| Message ID | 20190207062526.33944-1-raj.khem@gmail.com |
|---|---|
| State | Accepted |
| Commit | f787b0bb9b0626ddbf2ac94cb206c76716a3773d |
| Headers | show |
| Series | openssl10: Fix mutliple include assumptions for bn.h in opensslconf.h | expand |
Khem, Richard, Sorry for belated reply. I haven't had time for master yet, but since this just got backported to thud, I'm seeing a similar breakage. First of all, BN_LLONG not being defined does seem to be "fixed" by this patch, but I'm not entirely sure why it now checks for OPENSSL_SYS_UEFI - this seems to be a new define in OpenSSL 1.1, and doesn't even exist in OpenSSL 1.0 Is it a pure luck that it works now? Any hidden meaning I missded? And it also breaks exactly the same for DES_LONG due to a similar construct: #if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a * %20 speed up (longs are 8 bytes, int's are 4). */ #ifndef DES_LONG #define DES_LONG unsigned int #endif #endif I was going to fix it similarly as BN_LLONG, but since I don't understand how it was supposed to be fixed, I'm not sure how to fix DES_LONG not being defined. Any ideas? Thanks. -- Denys On Wed, Feb 06, 2019 at 10:25:26PM -0800, Khem Raj wrote: > After adding #pragma once to wrapper header ( opensslconf.h ) this > latent issue got to bite us, where it expect bn.h to be including > openssl.h to define BN_* defines, which is fragile. This patch removes > the contraints for nested includes for bn.h > > Signed-off-by: Khem Raj <raj.khem@gmail.com> > --- > .../0001-Fix-BN_LLONG-breakage.patch | 33 +++++++++++++++++++ > .../openssl/openssl10_1.0.2q.bb | 1 + > 2 files changed, 34 insertions(+) > create mode 100644 meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch > > diff --git a/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch > new file mode 100644 > index 0000000000..13d39c918c > --- /dev/null > +++ b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch > @@ -0,0 +1,33 @@ > +From 247b3188cde5f3347091cd54271127386d3aece0 Mon Sep 17 00:00:00 2001 > +From: Khem Raj <raj.khem@gmail.com> > +Date: Wed, 6 Feb 2019 22:10:33 -0800 > +Subject: [PATCH] Fix BN_LLONG breakage > + > +opensslconf.h is un-defining BN_LLONG only when included from bn.h which > +is not robust at all, especially when include guards are used and > +multiple inclusions of a given header is not allowed. so lets take out > +the nesting constraint and add OPENSSL_SYS_UEFI constraint instead > + > +Upstream-Status: Inappropriate [ fixed differently with OpenSSL 1.1+ ] > + > +Signed-off-by: Khem Raj <raj.khem@gmail.com> > +--- > + crypto/opensslconf.h.in | 2 +- > + 1 file changed, 1 insertion(+), 1 deletion(-) > + > +diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in > +index 7a1c85d..a10c10f 100644 > +--- a/crypto/opensslconf.h.in > ++++ b/crypto/opensslconf.h.in > +@@ -56,7 +56,7 @@ > + #endif > + #endif > + > +-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) > ++#if !defined(OPENSSL_SYS_UEFI) && !defined(CONFIG_HEADER_BN_H) > + #define CONFIG_HEADER_BN_H > + #undef BN_LLONG > + > +-- > +2.20.1 > + > diff --git a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb > index 809634f6c0..88aefdea4f 100644 > --- a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb > +++ b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb > @@ -40,6 +40,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ > file://0001-Fix-build-with-clang-using-external-assembler.patch \ > file://0001-openssl-force-soft-link-to-avoid-rare-race.patch \ > file://0001-allow-manpages-to-be-disabled.patch \ > + file://0001-Fix-BN_LLONG-breakage.patch \ > " > > SRC_URI_append_class-target = " \ > -- > 2.20.1 > > -- > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-core -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
Ping. Any comments here? Thanks! On Mon, Feb 25, 2019 at 10:19:51PM -0500, Denys Dmytriyenko wrote: > Khem, Richard, > > Sorry for belated reply. I haven't had time for master yet, but since this > just got backported to thud, I'm seeing a similar breakage. > > First of all, BN_LLONG not being defined does seem to be "fixed" by this > patch, but I'm not entirely sure why it now checks for OPENSSL_SYS_UEFI - this > seems to be a new define in OpenSSL 1.1, and doesn't even exist in OpenSSL 1.0 > Is it a pure luck that it works now? Any hidden meaning I missded? > > And it also breaks exactly the same for DES_LONG due to a similar construct: > > > #if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) > /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a > * %20 speed up (longs are 8 bytes, int's are 4). */ > #ifndef DES_LONG > #define DES_LONG unsigned int > #endif > #endif > > > I was going to fix it similarly as BN_LLONG, but since I don't understand how > it was supposed to be fixed, I'm not sure how to fix DES_LONG not being > defined. Any ideas? > > Thanks. > > -- > Denys > > > On Wed, Feb 06, 2019 at 10:25:26PM -0800, Khem Raj wrote: > > After adding #pragma once to wrapper header ( opensslconf.h ) this > > latent issue got to bite us, where it expect bn.h to be including > > openssl.h to define BN_* defines, which is fragile. This patch removes > > the contraints for nested includes for bn.h > > > > Signed-off-by: Khem Raj <raj.khem@gmail.com> > > --- > > .../0001-Fix-BN_LLONG-breakage.patch | 33 +++++++++++++++++++ > > .../openssl/openssl10_1.0.2q.bb | 1 + > > 2 files changed, 34 insertions(+) > > create mode 100644 meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch > > > > diff --git a/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch > > new file mode 100644 > > index 0000000000..13d39c918c > > --- /dev/null > > +++ b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch > > @@ -0,0 +1,33 @@ > > +From 247b3188cde5f3347091cd54271127386d3aece0 Mon Sep 17 00:00:00 2001 > > +From: Khem Raj <raj.khem@gmail.com> > > +Date: Wed, 6 Feb 2019 22:10:33 -0800 > > +Subject: [PATCH] Fix BN_LLONG breakage > > + > > +opensslconf.h is un-defining BN_LLONG only when included from bn.h which > > +is not robust at all, especially when include guards are used and > > +multiple inclusions of a given header is not allowed. so lets take out > > +the nesting constraint and add OPENSSL_SYS_UEFI constraint instead > > + > > +Upstream-Status: Inappropriate [ fixed differently with OpenSSL 1.1+ ] > > + > > +Signed-off-by: Khem Raj <raj.khem@gmail.com> > > +--- > > + crypto/opensslconf.h.in | 2 +- > > + 1 file changed, 1 insertion(+), 1 deletion(-) > > + > > +diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in > > +index 7a1c85d..a10c10f 100644 > > +--- a/crypto/opensslconf.h.in > > ++++ b/crypto/opensslconf.h.in > > +@@ -56,7 +56,7 @@ > > + #endif > > + #endif > > + > > +-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) > > ++#if !defined(OPENSSL_SYS_UEFI) && !defined(CONFIG_HEADER_BN_H) > > + #define CONFIG_HEADER_BN_H > > + #undef BN_LLONG > > + > > +-- > > +2.20.1 > > + > > diff --git a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb > > index 809634f6c0..88aefdea4f 100644 > > --- a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb > > +++ b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb > > @@ -40,6 +40,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ > > file://0001-Fix-build-with-clang-using-external-assembler.patch \ > > file://0001-openssl-force-soft-link-to-avoid-rare-race.patch \ > > file://0001-allow-manpages-to-be-disabled.patch \ > > + file://0001-Fix-BN_LLONG-breakage.patch \ > > " > > > > SRC_URI_append_class-target = " \ > > -- > > 2.20.1 > > > > -- > > _______________________________________________ > > Openembedded-core mailing list > > Openembedded-core@lists.openembedded.org > > http://lists.openembedded.org/mailman/listinfo/openembedded-core > -- > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-core -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
On Mon, Feb 25, 2019 at 7:19 PM Denys Dmytriyenko <denis@denix.org> wrote: > > Khem, Richard, > > Sorry for belated reply. I haven't had time for master yet, but since this > just got backported to thud, I'm seeing a similar breakage. > > First of all, BN_LLONG not being defined does seem to be "fixed" by this > patch, but I'm not entirely sure why it now checks for OPENSSL_SYS_UEFI - this > seems to be a new define in OpenSSL 1.1, and doesn't even exist in OpenSSL 1.0 > Is it a pure luck that it works now? Any hidden meaning I missded? > We don't have to, but then we might have uefi to compile so thats why its there. > And it also breaks exactly the same for DES_LONG due to a similar construct: yeah the header nesting is a nightmare in openssl 1.0, it is a bit better in 1.1, a lot of these recursions are fixed. but backporting then completely to 1.0 is not an option, so we have to do tweaks that sustains the build. > > > #if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) > /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a > * %20 speed up (longs are 8 bytes, int's are 4). */ > #ifndef DES_LONG > #define DES_LONG unsigned int > #endif > #endif > > > I was going to fix it similarly as BN_LLONG, but since I don't understand how > it was supposed to be fixed, I'm not sure how to fix DES_LONG not being > defined. Any ideas? > > Thanks. > > -- > Denys > > > On Wed, Feb 06, 2019 at 10:25:26PM -0800, Khem Raj wrote: > > After adding #pragma once to wrapper header ( opensslconf.h ) this > > latent issue got to bite us, where it expect bn.h to be including > > openssl.h to define BN_* defines, which is fragile. This patch removes > > the contraints for nested includes for bn.h > > > > Signed-off-by: Khem Raj <raj.khem@gmail.com> > > --- > > .../0001-Fix-BN_LLONG-breakage.patch | 33 +++++++++++++++++++ > > .../openssl/openssl10_1.0.2q.bb | 1 + > > 2 files changed, 34 insertions(+) > > create mode 100644 meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch > > > > diff --git a/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch > > new file mode 100644 > > index 0000000000..13d39c918c > > --- /dev/null > > +++ b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch > > @@ -0,0 +1,33 @@ > > +From 247b3188cde5f3347091cd54271127386d3aece0 Mon Sep 17 00:00:00 2001 > > +From: Khem Raj <raj.khem@gmail.com> > > +Date: Wed, 6 Feb 2019 22:10:33 -0800 > > +Subject: [PATCH] Fix BN_LLONG breakage > > + > > +opensslconf.h is un-defining BN_LLONG only when included from bn.h which > > +is not robust at all, especially when include guards are used and > > +multiple inclusions of a given header is not allowed. so lets take out > > +the nesting constraint and add OPENSSL_SYS_UEFI constraint instead > > + > > +Upstream-Status: Inappropriate [ fixed differently with OpenSSL 1.1+ ] > > + > > +Signed-off-by: Khem Raj <raj.khem@gmail.com> > > +--- > > + crypto/opensslconf.h.in | 2 +- > > + 1 file changed, 1 insertion(+), 1 deletion(-) > > + > > +diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in > > +index 7a1c85d..a10c10f 100644 > > +--- a/crypto/opensslconf.h.in > > ++++ b/crypto/opensslconf.h.in > > +@@ -56,7 +56,7 @@ > > + #endif > > + #endif > > + > > +-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) > > ++#if !defined(OPENSSL_SYS_UEFI) && !defined(CONFIG_HEADER_BN_H) > > + #define CONFIG_HEADER_BN_H > > + #undef BN_LLONG > > + > > +-- > > +2.20.1 > > + > > diff --git a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb > > index 809634f6c0..88aefdea4f 100644 > > --- a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb > > +++ b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb > > @@ -40,6 +40,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ > > file://0001-Fix-build-with-clang-using-external-assembler.patch \ > > file://0001-openssl-force-soft-link-to-avoid-rare-race.patch \ > > file://0001-allow-manpages-to-be-disabled.patch \ > > + file://0001-Fix-BN_LLONG-breakage.patch \ > > " > > > > SRC_URI_append_class-target = " \ > > -- > > 2.20.1 > > > > -- > > _______________________________________________ > > Openembedded-core mailing list > > Openembedded-core@lists.openembedded.org > > http://lists.openembedded.org/mailman/listinfo/openembedded-core -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
On Wed, Feb 27, 2019 at 05:51:23PM -0800, Khem Raj wrote: > On Mon, Feb 25, 2019 at 7:19 PM Denys Dmytriyenko <denis@denix.org> wrote: > > > > Khem, Richard, > > > > Sorry for belated reply. I haven't had time for master yet, but since this > > just got backported to thud, I'm seeing a similar breakage. > > > > First of all, BN_LLONG not being defined does seem to be "fixed" by this > > patch, but I'm not entirely sure why it now checks for OPENSSL_SYS_UEFI - this > > seems to be a new define in OpenSSL 1.1, and doesn't even exist in OpenSSL 1.0 > > Is it a pure luck that it works now? Any hidden meaning I missded? > > > > We don't have to, but then we might have uefi to compile so thats why its > there. Where is OPENSSL_SYS_UEFI supposed to be defined? There are 0 references to it in OpenSSL 1.0 code base. It appears to be introduced only in OpenSSL 1.1, since there are several references there. Hence my earlier question about whether it should be used here in the patch for 1.0.2q > > And it also breaks exactly the same for DES_LONG due to a similar construct: > > yeah the header nesting is a nightmare in openssl 1.0, it is a bit better > in 1.1, a lot of these recursions are fixed. but backporting then completely > to 1.0 is not an option, so we have to do tweaks that sustains the build. > > > > > > > #if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) > > /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a > > * %20 speed up (longs are 8 bytes, int's are 4). */ > > #ifndef DES_LONG > > #define DES_LONG unsigned int > > #endif > > #endif Would you recommend doing the same change here to fix DES_LONG not being defined due to nested header inclusion? > > I was going to fix it similarly as BN_LLONG, but since I don't understand how > > it was supposed to be fixed, I'm not sure how to fix DES_LONG not being > > defined. Any ideas? > > > > Thanks. > > > > -- > > Denys > > > > > > On Wed, Feb 06, 2019 at 10:25:26PM -0800, Khem Raj wrote: > > > After adding #pragma once to wrapper header ( opensslconf.h ) this > > > latent issue got to bite us, where it expect bn.h to be including > > > openssl.h to define BN_* defines, which is fragile. This patch removes > > > the contraints for nested includes for bn.h > > > > > > Signed-off-by: Khem Raj <raj.khem@gmail.com> > > > --- > > > .../0001-Fix-BN_LLONG-breakage.patch | 33 +++++++++++++++++++ > > > .../openssl/openssl10_1.0.2q.bb | 1 + > > > 2 files changed, 34 insertions(+) > > > create mode 100644 meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch > > > > > > diff --git a/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch > > > new file mode 100644 > > > index 0000000000..13d39c918c > > > --- /dev/null > > > +++ b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch > > > @@ -0,0 +1,33 @@ > > > +From 247b3188cde5f3347091cd54271127386d3aece0 Mon Sep 17 00:00:00 2001 > > > +From: Khem Raj <raj.khem@gmail.com> > > > +Date: Wed, 6 Feb 2019 22:10:33 -0800 > > > +Subject: [PATCH] Fix BN_LLONG breakage > > > + > > > +opensslconf.h is un-defining BN_LLONG only when included from bn.h which > > > +is not robust at all, especially when include guards are used and > > > +multiple inclusions of a given header is not allowed. so lets take out > > > +the nesting constraint and add OPENSSL_SYS_UEFI constraint instead > > > + > > > +Upstream-Status: Inappropriate [ fixed differently with OpenSSL 1.1+ ] > > > + > > > +Signed-off-by: Khem Raj <raj.khem@gmail.com> > > > +--- > > > + crypto/opensslconf.h.in | 2 +- > > > + 1 file changed, 1 insertion(+), 1 deletion(-) > > > + > > > +diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in > > > +index 7a1c85d..a10c10f 100644 > > > +--- a/crypto/opensslconf.h.in > > > ++++ b/crypto/opensslconf.h.in > > > +@@ -56,7 +56,7 @@ > > > + #endif > > > + #endif > > > + > > > +-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) > > > ++#if !defined(OPENSSL_SYS_UEFI) && !defined(CONFIG_HEADER_BN_H) > > > + #define CONFIG_HEADER_BN_H > > > + #undef BN_LLONG > > > + > > > +-- > > > +2.20.1 > > > + > > > diff --git a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb > > > index 809634f6c0..88aefdea4f 100644 > > > --- a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb > > > +++ b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb > > > @@ -40,6 +40,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ > > > file://0001-Fix-build-with-clang-using-external-assembler.patch \ > > > file://0001-openssl-force-soft-link-to-avoid-rare-race.patch \ > > > file://0001-allow-manpages-to-be-disabled.patch \ > > > + file://0001-Fix-BN_LLONG-breakage.patch \ > > > " > > > > > > SRC_URI_append_class-target = " \ > > > -- > > > 2.20.1 > > > > > > -- > > > _______________________________________________ > > > Openembedded-core mailing list > > > Openembedded-core@lists.openembedded.org > > > http://lists.openembedded.org/mailman/listinfo/openembedded-core > -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
On Fri, Mar 1, 2019 at 9:35 AM Denys Dmytriyenko <denis@denix.org> wrote: > > On Wed, Feb 27, 2019 at 05:51:23PM -0800, Khem Raj wrote: > > On Mon, Feb 25, 2019 at 7:19 PM Denys Dmytriyenko <denis@denix.org> wrote: > > > > > > Khem, Richard, > > > > > > Sorry for belated reply. I haven't had time for master yet, but since this > > > just got backported to thud, I'm seeing a similar breakage. > > > > > > First of all, BN_LLONG not being defined does seem to be "fixed" by this > > > patch, but I'm not entirely sure why it now checks for OPENSSL_SYS_UEFI - this > > > seems to be a new define in OpenSSL 1.1, and doesn't even exist in OpenSSL 1.0 > > > Is it a pure luck that it works now? Any hidden meaning I missded? > > > > > > > We don't have to, but then we might have uefi to compile so thats why its > > there. > > Where is OPENSSL_SYS_UEFI supposed to be defined? > some apps like uefi can do that. > There are 0 references to it in OpenSSL 1.0 code base. It appears to be > introduced only in OpenSSL 1.1, since there are several references there. > > Hence my earlier question about whether it should be used here in the patch > for 1.0.2q > > > > > And it also breaks exactly the same for DES_LONG due to a similar construct: > > > > yeah the header nesting is a nightmare in openssl 1.0, it is a bit better > > in 1.1, a lot of these recursions are fixed. but backporting then completely > > to 1.0 is not an option, so we have to do tweaks that sustains the build. > > > > > > > > > > > #if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) > > > /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a > > > * %20 speed up (longs are 8 bytes, int's are 4). */ > > > #ifndef DES_LONG > > > #define DES_LONG unsigned int > > > #endif > > > #endif > > Would you recommend doing the same change here to fix DES_LONG not being > defined due to nested header inclusion? > > > > > I was going to fix it similarly as BN_LLONG, but since I don't understand how > > > it was supposed to be fixed, I'm not sure how to fix DES_LONG not being > > > defined. Any ideas? > > > > > > Thanks. > > > > > > -- > > > Denys > > > > > > > > > On Wed, Feb 06, 2019 at 10:25:26PM -0800, Khem Raj wrote: > > > > After adding #pragma once to wrapper header ( opensslconf.h ) this > > > > latent issue got to bite us, where it expect bn.h to be including > > > > openssl.h to define BN_* defines, which is fragile. This patch removes > > > > the contraints for nested includes for bn.h > > > > > > > > Signed-off-by: Khem Raj <raj.khem@gmail.com> > > > > --- > > > > .../0001-Fix-BN_LLONG-breakage.patch | 33 +++++++++++++++++++ > > > > .../openssl/openssl10_1.0.2q.bb | 1 + > > > > 2 files changed, 34 insertions(+) > > > > create mode 100644 meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch > > > > > > > > diff --git a/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch > > > > new file mode 100644 > > > > index 0000000000..13d39c918c > > > > --- /dev/null > > > > +++ b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch > > > > @@ -0,0 +1,33 @@ > > > > +From 247b3188cde5f3347091cd54271127386d3aece0 Mon Sep 17 00:00:00 2001 > > > > +From: Khem Raj <raj.khem@gmail.com> > > > > +Date: Wed, 6 Feb 2019 22:10:33 -0800 > > > > +Subject: [PATCH] Fix BN_LLONG breakage > > > > + > > > > +opensslconf.h is un-defining BN_LLONG only when included from bn.h which > > > > +is not robust at all, especially when include guards are used and > > > > +multiple inclusions of a given header is not allowed. so lets take out > > > > +the nesting constraint and add OPENSSL_SYS_UEFI constraint instead > > > > + > > > > +Upstream-Status: Inappropriate [ fixed differently with OpenSSL 1.1+ ] > > > > + > > > > +Signed-off-by: Khem Raj <raj.khem@gmail.com> > > > > +--- > > > > + crypto/opensslconf.h.in | 2 +- > > > > + 1 file changed, 1 insertion(+), 1 deletion(-) > > > > + > > > > +diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in > > > > +index 7a1c85d..a10c10f 100644 > > > > +--- a/crypto/opensslconf.h.in > > > > ++++ b/crypto/opensslconf.h.in > > > > +@@ -56,7 +56,7 @@ > > > > + #endif > > > > + #endif > > > > + > > > > +-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) > > > > ++#if !defined(OPENSSL_SYS_UEFI) && !defined(CONFIG_HEADER_BN_H) > > > > + #define CONFIG_HEADER_BN_H > > > > + #undef BN_LLONG > > > > + > > > > +-- > > > > +2.20.1 > > > > + > > > > diff --git a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb > > > > index 809634f6c0..88aefdea4f 100644 > > > > --- a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb > > > > +++ b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb > > > > @@ -40,6 +40,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ > > > > file://0001-Fix-build-with-clang-using-external-assembler.patch \ > > > > file://0001-openssl-force-soft-link-to-avoid-rare-race.patch \ > > > > file://0001-allow-manpages-to-be-disabled.patch \ > > > > + file://0001-Fix-BN_LLONG-breakage.patch \ > > > > " > > > > > > > > SRC_URI_append_class-target = " \ > > > > -- > > > > 2.20.1 > > > > > > > > -- > > > > _______________________________________________ > > > > Openembedded-core mailing list > > > > Openembedded-core@lists.openembedded.org > > > > http://lists.openembedded.org/mailman/listinfo/openembedded-core > > -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
diff --git a/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch new file mode 100644 index 0000000000..13d39c918c --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch @@ -0,0 +1,33 @@ +From 247b3188cde5f3347091cd54271127386d3aece0 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Wed, 6 Feb 2019 22:10:33 -0800 +Subject: [PATCH] Fix BN_LLONG breakage + +opensslconf.h is un-defining BN_LLONG only when included from bn.h which +is not robust at all, especially when include guards are used and +multiple inclusions of a given header is not allowed. so lets take out +the nesting constraint and add OPENSSL_SYS_UEFI constraint instead + +Upstream-Status: Inappropriate [ fixed differently with OpenSSL 1.1+ ] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + crypto/opensslconf.h.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in +index 7a1c85d..a10c10f 100644 +--- a/crypto/opensslconf.h.in ++++ b/crypto/opensslconf.h.in +@@ -56,7 +56,7 @@ + #endif + #endif + +-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) ++#if !defined(OPENSSL_SYS_UEFI) && !defined(CONFIG_HEADER_BN_H) + #define CONFIG_HEADER_BN_H + #undef BN_LLONG + +-- +2.20.1 + diff --git a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb index 809634f6c0..88aefdea4f 100644 --- a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb +++ b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb @@ -40,6 +40,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ file://0001-Fix-build-with-clang-using-external-assembler.patch \ file://0001-openssl-force-soft-link-to-avoid-rare-race.patch \ file://0001-allow-manpages-to-be-disabled.patch \ + file://0001-Fix-BN_LLONG-breakage.patch \ " SRC_URI_append_class-target = " \
After adding #pragma once to wrapper header ( opensslconf.h ) this latent issue got to bite us, where it expect bn.h to be including openssl.h to define BN_* defines, which is fragile. This patch removes the contraints for nested includes for bn.h Signed-off-by: Khem Raj <raj.khem@gmail.com> --- .../0001-Fix-BN_LLONG-breakage.patch | 33 +++++++++++++++++++ .../openssl/openssl10_1.0.2q.bb | 1 + 2 files changed, 34 insertions(+) create mode 100644 meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch -- 2.20.1 -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core