summaryrefslogtreecommitdiffstats
path: root/package/openssl
Commit message (Collapse)AuthorAgeFilesLines
* openssl: fix host-openssl dependenciesArnout Vandecappelle (Essensium/Mind)2013-05-121-0/+1
| | | | | | | | | Support for ocf-linux or cryptodev-linux added a dependency of host-openssl on host-ocf-linux / host-cryptodev-linux, which we don't have and the dependency is anyway not needed. Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: integrate variable cryptodev supportGustavo Zacarias2013-05-052-16/+6
| | | | | | | | | | Allow openssl to use cryptodev-linux hardware crypto support besides OCF. To do this we remove the OCF option from openssl and automatically use any of the available implementations when available. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: add host variantGustavo Zacarias2013-04-171-0/+21
| | | | | | | Useful for the upcoming host-python-m2crypto package. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: adjust ARM optimizationsGustavo Zacarias2013-04-111-6/+0
| | | | | | | | We no longer support ARM less than v4 so just kill dead code that we had for those cases. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: bump to version 1.0.1eGustavo Zacarias2013-02-181-1/+1
| | | | | | | Fixes some regressions introduced by 1.0.1d Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: security bump to version 1.0.1dGustavo Zacarias2013-02-051-1/+1
| | | | | | | Fixes CVE-2013-0169, CVE-2012-2686 and CVE-2013-0166. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: fix static buildPeter Korsgaard2012-12-161-2/+1
| | | | | | Just use the default target instead of hardcoding shared library support. Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: fix runtime failure on some powerpc variantsGustavo Zacarias2012-12-101-0/+3
| | | | | | | | | OpenSSL's assembly optimizations por PowerPC seem to be broken for at least 4xx cores. Thanks go to Jan Schunke for reporting and testing. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: disable apps for NOMMUGustavo Zacarias2012-10-222-8/+11
| | | | | | | | | The openssl binary uses fork() so disable the option and build for !MMU. Fixes http://autobuild.buildroot.net/results/45a9b84c16caadbf77b6fc43d7a0001c981a4c87/build-end.log Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* Merge branch 'next'Peter Korsgaard2012-09-031-1/+1
|\ | | | | | | | | | | | | | | | | | | Conflicts: package/e2fsprogs/e2fsprogs.mk package/libfuse/libfuse.mk package/multimedia/mpd/mpd.mk package/smartmontools/smartmontools.mk Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
| * openssl: bump to version 1.0.1cGustavo Zacarias2012-08-241-1/+1
| | | | | | | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* | openssl: add license infoDanomi Manchego2012-08-151-0/+2
|/ | | | | Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* all packages: rename XXXTARGETS to xxx-packageArnout Vandecappelle (Essensium/Mind)2012-07-171-1/+1
| | | | | | | | | | | | | Also remove the redundant $(call ...). This is a purely mechanical change, performed with find package linux toolchain boot -name \*.mk | \ xargs sed -i -e 's/$(eval $(call GENTARGETS))/$(eval $(generic-package))/' \ -e 's/$(eval $(call AUTOTARGETS))/$(eval $(autotools-package))/' \ -e 's/$(eval $(call CMAKETARGETS))/$(eval $(cmake-package))/' Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* openssl: fix static buildPeter Korsgaard2012-07-011-4/+14
| | | | Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: security bump to version 1.0.0jGustavo Zacarias2012-05-141-1/+1
| | | | | | | Bump to version 1.0.0j to fix CVE-2012-2333 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: switch to the ocf-linux packageGustavo Zacarias2012-05-053-490/+9
| | | | | | | | | | Remove builtin OCF support from the openssl package into a new package. Even though ocf support is just a header file we'd rather have it in a separate package because of unrelated version bumps and to fetch it from source. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: security bump to version 1.0.0iGustavo Zacarias2012-04-191-1/+1
| | | | | | | Fix for CVE-2012-2110 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: security bump to version 1.0.0hGustavo Zacarias2012-03-151-1/+1
| | | | | | | Bump to version 1.0.0h to fix CMS and S/MIME Bleichenbacher attack (CVE-2012-0884) Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: security bump to version 1.0.0gGustavo Zacarias2012-01-221-1/+1
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: security bump to version 1.0.0fGustavo Zacarias2012-01-061-1/+1
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* package: remove useless arguments from GENTARGETSThomas Petazzoni2011-09-291-1/+1
| | | | | | | | | | Thanks to the pkgparentdir and pkgname functions, we can rewrite the GENTARGETS macro in a way that avoids the need for each package to repeat its name and the directory in which it is present. [Peter: pkgdir->pkgparentdir] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: bump to 1.0.0eYegor Yefremov2011-09-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes between 1.0.0d and 1.0.0e [6 Sep 2011] *) Fix bug where CRLs with nextUpdate in the past are sometimes accepted by initialising X509_STORE_CTX properly. (CVE-2011-3207) [Kaspar Brand <ossl@velox.ch>] *) Fix SSL memory handling for (EC)DH ciphersuites, in particular for multi-threaded use of ECDH. (CVE-2011-3210) [Adam Langley (Google)] *) Fix x509_name_ex_d2i memory leak on bad inputs. [Bodo Moeller] *) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check signature public key algorithm by using OID xref utilities instead. Before this you could only use some ECC ciphersuites with SHA1 only. [Steve Henson] *) Add protection against ECDSA timing attacks as mentioned in the paper by Billy Bob Brumley and Nicola Tuveri, see: http://eprint.iacr.org/2011/232.pdf [Billy Bob Brumley and Nicola Tuveri] Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com> Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: fix compilation for i386Gustavo Zacarias2011-04-011-0/+5
| | | | | | | | | | | | Closes #3445. OpenSSL emits bswap instructions when building for i386 targets which unfortunately is only available on 486+ class processors. Since the normal workaround is detected at build time and we are cross compiling we need to specify this. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: fix libdir issueGustavo Zacarias2011-02-231-0/+1
| | | | | | | | | | | | | Closes #3205 OpenSSL's build system tries to be too wise for it's own good when guessing what libdir should be. This causes problems like the one reported in bug #3205 so just specify libdir to point to /lib (since it's prefixed it would finally be /usr/lib) since it should be present on 32 and 64 bit targets. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: security bump to 1.0.0dGustavo Zacarias2011-02-091-1/+1
| | | | | | | | | | CVE-2011-0014 http://www.openssl.org/news/secadv_20110208.txt OCSP stapling vulnerability in OpenSSL Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: add ocf supportGustavo Zacarias2011-01-173-1/+503
| | | | | | | | | | | | | | | | Enable OCF (cryptodev) support for openssl as an option. This requires a patched kernel to export hardware acceleration for openssl to use it. If you lack a patched kernel or support it won't break anything, it will simply fall back to the default software engine from openssl, you'll just have a slightly bigger libssl/libcrypto. Tested with 20100325 release + 20101223 patch from the mailing list. [Peter: slightly tweaked .mk] Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: security bump to version 1.0.0cGustavo Zacarias2010-12-112-17/+1
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: security bump to version 1.0.0bGustavo Zacarias2010-11-192-1/+17
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: Bump to 1.0.0aGustavo Zacarias2010-10-184-91/+15
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* Remove code specific to removed architecturesThomas Petazzoni2010-08-311-3/+0
| | | | Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* openssl: don't override the CC passed at configure timeThomas Petazzoni2010-07-071-2/+2
| | | | Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* openssl: bump version, enable mdc2+camellia+tlsextGustavo Zacarias2010-06-061-2/+4
| | | | | | | Closes #1951 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: convert to the generic infrastructureThomas Petazzoni2010-05-021-34/+51
| | | | | | | | OpenSSL is not using the autotools as its build system. Therefore, we must use the generic infrastructure instead of the autotools one. Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: fix build without ipv6 supportPeter Korsgaard2010-04-151-0/+55
| | | | | | Closes #1567 Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: bump versionGustavo Zacarias2010-03-315-107/+1
| | | | | | | Closes #1411 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: bump to 0.9.8l + security fixesGustavo Zacarias2009-11-155-1/+107
| | | | | | | Closes #703 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: use generic support for avr32Peter Korsgaard2009-09-231-3/+0
| | | | | | | Upstream openssl doesn't have avr32 support, and we dropped the avr32 optimization patch some time ago. Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: remove invalid quotes around x86_64Peter Korsgaard2009-07-291-1/+1
| | | | | | Thanks for Thomas for noticing. Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* openssl: fix arch handlingPeter Korsgaard2009-07-291-4/+4
| | | | | | | | | Closes #497 Use ARCH instead of BR2_ARCH as BR2_ARCH won't match because of the surrounding quotes. Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* package/openssl: fix uninstallPeter Korsgaard2009-04-281-0/+8
|
* package/openssl: STRIP_STRIP_ALL should be used for binariesPeter Korsgaard2009-04-281-1/+1
|
* package/openssl: also strip libraries with _OPENSSL_BIN is enabledPeter Korsgaard2009-04-281-3/+3
|
* package/openssl: make sure TARGET_CFLAGS are usedPeter Korsgaard2009-04-281-1/+3
| | | | | | | | And remove the unnedded c_rehash binary while we're at it. Patch by Gustavo Zacarias <gustavo@zacarias.com.br>, closes #307. Saves ~250k on PPC with default config (E.G. -Os)
* openssl: git rid of version number in patchesPeter Korsgaard2009-04-144-0/+0
| | | | As noted by Hamish Moffatt on the list.
* openssl: bump versionPeter Korsgaard2009-04-076-13/+13
| | | | | | | Patch by Gustavo Zacarias <gustavo@zacarias.com.ar>, closes #217 Fixes multiple security flaws - See http://www.openssl.org/news/secadv_20090325.txt for details.
* Remove asm optimization patch for AVR32. This is non-essencial, yet, was ↵Thiago A. Corrêa2009-04-061-6355/+0
| | | | unclean and prevented the build from completing. Asked Atmel to submit upstream.
* openssl: strip librariesPeter Korsgaard2009-03-151-0/+6
|
* openssl: misc fixesPeter Korsgaard2009-03-052-1/+13
| | | | | | | | | | Patch by Gustavo Zacarias <gustavo@zacarias.com.ar> Closes #151. * Avoid fips directory completely since it just installs source file cruft inlib * Point openssldir to a more friendly and common /etc/ssl rather than /usr/lib/ssl
* Bump version to 0.9.8jHamish Moffatt2009-02-245-1/+1
|
* openssl: fix build without largefile supportPeter Korsgaard2009-01-211-0/+19
|