summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--system/openssl/0003-use-termios.patch26
-rw-r--r--system/openssl/0004-fix-default-ca-path-for-apps.patch79
-rw-r--r--system/openssl/0005-fix-parallel-build.patch349
-rw-r--r--system/openssl/0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch68
-rw-r--r--system/openssl/0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch27
-rw-r--r--system/openssl/0009-no-rpath.patch11
-rw-r--r--system/openssl/0010-ssl-env-zlib.patch38
-rw-r--r--system/openssl/1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch88
-rw-r--r--system/openssl/1002-backport-changes-from-upstream-padlock-module.patch200
-rw-r--r--system/openssl/1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch782
-rw-r--r--system/openssl/1004-crypto-engine-autoload-padlock-dynamic-engine.patch33
-rw-r--r--system/openssl/APKBUILD63
-rw-r--r--system/openssl/CVE-2019-1551.patch757
-rw-r--r--system/openssl/ppc64.patch96
14 files changed, 874 insertions, 1743 deletions
diff --git a/system/openssl/0003-use-termios.patch b/system/openssl/0003-use-termios.patch
deleted file mode 100644
index 3312d1856..000000000
--- a/system/openssl/0003-use-termios.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 5caf1bdcdb56358c0ce38ef404fedbe323e66cb9 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
-Date: Thu, 5 Feb 2015 08:40:32 +0200
-Subject: [PATCH] use termios
-
----
- crypto/ui/ui_openssl.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c
-index 8bda83c..a89b5f2 100644
---- a/crypto/ui/ui_openssl.c
-+++ b/crypto/ui/ui_openssl.c
-@@ -224,6 +224,9 @@
- # undef SGTTY
- #endif
-
-+#define TERMIOS
-+#undef TERMIO
-+
- #ifdef TERMIOS
- # include <termios.h>
- # define TTY_STRUCT struct termios
---
-2.2.2
-
diff --git a/system/openssl/0004-fix-default-ca-path-for-apps.patch b/system/openssl/0004-fix-default-ca-path-for-apps.patch
deleted file mode 100644
index c2c53184a..000000000
--- a/system/openssl/0004-fix-default-ca-path-for-apps.patch
+++ /dev/null
@@ -1,79 +0,0 @@
-From 09e6425ad6927a825b077af85c50b2fb04773757 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
-Date: Thu, 5 Feb 2015 08:52:05 +0200
-Subject: [PATCH] fix default ca path for apps
-
----
- apps/s_server.c | 22 ++++++++++++++--------
- apps/s_time.c | 13 ++++++-------
- 3 files changed, 26 insertions(+), 22 deletions(-)
-
-diff --git a/apps/s_server.c b/apps/s_server.c
-index baa2455..2d5dc97 100644
---- a/apps/s_server.c
-+++ b/apps/s_server.c
-@@ -1770,12 +1770,14 @@ int MAIN(int argc, char *argv[])
- }
- #endif
-
-- if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
-- (!SSL_CTX_set_default_verify_paths(ctx))) {
-- /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
-- ERR_print_errors(bio_err);
-- /* goto end; */
-+ if (CAfile == NULL && CApath == NULL) {
-+ if (!SSL_CTX_set_default_verify_paths(ctx))
-+ ERR_print_errors(bio_err);
-+ } else {
-+ if (!SSL_CTX_load_verify_locations(ctx, CAfile, CApath))
-+ ERR_print_errors(bio_err);
- }
-+
- if (vpm)
- SSL_CTX_set1_param(ctx, vpm);
-
-@@ -1838,10 +1840,14 @@ int MAIN(int argc, char *argv[])
- else
- SSL_CTX_sess_set_cache_size(ctx2, 128);
-
-- if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
-- (!SSL_CTX_set_default_verify_paths(ctx2))) {
-- ERR_print_errors(bio_err);
-+ if (CAfile == NULL && CApath == NULL) {
-+ if (!SSL_CTX_set_default_verify_paths(ctx2))
-+ ERR_print_errors(bio_err);
-+ } else {
-+ if (!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath))
-+ ERR_print_errors(bio_err);
- }
-+
- if (vpm)
- SSL_CTX_set1_param(ctx2, vpm);
-
-diff --git a/apps/s_time.c b/apps/s_time.c
-index 5846f3a..c8f371a 100644
---- a/apps/s_time.c
-+++ b/apps/s_time.c
-@@ -377,13 +377,12 @@ int MAIN(int argc, char **argv)
-
- SSL_load_error_strings();
-
-- if ((!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath)) ||
-- (!SSL_CTX_set_default_verify_paths(tm_ctx))) {
-- /*
-- * BIO_printf(bio_err,"error setting default verify locations\n");
-- */
-- ERR_print_errors(bio_err);
-- /* goto end; */
-+ if (CAfile == NULL && CApath == NULL) {
-+ if (!SSL_CTX_set_default_verify_paths(tm_ctx))
-+ ERR_print_errors(bio_err);
-+ } else {
-+ if (!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath))
-+ ERR_print_errors(bio_err);
- }
-
- if (tm_cipher == NULL)
---
-2.2.2
-
diff --git a/system/openssl/0005-fix-parallel-build.patch b/system/openssl/0005-fix-parallel-build.patch
deleted file mode 100644
index 70073fd19..000000000
--- a/system/openssl/0005-fix-parallel-build.patch
+++ /dev/null
@@ -1,349 +0,0 @@
-diff -ru openssl-1.0.2a.orig/Makefile.org openssl-1.0.2a/Makefile.org
---- openssl-1.0.2d.orig/Makefile.org 2015-07-09 16:30:50.201986573 -0300
-+++ openssl-1.0.2d/Makefile.org 2015-07-09 16:30:50.201986573 -0300
-@@ -278,17 +278,17 @@
- build_libssl: build_ssl libssl.pc
-
- build_crypto:
-- @dir=crypto; target=all; $(BUILD_ONE_CMD)
-+ +@dir=crypto; target=all; $(BUILD_ONE_CMD)
- build_ssl: build_crypto
-- @dir=ssl; target=all; $(BUILD_ONE_CMD)
-+ +@dir=ssl; target=all; $(BUILD_ONE_CMD)
- build_engines: build_crypto
-- @dir=engines; target=all; $(BUILD_ONE_CMD)
-+ +@dir=engines; target=all; $(BUILD_ONE_CMD)
- build_apps: build_libs
-- @dir=apps; target=all; $(BUILD_ONE_CMD)
-+ +@dir=apps; target=all; $(BUILD_ONE_CMD)
- build_tests: build_libs
-- @dir=test; target=all; $(BUILD_ONE_CMD)
-+ +@dir=test; target=all; $(BUILD_ONE_CMD)
- build_tools: build_libs
-- @dir=tools; target=all; $(BUILD_ONE_CMD)
-+ +@dir=tools; target=all; $(BUILD_ONE_CMD)
-
- all_testapps: build_libs build_testapps
- build_testapps:
-@@ -536,9 +536,9 @@
- dist_pem_h:
- (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
-
--install: all install_docs install_sw
-+install: install_docs install_sw
-
--install_sw:
-+install_dirs:
- @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
-@@ -547,12 +547,19 @@
- $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
- $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
- $(INSTALL_PREFIX)$(OPENSSLDIR)/private
-+ @$(PERL) $(TOP)/util/mkdir-p.pl \
-+ $(INSTALL_PREFIX)$(MANDIR)/man1 \
-+ $(INSTALL_PREFIX)$(MANDIR)/man3 \
-+ $(INSTALL_PREFIX)$(MANDIR)/man5 \
-+ $(INSTALL_PREFIX)$(MANDIR)/man7
-+
-+install_sw: install_dirs
- @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
- do \
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
- done;
-- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
-+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD)
- @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
- do \
- if [ -f "$$i" ]; then \
-@@ -636,12 +643,7 @@
- done; \
- done
-
--install_docs:
-- @$(PERL) $(TOP)/util/mkdir-p.pl \
-- $(INSTALL_PREFIX)$(MANDIR)/man1 \
-- $(INSTALL_PREFIX)$(MANDIR)/man3 \
-- $(INSTALL_PREFIX)$(MANDIR)/man5 \
-- $(INSTALL_PREFIX)$(MANDIR)/man7
-+install_docs: install_dirs
- @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
- here="`pwd`"; \
- filecase=; \
-diff -ru openssl-1.0.2a.orig/Makefile.shared openssl-1.0.2a/Makefile.shared
---- openssl-1.0.2a.orig/Makefile.shared 2015-01-20 12:33:36.000000000 +0000
-+++ openssl-1.0.2a/Makefile.shared 2015-03-19 14:53:31.246908039 +0000
-@@ -105,6 +105,7 @@
- SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
- LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
- LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
-+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \
- LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
- $${SHAREDCMD} $${SHAREDFLAGS} \
- -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
-@@ -122,6 +123,7 @@
- done; \
- fi; \
- if [ -n "$$SHLIB_SOVER" ]; then \
-+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
- ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
- ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
- fi; \
-diff -ru openssl-1.0.2a.orig/crypto/Makefile openssl-1.0.2a/crypto/Makefile
---- openssl-1.0.2a.orig/crypto/Makefile 2015-03-19 13:31:02.000000000 +0000
-+++ openssl-1.0.2a/crypto/Makefile 2015-03-19 14:53:31.246908039 +0000
-@@ -85,11 +85,11 @@
- @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
-
- subdirs:
-- @target=all; $(RECURSIVE_MAKE)
-+ +@target=all; $(RECURSIVE_MAKE)
-
- files:
- $(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO
-- @target=files; $(RECURSIVE_MAKE)
-+ +@target=files; $(RECURSIVE_MAKE)
-
- links:
- @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
-@@ -100,7 +100,7 @@
- # lib: $(LIB): are splitted to avoid end-less loop
- lib: $(LIB)
- @touch lib
--$(LIB): $(LIBOBJ)
-+$(LIB): $(LIBOBJ) | subdirs
- $(AR) $(LIB) $(LIBOBJ)
- test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
- $(RANLIB) $(LIB) || echo Never mind.
-@@ -111,7 +111,7 @@
- fi
-
- libs:
-- @target=lib; $(RECURSIVE_MAKE)
-+ +@target=lib; $(RECURSIVE_MAKE)
-
- install:
- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
-@@ -120,7 +120,7 @@
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
- done;
-- @target=install; $(RECURSIVE_MAKE)
-+ +@target=install; $(RECURSIVE_MAKE)
-
- lint:
- @target=lint; $(RECURSIVE_MAKE)
-diff -ru openssl-1.0.2a.orig/engines/Makefile openssl-1.0.2a/engines/Makefile
---- openssl-1.0.2a.orig/engines/Makefile 2015-03-19 13:31:14.000000000 +0000
-+++ openssl-1.0.2a/engines/Makefile 2015-03-19 14:53:31.246908039 +0000
-@@ -72,7 +72,7 @@
-
- all: lib subdirs
-
--lib: $(LIBOBJ)
-+lib: $(LIBOBJ) | subdirs
- @if [ -n "$(SHARED_LIBS)" ]; then \
- set -e; \
- for l in $(LIBNAMES); do \
-@@ -89,7 +89,7 @@
-
- subdirs:
- echo $(EDIRS)
-- @target=all; $(RECURSIVE_MAKE)
-+ +@target=all; $(RECURSIVE_MAKE)
-
- files:
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
-@@ -128,7 +128,7 @@
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
- done; \
- fi
-- @target=install; $(RECURSIVE_MAKE)
-+ +@target=install; $(RECURSIVE_MAKE)
-
- tags:
- ctags $(SRC)
-diff -ru openssl-1.0.2a.orig/test/Makefile openssl-1.0.2a/test/Makefile
---- openssl-1.0.2a.orig/test/Makefile 2015-03-19 13:31:16.000000000 +0000
-+++ openssl-1.0.2a/test/Makefile 2015-03-19 14:55:44.146017128 +0000
-@@ -133,7 +133,7 @@
- tags:
- ctags $(SRC)
-
--tests: exe apps $(TESTS)
-+tests: exe $(TESTS)
-
- apps:
- @(cd ..; $(MAKE) DIRS=apps all)
-@@ -402,121 +402,121 @@
- link_app.$${shlib_target}
-
- $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
-- @target=$(RSATEST); $(BUILD_CMD)
-+ +@target=$(RSATEST); $(BUILD_CMD)
-
- $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
-- @target=$(BNTEST); $(BUILD_CMD)
-+ +@target=$(BNTEST); $(BUILD_CMD)
-
- $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
-- @target=$(ECTEST); $(BUILD_CMD)
-+ +@target=$(ECTEST); $(BUILD_CMD)
-
- $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
-- @target=$(EXPTEST); $(BUILD_CMD)
-+ +@target=$(EXPTEST); $(BUILD_CMD)
-
- $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
-- @target=$(IDEATEST); $(BUILD_CMD)
-+ +@target=$(IDEATEST); $(BUILD_CMD)
-
- $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
-- @target=$(MD2TEST); $(BUILD_CMD)
-+ +@target=$(MD2TEST); $(BUILD_CMD)
-
- $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
-- @target=$(SHATEST); $(BUILD_CMD)
-+ +@target=$(SHATEST); $(BUILD_CMD)
-
- $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
-- @target=$(SHA1TEST); $(BUILD_CMD)
-+ +@target=$(SHA1TEST); $(BUILD_CMD)
-
- $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
-- @target=$(SHA256TEST); $(BUILD_CMD)
-+ +@target=$(SHA256TEST); $(BUILD_CMD)
-
- $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
-- @target=$(SHA512TEST); $(BUILD_CMD)
-+ +@target=$(SHA512TEST); $(BUILD_CMD)
-
- $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
-- @target=$(RMDTEST); $(BUILD_CMD)
-+ +@target=$(RMDTEST); $(BUILD_CMD)
-
- $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
-- @target=$(MDC2TEST); $(BUILD_CMD)
-+ +@target=$(MDC2TEST); $(BUILD_CMD)
-
- $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
-- @target=$(MD4TEST); $(BUILD_CMD)
-+ +@target=$(MD4TEST); $(BUILD_CMD)
-
- $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
-- @target=$(MD5TEST); $(BUILD_CMD)
-+ +@target=$(MD5TEST); $(BUILD_CMD)
-
- $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
-- @target=$(HMACTEST); $(BUILD_CMD)
-+ +@target=$(HMACTEST); $(BUILD_CMD)
-
- $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
-- @target=$(WPTEST); $(BUILD_CMD)
-+ +@target=$(WPTEST); $(BUILD_CMD)
-
- $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
-- @target=$(RC2TEST); $(BUILD_CMD)
-+ +@target=$(RC2TEST); $(BUILD_CMD)
-
- $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
-- @target=$(BFTEST); $(BUILD_CMD)
-+ +@target=$(BFTEST); $(BUILD_CMD)
-
- $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
-- @target=$(CASTTEST); $(BUILD_CMD)
-+ +@target=$(CASTTEST); $(BUILD_CMD)
-
- $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
-- @target=$(RC4TEST); $(BUILD_CMD)
-+ +@target=$(RC4TEST); $(BUILD_CMD)
-
- $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
-- @target=$(RC5TEST); $(BUILD_CMD)
-+ +@target=$(RC5TEST); $(BUILD_CMD)
-
- $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
-- @target=$(DESTEST); $(BUILD_CMD)
-+ +@target=$(DESTEST); $(BUILD_CMD)
-
- $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
-- @target=$(RANDTEST); $(BUILD_CMD)
-+ +@target=$(RANDTEST); $(BUILD_CMD)
-
- $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
-- @target=$(DHTEST); $(BUILD_CMD)
-+ +@target=$(DHTEST); $(BUILD_CMD)
-
- $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
-- @target=$(DSATEST); $(BUILD_CMD)
-+ +@target=$(DSATEST); $(BUILD_CMD)
-
- $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
-- @target=$(METHTEST); $(BUILD_CMD)
-+ +@target=$(METHTEST); $(BUILD_CMD)
-
- $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
-- @target=$(SSLTEST); $(FIPS_BUILD_CMD)
-+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD)
-
- $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
-- @target=$(ENGINETEST); $(BUILD_CMD)
-+ +@target=$(ENGINETEST); $(BUILD_CMD)
-
- $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
-- @target=$(EVPTEST); $(BUILD_CMD)
-+ +@target=$(EVPTEST); $(BUILD_CMD)
-
- $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO)
-- @target=$(EVPEXTRATEST); $(BUILD_CMD)
-+ +@target=$(EVPEXTRATEST); $(BUILD_CMD)
-
- $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
-- @target=$(ECDSATEST); $(BUILD_CMD)
-+ +@target=$(ECDSATEST); $(BUILD_CMD)
-
- $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
-- @target=$(ECDHTEST); $(BUILD_CMD)
-+ +@target=$(ECDHTEST); $(BUILD_CMD)
-
- $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
-- @target=$(IGETEST); $(BUILD_CMD)
-+ +@target=$(IGETEST); $(BUILD_CMD)
-
- $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
-- @target=$(JPAKETEST); $(BUILD_CMD)
-+ +@target=$(JPAKETEST); $(BUILD_CMD)
-
- $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
-- @target=$(ASN1TEST); $(BUILD_CMD)
-+ +@target=$(ASN1TEST); $(BUILD_CMD)
-
- $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
-- @target=$(SRPTEST); $(BUILD_CMD)
-+ +@target=$(SRPTEST); $(BUILD_CMD)
-
- $(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO)
-- @target=$(V3NAMETEST); $(BUILD_CMD)
-+ +@target=$(V3NAMETEST); $(BUILD_CMD)
-
- $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO)
-- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
-+ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
-
- $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o
-- @target=$(CONSTTIMETEST) $(BUILD_CMD)
-+ +@target=$(CONSTTIMETEST) $(BUILD_CMD)
-
- #$(AESTEST).o: $(AESTEST).c
- # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
-@@ -529,7 +529,7 @@
- # fi
-
- dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
-- @target=dummytest; $(BUILD_CMD)
-+ +@target=dummytest; $(BUILD_CMD)
-
- # DO NOT DELETE THIS LINE -- make depend depends on it.
-
diff --git a/system/openssl/0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch b/system/openssl/0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
deleted file mode 100644
index daa6df02f..000000000
--- a/system/openssl/0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-From 4785c095dbfb3630ddf6685f23e3a19c7c804cbc Mon Sep 17 00:00:00 2001
-From: William Pitcock <nenolod@dereferenced.org>
-Date: Thu, 5 Feb 2015 09:02:00 +0200
-Subject: [PATCH] add ircv3 tls-3.1 extension support to s_client
-
----
- apps/s_client.c | 24 ++++++++++++++++++++++--
- 1 file changed, 22 insertions(+), 2 deletions(-)
-
-diff --git a/apps/s_client.c b/apps/s_client.c
-index 8aee02a..0a28b89 100644
---- a/apps/s_client.c
-+++ b/apps/s_client.c
-@@ -401,7 +401,7 @@ static void sc_usage(void)
- BIO_printf(bio_err,
- " 'prot' defines which one to assume. Currently,\n");
- BIO_printf(bio_err,
-- " only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n");
-+ " only \"smtp\", \"pop3\", \"imap\", \"ftp\", \"xmpp\" and \"ircv3\"\n");
- BIO_printf(bio_err, " are supported.\n");
- #ifndef OPENSSL_NO_ENGINE
- BIO_printf(bio_err,
-@@ -640,7 +640,8 @@ enum {
- PROTO_POP3,
- PROTO_IMAP,
- PROTO_FTP,
-- PROTO_XMPP
-+ PROTO_XMPP,
-+ PROTO_IRCV3,
- };
-
- int MAIN(int, char **);
-@@ -1062,6 +1063,8 @@ int MAIN(int argc, char **argv)
- starttls_proto = PROTO_FTP;
- else if (strcmp(*argv, "xmpp") == 0)
- starttls_proto = PROTO_XMPP;
-+ else if (strcmp(*argv, "ircv3") == 0)
-+ starttls_proto = PROTO_IRCV3;
- else
- goto bad;
- }
-@@ -1646,6 +1649,23 @@ int MAIN(int argc, char **argv)
- goto shut;
- mbuf[0] = 0;
- }
-+ if (starttls_proto == PROTO_IRCV3) {
-+ int seen = 0;
-+ BIO_printf(sbio,"CAP REQ :tls\r\n");
-+
-+ while (!strstr(mbuf,"CAP")) {
-+ seen = BIO_read(sbio,mbuf,BUFSIZZ);
-+ mbuf[seen] = 0;
-+ }
-+ if (!strstr(mbuf,"ACK"))
-+ goto shut;
-+ BIO_printf(sbio,"CAP END\r\nSTARTTLS\r\n");
-+ while (!strstr(sbuf, "670")) {
-+ seen = BIO_read(sbio,sbuf,BUFSIZZ);
-+ sbuf[seen] = 0;
-+ }
-+ mbuf[0] = 0;
-+ }
-
- for (;;) {
- FD_ZERO(&readfds);
---
-2.2.2
-
diff --git a/system/openssl/0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch b/system/openssl/0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
deleted file mode 100644
index ff3d25eff..000000000
--- a/system/openssl/0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 7457e26d3a78c7cd923242d87d04febadddea086 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
-Date: Thu, 5 Feb 2015 10:06:31 +0200
-Subject: [PATCH] maintain abi compat with no-freelist and regular build
-
----
- ssl/ssl.h | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/ssl/ssl.h b/ssl/ssl.h
-index 2b0f662..636cb5d 100644
---- a/ssl/ssl.h
-+++ b/ssl/ssl.h
-@@ -1113,6 +1113,10 @@ struct ssl_ctx_st {
- unsigned int freelist_max_len;
- struct ssl3_buf_freelist_st *wbuf_freelist;
- struct ssl3_buf_freelist_st *rbuf_freelist;
-+# else
-+ unsigned int freelist_dummy0;
-+ void *freelist_dummy1;
-+ void *freelist_dummy2;
- # endif
- # ifndef OPENSSL_NO_SRP
- SRP_CTX srp_ctx; /* ctx for SRP authentication */
---
-2.2.2
-
diff --git a/system/openssl/0009-no-rpath.patch b/system/openssl/0009-no-rpath.patch
deleted file mode 100644
index 56df75b79..000000000
--- a/system/openssl/0009-no-rpath.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/Makefile.shared 2005-06-23 22:47:54.000000000 +0200
-+++ b/Makefile.shared 2005-11-16 22:35:37.000000000 +0100
-@@ -153,7 +153,7 @@
- NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
-
--DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
-+DO_GNU_APP=LDFLAGS="$(CFLAGS)"
-
- #This is rather special. It's a special target with which one can link
- #applications without bothering with any features that have anything to
diff --git a/system/openssl/0010-ssl-env-zlib.patch b/system/openssl/0010-ssl-env-zlib.patch
deleted file mode 100644
index 9eae15d72..000000000
--- a/system/openssl/0010-ssl-env-zlib.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-diff -ru openssl-1.0.2a.orig/doc/ssl/SSL_COMP_add_compression_method.pod openssl-1.0.2a/doc/ssl/SSL_COMP_add_compression_method.pod
---- openssl-1.0.2a.orig/doc/ssl/SSL_COMP_add_compression_method.pod 2015-01-15 16:43:14.000000000 -0200
-+++ openssl-1.0.2a/doc/ssl/SSL_COMP_add_compression_method.pod 2015-03-27 15:18:47.280054883 -0200
-@@ -47,6 +47,13 @@
- been standardized, the compression API will most likely be changed. Using
- it in the current state is not recommended.
-
-+It is also not recommended to use compression if data transfered contain
-+untrusted parts that can be manipulated by an attacker as he could then
-+get information about the encrypted data. See the CRIME attack. For
-+that reason the default loading of the zlib compression method is
-+disabled and enabled only if the environment variable B<OPENSSL_DEFAULT_ZLIB>
-+is present during the library initialization.
-+
- =head1 RETURN VALUES
-
- SSL_COMP_add_compression_method() may return the following values:
-diff -ru openssl-1.0.2a.orig/ssl/ssl_ciph.c openssl-1.0.2a/ssl/ssl_ciph.c
---- openssl-1.0.2a.orig/ssl/ssl_ciph.c 2015-03-19 15:30:36.000000000 -0200
-+++ openssl-1.0.2a/ssl/ssl_ciph.c 2015-03-27 15:23:05.960057092 -0200
-@@ -141,6 +141,8 @@
- */
-
- #include <stdio.h>
-+#include <stdlib.h>
-+#include <sys/auxv.h>
- #include <openssl/objects.h>
- #ifndef OPENSSL_NO_COMP
- # include <openssl/comp.h>
-@@ -481,7 +483,7 @@
-
- MemCheck_off();
- ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp);
-- if (ssl_comp_methods != NULL) {
-+ if (ssl_comp_methods != NULL && getauxval(AT_SECURE) == 0 && getenv("OPENSSL_DEFAULT_ZLIB") != NULL) {
- comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
- if (comp != NULL) {
- comp->method = COMP_zlib();
diff --git a/system/openssl/1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch b/system/openssl/1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
deleted file mode 100644
index ef46faa84..000000000
--- a/system/openssl/1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
+++ /dev/null
@@ -1,88 +0,0 @@
-From 83c96cbc76604daccbc31cea9411555aea96fd6d Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
-Date: Thu, 5 Feb 2015 09:16:51 +0200
-Subject: [PATCH] crypto/hmac: support EVP_MD_CTX_FLAG_ONESHOT and set it
- properly
-
-Some engines (namely VIA C7 Padlock) work only if EVP_MD_CTX_FLAG_ONESHOT
-is set before final update. This is because some crypto accelerators cannot
-perform non-finalizing transform of the digest.
-
-The usage of EVP_MD_CTX_FLAG_ONESHOT is used semantically slightly
-differently here. It is set before the final EVP_DigestUpdate call, not
-necessarily before EVP_DigestInit call. This will not cause any problems
-though.
----
- crypto/hmac/hmac.c | 14 ++++++++++----
- 1 file changed, 10 insertions(+), 4 deletions(-)
-
-diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
-index 1fc9e2c..6f16578 100644
---- a/crypto/hmac/hmac.c
-+++ b/crypto/hmac/hmac.c
-@@ -109,7 +109,8 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
- j = EVP_MD_block_size(md);
- OPENSSL_assert(j <= (int)sizeof(ctx->key));
- if (j < len) {
-- if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl))
-+ EVP_MD_CTX_set_flags(&ctx->md_ctx, EVP_MD_CTX_FLAG_ONESHOT);
-+ if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl))
- goto err;
- if (!EVP_DigestUpdate(&ctx->md_ctx, key, len))
- goto err;
-@@ -129,6 +130,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
- if (reset) {
- for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
- pad[i] = 0x36 ^ ctx->key[i];
-+ EVP_MD_CTX_clear_flags(&ctx->i_ctx, EVP_MD_CTX_FLAG_ONESHOT);
- if (!EVP_DigestInit_ex(&ctx->i_ctx, md, impl))
- goto err;
- if (!EVP_DigestUpdate(&ctx->i_ctx, pad, EVP_MD_block_size(md)))
-@@ -136,6 +138,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
-
- for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
- pad[i] = 0x5c ^ ctx->key[i];
-+ EVP_MD_CTX_clear_flags(&ctx->o_ctx, EVP_MD_CTX_FLAG_ONESHOT);
- if (!EVP_DigestInit_ex(&ctx->o_ctx, md, impl))
- goto err;
- if (!EVP_DigestUpdate(&ctx->o_ctx, pad, EVP_MD_block_size(md)))
-@@ -143,6 +146,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
- }
- if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx))
- goto err;
-+ EVP_MD_CTX_clear_flags(&ctx->md_ctx, EVP_MD_CTX_FLAG_ONESHOT);
- return 1;
- err:
- return 0;
-@@ -177,6 +181,7 @@ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
- goto err;
- if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx))
- goto err;
-+ EVP_MD_CTX_set_flags(&ctx->md_ctx,EVP_MD_CTX_FLAG_ONESHOT);
- if (!EVP_DigestUpdate(&ctx->md_ctx, buf, i))
- goto err;
- if (!EVP_DigestFinal_ex(&ctx->md_ctx, md, len))
-@@ -233,8 +238,9 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
- if (md == NULL)
- md = m;
- HMAC_CTX_init(&c);
-- if (!HMAC_Init(&c, key, key_len, evp_md))
-+ if (!HMAC_Init_ex(&c, key, key_len, evp_md, NULL))
- goto err;
-+ HMAC_CTX_set_flags(&c,EVP_MD_CTX_FLAG_ONESHOT);
- if (!HMAC_Update(&c, d, n))
- goto err;
- if (!HMAC_Final(&c, md, md_len))
-@@ -247,7 +253,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
-
- void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
- {
-- EVP_MD_CTX_set_flags(&ctx->i_ctx, flags);
-- EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);
-+ EVP_MD_CTX_set_flags(&ctx->i_ctx, flags & ~EVP_MD_CTX_FLAG_ONESHOT);
-+ EVP_MD_CTX_set_flags(&ctx->o_ctx, flags & ~EVP_MD_CTX_FLAG_ONESHOT);
- EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
- }
---
-2.2.2
-
diff --git a/system/openssl/1002-backport-changes-from-upstream-padlock-module.patch b/system/openssl/1002-backport-changes-from-upstream-padlock-module.patch
deleted file mode 100644
index f63bbcd1c..000000000
--- a/system/openssl/1002-backport-changes-from-upstream-padlock-module.patch
+++ /dev/null
@@ -1,200 +0,0 @@
-From ba17588a940ee712c3ef6d458adb1087f0c84521 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
-Date: Thu, 5 Feb 2015 09:28:10 +0200
-Subject: [PATCH] backport changes from upstream padlock module.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Includes support for VIA Nano 64-bit mode.
-
-Signed-off-by: Timo Teräs <timo.teras@iki.fi>
----
- engines/e_padlock.c | 142 +++++++++++++++++++++++++++++++++++++++++++++-------
- 1 file changed, 125 insertions(+), 17 deletions(-)
-
-diff --git a/engines/e_padlock.c b/engines/e_padlock.c
-index 2898e4c..94406cb 100644
---- a/engines/e_padlock.c
-+++ b/engines/e_padlock.c
-@@ -101,7 +101,10 @@
- */
- # undef COMPILE_HW_PADLOCK
- # if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM)
--# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \
-+# if (defined(__GNUC__) && __GNUC__>=2 && \
-+ (defined(__i386__) || defined(__i386) || \
-+ defined(__x86_64__) || defined(__x86_64)) \
-+ ) || \
- (defined(_MSC_VER) && defined(_M_IX86))
- # define COMPILE_HW_PADLOCK
- # endif
-@@ -303,6 +306,7 @@ static volatile struct padlock_cipher_data *padlock_saved_context;
- * =======================================================
- */
- # if defined(__GNUC__) && __GNUC__>=2
-+# if defined(__i386__) || defined(__i386)
- /*
- * As for excessive "push %ebx"/"pop %ebx" found all over.
- * When generating position-independent code GCC won't let
-@@ -379,22 +383,6 @@ static int padlock_available(void)
- return padlock_use_ace + padlock_use_rng;
- }
-
--# ifndef OPENSSL_NO_AES
--# ifndef AES_ASM
--/* Our own htonl()/ntohl() */
--static inline void padlock_bswapl(AES_KEY *ks)
--{
-- size_t i = sizeof(ks->rd_key) / sizeof(ks->rd_key[0]);
-- unsigned int *key = ks->rd_key;
--
-- while (i--) {
-- asm volatile ("bswapl %0":"+r" (*key));
-- key++;
-- }
--}
--# endif
--# endif
--
- /*
- * Force key reload from memory to the CPU microcode. Loading EFLAGS from the
- * stack clears EFLAGS[30] which does the trick.
-@@ -448,6 +436,110 @@ static inline void *name(size_t cnt, \
- : "edx", "cc", "memory"); \
- return iv; \
- }
-+#endif
-+
-+#elif defined(__x86_64__) || defined(__x86_64)
-+
-+/* Load supported features of the CPU to see if
-+ the PadLock is available. */
-+static int
-+padlock_available(void)
-+{
-+ char vendor_string[16];
-+ unsigned int eax, edx;
-+
-+ /* Are we running on the Centaur (VIA) CPU? */
-+ eax = 0x00000000;
-+ vendor_string[12] = 0;
-+ asm volatile (
-+ "cpuid\n"
-+ "movl %%ebx,(%1)\n"
-+ "movl %%edx,4(%1)\n"
-+ "movl %%ecx,8(%1)\n"
-+ : "+a"(eax) : "r"(vendor_string) : "rbx", "rcx", "rdx");
-+ if (strcmp(vendor_string, "CentaurHauls") != 0)
-+ return 0;
-+
-+ /* Check for Centaur Extended Feature Flags presence */
-+ eax = 0xC0000000;
-+ asm volatile ("cpuid"
-+ : "+a"(eax) : : "rbx", "rcx", "rdx");
-+ if (eax < 0xC0000001)
-+ return 0;
-+
-+ /* Read the Centaur Extended Feature Flags */
-+ eax = 0xC0000001;
-+ asm volatile ("cpuid"
-+ : "+a"(eax), "=d"(edx) : : "rbx", "rcx");
-+
-+ /* Fill up some flags */
-+ padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6));
-+ padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2));
-+
-+ return padlock_use_ace + padlock_use_rng;
-+}
-+
-+/* Force key reload from memory to the CPU microcode.
-+ Loading EFLAGS from the stack clears EFLAGS[30]
-+ which does the trick. */
-+static inline void
-+padlock_reload_key(void)
-+{
-+ asm volatile ("pushfq; popfq");
-+}
-+
-+#ifndef OPENSSL_NO_AES
-+/*
-+ * This is heuristic key context tracing. At first one
-+ * believes that one should use atomic swap instructions,
-+ * but it's not actually necessary. Point is that if
-+ * padlock_saved_context was changed by another thread
-+ * after we've read it and before we compare it with cdata,
-+ * our key *shall* be reloaded upon thread context switch
-+ * and we are therefore set in either case...
-+ */
-+static inline void
-+padlock_verify_context(struct padlock_cipher_data *cdata)
-+{
-+ asm volatile (
-+ "pushfq\n"
-+" btl $30,(%%rsp)\n"
-+" jnc 1f\n"
-+" cmpq %2,%1\n"
-+" je 1f\n"
-+" popfq\n"
-+" subq $8,%%rsp\n"
-+"1: addq $8,%%rsp\n"
-+" movq %2,%0"
-+ :"+m"(padlock_saved_context)
-+ : "r"(padlock_saved_context), "r"(cdata) : "cc");
-+}
-+
-+/* Template for padlock_xcrypt_* modes */
-+/* BIG FAT WARNING:
-+ * The offsets used with 'leal' instructions
-+ * describe items of the 'padlock_cipher_data'
-+ * structure.
-+ */
-+#define PADLOCK_XCRYPT_ASM(name,rep_xcrypt) \
-+static inline void *name(size_t cnt, \
-+ struct padlock_cipher_data *cdata, \
-+ void *out, const void *inp) \
-+{ void *iv; \
-+ asm volatile ( "leaq 16(%0),%%rdx\n" \
-+ " leaq 32(%0),%%rbx\n" \
-+ rep_xcrypt "\n" \
-+ : "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \
-+ : "0"(cdata), "1"(cnt), "2"(out), "3"(inp) \
-+ : "rbx", "rdx", "cc", "memory"); \
-+ return iv; \
-+}
-+#endif
-+
-+#endif /* cpu */
-+
-+
-+# ifndef OPENSSL_NO_AES
-
- /* Generate all functions with appropriate opcodes */
- /* rep xcryptecb */
-@@ -458,7 +550,23 @@ PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8")
- PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0")
- /* rep xcryptofb */
- PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8")
-+
-+# ifndef AES_ASM
-+/* Our own htonl()/ntohl() */
-+static inline void padlock_bswapl(AES_KEY *ks)
-+{
-+ size_t i = sizeof(ks->rd_key) / sizeof(ks->rd_key[0]);
-+ unsigned int *key = ks->rd_key;
-+
-+ while (i--) {
-+ asm volatile ("bswapl %0":"+r" (*key));
-+ key++;
-+ }
-+}
-+# endif
-+
- # endif
-+
- /* The RNG call itself */
- static inline unsigned int padlock_xstore(void *addr, unsigned int edx_in)
- {
---
-2.2.2
-
diff --git a/system/openssl/1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch b/system/openssl/1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
deleted file mode 100644
index 5a2cdd633..000000000
--- a/system/openssl/1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
+++ /dev/null
@@ -1,782 +0,0 @@
-From 728af0306505f1ff91364ac2175fb6bf5da90ec3 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
-Date: Thu, 5 Feb 2015 09:41:12 +0200
-Subject: [PATCH] engines/e_padlock: implement sha1/sha224/sha256 acceleration
-
-Limited support for VIA C7 that works only when EVP_MD_CTX_FLAG_ONESHOT
-is used appropriately (as done by EVP_Digest, and my previous HMAC patch).
-
-Full support for VIA Nano including partial transformation and 64-bit mode.
-
-Benchmarks from VIA Nano 1.6GHz, done with including the previous HMAC and
-apps/speed patches done. From single run, error margin of about 100-200k.
-
-No padlock
-
-type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
-sha1 20057.60k 51514.05k 99721.39k 130167.81k 142811.14k
-sha256 7757.72k 16907.18k 28937.05k 35181.23k 37568.51k
-hmac(sha1) 8582.53k 27644.69k 70402.30k 114602.67k 140167.85k
-
-With the patch
-
-sha1 37713.77k 114562.71k 259637.33k 379907.41k 438818.13k
-sha256 34262.86k 103233.75k 232476.07k 338386.60k 389860.01k
-hmac(sha1) 8424.70k 31475.11k 104036.10k 245559.30k 406667.26k
----
- engines/e_padlock.c | 663 ++++++++++++++++++++++++++++++++++++++++++++++++----
- 1 file changed, 614 insertions(+), 49 deletions(-)
-
-diff --git a/engines/e_padlock.c b/engines/e_padlock.c
-index 94406cb..5e99114 100644
---- a/engines/e_padlock.c
-+++ b/engines/e_padlock.c
-@@ -3,6 +3,9 @@
- * Written by Michal Ludvig <michal@logix.cz>
- * http://www.logix.cz/michal
- *
-+ * SHA support by Timo Teras <timo.teras@iki.fi>. Portions based on
-+ * code originally written by Michal Ludvig.
-+ *
- * Big thanks to Andy Polyakov for a help with optimization,
- * assembler fixes, port to MS Windows and a lot of other
- * valuable work on this engine!
-@@ -63,7 +66,9 @@
- */
-
- #include <stdio.h>
-+#include <stdint.h>
- #include <string.h>
-+#include <netinet/in.h>
-
- #include <openssl/opensslconf.h>
- #include <openssl/crypto.h>
-@@ -73,11 +78,32 @@
- #ifndef OPENSSL_NO_AES
- # include <openssl/aes.h>
- #endif
-+#ifndef OPENSSL_NO_SHA
-+# include <openssl/sha.h>
-+#endif
- #include <openssl/rand.h>
- #include <openssl/err.h>
-
- #ifndef OPENSSL_NO_HW
--# ifndef OPENSSL_NO_HW_PADLOCK
-+# ifndef OPENSSL_NO_HW_PADLOCK
-+
-+/* PadLock RNG is disabled by default */
-+# define PADLOCK_NO_RNG 1
-+
-+/* No ASM routines for SHA in MSC yet */
-+# ifdef _MSC_VER
-+# define OPENSSL_NO_SHA
-+# endif
-+
-+/* 64-bit mode does not need software SHA1 as fallback, we can
-+ * do all operations with padlock */
-+# if defined(__x86_64__) || defined(__x86_64)
-+# define PADLOCK_NEED_FALLBACK_SHA 0
-+# else
-+# define PADLOCK_NEED_FALLBACK_SHA 1
-+# endif
-+
-+# define PADLOCK_MAX_FINALIZING_LENGTH 0x1FFFFFFE
-
- /* Attempt to have a single source for both 0.9.7 and 0.9.8 :-) */
- # if (OPENSSL_VERSION_NUMBER >= 0x00908000L)
-@@ -151,60 +177,42 @@ void ENGINE_load_padlock(void)
- static int padlock_available(void);
- static int padlock_init(ENGINE *e);
-
-+# ifndef PADLOCK_NO_RNG
- /* RNG Stuff */
- static RAND_METHOD padlock_rand;
--
--/* Cipher Stuff */
--# ifndef OPENSSL_NO_AES
--static int padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
-- const int **nids, int nid);
- # endif
-
- /* Engine names */
- static const char *padlock_id = "padlock";
- static char padlock_name[100];
-
-+static int padlock_bind_helper(ENGINE *e);
-+
- /* Available features */
--static int padlock_use_ace = 0; /* Advanced Cryptography Engine */
--static int padlock_use_rng = 0; /* Random Number Generator */
-+enum padlock_flags {
-+ PADLOCK_RNG = 0x01,
-+ PADLOCK_ACE = 0x02,
-+ PADLOCK_ACE2 = 0x04,
-+ PADLOCK_PHE = 0x08,
-+ PADLOCK_PMM = 0x10,
-+ PADLOCK_NANO = 0x20,
-+};
-+enum padlock_flags padlock_flags;
-+
-+#define PADLOCK_HAVE_RNG (padlock_flags & PADLOCK_RNG)
-+#define PADLOCK_HAVE_ACE (padlock_flags & (PADLOCK_ACE|PADLOCK_ACE2))
-+#define PADLOCK_HAVE_ACE1 (padlock_flags & PADLOCK_ACE)
-+#define PADLOCK_HAVE_ACE2 (padlock_flags & PADLOCK_ACE2)
-+#define PADLOCK_HAVE_PHE (padlock_flags & PADLOCK_PHE)
-+#define PADLOCK_HAVE_PMM (padlock_flags & PADLOCK_PMM)
-+#define PADLOCK_HAVE_NANO (padlock_flags & PADLOCK_NANO)
-+
- # ifndef OPENSSL_NO_AES
- static int padlock_aes_align_required = 1;
- # endif
-
- /* ===== Engine "management" functions ===== */
-
--/* Prepare the ENGINE structure for registration */
--static int padlock_bind_helper(ENGINE *e)
--{
-- /* Check available features */
-- padlock_available();
--
--# if 1 /* disable RNG for now, see commentary in
-- * vicinity of RNG code */
-- padlock_use_rng = 0;
--# endif
--
-- /* Generate a nice engine name with available features */
-- BIO_snprintf(padlock_name, sizeof(padlock_name),
-- "VIA PadLock (%s, %s)",
-- padlock_use_rng ? "RNG" : "no-RNG",
-- padlock_use_ace ? "ACE" : "no-ACE");
--
-- /* Register everything or return with an error */
-- if (!ENGINE_set_id(e, padlock_id) ||
-- !ENGINE_set_name(e, padlock_name) ||
-- !ENGINE_set_init_function(e, padlock_init) ||
--# ifndef OPENSSL_NO_AES
-- (padlock_use_ace && !ENGINE_set_ciphers(e, padlock_ciphers)) ||
--# endif
-- (padlock_use_rng && !ENGINE_set_RAND(e, &padlock_rand))) {
-- return 0;
-- }
--
-- /* Everything looks good */
-- return 1;
--}
--
- # ifdef OPENSSL_NO_DYNAMIC_ENGINE
-
- /* Constructor */
-@@ -229,7 +237,7 @@ static ENGINE *ENGINE_padlock(void)
- /* Check availability of the engine */
- static int padlock_init(ENGINE *e)
- {
-- return (padlock_use_rng || padlock_use_ace);
-+ return padlock_flags;
- }
-
- /*
-@@ -377,10 +385,20 @@ static int padlock_available(void)
- "=d"(edx)::"ecx");
-
- /* Fill up some flags */
-- padlock_use_ace = ((edx & (0x3 << 6)) == (0x3 << 6));
-- padlock_use_rng = ((edx & (0x3 << 2)) == (0x3 << 2));
--
-- return padlock_use_ace + padlock_use_rng;
-+ padlock_flags |= ((edx & (0x3<<3)) ? PADLOCK_RNG : 0);
-+ padlock_flags |= ((edx & (0x3<<7)) ? PADLOCK_ACE : 0);
-+ padlock_flags |= ((edx & (0x3<<9)) ? PADLOCK_ACE2 : 0);
-+ padlock_flags |= ((edx & (0x3<<11)) ? PADLOCK_PHE : 0);
-+ padlock_flags |= ((edx & (0x3<<13)) ? PADLOCK_PMM : 0);
-+
-+ /* Check for VIA Nano CPU */
-+ eax = 0x00000001;
-+ asm volatile ("pushl %%ebx; cpuid; popl %%ebx"
-+ : "+a"(eax) : : "ecx", "edx");
-+ if ((eax | 0x000F) == 0x06FF)
-+ padlock_flags |= PADLOCK_NANO;
-+
-+ return padlock_flags;
- }
-
- /*
-@@ -473,10 +491,14 @@ padlock_available(void)
- : "+a"(eax), "=d"(edx) : : "rbx", "rcx");
-
- /* Fill up some flags */
-- padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6));
-- padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2));
--
-- return padlock_use_ace + padlock_use_rng;
-+ padlock_flags |= ((edx & (0x3<<3)) ? PADLOCK_RNG : 0);
-+ padlock_flags |= ((edx & (0x3<<7)) ? PADLOCK_ACE : 0);
-+ padlock_flags |= ((edx & (0x3<<9)) ? PADLOCK_ACE2 : 0);
-+ padlock_flags |= ((edx & (0x3<<11)) ? PADLOCK_PHE : 0);
-+ padlock_flags |= ((edx & (0x3<<13)) ? PADLOCK_PMM : 0);
-+ padlock_flags |= PADLOCK_NANO;
-+
-+ return padlock_flags;
- }
-
- /* Force key reload from memory to the CPU microcode.
-@@ -1293,6 +1315,496 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
-
- # endif /* OPENSSL_NO_AES */
-
-+#ifndef OPENSSL_NO_SHA
-+
-+static inline void
-+padlock_copy_bswap(void *dst, void *src, size_t count)
-+{
-+ uint32_t *udst = dst, *usrc = src;
-+ int i = 0;
-+
-+ for (i = 0; i < count; i++)
-+ udst[i] = htonl(usrc[i]);
-+}
-+
-+static unsigned long padlock_sha_prepare_padding(
-+ EVP_MD_CTX *ctx,
-+ unsigned char *padding,
-+ unsigned char *data, size_t data_len,
-+ uint64_t total)
-+{
-+ unsigned int padding_len;
-+
-+ padding_len = data_len < 56 ? SHA_CBLOCK : 2 * SHA_CBLOCK;
-+ if (data_len)
-+ memcpy(padding, data, data_len);
-+
-+ memset(padding + data_len, 0, padding_len - data_len);
-+ padding[data_len] = 0x80;
-+ *(uint32_t *)(padding + padding_len - 8) = htonl(total >> 32);
-+ *(uint32_t *)(padding + padding_len - 4) = htonl(total & 0xffffffff);
-+
-+ return data_len < 56 ? 1 : 2;
-+}
-+
-+#define PADLOCK_SHA_ALIGN(dd) (uint32_t*)(((uintptr_t)(dd) + 15) & ~15)
-+#define PADLOCK_SHA_HWCTX (128+16)
-+
-+static void
-+padlock_sha1(void *hwctx, const void *buf, unsigned long total, unsigned long now)
-+{
-+ unsigned long pos = total - now;
-+
-+ asm volatile ("xsha1"
-+ : "+S"(buf), "+D"(hwctx), "+a"(pos), "+c"(total)
-+ : : "memory");
-+}
-+
-+static void
-+padlock_sha1_partial(void *hwctx, const void *buf, unsigned long blocks)
-+{
-+ asm volatile ("xsha1"
-+ : "+S"(buf), "+D"(hwctx), "+c"(blocks)
-+ : "a"(-1L) : "memory");
-+}
-+
-+static int padlock_sha1_init(EVP_MD_CTX *ctx)
-+{
-+ return SHA1_Init(ctx->md_data);
-+}
-+
-+#if PADLOCK_NEED_FALLBACK_SHA
-+
-+static int padlock_sha1_update_eden(EVP_MD_CTX *ctx, const void *data,
-+ size_t len)
-+{
-+ unsigned char hwctx[PADLOCK_SHA_HWCTX];
-+ uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
-+ SHA_CTX *c = ctx->md_data;
-+ uint_fast64_t total;
-+ const unsigned char *p = data;
-+ unsigned long l = 0;
-+
-+ /* Calculate total length (Nl,Nh) is length in bits */
-+ total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
-+ total += len;
-+
-+ if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
-+ (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
-+ if (c->num != 0) {
-+ l = (len < SHA_CBLOCK - c->num) ? len : (SHA_CBLOCK - c->num);
-+ if (!SHA1_Update(c, data, l))
-+ return 0;
-+ p += l;
-+ if (c->num != 0) {
-+ p = (unsigned char *) c->data;
-+ len = c->num;
-+ l = 0;
-+ }
-+ }
-+ memcpy(aligned, &c->h0, 5 * sizeof(SHA_LONG));
-+ padlock_sha1(aligned, p, total, len - l);
-+ memcpy(&c->h0, aligned, 5 * sizeof(SHA_LONG));
-+ c->num = -1;
-+ return 1;
-+ }
-+
-+ return SHA1_Update(c, data, len);
-+}
-+#endif
-+
-+static int padlock_sha1_update(EVP_MD_CTX *ctx, const void *data,
-+ size_t len)
-+{
-+ unsigned char hwctx[PADLOCK_SHA_HWCTX];
-+ uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
-+ SHA_CTX *c = ctx->md_data;
-+ uint_fast64_t total;
-+ unsigned char *p;
-+ unsigned long n;
-+
-+ /* Calculate total length (Nl,Nh) is length in bits */
-+ total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
-+ total += len;
-+ c->Nh = total >> 29;
-+ c->Nl = (total << 3) & 0xffffffffUL;
-+
-+ memcpy(aligned, &c->h0, 5 * sizeof(SHA_LONG));
-+
-+ /* Check partial data */
-+ n = c->num;
-+ if (n) {
-+ p = (unsigned char *) c->data;
-+ if (len >= SHA_CBLOCK || len+n >= SHA_CBLOCK) {
-+ memcpy(p+n, data, SHA_CBLOCK-n);
-+ padlock_sha1_partial(aligned, p, 1);
-+ n = SHA_CBLOCK - n;
-+ data += n;
-+ len -= n;
-+ c->num = 0;
-+ memset(p, 0, SHA_CBLOCK);
-+ } else {
-+ memcpy(p+n, data, len);
-+ c->num += (unsigned int)len;
-+ return 1;
-+ }
-+ }
-+
-+ /* Can we finalize straight away? */
-+ if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
-+ (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
-+ padlock_sha1(aligned, data, total, len);
-+ memcpy(&c->h0, aligned, 5 * sizeof(SHA_LONG));
-+ c->num = -1;
-+ return 1;
-+ }
-+
-+ /* Use nonfinalizing update */
-+ n = len / SHA_CBLOCK;
-+ if (n != 0) {
-+ padlock_sha1_partial(aligned, data, n);
-+ data += n * SHA_CBLOCK;
-+ len -= n * SHA_CBLOCK;
-+ }
-+ memcpy(&c->h0, aligned, 5 * sizeof(SHA_LONG));
-+
-+ /* Buffer remaining bytes */
-+ if (len) {
-+ memcpy(c->data, data, len);
-+ c->num = len;
-+ }
-+
-+ return 1;
-+}
-+
-+static int padlock_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
-+{
-+ unsigned char hwctx[PADLOCK_SHA_HWCTX];
-+ uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
-+ uint64_t total;
-+ SHA_CTX *c = ctx->md_data;
-+
-+ if (c->num == -1) {
-+ padlock_copy_bswap(md, &c->h0, 5);
-+ c->num = 0;
-+ return 1;
-+ }
-+
-+ total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
-+#if PADLOCK_NEED_FALLBACK_SHA
-+ if ((!PADLOCK_HAVE_NANO) && (total > PADLOCK_MAX_FINALIZING_LENGTH))
-+ return SHA1_Final(md, c);
-+#endif
-+
-+ memcpy(aligned, &c->h0, 5 * sizeof(SHA_LONG));
-+ if (total > PADLOCK_MAX_FINALIZING_LENGTH) {
-+ unsigned char padding[2 * SHA_CBLOCK];
-+ unsigned long n;
-+
-+ n = padlock_sha_prepare_padding(ctx, padding,
-+ (unsigned char *) c->data, c->num, total << 3);
-+ padlock_sha1_partial(aligned, padding, n);
-+ } else {
-+ padlock_sha1(aligned, c->data, total, c->num);
-+ }
-+ padlock_copy_bswap(md, aligned, 5);
-+ c->num = 0;
-+
-+ return 1;
-+}
-+
-+static EVP_MD padlock_sha1_md = {
-+ NID_sha1,
-+ NID_sha1WithRSAEncryption,
-+ SHA_DIGEST_LENGTH,
-+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
-+ padlock_sha1_init,
-+ padlock_sha1_update,
-+ padlock_sha1_final,
-+ NULL,
-+ NULL,
-+ EVP_PKEY_RSA_method,
-+ SHA_CBLOCK,
-+ sizeof(SHA_CTX),
-+};
-+
-+static EVP_MD padlock_dss1_md = {
-+ NID_dsa,
-+ NID_dsaWithSHA1,
-+ SHA_DIGEST_LENGTH,
-+ 0,
-+ padlock_sha1_init,
-+ padlock_sha1_update,
-+ padlock_sha1_final,
-+ NULL,
-+ NULL,
-+ EVP_PKEY_DSA_method,
-+ SHA_CBLOCK,
-+ sizeof(SHA_CTX),
-+};
-+
-+
-+#if !defined(OPENSSL_NO_SHA256)
-+
-+static void
-+padlock_sha256(void *hwctx, const void *buf, unsigned long total, unsigned long now)
-+{
-+ unsigned long pos = total - now;
-+
-+ asm volatile ("xsha256"
-+ : "+S"(buf), "+D"(hwctx), "+a"(pos), "+c"(total)
-+ : : "memory");
-+}
-+
-+static void
-+padlock_sha256_partial(void *hwctx, const void *buf, unsigned long blocks)
-+{
-+ asm volatile ("xsha256"
-+ : "+S"(buf), "+D"(hwctx), "+c"(blocks)
-+ : "a"(-1L) : "memory");
-+}
-+
-+#if PADLOCK_NEED_FALLBACK_SHA
-+
-+static int padlock_sha256_update_eden(EVP_MD_CTX *ctx, const void *data,
-+ size_t len)
-+{
-+ unsigned char hwctx[PADLOCK_SHA_HWCTX];
-+ uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
-+ SHA256_CTX *c = ctx->md_data;
-+ uint_fast64_t total;
-+ const unsigned char *p = data;
-+ unsigned int l = 0;
-+
-+ /* Calculate total length (Nl,Nh) is length in bits */
-+ total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
-+ total += len;
-+
-+ if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
-+ (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
-+ if (c->num != 0) {
-+ l = (len < SHA256_CBLOCK - c->num) ? len : (SHA256_CBLOCK - c->num);
-+ if (!SHA256_Update(c, data, l))
-+ return 0;
-+ p += l;
-+ if (c->num != 0) {
-+ p = (unsigned char *) c->data;
-+ len = c->num;
-+ l = 0;
-+ }
-+ }
-+ memcpy(aligned, c->h, sizeof(c->h));
-+ padlock_sha256(aligned, p, total, len - l);
-+ memcpy(c->h, aligned, sizeof(c->h));
-+ c->num = -1;
-+ return 1;
-+ }
-+
-+ return SHA256_Update(c, data, len);
-+}
-+
-+#endif
-+
-+static int padlock_sha256_update(EVP_MD_CTX *ctx, const void *data,
-+ size_t len)
-+{
-+ unsigned char hwctx[PADLOCK_SHA_HWCTX];
-+ uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
-+ SHA256_CTX *c = ctx->md_data;
-+ uint_fast64_t total;
-+ unsigned char *p;
-+ unsigned long n;
-+
-+ /* Calculate total length (Nl,Nh) is length in bits */
-+ total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
-+ total += len;
-+ c->Nh = total >> 29;
-+ c->Nl = (total << 3) & 0xffffffffUL;
-+
-+ memcpy(aligned, c->h, sizeof(c->h));
-+
-+ /* Check partial data */
-+ n = c->num;
-+ if (n) {
-+ p = (unsigned char *) c->data;
-+ if (len >= SHA256_CBLOCK || len+n >= SHA256_CBLOCK) {
-+ memcpy(p+n, data, SHA256_CBLOCK-n);
-+ padlock_sha256_partial(aligned, p, 1);
-+ n = SHA256_CBLOCK - n;
-+ data += n;
-+ len -= n;
-+ c->num = 0;
-+ memset(p, 0, SHA256_CBLOCK);
-+ } else {
-+ memcpy(p+n, data, len);
-+ c->num += (unsigned int)len;
-+ return 1;
-+ }
-+ }
-+
-+ /* Can we finalize straight away? */
-+ if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
-+ (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
-+ padlock_sha256(aligned, data, total, len);
-+ memcpy(c->h, aligned, sizeof(c->h));
-+ c->num = -1;
-+ return 1;
-+ }
-+
-+ /* Use nonfinalizing update */
-+ n = len / SHA256_CBLOCK;
-+ if (n != 0) {
-+ padlock_sha256_partial(aligned, data, n);
-+ data += n * SHA256_CBLOCK;
-+ len -= n * SHA256_CBLOCK;
-+ }
-+ memcpy(c->h, aligned, sizeof(c->h));
-+
-+ /* Buffer remaining bytes */
-+ if (len) {
-+ memcpy(c->data, data, len);
-+ c->num = len;
-+ }
-+
-+ return 1;
-+}
-+
-+static int padlock_sha256_final(EVP_MD_CTX *ctx, unsigned char *md)
-+{
-+ unsigned char hwctx[PADLOCK_SHA_HWCTX];
-+ uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
-+ uint64_t total;
-+ SHA256_CTX *c = ctx->md_data;
-+
-+ if (c->num == -1) {
-+ padlock_copy_bswap(md, c->h, sizeof(c->h)/sizeof(c->h[0]));
-+ c->num = 0;
-+ return 1;
-+ }
-+
-+ total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
-+#if PADLOCK_NEED_FALLBACK_SHA
-+ if ((!PADLOCK_HAVE_NANO) && (total > PADLOCK_MAX_FINALIZING_LENGTH))
-+ return SHA256_Final(md, c);
-+#endif
-+
-+ memcpy(aligned, c->h, sizeof(c->h));
-+ if (total > PADLOCK_MAX_FINALIZING_LENGTH) {
-+ unsigned char padding[2 * SHA_CBLOCK];
-+ unsigned long n;
-+
-+ n = padlock_sha_prepare_padding(ctx, padding,
-+ (unsigned char *) c->data, c->num, total << 3);
-+ padlock_sha256_partial(aligned, padding, n);
-+ } else {
-+ padlock_sha256(aligned, c->data, total, c->num);
-+ }
-+ padlock_copy_bswap(md, aligned, sizeof(c->h)/sizeof(c->h[0]));
-+ c->num = 0;
-+ return 1;
-+}
-+
-+#if !defined(OPENSSL_NO_SHA224)
-+
-+static int padlock_sha224_init(EVP_MD_CTX *ctx)
-+{
-+ return SHA224_Init(ctx->md_data);
-+}
-+
-+static EVP_MD padlock_sha224_md = {
-+ NID_sha224,
-+ NID_sha224WithRSAEncryption,
-+ SHA224_DIGEST_LENGTH,
-+ 0,
-+ padlock_sha224_init,
-+ padlock_sha256_update,
-+ padlock_sha256_final,
-+ NULL,
-+ NULL,
-+ EVP_PKEY_RSA_method,
-+ SHA_CBLOCK,
-+ sizeof(SHA256_CTX),
-+};
-+#endif /* !OPENSSL_NO_SHA224 */
-+
-+static int padlock_sha256_init(EVP_MD_CTX *ctx)
-+{
-+ return SHA256_Init(ctx->md_data);
-+}
-+
-+static EVP_MD padlock_sha256_md = {
-+ NID_sha256,
-+ NID_sha256WithRSAEncryption,
-+ SHA256_DIGEST_LENGTH,
-+ 0,
-+ padlock_sha256_init,
-+ padlock_sha256_update,
-+ padlock_sha256_final,
-+ NULL,
-+ NULL,
-+ EVP_PKEY_RSA_method,
-+ SHA_CBLOCK,
-+ sizeof(SHA256_CTX),
-+};
-+#endif /* !OPENSSL_NO_SHA256 */
-+
-+static int padlock_digest_nids[] = {
-+#if !defined(OPENSSL_NO_SHA)
-+ NID_sha1,
-+ NID_dsa,
-+#endif
-+#if !defined(OPENSSL_NO_SHA256)
-+#if !defined(OPENSSL_NO_SHA224)
-+ NID_sha224,
-+#endif
-+ NID_sha256,
-+#endif
-+};
-+
-+static int padlock_digest_nids_num = sizeof(padlock_digest_nids)/sizeof(padlock_digest_nids[0]);
-+
-+static int
-+padlock_digests (ENGINE *e, const EVP_MD **digest, const int **nids, int nid)
-+{
-+ /* No specific digest => return a list of supported nids ... */
-+ if (!digest) {
-+ *nids = padlock_digest_nids;
-+ return padlock_digest_nids_num;
-+ }
-+
-+ /* ... or the requested "digest" otherwise */
-+ switch (nid) {
-+#if !defined(OPENSSL_NO_SHA)
-+ case NID_sha1:
-+ *digest = &padlock_sha1_md;
-+ break;
-+ case NID_dsa:
-+ *digest = &padlock_dss1_md;
-+ break;
-+#endif
-+#if !defined(OPENSSL_NO_SHA256)
-+#if !defined(OPENSSL_NO_SHA224)
-+ case NID_sha224:
-+ *digest = &padlock_sha224_md;
-+ break;
-+#endif /* OPENSSL_NO_SHA224 */
-+ case NID_sha256:
-+ *digest = &padlock_sha256_md;
-+ break;
-+#endif /* OPENSSL_NO_SHA256 */
-+ default:
-+ /* Sorry, we don't support this NID */
-+ *digest = NULL;
-+ return 0;
-+ }
-+
-+ return 1;
-+}
-+
-+#endif /* OPENSSL_NO_SHA */
-+
-+#ifndef PADLOCK_NO_RNG
-+
- /* ===== Random Number Generator ===== */
- /*
- * This code is not engaged. The reason is that it does not comply
-@@ -1356,6 +1868,59 @@ static RAND_METHOD padlock_rand = {
- padlock_rand_bytes, /* pseudorand */
- padlock_rand_status, /* rand status */
- };
-+#endif /* PADLOCK_NO_RNG */
-+
-+/* Prepare the ENGINE structure for registration */
-+static int
-+padlock_bind_helper(ENGINE *e)
-+{
-+ /* Check available features */
-+ padlock_available();
-+
-+ /* Generate a nice engine name with available features */
-+ BIO_snprintf(padlock_name, sizeof(padlock_name),
-+ "VIA PadLock: %s%s%s%s%s%s",
-+ padlock_flags ? "" : "not supported",
-+ PADLOCK_HAVE_RNG ? "RNG " : "",
-+ PADLOCK_HAVE_ACE ? (PADLOCK_HAVE_ACE2 ? "ACE2 " : "ACE ") : "",
-+ PADLOCK_HAVE_PHE ? "PHE " : "",
-+ PADLOCK_HAVE_PMM ? "PMM " : "",
-+ PADLOCK_HAVE_NANO ? "NANO " : ""
-+ );
-+
-+#if PADLOCK_NEED_FALLBACK_SHA && !defined(OPENSSL_NO_SHA)
-+ if (!PADLOCK_HAVE_NANO) {
-+ padlock_sha1_md.update = padlock_sha1_update_eden;
-+ padlock_dss1_md.update = padlock_sha1_update_eden;
-+#if !defined(OPENSSL_NO_SHA256)
-+#if !defined(OPENSSL_NO_SHA224)
-+ padlock_sha224_md.update = padlock_sha256_update_eden;
-+#endif
-+ padlock_sha256_md.update = padlock_sha256_update_eden;
-+#endif
-+ }
-+#endif
-+
-+ /* Register everything or return with an error */
-+ if (!ENGINE_set_id(e, padlock_id) ||
-+ !ENGINE_set_name(e, padlock_name) ||
-+ !ENGINE_set_init_function(e, padlock_init)
-+#ifndef OPENSSL_NO_AES
-+ || (PADLOCK_HAVE_ACE && !ENGINE_set_ciphers (e, padlock_ciphers))
-+#endif
-+#ifndef OPENSSL_NO_SHA
-+ || (PADLOCK_HAVE_PHE && !ENGINE_set_digests (e, padlock_digests))
-+#endif
-+#ifndef PADLOCK_NO_RNG
-+ || (PADLOCK_HAVE_RNG && !ENGINE_set_RAND (e, &padlock_rand))
-+#endif
-+ ) {
-+ return 0;
-+ }
-+
-+ /* Everything looks good */
-+ return 1;
-+}
-
- # else /* !COMPILE_HW_PADLOCK */
- # ifndef OPENSSL_NO_DYNAMIC_ENGINE
---
-2.2.2
-
diff --git a/system/openssl/1004-crypto-engine-autoload-padlock-dynamic-engine.patch b/system/openssl/1004-crypto-engine-autoload-padlock-dynamic-engine.patch
deleted file mode 100644
index 66f37451e..000000000
--- a/system/openssl/1004-crypto-engine-autoload-padlock-dynamic-engine.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From a58658f191e83f4c6417d2cc879fa572f7978537 Mon Sep 17 00:00:00 2001
-From: Natanael Copa <ncopa@alpinelinux.org>
-Date: Thu, 4 Feb 2016 16:28:15 +0100
-Subject: [PATCH] crypto/engine: autoload padlock dynamic engine
-
----
- crypto/engine/eng_all.c | 10 ++++++++++
- 1 file changed, 10 insertions(+)
-
-diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c
-index 48ad0d2..822aa23 100644
---- a/crypto/engine/eng_all.c
-+++ b/crypto/engine/eng_all.c
-@@ -120,6 +120,16 @@ void ENGINE_load_builtin_engines(void)
- ENGINE_load_capi();
- # endif
- #endif
-+#ifdef OPENSSL_NO_STATIC_ENGINE
-+ {
-+ ENGINE *e = ENGINE_by_id("padlock");
-+ if (e != NULL) {
-+ ENGINE_add(e);
-+ ENGINE_free(e);
-+ ERR_clear_error();
-+ }
-+ }
-+#endif
- ENGINE_register_all_complete();
- }
-
---
-2.7.0
-
diff --git a/system/openssl/APKBUILD b/system/openssl/APKBUILD
index 3a777064b..dc4c4aab4 100644
--- a/system/openssl/APKBUILD
+++ b/system/openssl/APKBUILD
@@ -1,30 +1,19 @@
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=openssl
-pkgver=1.0.2t
+pkgver=1.1.1d
pkgrel=0
-pkgdesc="Toolkit for SSL v2/v3 and TLS v1"
+pkgdesc="Toolkit for SSL and TLS"
url="https://www.openssl.org/"
arch="all"
license="OpenSSL"
depends=""
-depends_dev="zlib-dev"
checkdepends="perl"
makedepends_build="perl"
-makedepends_host="zlib-dev"
-makedepends="$makedepends_host $makedepends_build"
-subpackages="$pkgname-dbg $pkgname-dev $pkgname-doc libcrypto1.0:libcrypto
- libssl1.0:libssl"
+subpackages="$pkgname-dbg $pkgname-dev $pkgname-doc libcrypto1.1:libcrypto
+ libssl1.1:libssl"
source="https://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
- 0003-use-termios.patch
- 0004-fix-default-ca-path-for-apps.patch
- 0005-fix-parallel-build.patch
- 0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
- 0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
- 0009-no-rpath.patch
- 0010-ssl-env-zlib.patch
- 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
- 1002-backport-changes-from-upstream-padlock-module.patch
- 1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
+ CVE-2019-1551.patch
+ ppc64.patch
"
# secfixes:
@@ -67,6 +56,8 @@ source="https://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
# 1.0.2t-r0:
# - CVE-2019-1547
# - CVE-2019-1563
+# 1.1.1d-r0:
+# - CVE-2019-1551
build() {
# openssl will prepend crosscompile always core CC et al
@@ -79,10 +70,10 @@ build() {
aarch64*) _target="linux-aarch64" ;;
arm*) _target="linux-armv4" ;;
ppc) _target="linux-ppc" ;;
- ppc64) _target="linux-ppc64"; _optflags="no-asm" ;;
+ ppc64) _target="linux-ppc64" ;;
ppc64le) _target="linux-ppc64le" ;;
i528 | pmmx | x86) _target="linux-elf" ;;
- x86_64) _target="linux-x86_64"; _optflags="enable-ec_nistp_64_gcc_128" ;;
+ x86_64) _target="linux-x86_64" ;;
s390x) _target="linux64-s390x";;
*) msg "Unable to determine architecture from (CARCH=$CARCH)" ; return 1 ;;
esac
@@ -94,37 +85,33 @@ build() {
perl ./Configure $_target --prefix=/usr \
--libdir=lib \
--openssldir=/etc/ssl \
- shared zlib enable-montasm enable-md2 $_optflags \
- -DOPENSSL_NO_BUF_FREELISTS \
- $CPPFLAGS $CFLAGS $LDFLAGS -Wa,--noexecstack \
- enable-ssl2
-
- make && make build-shared
+ shared no-zlib enable-md2 no-weak-ssl-ciphers \
+ $CPPFLAGS $CFLAGS $LDFLAGS -Wa,--noexecstack
+ make
}
check() {
- make -j1 test
+ make test
}
package() {
- make INSTALL_PREFIX="$pkgdir" MANDIR=/usr/share/man MANSUFFIX=ssl install
- # remove the script c_rehash
+ make DESTDIR="$pkgdir" install
rm "$pkgdir"/usr/bin/c_rehash
}
libcrypto() {
- pkgdesc="Crypto library from openssl"
+ pkgdesc="OpenSSL cryptography library"
mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib
for i in "$pkgdir"/usr/lib/libcrypto*; do
mv $i "$subpkgdir"/lib/
ln -s ../../lib/${i##*/} "$subpkgdir"/usr/lib/${i##*/}
done
- mv "$pkgdir"/usr/lib/engines "$subpkgdir"/usr/lib/
+ mv "$pkgdir"/usr/lib/engines-1.1 "$subpkgdir"/usr/lib/
}
libssl() {
- pkgdesc="SSL shared libraries"
+ pkgdesc="OpenSSL socket library"
mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib
for i in "$pkgdir"/usr/lib/libssl*; do
@@ -133,14 +120,6 @@ libssl() {
done
}
-sha512sums="0b88868933f42fab87e8b22449435a1091cc6e75f986aad6c173e01ad123161fcae8c226759073701bc65c9f2f0b6ce6a63a61203008ed873cfb6e484f32bc71 openssl-1.0.2t.tar.gz
-58e42058a0c8086c49d681b1e226da39a8cf8cb88c51cf739dec2ff12e1bb5d7208ac5033264b186d58e9bdfe992fe9ddb95701d01caf1824396b2cefe30c0a4 0003-use-termios.patch
-c67472879a31b5dbdd313892df6d37e7c93e8c0237d406c30d50b1016c2618ead3c13277f5dc723ef1ceed092d36e3c15a9777daa844f59b9fa2b0a4f04fd9ae 0004-fix-default-ca-path-for-apps.patch
-5d4191482f8bbf62c75fe6bc2d9587388022c3310703c2a913788a983b1d1406e706cf3916a5792604f0b0f220a87432d3b82b442cea9915f2abb6fdd8478fcb 0005-fix-parallel-build.patch
-820d4ce1c222696fe3f1dd0d11815c06262ec230fdb174532fd507286667a0aefbf858ea5edac4245a54b950cd0556545ecd0c5cf494692a2ba131c667e7bcd5 0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
-17ad683bb91a3a3c5bcc456c8aed7f0b42414c6de06ebafa4753af93c42d9827c9978a43d4d53d741a45df7f7895c6f6163172af57cc7b391cfd15f45ce6c351 0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
-5dbbc01985190ae1254350fb12565beb6abb916b6a7bb1f0f22d9762b1e575d124aaf9aa4cfe5f908e420978f691072d48c61a72660f09dfd6d9a2f83f862bc1 0009-no-rpath.patch
-5febe20948e3f12d981e378e1f4ea538711657aacb6865a1aa91339d4a04277e250f490a1f2abc2c6f290bdc2b1bffdba1d00983b4c09f7ea983eef8163f9420 0010-ssl-env-zlib.patch
-8c181760d7a149aa18d246d50f1c0438ffb63c98677b05306dfc00400ad0429b47d31e7c8d85126005c67f743d23e7a8a81174ffe98556f4caf9cf6b04d9ff17 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
-a3555440b5f544bfd6b9ad97557d8f4c1d673f6a35219f65056a72035d186be5f354717ddf9784899b602464d48657b090ade24379552d43af97609c0f48c389 1002-backport-changes-from-upstream-padlock-module.patch
-6353c7a94016c20db5d683dde37775f6780952ecdb1a5f39f878d04ba37f6ad79ae10fb6d65d181d912505a5d1e22463004cd855d548b364c00b120da2b0fdbc 1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch"
+sha512sums="2bc9f528c27fe644308eb7603c992bac8740e9f0c3601a130af30c9ffebbf7e0f5c28b76a00bbb478bad40fbe89b4223a58d604001e1713da71ff4b7fe6a08a7 openssl-1.1.1d.tar.gz
+11ca61515a89766241fe0fae27f3b39767128915f288ea88840bf93e8b50ac416024cb2153efcdf2658d3e82a8e4250a0c069333dbd7347475f9dafcc45370b5 CVE-2019-1551.patch
+66bbb0ae769643c8a0b1501d9c8466f08f0d8b3b2bc4fcc2c0c054ab1971ced85c07aa0e4b8168a4394d0ae407dfbd26066a7a068602ce5b58e459b12ce6d36a ppc64.patch"
diff --git a/system/openssl/CVE-2019-1551.patch b/system/openssl/CVE-2019-1551.patch
new file mode 100644
index 000000000..8daf04ebf
--- /dev/null
+++ b/system/openssl/CVE-2019-1551.patch
@@ -0,0 +1,757 @@
+From 419102400a2811582a7a3d4a4e317d72e5ce0a8f Mon Sep 17 00:00:00 2001
+From: Andy Polyakov <appro@openssl.org>
+Date: Wed, 4 Dec 2019 12:48:21 +0100
+Subject: [PATCH] Fix an overflow bug in rsaz_512_sqr
+
+There is an overflow bug in the x64_64 Montgomery squaring procedure used in
+exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis
+suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a
+result of this defect would be very difficult to perform and are not believed
+likely. Attacks against DH512 are considered just feasible. However, for an
+attack the target would have to re-use the DH512 private key, which is not
+recommended anyway. Also applications directly using the low level API
+BN_mod_exp may be affected if they use BN_FLG_CONSTTIME.
+
+CVE-2019-1551
+
+Reviewed-by: Paul Dale <paul.dale@oracle.com>
+Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
+(Merged from https://github.com/openssl/openssl/pull/10575)
+---
+ crypto/bn/asm/rsaz-x86_64.pl | 381 ++++++++++++++++++-----------------
+ 1 file changed, 197 insertions(+), 184 deletions(-)
+
+diff --git a/crypto/bn/asm/rsaz-x86_64.pl b/crypto/bn/asm/rsaz-x86_64.pl
+index b1797b649f..7534d5cd03 100755
+--- a/crypto/bn/asm/rsaz-x86_64.pl
++++ b/crypto/bn/asm/rsaz-x86_64.pl
+@@ -116,7 +116,7 @@ rsaz_512_sqr: # 25-29% faster than rsaz_512_mul
+ subq \$128+24, %rsp
+ .cfi_adjust_cfa_offset 128+24
+ .Lsqr_body:
+- movq $mod, %rbp # common argument
++ movq $mod, %xmm1 # common off-load
+ movq ($inp), %rdx
+ movq 8($inp), %rax
+ movq $n0, 128(%rsp)
+@@ -134,7 +134,8 @@ $code.=<<___;
+ .Loop_sqr:
+ movl $times,128+8(%rsp)
+ #first iteration
+- movq %rdx, %rbx
++ movq %rdx, %rbx # 0($inp)
++ mov %rax, %rbp # 8($inp)
+ mulq %rdx
+ movq %rax, %r8
+ movq 16($inp), %rax
+@@ -173,31 +174,29 @@ $code.=<<___;
+ mulq %rbx
+ addq %rax, %r14
+ movq %rbx, %rax
+- movq %rdx, %r15
+- adcq \$0, %r15
++ adcq \$0, %rdx
+
+- addq %r8, %r8 #shlq \$1, %r8
+- movq %r9, %rcx
+- adcq %r9, %r9 #shld \$1, %r8, %r9
++ xorq %rcx,%rcx # rcx:r8 = r8 << 1
++ addq %r8, %r8
++ movq %rdx, %r15
++ adcq \$0, %rcx
+
+ mulq %rax
+- movq %rax, (%rsp)
+- addq %rdx, %r8
+- adcq \$0, %r9
++ addq %r8, %rdx
++ adcq \$0, %rcx
+
+- movq %r8, 8(%rsp)
+- shrq \$63, %rcx
++ movq %rax, (%rsp)
++ movq %rdx, 8(%rsp)
+
+ #second iteration
+- movq 8($inp), %r8
+ movq 16($inp), %rax
+- mulq %r8
++ mulq %rbp
+ addq %rax, %r10
+ movq 24($inp), %rax
+ movq %rdx, %rbx
+ adcq \$0, %rbx
+
+- mulq %r8
++ mulq %rbp
+ addq %rax, %r11
+ movq 32($inp), %rax
+ adcq \$0, %rdx
+@@ -205,7 +204,7 @@ $code.=<<___;
+ movq %rdx, %rbx
+ adcq \$0, %rbx
+
+- mulq %r8
++ mulq %rbp
+ addq %rax, %r12
+ movq 40($inp), %rax
+ adcq \$0, %rdx
+@@ -213,7 +212,7 @@ $code.=<<___;
+ movq %rdx, %rbx
+ adcq \$0, %rbx
+
+- mulq %r8
++ mulq %rbp
+ addq %rax, %r13
+ movq 48($inp), %rax
+ adcq \$0, %rdx
+@@ -221,7 +220,7 @@ $code.=<<___;
+ movq %rdx, %rbx
+ adcq \$0, %rbx
+
+- mulq %r8
++ mulq %rbp
+ addq %rax, %r14
+ movq 56($inp), %rax
+ adcq \$0, %rdx
+@@ -229,39 +228,39 @@ $code.=<<___;
+ movq %rdx, %rbx
+ adcq \$0, %rbx
+
+- mulq %r8
++ mulq %rbp
+ addq %rax, %r15
+- movq %r8, %rax
++ movq %rbp, %rax
+ adcq \$0, %rdx
+ addq %rbx, %r15
+- movq %rdx, %r8
+- movq %r10, %rdx
+- adcq \$0, %r8
++ adcq \$0, %rdx
+
+- add %rdx, %rdx
+- lea (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10
+- movq %r11, %rbx
+- adcq %r11, %r11 #shld \$1, %r10, %r11
++ xorq %rbx, %rbx # rbx:r10:r9 = r10:r9 << 1
++ addq %r9, %r9
++ movq %rdx, %r8
++ adcq %r10, %r10
++ adcq \$0, %rbx
+
+ mulq %rax
++ addq %rcx, %rax
++ movq 16($inp), %rbp
++ adcq \$0, %rdx
+ addq %rax, %r9
++ movq 24($inp), %rax
+ adcq %rdx, %r10
+- adcq \$0, %r11
++ adcq \$0, %rbx
+
+ movq %r9, 16(%rsp)
+ movq %r10, 24(%rsp)
+- shrq \$63, %rbx
+
+ #third iteration
+- movq 16($inp), %r9
+- movq 24($inp), %rax
+- mulq %r9
++ mulq %rbp
+ addq %rax, %r12
+ movq 32($inp), %rax
+ movq %rdx, %rcx
+ adcq \$0, %rcx
+
+- mulq %r9
++ mulq %rbp
+ addq %rax, %r13
+ movq 40($inp), %rax
+ adcq \$0, %rdx
+@@ -269,7 +268,7 @@ $code.=<<___;
+ movq %rdx, %rcx
+ adcq \$0, %rcx
+
+- mulq %r9
++ mulq %rbp
+ addq %rax, %r14
+ movq 48($inp), %rax
+ adcq \$0, %rdx
+@@ -277,9 +276,7 @@ $code.=<<___;
+ movq %rdx, %rcx
+ adcq \$0, %rcx
+
+- mulq %r9
+- movq %r12, %r10
+- lea (%rbx,%r12,2), %r12 #shld \$1, %rbx, %r12
++ mulq %rbp
+ addq %rax, %r15
+ movq 56($inp), %rax
+ adcq \$0, %rdx
+@@ -287,36 +284,40 @@ $code.=<<___;
+ movq %rdx, %rcx
+ adcq \$0, %rcx
+
+- mulq %r9
+- shrq \$63, %r10
++ mulq %rbp
+ addq %rax, %r8
+- movq %r9, %rax
++ movq %rbp, %rax
+ adcq \$0, %rdx
+ addq %rcx, %r8
+- movq %rdx, %r9
+- adcq \$0, %r9
++ adcq \$0, %rdx
+
+- movq %r13, %rcx
+- leaq (%r10,%r13,2), %r13 #shld \$1, %r12, %r13
++ xorq %rcx, %rcx # rcx:r12:r11 = r12:r11 << 1
++ addq %r11, %r11
++ movq %rdx, %r9
++ adcq %r12, %r12
++ adcq \$0, %rcx
+
+ mulq %rax
++ addq %rbx, %rax
++ movq 24($inp), %r10
++ adcq \$0, %rdx
+ addq %rax, %r11
++ movq 32($inp), %rax
+ adcq %rdx, %r12
+- adcq \$0, %r13
++ adcq \$0, %rcx
+
+ movq %r11, 32(%rsp)
+ movq %r12, 40(%rsp)
+- shrq \$63, %rcx
+
+ #fourth iteration
+- movq 24($inp), %r10
+- movq 32($inp), %rax
++ mov %rax, %r11 # 32($inp)
+ mulq %r10
+ addq %rax, %r14
+ movq 40($inp), %rax
+ movq %rdx, %rbx
+ adcq \$0, %rbx
+
++ mov %rax, %r12 # 40($inp)
+ mulq %r10
+ addq %rax, %r15
+ movq 48($inp), %rax
+@@ -325,9 +326,8 @@ $code.=<<___;
+ movq %rdx, %rbx
+ adcq \$0, %rbx
+
++ mov %rax, %rbp # 48($inp)
+ mulq %r10
+- movq %r14, %r12
+- leaq (%rcx,%r14,2), %r14 #shld \$1, %rcx, %r14
+ addq %rax, %r8
+ movq 56($inp), %rax
+ adcq \$0, %rdx
+@@ -336,32 +336,33 @@ $code.=<<___;
+ adcq \$0, %rbx
+
+ mulq %r10
+- shrq \$63, %r12
+ addq %rax, %r9
+ movq %r10, %rax
+ adcq \$0, %rdx
+ addq %rbx, %r9
+- movq %rdx, %r10
+- adcq \$0, %r10
++ adcq \$0, %rdx
+
+- movq %r15, %rbx
+- leaq (%r12,%r15,2),%r15 #shld \$1, %r14, %r15
++ xorq %rbx, %rbx # rbx:r13:r14 = r13:r14 << 1
++ addq %r13, %r13
++ movq %rdx, %r10
++ adcq %r14, %r14
++ adcq \$0, %rbx
+
+ mulq %rax
++ addq %rcx, %rax
++ adcq \$0, %rdx
+ addq %rax, %r13
++ movq %r12, %rax # 40($inp)
+ adcq %rdx, %r14
+- adcq \$0, %r15
++ adcq \$0, %rbx
+
+ movq %r13, 48(%rsp)
+ movq %r14, 56(%rsp)
+- shrq \$63, %rbx
+
+ #fifth iteration
+- movq 32($inp), %r11
+- movq 40($inp), %rax
+ mulq %r11
+ addq %rax, %r8
+- movq 48($inp), %rax
++ movq %rbp, %rax # 48($inp)
+ movq %rdx, %rcx
+ adcq \$0, %rcx
+
+@@ -369,97 +370,99 @@ $code.=<<___;
+ addq %rax, %r9
+ movq 56($inp), %rax
+ adcq \$0, %rdx
+- movq %r8, %r12
+- leaq (%rbx,%r8,2), %r8 #shld \$1, %rbx, %r8
+ addq %rcx, %r9
+ movq %rdx, %rcx
+ adcq \$0, %rcx
+
++ mov %rax, %r14 # 56($inp)
+ mulq %r11
+- shrq \$63, %r12
+ addq %rax, %r10
+ movq %r11, %rax
+ adcq \$0, %rdx
+ addq %rcx, %r10
+- movq %rdx, %r11
+- adcq \$0, %r11
++ adcq \$0, %rdx
+
+- movq %r9, %rcx
+- leaq (%r12,%r9,2), %r9 #shld \$1, %r8, %r9
++ xorq %rcx, %rcx # rcx:r8:r15 = r8:r15 << 1
++ addq %r15, %r15
++ movq %rdx, %r11
++ adcq %r8, %r8
++ adcq \$0, %rcx
+
+ mulq %rax
++ addq %rbx, %rax
++ adcq \$0, %rdx
+ addq %rax, %r15
++ movq %rbp, %rax # 48($inp)
+ adcq %rdx, %r8
+- adcq \$0, %r9
++ adcq \$0, %rcx
+
+ movq %r15, 64(%rsp)
+ movq %r8, 72(%rsp)
+- shrq \$63, %rcx
+
+ #sixth iteration
+- movq 40($inp), %r12
+- movq 48($inp), %rax
+ mulq %r12
+ addq %rax, %r10
+- movq 56($inp), %rax
++ movq %r14, %rax # 56($inp)
+ movq %rdx, %rbx
+ adcq \$0, %rbx
+
+ mulq %r12
+ addq %rax, %r11
+ movq %r12, %rax
+- movq %r10, %r15
+- leaq (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10
+ adcq \$0, %rdx
+- shrq \$63, %r15
+ addq %rbx, %r11
+- movq %rdx, %r12
+- adcq \$0, %r12
++ adcq \$0, %rdx
+
+- movq %r11, %rbx
+- leaq (%r15,%r11,2), %r11 #shld \$1, %r10, %r11
++ xorq %rbx, %rbx # rbx:r10:r9 = r10:r9 << 1
++ addq %r9, %r9
++ movq %rdx, %r12
++ adcq %r10, %r10
++ adcq \$0, %rbx
+
+ mulq %rax
++ addq %rcx, %rax
++ adcq \$0, %rdx
+ addq %rax, %r9
++ movq %r14, %rax # 56($inp)
+ adcq %rdx, %r10
+- adcq \$0, %r11
++ adcq \$0, %rbx
+
+ movq %r9, 80(%rsp)
+ movq %r10, 88(%rsp)
+
+ #seventh iteration
+- movq 48($inp), %r13
+- movq 56($inp), %rax
+- mulq %r13
++ mulq %rbp
+ addq %rax, %r12
+- movq %r13, %rax
+- movq %rdx, %r13
+- adcq \$0, %r13
++ movq %rbp, %rax
++ adcq \$0, %rdx
+
+- xorq %r14, %r14
+- shlq \$1, %rbx
+- adcq %r12, %r12 #shld \$1, %rbx, %r12
+- adcq %r13, %r13 #shld \$1, %r12, %r13
+- adcq %r14, %r14 #shld \$1, %r13, %r14
++ xorq %rcx, %rcx # rcx:r12:r11 = r12:r11 << 1
++ addq %r11, %r11
++ movq %rdx, %r13
++ adcq %r12, %r12
++ adcq \$0, %rcx
+
+ mulq %rax
++ addq %rbx, %rax
++ adcq \$0, %rdx
+ addq %rax, %r11
++ movq %r14, %rax # 56($inp)
+ adcq %rdx, %r12
+- adcq \$0, %r13
++ adcq \$0, %rcx
+
+ movq %r11, 96(%rsp)
+ movq %r12, 104(%rsp)
+
+ #eighth iteration
+- movq 56($inp), %rax
++ xorq %rbx, %rbx # rbx:r13 = r13 << 1
++ addq %r13, %r13
++ adcq \$0, %rbx
++
+ mulq %rax
+- addq %rax, %r13
++ addq %rcx, %rax
+ adcq \$0, %rdx
+-
+- addq %rdx, %r14
+-
+- movq %r13, 112(%rsp)
+- movq %r14, 120(%rsp)
++ addq %r13, %rax
++ adcq %rbx, %rdx
+
+ movq (%rsp), %r8
+ movq 8(%rsp), %r9
+@@ -469,6 +472,10 @@ $code.=<<___;
+ movq 40(%rsp), %r13
+ movq 48(%rsp), %r14
+ movq 56(%rsp), %r15
++ movq %xmm1, %rbp
++
++ movq %rax, 112(%rsp)
++ movq %rdx, 120(%rsp)
+
+ call __rsaz_512_reduce
+
+@@ -500,9 +507,9 @@ $code.=<<___;
+ .Loop_sqrx:
+ movl $times,128+8(%rsp)
+ movq $out, %xmm0 # off-load
+- movq %rbp, %xmm1 # off-load
+ #first iteration
+ mulx %rax, %r8, %r9
++ mov %rax, %rbx
+
+ mulx 16($inp), %rcx, %r10
+ xor %rbp, %rbp # cf=0, of=0
+@@ -510,40 +517,39 @@ $code.=<<___;
+ mulx 24($inp), %rax, %r11
+ adcx %rcx, %r9
+
+- mulx 32($inp), %rcx, %r12
++ .byte 0xc4,0x62,0xf3,0xf6,0xa6,0x20,0x00,0x00,0x00 # mulx 32($inp), %rcx, %r12
+ adcx %rax, %r10
+
+- mulx 40($inp), %rax, %r13
++ .byte 0xc4,0x62,0xfb,0xf6,0xae,0x28,0x00,0x00,0x00 # mulx 40($inp), %rax, %r13
+ adcx %rcx, %r11
+
+- .byte 0xc4,0x62,0xf3,0xf6,0xb6,0x30,0x00,0x00,0x00 # mulx 48($inp), %rcx, %r14
++ mulx 48($inp), %rcx, %r14
+ adcx %rax, %r12
+ adcx %rcx, %r13
+
+- .byte 0xc4,0x62,0xfb,0xf6,0xbe,0x38,0x00,0x00,0x00 # mulx 56($inp), %rax, %r15
++ mulx 56($inp), %rax, %r15
+ adcx %rax, %r14
+ adcx %rbp, %r15 # %rbp is 0
+
+- mov %r9, %rcx
+- shld \$1, %r8, %r9
+- shl \$1, %r8
+-
+- xor %ebp, %ebp
+- mulx %rdx, %rax, %rdx
+- adcx %rdx, %r8
+- mov 8($inp), %rdx
+- adcx %rbp, %r9
++ mulx %rdx, %rax, $out
++ mov %rbx, %rdx # 8($inp)
++ xor %rcx, %rcx
++ adox %r8, %r8
++ adcx $out, %r8
++ adox %rbp, %rcx
++ adcx %rbp, %rcx
+
+ mov %rax, (%rsp)
+ mov %r8, 8(%rsp)
+
+ #second iteration
+- mulx 16($inp), %rax, %rbx
++ .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x10,0x00,0x00,0x00 # mulx 16($inp), %rax, %rbx
+ adox %rax, %r10
+ adcx %rbx, %r11
+
+- .byte 0xc4,0x62,0xc3,0xf6,0x86,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r8
++ mulx 24($inp), $out, %r8
+ adox $out, %r11
++ .byte 0x66
+ adcx %r8, %r12
+
+ mulx 32($inp), %rax, %rbx
+@@ -561,24 +567,25 @@ $code.=<<___;
+ .byte 0xc4,0x62,0xc3,0xf6,0x86,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r8
+ adox $out, %r15
+ adcx %rbp, %r8
++ mulx %rdx, %rax, $out
+ adox %rbp, %r8
++ .byte 0x48,0x8b,0x96,0x10,0x00,0x00,0x00 # mov 16($inp), %rdx
+
+- mov %r11, %rbx
+- shld \$1, %r10, %r11
+- shld \$1, %rcx, %r10
+-
+- xor %ebp,%ebp
+- mulx %rdx, %rax, %rcx
+- mov 16($inp), %rdx
++ xor %rbx, %rbx
++ adcx %rcx, %rax
++ adox %r9, %r9
++ adcx %rbp, $out
++ adox %r10, %r10
+ adcx %rax, %r9
+- adcx %rcx, %r10
+- adcx %rbp, %r11
++ adox %rbp, %rbx
++ adcx $out, %r10
++ adcx %rbp, %rbx
+
+ mov %r9, 16(%rsp)
+ .byte 0x4c,0x89,0x94,0x24,0x18,0x00,0x00,0x00 # mov %r10, 24(%rsp)
+
+ #third iteration
+- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r9
++ mulx 24($inp), $out, %r9
+ adox $out, %r12
+ adcx %r9, %r13
+
+@@ -586,7 +593,7 @@ $code.=<<___;
+ adox %rax, %r13
+ adcx %rcx, %r14
+
+- mulx 40($inp), $out, %r9
++ .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r9
+ adox $out, %r14
+ adcx %r9, %r15
+
+@@ -594,27 +601,28 @@ $code.=<<___;
+ adox %rax, %r15
+ adcx %rcx, %r8
+
+- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r9
++ mulx 56($inp), $out, %r9
+ adox $out, %r8
+ adcx %rbp, %r9
++ mulx %rdx, %rax, $out
+ adox %rbp, %r9
++ mov 24($inp), %rdx
+
+- mov %r13, %rcx
+- shld \$1, %r12, %r13
+- shld \$1, %rbx, %r12
+-
+- xor %ebp, %ebp
+- mulx %rdx, %rax, %rdx
++ xor %rcx, %rcx
++ adcx %rbx, %rax
++ adox %r11, %r11
++ adcx %rbp, $out
++ adox %r12, %r12
+ adcx %rax, %r11
+- adcx %rdx, %r12
+- mov 24($inp), %rdx
+- adcx %rbp, %r13
++ adox %rbp, %rcx
++ adcx $out, %r12
++ adcx %rbp, %rcx
+
+ mov %r11, 32(%rsp)
+- .byte 0x4c,0x89,0xa4,0x24,0x28,0x00,0x00,0x00 # mov %r12, 40(%rsp)
++ mov %r12, 40(%rsp)
+
+ #fourth iteration
+- .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x20,0x00,0x00,0x00 # mulx 32($inp), %rax, %rbx
++ mulx 32($inp), %rax, %rbx
+ adox %rax, %r14
+ adcx %rbx, %r15
+
+@@ -629,25 +637,25 @@ $code.=<<___;
+ mulx 56($inp), $out, %r10
+ adox $out, %r9
+ adcx %rbp, %r10
++ mulx %rdx, %rax, $out
+ adox %rbp, %r10
++ mov 32($inp), %rdx
+
+- .byte 0x66
+- mov %r15, %rbx
+- shld \$1, %r14, %r15
+- shld \$1, %rcx, %r14
+-
+- xor %ebp, %ebp
+- mulx %rdx, %rax, %rdx
++ xor %rbx, %rbx
++ adcx %rcx, %rax
++ adox %r13, %r13
++ adcx %rbp, $out
++ adox %r14, %r14
+ adcx %rax, %r13
+- adcx %rdx, %r14
+- mov 32($inp), %rdx
+- adcx %rbp, %r15
++ adox %rbp, %rbx
++ adcx $out, %r14
++ adcx %rbp, %rbx
+
+ mov %r13, 48(%rsp)
+ mov %r14, 56(%rsp)
+
+ #fifth iteration
+- .byte 0xc4,0x62,0xc3,0xf6,0x9e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r11
++ mulx 40($inp), $out, %r11
+ adox $out, %r8
+ adcx %r11, %r9
+
+@@ -658,18 +666,19 @@ $code.=<<___;
+ mulx 56($inp), $out, %r11
+ adox $out, %r10
+ adcx %rbp, %r11
++ mulx %rdx, %rax, $out
++ mov 40($inp), %rdx
+ adox %rbp, %r11
+
+- mov %r9, %rcx
+- shld \$1, %r8, %r9
+- shld \$1, %rbx, %r8
+-
+- xor %ebp, %ebp
+- mulx %rdx, %rax, %rdx
++ xor %rcx, %rcx
++ adcx %rbx, %rax
++ adox %r15, %r15
++ adcx %rbp, $out
++ adox %r8, %r8
+ adcx %rax, %r15
+- adcx %rdx, %r8
+- mov 40($inp), %rdx
+- adcx %rbp, %r9
++ adox %rbp, %rcx
++ adcx $out, %r8
++ adcx %rbp, %rcx
+
+ mov %r15, 64(%rsp)
+ mov %r8, 72(%rsp)
+@@ -682,18 +691,19 @@ $code.=<<___;
+ .byte 0xc4,0x62,0xc3,0xf6,0xa6,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r12
+ adox $out, %r11
+ adcx %rbp, %r12
++ mulx %rdx, %rax, $out
+ adox %rbp, %r12
++ mov 48($inp), %rdx
+
+- mov %r11, %rbx
+- shld \$1, %r10, %r11
+- shld \$1, %rcx, %r10
+-
+- xor %ebp, %ebp
+- mulx %rdx, %rax, %rdx
++ xor %rbx, %rbx
++ adcx %rcx, %rax
++ adox %r9, %r9
++ adcx %rbp, $out
++ adox %r10, %r10
+ adcx %rax, %r9
+- adcx %rdx, %r10
+- mov 48($inp), %rdx
+- adcx %rbp, %r11
++ adcx $out, %r10
++ adox %rbp, %rbx
++ adcx %rbp, %rbx
+
+ mov %r9, 80(%rsp)
+ mov %r10, 88(%rsp)
+@@ -703,31 +713,31 @@ $code.=<<___;
+ adox %rax, %r12
+ adox %rbp, %r13
+
+- xor %r14, %r14
+- shld \$1, %r13, %r14
+- shld \$1, %r12, %r13
+- shld \$1, %rbx, %r12
+-
+- xor %ebp, %ebp
+- mulx %rdx, %rax, %rdx
+- adcx %rax, %r11
+- adcx %rdx, %r12
++ mulx %rdx, %rax, $out
++ xor %rcx, %rcx
+ mov 56($inp), %rdx
+- adcx %rbp, %r13
++ adcx %rbx, %rax
++ adox %r11, %r11
++ adcx %rbp, $out
++ adox %r12, %r12
++ adcx %rax, %r11
++ adox %rbp, %rcx
++ adcx $out, %r12
++ adcx %rbp, %rcx
+
+ .byte 0x4c,0x89,0x9c,0x24,0x60,0x00,0x00,0x00 # mov %r11, 96(%rsp)
+ .byte 0x4c,0x89,0xa4,0x24,0x68,0x00,0x00,0x00 # mov %r12, 104(%rsp)
+
+ #eighth iteration
+ mulx %rdx, %rax, %rdx
+- adox %rax, %r13
+- adox %rbp, %rdx
++ xor %rbx, %rbx
++ adcx %rcx, %rax
++ adox %r13, %r13
++ adcx %rbp, %rdx
++ adox %rbp, %rbx
++ adcx %r13, %rax
++ adcx %rdx, %rbx
+
+- .byte 0x66
+- add %rdx, %r14
+-
+- movq %r13, 112(%rsp)
+- movq %r14, 120(%rsp)
+ movq %xmm0, $out
+ movq %xmm1, %rbp
+
+@@ -741,6 +751,9 @@ $code.=<<___;
+ movq 48(%rsp), %r14
+ movq 56(%rsp), %r15
+
++ movq %rax, 112(%rsp)
++ movq %rbx, 120(%rsp)
++
+ call __rsaz_512_reducex
+
+ addq 64(%rsp), %r8
+--
+2.17.1
+
diff --git a/system/openssl/ppc64.patch b/system/openssl/ppc64.patch
new file mode 100644
index 000000000..5f79c4ddc
--- /dev/null
+++ b/system/openssl/ppc64.patch
@@ -0,0 +1,96 @@
+From 34ab13b7d8e3e723adb60be8142e38b7c9cd382a Mon Sep 17 00:00:00 2001
+From: Andy Polyakov <appro@openssl.org>
+Date: Sun, 5 May 2019 18:25:50 +0200
+Subject: [PATCH] crypto/perlasm/ppc-xlate.pl: add linux64v2 flavour
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This is a big endian ELFv2 configuration. ELFv2 was already being
+used for little endian, and big endian was traditionally ELFv1
+but there are practical configurations that use ELFv2 with big
+endian nowadays (Adélie Linux, Void Linux, possibly Gentoo, etc.)
+
+Reviewed-by: Paul Dale <paul.dale@oracle.com>
+Reviewed-by: Richard Levitte <levitte@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/8883)
+---
+ crypto/perlasm/ppc-xlate.pl | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/crypto/perlasm/ppc-xlate.pl b/crypto/perlasm/ppc-xlate.pl
+index e52f2f6ea62..5fcd0526dff 100755
+--- a/crypto/perlasm/ppc-xlate.pl
++++ b/crypto/perlasm/ppc-xlate.pl
+@@ -49,7 +49,7 @@
+ /osx/ && do { $name = "_$name";
+ last;
+ };
+- /linux.*(32|64le)/
++ /linux.*(32|64(le|v2))/
+ && do { $ret .= ".globl $name";
+ if (!$$type) {
+ $ret .= "\n.type $name,\@function";
+@@ -80,7 +80,7 @@
+ };
+ my $text = sub {
+ my $ret = ($flavour =~ /aix/) ? ".csect\t.text[PR],7" : ".text";
+- $ret = ".abiversion 2\n".$ret if ($flavour =~ /linux.*64le/);
++ $ret = ".abiversion 2\n".$ret if ($flavour =~ /linux.*64(le|v2)/);
+ $ret;
+ };
+ my $machine = sub {
+@@ -186,7 +186,7 @@
+
+ # Some ABIs specify vrsave, special-purpose register #256, as reserved
+ # for system use.
+-my $no_vrsave = ($flavour =~ /aix|linux64le/);
++my $no_vrsave = ($flavour =~ /aix|linux64(le|v2)/);
+ my $mtspr = sub {
+ my ($f,$idx,$ra) = @_;
+ if ($idx == 256 && $no_vrsave) {
+@@ -318,7 +318,7 @@ sub vfour {
+ if ($label) {
+ my $xlated = ($GLOBALS{$label} or $label);
+ print "$xlated:";
+- if ($flavour =~ /linux.*64le/) {
++ if ($flavour =~ /linux.*64(le|v2)/) {
+ if ($TYPES{$label} =~ /function/) {
+ printf "\n.localentry %s,0\n",$xlated;
+ }
+
+From 098404128383ded87ba390dd74ecd9e2ffa6f530 Mon Sep 17 00:00:00 2001
+From: Andy Polyakov <appro@openssl.org>
+Date: Sun, 5 May 2019 18:30:55 +0200
+Subject: [PATCH] Configure: use ELFv2 ABI on some ppc64 big endian systems
+
+If _CALL_ELF is defined to be 2, it's an ELFv2 system.
+Conditionally switch to the v2 perlasm scheme.
+
+Reviewed-by: Paul Dale <paul.dale@oracle.com>
+Reviewed-by: Richard Levitte <levitte@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/8883)
+---
+ Configure | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/Configure b/Configure
+index 22082deb4c7..e303d98deb3 100755
+--- a/Configure
++++ b/Configure
+@@ -1411,8 +1410,15 @@
+ my %predefined_C = compiler_predefined($config{CROSS_COMPILE}.$config{CC});
+ my %predefined_CXX = $config{CXX}
+ ? compiler_predefined($config{CROSS_COMPILE}.$config{CXX})
+ : ();
+
++unless ($disabled{asm}) {
++ # big endian systems can use ELFv2 ABI
++ if ($target eq "linux-ppc64") {
++ $target{perlasm_scheme} = "linux64v2" if ($predefined_C{_CALL_ELF} == 2);
++ }
++}
++
+ # Check for makedepend capabilities.
+ if (!$disabled{makedepend}) {
+ if ($config{target} =~ /^(VC|vms)-/) {