openssl: Remove openssl10

OpenSSL 1.0 has been replaced by 1.1, and it would be harder to security-support after the upstream EOL at the end of 2019. (From OE-Core rev: 0f7ffcaa18db7bc27f30c994aafbb9f4f8b2ae7e) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-05-08 05:09:24 +00:00 · 2019-05-12 22:53:19 +03:00
parent 66ef365ba6
commit a98ac2a39b
36 changed files with 0 additions and 7048 deletions
@@ -538,7 +538,6 @@ RECIPE_MAINTAINER_pn-nss-myhostname = "Anuj Mittal <anuj.mittal@intel.com>"
 RECIPE_MAINTAINER_pn-ofono = "Ross Burton <ross.burton@intel.com>"
 RECIPE_MAINTAINER_pn-openssh = "Armin Kuster <akuster808@gmail.com>"
 RECIPE_MAINTAINER_pn-openssl = "Alexander Kanavin <alex.kanavin@gmail.com>"
-RECIPE_MAINTAINER_pn-openssl10 = "Alexander Kanavin <alex.kanavin@gmail.com>"
 RECIPE_MAINTAINER_pn-opkg = "Alejandro del Castillo <alejandro.delcastillo@ni.com>"
 RECIPE_MAINTAINER_pn-opkg-arch-config = "Alejandro del Castillo <alejandro.delcastillo@ni.com>"
 RECIPE_MAINTAINER_pn-opkg-keyrings = "Alejandro del Castillo <alejandro.delcastillo@ni.com>"
@@ -26,9 +26,6 @@ DISABLE_STATIC_pn-openjade-native = ""
 DISABLE_STATIC_pn-openssl = ""
 DISABLE_STATIC_pn-openssl-native = ""
 DISABLE_STATIC_pn-nativesdk-openssl = ""
-DISABLE_STATIC_pn-openssl10 = ""
-DISABLE_STATIC_pn-openssl10-native = ""
-DISABLE_STATIC_pn-nativesdk-openssl10 = ""
 # libssp-static-dev included in build-appliance
 DISABLE_STATIC_pn-gcc-runtime = ""
 # libusb1-native is used to build static dfu-util-native
@@ -1,33 +0,0 @@
-From 247b3188cde5f3347091cd54271127386d3aece0 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Wed, 6 Feb 2019 22:10:33 -0800
-Subject: [PATCH] Fix BN_LLONG breakage
-
-opensslconf.h is un-defining BN_LLONG only when included from bn.h which
-is not robust at all, especially when include guards are used and
-multiple inclusions of a given header is not allowed. so lets take out
-the nesting constraint and add OPENSSL_SYS_UEFI constraint instead
-
-Upstream-Status: Inappropriate [ fixed differently with OpenSSL 1.1+ ]
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
- crypto/opensslconf.h.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in
-index 7a1c85d..a10c10f 100644
--- a/crypto/opensslconf.h.in
-+++ b/crypto/opensslconf.h.in
-@@ -56,7 +56,7 @@
- #endif
- #endif
- 
-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
-+#if !defined(OPENSSL_SYS_UEFI) && !defined(CONFIG_HEADER_BN_H)
- #define CONFIG_HEADER_BN_H
- #undef BN_LLONG
- 
-- 
-2.20.1
-
@@ -1,35 +0,0 @@
-From 1aec49cc45e7cf5ebc059a77081ac3ea2a5aff7b Mon Sep 17 00:00:00 2001
-From: Denys Dmytriyenko <denys@ti.com>
-Date: Fri, 1 Mar 2019 13:14:56 -0500
-Subject: [PATCH] Fix DES_LONG breakage
-
-Mimic previous BN_LLONG fix by Khem Raj here. Re-use its description:
-
-opensslconf.h is defining DES_LONG only when included from des.h which
-is not robust at all, especially when include guards are used and
-multiple inclusions of a given header is not allowed. so lets take out
-the nesting constraint and add OPENSSL_SYS_UEFI constraint instead
-
-Upstream-Status: Inappropriate [ fixed differently with OpenSSL 1.1+ ]
-
-Signed-off-by: Denys Dmytriyenko <denys@ti.com>
---
- crypto/opensslconf.h.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in
-index a10c10f..0147a4d 100644
--- a/crypto/opensslconf.h.in
-+++ b/crypto/opensslconf.h.in
-@@ -48,7 +48,7 @@
- #endif
- #endif
- 
-#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
-+#if !defined(OPENSSL_SYS_UEFI) && !defined(DES_LONG)
- /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
-  * %20 speed up (longs are 8 bytes, int's are 4). */
- #ifndef DES_LONG
-- 
-2.7.4
-
@@ -1,45 +0,0 @@
-From 2f6026cb8b16cf00726e3c5625c023f196680f07 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Fri, 17 Mar 2017 12:52:08 -0700
-Subject: [PATCH] Fix build with clang using external assembler
-
-Cherry-picked from
-https://github.com/openssl/openssl/commit/11208dcfb9105e8afa37233185decefd45e89e17
-https://github.com/openssl/openssl/commit/fbab8baddef8d3346ae40ff068871e2ddaf10270
-https://github.com/openssl/openssl/commit/6cf412c473d8145562b76219ce3da73b201b3255
-
-Fixes
-
-| ghash-armv4.S: Assembler messages:
-| ghash-armv4.S:81: Error: bad instruction `ldrbpl r12,[r2,r3]'
-| ghash-armv4.S:91: Error: bad instruction `ldrbpl r8,[r0,r3]'
-| ghash-armv4.S:137: Error: bad instruction `ldrbne r12,[r2,#15]'
-| ghash-armv4.S:224: Error: bad instruction `ldrbpl r12,[r0,r3]'
-| clang-4.0: error: assembler command failed with exit code 1 (use -v to see invocation)
-| make[2]: *** [<builtin>: ghash-armv4.o] Error 1
-
-Upstream-Status: Backport
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
- crypto/modes/asm/ghash-armv4.pl | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/crypto/modes/asm/ghash-armv4.pl b/crypto/modes/asm/ghash-armv4.pl
-index 8ccc963ef..442fed4da 100644
--- a/crypto/modes/asm/ghash-armv4.pl
-+++ b/crypto/modes/asm/ghash-armv4.pl
-@@ -124,7 +124,10 @@ $code=<<___;
- #include "arm_arch.h"
- 
- .text
-+#if defined(__thumb2__) || defined(__clang__)
-+.syntax	unified
-+#endif
- .code	32
- 
- #ifdef __clang__
- #define ldrplb	ldrbpl
-- 
-2.12.0
-
@@ -1,31 +0,0 @@
-From e1c39b80b01d4d18feeadfdc6e45a3e1dd110634 Mon Sep 17 00:00:00 2001
-From: Andre McCurdy <armccurdy@gmail.com>
-Date: Fri, 27 Jul 2018 21:41:06 +0000
-Subject: [PATCH] allow manpages to be disabled
-
-Define OE_DISABLE_MANPAGES (via environment or the make command line)
-to skip creation and installation of manpages.
-
-Upstream-Status: Inappropriate [configuration]
-
-Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
---
- Makefile.org | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/Makefile.org b/Makefile.org
-index ed98d2a..747d8cb 100644
--- a/Makefile.org
-+++ b/Makefile.org
-@@ -549,7 +549,7 @@ dist:
- 	@$(MAKE) SDIRS='$(SDIRS)' clean
- 	@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar
- 
-install: all install_docs install_sw
-+install: all $(if $(OE_DISABLE_MANPAGES),,install_docs) install_sw
- 
- install_sw:
- 	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
-- 
-1.9.1
-
@@ -1,46 +0,0 @@
-From 3d9199423d48766649a2b2ebb3924e892ed16fa4 Mon Sep 17 00:00:00 2001
-From: Randy MacLeod <Randy.MacLeod@windriver.com>
-Date: Tue, 20 Jun 2017 15:32:08 -0400
-Subject: [PATCH] openssl: Force soft link to avoid rare race
-
-This patch works around a rare parallel build race condition. 
-The error seen is:
-
-ln: failed to create symbolic link 'libssl.so': File exists
-make[4]: *** [Makefile.shared:171: link_a.gnu] Error 1
-make[4]: Leaving directory
-'/.../build/tmp-glibc/work/x86_64-linux/openssl-native/1.0.2k-r0/openssl-1.0.2k'
-
-The openssl team is rewriting their build files so it's not
-appropriate for openssl upstream and fixing the root cause of
-the Makefile race condition was also not pursued.
-
-Upstream-Status: Inappropriate [build rules rewrite in progress]
-Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
---
- Makefile.shared | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/Makefile.shared b/Makefile.shared
-index e8d222a..1bff92f 100644
--- a/Makefile.shared
-+++ b/Makefile.shared
-@@ -118,14 +118,14 @@
- 		if [ -n "$$SHLIB_COMPAT" ]; then \
- 			for x in $$SHLIB_COMPAT; do \
- 				( $(SET_X); rm -f $$SHLIB$$x$$SHLIB_SUFFIX; \
-				  ln -s $$prev $$SHLIB$$x$$SHLIB_SUFFIX ); \
-+				  ln -sf $$prev $$SHLIB$$x$$SHLIB_SUFFIX ); \
- 				prev=$$SHLIB$$x$$SHLIB_SUFFIX; \
- 			done; \
- 		fi; \
- 		if [ -n "$$SHLIB_SOVER" ]; then \
- 			[ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
- 			( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
-			  ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
-+			  ln -sf $$prev $$SHLIB$$SHLIB_SUFFIX ); \
- 		fi; \
- 	fi
- 
-- 
-2.9.3
@@ -1,89 +0,0 @@
-From a176c69f4fdfbfa7e4ccb79d91c3b6602da7e69a Mon Sep 17 00:00:00 2001
-From: Anders Roxell <anders.roxell@enea.com>
-Date: Thu, 24 Apr 2014 19:28:25 +0200
-Subject: [PATCH 19/28] openssl: enable ptest support
-
-Add 'buildtest' and 'runtest' targets to Makefile, to build and run tests
-cross-compiled.
-
-Signed-off-by: Anders Roxell <anders.roxell@enea.com>
-Signed-off-by: Maxin B. John <maxin.john@enea.com>
-Upstream-Status: Pending
-
---
- Makefile.org  | 10 +++++++++-
- test/Makefile | 13 +++++++++----
- 2 files changed, 18 insertions(+), 5 deletions(-)
- 
-diff --git a/Makefile.org b/Makefile.org
-index 111fbba..8e7936c 100644
--- a/Makefile.org
-+++ b/Makefile.org
-@@ -467,8 +467,16 @@ rehash.time: certs apps
- test:   tests
- 
- tests: rehash
-+	$(MAKE) buildtest
-+	$(MAKE) runtest
-+
-+buildtest:
-+	@(cd test && \
-+	$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf exe apps);
-+
-+runtest:
- 	@(cd test && echo "testing..." && \
-	$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
-+	$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf alltests );
- 	OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
- 
- report:
-diff --git a/test/Makefile b/test/Makefile
-index 55a6b50..d46b4d1 100644
--- a/test/Makefile
-+++ b/test/Makefile
-@@ -150,7 +150,7 @@ tests:	exe apps $(TESTS)
- apps:
- 	@(cd ..; $(MAKE) DIRS=apps all)
- 
-alltests: \
-+all-tests= \
- 	test_des test_idea test_sha test_md4 test_md5 test_hmac \
- 	test_md2 test_mdc2 test_wp \
- 	test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \
-@@ -162,6 +162,11 @@ alltests: \
- 	test_constant_time test_verify_extra test_clienthello test_sslv2conftest \
- 	test_dtls test_bad_dtls test_fatalerr test_x509_time
- 
-+alltests:
-+	@(for i in $(all-tests); do \
-+	( $(MAKE) $$i && echo "PASS: $$i" ) || echo "FAIL: $$i"; \
-+	done)
-+
- test_evp: $(EVPTEST)$(EXE_EXT) evptests.txt
- 	../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
- 
-@@ -230,7 +235,7 @@ test_x509: ../apps/openssl$(EXE_EXT) tx509 testx509.pem v3-cert1.pem v3-cert2.pe
- 	echo test second x509v3 certificate
- 	sh ./tx509 v3-cert2.pem 2>/dev/null
- 
-test_rsa: $(RSATEST)$(EXE_EXT) ../apps/openssl$(EXE_EXT) trsa testrsa.pem
-+test_rsa: ../apps/openssl$(EXE_EXT) trsa testrsa.pem
- 	@sh ./trsa 2>/dev/null
- 	../util/shlib_wrap.sh ./$(RSATEST)
- 
-@@ -331,11 +336,11 @@ test_tsa: ../apps/openssl$(EXE_EXT) testtsa CAtsa.cnf ../util/shlib_wrap.sh
- 	  sh ./testtsa; \
- 	fi
- 
-test_ige: $(IGETEST)$(EXE_EXT)
-+test_ige:
- 	@echo "Test IGE mode"
- 	../util/shlib_wrap.sh ./$(IGETEST)
- 
-test_jpake: $(JPAKETEST)$(EXE_EXT)
-+test_jpake:
- 	@echo "Test JPAKE"
- 	../util/shlib_wrap.sh ./$(JPAKETEST)
- 
-- 
-2.15.1
@@ -1,69 +0,0 @@
-From d795f5f20a29adecf92c09459a3ee07ffac01a99 Mon Sep 17 00:00:00 2001
-From: Rich Salz <rsalz@akamai.com>
-Date: Sat, 13 Jun 2015 17:03:39 -0400
-Subject: [PATCH] Use SHA256 not MD5 as default digest.
-
-Commit f8547f62c212837dbf44fb7e2755e5774a59a57b upstream.
-
-Upstream-Status: Backport
-Backport from OpenSSL 2.0 to OpenSSL 1.0.2
-Commit f8547f62c212837dbf44fb7e2755e5774a59a57b   
-
-CVE: CVE-2004-2761
-
-    The MD5 Message-Digest Algorithm is not collision resistant,
-    which makes it easier for context-dependent attackers to            
-    conduct spoofing attacks, as demonstrated by attacks on the     
-    use of MD5 in the signature algorithm of an X.509 certificate.     
-
-Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>     
-Signed-off-by: T.O. Radzy Radzykewycz <radzy@windriver.com> 
---
- apps/ca.c   | 2 +-
- apps/dgst.c | 2 +-
- apps/enc.c  | 2 +-
- 3 files changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/apps/ca.c b/apps/ca.c
-index 3b7336c..8f3a84b 100644
--- a/apps/ca.c
-+++ b/apps/ca.c
-@@ -1612,7 +1612,7 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
-     } else
-         BIO_printf(bio_err, "Signature ok\n");
- 
-    if ((rreq = X509_to_X509_REQ(req, NULL, EVP_md5())) == NULL)
-+    if ((rreq = X509_to_X509_REQ(req, NULL, NULL)) == NULL)
-         goto err;
- 
-     ok = do_body(xret, pkey, x509, dgst, sigopts, policy, db, serial, subj,
-diff --git a/apps/dgst.c b/apps/dgst.c
-index 95e5fa3..0d1529f 100644
--- a/apps/dgst.c
-+++ b/apps/dgst.c
-@@ -442,7 +442,7 @@ int MAIN(int argc, char **argv)
-             goto end;
-         }
-         if (md == NULL)
-            md = EVP_md5();
-+            md = EVP_sha256();
-         if (!EVP_DigestInit_ex(mctx, md, impl)) {
-             BIO_printf(bio_err, "Error setting digest %s\n", pname);
-             ERR_print_errors(bio_err);
-diff --git a/apps/enc.c b/apps/enc.c
-index 7b7c70b..a7d944c 100644
--- a/apps/enc.c
-+++ b/apps/enc.c
-@@ -344,7 +344,7 @@ int MAIN(int argc, char **argv)
-     }
- 
-     if (dgst == NULL) {
-        dgst = EVP_md5();
-+        dgst = EVP_sha256();
-     }
- 
-     if (bufsize != NULL) {
-- 
-1.9.1
-
@@ -1,25 +0,0 @@
-Add musl triplet support
-
-Upstream-Status: Pending
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
-Index: openssl-1.0.2a/Configure
-===================================================================
--- openssl-1.0.2a.orig/Configure
-+++ openssl-1.0.2a/Configure
-@@ -431,7 +431,7 @@ my %table=(
- #
- #       ./Configure linux-armv4 -march=armv6 -D__ARM_MAX_ARCH__=8
- #
-"linux-armv4",	"gcc: -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-armv4", "gcc: -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux-aarch64","gcc: -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${aarch64_asm}:linux64:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- # Configure script adds minimally required -march for assembly support,
- # if no -march was specified at command line. mips32 and mips64 below
-@@ -504,4 +504,6 @@ my %table=(
- "linux-gnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-musleabi-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-musleabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- 
- "linux-avr32","$ENV{'CC'}:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).",
- 
@@ -1,35 +0,0 @@
-Upstream-Status: Inappropriate [embedded specific]
-
-The number of colons are important :)
-
-
---
- Configure |   16 ++++++++++++++++
- 1 file changed, 16 insertions(+)
-
-Index: openssl-1.0.2a/Configure
-===================================================================
--- openssl-1.0.2a.orig/Configure
-+++ openssl-1.0.2a/Configure
-@@ -443,6 +443,21 @@ my %table=(
- "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
- "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
- 
-+ 
-+# Linux on ARM
-+"linux-elf-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-elf-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-gnueabi-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-gnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+
-+"linux-avr32","$ENV{'CC'}:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).",
-+
-+#### Linux on MIPS/MIPS64
-+"linux-mips","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-mips64","$ENV{'CC'}:-DB_ENDIAN -mabi=64 -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-mips64el","$ENV{'CC'}:-DL_ENDIAN -mabi=64 -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-mipsel","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+
- # Android: linux-* but without pointers to headers and libs.
- "android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:".eval{my $asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -1,71 +0,0 @@
-From 83f318d68bbdab1ca898c94576a838cc97df4700 Mon Sep 17 00:00:00 2001
-From: Ludwig Nussel <ludwig.nussel@suse.de>
-Date: Wed, 21 Apr 2010 15:52:10 +0200
-Subject: [PATCH] also create old hash for compatibility
-
-Upstream-Status: Backport [debian]
-
-Index: openssl-1.0.2n/tools/c_rehash.in
-===================================================================
--- openssl-1.0.2n.orig/tools/c_rehash.in
-+++ openssl-1.0.2n/tools/c_rehash.in
-@@ -8,8 +8,6 @@ my $prefix;
- 
- my $openssl = $ENV{OPENSSL} || "openssl";
- my $pwd;
-my $x509hash = "-subject_hash";
-my $crlhash = "-hash";
- my $verbose = 0;
- my $symlink_exists=eval {symlink("",""); 1};
- my $removelinks = 1;
-@@ -18,10 +16,7 @@ my $removelinks = 1;
- while ( $ARGV[0] =~ /^-/ ) {
-     my $flag = shift @ARGV;
-     last if ( $flag eq '--');
-    if ( $flag eq '-old') {
-	    $x509hash = "-subject_hash_old";
-	    $crlhash = "-hash_old";
-    } elsif ( $flag eq '-h') {
-+    if ( $flag eq '-h') {
- 	    help();
-     } elsif ( $flag eq '-n' ) {
- 	    $removelinks = 0;
-@@ -113,7 +108,9 @@ sub hash_dir {
- 			next;
- 		}
- 		link_hash_cert($fname) if($cert);
-+		link_hash_cert_old($fname) if($cert);
- 		link_hash_crl($fname) if($crl);
-+		link_hash_crl_old($fname) if($crl);
- 	}
- }
- 
-@@ -146,6 +143,7 @@ sub check_file {
- 
- sub link_hash_cert {
- 		my $fname = $_[0];
-+		my $x509hash = $_[1] || '-subject_hash';
- 		$fname =~ s/'/'\\''/g;
- 		my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;
- 		chomp $hash;
-@@ -177,10 +175,20 @@ sub link_hash_cert {
- 		$hashlist{$hash} = $fprint;
- }
- 
-+sub link_hash_cert_old {
-+		link_hash_cert($_[0], '-subject_hash_old');
-+}
-+
-+sub link_hash_crl_old {
-+		link_hash_crl($_[0], '-hash_old');
-+}
-+
-+
- # Same as above except for a CRL. CRL links are of the form <hash>.r<n>
- 
- sub link_hash_crl {
- 		my $fname = $_[0];
-+		my $crlhash = $_[1] || "-hash";
- 		$fname =~ s/'/'\\''/g;
- 		my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`;
- 		chomp $hash;
@@ -1,73 +0,0 @@
-Upstream-Status: Backport [debian]
-
-Index: openssl-1.0.2n/Configure
-===================================================================
--- openssl-1.0.2n.orig/Configure
-+++ openssl-1.0.2n/Configure
-@@ -133,6 +133,10 @@ my $clang_devteam_warn = "-Wno-unused-pa
- # Warn that "make depend" should be run?
- my $warn_make_depend = 0;
- 
-+# There are no separate CFLAGS/CPPFLAGS/LDFLAGS, set everything in CFLAGS
-+my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . "-Wa,--noexecstack -Wall";
-+$debian_cflags =~ s/\n/ /g;
-+
- my $strict_warnings = 0;
- 
- my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
-@@ -369,6 +373,55 @@ my %table=(
- "osf1-alpha-cc",  "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
- "tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared::-msym:.so",
- 
-+# Debian GNU/* (various architectures)
-+"debian-alpha","gcc:-DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-alpha-ev4","gcc:-DTERMIO ${debian_cflags} -mcpu=ev4::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-alpha-ev5","gcc:-DTERMIO ${debian_cflags} -mcpu=ev5::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-arm64","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-armel","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-armhf","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::",
-+"debian-avr32", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -fomit-frame-pointer::-D_REENTRANT::-ldl:BN_LLONG_BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-kfreebsd-amd64","gcc:-m64 -DL_ENDIAN -DTERMIOS ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-kfreebsd-i386","gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -march=i486::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-hppa","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -mtune=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-ia64","gcc:-DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-i386","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-i386-i486","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags} -march=i486::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-i386-i586","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags} -march=i586::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO ${debian_cflags} -march=i686::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-m68k","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mips",   "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mipsel",   "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mipsn32",   "mips64-linux-gnuabin32-gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mipsn32el",   "mips64el-linux-gnuabin32-gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mips64",   "mips64-linux-gnuabi64-gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mips64el",   "mips64el-linux-gnuabi64-gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-netbsd-i386",	"gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-netbsd-m68k",	"gcc:-DB_ENDIAN -DTERMIOS ${debian_cflags}::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-netbsd-sparc",	"gcc:-DB_ENDIAN -DTERMIOS ${debian_cflags} -mv8::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-openbsd-alpha","gcc:-DTERMIOS ${debian_cflags}::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-openbsd-i386",  "gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-openbsd-mips","gcc:-DL_ENDIAN ${debian_cflags}::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-or1k", "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-powerpcspe","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-ppc64","gcc:-m64 -DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-ppc64el","gcc:-m64 -DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64le:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-s390","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 
-+"debian-s390x","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sh3",   "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sh4",   "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sh3eb",   "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sh4eb",   "gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-m32r","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sparc","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -mcpu=v8 -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO ${debian_cflags} -mcpu=v9 -Wa,-Av8plus -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sparc64","gcc:-m64 -DB_ENDIAN -DTERMIO ${debian_cflags} -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-x32","gcc:-mx32 -DL_ENDIAN -DTERMIO ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::x32",
-+
- ####
- #### Variety of LINUX:-)
- ####
@@ -1,15 +0,0 @@
-Upstream-Status: Backport [debian]
-
-Index: openssl-1.0.0c/Makefile.org
-===================================================================
--- openssl-1.0.0c.orig/Makefile.org	2010-12-12 16:11:27.000000000 +0100
-+++ openssl-1.0.0c/Makefile.org	2010-12-12 16:11:37.000000000 +0100
-@@ -131,7 +131,7 @@
- 
- MAKEFILE= Makefile
- 
-MANDIR=$(OPENSSLDIR)/man
-+MANDIR=/usr/share/man
- MAN1=1
- MAN3=3
- MANSUFFIX=
@@ -1,34 +0,0 @@
-Upstream-Status: Backport [debian]
-
-Index: openssl-1.0.0c/Makefile.org
-===================================================================
--- openssl-1.0.0c.orig/Makefile.org	2010-12-12 16:11:37.000000000 +0100
-+++ openssl-1.0.0c/Makefile.org	2010-12-12 16:13:28.000000000 +0100
-@@ -160,7 +160,8 @@
- MANDIR=/usr/share/man
- MAN1=1
- MAN3=3
-MANSUFFIX=
-+MANSUFFIX=ssl
-+MANSECTION=SSL
- HTMLSUFFIX=html
- HTMLDIR=$(OPENSSLDIR)/html
- SHELL=/bin/sh
-@@ -651,7 +652,7 @@
- 		echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
- 		(cd `$(PERL) util/dirname.pl $$i`; \
- 		sh -c "$$pod2man \
-			--section=$$sec --center=OpenSSL \
-+			--section=$${sec}$(MANSECTION) --center=OpenSSL \
- 			--release=$(VERSION) `basename $$i`") \
- 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
- 		$(PERL) util/extract-names.pl < $$i | \
-@@ -668,7 +669,7 @@
- 		echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
- 		(cd `$(PERL) util/dirname.pl $$i`; \
- 		sh -c "$$pod2man \
-			--section=$$sec --center=OpenSSL \
-+			--section=$${sec}$(MANSECTION) --center=OpenSSL \
- 			--release=$(VERSION) `basename $$i`") \
- 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
- 		$(PERL) util/extract-names.pl < $$i | \
@@ -1,15 +0,0 @@
-Upstream-Status: Backport [debian]
-
-Index: openssl-1.0.0c/Makefile.shared
-===================================================================
--- openssl-1.0.0c.orig/Makefile.shared	2010-08-21 13:36:49.000000000 +0200
-+++ openssl-1.0.0c/Makefile.shared	2010-12-12 16:13:36.000000000 +0100
-@@ -153,7 +153,7 @@
- 	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
- 	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
- 
-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
-+DO_GNU_APP=LDFLAGS="$(CFLAGS)"
- 
- #This is rather special.  It's a special target with which one can link
- #applications without bothering with any features that have anything to
@@ -1,15 +0,0 @@
-Upstream-Status: Backport [debian]
-
-Index: openssl-1.0.0c/Makefile.shared
-===================================================================
--- openssl-1.0.0c.orig/Makefile.shared	2010-12-12 16:13:36.000000000 +0100
-+++ openssl-1.0.0c/Makefile.shared	2010-12-12 16:13:44.000000000 +0100
-@@ -151,7 +151,7 @@
- 	SHLIB_SUFFIX=; \
- 	ALLSYMSFLAGS='-Wl,--whole-archive'; \
- 	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
-	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
-+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
- 
- DO_GNU_APP=LDFLAGS="$(CFLAGS)"
- 
@@ -1,177 +0,0 @@
-Upstream-Status: Backport [debian]
-
-Index: openssl-1.0.1c/crypto/des/asm/desboth.pl
-===================================================================
--- openssl-1.0.1c.orig/crypto/des/asm/desboth.pl	2001-10-24 23:20:56.000000000 +0200
-+++ openssl-1.0.1c/crypto/des/asm/desboth.pl	2012-07-29 14:15:26.000000000 +0200
-@@ -16,6 +16,11 @@
- 
- 	&push("edi");
- 
-+	&call   (&label("pic_point0"));
-+	&set_label("pic_point0");
-+	&blindpop("ebp");
-+	&add    ("ebp", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]");
-+
- 	&comment("");
- 	&comment("Load the data words");
- 	&mov($L,&DWP(0,"ebx","",0));
-@@ -47,15 +52,21 @@
- 	&mov(&swtmp(2),	(DWC(($enc)?"1":"0")));
- 	&mov(&swtmp(1),	"eax");
- 	&mov(&swtmp(0),	"ebx");
-	&call("DES_encrypt2");
-+	&exch("ebx", "ebp");
-+	&call("DES_encrypt2\@PLT");
-+	&exch("ebx", "ebp");
- 	&mov(&swtmp(2),	(DWC(($enc)?"0":"1")));
- 	&mov(&swtmp(1),	"edi");
- 	&mov(&swtmp(0),	"ebx");
-	&call("DES_encrypt2");
-+	&exch("ebx", "ebp");
-+	&call("DES_encrypt2\@PLT");
-+	&exch("ebx", "ebp");
- 	&mov(&swtmp(2),	(DWC(($enc)?"1":"0")));
- 	&mov(&swtmp(1),	"esi");
- 	&mov(&swtmp(0),	"ebx");
-	&call("DES_encrypt2");
-+	&exch("ebx", "ebp");
-+	&call("DES_encrypt2\@PLT");
-+	&exch("ebx", "ebp");
- 
- 	&stack_pop(3);
- 	&mov($L,&DWP(0,"ebx","",0));
-Index: openssl-1.0.1c/crypto/perlasm/cbc.pl
-===================================================================
--- openssl-1.0.1c.orig/crypto/perlasm/cbc.pl	2011-07-13 08:22:46.000000000 +0200
-+++ openssl-1.0.1c/crypto/perlasm/cbc.pl	2012-07-29 14:15:26.000000000 +0200
-@@ -122,7 +122,11 @@
- 	&mov(&DWP($data_off,"esp","",0),	"eax");	# put in array for call
- 	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
- 
-	&call($enc_func);
-+	&call	(&label("pic_point0"));
-+	&set_label("pic_point0");
-+	&blindpop("ebx");
-+	&add	("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]");
-+	&call("$enc_func\@PLT");
- 
- 	&mov("eax",	&DWP($data_off,"esp","",0));
- 	&mov("ebx",	&DWP($data_off+4,"esp","",0));
-@@ -185,7 +189,11 @@
- 	&mov(&DWP($data_off,"esp","",0),	"eax");	# put in array for call
- 	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
- 
-	&call($enc_func);
-+	&call	(&label("pic_point1"));
-+	&set_label("pic_point1");
-+	&blindpop("ebx");
-+	&add	("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point1") . "]");
-+	&call("$enc_func\@PLT");
- 
- 	&mov("eax",	&DWP($data_off,"esp","",0));
- 	&mov("ebx",	&DWP($data_off+4,"esp","",0));
-@@ -218,7 +226,11 @@
- 	&mov(&DWP($data_off,"esp","",0),	"eax");	# put back
- 	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
- 
-	&call($dec_func);
-+	&call	(&label("pic_point2"));
-+	&set_label("pic_point2");
-+	&blindpop("ebx");
-+	&add	("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point2") . "]");
-+	&call("$dec_func\@PLT");
- 
- 	&mov("eax",	&DWP($data_off,"esp","",0));	# get return
- 	&mov("ebx",	&DWP($data_off+4,"esp","",0));	#
-@@ -261,7 +273,11 @@
- 	&mov(&DWP($data_off,"esp","",0),	"eax");	# put back
- 	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
- 
-	&call($dec_func);
-+	&call	(&label("pic_point3"));
-+	&set_label("pic_point3");
-+	&blindpop("ebx");
-+	&add	("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point3") . "]");
-+	&call("$dec_func\@PLT");
- 
- 	&mov("eax",	&DWP($data_off,"esp","",0));	# get return
- 	&mov("ebx",	&DWP($data_off+4,"esp","",0));	#
-Index: openssl-1.0.1c/crypto/perlasm/x86gas.pl
-===================================================================
--- openssl-1.0.1c.orig/crypto/perlasm/x86gas.pl	2011-12-09 20:16:35.000000000 +0100
-+++ openssl-1.0.1c/crypto/perlasm/x86gas.pl	2012-07-29 14:15:26.000000000 +0200
-@@ -161,6 +161,7 @@
- 	if ($::macosx)	{ push (@out,"$tmp,2\n"); }
- 	elsif ($::elf)	{ push (@out,"$tmp,4\n"); }
- 	else		{ push (@out,"$tmp\n"); }
-+	if ($::elf)	{ push (@out,".hidden\tOPENSSL_ia32cap_P\n"); }
-     }
-     push(@out,$initseg) if ($initseg);
- }
-@@ -218,8 +219,23 @@
-     elsif ($::elf)
-     {	$initseg.=<<___;
- .section	.init
-+___
-+        if ($::pic)
-+	{   $initseg.=<<___;
-+	pushl	%ebx
-+	call	.pic_point0
-+.pic_point0:
-+	popl	%ebx
-+	addl	\$_GLOBAL_OFFSET_TABLE_+[.-.pic_point0],%ebx
-+	call	$f\@PLT
-+	popl	%ebx
-+___
-+	}
-+	else
-+	{   $initseg.=<<___;
- 	call	$f
- ___
-+	}
-     }
-     elsif ($::coff)
-     {   $initseg.=<<___;	# applies to both Cygwin and Mingw
-Index: openssl-1.0.1c/crypto/x86cpuid.pl
-===================================================================
--- openssl-1.0.1c.orig/crypto/x86cpuid.pl	2012-02-28 15:20:34.000000000 +0100
-+++ openssl-1.0.1c/crypto/x86cpuid.pl	2012-07-29 14:15:26.000000000 +0200
-@@ -8,6 +8,8 @@
- 
- for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
- 
-+push(@out, ".hidden OPENSSL_ia32cap_P\n");
-+
- &function_begin("OPENSSL_ia32_cpuid");
- 	&xor	("edx","edx");
- 	&pushf	();
-@@ -139,9 +141,7 @@
- &set_label("nocpuid");
- &function_end("OPENSSL_ia32_cpuid");
- 
-&external_label("OPENSSL_ia32cap_P");
-
-&function_begin_B("OPENSSL_rdtsc","EXTRN\t_OPENSSL_ia32cap_P:DWORD");
-+&function_begin_B("OPENSSL_rdtsc");
- 	&xor	("eax","eax");
- 	&xor	("edx","edx");
- 	&picmeup("ecx","OPENSSL_ia32cap_P");
-@@ -155,7 +155,7 @@
- # This works in Ring 0 only [read DJGPP+MS-DOS+privileged DPMI host],
- # but it's safe to call it on any [supported] 32-bit platform...
- # Just check for [non-]zero return value...
-&function_begin_B("OPENSSL_instrument_halt","EXTRN\t_OPENSSL_ia32cap_P:DWORD");
-+&function_begin_B("OPENSSL_instrument_halt");
- 	&picmeup("ecx","OPENSSL_ia32cap_P");
- 	&bt	(&DWP(0,"ecx"),4);
- 	&jnc	(&label("nohalt"));	# no TSC
-@@ -222,7 +222,7 @@
- 	&ret	();
- &function_end_B("OPENSSL_far_spin");
- 
-&function_begin_B("OPENSSL_wipe_cpu","EXTRN\t_OPENSSL_ia32cap_P:DWORD");
-+&function_begin_B("OPENSSL_wipe_cpu");
- 	&xor	("eax","eax");
- 	&xor	("edx","edx");
- 	&picmeup("ecx","OPENSSL_ia32cap_P");
@@ -1,29 +0,0 @@
-From: Raphael Geissert <geissert@debian.org>
-Description: make X509_verify_cert indicate that any certificate whose
- name contains "Digicert Sdn. Bhd." (from Malaysia) is revoked.
-Forwarded: not-needed
-Origin: vendor
-Last-Update: 2011-11-05
-
-Upstream-Status: Backport [debian]
-
-
-Index: openssl-1.0.2~beta1/crypto/x509/x509_vfy.c
-===================================================================
--- openssl-1.0.2~beta1.orig/crypto/x509/x509_vfy.c	2014-02-25 00:16:12.488028844 +0100
-+++ openssl-1.0.2~beta1/crypto/x509/x509_vfy.c	2014-02-25 00:16:12.484028929 +0100
-@@ -964,10 +964,11 @@
- 	for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
- 		{
- 		x = sk_X509_value(ctx->chain, i);
-		/* Mark DigiNotar certificates as revoked, no matter
-		 * where in the chain they are.
-+		/* Mark certificates containing the following names as
-+		 * revoked, no matter where in the chain they are.
- 		 */
-		if (x->name && strstr(x->name, "DigiNotar"))
-+		if (x->name && (strstr(x->name, "DigiNotar") ||
-+			strstr(x->name, "Digicert Sdn. Bhd.")))
- 			{
- 			ctx->error = X509_V_ERR_CERT_REVOKED;
- 			ctx->error_depth = i;
@@ -1,68 +0,0 @@
-From: Raphael Geissert <geissert@debian.org>
-Description: make X509_verify_cert indicate that any certificate whose
- name contains "DigiNotar" is revoked.
-Forwarded: not-needed
-Origin: vendor
-Last-Update: 2011-09-08
-Bug: http://bugs.debian.org/639744
-Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
-Reviewed-by: Dr Stephen N Henson <shenson@drh-consultancy.co.uk>
-
-This is not meant as final patch.  
-
-Upstream-Status: Backport [debian]
-
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
-Index: openssl-1.0.2g/crypto/x509/x509_vfy.c
-===================================================================
--- openssl-1.0.2g.orig/crypto/x509/x509_vfy.c
-+++ openssl-1.0.2g/crypto/x509/x509_vfy.c
-@@ -119,6 +119,7 @@ static int check_trust(X509_STORE_CTX *c
- static int check_revocation(X509_STORE_CTX *ctx);
- static int check_cert(X509_STORE_CTX *ctx);
- static int check_policy(X509_STORE_CTX *ctx);
-+static int check_ca_blacklist(X509_STORE_CTX *ctx);
- 
- static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
-                          unsigned int *preasons, X509_CRL *crl, X509 *x);
-@@ -489,6 +490,9 @@ int X509_verify_cert(X509_STORE_CTX *ctx
-     if (!ok)
-         goto err;
- 
-+	ok = check_ca_blacklist(ctx);
-+	if(!ok) goto err;
-+
- #ifndef OPENSSL_NO_RFC3779
-     /* RFC 3779 path validation, now that CRL check has been done */
-     ok = v3_asid_validate_path(ctx);
-@@ -996,6 +1000,29 @@ static int check_crl_time(X509_STORE_CTX
-     return 1;
- }
- 
-+static int check_ca_blacklist(X509_STORE_CTX *ctx)
-+	{
-+	X509 *x;
-+	int i;
-+	/* Check all certificates against the blacklist */
-+	for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
-+		{
-+		x = sk_X509_value(ctx->chain, i);
-+		/* Mark DigiNotar certificates as revoked, no matter
-+		 * where in the chain they are.
-+		 */
-+		if (x->name && strstr(x->name, "DigiNotar"))
-+			{
-+			ctx->error = X509_V_ERR_CERT_REVOKED;
-+			ctx->error_depth = i;
-+			ctx->current_cert = x;
-+			if (!ctx->verify_cb(0,ctx))
-+				return 0;
-+			}
-+		}
-+	return 1;
-+	}
-+
- static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
-                       X509 **pissuer, int *pscore, unsigned int *preasons,
-                       STACK_OF(X509_CRL) *crls)
@@ -1,15 +0,0 @@
-Upstream-Status: Inappropriate
-
-Index: openssl-1.0.2d/crypto/opensslv.h
-===================================================================
--- openssl-1.0.2d.orig/crypto/opensslv.h
-+++ openssl-1.0.2d/crypto/opensslv.h
-@@ -88,7 +88,7 @@ extern "C" {
-  * should only keep the versions that are binary compatible with the current.
-  */
- # define SHLIB_VERSION_HISTORY ""
-# define SHLIB_VERSION_NUMBER "1.0.0"
-+# define SHLIB_VERSION_NUMBER "1.0.2"
- 
- 
- #ifdef  __cplusplus
@@ -1,64 +0,0 @@
-Upstream-Status: Inappropriate [configuration]
-
-
-Index: openssl-1.0.2/engines/Makefile
-===================================================================
--- openssl-1.0.2.orig/engines/Makefile
-+++ openssl-1.0.2/engines/Makefile
-@@ -107,13 +107,13 @@ install:
- 	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
- 	@if [ -n "$(SHARED_LIBS)" ]; then \
- 		set -e; \
-		$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines; \
-+		$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines; \
- 		for l in $(LIBNAMES); do \
- 			( echo installing $$l; \
- 			  pfx=lib; \
- 			  if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
- 				sfx=".so"; \
-				cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
-+				cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \
- 			  else \
- 				case "$(CFLAGS)" in \
- 				*DSO_BEOS*)	sfx=".so";;	\
-@@ -122,10 +122,10 @@ install:
- 				*DSO_WIN32*)	sfx="eay32.dll"; pfx=;;	\
- 				*)		sfx=".bad";;	\
- 				esac; \
-				cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
-+				cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \
- 			  fi; \
-			  chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
-			  mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
-+			  chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \
-+			  mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx ); \
- 		done; \
- 	fi
- 	@target=install; $(RECURSIVE_MAKE)
-Index: openssl-1.0.2/engines/ccgost/Makefile
-===================================================================
--- openssl-1.0.2.orig/engines/ccgost/Makefile
-+++ openssl-1.0.2/engines/ccgost/Makefile
-@@ -47,7 +47,7 @@ install:
- 		pfx=lib; \
- 		if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
- 			sfx=".so"; \
-			cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
-+			cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \
- 		else \
- 			case "$(CFLAGS)" in \
- 			*DSO_BEOS*) sfx=".so";; \
-@@ -56,10 +56,10 @@ install:
- 			*DSO_WIN32*) sfx="eay32.dll"; pfx=;; \
- 			*) sfx=".bad";; \
- 			esac; \
-			cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
-+			cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \
- 		fi; \
-		chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
-		mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \
-+		chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \
-+		mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx; \
- 	fi
- 
- links:
@@ -1,24 +0,0 @@
-Upstream-Status: Inappropriate [open-embedded]
-
-Index: openssl-1.0.0/Makefile.shared
-===================================================================
--- openssl-1.0.0.orig/Makefile.shared
-+++ openssl-1.0.0/Makefile.shared
-@@ -92,7 +92,7 @@
- LINK_APP=	\
-   ( $(SET_X);   \
-     LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \
-    LDCMD="$${LDCMD:-$(CC)}"; LDFLAGS="$${LDFLAGS:-$(CFLAGS)}"; \
-+    LDCMD="$${LDCMD:-$(CC)}"; LDFLAGS="$(OE_LDFLAGS) $${LDFLAGS:-$(CFLAGS)}"; \
-     LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
-     LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
-     LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
-@@ -102,7 +102,7 @@
-   ( $(SET_X);   \
-     LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \
-     SHAREDCMD="$${SHAREDCMD:-$(CC)}"; \
-    SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
-+    SHAREDFLAGS="$(OE_LDFLAGS) $${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
-     LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
-     LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
-     LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
@@ -1,222 +0,0 @@
-#!/bin/sh
-#
-# Ben Secrest <blsecres@gmail.com>
-#
-# sh c_rehash script, scan all files in a directory
-# and add symbolic links to their hash values.
-#
-# based on the c_rehash perl script distributed with openssl
-#
-# LICENSE: See OpenSSL license
-# ^^acceptable?^^
-#
-
-# default certificate location
-DIR=/etc/openssl
-
-# for filetype bitfield
-IS_CERT=$(( 1 << 0 ))
-IS_CRL=$(( 1 << 1 ))
-
-
-# check to see if a file is a certificate file or a CRL file
-# arguments:
-#       1. the filename to be scanned
-# returns:
-#       bitfield of file type; uses ${IS_CERT} and ${IS_CRL}
-#
-check_file()
-{
-    local IS_TYPE=0
-
-    # make IFS a newline so we can process grep output line by line
-    local OLDIFS=${IFS}
-    IFS=$( printf "\n" )
-
-    # XXX: could be more efficient to have two 'grep -m' but is -m portable?
-    for LINE in $( grep '^-----BEGIN .*-----' ${1} )
-    do
-	if echo ${LINE} \
-	    | grep -q -E '^-----BEGIN (X509 |TRUSTED )?CERTIFICATE-----'
-	then
-	    IS_TYPE=$(( ${IS_TYPE} | ${IS_CERT} ))
-
-	    if [ $(( ${IS_TYPE} & ${IS_CRL} )) -ne 0 ]
-	    then
-	    	break
-	    fi
-	elif echo ${LINE} | grep -q '^-----BEGIN X509 CRL-----'
-	then
-	    IS_TYPE=$(( ${IS_TYPE} | ${IS_CRL} ))
-
-	    if [ $(( ${IS_TYPE} & ${IS_CERT} )) -ne 0 ]
-	    then
-	    	break
-	    fi
-	fi
-    done
-
-    # restore IFS
-    IFS=${OLDIFS}
-
-    return ${IS_TYPE}
-}
-
-
-#
-# use openssl to fingerprint a file
-#    arguments:
-#	1. the filename to fingerprint
-#	2. the method to use (x509, crl)
-#    returns:
-#	none
-#    assumptions:
-#	user will capture output from last stage of pipeline
-#
-fingerprint()
-{
-    ${SSL_CMD} ${2} -fingerprint -noout -in ${1} | sed 's/^.*=//' | tr -d ':'
-}
-
-
-#
-# link_hash - create links to certificate files
-#    arguments:
-#       1. the filename to create a link for
-#	2. the type of certificate being linked (x509, crl)
-#    returns:
-#	0 on success, 1 otherwise
-#
-link_hash()
-{
-    local FINGERPRINT=$( fingerprint ${1} ${2} )
-    local HASH=$( ${SSL_CMD} ${2} -hash -noout -in ${1} )
-    local SUFFIX=0
-    local LINKFILE=''
-    local TAG=''
-
-    if [ ${2} = "crl" ]
-    then
-    	TAG='r'
-    fi
-
-    LINKFILE=${HASH}.${TAG}${SUFFIX}
-
-    while [ -f ${LINKFILE} ]
-    do
-	if [ ${FINGERPRINT} = $( fingerprint ${LINKFILE} ${2} ) ]
-	then
-	    echo "NOTE: Skipping duplicate file ${1}" >&2
-	    return 1
-	fi	
-
-	SUFFIX=$(( ${SUFFIX} + 1 ))
-	LINKFILE=${HASH}.${TAG}${SUFFIX}
-    done
-
-    echo "${3} => ${LINKFILE}"
-
-    # assume any system with a POSIX shell will either support symlinks or
-    # do something to handle this gracefully
-    ln -s ${3} ${LINKFILE}
-
-    return 0
-}
-
-
-# hash_dir create hash links in a given directory
-hash_dir()
-{
-    echo "Doing ${1}"
-
-    cd ${1}
-
-    ls -1 * 2>/dev/null | while read FILE
-    do
-        if echo ${FILE} | grep -q -E '^[[:xdigit:]]{8}\.r?[[:digit:]]+$' \
-	    	&& [ -h "${FILE}" ]
-        then
-            rm ${FILE}
-        fi
-    done
-
-    ls -1 *.pem *.cer *.crt *.crl 2>/dev/null | while read FILE
-    do
-	REAL_FILE=${FILE}
-	# if we run on build host then get to the real files in rootfs
-	if [ -n "${SYSROOT}" -a -h ${FILE} ]
-	then
-	    FILE=$( readlink ${FILE} )
-	    # check the symlink is absolute (or dangling in other word)
-	    if [ "x/" = "x$( echo ${FILE} | cut -c1 -)" ]
-	    then
-		REAL_FILE=${SYSROOT}/${FILE}
-	    fi
-	fi
-
-	check_file ${REAL_FILE}
-        local FILE_TYPE=${?}
-	local TYPE_STR=''
-
-        if [ $(( ${FILE_TYPE} & ${IS_CERT} )) -ne 0 ]
-        then
-            TYPE_STR='x509'
-        elif [ $(( ${FILE_TYPE} & ${IS_CRL} )) -ne 0 ]
-        then
-            TYPE_STR='crl'
-        else
-            echo "NOTE: ${FILE} does not contain a certificate or CRL: skipping" >&2
-	    continue
-        fi
-
-	link_hash ${REAL_FILE} ${TYPE_STR} ${FILE}
-    done
-}
-
-
-# choose the name of an ssl application
-if [ -n "${OPENSSL}" ]
-then
-    SSL_CMD=$(which ${OPENSSL} 2>/dev/null)
-else
-    SSL_CMD=/usr/bin/openssl
-    OPENSSL=${SSL_CMD}
-    export OPENSSL
-fi
-
-# fix paths
-PATH=${PATH}:${DIR}/bin
-export PATH
-
-# confirm existance/executability of ssl command
-if ! [ -x ${SSL_CMD} ]
-then
-    echo "${0}: rehashing skipped ('openssl' program not available)" >&2
-    exit 0
-fi
-
-# determine which directories to process
-old_IFS=$IFS
-if [ ${#} -gt 0 ]
-then
-    IFS=':'
-    DIRLIST=${*}
-elif [ -n "${SSL_CERT_DIR}" ]
-then
-    DIRLIST=$SSL_CERT_DIR
-else
-    DIRLIST=${DIR}/certs
-fi
-
-IFS=':'
-
-# process directories
-for CERT_DIR in ${DIRLIST}
-do
-    if [ -d ${CERT_DIR} -a -w ${CERT_DIR} ]
-    then
-        IFS=$old_IFS
-        hash_dir ${CERT_DIR}
-        IFS=':'
-    fi
-done
@@ -1,19 +0,0 @@
-openssl: Fix pod2man des.pod error on Ubuntu 12.04
-
-This is a formatting fix, '=back' is required before
-'=head1' on Ubuntu 12.04.
-
-Upstream-Status: Pending
-Signed-off-by: Baogen Shang <baogen.shang@windriver.com>
-diff -urpN a_origin/des.pod b_modify/des.pod
--- a_origin/crypto/des/des.pod	2013-08-15 15:02:56.211674589 +0800
-+++ b_modify/crypto/des/des.pod	2013-08-15 15:04:14.439674580 +0800
-@@ -181,6 +181,8 @@ the uuencoded file to embed in the begin
- output.  If there is no name specified after the B<-u>, the name text.des
- will be embedded in the header.
- 
-+=back
-+
- =head1 SEE ALSO
- 
- ps(1),
@@ -1,39 +0,0 @@
-Upstream-Status: Pending
-
-Received from H J Liu @ Intel
-Make the assembly syntax compatible with x32 gcc. Othewise x32 gcc throws errors.
-Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/07/13
-
-ported the patch to the 1.0.0e version
-Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/12/01
-Index: openssl-1.0.2/crypto/bn/bn.h
-===================================================================
--- openssl-1.0.2.orig/crypto/bn/bn.h
-+++ openssl-1.0.2/crypto/bn/bn.h
-@@ -173,6 +173,13 @@ extern "C" {
- #  endif
- # endif
- 
-+/* Address type.  */
-+#ifdef _WIN64
-+#define BN_ADDR unsigned long long
-+#else
-+#define BN_ADDR unsigned long
-+#endif
-+
- /*
-  * assuming long is 64bit - this is the DEC Alpha unsigned long long is only
-  * 64 bits :-(, don't define BN_LLONG for the DEC Alpha
-Index: openssl-1.0.2/crypto/bn/bn_exp.c
-===================================================================
--- openssl-1.0.2.orig/crypto/bn/bn_exp.c
-+++ openssl-1.0.2/crypto/bn/bn_exp.c
-@@ -638,7 +638,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBU
-  * multiple.
-  */
- #define MOD_EXP_CTIME_ALIGN(x_) \
-        ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
-+	((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ADDR)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
- 
- /*
-  * This variant of BN_mod_exp_mont() uses fixed windows and the special
@@ -1,368 +0,0 @@
-From 7fb1192f112c1920bfd39f4185f34e9afff3cff2 Mon Sep 17 00:00:00 2001
-From: Ross Burton <ross.burton@intel.com>
-Date: Sat, 5 Mar 2016 00:12:02 +0000
-Subject: [PATCH 24/28] Fix the parallel races in the Makefiles.
-
-This patch was taken from the Gentoo packaging:
-https://gitweb.gentoo.org/repo/gentoo.git/plain/dev-libs/openssl/files/openssl-1.0.2g-parallel-build.patch
-
-Upstream-Status: Pending
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-Refreshed for 1.0.2i
-Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
-
---
- Makefile.org                                   | 14 ++--
- Makefile.shared                                |  2 +
- crypto/Makefile                                | 10 +--
- engines/Makefile                               |  6 +-
- test/Makefile                                  | 94 +++++++++++-----------
- 5 files changed, 64 insertions(+), 62 deletions(-)
-
-diff --git a/Makefile.org b/Makefile.org
-index efcfafb..82eab91 100644
--- a/Makefile.org
-+++ b/Makefile.org
-@@ -282,17 +282,17 @@ build_libcrypto: build_crypto build_engines libcrypto.pc
- build_libssl: build_ssl libssl.pc
- 
- build_crypto:
-	@dir=crypto; target=all; $(BUILD_ONE_CMD)
-+	+@dir=crypto; target=all; $(BUILD_ONE_CMD)
- build_ssl: build_crypto
-	@dir=ssl; target=all; $(BUILD_ONE_CMD)
-+	+@dir=ssl; target=all; $(BUILD_ONE_CMD)
- build_engines: build_crypto
-	@dir=engines; target=all; $(BUILD_ONE_CMD)
-+	+@dir=engines; target=all; $(BUILD_ONE_CMD)
- build_apps: build_libs
-	@dir=apps; target=all; $(BUILD_ONE_CMD)
-+	+@dir=apps; target=all; $(BUILD_ONE_CMD)
- build_tests: build_libs
-	@dir=test; target=all; $(BUILD_ONE_CMD)
-+	+@dir=test; target=all; $(BUILD_ONE_CMD)
- build_tools: build_libs
-	@dir=tools; target=all; $(BUILD_ONE_CMD)
-+	+@dir=tools; target=all; $(BUILD_ONE_CMD)
- 
- all_testapps: build_libs build_testapps
- build_testapps:
-@@ -564,7 +564,7 @@ install_sw:
- 	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
- 	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
- 	done;
-	@set -e; target=install; $(RECURSIVE_BUILD_CMD)
-+	+@set -e; target=install; $(RECURSIVE_BUILD_CMD)
- 	@set -e; liblist="$(LIBS)"; for i in $$liblist ;\
- 	do \
- 		if [ -f "$$i" ]; then \
-diff --git a/Makefile.shared b/Makefile.shared
-index bbefb2b..18013a9 100644
--- a/Makefile.shared
-+++ b/Makefile.shared
-@@ -105,6 +105,7 @@ LINK_SO=	\
-     SHAREDFLAGS="$(OE_LDFLAGS) $${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
-     LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
-     LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
-+    [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \
-     LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
-     $${SHAREDCMD} $${SHAREDFLAGS} \
- 	-o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
-@@ -122,6 +123,7 @@ SYMLINK_SO=	\
- 			done; \
- 		fi; \
- 		if [ -n "$$SHLIB_SOVER" ]; then \
-+			[ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
- 			( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
- 			  ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
- 		fi; \
-diff --git a/crypto/Makefile b/crypto/Makefile
-index 875ea1a..c22b683 100644
--- a/crypto/Makefile
-+++ b/crypto/Makefile
-@@ -85,11 +85,11 @@ testapps:
- 	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
- 
- subdirs:
-	@target=all; $(RECURSIVE_MAKE)
-+	+@target=all; $(RECURSIVE_MAKE)
- 
- files:
- 	$(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO
-	@target=files; $(RECURSIVE_MAKE)
-+	+@target=files; $(RECURSIVE_MAKE)
- 
- links:
- 	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
-@@ -100,7 +100,7 @@ links:
- # lib: $(LIB): are splitted to avoid end-less loop
- lib:	$(LIB)
- 	@touch lib
-$(LIB):	$(LIBOBJ)
-+$(LIB):	$(LIBOBJ) | subdirs
- 	$(AR) $(LIB) $(LIBOBJ)
- 	test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
- 	$(RANLIB) $(LIB) || echo Never mind.
-@@ -111,7 +111,7 @@ shared: buildinf.h lib subdirs
- 	fi
- 
- libs:
-	@target=lib; $(RECURSIVE_MAKE)
-+	+@target=lib; $(RECURSIVE_MAKE)
- 
- install:
- 	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
-@@ -120,7 +120,7 @@ install:
- 	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
- 	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
- 	done;
-	@target=install; $(RECURSIVE_MAKE)
-+	+@target=install; $(RECURSIVE_MAKE)
- 
- lint:
- 	@target=lint; $(RECURSIVE_MAKE)
-diff --git a/engines/Makefile b/engines/Makefile
-index fe8e9ca..a43d21b 100644
--- a/engines/Makefile
-+++ b/engines/Makefile
-@@ -72,7 +72,7 @@ top:
- 
- all:	lib subdirs
- 
-lib:	$(LIBOBJ)
-+lib:	$(LIBOBJ) | subdirs
- 	@if [ -n "$(SHARED_LIBS)" ]; then \
- 		set -e; \
- 		for l in $(LIBNAMES); do \
-@@ -89,7 +89,7 @@ lib:	$(LIBOBJ)
- 
- subdirs:
- 	echo $(EDIRS)
-	@target=all; $(RECURSIVE_MAKE)
-+	+@target=all; $(RECURSIVE_MAKE)
- 
- files:
- 	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
-@@ -128,7 +128,7 @@ install:
- 			  mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx ); \
- 		done; \
- 	fi
-	@target=install; $(RECURSIVE_MAKE)
-+	+@target=install; $(RECURSIVE_MAKE)
- 
- tags:
- 	ctags $(SRC)
-diff --git a/test/Makefile b/test/Makefile
-index 36506cf..c69af8b 100644
--- a/test/Makefile
-+++ b/test/Makefile
-@@ -145,7 +145,7 @@ install:
- tags:
- 	ctags $(SRC)
- 
-tests:	exe apps $(TESTS)
-+tests:	exe $(TESTS)
- 
- apps:
- 	@(cd ..; $(MAKE) DIRS=apps all)
-@@ -448,142 +448,142 @@ BUILD_CMD_STATIC=shlib_target=; \
- 		link_app.$${shlib_target}
- 
- $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
-	@target=$(RSATEST); $(BUILD_CMD)
-+	+@target=$(RSATEST); $(BUILD_CMD)
- 
- $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
-	@target=$(BNTEST); $(BUILD_CMD)
-+	+@target=$(BNTEST); $(BUILD_CMD)
- 
- $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
-	@target=$(ECTEST); $(BUILD_CMD)
-+	+@target=$(ECTEST); $(BUILD_CMD)
- 
- $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
-	@target=$(EXPTEST); $(BUILD_CMD)
-+	+@target=$(EXPTEST); $(BUILD_CMD)
- 
- $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
-	@target=$(IDEATEST); $(BUILD_CMD)
-+	+@target=$(IDEATEST); $(BUILD_CMD)
- 
- $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
-	@target=$(MD2TEST); $(BUILD_CMD)
-+	+@target=$(MD2TEST); $(BUILD_CMD)
- 
- $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
-	@target=$(SHATEST); $(BUILD_CMD)
-+	+@target=$(SHATEST); $(BUILD_CMD)
- 
- $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
-	@target=$(SHA1TEST); $(BUILD_CMD)
-+	+@target=$(SHA1TEST); $(BUILD_CMD)
- 
- $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
-	@target=$(SHA256TEST); $(BUILD_CMD)
-+	+@target=$(SHA256TEST); $(BUILD_CMD)
- 
- $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
-	@target=$(SHA512TEST); $(BUILD_CMD)
-+	+@target=$(SHA512TEST); $(BUILD_CMD)
- 
- $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
-	@target=$(RMDTEST); $(BUILD_CMD)
-+	+@target=$(RMDTEST); $(BUILD_CMD)
- 
- $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
-	@target=$(MDC2TEST); $(BUILD_CMD)
-+	+@target=$(MDC2TEST); $(BUILD_CMD)
- 
- $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
-	@target=$(MD4TEST); $(BUILD_CMD)
-+	+@target=$(MD4TEST); $(BUILD_CMD)
- 
- $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
-	@target=$(MD5TEST); $(BUILD_CMD)
-+	+@target=$(MD5TEST); $(BUILD_CMD)
- 
- $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
-	@target=$(HMACTEST); $(BUILD_CMD)
-+	+@target=$(HMACTEST); $(BUILD_CMD)
- 
- $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
-	@target=$(WPTEST); $(BUILD_CMD)
-+	+@target=$(WPTEST); $(BUILD_CMD)
- 
- $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
-	@target=$(RC2TEST); $(BUILD_CMD)
-+	+@target=$(RC2TEST); $(BUILD_CMD)
- 
- $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
-	@target=$(BFTEST); $(BUILD_CMD)
-+	+@target=$(BFTEST); $(BUILD_CMD)
- 
- $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
-	@target=$(CASTTEST); $(BUILD_CMD)
-+	+@target=$(CASTTEST); $(BUILD_CMD)
- 
- $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
-	@target=$(RC4TEST); $(BUILD_CMD)
-+	+@target=$(RC4TEST); $(BUILD_CMD)
- 
- $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
-	@target=$(RC5TEST); $(BUILD_CMD)
-+	+@target=$(RC5TEST); $(BUILD_CMD)
- 
- $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
-	@target=$(DESTEST); $(BUILD_CMD)
-+	+@target=$(DESTEST); $(BUILD_CMD)
- 
- $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
-	@target=$(RANDTEST); $(BUILD_CMD)
-+	+@target=$(RANDTEST); $(BUILD_CMD)
- 
- $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
-	@target=$(DHTEST); $(BUILD_CMD)
-+	+@target=$(DHTEST); $(BUILD_CMD)
- 
- $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
-	@target=$(DSATEST); $(BUILD_CMD)
-+	+@target=$(DSATEST); $(BUILD_CMD)
- 
- $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
-	@target=$(METHTEST); $(BUILD_CMD)
-+	+@target=$(METHTEST); $(BUILD_CMD)
- 
- $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
-	@target=$(SSLTEST); $(FIPS_BUILD_CMD)
-+	+@target=$(SSLTEST); $(FIPS_BUILD_CMD)
- 
- $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
-	@target=$(ENGINETEST); $(BUILD_CMD)
-+	+@target=$(ENGINETEST); $(BUILD_CMD)
- 
- $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
-	@target=$(EVPTEST); $(BUILD_CMD)
-+	+@target=$(EVPTEST); $(BUILD_CMD)
- 
- $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO)
-	@target=$(EVPEXTRATEST); $(BUILD_CMD)
-+	+@target=$(EVPEXTRATEST); $(BUILD_CMD)
- 
- $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
-	@target=$(ECDSATEST); $(BUILD_CMD)
-+	+@target=$(ECDSATEST); $(BUILD_CMD)
- 
- $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
-	@target=$(ECDHTEST); $(BUILD_CMD)
-+	+@target=$(ECDHTEST); $(BUILD_CMD)
- 
- $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
-	@target=$(IGETEST); $(BUILD_CMD)
-+	+@target=$(IGETEST); $(BUILD_CMD)
- 
- $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
-	@target=$(JPAKETEST); $(BUILD_CMD)
-+	+@target=$(JPAKETEST); $(BUILD_CMD)
- 
- $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
-	@target=$(ASN1TEST); $(BUILD_CMD)
-+	+@target=$(ASN1TEST); $(BUILD_CMD)
- 
- $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
-	@target=$(SRPTEST); $(BUILD_CMD)
-+	+@target=$(SRPTEST); $(BUILD_CMD)
- 
- $(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO)
-	@target=$(V3NAMETEST); $(BUILD_CMD)
-+	+@target=$(V3NAMETEST); $(BUILD_CMD)
- 
- $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO)
-	@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
-+	+@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
- 
- $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o
-	@target=$(CONSTTIMETEST) $(BUILD_CMD)
-+	+@target=$(CONSTTIMETEST) $(BUILD_CMD)
- 
- $(VERIFYEXTRATEST)$(EXE_EXT): $(VERIFYEXTRATEST).o
-	@target=$(VERIFYEXTRATEST) $(BUILD_CMD)
-+	+@target=$(VERIFYEXTRATEST) $(BUILD_CMD)
- 
- $(CLIENTHELLOTEST)$(EXE_EXT): $(CLIENTHELLOTEST).o
-	@target=$(CLIENTHELLOTEST) $(BUILD_CMD)
-+	+@target=$(CLIENTHELLOTEST) $(BUILD_CMD)
- 
- $(BADDTLSTEST)$(EXE_EXT): $(BADDTLSTEST).o
-	@target=$(BADDTLSTEST) $(BUILD_CMD)
-+	+@target=$(BADDTLSTEST) $(BUILD_CMD)
- 
- $(FATALERRTEST)$(EXE_EXT): $(FATALERRTEST).o ssltestlib.o $(DLIBSSL) $(DLIBCRYPTO)
- 	@target=$(FATALERRTEST); exobj=ssltestlib.o; $(BUILD_CMD)
-
- $(X509TIMETEST)$(EXE_EXT): $(X509TIMETEST).o
-	@target=$(X509TIMETEST) $(BUILD_CMD)
-+	+@target=$(X509TIMETEST) $(BUILD_CMD)
-
- $(SSLV2CONFTEST)$(EXE_EXT): $(SSLV2CONFTEST).o
-	@target=$(SSLV2CONFTEST) $(BUILD_CMD)
-+	+@target=$(SSLV2CONFTEST) $(BUILD_CMD)
- 
- $(DTLSTEST)$(EXE_EXT): $(DTLSTEST).o ssltestlib.o $(DLIBSSL) $(DLIBCRYPTO)
-	@target=$(DTLSTEST); exobj=ssltestlib.o; $(BUILD_CMD)
-+	+@target=$(DTLSTEST); exobj=ssltestlib.o; $(BUILD_CMD)
- 
- #$(AESTEST).o: $(AESTEST).c
- #	$(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
-@@ -596,7 +596,7 @@ $(DTLSTEST)$(EXE_EXT): $(DTLSTEST).o ssltestlib.o $(DLIBSSL) $(DLIBCRYPTO)
- #	fi
- 
- dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
-	@target=dummytest; $(BUILD_CMD)
-+	+@target=dummytest; $(BUILD_CMD)
- 
- # DO NOT DELETE THIS LINE -- make depend depends on it.
- 
-- 
-2.15.1
-
@@ -1,34 +0,0 @@
-Remove Makefile dependencies for test targets
-
-These are probably here because the executables aren't always built for
-other platforms (e.g. Windows); however we can safely assume they'll
-always be there. None of the other test targets have such dependencies
-and if we don't remove them, make tries to rebuild the executables and
-fails during run-ptest.
-
-Upstream-Status: Inappropriate [config]
-
-Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
-
-Index: openssl-1.0.2/test/Makefile
-===================================================================
--- openssl-1.0.2.orig/test/Makefile
-+++ openssl-1.0.2/test/Makefile
-@@ -330,7 +330,7 @@ test_cms: ../apps/openssl$(EXE_EXT) cms-
- 	@echo "CMS consistency test"
- 	$(PERL) cms-test.pl
- 
-test_srp: $(SRPTEST)$(EXE_EXT)
-+test_srp:
- 	@echo "Test SRP"
- 	../util/shlib_wrap.sh ./srptest
- 
-@@ -342,7 +342,7 @@ test_v3name: $(V3NAMETEST)$(EXE_EXT)
- 	@echo "Test X509v3_check_*"
- 	../util/shlib_wrap.sh ./$(V3NAMETEST)
- 
-test_heartbeat: $(HEARTBEATTEST)$(EXE_EXT)
-+test_heartbeat:
- 	../util/shlib_wrap.sh ./$(HEARTBEATTEST)
- 
- test_constant_time: $(CONSTTIMETEST)$(EXE_EXT)
@@ -1,248 +0,0 @@
-Additional Makefile dependencies removal for test targets
-
-Removing the dependency check for test targets as these tests are
-causing a number of failures and "noise" during ptest execution.
-
-Upstream-Status: Inappropriate [config]
-
-Signed-off-by: Maxin B. John <maxin.john@intel.com>
-
-diff -Naur openssl-1.0.2d-orig/test/Makefile openssl-1.0.2d/test/Makefile
--- openssl-1.0.2d-orig/test/Makefile	2015-09-28 12:50:41.530022979 +0300
-+++ openssl-1.0.2d/test/Makefile	2015-09-28 12:57:45.930717240 +0300
-@@ -155,67 +155,67 @@
- 	( $(MAKE) $$i && echo "PASS: $$i" ) || echo "FAIL: $$i"; \
- 	done)
- 
-test_evp: $(EVPTEST)$(EXE_EXT) evptests.txt
-+test_evp:
- 	../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
- 
-test_evp_extra: $(EVPEXTRATEST)$(EXE_EXT)
-+test_evp_extra:
- 	../util/shlib_wrap.sh ./$(EVPEXTRATEST)
- 
-test_des: $(DESTEST)$(EXE_EXT)
-+test_des:
- 	../util/shlib_wrap.sh ./$(DESTEST)
- 
-test_idea: $(IDEATEST)$(EXE_EXT)
-+test_idea:
- 	../util/shlib_wrap.sh ./$(IDEATEST)
- 
-test_sha: $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT)
-+test_sha:
- 	../util/shlib_wrap.sh ./$(SHATEST)
- 	../util/shlib_wrap.sh ./$(SHA1TEST)
- 	../util/shlib_wrap.sh ./$(SHA256TEST)
- 	../util/shlib_wrap.sh ./$(SHA512TEST)
- 
-test_mdc2: $(MDC2TEST)$(EXE_EXT)
-+test_mdc2:
- 	../util/shlib_wrap.sh ./$(MDC2TEST)
- 
-test_md5: $(MD5TEST)$(EXE_EXT)
-+test_md5:
- 	../util/shlib_wrap.sh ./$(MD5TEST)
- 
-test_md4: $(MD4TEST)$(EXE_EXT)
-+test_md4:
- 	../util/shlib_wrap.sh ./$(MD4TEST)
- 
-test_hmac: $(HMACTEST)$(EXE_EXT)
-+test_hmac:
- 	../util/shlib_wrap.sh ./$(HMACTEST)
- 
-test_wp: $(WPTEST)$(EXE_EXT)
-+test_wp:
- 	../util/shlib_wrap.sh ./$(WPTEST)
- 
-test_md2: $(MD2TEST)$(EXE_EXT)
-+test_md2:
- 	../util/shlib_wrap.sh ./$(MD2TEST)
- 
-test_rmd: $(RMDTEST)$(EXE_EXT)
-+test_rmd:
- 	../util/shlib_wrap.sh ./$(RMDTEST)
- 
-test_bf: $(BFTEST)$(EXE_EXT)
-+test_bf:
- 	../util/shlib_wrap.sh ./$(BFTEST)
- 
-test_cast: $(CASTTEST)$(EXE_EXT)
-+test_cast:
- 	../util/shlib_wrap.sh ./$(CASTTEST)
- 
-test_rc2: $(RC2TEST)$(EXE_EXT)
-+test_rc2:
- 	../util/shlib_wrap.sh ./$(RC2TEST)
- 
-test_rc4: $(RC4TEST)$(EXE_EXT)
-+test_rc4:
- 	../util/shlib_wrap.sh ./$(RC4TEST)
- 
-test_rc5: $(RC5TEST)$(EXE_EXT)
-+test_rc5:
- 	../util/shlib_wrap.sh ./$(RC5TEST)
- 
-test_rand: $(RANDTEST)$(EXE_EXT)
-+test_rand:
- 	../util/shlib_wrap.sh ./$(RANDTEST)
- 
-test_enc: ../apps/openssl$(EXE_EXT) testenc
-+test_enc:
- 	@sh ./testenc
- 
-test_x509: ../apps/openssl$(EXE_EXT) tx509 testx509.pem v3-cert1.pem v3-cert2.pem
-+test_x509:
- 	echo test normal x509v1 certificate
- 	sh ./tx509 2>/dev/null
- 	echo test first x509v3 certificate
-@@ -223,25 +223,25 @@
- 	echo test second x509v3 certificate
- 	sh ./tx509 v3-cert2.pem 2>/dev/null
- 
-test_rsa: ../apps/openssl$(EXE_EXT) trsa testrsa.pem
-+test_rsa:
- 	@sh ./trsa 2>/dev/null
- 	../util/shlib_wrap.sh ./$(RSATEST)
- 
-test_crl: ../apps/openssl$(EXE_EXT) tcrl testcrl.pem
-+test_crl:
- 	@sh ./tcrl 2>/dev/null
- 
-test_sid: ../apps/openssl$(EXE_EXT) tsid testsid.pem
-+test_sid:
- 	@sh ./tsid 2>/dev/null
- 
-test_req: ../apps/openssl$(EXE_EXT) treq testreq.pem testreq2.pem
-+test_req:
- 	@sh ./treq 2>/dev/null
- 	@sh ./treq testreq2.pem 2>/dev/null
- 
-test_pkcs7: ../apps/openssl$(EXE_EXT) tpkcs7 tpkcs7d testp7.pem pkcs7-1.pem
-+test_pkcs7:
- 	@sh ./tpkcs7 2>/dev/null
- 	@sh ./tpkcs7d 2>/dev/null
- 
-test_bn: $(BNTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) bctest
-+test_bn:
- 	@echo starting big number library test, could take a while...
- 	@../util/shlib_wrap.sh ./$(BNTEST) >tmp.bntest
- 	@echo quit >>tmp.bntest
-@@ -250,33 +250,33 @@
- 	@echo 'test a^b%c implementations'
- 	../util/shlib_wrap.sh ./$(EXPTEST)
- 
-test_ec: $(ECTEST)$(EXE_EXT)
-+test_ec:
- 	@echo 'test elliptic curves'
- 	../util/shlib_wrap.sh ./$(ECTEST)
- 
-test_ecdsa: $(ECDSATEST)$(EXE_EXT)
-+test_ecdsa:
- 	@echo 'test ecdsa'
- 	../util/shlib_wrap.sh ./$(ECDSATEST)
- 
-test_ecdh: $(ECDHTEST)$(EXE_EXT)
-+test_ecdh:
- 	@echo 'test ecdh'
- 	../util/shlib_wrap.sh ./$(ECDHTEST)
- 
-test_verify: ../apps/openssl$(EXE_EXT)
-+test_verify:
- 	@echo "The following command should have some OK's and some failures"
- 	@echo "There are definitly a few expired certificates"
- 	../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs/demo ../certs/demo/*.pem
- 
-test_dh: $(DHTEST)$(EXE_EXT)
-+test_dh:
- 	@echo "Generate a set of DH parameters"
- 	../util/shlib_wrap.sh ./$(DHTEST)
- 
-test_dsa: $(DSATEST)$(EXE_EXT)
-+test_dsa:
- 	@echo "Generate a set of DSA parameters"
- 	../util/shlib_wrap.sh ./$(DSATEST)
- 	../util/shlib_wrap.sh ./$(DSATEST) -app2_1
- 
-test_gen testreq.pem: ../apps/openssl$(EXE_EXT) testgen test.cnf
-+test_gen testreq.pem:
- 	@echo "Generate and verify a certificate request"
- 	@sh ./testgen
- 
-@@ -288,13 +288,11 @@
- 	@cat certCA.ss certU.ss > intP1.ss
- 	@cat certCA.ss certU.ss certP1.ss > intP2.ss
- 
-test_engine:  $(ENGINETEST)$(EXE_EXT)
-+test_engine:
- 	@echo "Manipulate the ENGINE structures"
- 	../util/shlib_wrap.sh ./$(ENGINETEST)
- 
-test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
-		intP1.ss intP2.ss $(SSLTEST)$(EXE_EXT) testssl testsslproxy \
-		../apps/server2.pem serverinfo.pem
-+test_ssl:
- 	@echo "test SSL protocol"
- 	@if [ -n "$(FIPSCANLIB)" ]; then \
- 	  sh ./testfipsssl keyU.ss certU.ss certCA.ss; \
-@@ -304,7 +302,7 @@
- 	@sh ./testsslproxy keyP1.ss certP1.ss intP1.ss
- 	@sh ./testsslproxy keyP2.ss certP2.ss intP2.ss
- 
-test_ca: ../apps/openssl$(EXE_EXT) testca CAss.cnf Uss.cnf
-+test_ca:
- 	@if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
- 	  echo "skipping CA.sh test -- requires RSA"; \
- 	else \
-@@ -312,11 +310,11 @@
- 	  sh ./testca; \
- 	fi
- 
-test_aes: #$(AESTEST)
-+test_aes:
- #	@echo "test Rijndael"
- #	../util/shlib_wrap.sh ./$(AESTEST)
- 
-test_tsa: ../apps/openssl$(EXE_EXT) testtsa CAtsa.cnf ../util/shlib_wrap.sh
-+test_tsa:
- 	@if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
- 	  echo "skipping testtsa test -- requires RSA"; \
- 	else \
-@@ -331,7 +329,7 @@
- 	@echo "Test JPAKE"
- 	../util/shlib_wrap.sh ./$(JPAKETEST)
- 
-test_cms: ../apps/openssl$(EXE_EXT) cms-test.pl smcont.txt
-+test_cms:
- 	@echo "CMS consistency test"
- 	$(PERL) cms-test.pl
- 
-@@ -339,22 +337,22 @@
- 	@echo "Test SRP"
- 	../util/shlib_wrap.sh ./srptest
- 
-test_ocsp: ../apps/openssl$(EXE_EXT) tocsp
-+test_ocsp:
- 	@echo "Test OCSP"
- 	@sh ./tocsp
- 
-test_v3name: $(V3NAMETEST)$(EXE_EXT)
-+test_v3name:
- 	@echo "Test X509v3_check_*"
- 	../util/shlib_wrap.sh ./$(V3NAMETEST)
- 
- test_heartbeat:
- 	../util/shlib_wrap.sh ./$(HEARTBEATTEST)
- 
-test_constant_time: $(CONSTTIMETEST)$(EXE_EXT)
-+test_constant_time:
- 	@echo "Test constant time utilites"
- 	../util/shlib_wrap.sh ./$(CONSTTIMETEST)
- 
-test_verify_extra: $(VERIFYEXTRATEST)$(EXE_EXT)
-+test_verify_extra:
- 	@echo $(START) $@
- 	../util/shlib_wrap.sh ./$(VERIFYEXTRATEST)
- 
@@ -1,20 +0,0 @@
-Allow passing custom c-flags to mkbuildinf.pl in order to pass
-flags without any build host references
-
-Upstream-Status: Inappropriate [OE specific]
-
-Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
-
--- Makefile	2018-03-06 14:50:18.342138147 -0800
-+++ Makefile	2018-03-06 15:24:04.794239071 -0800
--- a/crypto/Makefile
-+++ b/crypto/Makefile
-@@ -55,7 +55,7 @@
- all: shared
- 
- buildinf.h: ../Makefile
-	$(PERL) $(TOP)/util/mkbuildinf.pl "$(CC) $(CFLAGS)" "$(PLATFORM)" >buildinf.h
-+	$(PERL) $(TOP)/util/mkbuildinf.pl "$(CC_INFO)" "$(PLATFORM)" >buildinf.h
- 
- x86cpuid.s:	x86cpuid.pl perlasm/x86asm.pl
- 	$(PERL) x86cpuid.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
@@ -1,21 +0,0 @@
-If SOURCE_DATE_EPOCH is present in the environment, use it as build date.
-Also make sure to use UTC time.
-
-Upstream-Status: Backport [ https://github.com/openssl/openssl/blob/master/util/mkbuildinf.pl ]
-
-Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
-
--- mkbuildinf.pl	2018-03-06 14:20:09.438048058 -0800
-+++ mkbuildinf.pl	2018-03-06 14:19:20.722045632 -0800
--- a/util/mkbuildinf.pl
-+++ b/util/mkbuildinf.pl
-@@ -3,7 +3,8 @@
- my ($cflags, $platform) = @ARGV;
- 
- $cflags = "compiler: $cflags";
-$date = localtime();
-+my $date = gmtime($ENV{'SOURCE_DATE_EPOCH'} || time()) . " UTC";
-+
- print <<"END_OUTPUT";
- #ifndef MK1MF_BUILD
-     /* auto-generated by util/mkbuildinf.pl for crypto/cversion.c */
@@ -1,2 +0,0 @@
-#!/bin/sh
-make -k runtest
@@ -1,41 +0,0 @@
-Upstream-Status: Inappropriate [configuration]
-
-Index: openssl-1.0.1e/crypto/Makefile
-===================================================================
--- openssl-1.0.1e.orig/crypto/Makefile
-+++ openssl-1.0.1e/crypto/Makefile
-@@ -108,7 +108,7 @@ $(LIB):	$(LIBOBJ)
- 
- shared: buildinf.h lib subdirs
- 	if [ -n "$(SHARED_LIBS)" ]; then \
-		(cd ..; $(MAKE) $(SHARED_LIB)); \
-+		(cd ..; $(MAKE) -e $(SHARED_LIB)); \
- 	fi
- 
- libs:
-Index: openssl-1.0.1e/Makefile.org
-===================================================================
--- openssl-1.0.1e.orig/Makefile.org
-+++ openssl-1.0.1e/Makefile.org
-@@ -310,7 +310,7 @@ libcrypto$(SHLIB_EXT): libcrypto.a fips_
- 
- libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
- 	@if [ "$(SHLIB_TARGET)" != "" ]; then \
-		$(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
-+		$(MAKE) -e SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
- 	else \
- 		echo "There's no support for shared libraries on this platform" >&2; \
- 		exit 1; \
-Index: openssl-1.0.1e/ssl/Makefile
-===================================================================
--- openssl-1.0.1e.orig/ssl/Makefile
-+++ openssl-1.0.1e/ssl/Makefile
-@@ -62,7 +62,7 @@ lib:	$(LIBOBJ)
- 
- shared: lib
- 	if [ -n "$(SHARED_LIBS)" ]; then \
-		(cd ..; $(MAKE) $(SHARED_LIB)); \
-+		(cd ..; $(MAKE) -e $(SHARED_LIB)); \
- 	fi
- 
- files:
@@ -1,360 +0,0 @@
-SUMMARY = "Secure Socket Layer"
-DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools."
-HOMEPAGE = "http://www.openssl.org/"
-BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html"
-SECTION = "libs/network"
-
-# "openssl | SSLeay" dual license
-LICENSE = "openssl"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=f475368924827d06d4b416111c8bdb77"
-
-DEPENDS = "hostperl-runtime-native"
-DEPENDS_append_class-target = " openssl-native"
-
-SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
-           file://run-ptest \
-           file://openssl-c_rehash.sh \
-           file://configure-targets.patch \
-           file://shared-libs.patch \
-           file://oe-ldflags.patch \
-           file://engines-install-in-libdir-ssl.patch \
-           file://debian1.0.2/block_diginotar.patch \
-           file://debian1.0.2/block_digicert_malaysia.patch \
-           file://debian/c_rehash-compat.patch \
-           file://debian/debian-targets.patch \
-           file://debian/man-dir.patch \
-           file://debian/man-section.patch \
-           file://debian/no-rpath.patch \
-           file://debian/no-symbolic.patch \
-           file://debian/pic.patch \
-           file://debian1.0.2/version-script.patch \
-           file://debian1.0.2/soname.patch \
-           file://openssl_fix_for_x32.patch \
-           file://openssl-fix-des.pod-error.patch \
-           file://Makefiles-ptest.patch \
-           file://ptest-deps.patch \
-           file://ptest_makefile_deps.patch \
-           file://configure-musl-target.patch \
-           file://parallel.patch \
-           file://Use-SHA256-not-MD5-as-default-digest.patch \
-           file://0001-Fix-build-with-clang-using-external-assembler.patch \
-           file://0001-openssl-force-soft-link-to-avoid-rare-race.patch \
-           file://0001-allow-manpages-to-be-disabled.patch \
-           file://0001-Fix-BN_LLONG-breakage.patch \
-           file://0001-Fix-DES_LONG-breakage.patch \
-           "
-
-SRC_URI_append_class-target = " \
-           file://reproducible-cflags.patch \
-           file://reproducible-mkbuildinf.patch \
-           "
-
-SRC_URI_append_class-nativesdk = " \
-           file://environment.d-openssl.sh \
-           "
-
-SRC_URI[md5sum] = "0d2baaf04c56d542f6cc757b9c2a2aac"
-SRC_URI[sha256sum] = "ae51d08bba8a83958e894946f15303ff894d75c2b8bbd44a852b64e3fe11d0d6"
-
-S = "${WORKDIR}/openssl-${PV}"
-
-UPSTREAM_CHECK_REGEX = "openssl-(?P<pver>1\.0.+)\.tar"
-
-inherit pkgconfig siteinfo multilib_header ptest manpages
-
-PACKAGECONFIG ?= "cryptodev-linux"
-PACKAGECONFIG_class-native = ""
-PACKAGECONFIG_class-nativesdk = ""
-
-PACKAGECONFIG[cryptodev-linux] = "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS,,cryptodev-linux"
-PACKAGECONFIG[manpages] = ",,,"
-PACKAGECONFIG[perl] = ",,,"
-
-# Remove this to enable SSLv3. SSLv3 is defaulted to disabled due to the POODLE
-# vulnerability
-EXTRA_OECONF = "no-ssl3"
-
-EXTRA_OEMAKE = "${@bb.utils.contains('PACKAGECONFIG', 'manpages', '', 'OE_DISABLE_MANPAGES=1', d)}"
-
-export OE_LDFLAGS = "${LDFLAGS}"
-
-TERMIO ?= "-DTERMIO"
-TERMIO_libc-musl = "-DTERMIOS"
-EXTRA_OECONF_append_libc-musl_powerpc64 = " no-asm"
-
-CFLAG = "${@oe.utils.conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \
-         ${TERMIO} ${CFLAGS} -Wall"
-
-# Avoid binaries being marked as requiring an executable stack since they don't
-# (and it causes issues with SELinux)
-CFLAG += "-Wa,--noexecstack"
-
-CFLAG_append_class-native = " -fPIC"
-
-do_configure () {
-	# The crypto_use_bigint patch means that perl's bignum module needs to be
-	# installed, but some distributions (for example Fedora 23) don't ship it by
-	# default.  As the resulting error is very misleading check for bignum before
-	# building.
-	if ! perl -Mbigint -e true; then
-		bbfatal "The perl module 'bignum' was not found but this is required to build openssl.  Please install this module (often packaged as perl-bignum) and re-run bitbake."
-	fi
-
-	ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/
-
-	os=${HOST_OS}
-	case $os in
-	linux-gnueabi |\
-	linux-gnuspe |\
-	linux-musleabi |\
-	linux-muslspe |\
-	linux-musl )
-		os=linux
-		;;
-	*)
-		;;
-	esac
-	target="$os-${HOST_ARCH}"
-	case $target in
-	linux-arm)
-		target=linux-armv4
-		;;
-	linux-armeb)
-		target=linux-elf-armeb
-		;;
-	linux-aarch64*)
-		target=linux-aarch64
-		;;
-	linux-sh3)
-		target=debian-sh3
-		;;
-	linux-sh4)
-		target=debian-sh4
-		;;
-	linux-i486)
-		target=debian-i386-i486
-		;;
-	linux-i586 | linux-viac3)
-		target=debian-i386-i586
-		;;
-	linux-i686)
-		target=debian-i386-i686/cmov
-		;;
-	linux-gnux32-x86_64 | linux-muslx32-x86_64 )
-		target=linux-x32
-		;;
-	linux-gnu64-x86_64)
-		target=linux-x86_64
-		;;
-	linux-gnun32-mips*el)
-		target=debian-mipsn32el
-		;;
-	linux-gnun32-mips*)
-		target=debian-mipsn32
-		;;
-	linux-mips*64*el)
-		target=debian-mips64el
-		;;
-	linux-mips*64*)
-		target=debian-mips64
-		;;
-	linux-mips*el)
-		target=debian-mipsel
-		;;
-	linux-mips*)
-		target=debian-mips
-		;;
-	linux-microblaze* | linux-nios2* | linux-gnu*ilp32** | linux-arc*)
-		target=linux-generic32
-		;;
-	linux-powerpc)
-		target=linux-ppc
-		;;
-	linux-powerpc64)
-		target=linux-ppc64
-		;;
-	linux-riscv32)
-		target=linux-generic32
-		;;
-	linux-riscv64)
-		target=linux-generic64
-		;;
-	linux-sparc | linux-supersparc)
-		target=linux-sparcv8
-		;;
-	esac
-
-	# inject machine-specific flags
-	sed -i -e "s|^\(\"$target\",\s*\"[^:]\+\):\([^:]\+\)|\1:${CFLAG}|g" Configure
-
-	useprefix=${prefix}
-	if [ "x$useprefix" = "x" ]; then
-		useprefix=/
-	fi
-	libdirleaf="$( echo "${libdir}" | sed "s:^$useprefix/*::" )"
-	perl ./Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=$libdirleaf $target
-}
-
-do_compile () {
-	oe_runmake depend
-	oe_runmake
-}
-
-do_compile_class-target () {
-	sed -i 's/\((OPENSSL=\)".*"/\1"openssl"/' Makefile
-	oe_runmake depend
-	cc_sanitized=$(echo "${CC} ${CFLAG}" | sed -e 's,--sysroot=${STAGING_DIR_TARGET},,g' -e 's|${DEBUG_PREFIX_MAP}||g' -e 's/[ \t]\+/ /g')
-	oe_runmake CC_INFO="$cc_sanitized"
-}
-
-do_compile_ptest () {
-	oe_runmake buildtest
-}
-
-do_install () {
-	# Create ${D}/${prefix} to fix parallel issues
-	mkdir -p ${D}/${prefix}/
-
-	oe_runmake INSTALL_PREFIX="${D}" MANDIR="${mandir}" install
-
-	oe_libinstall -so libcrypto ${D}${libdir}
-	oe_libinstall -so libssl ${D}${libdir}
-
-	install -d ${D}${includedir}
-	cp --dereference -R include/openssl ${D}${includedir}
-
-	oe_multilib_header openssl/opensslconf.h
-
-	install -Dm 0755 ${WORKDIR}/openssl-c_rehash.sh ${D}${bindir}/c_rehash
-	sed -i -e 's,/etc/openssl,${sysconfdir}/ssl,g' ${D}${bindir}/c_rehash
-
-	if [ "${@bb.utils.filter('PACKAGECONFIG', 'perl', d)}" ]; then
-		sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/CA.pl
-		sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/tsget
-	else
-		rm -f ${D}${libdir}/ssl/misc/CA.pl ${D}${libdir}/ssl/misc/tsget
-	fi
-
-	# Create SSL structure for packages such as ca-certificates which
-	# contain hard-coded paths to /etc/ssl. Debian does the same.
-	install -d ${D}${sysconfdir}/ssl
-	mv ${D}${libdir}/ssl/certs \
-	   ${D}${libdir}/ssl/private \
-	   ${D}${libdir}/ssl/openssl.cnf \
-	   ${D}${sysconfdir}/ssl/
-
-	# Although absolute symlinks would be OK for the target, they become
-	# invalid if native or nativesdk are relocated from sstate.
-	ln -sf ${@oe.path.relative('${libdir}/ssl', '${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl/certs
-	ln -sf ${@oe.path.relative('${libdir}/ssl', '${sysconfdir}/ssl/private')} ${D}${libdir}/ssl/private
-	ln -sf ${@oe.path.relative('${libdir}/ssl', '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl/openssl.cnf
-
-	# Rename man pages to prefix openssl10-*
-	for f in `find ${D}${mandir} -type f`; do
-	    mv $f $(dirname $f)/openssl10-$(basename $f)
-	done
-	for f in `find ${D}${mandir} -type l`; do
-	    ln_f=`readlink $f`
-	    rm -f $f
-	    ln -s openssl10-$ln_f $(dirname $f)/openssl10-$(basename $f)
-	done
-}
-
-do_install_append_class-native () {
-	create_wrapper ${D}${bindir}/openssl \
-	    OPENSSL_CONF=${libdir}/ssl/openssl.cnf \
-	    SSL_CERT_DIR=${libdir}/ssl/certs \
-	    SSL_CERT_FILE=${libdir}/ssl/cert.pem \
-	    OPENSSL_ENGINES=${libdir}/ssl/engines
-}
-
-do_install_append_class-nativesdk () {
-	mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d
-	install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
-}
-
-do_install_ptest () {
-	cp -r -L Makefile.org Makefile test ${D}${PTEST_PATH}
-
-	# Replace the path to native perl with the path to target perl
-	sed -i 's,^PERL=.*,PERL=${bindir}/perl,' ${D}${PTEST_PATH}/Makefile
-
-	cp Configure config e_os.h ${D}${PTEST_PATH}
-	cp -r -L include ${D}${PTEST_PATH}
-	ln -sf ${libdir}/libcrypto.a ${D}${PTEST_PATH}
-	ln -sf ${libdir}/libssl.a ${D}${PTEST_PATH}
-	mkdir -p ${D}${PTEST_PATH}/crypto
-	cp crypto/constant_time_locl.h ${D}${PTEST_PATH}/crypto
-	cp -r certs ${D}${PTEST_PATH}
-	mkdir -p ${D}${PTEST_PATH}/apps
-	ln -sf ${libdir}/ssl/misc/CA.sh  ${D}${PTEST_PATH}/apps
-	ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${PTEST_PATH}/apps
-	ln -sf ${bindir}/openssl         ${D}${PTEST_PATH}/apps
-	cp apps/server.pem              ${D}${PTEST_PATH}/apps
-	cp apps/server2.pem             ${D}${PTEST_PATH}/apps
-	mkdir -p ${D}${PTEST_PATH}/util
-	install util/opensslwrap.sh    ${D}${PTEST_PATH}/util
-	install util/shlib_wrap.sh     ${D}${PTEST_PATH}/util
-	# Time stamps are relevant for "make alltests", otherwise
-	# make may try to recompile binaries. Not only must the
-	# binary files be newer than the sources, they also must
-	# be more recent than the header files in /usr/include.
-	#
-	# Using "cp -a" is not sufficient, because do_install
-	# does not preserve the original time stamps.
-	#
-	# So instead of using the original file stamps, we set
-	# the current time for all files. Binaries will get
-	# modified again later when stripping them, but that's okay.
-	touch ${D}${PTEST_PATH}
-	find ${D}${PTEST_PATH} -type f -print0 | xargs --verbose -0 touch -r ${D}${PTEST_PATH}
-
-	# exclude binary files or the package won't install
-	for d in ssltest_old v3ext x509aux; do
-		rm -rf ${D}${libdir}/${BPN}/ptest/test/$d
-	done
-
-	# Remove build host references
-	sed -i \
-	-e 's,--sysroot=${STAGING_DIR_TARGET},,g' \
-	-e 's|${DEBUG_PREFIX_MAP}||g' \
-	${D}${PTEST_PATH}/Makefile ${D}${PTEST_PATH}/Configure
-}
-
-# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto
-# package RRECOMMENDS on this package. This will enable the configuration
-# file to be installed for both the base openssl package and the libcrypto
-# package since the base openssl package depends on the libcrypto package.
-
-PACKAGES =+ "libcrypto10 libssl10 openssl10-conf ${PN}-engines ${PN}-misc"
-
-FILES_libcrypto10 = "${libdir}/libcrypto${SOLIBS}"
-FILES_libssl10 = "${libdir}/libssl${SOLIBS}"
-FILES_openssl10-conf = "${sysconfdir}/ssl/openssl.cnf"
-FILES_${PN}-engines = "${libdir}/ssl/engines/*.so ${libdir}/engines"
-FILES_${PN}-misc = "${libdir}/ssl/misc"
-FILES_${PN} =+ "${libdir}/ssl/*"
-FILES_${PN}_append_class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh"
-
-CONFFILES_openssl10-conf = "${sysconfdir}/ssl/openssl.cnf"
-
-RRECOMMENDS_libcrypto10 += "openssl10-conf"
-RDEPENDS_${PN}-misc = "${@bb.utils.filter('PACKAGECONFIG', 'perl', d)}"
-RDEPENDS_${PN}-ptest += "${PN}-misc make perl perl-module-filehandle bc"
-
-BBCLASSEXTEND = "native nativesdk"
-PACKAGE_PREPROCESS_FUNCS += "openssl_package_preprocess"
-
-# openssl 1.0 development files and executable binaries clash with openssl 1.1
-# files when installed into target rootfs. So we don't put them into
-# packages, but they continue to be provided via target sysroot for
-# cross-compilation on the host, if some software still depends on openssl 1.0.
-openssl_package_preprocess () {
-        for file in `find ${PKGD} -name *.h -o -name *.pc -o -name *.so`; do
-                rm $file
-        done
-        rm ${PKGD}${bindir}/openssl
-        rm ${PKGD}${bindir}/c_rehash
-        rmdir ${PKGD}${bindir}
-
-}
@@ -199,8 +199,4 @@ CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
 RRECOMMENDS_libcrypto += "openssl-conf"
 RDEPENDS_${PN}-ptest += "openssl-bin perl perl-modules bash"

-RPROVIDES_openssl-conf = "openssl10-conf"
-RREPLACES_openssl-conf = "openssl10-conf"
-RCONFLICTS_openssl-conf = "openssl10-conf"
-
 BBCLASSEXTEND = "native nativesdk"