa->p || NULL == pkey->pkey.rsa->q)) {
+-				return 0;
++			{
++				RSA *rsa = EVP_PKEY_get0_RSA(pkey);
++				if (rsa != NULL) {
++					const BIGNUM *p, *q;
++
++					RSA_get0_factors(rsa, &p, &q);
++					 if (p == NULL || q == NULL) {
++						return 0;
++					 }
++				}
+ 			}
+ 			break;
+ #endif
+@@ -3498,28 +3670,51 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey TSRMLS_DC)
+ 		case EVP_PKEY_DSA2:
+ 		case EVP_PKEY_DSA3:
+ 		case EVP_PKEY_DSA4:
+-			assert(pkey->pkey.dsa != NULL);
+-
+-			if (NULL == pkey->pkey.dsa->p || NULL == pkey->pkey.dsa->q || NULL == pkey->pkey.dsa->priv_key){ 
+-				return 0;
++			{
++				DSA *dsa = EVP_PKEY_get0_DSA(pkey);
++				if (dsa != NULL) {
++					const BIGNUM *p, *q, *g, *pub_key, *priv_key;
++
++					DSA_get0_pqg(dsa, &p, &q, &g);
++					if (p == NULL || q == NULL) {
++						return 0;
++					}
++ 
++					DSA_get0_key(dsa, &pub_key, &priv_key);
++					if (priv_key == NULL) {
++						return 0;
++					}
++				}
+ 			}
+ 			break;
+ #endif
+ #ifndef NO_DH
+ 		case EVP_PKEY_DH:
+-			assert(pkey->pkey.dh != NULL);
+-
+-			if (NULL == pkey->pkey.dh->p || NULL == pkey->pkey.dh->priv_key) {
+-				return 0;
++			{
++				DH *dh = EVP_PKEY_get0_DH(pkey);
++				if (dh != NULL) {
++					const BIGNUM *p, *q, *g, *pub_key, *priv_key;
++
++					DH_get0_pqg(dh, &p, &q, &g);
++					if (p == NULL) {
++						return 0;
++					}
++ 
++					DH_get0_key(dh, &pub_key, &priv_key);
++					if (priv_key == NULL) {
++						return 0;
++					}
++				}
+ 			}
+ 			break;
+ #endif
+ #ifdef HAVE_EVP_PKEY_EC
+ 		case EVP_PKEY_EC:
+-			assert(pkey->pkey.ec != NULL);
+-
+-			if ( NULL == EC_KEY_get0_private_key(pkey->pkey.ec)) {
+-				return 0;
++			{
++				EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
++				if (ec != NULL && NULL == EC_KEY_get0_private_key(ec)) {
++					return 0;
++				}
+ 			}
+ 			break;
+ #endif
+@@ -3531,34 +3726,80 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey TSRMLS_DC)
+ }
+ /* }}} */
+ 
+-#define OPENSSL_PKEY_GET_BN(_type, _name) do {							\
+-		if (pkey->pkey._type->_name != NULL) {							\
+-			int len = BN_num_bytes(pkey->pkey._type->_name);			\
+-			char *str = emalloc(len + 1);								\
+-			BN_bn2bin(pkey->pkey._type->_name, (unsigned char*)str);	\
+-			str[len] = 0;                                           	\
+-			add_assoc_stringl(_type, #_name, str, len, 0);				\
+-		}																\
+-	} while (0)
+-
+-#define OPENSSL_PKEY_SET_BN(_ht, _type, _name) do {						\
+-		zval **bn;														\
+-		if (zend_hash_find(_ht, #_name, sizeof(#_name),	(void**)&bn) == SUCCESS && \
+-				Z_TYPE_PP(bn) == IS_STRING) {							\
+-			_type->_name = BN_bin2bn(									\
+-				(unsigned char*)Z_STRVAL_PP(bn),						\
+-	 			Z_STRLEN_PP(bn), NULL);									\
+-	    }                                                               \
++#define OPENSSL_GET_BN(_array, _bn, _name) do { \
++		if (_bn != NULL) { \
++			int len = BN_num_bytes(_bn); \
++			char *str = emalloc(len + 1); \
++			BN_bn2bin(_bn, (unsigned char*)str); \
++			str[len] = 0; \
++			add_assoc_stringl(_array, #_name, str, len, 0); \
++		} \
+ 	} while (0);
+ 
++#define OPENSSL_PKEY_GET_BN(_type, _name) OPENSSL_GET_BN(_type, _name, _name)
++
++#define OPENSSL_PKEY_SET_BN(_data, _name) do { \
++		zval **bn; \
++		if (zend_hash_find(Z_ARRVAL_P(_data), #_name, sizeof(#_name),(void**)&bn) == SUCCESS && \
++				Z_TYPE_PP(bn) == IS_STRING) { \
++			_name = BN_bin2bn( \
++				(unsigned char*)Z_STRVAL_PP(bn), \
++				Z_STRLEN_PP(bn), NULL); \
++		} else { \
++			_name = NULL; \
++		} \
++ 	} while (0);
++
++/* {{{ php_openssl_pkey_init_rsa */
++zend_bool php_openssl_pkey_init_and_assign_rsa(EVP_PKEY *pkey, RSA *rsa, zval *data)
++{
++	BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp;
++
++	OPENSSL_PKEY_SET_BN(data, n);
++	OPENSSL_PKEY_SET_BN(data, e);
++	OPENSSL_PKEY_SET_BN(data, d);
++	if (!n || !d || !RSA_set0_key(rsa, n, e, d)) {
++		return 0;
++	}
++
++	OPENSSL_PKEY_SET_BN(data, p);
++	OPENSSL_PKEY_SET_BN(data, q);
++	if ((p || q) && !RSA_set0_factors(rsa, p, q)) {
++		return 0;
++	}
++
++	OPENSSL_PKEY_SET_BN(data, dmp1);
++	OPENSSL_PKEY_SET_BN(data, dmq1);
++	OPENSSL_PKEY_SET_BN(data, iqmp);
++	if ((dmp1 || dmq1 || iqmp) && !RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp)) {
++		return 0;
++	}
++
++	if (!EVP_PKEY_assign_RSA(pkey, rsa)) {
++		return 0;
++	}
++
++	return 1;
++}
++/* }}} */
++
+ /* {{{ php_openssl_pkey_init_dsa */
+-zend_bool php_openssl_pkey_init_dsa(DSA *dsa)
++zend_bool php_openssl_pkey_init_dsa(DSA *dsa, zval *data)
+ {
+-	if (!dsa->p || !dsa->q || !dsa->g) {
++	BIGNUM *p, *q, *g, *priv_key, *pub_key;
++	const BIGNUM *priv_key_const, *pub_key_const;
++
++	OPENSSL_PKEY_SET_BN(data, p);
++	OPENSSL_PKEY_SET_BN(data, q);
++	OPENSSL_PKEY_SET_BN(data, g);
++	if (!p || !q || !g || !DSA_set0_pqg(dsa, p, q, g)) {
+ 		return 0;
+ 	}
+-	if (dsa->priv_key || dsa->pub_key) {
+-		return 1;
++
++	OPENSSL_PKEY_SET_BN(data, pub_key);
++	OPENSSL_PKEY_SET_BN(data, priv_key);
++	if (pub_key) {
++		return DSA_set0_key(dsa, pub_key, priv_key);
+ 	}
+ 	PHP_OPENSSL_RAND_ADD_TIME();
+ 	if (!DSA_generate_key(dsa)) {
+@@ -3566,7 +3807,8 @@ zend_bool php_openssl_pkey_init_dsa(DSA *dsa)
+ 	}
+ 	/* if BN_mod_exp return -1, then DSA_generate_key succeed for failed key
+ 	 * so we need to double check that public key is created */
+-	if (!dsa->pub_key || BN_is_zero(dsa->pub_key)) {
++	DSA_get0_key(dsa, &pub_key_const, &priv_key_const);
++	if (!pub_key_const || BN_is_zero(pub_key_const)) {
+ 		return 0;
+ 	}
+ 	/* all good */
+@@ -3574,14 +3816,66 @@ zend_bool php_openssl_pkey_init_dsa(DSA *dsa)
+ }
+ /* }}} */
+ 
++/* {{{ php_openssl_dh_pub_from_priv */
++static BIGNUM *php_openssl_dh_pub_from_priv(BIGNUM *priv_key, BIGNUM *g, BIGNUM *p)
++{
++	BIGNUM *pub_key, *priv_key_const_time;
++	BN_CTX *ctx;
++
++	pub_key = BN_new();
++	if (pub_key == NULL) {
++		return NULL;
++	}
++
++	priv_key_const_time = BN_new();
++	if (priv_key_const_time == NULL) {
++		BN_free(pub_key);
++		return NULL;
++	}
++	ctx = BN_CTX_new();
++	if (ctx == NULL) {
++		BN_free(pub_key);
++		BN_free(priv_key_const_time);
++		return NULL;
++	}
++
++	BN_with_flags(priv_key_const_time, priv_key, BN_FLG_CONSTTIME);
++
++	if (!BN_mod_exp_mont(pub_key, g, priv_key_const_time, p, ctx, NULL)) {
++		BN_free(pub_key);
++		pub_key = NULL;
++	}
++
++	BN_free(priv_key_const_time);
++	BN_CTX_free(ctx);
++
++	return pub_key;
++}
++/* }}} */
++
+ /* {{{ php_openssl_pkey_init_dh */
+-zend_bool php_openssl_pkey_init_dh(DH *dh)
++zend_bool php_openssl_pkey_init_dh(DH *dh, zval *data)
+ {
+-	if (!dh->p || !dh->g) {
++	BIGNUM *p, *q, *g, *priv_key, *pub_key;
++
++	OPENSSL_PKEY_SET_BN(data, p);
++	OPENSSL_PKEY_SET_BN(data, q);
++	OPENSSL_PKEY_SET_BN(data, g);
++	if (!p || !g || !DH_set0_pqg(dh, p, q, g)) {
+ 		return 0;
+ 	}
+-	if (dh->pub_key) {
+-		return 1;
++
++	OPENSSL_PKEY_SET_BN(data, priv_key);
++	OPENSSL_PKEY_SET_BN(data, pub_key);
++	if (pub_key) {
++		return DH_set0_key(dh, pub_key, priv_key);
++	}
++	if (priv_key) {
++		pub_key = php_openssl_dh_pub_from_priv(priv_key, g, p);
++		if (pub_key == NULL) {
++			return 0;
++		}
++		return DH_set0_key(dh, pub_key, priv_key);
+ 	}
+ 	PHP_OPENSSL_RAND_ADD_TIME();
+ 	if (!DH_generate_key(dh)) {
+@@ -3614,18 +3908,8 @@ PHP_FUNCTION(openssl_pkey_new)
+ 		    if (pkey) {
+ 				RSA *rsa = RSA_new();
+ 				if (rsa) {
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, n);
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, e);
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, d);
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, p);
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, q);
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, dmp1);
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, dmq1);
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, iqmp);
+-					if (rsa->n && rsa->d) {
+-						if (EVP_PKEY_assign_RSA(pkey, rsa)) {
+-							RETURN_RESOURCE(zend_list_insert(pkey, le_key TSRMLS_CC));
+-						}
++					if (php_openssl_pkey_init_and_assign_rsa(pkey, rsa, *data)) {
++						RETURN_RESOURCE(zend_list_insert(pkey, le_key TSRMLS_CC));
+ 					}
+ 					RSA_free(rsa);
+ 				}
+@@ -3638,12 +3922,7 @@ PHP_FUNCTION(openssl_pkey_new)
+ 		    if (pkey) {
+ 				DSA *dsa = DSA_new();
+ 				if (dsa) {
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, p);
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, q);
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, g);
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, priv_key);
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, pub_key);
+-					if (php_openssl_pkey_init_dsa(dsa)) {
++					if (php_openssl_pkey_init_dsa(dsa, *data)) {
+ 						if (EVP_PKEY_assign_DSA(pkey, dsa)) {
+ 							RETURN_RESOURCE(zend_list_insert(pkey, le_key TSRMLS_CC));
+ 						}
+@@ -3659,11 +3938,7 @@ PHP_FUNCTION(openssl_pkey_new)
+ 		    if (pkey) {
+ 				DH *dh = DH_new();
+ 				if (dh) {
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, p);
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, g);
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, priv_key);
+-					OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, pub_key);
+-					if (php_openssl_pkey_init_dh(dh)) {
++					if (php_openssl_pkey_init_dh(dh, *data)) {
+ 						if (EVP_PKEY_assign_DH(pkey, dh)) {
+ 							RETURN_RESOURCE(zend_list_insert(pkey, le_key TSRMLS_CC));
+ 						}
+@@ -3738,10 +4013,10 @@ PHP_FUNCTION(openssl_pkey_export_to_file)
+ 			cipher = NULL;
+ 		}
+ 
+-		switch (EVP_PKEY_type(key->type)) {
++		switch (EVP_PKEY_base_id(key)) {
+ #ifdef HAVE_EVP_PKEY_EC
+ 			case EVP_PKEY_EC:
+-				pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get1_EC_KEY(key), cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL);
++				pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get0_EC_KEY(key), cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL);
+ 				break;
+ #endif
+ 			default:
+@@ -3807,7 +4082,7 @@ PHP_FUNCTION(openssl_pkey_export)
+ 			cipher = NULL;
+ 		}
+ 
+-		switch (EVP_PKEY_type(key->type)) {
++		switch (EVP_PKEY_base_id(key)) {
+ #ifdef HAVE_EVP_PKEY_EC
+ 			case EVP_PKEY_EC:
+ 				pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get1_EC_KEY(key), cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL);
+@@ -3928,25 +4203,33 @@ PHP_FUNCTION(openssl_pkey_get_details)
+ 	/*TODO: Use the real values once the openssl constants are used 
+ 	 * See the enum at the top of this file
+ 	 */
+-	switch (EVP_PKEY_type(pkey->type)) {
++	switch (EVP_PKEY_base_id(pkey)) {
+ 		case EVP_PKEY_RSA:
+ 		case EVP_PKEY_RSA2:
+-			ktype = OPENSSL_KEYTYPE_RSA;
+-
+-			if (pkey->pkey.rsa != NULL) {
+-				zval *rsa;
+-
+-				ALLOC_INIT_ZVAL(rsa);
+-				array_init(rsa);
+-				OPENSSL_PKEY_GET_BN(rsa, n);
+-				OPENSSL_PKEY_GET_BN(rsa, e);
+-				OPENSSL_PKEY_GET_BN(rsa, d);
+-				OPENSSL_PKEY_GET_BN(rsa, p);
+-				OPENSSL_PKEY_GET_BN(rsa, q);
+-				OPENSSL_PKEY_GET_BN(rsa, dmp1);
+-				OPENSSL_PKEY_GET_BN(rsa, dmq1);
+-				OPENSSL_PKEY_GET_BN(rsa, iqmp);
+-				add_assoc_zval(return_value, "rsa", rsa);
++			{
++				RSA *rsa = EVP_PKEY_get0_RSA(pkey);
++				ktype = OPENSSL_KEYTYPE_RSA;
++
++				if (rsa != NULL) {
++					zval *z_rsa;
++					const BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp;
++
++					RSA_get0_key(rsa, &n, &e, &d);
++					RSA_get0_factors(rsa, &p, &q);
++					RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
++
++					ALLOC_INIT_ZVAL(z_rsa);
++					array_init(z_rsa);
++					OPENSSL_PKEY_GET_BN(z_rsa, n);
++					OPENSSL_PKEY_GET_BN(z_rsa, e);
++					OPENSSL_PKEY_GET_BN(z_rsa, d);
++					OPENSSL_PKEY_GET_BN(z_rsa, p);
++					OPENSSL_PKEY_GET_BN(z_rsa, q);
++					OPENSSL_PKEY_GET_BN(z_rsa, dmp1);
++					OPENSSL_PKEY_GET_BN(z_rsa, dmq1);
++					OPENSSL_PKEY_GET_BN(z_rsa, iqmp);
++					add_assoc_zval(return_value, "rsa", z_rsa);
++				}
+ 			}
+ 
+ 			break;	
+@@ -3954,42 +4237,55 @@ PHP_FUNCTION(openssl_pkey_get_details)
+ 		case EVP_PKEY_DSA2:
+ 		case EVP_PKEY_DSA3:
+ 		case EVP_PKEY_DSA4:
+-			ktype = OPENSSL_KEYTYPE_DSA;
+-
+-			if (pkey->pkey.dsa != NULL) {
+-				zval *dsa;
+-
+-				ALLOC_INIT_ZVAL(dsa);
+-				array_init(dsa);
+-				OPENSSL_PKEY_GET_BN(dsa, p);
+-				OPENSSL_PKEY_GET_BN(dsa, q);
+-				OPENSSL_PKEY_GET_BN(dsa, g);
+-				OPENSSL_PKEY_GET_BN(dsa, priv_key);
+-				OPENSSL_PKEY_GET_BN(dsa, pub_key);
+-				add_assoc_zval(return_value, "dsa", dsa);
++			{
++				DSA *dsa = EVP_PKEY_get0_DSA(pkey);
++				ktype = OPENSSL_KEYTYPE_DSA;
++
++				if (dsa != NULL) {
++					zval *z_dsa;
++					const BIGNUM *p, *q, *g, *priv_key, *pub_key;
++
++					DSA_get0_pqg(dsa, &p, &q, &g);
++					DSA_get0_key(dsa, &pub_key, &priv_key);
++
++					ALLOC_INIT_ZVAL(z_dsa);
++					array_init(z_dsa);
++					OPENSSL_PKEY_GET_BN(z_dsa, p);
++					OPENSSL_PKEY_GET_BN(z_dsa, q);
++					OPENSSL_PKEY_GET_BN(z_dsa, g);
++					OPENSSL_PKEY_GET_BN(z_dsa, priv_key);
++					OPENSSL_PKEY_GET_BN(z_dsa, pub_key);
++					add_assoc_zval(return_value, "dsa", z_dsa);
++				}
+ 			}
+ 			break;
+ 		case EVP_PKEY_DH:
+-			
+-			ktype = OPENSSL_KEYTYPE_DH;
+-
+-			if (pkey->pkey.dh != NULL) {
+-				zval *dh;
+-
+-				ALLOC_INIT_ZVAL(dh);
+-				array_init(dh);
+-				OPENSSL_PKEY_GET_BN(dh, p);
+-				OPENSSL_PKEY_GET_BN(dh, g);
+-				OPENSSL_PKEY_GET_BN(dh, priv_key);
+-				OPENSSL_PKEY_GET_BN(dh, pub_key);
+-				add_assoc_zval(return_value, "dh", dh);
++			{
++				DH *dh = EVP_PKEY_get0_DH(pkey);
++				ktype = OPENSSL_KEYTYPE_DH;
++
++				if (dh != NULL) {
++					zval *z_dh;
++					const BIGNUM *p, *q, *g, *priv_key, *pub_key;
++
++					DH_get0_pqg(dh, &p, &q, &g);
++					DH_get0_key(dh, &pub_key, &priv_key);
++
++					ALLOC_INIT_ZVAL(z_dh);
++					array_init(z_dh);
++					OPENSSL_PKEY_GET_BN(z_dh, p);
++					OPENSSL_PKEY_GET_BN(z_dh, g);
++					OPENSSL_PKEY_GET_BN(z_dh, priv_key);
++					OPENSSL_PKEY_GET_BN(z_dh, pub_key);
++					add_assoc_zval(return_value, "dh", z_dh);
++				}
+ 			}
+ 
+ 			break;
+ #ifdef HAVE_EVP_PKEY_EC
+ 		case EVP_PKEY_EC:
+ 			ktype = OPENSSL_KEYTYPE_EC;
+-			if (pkey->pkey.ec != NULL) {
++			if (EVP_PKEY_get0_EC_KEY(pkey) != NULL) {
+ 				zval *ec;
+ 				const EC_GROUP *ec_group;
+ 				int nid;
+@@ -4546,13 +4842,13 @@ PHP_FUNCTION(openssl_private_encrypt)
+ 	cryptedlen = EVP_PKEY_size(pkey);
+ 	cryptedbuf = emalloc(cryptedlen + 1);
+ 
+-	switch (pkey->type) {
++	switch (EVP_PKEY_id(pkey)) {
+ 		case EVP_PKEY_RSA:
+ 		case EVP_PKEY_RSA2:
+ 			successful =  (RSA_private_encrypt(data_len, 
+ 						(unsigned char *)data, 
+ 						cryptedbuf, 
+-						pkey->pkey.rsa, 
++						EVP_PKEY_get0_RSA(pkey), 
+ 						padding) == cryptedlen);
+ 			break;
+ 		default:
+@@ -4604,13 +4900,13 @@ PHP_FUNCTION(openssl_private_decrypt)
+ 	cryptedlen = EVP_PKEY_size(pkey);
+ 	crypttemp = emalloc(cryptedlen + 1);
+ 
+-	switch (pkey->type) {
++	switch (EVP_PKEY_id(pkey)) {
+ 		case EVP_PKEY_RSA:
+ 		case EVP_PKEY_RSA2:
+ 			cryptedlen = RSA_private_decrypt(data_len, 
+ 					(unsigned char *)data, 
+ 					crypttemp, 
+-					pkey->pkey.rsa, 
++					EVP_PKEY_get0_RSA(pkey), 
+ 					padding);
+ 			if (cryptedlen != -1) {
+ 				cryptedbuf = emalloc(cryptedlen + 1);
+@@ -4669,13 +4965,13 @@ PHP_FUNCTION(openssl_public_encrypt)
+ 	cryptedlen = EVP_PKEY_size(pkey);
+ 	cryptedbuf = emalloc(cryptedlen + 1);
+ 
+-	switch (pkey->type) {
++	switch (EVP_PKEY_id(pkey)) {
+ 		case EVP_PKEY_RSA:
+ 		case EVP_PKEY_RSA2:
+ 			successful = (RSA_public_encrypt(data_len, 
+ 						(unsigned char *)data, 
+ 						cryptedbuf, 
+-						pkey->pkey.rsa, 
++						EVP_PKEY_get0_RSA(pkey), 
+ 						padding) == cryptedlen);
+ 			break;
+ 		default:
+@@ -4728,13 +5024,13 @@ PHP_FUNCTION(openssl_public_decrypt)
+ 	cryptedlen = EVP_PKEY_size(pkey);
+ 	crypttemp = emalloc(cryptedlen + 1);
+ 
+-	switch (pkey->type) {
++	switch (EVP_PKEY_id(pkey)) {
+ 		case EVP_PKEY_RSA:
+ 		case EVP_PKEY_RSA2:
+ 			cryptedlen = RSA_public_decrypt(data_len, 
+ 					(unsigned char *)data, 
+ 					crypttemp, 
+-					pkey->pkey.rsa, 
++					EVP_PKEY_get0_RSA(pkey), 
+ 					padding);
+ 			if (cryptedlen != -1) {
+ 				cryptedbuf = emalloc(cryptedlen + 1);
+@@ -4798,7 +5094,7 @@ PHP_FUNCTION(openssl_sign)
+ 	long keyresource = -1;
+ 	char * data;
+ 	int data_len;
+-	EVP_MD_CTX md_ctx;
++	EVP_MD_CTX *md_ctx;
+ 	zval *method = NULL;
+ 	long signature_algo = OPENSSL_ALGO_SHA1;
+ 	const EVP_MD *mdtype;
+@@ -4831,9 +5127,10 @@ PHP_FUNCTION(openssl_sign)
+ 	siglen = EVP_PKEY_size(pkey);
+ 	sigbuf = emalloc(siglen + 1);
+ 
+-	EVP_SignInit(&md_ctx, mdtype);
+-	EVP_SignUpdate(&md_ctx, data, data_len);
+-	if (EVP_SignFinal (&md_ctx, sigbuf,(unsigned int *)&siglen, pkey)) {
++	md_ctx = EVP_MD_CTX_create();
++	EVP_SignInit(md_ctx, mdtype);
++	EVP_SignUpdate(md_ctx, data, data_len);
++	if (EVP_SignFinal (md_ctx, sigbuf,(unsigned int *)&siglen, pkey)) {
+ 		zval_dtor(signature);
+ 		sigbuf[siglen] = '\0';
+ 		ZVAL_STRINGL(signature, (char *)sigbuf, siglen, 0);
+@@ -4842,7 +5139,7 @@ PHP_FUNCTION(openssl_sign)
+ 		efree(sigbuf);
+ 		RETVAL_FALSE;
+ 	}
+-	EVP_MD_CTX_cleanup(&md_ctx);
++	EVP_MD_CTX_destroy(md_ctx);
+ 	if (keyresource == -1) {
+ 		EVP_PKEY_free(pkey);
+ 	}
+@@ -4856,7 +5153,7 @@ PHP_FUNCTION(openssl_verify)
+ 	zval **key;
+ 	EVP_PKEY *pkey;
+ 	int err;
+-	EVP_MD_CTX     md_ctx;
++	EVP_MD_CTX     *md_ctx;
+ 	const EVP_MD *mdtype;
+ 	long keyresource = -1;
+ 	char * data;	int data_len;
+@@ -4890,10 +5187,11 @@ PHP_FUNCTION(openssl_verify)
+ 		RETURN_FALSE;
+ 	}
+ 
+-	EVP_VerifyInit   (&md_ctx, mdtype);
+-	EVP_VerifyUpdate (&md_ctx, data, data_len);
+-	err = EVP_VerifyFinal (&md_ctx, (unsigned char *)signature, signature_len, pkey);
+-	EVP_MD_CTX_cleanup(&md_ctx);
++	md_ctx = EVP_MD_CTX_create();
++	EVP_VerifyInit   (md_ctx, mdtype);
++	EVP_VerifyUpdate (md_ctx, data, data_len);
++	err = EVP_VerifyFinal (md_ctx, (unsigned char *)signature, signature_len, pkey);
++	EVP_MD_CTX_destroy(md_ctx);
+ 
+ 	if (keyresource == -1) {
+ 		EVP_PKEY_free(pkey);
+@@ -4917,7 +5215,7 @@ PHP_FUNCTION(openssl_seal)
+ 	char *method =NULL;
+ 	int method_len = 0;
+ 	const EVP_CIPHER *cipher;
+-	EVP_CIPHER_CTX ctx;
++	EVP_CIPHER_CTX *ctx;
+ 
+ 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szza/|s", &data, &data_len, &sealdata, &ekeys, &pubkeys, &method, &method_len) == FAILURE) {
+ 		return;
+@@ -4950,6 +5248,7 @@ PHP_FUNCTION(openssl_seal)
+ 	memset(eks, 0, sizeof(*eks) * nkeys);
+ 	key_resources = safe_emalloc(nkeys, sizeof(long), 0);
+ 	memset(key_resources, 0, sizeof(*key_resources) * nkeys);
++	memset(pkeys, 0, sizeof(*pkeys) * nkeys);
+ 
+ 	/* get the public keys we are using to seal this data */
+ 	zend_hash_internal_pointer_reset_ex(pubkeysht, &pos);
+@@ -4967,27 +5266,28 @@ PHP_FUNCTION(openssl_seal)
+ 		i++;
+ 	}
+ 
+-	if (!EVP_EncryptInit(&ctx,cipher,NULL,NULL)) {
++	ctx = EVP_CIPHER_CTX_new();
++	if (ctx == NULL || !EVP_EncryptInit(ctx,cipher,NULL,NULL)) {
+ 		RETVAL_FALSE;
+-		EVP_CIPHER_CTX_cleanup(&ctx);
++		EVP_CIPHER_CTX_free(ctx);
+ 		goto clean_exit;
+ 	}
+ 
+ #if 0
+ 	/* Need this if allow ciphers that require initialization vector */
+-	ivlen = EVP_CIPHER_CTX_iv_length(&ctx);
++	ivlen = EVP_CIPHER_CTX_iv_length(ctx);
+ 	iv = ivlen ? emalloc(ivlen + 1) : NULL;
+ #endif
+ 	/* allocate one byte extra to make room for \0 */
+-	buf = emalloc(data_len + EVP_CIPHER_CTX_block_size(&ctx));
+-	EVP_CIPHER_CTX_cleanup(&ctx);
++	buf = emalloc(data_len + EVP_CIPHER_CTX_block_size(ctx));
++	EVP_CIPHER_CTX_cleanup(ctx);
+ 
+-	if (EVP_SealInit(&ctx, cipher, eks, eksl, NULL, pkeys, nkeys) <= 0 ||
+-			!EVP_SealUpdate(&ctx, buf, &len1, (unsigned char *)data, data_len) ||
+-			!EVP_SealFinal(&ctx, buf + len1, &len2)) {
++	if (EVP_SealInit(ctx, cipher, eks, eksl, NULL, pkeys, nkeys) <= 0 ||
++			!EVP_SealUpdate(ctx, buf, &len1, (unsigned char *)data, data_len) ||
++			!EVP_SealFinal(ctx, buf + len1, &len2)) {
+ 		RETVAL_FALSE;
+ 		efree(buf);
+-		EVP_CIPHER_CTX_cleanup(&ctx);
++		EVP_CIPHER_CTX_free(ctx);
+ 		goto clean_exit;
+ 	}
+ 
+@@ -5018,7 +5318,7 @@ PHP_FUNCTION(openssl_seal)
+ 		efree(buf);
+ 	}
+ 	RETVAL_LONG(len1 + len2);
+-	EVP_CIPHER_CTX_cleanup(&ctx);
++	EVP_CIPHER_CTX_free(ctx);
+ 
+ clean_exit:
+ 	for (i=0; i<nkeys; i++) {
+@@ -5045,7 +5345,7 @@ PHP_FUNCTION(openssl_open)
+ 	int len1, len2;
+ 	unsigned char *buf;
+ 	long keyresource = -1;
+-	EVP_CIPHER_CTX ctx;
++	EVP_CIPHER_CTX *ctx;
+ 	char * data;	int data_len;
+ 	char * ekey;	int ekey_len;
+ 	char *method =NULL;
+@@ -5074,8 +5374,9 @@ PHP_FUNCTION(openssl_open)
+ 	
+ 	buf = emalloc(data_len + 1);
+ 
+-	if (EVP_OpenInit(&ctx, cipher, (unsigned char *)ekey, ekey_len, NULL, pkey) && EVP_OpenUpdate(&ctx, buf, &len1, (unsigned char *)data, data_len)) {
+-		if (!EVP_OpenFinal(&ctx, buf + len1, &len2) || (len1 + len2 == 0)) {
++	ctx = EVP_CIPHER_CTX_new();
++	if (EVP_OpenInit(ctx, cipher, (unsigned char *)ekey, ekey_len, NULL, pkey) && EVP_OpenUpdate(ctx, buf, &len1, (unsigned char *)data, data_len)) {
++		if (!EVP_OpenFinal(ctx, buf + len1, &len2) || (len1 + len2 == 0)) {
+ 			efree(buf);
+ 			RETVAL_FALSE;
+ 		} else {
+@@ -5091,7 +5392,7 @@ PHP_FUNCTION(openssl_open)
+ 	if (keyresource == -1) {
+ 		EVP_PKEY_free(pkey);
+ 	}
+-	EVP_CIPHER_CTX_cleanup(&ctx);
++	EVP_CIPHER_CTX_free(ctx);
+ }
+ /* }}} */
+ 
+@@ -5151,7 +5452,7 @@ PHP_FUNCTION(openssl_digest)
+ 	char *data, *method;
+ 	int data_len, method_len;
+ 	const EVP_MD *mdtype;
+-	EVP_MD_CTX md_ctx;
++	EVP_MD_CTX *md_ctx;
+ 	int siglen;
+ 	unsigned char *sigbuf;
+ 
+@@ -5167,9 +5468,10 @@ PHP_FUNCTION(openssl_digest)
+ 	siglen = EVP_MD_size(mdtype);
+ 	sigbuf = emalloc(siglen + 1);
+ 
+-	EVP_DigestInit(&md_ctx, mdtype);
+-	EVP_DigestUpdate(&md_ctx, (unsigned char *)data, data_len);
+-	if (EVP_DigestFinal (&md_ctx, (unsigned char *)sigbuf, (unsigned int *)&siglen)) {
++	md_ctx = EVP_MD_CTX_create();
++	EVP_DigestInit(md_ctx, mdtype);
++	EVP_DigestUpdate(md_ctx, (unsigned char *)data, data_len);
++	if (EVP_DigestFinal (md_ctx, (unsigned char *)sigbuf, (unsigned int *)&siglen)) {
+ 		if (raw_output) {
+ 			sigbuf[siglen] = '\0';
+ 			RETVAL_STRINGL((char *)sigbuf, siglen, 0);
+@@ -5185,6 +5487,8 @@ PHP_FUNCTION(openssl_digest)
+ 		efree(sigbuf);
+ 		RETVAL_FALSE;
+ 	}
++
++	EVP_MD_CTX_destroy(md_ctx);
+ }
+ /* }}} */
+ 
+@@ -5230,7 +5534,7 @@ PHP_FUNCTION(openssl_encrypt)
+ 	char *data, *method, *password, *iv = "";
+ 	int data_len, method_len, password_len, iv_len = 0, max_iv_len;
+ 	const EVP_CIPHER *cipher_type;
+-	EVP_CIPHER_CTX cipher_ctx;
++	EVP_CIPHER_CTX *cipher_ctx;
+ 	int i=0, outlen, keylen;
+ 	unsigned char *outbuf, *key;
+ 	zend_bool free_iv;
+@@ -5262,19 +5566,24 @@ PHP_FUNCTION(openssl_encrypt)
+ 	outlen = data_len + EVP_CIPHER_block_size(cipher_type);
+ 	outbuf = safe_emalloc(outlen, 1, 1);
+ 
+-	EVP_EncryptInit(&cipher_ctx, cipher_type, NULL, NULL);
++	cipher_ctx = EVP_CIPHER_CTX_new();
++	if (!cipher_ctx) {
++		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to create cipher context");
++		RETURN_FALSE;
++	}
++	EVP_EncryptInit(cipher_ctx, cipher_type, NULL, NULL);
+ 	if (password_len > keylen) {
+-		EVP_CIPHER_CTX_set_key_length(&cipher_ctx, password_len);
++		EVP_CIPHER_CTX_set_key_length(cipher_ctx, password_len);
+ 	}
+-	EVP_EncryptInit_ex(&cipher_ctx, NULL, NULL, key, (unsigned char *)iv);
++	EVP_EncryptInit_ex(cipher_ctx, NULL, NULL, key, (unsigned char *)iv);
+ 	if (options & OPENSSL_ZERO_PADDING) {
+-		EVP_CIPHER_CTX_set_padding(&cipher_ctx, 0);
++		EVP_CIPHER_CTX_set_padding(cipher_ctx, 0);
+ 	}
+ 	if (data_len > 0) {
+-		EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, data_len);
++		EVP_EncryptUpdate(cipher_ctx, outbuf, &i, (unsigned char *)data, data_len);
+ 	}
+ 	outlen = i;
+-	if (EVP_EncryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) {
++	if (EVP_EncryptFinal(cipher_ctx, (unsigned char *)outbuf + i, &i)) {
+ 		outlen += i;
+ 		if (options & OPENSSL_RAW_DATA) {
+ 			outbuf[outlen] = '\0';
+@@ -5301,7 +5610,8 @@ PHP_FUNCTION(openssl_encrypt)
+ 	if (free_iv) {
+ 		efree(iv);
+ 	}
+-	EVP_CIPHER_CTX_cleanup(&cipher_ctx);
++	EVP_CIPHER_CTX_cleanup(cipher_ctx);
++	EVP_CIPHER_CTX_free(cipher_ctx);
+ }
+ /* }}} */
+ 
+@@ -5313,7 +5623,7 @@ PHP_FUNCTION(openssl_decrypt)
+ 	char *data, *method, *password, *iv = "";
+ 	int data_len, method_len, password_len, iv_len = 0;
+ 	const EVP_CIPHER *cipher_type;
+-	EVP_CIPHER_CTX cipher_ctx;
++	EVP_CIPHER_CTX *cipher_ctx;
+ 	int i, outlen, keylen;
+ 	unsigned char *outbuf, *key;
+ 	int base64_str_len;
+@@ -5359,17 +5669,23 @@ PHP_FUNCTION(openssl_decrypt)
+ 	outlen = data_len + EVP_CIPHER_block_size(cipher_type);
+ 	outbuf = emalloc(outlen + 1);
+ 
+-	EVP_DecryptInit(&cipher_ctx, cipher_type, NULL, NULL);
++	cipher_ctx = EVP_CIPHER_CTX_new();
++	if (!cipher_ctx) {
++		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to create cipher context");
++		RETURN_FALSE;
++	}
++
++	EVP_DecryptInit(cipher_ctx, cipher_type, NULL, NULL);
+ 	if (password_len > keylen) {
+-		EVP_CIPHER_CTX_set_key_length(&cipher_ctx, password_len);
++		EVP_CIPHER_CTX_set_key_length(cipher_ctx, password_len);
+ 	}
+-	EVP_DecryptInit_ex(&cipher_ctx, NULL, NULL, key, (unsigned char *)iv);
++	EVP_DecryptInit_ex(cipher_ctx, NULL, NULL, key, (unsigned char *)iv);
+ 	if (options & OPENSSL_ZERO_PADDING) {
+-		EVP_CIPHER_CTX_set_padding(&cipher_ctx, 0);
++		EVP_CIPHER_CTX_set_padding(cipher_ctx, 0);
+ 	}
+-	EVP_DecryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, data_len);
++	EVP_DecryptUpdate(cipher_ctx, outbuf, &i, (unsigned char *)data, data_len);
+ 	outlen = i;
+-	if (EVP_DecryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) {
++	if (EVP_DecryptFinal(cipher_ctx, (unsigned char *)outbuf + i, &i)) {
+ 		outlen += i;
+ 		outbuf[outlen] = '\0';
+ 		RETVAL_STRINGL((char *)outbuf, outlen, 0);
+@@ -5386,7 +5702,8 @@ PHP_FUNCTION(openssl_decrypt)
+ 	if (base64_str) {
+ 		efree(base64_str);
+ 	}
+- 	EVP_CIPHER_CTX_cleanup(&cipher_ctx);
++ 	EVP_CIPHER_CTX_cleanup(cipher_ctx);
++ 	EVP_CIPHER_CTX_free(cipher_ctx);
+ }
+ /* }}} */
+ 
+@@ -5424,6 +5741,7 @@ PHP_FUNCTION(openssl_dh_compute_key)
+ 	zval *key;
+ 	char *pub_str;
+ 	int pub_len;
++	DH *dh;
+ 	EVP_PKEY *pkey;
+ 	BIGNUM *pub;
+ 	char *data;
+@@ -5433,14 +5751,21 @@ PHP_FUNCTION(openssl_dh_compute_key)
+ 		return;
+ 	}
+ 	ZEND_FETCH_RESOURCE(pkey, EVP_PKEY *, &key, -1, "OpenSSL key", le_key);
+-	if (!pkey || EVP_PKEY_type(pkey->type) != EVP_PKEY_DH || !pkey->pkey.dh) {
++	if (pkey == NULL) {
++		RETURN_FALSE;
++	}
++	if (EVP_PKEY_base_id(pkey) != EVP_PKEY_DH) {
++		RETURN_FALSE;
++	}
++	dh = EVP_PKEY_get0_DH(pkey);
++	if (dh == NULL) {
+ 		RETURN_FALSE;
+ 	}
+ 
+ 	pub = BN_bin2bn((unsigned char*)pub_str, pub_len, NULL);
+ 
+-	data = emalloc(DH_size(pkey->pkey.dh) + 1);
+-	len = DH_compute_key((unsigned char*)data, pub, pkey->pkey.dh);
++	data = emalloc(DH_size(dh) + 1);
++	len = DH_compute_key((unsigned char*)data, pub, dh);
+ 
+ 	if (len >= 0) {
+ 		data[len] = 0;
+diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c
+index d549033..c2d477c 100644
+--- a/ext/openssl/xp_ssl.c
++++ b/ext/openssl/xp_ssl.c
+@@ -935,7 +935,7 @@ static int set_local_cert(SSL_CTX *ctx, php_stream *stream TSRMLS_DC) /* {{{ */
+ static const SSL_METHOD *php_select_crypto_method(long method_value, int is_client TSRMLS_DC) /* {{{ */
+ {
+ 	if (method_value == STREAM_CRYPTO_METHOD_SSLv2) {
+-#ifndef OPENSSL_NO_SSL2
++#if !defined(OPENSSL_NO_SSL2) && OPENSSL_VERSION_NUMBER < 0x10100000L
+ 		return is_client ? SSLv2_client_method() : SSLv2_server_method();
+ #else
+ 		php_error_docref(NULL TSRMLS_CC, E_WARNING,
+@@ -1588,12 +1588,26 @@ int php_openssl_setup_crypto(php_stream *stream,
+ }
+ /* }}} */
+ 
++#define PHP_SSL_MAX_VERSION_LEN 32
++
++static char *php_ssl_cipher_get_version(const SSL_CIPHER *c, char *buffer, size_t max_len) /* {{{ */
++{
++	const char *version = SSL_CIPHER_get_version(c);
++	strncpy(buffer, version, max_len);
++	if (max_len <= strlen(version)) {
++		buffer[max_len - 1] = 0;
++	}
++	return buffer;
++}
++/* }}} */
++
+ static zval *capture_session_meta(SSL *ssl_handle) /* {{{ */
+ {
+ 	zval *meta_arr;
+ 	char *proto_str;
+ 	long proto = SSL_version(ssl_handle);
+ 	const SSL_CIPHER *cipher = SSL_get_current_cipher(ssl_handle);
++	char version_str[PHP_SSL_MAX_VERSION_LEN];
+ 
+ 	switch (proto) {
+ #if OPENSSL_VERSION_NUMBER >= 0x10001001L
+@@ -1611,7 +1625,7 @@ static zval *capture_session_meta(SSL *ssl_handle) /* {{{ */
+ 	add_assoc_string(meta_arr, "protocol", proto_str, 1);
+ 	add_assoc_string(meta_arr, "cipher_name", (char *) SSL_CIPHER_get_name(cipher), 1);
+ 	add_assoc_long(meta_arr, "cipher_bits", SSL_CIPHER_get_bits(cipher, NULL));
+-	add_assoc_string(meta_arr, "cipher_version", SSL_CIPHER_get_version(cipher), 1);
++	add_assoc_string(meta_arr, "cipher_version", php_ssl_cipher_get_version(cipher, version_str, PHP_SSL_MAX_VERSION_LEN), 1);
+ 
+ 	return meta_arr;
+ }
+diff --git a/ext/phar/util.c b/ext/phar/util.c
+index 828be8f..06e4e55 100644
+--- a/ext/phar/util.c
++++ b/ext/phar/util.c
+@@ -1531,7 +1531,7 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, php_uint32 sig_typ
+ 			BIO *in;
+ 			EVP_PKEY *key;
+ 			EVP_MD *mdtype = (EVP_MD *) EVP_sha1();
+-			EVP_MD_CTX md_ctx;
++			EVP_MD_CTX *md_ctx;
+ #else
+ 			int tempsig;
+ #endif
+@@ -1608,7 +1608,8 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, php_uint32 sig_typ
+ 				return FAILURE;
+ 			}
+ 
+-			EVP_VerifyInit(&md_ctx, mdtype);
++			md_ctx = EVP_MD_CTX_create();
++			EVP_VerifyInit(md_ctx, mdtype);
+ 			read_len = end_of_phar;
+ 
+ 			if (read_len > sizeof(buf)) {
+@@ -1620,7 +1621,7 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, php_uint32 sig_typ
+ 			php_stream_seek(fp, 0, SEEK_SET);
+ 
+ 			while (read_size && (len = php_stream_read(fp, (char*)buf, read_size)) > 0) {
+-				EVP_VerifyUpdate (&md_ctx, buf, len);
++				EVP_VerifyUpdate (md_ctx, buf, len);
+ 				read_len -= (off_t)len;
+ 
+ 				if (read_len < read_size) {
+@@ -1628,9 +1629,9 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, php_uint32 sig_typ
+ 				}
+ 			}
+ 
+-			if (EVP_VerifyFinal(&md_ctx, (unsigned char *)sig, sig_len, key) != 1) {
++			if (EVP_VerifyFinal(md_ctx, (unsigned char *)sig, sig_len, key) != 1) {
+ 				/* 1: signature verified, 0: signature does not match, -1: failed signature operation */
+-				EVP_MD_CTX_cleanup(&md_ctx);
++				EVP_MD_CTX_destroy(md_ctx);
+ 
+ 				if (error) {
+ 					spprintf(error, 0, "broken openssl signature");
+@@ -1639,7 +1640,7 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, php_uint32 sig_typ
+ 				return FAILURE;
+ 			}
+ 
+-			EVP_MD_CTX_cleanup(&md_ctx);
++			EVP_MD_CTX_destroy(md_ctx);
+ #endif
+ 
+ 			*signature_len = phar_hex_str((const char*)sig, sig_len, signature TSRMLS_CC);
+-- 
+2.7.4
+
diff --git a/meta-openembedded/meta-oe/recipes-devtools/php/php/CVE-2017-9120.patch b/meta-openembedded/meta-oe/recipes-devtools/php/php/CVE-2017-9120.patch
new file mode 100644
index 000000000..728f25bb6
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/php/php/CVE-2017-9120.patch
@@ -0,0 +1,21 @@
+php: patch for CVE-2017-9120
+
+Upstream-Status: Backport [https://bugs.php.net/bug.php?id=74544]
+
+CVE: CVE-2017-9120
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+
+diff --git a/ext/mysqli/mysqli_api.c b/ext/mysqli/mysqli_api.c
+index 03a39d7..7b88731 100644
+--- a/ext/mysqli/mysqli_api.c
++++ b/ext/mysqli/mysqli_api.c
+@@ -1965,7 +1965,7 @@ PHP_FUNCTION(mysqli_real_escape_string) {
+ 	}
+ 	MYSQLI_FETCH_RESOURCE_CONN(mysql, mysql_link, MYSQLI_STATUS_VALID);
+ 
+-	newstr = zend_string_alloc(2 * escapestr_len, 0);
++	newstr = zend_string_safe_alloc(2, escapestr_len, 0, 0);
+ 	ZSTR_LEN(newstr) = mysql_real_escape_string(mysql->mysql, ZSTR_VAL(newstr), escapestr, escapestr_len);
+ 	newstr = zend_string_truncate(newstr, ZSTR_LEN(newstr), 0);
+ 
diff --git a/meta-openembedded/meta-oe/recipes-devtools/php/php_5.6.35.bb b/meta-openembedded/meta-oe/recipes-devtools/php/php_5.6.38.bb
index c17c0d6a2..d6f51454f 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/php/php_5.6.35.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/php/php_5.6.38.bb
@@ -7,6 +7,7 @@ SRC_URI += "file://php5-change-AC_TRY_RUN-to-AC_TRY_LINK.patch \
             file://0001-Add-lpthread-to-link.patch \
             file://acinclude-xml2-config.patch \
             file://0001-acinclude-use-pkgconfig-for-libxml2-config.patch \
+            file://0001-PHP-5.6-LibSSL-1.1-compatibility.patch \
             "
 
 SRC_URI_append_class-target = " \
@@ -15,8 +16,8 @@ SRC_URI_append_class-target = " \
                                 file://php5-0001-opcache-config.m4-enable-opcache.patch \
                                 "
 
-SRC_URI[md5sum] = "905ae5f586351f3ca29d044c9484d475"
-SRC_URI[sha256sum] = "ee78a7e9ca21d8ea394d037c55effff477a49dbae31c7753c547036f5bd73b92"
+SRC_URI[md5sum] = "5b98aa066567eca8e5738b8ef4a3545c"
+SRC_URI[sha256sum] = "d65b231bbdd63be4439ef5ced965cfd63e62983429dbd4dfcfb49981593ebc03"
 
 DEPENDS += "libmcrypt"
 EXTRA_OECONF += "--with-mcrypt=${STAGING_DIR_TARGET}${exec_prefix} \
diff --git a/meta-openembedded/meta-oe/recipes-devtools/php/php_7.2.7.bb b/meta-openembedded/meta-oe/recipes-devtools/php/php_7.2.10.bb
index a256cd750..8dc64bb89 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/php/php_7.2.7.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/php/php_7.2.10.bb
@@ -5,6 +5,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=67e369bc8d1f2e641236b8002039a6a2"
 SRC_URI += "file://change-AC_TRY_RUN-to-AC_TRY_LINK.patch \
             file://0001-acinclude.m4-skip-binconfig-check-for-libxml.patch \
             file://0001-fix-error-caused-by-a-new-variable-is-declared-after.patch \
+            file://CVE-2017-9120.patch \
            "
 SRC_URI_append_class-target = " \
                                 file://pear-makefile.patch \
@@ -12,12 +13,13 @@ SRC_URI_append_class-target = " \
                                 file://0001-opcache-config.m4-enable-opcache.patch \
                                 "
 
-SRC_URI[md5sum] = "4b5698c8c6c2b9cbff3a5706da67bb0f"
-SRC_URI[sha256sum] = "cc81675a96af4dd18d8ffc02f26a36c622abadf86af7ecfea7bcde8d3c96d5a3"
+SRC_URI[md5sum] = "0ce8ff615bfb9de7a89bab8d742c11c0"
+SRC_URI[sha256sum] = "01b6129a0921a1636b07da9bc598a876669e45a462cef4b5844fc26862dbda9d"
 
 PACKAGECONFIG[mysql] = "--with-mysqli=${STAGING_BINDIR_CROSS}/mysql_config \
                         --with-pdo-mysql=${STAGING_BINDIR_CROSS}/mysql_config \
                         ,--without-mysqli --without-pdo-mysql \
                         ,mysql5"
+PACKAGECONFIG[valgrind] = "--with-valgrind=${STAGING_DIR_TARGET}/usr,--with-valgrind=no,valgrind"
 
 FILES_${PN}-fpm += "${sysconfdir}/php-fpm.d/www.conf.default"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf-c_1.3.0.bb b/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf-c_1.3.1.bb
index fe1e6e5fa..7ef030092 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf-c_1.3.0.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf-c_1.3.1.bb
@@ -8,24 +8,28 @@ has been split out into the protobuf-c-rpc project."
 HOMEPAGE = "https://github.com/protobuf-c/protobuf-c"
 SECTION = "console/tools"
 LICENSE = "BSD-2-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=cb901168715f4782a2b06c3ddaefa558"
 
 DEPENDS = "protobuf-native protobuf"
 
-PACKAGE_BEFORE_PN = "${PN}-compiler"
-RDEPENDS_${PN}-compiler = "protobuf-compiler"
-RDEPENDS_${PN}-dev += "${PN}-compiler"
-
-LIC_FILES_CHKSUM = "file://LICENSE;md5=cb901168715f4782a2b06c3ddaefa558"
-
 PV .= "+git${SRCPV}"
-SRCREV = "dac1a65feac4ad72f612aab99f487056fbcf5c1a"
+SRCREV = "269771b4b45d3aba04e59569f53600003db8d9ff"
 
 SRC_URI = "git://github.com/protobuf-c/protobuf-c.git"
 
 S = "${WORKDIR}/git"
 
+#make sure c++11 is used
+CXXFLAGS += "-std=c++11"
+BUILD_CXXFLAGS += "-std=c++11"
+
 inherit autotools pkgconfig
 
+PACKAGE_BEFORE_PN = "${PN}-compiler"
+
 FILES_${PN}-compiler = "${bindir}"
 
+RDEPENDS_${PN}-compiler = "protobuf-compiler"
+RDEPENDS_${PN}-dev += "${PN}-compiler"
+
 BBCLASSEXTEND = "native nativesdk"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf/0001-protobuf-fix-configure-error.patch b/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf/0001-protobuf-fix-configure-error.patch
new file mode 100644
index 000000000..a2f7a4b77
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf/0001-protobuf-fix-configure-error.patch
@@ -0,0 +1,33 @@
+From 52959e8e01e39139d18f752e97283e45b4b7a426 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Wed, 18 Jul 2018 17:52:34 +0800
+Subject: [PATCH] protobuf: fix configure error
+
+fix below error:
+gnu-configize: 'configure.ac' or 'configure.in' is required
+
+third_party/googletest is git submodule of protobuf. Above error
+caused by missing submodule googletest.
+
+Upstream-Status: Inappropriate [oe-specific]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ configure.ac | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index aec10cf..7fbe57d 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -214,7 +214,6 @@ AX_CXX_COMPILE_STDCXX([11], [noext], [mandatory])
+ #   too.
+ export CFLAGS
+ export CXXFLAGS
+-AC_CONFIG_SUBDIRS([third_party/googletest])
+ 
+ AC_CONFIG_FILES([Makefile src/Makefile benchmarks/Makefile conformance/Makefile protobuf.pc protobuf-lite.pc])
+ AC_OUTPUT
+-- 
+2.7.4
+
diff --git a/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf_3.5.1.bb b/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf_3.6.1.bb
index 073dfaef0..cf72d9ca7 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf_3.5.1.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf_3.6.1.bb
@@ -5,34 +5,29 @@ all of its internal RPC protocols and file formats."
 HOMEPAGE = "https://github.com/google/protobuf"
 SECTION = "console/tools"
 LICENSE = "BSD-3-Clause"
-
-PACKAGE_BEFORE_PN = "${PN}-compiler ${PN}-lite"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=37b5762e07f0af8c74ce80a8bda4266b"
 
 DEPENDS = "zlib"
-DEPENDS_append_class-target  = " protobuf-native"
-RDEPENDS_${PN}-compiler = "${PN}"
-RDEPENDS_${PN}-dev += "${PN}-compiler"
-RDEPENDS_${PN}-ptest = "bash ${@bb.utils.contains('PACKAGECONFIG', 'python', 'python-protobuf', '', d)}"
+DEPENDS_append_class-target = " protobuf-native"
 
-LIC_FILES_CHKSUM = "file://LICENSE;md5=35953c752efc9299b184f91bef540095"
+PV .= "+git${SRCPV}"
 
-SRCREV = "106ffc04be1abf3ff3399f54ccf149815b287dd9"
+SRCREV = "48cb18e5c419ddd23d9badcfe4e9df7bde1979b2"
 
-PV = "3.5.1+git${SRCPV}"
+SRC_URI = "git://github.com/google/protobuf.git;branch=3.6.x \
+           file://run-ptest \
+           file://0001-protobuf-fix-configure-error.patch \
+"
+S = "${WORKDIR}/git"
 
-SRC_URI = "git://github.com/google/protobuf.git;branch=3.5.x \
-	   file://run-ptest \
-          "
+inherit autotools-brokensep pkgconfig ptest
 
 PACKAGECONFIG ??= ""
 PACKAGECONFIG[python] = ",,"
 
-EXTRA_OECONF += " --with-protoc=echo"
-
-inherit autotools-brokensep pkgconfig ptest
+EXTRA_OECONF += "--with-protoc=echo"
 
-S = "${WORKDIR}/git"
-TEST_SRC_DIR="examples"
+TEST_SRC_DIR = "examples"
 LANG_SUPPORT = "cpp ${@bb.utils.contains('PACKAGECONFIG', 'python', 'python', '', d)}"
 
 do_compile_ptest() {
@@ -79,9 +74,20 @@ do_install_ptest() {
 	cd "$olddir"
 }
 
+PACKAGE_BEFORE_PN = "${PN}-compiler ${PN}-lite"
+
 FILES_${PN}-compiler = "${bindir} ${libdir}/libprotoc${SOLIBS}"
-FILES_${PN}-lite = "${bindir} ${libdir}/libprotobuf-lite${SOLIBS}"
+FILES_${PN}-lite = "${libdir}/libprotobuf-lite${SOLIBS}"
+
+RDEPENDS_${PN}-compiler = "${PN}"
+RDEPENDS_${PN}-dev += "${PN}-compiler"
+RDEPENDS_${PN}-ptest = "bash ${@bb.utils.contains('PACKAGECONFIG', 'python', 'python-protobuf', '', d)}"
 
 MIPS_INSTRUCTION_SET = "mips"
 
 BBCLASSEXTEND = "native nativesdk"
+
+LDFLAGS_append_arm = " -latomic"
+LDFLAGS_append_mips = " -latomic"
+LDFLAGS_append_powerpc = " -latomic"
+LDFLAGS_append_mipsel = " -latomic"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/python/python-distutils-extra.bb b/meta-openembedded/meta-oe/recipes-devtools/python/python-distutils-extra.bb
index 56dd33d7f..eb84f7436 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/python/python-distutils-extra.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/python/python-distutils-extra.bb
@@ -2,8 +2,6 @@ require python-distutils-extra.inc
 
 inherit setuptools
 
-DISTUTILS_INSTALL_ARGS += "--install-lib=${libdir}/${PYTHON_DIR}/site-packages"
-
 RDEPENDS_${PN} = "\
     python-distutils \
 "
diff --git a/meta-openembedded/meta-oe/recipes-devtools/python/python-pygobject_3.28.0.bb b/meta-openembedded/meta-oe/recipes-devtools/python/python-pygobject_3.28.3.bb
index ab65ba1dc..c444fbf05 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/python/python-pygobject_3.28.0.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/python/python-pygobject_3.28.3.bb
@@ -17,8 +17,8 @@ SRC_URI = " \
     file://0001-configure.ac-add-sysroot-path-to-GI_DATADIR-don-t-se.patch \
 "
 
-SRC_URI[md5sum] = "b29d69edb63ae1f555afeb19f90b9996"
-SRC_URI[sha256sum] = "42b47b261b45aedfc77e02e3c90a01cd74d6f86c3273c1860a054d531d606e5a"
+SRC_URI[md5sum] = "3bac63c86bb963aa401f97859464aa90"
+SRC_URI[sha256sum] = "3dd3e21015d06e00482ea665fc1733b77e754a6ab656a5db5d7f7bfaf31ad0b0"
 
 S = "${WORKDIR}/${SRCNAME}-${PV}"
 
diff --git a/meta-openembedded/meta-oe/recipes-devtools/python/python3-distutils-extra.bb b/meta-openembedded/meta-oe/recipes-devtools/python/python3-distutils-extra.bb
index af242b850..5836b090e 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/python/python3-distutils-extra.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/python/python3-distutils-extra.bb
@@ -4,8 +4,6 @@ inherit setuptools3
 
 S = "${WORKDIR}/python-distutils-extra-${PV}"
 
-DISTUTILS_INSTALL_ARGS += "--install-lib=${libdir}/${PYTHON_DIR}/site-packages"
-
 RDEPENDS_${PN} = "\
     python3-setuptools \
 "
diff --git a/meta-openembedded/meta-oe/recipes-devtools/rapidjson/rapidjson_git.bb b/meta-openembedded/meta-oe/recipes-devtools/rapidjson/rapidjson_git.bb
index 8ab35d224..c90eab043 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/rapidjson/rapidjson_git.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/rapidjson/rapidjson_git.bb
@@ -4,11 +4,9 @@ SECTION = "libs"
 LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://license.txt;md5=ba04aa8f65de1396a7e59d1d746c2125"
 
-SRC_URI = "git://github.com/miloyip/rapidjson.git;nobranch=1 \
-           file://remove-march-native-from-CMAKE_CXX_FLAGS.patch \
-"
+SRC_URI = "git://github.com/miloyip/rapidjson.git;nobranch=1"
 
-SRCREV = "e5635fb27feab7f6e8d7b916aa20ad799045a641"
+SRCREV = "6a905f9311f82d306da77bd963ec5aa5da07da9c"
 
 PV = "1.1.0+git${SRCPV}"
 
@@ -20,7 +18,6 @@ EXTRA_OECMAKE += "-DRAPIDJSON_BUILD_DOC=OFF -DRAPIDJSON_BUILD_TESTS=OFF -DRAPIDJ
 
 # RapidJSON is a header-only C++ library, so the main package will be empty.
 
-FILES_${PN}-dev += "${libdir}/cmake"
-RDEPENDS_${PN}-dev = ""
+ALLOW_EMPTY_${PN} = "1"
 
 BBCLASSEXTEND = "native nativesdk"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/sip/sip.inc b/meta-openembedded/meta-oe/recipes-devtools/sip/sip.inc
new file mode 100644
index 000000000..d0795454e
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/sip/sip.inc
@@ -0,0 +1,36 @@
+SUMMARY = "SIP is a C++/Python Wrapper Generator"
+HOMEPAGE = "http://www.riverbankcomputing.co.uk/sip"
+SECTION = "devel"
+LICENSE = "GPLv2+"
+LIC_FILES_CHKSUM = "file://LICENSE-GPL2;md5=e91355d8a6f8bd8f7c699d62863c7303"
+
+SRC_URI = "${SOURCEFORGE_MIRROR}/project/pyqt/sip/sip-${PV}/sip-${PV}.tar.gz \
+          "
+SRC_URI[md5sum] = "9124cb8978742685747a5415179a9890"                           
+SRC_URI[sha256sum] = "e353a7056599bf5fbd5d3ff9842a6ab2ea3cf4e0304a0f925ec5862907c0d15e"
+
+S = "${WORKDIR}/sip-${PV}"
+
+BBCLASSEXTEND = "native"
+
+do_configure_prepend_class-target() {
+    echo "py_platform = linux" > sip.cfg
+    echo "py_inc_dir = %(sysroot)/${includedir}/python${PYTHON_BASEVERSION}${PYTHON_ABI}" >> sip.cfg
+    echo "sip_bin_dir = ${D}/${bindir}" >> sip.cfg
+    echo "sip_inc_dir = ${D}/${includedir}" >> sip.cfg
+    echo "sip_module_dir = ${D}/${libdir}/python${PYTHON_BASEVERSION}${PYTHON_ABI}/site-packages" >> sip.cfg
+    echo "sip_sip_dir = ${D}/${datadir}/sip" >> sip.cfg
+    ${PYTHON} configure.py --configuration sip.cfg --sip-module PyQt5.sip --sysroot ${STAGING_DIR_HOST} CC="${CC}" CXX="${CXX}" LINK="${CXX}" STRIP="" LINK_SHLIB="${CXX}" CFLAGS="${CFLAGS}" CXXFLAGS="${CXXFLAGS}" LFLAGS="${LDFLAGS}"
+}
+do_configure_prepend_class-native() {
+    echo "py_platform = linux" > sip.cfg
+    echo "py_inc_dir = ${includedir}/python${PYTHON_BASEVERSION}${PYTHON_ABI}" >> sip.cfg
+    echo "sip_bin_dir = ${D}/${bindir}" >> sip.cfg
+    echo "sip_inc_dir = ${D}/${includedir}" >> sip.cfg
+    echo "sip_module_dir = ${D}/${libdir}/python${PYTHON_BASEVERSION}${PYTHON_ABI}/site-packages" >> sip.cfg
+    echo "sip_sip_dir = ${D}/${datadir}/sip" >> sip.cfg
+    ${PYTHON} configure.py --configuration sip.cfg --sip-module PyQt5.sip --sysroot=${STAGING_DIR_NATIVE}
+}
+do_install() {
+    oe_runmake install
+}
diff --git a/meta-openembedded/meta-oe/recipes-devtools/sip/sip3_4.19.13.bb b/meta-openembedded/meta-oe/recipes-devtools/sip/sip3_4.19.13.bb
new file mode 100644
index 000000000..dc15bc2e2
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/sip/sip3_4.19.13.bb
@@ -0,0 +1,11 @@
+require sip.inc
+
+DEPENDS = "python3"
+
+inherit python3-dir python3native
+
+PACKAGES += "python3-sip3"
+
+FILES_python3-sip3 = "${libdir}/${PYTHON_DIR}${PYTHON_ABI}/site-packages/"
+FILES_${PN}-dbg += "${libdir}/${PYTHON_DIR}${PYTHON_ABI}/site-packages/.debug"
+
diff --git a/meta-openembedded/meta-oe/recipes-devtools/sip/sip_4.19.13.bb b/meta-openembedded/meta-oe/recipes-devtools/sip/sip_4.19.13.bb
new file mode 100644
index 000000000..3da15b842
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/sip/sip_4.19.13.bb
@@ -0,0 +1,11 @@
+require sip.inc
+
+DEPENDS = "python"
+
+inherit python-dir pythonnative
+
+PACKAGES += "python-sip"
+
+FILES_python-sip = "${libdir}/${PYTHON_DIR}/site-packages/"
+FILES_${PN}-dbg += "${libdir}/${PYTHON_DIR}/site-packages/.debug"
+
diff --git a/meta-openembedded/meta-oe/recipes-devtools/sip/sip_4.19.8.bb b/meta-openembedded/meta-oe/recipes-devtools/sip/sip_4.19.8.bb
deleted file mode 100644
index ea944b32f..000000000
--- a/meta-openembedded/meta-oe/recipes-devtools/sip/sip_4.19.8.bb
+++ /dev/null
@@ -1,42 +0,0 @@
-SUMMARY = "SIP is a C++/Python Wrapper Generator"
-HOMEPAGE = "http://www.riverbankcomputing.co.uk/sip"
-SECTION = "devel"
-LICENSE = "GPLv2+"
-LIC_FILES_CHKSUM = "file://LICENSE-GPL2;md5=e91355d8a6f8bd8f7c699d62863c7303"
-
-inherit python-dir
-
-DEPENDS = "python"
-
-SRC_URI = "${SOURCEFORGE_MIRROR}/project/pyqt/sip/sip-${PV}/sip-${PV}.tar.gz"
-SRC_URI[md5sum] = "0625fb20347d4ff1b5da551539be0727"
-SRC_URI[sha256sum] = "7eaf7a2ea7d4d38a56dd6d2506574464bddf7cf284c960801679942377c297bc"
-
-BBCLASSEXTEND = "native"
-
-PACKAGES += "python-sip"
-
-do_configure_prepend_class-target() {
-    echo "py_platform = linux" > sip.cfg
-    echo "py_inc_dir = %(sysroot)/${includedir}/python%(py_major).%(py_minor)" >> sip.cfg
-    echo "sip_bin_dir = ${D}/${bindir}" >> sip.cfg
-    echo "sip_inc_dir = ${D}/${includedir}" >> sip.cfg
-    echo "sip_module_dir = ${D}/${libdir}/python%(py_major).%(py_minor)/site-packages" >> sip.cfg
-    echo "sip_sip_dir = ${D}/${datadir}/sip" >> sip.cfg
-    python configure.py --configuration sip.cfg --sysroot ${STAGING_DIR_HOST} CC="${CC}" CXX="${CXX}" LINK="${CXX}" STRIP="" LINK_SHLIB="${CXX}" CFLAGS="${CFLAGS}" CXXFLAGS="${CXXFLAGS}" LFLAGS="${LDFLAGS}"
-}
-do_configure_prepend_class-native() {
-    echo "py_platform = linux" > sip.cfg
-    echo "py_inc_dir = ${includedir}/python%(py_major).%(py_minor)" >> sip.cfg
-    echo "sip_bin_dir = ${D}/${bindir}" >> sip.cfg
-    echo "sip_inc_dir = ${D}/${includedir}" >> sip.cfg
-    echo "sip_module_dir = ${D}/${libdir}/python%(py_major).%(py_minor)/site-packages" >> sip.cfg
-    echo "sip_sip_dir = ${D}/${datadir}/sip" >> sip.cfg
-    python configure.py --configuration sip.cfg --sysroot ${STAGING_DIR_NATIVE}
-}
-do_install() {
-    oe_runmake install
-}
-
-FILES_python-sip = "${libdir}/${PYTHON_DIR}/site-packages/"
-FILES_${PN}-dbg += "${libdir}/${PYTHON_DIR}/site-packages/.debug"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/tclap/tclap_1.2.1.bb b/meta-openembedded/meta-oe/recipes-devtools/tclap/tclap_1.2.2.bb
index 3eadbe45f..46a940803 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/tclap/tclap_1.2.1.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/tclap/tclap_1.2.2.bb
@@ -1,9 +1,9 @@
 SUMMARY = "Templatized C++ Command Line Parser"
 HOMEPAGE = "http://tclap.sourceforge.net/"
 LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://COPYING;md5=c8ab0ff134bcc584d0e6b5b9f8732453"
+LIC_FILES_CHKSUM = "file://COPYING;md5=0ca8b9c5c5445cfa7af7e78fd27e60ed"
 
-SRCREV = "3627d9402e529770df9b0edf2aa8c0e0d6c6bb41"
+SRCREV = "75f440bcac1276c847f5351e14216f6e91def44d"
 SRC_URI = "git://git.code.sf.net/p/tclap/code \
     file://Makefile.am-disable-docs.patch \
 "
diff --git a/meta-openembedded/meta-oe/recipes-devtools/tcltk/tk_8.6.8.bb b/meta-openembedded/meta-oe/recipes-devtools/tcltk/tk_8.6.8.bb
index 13dc4d751..4e38525cb 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/tcltk/tk_8.6.8.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/tcltk/tk_8.6.8.bb
@@ -42,22 +42,14 @@ REQUIRED_DISTRO_FEATURES = "x11"
 EXTRA_OECONF = "\
     --enable-threads \
     --with-x \
-    --with-tcl=${STAGING_BINDIR_CROSS} \
+    --with-tcl=${STAGING_BINDIR}/crossscripts \
     --libdir=${libdir} \
 "
-
+export TK_LIBRARY='${libdir}/tk${VER}'
 do_install_append() {
     ln -sf libtk${VER}.so ${D}${libdir}/libtk${VER}.so.0
     oe_libinstall -so libtk${VER} ${D}${libdir}
     ln -sf wish${VER} ${D}${bindir}/wish
-
-    # Even after passing libdir=${libdir} at config, some incorrect dirs are still generated for the multilib build
-    if [ "$libdir" != "/usr/lib" ]; then
-        # Move files to correct library directory
-        mv ${D}/usr/lib/tk${VER}/* ${D}/${libdir}/tk${VER}/
-        # Remove unneeded/incorrect dir ('usr/lib/')
-        rm -rf ${D}/usr/lib
-    fi
 }
 
 PACKAGECONFIG ??= "xft"
@@ -73,7 +65,7 @@ FILES_${PN} += "${libdir}/tk*"
 RDEPENDS_${PN} += "tk-lib"
 RDEPENDS_${PN}_class-native = ""
 
-BBCLASSEXTEND = "native"
+BBCLASSEXTEND = "native nativesdk"
 
 # Fix the path in sstate
 SSTATE_SCAN_FILES += "*Config.sh"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/uftrace/uftrace/0001-include-dlfcn.h-for-RTLD_DEFAULT.patch b/meta-openembedded/meta-oe/recipes-devtools/uftrace/uftrace/0001-include-dlfcn.h-for-RTLD_DEFAULT.patch
new file mode 100644
index 000000000..fe7aac931
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/uftrace/uftrace/0001-include-dlfcn.h-for-RTLD_DEFAULT.patch
@@ -0,0 +1,39 @@
+From cdf7f2e394fcfb93a61f509ae3388f29540a6b35 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Sat, 8 Sep 2018 11:56:13 -0700
+Subject: [PATCH] include dlfcn.h for RTLD_DEFAULT
+
+Fixes
+plthook.c:128:41: error: use of undeclared identifier 'RTLD_DEFAULT'
+
+Upstream-Status: Submitted [https://github.com/namhyung/uftrace/pull/487]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ libmcount/plthook.c | 1 +
+ utils/debug.c       | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/libmcount/plthook.c b/libmcount/plthook.c
+index d9d84f0..d54f5e8 100644
+--- a/libmcount/plthook.c
++++ b/libmcount/plthook.c
+@@ -6,6 +6,7 @@
+ #include <sys/mman.h>
+ #include <pthread.h>
+ #include <assert.h>
++#include <dlfcn.h>
+ 
+ /* This should be defined before #include "utils.h" */
+ #define PR_FMT     "mcount"
+diff --git a/utils/debug.c b/utils/debug.c
+index 2134b09..5460def 100644
+--- a/utils/debug.c
++++ b/utils/debug.c
+@@ -13,6 +13,7 @@
+ #include <assert.h>
+ #include <limits.h>
+ #include <inttypes.h>
++#include <dlfcn.h>
+ 
+ #include "utils/utils.h"
+ 
diff --git a/meta-openembedded/meta-oe/recipes-devtools/uftrace/uftrace_0.8.bb b/meta-openembedded/meta-oe/recipes-devtools/uftrace/uftrace_0.8.3.bb
index 82b179521..ca38e6aa2 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/uftrace/uftrace_0.8.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/uftrace/uftrace_0.8.3.bb
@@ -10,21 +10,34 @@ DEPENDS_append_libc-musl = " argp-standalone"
 
 inherit autotools
 
-SRCREV = "5af9ff9fa89c340617e52c8ed05798b352a7145c"
-SRC_URI = "git://github.com/namhyung/${BPN}"
+# v0.8.3
+SRCREV = "8b723a6fae2ef30495cd6279774fba9c95cd9c88"
+SRC_URI = "git://github.com/namhyung/${BPN} \
+           file://0001-include-dlfcn.h-for-RTLD_DEFAULT.patch \
+           "
 S = "${WORKDIR}/git"
 
 LDFLAGS_append_libc-musl = " -largp"
-EXTRA_OECONF = "ARCH=${TARGET_ARCH}"
+
+def set_target_arch(d):
+    import re
+    arch = d.getVar('TARGET_ARCH', True)
+    if re.match(r'i.86', arch, re.I):
+        return 'i386'
+    else:
+        return arch
+
+EXTRA_UFTRACE_OECONF = "ARCH=${@set_target_arch(d)} \
+                        with_elfutils=/use/libelf/from/sysroot"
 
 do_configure() {
-    ${S}/configure ${EXTRA_OECONF}
+    ${S}/configure ${EXTRA_UFTRACE_OECONF}
 }
 
 FILES_SOLIBSDEV = ""
 FILES_${PN} += "${libdir}/*.so"
 
-COMPATIBLE_HOST = "(x86_64|aarch64|arm)"
+COMPATIBLE_HOST = "(i.86|x86_64|aarch64|arm)"
 
 # uftrace supports armv6 and above
 COMPATIBLE_HOST_armv4 = 'null'
diff --git a/meta-openembedded/meta-oe/recipes-devtools/uw-imap/uw-imap/0001-Support-OpenSSL-1.1.patch b/meta-openembedded/meta-oe/recipes-devtools/uw-imap/uw-imap/0001-Support-OpenSSL-1.1.patch
new file mode 100644
index 000000000..d5610bbcd
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/uw-imap/uw-imap/0001-Support-OpenSSL-1.1.patch
@@ -0,0 +1,71 @@
+From 4c684542816a08b95444b8e2515f24d084e6e3c3 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Tue, 4 Sep 2018 22:05:17 -0700
+Subject: [PATCH] Support OpenSSL 1.1
+
+When building with OpenSSL 1.1 and newer, use the new built-in
+ hostname verification instead of code that doesn't compile due to
+ structs having been made opaque.
+Bug-Debian: https://bugs.debian.org/828589
+
+Upstream-Status: Unknown
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ src/osdep/unix/ssl_unix.c | 14 +++++++++++++-
+ 1 file changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/src/osdep/unix/ssl_unix.c b/src/osdep/unix/ssl_unix.c
+index 3bfdff3..dec9467 100644
+--- a/src/osdep/unix/ssl_unix.c
++++ b/src/osdep/unix/ssl_unix.c
+@@ -227,8 +227,16 @@ static char *ssl_start_work (SSLSTREAM *stream,char *host,unsigned long flags)
+ 				/* disable certificate validation? */
+   if (flags & NET_NOVALIDATECERT)
+     SSL_CTX_set_verify (stream->context,SSL_VERIFY_NONE,NIL);
+-  else SSL_CTX_set_verify (stream->context,SSL_VERIFY_PEER,ssl_open_verify);
++  else {
++#if OPENSSL_VERSION_NUMBER >= 0x10100000      
++      X509_VERIFY_PARAM *param = SSL_CTX_get0_param(stream->context);
++      X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
++      X509_VERIFY_PARAM_set1_host(param, host, 0);
++#endif
++
++      SSL_CTX_set_verify (stream->context,SSL_VERIFY_PEER,ssl_open_verify);
+ 				/* set default paths to CAs... */
++  }
+   SSL_CTX_set_default_verify_paths (stream->context);
+ 				/* ...unless a non-standard path desired */
+   if (s = (char *) mail_parameters (NIL,GET_SSLCAPATH,NIL))
+@@ -266,6 +274,7 @@ static char *ssl_start_work (SSLSTREAM *stream,char *host,unsigned long flags)
+   if (SSL_write (stream->con,"",0) < 0)
+     return ssl_last_error ? ssl_last_error : "SSL negotiation failed";
+ 				/* need to validate host names? */
++#if OPENSSL_VERSION_NUMBER < 0x10100000
+   if (!(flags & NET_NOVALIDATECERT) &&
+       (err = ssl_validate_cert (cert = SSL_get_peer_certificate (stream->con),
+ 				host))) {
+@@ -275,6 +284,7 @@ static char *ssl_start_work (SSLSTREAM *stream,char *host,unsigned long flags)
+     sprintf (tmp,"*%.128s: %.255s",err,cert ? cert->name : "???");
+     return ssl_last_error = cpystr (tmp);
+   }
++#endif
+   return NIL;
+ }
+ 
+@@ -313,6 +323,7 @@ static int ssl_open_verify (int ok,X509_STORE_CTX *ctx)
+  * Returns: NIL if validated, else string of error message
+  */
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000
+ static char *ssl_validate_cert (X509 *cert,char *host)
+ {
+   int i,n;
+@@ -342,6 +353,7 @@ static char *ssl_validate_cert (X509 *cert,char *host)
+   else ret = "Unable to locate common name in certificate";
+   return ret;
+ }
++#endif
+ 
+ /* Case-independent wildcard pattern match
+  * Accepts: base string
diff --git a/meta-openembedded/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb b/meta-openembedded/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb
index 91003f6e9..0000f05ae 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb
@@ -4,12 +4,13 @@ SECTION = "devel"
 LICENSE = "Apache-2.0"
 LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=a6a4ddbb7cd2999f6827ee143f6fcd97"
 
-DEPENDS = "openssl"
+DEPENDS = "openssl virtual/crypt"
 
 SRC_URI = "https://fossies.org/linux/misc/old/imap-${PV}.tar.gz \
            file://quote_cctype.patch \
            file://imap-2007e-shared.patch \
            file://imap-2007f-format-security.patch \
+           file://0001-Support-OpenSSL-1.1.patch \
            "
 
 SRC_URI[md5sum] = "2126fd125ea26b73b20f01fcd5940369"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/xerces-c/xerces-c_3.1.4.bb b/meta-openembedded/meta-oe/recipes-devtools/xerces-c/xerces-c_3.1.4.bb
index 64ac74723..0951307c1 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/xerces-c/xerces-c_3.1.4.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/xerces-c/xerces-c_3.1.4.bb
@@ -9,7 +9,7 @@ SECTION =  "libs"
 LICENSE = "Apache-2.0"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
 
-SRC_URI = "http://apache.lauf-forum.at/xerces/c/3/sources/${BP}.tar.bz2"
+SRC_URI = "http://archive.apache.org/dist/xerces/c/3/sources/${BP}.tar.bz2"
 SRC_URI[md5sum] = "d04ae9d8b2dee2157c6db95fa908abfd"
 SRC_URI[sha256sum] = "9408f12c1628ecf80730bedbe8b2caad810edd01bb4c66f77b60c873e8cc6891"
 
@@ -24,24 +24,21 @@ do_install_prepend () {
 }
 
 PACKAGES = "libxerces-c \
-    libxerces-c-dbg \
     libxerces-c-dev \
     xerces-c-samples \
-    xerces-c-samples-dbg \
     libxerces-c-staticdev \
+    ${PN}-dbg \
 "
 
+RPROVIDES_${PN}-dbg += "libxerces-c-dbg xerces-c-samples-dbg"
+
 FILES_libxerces-c = "${libdir}/libxerces-c-3.1.so"
-FILES_libxerces-c-dbg = "${libdir}/.debug \
-    ${prefix}/src/debug \
-"
 FILES_libxerces-c-dev = "${libdir}/lib*.la \
     ${libdir}/libxerces-c.so \
     ${libdir}/pkgconfig/xerces-c.pc \
     ${includedir}/xercesc \
 "
 FILES_xerces-c-samples = "${bindir}/*"
-FILES_xerces-c-samples-dbg = "${bindir}/.debug/"
 FILES_libxerces-c-staticdev = "${libdir}/lib*.a"
 
 BBCLASSEXTEND = "native"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm_git.bb b/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm_git.bb
new file mode 100644
index 000000000..b20d4c05c
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm_git.bb
@@ -0,0 +1,22 @@
+SUMMARY = "x86 (SSE) assembler supporting NASM and GAS-syntaxes"
+LICENSE = "BSD"
+HOMEPAGE = "http://www.tortall.net/projects/yasm/"
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=a12d8903508fb6bfd49d8d82c6170dd9"
+
+DEPENDS += "flex-native bison-native xmlto-native"
+
+PV = "1.3.0+git${SRCPV}"
+# v1.3.0
+SRCREV = "ba463d3c26c0ece2e797b8d6381b161633b5971a"
+SRC_URI = "git://github.com/yasm/yasm.git"
+
+S = "${WORKDIR}/git"
+
+inherit autotools gettext pythonnative
+
+CACHED_CONFIGUREVARS = "CCLD_FOR_BUILD='${CC_FOR_BUILD}'"
+
+BBCLASSEXTEND = "native"
+
+PARALLEL_MAKE = ""