[bot] AutoMerging: merge all upstream's changes:

* https://github.com/coolsnowwolf/lede:
  busybox: awk: fix use after free (CVE-2022-30065)
  dnsmasq: Backport DHCPv6 server fix (CVE-2022-0934)
  ramips: improve compatibility for Youku YK-L2 and YK-L1 series
  ramips: add support for Youku X2
  openssl: bump to 1.1.1s

package/libs/openssl/Makefile

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openssl
 PKG_BASE:=1.1.1
-PKG_BUGFIX:=q
+PKG_BUGFIX:=s
 PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX)
 PKG_RELEASE:=$(AUTORELEASE)
 PKG_USE_MIPS16:=0
@@ -27,7 +27,7 @@ PKG_SOURCE_URL:= \
 	ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \
 	ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/old/$(PKG_BASE)/
 
-PKG_HASH:=d7939ce614029cdff0b6c20f0e2e5703158a489a72b2507b8bd51bf8c8fd10ca
+PKG_HASH:=c5ac01e760ee6ff0dab61d6b2bbd30146724d063eb322180c6f18a6f74e4b6aa
 
 PKG_LICENSE:=OpenSSL
 PKG_LICENSE_FILES:=LICENSE

package/libs/openssl/patches/001-crypto-perlasm-ppc-xlate.pl-add-linux64v2-flavour.patch

@@ -15,7 +15,6 @@ Reviewed-by: Paul Dale <[email protected]>
 Reviewed-by: Richard Levitte <[email protected]>
 (Merged from https://github.com/openssl/openssl/pull/8883)
 
-diff --git a/crypto/perlasm/ppc-xlate.pl b/crypto/perlasm/ppc-xlate.pl
 --- a/crypto/perlasm/ppc-xlate.pl
 +++ b/crypto/perlasm/ppc-xlate.pl
 @@ -49,7 +49,7 @@ my $globl = sub {

package/libs/openssl/patches/100-Configure-afalg-support.patch

@@ -8,10 +8,9 @@ version to disable building the AFALG engine on openwrt targets.
 
 Signed-off-by: Eneas U de Queiroz <[email protected]>
 
-diff --git a/Configure b/Configure
 --- a/Configure
 +++ b/Configure
-@@ -1548,7 +1548,9 @@ unless ($disabled{"crypto-mdebug-backtrace"})
+@@ -1548,7 +1548,9 @@ unless ($disabled{"crypto-mdebug-backtra
 
  unless ($disabled{afalgeng}) {
      $config{afalgeng}="";

package/libs/openssl/patches/110-openwrt_targets.patch

@@ -7,8 +7,6 @@ Targets are named: linux-$(CONFIG_ARCH)-openwrt
 
 Signed-off-by: Eneas U de Queiroz <[email protected]>
 
-diff --git a/Configurations/25-openwrt.conf b/Configurations/25-openwrt.conf
-new file mode 100644
 --- /dev/null
 +++ b/Configurations/25-openwrt.conf
 @@ -0,0 +1,52 @@

package/libs/openssl/patches/120-strip-cflags-from-binary.patch

@@ -8,10 +8,9 @@ OpenSSL_version(OPENSSL_CFLAGS), or running openssl version -a
 
 Signed-off-by: Eneas U de Queiroz <[email protected]>
 
-diff --git a/crypto/build.info b/crypto/build.info
 --- a/crypto/build.info
 +++ b/crypto/build.info
-@@ -10,7 +10,7 @@ EXTRA=  ../ms/uplink-x86.pl ../ms/uplink.c ../ms/applink.c \
+@@ -10,7 +10,7 @@ EXTRA=  ../ms/uplink-x86.pl ../ms/uplink
          ppccpuid.pl pariscid.pl alphacpuid.pl arm64cpuid.pl armv4cpuid.pl
 
  DEPEND[cversion.o]=buildinf.h

package/libs/openssl/patches/130-dont-build-tests-fuzz.patch

@@ -7,10 +7,9 @@ This shortens build time.
 
 Signed-off-by: Eneas U de Queiroz <[email protected]>
 
-diff --git a/Configure b/Configure
 --- a/Configure
 +++ b/Configure
-@@ -318,7 +318,7 @@ my $auto_threads=1;    # enable threads automatically? true by default
+@@ -318,7 +318,7 @@ my $auto_threads=1;    # enable threads
  my $default_ranlib;
 
  # Top level directories to build

package/libs/openssl/patches/140-allow-prefer-chacha20.patch

@@ -14,7 +14,6 @@ when the client has it on top of its ciphersuite preference.
 
 Signed-off-by: Eneas U de Queiroz <[email protected]>
 
-diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
 --- a/include/openssl/ssl.h
 +++ b/include/openssl/ssl.h
 @@ -173,9 +173,15 @@ extern "C" {
@@ -36,10 +35,9 @@ diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
  # else
  #  define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
                                     "TLS_AES_128_GCM_SHA256"
-diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
 --- a/ssl/ssl_ciph.c
 +++ b/ssl/ssl_ciph.c
-@@ -1467,11 +1467,29 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
+@@ -1465,11 +1465,29 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
      ssl_cipher_apply_rule(0, SSL_kECDHE, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head,
                            &tail);
 
@@ -69,7 +67,7 @@ diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
 
      /*
       * ...and generally, our preferred cipher is AES.
-@@ -1527,7 +1545,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
+@@ -1525,7 +1543,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
       * Within each group, ciphers remain sorted by strength and previous
       * preference, i.e.,
       * 1) ECDHE > DHE

package/libs/openssl/patches/150-openssl.cnf-add-engines-conf.patch

@@ -8,7 +8,6 @@ This adds configuration options for engines, loading all cnf files under
 
 Signed-off-by: Eneas U de Queiroz <[email protected]>
 
-diff --git a/apps/openssl.cnf b/apps/openssl.cnf
 --- a/apps/openssl.cnf
 +++ b/apps/openssl.cnf
 @@ -22,6 +22,16 @@ oid_section		= new_oids

package/libs/openssl/patches/400-eng_devcrypto-save-ioctl-if-EVP_MD_.FLAG_ONESHOT.patch

@@ -14,7 +14,6 @@ Reviewed-by: Matthias St. Pierre <[email protected]>
 Reviewed-by: Richard Levitte <[email protected]>
 (Merged from https://github.com/openssl/openssl/pull/7585)
 
-diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
 --- a/crypto/engine/eng_devcrypto.c
 +++ b/crypto/engine/eng_devcrypto.c
 @@ -461,6 +461,7 @@ struct digest_ctx {
@@ -25,7 +24,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
  };
 
  static const struct digest_data_st {
-@@ -564,12 +565,15 @@ static int digest_update(EVP_MD_CTX *ctx, const void *data, size_t count)
+@@ -564,12 +565,15 @@ static int digest_update(EVP_MD_CTX *ctx
      if (digest_ctx == NULL)
          return 0;
 
@@ -45,7 +44,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
  }
 
  static int digest_final(EVP_MD_CTX *ctx, unsigned char *md)
-@@ -579,7 +583,10 @@ static int digest_final(EVP_MD_CTX *ctx, unsigned char *md)
+@@ -579,7 +583,10 @@ static int digest_final(EVP_MD_CTX *ctx,
 
      if (md == NULL || digest_ctx == NULL)
          return 0;

package/libs/openssl/patches/410-eng_devcrypto-add-configuration-options.patch

@@ -13,7 +13,6 @@ Reviewed-by: Matthias St. Pierre <[email protected]>
 Reviewed-by: Richard Levitte <[email protected]>
 (Merged from https://github.com/openssl/openssl/pull/7585)
 
-diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
 --- a/crypto/engine/eng_devcrypto.c
 +++ b/crypto/engine/eng_devcrypto.c
 @@ -16,6 +16,7 @@
@@ -79,7 +78,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
 
      /*
       * Code further down must make sure that only NIDs in the table above
-@@ -333,19 +367,40 @@ static int cipher_cleanup(EVP_CIPHER_CTX *ctx)
+@@ -333,19 +367,40 @@ static int cipher_cleanup(EVP_CIPHER_CTX
  }
 
  /*
@@ -185,7 +184,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
  static const EVP_CIPHER *get_cipher_method(int nid)
  {
      size_t i = get_cipher_data_index(nid);
-@@ -438,6 +520,36 @@ static int devcrypto_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+@@ -438,6 +520,36 @@ static int devcrypto_ciphers(ENGINE *e,
      return *cipher != NULL;
  }
 
@@ -246,7 +245,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
 
      /*
       * Code further down must make sure that only NIDs in the table above
-@@ -516,8 +637,8 @@ static const struct digest_data_st *get_digest_data(int nid)
+@@ -516,8 +637,8 @@ static const struct digest_data_st *get_
  }
 
  /*
@@ -257,7 +256,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
   */
 
  static int digest_init(EVP_MD_CTX *ctx)
-@@ -630,52 +751,94 @@ static int digest_cleanup(EVP_MD_CTX *ctx)
+@@ -630,52 +751,94 @@ static int digest_cleanup(EVP_MD_CTX *ct
      return clean_devcrypto_session(&digest_ctx->sess);
  }
 
@@ -402,7 +401,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
      }
  }
 
-@@ -739,8 +909,154 @@ static int devcrypto_digests(ENGINE *e, const EVP_MD **digest,
+@@ -739,7 +909,153 @@ static int devcrypto_digests(ENGINE *e,
      return *digest != NULL;
  }
 
@@ -478,8 +477,8 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
 +    "DIGESTS",
 +    "either ALL, NONE, or a comma-separated list of digests to enable [default=ALL]",
 +    ENGINE_CMD_FLAG_STRING},
- #endif
- 
++#endif
++
 +   {0, NULL, NULL, 0}
 +};
 +
@@ -503,7 +502,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
 +        use_softdrivers = i;
 +#ifdef IMPLEMENT_DIGEST
 +        rebuild_known_digest_nids(e);
-+#endif
+ #endif
 +        rebuild_known_cipher_nids(e);
 +        return 1;
 +#endif /* CIOCGSESSINFO */
@@ -553,10 +552,9 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
 +    }
 +    return 0;
 +}
-+
+ 
  /******************************************************************************
   *
-  * LOAD / UNLOAD
 @@ -806,6 +1122,8 @@ void engine_load_devcrypto_int()
 
      if (!ENGINE_set_id(e, "devcrypto")

package/libs/openssl/patches/420-eng_devcrypto-add-command-to-dump-driver-info.patch

@@ -11,10 +11,9 @@ Reviewed-by: Matthias St. Pierre <[email protected]>
 Reviewed-by: Richard Levitte <[email protected]>
 (Merged from https://github.com/openssl/openssl/pull/7585)
 
-diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
 --- a/crypto/engine/eng_devcrypto.c
 +++ b/crypto/engine/eng_devcrypto.c
-@@ -50,16 +50,20 @@ static int use_softdrivers = DEVCRYPTO_DEFAULT_USE_SOFDTRIVERS;
+@@ -50,16 +50,20 @@ static int use_softdrivers = DEVCRYPTO_D
   */
  struct driver_info_st {
      enum devcrypto_status_t {
@@ -81,7 +80,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
  #endif /* CIOCGSESSINFO */
          }
          ioctl(cfd, CIOCFSESSION, &sess.ses);
-@@ -505,8 +514,11 @@ static void destroy_all_cipher_methods(void)
+@@ -505,8 +514,11 @@ static void destroy_all_cipher_methods(v
  {
      size_t i;
 
@@ -94,7 +93,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
  }
 
  static int devcrypto_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
-@@ -550,6 +562,40 @@ static int cryptodev_select_cipher_cb(const char *str, int len, void *usr)
+@@ -550,6 +562,40 @@ static int cryptodev_select_cipher_cb(co
      return 1;
  }
 
@@ -189,7 +188,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
              EVP_MD_meth_free(known_digest_methods[i]);
              known_digest_methods[i] = NULL;
              goto finish;
-@@ -894,8 +945,11 @@ static void destroy_all_digest_methods(void)
+@@ -894,8 +945,11 @@ static void destroy_all_digest_methods(v
  {
      size_t i;
 
@@ -202,7 +201,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
  }
 
  static int devcrypto_digests(ENGINE *e, const EVP_MD **digest,
-@@ -939,6 +993,43 @@ static int cryptodev_select_digest_cb(const char *str, int len, void *usr)
+@@ -939,6 +993,43 @@ static int cryptodev_select_digest_cb(co
      return 1;
  }
 
@@ -246,7 +245,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
  #endif
 
  /******************************************************************************
-@@ -983,6 +1074,11 @@ static const ENGINE_CMD_DEFN devcrypto_cmds[] = {
+@@ -983,6 +1074,11 @@ static const ENGINE_CMD_DEFN devcrypto_c
      ENGINE_CMD_FLAG_STRING},
  #endif
 
@@ -258,7 +257,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
     {0, NULL, NULL, 0}
  };
 
-@@ -1051,6 +1147,13 @@ static int devcrypto_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+@@ -1051,6 +1147,13 @@ static int devcrypto_ctrl(ENGINE *e, int
          return 1;
  #endif /* IMPLEMENT_DIGEST */