[OpenWrt-Devel] [PATCH v2 5/6] openssl: remove some unneeded functionality and algorithms

Dirk Feytons dirk.feytons at gmail.com
Thu Jun 9 11:37:18 EDT 2016


The patch needed for this commit has been sent upstream:
https://github.com/openssl/openssl/pull/1155

Signed-off-by: Dirk Feytons <dirk.feytons at gmail.com>
---
 package/libs/openssl/Makefile                      |    7 +++---
 .../openssl/patches/302-fix_no_cmac_build.patch    |   24 ++++++++++++++++++++
 2 files changed, 28 insertions(+), 3 deletions(-)
 create mode 100644 package/libs/openssl/patches/302-fix_no_cmac_build.patch

diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile
index 2fbb566..4782c42 100644
--- a/package/libs/openssl/Makefile
+++ b/package/libs/openssl/Makefile
@@ -96,8 +96,9 @@ This package contains the OpenSSL command-line utility.
 endef
 
 
-OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc5 no-sha0 no-camellia no-krb5
-OPENSSL_OPTIONS:= shared no-err no-sse2 no-ssl2
+OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc5 no-sha0 no-camellia no-krb5 no-srp \
+ no-whrlpool no-whirlpool no-bf no-ripemd no-seed no-cast no-cmac
+OPENSSL_OPTIONS:= shared no-err no-sse2 no-ssl2 no-ssl2-method no-heartbeats
 
 ifdef CONFIG_OPENSSL_ENGINE_CRYPTO
   OPENSSL_OPTIONS += -DHAVE_CRYPTODEV
@@ -117,7 +118,7 @@ ifndef CONFIG_OPENSSL_WITH_EC2M
 endif
 
 ifndef CONFIG_OPENSSL_WITH_SSL3
-  OPENSSL_OPTIONS += no-ssl3
+  OPENSSL_OPTIONS += no-ssl3 no-ssl3-method
 endif
 
 ifndef CONFIG_OPENSSL_HARDWARE_SUPPORT
diff --git a/package/libs/openssl/patches/302-fix_no_cmac_build.patch b/package/libs/openssl/patches/302-fix_no_cmac_build.patch
new file mode 100644
index 0000000..1b94f24
--- /dev/null
+++ b/package/libs/openssl/patches/302-fix_no_cmac_build.patch
@@ -0,0 +1,24 @@
+--- a/crypto/asn1/ameth_lib.c
++++ b/crypto/asn1/ameth_lib.c
+@@ -93,7 +93,9 @@ static const EVP_PKEY_ASN1_METHOD *stand
+     &eckey_asn1_meth,
+ #endif
+     &hmac_asn1_meth,
++#ifndef OPENSSL_NO_CMAC
+     &cmac_asn1_meth,
++#endif
+ #ifndef OPENSSL_NO_DH
+     &dhx_asn1_meth
+ #endif
+--- a/crypto/evp/pmeth_lib.c
++++ b/crypto/evp/pmeth_lib.c
+@@ -91,7 +91,9 @@ static const EVP_PKEY_METHOD *standard_m
+     &ec_pkey_meth,
+ #endif
+     &hmac_pkey_meth,
++#ifndef OPENSSL_NO_CMAC
+     &cmac_pkey_meth,
++#endif
+ #ifndef OPENSSL_NO_DH
+     &dhx_pkey_meth
+ #endif
-- 
1.7.9.5
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel


More information about the openwrt-devel mailing list