From patchwork Tue Sep 17 18:49:47 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Khem Raj X-Patchwork-Id: 173924 Delivered-To: patch@linaro.org Received: by 2002:a92:7e96:0:0:0:0:0 with SMTP id q22csp1498665ill; Tue, 17 Sep 2019 11:50:08 -0700 (PDT) X-Google-Smtp-Source: APXvYqwc1qOcX2E7At8GYZIpdHUKQ3Ubgj/34tvDBZcAFAtXnz/rbm1PjUzxCNvFbZO6fTolJ/rk X-Received: by 2002:aa7:8bc2:: with SMTP id s2mr5659588pfd.13.1568746208227; Tue, 17 Sep 2019 11:50:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1568746208; cv=none; d=google.com; s=arc-20160816; b=smFiOxETh6dE8/SU9lPKdoIK2C2L6bsRsyiRW8ybvvW860Pf1M2kzMN0PqOu4AtZSJ FMNLCSXPlMLVDxwq0VqqWBljOe5epv78hOkjW/lJr8DZj4+3k6EsX0CARarMVEL4rhLW cmxByPBjPJmJFteGU3YZTEDK/GPcYTFnAx9Rd/Hzjt0+sPbar85yrkxHWPJR/yGMjhJe oxNLXX2N+fqGA5MjmjTbonYxZkKHh/AChTMTrjU5TUh1FBvLjjU9F1tecrJNxvO4LQnf 5Otw99MR1Jtxp1y8fECcKvYGyqAmdolNREJ/ZEkr4kQ8RLc6HshknsN1GNscC4SzxnNB 5ZRg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:sender:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :cc:mime-version:message-id:date:to:from:dkim-signature:delivered-to; bh=9MhRhUcL+jEe47NQHyAdzCD4HYdlEXcfuRSrmMG3zqA=; b=WSHTw4EslSsfIEGEXuTg/jkv7YWM5MDx2AwABXTkTZppX7vkx4baOYKn8gJQg/udQX bvGqpz1KHqXUfFThG0UALFlHKOkh2DhToPeAfGwU2WU2FqJNVCS6lZj7AVwwFF7rPPx+ dhDgxF/e/7qMQ0262dOnt0cRmTFRp6RubLSXu4d3+lKA60HjftB0G7RWd+mzMpLXkQKf x0yWt2jzPnqTQw2VdY3z4bbm0xCuXjlqFX7NxccE+pBmvah+DMDkEHeXpUNeGsU4AF/j l7NoEsahrd/XuVKXCdUyJM3gaplDhOwGNG8ueISLdWorPdBjMfCGTWBLqcb3krda6ciQ /oMA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20161025 header.b="vSU+/DdZ"; spf=pass (google.com: best guess record for domain of openembedded-core-bounces@lists.openembedded.org designates 140.211.169.62 as permitted sender) smtp.mailfrom=openembedded-core-bounces@lists.openembedded.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from mail.openembedded.org (mail.openembedded.org. [140.211.169.62]) by mx.google.com with ESMTP id w16si2395026plk.228.2019.09.17.11.50.07; Tue, 17 Sep 2019 11:50:08 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of openembedded-core-bounces@lists.openembedded.org designates 140.211.169.62 as permitted sender) client-ip=140.211.169.62; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20161025 header.b="vSU+/DdZ"; spf=pass (google.com: best guess record for domain of openembedded-core-bounces@lists.openembedded.org designates 140.211.169.62 as permitted sender) smtp.mailfrom=openembedded-core-bounces@lists.openembedded.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from ec2-34-214-78-129.us-west-2.compute.amazonaws.com (localhost [127.0.0.1]) by mail.openembedded.org (Postfix) with ESMTP id EFCB27FDA1; Tue, 17 Sep 2019 18:50:02 +0000 (UTC) X-Original-To: openembedded-core@lists.openembedded.org Delivered-To: openembedded-core@lists.openembedded.org Received: from mail-pg1-f196.google.com (mail-pg1-f196.google.com [209.85.215.196]) by mail.openembedded.org (Postfix) with ESMTP id 633197FD86 for ; Tue, 17 Sep 2019 18:50:01 +0000 (UTC) Received: by mail-pg1-f196.google.com with SMTP id i18so2460600pgl.11 for ; Tue, 17 Sep 2019 11:50:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=fqef18wbWUEZhzGP7RZQgLzWCCGxipj5w9XmQiQlA4c=; b=vSU+/DdZQZqUT3H8YStINL7+tL3dHTae8SE1JAYX0IK8gLkQPFqq+ar2uccV0aagre d6oi9Hj+SnUlL+rs0kazQEf2qwVyNIp+rnfz1CEd7aeo1QwAdQByEnnimcJuNdjyIDd3 D4qj9ux4m2kYqKzg2o+/ncGIik11ptcNvvokAPkUKwX6Z2Hk0lVzl9mPPhISCLxfhsj5 4wnVDKSOgXAgiE3oPNAubyYajmAPMGRWxaG8vNYBLAVmabcNgOw9a005Cc37Xv4ksDkT +QZVzCY6eudFuiCTuds2mCxUG7CLq6MJZIPQu2TJMozjJkDM4Aw8glnQ/SZQW9P4APQc OLEw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=fqef18wbWUEZhzGP7RZQgLzWCCGxipj5w9XmQiQlA4c=; b=f02DuA6Z6zbZ5TYyQ8A9jovrUfltT/Qh5ke71SohPHLJOhpTxo9eCr0cJDl/Amu5Up 7xXWgZvKDMiSBTD0H45cCL40TOg+bG0V92tPflQ5KIqqFkxwKAKtEiO4fVQxLn3W9WOs kyOt+td6i2QlfZ/SOEJFM1IrioZYM+Nsw0N17joGAIlfT77ft12Dyu+Z+cWBP8BTJuV4 Ml8pYE2iCxBUj6999ZdOHO0FHZNvpAGSFLbUHwEb6XNh0CwOo7pVYYc5FibQS+Ux16cY +fJ8vrF4dMcmGlOUXvfFbSYEXtSSmAdu9FRK6nTkv/DH+ZSyMFNK6OYdYTtPdqENAMAY Q9uA== X-Gm-Message-State: APjAAAXr25EZ4clcaOjJ5/cpS0h/bVE1DoUysxVei/zN35NO9wR+Fy1o Wf3xLIfRUZnJoQRhUC+ASUQlIYbZgIM= X-Received: by 2002:a17:90a:d356:: with SMTP id i22mr6263773pjx.24.1568746201710; Tue, 17 Sep 2019 11:50:01 -0700 (PDT) Received: from apollo.hsd1.ca.comcast.net (c-73-71-176-3.hsd1.ca.comcast.net. [73.71.176.3]) by smtp.gmail.com with ESMTPSA id n1sm1337891pfa.12.2019.09.17.11.50.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 17 Sep 2019 11:50:01 -0700 (PDT) From: Khem Raj To: openembedded-core@lists.openembedded.org Date: Tue, 17 Sep 2019 11:49:47 -0700 Message-Id: <20190917184947.2244823-1-raj.khem@gmail.com> X-Mailer: git-send-email 2.23.0 MIME-Version: 1.0 Cc: Adrian Bunk Subject: [OE-core] [PATCH] openssl: Enable os option for with-rand-seed as well X-BeenThere: openembedded-core@lists.openembedded.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Patches and discussions about the oe-core layer List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: openembedded-core-bounces@lists.openembedded.org Errors-To: openembedded-core-bounces@lists.openembedded.org with openSSL 1.1.1d we start seeing errors like Error Generating Key 139979727451584:error:2406C06E:random number generator:RAND_DRBG_instantiate:error retrieving entropy:../openssl-1.1.1d/crypto/rand/drbg_lib.c:342: when using openssl from openssl-native on build hosts, this is due to limiting the random seed to devrandom, to support older hosts, since the option allows to have a comma separated list of methods to try, we can try the default first and if that fails then fallback to devrandom, this will ensure that it keeps working with build systems which dont support getrandom() Signed-off-by: Khem Raj Cc: Adrian Bunk Cc: Alexander Kanavin --- meta/recipes-connectivity/openssl/openssl_1.1.1d.bb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) -- 2.23.0 -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core Signed-off-by: Khem Raj <raj.khem@gmail.com>
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb index 080d1a8bb7..072f727e0b 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb @@ -43,10 +43,10 @@ do_configure[cleandirs] = "${B}" EXTRA_OECONF_append_libc-musl = " no-async" EXTRA_OECONF_append_libc-musl_powerpc64 = " no-asm" -# This prevents openssl from using getrandom() which is not available on older glibc versions +# adding devrandom prevents openssl from using getrandom() which is not available on older glibc versions # (native versions can be built with newer glibc, but then relocated onto a system with older glibc) -EXTRA_OECONF_class-native = "--with-rand-seed=devrandom" -EXTRA_OECONF_class-nativesdk = "--with-rand-seed=devrandom" +EXTRA_OECONF_class-native = "--with-rand-seed=os,devrandom" +EXTRA_OECONF_class-nativesdk = "--with-rand-seed=os,devrandom" # Relying on hardcoded built-in paths causes openssl-native to not be relocateable from sstate. CFLAGS_append_class-native = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin"