openssl: update 1.0.2d -> 1.0.2k

This is basically a back port of the following commits from the
openembedded-core master branch:

openssl: actually apply Use-SHA256-not-MD5-as-default-digest.patch
openssl: Fix symlink creation
openssl: Updgrade 1.0.2j -> 1.0.2k
openssl: Use linux-aarch64 target for aarch64
openssl-native: Compile with -fPIC
openssl: Security fix CVE-2016-7055
OpenSSL: CVE-2004-2761 replace MD5 hash algorithm
openssl: fix bashism in c_rehash shell script
openssl: rehash actual mozilla certificates inside rootfs
openssl: Upgrade 1.0.2i -> 1.0.2j
openssl.inc: avoid random ptest failures
openssl: update to 1.0.2i (CVE-2016-6304 and more)
openssl: fix do_configure error when cwd is not in @INC
openssl: fix add missing dependencies building for test directory
openssl: Security fix CVE-2016-2178
openssl: Security fix CVE-2016-2177
openssl: prevent warnings from openssl-c_rehash.sh
openssl: fix the dangling libcrypto.a symlink
openssl: Ensure SSL certificates are stored on sysconfdir
openssl: Add Shell-Script based c_rehash utility
openssl: Security fix via update to 1.0.2h
openssl.inc: minor packaging cleanup
openssl: don't move libcrypto to base_libdir
openssl: add a patch to fix parallel builds
openssl: Security fix Drown via 1.0.2g update
openssl.inc: drop obsolete mtx-1 and mtx-2 over-rides
openssl: Explicitly set EXTRA_OEMAKE as required
openssl: update 1.0.2e -> 1.0.2f ( CVE-2016-0701 CVE-2015-3197 )
openssl: Add musl configuration support
openssl: update to 1.0.2e
openssl: enable parallel make
openssl: fix ptest issues
openssl: use subdir= instead of moving files in do_configure_prepend()
openssl: sanity check that the bignum module is present
openssl: fix ptest failures

Note that this requires a complete image rebuild due to ABI breakage. If
that is not desired something along those lines would need to be
integrated as well:

http://cgit.openembedded.org/openembedded-core/commit?id=480db6be99f9a53d8657b31b846f0079ee1a124f

Signed-off-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>

1 files changed, 35 insertions, 0 deletions

diff --git a/recipes-connectivity/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch b/recipes-connectivity/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch
new file mode 100644
index 0000000..c397af2
--- /dev/null
+++ b/recipes-connectivity/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch
@@ -0,0 +1,35 @@
+Upsteram Status: Backport
+
+When building on x32 systems where the default type is 32bit, make sure
+we can transparently represent 64bit integers.  Otherwise we end up with
+build errors like:
+/usr/bin/perl asm/ghash-x86_64.pl elf > ghash-x86_64.s
+Integer overflow in hexadecimal number at asm/../../perlasm/x86_64-xlate.pl line 201, <> line 890.
+...
+ghash-x86_64.s: Assembler messages:
+ghash-x86_64.s:890: Error: junk '.15473355479995e+19' after expression
+
+We don't enable this globally as there are some cases where we'd get
+32bit values interpreted as unsigned when we need them as signed.
+
+Reported-by: Bertrand Jacquin <bertrand@jacquin.bzh>
+URL: https://bugs.gentoo.org/542618
+
+Signed-off-By: Armin Kuster <akuster@mvista.com>
+
+Index: openssl-1.0.2a/crypto/perlasm/x86_64-xlate.pl
+===================================================================
+--- openssl-1.0.2a.orig/crypto/perlasm/x86_64-xlate.pl
++++ openssl-1.0.2a/crypto/perlasm/x86_64-xlate.pl
+@@ -194,7 +194,10 @@ my %globals;
+     }
+     sub out {
+     	my $self = shift;
+-
++	# When building on x32 ABIs, the expanded hex value might be too
++	# big to fit into 32bits. Enable transparent 64bit support here
++	# so we can safely print it out.
++	use bigint;
+ 	if ($gas) {
+ 	    # Solaris /usr/ccs/bin/as can't handle multiplications
+ 	    # in $self->{value}