uboot-mxs: Fix build with libressl 2.7.2

When libressl was linked the libpthread was missing, add it in addition. Also make the mxsimage tool to use the OpenSSL 1.1 API for the recent libressl version. Fixes: 2c192b6916 ("tools/libressl: update to version 2.7.2") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-04-29 00:40:40 +02:00 · 2018-04-29 00:40:40 +02:00 · c21a4c7246
commit c21a4c7246
parent 5ca159ab3b
2 changed files with 31 additions and 16 deletions
--- a/package/boot/uboot-mxs/patches/002-tools-mxsimage-Support-building-with-LibreSSL.patch
+++ b/package/boot/uboot-mxs/patches/002-tools-mxsimage-Support-building-with-LibreSSL.patch
@ -1,35 +1,36 @@
-From 74e3ace3495b73f6e592e92eca18175cccdb5a24 Mon Sep 17 00:00:00 2001
+From c5b0bca4c3ca5c3d1d8ee99fdbf3b494a3986dbd Mon Sep 17 00:00:00 2001
 From: Hauke Mehrtens <hauke@hauke-m.de>
-Date: Sat, 17 Feb 2018 15:34:19 +0100
-Subject: [PATCH v2] tools/mxsimage: Support building with LibreSSL
+Date: Sun, 18 Mar 2018 16:03:47 +0100
+Subject: [PATCH] tools/mxsimage: Support building with LibreSSL

-The mxsimage utility fails to compile against LibreSSL because LibreSSL
-says it is OpenSSL 2.0, but it does not support the complete OpenSSL 1.1
-interface.
+The mxsimage utility fails to compile against LibreSSL version < 2.7.0
+because LibreSSL says it is OpenSSL 2.0, but it does not support the
+complete OpenSSL 1.1 interface.

 LibreSSL defines OPENSSL_VERSION_NUMBER with 0x20000000L and therefor
-claims to have an API compatible with OpenSSL 2.0, but it does not
-implement OPENSSL_zalloc() and some other functions in its most recent
-version. OpenSSL implements this function since version 1.1.0.
+claims to have an API compatible with OpenSSL 2.0, but it implements
+EVP_MD_CTX_new(), EVP_MD_CTX_free() and EVP_CIPHER_CTX_reset() only
+starting with version 2.7.0, which is not yet released. OpenSSL
+implements this function since version 1.1.0.

 This commit will activate the compatibility code meant for
-OpenSSL < 1.1.0 also for all versions of LibreSSL, if some version of
-LibreSSL will support these functions in the future the version check
-should be adapted.
+OpenSSL < 1.1.0 also for LibreSSL version < 2.7.0.

 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
+Reviewed-by: Jonathan Gray <jsg@jsg.id.au>
 ---
- tools/mxsimage.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
+ tools/mxsimage.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)

 --- a/tools/mxsimage.c
 +++ b/tools/mxsimage.c
-@@ -26,7 +26,7 @@
+@@ -26,7 +26,8 @@
  * OpenSSL 1.1.0 and newer compatibility functions:
  * https://wiki.openssl.org/index.php/1.1_API_Changes
  */
 -#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
+    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
 static void *OPENSSL_zalloc(size_t num)
 {
 	void *ret = OPENSSL_malloc(num);
--- a/package/boot/uboot-mxs/patches/210-link-libcrypto-static.patch
+++ b/package/boot/uboot-mxs/patches/210-link-libcrypto-static.patch
@ -0,0 +1,14 @@
+OpenWrt links the libressl statically against mkimage, make sure all the 
+needed dependencies are added too.
+
+--- a/tools/Makefile
+++ b/tools/Makefile
+@@ -163,7 +163,7 @@ endif
+ # MXSImage needs LibSSL
+ ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_ARMADA_38X)$(CONFIG_ARMADA_39X)$(CONFIG_FIT_SIGNATURE),)
+ HOSTLOADLIBES_mkimage += \
+-	$(shell pkg-config --libs libssl libcrypto 2> /dev/null || echo "-lssl -lcrypto")
+	$(shell pkg-config --libs --static libssl libcrypto 2> /dev/null || echo "-lssl -lpthread -lcrypto")
+ 
+ # OS X deprecate openssl in favour of CommonCrypto, supress deprecation
+ # warnings on those systems