@@ -1,4 +1,4 @@
-From 5ba65051fea0513db0d997f0ab7cafb9826ed74a Mon Sep 17 00:00:00 2001
+From 9169682ce2fe687d6464768a3a0b89c7c491376e Mon Sep 17 00:00:00 2001
From: William Lyu <William.Lyu@windriver.com>
Date: Fri, 20 Oct 2023 16:22:37 -0400
Subject: [PATCH] Added handshake history reporting when test fails
@@ -6,6 +6,7 @@ Subject: [PATCH] Added handshake history reporting when test fails
Upstream-Status: Submitted [https://github.com/openssl/openssl/pull/22481]
Signed-off-by: William Lyu <William.Lyu@windriver.com>
+
---
test/helpers/handshake.c | 139 +++++++++++++++++++++++++++++----------
test/helpers/handshake.h | 70 +++++++++++++++++++-
@@ -13,7 +14,7 @@ Signed-off-by: William Lyu <William.Lyu@windriver.com>
3 files changed, 218 insertions(+), 35 deletions(-)
diff --git a/test/helpers/handshake.c b/test/helpers/handshake.c
-index e0422469e4..ae2ad59dd4 100644
+index e042246..ae2ad59 100644
--- a/test/helpers/handshake.c
+++ b/test/helpers/handshake.c
@@ -1,5 +1,5 @@
@@ -26,7 +27,7 @@ index e0422469e4..ae2ad59dd4 100644
@@ -24,6 +24,102 @@
#include <netinet/sctp.h>
#endif
-
+
+/* Shamelessly copied from test/helpers/ssl_test_ctx.c */
+/* Maps string names to various enumeration type */
+typedef struct {
@@ -129,7 +130,7 @@ index e0422469e4..ae2ad59dd4 100644
@@ -719,15 +815,6 @@ static void configure_handshake_ssl(SSL *server, SSL *client,
SSL_set_post_handshake_auth(client, 1);
}
-
+
-/* The status for each connection phase. */
-typedef enum {
- PEER_SUCCESS,
@@ -145,7 +146,7 @@ index e0422469e4..ae2ad59dd4 100644
@@ -1074,17 +1161,6 @@ static void do_shutdown_step(PEER *peer)
}
}
-
+
-typedef enum {
- HANDSHAKE,
- RENEG_APPLICATION_DATA,
@@ -163,7 +164,7 @@ index e0422469e4..ae2ad59dd4 100644
@@ -1162,19 +1238,6 @@ static void do_connect_step(const SSL_TEST_CTX *test_ctx, PEER *peer,
}
}
-
+
-typedef enum {
- /* Both parties succeeded. */
- HANDSHAKE_SUCCESS,
@@ -181,9 +182,9 @@ index e0422469e4..ae2ad59dd4 100644
* Determine the handshake outcome.
* last_status: the status of the peer to have acted last.
@@ -1539,6 +1602,10 @@ static HANDSHAKE_RESULT *do_handshake_internal(
-
+
start = time(NULL);
-
+
+ save_loop_history(&(ret->history),
+ phase, status, server.status, client.status,
+ client_turn_count, client_turn);
@@ -194,7 +195,7 @@ index e0422469e4..ae2ad59dd4 100644
@@ -1560,6 +1627,10 @@ static HANDSHAKE_RESULT *do_handshake_internal(
0 /* server went last */);
}
-
+
+ save_loop_history(&(ret->history),
+ phase, status, server.status, client.status,
+ client_turn_count, client_turn);
@@ -203,7 +204,7 @@ index e0422469e4..ae2ad59dd4 100644
case HANDSHAKE_SUCCESS:
client_turn_count = 0;
diff --git a/test/helpers/handshake.h b/test/helpers/handshake.h
-index 78b03f9f4b..b9967c2623 100644
+index 78b03f9..b9967c2 100644
--- a/test/helpers/handshake.h
+++ b/test/helpers/handshake.h
@@ -1,5 +1,5 @@
@@ -214,9 +215,9 @@ index 78b03f9f4b..b9967c2623 100644
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,6 +12,11 @@
-
+
#include "ssl_test_ctx.h"
-
+
+#define MAX_HANDSHAKE_HISTORY_ENTRY_BIT 4
+#define MAX_HANDSHAKE_HISTORY_ENTRY (1 << MAX_HANDSHAKE_HISTORY_ENTRY_BIT)
+#define MAX_HANDSHAKE_HISTORY_ENTRY_IDX_MASK \
@@ -228,7 +229,7 @@ index 78b03f9f4b..b9967c2623 100644
@@ -22,6 +27,63 @@ typedef struct ctx_data_st {
char *session_ticket_app_data;
} CTX_DATA;
-
+
+typedef enum {
+ HANDSHAKE,
+ RENEG_APPLICATION_DATA,
@@ -296,25 +297,25 @@ index 78b03f9f4b..b9967c2623 100644
+ /* handshake loop history */
+ HANDSHAKE_HISTORY history;
} HANDSHAKE_RESULT;
-
+
HANDSHAKE_RESULT *HANDSHAKE_RESULT_new(void);
@@ -95,4 +159,8 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
CTX_DATA *server2_ctx_data,
CTX_DATA *client_ctx_data);
-
+
+const char *handshake_connect_phase_name(connect_phase_t phase);
+const char *handshake_status_name(handshake_status_t handshake_status);
+const char *handshake_peer_status_name(peer_status_t peer_status);
+
#endif /* OSSL_TEST_HANDSHAKE_HELPER_H */
diff --git a/test/ssl_test.c b/test/ssl_test.c
-index ea608518f9..9d6b093c81 100644
+index ea60851..9d6b093 100644
--- a/test/ssl_test.c
+++ b/test/ssl_test.c
@@ -26,6 +26,44 @@ static OSSL_LIB_CTX *libctx = NULL;
/* Currently the section names are of the form test-<number>, e.g. test-15. */
#define MAX_TESTCASE_NAME_LENGTH 100
-
+
+static void print_handshake_history(const HANDSHAKE_HISTORY *history)
+{
+ size_t first_idx;
@@ -368,7 +369,4 @@ index ea608518f9..9d6b093c81 100644
+
return ret;
}
-
---
-2.25.1
-
+
@@ -1,4 +1,4 @@
-From 0377f0d5b5c1079e3b9a80881f4dcc891cbe9f9a Mon Sep 17 00:00:00 2001
+From e335d662b63000b672222ce8cd7e832cf7a4150f Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex@linutronix.de>
Date: Tue, 30 May 2023 09:11:27 -0700
Subject: [PATCH] Configure: do not tweak mips cflags
@@ -12,15 +12,16 @@ Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Refreshed for openssl-3.1.1
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
+
---
Configure | 10 ----------
1 file changed, 10 deletions(-)
diff --git a/Configure b/Configure
-index 4569952..adf019b 100755
+index cca1ac8..45a12b1 100755
--- a/Configure
+++ b/Configure
-@@ -1422,16 +1422,6 @@ if ($target =~ /^mingw/ && `$config{CC} --target-help 2>&1` =~ m/-mno-cygwin/m)
+@@ -1485,16 +1485,6 @@ if ($target =~ /^mingw/ && `$config{CC} --target-help 2>&1` =~ m/-mno-cygwin/m)
push @{$config{shared_ldflag}}, "-mno-cygwin";
}
@@ -1,4 +1,4 @@
-From 5985253f2c9025d7c127443a3a9938946f80c2a1 Mon Sep 17 00:00:00 2001
+From bc8aacbe96b1716d060622d7dba0a05fabe6c17b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Martin=20Hundeb=C3=B8ll?= <martin@geanix.com>
Date: Tue, 6 Nov 2018 14:50:47 +0100
Subject: [PATCH] buildinfo: strip sysroot and debug-prefix-map from compiler
@@ -34,11 +34,11 @@ Signed-off-by: Khem Raj <raj.khem@gmail.com>
crypto/build.info | 2 +-
2 files changed, 12 insertions(+), 2 deletions(-)
-Index: openssl-3.0.4/Configurations/unix-Makefile.tmpl
-===================================================================
---- openssl-3.0.4.orig/Configurations/unix-Makefile.tmpl
-+++ openssl-3.0.4/Configurations/unix-Makefile.tmpl
-@@ -472,13 +472,23 @@ BIN_LDFLAGS={- join(' ', $target{bin_lfl
+diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl
+index b3350a1..5e8879a 100644
+--- a/Configurations/unix-Makefile.tmpl
++++ b/Configurations/unix-Makefile.tmpl
+@@ -481,13 +481,23 @@ BIN_LDFLAGS={- join(' ', $target{bin_lflags} || (),
'$(CNF_LDFLAGS)', '$(LDFLAGS)') -}
BIN_EX_LIBS=$(CNF_EX_LIBS) $(EX_LIBS)
@@ -63,11 +63,11 @@ Index: openssl-3.0.4/Configurations/unix-Makefile.tmpl
PERLASM_SCHEME= {- $target{perlasm_scheme} -}
# For x86 assembler: Set PROCESSOR to 386 if you want to support
-Index: openssl-3.0.4/crypto/build.info
-===================================================================
---- openssl-3.0.4.orig/crypto/build.info
-+++ openssl-3.0.4/crypto/build.info
-@@ -109,7 +109,7 @@ DEFINE[../libcrypto]=$UPLINKDEF
+diff --git a/crypto/build.info b/crypto/build.info
+index 2d5b22f..9623f02 100644
+--- a/crypto/build.info
++++ b/crypto/build.info
+@@ -115,7 +115,7 @@ DEFINE[../libcrypto]=$UPLINKDEF
DEPEND[info.o]=buildinf.h
DEPEND[cversion.o]=buildinf.h
deleted file mode 100644
@@ -1,31 +0,0 @@
-From b51031b05f72923ff1cf3b6a4767450dee89d7f4 Mon Sep 17 00:00:00 2001
-From: Grant Nichol <me@grantnichol.com>
-Date: Fri, 22 Dec 2023 23:46:39 -0600
-Subject: [PATCH] riscv: Fix mispelling of extension test macro
-
-When refactoring the riscv extension test macros,
-RISCV_HAS_ZKND_AND_ZKNE was mispelled.
-
-CLA: trivial
-Upstream-Status: Backport [https://github.com/openssl/openssl/pull/23139]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- providers/implementations/ciphers/cipher_aes_xts_hw.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/providers/implementations/ciphers/cipher_aes_xts_hw.c b/providers/implementations/ciphers/cipher_aes_xts_hw.c
-index 564d6d6..4cf1361 100644
---- a/providers/implementations/ciphers/cipher_aes_xts_hw.c
-+++ b/providers/implementations/ciphers/cipher_aes_xts_hw.c
-@@ -225,7 +225,7 @@ static const PROV_CIPHER_HW aes_xts_rv32i_zbkb_zknd_zkne = { \
- # define PROV_CIPHER_HW_select_xts() \
- if (RISCV_HAS_ZBKB_AND_ZKND_AND_ZKNE()) \
- return &aes_xts_rv32i_zbkb_zknd_zkne; \
--if (RISCV_HAS_ZKND_ZKNE()) \
-+if (RISCV_HAS_ZKND_AND_ZKNE()) \
- return &aes_xts_rv32i_zknd_zkne;
- # else
- /* The generic case */
-2.43.0
-
deleted file mode 100644
@@ -1,35 +0,0 @@
-From ad347c9ff0fd93bdd2fa2085611c65b88e94829f Mon Sep 17 00:00:00 2001
-From: "fangming.fang" <fangming.fang@arm.com>
-Date: Thu, 7 Dec 2023 06:17:51 +0000
-Subject: [PATCH] Enable BTI feature for md5 on aarch64
-
-Fixes: #22959
-
-Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
-Reviewed-by: Tomas Mraz <tomas@openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/22971)
-
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
----
- crypto/md5/asm/md5-aarch64.pl | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/crypto/md5/asm/md5-aarch64.pl b/crypto/md5/asm/md5-aarch64.pl
-index 3200a0fa9bff0..5a8608069691d 100755
---- a/crypto/md5/asm/md5-aarch64.pl
-+++ b/crypto/md5/asm/md5-aarch64.pl
-@@ -28,10 +28,13 @@
- *STDOUT=*OUT;
-
- $code .= <<EOF;
-+#include "arm_arch.h"
-+
- .text
- .globl ossl_md5_block_asm_data_order
- .type ossl_md5_block_asm_data_order,\@function
- ossl_md5_block_asm_data_order:
-+ AARCH64_VALID_CALL_TARGET
- // Save all callee-saved registers
- stp x19,x20,[sp,#-80]!
- stp x21,x22,[sp,#16]
similarity index 97%
rename from meta/recipes-connectivity/openssl/openssl_3.2.0.bb
rename to meta/recipes-connectivity/openssl/openssl_3.2.1.bb
@@ -12,15 +12,14 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \
file://0001-Configure-do-not-tweak-mips-cflags.patch \
file://0001-Added-handshake-history-reporting-when-test-fails.patch \
- file://aarch64-bti.patch \
- file://0001-riscv-Fix-mispelling-of-extension-test-macro.patch \
+ file://environment.d-openssl.sh \
"
SRC_URI:append:class-nativesdk = " \
file://environment.d-openssl.sh \
"
-SRC_URI[sha256sum] = "14c826f07c7e433706fb5c69fa9e25dab95684844b4c962a2cf1bf183eb4690e"
+SRC_URI[sha256sum] = "83c7329fe52c850677d75e5d0b0ca245309b97e8ecbcfdc1dfdc4ab9fac35b39"
inherit lib_package multilib_header multilib_script ptest perlnative manpages
MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
Hello, this email is a notification from the Auto Upgrade Helper that the automatic attempt to upgrade the recipe *openssl* to *3.2.1* has Succeeded. Next steps: - apply the patch: git am 0001-openssl-upgrade-3.2.0-3.2.1.patch - check the changes to upstream patches and summarize them in the commit message, - compile an image that contains the package - perform some basic sanity tests - amend the patch and sign it off: git commit -s --reset-author --amend - send it to the appropriate mailing list Alternatively, if you believe the recipe should not be upgraded at this time, you can fill RECIPE_NO_UPDATE_REASON in respective recipe file so that automatic upgrades would no longer be attempted. Please review the attached files for further information and build/update failures. Any problem please file a bug at https://bugzilla.yoctoproject.org/enter_bug.cgi?product=Automated%20Update%20Handler Regards, The Upgrade Helper -- >8 -- From 2b386454da751183fbf2be59ab5d57b9d9acc8ef Mon Sep 17 00:00:00 2001 From: Upgrade Helper <auh@yoctoproject.org> Date: Thu, 1 Feb 2024 05:31:49 +0000 Subject: [PATCH] openssl: upgrade 3.2.0 -> 3.2.1 --- ...ke-history-reporting-when-test-fails.patch | 40 +++++++++---------- ...1-Configure-do-not-tweak-mips-cflags.patch | 7 ++-- ...sysroot-and-debug-prefix-map-from-co.patch | 22 +++++----- ...x-mispelling-of-extension-test-macro.patch | 31 -------------- .../openssl/openssl/aarch64-bti.patch | 35 ---------------- .../{openssl_3.2.0.bb => openssl_3.2.1.bb} | 5 +-- 6 files changed, 36 insertions(+), 104 deletions(-) delete mode 100644 meta/recipes-connectivity/openssl/openssl/0001-riscv-Fix-mispelling-of-extension-test-macro.patch delete mode 100644 meta/recipes-connectivity/openssl/openssl/aarch64-bti.patch rename meta/recipes-connectivity/openssl/{openssl_3.2.0.bb => openssl_3.2.1.bb} (97%)