* [PATCH] openssl10: Fix mutliple include assumptions for bn.h in opensslconf.h
@ 2019-02-07 6:25 Khem Raj
2019-02-26 3:19 ` Denys Dmytriyenko
0 siblings, 1 reply; 6+ messages in thread
From: Khem Raj @ 2019-02-07 6:25 UTC (permalink / raw)
To: openembedded-core
After adding #pragma once to wrapper header ( opensslconf.h ) this
latent issue got to bite us, where it expect bn.h to be including
openssl.h to define BN_* defines, which is fragile. This patch removes
the contraints for nested includes for bn.h
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
.../0001-Fix-BN_LLONG-breakage.patch | 33 +++++++++++++++++++
.../openssl/openssl10_1.0.2q.bb | 1 +
2 files changed, 34 insertions(+)
create mode 100644 meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
diff --git a/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
new file mode 100644
index 0000000000..13d39c918c
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
@@ -0,0 +1,33 @@
+From 247b3188cde5f3347091cd54271127386d3aece0 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Wed, 6 Feb 2019 22:10:33 -0800
+Subject: [PATCH] Fix BN_LLONG breakage
+
+opensslconf.h is un-defining BN_LLONG only when included from bn.h which
+is not robust at all, especially when include guards are used and
+multiple inclusions of a given header is not allowed. so lets take out
+the nesting constraint and add OPENSSL_SYS_UEFI constraint instead
+
+Upstream-Status: Inappropriate [ fixed differently with OpenSSL 1.1+ ]
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ crypto/opensslconf.h.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in
+index 7a1c85d..a10c10f 100644
+--- a/crypto/opensslconf.h.in
++++ b/crypto/opensslconf.h.in
+@@ -56,7 +56,7 @@
+ #endif
+ #endif
+
+-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
++#if !defined(OPENSSL_SYS_UEFI) && !defined(CONFIG_HEADER_BN_H)
+ #define CONFIG_HEADER_BN_H
+ #undef BN_LLONG
+
+--
+2.20.1
+
diff --git a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
index 809634f6c0..88aefdea4f 100644
--- a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
+++ b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
@@ -40,6 +40,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
file://0001-Fix-build-with-clang-using-external-assembler.patch \
file://0001-openssl-force-soft-link-to-avoid-rare-race.patch \
file://0001-allow-manpages-to-be-disabled.patch \
+ file://0001-Fix-BN_LLONG-breakage.patch \
"
SRC_URI_append_class-target = " \
--
2.20.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] openssl10: Fix mutliple include assumptions for bn.h in opensslconf.h
2019-02-07 6:25 [PATCH] openssl10: Fix mutliple include assumptions for bn.h in opensslconf.h Khem Raj
@ 2019-02-26 3:19 ` Denys Dmytriyenko
2019-02-28 1:44 ` Denys Dmytriyenko
2019-02-28 1:51 ` Khem Raj
0 siblings, 2 replies; 6+ messages in thread
From: Denys Dmytriyenko @ 2019-02-26 3:19 UTC (permalink / raw)
To: Khem Raj, Richard Purdie; +Cc: openembedded-core
Khem, Richard,
Sorry for belated reply. I haven't had time for master yet, but since this
just got backported to thud, I'm seeing a similar breakage.
First of all, BN_LLONG not being defined does seem to be "fixed" by this
patch, but I'm not entirely sure why it now checks for OPENSSL_SYS_UEFI - this
seems to be a new define in OpenSSL 1.1, and doesn't even exist in OpenSSL 1.0
Is it a pure luck that it works now? Any hidden meaning I missded?
And it also breaks exactly the same for DES_LONG due to a similar construct:
#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
* %20 speed up (longs are 8 bytes, int's are 4). */
#ifndef DES_LONG
#define DES_LONG unsigned int
#endif
#endif
I was going to fix it similarly as BN_LLONG, but since I don't understand how
it was supposed to be fixed, I'm not sure how to fix DES_LONG not being
defined. Any ideas?
Thanks.
--
Denys
On Wed, Feb 06, 2019 at 10:25:26PM -0800, Khem Raj wrote:
> After adding #pragma once to wrapper header ( opensslconf.h ) this
> latent issue got to bite us, where it expect bn.h to be including
> openssl.h to define BN_* defines, which is fragile. This patch removes
> the contraints for nested includes for bn.h
>
> Signed-off-by: Khem Raj <raj.khem@gmail.com>
> ---
> .../0001-Fix-BN_LLONG-breakage.patch | 33 +++++++++++++++++++
> .../openssl/openssl10_1.0.2q.bb | 1 +
> 2 files changed, 34 insertions(+)
> create mode 100644 meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
>
> diff --git a/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
> new file mode 100644
> index 0000000000..13d39c918c
> --- /dev/null
> +++ b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
> @@ -0,0 +1,33 @@
> +From 247b3188cde5f3347091cd54271127386d3aece0 Mon Sep 17 00:00:00 2001
> +From: Khem Raj <raj.khem@gmail.com>
> +Date: Wed, 6 Feb 2019 22:10:33 -0800
> +Subject: [PATCH] Fix BN_LLONG breakage
> +
> +opensslconf.h is un-defining BN_LLONG only when included from bn.h which
> +is not robust at all, especially when include guards are used and
> +multiple inclusions of a given header is not allowed. so lets take out
> +the nesting constraint and add OPENSSL_SYS_UEFI constraint instead
> +
> +Upstream-Status: Inappropriate [ fixed differently with OpenSSL 1.1+ ]
> +
> +Signed-off-by: Khem Raj <raj.khem@gmail.com>
> +---
> + crypto/opensslconf.h.in | 2 +-
> + 1 file changed, 1 insertion(+), 1 deletion(-)
> +
> +diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in
> +index 7a1c85d..a10c10f 100644
> +--- a/crypto/opensslconf.h.in
> ++++ b/crypto/opensslconf.h.in
> +@@ -56,7 +56,7 @@
> + #endif
> + #endif
> +
> +-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
> ++#if !defined(OPENSSL_SYS_UEFI) && !defined(CONFIG_HEADER_BN_H)
> + #define CONFIG_HEADER_BN_H
> + #undef BN_LLONG
> +
> +--
> +2.20.1
> +
> diff --git a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
> index 809634f6c0..88aefdea4f 100644
> --- a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
> +++ b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
> @@ -40,6 +40,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
> file://0001-Fix-build-with-clang-using-external-assembler.patch \
> file://0001-openssl-force-soft-link-to-avoid-rare-race.patch \
> file://0001-allow-manpages-to-be-disabled.patch \
> + file://0001-Fix-BN_LLONG-breakage.patch \
> "
>
> SRC_URI_append_class-target = " \
> --
> 2.20.1
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] openssl10: Fix mutliple include assumptions for bn.h in opensslconf.h
2019-02-26 3:19 ` Denys Dmytriyenko
@ 2019-02-28 1:44 ` Denys Dmytriyenko
2019-02-28 1:51 ` Khem Raj
1 sibling, 0 replies; 6+ messages in thread
From: Denys Dmytriyenko @ 2019-02-28 1:44 UTC (permalink / raw)
To: Khem Raj, Richard Purdie; +Cc: openembedded-core
Ping. Any comments here? Thanks!
On Mon, Feb 25, 2019 at 10:19:51PM -0500, Denys Dmytriyenko wrote:
> Khem, Richard,
>
> Sorry for belated reply. I haven't had time for master yet, but since this
> just got backported to thud, I'm seeing a similar breakage.
>
> First of all, BN_LLONG not being defined does seem to be "fixed" by this
> patch, but I'm not entirely sure why it now checks for OPENSSL_SYS_UEFI - this
> seems to be a new define in OpenSSL 1.1, and doesn't even exist in OpenSSL 1.0
> Is it a pure luck that it works now? Any hidden meaning I missded?
>
> And it also breaks exactly the same for DES_LONG due to a similar construct:
>
>
> #if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
> /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
> * %20 speed up (longs are 8 bytes, int's are 4). */
> #ifndef DES_LONG
> #define DES_LONG unsigned int
> #endif
> #endif
>
>
> I was going to fix it similarly as BN_LLONG, but since I don't understand how
> it was supposed to be fixed, I'm not sure how to fix DES_LONG not being
> defined. Any ideas?
>
> Thanks.
>
> --
> Denys
>
>
> On Wed, Feb 06, 2019 at 10:25:26PM -0800, Khem Raj wrote:
> > After adding #pragma once to wrapper header ( opensslconf.h ) this
> > latent issue got to bite us, where it expect bn.h to be including
> > openssl.h to define BN_* defines, which is fragile. This patch removes
> > the contraints for nested includes for bn.h
> >
> > Signed-off-by: Khem Raj <raj.khem@gmail.com>
> > ---
> > .../0001-Fix-BN_LLONG-breakage.patch | 33 +++++++++++++++++++
> > .../openssl/openssl10_1.0.2q.bb | 1 +
> > 2 files changed, 34 insertions(+)
> > create mode 100644 meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
> >
> > diff --git a/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
> > new file mode 100644
> > index 0000000000..13d39c918c
> > --- /dev/null
> > +++ b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
> > @@ -0,0 +1,33 @@
> > +From 247b3188cde5f3347091cd54271127386d3aece0 Mon Sep 17 00:00:00 2001
> > +From: Khem Raj <raj.khem@gmail.com>
> > +Date: Wed, 6 Feb 2019 22:10:33 -0800
> > +Subject: [PATCH] Fix BN_LLONG breakage
> > +
> > +opensslconf.h is un-defining BN_LLONG only when included from bn.h which
> > +is not robust at all, especially when include guards are used and
> > +multiple inclusions of a given header is not allowed. so lets take out
> > +the nesting constraint and add OPENSSL_SYS_UEFI constraint instead
> > +
> > +Upstream-Status: Inappropriate [ fixed differently with OpenSSL 1.1+ ]
> > +
> > +Signed-off-by: Khem Raj <raj.khem@gmail.com>
> > +---
> > + crypto/opensslconf.h.in | 2 +-
> > + 1 file changed, 1 insertion(+), 1 deletion(-)
> > +
> > +diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in
> > +index 7a1c85d..a10c10f 100644
> > +--- a/crypto/opensslconf.h.in
> > ++++ b/crypto/opensslconf.h.in
> > +@@ -56,7 +56,7 @@
> > + #endif
> > + #endif
> > +
> > +-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
> > ++#if !defined(OPENSSL_SYS_UEFI) && !defined(CONFIG_HEADER_BN_H)
> > + #define CONFIG_HEADER_BN_H
> > + #undef BN_LLONG
> > +
> > +--
> > +2.20.1
> > +
> > diff --git a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
> > index 809634f6c0..88aefdea4f 100644
> > --- a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
> > +++ b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
> > @@ -40,6 +40,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
> > file://0001-Fix-build-with-clang-using-external-assembler.patch \
> > file://0001-openssl-force-soft-link-to-avoid-rare-race.patch \
> > file://0001-allow-manpages-to-be-disabled.patch \
> > + file://0001-Fix-BN_LLONG-breakage.patch \
> > "
> >
> > SRC_URI_append_class-target = " \
> > --
> > 2.20.1
> >
> > --
> > _______________________________________________
> > Openembedded-core mailing list
> > Openembedded-core@lists.openembedded.org
> > http://lists.openembedded.org/mailman/listinfo/openembedded-core
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] openssl10: Fix mutliple include assumptions for bn.h in opensslconf.h
2019-02-26 3:19 ` Denys Dmytriyenko
2019-02-28 1:44 ` Denys Dmytriyenko
@ 2019-02-28 1:51 ` Khem Raj
2019-03-01 17:35 ` Denys Dmytriyenko
1 sibling, 1 reply; 6+ messages in thread
From: Khem Raj @ 2019-02-28 1:51 UTC (permalink / raw)
To: Denys Dmytriyenko; +Cc: Patches and discussions about the oe-core layer
On Mon, Feb 25, 2019 at 7:19 PM Denys Dmytriyenko <denis@denix.org> wrote:
>
> Khem, Richard,
>
> Sorry for belated reply. I haven't had time for master yet, but since this
> just got backported to thud, I'm seeing a similar breakage.
>
> First of all, BN_LLONG not being defined does seem to be "fixed" by this
> patch, but I'm not entirely sure why it now checks for OPENSSL_SYS_UEFI - this
> seems to be a new define in OpenSSL 1.1, and doesn't even exist in OpenSSL 1.0
> Is it a pure luck that it works now? Any hidden meaning I missded?
>
We don't have to, but then we might have uefi to compile so thats why its
there.
> And it also breaks exactly the same for DES_LONG due to a similar construct:
yeah the header nesting is a nightmare in openssl 1.0, it is a bit better
in 1.1, a lot of these recursions are fixed. but backporting then completely
to 1.0 is not an option, so we have to do tweaks that sustains the build.
>
>
> #if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
> /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
> * %20 speed up (longs are 8 bytes, int's are 4). */
> #ifndef DES_LONG
> #define DES_LONG unsigned int
> #endif
> #endif
>
>
> I was going to fix it similarly as BN_LLONG, but since I don't understand how
> it was supposed to be fixed, I'm not sure how to fix DES_LONG not being
> defined. Any ideas?
>
> Thanks.
>
> --
> Denys
>
>
> On Wed, Feb 06, 2019 at 10:25:26PM -0800, Khem Raj wrote:
> > After adding #pragma once to wrapper header ( opensslconf.h ) this
> > latent issue got to bite us, where it expect bn.h to be including
> > openssl.h to define BN_* defines, which is fragile. This patch removes
> > the contraints for nested includes for bn.h
> >
> > Signed-off-by: Khem Raj <raj.khem@gmail.com>
> > ---
> > .../0001-Fix-BN_LLONG-breakage.patch | 33 +++++++++++++++++++
> > .../openssl/openssl10_1.0.2q.bb | 1 +
> > 2 files changed, 34 insertions(+)
> > create mode 100644 meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
> >
> > diff --git a/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
> > new file mode 100644
> > index 0000000000..13d39c918c
> > --- /dev/null
> > +++ b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
> > @@ -0,0 +1,33 @@
> > +From 247b3188cde5f3347091cd54271127386d3aece0 Mon Sep 17 00:00:00 2001
> > +From: Khem Raj <raj.khem@gmail.com>
> > +Date: Wed, 6 Feb 2019 22:10:33 -0800
> > +Subject: [PATCH] Fix BN_LLONG breakage
> > +
> > +opensslconf.h is un-defining BN_LLONG only when included from bn.h which
> > +is not robust at all, especially when include guards are used and
> > +multiple inclusions of a given header is not allowed. so lets take out
> > +the nesting constraint and add OPENSSL_SYS_UEFI constraint instead
> > +
> > +Upstream-Status: Inappropriate [ fixed differently with OpenSSL 1.1+ ]
> > +
> > +Signed-off-by: Khem Raj <raj.khem@gmail.com>
> > +---
> > + crypto/opensslconf.h.in | 2 +-
> > + 1 file changed, 1 insertion(+), 1 deletion(-)
> > +
> > +diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in
> > +index 7a1c85d..a10c10f 100644
> > +--- a/crypto/opensslconf.h.in
> > ++++ b/crypto/opensslconf.h.in
> > +@@ -56,7 +56,7 @@
> > + #endif
> > + #endif
> > +
> > +-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
> > ++#if !defined(OPENSSL_SYS_UEFI) && !defined(CONFIG_HEADER_BN_H)
> > + #define CONFIG_HEADER_BN_H
> > + #undef BN_LLONG
> > +
> > +--
> > +2.20.1
> > +
> > diff --git a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
> > index 809634f6c0..88aefdea4f 100644
> > --- a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
> > +++ b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
> > @@ -40,6 +40,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
> > file://0001-Fix-build-with-clang-using-external-assembler.patch \
> > file://0001-openssl-force-soft-link-to-avoid-rare-race.patch \
> > file://0001-allow-manpages-to-be-disabled.patch \
> > + file://0001-Fix-BN_LLONG-breakage.patch \
> > "
> >
> > SRC_URI_append_class-target = " \
> > --
> > 2.20.1
> >
> > --
> > _______________________________________________
> > Openembedded-core mailing list
> > Openembedded-core@lists.openembedded.org
> > http://lists.openembedded.org/mailman/listinfo/openembedded-core
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] openssl10: Fix mutliple include assumptions for bn.h in opensslconf.h
2019-02-28 1:51 ` Khem Raj
@ 2019-03-01 17:35 ` Denys Dmytriyenko
2019-03-01 17:40 ` Khem Raj
0 siblings, 1 reply; 6+ messages in thread
From: Denys Dmytriyenko @ 2019-03-01 17:35 UTC (permalink / raw)
To: Khem Raj; +Cc: Patches and discussions about the oe-core layer
On Wed, Feb 27, 2019 at 05:51:23PM -0800, Khem Raj wrote:
> On Mon, Feb 25, 2019 at 7:19 PM Denys Dmytriyenko <denis@denix.org> wrote:
> >
> > Khem, Richard,
> >
> > Sorry for belated reply. I haven't had time for master yet, but since this
> > just got backported to thud, I'm seeing a similar breakage.
> >
> > First of all, BN_LLONG not being defined does seem to be "fixed" by this
> > patch, but I'm not entirely sure why it now checks for OPENSSL_SYS_UEFI - this
> > seems to be a new define in OpenSSL 1.1, and doesn't even exist in OpenSSL 1.0
> > Is it a pure luck that it works now? Any hidden meaning I missded?
> >
>
> We don't have to, but then we might have uefi to compile so thats why its
> there.
Where is OPENSSL_SYS_UEFI supposed to be defined?
There are 0 references to it in OpenSSL 1.0 code base. It appears to be
introduced only in OpenSSL 1.1, since there are several references there.
Hence my earlier question about whether it should be used here in the patch
for 1.0.2q
> > And it also breaks exactly the same for DES_LONG due to a similar construct:
>
> yeah the header nesting is a nightmare in openssl 1.0, it is a bit better
> in 1.1, a lot of these recursions are fixed. but backporting then completely
> to 1.0 is not an option, so we have to do tweaks that sustains the build.
>
> >
> >
> > #if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
> > /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
> > * %20 speed up (longs are 8 bytes, int's are 4). */
> > #ifndef DES_LONG
> > #define DES_LONG unsigned int
> > #endif
> > #endif
Would you recommend doing the same change here to fix DES_LONG not being
defined due to nested header inclusion?
> > I was going to fix it similarly as BN_LLONG, but since I don't understand how
> > it was supposed to be fixed, I'm not sure how to fix DES_LONG not being
> > defined. Any ideas?
> >
> > Thanks.
> >
> > --
> > Denys
> >
> >
> > On Wed, Feb 06, 2019 at 10:25:26PM -0800, Khem Raj wrote:
> > > After adding #pragma once to wrapper header ( opensslconf.h ) this
> > > latent issue got to bite us, where it expect bn.h to be including
> > > openssl.h to define BN_* defines, which is fragile. This patch removes
> > > the contraints for nested includes for bn.h
> > >
> > > Signed-off-by: Khem Raj <raj.khem@gmail.com>
> > > ---
> > > .../0001-Fix-BN_LLONG-breakage.patch | 33 +++++++++++++++++++
> > > .../openssl/openssl10_1.0.2q.bb | 1 +
> > > 2 files changed, 34 insertions(+)
> > > create mode 100644 meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
> > >
> > > diff --git a/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
> > > new file mode 100644
> > > index 0000000000..13d39c918c
> > > --- /dev/null
> > > +++ b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
> > > @@ -0,0 +1,33 @@
> > > +From 247b3188cde5f3347091cd54271127386d3aece0 Mon Sep 17 00:00:00 2001
> > > +From: Khem Raj <raj.khem@gmail.com>
> > > +Date: Wed, 6 Feb 2019 22:10:33 -0800
> > > +Subject: [PATCH] Fix BN_LLONG breakage
> > > +
> > > +opensslconf.h is un-defining BN_LLONG only when included from bn.h which
> > > +is not robust at all, especially when include guards are used and
> > > +multiple inclusions of a given header is not allowed. so lets take out
> > > +the nesting constraint and add OPENSSL_SYS_UEFI constraint instead
> > > +
> > > +Upstream-Status: Inappropriate [ fixed differently with OpenSSL 1.1+ ]
> > > +
> > > +Signed-off-by: Khem Raj <raj.khem@gmail.com>
> > > +---
> > > + crypto/opensslconf.h.in | 2 +-
> > > + 1 file changed, 1 insertion(+), 1 deletion(-)
> > > +
> > > +diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in
> > > +index 7a1c85d..a10c10f 100644
> > > +--- a/crypto/opensslconf.h.in
> > > ++++ b/crypto/opensslconf.h.in
> > > +@@ -56,7 +56,7 @@
> > > + #endif
> > > + #endif
> > > +
> > > +-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
> > > ++#if !defined(OPENSSL_SYS_UEFI) && !defined(CONFIG_HEADER_BN_H)
> > > + #define CONFIG_HEADER_BN_H
> > > + #undef BN_LLONG
> > > +
> > > +--
> > > +2.20.1
> > > +
> > > diff --git a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
> > > index 809634f6c0..88aefdea4f 100644
> > > --- a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
> > > +++ b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
> > > @@ -40,6 +40,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
> > > file://0001-Fix-build-with-clang-using-external-assembler.patch \
> > > file://0001-openssl-force-soft-link-to-avoid-rare-race.patch \
> > > file://0001-allow-manpages-to-be-disabled.patch \
> > > + file://0001-Fix-BN_LLONG-breakage.patch \
> > > "
> > >
> > > SRC_URI_append_class-target = " \
> > > --
> > > 2.20.1
> > >
> > > --
> > > _______________________________________________
> > > Openembedded-core mailing list
> > > Openembedded-core@lists.openembedded.org
> > > http://lists.openembedded.org/mailman/listinfo/openembedded-core
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] openssl10: Fix mutliple include assumptions for bn.h in opensslconf.h
2019-03-01 17:35 ` Denys Dmytriyenko
@ 2019-03-01 17:40 ` Khem Raj
0 siblings, 0 replies; 6+ messages in thread
From: Khem Raj @ 2019-03-01 17:40 UTC (permalink / raw)
To: Denys Dmytriyenko; +Cc: Patches and discussions about the oe-core layer
On Fri, Mar 1, 2019 at 9:35 AM Denys Dmytriyenko <denis@denix.org> wrote:
>
> On Wed, Feb 27, 2019 at 05:51:23PM -0800, Khem Raj wrote:
> > On Mon, Feb 25, 2019 at 7:19 PM Denys Dmytriyenko <denis@denix.org> wrote:
> > >
> > > Khem, Richard,
> > >
> > > Sorry for belated reply. I haven't had time for master yet, but since this
> > > just got backported to thud, I'm seeing a similar breakage.
> > >
> > > First of all, BN_LLONG not being defined does seem to be "fixed" by this
> > > patch, but I'm not entirely sure why it now checks for OPENSSL_SYS_UEFI - this
> > > seems to be a new define in OpenSSL 1.1, and doesn't even exist in OpenSSL 1.0
> > > Is it a pure luck that it works now? Any hidden meaning I missded?
> > >
> >
> > We don't have to, but then we might have uefi to compile so thats why its
> > there.
>
> Where is OPENSSL_SYS_UEFI supposed to be defined?
>
some apps like uefi can do that.
> There are 0 references to it in OpenSSL 1.0 code base. It appears to be
> introduced only in OpenSSL 1.1, since there are several references there.
>
> Hence my earlier question about whether it should be used here in the patch
> for 1.0.2q
>
>
> > > And it also breaks exactly the same for DES_LONG due to a similar construct:
> >
> > yeah the header nesting is a nightmare in openssl 1.0, it is a bit better
> > in 1.1, a lot of these recursions are fixed. but backporting then completely
> > to 1.0 is not an option, so we have to do tweaks that sustains the build.
> >
> > >
> > >
> > > #if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
> > > /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
> > > * %20 speed up (longs are 8 bytes, int's are 4). */
> > > #ifndef DES_LONG
> > > #define DES_LONG unsigned int
> > > #endif
> > > #endif
>
> Would you recommend doing the same change here to fix DES_LONG not being
> defined due to nested header inclusion?
>
>
> > > I was going to fix it similarly as BN_LLONG, but since I don't understand how
> > > it was supposed to be fixed, I'm not sure how to fix DES_LONG not being
> > > defined. Any ideas?
> > >
> > > Thanks.
> > >
> > > --
> > > Denys
> > >
> > >
> > > On Wed, Feb 06, 2019 at 10:25:26PM -0800, Khem Raj wrote:
> > > > After adding #pragma once to wrapper header ( opensslconf.h ) this
> > > > latent issue got to bite us, where it expect bn.h to be including
> > > > openssl.h to define BN_* defines, which is fragile. This patch removes
> > > > the contraints for nested includes for bn.h
> > > >
> > > > Signed-off-by: Khem Raj <raj.khem@gmail.com>
> > > > ---
> > > > .../0001-Fix-BN_LLONG-breakage.patch | 33 +++++++++++++++++++
> > > > .../openssl/openssl10_1.0.2q.bb | 1 +
> > > > 2 files changed, 34 insertions(+)
> > > > create mode 100644 meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
> > > >
> > > > diff --git a/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
> > > > new file mode 100644
> > > > index 0000000000..13d39c918c
> > > > --- /dev/null
> > > > +++ b/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch
> > > > @@ -0,0 +1,33 @@
> > > > +From 247b3188cde5f3347091cd54271127386d3aece0 Mon Sep 17 00:00:00 2001
> > > > +From: Khem Raj <raj.khem@gmail.com>
> > > > +Date: Wed, 6 Feb 2019 22:10:33 -0800
> > > > +Subject: [PATCH] Fix BN_LLONG breakage
> > > > +
> > > > +opensslconf.h is un-defining BN_LLONG only when included from bn.h which
> > > > +is not robust at all, especially when include guards are used and
> > > > +multiple inclusions of a given header is not allowed. so lets take out
> > > > +the nesting constraint and add OPENSSL_SYS_UEFI constraint instead
> > > > +
> > > > +Upstream-Status: Inappropriate [ fixed differently with OpenSSL 1.1+ ]
> > > > +
> > > > +Signed-off-by: Khem Raj <raj.khem@gmail.com>
> > > > +---
> > > > + crypto/opensslconf.h.in | 2 +-
> > > > + 1 file changed, 1 insertion(+), 1 deletion(-)
> > > > +
> > > > +diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in
> > > > +index 7a1c85d..a10c10f 100644
> > > > +--- a/crypto/opensslconf.h.in
> > > > ++++ b/crypto/opensslconf.h.in
> > > > +@@ -56,7 +56,7 @@
> > > > + #endif
> > > > + #endif
> > > > +
> > > > +-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
> > > > ++#if !defined(OPENSSL_SYS_UEFI) && !defined(CONFIG_HEADER_BN_H)
> > > > + #define CONFIG_HEADER_BN_H
> > > > + #undef BN_LLONG
> > > > +
> > > > +--
> > > > +2.20.1
> > > > +
> > > > diff --git a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
> > > > index 809634f6c0..88aefdea4f 100644
> > > > --- a/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
> > > > +++ b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb
> > > > @@ -40,6 +40,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
> > > > file://0001-Fix-build-with-clang-using-external-assembler.patch \
> > > > file://0001-openssl-force-soft-link-to-avoid-rare-race.patch \
> > > > file://0001-allow-manpages-to-be-disabled.patch \
> > > > + file://0001-Fix-BN_LLONG-breakage.patch \
> > > > "
> > > >
> > > > SRC_URI_append_class-target = " \
> > > > --
> > > > 2.20.1
> > > >
> > > > --
> > > > _______________________________________________
> > > > Openembedded-core mailing list
> > > > Openembedded-core@lists.openembedded.org
> > > > http://lists.openembedded.org/mailman/listinfo/openembedded-core
> >
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2019-03-01 17:40 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-02-07 6:25 [PATCH] openssl10: Fix mutliple include assumptions for bn.h in opensslconf.h Khem Raj
2019-02-26 3:19 ` Denys Dmytriyenko
2019-02-28 1:44 ` Denys Dmytriyenko
2019-02-28 1:51 ` Khem Raj
2019-03-01 17:35 ` Denys Dmytriyenko
2019-03-01 17:40 ` Khem Raj
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.