summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--package/openssl/Makefile12
-rw-r--r--package/openssl/patches/110-optimize-for-size.patch23
-rw-r--r--package/openssl/patches/150-no_engines.patch83
3 files changed, 102 insertions, 16 deletions
diff --git a/package/openssl/Makefile b/package/openssl/Makefile
index 0558db61d..4028b0e17 100644
--- a/package/openssl/Makefile
+++ b/package/openssl/Makefile
@@ -4,7 +4,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=openssl
PKG_VERSION:=0.9.8a
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_MD5SUM:=1d16c727c10185e4d694f87f5e424ee1
PKG_SOURCE_URL:=http://www.openssl.org/source/ \
@@ -17,7 +17,8 @@ PKG_CAT:=zcat
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
PKG_INSTALL_DIR:=$(PKG_BUILD_DIR)/ipkg-install
-OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc2 no-rc5
+OPENSSL_NO_CIPHERS:= no-deprecated no-idea no-md2 no-mdc2 no-rc2 no-rc5 no-sha0 no-sha256 no-sha512 no-dsa no-rmd160 no-aes192 no-cast
+OPENSSL_OPTIONS:= shared no-ec no-err no-fips no-hw no-krb5 no-threads zlib-dynamic no-engines
include $(TOPDIR)/package/rules.mk
@@ -26,15 +27,17 @@ $(eval $(call PKG_template,OPENSSL_UTIL,openssl-util,$(PKG_VERSION)-$(PKG_RELEAS
$(PKG_BUILD_DIR)/.configured:
$(SED) 's,/CFLAG=,/CFLAG= $(TARGET_SOFT_FLOAT) ,g' $(PKG_BUILD_DIR)/Configure
+ $(SED) s/OPENWRT_OPTIMIZATION_FLAGS/$(BR2_TARGET_OPTIMIZATION)/g $(PKG_BUILD_DIR)/Configure
(cd $(PKG_BUILD_DIR); \
PATH=$(TARGET_PATH) \
- ./Configure linux-generic32 \
+ ./Configure linux-openwrt \
--prefix=/usr \
--openssldir=/etc/ssl \
-I$(STAGING_DIR)/usr/include \
-L$(STAGING_DIR)/usr/lib -ldl \
+ -DOPENSSL_SMALL_FOOTPRINT \
$(OPENSSL_NO_CIPHERS) \
- shared no-asm no-ec no-err no-fips no-hw no-krb5 no-threads zlib-dynamic \
+ $(OPENSSL_OPTIONS) \
)
touch $@
@@ -46,7 +49,6 @@ $(PKG_BUILD_DIR)/.built:
depend
$(MAKE) -C $(PKG_BUILD_DIR) -j1 \
CC="$(TARGET_CC)" \
- CCOPTS="$(TARGET_CFLAGS) -fomit-frame-pointer" \
AR="$(TARGET_CROSS)ar r" \
RANLIB="$(TARGET_CROSS)ranlib" \
all build-shared
diff --git a/package/openssl/patches/110-optimize-for-size.patch b/package/openssl/patches/110-optimize-for-size.patch
index 38f57dff7..6031c2525 100644
--- a/package/openssl/patches/110-optimize-for-size.patch
+++ b/package/openssl/patches/110-optimize-for-size.patch
@@ -1,11 +1,12 @@
---- openssl-0.9.8a/Configure 2006-02-21 20:18:36.000000000 -0800
-+++ openssl-0.9.8a-new/Configure 2006-02-21 20:53:32.000000000 -0800
-@@ -313,7 +313,7 @@
- ####
- # *-generic* is endian-neutral target, but ./config is free to
- # throw in -D[BL]_ENDIAN, whichever appropriate...
--"linux-generic32","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-generic32","gcc:-DTERMIO -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc32.o::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- #### IA-32 targets...
- "linux-ia32-icc", "icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+diff -ur openssl-0.9.8a/Configure openssl-0.9.8a-owrt/Configure
+--- openssl-0.9.8a/Configure 2005-08-02 12:59:42.000000000 +0200
++++ openssl-0.9.8a-owrt/Configure 2006-03-23 14:16:35.000000000 +0100
+@@ -353,6 +353,8 @@
+ "linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}",
+ "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}",
++# OpenWrt targets
++"linux-openwrt","gcc:-DTERMIO OPENWRT_OPTIMIZATION_FLAGS -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+ #### *BSD [do see comment about ${BSDthreads} above!]
+ "BSD-generic32","gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
diff --git a/package/openssl/patches/150-no_engines.patch b/package/openssl/patches/150-no_engines.patch
new file mode 100644
index 000000000..b928fbcc6
--- /dev/null
+++ b/package/openssl/patches/150-no_engines.patch
@@ -0,0 +1,83 @@
+diff -udrNP openssl-0.9.8-stable-SNAP-20050703.orig/util/libeay.num openssl-0.9.8-stable-SNAP-20050703/util/libeay.num
+--- openssl-0.9.8-stable-SNAP-20050703.orig/util/libeay.num 2005-07-04 00:27:14.653639088 +0200
++++ openssl-0.9.8-stable-SNAP-20050703/util/libeay.num 2005-07-04 22:50:07.986576664 +0200
+@@ -2071,7 +2071,6 @@
+ UI_add_error_string 2633 EXIST::FUNCTION:
+ KRB5_CHECKSUM_free 2634 EXIST::FUNCTION:
+ OCSP_REQUEST_get_ext 2635 EXIST::FUNCTION:
+-ENGINE_load_ubsec 2636 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ ENGINE_register_all_digests 2637 EXIST::FUNCTION:ENGINE
+ PKEY_USAGE_PERIOD_it 2638 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ PKEY_USAGE_PERIOD_it 2638 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+@@ -2545,7 +2544,6 @@
+ AES_set_encrypt_key 3024 EXIST::FUNCTION:AES
+ OCSP_resp_count 3025 EXIST::FUNCTION:
+ KRB5_CHECKSUM_new 3026 EXIST::FUNCTION:
+-ENGINE_load_cswift 3027 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ OCSP_onereq_get0_id 3028 EXIST::FUNCTION:
+ ENGINE_set_default_ciphers 3029 EXIST::FUNCTION:ENGINE
+ NOTICEREF_it 3030 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+@@ -2576,7 +2574,6 @@
+ i2d_EXTENDED_KEY_USAGE 3052 EXIST::FUNCTION:
+ i2d_OCSP_SIGNATURE 3053 EXIST::FUNCTION:
+ asn1_enc_save 3054 EXIST::FUNCTION:
+-ENGINE_load_nuron 3055 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ _ossl_old_des_pcbc_encrypt 3056 EXIST::FUNCTION:DES
+ PKCS12_MAC_DATA_it 3057 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ PKCS12_MAC_DATA_it 3057 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+@@ -2600,7 +2597,6 @@
+ i2d_KRB5_CHECKSUM 3072 EXIST::FUNCTION:
+ ENGINE_set_table_flags 3073 EXIST::FUNCTION:ENGINE
+ AES_options 3074 EXIST::FUNCTION:AES
+-ENGINE_load_chil 3075 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ OCSP_id_cmp 3076 EXIST::FUNCTION:
+ OCSP_BASICRESP_new 3077 EXIST::FUNCTION:
+ OCSP_REQUEST_get_ext_by_NID 3078 EXIST::FUNCTION:
+@@ -2667,7 +2663,6 @@
+ OCSP_CRLID_it 3127 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ i2d_KRB5_AUTHENTBODY 3128 EXIST::FUNCTION:
+ OCSP_REQUEST_get_ext_count 3129 EXIST::FUNCTION:
+-ENGINE_load_atalla 3130 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ X509_NAME_it 3131 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ X509_NAME_it 3131 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ USERNOTICE_it 3132 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+@@ -2762,8 +2757,6 @@
+ DES_read_password 3207 EXIST::FUNCTION:DES
+ UI_UTIL_read_pw 3208 EXIST::FUNCTION:
+ UI_UTIL_read_pw_string 3209 EXIST::FUNCTION:
+-ENGINE_load_aep 3210 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+-ENGINE_load_sureware 3211 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ OPENSSL_add_all_algorithms_noconf 3212 EXIST:!VMS:FUNCTION:
+ OPENSSL_add_all_algo_noconf 3212 EXIST:VMS:FUNCTION:
+ OPENSSL_add_all_algorithms_conf 3213 EXIST:!VMS:FUNCTION:
+@@ -2772,7 +2765,6 @@
+ AES_ofb128_encrypt 3215 EXIST::FUNCTION:AES
+ AES_ctr128_encrypt 3216 EXIST::FUNCTION:AES
+ AES_cfb128_encrypt 3217 EXIST::FUNCTION:AES
+-ENGINE_load_4758cca 3218 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ _ossl_096_des_random_seed 3219 EXIST::FUNCTION:DES
+ EVP_aes_256_ofb 3220 EXIST::FUNCTION:AES
+ EVP_aes_192_ofb 3221 EXIST::FUNCTION:AES
+@@ -3107,7 +3099,6 @@
+ STORE_method_set_modify_function 3530 EXIST:!VMS:FUNCTION:
+ STORE_meth_set_modify_fn 3530 EXIST:VMS:FUNCTION:
+ STORE_parse_attrs_next 3531 EXIST::FUNCTION:
+-ENGINE_load_padlock 3532 EXIST::FUNCTION:ENGINE
+ EC_GROUP_set_curve_name 3533 EXIST::FUNCTION:EC
+ X509_CERT_PAIR_it 3534 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ X509_CERT_PAIR_it 3534 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+diff -udrNP openssl-0.9.8-stable-SNAP-20050703.orig/Configure openssl-0.9.8-stable-SNAP-20050703/Configure
+--- openssl-0.9.8-stable-SNAP-20050703.orig/Configure 2005-07-04 00:27:11.169168808 +0200
++++ openssl-0.9.8-stable-SNAP-20050703/Configure 2005-07-05 00:02:12.590136992 +0200
+@@ -1623,6 +1624,11 @@
+ close(OUT);
+ }
+
++# ugly hack to disable engines
++if($target eq "mingwx") {
++ system("sed -e s/^LIB/XLIB/g -i engines/Makefile");
++}
++
+ print <<EOF;
+
+ Configured for $target.