LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8"
DEPENDS = "perl-native-runtime"
+DEPENDS_append_class-target = " openssl-native"
SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
"
export EX_LIBS = "-lgcc -ldl"
export AS = "${CC} -c"
-inherit pkgconfig siteinfo multilib_header
+inherit pkgconfig siteinfo multilib_header ptest
PACKAGES =+ "libcrypto libssl ${PN}-misc openssl-conf"
FILES_libcrypto = "${base_libdir}/libcrypto${SOLIBS}"
FILES_libssl = "${libdir}/libssl.so.*"
FILES_${PN} =+ " ${libdir}/ssl/*"
FILES_${PN}-misc = "${libdir}/ssl/misc ${bindir}/c_rehash"
-RDEPENDS_${PN}-misc = "${@base_contains('PACKAGECONFIG', 'perl', 'perl', '', d)}"
+RDEPENDS_${PN}-misc = "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '', d)}"
FILES_${PN}-dev += "${base_libdir}/libcrypto${SOLIBSDEV}"
# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto
FILES_openssl-conf = "${libdir}/ssl/openssl.cnf"
CONFFILES_openssl-conf = "${libdir}/ssl/openssl.cnf"
RRECOMMENDS_libcrypto += "openssl-conf"
+RDEPENDS_${PN}-ptest += "${PN}-misc make perl perl-module-filehandle bc"
do_configure_prepend_darwin () {
sed -i -e '/version-script=openssl\.ld/d' Configure
ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/
os=${HOST_OS}
- if [ "x$os" = "xlinux-uclibc" ]; then
+ case $os in
+ linux-uclibc |\
+ linux-uclibceabi |\
+ linux-gnueabi |\
+ linux-uclibcspe |\
+ linux-gnuspe |\
+ linux-musl*)
os=linux
- elif [ "x$os" = "xlinux-uclibceabi" ]; then
- os=linux
- elif [ "x$os" = "xlinux-uclibcspe" ]; then
- os=linux
- elif [ "x$os" = "xlinux-gnuspe" ]; then
- os=linux
- elif [ "x$os" = "xlinux-gnueabi" ]; then
- os=linux
- fi
+ ;;
+ *)
+ ;;
+ esac
target="$os-${HOST_ARCH}"
case $target in
linux-arm)
perl ./Configure ${EXTRA_OECONF} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=`basename ${libdir}` $target
}
+do_compile_prepend_class-target () {
+ sed -i 's/\((OPENSSL=\)".*"/\1"openssl"/' Makefile
+}
+
do_compile () {
oe_runmake
}
+do_compile_ptest () {
+ oe_runmake buildtest
+}
+
do_install () {
oe_runmake INSTALL_PREFIX="${D}" MANDIR="${mandir}" install
cp --dereference -R include/openssl ${D}${includedir}
oe_multilib_header openssl/opensslconf.h
- if [ "${@base_contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" = "perl" ]; then
+ if [ "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" = "perl" ]; then
install -m 0755 ${S}/tools/c_rehash ${D}${bindir}
sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${bindir}/c_rehash
sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/CA.pl
fi
}
+do_install_ptest () {
+ cp -r Makefile test ${D}${PTEST_PATH}
+ cp -r certs ${D}${PTEST_PATH}
+ mkdir -p ${D}${PTEST_PATH}/apps
+ ln -sf /usr/lib/ssl/misc/CA.sh ${D}${PTEST_PATH}/apps
+ ln -sf /usr/lib/ssl/openssl.cnf ${D}${PTEST_PATH}/apps
+ ln -sf /usr/bin/openssl ${D}${PTEST_PATH}/apps
+ cp apps/server2.pem ${D}${PTEST_PATH}/apps
+ mkdir -p ${D}${PTEST_PATH}/util
+ install util/opensslwrap.sh ${D}${PTEST_PATH}/util
+ install util/shlib_wrap.sh ${D}${PTEST_PATH}/util
+}
+
BBCLASSEXTEND = "native nativesdk"
--- /dev/null
+Add 'buildtest' and 'runtest' targets to Makefile, to build and run tests
+cross-compiled.
+
+Signed-off-by: Anders Roxell <anders.roxell@enea.com>
+Signed-off-by: Maxin B. John <maxin.john@enea.com>
+Upstream-Status: Pending
+---
+diff -uNr a/Makefile b/Makefile
+--- a/Makefile.org 2012-05-10 17:06:02.000000000 +0200
++++ b/Makefile.org 2012-10-27 00:05:55.359424024 +0200
+@@ -411,8 +411,16 @@
+ test: tests
+
+ tests: rehash
++ $(MAKE) buildtest
++ $(MAKE) runtest
++
++buildtest:
++ @(cd test && \
++ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf exe apps);
++
++runtest:
+ @(cd test && echo "testing..." && \
+- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
++ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf alltests );
+ OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
+
+ report:
+diff --git a/test/Makefile b/test/Makefile
+index 3912f82..1696767 100644
+--- a/test/Makefile
++++ b/test/Makefile
+@@ -128,7 +128,7 @@ tests: exe apps $(TESTS)
+ apps:
+ @(cd ..; $(MAKE) DIRS=apps all)
+
+-alltests: \
++all-tests= \
+ test_des test_idea test_sha test_md4 test_md5 test_hmac \
+ test_md2 test_mdc2 test_wp \
+ test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \
+@@ -138,6 +138,11 @@ alltests: \
+ test_ss test_ca test_engine test_evp test_ssl test_tsa test_ige \
+ test_jpake test_cms
+
++alltests:
++ @(for i in $(all-tests); do \
++ ( $(MAKE) $$i && echo "PASS: $$i" ) || echo "FAIL: $$i"; \
++ done)
++
+ test_evp:
+ ../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
+
+@@ -203,7 +208,7 @@ test_x509:
+ echo test second x509v3 certificate
+ sh ./tx509 v3-cert2.pem 2>/dev/null
+
+-test_rsa: $(RSATEST)$(EXE_EXT)
++test_rsa:
+ @sh ./trsa 2>/dev/null
+ ../util/shlib_wrap.sh ./$(RSATEST)
+
+@@ -298,11 +303,11 @@ test_tsa:
+ sh ./testtsa; \
+ fi
+
+-test_ige: $(IGETEST)$(EXE_EXT)
++test_ige:
+ @echo "Test IGE mode"
+ ../util/shlib_wrap.sh ./$(IGETEST)
+
+-test_jpake: $(JPAKETEST)$(EXE_EXT)
++test_jpake:
+ @echo "Test JPAKE"
+ ../util/shlib_wrap.sh ./$(JPAKETEST)
X-Git-Url: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=039081b80977e2a5de84e1f88f8b4d025b559956
Initial aarch64 bits.
+Upstream-Status: backport (will be included in 1.0.2)
---
crypto/bn/bn_lcl.h | 9 +++++++++
crypto/md32_common.h | 18 ++++++++++++++++++
+++ /dev/null
-commit 208d54db20d58c9a5e45e856a0650caadd7d9612
-Author: Dr. Stephen Henson <steve@openssl.org>
-Date: Tue May 13 18:48:31 2014 +0100
-
- Fix for CVE-2014-0195
-
- A buffer overrun attack can be triggered by sending invalid DTLS fragments
- to an OpenSSL DTLS client or server. This is potentially exploitable to
- run arbitrary code on a vulnerable client or server.
-
- Fixed by adding consistency check for DTLS fragments.
-
- Thanks to Jüri Aedla for reporting this issue.
-
-Patch borrowed from Fedora
-Upstream-Status: Backport
-Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
-
-diff --git a/ssl/d1_both.c b/ssl/d1_both.c
-index 2e8cf68..07f67f8 100644
---- a/ssl/d1_both.c
-+++ b/ssl/d1_both.c
-@@ -627,7 +627,16 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)
- frag->msg_header.frag_off = 0;
- }
- else
-+ {
- frag = (hm_fragment*) item->data;
-+ if (frag->msg_header.msg_len != msg_hdr->msg_len)
-+ {
-+ item = NULL;
-+ frag = NULL;
-+ goto err;
-+ }
-+ }
-+
-
- /* If message is already reassembled, this must be a
- * retransmit and can be dropped.
-
+++ /dev/null
-From: Matt Caswell <matt@openssl.org>
-Date: Sun, 11 May 2014 23:38:37 +0000 (+0100)
-Subject: Fixed NULL pointer dereference. See PR#3321
-X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=b107586
-
-Fixed NULL pointer dereference. See PR#3321
-
-Patch borrowed from Fedora
-Upstream-Status: Backport
-Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
-
----
-
-diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
-index 40eb0dd..d961d12 100644
---- a/ssl/s3_pkt.c
-+++ b/ssl/s3_pkt.c
-@@ -657,9 +657,6 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
- SSL3_BUFFER *wb=&(s->s3->wbuf);
- SSL_SESSION *sess;
-
-- if (wb->buf == NULL)
-- if (!ssl3_setup_write_buffer(s))
-- return -1;
-
- /* first check if there is a SSL3_BUFFER still being written
- * out. This will happen with non blocking IO */
-@@ -675,6 +672,10 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
- /* if it went, fall through and send more stuff */
- }
-
-+ if (wb->buf == NULL)
-+ if (!ssl3_setup_write_buffer(s))
-+ return -1;
-+
- if (len == 0 && !create_empty_fragment)
- return 0;
-
+++ /dev/null
-commit d30e582446b027868cdabd0994681643682045a4
-Author: Dr. Stephen Henson <steve@openssl.org>
-Date: Fri May 16 13:00:45 2014 +0100
-
- Fix CVE-2014-0221
-
- Unnecessary recursion when receiving a DTLS hello request can be used to
- crash a DTLS client. Fixed by handling DTLS hello request without recursion.
-
- Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue.
-
-Patch borrowed from Fedora
-Upstream-Status: Backport
-Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
-
-diff --git a/ssl/d1_both.c b/ssl/d1_both.c
-index 07f67f8..4c2fd03 100644
---- a/ssl/d1_both.c
-+++ b/ssl/d1_both.c
-@@ -793,6 +793,7 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
- int i,al;
- struct hm_header_st msg_hdr;
-
-+ redo:
- /* see if we have the required fragment already */
- if ((frag_len = dtls1_retrieve_buffered_fragment(s,max,ok)) || *ok)
- {
-@@ -851,8 +852,7 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
- s->msg_callback_arg);
-
- s->init_num = 0;
-- return dtls1_get_message_fragment(s, st1, stn,
-- max, ok);
-+ goto redo;
- }
- else /* Incorrectly formated Hello request */
- {
-
+++ /dev/null
-Fix for CVE-2014-0224
-
-Only accept change cipher spec when it is expected instead of at any
-time. This prevents premature setting of session keys before the master
-secret is determined which an attacker could use as a MITM attack.
-
-Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for reporting this issue
-and providing the initial fix this patch is based on.
-
-
-Patch borrowed from Fedora
-Upstream-Status: Backport
-Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
-
-
-diff -up openssl-1.0.1e/ssl/ssl3.h.keying-mitm openssl-1.0.1e/ssl/ssl3.h
---- openssl-1.0.1e/ssl/ssl3.h.keying-mitm 2014-06-02 19:48:04.518100562 +0200
-+++ openssl-1.0.1e/ssl/ssl3.h 2014-06-02 19:48:04.642103429 +0200
-@@ -388,6 +388,7 @@ typedef struct ssl3_buffer_st
- #define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
- #define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
- #define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020
-+#define SSL3_FLAGS_CCS_OK 0x0080
-
- /* SSL3_FLAGS_SGC_RESTART_DONE is set when we
- * restart a handshake because of MS SGC and so prevents us
-diff -up openssl-1.0.1e/ssl/s3_clnt.c.keying-mitm openssl-1.0.1e/ssl/s3_clnt.c
---- openssl-1.0.1e/ssl/s3_clnt.c.keying-mitm 2013-02-11 16:26:04.000000000 +0100
-+++ openssl-1.0.1e/ssl/s3_clnt.c 2014-06-02 19:49:57.042701985 +0200
-@@ -559,6 +559,7 @@ int ssl3_connect(SSL *s)
- case SSL3_ST_CR_FINISHED_A:
- case SSL3_ST_CR_FINISHED_B:
-
-+ s->s3->flags |= SSL3_FLAGS_CCS_OK;
- ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
- SSL3_ST_CR_FINISHED_B);
- if (ret <= 0) goto end;
-@@ -916,6 +917,7 @@ int ssl3_get_server_hello(SSL *s)
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
- goto f_err;
- }
-+ s->s3->flags |= SSL3_FLAGS_CCS_OK;
- s->hit=1;
- }
- else /* a miss or crap from the other end */
-diff -up openssl-1.0.1e/ssl/s3_pkt.c.keying-mitm openssl-1.0.1e/ssl/s3_pkt.c
---- openssl-1.0.1e/ssl/s3_pkt.c.keying-mitm 2014-06-02 19:48:04.640103383 +0200
-+++ openssl-1.0.1e/ssl/s3_pkt.c 2014-06-02 19:48:04.643103452 +0200
-@@ -1298,6 +1298,15 @@ start:
- goto f_err;
- }
-
-+ if (!(s->s3->flags & SSL3_FLAGS_CCS_OK))
-+ {
-+ al=SSL_AD_UNEXPECTED_MESSAGE;
-+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_CCS_RECEIVED_EARLY);
-+ goto f_err;
-+ }
-+
-+ s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
-+
- rr->length=0;
-
- if (s->msg_callback)
-@@ -1432,7 +1441,7 @@ int ssl3_do_change_cipher_spec(SSL *s)
-
- if (s->s3->tmp.key_block == NULL)
- {
-- if (s->session == NULL)
-+ if (s->session == NULL || s->session->master_key_length == 0)
- {
- /* might happen if dtls1_read_bytes() calls this */
- SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY);
-diff -up openssl-1.0.1e/ssl/s3_srvr.c.keying-mitm openssl-1.0.1e/ssl/s3_srvr.c
---- openssl-1.0.1e/ssl/s3_srvr.c.keying-mitm 2014-06-02 19:48:04.630103151 +0200
-+++ openssl-1.0.1e/ssl/s3_srvr.c 2014-06-02 19:48:04.643103452 +0200
-@@ -673,6 +673,7 @@ int ssl3_accept(SSL *s)
- case SSL3_ST_SR_CERT_VRFY_A:
- case SSL3_ST_SR_CERT_VRFY_B:
-
-+ s->s3->flags |= SSL3_FLAGS_CCS_OK;
- /* we should decide if we expected this one */
- ret=ssl3_get_cert_verify(s);
- if (ret <= 0) goto end;
-@@ -700,6 +701,7 @@ int ssl3_accept(SSL *s)
-
- case SSL3_ST_SR_FINISHED_A:
- case SSL3_ST_SR_FINISHED_B:
-+ s->s3->flags |= SSL3_FLAGS_CCS_OK;
- ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
- SSL3_ST_SR_FINISHED_B);
- if (ret <= 0) goto end;
-@@ -770,7 +772,10 @@ int ssl3_accept(SSL *s)
- s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
- #else
- if (s->s3->next_proto_neg_seen)
-+ {
-+ s->s3->flags |= SSL3_FLAGS_CCS_OK;
- s->s3->tmp.next_state=SSL3_ST_SR_NEXT_PROTO_A;
-+ }
- else
- s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
- #endif
+++ /dev/null
-commit 4ad43d511f6cf064c66eb4bfd0fb0919b5dd8a86
-Author: Dr. Stephen Henson <steve@openssl.org>
-Date: Thu May 29 15:00:05 2014 +0100
-
- Fix CVE-2014-3470
-
- Check session_cert is not NULL before dereferencing it.
-
-Patch borrowed from Fedora
-Upstream-Status: Backport
-Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
-
-
-diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
-index d35376d..4324f8d 100644
---- a/ssl/s3_clnt.c
-+++ b/ssl/s3_clnt.c
-@@ -2511,6 +2511,13 @@ int ssl3_send_client_key_exchange(SSL *s)
- int ecdh_clnt_cert = 0;
- int field_size = 0;
-
-+ if (s->session->sess_cert == NULL)
-+ {
-+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
-+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
-+ goto err;
-+ }
-+
- /* Did we send out the client's
- * ECDH share for use in premaster
- * computation as part of client certificate?
+++ /dev/null
-openssl fix for CVE-2010-5298
-
-Upstream-Status: Backport
-
-Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL
-through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote
-attackers to inject data across sessions or cause a denial of service
-(use-after-free and parsing error) via an SSL connection in a
-multithreaded environment.
-
-http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-5298
-
-Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
---- a/ssl/s3_pkt.c
-+++ b/ssl/s3_pkt.c
-@@ -1013,7 +1013,7 @@ start:
- {
- s->rstate=SSL_ST_READ_HEADER;
- rr->off=0;
-- if (s->mode & SSL_MODE_RELEASE_BUFFERS)
-+ if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0)
- ssl3_release_read_buffer(s);
- }
- }
+++ /dev/null
-Fix documentation build errors with Perl 5.18 pod2man
-
-This fixes errors building man pages with newer versions of pod2man
-included with Perl 5.18.
-
-Upstream-Status: Submitted
-Signed-off-by: Jonathan Liu
-
-Index: openssl-1.0.1f/doc/apps/cms.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/apps/cms.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/apps/cms.pod 2014-02-28 10:13:51.899979213 +0200
-@@ -450,28 +450,28 @@
-
- =over 4
-
--=item 0
-+=item Z<>0
-
- the operation was completely successfully.
-
--=item 1
-+=item Z<>1
-
- an error occurred parsing the command options.
-
--=item 2
-+=item Z<>2
-
- one of the input files could not be read.
-
--=item 3
-+=item Z<>3
-
- an error occurred creating the CMS file or when reading the MIME
- message.
-
--=item 4
-+=item Z<>4
-
- an error occurred decrypting or verifying the message.
-
--=item 5
-+=item Z<>5
-
- the message was verified correctly but an error occurred writing out
- the signers certificates.
-Index: openssl-1.0.1f/doc/apps/smime.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/apps/smime.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/apps/smime.pod 2014-02-28 10:16:57.795979233 +0200
-@@ -308,28 +308,28 @@
-
- =over 4
-
--=item 0
-+=item Z<>0
-
- the operation was completely successfully.
-
--=item 1
-+=item Z<>1
-
- an error occurred parsing the command options.
-
--=item 2
-+=item Z<>2
-
- one of the input files could not be read.
-
--=item 3
-+=item Z<>3
-
- an error occurred creating the PKCS#7 file or when reading the MIME
- message.
-
--=item 4
-+=item Z<>4
-
- an error occurred decrypting or verifying the message.
-
--=item 5
-+=item Z<>5
-
- the message was verified correctly but an error occurred writing out
- the signers certificates.
-Index: openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_COMP_add_compression_method.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod 2014-02-28 10:18:09.679979225 +0200
-@@ -53,11 +53,11 @@
-
- =over 4
-
--=item 0
-+=item Z<>0
-
- The operation succeeded.
-
--=item 1
-+=item Z<>1
-
- The operation failed. Check the error queue to find out the reason.
-
-Index: openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_CTX_add_session.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod 2014-02-28 10:18:42.687979221 +0200
-@@ -52,13 +52,13 @@
-
- =over 4
-
--=item 0
-+=item Z<>0
-
- The operation failed. In case of the add operation, it was tried to add
- the same (identical) session twice. In case of the remove operation, the
- session was not found in the cache.
-
--=item 1
-+=item Z<>1
-
- The operation succeeded.
-
-Index: openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_CTX_load_verify_locations.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod 2014-02-28 10:19:09.079979218 +0200
-@@ -100,13 +100,13 @@
-
- =over 4
-
--=item 0
-+=item Z<>0
-
- The operation failed because B<CAfile> and B<CApath> are NULL or the
- processing at one of the locations specified failed. Check the error
- stack to find out the reason.
-
--=item 1
-+=item Z<>1
-
- The operation succeeded.
-
-Index: openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_CTX_set_client_CA_list.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod 2014-02-28 10:19:42.999979220 +0200
-@@ -66,13 +66,13 @@
-
- =over 4
-
--=item 0
-+=item Z<>0
-
- A failure while manipulating the STACK_OF(X509_NAME) object occurred or
- the X509_NAME could not be extracted from B<cacert>. Check the error stack
- to find out the reason.
-
--=item 1
-+=item Z<>1
-
- The operation succeeded.
-
-Index: openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_CTX_set_session_id_context.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod 2014-02-28 10:20:06.495979211 +0200
-@@ -64,13 +64,13 @@
-
- =over 4
-
--=item 0
-+=item Z<>0
-
- The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded
- the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error
- is logged to the error stack.
-
--=item 1
-+=item Z<>1
-
- The operation succeeded.
-
-Index: openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_CTX_set_ssl_version.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod 2014-02-28 10:20:32.111979208 +0200
-@@ -42,11 +42,11 @@
-
- =over 4
-
--=item 0
-+=item Z<>0
-
- The new choice failed, check the error stack to find out the reason.
-
--=item 1
-+=item Z<>1
-
- The operation succeeded.
-
-Index: openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_CTX_use_psk_identity_hint.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod 2014-02-28 10:21:12.351979203 +0200
-@@ -96,7 +96,7 @@
- connection will fail with decryption_error before it will be finished
- completely.
-
--=item 0
-+=item Z<>0
-
- PSK identity was not found. An "unknown_psk_identity" alert message
- will be sent and the connection setup fails.
-Index: openssl-1.0.1f/doc/ssl/SSL_accept.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_accept.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_accept.pod 2014-02-28 10:21:51.535979215 +0200
-@@ -44,13 +44,13 @@
-
- =over 4
-
--=item 0
-+=item Z<>0
-
- The TLS/SSL handshake was not successful but was shut down controlled and
- by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
- return value B<ret> to find out the reason.
-
--=item 1
-+=item Z<>1
-
- The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
- established.
-Index: openssl-1.0.1f/doc/ssl/SSL_clear.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_clear.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_clear.pod 2014-02-28 10:22:13.087979196 +0200
-@@ -56,12 +56,12 @@
-
- =over 4
-
--=item 0
-+=item Z<>0
-
- The SSL_clear() operation could not be performed. Check the error stack to
- find out the reason.
-
--=item 1
-+=item Z<>1
-
- The SSL_clear() operation was successful.
-
-Index: openssl-1.0.1f/doc/ssl/SSL_connect.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_connect.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_connect.pod 2014-02-28 10:22:33.991979193 +0200
-@@ -41,13 +41,13 @@
-
- =over 4
-
--=item 0
-+=item Z<>0
-
- The TLS/SSL handshake was not successful but was shut down controlled and
- by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
- return value B<ret> to find out the reason.
-
--=item 1
-+=item Z<>1
-
- The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
- established.
-Index: openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_do_handshake.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod 2014-02-28 10:22:56.887979159 +0200
-@@ -45,13 +45,13 @@
-
- =over 4
-
--=item 0
-+=item Z<>0
-
- The TLS/SSL handshake was not successful but was shut down controlled and
- by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
- return value B<ret> to find out the reason.
-
--=item 1
-+=item Z<>1
-
- The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
- established.
-Index: openssl-1.0.1f/doc/ssl/SSL_read.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_read.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_read.pod 2014-02-28 10:23:15.303979188 +0200
-@@ -86,7 +86,7 @@
- The read operation was successful; the return value is the number of
- bytes actually read from the TLS/SSL connection.
-
--=item 0
-+=item Z<>0
-
- The read operation was not successful. The reason may either be a clean
- shutdown due to a "close notify" alert sent by the peer (in which case
-Index: openssl-1.0.1f/doc/ssl/SSL_session_reused.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_session_reused.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_session_reused.pod 2014-02-28 10:23:36.615979186 +0200
-@@ -27,11 +27,11 @@
-
- =over 4
-
--=item 0
-+=item Z<>0
-
- A new session was negotiated.
-
--=item 1
-+=item Z<>1
-
- A session was reused.
-
-Index: openssl-1.0.1f/doc/ssl/SSL_set_fd.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_set_fd.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_set_fd.pod 2014-02-28 10:23:57.599979183 +0200
-@@ -35,11 +35,11 @@
-
- =over 4
-
--=item 0
-+=item Z<>0
-
- The operation failed. Check the error stack to find out why.
-
--=item 1
-+=item Z<>1
-
- The operation succeeded.
-
-Index: openssl-1.0.1f/doc/ssl/SSL_set_session.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_set_session.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_set_session.pod 2014-02-28 10:24:16.943979181 +0200
-@@ -37,11 +37,11 @@
-
- =over 4
-
--=item 0
-+=item Z<>0
-
- The operation failed; check the error stack to find out the reason.
-
--=item 1
-+=item Z<>1
-
- The operation succeeded.
-
-Index: openssl-1.0.1f/doc/ssl/SSL_shutdown.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_shutdown.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_shutdown.pod 2014-02-28 10:25:03.623979175 +0200
-@@ -92,19 +92,19 @@
-
- =over 4
-
--=item 0
-+=item Z<>0
-
- The shutdown is not yet finished. Call SSL_shutdown() for a second time,
- if a bidirectional shutdown shall be performed.
- The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an
- erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.
-
--=item 1
-+=item Z<>1
-
- The shutdown was successfully completed. The "close notify" alert was sent
- and the peer's "close notify" alert was received.
-
--=item -1
-+=item Z<>-1
-
- The shutdown was not successful because a fatal error occurred either
- at the protocol level or a connection failure occurred. It can also occur if
-Index: openssl-1.0.1f/doc/ssl/SSL_write.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_write.pod 2014-01-06 15:47:42.000000000 +0200
-+++ openssl-1.0.1f/doc/ssl/SSL_write.pod 2014-02-28 10:25:36.031979168 +0200
-@@ -79,7 +79,7 @@
- The write operation was successful, the return value is the number of
- bytes actually written to the TLS/SSL connection.
-
--=item 0
-+=item Z<>0
-
- The write operation was not successful. Probably the underlying connection
- was closed. Call SSL_get_error() with the return value B<ret> to find out,
--- /dev/null
+Remove Makefile dependencies for test targets
+
+These are probably here because the executables aren't always built for
+other platforms (e.g. Windows); however we can safely assume they'll
+always be there. None of the other test targets have such dependencies
+and if we don't remove them, make tries to rebuild the executables and
+fails during run-ptest.
+
+Upstream-Status: Inappropriate [config]
+
+Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
+
+diff --git a/test/Makefile b/test/Makefile
+index e6fcfb4..5ae043b 100644
+--- a/test/Makefile
++++ b/test/Makefile
+@@ -322,11 +322,11 @@ test_cms:
+ @echo "CMS consistency test"
+ $(PERL) cms-test.pl
+
+-test_srp: $(SRPTEST)$(EXE_EXT)
++test_srp:
+ @echo "Test SRP"
+ ../util/shlib_wrap.sh ./srptest
+
+-test_heartbeat: $(HEARTBEATTEST)$(EXE_EXT)
++test_heartbeat:
+ ../util/shlib_wrap.sh ./$(HEARTBEATTEST)
+
+ lint:
--- /dev/null
+#!/bin/sh
+make -k runtest
