From: Hauke Mehrtens Date: Sat, 28 Apr 2018 22:40:40 +0000 (+0200) Subject: uboot-mxs: Fix build with libressl 2.7.2 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=c21a4c724662cd9bac23456320314a995cb3c802;p=openwrt%2Fstaging%2Fthess.git uboot-mxs: Fix build with libressl 2.7.2 When libressl was linked the libpthread was missing, add it in addition. Also make the mxsimage tool to use the OpenSSL 1.1 API for the recent libressl version. Fixes: 2c192b69163f ("tools/libressl: update to version 2.7.2") Signed-off-by: Hauke Mehrtens --- diff --git a/package/boot/uboot-mxs/patches/002-tools-mxsimage-Support-building-with-LibreSSL.patch b/package/boot/uboot-mxs/patches/002-tools-mxsimage-Support-building-with-LibreSSL.patch index c99c538635..aa7285ebce 100644 --- a/package/boot/uboot-mxs/patches/002-tools-mxsimage-Support-building-with-LibreSSL.patch +++ b/package/boot/uboot-mxs/patches/002-tools-mxsimage-Support-building-with-LibreSSL.patch @@ -1,35 +1,36 @@ -From 74e3ace3495b73f6e592e92eca18175cccdb5a24 Mon Sep 17 00:00:00 2001 +From c5b0bca4c3ca5c3d1d8ee99fdbf3b494a3986dbd Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens -Date: Sat, 17 Feb 2018 15:34:19 +0100 -Subject: [PATCH v2] tools/mxsimage: Support building with LibreSSL +Date: Sun, 18 Mar 2018 16:03:47 +0100 +Subject: [PATCH] tools/mxsimage: Support building with LibreSSL -The mxsimage utility fails to compile against LibreSSL because LibreSSL -says it is OpenSSL 2.0, but it does not support the complete OpenSSL 1.1 -interface. +The mxsimage utility fails to compile against LibreSSL version < 2.7.0 +because LibreSSL says it is OpenSSL 2.0, but it does not support the +complete OpenSSL 1.1 interface. LibreSSL defines OPENSSL_VERSION_NUMBER with 0x20000000L and therefor -claims to have an API compatible with OpenSSL 2.0, but it does not -implement OPENSSL_zalloc() and some other functions in its most recent -version. OpenSSL implements this function since version 1.1.0. +claims to have an API compatible with OpenSSL 2.0, but it implements +EVP_MD_CTX_new(), EVP_MD_CTX_free() and EVP_CIPHER_CTX_reset() only +starting with version 2.7.0, which is not yet released. OpenSSL +implements this function since version 1.1.0. This commit will activate the compatibility code meant for -OpenSSL < 1.1.0 also for all versions of LibreSSL, if some version of -LibreSSL will support these functions in the future the version check -should be adapted. +OpenSSL < 1.1.0 also for LibreSSL version < 2.7.0. Signed-off-by: Hauke Mehrtens +Reviewed-by: Jonathan Gray --- - tools/mxsimage.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) + tools/mxsimage.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) --- a/tools/mxsimage.c +++ b/tools/mxsimage.c -@@ -26,7 +26,7 @@ +@@ -26,7 +26,8 @@ * OpenSSL 1.1.0 and newer compatibility functions: * https://wiki.openssl.org/index.php/1.1_API_Changes */ -#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL) static void *OPENSSL_zalloc(size_t num) { void *ret = OPENSSL_malloc(num); diff --git a/package/boot/uboot-mxs/patches/210-link-libcrypto-static.patch b/package/boot/uboot-mxs/patches/210-link-libcrypto-static.patch new file mode 100644 index 0000000000..87b70ccea4 --- /dev/null +++ b/package/boot/uboot-mxs/patches/210-link-libcrypto-static.patch @@ -0,0 +1,14 @@ +OpenWrt links the libressl statically against mkimage, make sure all the +needed dependencies are added too. + +--- a/tools/Makefile ++++ b/tools/Makefile +@@ -163,7 +163,7 @@ endif + # MXSImage needs LibSSL + ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_ARMADA_38X)$(CONFIG_ARMADA_39X)$(CONFIG_FIT_SIGNATURE),) + HOSTLOADLIBES_mkimage += \ +- $(shell pkg-config --libs libssl libcrypto 2> /dev/null || echo "-lssl -lcrypto") ++ $(shell pkg-config --libs --static libssl libcrypto 2> /dev/null || echo "-lssl -lpthread -lcrypto") + + # OS X deprecate openssl in favour of CommonCrypto, supress deprecation + # warnings on those systems