summaryrefslogtreecommitdiff
path: root/package
diff options
context:
space:
mode:
Diffstat (limited to 'package')
-rw-r--r--package/.template/Makefile14
-rw-r--r--package/aircrack-ng/Makefile12
-rw-r--r--package/asterisk/Makefile12
-rw-r--r--package/bind/Makefile12
-rw-r--r--package/bitlbee/Makefile12
-rw-r--r--package/crda/Makefile7
-rw-r--r--package/cryptodev-linux/Makefile10
-rwxr-xr-xpackage/ctorrent/Makefile10
-rw-r--r--package/curl/Makefile19
-rw-r--r--package/cyrus-sasl/Makefile12
-rw-r--r--package/dillo/Makefile12
-rw-r--r--package/dovecot/Makefile10
-rw-r--r--package/elinks/Makefile11
-rw-r--r--package/elinks/patches/patch-src_network_ssl_ssl_c16
-rw-r--r--package/fetchmail/Makefile11
-rw-r--r--package/fetchmail/patches/patch-config_h_in13
-rw-r--r--package/fetchmail/patches/patch-configure12
-rw-r--r--package/fetchmail/patches/patch-configure_ac10
-rw-r--r--package/fetchmail/patches/patch-fetchmail_c15
-rw-r--r--package/fetchmail/patches/patch-socket_c20
-rw-r--r--package/freeradius-client/Makefile11
-rw-r--r--package/freeradius-server/Makefile12
-rw-r--r--package/freeswitch/Makefile12
-rw-r--r--package/git/Makefile12
-rw-r--r--package/hostapd/Makefile5
-rw-r--r--package/httping/Makefile10
-rw-r--r--package/ipsec-tools/Makefile11
-rw-r--r--package/irssi/Makefile7
-rw-r--r--package/kodi/Makefile12
-rw-r--r--package/lftp/Makefile11
-rw-r--r--package/libesmtp/Makefile12
-rw-r--r--package/libp11/Makefile12
-rw-r--r--package/libssh/Makefile12
-rw-r--r--package/libssh2/Makefile12
-rw-r--r--package/libtorrent/Makefile12
-rw-r--r--package/lighttpd/Makefile10
-rw-r--r--package/links/Makefile7
-rw-r--r--package/lynx/Makefile13
-rw-r--r--package/mini_httpd/Makefile10
-rw-r--r--package/monit/Makefile10
-rw-r--r--package/mosquitto/Makefile12
-rw-r--r--package/mutt/Makefile7
-rw-r--r--package/neon/Makefile12
-rw-r--r--package/nginx/Makefile13
-rw-r--r--package/nut/Makefile12
-rw-r--r--package/openldap/Makefile14
-rw-r--r--package/opensc/Makefile12
-rw-r--r--package/opensips/Makefile10
-rw-r--r--package/openssh/Makefile12
-rw-r--r--package/openssl/Makefile130
-rw-r--r--package/openssl/files/cryptodev.h288
-rw-r--r--package/openssl/files/openssl-util.conffiles1
-rw-r--r--package/openssl/patches/patch-Configure11
-rw-r--r--package/openssl/patches/patch-Makefile_org20
-rw-r--r--package/openssl/patches/patch-Makefile_shared18
-rw-r--r--package/openssl/patches/patch-tools_c_rehash13
-rw-r--r--package/openssl/patches/patch-util_shlib_wrap_sh16
-rw-r--r--package/openssl/src/crypto/engine/eng_cryptodev.c1496
-rw-r--r--package/openvpn/Makefile10
-rwxr-xr-xpackage/raddump/Makefile12
-rw-r--r--package/rdesktop/Makefile12
-rw-r--r--package/sipsak/Makefile7
-rw-r--r--package/socat/Makefile10
-rw-r--r--package/ssltunnel/Makefile38
-rw-r--r--package/ssltunnel/patches/patch-client_ntlmauth_c11
-rw-r--r--package/strongswan/Makefile10
-rw-r--r--package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_plugin_c11
-rw-r--r--package/strongswan/patches/patch-src_starter_netkey_c8
-rw-r--r--package/stunnel/Makefile33
-rw-r--r--package/stunnel/patches/patch-configure_ac21
-rw-r--r--package/supl/Makefile13
-rw-r--r--package/tinc/Makefile12
-rw-r--r--package/tmsnc/Makefile11
-rw-r--r--package/tntnet/Makefile16
-rw-r--r--package/tor/Makefile12
-rw-r--r--package/tvheadend/Makefile10
-rw-r--r--package/vtun/Makefile12
-rw-r--r--package/wget/Makefile12
-rw-r--r--package/wpa_supplicant/Makefile8
-rw-r--r--package/xorg-server/Makefile13
80 files changed, 234 insertions, 2628 deletions
diff --git a/package/.template/Makefile b/package/.template/Makefile
index f60be74bb..2c54be734 100644
--- a/package/.template/Makefile
+++ b/package/.template/Makefile
@@ -36,20 +36,20 @@ PKG_SITES:= add download url without package name
# flavour description
#PKGFD_WITH_SSL:= enable SSL support
# flavour runtime dependency, package name
-#PKGFS_WITH_SSL:= libopenssl
+#PKGFS_WITH_SSL:= libressl
# flavour build time dependency, package dir
-#PKGFB_WITH_SSL:= openssl
+#PKGFB_WITH_SSL:= libressl
# define your choices for your package here, f.e. different SSL implementations
-#PKG_CHOICES_PKGNAME:= WITH_OPENSSL WITH_GNUTLS
+#PKG_CHOICES_PKGNAME:= WITH_LIBRESSL WITH_GNUTLS
# package description for each choice
-#PKGCD_WITH_OPENSSL:= SSL support via OpenSSL library
-#PKGCD_WITH_GNUTLS:= SSL support via GNUTLS library
+#PKGCD_WITH_LIBRESSL:= ssl support via libressl library
+#PKGCD_WITH_GNUTLS:= ssl support via gnutls library
# package build time dependencies
-#PKGCB_WITH_OPENSSL:= openssl
+#PKGCB_WITH_LIBRESSL:= libressl
#PKGCB_WITH_GNUTLS:= gnutls
# package runtime dependencies
-#PKGCS_WITH_OPENSSL:= libopenssl
+#PKGCS_WITH_LIBRESSL:= libressl
#PKGCS_WITH_GNUTLS:= libgnutls
# if downloaded package is not ending with .tar.xz use following
diff --git a/package/aircrack-ng/Makefile b/package/aircrack-ng/Makefile
index ee83a9641..fcf618885 100644
--- a/package/aircrack-ng/Makefile
+++ b/package/aircrack-ng/Makefile
@@ -9,22 +9,14 @@ PKG_RELEASE:= 1
PKG_HASH:= ba5b3eda44254efc5b7c9f776eb756f7cc323ad5d0813c101e92edb483d157e9
PKG_DESCR:= set of tools for auditing wireless networks
PKG_SECTION:= net/wifi
-PKG_DEPENDS:= libpcap libnl
-PKG_BUILDDEP:= libpcap libnl
+PKG_DEPENDS:= libpcap libnl libressl
+PKG_BUILDDEP:= libpcap libnl libressl
PKG_NEEDS:= threads
PKG_URL:= http://www.aircrack-ng.org/
PKG_SITES:= http://download.aircrack-ng.org/
# do not build parallel, otherwise libosdep.a may not be ready when compiling airtun-ng
PKG_NOPARALLEL:= 1
-PKG_CHOICES_AIRCRACK_NG:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}-rc2.tar.gz
WRKDIST= ${WRKDIR}/${PKG_NAME}-${PKG_VERSION}-rc2
diff --git a/package/asterisk/Makefile b/package/asterisk/Makefile
index 27eb3b924..3367cce94 100644
--- a/package/asterisk/Makefile
+++ b/package/asterisk/Makefile
@@ -9,21 +9,13 @@ PKG_RELEASE:= 2
PKG_HASH:= 7b3d84a3403fce590377808eaa4b08b6320666ca0e37eba0ad578b66211b13c8
PKG_DESCR:= open source pbx
PKG_SECTION:= net/voip
-PKG_DEPENDS:= libncurses libcurl
-PKG_BUILDDEP:= ncurses zlib curl popt
+PKG_DEPENDS:= libncurses libcurl libressl
+PKG_BUILDDEP:= ncurses zlib curl popt libressl
PKG_NEEDS:= threads c++
PKG_URL:= http://www.asterisk.org/
PKG_SITES:= http://downloads.asterisk.org/pub/telephony/asterisk/releases/
PKG_NOPARALLEL:= 1
-PKG_CHOICES_ASTERISK:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl ca-certificates
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates
-
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
PKG_LIBC_DEPENDS:= uclibc-ng glibc
diff --git a/package/bind/Makefile b/package/bind/Makefile
index 0646631df..0a2852fcc 100644
--- a/package/bind/Makefile
+++ b/package/bind/Makefile
@@ -9,22 +9,14 @@ PKG_RELEASE:= 1
PKG_HASH:= f8d412b38d5ac390275b943bde69f4608f67862a45487ec854b30e4448fcb056
PKG_DESCR:= dns server
PKG_SECTION:= net/dns
-PKG_DEPENDS:= libxml2
-PKG_BUILDDEP:= libxml2
+PKG_DEPENDS:= libxml2 libressl
+PKG_BUILDDEP:= libxml2 libressl
PKG_NEEDS:= c++
PKG_URL:= https://www.isc.org/software/bind/
PKG_SITES:= ftp://ftp.isc.org/isc/bind9/${PKG_VERSION}/
PKG_LIBNAME:= libbind
PKG_OPTS:= dev
-PKG_CHOICES_LIBBIND:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl ca-certificates
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates
-
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
PKG_SUBPKGS:= LIBBIND BIND_SERVER BIND_NSUPDATE BIND_RNDC BIND_CHECK BIND_DNSSEC BIND_HOST BIND_DIG
diff --git a/package/bitlbee/Makefile b/package/bitlbee/Makefile
index 02f85f299..59ede8f3d 100644
--- a/package/bitlbee/Makefile
+++ b/package/bitlbee/Makefile
@@ -9,19 +9,11 @@ PKG_RELEASE:= 1
PKG_HASH:= 408a737b35db4b9c407e3db09b2d2e7b528836a68e2d783373254b78812bf608
PKG_DESCR:= irc gateway to im chat networks
PKG_SECTION:= app/chat
-PKG_DEPENDS:= glib
-PKG_BUILDDEP:= glib
+PKG_DEPENDS:= glib libressl
+PKG_BUILDDEP:= glib libressl
PKG_URL:= http://www.bitlbee.org/
PKG_SITES:= http://get.bitlbee.org/src/
-PKG_CHOICES_BITLBEE:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl ca-certificates
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates
-
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
include ${ADK_TOPDIR}/mk/package.mk
diff --git a/package/crda/Makefile b/package/crda/Makefile
index 5f887d677..c63608b6e 100644
--- a/package/crda/Makefile
+++ b/package/crda/Makefile
@@ -21,10 +21,7 @@ PKGFD_WITH_UDEV:= install shipped udev rules
PKGFS_WITH_UDEV:= udev
PKGFB_WITH_UDEV:= eudev
-PKG_CHOICES_CRDA:= WITH_LIBRESSL WITH_OPENSSL WITH_GCRYPT
-PKGCD_WITH_OPENSSL:= ssl support via openssl library
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
+PKG_CHOICES_CRDA:= WITH_LIBRESSL WITH_GCRYPT
PKGCD_WITH_LIBRESSL:= ssl support via libressl library
PKGCB_WITH_LIBRESSL:= libressl
PKGCS_WITH_LIBRESSL:= libressl
@@ -39,7 +36,7 @@ $(eval $(call PKG_template,CRDA,crda,$(PKG_VERSION)-$(PKG_RELEASE),$(PKG_DEPENDS
CONFIG_STYLE:= manual
ALL_TARGET:= all_noverify
-ifneq ($(ADK_PACKAGE_CRDA_WITH_OPENSSL)$(ADK_PACKAGE_CRDA_WITH_LIBRESSL),)
+ifneq ($(ADK_PACKAGE_CRDA_WITH_LIBRESSL),)
XAKE_FLAGS+= USE_OPENSSL=1
endif
diff --git a/package/cryptodev-linux/Makefile b/package/cryptodev-linux/Makefile
index 6998ac1a1..cb3c76085 100644
--- a/package/cryptodev-linux/Makefile
+++ b/package/cryptodev-linux/Makefile
@@ -9,18 +9,12 @@ PKG_RELEASE:= 1
PKG_HASH:= 67fabde9fb67b286a96c4f45b594b0eccd0f761b495705c18f2ae9461b831376
PKG_DESCR:= device that allows access to kernel cryptographic drivers
PKG_SECTION:= app/crypto
+PKG_DEPENDS:= libressl
+PKG_BUILDDEP:= libressl
PKG_KDEPENDS:= crypto-aead crypto-algapi crypto-manager
PKG_URL:= http://home.gna.org/cryptodev-linux/
PKG_SITES:= http://download.gna.org/cryptodev-linux/
-PKG_CHOICES_CRYPTODEV_LINUX:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
include $(ADK_TOPDIR)/mk/package.mk
diff --git a/package/ctorrent/Makefile b/package/ctorrent/Makefile
index ea4f1d040..eadf6779b 100755
--- a/package/ctorrent/Makefile
+++ b/package/ctorrent/Makefile
@@ -9,20 +9,14 @@ PKG_RELEASE:= 2
PKG_HASH:= c87366c91475931f75b924119580abd06a7b3cb3f00fef47346552cab1e24863
PKG_DESCR:= console-based bittorrent client
PKG_SECTION:= app/p2p
+PKG_DEPENDS:= libressl
+PKG_BUILDDEP:= libressl
PKG_NEEDS:= c++
PKG_URL:= http://www.rahul.net/dholmes/ctorrent
PKG_SITES:= ${MASTER_SITE_SOURCEFORGE:=dtorrent/}
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-PKG_CHOICES_CTORRENT:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
include ${ADK_TOPDIR}/mk/package.mk
$(eval $(call PKG_template,CTORRENT,ctorrent,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
diff --git a/package/curl/Makefile b/package/curl/Makefile
index 803bc57dd..776130f1e 100644
--- a/package/curl/Makefile
+++ b/package/curl/Makefile
@@ -27,20 +27,17 @@ PKGSS_LIBCURL:= zlib
PKG_FLAVOURS_CURL:= WITH_IPV6
PKGFD_WITH_IPV6:= enable ipv6 support
-PKG_CHOICES_CURL:= WITHOUT_SSL WITH_LIBRESSL WITH_GNUTLS WITH_OPENSSL WITH_WOLFSSL
-PKGCD_WITHOUT_SSL:= use no ssl
+PKG_CHOICES_CURL:= WITH_LIBRESSL WITH_GNUTLS WITH_WOLFSSL WITHOUT_SSL
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCS_WITH_LIBRESSL:= libressl ca-certificates libgmp
PKGCB_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates libgmp
-PKGCB_WITH_OPENSSL:= openssl
PKGCD_WITH_GNUTLS:= use gnutls for crypto
PKGCS_WITH_GNUTLS:= libgnutls ca-certificates libgmp
PKGCB_WITH_GNUTLS:= gnutls
PKGCD_WITH_WOLFSSL:= use wolfssl for crypto
PKGCS_WITH_WOLFSSL:= wolfssl ca-certificates
PKGCB_WITH_WOLFSSL:= wolfssl
+PKGCD_WITHOUT_SSL:= use no ssl
include ${ADK_TOPDIR}/mk/host.mk
include ${ADK_TOPDIR}/mk/package.mk
@@ -49,12 +46,7 @@ $(eval $(call HOST_template,CURL,curl,${PKG_VERSION}-${PKG_RELEASE}))
$(eval $(call PKG_template,CURL,curl,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
$(eval $(call PKG_template,LIBCURL,libcurl,${PKG_VERSION}-${PKG_RELEASE},${PKGSS_LIBCURL},${PKGSD_LIBCURL},${PKGSC_LIBCURL},${PKG_OPTS}))
-ifeq (${ADK_PACKAGE_CURL_WITHOUT_SSL},y)
-CONFIGURE_ARGS+= --without-ssl \
- --without-gnutls \
- --without-axtls
-endif
-ifeq (${ADK_PACKAGE_CURL_WITH_OPENSSL},y)
+ifeq (${ADK_PACKAGE_CURL_WITH_LIBRESSL},y)
CONFIGURE_ARGS+= --with-ssl="${STAGING_TARGET_DIR}/usr" \
--without-gnutls \
--without-axtls
@@ -70,6 +62,11 @@ CONFIGURE_ARGS+= --with-cyassl="${STAGING_TARGET_DIR}/usr" \
--without-gnutls \
--without-axtls
endif
+ifeq (${ADK_PACKAGE_CURL_WITHOUT_SSL},y)
+CONFIGURE_ARGS+= --without-ssl \
+ --without-gnutls \
+ --without-axtls
+endif
CONFIGURE_ENV+= curl_typeof_curl_socklen_t=socklen_t
CONFIGURE_ARGS+= --enable-cookies \
diff --git a/package/cyrus-sasl/Makefile b/package/cyrus-sasl/Makefile
index 111f9d962..a761f2e59 100644
--- a/package/cyrus-sasl/Makefile
+++ b/package/cyrus-sasl/Makefile
@@ -9,20 +9,14 @@ PKG_RELEASE:= 2
PKG_HASH:= 8fbc5136512b59bb793657f36fadda6359cae3b08f01fd16b3d406f1345b7bc3
PKG_DESCR:= general purpose authentication library
PKG_SECTION:= libs/crypto
+PKG_DEPENDS:= libressl
+PKG_BUILDDEP:= libressl
PKG_URL:= http://cyrusimap.org/
PKG_SITES:= ftp://ftp.cyrusimap.org/cyrus-sasl/
-PKG_NOPARALLEL:= 1
PKG_LIBNAME:= libsasl2
PKG_OPTS:= dev
-PKG_CHOICES_CYRUS_SASL:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
+PKG_NOPARALLEL:= 1
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
diff --git a/package/dillo/Makefile b/package/dillo/Makefile
index df38efc1e..ecf4954d4 100644
--- a/package/dillo/Makefile
+++ b/package/dillo/Makefile
@@ -9,20 +9,12 @@ PKG_RELEASE:= 1
PKG_HASH:= db1be16c1c5842ebe07b419aa7c6ef11a45603a75df2877f99635f4f8345148b
PKG_DESCR:= small graphical web browser
PKG_SECTION:= x11/apps
-PKG_DEPENDS:= libfltk libxi libpng zlib libjpeg-turbo
-PKG_BUILDDEP:= fltk libXi libjpeg-turbo libpng zlib
+PKG_DEPENDS:= libfltk libxi libpng zlib libjpeg-turbo libressl
+PKG_BUILDDEP:= fltk libXi libjpeg-turbo libpng zlib libressl
PKG_NEEDS:= threads cxx
PKG_URL:= http://www.dillo.org/
PKG_SITES:= http://www.dillo.org/download/
-PKG_CHOICES_DILLO:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
PKG_HOST_DEPENDS:= !cygwin
PKG_ARCH_DEPENDS:= x86 x86_64 mips arm
diff --git a/package/dovecot/Makefile b/package/dovecot/Makefile
index e39a25b78..18d8d25c0 100644
--- a/package/dovecot/Makefile
+++ b/package/dovecot/Makefile
@@ -9,17 +9,11 @@ PKG_RELEASE:= 1
PKG_HASH:= d8d9f32c846397f7c22749a84c5cf6f59c55ff7ded3dc9f07749a255182f9667
PKG_DESCR:= minimal and secure imap server
PKG_SECTION:= net/mail
+PKG_DEPENDS:= libressl
+PKG_BUILDDEP:= libressl
PKG_URL:= http://www.dovecot.org/
PKG_SITES:= http://www.dovecot.org/releases/2.2/
-PKG_CHOICES_DOVECOT:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
DISTFILES:= $(PKG_NAME)-$(PKG_VERSION).tar.gz
include $(ADK_TOPDIR)/mk/package.mk
diff --git a/package/elinks/Makefile b/package/elinks/Makefile
index 5e7f0b719..23d5c25fd 100644
--- a/package/elinks/Makefile
+++ b/package/elinks/Makefile
@@ -11,6 +11,7 @@ PKG_DESCR:= advanced text web browser
PKG_SECTION:= app/browser
PKG_URL:= http://elinks.or.cz/
PKG_SITES:= http://elinks.or.cz/download/
+
PKG_NOPARALLEL:= 1
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
@@ -18,14 +19,11 @@ DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
PKG_FLAVOURS_ELINKS:= WITH_IPV6
PKGFD_WITH_IPV6:= enable IPv6 support
-PKG_CHOICES_ELINKS:= WITHOUT_SSL WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITHOUT_SSL:= use no ssl
+PKG_CHOICES_ELINKS:= WITH_LIBRESSL WITHOUT_SSL
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCB_WITH_LIBRESSL:= libressl
PKGCS_WITH_LIBRESSL:= libressl ca-certificates
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates
+PKGCD_WITHOUT_SSL:= use no ssl
include ${ADK_TOPDIR}/mk/package.mk
@@ -63,9 +61,6 @@ else
CONFIGURE_ARGS+= --disable-ipv6
endif
-ifeq ($(ADK_PACKAGE_ELINKS_WITH_OPENSSL),y)
-CONFIGURE_ARGS+= --with-openssl='${STAGING_TARGET_DIR}/usr'
-endif
ifeq ($(ADK_PACKAGE_ELINKS_WITH_LIBRESSL),y)
CONFIGURE_ARGS+= --with-openssl='${STAGING_TARGET_DIR}/usr'
endif
diff --git a/package/elinks/patches/patch-src_network_ssl_ssl_c b/package/elinks/patches/patch-src_network_ssl_ssl_c
new file mode 100644
index 000000000..f55f43ba4
--- /dev/null
+++ b/package/elinks/patches/patch-src_network_ssl_ssl_c
@@ -0,0 +1,16 @@
+--- elinks-0.11.7.orig/src/network/ssl/ssl.c 2009-08-22 13:15:08.000000000 +0200
++++ elinks-0.11.7/src/network/ssl/ssl.c 2016-09-30 18:47:20.022831750 +0200
+@@ -49,11 +49,8 @@ init_openssl(struct module *module)
+ * cannot initialize the PRNG and so every attempt to use SSL fails.
+ * It's actually an OpenSSL FAQ, and according to them, it's up to the
+ * application coders to seed the RNG. -- William Yodlowsky */
+- if (RAND_egd(RAND_file_name(f_randfile, sizeof(f_randfile))) < 0) {
+- /* Not an EGD, so read and write to it */
+- if (RAND_load_file(f_randfile, -1))
+- RAND_write_file(f_randfile);
+- }
++ if (RAND_load_file(f_randfile, -1))
++ RAND_write_file(f_randfile);
+
+ SSLeay_add_ssl_algorithms();
+ context = SSL_CTX_new(SSLv23_client_method());
diff --git a/package/fetchmail/Makefile b/package/fetchmail/Makefile
index bd981b9ee..16504d91d 100644
--- a/package/fetchmail/Makefile
+++ b/package/fetchmail/Makefile
@@ -12,24 +12,19 @@ PKG_SECTION:= net/mail
PKG_URL:= http://www.fetchmail.info
PKG_SITES:= ${MASTER_SITE_SOURCEFORGE:=fetchmail/}
-PKG_CHOICES_FETCHMAIL:= WITHOUT_SSL WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITHOUT_SSL:= use no ssl
+PKG_CHOICES_FETCHMAIL:= WITH_LIBRESSL WITHOUT_SSL
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCB_WITH_LIBRESSL:= libressl
PKGCS_WITH_LIBRESSL:= libressl ca-certificates
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates
+PKGCD_WITHOUT_SSL:= use no ssl
include ${ADK_TOPDIR}/mk/package.mk
$(eval $(call PKG_template,FETCHMAIL,fetchmail,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
+AUTOTOOL_STYLE:= autoreconf
CONFIGURE_ARGS+= --without-hesiod
-ifeq (${ADK_PACKAGE_FETCHMAIL_WITH_OPENSSL},y)
-CONFIGURE_ARGS+= --with-ssl='${STAGING_TARGET_DIR}/usr'
-endif
ifeq (${ADK_PACKAGE_FETCHMAIL_WITH_LIBRESSL},y)
CONFIGURE_ARGS+= --with-ssl='${STAGING_TARGET_DIR}/usr'
endif
diff --git a/package/fetchmail/patches/patch-config_h_in b/package/fetchmail/patches/patch-config_h_in
new file mode 100644
index 000000000..ec8b9c74e
--- /dev/null
+++ b/package/fetchmail/patches/patch-config_h_in
@@ -0,0 +1,13 @@
+--- fetchmail-6.3.26.orig/config.h.in 2013-04-23 23:36:55.000000000 +0200
++++ fetchmail-6.3.26/config.h.in 2016-09-29 16:00:20.679625413 +0200
+@@ -53,6 +53,10 @@
+ if you don't. */
+ #undef HAVE_DECL_SSLV2_CLIENT_METHOD
+
++/* Define to 1 if you have the declaration of `SSLv3_client_method', and to 0
++ if you don't. */
++#undef HAVE_DECL_SSLV3_CLIENT_METHOD
++
+ /* Define to 1 if you have the declaration of `strerror', and to 0 if you
+ don't. */
+ #undef HAVE_DECL_STRERROR
diff --git a/package/fetchmail/patches/patch-configure b/package/fetchmail/patches/patch-configure
deleted file mode 100644
index e5dc5ce44..000000000
--- a/package/fetchmail/patches/patch-configure
+++ /dev/null
@@ -1,12 +0,0 @@
---- fetchmail-6.3.9.orig/configure 2008-11-16 15:18:49.000000000 +0100
-+++ fetchmail-6.3.9/configure 2009-06-12 22:27:25.000000000 +0200
-@@ -13176,9 +13176,6 @@ then
- { echo "$as_me:$LINENO: Enabling OpenSSL support in $with_ssl." >&5
- echo "$as_me: Enabling OpenSSL support in $with_ssl." >&6;}
- test "$with_ssl" != "/usr" && CFLAGS="$CFLAGS -I$with_ssl/include"
-- ### In Red Hat 9, this file includes a reference to <krb5.h>, so we
-- ### force the Kerberos direcory onto the include path so it will build.
-- CFLAGS="$CFLAGS -I/usr/kerberos/include"
- ### OpenBSD comes with ssl headers
- else
- { { echo "$as_me:$LINENO: error: SSL support enabled, but OpenSSL not found" >&5
diff --git a/package/fetchmail/patches/patch-configure_ac b/package/fetchmail/patches/patch-configure_ac
new file mode 100644
index 000000000..7126bbc5f
--- /dev/null
+++ b/package/fetchmail/patches/patch-configure_ac
@@ -0,0 +1,10 @@
+--- fetchmail-6.3.26.orig/configure.ac 2013-04-23 22:51:10.000000000 +0200
++++ fetchmail-6.3.26/configure.ac 2016-09-29 16:00:20.683625569 +0200
+@@ -803,6 +803,7 @@ fi
+
+ case "$LIBS" in *-lssl*)
+ AC_CHECK_DECLS([SSLv2_client_method],,,[#include <openssl/ssl.h>])
++ AC_CHECK_DECLS([SSLv3_client_method],,,[#include <openssl/ssl.h>])
+ ;;
+ esac
+
diff --git a/package/fetchmail/patches/patch-fetchmail_c b/package/fetchmail/patches/patch-fetchmail_c
new file mode 100644
index 000000000..160afa85d
--- /dev/null
+++ b/package/fetchmail/patches/patch-fetchmail_c
@@ -0,0 +1,15 @@
+--- fetchmail-6.3.26.orig/fetchmail.c 2013-04-23 22:00:45.000000000 +0200
++++ fetchmail-6.3.26/fetchmail.c 2016-09-29 16:00:20.683625569 +0200
+@@ -263,6 +263,12 @@ int main(int argc, char **argv)
+ #ifdef SSL_ENABLE
+ "+SSL"
+ #endif
++#if HAVE_DECL_SSLV2_CLIENT_METHOD + 0 == 0
++ "-SSLv2"
++#endif
++#if HAVE_DECL_SSLV3_CLIENT_METHOD + 0 == 0
++ "-SSLv3"
++#endif
+ #ifdef OPIE_ENABLE
+ "+OPIE"
+ #endif /* OPIE_ENABLE */
diff --git a/package/fetchmail/patches/patch-socket_c b/package/fetchmail/patches/patch-socket_c
new file mode 100644
index 000000000..54f6ff27a
--- /dev/null
+++ b/package/fetchmail/patches/patch-socket_c
@@ -0,0 +1,20 @@
+--- fetchmail-6.3.26.orig/socket.c 2013-04-23 22:00:45.000000000 +0200
++++ fetchmail-6.3.26/socket.c 2016-09-29 16:00:20.683625569 +0200
+@@ -910,11 +910,16 @@ int SSLOpen(int sock, char *mycert, char
+ #if HAVE_DECL_SSLV2_CLIENT_METHOD + 0 > 0
+ _ctx[sock] = SSL_CTX_new(SSLv2_client_method());
+ #else
+- report(stderr, GT_("Your operating system does not support SSLv2.\n"));
++ report(stderr, GT_("Your OpenSSL version does not support SSLv2.\n"));
+ return -1;
+ #endif
+ } else if(!strcasecmp("ssl3",myproto)) {
++#if HAVE_DECL_SSLV3_CLIENT_METHOD + 0 > 0
+ _ctx[sock] = SSL_CTX_new(SSLv3_client_method());
++#else
++ report(stderr, GT_("Your OpenSSL version does not support SSLv3.\n"));
++ return -1;
++#endif
+ } else if(!strcasecmp("tls1",myproto)) {
+ _ctx[sock] = SSL_CTX_new(TLSv1_client_method());
+ } else if (!strcasecmp("ssl23",myproto)) {
diff --git a/package/freeradius-client/Makefile b/package/freeradius-client/Makefile
index 29cfa0ee2..c49a1e0b5 100644
--- a/package/freeradius-client/Makefile
+++ b/package/freeradius-client/Makefile
@@ -9,18 +9,11 @@ PKG_RELEASE:= 2
PKG_HASH:= 478bfb7ec00789af150acf6a231bc9b0731d06353c7fe36a8fd6d4d83e42a07f
PKG_DESCR:= radius client
PKG_SECTION:= net/radius
-PKG_DEPENDS:= libfreeradius-client
+PKG_DEPENDS:= libfreeradius-client libressl
+PKG_BUILDDEP:= libressl
PKG_URL:= http://www.freeradius.org/
PKG_SITES:= ftp://ftp.freeradius.org/pub/radius/
-PKG_CHOICES_FREERADIUS_CLIENT:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
PKG_SUBPKGS:= FREERADIUS_CLIENT LIBFREERADIUS_CLIENT
diff --git a/package/freeradius-server/Makefile b/package/freeradius-server/Makefile
index 4698d5a51..d2f0a264e 100644
--- a/package/freeradius-server/Makefile
+++ b/package/freeradius-server/Makefile
@@ -9,20 +9,12 @@ PKG_RELEASE:= 1
PKG_HASH:= b97b72915315f2dcd34001af2c1737947f91ad9104a40408b92b030356e25d59
PKG_DESCR:= flexible radius server
PKG_SECTION:= net/radius
-PKG_DEPENDS:= libltdl libpcre libtalloc
-PKG_BUILDDEP:= libtool pcre talloc
+PKG_DEPENDS:= libltdl libpcre libtalloc libressl
+PKG_BUILDDEP:= libtool pcre talloc libressl
PKG_NEEDS:= threads
PKG_URL:= http://www.freeradius.org/
PKG_SITES:= ftp://ftp.freeradius.org/pub/radius/
-PKG_CHOICES_FREERADIUS_SERVER:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
PKG_SUBPKGS:= FREERADIUS_SERVER FREERADIUS_DEMOCERTS FREERADIUS_MOD_CHAP FREERADIUS_MOD_DETAIL
diff --git a/package/freeswitch/Makefile b/package/freeswitch/Makefile
index d1c1cbd24..15576c1a8 100644
--- a/package/freeswitch/Makefile
+++ b/package/freeswitch/Makefile
@@ -10,20 +10,12 @@ PKG_HASH:= b7beaaac29dc0a58cc34cfd402bf1c7e8ca06975722fd8ddb2983cbed17dd6e4
PKG_DESCR:= cross-platform telephony platform
PKG_SECTION:= net/voip
PKG_DEPENDS:= libpcre libcurl zlib libjpeg-turbo libsqlite
+PKG_DEPENDS+= libressl
PKG_BUILDDEP:= util-linux zlib libjpeg-turbo sqlite curl pcre
-PKG_BUILDDEP+= speex
+PKG_BUILDDEP+= speex libressl
PKG_URL:= http://www.freeswitch.org/
PKG_SITES:= http://files.freeswitch.org/freeswitch-releases/
-PKG_CHOICES_FREESWITCH:=WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
-
include $(ADK_TOPDIR)/mk/package.mk
$(eval $(call PKG_template,FREESWITCH,freeswitch,$(PKG_VERSION)-$(PKG_RELEASE),$(PKG_DEPENDS),$(PKG_DESCR),$(PKG_SECTION)))
diff --git a/package/git/Makefile b/package/git/Makefile
index 4822ed34f..c44630369 100644
--- a/package/git/Makefile
+++ b/package/git/Makefile
@@ -9,20 +9,12 @@ PKG_RELEASE:= 1
PKG_HASH:= c73364ac00ae85ffc6cfb12ca2700bb0edf30f63262be97be4039be594ff29e7
PKG_DESCR:= fast version control system
PKG_SECTION:= dev/scm
-PKG_BUILDDEP:= curl expat
-PKG_DEPENDS:= libcurl libexpat
+PKG_BUILDDEP:= curl expat libressl
+PKG_DEPENDS:= libcurl libexpat libressl
PKG_NEEDS:= threads rt
PKG_URL:= http://git-scm.com/
PKG_SITES:= https://www.kernel.org/pub/software/scm/git/
-PKG_CHOICES_GIT:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
include $(ADK_TOPDIR)/mk/package.mk
$(eval $(call PKG_template,GIT,git,$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
diff --git a/package/hostapd/Makefile b/package/hostapd/Makefile
index 8380937de..22cfeba7d 100644
--- a/package/hostapd/Makefile
+++ b/package/hostapd/Makefile
@@ -17,10 +17,7 @@ PKG_SITES:= http://hostap.epitest.fi/releases/
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
PKG_SUBPKGS:= HOSTAPD HOSTAPD_UTILS
-PKG_CHOICES_HOSTAPD:= WITH_LIBRESSL WITH_GNUTLS WITH_OPENSSL
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCS_WITH_OPENSSL:= libopenssl
-PKGCB_WITH_OPENSSL:= openssl
+PKG_CHOICES_HOSTAPD:= WITH_LIBRESSL WITH_GNUTLS
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCS_WITH_LIBRESSL:= libressl
PKGCB_WITH_LIBRESSL:= libressl
diff --git a/package/httping/Makefile b/package/httping/Makefile
index f33a18582..f6ed4f4df 100644
--- a/package/httping/Makefile
+++ b/package/httping/Makefile
@@ -9,18 +9,12 @@ PKG_RELEASE:= 1
PKG_HASH:= dab59f02b08bfbbc978c005bb16d2db6fe21e1fc841fde96af3d497ddfc82084
PKG_DESCR:= like ping but for http-requests
PKG_SECTION:= net/http
+PKG_DEPENDS:= libressl
+PKG_BUILDDEP:= libressl
PKG_SITES:= http://www.vanheusden.com/httping/
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tgz
-PKG_CHOICES_HTTPING:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
include ${ADK_TOPDIR}/mk/package.mk
$(eval $(call PKG_template,HTTPING,httping,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
diff --git a/package/ipsec-tools/Makefile b/package/ipsec-tools/Makefile
index 6191d4f56..c109ac377 100644
--- a/package/ipsec-tools/Makefile
+++ b/package/ipsec-tools/Makefile
@@ -9,21 +9,14 @@ PKG_RELEASE:= 2
PKG_HASH:= 8eb6b38716e2f3a8a72f1f549c9444c2bc28d52c9536792690564c74fe722f2d
PKG_DESCR:= ipsec management tools
PKG_SECTION:= net/security
+PKG_DEPENDS:= libressl
+PKG_BUILDDEP:= flex libressl
PKG_KDEPENDS:= net-key
-PKG_BUILDDEP:= flex
PKG_URL:= http://ipsec-tools.sourceforge.net/
PKG_SITES:= $(MASTER_SITE_SOURCEFORGE:=ipsec-tools/)
DISTFILES:= $(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_CHOICES_IPSEC_TOOLS:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
PKG_FLAVOURS_IPSEC_TOOLS:= WITH_IPV6
PKGFD_WITH_IPV6:= enable ipv6 support
diff --git a/package/irssi/Makefile b/package/irssi/Makefile
index 415935d4b..1559bab55 100644
--- a/package/irssi/Makefile
+++ b/package/irssi/Makefile
@@ -14,14 +14,11 @@ PKG_BUILDDEP:= glib ncurses
PKG_URL:= http://www.irssi.org/
PKG_SITES:= https://github.com/irssi/irssi/releases/download/$(PKG_VERSION)/
-PKG_CHOICES_IRSSI:= WITHOUT_SSL WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITHOUT_SSL:= use no ssl
+PKG_CHOICES_IRSSI:= WITH_LIBRESSL WITHOUT_SSL
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCB_WITH_LIBRESSL:= libressl
PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
+PKGCD_WITHOUT_SSL:= use no ssl
PKG_FLAVOURS_IRSSI:= WITH_IPV6
PKGFD_WITH_IPV6:= enable ipv6 support
diff --git a/package/kodi/Makefile b/package/kodi/Makefile
index 4ceaa5352..0686adff3 100644
--- a/package/kodi/Makefile
+++ b/package/kodi/Makefile
@@ -9,7 +9,7 @@ PKG_RELEASE:= 1
PKG_HASH:= 7d82c8aff2715c83deecdf10c566e26105bec0473af530a1356d4c747ebdfd10
PKG_DESCR:= software media player
PKG_SECTION:= mm/video
-PKG_DEPENDS:= boost python2 libsquish libbluray
+PKG_DEPENDS:= boost python2 libsquish libbluray libressl
PKG_DEPENDS+= libass libmpeg2 libmad libdbus libglew mesa
PKG_DEPENDS+= libjpeg-turbo libogg libvorbis libmodplug libcurl
PKG_DEPENDS+= libflac libbz2 libtiff liblzo libnettle librtmp
@@ -27,7 +27,7 @@ PKG_BUILDDEP+= eudev alsa-lib glib glu libmodplug libgtk2
PKG_BUILDDEP+= libgpg-error dbus libxslt libvorbis libbluray
PKG_BUILDDEP+= swig-host liblzo-host libpng-host libjpeg-turbo-host
PKG_BUILDDEP+= zip-host unzip-host giflib-host libsquish libdcadec
-PKG_BUILDDEP+= libcrossguid
+PKG_BUILDDEP+= libcrossguid libressl
PKG_NEEDS:= threads rt c++
PKG_URL:= http://kodi.tv/
PKG_SITES:= https://github.com/xbmc/xbmc/archive/
@@ -37,14 +37,6 @@ PKG_CFLINE_KODI:= select ADK_PACKAGE_GPU_VIV_BIN_MX6Q if ADK_TARGET_SYSTEM_SOLID
DISTFILES:= $(PKG_VERSION)-Jarvis.tar.gz
WRKDIST= ${WRKDIR}/xbmc-$(PKG_VERSION)-Jarvis
-PKG_CHOICES_KODI:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCS_WITH_OPENSSL:= libopenssl
-PKGCB_WITH_OPENSSL:= openssl
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCB_WITH_LIBRESSL:= libressl
-
PKG_FLAVOURS_KODI:= WITH_SMB WITH_NFS WITH_SSH WITH_AVAHI WITH_CEC
PKG_FLAVOURS_KODI+= WITH_WEBSERVER WITH_LIRC
diff --git a/package/lftp/Makefile b/package/lftp/Makefile
index 22cc3b5a0..683e7a612 100644
--- a/package/lftp/Makefile
+++ b/package/lftp/Makefile
@@ -16,17 +16,14 @@ PKG_NEEDS:= c++
PKG_URL:= http://lftp.yar.ru/
PKG_SITES:= http://lftp.yar.ru/ftp/
-PKG_CHOICES_LFTP:= WITHOUT_SSL WITH_GNUTLS WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITHOUT_SSL:= use no ssl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates
-PKGCB_WITH_OPENSSL:= openssl
+PKG_CHOICES_LFTP:= WITH_LIBRESSL WITH_GNUTLS WITHOUT_SSL
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCS_WITH_LIBRESSL:= libressl ca-certificates
PKGCB_WITH_LIBRESSL:= libressl
PKGCD_WITH_GNUTLS:= use gnutls for crypto
PKGCS_WITH_GNUTLS:= libgnutls ca-certificates
PKGCB_WITH_GNUTLS:= gnutls
+PKGCD_WITHOUT_SSL:= use no ssl
include $(ADK_TOPDIR)/mk/package.mk
@@ -44,10 +41,6 @@ ifeq (${ADK_PACKAGE_LFTP_WITH_GNUTLS},y)
CONFIGURE_ARGS+= --without-openssl \
--with-gnutls
endif
-ifeq (${ADK_PACKAGE_LFTP_WITH_OPENSSL},y)
-CONFIGURE_ARGS+= --with-openssl="$(STAGING_TARGET_DIR)/usr" \
- --without-gnutls
-endif
ifeq (${ADK_PACKAGE_LFTP_WITH_LIBRESSL},y)
CONFIGURE_ARGS+= --with-openssl="$(STAGING_TARGET_DIR)/usr" \
--without-gnutls
diff --git a/package/libesmtp/Makefile b/package/libesmtp/Makefile
index 0b1129bdc..4b7474cd5 100644
--- a/package/libesmtp/Makefile
+++ b/package/libesmtp/Makefile
@@ -15,14 +15,11 @@ PKG_OPTS:= dev
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.bz2
-PKG_CHOICES_LIBESMTP:= WITHOUT_SSL WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITHOUT_SSL:= use no ssl
+PKG_CHOICES_LIBESMTP:= WITH_LIBRESSL WITHOUT_SSL
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl ca-certificates
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates
+PKGCS_WITH_LIBRESSL:= libressl
+PKGCD_WITHOUT_SSL:= use no ssl
include $(ADK_TOPDIR)/mk/package.mk
@@ -30,9 +27,6 @@ $(eval $(call PKG_template,LIBESMTP,libesmtp,$(PKG_VERSION)-${PKG_RELEASE},${PKG
AUTOTOOL_STYLE:= autoreconf
-ifeq (${ADK_PACKAGE_LIBESMTP_WITH_OPENSSL},y)
-CONFIGURE_ARGS+= --with-openssl
-endif
ifeq (${ADK_PACKAGE_LIBESMTP_WITH_LIBRESSL},y)
CONFIGURE_ARGS+= --with-openssl
endif
diff --git a/package/libp11/Makefile b/package/libp11/Makefile
index 937cad5cc..19681c0ba 100644
--- a/package/libp11/Makefile
+++ b/package/libp11/Makefile
@@ -9,22 +9,14 @@ PKG_RELEASE:= 1
PKG_HASH:= a4121015503ade98074b5e2a2517fc8a139f8b28aed10021db2bb77283f40691
PKG_DESCR:= library implementing a small layer on top of pkcs11 api
PKG_SECTION:= libs/crypto
-PKG_DEPENDS:= libltdl
-PKG_BUILDDEP:= libtool
+PKG_DEPENDS:= libltdl libressl
+PKG_BUILDDEP:= libtool libressl
PKG_URL:= https://github.com/OpenSC/libp11/wiki
PKG_SITES:= http://sourceforge.net/projects/opensc/files/libp11/
PKG_OPTS:= dev
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-PKG_CHOICES_LIBP11:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
include ${ADK_TOPDIR}/mk/package.mk
$(eval $(call PKG_template,LIBP11,libp11,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION},${PKG_OPTS}))
diff --git a/package/libssh/Makefile b/package/libssh/Makefile
index b086a893e..e3a5896ba 100644
--- a/package/libssh/Makefile
+++ b/package/libssh/Makefile
@@ -9,20 +9,12 @@ PKG_RELEASE:= 1
PKG_HASH:= 26ef46be555da21112c01e4b9f5e3abba9194485c8822ab55ba3d6496222af98
PKG_DESCR:= secure shell library
PKG_SECTION:= libs/crypto
-PKG_DEPENDS:= zlib
-PKG_BUILDDEP:= cmake-host zlib
+PKG_DEPENDS:= zlib libressl
+PKG_BUILDDEP:= cmake-host zlib libressl
PKG_URL:= http://www.libssh.org/
PKG_SITES:= https://red.libssh.org/attachments/download/195/
PKG_OPTS:= dev
-PKG_CHOICES_LIBSSH:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCS_WITH_OPENSSL:= libopenssl
-PKGCB_WITH_OPENSSL:= openssl
-
include $(ADK_TOPDIR)/mk/package.mk
$(eval $(call PKG_template,LIBSSH,libssh,$(PKG_VERSION)-$(PKG_RELEASE),$(PKG_DEPENDS),$(PKG_DESCR),$(PKG_SECTION),$(PKG_OPTS)))
diff --git a/package/libssh2/Makefile b/package/libssh2/Makefile
index a6286ccdf..e394484ff 100644
--- a/package/libssh2/Makefile
+++ b/package/libssh2/Makefile
@@ -9,22 +9,14 @@ PKG_RELEASE:= 1
PKG_HASH:= e4561fd43a50539a8c2ceb37841691baf03ecb7daf043766da1b112e4280d584
PKG_DESCR:= client-side c library implementing ssh2 protocol
PKG_SECTION:= libs/crypto
-PKG_BUILDDEP:= zlib
-PKG_DEPENDS:= zlib
+PKG_BUILDDEP:= zlib libressl
+PKG_DEPENDS:= zlib libressl
PKG_URL:= http://www.libssh2.org/
PKG_SITES:= http://www.libssh2.org/download/
PKG_OPTS:= dev
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-PKG_CHOICES_LIBSSH2:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
include $(ADK_TOPDIR)/mk/package.mk
$(eval $(call PKG_template,LIBSSH2,libssh2,$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION},${PKG_OPTS}))
diff --git a/package/libtorrent/Makefile b/package/libtorrent/Makefile
index ba4a09ec4..6035637e4 100644
--- a/package/libtorrent/Makefile
+++ b/package/libtorrent/Makefile
@@ -9,22 +9,14 @@ PKG_RELEASE:= 1
PKG_HASH:= 2838a08c96edfd936aff8fbf99ecbb930c2bfca3337dd1482eb5fccdb80d5a04
PKG_DESCR:= bittorrent library
PKG_SECTION:= libs/net
-PKG_DEPENDS:= libsigc++ zlib
-PKG_BUILDDEP:= libsigc++ zlib gettext-tiny
+PKG_DEPENDS:= libsigc++ zlib libressl
+PKG_BUILDDEP:= libsigc++ zlib libressl gettext-tiny
PKG_URL:= https://rakshasa.github.io/rtorrent/
PKG_SITES:= http://rtorrent.net/downloads/
PKG_OPTS:= dev
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-PKG_CHOICES_LIBTORRENT:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
include ${ADK_TOPDIR}/mk/package.mk
$(eval $(call PKG_template,LIBTORRENT,libtorrent,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION},${PKG_OPTS}))
diff --git a/package/lighttpd/Makefile b/package/lighttpd/Makefile
index acc34bf3a..628927d0f 100644
--- a/package/lighttpd/Makefile
+++ b/package/lighttpd/Makefile
@@ -15,14 +15,11 @@ PKG_SITES:= http://download.lighttpd.net/lighttpd/releases-1.4.x/
PKG_FLAVOURS_LIGHTTPD:= WITH_IPV6
PKGFD_WITH_IPV6:= enable ipv6 support
-PKG_CHOICES_LIGHTTPD:= WITHOUT_SSL WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITHOUT_SSL:= use no ssl
+PKG_CHOICES_LIGHTTPD:= WITH_LIBRESSL WITHOUT_SSL
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCB_WITH_LIBRESSL:= libressl
PKGCS_WITH_LIBRESSL:= libressl ca-certificates
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates
+PKGCD_WITHOUT_SSL:= use no ssl
PKG_SUBPKGS:= LIGHTTPD LIGHTTPD_MOD_ALIAS LIGHTTPD_MOD_AUTH
PKG_SUBPKGS+= LIGHTTPD_MOD_CGI LIGHTTPD_MOD_DIRLIST LIGHTTPD_MOD_EVASIVE LIGHTTPD_MOD_EXPIRE LIGHTTPD_MOD_FASTCGI
@@ -147,9 +144,6 @@ else
CONFIGURE_ARGS+= --disable-ipv6
endif
-ifeq ($(ADK_PACKAGE_LIGHTTPD_WITH_OPENSSL),y)
-CONFIGURE_ARGS+= --with-openssl
-endif
ifeq ($(ADK_PACKAGE_LIGHTTPD_WITH_LIBRESSL),y)
CONFIGURE_ARGS+= --with-openssl
endif
diff --git a/package/links/Makefile b/package/links/Makefile
index 07b36e4a6..62aaf4edb 100644
--- a/package/links/Makefile
+++ b/package/links/Makefile
@@ -16,14 +16,11 @@ PKG_SITES:= http://links.twibright.com/download/
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-PKG_CHOICES_LINKS:= WITHOUT_SSL WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITHOUT_SSL:= use no ssl
+PKG_CHOICES_LINKS:= WITH_LIBRESSL WITHOUT_SSL
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCB_WITH_LIBRESSL:= libressl
PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
+PKGCD_WITHOUT_SSL:= use no ssl
PKG_FLAVOURS_LINKS:= WITH_DIRECTFB
PKGFD_WITH_DIRECTFB:= enable DirectFB video output support
diff --git a/package/lynx/Makefile b/package/lynx/Makefile
index 9a547e20e..9ddd4657e 100644
--- a/package/lynx/Makefile
+++ b/package/lynx/Makefile
@@ -9,8 +9,8 @@ PKG_RELEASE:= 2
PKG_HASH:= 234c9dc77d4c4594ad6216d7df4d49eae3019a3880e602f39721b35b97fbc408
PKG_DESCR:= text browser
PKG_SECTION:= app/browser
-PKG_DEPENDS:= libncurses zlib
-PKG_BUILDDEP:= ncurses zlib
+PKG_DEPENDS:= libncurses zlib libressl
+PKG_BUILDDEP:= ncurses zlib libressl
PKG_URL:= http://lynx.isc.org/
PKG_SITES:= http://lynx.isc.org/${PKG_NAME}${PKG_VERSION}/
PKG_NOPARALLEL:= 1
@@ -18,20 +18,13 @@ PKG_NOPARALLEL:= 1
DISTFILES:= ${PKG_NAME}${PKG_VERSION}.tar.gz
WRKDIST= ${WRKDIR}/lynx2-8-8
-PKG_CHOICES_LYNX:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
include ${ADK_TOPDIR}/mk/package.mk
$(eval $(call PKG_template,LYNX,lynx,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
TARGET_CPPFLAGS+= -I${STAGING_TARGET_DIR}/include/openssl
TARGET_CPPFLAGS+= -DUSE_OPENSSL_INCL -DUSE_X509_SUPPORT
+
CONFIGURE_ENV+= ac_cv_path_TELNET=telnet \
ac_cv_path_TN3270=tn3270 \
ac_cv_path_RLOGIN=rlogin \
diff --git a/package/mini_httpd/Makefile b/package/mini_httpd/Makefile
index e82d568d1..1eb7afc68 100644
--- a/package/mini_httpd/Makefile
+++ b/package/mini_httpd/Makefile
@@ -8,6 +8,8 @@ PKG_VERSION:= 1.19
PKG_RELEASE:= 10
PKG_HASH:= f7f36533b1338ea16d916ea525ea7006ab38fdd3544ac7df93a4688a8e270241
PKG_DESCR:= small webserver with ssl
+PKG_DEPENDS:= libressl
+PKG_BUILDDEP:= libressl
PKG_SECTION:= net/http
PKG_URL:= http://www.acme.com/software/mini_httpd/
PKG_SITES:= http://www.acme.com/software/mini_httpd/
@@ -15,14 +17,6 @@ PKG_SITES:= http://www.acme.com/software/mini_httpd/
DISTFILES:= mini_httpd-${PKG_VERSION}.tar.gz
WRKDIST= ${WRKDIR}/mini_httpd-${PKG_VERSION}
-PKG_CHOICES_MINI_HTTPD:=WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
include ${ADK_TOPDIR}/mk/package.mk
$(eval $(call PKG_template,MINI_HTTPD,mini-httpd,${PKG_VERSION}-${PKG_RELEASE},,${PKG_DESCR},${PKG_SECTION}))
diff --git a/package/monit/Makefile b/package/monit/Makefile
index 49caad36e..defed1992 100644
--- a/package/monit/Makefile
+++ b/package/monit/Makefile
@@ -9,20 +9,14 @@ PKG_RELEASE:= 1
PKG_HASH:= befcd54365502bce4ffd6d1b0c345d5b689c9f7cb3a35a462ba7dcffcf6f62b8
PKG_DESCR:= utility for system services monitoring
PKG_SECTION:= sys/misc
+PKG_DEPENDS:= libressl
+PKG_BUILDDEP:= libressl
PKG_NEEDS:= threads
PKG_URL:= http://mmonit.com/monit/
PKG_SITES:= https://mmonit.com/monit/dist/
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-PKG_CHOICES_MONIT:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
include ${ADK_TOPDIR}/mk/package.mk
$(eval $(call PKG_template,MONIT,monit,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
diff --git a/package/mosquitto/Makefile b/package/mosquitto/Makefile
index 2945d41e4..dbf3d8a3b 100644
--- a/package/mosquitto/Makefile
+++ b/package/mosquitto/Makefile
@@ -9,22 +9,14 @@ PKG_RELEASE:= 1
PKG_HASH:= 1df3ae07de40b80a74cd37a7b026895c544cdd3b42c9e0719ae91623aa98c58b
PKG_DESCR:= mqtt broker
PKG_SECTION:= net/misc
-PKG_DEPENDS:= c-ares
-PKG_BUILDDEP:= cmake-host c-ares
+PKG_DEPENDS:= c-ares libressl
+PKG_BUILDDEP:= cmake-host c-ares libressl
PKG_NEEDS:= threads rt
PKG_URL:= http://mosquitto.org
PKG_SITES:= http://mosquitto.org/files/source/
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-PKG_CHOICES_MOSQUITTO:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
include $(ADK_TOPDIR)/mk/package.mk
$(eval $(call PKG_template,MOSQUITTO,mosquitto,$(PKG_VERSION)-$(PKG_RELEASE),$(PKG_DEPENDS),$(PKG_DESCR),$(PKG_SECTION)))
diff --git a/package/mutt/Makefile b/package/mutt/Makefile
index 397e405d2..da2546666 100644
--- a/package/mutt/Makefile
+++ b/package/mutt/Makefile
@@ -14,14 +14,11 @@ PKG_BUILDDEP:= ncurses
PKG_URL:= http://www.mutt.org/
PKG_SITES:= ftp://ftp.mutt.org/pub/mutt/
-PKG_CHOICES_MUTT:= WITHOUT_SSL WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITHOUT_SSL:= use no ssl
+PKG_CHOICES_MUTT:= WITH_LIBRESSL WITHOUT_SSL
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCB_WITH_LIBRESSL:= libressl
PKGCS_WITH_LIBRESSL:= libressl ca-certificates
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates
+PKGCD_WITHOUT_SSL:= use no ssl
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
diff --git a/package/neon/Makefile b/package/neon/Makefile
index 68aa18e19..936a1e030 100644
--- a/package/neon/Makefile
+++ b/package/neon/Makefile
@@ -9,8 +9,8 @@ PKG_RELEASE:= 1
PKG_HASH:= 00c626c0dc18d094ab374dbd9a354915bfe4776433289386ed489c2ec0845cdd
PKG_DESCR:= http and webdav library
PKG_SECTION:= libs/misc
-PKG_DEPENDS:= libxml2 zlib
-PKG_BUILDDEP:= libxml2 zlib
+PKG_DEPENDS:= libxml2 zlib libressl
+PKG_BUILDDEP:= libxml2 zlib libressl
PKG_NEEDS:= threads
PKG_URL:= http://webdav.org/neon/
PKG_SITES:= http://webdav.org/neon/
@@ -18,14 +18,6 @@ PKG_OPTS:= dev
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-PKG_CHOICES_NEON:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
include ${ADK_TOPDIR}/mk/package.mk
$(eval $(call PKG_template,NEON,neon,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION},${PKG_OPTS}))
diff --git a/package/nginx/Makefile b/package/nginx/Makefile
index 3e6b44ccf..0b99d462e 100644
--- a/package/nginx/Makefile
+++ b/package/nginx/Makefile
@@ -17,21 +17,19 @@ PKG_SITES:= http://nginx.org/download/
DISTFILES:= $(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_CHOICES_NGINX:= WITHOUT_SSL WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITHOUT_SSL:= use no ssl
+PKG_CHOICES_NGINX:= WITH_LIBRESSL WITHOUT_SSL
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCB_WITH_LIBRESSL:= libressl
PKGCS_WITH_LIBRESSL:= libressl ca-certificates
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates
+PKGCD_WITHOUT_SSL:= use no ssl
include $(ADK_TOPDIR)/mk/package.mk
$(eval $(call PKG_template,NGINX,nginx,$(PKG_VERSION)-$(PKG_RELEASE),$(PKG_DEPENDS),$(PKG_DESCR),$(PKG_SECTION)))
-CONFIG_STYLE:= minimal
TARGET_CFLAGS+= -fPIC
+
+CONFIG_STYLE:= minimal
CONFIGURE_ENV+= ngx_force_gcc_have_atomic=yes \
ngx_force_have_libatomic=no
CONFIGURE_ARGS:= --prefix=/srv/www \
@@ -51,9 +49,6 @@ CONFIGURE_ARGS:= --prefix=/srv/www \
--http-scgi-temp-path=/var/lib/nginx/uwsgi \
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi
-ifeq ($(ADK_PACKAGE_NGINX_WITH_OPENSSL),y)
-CONFIGURE_ARGS+= --with-http_ssl_module
-endif
ifeq ($(ADK_PACKAGE_NGINX_WITH_LIBRESSL),y)
CONFIGURE_ARGS+= --with-http_ssl_module
endif
diff --git a/package/nut/Makefile b/package/nut/Makefile
index fa9152eba..e44867f7f 100644
--- a/package/nut/Makefile
+++ b/package/nut/Makefile
@@ -22,14 +22,11 @@ PKGFD_WITH_USB:= enable usb support
PKGFS_WITH_USB:= libusb libusb-compat
PKGFB_WITH_USB:= libusb libusb-compat
-PKG_CHOICES_NUT:= WITHOUT_SSL WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITHOUT_SSL:= use no ssl
+PKG_CHOICES_NUT:= WITH_LIBRESSL WITHOUT_SSL
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCB_WITH_LIBRESSL:= libressl
PKGCS_WITH_LIBRESSL:= libressl ca-certificates
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates
+PKGCD_WITHOUT_SSL:= use no ssl
include ${ADK_TOPDIR}/mk/package.mk
@@ -87,11 +84,6 @@ CONFIGURE_ARGS+= --with-linux-hiddev=${LINUX_DIR}/include/linux/hiddev.h \
--with-group=0 \
--with-user=0
-ifeq (${ADK_PACKAGE_NUT_WITH_OPENSSL},y)
-CONFIGURE_ARGS+= --with-ssl
-CONFIGURE_ENV+= CPPFLAGS="${TARGET_CPPFLAGS} ${TARGET_LDFLAGS}"
-MAKE_FLAGS+= SSL_CFLAGS="${TARGET_CPPFLAGS}" SSL_LDFLAGS="${TARGET_LDFLAGS} -lssl -lcrypto"
-endif
ifeq (${ADK_PACKAGE_NUT_WITH_LIBRESSL},y)
CONFIGURE_ARGS+= --with-ssl
CONFIGURE_ENV+= CPPFLAGS="${TARGET_CPPFLAGS} ${TARGET_LDFLAGS}"
diff --git a/package/openldap/Makefile b/package/openldap/Makefile
index cb24e0f05..be90bd601 100644
--- a/package/openldap/Makefile
+++ b/package/openldap/Makefile
@@ -9,8 +9,8 @@ PKG_RELEASE:= 1
PKG_HASH:= d7de6bf3c67009c95525dde3a0212cc110d0a70b92af2af8e3ee800e81b88400
PKG_DESCR:= ldap client libraries
PKG_SECTION:= libs/misc
-PKG_DEPENDS:= libsasl2 libdb libuuid libncurses
-PKG_BUILDDEP:= cyrus-sasl db util-linux
+PKG_DEPENDS:= libsasl2 libdb libuuid libncurses libressl
+PKG_BUILDDEP:= cyrus-sasl db util-linux libressl
PKG_NEEDS:= threads c++
PKG_URL:= http://www.openldap.org/
PKG_SITES:= ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/
@@ -19,14 +19,6 @@ PKG_OPTS:= dev
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tgz
-PKG_CHOICES_CTORRENT:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
PKG_SUBPKGS:= LIBOPENLDAP OPENLDAP_UTILS OPENLDAP_SLAPD
PKGSD_OPENLDAP_UTILS:= ldap utilities
PKGSS_OPENLDAP_UTILS:= libopenldap
@@ -44,6 +36,7 @@ $(eval $(call PKG_template,LIBOPENLDAP,libopenldap,${PKG_VERSION}-${PKG_RELEASE}
$(eval $(call PKG_template,OPENLDAP_UTILS,openldap-utils,${PKG_VERSION}-${PKG_RELEASE},${PKGSS_OPENLDAP_UTILS},${PKGSD_OPENLDAP_UTILS},${PKGSC_OPENLDAP_UTILS}))
$(eval $(call PKG_template,OPENLDAP_SLAPD,openldap-slapd,${PKG_VERSION}-${PKG_RELEASE},${PKGSS_OPENLDAP_SLAPD},${PKGSD_OPENLDAP_SLAPD},${PKGSC_OPENLDAP_SLAPD}))
+CONFIGURE_ENV+= ac_cv_func_memcmp_working=yes
CONFIGURE_ARGS+= --enable-slapd \
--libexecdir=/usr/sbin \
--enable-bdb \
@@ -65,7 +58,6 @@ else
CONFIGURE_ARGS+= --disable-ipv6
endif
-CONFIGURE_ENV+= ac_cv_func_memcmp_working=yes
XAKE_FLAGS+= STRIP="" CPPFLAGS="-D_GNU_SOURCE"
libopenldap-install:
diff --git a/package/opensc/Makefile b/package/opensc/Makefile
index 923158611..863074bee 100644
--- a/package/opensc/Makefile
+++ b/package/opensc/Makefile
@@ -9,8 +9,8 @@ PKG_RELEASE:= 1
PKG_HASH:= 7c8600a37d11f82410699ee5c60bfebc46f6714d0d87b4125dd99215c87d4db8
PKG_DESCR:= utilities to access smart cards
PKG_SECTION:= app/crypto
-PKG_BUILDDEP:= openct pcsc-lite readline
-PKG_DEPENDS:= libopensc libopenct pcsc-lite libreadline
+PKG_BUILDDEP:= openct pcsc-lite readline libressl
+PKG_DEPENDS:= libopensc libopenct pcsc-lite libreadline libressl
PKG_URL:= https://github.com/OpenSC/OpenSC/wiki
PKG_SITES:= ${MASTER_SITE_SOURCEFORGE:=opensc/}
PKG_LIBNAME:= libopensc
@@ -18,14 +18,6 @@ PKG_OPTS:= dev
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-PKG_CHOICES_OPENSC:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
PKG_SUBPKGS:= OPENSC LIBOPENSC
PKGSD_LIBOPENSC:= opensc library
PKGSC_LIBOPENSC:= libs/crypto
diff --git a/package/opensips/Makefile b/package/opensips/Makefile
index 6269f74d9..d46553821 100644
--- a/package/opensips/Makefile
+++ b/package/opensips/Makefile
@@ -9,19 +9,13 @@ PKG_RELEASE:= 1
PKG_HASH:= bbf31ea3544ce0d0f0aa346e9aa023f3208119f8aee34f3188329fd53a87ddc5
PKG_DESCR:= high-performance, configurable, free sip server
PKG_SECTION:= net/voip
+PKG_DEPENDS:= libressl
+PKG_BUILDDEP:= libressl
PKG_URL:= http://opensips.org/
PKG_SITES:= http://opensips.org/pub/opensips/$(PKG_VERSION)/
DISTFILES:= $(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_CHOICES_OPENSIPS:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
PKG_SUBPKGS:= OPENSIPS OPENSIPS_MOD_ACCOUNTING OPENSIPS_MOD_AUTH
PKG_SUBPKGS+= OPENSIPS_MOD_AUTH_DB OPENSIPS_MOD_AVPOPS OPENSIPS_MOD_DISPATCHER
PKG_SUBPKGS+= OPENSIPS_MOD_DIVERSION OPENSIPS_MOD_FLATSTORE OPENSIPS_MOD_GFLAGS
diff --git a/package/openssh/Makefile b/package/openssh/Makefile
index 75acd9d42..d6e5b65e0 100644
--- a/package/openssh/Makefile
+++ b/package/openssh/Makefile
@@ -9,8 +9,8 @@ PKG_RELEASE:= 1
PKG_HASH:= 3ffb989a6dcaa69594c3b550d4855a5a2e1718ccdde7f5e36387b424220fbecc
PKG_DESCR:= secure shell implementation
PKG_SECTION:= net/security
-PKG_BUILDDEP:= zlib
-PKG_DEPENDS:= zlib
+PKG_BUILDDEP:= zlib libressl
+PKG_DEPENDS:= zlib libressl
PKG_NEEDS:= threads
PKG_URL:= http://www.openssh.com/
PKG_SITES:= http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/
@@ -36,14 +36,6 @@ PKGFD_WITH_KRB5:= enable kerberos 5 support
PKGFS_WITH_KRB5:= libkrb5 libcom-err
PKGFB_WITH_KRB5:= krb5
-PKG_CHOICES_OPENSSH:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= with libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= with openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-PKGCB_WITH_OPENSSL:= openssl
-
include ${ADK_TOPDIR}/mk/package.mk
$(eval $(call PKG_template,OPENSSH,openssh,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
diff --git a/package/openssl/Makefile b/package/openssl/Makefile
deleted file mode 100644
index c7d0e5bb7..000000000
--- a/package/openssl/Makefile
+++ /dev/null
@@ -1,130 +0,0 @@
-# This file is part of the OpenADK project. OpenADK is copyrighted
-# material, please see the LICENCE file in the top-level directory.
-
-include ${ADK_TOPDIR}/rules.mk
-
-PKG_NAME:= openssl
-PKG_VERSION:= 1.0.2j
-PKG_RELEASE:= 1
-PKG_HASH:= e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431
-PKG_DESCR:= secure socket layer libraries
-PKG_SECTION:= libs/crypto
-PKG_DEPENDS:= zlib
-PKG_BUILDDEP:= zlib
-PKG_URL:= http://www.openssl.org/
-PKG_SITES:= http://www.openssl.org/source/
-PKG_LIBNAME:= libopenssl
-PKG_OPTS:= dev
-PKG_NOPARALLEL:= 1
-
-DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-
-PKG_SUBPKGS:= LIBOPENSSL OPENSSL_UTIL
-PKGSD_OPENSSL_UTIL:= openssl command line tool
-PKGSC_OPENSSL_UTIL:= app/crypto
-PKGSS_OPENSSL_UTIL:= libopenssl
-
-PKG_FLAVOURS_LIBOPENSSL:= WITH_CRYPTODEV
-PKGFD_WITH_CRYPTODEV:= enable support for cryptodev-linux
-
-include ${ADK_TOPDIR}/mk/host.mk
-include ${ADK_TOPDIR}/mk/package.mk
-
-$(eval $(call HOST_template,OPENSSL,openssl,${PKG_VERSION}-${PKG_RELEASE}))
-$(eval $(call PKG_template,LIBOPENSSL,libopenssl,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION},$(PKG_OPTS)))
-$(eval $(call PKG_template,OPENSSL_UTIL,openssl-util,${PKG_VERSION}-${PKG_RELEASE},${PKGSS_OPENSSL_UTIL},${PKGSD_OPENSSL_UTIL},${PKGSC_OPENSSL_UTIL}))
-
-ifeq ($(ADK_TARGET_USE_STATIC_LIBS),y)
-OPENSSL_OPTIONS:= no-shared zlib no-dso
-else
-OPENSSL_OPTIONS:= shared zlib-dynamic
-ALL_TARGET+= build-shared
-TARGET_CFLAGS+= -ldl
-endif
-
-OPENSSL_OPTIONS+= threads no-err no-krb5 no-engines no-rc5 no-sha0 no-smime no-aes192
-
-HOST_STYLE:= manual
-CONFIG_STYLE:= manual
-BUILD_STYLE:= manual
-
-INSTALL_TARGET:= install_sw
-FAKE_FLAGS+= INSTALL_PREFIX=${WRKINST}
-
-ifneq ($(ADK_PACKAGE_LIBOPENSSL_WITH_CRYPTODEV),)
-OPENSSL_OPTIONS+= -DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS
-endif
-
-ifeq ($(ADK_TARGET_ARCH_MICROBLAZE),y)
-TARGET_CFLAGS:= $(subst g3,g,$(TARGET_CFLAGS))
-endif
-ifeq ($(ADK_TARGET_ARCH_XTENSA),y)
-TARGET_CFLAGS:= $(subst g3,g,$(TARGET_CFLAGS))
-endif
-ifeq ($(ADK_TARGET_ARCH_PPC),y)
-TARGET_CFLAGS:= $(subst g3,g,$(TARGET_CFLAGS))
-endif
-
-CONFIG:= linux-generic32
-ifeq ($(ADK_TARGET_ARCH_X86_64),y)
-CONFIG:= linux-x86_64
-endif
-
-ifneq (,$(filter CYGWIN%,${OS_FOR_BUILD}))
-HOSTCONFIG:= Cygwin-x86_64
-endif
-ifeq ($(OS_FOR_BUILD),Darwin)
-HOSTCONFIG:= darwin64-x86_64-cc
-endif
-
-host-configure:
-ifeq ($(HOSTCONFIG),)
- (cd $(WRKBUILD); ./config --prefix='$(STAGING_HOST_DIR)/usr' -fPIC -ldl)
-else
- (cd $(WRKBUILD); ./Configure $(HOSTCONFIG) --prefix='$(STAGING_HOST_DIR)/usr')
-endif
-
-host-build:
- (cd $(WRKBUILD); make)
-
-openssl-hostinstall:
- (cd $(WRKBUILD); make install)
-
-post-extract:
- -mkdir -p $(STAGING_TARGET_DIR)/usr/include/crypto
- $(CP) ./files/cryptodev.h $(STAGING_TARGET_DIR)/usr/include/crypto/
-
-do-configure:
- (cd $(WRKBUILD); \
- PATH='$(TARGET_PATH)' \
- ./Configure $(CONFIG) \
- --prefix=/usr \
- --openssldir=/etc/ssl \
- -I$(STAGING_TARGET_DIR)/usr/include \
- -L$(STAGING_TARGET_DIR)/usr/lib \
- -DOPENSSL_SMALL_FOOTPRINT \
- $(OPENSSL_OPTIONS) \
- );
- $(SED) "s:-O[0-9]:$(TARGET_CFLAGS) -fPIC:" $(WRKBUILD)/Makefile
-
-do-build:
- $(MAKE) -C $(WRKBUILD) \
- CC="$(TARGET_CC)" \
- AR="$(TARGET_CROSS)ar r" \
- RANLIB="$(TARGET_CROSS)ranlib" \
- $(ALL_TARGET)
-
-libopenssl-install:
- ${INSTALL_DIR} ${IDIR_LIBOPENSSL}/usr/lib
- ${CP} ${WRKINST}/usr/lib*/lib*.so* ${IDIR_LIBOPENSSL}/usr/lib
- chmod 644 ${IDIR_LIBOPENSSL}/usr/lib/lib*.so*
-
-openssl-util-install:
- ${INSTALL_DIR} ${IDIR_OPENSSL_UTIL}/usr/bin
- ${CP} ${WRKINST}/usr/bin/openssl ${IDIR_OPENSSL_UTIL}/usr/bin
- ${INSTALL_DIR} ${IDIR_OPENSSL_UTIL}/etc/ssl/{,certs,private}
- ${CP} ${WRKSRC}/apps/openssl.cnf ${IDIR_OPENSSL_UTIL}/etc/ssl/
- chmod 0700 ${IDIR_OPENSSL_UTIL}/etc/ssl/private
-
-include ${ADK_TOPDIR}/mk/host-bottom.mk
-include ${ADK_TOPDIR}/mk/pkg-bottom.mk
diff --git a/package/openssl/files/cryptodev.h b/package/openssl/files/cryptodev.h
deleted file mode 100644
index 00193a446..000000000
--- a/package/openssl/files/cryptodev.h
+++ /dev/null
@@ -1,288 +0,0 @@
-/* This is a source compatible implementation with the original API of
- * cryptodev by Angelos D. Keromytis, found at openbsd cryptodev.h.
- * Placed under public domain */
-
-#ifndef L_CRYPTODEV_H
-#define L_CRYPTODEV_H
-
-#include <linux/types.h>
-#ifndef __KERNEL__
-#define __user
-#endif
-
-/* API extensions for linux */
-#define CRYPTO_HMAC_MAX_KEY_LEN 512
-#define CRYPTO_CIPHER_MAX_KEY_LEN 64
-
-/* All the supported algorithms
- */
-enum cryptodev_crypto_op_t {
- CRYPTO_DES_CBC = 1,
- CRYPTO_3DES_CBC = 2,
- CRYPTO_BLF_CBC = 3,
- CRYPTO_CAST_CBC = 4,
- CRYPTO_SKIPJACK_CBC = 5,
- CRYPTO_MD5_HMAC = 6,
- CRYPTO_SHA1_HMAC = 7,
- CRYPTO_RIPEMD160_HMAC = 8,
- CRYPTO_MD5_KPDK = 9,
- CRYPTO_SHA1_KPDK = 10,
- CRYPTO_RIJNDAEL128_CBC = 11,
- CRYPTO_AES_CBC = CRYPTO_RIJNDAEL128_CBC,
- CRYPTO_ARC4 = 12,
- CRYPTO_MD5 = 13,
- CRYPTO_SHA1 = 14,
- CRYPTO_DEFLATE_COMP = 15,
- CRYPTO_NULL = 16,
- CRYPTO_LZS_COMP = 17,
- CRYPTO_SHA2_256_HMAC = 18,
- CRYPTO_SHA2_384_HMAC = 19,
- CRYPTO_SHA2_512_HMAC = 20,
- CRYPTO_AES_CTR = 21,
- CRYPTO_AES_XTS = 22,
- CRYPTO_AES_ECB = 23,
- CRYPTO_AES_GCM = 50,
-
- CRYPTO_CAMELLIA_CBC = 101,
- CRYPTO_RIPEMD160,
- CRYPTO_SHA2_256,
- CRYPTO_SHA2_384,
- CRYPTO_SHA2_512,
- CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */
-};
-
-#define CRYPTO_ALGORITHM_MAX (CRYPTO_ALGORITHM_ALL - 1)
-
-/* Values for ciphers */
-#define DES_BLOCK_LEN 8
-#define DES3_BLOCK_LEN 8
-#define RIJNDAEL128_BLOCK_LEN 16
-#define AES_BLOCK_LEN RIJNDAEL128_BLOCK_LEN
-#define CAMELLIA_BLOCK_LEN 16
-#define BLOWFISH_BLOCK_LEN 8
-#define SKIPJACK_BLOCK_LEN 8
-#define CAST128_BLOCK_LEN 8
-
-/* the maximum of the above */
-#define EALG_MAX_BLOCK_LEN 16
-
-/* Values for hashes/MAC */
-#define AALG_MAX_RESULT_LEN 64
-
-/* maximum length of verbose alg names (depends on CRYPTO_MAX_ALG_NAME) */
-#define CRYPTODEV_MAX_ALG_NAME 64
-
-#define HASH_MAX_LEN 64
-
-/* input of CIOCGSESSION */
-struct session_op {
- /* Specify either cipher or mac
- */
- __u32 cipher; /* cryptodev_crypto_op_t */
- __u32 mac; /* cryptodev_crypto_op_t */
-
- __u32 keylen;
- __u8 __user *key;
- __u32 mackeylen;
- __u8 __user *mackey;
-
- __u32 ses; /* session identifier */
-};
-
-struct session_info_op {
- __u32 ses; /* session identifier */
-
- /* verbose names for the requested ciphers */
- struct alg_info {
- char cra_name[CRYPTODEV_MAX_ALG_NAME];
- char cra_driver_name[CRYPTODEV_MAX_ALG_NAME];
- } cipher_info, hash_info;
-
- __u16 alignmask; /* alignment constraints */
- __u32 flags; /* SIOP_FLAGS_* */
-};
-
-/* If this flag is set then this algorithm uses
- * a driver only available in kernel (software drivers,
- * or drivers based on instruction sets do not set this flag).
- *
- * If multiple algorithms are involved (as in AEAD case), then
- * if one of them is kernel-driver-only this flag will be set.
- */
-#define SIOP_FLAG_KERNEL_DRIVER_ONLY 1
-
-#define COP_ENCRYPT 0
-#define COP_DECRYPT 1
-
-/* input of CIOCCRYPT */
-struct crypt_op {
- __u32 ses; /* session identifier */
- __u16 op; /* COP_ENCRYPT or COP_DECRYPT */
- __u16 flags; /* see COP_FLAG_* */
- __u32 len; /* length of source data */
- __u8 __user *src; /* source data */
- __u8 __user *dst; /* pointer to output data */
- /* pointer to output data for hash/MAC operations */
- __u8 __user *mac;
- /* initialization vector for encryption operations */
- __u8 __user *iv;
-};
-
-/* input of CIOCAUTHCRYPT */
-struct crypt_auth_op {
- __u32 ses; /* session identifier */
- __u16 op; /* COP_ENCRYPT or COP_DECRYPT */
- __u16 flags; /* see COP_FLAG_AEAD_* */
- __u32 len; /* length of source data */
- __u32 auth_len; /* length of auth data */
- __u8 __user *auth_src; /* authenticated-only data */
-
- /* The current implementation is more efficient if data are
- * encrypted in-place (src==dst). */
- __u8 __user *src; /* data to be encrypted and authenticated */
- __u8 __user *dst; /* pointer to output data. Must have
- * space for tag. For TLS this should be at least
- * len + tag_size + block_size for padding */
-
- __u8 __user *tag; /* where the tag will be copied to. TLS mode
- * doesn't use that as tag is copied to dst.
- * SRTP mode copies tag there. */
- __u32 tag_len; /* the length of the tag. Use zero for digest size or max tag. */
-
- /* initialization vector for encryption operations */
- __u8 __user *iv;
- __u32 iv_len;
-};
-
-/* In plain AEAD mode the following are required:
- * flags : 0
- * iv : the initialization vector (12 bytes)
- * auth_len: the length of the data to be authenticated
- * auth_src: the data to be authenticated
- * len : length of data to be encrypted
- * src : the data to be encrypted
- * dst : space to hold encrypted data. It must have
- * at least a size of len + tag_size.
- * tag_size: the size of the desired authentication tag or zero to use
- * the maximum tag output.
- *
- * Note tag isn't being used because the Linux AEAD interface
- * copies the tag just after data.
- */
-
-/* In TLS mode (used for CBC ciphers that required padding)
- * the following are required:
- * flags : COP_FLAG_AEAD_TLS_TYPE
- * iv : the initialization vector
- * auth_len: the length of the data to be authenticated only
- * len : length of data to be encrypted
- * auth_src: the data to be authenticated
- * src : the data to be encrypted
- * dst : space to hold encrypted data (preferably in-place). It must have
- * at least a size of len + tag_size + blocksize.
- * tag_size: the size of the desired authentication tag or zero to use
- * the default mac output.
- *
- * Note that the padding used is the minimum padding.
- */
-
-/* In SRTP mode the following are required:
- * flags : COP_FLAG_AEAD_SRTP_TYPE
- * iv : the initialization vector
- * auth_len: the length of the data to be authenticated. This must
- * include the SRTP header + SRTP payload (data to be encrypted) + rest
- *
- * len : length of data to be encrypted
- * auth_src: pointer the data to be authenticated. Should point at the same buffer as src.
- * src : pointer to the data to be encrypted.
- * dst : This is mandatory to be the same as src (in-place only).
- * tag_size: the size of the desired authentication tag or zero to use
- * the default mac output.
- * tag : Pointer to an address where the authentication tag will be copied.
- */
-
-
-/* struct crypt_op flags */
-
-#define COP_FLAG_NONE (0 << 0) /* totally no flag */
-#define COP_FLAG_UPDATE (1 << 0) /* multi-update hash mode */
-#define COP_FLAG_FINAL (1 << 1) /* multi-update final hash mode */
-#define COP_FLAG_WRITE_IV (1 << 2) /* update the IV during operation */
-#define COP_FLAG_NO_ZC (1 << 3) /* do not zero-copy */
-#define COP_FLAG_AEAD_TLS_TYPE (1 << 4) /* authenticate and encrypt using the
- * TLS protocol rules */
-#define COP_FLAG_AEAD_SRTP_TYPE (1 << 5) /* authenticate and encrypt using the
- * SRTP protocol rules */
-#define COP_FLAG_RESET (1 << 6) /* multi-update reset the state.
- * should be used in combination
- * with COP_FLAG_UPDATE */
-
-
-/* Stuff for bignum arithmetic and public key
- * cryptography - not supported yet by linux
- * cryptodev.
- */
-
-#define CRYPTO_ALG_FLAG_SUPPORTED 1
-#define CRYPTO_ALG_FLAG_RNG_ENABLE 2
-#define CRYPTO_ALG_FLAG_DSA_SHA 4
-
-struct crparam {
- __u8 *crp_p;
- __u32 crp_nbits;
-};
-
-#define CRK_MAXPARAM 8
-
-/* input of CIOCKEY */
-struct crypt_kop {
- __u32 crk_op; /* cryptodev_crk_ot_t */
- __u32 crk_status;
- __u16 crk_iparams;
- __u16 crk_oparams;
- __u32 crk_pad1;
- struct crparam crk_param[CRK_MAXPARAM];
-};
-
-enum cryptodev_crk_op_t {
- CRK_MOD_EXP = 0,
- CRK_MOD_EXP_CRT = 1,
- CRK_DSA_SIGN = 2,
- CRK_DSA_VERIFY = 3,
- CRK_DH_COMPUTE_KEY = 4,
- CRK_ALGORITHM_ALL
-};
-
-#define CRK_ALGORITHM_MAX (CRK_ALGORITHM_ALL-1)
-
-/* features to be queried with CIOCASYMFEAT ioctl
- */
-#define CRF_MOD_EXP (1 << CRK_MOD_EXP)
-#define CRF_MOD_EXP_CRT (1 << CRK_MOD_EXP_CRT)
-#define CRF_DSA_SIGN (1 << CRK_DSA_SIGN)
-#define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY)
-#define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY)
-
-
-/* ioctl's. Compatible with old linux cryptodev.h
- */
-#define CRIOGET _IOWR('c', 101, __u32)
-#define CIOCGSESSION _IOWR('c', 102, struct session_op)
-#define CIOCFSESSION _IOW('c', 103, __u32)
-#define CIOCCRYPT _IOWR('c', 104, struct crypt_op)
-#define CIOCKEY _IOWR('c', 105, struct crypt_kop)
-#define CIOCASYMFEAT _IOR('c', 106, __u32)
-#define CIOCGSESSINFO _IOWR('c', 107, struct session_info_op)
-
-/* to indicate that CRIOGET is not required in linux
- */
-#define CRIOGET_NOT_NEEDED 1
-
-/* additional ioctls for asynchronous operation */
-#define CIOCASYNCCRYPT _IOW('c', 107, struct crypt_op)
-#define CIOCASYNCFETCH _IOR('c', 108, struct crypt_op)
-
-/* additional ioctls for AEAD */
-#define CIOCAUTHCRYPT _IOWR('c', 109, struct crypt_auth_op)
-
-#endif /* L_CRYPTODEV_H */
diff --git a/package/openssl/files/openssl-util.conffiles b/package/openssl/files/openssl-util.conffiles
deleted file mode 100644
index 6d068e66c..000000000
--- a/package/openssl/files/openssl-util.conffiles
+++ /dev/null
@@ -1 +0,0 @@
-/etc/ssl/openssl.cnf
diff --git a/package/openssl/patches/patch-Configure b/package/openssl/patches/patch-Configure
deleted file mode 100644
index ad729c58d..000000000
--- a/package/openssl/patches/patch-Configure
+++ /dev/null
@@ -1,11 +0,0 @@
---- openssl-1.0.2c.orig/Configure 2015-06-12 16:51:21.000000000 +0200
-+++ openssl-1.0.2c/Configure 2015-06-13 19:55:08.000000000 +0200
-@@ -365,7 +365,7 @@ my %table=(
- ####
- # *-generic* is endian-neutral target, but ./config is free to
- # throw in -D[BL]_ENDIAN, whichever appropriate...
--"linux-generic32","gcc:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-generic32","gcc:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux-ppc", "gcc:-DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
- #######################################################################
diff --git a/package/openssl/patches/patch-Makefile_org b/package/openssl/patches/patch-Makefile_org
deleted file mode 100644
index 46a14f304..000000000
--- a/package/openssl/patches/patch-Makefile_org
+++ /dev/null
@@ -1,20 +0,0 @@
---- openssl-1.0.2c.orig/Makefile.org 2015-06-12 16:51:21.000000000 +0200
-+++ openssl-1.0.2c/Makefile.org 2015-06-13 19:48:43.000000000 +0200
-@@ -136,7 +136,7 @@ FIPSCANLIB=
-
- BASEADDR=
-
--DIRS= crypto ssl engines apps test tools
-+DIRS= crypto ssl engines apps tools
- ENGDIRS= ccgost
- SHLIBDIRS= crypto ssl
-
-@@ -526,7 +526,7 @@ dist:
- dist_pem_h:
- (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
-
--install: all install_docs install_sw
-+install: all install_sw
-
- install_sw:
- @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
diff --git a/package/openssl/patches/patch-Makefile_shared b/package/openssl/patches/patch-Makefile_shared
deleted file mode 100644
index 76b1cf71a..000000000
--- a/package/openssl/patches/patch-Makefile_shared
+++ /dev/null
@@ -1,18 +0,0 @@
---- openssl-1.0.0a.orig/Makefile.shared 2009-10-16 01:44:11.000000000 +0200
-+++ openssl-1.0.0a/Makefile.shared 2010-07-09 16:19:54.623017943 +0200
-@@ -95,7 +95,6 @@ LINK_APP= \
- LDCMD="$${LDCMD:-$(CC)}"; LDFLAGS="$${LDFLAGS:-$(CFLAGS)}"; \
- LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
- LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
-- LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
- $${LDCMD} $${LDFLAGS} -o $${APPNAME:=$(APPNAME)} $(OBJECTS) $${LIBDEPS} )
-
- LINK_SO= \
-@@ -105,7 +104,6 @@ LINK_SO= \
- SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
- LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
- LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
-- LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
- $${SHAREDCMD} $${SHAREDFLAGS} \
- -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
- $$ALLSYMSFLAGS $$SHOBJECTS $$NOALLSYMSFLAGS $$LIBDEPS \
diff --git a/package/openssl/patches/patch-tools_c_rehash b/package/openssl/patches/patch-tools_c_rehash
deleted file mode 100644
index 16acf856d..000000000
--- a/package/openssl/patches/patch-tools_c_rehash
+++ /dev/null
@@ -1,13 +0,0 @@
---- openssl-1.0.2a.orig/tools/c_rehash 2015-03-19 14:31:17.000000000 +0100
-+++ openssl-1.0.2a/tools/c_rehash 2015-04-06 10:52:37.395255700 +0200
-@@ -3,8 +3,8 @@
- # Perl c_rehash script, scan all files in a directory
- # and add symbolic links to their hash values.
-
--my $dir = "/usr/local/ssl";
--my $prefix = "/usr/local/ssl";
-+my $dir = "/etc/ssl";
-+my $prefix = "/usr";
-
- my $openssl = $ENV{OPENSSL} || "openssl";
- my $pwd;
diff --git a/package/openssl/patches/patch-util_shlib_wrap_sh b/package/openssl/patches/patch-util_shlib_wrap_sh
deleted file mode 100644
index 1e8a30bf6..000000000
--- a/package/openssl/patches/patch-util_shlib_wrap_sh
+++ /dev/null
@@ -1,16 +0,0 @@
---- openssl-1.0.0a.orig/util/shlib_wrap.sh 2009-11-15 20:06:21.000000000 +0100
-+++ openssl-1.0.0a/util/shlib_wrap.sh 2010-07-09 16:19:21.211017427 +0200
-@@ -57,11 +57,10 @@ SunOS|IRIX*)
- eval $rld_var=\"${THERE}'${'$rld_var':+:$'$rld_var'}'\"; export $rld_var
- unset rld_var
- ;;
--*) LD_LIBRARY_PATH="${THERE}:$LD_LIBRARY_PATH" # Linux, ELF HP-UX
-- DYLD_LIBRARY_PATH="${THERE}:$DYLD_LIBRARY_PATH" # MacOS X
-+*) DYLD_LIBRARY_PATH="${THERE}:$DYLD_LIBRARY_PATH" # MacOS X
- SHLIB_PATH="${THERE}:$SHLIB_PATH" # legacy HP-UX
- LIBPATH="${THERE}:$LIBPATH" # AIX, OS/2
-- export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH
-+ export DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH
- # Even though $PATH is adjusted [for Windows sake], it doesn't
- # necessarily does the trick. Trouble is that with introduction
- # of SafeDllSearchMode in XP/2003 it's more appropriate to copy
diff --git a/package/openssl/src/crypto/engine/eng_cryptodev.c b/package/openssl/src/crypto/engine/eng_cryptodev.c
deleted file mode 100644
index 83ca94376..000000000
--- a/package/openssl/src/crypto/engine/eng_cryptodev.c
+++ /dev/null
@@ -1,1496 +0,0 @@
-/*
- * Copyright (c) 2002 Bob Beck <beck@openbsd.org>
- * Copyright (c) 2002 Theo de Raadt
- * Copyright (c) 2002 Markus Friedl
- * Copyright (c) 2012 Nikos Mavrogiannopoulos
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include <openssl/objects.h>
-#include <openssl/engine.h>
-#include <openssl/evp.h>
-#include <openssl/bn.h>
-
-#if (defined(__unix__) || defined(unix)) && !defined(USG) && \
- (defined(OpenBSD) || defined(__FreeBSD__))
-#include <sys/param.h>
-# if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041)
-# define HAVE_CRYPTODEV
-# endif
-# if (OpenBSD >= 200110)
-# define HAVE_SYSLOG_R
-# endif
-#endif
-
-#ifndef HAVE_CRYPTODEV
-
-void
-ENGINE_load_cryptodev(void)
-{
- /* This is a NOP on platforms without /dev/crypto */
- return;
-}
-
-#else
-
-#include <sys/types.h>
-#include <crypto/cryptodev.h>
-#include <crypto/dh/dh.h>
-#include <crypto/dsa/dsa.h>
-#include <crypto/err/err.h>
-#include <crypto/rsa/rsa.h>
-#include <sys/ioctl.h>
-#include <errno.h>
-#include <stdio.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <stdarg.h>
-#include <syslog.h>
-#include <errno.h>
-#include <string.h>
-
-struct dev_crypto_state {
- struct session_op d_sess;
- int d_fd;
-
-#ifdef USE_CRYPTODEV_DIGESTS
- unsigned char digest_res[64];
- char *mac_data;
- int mac_len;
-#endif
-};
-
-static u_int32_t cryptodev_asymfeat = 0;
-
-static int get_asym_dev_crypto(void);
-static int open_dev_crypto(void);
-static int get_dev_crypto(void);
-static int get_cryptodev_ciphers(const int **cnids);
-#ifdef USE_CRYPTODEV_DIGESTS
-static int get_cryptodev_digests(const int **cnids);
-#endif
-static int cryptodev_usable_ciphers(const int **nids);
-static int cryptodev_usable_digests(const int **nids);
-static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t inl);
-static int cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc);
-static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx);
-static int cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
- const int **nids, int nid);
-static int cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
- const int **nids, int nid);
-static int bn2crparam(const BIGNUM *a, struct crparam *crp);
-static int crparam2bn(struct crparam *crp, BIGNUM *a);
-static void zapparams(struct crypt_kop *kop);
-static int cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r,
- int slen, BIGNUM *s);
-
-static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I,
- RSA *rsa, BN_CTX *ctx);
-static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
-static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g,
- BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p,
- BN_CTX *ctx, BN_MONT_CTX *mont);
-static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst,
- int dlen, DSA *dsa);
-static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa);
-static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-static int cryptodev_dh_compute_key(unsigned char *key,
- const BIGNUM *pub_key, DH *dh);
-static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p,
- void (*f)(void));
-void ENGINE_load_cryptodev(void);
-
-static const ENGINE_CMD_DEFN cryptodev_defns[] = {
- { 0, NULL, NULL, 0 }
-};
-
-static struct {
- int id;
- int nid;
- int ivmax;
- int keylen;
-} ciphers[] = {
- { CRYPTO_ARC4, NID_rc4, 0, 16, },
- { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, },
- { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, },
- { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, },
- { CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24, },
- { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, },
- { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, },
- { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, },
- { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, },
- { 0, NID_undef, 0, 0, },
-};
-
-#ifdef USE_CRYPTODEV_DIGESTS
-static struct {
- int id;
- int nid;
- int digestlen;
-} digests[] = {
-#if 0
- /* HMAC is not supported */
- { CRYPTO_MD5_HMAC, NID_hmacWithMD5, 16},
- { CRYPTO_SHA1_HMAC, NID_hmacWithSHA1, 20},
- { CRYPTO_SHA2_256_HMAC, NID_hmacWithSHA256, 32},
- { CRYPTO_SHA2_384_HMAC, NID_hmacWithSHA384, 48},
- { CRYPTO_SHA2_512_HMAC, NID_hmacWithSHA512, 64},
-#endif
- { CRYPTO_MD5, NID_md5, 16},
- { CRYPTO_SHA1, NID_sha1, 20},
- { CRYPTO_SHA2_256, NID_sha256, 32},
- { CRYPTO_SHA2_384, NID_sha384, 48},
- { CRYPTO_SHA2_512, NID_sha512, 64},
- { 0, NID_undef, 0},
-};
-#endif
-
-/*
- * Return a fd if /dev/crypto seems usable, 0 otherwise.
- */
-static int
-open_dev_crypto(void)
-{
- static int fd = -1;
-
- if (fd == -1) {
- if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1)
- return (-1);
- /* close on exec */
- if (fcntl(fd, F_SETFD, FD_CLOEXEC) == -1) {
- close(fd);
- fd = -1;
- return (-1);
- }
- }
- return (fd);
-}
-
-static int
-get_dev_crypto(void)
-{
- int fd, retfd;
-
- if ((fd = open_dev_crypto()) == -1)
- return (-1);
-#ifndef CRIOGET_NOT_NEEDED
- if (ioctl(fd, CRIOGET, &retfd) == -1)
- return (-1);
-
- /* close on exec */
- if (fcntl(retfd, F_SETFD, 1) == -1) {
- close(retfd);
- return (-1);
- }
-#else
- retfd = fd;
-#endif
- return (retfd);
-}
-
-static void put_dev_crypto(int fd)
-{
-#ifndef CRIOGET_NOT_NEEDED
- close(fd);
-#endif
-}
-
-/* Caching version for asym operations */
-static int
-get_asym_dev_crypto(void)
-{
- static int fd = -1;
-
- if (fd == -1)
- fd = get_dev_crypto();
- return fd;
-}
-
-/*
- * Find out what ciphers /dev/crypto will let us have a session for.
- * XXX note, that some of these openssl doesn't deal with yet!
- * returning them here is harmless, as long as we return NULL
- * when asked for a handler in the cryptodev_engine_ciphers routine
- */
-static int
-get_cryptodev_ciphers(const int **cnids)
-{
- static int nids[CRYPTO_ALGORITHM_MAX];
- struct session_op sess;
- int fd, i, count = 0;
- unsigned char fake_key[EVP_MAX_KEY_LENGTH];
-
- if ((fd = get_dev_crypto()) < 0) {
- *cnids = NULL;
- return (0);
- }
- memset(&sess, 0, sizeof(sess));
- sess.key = (void*)fake_key;
-
- for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
- if (ciphers[i].nid == NID_undef)
- continue;
- sess.cipher = ciphers[i].id;
- sess.keylen = ciphers[i].keylen;
- sess.mac = 0;
- if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
- ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
- nids[count++] = ciphers[i].nid;
- }
- put_dev_crypto(fd);
-
- if (count > 0)
- *cnids = nids;
- else
- *cnids = NULL;
- return (count);
-}
-
-#ifdef USE_CRYPTODEV_DIGESTS
-/*
- * Find out what digests /dev/crypto will let us have a session for.
- * XXX note, that some of these openssl doesn't deal with yet!
- * returning them here is harmless, as long as we return NULL
- * when asked for a handler in the cryptodev_engine_digests routine
- */
-static int
-get_cryptodev_digests(const int **cnids)
-{
- static int nids[CRYPTO_ALGORITHM_MAX];
- unsigned char fake_key[EVP_MAX_KEY_LENGTH];
- struct session_op sess;
- int fd, i, count = 0;
-
- if ((fd = get_dev_crypto()) < 0) {
- *cnids = NULL;
- return (0);
- }
- memset(&sess, 0, sizeof(sess));
- sess.mackey = fake_key;
- for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
- if (digests[i].nid == NID_undef)
- continue;
- sess.mac = digests[i].id;
- sess.mackeylen = 8;
- sess.cipher = 0;
- if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
- ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
- nids[count++] = digests[i].nid;
- }
- put_dev_crypto(fd);
-
- if (count > 0)
- *cnids = nids;
- else
- *cnids = NULL;
- return (count);
-}
-#endif /* 0 */
-
-/*
- * Find the useable ciphers|digests from dev/crypto - this is the first
- * thing called by the engine init crud which determines what it
- * can use for ciphers from this engine. We want to return
- * only what we can do, anythine else is handled by software.
- *
- * If we can't initialize the device to do anything useful for
- * any reason, we want to return a NULL array, and 0 length,
- * which forces everything to be done is software. By putting
- * the initalization of the device in here, we ensure we can
- * use this engine as the default, and if for whatever reason
- * /dev/crypto won't do what we want it will just be done in
- * software
- *
- * This can (should) be greatly expanded to perhaps take into
- * account speed of the device, and what we want to do.
- * (although the disabling of particular alg's could be controlled
- * by the device driver with sysctl's.) - this is where we
- * want most of the decisions made about what we actually want
- * to use from /dev/crypto.
- */
-static int
-cryptodev_usable_ciphers(const int **nids)
-{
- return (get_cryptodev_ciphers(nids));
-}
-
-static int
-cryptodev_usable_digests(const int **nids)
-{
-#ifdef USE_CRYPTODEV_DIGESTS
- return (get_cryptodev_digests(nids));
-#else
- /*
- * XXXX just disable all digests for now, because it sucks.
- * we need a better way to decide this - i.e. I may not
- * want digests on slow cards like hifn on fast machines,
- * but might want them on slow or loaded machines, etc.
- * will also want them when using crypto cards that don't
- * suck moose gonads - would be nice to be able to decide something
- * as reasonable default without having hackery that's card dependent.
- * of course, the default should probably be just do everything,
- * with perhaps a sysctl to turn algoritms off (or have them off
- * by default) on cards that generally suck like the hifn.
- */
- *nids = NULL;
- return (0);
-#endif
-}
-
-static int
-cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t inl)
-{
- struct crypt_op cryp;
- struct dev_crypto_state *state = ctx->cipher_data;
- struct session_op *sess = &state->d_sess;
- const void *iiv;
- unsigned char save_iv[EVP_MAX_IV_LENGTH];
-
- if (state->d_fd < 0)
- return (0);
- if (!inl)
- return (1);
- if ((inl % ctx->cipher->block_size) != 0)
- return (0);
-
- memset(&cryp, 0, sizeof(cryp));
-
- cryp.ses = sess->ses;
- cryp.flags = 0;
- cryp.len = inl;
- cryp.src = (void*) in;
- cryp.dst = (void*) out;
- cryp.mac = 0;
-
- cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
-
- if (ctx->cipher->iv_len) {
- cryp.iv = (void*) ctx->iv;
- if (!ctx->encrypt) {
- iiv = in + inl - ctx->cipher->iv_len;
- memcpy(save_iv, iiv, ctx->cipher->iv_len);
- }
- } else
- cryp.iv = NULL;
-
- if (ioctl(state->d_fd, CIOCCRYPT, &cryp) == -1) {
- /* XXX need better errror handling
- * this can fail for a number of different reasons.
- */
- return (0);
- }
-
- if (ctx->cipher->iv_len) {
- if (ctx->encrypt)
- iiv = out + inl - ctx->cipher->iv_len;
- else
- iiv = save_iv;
- memcpy(ctx->iv, iiv, ctx->cipher->iv_len);
- }
- return (1);
-}
-
-static int
-cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
-{
- struct dev_crypto_state *state = ctx->cipher_data;
- struct session_op *sess = &state->d_sess;
- int cipher = -1, i;
-
- for (i = 0; ciphers[i].id; i++)
- if (ctx->cipher->nid == ciphers[i].nid &&
- ctx->cipher->iv_len <= ciphers[i].ivmax &&
- ctx->key_len == ciphers[i].keylen) {
- cipher = ciphers[i].id;
- break;
- }
-
- if (!ciphers[i].id) {
- state->d_fd = -1;
- return (0);
- }
-
- memset(sess, 0, sizeof(struct session_op));
-
- if ((state->d_fd = get_dev_crypto()) < 0)
- return (0);
-
- sess->key = (void*)key;
- sess->keylen = ctx->key_len;
- sess->cipher = cipher;
-
- if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {
- put_dev_crypto(state->d_fd);
- state->d_fd = -1;
- return (0);
- }
- return (1);
-}
-
-/*
- * free anything we allocated earlier when initting a
- * session, and close the session.
- */
-static int
-cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
-{
- int ret = 0;
- struct dev_crypto_state *state = ctx->cipher_data;
- struct session_op *sess = &state->d_sess;
-
- if (state->d_fd < 0)
- return (0);
-
- /* XXX if this ioctl fails, someting's wrong. the invoker
- * may have called us with a bogus ctx, or we could
- * have a device that for whatever reason just doesn't
- * want to play ball - it's not clear what's right
- * here - should this be an error? should it just
- * increase a counter, hmm. For right now, we return
- * 0 - I don't believe that to be "right". we could
- * call the gorpy openssl lib error handlers that
- * print messages to users of the library. hmm..
- */
-
- if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) == -1) {
- ret = 0;
- } else {
- ret = 1;
- }
- put_dev_crypto(state->d_fd);
- state->d_fd = -1;
-
- return (ret);
-}
-
-/*
- * libcrypto EVP stuff - this is how we get wired to EVP so the engine
- * gets called when libcrypto requests a cipher NID.
- */
-
-/* RC4 */
-const EVP_CIPHER cryptodev_rc4 = {
- NID_rc4,
- 1, 16, 0,
- EVP_CIPH_VARIABLE_LENGTH,
- cryptodev_init_key,
- cryptodev_cipher,
- cryptodev_cleanup,
- sizeof(struct dev_crypto_state),
- NULL,
- NULL,
- NULL
-};
-
-/* DES CBC EVP */
-const EVP_CIPHER cryptodev_des_cbc = {
- NID_des_cbc,
- 8, 8, 8,
- EVP_CIPH_CBC_MODE,
- cryptodev_init_key,
- cryptodev_cipher,
- cryptodev_cleanup,
- sizeof(struct dev_crypto_state),
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL
-};
-
-/* 3DES CBC EVP */
-const EVP_CIPHER cryptodev_3des_cbc = {
- NID_des_ede3_cbc,
- 8, 24, 8,
- EVP_CIPH_CBC_MODE,
- cryptodev_init_key,
- cryptodev_cipher,
- cryptodev_cleanup,
- sizeof(struct dev_crypto_state),
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL
-};
-
-const EVP_CIPHER cryptodev_bf_cbc = {
- NID_bf_cbc,
- 8, 16, 8,
- EVP_CIPH_CBC_MODE,
- cryptodev_init_key,
- cryptodev_cipher,
- cryptodev_cleanup,
- sizeof(struct dev_crypto_state),
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL
-};
-
-const EVP_CIPHER cryptodev_cast_cbc = {
- NID_cast5_cbc,
- 8, 16, 8,
- EVP_CIPH_CBC_MODE,
- cryptodev_init_key,
- cryptodev_cipher,
- cryptodev_cleanup,
- sizeof(struct dev_crypto_state),
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL
-};
-
-const EVP_CIPHER cryptodev_aes_cbc = {
- NID_aes_128_cbc,
- 16, 16, 16,
- EVP_CIPH_CBC_MODE,
- cryptodev_init_key,
- cryptodev_cipher,
- cryptodev_cleanup,
- sizeof(struct dev_crypto_state),
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL
-};
-
-const EVP_CIPHER cryptodev_aes_192_cbc = {
- NID_aes_192_cbc,
- 16, 24, 16,
- EVP_CIPH_CBC_MODE,
- cryptodev_init_key,
- cryptodev_cipher,
- cryptodev_cleanup,
- sizeof(struct dev_crypto_state),
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL
-};
-
-const EVP_CIPHER cryptodev_aes_256_cbc = {
- NID_aes_256_cbc,
- 16, 32, 16,
- EVP_CIPH_CBC_MODE,
- cryptodev_init_key,
- cryptodev_cipher,
- cryptodev_cleanup,
- sizeof(struct dev_crypto_state),
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL
-};
-
-/*
- * Registered by the ENGINE when used to find out how to deal with
- * a particular NID in the ENGINE. this says what we'll do at the
- * top level - note, that list is restricted by what we answer with
- */
-static int
-cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
- const int **nids, int nid)
-{
- if (!cipher)
- return (cryptodev_usable_ciphers(nids));
-
- switch (nid) {
- case NID_rc4:
- *cipher = &cryptodev_rc4;
- break;
- case NID_des_ede3_cbc:
- *cipher = &cryptodev_3des_cbc;
- break;
- case NID_des_cbc:
- *cipher = &cryptodev_des_cbc;
- break;
- case NID_bf_cbc:
- *cipher = &cryptodev_bf_cbc;
- break;
- case NID_cast5_cbc:
- *cipher = &cryptodev_cast_cbc;
- break;
- case NID_aes_128_cbc:
- *cipher = &cryptodev_aes_cbc;
- break;
- case NID_aes_192_cbc:
- *cipher = &cryptodev_aes_192_cbc;
- break;
- case NID_aes_256_cbc:
- *cipher = &cryptodev_aes_256_cbc;
- break;
- default:
- *cipher = NULL;
- break;
- }
- return (*cipher != NULL);
-}
-
-
-#ifdef USE_CRYPTODEV_DIGESTS
-
-/* convert digest type to cryptodev */
-static int
-digest_nid_to_cryptodev(int nid)
-{
- int i;
-
- for (i = 0; digests[i].id; i++)
- if (digests[i].nid == nid)
- return (digests[i].id);
- return (0);
-}
-
-
-static int cryptodev_digest_init(EVP_MD_CTX *ctx)
-{
- struct dev_crypto_state *state = ctx->md_data;
- struct session_op *sess = &state->d_sess;
- int digest;
-
- if ((digest = digest_nid_to_cryptodev(ctx->digest->type)) == NID_undef){
- printf("cryptodev_digest_init: Can't get digest \n");
- return (0);
- }
- memset(state, 0, sizeof(struct dev_crypto_state));
-
- if ((state->d_fd = get_dev_crypto()) < 0) {
- printf("cryptodev_digest_init: Can't get Dev \n");
- return (0);
- }
-
- sess->mackey = NULL;
- sess->mackeylen = 0;
- sess->mac = digest;
-
- if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) {
- put_dev_crypto(state->d_fd);
- state->d_fd = -1;
- printf("cryptodev_digest_init: Open session failed\n");
- return (0);
- }
-
- return (1);
-}
-
-static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
- size_t count)
-{
- struct dev_crypto_state *state = ctx->md_data;
- struct crypt_op cryp;
- struct session_op *sess = &state->d_sess;
-
- if (!data || state->d_fd < 0) {
- printf("cryptodev_digest_update: illegal inputs \n");
- return (0);
- }
-
- if (!count) {
- return (1);
- }
-
- if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) {
- /* if application doesn't support one buffer */
- state->mac_data = OPENSSL_realloc(state->mac_data, state->mac_len + count);
-
- if (!state->mac_data) {
- printf("cryptodev_digest_update: realloc failed\n");
- return (0);
- }
-
- memcpy(state->mac_data + state->mac_len, data, count);
- state->mac_len += count;
-
- return (1);
- }
-
- memset(&cryp, 0, sizeof(cryp));
-
- cryp.ses = sess->ses;
- cryp.flags = 0;
- cryp.len = count;
- cryp.src = (void*) data;
- cryp.dst = NULL;
- cryp.mac = (void*) state->digest_res;
- if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
- printf("cryptodev_digest_update: digest failed\n");
- return (0);
- }
- return (1);
-}
-
-
-static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
-{
- struct crypt_op cryp;
- struct dev_crypto_state *state = ctx->md_data;
- struct session_op *sess = &state->d_sess;
-
- if (!md || state->d_fd < 0) {
- printf("cryptodev_digest_final: illegal input\n");
- return(0);
- }
-
- if (! (ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) ) {
- /* if application doesn't support one buffer */
- memset(&cryp, 0, sizeof(cryp));
- cryp.ses = sess->ses;
- cryp.flags = 0;
- cryp.len = state->mac_len;
- cryp.src = state->mac_data;
- cryp.dst = NULL;
- cryp.mac = (void*)md;
- if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
- printf("cryptodev_digest_final: digest failed\n");
- return (0);
- }
-
- return 1;
- }
-
- memcpy(md, state->digest_res, ctx->digest->md_size);
-
- return 1;
-}
-
-
-static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx)
-{
- int ret = 1;
- struct dev_crypto_state *state = ctx->md_data;
- struct session_op *sess = &state->d_sess;
-
- if (state == NULL)
- return 0;
-
- if (state->d_fd < 0) {
- printf("cryptodev_digest_cleanup: illegal input\n");
- return (0);
- }
-
- if (state->mac_data) {
- OPENSSL_free(state->mac_data);
- state->mac_data = NULL;
- state->mac_len = 0;
- }
-
- if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) < 0) {
- printf("cryptodev_digest_cleanup: failed to close session\n");
- ret = 0;
- } else {
- ret = 1;
- }
- put_dev_crypto(state->d_fd);
- state->d_fd = -1;
-
- return (ret);
-}
-
-static int cryptodev_digest_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from)
-{
- struct dev_crypto_state *fstate = from->md_data;
- struct dev_crypto_state *dstate = to->md_data;
- struct session_op *sess;
- int digest;
-
- if (dstate == NULL || fstate == NULL)
- return 1;
-
- memcpy(dstate, fstate, sizeof(struct dev_crypto_state));
-
- sess = &dstate->d_sess;
-
- digest = digest_nid_to_cryptodev(to->digest->type);
-
- sess->mackey = NULL;
- sess->mackeylen = 0;
- sess->mac = digest;
-
- dstate->d_fd = get_dev_crypto();
-
- if (ioctl(dstate->d_fd, CIOCGSESSION, sess) < 0) {
- put_dev_crypto(dstate->d_fd);
- dstate->d_fd = -1;
- printf("cryptodev_digest_init: Open session failed\n");
- return (0);
- }
-
- if (fstate->mac_len != 0) {
- if (fstate->mac_data != NULL)
- {
- dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
- memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
- dstate->mac_len = fstate->mac_len;
- }
- }
-
- return 1;
-}
-
-
-static const EVP_MD cryptodev_sha1 = {
- NID_sha1,
- NID_sha1WithRSAEncryption,
- SHA_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_ONESHOT,
- cryptodev_digest_init,
- cryptodev_digest_update,
- cryptodev_digest_final,
- cryptodev_digest_copy,
- cryptodev_digest_cleanup,
- EVP_PKEY_RSA_method,
- SHA_CBLOCK,
- sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
-};
-
-static const EVP_MD cryptodev_sha256 = {
- NID_sha256,
- NID_sha256WithRSAEncryption,
- SHA256_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_ONESHOT,
- cryptodev_digest_init,
- cryptodev_digest_update,
- cryptodev_digest_final,
- cryptodev_digest_copy,
- cryptodev_digest_cleanup,
- EVP_PKEY_RSA_method,
- SHA256_CBLOCK,
- sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
-};
-
-static const EVP_MD cryptodev_sha384 = {
- NID_sha384,
- NID_sha384WithRSAEncryption,
- SHA384_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_ONESHOT,
- cryptodev_digest_init,
- cryptodev_digest_update,
- cryptodev_digest_final,
- cryptodev_digest_copy,
- cryptodev_digest_cleanup,
- EVP_PKEY_RSA_method,
- SHA512_CBLOCK,
- sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
-};
-
-static const EVP_MD cryptodev_sha512 = {
- NID_sha512,
- NID_sha512WithRSAEncryption,
- SHA512_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_ONESHOT,
- cryptodev_digest_init,
- cryptodev_digest_update,
- cryptodev_digest_final,
- cryptodev_digest_copy,
- cryptodev_digest_cleanup,
- EVP_PKEY_RSA_method,
- SHA512_CBLOCK,
- sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
-};
-
-static const EVP_MD cryptodev_md5 = {
- NID_md5,
- NID_md5WithRSAEncryption,
- 16 /* MD5_DIGEST_LENGTH */,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_ONESHOT,
- cryptodev_digest_init,
- cryptodev_digest_update,
- cryptodev_digest_final,
- cryptodev_digest_copy,
- cryptodev_digest_cleanup,
- EVP_PKEY_RSA_method,
- 64 /* MD5_CBLOCK */,
- sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
-};
-
-#endif /* USE_CRYPTODEV_DIGESTS */
-
-
-static int
-cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
- const int **nids, int nid)
-{
- if (!digest)
- return (cryptodev_usable_digests(nids));
-
- switch (nid) {
-#ifdef USE_CRYPTODEV_DIGESTS
- case NID_md5:
- *digest = &cryptodev_md5;
- break;
- case NID_sha1:
- *digest = &cryptodev_sha1;
- break;
- case NID_sha256:
- *digest = &cryptodev_sha256;
- break;
- case NID_sha384:
- *digest = &cryptodev_sha384;
- break;
- case NID_sha512:
- *digest = &cryptodev_sha512;
- break;
- default:
-#endif /* USE_CRYPTODEV_DIGESTS */
- *digest = NULL;
- break;
- }
- return (*digest != NULL);
-}
-
-/*
- * Convert a BIGNUM to the representation that /dev/crypto needs.
- * Upon completion of use, the caller is responsible for freeing
- * crp->crp_p.
- */
-static int
-bn2crparam(const BIGNUM *a, struct crparam *crp)
-{
- int i, j, k;
- ssize_t bytes, bits;
- u_char *b;
-
- crp->crp_p = NULL;
- crp->crp_nbits = 0;
-
- bits = BN_num_bits(a);
- bytes = (bits + 7) / 8;
-
- b = malloc(bytes);
- if (b == NULL)
- return (1);
- memset(b, 0, bytes);
-
- crp->crp_p = (void*) b;
- crp->crp_nbits = bits;
-
- for (i = 0, j = 0; i < a->top; i++) {
- for (k = 0; k < BN_BITS2 / 8; k++) {
- if ((j + k) >= bytes)
- return (0);
- b[j + k] = a->d[i] >> (k * 8);
- }
- j += BN_BITS2 / 8;
- }
- return (0);
-}
-
-/* Convert a /dev/crypto parameter to a BIGNUM */
-static int
-crparam2bn(struct crparam *crp, BIGNUM *a)
-{
- u_int8_t *pd;
- int i, bytes;
-
- bytes = (crp->crp_nbits + 7) / 8;
-
- if (bytes == 0)
- return (-1);
-
- if ((pd = (u_int8_t *) malloc(bytes)) == NULL)
- return (-1);
-
- for (i = 0; i < bytes; i++)
- pd[i] = crp->crp_p[bytes - i - 1];
-
- BN_bin2bn(pd, bytes, a);
- free(pd);
-
- return (0);
-}
-
-static void
-zapparams(struct crypt_kop *kop)
-{
- int i;
-
- for (i = 0; i < kop->crk_iparams + kop->crk_oparams; i++) {
- if (kop->crk_param[i].crp_p)
- free(kop->crk_param[i].crp_p);
- kop->crk_param[i].crp_p = NULL;
- kop->crk_param[i].crp_nbits = 0;
- }
-}
-
-static int
-cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s)
-{
- int fd, ret = -1;
-
- if ((fd = get_asym_dev_crypto()) < 0)
- return (ret);
-
- if (r) {
- kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char));
- kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8;
- kop->crk_oparams++;
- }
- if (s) {
- kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char));
- kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8;
- kop->crk_oparams++;
- }
-
- if (ioctl(fd, CIOCKEY, kop) == 0) {
- if (r)
- crparam2bn(&kop->crk_param[kop->crk_iparams], r);
- if (s)
- crparam2bn(&kop->crk_param[kop->crk_iparams+1], s);
- ret = 0;
- }
-
- return (ret);
-}
-
-static int
-cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
- struct crypt_kop kop;
- int ret = 1;
-
- /* Currently, we know we can do mod exp iff we can do any
- * asymmetric operations at all.
- */
- if (cryptodev_asymfeat == 0) {
- ret = BN_mod_exp(r, a, p, m, ctx);
- return (ret);
- }
-
- memset(&kop, 0, sizeof kop);
- kop.crk_op = CRK_MOD_EXP;
-
- /* inputs: a^p % m */
- if (bn2crparam(a, &kop.crk_param[0]))
- goto err;
- if (bn2crparam(p, &kop.crk_param[1]))
- goto err;
- if (bn2crparam(m, &kop.crk_param[2]))
- goto err;
- kop.crk_iparams = 3;
-
- if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL)) {
- const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
- printf("OCF asym process failed, Running in software\n");
- ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
-
- } else if (ECANCELED == kop.crk_status) {
- const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
- printf("OCF hardware operation cancelled. Running in Software\n");
- ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
- }
- /* else cryptodev operation worked ok ==> ret = 1*/
-
-err:
- zapparams(&kop);
- return (ret);
-}
-
-static int
-cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
-{
- int r;
- ctx = BN_CTX_new();
- r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL);
- BN_CTX_free(ctx);
- return (r);
-}
-
-static int
-cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
-{
- struct crypt_kop kop;
- int ret = 1;
-
- if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
- /* XXX 0 means failure?? */
- return (0);
- }
-
- memset(&kop, 0, sizeof kop);
- kop.crk_op = CRK_MOD_EXP_CRT;
- /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */
- if (bn2crparam(rsa->p, &kop.crk_param[0]))
- goto err;
- if (bn2crparam(rsa->q, &kop.crk_param[1]))
- goto err;
- if (bn2crparam(I, &kop.crk_param[2]))
- goto err;
- if (bn2crparam(rsa->dmp1, &kop.crk_param[3]))
- goto err;
- if (bn2crparam(rsa->dmq1, &kop.crk_param[4]))
- goto err;
- if (bn2crparam(rsa->iqmp, &kop.crk_param[5]))
- goto err;
- kop.crk_iparams = 6;
-
- if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL)) {
- const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
- printf("OCF asym process failed, running in Software\n");
- ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx);
-
- } else if (ECANCELED == kop.crk_status) {
- const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
- printf("OCF hardware operation cancelled. Running in Software\n");
- ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx);
- }
- /* else cryptodev operation worked ok ==> ret = 1*/
-
-err:
- zapparams(&kop);
- return (ret);
-}
-
-static RSA_METHOD cryptodev_rsa = {
- "cryptodev RSA method",
- NULL, /* rsa_pub_enc */
- NULL, /* rsa_pub_dec */
- NULL, /* rsa_priv_enc */
- NULL, /* rsa_priv_dec */
- NULL,
- NULL,
- NULL, /* init */
- NULL, /* finish */
- 0, /* flags */
- NULL, /* app_data */
- NULL, /* rsa_sign */
- NULL /* rsa_verify */
-};
-
-static int
-cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
- return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx));
-}
-
-static int
-cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g,
- BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p,
- BN_CTX *ctx, BN_MONT_CTX *mont)
-{
- BIGNUM t2;
- int ret = 0;
-
- BN_init(&t2);
-
- /* v = ( g^u1 * y^u2 mod p ) mod q */
- /* let t1 = g ^ u1 mod p */
- ret = 0;
-
- if (!dsa->meth->bn_mod_exp(dsa,t1,dsa->g,u1,dsa->p,ctx,mont))
- goto err;
-
- /* let t2 = y ^ u2 mod p */
- if (!dsa->meth->bn_mod_exp(dsa,&t2,dsa->pub_key,u2,dsa->p,ctx,mont))
- goto err;
- /* let u1 = t1 * t2 mod p */
- if (!BN_mod_mul(u1,t1,&t2,dsa->p,ctx))
- goto err;
-
- BN_copy(t1,u1);
-
- ret = 1;
-err:
- BN_free(&t2);
- return(ret);
-}
-
-static DSA_SIG *
-cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-{
- struct crypt_kop kop;
- BIGNUM *r = NULL, *s = NULL;
- DSA_SIG *dsaret = NULL;
-
- if ((r = BN_new()) == NULL)
- goto err;
- if ((s = BN_new()) == NULL) {
- BN_free(r);
- goto err;
- }
-
- memset(&kop, 0, sizeof kop);
- kop.crk_op = CRK_DSA_SIGN;
-
- /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
- kop.crk_param[0].crp_p = (void*)dgst;
- kop.crk_param[0].crp_nbits = dlen * 8;
- if (bn2crparam(dsa->p, &kop.crk_param[1]))
- goto err;
- if (bn2crparam(dsa->q, &kop.crk_param[2]))
- goto err;
- if (bn2crparam(dsa->g, &kop.crk_param[3]))
- goto err;
- if (bn2crparam(dsa->priv_key, &kop.crk_param[4]))
- goto err;
- kop.crk_iparams = 5;
-
- if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r,
- BN_num_bytes(dsa->q), s) == 0) {
- dsaret = DSA_SIG_new();
- dsaret->r = r;
- dsaret->s = s;
- } else {
- const DSA_METHOD *meth = DSA_OpenSSL();
- BN_free(r);
- BN_free(s);
- dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa);
- }
-err:
- kop.crk_param[0].crp_p = NULL;
- zapparams(&kop);
- return (dsaret);
-}
-
-static int
-cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
- DSA_SIG *sig, DSA *dsa)
-{
- struct crypt_kop kop;
- int dsaret = 1;
-
- memset(&kop, 0, sizeof kop);
- kop.crk_op = CRK_DSA_VERIFY;
-
- /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
- kop.crk_param[0].crp_p = (void*)dgst;
- kop.crk_param[0].crp_nbits = dlen * 8;
- if (bn2crparam(dsa->p, &kop.crk_param[1]))
- goto err;
- if (bn2crparam(dsa->q, &kop.crk_param[2]))
- goto err;
- if (bn2crparam(dsa->g, &kop.crk_param[3]))
- goto err;
- if (bn2crparam(dsa->pub_key, &kop.crk_param[4]))
- goto err;
- if (bn2crparam(sig->r, &kop.crk_param[5]))
- goto err;
- if (bn2crparam(sig->s, &kop.crk_param[6]))
- goto err;
- kop.crk_iparams = 7;
-
- if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) {
-/*OCF success value is 0, if not zero, change dsaret to fail*/
- if(0 != kop.crk_status) dsaret = 0;
- } else {
- const DSA_METHOD *meth = DSA_OpenSSL();
-
- dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa);
- }
-err:
- kop.crk_param[0].crp_p = NULL;
- zapparams(&kop);
- return (dsaret);
-}
-
-static DSA_METHOD cryptodev_dsa = {
- "cryptodev DSA method",
- NULL,
- NULL, /* dsa_sign_setup */
- NULL,
- NULL, /* dsa_mod_exp */
- NULL,
- NULL, /* init */
- NULL, /* finish */
- 0, /* flags */
- NULL /* app_data */
-};
-
-static int
-cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx));
-}
-
-static int
-cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
-{
- struct crypt_kop kop;
- int dhret = 1;
- int fd, keylen;
-
- if ((fd = get_asym_dev_crypto()) < 0) {
- const DH_METHOD *meth = DH_OpenSSL();
-
- return ((meth->compute_key)(key, pub_key, dh));
- }
-
- keylen = BN_num_bits(dh->p);
-
- memset(&kop, 0, sizeof kop);
- kop.crk_op = CRK_DH_COMPUTE_KEY;
-
- /* inputs: dh->priv_key pub_key dh->p key */
- if (bn2crparam(dh->priv_key, &kop.crk_param[0]))
- goto err;
- if (bn2crparam(pub_key, &kop.crk_param[1]))
- goto err;
- if (bn2crparam(dh->p, &kop.crk_param[2]))
- goto err;
- kop.crk_iparams = 3;
-
- kop.crk_param[3].crp_p = (void*) key;
- kop.crk_param[3].crp_nbits = keylen * 8;
- kop.crk_oparams = 1;
-
- if (ioctl(fd, CIOCKEY, &kop) == -1) {
- const DH_METHOD *meth = DH_OpenSSL();
-
- dhret = (meth->compute_key)(key, pub_key, dh);
- }
-err:
- kop.crk_param[3].crp_p = NULL;
- zapparams(&kop);
- return (dhret);
-}
-
-static DH_METHOD cryptodev_dh = {
- "cryptodev DH method",
- NULL, /* cryptodev_dh_generate_key */
- NULL,
- NULL,
- NULL,
- NULL,
- 0, /* flags */
- NULL /* app_data */
-};
-
-/*
- * ctrl right now is just a wrapper that doesn't do much
- * but I expect we'll want some options soon.
- */
-static int
-cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
-{
-#ifdef HAVE_SYSLOG_R
- struct syslog_data sd = SYSLOG_DATA_INIT;
-#endif
-
- switch (cmd) {
- default:
-#ifdef HAVE_SYSLOG_R
- syslog_r(LOG_ERR, &sd,
- "cryptodev_ctrl: unknown command %d", cmd);
-#else
- syslog(LOG_ERR, "cryptodev_ctrl: unknown command %d", cmd);
-#endif
- break;
- }
- return (1);
-}
-
-void
-ENGINE_load_cryptodev(void)
-{
- ENGINE *engine = ENGINE_new();
- int fd;
-
- if (engine == NULL)
- return;
- if ((fd = get_dev_crypto()) < 0) {
- ENGINE_free(engine);
- return;
- }
-
- /*
- * find out what asymmetric crypto algorithms we support
- */
- if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {
- put_dev_crypto(fd);
- ENGINE_free(engine);
- return;
- }
- put_dev_crypto(fd);
-
- if (!ENGINE_set_id(engine, "cryptodev") ||
- !ENGINE_set_name(engine, "cryptodev engine") ||
- !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||
- !ENGINE_set_digests(engine, cryptodev_engine_digests) ||
- !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) ||
- !ENGINE_set_cmd_defns(engine, cryptodev_defns)) {
- ENGINE_free(engine);
- return;
- }
-
- if (ENGINE_set_RSA(engine, &cryptodev_rsa)) {
- const RSA_METHOD *rsa_meth = RSA_PKCS1_SSLeay();
-
- cryptodev_rsa.bn_mod_exp = rsa_meth->bn_mod_exp;
- cryptodev_rsa.rsa_mod_exp = rsa_meth->rsa_mod_exp;
- cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc;
- cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec;
- cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_enc;
- cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec;
- if (cryptodev_asymfeat & CRF_MOD_EXP) {
- cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp;
- if (cryptodev_asymfeat & CRF_MOD_EXP_CRT)
- cryptodev_rsa.rsa_mod_exp =
- cryptodev_rsa_mod_exp;
- else
- cryptodev_rsa.rsa_mod_exp =
- cryptodev_rsa_nocrt_mod_exp;
- }
- }
-
- if (ENGINE_set_DSA(engine, &cryptodev_dsa)) {
- const DSA_METHOD *meth = DSA_OpenSSL();
-
- memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD));
- if (cryptodev_asymfeat & CRF_DSA_SIGN)
- cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign;
- if (cryptodev_asymfeat & CRF_MOD_EXP) {
- cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp;
- cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp;
- }
- if (cryptodev_asymfeat & CRF_DSA_VERIFY)
- cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify;
- }
-
- if (ENGINE_set_DH(engine, &cryptodev_dh)){
- const DH_METHOD *dh_meth = DH_OpenSSL();
-
- cryptodev_dh.generate_key = dh_meth->generate_key;
- cryptodev_dh.compute_key = dh_meth->compute_key;
- cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp;
- if (cryptodev_asymfeat & CRF_MOD_EXP) {
- cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh;
- if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY)
- cryptodev_dh.compute_key =
- cryptodev_dh_compute_key;
- }
- }
-
- ENGINE_add(engine);
- ENGINE_free(engine);
- ERR_clear_error();
-}
-
-#endif /* HAVE_CRYPTODEV */
diff --git a/package/openvpn/Makefile b/package/openvpn/Makefile
index efa5a82b3..08c73a831 100644
--- a/package/openvpn/Makefile
+++ b/package/openvpn/Makefile
@@ -8,19 +8,13 @@ PKG_VERSION:= 2.3.11
PKG_RELEASE:= 1
PKG_HASH:= 0f5f1ca1dc5743fa166d93dd4ec952f014b5f33bafd88f0ea34b455cae1434a7
PKG_DESCR:= vpn solution using ssl/tls
+PKG_DEPENDS:= libressl
+PKG_BUILDDEP:= libressl
PKG_KDEPENDS:= tun
PKG_SECTION:= net/security
PKG_URL:= http://openvpn.net/
PKG_SITES:= http://swupdate.openvpn.org/community/releases/
-PKG_CHOICES_OPENVPN:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
PKG_FLAVOURS_OPENVPN:= WITH_LZO WITH_MANAGEMENT WITH_HTTPPROXY WITH_SOCKS WITH_SMALL
PKGFD_WITH_LZO:= enable lzo compression support
PKGFS_WITH_LZO:= liblzo
diff --git a/package/raddump/Makefile b/package/raddump/Makefile
index 3f83b3d2b..658486c2d 100755
--- a/package/raddump/Makefile
+++ b/package/raddump/Makefile
@@ -9,21 +9,13 @@ PKG_RELEASE:= 1
PKG_HASH:= f2d5c80164a5064d25e112f3ead9952d86200b022da584bddbc4afea948cb970
PKG_DESCR:= interprets captured radius packets
PKG_SECTION:= net/radius
-PKG_DEPENDS:= libpcap
-PKG_BUILDDEP:= libpcap
+PKG_DEPENDS:= libpcap libressl
+PKG_BUILDDEP:= libpcap libressl
PKG_URL:= http://sourceforge.net/projects/raddump
PKG_SITES:= ${MASTER_SITE_SOURCEFORGE:=raddump/}
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-PKG_CHOICES_RADDUMP:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
include ${ADK_TOPDIR}/mk/package.mk
$(eval $(call PKG_template,RADDUMP,raddump,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
diff --git a/package/rdesktop/Makefile b/package/rdesktop/Makefile
index af81be343..98ccc84ca 100644
--- a/package/rdesktop/Makefile
+++ b/package/rdesktop/Makefile
@@ -9,21 +9,13 @@ PKG_RELEASE:= 1
PKG_HASH:= 76cc834b89c34d8332f3cb3889483b2ae4d4e8118eeb45a8967c77dd18228246
PKG_DESCR:= client for windows terminal services
PKG_SECTION:= x11/apps
-PKG_DEPENDS:= libsamplerate alsa-lib libao
-PKG_BUILDDEP:= libsamplerate alsa-lib libao
+PKG_DEPENDS:= libsamplerate alsa-lib libao libressl
+PKG_BUILDDEP:= libsamplerate alsa-lib libao libressl
PKG_URL:= http://www.rdesktop.org/
PKG_SITES:= ${MASTER_SITE_SOURCEFORGE:=rdesktop/}
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-PKG_CHOICES_RDESKTOP:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
include $(ADK_TOPDIR)/mk/package.mk
$(eval $(call PKG_template,RDESKTOP,rdesktop,$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
diff --git a/package/sipsak/Makefile b/package/sipsak/Makefile
index 7a0e50d53..1903793ed 100644
--- a/package/sipsak/Makefile
+++ b/package/sipsak/Makefile
@@ -14,14 +14,11 @@ PKG_SITES:= ${MASTER_SITE_SOURCEFORGE:=sipsak.berlios/}
DISTFILES:= $(PKG_NAME)-$(PKG_VERSION)-1.tar.gz
-PKG_CHOICES_SIPSAK:= WITHOUT_SSL WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITHOUT_SSL:= use no ssl
+PKG_CHOICES_SIPSAK:= WITH_LIBRESSL WITHOUT_SSL
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCB_WITH_LIBRESSL:= libressl
PKGCS_WITH_LIBRESSL:= libressl ca-certificates
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates
+PKGCD_WITHOUT_SSL:= use no ssl
include ${ADK_TOPDIR}/mk/package.mk
diff --git a/package/socat/Makefile b/package/socat/Makefile
index 678d90f48..7603debe4 100644
--- a/package/socat/Makefile
+++ b/package/socat/Makefile
@@ -15,14 +15,11 @@ PKG_SITES:= http://www.dest-unreach.org/socat/download/
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-PKG_CHOICES_SOCAT:= WITHOUT_SSL WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITHOUT_SSL:= use no ssl
+PKG_CHOICES_SOCAT:= WITH_LIBRESSL WITHOUT_SSL
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCB_WITH_LIBRESSL:= libressl
PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
+PKGCD_WITHOUT_SSL:= use no ssl
include ${ADK_TOPDIR}/mk/package.mk
@@ -36,9 +33,6 @@ CONFIGURE_ENV+= sc_cv_termios_ispeed=no \
CONFIGURE_ARGS+= --disable-libwrap \
--disable-readline
-ifeq (${ADK_PACKAGE_SOCAT_WITH_OPENSSL},y)
-CONFIGURE_ARGS+= --enable-openssl
-endif
ifeq (${ADK_PACKAGE_SOCAT_WITH_LIBRESSL},y)
CONFIGURE_ARGS+= --enable-openssl
endif
diff --git a/package/ssltunnel/Makefile b/package/ssltunnel/Makefile
deleted file mode 100644
index f23371ed8..000000000
--- a/package/ssltunnel/Makefile
+++ /dev/null
@@ -1,38 +0,0 @@
-# This file is part of the OpenADK project. OpenADK is copyrighted
-# material, please see the LICENCE file in the top-level directory.
-
-include ${ADK_TOPDIR}/rules.mk
-
-PKG_NAME:= ssltunnel
-PKG_VERSION:= 1.18
-PKG_RELEASE:= 1
-PKG_HASH:= 1d2e4bbc935341775e7cc26dae980d6bdd5e8351f5a0cbf4d85363ac5d71081f
-PKG_DESCR:= ppp over ssl vpn tool
-PKG_SECTION:= net/security
-PKG_DEPENDS:= ppp libopenssl
-PKG_BUILDDEP:= ppp openssl
-PKG_SITES:= http://www.hsc.fr/ressources/outils/ssltunnel/download/
-
-DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-
-PKG_LIBC_DEPENDS:= uclibc-ng glibc
-
-include ${ADK_TOPDIR}/mk/package.mk
-
-$(eval $(call PKG_template,SSLTUNNEL,ssltunnel,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
-
-CONFIGURE_ENV+= BUILD_CC="${TARGET_CC}"
-XAKE_FLAGS+= CCOPT="${TARGET_CFLAGS}" INCLS="-I. -I${STAGING_TARGET_DIR}/usr/include"
-
-ssltunnel-install:
- ${INSTALL_DIR} ${IDIR_SSLTUNNEL}/usr/bin
- ${INSTALL_DIR} ${IDIR_SSLTUNNEL}/usr/sbin
- ${INSTALL_DIR} ${IDIR_SSLTUNNEL}/usr/libexec
- ${INSTALL_BIN} ${WRKINST}/usr/bin/pppclient \
- ${IDIR_SSLTUNNEL}/usr/bin/
- ${INSTALL_BIN} ${WRKINST}/usr/sbin/pppwho \
- ${IDIR_SSLTUNNEL}/usr/sbin/
- ${INSTALL_BIN} ${WRKINST}/usr/libexec/pppserver \
- ${IDIR_SSLTUNNEL}/usr/libexec/
-
-include ${ADK_TOPDIR}/mk/pkg-bottom.mk
diff --git a/package/ssltunnel/patches/patch-client_ntlmauth_c b/package/ssltunnel/patches/patch-client_ntlmauth_c
deleted file mode 100644
index 8699ca947..000000000
--- a/package/ssltunnel/patches/patch-client_ntlmauth_c
+++ /dev/null
@@ -1,11 +0,0 @@
-$Id$
---- ssltunnel-1.15.orig/client/ntlmauth.c 2004-03-10 13:35:21.000000000 +0000
-+++ ssltunnel-1.15/client/ntlmauth.c 2007-08-13 21:25:22.000000000 +0000
-@@ -34,6 +34,7 @@
- #include <syslog.h>
- #include <iconv.h>
- #include <ctype.h>
-+#include <openssl/des.h>
-
- #ifndef INADDR_NONE
- #define INADDR_NONE 0xffffffff
diff --git a/package/strongswan/Makefile b/package/strongswan/Makefile
index 4cc1cd177..97d7bdb03 100644
--- a/package/strongswan/Makefile
+++ b/package/strongswan/Makefile
@@ -15,13 +15,10 @@ PKG_SITES:= http://download.strongswan.org/
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-PKG_CHOICES_STRONGSWAN:=WITH_LIBRESSL WITH_GNUTLS WITH_OPENSSL WITH_GMP
+PKG_CHOICES_STRONGSWAN:=WITH_LIBRESSL WITH_GNUTLS WITH_GMP
PKGCD_WITH_GMP:= use gmp for crypto
PKGCS_WITH_GMP:= libgmp
PKGCB_WITH_GMP:= gmp
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCS_WITH_OPENSSL:= libopenssl
-PKGCB_WITH_OPENSSL:= openssl
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCS_WITH_LIBRESSL:= libressl
PKGCB_WITH_LIBRESSL:= libressl
@@ -33,11 +30,6 @@ include $(ADK_TOPDIR)/mk/package.mk
$(eval $(call PKG_template,STRONGSWAN,strongswan,$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
-ifeq (${ADK_PACKAGE_STRONGSWAN_WITH_OPENSSL},y)
-CONFIGURE_ARGS+= --enable-openssl \
- --disable-gcrypt \
- --disable-gmp
-endif
ifeq (${ADK_PACKAGE_STRONGSWAN_WITH_LIBRESSL},y)
CONFIGURE_ARGS+= --enable-openssl \
--disable-gcrypt \
diff --git a/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_plugin_c b/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_plugin_c
new file mode 100644
index 000000000..401bd7a64
--- /dev/null
+++ b/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_plugin_c
@@ -0,0 +1,11 @@
+--- strongswan-5.5.0.orig/src/libstrongswan/plugins/openssl/openssl_plugin.c 2016-06-30 16:20:10.000000000 +0200
++++ strongswan-5.5.0/src/libstrongswan/plugins/openssl/openssl_plugin.c 2016-09-30 05:36:45.015692462 +0200
+@@ -573,7 +573,7 @@ plugin_t *openssl_plugin_create()
+ },
+ );
+
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ /* note that we can't call OPENSSL_cleanup() when the plugin is destroyed
+ * as we couldn't initialize the library again afterwards */
+ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG |
diff --git a/package/strongswan/patches/patch-src_starter_netkey_c b/package/strongswan/patches/patch-src_starter_netkey_c
index b87895eeb..adb7e09eb 100644
--- a/package/strongswan/patches/patch-src_starter_netkey_c
+++ b/package/strongswan/patches/patch-src_starter_netkey_c
@@ -1,6 +1,6 @@
---- strongswan-5.0.0.orig/src/starter/netkey.c 2012-06-13 06:32:03.000000000 +0200
-+++ strongswan-5.0.0/src/starter/netkey.c 2012-07-26 16:55:59.000000000 +0200
-@@ -43,6 +43,7 @@ bool starter_netkey_init(void)
+--- strongswan-5.5.0.orig/src/starter/netkey.c 2016-04-22 22:01:35.000000000 +0200
++++ strongswan-5.5.0/src/starter/netkey.c 2016-09-30 05:30:43.681874545 +0200
+@@ -42,6 +42,7 @@ bool starter_netkey_init(void)
}
/* make sure that all required IPsec modules are loaded */
@@ -8,7 +8,7 @@
if (stat(PROC_MODULES, &stb) == 0)
{
ignore_result(system("modprobe -qv ah4"));
-@@ -51,6 +52,7 @@ bool starter_netkey_init(void)
+@@ -50,6 +51,7 @@ bool starter_netkey_init(void)
ignore_result(system("modprobe -qv xfrm4_tunnel"));
ignore_result(system("modprobe -qv xfrm_user"));
}
diff --git a/package/stunnel/Makefile b/package/stunnel/Makefile
deleted file mode 100644
index e5962f38a..000000000
--- a/package/stunnel/Makefile
+++ /dev/null
@@ -1,33 +0,0 @@
-# This file is part of the OpenADK project. OpenADK is copyrighted
-# material, please see the LICENCE file in the top-level directory.
-
-include $(ADK_TOPDIR)/rules.mk
-
-PKG_NAME:= stunnel
-PKG_VERSION:= 5.36
-PKG_RELEASE:= 1
-PKG_HASH:= eb8952fcfdfcdf5056a1f1a78e1ec5014b819c5f5f7599b924dc4490ffe4b5ea
-PKG_DESCR:= encryption wrapper
-PKG_SECTION:= net/security
-PKG_DEPENDS:= libopenssl
-PKG_BUILDDEP:= openssl
-PKG_URL:= https://www.stunnel.org
-PKG_SITES:= https://www.stunnel.org/downloads/
-
-DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-
-include $(ADK_TOPDIR)/mk/package.mk
-
-$(eval $(call PKG_template,STUNNEL,stunnel,$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
-
-AUTOTOOL_STYLE:= autoreconf
-CONFIGURE_ARGS+= --with-ssl=${STAGING_TARGET_DIR}/usr \
- --disable-systemd \
- --disable-libwrap
-
-stunnel-install:
- $(INSTALL_DIR) $(IDIR_STUNNEL)/usr/bin
- $(INSTALL_BIN) $(WRKINST)/usr/bin/stunnel \
- $(IDIR_STUNNEL)/usr/bin
-
-include ${ADK_TOPDIR}/mk/pkg-bottom.mk
diff --git a/package/stunnel/patches/patch-configure_ac b/package/stunnel/patches/patch-configure_ac
deleted file mode 100644
index fc9533b21..000000000
--- a/package/stunnel/patches/patch-configure_ac
+++ /dev/null
@@ -1,21 +0,0 @@
---- stunnel-5.31.orig/configure.ac 2016-02-03 18:23:10.000000000 +0100
-+++ stunnel-5.31/configure.ac 2016-03-13 13:33:26.000000000 +0100
-@@ -86,18 +86,6 @@ if test "$GCC" = yes; then
- AX_APPEND_COMPILE_FLAGS([-Wconversion])
- AX_APPEND_COMPILE_FLAGS([-Wno-long-long])
- AX_APPEND_COMPILE_FLAGS([-Wno-deprecated-declarations])
-- AX_APPEND_COMPILE_FLAGS([-fPIE])
-- case "${host}" in
-- avr-*.* | powerpc-*-aix* | rl78-*.* | visium-*.*)
-- ;;
-- *)
-- AX_APPEND_COMPILE_FLAGS([-fstack-protector])
-- ;;
-- esac
-- AX_APPEND_LINK_FLAGS([-fPIE -pie])
-- AX_APPEND_LINK_FLAGS([-Wl,-z,relro])
-- AX_APPEND_LINK_FLAGS([-Wl,-z,now])
-- AX_APPEND_LINK_FLAGS([-Wl,-z,noexecstack])
- fi
- AX_APPEND_COMPILE_FLAGS([-D_FORTIFY_SOURCE=2])
-
diff --git a/package/supl/Makefile b/package/supl/Makefile
index 2fd08a1e2..9d5dc4ad9 100644
--- a/package/supl/Makefile
+++ b/package/supl/Makefile
@@ -9,26 +9,21 @@ PKG_RELEASE:= 1
PKG_HASH:= 068dc47ce818ce5634f09a88159df85a6ce3456e2467b11b8c5f8543a99bb347
PKG_DESCR:= tools for accessing sup/rrlp server
PKG_SECTION:= net/misc
+PKG_DEPENDS:= libressl
+PKG_BUILDDEP:= libressl
PKG_URL:= http://www.tajuma.com/supl/
PKG_SITES:= $(MASTER_SITE_SOURCEFORGE:=supl/)
DISTFILES:= $(PKG_NAME)_$(PKG_VERSION).tar.gz
WRKDIST= $(WRKDIR)/trunk
-PKG_CHOICES_SUPL:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
include $(ADK_TOPDIR)/mk/package.mk
$(eval $(call PKG_template,SUPL,supl,$(PKG_VERSION)-$(PKG_RELEASE),$(PKG_DEPENDS),$(PKG_DESCR),$(PKG_SECTION)))
CONFIG_STYLE:= minimal
-CONFIGURE_ARGS+= --precompiled-asn1=yes --prefix="$(WRKINST)/usr"
+CONFIGURE_ARGS+= --prefix="$(WRKINST)/usr" \
+ --precompiled-asn1=yes
supl-install:
$(INSTALL_DIR) $(IDIR_SUPL)/usr/{bin,lib}
diff --git a/package/tinc/Makefile b/package/tinc/Makefile
index c192d10b6..b6a2f4540 100644
--- a/package/tinc/Makefile
+++ b/package/tinc/Makefile
@@ -9,22 +9,14 @@ PKG_RELEASE:= 1
PKG_HASH:= 0b502699360f09ce2128a39cf02abca07bfc699fc02ce829b3a90cf5e1e8b344
PKG_DESCR:= vpn tunnel daemon
PKG_SECTION:= net/security
-PKG_DEPENDS:= zlib liblzo
-PKG_BUILDDEP:= zlib liblzo
+PKG_DEPENDS:= zlib liblzo libressl
+PKG_BUILDDEP:= zlib liblzo libressl
PKG_KDEPENDS:= tun
PKG_URL:= http://www.tinc-vpn.org/
PKG_SITES:= http://www.tinc-vpn.org/packages/
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-PKG_CHOICES_TINC:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl
-
include ${ADK_TOPDIR}/mk/package.mk
$(eval $(call PKG_template,TINC,tinc,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
diff --git a/package/tmsnc/Makefile b/package/tmsnc/Makefile
index 83b4ea3d0..c88b591cb 100644
--- a/package/tmsnc/Makefile
+++ b/package/tmsnc/Makefile
@@ -9,17 +9,11 @@ PKG_RELEASE:= 2
PKG_HASH:= 7f54ba3974f45c0787b6d62d0d62ce352ddbf95419123b98b4969b97d3dfed23
PKG_DESCR:= textbased msn client
PKG_SECTION:= app/chat
+PKG_DEPENDS:= libressl
+PKG_BUILDDEP:= libressl
PKG_URL:= http://tmsnc.sourceforge.net/
PKG_SITES:= ${MASTER_SITE_SOURCEFORGE:=tmsnc/}
-PKG_CHOICES_TMSNC:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl ca-certificates
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates
-
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
include ${ADK_TOPDIR}/mk/package.mk
@@ -27,6 +21,7 @@ include ${ADK_TOPDIR}/mk/package.mk
$(eval $(call PKG_template,TMSNC,tmsnc,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
TARGET_LDFLAGS+= -ltinfo
+
CONFIGURE_ARGS+= --with-libiconv-prefix=${STAGING_TARGET_DIR}/usr \
--with-openssl=${STAGING_TARGET_DIR}/usr \
--with-ncurses=${STAGING_TARGET_DIR}
diff --git a/package/tntnet/Makefile b/package/tntnet/Makefile
index c48a070d3..03d3b558e 100644
--- a/package/tntnet/Makefile
+++ b/package/tntnet/Makefile
@@ -17,17 +17,14 @@ PKG_SITES:= http://www.tntnet.org/download/
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-PKG_CHOICES_TNTNET:= WITHOUT_SSL WITH_GNUTLS WITH_OPENSSL WITH_LIBRESSL
-PKGCD_WITHOUT_SSL:= use no ssl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCS_WITH_OPENSSL:= libopenssl
-PKGCB_WITH_OPENSSL:= openssl
-PKGCD_WITH_OPENSSL:= use libressl for crypto
-PKGCS_WITH_OPENSSL:= libressl
-PKGCB_WITH_OPENSSL:= libressl
+PKG_CHOICES_TNTNET:= WITH_LIBRESSL WITH_GNUTLS WITHOUT_SSL
+PKGCD_WITH_LIBRESSL:= use libressl for crypto
+PKGCS_WITH_LIBRESSL:= libressl
+PKGCB_WITH_LIBRESSL:= libressl
PKGCD_WITH_GNUTLS:= use gnutls for crypto
PKGCS_WITH_GNUTLS:= libgnutls
PKGCB_WITH_GNUTLS:= gnutls
+PKGCD_WITHOUT_SSL:= use no ssl
include ${ADK_TOPDIR}/mk/package.mk
@@ -36,9 +33,6 @@ $(eval $(call PKG_template,TNTNET,tntnet,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEP
ifeq (${ADK_PACKAGE_TNTNET_WITHOUT_SSL},y)
CONFIGURE_ARGS+= --with-ssl=no
endif
-ifeq (${ADK_PACKAGE_TNTNET_WITH_OPENSSL},y)
-CONFIGURE_ARGS+= --with-ssl=openssl
-endif
ifeq (${ADK_PACKAGE_TNTNET_WITH_LIBRESSL},y)
CONFIGURE_ARGS+= --with-ssl=openssl
endif
diff --git a/package/tor/Makefile b/package/tor/Makefile
index cd4b0b91c..c7893d390 100644
--- a/package/tor/Makefile
+++ b/package/tor/Makefile
@@ -9,20 +9,12 @@ PKG_RELEASE:= 2
PKG_HASH:= 493a8679f904503048114aca6467faef56861206bab8283d858f37141d95105d
PKG_DESCR:= anonymous internet communication system
PKG_SECTION:= net/proxy
-PKG_DEPENDS:= libevent zlib
-PKG_BUILDDEP:= libevent zlib
+PKG_DEPENDS:= libevent zlib libressl
+PKG_BUILDDEP:= libevent zlib libressl
PKG_NEEDS:= threads
PKG_URL:= https://www.torproject.org/
PKG_SITES:= https://www.torproject.org/dist/
-PKG_CHOICES_TOR:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl ca-certificates
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates
-
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
include ${ADK_TOPDIR}/mk/package.mk
diff --git a/package/tvheadend/Makefile b/package/tvheadend/Makefile
index 4624064dd..008bce1d3 100644
--- a/package/tvheadend/Makefile
+++ b/package/tvheadend/Makefile
@@ -9,17 +9,11 @@ PKG_GIT:= hash
PKG_RELEASE:= 3
PKG_DESCR:= tv streaming server
PKG_SECTION:= mm/video
+PKG_DEPENDS:= libressl
+PKG_BUILDDEP:= libressl
PKG_URL:= https://tvheadend.org/projects/tvheadend
PKG_SITES:= https://github.com/tvheadend/tvheadend.git
-PKG_CHOICES_TVHEADEND:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl ca-certificates
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates
-
include $(ADK_TOPDIR)/mk/package.mk
$(eval $(call PKG_template,TVHEADEND,tvheadend,$(PKG_VERSION)-$(PKG_RELEASE),$(PKG_DEPENDS),$(PKG_DESCR),$(PKG_SECTION)))
diff --git a/package/vtun/Makefile b/package/vtun/Makefile
index d584da3b0..a071c6df8 100644
--- a/package/vtun/Makefile
+++ b/package/vtun/Makefile
@@ -9,19 +9,11 @@ PKG_RELEASE:= 1
PKG_HASH:= 22507499a8f650ef97157977e62fa632d5b0034070629a2d0fd0512e304eaeeb
PKG_DESCR:= vpn tunnel daemon
PKG_SECTION:= net/security
-PKG_DEPENDS:= zlib liblzo
-PKG_BUILDDEP:= zlib liblzo
+PKG_DEPENDS:= zlib liblzo libressl
+PKG_BUILDDEP:= zlib liblzo libressl
PKG_KDEPENDS:= tun
PKG_SITES:= ${MASTER_SITE_SOURCEFORGE:=vtun/}
-PKG_CHOICES_VTUN:= WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:= use libressl for crypto
-PKGCB_WITH_LIBRESSL:= libressl
-PKGCS_WITH_LIBRESSL:= libressl ca-certificates
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCB_WITH_OPENSSL:= openssl
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates
-
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
PKG_HOST_DEPENDS:= !freebsd
diff --git a/package/wget/Makefile b/package/wget/Makefile
index 9ca6a2364..84d5990a6 100644
--- a/package/wget/Makefile
+++ b/package/wget/Makefile
@@ -16,17 +16,14 @@ PKG_BB:= 1
DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.gz
-PKG_CHOICES_WGET:= WITHOUT_SSL WITH_GNUTLS WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITHOUT_SSL:= use no ssl
+PKG_CHOICES_WGET:= WITH_LIBRESSL WITH_GNUTLS WITHOUT_SSL
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCS_WITH_LIBRESSL:= libressl ca-certificates libgmp
PKGCB_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCS_WITH_OPENSSL:= libopenssl ca-certificates libgmp
-PKGCB_WITH_OPENSSL:= openssl
PKGCD_WITH_GNUTLS:= use gnutls for crypto
PKGCS_WITH_GNUTLS:= libgnutls ca-certificates libgmp
PKGCB_WITH_GNUTLS:= gnutls
+PKGCD_WITHOUT_SSL:= use no ssl
include ${ADK_TOPDIR}/mk/host.mk
include ${ADK_TOPDIR}/mk/package.mk
@@ -37,11 +34,6 @@ $(eval $(call PKG_template,WGET,wget,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS
ifeq (${ADK_PACKAGE_WGET_WITHOUT_SSL},y)
CONFIGURE_ARGS+= --with-ssl=no
endif
-ifeq (${ADK_PACKAGE_WGET_WITH_OPENSSL},y)
-CONFIGURE_ARGS+= --with-ssl=openssl \
- --with-openssl=yes \
- --with-libssl-prefix=${STAGING_TARGET_DIR}
-endif
ifeq (${ADK_PACKAGE_WGET_WITH_LIBRESSL},y)
CONFIGURE_ARGS+= --with-ssl=openssl \
--with-openssl=yes \
diff --git a/package/wpa_supplicant/Makefile b/package/wpa_supplicant/Makefile
index c045a6c0e..12615ceab 100644
--- a/package/wpa_supplicant/Makefile
+++ b/package/wpa_supplicant/Makefile
@@ -21,13 +21,10 @@ PKG_DFLT_WPA_SUPPLICANT:= y if ADK_TARGET_WITH_WIFI
WRKSRC= ${WRKDIST}/${PKG_NAME}
-PKG_CHOICES_WPA_SUPPLICANT:= WITH_LIBRESSL WITH_OPENSSL WITH_INTERNAL WITH_GNUTLS
+PKG_CHOICES_WPA_SUPPLICANT:= WITH_LIBRESSL WITH_INTERNAL WITH_GNUTLS
PKGCD_WITH_LIBRESSL:= use libressl for crypto
PKGCS_WITH_LIBRESSL:= libressl
PKGCB_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl for crypto
-PKGCS_WITH_OPENSSL:= libopenssl
-PKGCB_WITH_OPENSSL:= openssl
PKGCD_WITH_GNUTLS:= use gnutls for crypto
PKGCS_WITH_GNUTLS:= libgnutls
PKGCB_WITH_GNUTLS:= gnutls
@@ -37,9 +34,10 @@ include ${ADK_TOPDIR}/mk/package.mk
$(eval $(call PKG_template,WPA_SUPPLICANT,wpa-supplicant,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
+TARGET_CFLAGS+= -I$(STAGING_TARGET_DIR)/usr/include/libnl3
+
CONFIG_STYLE:= manual
INSTALL_STYLE:= manual
-TARGET_CFLAGS+= -I$(STAGING_TARGET_DIR)/usr/include/libnl3
MAKE_FLAGS+= CPPFLAGS='${TARGET_CPPFLAGS}' \
LDFLAGS='${TARGET_LDFLAGS}' \
diff --git a/package/xorg-server/Makefile b/package/xorg-server/Makefile
index 41c1e7746..9c2e59e61 100644
--- a/package/xorg-server/Makefile
+++ b/package/xorg-server/Makefile
@@ -31,16 +31,13 @@ PKG_CFLINE_XORG_SERVER:=depends on ADK_TARGET_WITH_VGA || ADK_TARGET_QEMU_WITH_G
PKG_FLAVOURS_XORG_SERVER:= WITH_KDRIVE
PKGFD_WITH_KDRIVE:= build kdrive xfbdev server
-PKG_CHOICES_XORG_SERVER:= WITH_GCRYPT WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_GCRYPT:= use libgcrypt for sha1
-PKGCS_WITH_GCRYPT:= libgcrypt
-PKGCB_WITH_GCRYPT:= libgcrypt
+PKG_CHOICES_XORG_SERVER:= WITH_LIBRESSL WITH_GCRYPT
PKGCD_WITH_LIBRESSL:= use libressl crypto for sha1
PKGCS_WITH_LIBRESSL:= libressl
PKGCB_WITH_LIBRESSL:= libressl
-PKGCD_WITH_OPENSSL:= use openssl crypto for sha1
-PKGCS_WITH_OPENSSL:= libopenssl
-PKGCB_WITH_OPENSSL:= openssl
+PKGCD_WITH_GCRYPT:= use libgcrypt for sha1
+PKGCS_WITH_GCRYPT:= libgcrypt
+PKGCB_WITH_GCRYPT:= libgcrypt
include $(ADK_TOPDIR)/mk/package.mk
@@ -52,7 +49,7 @@ ifeq (${ADK_PACKAGE_XORG_SERVER_WITH_GCRYPT},y)
CONFIGURE_ARGS+= --with-sha1=libgcrypt
endif
-ifeq (${ADK_PACKAGE_XORG_SERVER_WITH_CRYPTO},y)
+ifeq (${ADK_PACKAGE_XORG_SERVER_WITH_LIBRESSL},y)
CONFIGURE_ARGS+= --with-sha1=libcrypto
endif