From a31e28ae0ca3e0d5ea6cb0c648c9e17bd19bcd00 Mon Sep 17 00:00:00 2001
From: cyrus <cyrus@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Date: Mon, 9 Feb 2015 12:13:06 +0000
Subject: [PATCH] openssl: bump to 1.0.2

Fixes CVE-2014-3513, CVE-2014-3567, CVE-2014-3568, CVE-2014-3566

Signed-off-by: Steven Barth <steven@midlink.org>

git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44347 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
 package/libs/openssl/Makefile                 |  4 ++--
 .../patches/110-optimize-for-size.patch       |  2 +-
 .../libs/openssl/patches/130-perl-path.patch  |  2 +-
 .../openssl/patches/140-makefile-dirs.patch   |  2 +-
 .../libs/openssl/patches/150-no_engines.patch |  2 +-
 .../patches/160-disable_doc_tests.patch       | 12 +++++-----
 .../patches/190-remove_timestamp_check.patch  |  8 +++----
 .../openssl/patches/200-parallel_build.patch  | 24 +++++++++----------
 .../openssl/patches/210-termios_fix.patch     |  2 +-
 9 files changed, 29 insertions(+), 29 deletions(-)

diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile
index abf7102..860395e 100644
--- a/package/libs/openssl/Makefile
+++ b/package/libs/openssl/Makefile
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openssl
-PKG_VERSION:=1.0.1k
+PKG_VERSION:=1.0.2
 PKG_RELEASE:=1
 PKG_USE_MIPS16:=0
 
@@ -18,7 +18,7 @@ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://www.openssl.org/source/ \
 	ftp://ftp.funet.fi/pub/crypt/mirrors/ftp.openssl.org/source \
 	ftp://ftp.sunet.se/pub/security/tools/net/openssl/source/
-PKG_MD5SUM:=d4f002bd22a56881340105028842ae1f
+PKG_MD5SUM:=38373013fc85c790aabf8837969c5eba
 
 PKG_LICENSE:=SSLEAY OPENSSL
 PKG_LICENSE_FILES:=LICENSE
diff --git a/package/libs/openssl/patches/110-optimize-for-size.patch b/package/libs/openssl/patches/110-optimize-for-size.patch
index d6cf2b5..cf173fc 100644
--- a/package/libs/openssl/patches/110-optimize-for-size.patch
+++ b/package/libs/openssl/patches/110-optimize-for-size.patch
@@ -1,6 +1,6 @@
 --- a/Configure
 +++ b/Configure
-@@ -403,6 +403,10 @@ my %table=(
+@@ -443,6 +443,10 @@ my %table=(
  "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
  "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
  
diff --git a/package/libs/openssl/patches/130-perl-path.patch b/package/libs/openssl/patches/130-perl-path.patch
index dd4fa54..2dbdc76 100644
--- a/package/libs/openssl/patches/130-perl-path.patch
+++ b/package/libs/openssl/patches/130-perl-path.patch
@@ -12,8 +12,8 @@
 -#!/usr/local/bin/perl
 +#!/usr/bin/perl
  
- 
  # Perl c_rehash script, scan all files in a directory
+ # and add symbolic links to their hash values.
 --- a/util/clean-depend.pl
 +++ b/util/clean-depend.pl
 @@ -1,4 +1,4 @@
diff --git a/package/libs/openssl/patches/140-makefile-dirs.patch b/package/libs/openssl/patches/140-makefile-dirs.patch
index b51ca28..7503dfc 100644
--- a/package/libs/openssl/patches/140-makefile-dirs.patch
+++ b/package/libs/openssl/patches/140-makefile-dirs.patch
@@ -1,6 +1,6 @@
 --- a/Makefile.org
 +++ b/Makefile.org
-@@ -135,7 +135,7 @@ FIPSCANLIB=
+@@ -136,7 +136,7 @@ FIPSCANLIB=
  
  BASEADDR=
  
diff --git a/package/libs/openssl/patches/150-no_engines.patch b/package/libs/openssl/patches/150-no_engines.patch
index 007ac2a..89af381 100644
--- a/package/libs/openssl/patches/150-no_engines.patch
+++ b/package/libs/openssl/patches/150-no_engines.patch
@@ -1,6 +1,6 @@
 --- a/Configure
 +++ b/Configure
-@@ -2016,6 +2016,11 @@ EOF
+@@ -2074,6 +2074,11 @@ EOF
  	close(OUT);
    }
    
diff --git a/package/libs/openssl/patches/160-disable_doc_tests.patch b/package/libs/openssl/patches/160-disable_doc_tests.patch
index 54f58fb..e31ffa5 100644
--- a/package/libs/openssl/patches/160-disable_doc_tests.patch
+++ b/package/libs/openssl/patches/160-disable_doc_tests.patch
@@ -1,6 +1,6 @@
 --- a/Makefile
 +++ b/Makefile
-@@ -137,7 +137,7 @@ FIPSCANLIB=
+@@ -138,7 +138,7 @@ FIPSCANLIB=
  
  BASEADDR=0xFB00000
  
@@ -9,7 +9,7 @@
  ENGDIRS= ccgost
  SHLIBDIRS= crypto ssl
  
-@@ -155,7 +155,7 @@ SDIRS=  \
+@@ -156,7 +156,7 @@ SDIRS=  \
  
  # tests to perform.  "alltests" is a special word indicating that all tests
  # should be performed.
@@ -18,7 +18,7 @@
  
  MAKEFILE= Makefile
  
-@@ -169,7 +169,7 @@ SHELL=/bin/sh
+@@ -170,7 +170,7 @@ SHELL=/bin/sh
  
  TOP=    .
  ONEDIRS=out tmp
@@ -27,7 +27,7 @@
  WDIRS=  windows
  LIBS=   libcrypto.a libssl.a
  SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
-@@ -270,7 +270,7 @@ reflect:
+@@ -271,7 +271,7 @@ reflect:
  	@[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
  
  sub_all: build_all
@@ -36,7 +36,7 @@
  
  build_libs: build_crypto build_ssl build_engines
  
-@@ -540,7 +540,7 @@ dist:
+@@ -538,7 +538,7 @@ dist:
  dist_pem_h:
  	(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
  
@@ -47,7 +47,7 @@
  	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
 --- a/Makefile.org
 +++ b/Makefile.org
-@@ -538,7 +538,7 @@ dist:
+@@ -536,7 +536,7 @@ dist:
  dist_pem_h:
  	(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
  
diff --git a/package/libs/openssl/patches/190-remove_timestamp_check.patch b/package/libs/openssl/patches/190-remove_timestamp_check.patch
index 4600688..86b17d0 100644
--- a/package/libs/openssl/patches/190-remove_timestamp_check.patch
+++ b/package/libs/openssl/patches/190-remove_timestamp_check.patch
@@ -1,6 +1,6 @@
 --- a/Makefile.org
 +++ b/Makefile.org
-@@ -184,7 +184,7 @@ WTARFILE=       $(NAME)-win.tar
+@@ -185,7 +185,7 @@ WTARFILE=       $(NAME)-win.tar
  EXHEADER=       e_os2.h
  HEADER=         e_os.h
  
@@ -9,9 +9,9 @@
  
  # as we stick to -e, CLEARENV ensures that local variables in lower
  # Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
-@@ -397,11 +397,6 @@ openssl.pc: Makefile
- 	    echo 'Libs.private: $(EX_LIBS)'; \
- 	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
+@@ -395,11 +395,6 @@ openssl.pc: Makefile
+ 	    echo 'Version: '$(VERSION); \
+ 	    echo 'Requires: libssl libcrypto' ) > openssl.pc
  
 -Makefile: Makefile.org Configure config
 -	@echo "Makefile is older than Makefile.org, Configure or config."
diff --git a/package/libs/openssl/patches/200-parallel_build.patch b/package/libs/openssl/patches/200-parallel_build.patch
index b63e5ee..0416eab 100644
--- a/package/libs/openssl/patches/200-parallel_build.patch
+++ b/package/libs/openssl/patches/200-parallel_build.patch
@@ -1,6 +1,6 @@
 --- a/Makefile.org
 +++ b/Makefile.org
-@@ -273,17 +273,17 @@ build_all: build_libs build_apps build_t
+@@ -274,17 +274,17 @@ build_all: build_libs build_apps build_t
  build_libs: build_crypto build_ssl build_engines
  
  build_crypto:
@@ -29,7 +29,7 @@
  
  all_testapps: build_libs build_testapps
  build_testapps:
-@@ -455,7 +455,7 @@ report:
+@@ -453,7 +453,7 @@ report:
  	@$(PERL) util/selftest.pl
  
  depend:
@@ -38,7 +38,7 @@
  
  lint:
  	@set -e; target=lint; $(RECURSIVE_BUILD_CMD)
-@@ -533,9 +533,9 @@ dist:
+@@ -531,9 +531,9 @@ dist:
  dist_pem_h:
  	(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
  
@@ -50,7 +50,7 @@
  	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
  		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
  		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
-@@ -544,12 +544,19 @@ install_sw:
+@@ -542,12 +542,19 @@ install_sw:
  		$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
  		$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
  		$(INSTALL_PREFIX)$(OPENSSLDIR)/private
@@ -71,7 +71,7 @@
  	@set -e; liblist="$(LIBS)"; for i in $$liblist ;\
  	do \
  		if [ -f "$$i" ]; then \
-@@ -629,12 +636,7 @@ install_html_docs:
+@@ -631,12 +638,7 @@ install_html_docs:
  		done; \
  	done
  
@@ -105,7 +105,7 @@
 +	+@target=all; $(RECURSIVE_MAKE)
  
  files:
- 	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+ 	$(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO
 -	@target=files; $(RECURSIVE_MAKE)
 +	+@target=files; $(RECURSIVE_MAKE)
  
@@ -118,7 +118,7 @@
 -$(LIB):	$(LIBOBJ)
 +$(LIB):	$(LIBOBJ) | subdirs
  	$(AR) $(LIB) $(LIBOBJ)
- 	[ -z "$(FIPSLIBDIR)" ] || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
+ 	test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
  	$(RANLIB) $(LIB) || echo Never mind.
 @@ -111,7 +111,7 @@ shared: buildinf.h lib subdirs
  	fi
@@ -169,7 +169,7 @@
  	ctags $(SRC)
 --- a/test/Makefile
 +++ b/test/Makefile
-@@ -129,7 +129,7 @@ install:
+@@ -132,7 +132,7 @@ install:
  tags:
  	ctags $(SRC)
  
@@ -178,7 +178,7 @@
  
  apps:
  	@(cd ..; $(MAKE) DIRS=apps all)
-@@ -384,109 +384,109 @@ BUILD_CMD_STATIC=shlib_target=; \
+@@ -398,109 +398,109 @@ BUILD_CMD_STATIC=shlib_target=; \
  		link_app.$${shlib_target}
  
  $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
@@ -321,9 +321,9 @@
 -	@target=$(SRPTEST); $(BUILD_CMD)
 +	+@target=$(SRPTEST); $(BUILD_CMD)
  
- $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO)
- 	@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
-@@ -505,7 +505,7 @@ $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMET
+ $(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO)
+ 	@target=$(V3NAMETEST); $(BUILD_CMD)
+@@ -522,7 +522,7 @@ $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMET
  #	fi
  
  dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
diff --git a/package/libs/openssl/patches/210-termios_fix.patch b/package/libs/openssl/patches/210-termios_fix.patch
index f14960c..957c5cf 100644
--- a/package/libs/openssl/patches/210-termios_fix.patch
+++ b/package/libs/openssl/patches/210-termios_fix.patch
@@ -1,6 +1,6 @@
 --- a/crypto/ui/ui_openssl.c
 +++ b/crypto/ui/ui_openssl.c
-@@ -190,7 +190,7 @@
+@@ -194,7 +194,7 @@
  # undef  SGTTY
  #endif
  
-- 
2.35.1