Accepting request 592073 from security:tls
OBS-URL: https://build.opensuse.org/request/show/592073 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=2
This commit is contained in:
commit
e4b2aa53c5
@ -4,11 +4,11 @@ Date: Sun, 4 May 2014 23:36:54 -0400
|
||||
Subject: [PATCH] Axe builtin printf implementation, use glibc instead
|
||||
|
||||
|
||||
Index: openssl-1.1.0g/crypto/bio/b_print.c
|
||||
Index: openssl-1.1.0h/crypto/bio/b_print.c
|
||||
===================================================================
|
||||
--- openssl-1.1.0g.orig/crypto/bio/b_print.c 2017-11-02 15:29:02.000000000 +0100
|
||||
+++ openssl-1.1.0g/crypto/bio/b_print.c 2017-11-02 20:48:01.240953505 +0100
|
||||
@@ -21,831 +21,6 @@
|
||||
--- openssl-1.1.0h.orig/crypto/bio/b_print.c 2018-03-27 15:50:37.000000000 +0200
|
||||
+++ openssl-1.1.0h/crypto/bio/b_print.c 2018-03-27 16:31:15.425784205 +0200
|
||||
@@ -21,830 +21,6 @@
|
||||
* on all source code distributions.
|
||||
*/
|
||||
|
||||
@ -656,7 +656,7 @@ Index: openssl-1.1.0g/crypto/bio/b_print.c
|
||||
- iconvert[iplace++] = "0123456789"[intpart % 10];
|
||||
- intpart = (intpart / 10);
|
||||
- } while (intpart && (iplace < (int)sizeof(iconvert)));
|
||||
- if (iplace == sizeof iconvert)
|
||||
- if (iplace == sizeof(iconvert))
|
||||
- iplace--;
|
||||
- iconvert[iplace] = 0;
|
||||
-
|
||||
@ -674,7 +674,7 @@ Index: openssl-1.1.0g/crypto/bio/b_print.c
|
||||
- fracpart = (fracpart / 10);
|
||||
- }
|
||||
-
|
||||
- if (fplace == sizeof fconvert)
|
||||
- if (fplace == sizeof(fconvert))
|
||||
- fplace--;
|
||||
- fconvert[fplace] = 0;
|
||||
-
|
||||
@ -836,11 +836,10 @@ Index: openssl-1.1.0g/crypto/bio/b_print.c
|
||||
-}
|
||||
-
|
||||
-/***************************************************************************/
|
||||
-
|
||||
|
||||
int BIO_printf(BIO *bio, const char *format, ...)
|
||||
{
|
||||
va_list args;
|
||||
@@ -859,30 +34,36 @@ int BIO_printf(BIO *bio, const char *for
|
||||
@@ -859,30 +35,36 @@ int BIO_printf(BIO *bio, const char *for
|
||||
return (ret);
|
||||
}
|
||||
|
||||
@ -898,7 +897,7 @@ Index: openssl-1.1.0g/crypto/bio/b_print.c
|
||||
return (ret);
|
||||
}
|
||||
|
||||
@@ -898,29 +79,21 @@ int BIO_snprintf(char *buf, size_t n, co
|
||||
@@ -898,29 +80,21 @@ int BIO_snprintf(char *buf, size_t n, co
|
||||
int ret;
|
||||
|
||||
va_start(args, format);
|
||||
@ -936,10 +935,10 @@ Index: openssl-1.1.0g/crypto/bio/b_print.c
|
||||
- return (retlen <= INT_MAX) ? (int)retlen : -1;
|
||||
+ return (ret);
|
||||
}
|
||||
Index: openssl-1.1.0g/test/bioprinttest.c
|
||||
Index: openssl-1.1.0h/test/bioprinttest.c
|
||||
===================================================================
|
||||
--- openssl-1.1.0g.orig/test/bioprinttest.c 2017-11-02 15:29:05.000000000 +0100
|
||||
+++ openssl-1.1.0g/test/bioprinttest.c 2017-11-02 20:45:03.446174264 +0100
|
||||
--- openssl-1.1.0h.orig/test/bioprinttest.c 2018-03-27 15:50:40.000000000 +0200
|
||||
+++ openssl-1.1.0h/test/bioprinttest.c 2018-03-27 16:30:23.096947435 +0200
|
||||
@@ -200,13 +200,6 @@ int main(int argc, char **argv)
|
||||
dofptest(test++, 66666.0 + frac, width, prec, &fail);
|
||||
}
|
||||
|
104
0001-Tolerate-a-Certificate-using-a-non-supported-group-o.patch
Normal file
104
0001-Tolerate-a-Certificate-using-a-non-supported-group-o.patch
Normal file
@ -0,0 +1,104 @@
|
||||
From e9d26dc85238c071117d911704f5f769e79b46a1 Mon Sep 17 00:00:00 2001
|
||||
From: Matt Caswell <matt@openssl.org>
|
||||
Date: Tue, 13 Mar 2018 17:23:10 +0000
|
||||
Subject: [PATCH] Tolerate a Certificate using a non-supported group on server
|
||||
side
|
||||
|
||||
If a server has been configured to use an ECDSA certificate, we should
|
||||
allow it regardless of whether the server's own supported groups list
|
||||
includes the certificate's group.
|
||||
|
||||
Fixes #2033
|
||||
|
||||
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
|
||||
(Merged from https://github.com/openssl/openssl/pull/5607)
|
||||
---
|
||||
ssl/t1_lib.c | 30 +++++++++++++++++++++---------
|
||||
1 file changed, 21 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
|
||||
index 7a5721a1e2..dc4e6526d6 100644
|
||||
--- a/ssl/t1_lib.c
|
||||
+++ b/ssl/t1_lib.c
|
||||
@@ -490,13 +490,16 @@ static int tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id,
|
||||
return 1;
|
||||
}
|
||||
|
||||
+# define DONT_CHECK_OWN_GROUPS 0
|
||||
+# define CHECK_OWN_GROUPS 1
|
||||
/* Check an EC key is compatible with extensions */
|
||||
-static int tls1_check_ec_key(SSL *s,
|
||||
- unsigned char *curve_id, unsigned char *comp_id)
|
||||
+static int tls1_check_ec_key(SSL *s, unsigned char *curve_id,
|
||||
+ unsigned char *comp_id, int check_own_groups)
|
||||
{
|
||||
const unsigned char *pformats, *pcurves;
|
||||
size_t num_formats, num_curves, i;
|
||||
int j;
|
||||
+
|
||||
/*
|
||||
* If point formats extension present check it, otherwise everything is
|
||||
* supported (see RFC4492).
|
||||
@@ -513,8 +516,12 @@ static int tls1_check_ec_key(SSL *s,
|
||||
}
|
||||
if (!curve_id)
|
||||
return 1;
|
||||
+
|
||||
+ if (!s->server && !check_own_groups)
|
||||
+ return 1;
|
||||
+
|
||||
/* Check curve is consistent with client and server preferences */
|
||||
- for (j = 0; j <= 1; j++) {
|
||||
+ for (j = check_own_groups ? 0 : 1; j <= 1; j++) {
|
||||
if (!tls1_get_curvelist(s, j, &pcurves, &num_curves))
|
||||
return 0;
|
||||
if (j == 1 && num_curves == 0) {
|
||||
@@ -579,9 +586,12 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md)
|
||||
return 0;
|
||||
/*
|
||||
* Can't check curve_id for client certs as we don't have a supported
|
||||
- * curves extension.
|
||||
+ * curves extension. For server certs we will tolerate certificates that
|
||||
+ * aren't in our own list of curves. If we've been configured to use an EC
|
||||
+ * cert then we should use it - therefore we use DONT_CHECK_OWN_GROUPS here.
|
||||
*/
|
||||
- rv = tls1_check_ec_key(s, s->server ? curve_id : NULL, &comp_id);
|
||||
+ rv = tls1_check_ec_key(s, s->server ? curve_id : NULL, &comp_id,
|
||||
+ DONT_CHECK_OWN_GROUPS);
|
||||
if (!rv)
|
||||
return 0;
|
||||
/*
|
||||
@@ -644,7 +654,7 @@ int tls1_check_ec_tmp_key(SSL *s, unsigned long cid)
|
||||
return 0;
|
||||
curve_id[0] = 0;
|
||||
/* Check this curve is acceptable */
|
||||
- if (!tls1_check_ec_key(s, curve_id, NULL))
|
||||
+ if (!tls1_check_ec_key(s, curve_id, NULL, CHECK_OWN_GROUPS))
|
||||
return 0;
|
||||
return 1;
|
||||
}
|
||||
@@ -746,8 +756,9 @@ size_t tls12_get_psigalgs(SSL *s, int sent, const unsigned char **psigs)
|
||||
}
|
||||
|
||||
/*
|
||||
- * Check signature algorithm is consistent with sent supported signature
|
||||
- * algorithms and if so return relevant digest.
|
||||
+ * Check signature algorithm received from the peer with a signature is
|
||||
+ * consistent with the sent supported signature algorithms and if so return
|
||||
+ * relevant digest.
|
||||
*/
|
||||
int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s,
|
||||
const unsigned char *sig, EVP_PKEY *pkey)
|
||||
@@ -769,7 +780,8 @@ int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s,
|
||||
/* Check compression and curve matches extensions */
|
||||
if (!tls1_set_ec_id(curve_id, &comp_id, EVP_PKEY_get0_EC_KEY(pkey)))
|
||||
return 0;
|
||||
- if (!s->server && !tls1_check_ec_key(s, curve_id, &comp_id)) {
|
||||
+ if (!s->server && !tls1_check_ec_key(s, curve_id, &comp_id,
|
||||
+ CHECK_OWN_GROUPS)) {
|
||||
SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_CURVE);
|
||||
return 0;
|
||||
}
|
||||
--
|
||||
2.16.2
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:de4d501267da39310905cb6dc8c6121f7a2cad45a7707f76df828fe1b85073af
|
||||
size 5404748
|
@ -1,10 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQEcBAABCAAGBQJZ+yu1AAoJENnE0m0OYESRZaAH/RYgVpfSwQA/GzxR7BBTU/kT
|
||||
nhAwrDzCZyZe6UhWJHIvZhWira3+NEMmJRWgxfLRmoO5+8Jo07Ayz6iI9K6j32Hf
|
||||
NshzdUNerBy1xsvb8Z+mFPu8EPbmOrILJx1TQez4oLbFNDYDDaBXL/z+3H8ffKab
|
||||
wfdVeJ3Qj3XKUi8v+FncSYn5jlzIlMVhOLLEJjgWbA+YP7WXbWveRf2oBEwVJ/ej
|
||||
zcgrgJ6iyCXO7xP5t4Y2OzWpJKopflFz9uR7TwA5tanKibnG6GIoHCGf+mtBtU7t
|
||||
zVMQh8+QnJyGy1qe9QnYrFksP9Fcb0qjMZMB6/DLqJ07t27TkXTB9fIAgElcmK8=
|
||||
=i4gh
|
||||
-----END PGP SIGNATURE-----
|
3
openssl-1.1.0h.tar.gz
Normal file
3
openssl-1.1.0h.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:5835626cde9e99656585fc7aaa2302a73a7e1340bf8c14fd635a62c66802a517
|
||||
size 5422717
|
10
openssl-1.1.0h.tar.gz.asc
Normal file
10
openssl-1.1.0h.tar.gz.asc
Normal file
@ -0,0 +1,10 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQEcBAABCAAGBQJaukw0AAoJENnE0m0OYESRNZoH/jP9DGnLUsEr58XUE1w+q+P/
|
||||
JXF/yaBr1LUx9e599zlVNkLyNsqIN0mVfMDgdnjefIwrEGBVBh9YdeNeeZ9Lnhc4
|
||||
PQCN4vzjUcNv7Jo2DSPmuVoUikntIYM4thrBQuVt031h1+1NQmDpcmU8SESFpM5H
|
||||
A7N6+p/i/ow5g2G/uqc+Wqy/Jdgwtkq+UPHvxajE7pVLhtY+ue5gU3f6Jb8odTdV
|
||||
VT1QNzaStN40WiUIHtrykB3F8eg5BvwkmLUqbruy9IEEtYoJvxALVLD1B7t047Tf
|
||||
Ti1AQ4Ld+NNxbhZeeYMeXTAog3w3DudsSQoOmIN2TiAR6WK44XlS/lu9lK/mFpo=
|
||||
=SK44
|
||||
-----END PGP SIGNATURE-----
|
@ -1,3 +1,27 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Mar 28 14:34:49 UTC 2018 - vcizek@suse.com
|
||||
|
||||
- Tolerate a Certificate using a non-supported group on server side
|
||||
(boo#1084651)
|
||||
* https://github.com/openssl/openssl/pull/5607
|
||||
* add 0001-Tolerate-a-Certificate-using-a-non-supported-group-o.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Mar 27 14:42:36 UTC 2018 - vcizek@suse.com
|
||||
|
||||
- Update to 1.1.0h
|
||||
OpenSSL Security Advisory [27 Mar 2018]
|
||||
* Constructed ASN.1 types with a recursive definition could exceed
|
||||
the stack (CVE-2018-0739) (bsc#1087102)
|
||||
* rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
|
||||
(bsc#1071906)
|
||||
- refresh patches:
|
||||
* 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
|
||||
* openssl-1.1.0-fips.patch
|
||||
* openssl-pkgconfig.patch
|
||||
* openssl-rsakeygen-minimum-distance.patch
|
||||
* openssl-static-deps.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Feb 27 20:13:14 UTC 2018 - dimstar@opensuse.org
|
||||
|
||||
|
@ -20,7 +20,7 @@
|
||||
%define maj_min 1.1
|
||||
%define _rname openssl
|
||||
Name: openssl-1_1
|
||||
Version: 1.1.0g
|
||||
Version: 1.1.0h
|
||||
Release: 0
|
||||
Summary: Secure Sockets and Transport Layer Security
|
||||
License: OpenSSL
|
||||
@ -74,6 +74,8 @@ Patch69: 0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch
|
||||
Patch70: 0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
|
||||
Patch71: 0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch
|
||||
Patch72: 0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
|
||||
# PATCH-FIX-UPSTREAM (boo#1084651)
|
||||
Patch73: 0001-Tolerate-a-Certificate-using-a-non-supported-group-o.patch
|
||||
BuildRequires: bc
|
||||
BuildRequires: ed
|
||||
BuildRequires: pkgconfig
|
||||
|
@ -1,8 +1,8 @@
|
||||
Index: openssl-1.1.0c/Configurations/unix-Makefile.tmpl
|
||||
Index: openssl-1.1.0h/Configurations/unix-Makefile.tmpl
|
||||
===================================================================
|
||||
--- openssl-1.1.0c.orig/Configurations/unix-Makefile.tmpl 2016-11-10 15:03:43.000000000 +0100
|
||||
+++ openssl-1.1.0c/Configurations/unix-Makefile.tmpl 2016-12-02 14:42:03.547865145 +0100
|
||||
@@ -790,7 +790,7 @@ libcrypto.pc:
|
||||
--- openssl-1.1.0h.orig/Configurations/unix-Makefile.tmpl 2018-03-27 16:32:18.922799218 +0200
|
||||
+++ openssl-1.1.0h/Configurations/unix-Makefile.tmpl 2018-03-27 16:33:19.307764137 +0200
|
||||
@@ -710,7 +710,7 @@ libcrypto.pc:
|
||||
echo 'Version: '$(VERSION); \
|
||||
echo 'Libs: -L$${libdir} -lcrypto'; \
|
||||
echo 'Libs.private: $(EX_LIBS)'; \
|
||||
@ -11,10 +11,10 @@ Index: openssl-1.1.0c/Configurations/unix-Makefile.tmpl
|
||||
|
||||
libssl.pc:
|
||||
@ ( echo 'prefix=$(INSTALLTOP)'; \
|
||||
@@ -804,7 +804,7 @@ libssl.pc:
|
||||
@@ -723,7 +723,7 @@ libssl.pc:
|
||||
echo 'Version: '$(VERSION); \
|
||||
echo 'Requires.private: libcrypto'; \
|
||||
echo 'Libs: -L$${libdir} -lssl'; \
|
||||
echo 'Libs.private: $(EX_LIBS)'; \
|
||||
- echo 'Cflags: -I$${includedir}' ) > libssl.pc
|
||||
+ echo 'Cflags: -DOPENSSL_LOAD_CONF -I$${includedir}' ) > libssl.pc
|
||||
|
||||
|
@ -1,8 +1,8 @@
|
||||
Index: openssl-1.1.0f/crypto/rsa/rsa_gen.c
|
||||
Index: openssl-1.1.0h/crypto/rsa/rsa_gen.c
|
||||
===================================================================
|
||||
--- openssl-1.1.0f.orig/crypto/rsa/rsa_gen.c 2017-05-29 13:02:47.095166778 +0200
|
||||
+++ openssl-1.1.0f/crypto/rsa/rsa_gen.c 2017-05-29 13:03:29.415824383 +0200
|
||||
@@ -419,6 +419,19 @@ static int rsa_builtin_keygen(RSA *rsa,
|
||||
--- openssl-1.1.0h.orig/crypto/rsa/rsa_gen.c 2018-03-27 16:34:44.709128590 +0200
|
||||
+++ openssl-1.1.0h/crypto/rsa/rsa_gen.c 2018-03-27 16:34:44.753129312 +0200
|
||||
@@ -420,6 +420,19 @@ static int rsa_builtin_keygen(RSA *rsa,
|
||||
bitsp = (bits + 1) / 2;
|
||||
bitsq = bits - bitsp;
|
||||
|
||||
@ -22,7 +22,7 @@ Index: openssl-1.1.0f/crypto/rsa/rsa_gen.c
|
||||
/* We need the RSA components non-NULL */
|
||||
if (!rsa->n && ((rsa->n = BN_new()) == NULL))
|
||||
goto err;
|
||||
@@ -444,6 +457,8 @@ static int rsa_builtin_keygen(RSA *rsa,
|
||||
@@ -446,6 +459,8 @@ static int rsa_builtin_keygen(RSA *rsa,
|
||||
for (;;) {
|
||||
if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb))
|
||||
goto err;
|
||||
@ -30,8 +30,8 @@ Index: openssl-1.1.0f/crypto/rsa/rsa_gen.c
|
||||
+ continue;
|
||||
if (!BN_sub(r2, rsa->p, BN_value_one()))
|
||||
goto err;
|
||||
if (!BN_gcd(r1, r2, rsa->e, ctx))
|
||||
@@ -460,6 +475,13 @@ static int rsa_builtin_keygen(RSA *rsa,
|
||||
ERR_set_mark();
|
||||
@@ -471,6 +486,13 @@ static int rsa_builtin_keygen(RSA *rsa,
|
||||
if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb))
|
||||
goto err;
|
||||
} while (BN_cmp(rsa->p, rsa->q) == 0);
|
||||
@ -44,4 +44,4 @@ Index: openssl-1.1.0f/crypto/rsa/rsa_gen.c
|
||||
+ continue;
|
||||
if (!BN_sub(r2, rsa->q, BN_value_one()))
|
||||
goto err;
|
||||
if (!BN_gcd(r1, r2, rsa->e, ctx))
|
||||
ERR_set_mark();
|
||||
|
@ -19,10 +19,10 @@ Reviewed-by: Rich Salz <rsalz@openssl.org>
|
||||
Configure | 7 +++++++
|
||||
5 files changed, 47 insertions(+), 20 deletions(-)
|
||||
|
||||
Index: openssl-1.1.0e/Configurations/common.tmpl
|
||||
Index: openssl-1.1.0h/Configurations/common.tmpl
|
||||
===================================================================
|
||||
--- openssl-1.1.0e.orig/Configurations/common.tmpl
|
||||
+++ openssl-1.1.0e/Configurations/common.tmpl
|
||||
--- openssl-1.1.0h.orig/Configurations/common.tmpl 2018-03-27 15:50:37.000000000 +0200
|
||||
+++ openssl-1.1.0h/Configurations/common.tmpl 2018-03-27 16:31:37.126131133 +0200
|
||||
@@ -9,15 +9,22 @@
|
||||
# there are no duplicate dependencies and that they are in the
|
||||
# right order. This is especially used to sort the list of
|
||||
@ -59,11 +59,11 @@ Index: openssl-1.1.0e/Configurations/common.tmpl
|
||||
}
|
||||
@newlist;
|
||||
}
|
||||
Index: openssl-1.1.0e/Configurations/descrip.mms.tmpl
|
||||
Index: openssl-1.1.0h/Configurations/descrip.mms.tmpl
|
||||
===================================================================
|
||||
--- openssl-1.1.0e.orig/Configurations/descrip.mms.tmpl
|
||||
+++ openssl-1.1.0e/Configurations/descrip.mms.tmpl
|
||||
@@ -524,6 +524,17 @@ configdata.pm : $(SRCDIR)Configure $(SRC
|
||||
--- openssl-1.1.0h.orig/Configurations/descrip.mms.tmpl 2018-03-27 15:50:37.000000000 +0200
|
||||
+++ openssl-1.1.0h/Configurations/descrip.mms.tmpl 2018-03-27 16:31:37.126131133 +0200
|
||||
@@ -537,6 +537,17 @@ configdata.pm : $(SRCDIR)Configure $(SRC
|
||||
use File::Basename;
|
||||
use File::Spec::Functions qw/abs2rel rel2abs catfile catdir/;
|
||||
|
||||
@ -81,7 +81,7 @@ Index: openssl-1.1.0e/Configurations/descrip.mms.tmpl
|
||||
sub generatesrc {
|
||||
my %args = @_;
|
||||
my $generator = join(" ", @{$args{generator}});
|
||||
@@ -619,9 +630,7 @@ EOF
|
||||
@@ -632,9 +643,7 @@ EOF
|
||||
my $libd = dirname($lib);
|
||||
my $libn = basename($lib);
|
||||
(my $mkdef_key = $libn) =~ s/^${osslprefix_q}lib([^0-9]*)\d*/$1/i;
|
||||
@ -92,7 +92,7 @@ Index: openssl-1.1.0e/Configurations/descrip.mms.tmpl
|
||||
my $deps = join(", -\n\t\t", @deps);
|
||||
my $shlib_target = $disabled{shared} ? "" : $target{shared_target};
|
||||
my $ordinalsfile = defined($args{ordinals}) ? $args{ordinals}->[1] : "";
|
||||
@@ -667,9 +676,7 @@ EOF
|
||||
@@ -680,9 +689,7 @@ EOF
|
||||
my $libn = basename($lib);
|
||||
(my $libn_nolib = $libn) =~ s/^lib//;
|
||||
my @objs = map { "$_.OBJ" } @{$args{objs}};
|
||||
@ -103,7 +103,7 @@ Index: openssl-1.1.0e/Configurations/descrip.mms.tmpl
|
||||
my $deps = join(", -\n\t\t", @objs, @deps);
|
||||
my $shlib_target = $disabled{shared} ? "" : $target{shared_target};
|
||||
my $engine_opt = abs2rel(rel2abs(catfile($config{sourcedir},
|
||||
@@ -719,9 +726,7 @@ EOF
|
||||
@@ -732,9 +739,7 @@ EOF
|
||||
my $bind = dirname($bin);
|
||||
my $binn = basename($bin);
|
||||
my @objs = map { "$_.OBJ" } @{$args{objs}};
|
||||
@ -114,11 +114,11 @@ Index: openssl-1.1.0e/Configurations/descrip.mms.tmpl
|
||||
my $deps = join(", -\n\t\t", @objs, @deps);
|
||||
# The "[]" hack is because in .OPT files, each line inherits the
|
||||
# previous line's file spec as default, so if no directory spec
|
||||
Index: openssl-1.1.0e/Configurations/unix-Makefile.tmpl
|
||||
Index: openssl-1.1.0h/Configurations/unix-Makefile.tmpl
|
||||
===================================================================
|
||||
--- openssl-1.1.0e.orig/Configurations/unix-Makefile.tmpl
|
||||
+++ openssl-1.1.0e/Configurations/unix-Makefile.tmpl
|
||||
@@ -837,13 +837,13 @@ configdata.pm: $(SRCDIR)/Configure $(SRC
|
||||
--- openssl-1.1.0h.orig/Configurations/unix-Makefile.tmpl 2018-03-27 16:31:37.110130877 +0200
|
||||
+++ openssl-1.1.0h/Configurations/unix-Makefile.tmpl 2018-03-27 16:31:37.126131133 +0200
|
||||
@@ -755,13 +755,13 @@ configdata.pm: $(SRCDIR)/Configure $(SRC
|
||||
# It takes a list of library names and outputs a list of dependencies
|
||||
sub compute_lib_depends {
|
||||
if ($disabled{shared}) {
|
||||
@ -134,7 +134,7 @@ Index: openssl-1.1.0e/Configurations/unix-Makefile.tmpl
|
||||
}
|
||||
|
||||
sub generatesrc {
|
||||
@@ -1056,11 +1056,16 @@ EOF
|
||||
@@ -976,11 +976,16 @@ EOF
|
||||
my $binn = basename($bin);
|
||||
my $objs = join(" ", map { $_.$objext } @{$args{objs}});
|
||||
my $deps = join(" ",compute_lib_depends(@{$args{deps}}));
|
||||
@ -156,11 +156,11 @@ Index: openssl-1.1.0e/Configurations/unix-Makefile.tmpl
|
||||
my $shlib_target = $disabled{shared} ? "" : $target{shared_target};
|
||||
return <<"EOF";
|
||||
$bin$exeext: $objs $deps
|
||||
Index: openssl-1.1.0e/Configurations/windows-makefile.tmpl
|
||||
Index: openssl-1.1.0h/Configurations/windows-makefile.tmpl
|
||||
===================================================================
|
||||
--- openssl-1.1.0e.orig/Configurations/windows-makefile.tmpl
|
||||
+++ openssl-1.1.0e/Configurations/windows-makefile.tmpl
|
||||
@@ -342,8 +342,10 @@ configdata.pm: "$(SRCDIR)\Configure" {-
|
||||
--- openssl-1.1.0h.orig/Configurations/windows-makefile.tmpl 2018-03-27 15:50:37.000000000 +0200
|
||||
+++ openssl-1.1.0h/Configurations/windows-makefile.tmpl 2018-03-27 16:31:37.126131133 +0200
|
||||
@@ -361,8 +361,10 @@ configdata.pm: "$(SRCDIR)\Configure" {-
|
||||
# It takes a list of library names and outputs a list of dependencies
|
||||
sub compute_lib_depends {
|
||||
if ($disabled{shared}) {
|
||||
@ -172,11 +172,11 @@ Index: openssl-1.1.0e/Configurations/windows-makefile.tmpl
|
||||
return map { shlib_import($_) } @_;
|
||||
}
|
||||
|
||||
Index: openssl-1.1.0e/Configure
|
||||
Index: openssl-1.1.0h/Configure
|
||||
===================================================================
|
||||
--- openssl-1.1.0e.orig/Configure
|
||||
+++ openssl-1.1.0e/Configure
|
||||
@@ -1838,9 +1838,16 @@ EOF
|
||||
--- openssl-1.1.0h.orig/Configure 2018-03-27 15:50:37.000000000 +0200
|
||||
+++ openssl-1.1.0h/Configure 2018-03-27 16:31:37.126131133 +0200
|
||||
@@ -1844,9 +1844,16 @@ EOF
|
||||
$d = cleanfile($buildd, $_, $blddir);
|
||||
}
|
||||
# Take note if the file to depend on is being renamed
|
||||
@ -191,5 +191,5 @@ Index: openssl-1.1.0e/Configure
|
||||
}
|
||||
+ $d .= $e;
|
||||
$unified_info{depends}->{$ddest}->{$d} = 1;
|
||||
# If we depend on a header file or a perl module, let's make
|
||||
# sure it can get included
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user