openssl: update 1.0.2d -> 1.0.2k

This is basically a back port of the following commits from the
openembedded-core master branch:

openssl: actually apply Use-SHA256-not-MD5-as-default-digest.patch
openssl: Fix symlink creation
openssl: Updgrade 1.0.2j -> 1.0.2k
openssl: Use linux-aarch64 target for aarch64
openssl-native: Compile with -fPIC
openssl: Security fix CVE-2016-7055
OpenSSL: CVE-2004-2761 replace MD5 hash algorithm
openssl: fix bashism in c_rehash shell script
openssl: rehash actual mozilla certificates inside rootfs
openssl: Upgrade 1.0.2i -> 1.0.2j
openssl.inc: avoid random ptest failures
openssl: update to 1.0.2i (CVE-2016-6304 and more)
openssl: fix do_configure error when cwd is not in @INC
openssl: fix add missing dependencies building for test directory
openssl: Security fix CVE-2016-2178
openssl: Security fix CVE-2016-2177
openssl: prevent warnings from openssl-c_rehash.sh
openssl: fix the dangling libcrypto.a symlink
openssl: Ensure SSL certificates are stored on sysconfdir
openssl: Add Shell-Script based c_rehash utility
openssl: Security fix via update to 1.0.2h
openssl.inc: minor packaging cleanup
openssl: don't move libcrypto to base_libdir
openssl: add a patch to fix parallel builds
openssl: Security fix Drown via 1.0.2g update
openssl.inc: drop obsolete mtx-1 and mtx-2 over-rides
openssl: Explicitly set EXTRA_OEMAKE as required
openssl: update 1.0.2e -> 1.0.2f ( CVE-2016-0701 CVE-2015-3197 )
openssl: Add musl configuration support
openssl: update to 1.0.2e
openssl: enable parallel make
openssl: fix ptest issues
openssl: use subdir= instead of moving files in do_configure_prepend()
openssl: sanity check that the bignum module is present
openssl: fix ptest failures

Note that this requires a complete image rebuild due to ABI breakage. If
that is not desired something along those lines would need to be
integrated as well:

http://cgit.openembedded.org/openembedded-core/commit?id=480db6be99f9a53d8657b31b846f0079ee1a124f

Signed-off-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>

1 files changed, 39 insertions, 0 deletions

diff --git a/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch b/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch
new file mode 100644
index 0000000..cbce32c
--- /dev/null
+++ b/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch
@@ -0,0 +1,39 @@
+Upstream-Status: Pending
+
+Received from H J Liu @ Intel
+Make the assembly syntax compatible with x32 gcc. Othewise x32 gcc throws errors.
+Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/07/13
+
+ported the patch to the 1.0.0e version
+Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/12/01
+Index: openssl-1.0.2/crypto/bn/bn.h
+===================================================================
+--- openssl-1.0.2.orig/crypto/bn/bn.h
++++ openssl-1.0.2/crypto/bn/bn.h
+@@ -173,6 +173,13 @@ extern "C" {
+ #  endif
+ # endif
+ 
++/* Address type.  */
++#ifdef _WIN64
++#define BN_ADDR unsigned long long
++#else
++#define BN_ADDR unsigned long
++#endif
++
+ /*
+  * assuming long is 64bit - this is the DEC Alpha unsigned long long is only
+  * 64 bits :-(, don't define BN_LLONG for the DEC Alpha
+Index: openssl-1.0.2/crypto/bn/bn_exp.c
+===================================================================
+--- openssl-1.0.2.orig/crypto/bn/bn_exp.c
++++ openssl-1.0.2/crypto/bn/bn_exp.c
+@@ -638,7 +638,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBU
+  * multiple.
+  */
+ #define MOD_EXP_CTIME_ALIGN(x_) \
+-        ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
++	((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ADDR)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
+ 
+ /*
+  * This variant of BN_mod_exp_mont() uses fixed windows and the special