staging/noltari/tools/libressl, branch master

tools/libressl: update to 3.7.0

2022-12-18T15:34:47Z

Release notes: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.0-relnotes.txt https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.1-relnotes.txt https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.7.0-relnotes.txt Signed-off-by: Linhui Liu

tools: add Host/Uninstall where possible

2022-10-19T22:33:22Z

This cleans staging_dir when calling tool/x/clean. Signed-off-by: Rosen Penev

build: prefer HTTPS if available (for packages)

2022-10-05T15:37:07Z

Changes PKG_SOURCE_URL's for arptables, bsdiff, dnsmasq, fortify-headers, ipset, ipset-dns, libaudit, libpcap, libressl, lua, lua5.3, tcpdump and valgrind, to HTTPS Signed-off-by: Daniel Cousens

tools/libressl: disable assembly code for all hosts

2022-07-31T16:46:23Z

This SSL library is for hosts only and not shipped as a build product, therefore its performance quality (speed) is not critical. Assembly code is broken in LibreSSL for some x86_64 hosts (part of git history) and for some RISC host archs like armv7l, aarch64, powerpc, ppc64, etc... so let's just disable it for all hosts. For example, this fixes an instance on ARM hosts where the host Python 3 builds broken modules which link to LibreSSL, even with patches that enable LibreSSL support with the import error "unexpected reloc type 3". Ref: a395563f6 ("build: fix libressl build on x32 (amd64ilp32) host ") Suggested-by: Andre Heider Signed-off-by: Michael Pratt

tools/libressl: ensure PIC-only object compilation

2022-07-31T16:46:23Z

Line up configure arguments for cleaner git diff and editing and grepping. LibreSSL must be built with PIC, and has the flags for it already in CFLAGS. Add the configure option native to LibreSSL to use only PIC in objects, which further enforces that each object in the library has the PIC flag to prevent a mixture of PIC / non-PIC objects within it. Ref: 96a940308 ("tools: libressl: always build as PIC") Signed-off-by: Michael Pratt

tools/libressl: bump to v3.5.3

2022-07-20T11:02:57Z

This includes API additions required for u-boot v2022.07 and Python 3.10. https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.0-relnotes.txt https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.1-relnotes.txt https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.2-relnotes.txt https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.3-relnotes.txt Signed-off-by: Andre Heider

tools/libressl: update to version 3.4.3

2022-06-19T10:31:02Z

Release notes: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.3-relnotes.txt ``` It includes the following security fix: * A malicious certificate can cause an infinite loop. Reported by and fix from Tavis Ormandy and David Benjamin, Google. ``` Signed-off-by: Josef Schlehofer

tools/libressl: update to version 3.4.2

2022-02-28T23:08:08Z

Release notes: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.2-relnotes.txt ``` It includes the following security fix * In some situations the X.509 verifier would discard an error on an unverified certificate chain, resulting in an authentication bypass. Thanks to Ilya Shipitsin and Timo Steinlein for reporting. ``` Signed-off-by: Josef Schlehofer

tools/libressl: update to 3.4.1

2021-11-02T20:00:32Z

Signed-off-by: Rosen Penev

tools/libressl: update to 3.3.4

2021-09-05T19:28:55Z

Signed-off-by: Rosen Penev