openssl: update to v1.0.1a (CVE-2012-2110)

SVN-Revision: 31346

diff --git a/package/openssl/Makefile b/package/openssl/Makefile
index 424bd396250b08bb34d981cfcd437b32187bb3ca..b9b9b3102a2276e942d39e62f2cefa69f52438dd 100644 (file)
--- a/package/openssl/Makefile
+++ b/package/openssl/Makefile
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openssl
-PKG_VERSION:=1.0.1
+PKG_VERSION:=1.0.1a
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
@@ -16,7 +16,7 @@ PKG_SOURCE_URL:=http://www.openssl.org/source/ \
        ftp://ftp.funet.fi/pub/crypt/cryptography/libs/openssl/source/ \
        ftp://ftp.webmonster.de/pub/openssl/source/ \
        ftp://ftp.sunet.se/pub/security/tools/net/openssl/source/
-PKG_MD5SUM:=134f168bc2a8333f19f81d684841710b
+PKG_MD5SUM:=a0104320c0997cd33e18b8ea798609d1
 
 PKG_BUILD_DEPENDS:=ocf-crypto-headers
 PKG_CONFIG_DEPENDS:=CONFIG_OPENSSL_ENGINE

diff --git a/package/openssl/patches/210-no-OPENSSL_ia32cap_P.patch b/package/openssl/patches/210-no-OPENSSL_ia32cap_P.patch
new file mode 100644 (file)
index 0000000..6ddf009
--- /dev/null
+++ b/package/openssl/patches/210-no-OPENSSL_ia32cap_P.patch
@@ -0,0 +1,12 @@
+--- a/crypto/evp/e_rc4_hmac_md5.c
++++ b/crypto/evp/e_rc4_hmac_md5.c
+@@ -289,8 +289,6 @@ static EVP_CIPHER r4_hmac_md5_cipher=
+ 
+ const EVP_CIPHER *EVP_rc4_hmac_md5(void)
+       {
+-      extern unsigned int OPENSSL_ia32cap_P[];
+-      /* RC4_CHAR flag ------------vvvvv */
+-      return(OPENSSL_ia32cap_P[0]&(1<<20) ? NULL : &r4_hmac_md5_cipher);
++      return(&r4_hmac_md5_cipher);
+       }
+ #endif