On Wed, Jan 09, 2019 at 12:31:12PM +0000, Denis OSTERLAND wrote: > Hi Oliver, > > AFAIK OpenSSL 1.0 -> 1.1 is a bigger step.
But it is worth doing as I could then finally drop local patches to enable crypodev ;-) > On which architectures have you tried it? Just tried on OMAP3 board only. Compiles and runs fine (even with /dev/crypto) > Do you compiled ALL_YES? > > Am Dienstag, den 08.01.2019, 14:45 +0100 schrieb Oliver Graute: > > this patch bump openssl to LTS version 1.1.1a > > > > Signed-off-by: Oliver Graute <oliver.gra...@neuhaus.de> > > --- > > > > first try to get LTS openssl into ptxdist > > > > - added debian-armel to Configurations/10-main.conf for compiling on arm > I would use the patches from > http://deb.debian.org/debian/pool/main/o/openssl/openssl_1.1.1a-1.debian.tar.xz > to replace the patches imported from openssl1.0_1.0.2o-1.debian.tar.xz. > > The patches 0100 and 0101 can be dropped, if it builds in parallel, I guess. > > > - dropped the other patches, are these still necessary? > You should delete this patches. > Actually your patches does not delete them. > > > > > .../openssl-1.1.1a/0001-added-debian-armel.patch | 41 > > ++++++++++++++++++++++ > > patches/openssl-1.1.1a/series | 1 + > > rules/openssl.make | 10 +++--- > > 3 files changed, 47 insertions(+), 5 deletions(-) > > create mode 100644 patches/openssl-1.1.1a/0001-added-debian-armel.patch > > create mode 100644 patches/openssl-1.1.1a/series > > > > diff --git a/patches/openssl-1.1.1a/0001-added-debian-armel.patch > > b/patches/openssl-1.1.1a/0001-added-debian-armel.patch > > new file mode 100644 > > index 0000000..567a405 > > --- /dev/null > > +++ b/patches/openssl-1.1.1a/0001-added-debian-armel.patch > > @@ -0,0 +1,41 @@ > > +From 3144929533150f6c5cb1d3e4e915fd3e9556af5d Mon Sep 17 00:00:00 2001 > > +From: Oliver Graute <oliver.gra...@neuhaus.de> > > +Date: Tue, 8 Jan 2019 13:17:55 +0100 > > +Subject: [PATCH] openssl: added debian-armel to Configuration > > + > > +added target debian-armel to 10-main.conf > > + > > +--- > > + Configurations/10-main.conf | 16 ++++++++++++++++ > > + 1 file changed, 16 insertions(+) > > + > > +diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf > > +index 5cf345d..5f1bdfe 100644 > > +--- a/Configurations/10-main.conf > > ++++ b/Configurations/10-main.conf > > +@@ -627,6 +627,22 @@ my %targets = ( > > + shared_extension => ".so", > > + }, > > + > > ++ "debian-armel" => { > > ++ inherit_from => [ "linux-generic32", asm("armv4_asm") ], > > ++ CC => "gcc", > > ++ CFLAGS => "", > > ++ cflags => "-g -O2 -Wformat -Werror=format-security " . > > "-Wa,--noexecstack -Wall", > > ++ cppflags => threads("-D_REENTRANT"), > > ++ lib_cppflags => "-DL_ENDIAN", > > ++ ex_libs => add("-ldl"), > > ++ bn_ops => "BN_LLONG RC4_CHAR > > ++ RC4_CHUNK DES_INT DES_UNROLL BF_PTR", > > ++ dso_scheme => "dlfcn", > > ++ shared_target => "linux-shared", > > ++ shared_cflag => "-fPIC", > > ++ shared_extension => ".so", > > ++ }, > > ++ > > + #### > > + #### Variety of LINUX:-) > > + #### > > +-- > > +1.9.1 > > + > > diff --git a/patches/openssl-1.1.1a/series b/patches/openssl-1.1.1a/series > > new file mode 100644 > > index 0000000..d11a458 > > --- /dev/null > > +++ b/patches/openssl-1.1.1a/series > > @@ -0,0 +1 @@ > > +0001-added-debian-armel.patch > > diff --git a/rules/openssl.make b/rules/openssl.make > > index d514077..0ace6c3 100644 > > --- a/rules/openssl.make > > +++ b/rules/openssl.make > > @@ -18,10 +18,10 @@ PACKAGES-$(PTXCONF_OPENSSL) += openssl > > # > > # Paths and names > > # > > -OPENSSL_BASE := 1.0.2 > > -OPENSSL_BUGFIX := q > > +OPENSSL_BASE := 1.1.1 > > +OPENSSL_BUGFIX := a > > OPENSSL_VERSION := $(OPENSSL_BASE)$(OPENSSL_BUGFIX) > > -OPENSSL_MD5 := 7563e1ce046cb21948eeb6ba1a0eb71c > > +OPENSSL_MD5 := 963deb2272d6be7d4c2458afd2517b73 > > OPENSSL := openssl-$(OPENSSL_VERSION) > > OPENSSL_SUFFIX := tar.gz > > OPENSSL_URL := \ > > @@ -74,7 +74,7 @@ endif > > OPENSSL_CONF_OPT := \ > > --prefix=/usr \ > > --openssldir=/usr/lib/ssl \ > > - --install_prefix=$(OPENSSL_PKGDIR) \ > > + DESTDIR=$(OPENSSL_PKGDIR) \ > > shared > > > > OPENSSL_INSTALL_OPT := \ > > @@ -106,7 +106,7 @@ ifdef PTXCONF_OPENSSL_BIN > > endif > > > > @$(call install_alternative, openssl, 0, 0, 0644, \ > > - /usr/lib/ssl/openssl.cnf) > > + /apps/openssl.cnf) > > > > @$(call install_lib, openssl, 0, 0, 0644, libssl) > > @$(call install_lib, openssl, 0, 0, 0644, libcrypto) > > Diehl Connectivity Solutions GmbH > Geschäftsführung: Horst Leonberger > Sitz der Gesellschaft: Nürnberg - Registergericht: Amtsgericht > Nürnberg: HRB 32315 > ___________________________________________________________________________________________________ > > Der Inhalt der vorstehenden E-Mail ist nicht rechtlich bindend. Diese E-Mail > enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen. > Informieren Sie uns bitte, wenn Sie diese E-Mail faelschlicherweise erhalten > haben. Bitte loeschen Sie in diesem Fall die Nachricht. > Jede unerlaubte Form der Reproduktion, Bekanntgabe, Aenderung, Verteilung > und/oder Publikation dieser E-Mail ist strengstens untersagt. > The contents of the above mentioned e-mail is not legally binding. This > e-mail contains confidential and/or legally protected information. Please > inform us if you have received this e-mail by > mistake and delete it in such a case. Each unauthorized reproduction, > disclosure, alteration, distribution and/or publication of this e-mail is > strictly prohibited. > _______________________________________________ > ptxdist mailing list > ptxdist@pengutronix.de _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de
