[package] openssl: update to v1.0.1a (CVE-2012-2110)

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@31346 3c298f89-4303-0410-b956-a3cf2f4a3e73

2 files changed, 14 insertions, 2 deletions

diff --git a/package/openssl/Makefile b/package/openssl/Makefile
index 424bd39625..b9b9b3102a 100644
--- a/package/openssl/Makefile
+++ b/package/openssl/Makefile
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openssl
-PKG_VERSION:=1.0.1
+PKG_VERSION:=1.0.1a
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
@@ -16,7 +16,7 @@ PKG_SOURCE_URL:=http://www.openssl.org/source/ \
 	ftp://ftp.funet.fi/pub/crypt/cryptography/libs/openssl/source/ \
 	ftp://ftp.webmonster.de/pub/openssl/source/ \
 	ftp://ftp.sunet.se/pub/security/tools/net/openssl/source/
-PKG_MD5SUM:=134f168bc2a8333f19f81d684841710b
+PKG_MD5SUM:=a0104320c0997cd33e18b8ea798609d1
 
 PKG_BUILD_DEPENDS:=ocf-crypto-headers
 PKG_CONFIG_DEPENDS:=CONFIG_OPENSSL_ENGINE
diff --git a/package/openssl/patches/210-no-OPENSSL_ia32cap_P.patch b/package/openssl/patches/210-no-OPENSSL_ia32cap_P.patch
new file mode 100644
index 0000000000..6ddf009340
--- /dev/null
+++ b/package/openssl/patches/210-no-OPENSSL_ia32cap_P.patch
@@ -0,0 +1,12 @@
+--- a/crypto/evp/e_rc4_hmac_md5.c
++++ b/crypto/evp/e_rc4_hmac_md5.c
+@@ -289,8 +289,6 @@ static EVP_CIPHER r4_hmac_md5_cipher=
+ 
+ const EVP_CIPHER *EVP_rc4_hmac_md5(void)
+ 	{
+-	extern unsigned int OPENSSL_ia32cap_P[];
+-	/* RC4_CHAR flag ------------vvvvv */
+-	return(OPENSSL_ia32cap_P[0]&(1<<20) ? NULL : &r4_hmac_md5_cipher);
++	return(&r4_hmac_md5_cipher);
+ 	}
+ #endif