[ptxdist] [PATCH] openssl: version bump 1.0.0k -> 1.0.1e

[ptxdist] [PATCH] openssl: version bump 1.0.0k -> 1.0.1e

[Bruno Thomsen]

Updating openssl to 1.0.1e improves TLS 1.x support in lighttpd.

Signed-off-by: Bruno Thomsen <bth@kamstrup.dk>
---
 rules/openssl.make |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/openssl.make b/rules/openssl.make
index 35e9aa5..eaeb95a 100644
--- a/rules/openssl.make
+++ b/rules/openssl.make
@@ -18,8 +18,8 @@ PACKAGES-$(PTXCONF_OPENSSL) += openssl
 #
 # Paths and names
 #
-OPENSSL_VERSION	:= 1.0.0k
-OPENSSL_MD5	:= 99af9b319f928da5ea3e860311b396ef
+OPENSSL_VERSION	:= 1.0.1e
+OPENSSL_MD5	:= 66bf6f10f060d561929de96f9dfe5b8c
 OPENSSL		:= openssl-$(OPENSSL_VERSION)
 OPENSSL_SUFFIX	:= tar.gz
 OPENSSL_URL	:= http://www.openssl.org/source/$(OPENSSL).$(OPENSSL_SUFFIX)
-- 
1.7.9.5


-- 
ptxdist mailing list
ptxdist@pengutronix.de

Re: [ptxdist] [PATCH] openssl: version bump 1.0.0k -> 1.0.1e

[Jürgen Beisert]

Hi Bruno,

On Friday 17 January 2014 14:49:58 Bruno Thomsen wrote:
> Updating openssl to 1.0.1e improves TLS 1.x support in lighttpd.
>
> Signed-off-by: Bruno Thomsen <bth@kamstrup.dk>
> ---
>  rules/openssl.make |    4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/rules/openssl.make b/rules/openssl.make
> index 35e9aa5..eaeb95a 100644
> --- a/rules/openssl.make
> +++ b/rules/openssl.make
> @@ -18,8 +18,8 @@ PACKAGES-$(PTXCONF_OPENSSL) += openssl
>  #
>  # Paths and names
>  #
> -OPENSSL_VERSION	:= 1.0.0k
> -OPENSSL_MD5	:= 99af9b319f928da5ea3e860311b396ef
> +OPENSSL_VERSION	:= 1.0.1e
> +OPENSSL_MD5	:= 66bf6f10f060d561929de96f9dfe5b8c
>  OPENSSL		:= openssl-$(OPENSSL_VERSION)
>  OPENSSL_SUFFIX	:= tar.gz
>  OPENSSL_URL	:= http://www.openssl.org/source/$(OPENSSL).$(OPENSSL_SUFFIX)

PTXdist comes with various patches for openssl-1.0.0k. Did you check if they 
are obsolete when updating to release 1.0.1e? If yes, you should remove them 
with your patch as well.

Regards,
Juergen

-- 
Pengutronix e.K.                              | Juergen Beisert             |
Linux Solutions for Science and Industry      | http://www.pengutronix.de/  |

-- 
ptxdist mailing list
ptxdist@pengutronix.de

Re: [ptxdist] [PATCH] openssl: version bump 1.0.0k -> 1.0.1e

[Bruno Thomsen]

Hi Juergen,

> PTXdist comes with various patches for openssl-1.0.0k. Did you check if they are obsolete when updating to release 1.0.1e? If yes, you should remove them with your patch as well.

Ups, I was using the openssl-1.0.0h patch series when testing 1.0.1e.
I will try to rebase/cleanup/test patch series and resubmit a patch.


Venlig hilsen / Best regards

Kamstrup A/S <http://www.kamstrup.dk> 
Bruno Thomsen
Development engineer
Technology

Kamstrup A/S
Industrivej 28
DK-8660 Skanderborg
Tel:	 +45 89 93 10 00	 
Fax:	 +45 89 93 10 01	 
Dir:	 +45 89 93 13 94	 
E-mail:	 bth@kamstrup.dk	 
Web:	 www.kamstrup.dk

-- 
ptxdist mailing list
ptxdist@pengutronix.de

Re: [ptxdist] [PATCH] openssl: version bump 1.0.0k -> 1.0.1e

[Michael Olbrich]

Hi,

On Fri, Jan 17, 2014 at 03:18:43PM +0000, Bruno Thomsen wrote:
> > PTXdist comes with various patches for openssl-1.0.0k. Did you check if they are obsolete when updating to release 1.0.1e? If yes, you should remove them with your patch as well.
> 
> Ups, I was using the openssl-1.0.0h patch series when testing 1.0.1e.
> I will try to rebase/cleanup/test patch series and resubmit a patch.

Let me handle that, I have a script here to import the latest patches from
debian.

Michael

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

-- 
ptxdist mailing list
ptxdist@pengutronix.de

[ptxdist] [PATCH 0/2] php: version bump 5.3.10 -> 5.4.24

[Bruno Thomsen]

Hi

Updated PHP due to many security flaws in 5.3.10.

Tested on Freescale i.MX28 with ptxdist 2012.04.0.
I'm unsure if newer versions of ptxdist still require the first patch, if not just discard it.

Bruno Thomsen (2):
  Fix compiling of PHP with sqlite3 support on ptxdist 2012.04.0.
  php: version bump 5.3.10 -> 5.4.24

 ...make-it-possible-to-force-cross-compiling.patch |   35 --------------------
 patches/php-5.3.10/series                          |    4 ---
 rules/php5.make                                    |    7 ++--
 3 files changed, 5 insertions(+), 41 deletions(-)
 delete mode 100644 patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch
 delete mode 100644 patches/php-5.3.10/series

-- 
1.7.9.5


-- 
ptxdist mailing list
ptxdist@pengutronix.de

[ptxdist] [PATCH 1/2] Fix compiling of PHP with sqlite3 support on ptxdist 2012.04.0.

[Bruno Thomsen]

Signed-off-by: Bruno Thomsen <bth@kamstrup.dk>
---
 rules/php5.make |    3 +++
 1 file changed, 3 insertions(+)

diff --git a/rules/php5.make b/rules/php5.make
index b24cd33..f66a664 100644
--- a/rules/php5.make
+++ b/rules/php5.make
@@ -250,6 +250,9 @@ endif
 
 ifdef PTXCONF_PHP5_EXT_SQLITE3
 PHP5_AUTOCONF += --with-sqlite3=$(PTXDIST_SYSROOT_TARGET)/usr --with-pdo-sqlite
+# broken config system: sqlite3 (local copy) uses it
+# but it is only linked to if used by external dependencies
+PHP5_CONF_ENV += PHP_LDFLAGS=-ldl
 else
 PHP5_AUTOCONF += --without-sqlite3 --without-pdo-sqlite
 endif
-- 
1.7.9.5


-- 
ptxdist mailing list
ptxdist@pengutronix.de

[ptxdist] [PATCH 2/2] php: version bump 5.3.10 -> 5.4.24

[Bruno Thomsen]

Fixes a lot of security flaws and bugs.

Changelog:
http://www.php.net/ChangeLog-5.php#5.4.24

Old HACK patch removed since it cannot be applied on configure script.

Signed-off-by: Bruno Thomsen <bth@kamstrup.dk>
---
 ...make-it-possible-to-force-cross-compiling.patch |   35 --------------------
 patches/php-5.3.10/series                          |    4 ---
 rules/php5.make                                    |    4 +--
 3 files changed, 2 insertions(+), 41 deletions(-)
 delete mode 100644 patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch
 delete mode 100644 patches/php-5.3.10/series

diff --git a/patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch b/patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch
deleted file mode 100644
index 931f9b0..0000000
--- a/patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From: Michael Olbrich <m.olbrich@pengutronix.de>
-Date: Sat, 27 Oct 2012 11:37:38 +0200
-Subject: [PATCH] HACK: make it possible to force cross-compiling
-
-configure checks for cross-compiling by running a simple program.
-This returns the wrong result when build and host architecture are
-the same.
-This patch makes it possible to force cross-compiling. It hacks
-configure because it cannot be regenerated.
-
-Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
----
- configure |    2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/configure b/configure
-index 0900d02..ca0dec0 100755
---- a/configure
-+++ b/configure
-@@ -2377,6 +2377,7 @@ ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
- ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
- cross_compiling=$ac_cv_prog_cc_cross
- 
-+if test -z "$ac_cv_prog_cc_cross"; then
- cat > conftest.$ac_ext << EOF
- 
- #line 2383 "configure"
-@@ -2398,6 +2399,7 @@ else
-   ac_cv_prog_cc_works=no
- fi
- rm -fr conftest*
-+fi
- ac_ext=c
- # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
- ac_cpp='$CPP $CPPFLAGS'
diff --git a/patches/php-5.3.10/series b/patches/php-5.3.10/series
deleted file mode 100644
index bad412b..0000000
--- a/patches/php-5.3.10/series
+++ /dev/null
@@ -1,4 +0,0 @@
-# generated by git-ptx-patches
-#tag:base --start-number 1
-0001-HACK-make-it-possible-to-force-cross-compiling.patch
-# 92e34182fd5e0535892f282141ab5993  - git-ptx-patches magic
diff --git a/rules/php5.make b/rules/php5.make
index f66a664..3e0f4de 100644
--- a/rules/php5.make
+++ b/rules/php5.make
@@ -17,8 +17,8 @@ PACKAGES-$(PTXCONF_PHP5) += php5
 #
 # Paths and names
 #
-PHP5_VERSION	:= 5.3.10
-PHP5_MD5	:= 816259e5ca7d0a7e943e56a3bb32b17f
+PHP5_VERSION	:= 5.4.24
+PHP5_MD5	:= acef880cc808b85e216897ee88187ee1
 PHP5		:= php-$(PHP5_VERSION)
 PHP5_SUFFIX	:= tar.bz2
 PHP5_SOURCE	:= $(SRCDIR)/$(PHP5).$(PHP5_SUFFIX)
-- 
1.7.9.5


-- 
ptxdist mailing list
ptxdist@pengutronix.de

Re: [ptxdist] [PATCH 2/2] php: version bump 5.3.10 -> 5.4.24

[Michael Olbrich]

On Tue, Jan 21, 2014 at 04:34:05PM +0100, Bruno Thomsen wrote:
> Fixes a lot of security flaws and bugs.
> 
> Changelog:
> http://www.php.net/ChangeLog-5.php#5.4.24
> 
> Old HACK patch removed since it cannot be applied on configure script.

"cannot be applied" is a bad reason. The correct one in this case is "is no
longer needed".

Also, I get "configure: error: unrecognized options: --with-curl-wrappers"
when I try to build it with everything enabled.

Michael

> Signed-off-by: Bruno Thomsen <bth@kamstrup.dk>
> ---
>  ...make-it-possible-to-force-cross-compiling.patch |   35 --------------------
>  patches/php-5.3.10/series                          |    4 ---
>  rules/php5.make                                    |    4 +--
>  3 files changed, 2 insertions(+), 41 deletions(-)
>  delete mode 100644 patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch
>  delete mode 100644 patches/php-5.3.10/series
> 
> diff --git a/patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch b/patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch
> deleted file mode 100644
> index 931f9b0..0000000
> --- a/patches/php-5.3.10/0001-HACK-make-it-possible-to-force-cross-compiling.patch
> +++ /dev/null
> @@ -1,35 +0,0 @@
> -From: Michael Olbrich <m.olbrich@pengutronix.de>
> -Date: Sat, 27 Oct 2012 11:37:38 +0200
> -Subject: [PATCH] HACK: make it possible to force cross-compiling
> -
> -configure checks for cross-compiling by running a simple program.
> -This returns the wrong result when build and host architecture are
> -the same.
> -This patch makes it possible to force cross-compiling. It hacks
> -configure because it cannot be regenerated.
> -
> -Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> ----
> - configure |    2 ++
> - 1 file changed, 2 insertions(+)
> -
> -diff --git a/configure b/configure
> -index 0900d02..ca0dec0 100755
> ---- a/configure
> -+++ b/configure
> -@@ -2377,6 +2377,7 @@ ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
> - ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
> - cross_compiling=$ac_cv_prog_cc_cross
> - 
> -+if test -z "$ac_cv_prog_cc_cross"; then
> - cat > conftest.$ac_ext << EOF
> - 
> - #line 2383 "configure"
> -@@ -2398,6 +2399,7 @@ else
> -   ac_cv_prog_cc_works=no
> - fi
> - rm -fr conftest*
> -+fi
> - ac_ext=c
> - # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
> - ac_cpp='$CPP $CPPFLAGS'
> diff --git a/patches/php-5.3.10/series b/patches/php-5.3.10/series
> deleted file mode 100644
> index bad412b..0000000
> --- a/patches/php-5.3.10/series
> +++ /dev/null
> @@ -1,4 +0,0 @@
> -# generated by git-ptx-patches
> -#tag:base --start-number 1
> -0001-HACK-make-it-possible-to-force-cross-compiling.patch
> -# 92e34182fd5e0535892f282141ab5993  - git-ptx-patches magic
> diff --git a/rules/php5.make b/rules/php5.make
> index f66a664..3e0f4de 100644
> --- a/rules/php5.make
> +++ b/rules/php5.make
> @@ -17,8 +17,8 @@ PACKAGES-$(PTXCONF_PHP5) += php5
>  #
>  # Paths and names
>  #
> -PHP5_VERSION	:= 5.3.10
> -PHP5_MD5	:= 816259e5ca7d0a7e943e56a3bb32b17f
> +PHP5_VERSION	:= 5.4.24
> +PHP5_MD5	:= acef880cc808b85e216897ee88187ee1
>  PHP5		:= php-$(PHP5_VERSION)
>  PHP5_SUFFIX	:= tar.bz2
>  PHP5_SOURCE	:= $(SRCDIR)/$(PHP5).$(PHP5_SUFFIX)
> -- 
> 1.7.9.5
> 
> 
> -- 
> ptxdist mailing list
> ptxdist@pengutronix.de
> 

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

-- 
ptxdist mailing list
ptxdist@pengutronix.de

Re: [ptxdist] [PATCH] openssl: version bump 1.0.0k -> 1.0.1e

[Michael Olbrich]

On Mon, Jan 20, 2014 at 11:45:20AM +0100, Michael Olbrich wrote:
> Hi,
> 
> On Fri, Jan 17, 2014 at 03:18:43PM +0000, Bruno Thomsen wrote:
> > > PTXdist comes with various patches for openssl-1.0.0k. Did you check if they are obsolete when updating to release 1.0.1e? If yes, you should remove them with your patch as well.
> > 
> > Ups, I was using the openssl-1.0.0h patch series when testing 1.0.1e.
> > I will try to rebase/cleanup/test patch series and resubmit a patch.
> 
> Let me handle that, I have a script here to import the latest patches from
> debian.

We now have 1.0.1f

Michael

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

-- 
ptxdist mailing list
ptxdist@pengutronix.de