diff --git a/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch new file mode 100644 index 0000000000..74ad93aa8d --- /dev/null +++ b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch @@ -0,0 +1,62 @@ +From 03a13ef3ea786286d9317562647e9856c1b71736 Mon Sep 17 00:00:00 2001 +From: Etienne Cordonnier +Date: Thu, 11 Jun 2026 00:00:00 +0000 +Subject: [PATCH] cmake: add SOVERSION 0 to crypto and ssl shared libraries + +BoringSSL's CMakeLists.txt does not set SOVERSION, so the built shared +libraries have no SONAME embedded and cmake names them libcrypto.so / +libssl.so without any version suffix. This causes two problems in a +Yocto build: + +1. The Yocto QA check "dev-so" rejects unversioned .so symlinks in + non-dev packages, but those symlinks are required at runtime because + the DT_NEEDED entry in binaries that link against BoringSSL refers to + the bare libcrypto.so name. + +2. Standard Yocto FILES patterns split libraries by suffix: .so.* goes + into the runtime package and .so symlinks go into -dev. Without a + SOVERSION these patterns do not apply correctly. + +Setting SOVERSION to 0 causes cmake to: + - build libcrypto.so.0 as the real ELF with SONAME=libcrypto.so.0 + - create libcrypto.so as a development symlink + +Binaries linked with -l:libcrypto.so.0 (as android-tools does) will +record DT_NEEDED=libcrypto.so.0 and resolve correctly at runtime. + +Upstream-Status: Inappropriate [OE-specific packaging requirement] +Signed-off-by: Etienne Cordonnier +--- + crypto/CMakeLists.txt | 2 ++ + ssl/CMakeLists.txt | 2 ++ + 2 files changed, 4 insertions(+) + +diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt +index cdb5ddc..fca86cc 100644 +--- a/crypto/CMakeLists.txt ++++ b/crypto/CMakeLists.txt +@@ -327,6 +327,8 @@ endif() + + set_target_properties(crypto PROPERTIES LINKER_LANGUAGE C) + ++set_target_properties(crypto PROPERTIES SOVERSION 0) ++ + if(WIN32) + target_link_libraries(crypto ws2_32) + endif() +diff --git a/ssl/CMakeLists.txt b/ssl/CMakeLists.txt +index d8d997e..e49b350 100644 +--- a/ssl/CMakeLists.txt ++++ b/ssl/CMakeLists.txt +@@ -46,6 +46,8 @@ install_if_enabled(TARGETS ssl EXPORT OpenSSLTargets ${INSTALL_DESTINATION_DEFAU + set_property(TARGET ssl PROPERTY EXPORT_NAME SSL) + target_link_libraries(ssl crypto) + ++set_target_properties(ssl PROPERTIES SOVERSION 0) ++ + add_executable( + ssl_test + +-- +2.43.0 + diff --git a/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-go-stub b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-go-stub new file mode 100644 index 0000000000..de63f38c9c --- /dev/null +++ b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-go-stub @@ -0,0 +1,22 @@ +#!/bin/sh +if [ "$1" = "run" ] && [ "$2" = "util/embed_test_data.go" ]; then + echo 'extern const int boringssl_dummy_crypto_test_data = 0;' + exit 0 +fi +if [ "$1" = "run" ] && [ "$2" = "err_data_generate.go" ]; then + cat <<'EOF' +#include +#include + +const uint32_t kOpenSSLReasonValues[] = {0}; +const size_t kOpenSSLReasonValuesLen = 0; +const char kOpenSSLReasonStringData[] = ""; +EOF + exit 0 +fi +if [ "$1" = "version" ]; then + echo 'go version go0.0.0 yocto/stub' + exit 0 +fi +echo "Unexpected Go invocation: $*" >&2 +exit 1 diff --git a/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-gtest-stub.cc b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-gtest-stub.cc new file mode 100644 index 0000000000..7477536281 --- /dev/null +++ b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl/boringssl-gtest-stub.cc @@ -0,0 +1 @@ +int boringssl_dummy_gtest_translation_unit = 0; diff --git a/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl_14.0.0+r45.bb b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl_14.0.0+r45.bb new file mode 100644 index 0000000000..fccf6e0dff --- /dev/null +++ b/meta-oe/recipes-devtools/android-libboringssl/android-libboringssl_14.0.0+r45.bb @@ -0,0 +1,70 @@ +DESCRIPTION = "BoringSSL shared libraries for android-tools" +SECTION = "libs" +# This recipe is tightly coupled to android-tools: when upgrading android-tools, +# update this recipe to the BoringSSL version shipped in the corresponding Debian +# android-platform-tools source package. +# BoringSSL is a fork of OpenSSL; new files carry ISC license, OpenSSL license +# covers the forked parts. +LICENSE = "OpenSSL & ISC" +LIC_FILES_CHKSUM = "file://LICENSE;md5=2ca501bc96ce9ed0814e2c592c3f9593" + +SRC_URI = " \ + https://deb.debian.org/debian/pool/main/a/android-platform-external-boringssl/android-platform-external-boringssl_${PV}.orig.tar.xz \ + file://boringssl-go-stub \ + file://boringssl-gtest-stub.cc \ + file://0001-cmake-add-SOVERSION-0-to-crypto-and-ssl-shared-libra.patch \ +" +SRC_URI[md5sum] = "83d24d2f3136ba6a486b5464369b91b4" +SRC_URI[sha256sum] = "f9223e8c15ad5d9e3f1cd50861f4c272658864661e2332bea5d60952aa0930cd" + +# The Debian orig tarball unpacks to android-platform-external-boringssl-${PV}/ +# with the actual source under a src/ subdirectory. +S = "${UNPACKDIR}/android-platform-external-boringssl-${PV}/src" + +inherit cmake + +CFLAGS:append = " -Wno-discarded-qualifiers" + +OECMAKE_TARGET_COMPILE = "crypto ssl" + +EXTRA_OECMAKE = " \ + -DBUILD_SHARED_LIBS=ON \ + -DBUILD_TESTING=OFF \ + -DCMAKE_BUILD_TYPE=RelWithDebInfo \ + -DGO_EXECUTABLE=${WORKDIR}/hosttools/go \ +" + +do_configure:prepend() { + install -d ${WORKDIR}/hosttools + install -m 0755 ${UNPACKDIR}/boringssl-go-stub ${WORKDIR}/hosttools/go + + # BoringSSL builds its own minimal gtest from third_party/googletest; provide + # an empty stub .cc. We only build the crypto and ssl targets so the test + # source files are never compiled, but cmake still needs gtest-all.cc to + # exist to create the boringssl_gtest target. + if [ ! -f ${S}/third_party/googletest/src/gtest-all.cc ]; then + install -d ${S}/third_party/googletest/src + install -m 0644 ${UNPACKDIR}/boringssl-gtest-stub.cc \ + ${S}/third_party/googletest/src/gtest-all.cc + fi +} +do_install() { + # Install headers under a boringssl/ subdirectory to avoid shadowing the + # system OpenSSL headers in the sysroot. + install -d ${D}${includedir}/boringssl + cp -a ${S}/include/openssl ${D}${includedir}/boringssl/ + + # Install shared libraries under ${libdir}/android/ to avoid conflicting + # with the system libssl/libcrypto in the sysroot. + install -d ${D}${libdir}/android + install -m 0755 ${B}/crypto/libcrypto.so.0 ${D}${libdir}/android/libcrypto.so.0 + ln -sf libcrypto.so.0 ${D}${libdir}/android/libcrypto.so + install -m 0755 ${B}/ssl/libssl.so.0 ${D}${libdir}/android/libssl.so.0 + ln -sf libssl.so.0 ${D}${libdir}/android/libssl.so + +} + +FILES:${PN}-dev = "${includedir}/boringssl ${libdir}/android/libcrypto.so ${libdir}/android/libssl.so" +FILES:${PN} = "${libdir}/android/libcrypto.so.0 ${libdir}/android/libssl.so.0" + +BBCLASSEXTEND = "native"