Hi guys,
I'm trying to build OpenSSL v1.0.2g from an AUR PKGFILE [1], on a armv7h platform. I'm doing specifically to enable openssl-cryptodev, as there does not seem an ALARM kernel package compiled specifically for my platform (Olimex A20 OlinuXino Lime2). The Cryptodev module has been, of course, successfully built and is loaded in the kernel.
While the build seems to complete successfully, the test suite fails as shown in [2]. Does anybody know what to make of it?
[1] The PKGFILE, original at https://aur.archlinux.org/packages/openssl-chacha20/
$this->bbcode_second_pass_code('', '
# $Id$
# Maintainer: Pierre Schmitz <pierre@archlinux.de>
_pkgname=openssl
pkgname=${_pkgname}-chacha20
_ver=1.0.2g
# use a pacman compatible version scheme
pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
#pkgver=$_ver
pkgrel=3
pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security with Chacha20 cipher'
arch=('i686' 'x86_64' 'armv7h')
url='https://www.openssl.org'
license=('custom:BSD')
depends=('perl')
optdepends=('ca-certificates')
options=('!makeflags')
backup=('etc/ssl/openssl.cnf')
conflicts=('openssl')
provides=("openssl=${pkgver}")
source=("https://www.openssl.org/source/${_pkgname}-${_ver}.tar.gz"
"https://www.openssl.org/source/${_pkgname}-${_ver}.tar.gz.asc"
'no-rpath.patch'
'ssl3-test-failure.patch'
'ca-dir.patch'
'openssl__chacha20_poly1305_draft_and_rfc_ossl102g.patch')
sha256sums=('b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33'
'SKIP'
'754d6107a306311e15a1db6a1cc031b81691c8b9865e8809ac60ca6f184c957c'
'c54ae87c602eaa1530a336ab7c6e22e12898e1941012349c153e52553df64a13'
'9e8126f3a748f4c1d6fe34d4436de72b16a40e97a6d18234d2e88caa179d50c4'
'09a2e88f95d8cd12bd9c23cd87554ab700fb1625a848c0502951849fb1d564fc')
validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491')
prepare() {
cd $srcdir/$_pkgname-$_ver
# remove rpath: http://bugs.archlinux.org/task/14367
patch -p0 -i $srcdir/no-rpath.patch
# disable a test that fails when ssl3 is disabled
patch -p1 -i $srcdir/ssl3-test-failure.patch
# set ca dir to /etc/ssl by default
patch -p0 -i $srcdir/ca-dir.patch
}
build() {
cd $srcdir/$_pkgname-$_ver
if [ "${CARCH}" == 'x86_64' ]; then
openssltarget='linux-x86_64'
optflags='enable-ec_nistp_64_gcc_128'
elif [ "${CARCH}" == 'i686' ]; then
openssltarget='linux-elf'
optflags=''
elif [ "${CARCH}" == 'arm' -o "${CARCH}" == 'armv6h' -o "${CARCH}" == 'armv7h' ]; then
openssltarget='linux-armv4'
optflags=''
elif [ "${CARCH}" == 'aarch64' ]; then
openssltarget='linux-aarch64'
optflags=''
fi
# mark stack as non-executable: http://bugs.archlinux.org/task/12434
./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS -DHASH_MAX_LEN=64 shared threads zlib enable-md2 \
shared no-ssl3-method ${optflags} \
"${openssltarget}" \
"-Wa,--noexecstack ${CPPFLAGS} ${CFLAGS} ${LDFLAGS}"
make depend
make
}
check() {
cd $srcdir/$_pkgname-$_ver
# the test fails due to missing write permissions in /etc/ssl
# revert this patch for make test
patch -p0 -R -i $srcdir/ca-dir.patch
make test
patch -p0 -i $srcdir/ca-dir.patch
}
package() {
cd $srcdir/$_pkgname-$_ver
make INSTALL_PREFIX=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install
install -D -m644 LICENSE $pkgdir/usr/share/licenses/$_pkgname/LICENSE
}
')
[2] The test failure log
$this->bbcode_second_pass_code('', '
make a certificate request using 'req'
rsa
Generating a 2048 bit RSA private key
....................................................................................................................+++
......................................................+++
writing new private key to 'keyCA.ss'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []:Dodgy Brothers
Common Name (eg, YOUR name) []:Dodgy CA
convert the certificate request into a self signed certificate using 'x509'
3069843168:error:0D0C40D8:asn1 encoding routines:c2i_ASN1_OBJECT:invalid object encoding:a_object.c:283:
3069843168:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:697:Field=algorithm, Type=X509_ALGOR
3069843168:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:697:Field=sig_alg, Type=X509_REQ
3069843168:error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib:pem_oth.c:83:
error using 'x509' to self sign a certificate request
Makefile:286: recipe for target 'test_ss' failed
')