Google Git
Sign in
nest-open-source/nest-protect/3.0.2/openssl/refs/heads/master^!/.
commit
2b84d016e510cb47c99d939845541c5fbc527044
[log] [tgz]
author
Igor Sarkisov <isarkisov@google.com>
Wed Oct 07 00:58:09 2020 -0700
committer
Igor Sarkisov <isarkisov@google.com>
Wed Oct 07 00:58:09 2020 -0700
tree
acb8fbdbefdbec6c45f30cd92842b8095da43f39
Project import

diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..0f75194
--- /dev/null
+++ b/Makefile

@@ -0,0 +1,150 @@
+#
+#    Copyright (c) 2010-2012 Nest, Inc.
+#    All rights reserved.
+#
+#    This document is the property of Nest. It is considered
+#    confidential and proprietary information.
+#
+#    This document may not be reproduced or transmitted in any form,
+#    in whole or in part, without the express written permission of
+#    Nest.
+#
+#    Description:
+#      This file is the makefile for the Open Secure Socket Layer
+#      (SSL) library.
+#
+
+BuildConfigSpecialized	:= No
+
+include pre.mak
+
+PackageName		:= openssl
+
+PackageExtension	:= tar.gz
+PackageSeparator	:= -
+
+PackagePatchArgs	:= -p1
+
+PackageArchive		:= $(PackageName).$(PackageExtension)
+PackageSourceDir	:= $(PackageName)$(PackageSeparator)$(PackageVersion)
+
+PackageBuildMakefile	= $(call GenerateBuildPaths,Makefile)
+
+CleanPaths		+= $(PackageLicenseFile)
+
+LinuxDir		:= sw/tps/linux
+LinuxIncDir		:= $(call GenerateResultPaths,$(LinuxDir),include)
+
+ZlibDir			:= sw/tps/zlib
+ZlibIncDir      	:= $(call GenerateResultPaths,$(ZlibDir),usr/include)
+ZlibLibDir      	:= $(call GenerateResultPaths,$(ZlibDir),usr/lib)
+
+CLibraryDir                    := sw/tps/newlib
+CLibraryIncludeDir             := $(call GenerateResultPaths,$(CLibraryDir),usr/arm-none-eabi/include)
+CLibraryLibDir                 := $(call GenerateResultPaths,$(CLibraryDir),usr/arm-none-eabi/lib)
+
+all: $(PackageDefaultGoal)
+
+# Generate the package license contents.
+
+$(PackageSourceDir)/LICENSE: source
+
+$(PackageLicenseFile): $(PackageSourceDir)/LICENSE
+	$(copy-result)
+
+# Extract the source from the archive and apply patches, if any.
+
+$(PackageSourceDir): $(PackageArchive) $(PackagePatchPaths)
+	$(expand-and-patch-package)
+
+# Prepare the sources.
+
+.PHONY: source
+source: | $(PackageSourceDir)
+
+# Patch the sources, if necessary.
+
+.PHONY: patch
+patch: source
+
+$(PackageBuildMakefile): | $(PackageSourceDir) $(BuildDirectory)
+	$(call create-links,$(CURDIR)/$(PackageSourceDir),$(BuildDirectory))
+
+# Configure the source for building.
+
+OpenSSLTargetConfig   = gcc
+
+ifneq ($(CONFIG_OSM_HOST),1)
+OpenSSLPackageOptions = $(MACHFLAGS) \
+						-DDEVRANDOM= -DNO_SYSLOG -DNO_CHMOD -DNO_MEMORY_H -DOPENSSL_EXPERIMENTAL_JPAKE
+
+OpenSSLCC_LD	      = CC="$(CC)" LD=$(LD) LDFLAGS="$(LDFLAGS)"
+
+OpenSSLCCFlags        =	$(MACHFLAGS) -Wno-unused-value \
+						-Wno-implicit-function-declaration
+
+OpenSSLCCFlags        += no-asm no-threads no-shared no-zlib no-idea no-camellia no-seed no-bf no-cast \
+			 no-des no-rc2 no-rc4 no-rc5 no-md2 no-md4 no-ripemd no-mdc2 no-rsa no-dsa no-dh \
+			 no-sock no-dgram no-ssl2 no-ssl3 no-err no-krb5 no-engine no-hw no-dso \
+			 no-devrandom no-sha512 no-dir no-egd experimental-jpake
+			 
+ifeq ($(BuildProduct),topaz)
+
+OpenSSLCCFlags        += no-ecdh no-tty
+
+endif
+
+OpenSSLCCFlags	      += $(call ToolGenerateIncludeArgument,$(CLibraryIncludeDir))
+
+OpenSSLTargets	      = build_crypto
+OpenSSLInstallTargets = install_crypto
+else
+OpenSSLTargets	      = all
+OpenSSLInstallTargets = install
+endif
+
+.PHONY: configure
+configure: source $(PackageBuildMakefile)
+	$(Verbose)cd $(BuildDirectory) && \
+	$(OpenSSL_LD) \
+	./Configure \
+	--prefix=/usr \
+	--openssldir=/usr/lib/ssl \
+	shared \
+	zlib \
+	$(call ToolGenerateIncludeArgument,$(ZlibIncDir)) \
+	$(call ToolGenerateLibraryPathArgument,$(ZlibLibDir)) \
+	$(OpenSSLPackageOptions) \
+	$(OpenSSLCCFlags) \
+	$(OpenSSLTargetConfig)
+
+# Build the source.
+#
+# We have to unset MAKEFLAGS since they confuse the package build otherwise.
+
+.PHONY: build
+build: configure | $(BuildDirectory)
+	$(Verbose)unset MAKEFLAGS && \
+	$(MAKE) -C $(BuildDirectory) \
+	CC="$(CC)" AR="$(AR) $(ARFLAGS)" RANLIB=$(RANLIB) \
+	INSTALL_PREFIX=$(ResultDirectory) \
+	$(OpenSSLTargets)
+
+# Stage the build to a temporary installation area.
+#
+# We have to unset MAKEFLAGS since they confuse the package build otherwise.
+
+.PHONY: stage
+stage: build | $(ResultDirectory)
+	$(Verbose)unset MAKEFLAGS && \
+	$(MAKE) -C $(BuildDirectory) \
+	CC="$(CC)" AR="$(AR) $(ARFLAGS)" RANLIB=$(RANLIB) \
+	INSTALL_PREFIX=$(ResultDirectory) \
+	$(OpenSSLInstallTargets)
+
+clean:
+	$(Verbose)$(RM) $(RMFLAGS) -r $(PackageSourceDir)
+	$(Verbose)$(RM) $(RMFLAGS) -r $(BuildDirectory)
+	$(Verbose)$(RM) $(RMFLAGS) -r $(ResultDirectory)
+
+include post.mak

diff --git a/openssl.patches/openssl-50.description b/openssl.patches/openssl-50.description
new file mode 100644
index 0000000..da8e579
--- /dev/null
+++ b/openssl.patches/openssl-50.description

@@ -0,0 +1,3 @@
+This patch ensures that shared libraries are, at minimum, user writable 
+so that they may be successfully stripped when generating file system 
+and installation images.

diff --git a/openssl.patches/openssl-50.patch b/openssl.patches/openssl-50.patch
new file mode 100644
index 0000000..653d97f
--- /dev/null
+++ b/openssl.patches/openssl-50.patch

@@ -0,0 +1,11 @@
+--- a/Makefile.org	2010-01-27 08:06:36.000000000 -0800
++++ b/Makefile.org	2010-09-03 14:47:59.000000000 -0700
+@@ -527,7 +527,7 @@
+ 			(       echo installing $$i; \
+ 				if [ "$(PLATFORM)" != "Cygwin" ]; then \
+ 					cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+-					chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
++					chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+ 					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+ 				else \
+ 					c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \

diff --git a/openssl.patches/openssl-51.description b/openssl.patches/openssl-51.description
new file mode 100644
index 0000000..7988986
--- /dev/null
+++ b/openssl.patches/openssl-51.description

@@ -0,0 +1 @@
+This patch ensures that CHECKED_STACK_OF can successfully work with C++ classes that employs cast operators.

diff --git a/openssl.patches/openssl-51.patch b/openssl.patches/openssl-51.patch
new file mode 100644
index 0000000..cf1d2ab
--- /dev/null
+++ b/openssl.patches/openssl-51.patch

@@ -0,0 +1,11 @@
+--- a/crypto/stack/safestack.h	2011-08-17 15:39:52.853888167 -0700
++++ b/crypto/stack/safestack.h	2011-08-17 15:40:20.181928142 -0700
+@@ -68,7 +68,7 @@
+  */
+ 
+ #define CHECKED_STACK_OF(type, p) \
+-    ((_STACK*) (1 ? p : (STACK_OF(type)*)0))
++    ((_STACK*) (1 ? (STACK_OF(type)*)p : (STACK_OF(type)*)0))
+ 
+ #define CHECKED_SK_FREE_FUNC(type, p) \
+     ((void (*)(void *)) ((1 ? p : (void (*)(type *))0)))

diff --git a/openssl.patches/openssl-52.description b/openssl.patches/openssl-52.description
new file mode 100644
index 0000000..fef070e
--- /dev/null
+++ b/openssl.patches/openssl-52.description

@@ -0,0 +1,2 @@
+This patch adds a make target for installing libcrypt.a only.
+

diff --git a/openssl.patches/openssl-52.patch b/openssl.patches/openssl-52.patch
new file mode 100644
index 0000000..e5cd9e4
--- /dev/null
+++ b/openssl.patches/openssl-52.patch

@@ -0,0 +1,24 @@
+*** a/Makefile.org	2012-04-22 06:25:19.000000000 -0700
+--- b/Makefile.org	2013-02-22 13:03:54.141463945 -0800
+*************** dist_pem_h:
+*** 539,544 ****
+--- 539,556 ----
+  
+  install: all install_docs install_sw
+  
++ install_crypto:
++ 	@$(PERL) $(TOP)/util/mkdir-p.pl \
++ 		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
++ 		$(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl
++ 	@set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
++ 	do \
++ 	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
++ 	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
++ 	done;
++ 	@set -e; dir=crypto; target=install; $(BUILD_ONE_CMD)
++ 	@cp libcrypto.a $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/libcrypto.a
++ 
+  install_sw:
+  	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
+  		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
+

diff --git a/openssl.patches/openssl-53.description b/openssl.patches/openssl-53.description
new file mode 100644
index 0000000..3ba91a0
--- /dev/null
+++ b/openssl.patches/openssl-53.description

@@ -0,0 +1,2 @@
+Adds a Configure option (no-dir) to disable the use of OS directory enumeration functions (e.g. readdir).
+

diff --git a/openssl.patches/openssl-53.patch b/openssl.patches/openssl-53.patch
new file mode 100644
index 0000000..5aa59ca
--- /dev/null
+++ b/openssl.patches/openssl-53.patch

@@ -0,0 +1,24 @@
+diff -c -r a/crypto/o_dir.c b/crypto/o_dir.c
+*** a/crypto/o_dir.c	2004-08-03 12:15:21.000000000 -0700
+--- b/crypto/o_dir.c	2013-02-23 17:46:40.894634000 -0800
+***************
+*** 70,76 ****
+  #include "o_dir.h"
+  
+  #define LPDIR_H
+! #if defined OPENSSL_SYS_UNIX || defined DJGPP
+  #include "LPdir_unix.c"
+  #elif defined OPENSSL_SYS_VMS
+  #include "LPdir_vms.c"
+--- 70,79 ----
+  #include "o_dir.h"
+  
+  #define LPDIR_H
+! 
+! #ifdef OPENSSL_NO_DIR
+! #include "LPdir_nyi.c"
+! #elif defined OPENSSL_SYS_UNIX || defined DJGPP
+  #include "LPdir_unix.c"
+  #elif defined OPENSSL_SYS_VMS
+  #include "LPdir_vms.c"
+

diff --git a/openssl.patches/openssl-54.description b/openssl.patches/openssl-54.description
new file mode 100644
index 0000000..dff038a
--- /dev/null
+++ b/openssl.patches/openssl-54.description

@@ -0,0 +1,2 @@
+Adds a Configure option (no-egd) to disable use of the Linux entropy gathering daemon.
+

diff --git a/openssl.patches/openssl-54.patch b/openssl.patches/openssl-54.patch
new file mode 100644
index 0000000..2b43d47
--- /dev/null
+++ b/openssl.patches/openssl-54.patch

@@ -0,0 +1,21 @@
+diff -c -r a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c
+*** a/crypto/rand/rand_egd.c	2008-11-11 23:27:36.000000000 -0800
+--- b/crypto/rand/rand_egd.c	2013-02-23 18:29:48.894897294 -0800
+***************
+*** 95,101 ****
+   *   RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
+   */
+  
+! #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_BEOS)
+  int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
+  	{
+  	return(-1);
+--- 95,101 ----
+   *   RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
+   */
+  
+! #if defined(OPENSSL_NO_EGD) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_BEOS)
+  int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
+  	{
+  	return(-1);
+

diff --git a/openssl.patches/openssl-55.description b/openssl.patches/openssl-55.description
new file mode 100644
index 0000000..e5c6a1f
--- /dev/null
+++ b/openssl.patches/openssl-55.description

@@ -0,0 +1,3 @@
+Adds a Configure option (no-tty) to disable use of tty devices in libcrypto. Note that this
+patch will result in undefined references at link time if certain features of the
+library are used.

diff --git a/openssl.patches/openssl-55.patch b/openssl.patches/openssl-55.patch
new file mode 100644
index 0000000..de45f18
--- /dev/null
+++ b/openssl.patches/openssl-55.patch

@@ -0,0 +1,34 @@
+diff -c -r a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c
+*** a/crypto/ui/ui_openssl.c	2012-02-11 15:38:49.000000000 -0800
+--- b/crypto/ui/ui_openssl.c	2013-02-23 18:54:56.395504635 -0800
+***************
+*** 114,122 ****
+   * [including the GNU Public Licence.]
+   */
+  
+- 
+  #include <openssl/e_os2.h>
+  
+  /* need for #define _POSIX_C_SOURCE arises whenever you pass -ansi to gcc
+   * [maybe others?], because it masks interfaces not discussed in standard,
+   * sigaction and fileno included. -pedantic would be more appropriate for
+--- 114,123 ----
+   * [including the GNU Public Licence.]
+   */
+  
+  #include <openssl/e_os2.h>
+  
++ #ifndef OPENSSL_NO_TTY
++ 
+  /* need for #define _POSIX_C_SOURCE arises whenever you pass -ansi to gcc
+   * [maybe others?], because it masks interfaces not discussed in standard,
+   * sigaction and fileno included. -pedantic would be more appropriate for
+***************
+*** 710,712 ****
+--- 711,715 ----
+  	return(strlen(buf));
+  	}
+  #endif
++ 
++ #endif // OPENSSL_NO_TTY
+

diff --git a/openssl.patches/openssl-56.description b/openssl.patches/openssl-56.description
new file mode 100644
index 0000000..bf9728a
--- /dev/null
+++ b/openssl.patches/openssl-56.description

@@ -0,0 +1,2 @@
+Ensure that standard socket header files are NOT included when OPENSSL_NO_SOCK is defined.
+

diff --git a/openssl.patches/openssl-56.patch b/openssl.patches/openssl-56.patch
new file mode 100644
index 0000000..275d42d
--- /dev/null
+++ b/openssl.patches/openssl-56.patch

@@ -0,0 +1,21 @@
+diff -c -r a/e_os.h b/e_os.h
+*** a/e_os.h	2011-10-10 15:33:48.000000000 -0700
+--- b/e_os.h	2013-02-23 18:25:38.895052771 -0800
+***************
+*** 477,483 ****
+  
+  /*************/
+  
+! #ifdef USE_SOCKETS
+  #  if defined(WINDOWS) || defined(MSDOS)
+        /* windows world */
+  
+--- 477,483 ----
+  
+  /*************/
+  
+! #if defined(USE_SOCKETS) && !defined(OPENSSL_NO_SOCK)
+  #  if defined(WINDOWS) || defined(MSDOS)
+        /* windows world */
+  
+

diff --git a/openssl.patches/openssl-57.description b/openssl.patches/openssl-57.description
new file mode 100644
index 0000000..de7dffc
--- /dev/null
+++ b/openssl.patches/openssl-57.description

@@ -0,0 +1,3 @@
+Adds compilation switch (NO_MEMORY_H) to prefer use of string.h over memory.h for
+systems that don't provide the latter.
+

diff --git a/openssl.patches/openssl-57.patch b/openssl.patches/openssl-57.patch
new file mode 100644
index 0000000..a469fdf
--- /dev/null
+++ b/openssl.patches/openssl-57.patch

@@ -0,0 +1,35 @@
+diff -c -r orig/openssl-1.0.1c/crypto/jpake/jpake.c openssl-1.0.1c/crypto/jpake/jpake.c
+*** orig/openssl-1.0.1c/crypto/jpake/jpake.c	2010-11-29 10:33:28.000000000 -0800
+--- openssl-1.0.1c/crypto/jpake/jpake.c	2013-02-23 20:52:19.894730916 -0800
+***************
+*** 3,9 ****
+--- 3,13 ----
+  #include <openssl/crypto.h>
+  #include <openssl/sha.h>
+  #include <openssl/err.h>
++ #if !defined(NO_MEMORY_H)
+  #include <memory.h>
++ #else
++ #include <string.h>
++ #endif
+  
+  /*
+   * In the definition, (xa, xb, xc, xd) are Alice's (x1, x2, x3, x4) or
+diff -c -r orig/openssl-1.0.1c/crypto/pkcs7/bio_pk7.c openssl-1.0.1c/crypto/pkcs7/bio_pk7.c
+*** orig/openssl-1.0.1c/crypto/pkcs7/bio_pk7.c	2008-03-12 14:14:25.000000000 -0700
+--- openssl-1.0.1c/crypto/pkcs7/bio_pk7.c	2013-02-23 20:53:07.895715316 -0800
+***************
+*** 57,63 ****
+--- 57,67 ----
+  #include <openssl/bio.h>
+  
+  #ifndef OPENSSL_SYSNAME_NETWARE
++ #if !defined(NO_MEMORY_H)
+  #include <memory.h>
++ #else
++ #include <string.h>
++ #endif
+  #endif
+  #include <stdio.h>
+  
+

diff --git a/openssl.tar.gz b/openssl.tar.gz
new file mode 100644
index 0000000..5d25c9c
--- /dev/null
+++ b/openssl.tar.gz
Binary files differ

diff --git a/openssl.url b/openssl.url
new file mode 100644
index 0000000..e8461e7
--- /dev/null
+++ b/openssl.url

@@ -0,0 +1 @@
+http://www.openssl.org/source/openssl-1.0.1c.tar.gz

diff --git a/openssl.version b/openssl.version
new file mode 100644
index 0000000..de8e3e9
--- /dev/null
+++ b/openssl.version

@@ -0,0 +1 @@
+1.0.1c