openssl: upgrade to 3.2.0

upgrade include fix for CVE-2023-5678. Changes in 3.2.0 https://www.openssl.org/news/cl32.txt drop upstreamed 0001-Link-libatomic-on-riscv32.patch. drop fix_random_labels.patch as fixed by https://github.com/openssl/openssl/commit/0fbc50ef0cb8894973d4739af62e95be825b7ccf (From OE-Core rev: 5a40f27051a1d40af41e7260b9f693a3c27c321f) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-05-08 05:09:24 +00:00 · 2023-11-29 20:45:17 +08:00
parent 87fdb2fb6f
commit 5369e2f5c5
3 changed files with 1 additions and 60 deletions
@@ -1,35 +0,0 @@
-From 73266b8573c71e6720453c4c5a9e6e8fa4daec65 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Sat, 21 Oct 2023 13:03:52 -0700
-Subject: [PATCH] Link libatomic on riscv32
-
-GCC toolchains on linux are not able to build libcrypto without linking
-to libatomic as it does not have all needed atomics implemented as
-intrinsics
-
-Fixes errors like
-
-| ld: ./libcrypto.so: undefined reference to `__atomic_is_lock_free'
-
-Upstream-Status: Submitted [https://github.com/openssl/openssl/pull/22460]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
- Configurations/10-main.conf | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf
-index 46094f59c2..d1a15a1152 100644
--- a/Configurations/10-main.conf
-+++ b/Configurations/10-main.conf
-@@ -816,7 +816,7 @@ my %targets = (
-     },
- 
-     "linux32-riscv32" => {
-        inherit_from     => [ "linux-generic32"],
-+        inherit_from     => [ "linux-latomic" ],
-         perlasm_scheme   => "linux32",
-         asm_arch         => 'riscv32',
-     },
-- 
-2.42.0
-
@@ -1,22 +0,0 @@
-The perl script adds random suffixes to the local function names to ensure
-it doesn't clash with other parts of openssl. Set the random number seed
-to something predictable so the assembler files are generated consistently
-and our own reproducible builds tests pass.
-
-Upstream-Status: Pending
-Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-
-Index: openssl-3.1.0/crypto/modes/asm/aes-gcm-avx512.pl
-===================================================================
--- openssl-3.1.0.orig/crypto/modes/asm/aes-gcm-avx512.pl
-+++ openssl-3.1.0/crypto/modes/asm/aes-gcm-avx512.pl
-@@ -191,6 +191,9 @@ my $CTX_OFFSET_HTable    = (16 * 6);
- # ;;; Helper functions
- # ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
- 
-+# Ensure the local labels are reproduicble
-+srand(10000);
-+
- # ; Generates "random" local labels
- sub random_string() {
-   my @chars  = ('a' .. 'z', 'A' .. 'Z', '0' .. '9', '_');
@@ -11,8 +11,6 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
           file://run-ptest \
           file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \
           file://0001-Configure-do-not-tweak-mips-cflags.patch \
-           file://fix_random_labels.patch \
-           file://0001-Link-libatomic-on-riscv32.patch \
           file://0001-Added-handshake-history-reporting-when-test-fails.patch \
           "

@@ -20,7 +18,7 @@ SRC_URI:append:class-nativesdk = " \
           file://environment.d-openssl.sh \
           "

-SRC_URI[sha256sum] = "840af5366ab9b522bde525826be3ef0fb0af81c6a9ebd84caa600fea1731eee3"
+SRC_URI[sha256sum] = "14c826f07c7e433706fb5c69fa9e25dab95684844b4c962a2cf1bf183eb4690e"

 inherit lib_package multilib_header multilib_script ptest perlnative manpages
 MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"