diff options
author | Dirk Feytons <dirk.feytons@gmail.com> | 2016-05-20 15:34:02 +0200 |
---|---|---|
committer | Felix Fietkau <nbd@nbd.name> | 2016-07-23 12:09:51 +0200 |
commit | 41da31ac2ca2306e9cff070f650f6012af753517 (patch) | |
tree | 78275bfaf741514d6036fc64d391b6885525dfb3 | |
parent | f16fc21675d3335061d7afeaff9c252f0fc7fd1e (diff) | |
download | upstream-41da31ac2ca2306e9cff070f650f6012af753517.tar.gz upstream-41da31ac2ca2306e9cff070f650f6012af753517.tar.bz2 upstream-41da31ac2ca2306e9cff070f650f6012af753517.zip |
openssl: remove some unneeded functionality and algorithms
The patch needed for this commit has been sent upstream:
https://github.com/openssl/openssl/pull/1155
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [add back bf and srp]
-rw-r--r-- | package/libs/openssl/Makefile | 7 | ||||
-rw-r--r-- | package/libs/openssl/patches/302-fix_no_cmac_build.patch | 24 |
2 files changed, 28 insertions, 3 deletions
diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile index 7cd306ba63..8e439e1c31 100644 --- a/package/libs/openssl/Makefile +++ b/package/libs/openssl/Makefile @@ -95,8 +95,9 @@ This package contains the OpenSSL command-line utility. endef -OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc5 no-sha0 no-camellia no-krb5 -OPENSSL_OPTIONS:= shared no-err no-sse2 no-ssl2 +OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc5 no-sha0 no-camellia no-krb5 \ + no-whrlpool no-whirlpool no-ripemd no-seed no-cast no-cmac +OPENSSL_OPTIONS:= shared no-err no-sse2 no-ssl2 no-ssl2-method no-heartbeats ifdef CONFIG_OPENSSL_ENGINE_CRYPTO OPENSSL_OPTIONS += -DHAVE_CRYPTODEV @@ -116,7 +117,7 @@ ifndef CONFIG_OPENSSL_WITH_EC2M endif ifndef CONFIG_OPENSSL_WITH_SSL3 - OPENSSL_OPTIONS += no-ssl3 + OPENSSL_OPTIONS += no-ssl3 no-ssl3-method endif ifndef CONFIG_OPENSSL_HARDWARE_SUPPORT diff --git a/package/libs/openssl/patches/302-fix_no_cmac_build.patch b/package/libs/openssl/patches/302-fix_no_cmac_build.patch new file mode 100644 index 0000000000..1b94f24508 --- /dev/null +++ b/package/libs/openssl/patches/302-fix_no_cmac_build.patch @@ -0,0 +1,24 @@ +--- a/crypto/asn1/ameth_lib.c ++++ b/crypto/asn1/ameth_lib.c +@@ -93,7 +93,9 @@ static const EVP_PKEY_ASN1_METHOD *stand + &eckey_asn1_meth, + #endif + &hmac_asn1_meth, ++#ifndef OPENSSL_NO_CMAC + &cmac_asn1_meth, ++#endif + #ifndef OPENSSL_NO_DH + &dhx_asn1_meth + #endif +--- a/crypto/evp/pmeth_lib.c ++++ b/crypto/evp/pmeth_lib.c +@@ -91,7 +91,9 @@ static const EVP_PKEY_METHOD *standard_m + &ec_pkey_meth, + #endif + &hmac_pkey_meth, ++#ifndef OPENSSL_NO_CMAC + &cmac_pkey_meth, ++#endif + #ifndef OPENSSL_NO_DH + &dhx_pkey_meth + #endif |