| author | Jelle van der Waa
<jelle@archlinux.org> 2017-02-13 20:22:08 UTC |
| committer | Jelle van der Waa
<jelle@archlinux.org> 2017-02-13 20:22:08 UTC |
| parent | c0dbad9b1a1ef5ca09105b4f02f90bcdea9b799f |
| 0001-Add-Openssl-1.1-support.patch | +99 | -0 |
| 0001-rsa-Fix-deprecated-warnings-for-OpenSSL-1.1.x.patch | +44 | -0 |
| PKGBUILD | +11 | -3 |
diff --git a/0001-Add-Openssl-1.1-support.patch b/0001-Add-Openssl-1.1-support.patch new file mode 100644 index 0000000..1d77a9a --- /dev/null +++ b/0001-Add-Openssl-1.1-support.patch @@ -0,0 +1,99 @@ +From 427ab0f06069e6b275444ed2fe9fcc6da46e179c Mon Sep 17 00:00:00 2001 +From: Jelle van der Waa <jelle@vdwaa.nl> +Date: Mon, 13 Feb 2017 00:51:51 +0100 +Subject: [PATCH] Add Openssl 1.1 support + +--- + lib/rsa/rsa-sign.c | 34 ++++++++++++++++++++++++++++------ + 1 file changed, 28 insertions(+), 6 deletions(-) + +diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c +index 8c6637e328..05e5b11928 100644 +--- a/lib/rsa/rsa-sign.c ++++ b/lib/rsa/rsa-sign.c +@@ -20,6 +20,19 @@ + #define HAVE_ERR_REMOVE_THREAD_STATE + #endif + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++void RSA_get0_key(const RSA *r, ++ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) ++{ ++ if (n != NULL) ++ *n = r->n; ++ if (e != NULL) ++ *e = r->e; ++ if (d != NULL) ++ *d = r->d; ++} ++#endif ++ + static int rsa_err(const char *msg) + { + unsigned long sslErr = ERR_get_error(); +@@ -409,7 +422,12 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo, + ret = rsa_err("Could not obtain signature"); + goto err_sign; + } +- EVP_MD_CTX_cleanup(context); ++ ++ #if OPENSSL_VERSION_NUMBER < 0x10100000L ++ EVP_MD_CTX_cleanup(context); ++ #else ++ EVP_MD_CTX_free(context); ++ #endif + EVP_MD_CTX_destroy(context); + EVP_PKEY_free(key); + +@@ -479,6 +497,7 @@ static int rsa_get_exponent(RSA *key, uint64_t *e) + { + int ret; + BIGNUM *bn_te; ++ const BIGNUM *key_e; + uint64_t te; + + ret = -EINVAL; +@@ -487,17 +506,18 @@ static int rsa_get_exponent(RSA *key, uint64_t *e) + if (!e) + goto cleanup; + +- if (BN_num_bits(key->e) > 64) ++ RSA_get0_key(key, NULL, &key_e, NULL); ++ if (BN_num_bits(key_e) > 64) + goto cleanup; + +- *e = BN_get_word(key->e); ++ *e = BN_get_word(key_e); + +- if (BN_num_bits(key->e) < 33) { ++ if (BN_num_bits(key_e) < 33) { + ret = 0; + goto cleanup; + } + +- bn_te = BN_dup(key->e); ++ bn_te = BN_dup(key_e); + if (!bn_te) + goto cleanup; + +@@ -527,6 +547,7 @@ int rsa_get_params(RSA *key, uint64_t *exponent, uint32_t *n0_invp, + { + BIGNUM *big1, *big2, *big32, *big2_32; + BIGNUM *n, *r, *r_squared, *tmp; ++ const BIGNUM *key_n; + BN_CTX *bn_ctx = BN_CTX_new(); + int ret = 0; + +@@ -548,7 +569,8 @@ int rsa_get_params(RSA *key, uint64_t *exponent, uint32_t *n0_invp, + if (0 != rsa_get_exponent(key, exponent)) + ret = -1; + +- if (!BN_copy(n, key->n) || !BN_set_word(big1, 1L) || ++ RSA_get0_key(key, NULL, &key_n, NULL); ++ if (!BN_copy(n, key_n) || !BN_set_word(big1, 1L) || + !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L)) + ret = -1; + +-- +2.11.1 + diff --git a/0001-rsa-Fix-deprecated-warnings-for-OpenSSL-1.1.x.patch b/0001-rsa-Fix-deprecated-warnings-for-OpenSSL-1.1.x.patch new file mode 100644 index 0000000..ecbfb7d --- /dev/null +++ b/0001-rsa-Fix-deprecated-warnings-for-OpenSSL-1.1.x.patch @@ -0,0 +1,44 @@ +From d65aba9e31d914948ff9edb2e04062d277ebf853 Mon Sep 17 00:00:00 2001 +From: Jelle van der Waa <jelle@vdwaa.nl> +Date: Mon, 13 Feb 2017 09:27:13 +0100 +Subject: [PATCH] rsa: Fix deprecated warnings for OpenSSL 1.1.x + +ERR_remove_thread_state is deprecated in OpenSSL 1.1.x and does not do +anything anymore. Thread initialisation and deinitialisation is now +handled by the OpenSSL library. + +Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl> +--- + lib/rsa/rsa-sign.c | 8 ++------ + 1 file changed, 2 insertions(+), 6 deletions(-) + +diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c +index 965fb00f95..347a6aa89e 100644 +--- a/lib/rsa/rsa-sign.c ++++ b/lib/rsa/rsa-sign.c +@@ -16,10 +16,6 @@ + #include <openssl/evp.h> + #include <openssl/engine.h> + +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L +-#define HAVE_ERR_REMOVE_THREAD_STATE +-#endif +- + #if OPENSSL_VERSION_NUMBER < 0x10100000L + void RSA_get0_key(const RSA *r, + const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) +@@ -356,9 +352,9 @@ static void rsa_remove(void) + { + CRYPTO_cleanup_all_ex_data(); + ERR_free_strings(); +-#ifdef HAVE_ERR_REMOVE_THREAD_STATE ++#if OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10100000L + ERR_remove_thread_state(NULL); +-#else ++#elif OPENSSL_VERSION_NUMBER < 0x10000000L + ERR_remove_state(0); + #endif + EVP_cleanup(); +-- +2.11.1 + diff --git a/PKGBUILD b/PKGBUILD index c63d408..22f4200 100644 --- a/PKGBUILD +++ b/PKGBUILD @@ -4,17 +4,25 @@ pkgname=uboot-tools pkgver=2017.01 -pkgrel=1 +pkgrel=2 pkgdesc='U-Boot bootloader utility tools' arch=(i686 x86_64) url='http://www.denx.de/wiki/U-Boot/WebHome' license=(GPL) depends=(openssl) -source=(ftp://ftp.denx.de/pub/u-boot/u-boot-$pkgver.tar.bz2{,.sig}) +source=(ftp://ftp.denx.de/pub/u-boot/u-boot-$pkgver.tar.bz2{,.sig} 0001-Add-Openssl-1.1-support.patch 0001-rsa-Fix-deprecated-warnings-for-OpenSSL-1.1.x.patch) validpgpkeys=('E872DB409C1A687EFBE8633687F9F635D31D7652') sha1sums=('b7c5a1bd22c2fbd35a9c3980079904d9f6e277d6' - 'SKIP') + 'SKIP' + 'e23531ec52835bf6257e07fbf1cff0ecc49a1098' + '30c80f75d54f8995ff57cfd7114d8b979a238f91') +prepare() { + cd u-boot-$pkgver + patch -Np1 -i $srcdir/0001-Add-Openssl-1.1-support.patch + patch -Np1 -i $srcdir/0001-rsa-Fix-deprecated-warnings-for-OpenSSL-1.1.x.patch + +} build() { cd u-boot-$pkgver make defconfig