diff options
| author | Cristiana Voicu <cristiana.voicu@intel.com> | 2014-04-08 14:49:48 +0300 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-04-08 17:45:09 +0100 |
| commit | 5dd1d7566964c90d33c0c44f569d9336fb0724ce (patch) | |
| tree | 6c9516db6873f1254723cbeeca204a43d5d410ba /meta/recipes-connectivity/openssl/openssl-1.0.1e/openssl-fix-doc.patch | |
| parent | c0ac09ab49d7a2b9cc7601ceef2852d690cdf3d1 (diff) | |
| download | poky-5dd1d7566964c90d33c0c44f569d9336fb0724ce.tar.gz | |
openssl: Upgrade to v1.0.1g
The trigger for the upgrade was the serious "heartbleed" vulnerability
(CVE-2014-0160). More information:
http://www.itnews.com.au/News/382068,serious-openssl-bug-renders-websites-wide-open.aspx
Dropped obsolete patches, because the new version contains them:
0001-Fix-for-TLS-record-tampering-bug-CVE-2013-4353.patch
0001-Fix-DTLS-retransmission-from-previous-session.patch
0001-Use-version-in-SSL_METHOD-not-SSL-structure.patch
Modified 2 patches (small changes), in order to apply properly:
initial-aarch64-bits.patch
openssl-fix-doc.patch
Addresses CVEs:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076
(From OE-Core rev: ff52836e1838590eeec7d7658e15b21d83cf8455)
Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/openssl/openssl-1.0.1e/openssl-fix-doc.patch')
| -rw-r--r-- | meta/recipes-connectivity/openssl/openssl-1.0.1e/openssl-fix-doc.patch | 435 |
1 files changed, 0 insertions, 435 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.1e/openssl-fix-doc.patch b/meta/recipes-connectivity/openssl/openssl-1.0.1e/openssl-fix-doc.patch deleted file mode 100644 index e87ed80736..0000000000 --- a/meta/recipes-connectivity/openssl/openssl-1.0.1e/openssl-fix-doc.patch +++ /dev/null | |||
| @@ -1,435 +0,0 @@ | |||
| 1 | Fix documentation build errors with Perl 5.18 pod2man | ||
| 2 | |||
| 3 | This fixes errors building man pages with newer versions of pod2man | ||
| 4 | included with Perl 5.18. | ||
| 5 | |||
| 6 | Upstream-Status: Submitted | ||
| 7 | Signed-off-by: Jonathan Liu | ||
| 8 | |||
| 9 | diff --git a/doc/apps/cms.pod b/doc/apps/cms.pod | ||
| 10 | index a09588a..881d387 100644 | ||
| 11 | --- a/doc/apps/cms.pod | ||
| 12 | +++ b/doc/apps/cms.pod | ||
| 13 | @@ -450,28 +450,28 @@ remains DER. | ||
| 14 | |||
| 15 | =over 4 | ||
| 16 | |||
| 17 | -=item 0 | ||
| 18 | +=item Z<>0 | ||
| 19 | |||
| 20 | the operation was completely successfully. | ||
| 21 | |||
| 22 | -=item 1 | ||
| 23 | +=item Z<>1 | ||
| 24 | |||
| 25 | an error occurred parsing the command options. | ||
| 26 | |||
| 27 | -=item 2 | ||
| 28 | +=item Z<>2 | ||
| 29 | |||
| 30 | one of the input files could not be read. | ||
| 31 | |||
| 32 | -=item 3 | ||
| 33 | +=item Z<>3 | ||
| 34 | |||
| 35 | an error occurred creating the CMS file or when reading the MIME | ||
| 36 | message. | ||
| 37 | |||
| 38 | -=item 4 | ||
| 39 | +=item Z<>4 | ||
| 40 | |||
| 41 | an error occurred decrypting or verifying the message. | ||
| 42 | |||
| 43 | -=item 5 | ||
| 44 | +=item Z<>5 | ||
| 45 | |||
| 46 | the message was verified correctly but an error occurred writing out | ||
| 47 | the signers certificates. | ||
| 48 | diff --git a/doc/apps/smime.pod b/doc/apps/smime.pod | ||
| 49 | index e4e89af..ef8e8cd 100644 | ||
| 50 | --- a/doc/apps/smime.pod | ||
| 51 | +++ b/doc/apps/smime.pod | ||
| 52 | @@ -308,28 +308,28 @@ remains DER. | ||
| 53 | |||
| 54 | =over 4 | ||
| 55 | |||
| 56 | -=item 0 | ||
| 57 | +=item Z<>0 | ||
| 58 | |||
| 59 | the operation was completely successfully. | ||
| 60 | |||
| 61 | -=item 1 | ||
| 62 | +=item Z<>1 | ||
| 63 | |||
| 64 | an error occurred parsing the command options. | ||
| 65 | |||
| 66 | -=item 2 | ||
| 67 | +=item Z<>2 | ||
| 68 | |||
| 69 | one of the input files could not be read. | ||
| 70 | |||
| 71 | -=item 3 | ||
| 72 | +=item Z<>3 | ||
| 73 | |||
| 74 | an error occurred creating the PKCS#7 file or when reading the MIME | ||
| 75 | message. | ||
| 76 | |||
| 77 | -=item 4 | ||
| 78 | +=item Z<>4 | ||
| 79 | |||
| 80 | an error occurred decrypting or verifying the message. | ||
| 81 | |||
| 82 | -=item 5 | ||
| 83 | +=item Z<>5 | ||
| 84 | |||
| 85 | the message was verified correctly but an error occurred writing out | ||
| 86 | the signers certificates. | ||
| 87 | diff --git a/doc/crypto/X509_STORE_CTX_get_error.pod b/doc/crypto/X509_STORE_CTX_get_error.pod | ||
| 88 | index a883f6c..60e8332 100644 | ||
| 89 | --- a/doc/crypto/X509_STORE_CTX_get_error.pod | ||
| 90 | +++ b/doc/crypto/X509_STORE_CTX_get_error.pod | ||
| 91 | @@ -278,6 +278,8 @@ happen if extended CRL checking is enabled. | ||
| 92 | an application specific error. This will never be returned unless explicitly | ||
| 93 | set by an application. | ||
| 94 | |||
| 95 | +=back | ||
| 96 | + | ||
| 97 | =head1 NOTES | ||
| 98 | |||
| 99 | The above functions should be used instead of directly referencing the fields | ||
| 100 | diff --git a/doc/ssl/SSL_COMP_add_compression_method.pod b/doc/ssl/SSL_COMP_add_compression_method.pod | ||
| 101 | index 42fa66b..f4d191c 100644 | ||
| 102 | --- a/doc/ssl/SSL_COMP_add_compression_method.pod | ||
| 103 | +++ b/doc/ssl/SSL_COMP_add_compression_method.pod | ||
| 104 | @@ -53,11 +53,11 @@ SSL_COMP_add_compression_method() may return the following values: | ||
| 105 | |||
| 106 | =over 4 | ||
| 107 | |||
| 108 | -=item 0 | ||
| 109 | +=item Z<>0 | ||
| 110 | |||
| 111 | The operation succeeded. | ||
| 112 | |||
| 113 | -=item 1 | ||
| 114 | +=item Z<>1 | ||
| 115 | |||
| 116 | The operation failed. Check the error queue to find out the reason. | ||
| 117 | |||
| 118 | diff --git a/doc/ssl/SSL_CTX_add_session.pod b/doc/ssl/SSL_CTX_add_session.pod | ||
| 119 | index 82676b2..8e0abd3 100644 | ||
| 120 | --- a/doc/ssl/SSL_CTX_add_session.pod | ||
| 121 | +++ b/doc/ssl/SSL_CTX_add_session.pod | ||
| 122 | @@ -52,13 +52,13 @@ The following values are returned by all functions: | ||
| 123 | |||
| 124 | =over 4 | ||
| 125 | |||
| 126 | -=item 0 | ||
| 127 | +=item Z<>0 | ||
| 128 | |||
| 129 | The operation failed. In case of the add operation, it was tried to add | ||
| 130 | the same (identical) session twice. In case of the remove operation, the | ||
| 131 | session was not found in the cache. | ||
| 132 | |||
| 133 | -=item 1 | ||
| 134 | +=item Z<>1 | ||
| 135 | |||
| 136 | The operation succeeded. | ||
| 137 | |||
| 138 | diff --git a/doc/ssl/SSL_CTX_load_verify_locations.pod b/doc/ssl/SSL_CTX_load_verify_locations.pod | ||
| 139 | index 84a799f..d1d8977 100644 | ||
| 140 | --- a/doc/ssl/SSL_CTX_load_verify_locations.pod | ||
| 141 | +++ b/doc/ssl/SSL_CTX_load_verify_locations.pod | ||
| 142 | @@ -100,13 +100,13 @@ The following return values can occur: | ||
| 143 | |||
| 144 | =over 4 | ||
| 145 | |||
| 146 | -=item 0 | ||
| 147 | +=item Z<>0 | ||
| 148 | |||
| 149 | The operation failed because B<CAfile> and B<CApath> are NULL or the | ||
| 150 | processing at one of the locations specified failed. Check the error | ||
| 151 | stack to find out the reason. | ||
| 152 | |||
| 153 | -=item 1 | ||
| 154 | +=item Z<>1 | ||
| 155 | |||
| 156 | The operation succeeded. | ||
| 157 | |||
| 158 | diff --git a/doc/ssl/SSL_CTX_set_client_CA_list.pod b/doc/ssl/SSL_CTX_set_client_CA_list.pod | ||
| 159 | index 632b556..6122a02 100644 | ||
| 160 | --- a/doc/ssl/SSL_CTX_set_client_CA_list.pod | ||
| 161 | +++ b/doc/ssl/SSL_CTX_set_client_CA_list.pod | ||
| 162 | @@ -66,11 +66,11 @@ values: | ||
| 163 | |||
| 164 | =over 4 | ||
| 165 | |||
| 166 | -=item 1 | ||
| 167 | +=item Z<>1 | ||
| 168 | |||
| 169 | The operation succeeded. | ||
| 170 | |||
| 171 | -=item 0 | ||
| 172 | +=item Z<>0 | ||
| 173 | |||
| 174 | A failure while manipulating the STACK_OF(X509_NAME) object occurred or | ||
| 175 | the X509_NAME could not be extracted from B<cacert>. Check the error stack | ||
| 176 | diff --git a/doc/ssl/SSL_CTX_set_session_id_context.pod b/doc/ssl/SSL_CTX_set_session_id_context.pod | ||
| 177 | index 58fc685..7c9e515 100644 | ||
| 178 | --- a/doc/ssl/SSL_CTX_set_session_id_context.pod | ||
| 179 | +++ b/doc/ssl/SSL_CTX_set_session_id_context.pod | ||
| 180 | @@ -64,13 +64,13 @@ return the following values: | ||
| 181 | |||
| 182 | =over 4 | ||
| 183 | |||
| 184 | -=item 0 | ||
| 185 | +=item Z<>0 | ||
| 186 | |||
| 187 | The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded | ||
| 188 | the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error | ||
| 189 | is logged to the error stack. | ||
| 190 | |||
| 191 | -=item 1 | ||
| 192 | +=item Z<>1 | ||
| 193 | |||
| 194 | The operation succeeded. | ||
| 195 | |||
| 196 | diff --git a/doc/ssl/SSL_CTX_set_ssl_version.pod b/doc/ssl/SSL_CTX_set_ssl_version.pod | ||
| 197 | index 254f2b4..e254f96 100644 | ||
| 198 | --- a/doc/ssl/SSL_CTX_set_ssl_version.pod | ||
| 199 | +++ b/doc/ssl/SSL_CTX_set_ssl_version.pod | ||
| 200 | @@ -42,11 +42,11 @@ and SSL_set_ssl_method(): | ||
| 201 | |||
| 202 | =over 4 | ||
| 203 | |||
| 204 | -=item 0 | ||
| 205 | +=item Z<>0 | ||
| 206 | |||
| 207 | The new choice failed, check the error stack to find out the reason. | ||
| 208 | |||
| 209 | -=item 1 | ||
| 210 | +=item Z<>1 | ||
| 211 | |||
| 212 | The operation succeeded. | ||
| 213 | |||
| 214 | diff --git a/doc/ssl/SSL_CTX_use_psk_identity_hint.pod b/doc/ssl/SSL_CTX_use_psk_identity_hint.pod | ||
| 215 | index b80e25b..31e6626 100644 | ||
| 216 | --- a/doc/ssl/SSL_CTX_use_psk_identity_hint.pod | ||
| 217 | +++ b/doc/ssl/SSL_CTX_use_psk_identity_hint.pod | ||
| 218 | @@ -81,6 +81,8 @@ SSL_CTX_use_psk_identity_hint() and SSL_use_psk_identity_hint() return | ||
| 219 | |||
| 220 | Return values from the server callback are interpreted as follows: | ||
| 221 | |||
| 222 | +=over 4 | ||
| 223 | + | ||
| 224 | =item > 0 | ||
| 225 | |||
| 226 | PSK identity was found and the server callback has provided the PSK | ||
| 227 | @@ -94,9 +96,11 @@ data to B<psk> and return the length of the random data, so the | ||
| 228 | connection will fail with decryption_error before it will be finished | ||
| 229 | completely. | ||
| 230 | |||
| 231 | -=item 0 | ||
| 232 | +=item Z<>0 | ||
| 233 | |||
| 234 | PSK identity was not found. An "unknown_psk_identity" alert message | ||
| 235 | will be sent and the connection setup fails. | ||
| 236 | |||
| 237 | +=back | ||
| 238 | + | ||
| 239 | =cut | ||
| 240 | diff --git a/doc/ssl/SSL_accept.pod b/doc/ssl/SSL_accept.pod | ||
| 241 | index cc724c0..4915e5a 100644 | ||
| 242 | --- a/doc/ssl/SSL_accept.pod | ||
| 243 | +++ b/doc/ssl/SSL_accept.pod | ||
| 244 | @@ -44,12 +44,12 @@ The following return values can occur: | ||
| 245 | |||
| 246 | =over 4 | ||
| 247 | |||
| 248 | -=item 1 | ||
| 249 | +=item Z<>1 | ||
| 250 | |||
| 251 | The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been | ||
| 252 | established. | ||
| 253 | |||
| 254 | -=item 0 | ||
| 255 | +=item Z<>0 | ||
| 256 | |||
| 257 | The TLS/SSL handshake was not successful but was shut down controlled and | ||
| 258 | by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the | ||
| 259 | diff --git a/doc/ssl/SSL_clear.pod b/doc/ssl/SSL_clear.pod | ||
| 260 | index d4df1bf..ba192bd 100644 | ||
| 261 | --- a/doc/ssl/SSL_clear.pod | ||
| 262 | +++ b/doc/ssl/SSL_clear.pod | ||
| 263 | @@ -56,12 +56,12 @@ The following return values can occur: | ||
| 264 | |||
| 265 | =over 4 | ||
| 266 | |||
| 267 | -=item 0 | ||
| 268 | +=item Z<>0 | ||
| 269 | |||
| 270 | The SSL_clear() operation could not be performed. Check the error stack to | ||
| 271 | find out the reason. | ||
| 272 | |||
| 273 | -=item 1 | ||
| 274 | +=item Z<>1 | ||
| 275 | |||
| 276 | The SSL_clear() operation was successful. | ||
| 277 | |||
| 278 | diff --git a/doc/ssl/SSL_connect.pod b/doc/ssl/SSL_connect.pod | ||
| 279 | index cc56ebb..61cabb7 100644 | ||
| 280 | --- a/doc/ssl/SSL_connect.pod | ||
| 281 | +++ b/doc/ssl/SSL_connect.pod | ||
| 282 | @@ -41,12 +41,12 @@ The following return values can occur: | ||
| 283 | |||
| 284 | =over 4 | ||
| 285 | |||
| 286 | -=item 1 | ||
| 287 | +=item Z<>1 | ||
| 288 | |||
| 289 | The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been | ||
| 290 | established. | ||
| 291 | |||
| 292 | -=item 0 | ||
| 293 | +=item Z<>0 | ||
| 294 | |||
| 295 | The TLS/SSL handshake was not successful but was shut down controlled and | ||
| 296 | by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the | ||
| 297 | diff --git a/doc/ssl/SSL_do_handshake.pod b/doc/ssl/SSL_do_handshake.pod | ||
| 298 | index 2435764..beb0dd1 100644 | ||
| 299 | --- a/doc/ssl/SSL_do_handshake.pod | ||
| 300 | +++ b/doc/ssl/SSL_do_handshake.pod | ||
| 301 | @@ -45,12 +45,12 @@ The following return values can occur: | ||
| 302 | |||
| 303 | =over 4 | ||
| 304 | |||
| 305 | -=item 1 | ||
| 306 | +=item Z<>1 | ||
| 307 | |||
| 308 | The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been | ||
| 309 | established. | ||
| 310 | |||
| 311 | -=item 0 | ||
| 312 | +=item Z<>0 | ||
| 313 | |||
| 314 | The TLS/SSL handshake was not successful but was shut down controlled and | ||
| 315 | by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the | ||
| 316 | diff --git a/doc/ssl/SSL_read.pod b/doc/ssl/SSL_read.pod | ||
| 317 | index 7038cd2..8ca0ce5 100644 | ||
| 318 | --- a/doc/ssl/SSL_read.pod | ||
| 319 | +++ b/doc/ssl/SSL_read.pod | ||
| 320 | @@ -86,7 +86,7 @@ The following return values can occur: | ||
| 321 | The read operation was successful; the return value is the number of | ||
| 322 | bytes actually read from the TLS/SSL connection. | ||
| 323 | |||
| 324 | -=item 0 | ||
| 325 | +=item Z<>0 | ||
| 326 | |||
| 327 | The read operation was not successful. The reason may either be a clean | ||
| 328 | shutdown due to a "close notify" alert sent by the peer (in which case | ||
| 329 | diff --git a/doc/ssl/SSL_session_reused.pod b/doc/ssl/SSL_session_reused.pod | ||
| 330 | index da7d062..b09d8a7 100644 | ||
| 331 | --- a/doc/ssl/SSL_session_reused.pod | ||
| 332 | +++ b/doc/ssl/SSL_session_reused.pod | ||
| 333 | @@ -27,11 +27,11 @@ The following return values can occur: | ||
| 334 | |||
| 335 | =over 4 | ||
| 336 | |||
| 337 | -=item 0 | ||
| 338 | +=item Z<>0 | ||
| 339 | |||
| 340 | A new session was negotiated. | ||
| 341 | |||
| 342 | -=item 1 | ||
| 343 | +=item Z<>1 | ||
| 344 | |||
| 345 | A session was reused. | ||
| 346 | |||
| 347 | diff --git a/doc/ssl/SSL_set_fd.pod b/doc/ssl/SSL_set_fd.pod | ||
| 348 | index 7029112..1480871 100644 | ||
| 349 | --- a/doc/ssl/SSL_set_fd.pod | ||
| 350 | +++ b/doc/ssl/SSL_set_fd.pod | ||
| 351 | @@ -35,11 +35,11 @@ The following return values can occur: | ||
| 352 | |||
| 353 | =over 4 | ||
| 354 | |||
| 355 | -=item 0 | ||
| 356 | +=item Z<>0 | ||
| 357 | |||
| 358 | The operation failed. Check the error stack to find out why. | ||
| 359 | |||
| 360 | -=item 1 | ||
| 361 | +=item Z<>1 | ||
| 362 | |||
| 363 | The operation succeeded. | ||
| 364 | |||
| 365 | diff --git a/doc/ssl/SSL_set_session.pod b/doc/ssl/SSL_set_session.pod | ||
| 366 | index 5f54714..197b521 100644 | ||
| 367 | --- a/doc/ssl/SSL_set_session.pod | ||
| 368 | +++ b/doc/ssl/SSL_set_session.pod | ||
| 369 | @@ -37,11 +37,11 @@ The following return values can occur: | ||
| 370 | |||
| 371 | =over 4 | ||
| 372 | |||
| 373 | -=item 0 | ||
| 374 | +=item Z<>0 | ||
| 375 | |||
| 376 | The operation failed; check the error stack to find out the reason. | ||
| 377 | |||
| 378 | -=item 1 | ||
| 379 | +=item Z<>1 | ||
| 380 | |||
| 381 | The operation succeeded. | ||
| 382 | |||
| 383 | diff --git a/doc/ssl/SSL_set_shutdown.pod b/doc/ssl/SSL_set_shutdown.pod | ||
| 384 | index 011a022..fe01308 100644 | ||
| 385 | --- a/doc/ssl/SSL_set_shutdown.pod | ||
| 386 | +++ b/doc/ssl/SSL_set_shutdown.pod | ||
| 387 | @@ -24,7 +24,7 @@ The shutdown state of an ssl connection is a bitmask of: | ||
| 388 | |||
| 389 | =over 4 | ||
| 390 | |||
| 391 | -=item 0 | ||
| 392 | +=item Z<>0 | ||
| 393 | |||
| 394 | No shutdown setting, yet. | ||
| 395 | |||
| 396 | diff --git a/doc/ssl/SSL_shutdown.pod b/doc/ssl/SSL_shutdown.pod | ||
| 397 | index 89911ac..132ebc5 100644 | ||
| 398 | --- a/doc/ssl/SSL_shutdown.pod | ||
| 399 | +++ b/doc/ssl/SSL_shutdown.pod | ||
| 400 | @@ -92,19 +92,19 @@ The following return values can occur: | ||
| 401 | |||
| 402 | =over 4 | ||
| 403 | |||
| 404 | -=item 1 | ||
| 405 | +=item Z<>1 | ||
| 406 | |||
| 407 | The shutdown was successfully completed. The "close notify" alert was sent | ||
| 408 | and the peer's "close notify" alert was received. | ||
| 409 | |||
| 410 | -=item 0 | ||
| 411 | +=item Z<>0 | ||
| 412 | |||
| 413 | The shutdown is not yet finished. Call SSL_shutdown() for a second time, | ||
| 414 | if a bidirectional shutdown shall be performed. | ||
| 415 | The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an | ||
| 416 | erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred. | ||
| 417 | |||
| 418 | -=item -1 | ||
| 419 | +=item Z<>-1 | ||
| 420 | |||
| 421 | The shutdown was not successful because a fatal error occurred either | ||
| 422 | at the protocol level or a connection failure occurred. It can also occur if | ||
| 423 | diff --git a/doc/ssl/SSL_write.pod b/doc/ssl/SSL_write.pod | ||
| 424 | index e013c12..a57617f 100644 | ||
| 425 | --- a/doc/ssl/SSL_write.pod | ||
| 426 | +++ b/doc/ssl/SSL_write.pod | ||
| 427 | @@ -79,7 +79,7 @@ The following return values can occur: | ||
| 428 | The write operation was successful, the return value is the number of | ||
| 429 | bytes actually written to the TLS/SSL connection. | ||
| 430 | |||
| 431 | -=item 0 | ||
| 432 | +=item Z<>0 | ||
| 433 | |||
| 434 | The write operation was not successful. Probably the underlying connection | ||
| 435 | was closed. Call SSL_get_error() with the return value B<ret> to find out, | ||