[From nobody Thu Jun 25 05:55:08 2020 Received: from sonic307-55.consmr.mail.gq1.yahoo.com ([98.137.64.31]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1hIbyF-0005X1-Dq for openwrt-devel@lists.openwrt.org; Mon, 22 Apr 2019 16:39:08 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1555951133; bh=j8/0dfG7ZiGOm32Xw/n+N5W6jc8KXN7CtCfGSYoBlCg=; h=From:To:Cc:Subject:Date:From:Subject; b=BpnBQhTEM3V3AnqqrqndHxPtBXJrGxOFMlZhFB3uhOpusqovok3pv35Fi9YAM3VxPfpNCVGpJMIszkdlmljTU3bFhW/Ckhc1ite7mNlim+TdC9zPLBAvKibG7B+iXlcJk6KL2x+ROWNT8LONBpEaTio9FfFmVFip1UW/mlf5MNm8sCAgyc0mx5HLpZJuji8OvPaeVa3ZsrO5NfQdBasUBwM+0GhmmnQXsN7W7IY1U2IB/nRVDQrx6HrithpkNv49rSQM6IgAwO1IeXc6PmSqB6K10WQ/K2lRrf84VgoytAV6F40NhgjRVrjIsC6GDkZu/VuaQDDUcjA4Fau3/0csLw== X-YMail-OSG: X01kVoEVM1m4Sv7xmeKmwIPJShZqMe3q66hIaTKYb6Q.b5JuphB8xxKp6FM_Fl. _hhXDbiOnM_KZnRDXNNmPT3S1jKMmlYuxMgfsCHMwLhatPWFKRHmu03ZZLZLJpu_W4_OQBwLH3ji SEOcpJQwlra44rFNavTt0Y9QcFiqp2XwHdng6eEzXopnMYDc5FyoOWDAUuWkd.jvLxsDmm7Gkey_ 0Fn4EQENOStN6G_4Ld4P2mw_jcfxbLaJF.ynOThDmcNQ7oFu1VXBEyVLUTxBN.eqCl27p21JuJtM 3joBhprzunjjjvtU6nKJdQEksrleYTX9vv5tF6WllDxLk0o.FZOsl9vuVr0IkDPy6A88FRLVEBtv BkrarC7io7lXu.5u_R8LefbWkez_AQjdT1NMQpubTo5m9GC1P5mPc231k05twivlvVUX3vaKVVv6 oM6ZAv7dYHTHGNe10l0KvukdMeq_5mzZrcSKt_WTi6UVq5FAhSqPa6VbuwTQm8H2duc8MfOHCCQC 7wvFa7MmvEmw4Eq7Rbk16ygYY5dGexRjohg0qveVljKrz1PWCojRJpH..AchlNBMGZ6Rl81EiZIM FxReU2VAKmRbWrToXz6i3m5tqNJZjRyFBlospy7inLETY9YbGPhQ0KKeud3LxjNthUTBx1Ix1JDJ h72Q8Mc_ym7J5A3R6ksOOOH44rQPA5PbsAIoFYxtft4ePZHUpnHY2HDXxbdZaK1y0hVjBEWFfZwO CW3M01WuHcDe4xQ2K5kgH7sYPfRbfgsKh7h3YSELHlZzwcTivmympf6a1sL_HPxEmkdrgu7O0pWq UlOhY93ad3MAtVQFNgHpCdH3nAM_sGilMGqVjI8JOZs4GIyZ_Vd5lwokViv13G73.JMCnITOmlnX lJP4crjIzUPAipHxfZeTm__9gqPHcg.O4VFCaFarCj4Nb38WXF0y9MPMyen7hqwmN7CHjaljTKLp 7g5Vbe10fVZP2UrImrx7Dns14KLn_XY3Eevn..UB2BBSXZabcScPPIaPjYoVJAEb7dqOm5qoOIs0 vQdKbTkZ34pLVd7YDv3T2TMkGYBcRBtR.SZqhs5JBiV4nN0f8D2dyMTXIgLyFoOs3bLtTz_8wa5U - Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.gq1.yahoo.com with HTTP; Mon, 22 Apr 2019 16:38:53 +0000 Received: from 18.175.75.177.infopasa.com.br (EHLO gateway.troianet.com.br) ([177.75.175.18]) by smtp416.mail.gq1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 7e5180ebdf0f0627e19d2cc2391456e4; Mon, 22 Apr 2019 16:38:51 +0000 (UTC) From: Eneas U de Queiroz <cote2004-github@yahoo.com> To: openwrt-devel@lists.openwrt.org Cc: Eneas U de Queiroz <cote2004-github@yahoo.com> Subject: [PATCH] openssl: fix OPENSSL_config bug affecting wget Date: Mon, 22 Apr 2019 13:38:37 -0300 Message-Id: <20190422163837.21402-1-cote2004-github@yahoo.com> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190422_093907_493855_16309027 X-CRM114-Status: UNSURE ( 8.86 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -0.2 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [98.137.64.31 listed in list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (cote2004-github[at]yahoo.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature This applies an upstream patch that fixes a OPENSSL_config() bug that causes SSL initialization to fail when the openssl.cnf file is not found. The config file is not installed by default. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com> --- The config file is not installed by default as it is usually not needed. Without the patch, wget fails to initialize SSL: # wget https://google.com --2019-04-22 10:10:16-- https://google.com/ Disabling SSL due to encountered errors. The patch was tested with wget on WRT3200ACM running current master. diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile index 49cea8e45a..a82e16fa50 100644 --- a/package/libs/openssl/Makefile +++ b/package/libs/openssl/Makefile @@ -11,7 +11,7 @@ PKG_NAME:=openssl PKG_BASE:=1.1.1 PKG_BUGFIX:=b PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX) -PKG_RELEASE:=4 +PKG_RELEASE:=5 PKG_USE_MIPS16:=0 ENGINES_DIR=engines-1.1 diff --git a/package/libs/openssl/patches/200-OPENSSL_config-restore-error-agnosticism.patch b/package/libs/openssl/patches/200-OPENSSL_config-restore-error-agnosticism.patch new file mode 100644 index 0000000000..3923ac41da --- /dev/null +++ b/package/libs/openssl/patches/200-OPENSSL_config-restore-error-agnosticism.patch @@ -0,0 +1,31 @@ +From 9933d4a06bd0a0b5b757f072944e8cd54d4bddd3 Mon Sep 17 00:00:00 2001 +From: Richard Levitte <levitte@openssl.org> +Date: Wed, 20 Mar 2019 10:18:13 +0100 +Subject: [PATCH] OPENSSL_config(): restore error agnosticism + +Great effort has been made to make initialization more configurable. +However, the behavior of OPENSSL_config() was lost in the process, +having it suddenly generate errors it didn't previously, which is not +how it's documented to behave. + +A simple setting of default flags fixes this problem. + +Fixes #8528 + +Reviewed-by: Matt Caswell <matt@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/8533) + +(cherry picked from commit 905c9a72a708701597891527b422c7f374125c52) + +diff --git a/crypto/conf/conf_sap.c b/crypto/conf/conf_sap.c +index 2ce42f0c67..3805c426d8 100644 +--- a/crypto/conf/conf_sap.c ++++ b/crypto/conf/conf_sap.c +@@ -35,6 +35,7 @@ void OPENSSL_config(const char *appname) + memset(&settings, 0, sizeof(settings)); + if (appname != NULL) + settings.appname = strdup(appname); ++ settings.flags = DEFAULT_CONF_MFLAGS; + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, &settings); + } + #endif ]