openwrt

ExternalVendorCode/openwrt

Fork 0

mirror of https://github.com/openwrt/openwrt.git synced 2025-01-01 03:26:51 +00:00

Commit Graph

Author SHA1 Message Date

Author	SHA1	Message	Date
John Audia	b3b3428a0e	openssl: bump to 1.1.1s Changes between 1.1.1r and 1.1.1s [1 Nov 2022] ) Fixed a regression introduced in 1.1.1r version not refreshing the certificate data to be signed before signing the certificate. [Gibeom Gwon] Changes between 1.1.1q and 1.1.1r [11 Oct 2022] ) Fixed the linux-mips64 Configure target which was missing the SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that platform. [Adam Joseph] ) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was causing incorrect results in some cases as a result. [Paul Dale] ) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to report correct results in some cases [Matt Caswell] ) Fixed a regression introduced in 1.1.1o for re-signing certificates with different key sizes [Todd Short] ) Added the loongarch64 target [Shi Pujin] ) Fixed a DRBG seed propagation thread safety issue [Bernd Edlinger] ) Fixed a memory leak in tls13_generate_secret [Bernd Edlinger] ) Fixed reported performance degradation on aarch64. Restored the implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid 32-bit lane assignment in CTR mode") for 64bit targets only, since it is reportedly 2-17% slower and the silicon errata only affects 32bit targets. The new algorithm is still used for 32 bit targets. [Bernd Edlinger] ) Added a missing header for memcmp that caused compilation failure on some platforms [Gregor Jasny] Build system: x86_64 Build-tested: bcm2711/RPi4B Run-tested: bcm2711/RPi4B Signed-off-by: John Audia <therealgraysky@proton.me> (cherry picked from commit `a0814f04ed`)	2022-11-05 22:44:16 +01:00
Eneas U de Queiroz	def9565be6	openssl: bump to 1.1.1m This is a bugfix release. Changelog: ) Avoid loading of a dynamic engine twice. ) Fixed building on Debian with kfreebsd kernels ) Prioritise DANE TLSA issuer certs over peer certs ) Fixed random API for MacOS prior to 10.12 Patches were refreshed. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>	2022-01-01 18:02:49 +01:00
Stijn Tintel	ac8673ff85	openssl: add ppc64 support Backport an upstream patch that adds support for ELFv2 ABI on big endian ppc64. As musl only supports ELFv2 ABI on ppc64 regardless of endianness, this is required to be able to build OpenSSL for ppc64be. Modify our targets patch to add linux-powerpc64-openwrt, which will use the linux64v2 perlasm scheme. This will probably break the combination ppc64 with glibc, but as we really only want to support musl, this shouldn't be a problem. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Acked-by: Rui Salvaterra <rsalvaterra@gmail.com>	2021-12-21 21:36:38 +02:00

John Audia

b3b3428a0e

openssl: bump to 1.1.1s

Changes between 1.1.1r and 1.1.1s [1 Nov 2022]

  *) Fixed a regression introduced in 1.1.1r version not refreshing the
     certificate data to be signed before signing the certificate.
     [Gibeom Gwon]

 Changes between 1.1.1q and 1.1.1r [11 Oct 2022]

  *) Fixed the linux-mips64 Configure target which was missing the
     SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
     platform.
     [Adam Joseph]

  *) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
     causing incorrect results in some cases as a result.
     [Paul Dale]

  *) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
     report correct results in some cases
     [Matt Caswell]

  *) Fixed a regression introduced in 1.1.1o for re-signing certificates with
     different key sizes
     [Todd Short]

  *) Added the loongarch64 target
     [Shi Pujin]

  *) Fixed a DRBG seed propagation thread safety issue
     [Bernd Edlinger]

  *) Fixed a memory leak in tls13_generate_secret
     [Bernd Edlinger]

  *) Fixed reported performance degradation on aarch64. Restored the
     implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
     32-bit lane assignment in CTR mode") for 64bit targets only, since it is
     reportedly 2-17% slower and the silicon errata only affects 32bit targets.
     The new algorithm is still used for 32 bit targets.
     [Bernd Edlinger]

  *) Added a missing header for memcmp that caused compilation failure on some
     platforms
     [Gregor Jasny]

Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit a0814f04ed)

2022-11-05 22:44:16 +01:00

Eneas U de Queiroz

def9565be6

openssl: bump to 1.1.1m

This is a bugfix release.  Changelog:

  *) Avoid loading of a dynamic engine twice.
  *) Fixed building on Debian with kfreebsd kernels
  *) Prioritise DANE TLSA issuer certs over peer certs
  *) Fixed random API for MacOS prior to 10.12

Patches were refreshed.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>

2022-01-01 18:02:49 +01:00

Stijn Tintel

ac8673ff85

openssl: add ppc64 support

Backport an upstream patch that adds support for ELFv2 ABI on big endian
ppc64. As musl only supports ELFv2 ABI on ppc64 regardless of
endianness, this is required to be able to build OpenSSL for ppc64be.

Modify our targets patch to add linux-powerpc64-openwrt, which will use
the linux64v2 perlasm scheme. This will probably break the combination
ppc64 with glibc, but as we really only want to support musl, this
shouldn't be a problem.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Rui Salvaterra <rsalvaterra@gmail.com>

2021-12-21 21:36:38 +02:00

3 Commits