uboot-mxs: Fix build with libressl 2.7.2

When libressl was linked the libpthread was missing, add it in addition.
Also make the mxsimage tool to use the OpenSSL 1.1 API for the recent
libressl version.

Fixes: 2c192b6916 ("tools/libressl: update to version 2.7.2")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This commit is contained in:
Hauke Mehrtens 2018-04-29 00:40:40 +02:00
parent 5ca159ab3b
commit c21a4c7246
2 changed files with 31 additions and 16 deletions

View file

@ -1,35 +1,36 @@
From 74e3ace3495b73f6e592e92eca18175cccdb5a24 Mon Sep 17 00:00:00 2001
From c5b0bca4c3ca5c3d1d8ee99fdbf3b494a3986dbd Mon Sep 17 00:00:00 2001
From: Hauke Mehrtens <hauke@hauke-m.de>
Date: Sat, 17 Feb 2018 15:34:19 +0100
Subject: [PATCH v2] tools/mxsimage: Support building with LibreSSL
Date: Sun, 18 Mar 2018 16:03:47 +0100
Subject: [PATCH] tools/mxsimage: Support building with LibreSSL
The mxsimage utility fails to compile against LibreSSL because LibreSSL
says it is OpenSSL 2.0, but it does not support the complete OpenSSL 1.1
interface.
The mxsimage utility fails to compile against LibreSSL version < 2.7.0
because LibreSSL says it is OpenSSL 2.0, but it does not support the
complete OpenSSL 1.1 interface.
LibreSSL defines OPENSSL_VERSION_NUMBER with 0x20000000L and therefor
claims to have an API compatible with OpenSSL 2.0, but it does not
implement OPENSSL_zalloc() and some other functions in its most recent
version. OpenSSL implements this function since version 1.1.0.
claims to have an API compatible with OpenSSL 2.0, but it implements
EVP_MD_CTX_new(), EVP_MD_CTX_free() and EVP_CIPHER_CTX_reset() only
starting with version 2.7.0, which is not yet released. OpenSSL
implements this function since version 1.1.0.
This commit will activate the compatibility code meant for
OpenSSL < 1.1.0 also for all versions of LibreSSL, if some version of
LibreSSL will support these functions in the future the version check
should be adapted.
OpenSSL < 1.1.0 also for LibreSSL version < 2.7.0.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: Jonathan Gray <jsg@jsg.id.au>
---
tools/mxsimage.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
tools/mxsimage.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/tools/mxsimage.c
+++ b/tools/mxsimage.c
@@ -26,7 +26,7 @@
@@ -26,7 +26,8 @@
* OpenSSL 1.1.0 and newer compatibility functions:
* https://wiki.openssl.org/index.php/1.1_API_Changes
*/
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
+ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
static void *OPENSSL_zalloc(size_t num)
{
void *ret = OPENSSL_malloc(num);

View file

@ -0,0 +1,14 @@
OpenWrt links the libressl statically against mkimage, make sure all the
needed dependencies are added too.
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -163,7 +163,7 @@ endif
# MXSImage needs LibSSL
ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_ARMADA_38X)$(CONFIG_ARMADA_39X)$(CONFIG_FIT_SIGNATURE),)
HOSTLOADLIBES_mkimage += \
- $(shell pkg-config --libs libssl libcrypto 2> /dev/null || echo "-lssl -lcrypto")
+ $(shell pkg-config --libs --static libssl libcrypto 2> /dev/null || echo "-lssl -lpthread -lcrypto")
# OS X deprecate openssl in favour of CommonCrypto, supress deprecation
# warnings on those systems