document the nextprotoneg option in manual pages

original patch by Hubert Kario

openssl-1.0.1e-arm-use-elf-auxv-caps.patch

@@ -0,0 +1,93 @@
+diff --git a/crypto/armcap.c b/crypto/armcap.c
+index 5258d2f..efb4009 100644
+--- a/crypto/armcap.c
++++ b/crypto/armcap.c
+@@ -9,11 +9,6 @@
+ 
+ unsigned int OPENSSL_armcap_P;
+ 
+-static sigset_t all_masked;
+-
+-static sigjmp_buf ill_jmp;
+-static void ill_handler (int sig) { siglongjmp(ill_jmp,sig); }
+-
+ /*
+  * Following subroutines could have been inlined, but it's not all
+  * ARM compilers support inline assembler...
+@@ -29,24 +24,26 @@ unsigned int OPENSSL_rdtsc(void)
+ 		return 0;
+ 	}
+ 
+-#if defined(__GNUC__) && __GNUC__>=2
+-void OPENSSL_cpuid_setup(void) __attribute__((constructor));
+-#endif
+-void OPENSSL_cpuid_setup(void)
++#if defined(__GLIBC__) && __GLIBC__>=2 && __GLIBC_MINOR__>=16
++#include <sys/auxv.h>
++
++void OPENSSL_cpuid_find(void)
++	{
++		unsigned long hwcap = getauxval(AT_HWCAP);
++		char *plat = (char *)getauxval(AT_PLATFORM);
++
++		OPENSSL_armcap_P |= hwcap & HWCAP_ARM_NEON ? ARMV7_NEON : 0;
++		OPENSSL_armcap_P |= plat ? (plat[1] == '7' ? ARMV7_TICK : 0) : 0;
++	}
++#else
++static sigset_t all_masked;
++static sigjmp_buf ill_jmp;
++static void ill_handler (int sig) { siglongjmp(ill_jmp,sig); }
++
++void OPENSSL_cpuid_find(void)
+ 	{
+-	char *e;
+ 	struct sigaction	ill_oact,ill_act;
+ 	sigset_t		oset;
+-	static int trigger=0;
+-
+-	if (trigger) return;
+-	trigger=1;
+- 
+-	if ((e=getenv("OPENSSL_armcap")))
+-		{
+-		OPENSSL_armcap_P=strtoul(e,NULL,0);
+-		return;
+-		}
+ 
+ 	sigfillset(&all_masked);
+ 	sigdelset(&all_masked,SIGILL);
+@@ -55,8 +52,6 @@ void OPENSSL_cpuid_setup(void)
+ 	sigdelset(&all_masked,SIGBUS);
+ 	sigdelset(&all_masked,SIGSEGV);
+ 
+-	OPENSSL_armcap_P = 0;
+-
+ 	memset(&ill_act,0,sizeof(ill_act));
+ 	ill_act.sa_handler = ill_handler;
+ 	ill_act.sa_mask    = all_masked;
+@@ -78,3 +73,25 @@ void OPENSSL_cpuid_setup(void)
+ 	sigaction (SIGILL,&ill_oact,NULL);
+ 	sigprocmask(SIG_SETMASK,&oset,NULL);
+ 	}
++#endif
++
++#if defined(__GNUC__) && __GNUC__>=2
++void OPENSSL_cpuid_setup(void) __attribute__((constructor));
++#endif
++void OPENSSL_cpuid_setup(void)
++	{
++	char *e;
++	static int trigger=0;
++
++	if (trigger) return;
++	trigger=1;
++
++	if ((e=getenv("OPENSSL_armcap")))
++		{
++		OPENSSL_armcap_P=strtoul(e,NULL,0);
++		return;
++		}
++
++	OPENSSL_armcap_P = 0;
++	OPENSSL_cpuid_find();
++	}

openssl.spec

@@ -21,7 +21,7 @@
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 1.0.1e
-Release: 21%{?dist}
+Release: 22%{?dist}
 Epoch: 1
 # We have to remove certain patented algorithms from the openssl source
 # tarball with the hobble-openssl script which is included below.
@@ -76,6 +76,7 @@ Patch81: openssl-1.0.1-beta2-padlock64.patch
 Patch82: openssl-1.0.1e-backports.patch
 Patch83: openssl-1.0.1e-bad-mac.patch
 Patch84: openssl-1.0.1e-trusted-first.patch
+Patch85: openssl-1.0.1e-arm-use-elf-auxv-caps.patch
 
 License: OpenSSL
 Group: System Environment/Libraries
@@ -195,6 +196,7 @@ OpenSSL FIPS module.
 %patch72 -p1 -b .fips-ctor
 %patch83 -p1 -b .bad-mac
 %patch84 -p1 -b .trusted-first
+%patch85 -p1 -b .armcap
 
 sed -i 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' crypto/opensslv.h
 
@@ -471,10 +473,14 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
 prelink -u %{_libdir}/libcrypto.so.%{version} %{_libdir}/libssl.so.%{version} 2>/dev/null || :
 
 %changelog
-* Thu Sep 12 2013 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-21
+* Thu Sep 12 2013 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-22
 - document the nextprotoneg option in manual pages
   original patch by Hubert Kario
 
+* Tue Sep 10 2013 Kyle McMartin <kyle@redhat.com> 1.0.1e-21
+- [arm] use elf auxv to figure out armcap.c instead of playing silly
+  games with SIGILL handlers. (#1006474)
+
 * Wed Sep  4 2013 Tomas Mraz <tmraz@redhat.com> 1.0.1e-20
 - try to avoid some races when updating the -fips subpackage