diff options
Diffstat (limited to 'recipes-connectivity/openssl/openssl-qoriq.inc')
-rw-r--r-- | recipes-connectivity/openssl/openssl-qoriq.inc | 127 |
1 files changed, 87 insertions, 40 deletions
diff --git a/recipes-connectivity/openssl/openssl-qoriq.inc b/recipes-connectivity/openssl/openssl-qoriq.inc index 87ba1c3..8c8c036 100644 --- a/recipes-connectivity/openssl/openssl-qoriq.inc +++ b/recipes-connectivity/openssl/openssl-qoriq.inc @@ -8,6 +8,9 @@ SECTION = "libs/network" LICENSE = "openssl" LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8" +DEPENDS = "hostperl-runtime-native" +DEPENDS_append_class-target = " openssl-native" + PROVIDES = "openssl" python() { @@ -19,8 +22,6 @@ python() { d.appendVar("RREPLACES_%s" % p, p.replace('openssl-qoriq', 'openssl')) } -DEPENDS = "perl-native-runtime" - SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ " S = "${WORKDIR}/openssl-${PV}" @@ -28,37 +29,39 @@ S = "${WORKDIR}/openssl-${PV}" PACKAGECONFIG[perl] = ",,," AR_append = " r" +TERMIO_libc-musl = "-DTERMIOS" +TERMIO ?= "-DTERMIO" # Avoid binaries being marked as requiring an executable stack since it # doesn't(which causes and this causes issues with SELinux CFLAG = "${@base_conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \ - -DTERMIO ${CFLAGS} -Wall -Wa,--noexecstack" - -# -02 does not work on mipsel: ssh hangs when it tries to read /dev/urandom -CFLAG_mtx-1 := "${@'${CFLAG}'.replace('-O2', '')}" -CFLAG_mtx-2 := "${@'${CFLAG}'.replace('-O2', '')}" + ${TERMIO} ${CFLAGS} -Wall -Wa,--noexecstack" export DIRS = "crypto ssl apps" export EX_LIBS = "-lgcc -ldl" export AS = "${CC} -c" EXTRA_OEMAKE = "-e MAKEFLAGS=" -inherit pkgconfig siteinfo multilib_header +inherit pkgconfig siteinfo multilib_header ptest -PACKAGES =+ "libcrypto libssl ${PN}-misc openssl-conf" -FILES_libcrypto = "${base_libdir}/libcrypto${SOLIBS}" -FILES_libssl = "${libdir}/libssl.so.*" +PACKAGES =+ "libcrypto libssl ${PN}-misc ${PN}-conf" +FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}" +FILES_libssl = "${libdir}/libssl${SOLIBS}" FILES_${PN} =+ " ${libdir}/ssl/*" -FILES_${PN}-misc = "${libdir}/ssl/misc ${bindir}/c_rehash" +FILES_${PN}-misc = "${libdir}/ssl/misc" RDEPENDS_${PN}-misc = "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" -FILES_${PN}-dev += "${base_libdir}/libcrypto${SOLIBSDEV}" # Add the openssl.cnf file to the openssl-conf package. Make the libcrypto # package RRECOMMENDS on this package. This will enable the configuration # file to be installed for both the base openssl package and the libcrypto # package since the base openssl package depends on the libcrypto package. -FILES_openssl-conf = "${libdir}/ssl/openssl.cnf" -CONFFILES_openssl-conf = "${libdir}/ssl/openssl.cnf" -RRECOMMENDS_libcrypto += "openssl-conf" +FILES_${PN}-conf = "${sysconfdir}/ssl/openssl.cnf" +CONFFILES_${PN}-conf = "${sysconfdir}/ssl/openssl.cnf" +RRECOMMENDS_libcrypto += "${PN}-conf" +RDEPENDS_${PN}-ptest += "${PN}-misc make perl perl-module-filehandle bc" + +# Remove this to enable SSLv3. SSLv3 is defaulted to disabled due to the POODLE +# vulnerability +EXTRA_OECONF = " -no-ssl3" do_configure_prepend_darwin () { sed -i -e '/version-script=openssl\.ld/d' Configure @@ -71,17 +74,18 @@ do_configure () { ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/ os=${HOST_OS} - if [ "x$os" = "xlinux-uclibc" ]; then - os=linux - elif [ "x$os" = "xlinux-uclibceabi" ]; then - os=linux - elif [ "x$os" = "xlinux-uclibcspe" ]; then - os=linux - elif [ "x$os" = "xlinux-gnuspe" ]; then + case $os in + linux-uclibc |\ + linux-uclibceabi |\ + linux-gnueabi |\ + linux-uclibcspe |\ + linux-gnuspe |\ + linux-musl*) os=linux - elif [ "x$os" = "xlinux-gnueabi" ]; then - os=linux - fi + ;; + *) + ;; + esac target="$os-${HOST_ARCH}" case $target in linux-arm) @@ -91,7 +95,7 @@ do_configure () { target=linux-elf-armeb ;; linux-aarch64*) - target=linux-generic64 + target=linux-aarch64 ;; linux-sh3) target=debian-sh3 @@ -120,9 +124,12 @@ do_configure () { linux-mipsel) target=debian-mipsel ;; - linux-*-mips64) + linux-*-mips64 | linux-mips64) target=linux-mips ;; + linux-microblaze*|linux-nios2*) + target=linux-generic32 + ;; linux-powerpc) target=linux-ppc ;; @@ -148,37 +155,77 @@ do_configure () { perl ./Configure ${EXTRA_OECONF} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=`basename ${libdir}` $target } +do_compile_prepend_class-target () { + sed -i 's/\((OPENSSL=\)".*"/\1"openssl"/' Makefile +} + do_compile () { oe_runmake } +do_compile_ptest () { + oe_runmake buildtest +} + do_install () { + # Create ${D}/${prefix} to fix parallel issues + mkdir -p ${D}/${prefix}/ + oe_runmake INSTALL_PREFIX="${D}" MANDIR="${mandir}" install oe_libinstall -so libcrypto ${D}${libdir} oe_libinstall -so libssl ${D}${libdir} - # Moving libcrypto to /lib - if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then - mkdir -p ${D}/${base_libdir}/ - mv ${D}${libdir}/libcrypto* ${D}${base_libdir}/ - sed -i s#libdir=\$\{exec_prefix\}\/lib#libdir=${base_libdir}# ${D}/${libdir}/pkgconfig/libcrypto.pc - fi - install -d ${D}${includedir} cp --dereference -R include/openssl ${D}${includedir} + install -Dm 0755 ${WORKDIR}/openssl-c_rehash.sh ${D}${bindir}/c_rehash + sed -i -e 's,/etc/openssl,${sysconfdir}/ssl,g' ${D}${bindir}/c_rehash + oe_multilib_header openssl/opensslconf.h if [ "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" = "perl" ]; then - install -m 0755 ${S}/tools/c_rehash ${D}${bindir} - sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${bindir}/c_rehash sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/CA.pl sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/tsget - # The c_rehash utility isn't installed by the normal installation process. else - rm -f ${D}${bindir}/c_rehash rm -f ${D}${libdir}/ssl/misc/CA.pl ${D}${libdir}/ssl/misc/tsget fi + + # Create SSL structure + install -d ${D}${sysconfdir}/ssl/ + mv ${D}${libdir}/ssl/openssl.cnf \ + ${D}${libdir}/ssl/certs \ + ${D}${libdir}/ssl/private \ + \ + ${D}${sysconfdir}/ssl/ + ln -sf ${sysconfdir}/ssl/certs ${D}${libdir}/ssl/certs + ln -sf ${sysconfdir}/ssl/private ${D}${libdir}/ssl/private + ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${libdir}/ssl/openssl.cnf +} + +do_install_ptest () { + cp -r -L Makefile.org Makefile test ${D}${PTEST_PATH} + cp Configure config e_os.h ${D}${PTEST_PATH} + cp -r -L include ${D}${PTEST_PATH} + ln -sf ${libdir}/libcrypto.a ${D}${PTEST_PATH} + ln -sf ${libdir}/libssl.a ${D}${PTEST_PATH} + mkdir -p ${D}${PTEST_PATH}/crypto + cp crypto/constant_time_locl.h ${D}${PTEST_PATH}/crypto + cp -r certs ${D}${PTEST_PATH} + mkdir -p ${D}${PTEST_PATH}/apps + ln -sf ${libdir}/ssl/misc/CA.sh ${D}${PTEST_PATH}/apps + ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${PTEST_PATH}/apps + ln -sf ${bindir}/openssl ${D}${PTEST_PATH}/apps + cp apps/server2.pem ${D}${PTEST_PATH}/apps + mkdir -p ${D}${PTEST_PATH}/util + install util/opensslwrap.sh ${D}${PTEST_PATH}/util + install util/shlib_wrap.sh ${D}${PTEST_PATH}/util +} + +do_install_append_class-native() { + create_wrapper ${D}${bindir}/openssl \ + OPENSSL_CONF=${libdir}/ssl/openssl.cnf \ + SSL_CERT_DIR=${libdir}/ssl/certs \ + SSL_CERT_FILE=${libdir}/ssl/cert.pem \ + OPENSSL_ENGINES=${libdir}/ssl/engines } -BBCLASSEXTEND = "native nativesdk" |