From: Peter Michael Green <plugwash@raspbian.org>
Date: Tue, 19 Jan 2021 16:01:40 +0000 (+0000)
Subject: android-platform-external-boringssl (10.0.0+r36-1+rpi1) bullseye-staging; urgency... 
X-Git-Tag: archive/raspbian/13_preview2-7+rpi1~4
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=12446e31b4a384cd260fd59e33f2f67c645b96f1;p=android-platform-external-boringssl.git

android-platform-external-boringssl (10.0.0+r36-1+rpi1) bullseye-staging; urgency=medium

  * Mark asm as armv6 to avoid setting off armv7 contamination checker.
  * set __ARM_MAX_ARCH__ to 6.
  * disable HWAES define.
  * disable GHASH_ASM_ARM define.

[dgit import unpatched android-platform-external-boringssl 10.0.0+r36-1+rpi1]
---

12446e31b4a384cd260fd59e33f2f67c645b96f1
diff --cc debian/.gitlab-ci.yml
index 0000000,0000000..0a4cc68
new file mode 100644
--- /dev/null
+++ b/debian/.gitlab-ci.yml
@@@ -1,0 -1,0 +1,12 @@@
++pages:
++  image: registry.salsa.debian.org/salsa-ci-team/ci-image-git-buildpackage
++  stage: deploy
++  only:
++    - master
++  artifacts:
++    paths:
++      - public
++    expire_in: 1 day
++  script:
++    - gitlab-ci-git-buildpackage-all
++    - gitlab-ci-aptly
diff --cc debian/README.Debian
index 0000000,0000000..fd5a11c
new file mode 100644
--- /dev/null
+++ b/debian/README.Debian
@@@ -1,0 -1,0 +1,21 @@@
++This library is a version of Google's internal OpenSSL fork called
++BoringSSL.  This is not the official BoringSSL release, it is the
++version of BoringSSL that is maintained as part of the Android SDK and
++OS.  These packages should never be used for anything but the parts of
++the Android SDK that require them.
++
++We package these chunks separately because we believe it makes it
++easier to maintain.  Security updates can happen only in the
++particular package rather than having to build the whole Android SDK
++together as one giant source tree.
++
++Upstream is already good at providing security fixes for all of the
++various bits, and they maintain quite a few stable releases in
++parallel.  Security maintenance for the Android SDK packages will
++mostly be a matter of just including any new patch versions
++(i.e. 8.1.0_r14 vs 8.1.0_r15).
++
++For more info:
++https://lists.debian.org/debian-security/2016/05/msg00038.html
++
++ -- Hans-Christoph Steiner <hans@eds.org>, Wed, 28 Feb 2018 11:51:35 +0100
diff --cc debian/android-libboringssl-dev.install
index 0000000,0000000..6b0e01e
new file mode 100755
--- /dev/null
+++ b/debian/android-libboringssl-dev.install
@@@ -1,0 -1,0 +1,4 @@@
++#!/usr/bin/dh-exec
++
++debian/out/*.so   usr/lib/${DEB_HOST_MULTIARCH}/android
++include/openssl   usr/include/android
diff --cc debian/android-libboringssl.docs
index 0000000,0000000..b41e947
new file mode 100644
--- /dev/null
+++ b/debian/android-libboringssl.docs
@@@ -1,0 -1,0 +1,3 @@@
++NOTICE
++src/INCORPORATING.md
++src/README.md
diff --cc debian/android-libboringssl.install
index 0000000,0000000..c402285
new file mode 100755
--- /dev/null
+++ b/debian/android-libboringssl.install
@@@ -1,0 -1,0 +1,3 @@@
++#!/usr/bin/dh-exec
++
++debian/out/*.so.* usr/lib/${DEB_HOST_MULTIARCH}/android
diff --cc debian/changelog
index 0000000,0000000..274381c
new file mode 100644
--- /dev/null
+++ b/debian/changelog
@@@ -1,0 -1,0 +1,44 @@@
++android-platform-external-boringssl (10.0.0+r36-1+rpi1) bullseye-staging; urgency=medium
++
++  * Mark asm as armv6 to avoid setting off armv7 contamination checker.
++  * set __ARM_MAX_ARCH__ to 6.
++  * disable HWAES define.
++  * disable GHASH_ASM_ARM define.
++
++ -- Peter Michael Green <plugwash@raspbian.org>  Tue, 19 Jan 2021 16:01:40 +0000
++
++android-platform-external-boringssl (10.0.0+r36-1) unstable; urgency=medium
++
++  * Team upload
++  * New upstream version
++  * Upstream (10.0.0+r36) (Closes: #933865)
++
++ -- Dhyey Patel <griffin98@protonmail.com>  Mon, 23 Nov 2020 12:14:17 +0100
++
++android-platform-external-boringssl (8.1.0+r23-3) unstable; urgency=medium
++
++  [ Kai-Chung Yan (æ®·åè°) ]
++  * d/copyright: Refer to the Apache-2.0 in the commons-licenses
++
++  [ Roger Shimizu ]
++  * d/watch: Update rule to get new upstream version
++
++  [ Hans-Christoph Steiner ]
++  * fix adb crashes on startup on armhf (Closes: #933865)
++
++ -- Hans-Christoph Steiner <hans@eds.org>  Thu, 08 Oct 2020 19:35:08 +0200
++
++android-platform-external-boringssl (8.1.0+r23-2) unstable; urgency=medium
++
++  * Update d/copyright:
++    * Cover all copyright holders (Closes: #905820)
++    * Point the Source to AOSP
++  * Standards-Version => 4.2.1
++
++ -- Kai-Chung Yan <seamlikok@gmail.com>  Fri, 21 Sep 2018 16:43:18 +0800
++
++android-platform-external-boringssl (8.1.0+r23-1) unstable; urgency=medium
++
++  * Initial release (Closes: #823933)
++
++ -- Kai-Chung Yan <seamlikok@gmail.com>  Mon, 28 May 2018 19:53:05 +0200
diff --cc debian/clean
index 0000000,0000000..92a7cdc
new file mode 100644
--- /dev/null
+++ b/debian/clean
@@@ -1,0 -1,0 +1,1 @@@
++debian/out/
diff --cc debian/control
index 0000000,0000000..eb68eea
new file mode 100644
--- /dev/null
+++ b/debian/control
@@@ -1,0 -1,0 +1,57 @@@
++Source: android-platform-external-boringssl
++Section: libs
++Priority: optional
++Maintainer: Android Tools Maintainers <android-tools-devel@lists.alioth.debian.org>
++Uploaders: Kai-Chung Yan <seamlikok@gmail.com>
++Build-Depends: debhelper-compat (= 12),
++               dh-exec,
++Standards-Version: 4.5.0
++Rules-Requires-Root: no
++Vcs-Git: https://salsa.debian.org/android-tools-team/android-platform-external-boringssl.git
++Vcs-Browser: https://salsa.debian.org/android-tools-team/android-platform-external-boringssl
++Homepage: https://android.googlesource.com/platform/external/boringssl
++
++Package: android-libboringssl
++Architecture: armel armhf arm64 amd64 i386 ppc64el
++Depends: ${misc:Depends}, ${shlibs:Depends}
++Description: Google's internal fork of OpenSSL for the Android SDK
++ The Android SDK builds against a static version of BoringSSL,
++ Google's internal fork of OpenSSL.  This package should never be used
++ for anything but Android SDK packages that already depend on it.
++ .
++ BoringSSL arose because Google used OpenSSL for many years in various
++ ways and, over time, built up a large number of patches that were
++ maintained while tracking upstream OpenSSL. As Googleâs product
++ portfolio became more complex, more copies of OpenSSL sprung up and
++ the effort involved in maintaining all these patches in multiple
++ places was growing steadily.
++ .
++ This is the Android AOSP fork of BoringSSL which is designed to be
++ used by Android and its SDK.  BoringSSL is only ever statically linked
++ into apps, and pinned to a commit version.  Upstream has no official
++ releases of BoringSSL on its own, so it must be included separately
++ for each project that uses it.
++
++Package: android-libboringssl-dev
++Section: libdevel
++Architecture: armel armhf arm64 amd64 i386 ppc64el
++Depends: android-libboringssl (= ${binary:Version}), ${misc:Depends}
++Description: Google's internal fork of OpenSSL for the Android SDK - devel
++ The Android SDK builds against a static version of BoringSSL,
++ Google's internal fork of OpenSSL.  This package should never be used
++ for anything but Android SDK packages that already depend on it.
++ .
++ BoringSSL arose because Google used OpenSSL for many years in various
++ ways and, over time, built up a large number of patches that were
++ maintained while tracking upstream OpenSSL. As Googleâs product
++ portfolio became more complex, more copies of OpenSSL sprung up and
++ the effort involved in maintaining all these patches in multiple
++ places was growing steadily.
++ .
++ This is the Android AOSP fork of BoringSSL which is designed to be
++ used by Android and its SDK.  BoringSSL is only ever statically linked
++ into apps, and pinned to a commit version.  Upstream has no official
++ releases of BoringSSL on its own, so it must be included separately
++ for each project that uses it.
++ .
++ This package contains the development files.
diff --cc debian/copyright
index 0000000,0000000..75c8fee
new file mode 100644
--- /dev/null
+++ b/debian/copyright
@@@ -1,0 -1,0 +1,477 @@@
++Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0
++Source: https://android.googlesource.com/platform/external/boringssl
++Upstream-Name: BoringSSL
++
++Files: *
++Copyright: 1998-2011, The OpenSSL Project
++License: OpenSSL and SSLeay
++
++Files: src/crypto/asn1/*
++       src/crypto/base64/base64.c
++       src/crypto/bio/*
++       src/crypto/bn_extra/*
++       src/crypto/buf/*
++       src/crypto/cipher_extra/cipher_extra.c
++       src/crypto/cipher_extra/derive_key.c
++       src/crypto/cipher_extra/e_null.c
++       src/crypto/cipher_extra/e_rc2.c
++       src/crypto/cipher_extra/e_rc4.c
++       src/crypto/cipher_extra/internal.h
++       src/crypto/conf/conf.c
++       src/crypto/conf/conf_def.h
++       src/crypto/cpu-intel.c
++       src/crypto/dh/check.c
++       src/crypto/dh/dh_test.cc
++       src/crypto/dh/dh.c
++       src/crypto/digest_extra/digest_extra.c
++       src/crypto/dsa/dsa_test.cc
++       src/crypto/dsa/dsa.c
++       src/crypto/err/err.c
++       src/crypto/evp/evp_asn1.c
++       src/crypto/evp/evp_ctx.c
++       src/crypto/evp/evp.c
++       src/crypto/evp/internal.h
++       src/crypto/evp/sign.c
++       src/crypto/ex_data.c
++       src/crypto/fipsmodule/bn/*
++       src/crypto/fipsmodule/cipher/cipher.c
++       src/crypto/fipsmodule/cipher/e_des.c
++       src/crypto/fipsmodule/cipher/internal.h
++       src/crypto/fipsmodule/des/des.c
++       src/crypto/fipsmodule/des/internal.h
++       src/crypto/fipsmodule/digest/digest.c
++       src/crypto/fipsmodule/digest/digests.c
++       src/crypto/fipsmodule/digest/internal.h
++       src/crypto/fipsmodule/hmac/hmac.c
++       src/crypto/fipsmodule/md4/md4.c
++       src/crypto/fipsmodule/md5/md5.c
++       src/crypto/fipsmodule/rsa/internal.h
++       src/crypto/fipsmodule/rsa/rsa_impl.c
++       src/crypto/fipsmodule/rsa/rsa.c
++       src/crypto/fipsmodule/sha/sha1-altivec.c
++       src/crypto/fipsmodule/sha/sha1.c
++       src/crypto/fipsmodule/sha/sha256.c
++       src/crypto/fipsmodule/sha/sha512.c
++       src/crypto/hmac_extra/*
++       src/crypto/internal.h
++       src/crypto/lhash/lhash.c
++       src/crypto/mem.c
++       src/crypto/obj/*
++       src/crypto/pem/*
++       src/crypto/rc4/rc4.c
++       src/crypto/rsa_extra/*
++       src/crypto/stack/stack.c
++       src/crypto/thread.c
++       src/crypto/x509/*
++       src/decrepit/bio/base64_bio.c
++       src/decrepit/blowfish/blowfish.c
++       src/decrepit/cast/cast_tables.c
++       src/decrepit/cast/cast.c
++       src/decrepit/cast/internal.h
++       src/decrepit/des/cfb64ede.c
++       src/decrepit/macros.h
++       src/decrepit/rc4/rc4_decrepit.c
++       src/decrepit/ripemd/internal.h
++       src/decrepit/ripemd/ripemd.c
++       src/decrepit/rsa/rsa_decrepit.c
++       src/decrepit/ssl/ssl_decrepit.c
++       src/include/openssl/asn1.h
++       src/include/openssl/base64.h
++       src/include/openssl/bio.h
++       src/include/openssl/blowfish.h
++       src/include/openssl/bn.h
++       src/include/openssl/buf.h
++       src/include/openssl/cast.h
++       src/include/openssl/cipher.h
++       src/include/openssl/conf.h
++       src/include/openssl/cpu.h
++       src/include/openssl/des.h
++       src/include/openssl/dh.h
++       src/include/openssl/digest.h
++       src/include/openssl/dsa.h
++       src/include/openssl/err.h
++       src/include/openssl/evp.h
++       src/include/openssl/ex_data.h
++       src/include/openssl/hmac.h
++       src/include/openssl/lhash.h
++       src/include/openssl/md4.h
++       src/include/openssl/md5.h
++       src/include/openssl/mem.h
++       src/include/openssl/nid.h
++       src/include/openssl/obj.h
++       src/include/openssl/pem.h
++       src/include/openssl/rc4.h
++       src/include/openssl/ripemd.h
++       src/include/openssl/rsa.h
++       src/include/openssl/sha.h
++       src/include/openssl/ssl.h
++       src/include/openssl/ssl3.h
++       src/include/openssl/stack.h
++       src/include/openssl/thread.h
++       src/include/openssl/tls1.h
++       src/include/openssl/type_check.h
++       src/include/openssl/x509_vfy.h
++       src/include/openssl/x509.h
++       src/ssl/*
++Copyright: 1995-1998, Eric Young <eay@cryptsoft.com>
++License: SSLeay
++
++Files: crypto_test_data.cc
++       err_data.c
++       rules.mk
++       src/.clang-format
++       src/.github/*
++       src/.gitignore
++       src/BUILDING.md
++       src/CMakeLists.txt
++       src/codereview.settings
++       src/CONTRIBUTING.md
++       src/crypto/asn1/asn1_test.cc
++       src/crypto/base64/base64_test.cc
++       src/crypto/bio/bio_test.cc
++       src/crypto/bio/socket_helper.c
++       src/crypto/bn_extra/bn_asn1.c
++       src/crypto/bytestring/*
++       src/crypto/chacha/*
++       src/crypto/cipher_extra/aead_test.cc
++       src/crypto/cipher_extra/e_aesctrhmac.c
++       src/crypto/cipher_extra/e_aesgcmsiv.c
++       src/crypto/cipher_extra/e_chacha20poly1305.c
++       src/crypto/cipher_extra/e_ssl3.c
++       src/crypto/cipher_extra/e_tls.c
++       src/crypto/cipher_extra/test/nist_cavp/make_cavp.go
++       src/crypto/cmac/cmac_test.cc
++       src/crypto/compiler_test.cc
++       src/crypto/conf/internal.h
++       src/crypto/cpu-aarch64-linux.c
++       src/crypto/cpu-arm-linux.c
++       src/crypto/cpu-arm.c
++       src/crypto/cpu-ppc64le.c
++       src/crypto/crypto.c
++       src/crypto/curve25519/*
++       src/crypto/dh/CMakeLists.txt
++       src/crypto/digest_extra/digest_test.cc
++       src/crypto/digest_extra/internal.h
++       src/crypto/ecdh/ecdh_test.cc
++       src/crypto/engine/*
++       src/crypto/err/err_data_generate.go
++       src/crypto/err/err_test.cc
++       src/crypto/evp/evp_extra_test.cc
++       src/crypto/evp/p_ed25519_asn1.c
++       src/crypto/evp/p_ed25519.c
++       src/crypto/evp/pbkdf_test.cc
++       src/crypto/evp/scrypt_test.cc
++       src/crypto/fipsmodule/aes/aes_test.cc
++       src/crypto/fipsmodule/aes/internal.h
++       src/crypto/fipsmodule/bcm.c
++       src/crypto/fipsmodule/bn/check_bn_tests.go
++       src/crypto/fipsmodule/cipher/aead.c
++       src/crypto/fipsmodule/delocate.h
++       src/crypto/fipsmodule/ec/ec_test.cc
++       src/crypto/fipsmodule/ec/p224-64.c
++       src/crypto/fipsmodule/ec/p256-64.c
++       src/crypto/fipsmodule/ec/p256-x86_64_test.cc
++       src/crypto/fipsmodule/ec/util-64.c
++       src/crypto/fipsmodule/is_fips.c
++       src/crypto/fipsmodule/modes/polyval.c
++       src/crypto/fipsmodule/rand/*
++       src/crypto/hkdf/*
++       src/crypto/lhash/lhash_test.cc
++       src/crypto/lhash/make_macros.sh
++       src/crypto/obj/obj_test.cc
++       src/crypto/obj/objects.go
++       src/crypto/pkcs7/*
++       src/crypto/pkcs8/pkcs12_test.cc
++       src/crypto/pkcs8/pkcs8_test.cc
++       src/crypto/poly1305/*
++       src/crypto/pool/*
++       src/crypto/rand_extra/*
++       src/crypto/refcount_*.c
++       src/crypto/test/*
++       src/crypto/thread_*.c
++       src/crypto/x509/internal.h
++       src/crypto/x509/x509_test.cc
++       src/decrepit/evp/*
++       src/decrepit/obj/*
++       src/decrepit/ripemd/*
++       src/decrepit/x509/*
++       src/fipstools/*
++       src/FUZZING.md
++       src/include/openssl/aead.h
++       src/include/openssl/asn1_mac.h
++       src/include/openssl/buffer.h
++       src/include/openssl/bytestring.h
++       src/include/openssl/chacha.h
++       src/include/openssl/cmac.h
++       src/include/openssl/crypto.h
++       src/include/openssl/curve25519.h
++       src/include/openssl/dtls1.h
++       src/include/openssl/engine.h
++       src/include/openssl/hkdf.h
++       src/include/openssl/is_boringssl.h
++       src/include/openssl/lhash_macros.h
++       src/include/openssl/obj_mac.h
++       src/include/openssl/objects.h
++       src/include/openssl/opensslconf.h
++       src/include/openssl/opensslv.h
++       src/include/openssl/ossl_typ.h
++       src/include/openssl/pkcs12.h
++       src/include/openssl/pkcs7.h
++       src/include/openssl/poly1305.h
++       src/include/openssl/pool.h
++       src/include/openssl/rand.h
++       src/include/openssl/safestack.h
++       src/include/openssl/srtp.h
++       src/INCORPORATING.md
++       src/LICENSE
++       src/PORTING.md
++       src/README.md
++       src/ssl/CMakeLists.txt
++       src/ssl/custom_extensions.cc
++       src/ssl/ssl_aead_ctx.cc
++       src/ssl/ssl_buffer.cc
++       src/ssl/ssl_ecdh.cc
++       src/ssl/ssl_test.cc
++       src/ssl/ssl_versions.cc
++       src/ssl/test/*
++       src/ssl/tls13_both.cc
++       src/ssl/tls13_client.cc
++       src/ssl/tls13_enc.cc
++       src/ssl/tls13_server.cc
++       src/STYLE.md
++       src/tool/*
++       src/util/*
++Copyright: 2014-2017, Google Inc.
++License: ISC
++
++Files: src/crypto/cipher_extra/asm/aes128gcmsiv-x86_64.pl
++Copyright: 2017, Shay Gueron
++           2017, Google Inc
++License: ISC
++
++Files: AndroidTest.xml
++       sources.bp
++       sources.mk
++Copyright: 2017, The Android Open Source Project
++License: Apache-2.0
++
++Files: src/ssl/test/runner/curve25519/*
++       src/ssl/test/runner/ed25519/*
++       src/ssl/test/runner/alert.go
++       src/ssl/test/runner/cipher_suites.go
++       src/ssl/test/runner/common.go
++       src/ssl/test/runner/conn.go
++       src/ssl/test/runner/dtls.go
++       src/ssl/test/runner/handshake_client.go
++       src/ssl/test/runner/handshake_messages.go
++       src/ssl/test/runner/handshake_server.go
++       src/ssl/test/runner/key_agreement.go
++       src/ssl/test/runner/packet_adapter.go
++       src/ssl/test/runner/prf.go
++       src/ssl/test/runner/sign.go
++       src/ssl/test/runner/ticket.go
++       src/ssl/test/runner/tls.go
++Copyright: 2012-2016, The Go Authors
++License: BSD-3-clause
++
++Files: src/util/bot/go/*
++       src/util/bot/vs_toolchain.py
++Copyright: 2014, The Chromium Authors
++License: BSD-3-clause
++
++Files: src/crypto/fipsmodule/bn/asm/rsaz-avx2.pl
++       src/crypto/fipsmodule/bn/rsaz_exp.c
++       src/crypto/fipsmodule/bn/rsaz_exp.h
++Copyright: 2012, Intel Corporation
++License: BSD-3-clause
++
++Files: src/crypto/fipsmodule/ec/asm/p256-x86_64-asm.pl
++       src/crypto/fipsmodule/ec/p256-x86_64-table.h
++       src/crypto/fipsmodule/ec/p256-x86_64.*
++Copyright: 2014-2015, Intel Corporation
++License: ISC
++
++Files: src/crypto/x509v3/v3_pci.c
++       src/crypto/x509v3/v3_pcia.c
++Copyright: 2004, Kungliga Tekniska HÃ¶gskolan
++License: BSD-3-clause
++
++Files: src/third_party/android-cmake/AndroidNdkGdb.cmake
++       src/third_party/android-cmake/AndroidNdkModules.cmake
++Copyright: 2014, Pavel Rojtberg
++License: BSD-3-clause
++
++Files: src/third_party/android-cmake/android.toolchain.cmake
++Copyright: 2011-2014, Andrey Kamaev
++           2010-2011, Ethan Rublee
++License: BSD-3-clause
++
++Files: src/crypto/ecdh/ecdh.c
++       src/include/openssl/ecdh.h
++Copyright: 2002, Sun Microsystems
++           2000-2002, The OpenSSL Project
++License: OpenSSL
++
++Files: src/crypto/fipsmodule/bn/montgomery_inv.c
++Copyright: 2016, Brian Smith
++License: ISC
++
++Files: src/crypto/cipher_extra/asm/chacha20_poly1305_x86_64.pl
++Copyright: 2015, CloudFlare Ltd
++License: ISC
++
++Files: debian/*
++Copyright: 2016, Kai-Chung Yan <seamlikok@gmail.com>
++License: MIT
++
++License: OpenSSL
++ Redistribution and use in source and binary forms, with or without
++ modification, are permitted provided that the following conditions
++ are met:
++ 1. Redistributions of source code must retain the above copyright
++    notice, this list of conditions and the following disclaimer.
++ 2. Redistributions in binary form must reproduce the above copyright
++    notice, this list of conditions and the following disclaimer in
++    the documentation and/or other materials provided with the
++    distribution.
++ 3. All advertising materials mentioning features or use of this
++    software must display the following acknowledgment:
++    "This product includes software developed by the OpenSSL Project
++    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
++ 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
++    endorse or promote products derived from this software without
++    prior written permission. For written permission, please contact
++    openssl-core@openssl.org.
++ 5. Products derived from this software may not be called "OpenSSL"
++    nor may "OpenSSL" appear in their names without prior written
++    permission of the OpenSSL Project.
++ 6. Redistributions of any form whatsoever must retain the following
++    acknowledgment:
++    "This product includes software developed by the OpenSSL Project
++    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
++ .
++ THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
++ EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
++ PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
++ ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
++ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++ LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
++ OF THE POSSIBILITY OF SUCH DAMAGE.
++
++License: ISC
++ Permission to use, copy, modify, and/or distribute this software for any
++ purpose with or without fee is hereby granted, provided that the above
++ copyright notice and this permission notice appear in all copies.
++ .
++ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
++ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
++ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
++ SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
++ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
++ OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
++ CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
++
++License: MIT
++ Permission is hereby granted, free of charge, to any person obtaining a copy
++ of this software and associated documentation files (the "Software"), to deal
++ in the Software without restriction, including without limitation the rights
++ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
++ copies of the Software, and to permit persons to whom the Software is
++ furnished to do so, subject to the following conditions:
++ .
++ The above copyright notice and this permission notice shall be included in all
++ copies or substantial portions of the Software.
++ .
++ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
++ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
++ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
++ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
++ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
++ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
++ SOFTWARE.
++
++License: SSLeay
++ This library is free for commercial and non-commercial use as long as
++ the following conditions are adhered to.  The following conditions
++ apply to all code found in this distribution, be it the RC4, RSA,
++ lhash, DES, etc., code; not just the SSL code.  The SSL documentation
++ included with this distribution is covered by the same copyright terms
++ except that the holder is Tim Hudson (tjh@cryptsoft.com).
++ .
++ Copyright remains Eric Young's, and as such any Copyright notices in
++ the code are not to be removed.
++ If this package is used in a product, Eric Young should be given attribution
++ as the author of the parts of the library used.
++ This can be in the form of a textual message at program startup or
++ in documentation (online or textual) provided with the package.
++ .
++ Redistribution and use in source and binary forms, with or without
++ modification, are permitted provided that the following conditions
++ are met:
++ 1. Redistributions of source code must retain the copyright
++    notice, this list of conditions and the following disclaimer.
++ 2. Redistributions in binary form must reproduce the above copyright
++    notice, this list of conditions and the following disclaimer in the
++    documentation and/or other materials provided with the distribution.
++ 3. All advertising materials mentioning features or use of this software
++    must display the following acknowledgement:
++    "This product includes cryptographic software written by
++     Eric Young (eay@cryptsoft.com)"
++    The word 'cryptographic' can be left out if the routines from the library
++    being used are not cryptographic related :-).
++ 4. If you include any Windows specific code (or a derivative thereof) from
++    the apps directory (application code) you must include an acknowledgement:
++    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
++ .
++ THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
++ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
++ ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
++ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
++ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
++ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
++ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
++ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
++ SUCH DAMAGE.
++ .
++ The licence and distribution terms for any publically available version or
++ derivative of this code cannot be changed.  i.e. this code cannot simply be
++ copied and put under another distribution licence
++ [including the GNU General Public Licence.]
++
++License: Apache-2.0
++ On Debian systems, the full text of the Apache License, Version 2.0
++ can be found in the file `/usr/share/common-licenses/Apache-2.0'.
++
++License: BSD-3-clause
++ Redistribution and use in source and binary forms, with or without
++ modification, are permitted provided that the following conditions are
++ met:
++ .
++    * Redistributions of source code must retain the above copyright
++ notice, this list of conditions and the following disclaimer.
++    * Redistributions in binary form must reproduce the above
++ copyright notice, this list of conditions and the following disclaimer
++ in the documentation and/or other materials provided with the
++ distribution.
++    * Neither the name of Google Inc. nor the names of its
++ contributors may be used to endorse or promote products derived from
++ this software without specific prior written permission.
++ .
++ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
++ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
++ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
++ A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
++ OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
++ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
++ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
++ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --cc debian/gbp.conf
index 0000000,0000000..5474c60
new file mode 100644
--- /dev/null
+++ b/debian/gbp.conf
@@@ -1,0 -1,0 +1,3 @@@
++[DEFAULT]
++pristine-tar = True
++sign-tags = True
diff --cc debian/libcrypto.mk
index 0000000,0000000..4c0268e
new file mode 100644
--- /dev/null
+++ b/debian/libcrypto.mk
@@@ -1,0 -1,0 +1,31 @@@
++include sources.mk
++
++NAME = libcrypto
++SOURCES = $(crypto_sources)
++
++amd64_SOURCES = $(linux_x86_64_sources)
++arm64_SOURCES = $(linux_aarch64_sources)
++armel_SOURCES = $(linux_arm_sources)
++armhf_SOURCES = $(linux_arm_sources)
++i386_SOURCES = $(linux_x86_sources)
++ppcel64_SOURCES = $(linux_ppc64le_sources)
++
++SOURCES += $($(DEB_HOST_ARCH)_SOURCES)
++
++CFLAGS+= \
++  -D_XOPEN_SOURCE=700 \
++  -DBORINGSSL_ANDROID_SYSTEM \
++  -DBORINGSSL_IMPLEMENTATION \
++  -DBORINGSSL_SHARED_LIBRARY \
++  -DOPENSSL_SMALL \
++  -fvisibility=hidden \
++  -Wa,--noexecstack # Fixes `shlib-with-executable-stack`, see `src/util/BUILD.toplevel`
++
++CPPFLAGS += -Isrc/include -Isrc/crypto
++
++LDFLAGS += -shared -Wl,-soname,$(NAME).so.0 -lpthread
++
++build: $(SOURCES)
++	mkdir --parents debian/out
++	$(CC) $^ -o debian/out/$(NAME).so.0 $(CFLAGS) $(CPPFLAGS) $(LDFLAGS)
++	ln -s $(NAME).so.0 debian/out/$(NAME).so
diff --cc debian/libssl.mk
index 0000000,0000000..7eba91b
new file mode 100644
--- /dev/null
+++ b/debian/libssl.mk
@@@ -1,0 -1,0 +1,57 @@@
++NAME = libssl
++SOURCES = \
++  src/ssl/bio_ssl.cc \
++  src/ssl/d1_both.cc \
++  src/ssl/d1_lib.cc \
++  src/ssl/d1_pkt.cc \
++  src/ssl/d1_srtp.cc \
++  src/ssl/dtls_method.cc \
++  src/ssl/dtls_record.cc \
++  src/ssl/handoff.cc \
++  src/ssl/handshake.cc \
++  src/ssl/handshake_client.cc \
++  src/ssl/handshake_server.cc \
++  src/ssl/s3_both.cc \
++  src/ssl/s3_lib.cc \
++  src/ssl/s3_pkt.cc \
++  src/ssl/ssl_aead_ctx.cc \
++  src/ssl/ssl_asn1.cc \
++  src/ssl/ssl_buffer.cc \
++  src/ssl/ssl_cert.cc \
++  src/ssl/ssl_cipher.cc \
++  src/ssl/ssl_file.cc \
++  src/ssl/ssl_key_share.cc \
++  src/ssl/ssl_lib.cc \
++  src/ssl/ssl_privkey.cc \
++  src/ssl/ssl_session.cc \
++  src/ssl/ssl_stat.cc \
++  src/ssl/ssl_transcript.cc \
++  src/ssl/ssl_versions.cc \
++  src/ssl/ssl_x509.cc \
++  src/ssl/t1_enc.cc \
++  src/ssl/t1_lib.cc \
++  src/ssl/tls13_both.cc \
++  src/ssl/tls13_client.cc \
++  src/ssl/tls13_enc.cc \
++  src/ssl/tls13_server.cc \
++  src/ssl/tls_method.cc \
++  src/ssl/tls_record.cc \
++
++CXXFLAGS += \
++  -D_XOPEN_SOURCE=700 \
++  -DBORINGSSL_ANDROID_SYSTEM \
++  -DBORINGSSL_IMPLEMENTATION \
++  -DBORINGSSL_SHARED_LIBRARY \
++  -DOPENSSL_SMALL \
++  -fvisibility=hidden \
++
++CPPFLAGS += -Isrc/include
++
++LDFLAGS += -shared -Wl,-soname,$(NAME).so.0 \
++           -Wl,-rpath=/usr/lib/$(DEB_HOST_MULTIARCH)/android \
++           -lpthread -Ldebian/out -lcrypto
++
++build: $(SOURCES)
++	mkdir --parents debian/out
++	$(CXX) $^ -o debian/out/$(NAME).so.0 $(CXXFLAGS) $(CPPFLAGS) $(LDFLAGS)
++	ln -s $(NAME).so.0 debian/out/$(NAME).so
diff --cc debian/patches/armv6.patch
index 0000000,0000000..2dd5612
new file mode 100644
--- /dev/null
+++ b/debian/patches/armv6.patch
@@@ -1,0 -1,0 +1,392 @@@
++Description: Mark asm as armv6 to avoid setting off armv7 contamination checker.
++Author: Peter Michael Green <plugwash@raspbian.org>
++
++Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/chacha/chacha-armv4.S
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/chacha/chacha-armv4.S
+++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/chacha/chacha-armv4.S
++@@ -16,7 +16,7 @@
++ 
++ @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
++ @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions.
++-.arch	armv7-a
+++.arch	armv6
++ 
++ .text
++ #if defined(__thumb2__) || defined(__clang__)
++@@ -808,7 +808,7 @@ ChaCha20_ctr32:
++ 	ldmia	sp!,{r4,r5,r6,r7,r8,r9,r10,r11,pc}
++ .size	ChaCha20_ctr32,.-ChaCha20_ctr32
++ #if __ARM_MAX_ARCH__>=7
++-.arch	armv7-a
+++.arch	armv6
++ .fpu	neon
++ 
++ .type	ChaCha20_neon,%function
++Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/aes-armv4.S
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/fipsmodule/aes-armv4.S
+++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/aes-armv4.S
++@@ -61,7 +61,7 @@
++ @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
++ @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions. (ARMv8 AES
++ @ instructions are in aesv8-armx.pl.)
++-.arch	armv7-a
+++.arch	armv6
++ 
++ .text
++ #if defined(__thumb2__) && !defined(__APPLE__)
++Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/aesv8-armx32.S
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/fipsmodule/aesv8-armx32.S
+++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/aesv8-armx32.S
++@@ -16,7 +16,7 @@
++ 
++ #if __ARM_MAX_ARCH__>=7
++ .text
++-.arch	armv7-a	@ don't confuse not-so-latest binutils with argv8 :-)
+++.arch	armv6	@ don't confuse not-so-latest binutils with argv8 :-)
++ .fpu	neon
++ .code	32
++ #undef	__thumb2__
++Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/armv4-mont.S
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/fipsmodule/armv4-mont.S
+++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/armv4-mont.S
++@@ -16,7 +16,7 @@
++ 
++ @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
++ @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions.
++-.arch	armv7-a
+++.arch	armv6
++ 
++ .text
++ #if defined(__thumb2__)
++@@ -210,7 +210,7 @@ bn_mul_mont:
++ #endif
++ .size	bn_mul_mont,.-bn_mul_mont
++ #if __ARM_MAX_ARCH__>=7
++-.arch	armv7-a
+++.arch	armv6
++ .fpu	neon
++ 
++ .type	bn_mul8x_mont_neon,%function
++Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/bsaes-armv7.S
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/fipsmodule/bsaes-armv7.S
+++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/bsaes-armv7.S
++@@ -84,7 +84,7 @@
++ #endif
++ 
++ #if __ARM_MAX_ARCH__>=7
++-.arch	armv7-a
+++.arch	armv6
++ .fpu	neon
++ 
++ .text
++Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/ghash-armv4.S
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/fipsmodule/ghash-armv4.S
+++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/ghash-armv4.S
++@@ -17,7 +17,7 @@
++ @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
++ @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions. (ARMv8 PMULL
++ @ instructions are in aesv8-armx.pl.)
++-.arch	armv7-a
+++.arch	armv6
++ 
++ .text
++ #if defined(__thumb2__) || defined(__clang__)
++@@ -367,7 +367,7 @@ gcm_gmult_4bit:
++ #endif
++ .size	gcm_gmult_4bit,.-gcm_gmult_4bit
++ #if __ARM_MAX_ARCH__>=7
++-.arch	armv7-a
+++.arch	armv6
++ .fpu	neon
++ 
++ .globl	gcm_init_neon
++Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/sha1-armv4-large.S
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/fipsmodule/sha1-armv4-large.S
+++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/sha1-armv4-large.S
++@@ -506,7 +506,7 @@ sha1_block_data_order:
++ .align	2
++ .align	5
++ #if __ARM_MAX_ARCH__>=7
++-.arch	armv7-a
+++.arch	armv6
++ .fpu	neon
++ 
++ .type	sha1_block_data_order_neon,%function
++Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/sha256-armv4.S
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/fipsmodule/sha256-armv4.S
+++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/sha256-armv4.S
++@@ -67,7 +67,7 @@
++ @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
++ @ ARMv7 and ARMv8 processors. It does have ARMv8-only code, but those
++ @ instructions are manually-encoded. (See unsha256.)
++-.arch	armv7-a
+++.arch	armv6
++ 
++ .text
++ #if defined(__thumb2__)
++@@ -1892,7 +1892,7 @@ sha256_block_data_order:
++ #endif
++ .size	sha256_block_data_order,.-sha256_block_data_order
++ #if __ARM_MAX_ARCH__>=7
++-.arch	armv7-a
+++.arch	armv6
++ .fpu	neon
++ 
++ .globl	sha256_block_data_order_neon
++Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/sha512-armv4.S
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/fipsmodule/sha512-armv4.S
+++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/sha512-armv4.S
++@@ -79,7 +79,7 @@
++ 
++ @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
++ @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions.
++-.arch	armv7-a
+++.arch	armv6
++ 
++ #ifdef __ARMEL__
++ # define LO 0
++@@ -550,7 +550,7 @@ sha512_block_data_order:
++ #endif
++ .size	sha512_block_data_order,.-sha512_block_data_order
++ #if __ARM_MAX_ARCH__>=7
++-.arch	armv7-a
+++.arch	armv6
++ .fpu	neon
++ 
++ .globl	sha512_block_data_order_neon
++Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/test/trampoline-armv4.S
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/test/trampoline-armv4.S
+++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/test/trampoline-armv4.S
++@@ -14,7 +14,7 @@
++ #endif
++ .syntax	unified
++ 
++-.arch	armv7-a
+++.arch	armv6
++ .fpu	vfp
++ 
++ .text
++Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/chacha/asm/chacha-armv4.pl
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/chacha/asm/chacha-armv4.pl
+++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/chacha/asm/chacha-armv4.pl
++@@ -173,7 +173,7 @@ $code.=<<___;
++ 
++ @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
++ @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions.
++-.arch  armv7-a
+++.arch  armv6
++ 
++ .text
++ #if defined(__thumb2__) || defined(__clang__)
++@@ -665,7 +665,7 @@ my ($a,$b,$c,$d,$t)=@_;
++ 
++ $code.=<<___;
++ #if __ARM_MAX_ARCH__>=7
++-.arch	armv7-a
+++.arch	armv6
++ .fpu	neon
++ 
++ .type	ChaCha20_neon,%function
++Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/aes/asm/aes-armv4.pl
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/aes/asm/aes-armv4.pl
+++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/aes/asm/aes-armv4.pl
++@@ -79,7 +79,7 @@ $code=<<___;
++ @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
++ @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions. (ARMv8 AES
++ @ instructions are in aesv8-armx.pl.)
++-.arch  armv7-a
+++.arch  armv6
++ 
++ .text
++ #if defined(__thumb2__) && !defined(__APPLE__)
++Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/aes/asm/aesv8-armx.pl
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/aes/asm/aesv8-armx.pl
+++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/aes/asm/aesv8-armx.pl
++@@ -60,7 +60,7 @@ $code=<<___;
++ ___
++ $code.=".arch	armv8-a+crypto\n"			if ($flavour =~ /64/);
++ $code.=<<___						if ($flavour !~ /64/);
++-.arch	armv7-a	// don't confuse not-so-latest binutils with argv8 :-)
+++.arch	armv6	// don't confuse not-so-latest binutils with argv8 :-)
++ .fpu	neon
++ .code	32
++ #undef	__thumb2__
++Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/aes/asm/bsaes-armv7.pl
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/aes/asm/bsaes-armv7.pl
+++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/aes/asm/bsaes-armv7.pl
++@@ -725,7 +725,7 @@ $code.=<<___;
++ #endif
++ 
++ #if __ARM_MAX_ARCH__>=7
++-.arch	armv7-a
+++.arch	armv6
++ .fpu	neon
++ 
++ .text
++Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/bn/asm/armv4-mont.pl
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/bn/asm/armv4-mont.pl
+++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/bn/asm/armv4-mont.pl
++@@ -99,7 +99,7 @@ $code=<<___;
++ 
++ @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
++ @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions.
++-.arch  armv7-a
+++.arch  armv6
++ 
++ .text
++ #if defined(__thumb2__)
++@@ -306,7 +306,7 @@ my ($tinptr,$toutptr,$inner,$outer,$bnpt
++ 
++ $code.=<<___;
++ #if __ARM_MAX_ARCH__>=7
++-.arch	armv7-a
+++.arch	armv6
++ .fpu	neon
++ 
++ .type	bn_mul8x_mont_neon,%function
++Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/modes/asm/ghash-armv4.pl
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/modes/asm/ghash-armv4.pl
+++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/modes/asm/ghash-armv4.pl
++@@ -145,7 +145,7 @@ $code=<<___;
++ @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
++ @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions. (ARMv8 PMULL
++ @ instructions are in aesv8-armx.pl.)
++-.arch  armv7-a
+++.arch  armv6
++ 
++ .text
++ #if defined(__thumb2__) || defined(__clang__)
++@@ -429,7 +429,7 @@ ___
++ 
++ $code.=<<___;
++ #if __ARM_MAX_ARCH__>=7
++-.arch	armv7-a
+++.arch	armv6
++ .fpu	neon
++ 
++ .global	gcm_init_neon
++Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/sha/asm/sha1-armv4-large.pl
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/sha/asm/sha1-armv4-large.pl
+++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/sha/asm/sha1-armv4-large.pl
++@@ -525,7 +525,7 @@ sub Xloop()
++ 
++ $code.=<<___;
++ #if __ARM_MAX_ARCH__>=7
++-.arch	armv7-a
+++.arch	armv6
++ .fpu	neon
++ 
++ .type	sha1_block_data_order_neon,%function
++Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/sha/asm/sha256-armv4.pl
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/sha/asm/sha256-armv4.pl
+++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/sha/asm/sha256-armv4.pl
++@@ -184,7 +184,7 @@ $code=<<___;
++ @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
++ @ ARMv7 and ARMv8 processors. It does have ARMv8-only code, but those
++ @ instructions are manually-encoded. (See unsha256.)
++-.arch  armv7-a
+++.arch  armv6
++ 
++ .text
++ #if defined(__thumb2__)
++@@ -475,7 +475,7 @@ sub body_00_15 () {
++ 
++ $code.=<<___;
++ #if __ARM_MAX_ARCH__>=7
++-.arch	armv7-a
+++.arch	armv6
++ .fpu	neon
++ 
++ .global	sha256_block_data_order_neon
++Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/sha/asm/sha512-armv4.pl
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/sha/asm/sha512-armv4.pl
+++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/sha/asm/sha512-armv4.pl
++@@ -210,7 +210,7 @@ $code=<<___;
++ 
++ @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
++ @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions.
++-.arch  armv7-a
+++.arch  armv6
++ 
++ #ifdef __ARMEL__
++ # define LO 0
++@@ -606,7 +606,7 @@ ___
++ 
++ $code.=<<___;
++ #if __ARM_MAX_ARCH__>=7
++-.arch	armv7-a
+++.arch	armv6
++ .fpu	neon
++ 
++ .global	sha512_block_data_order_neon
++Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/test/asm/trampoline-armv4.pl
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/test/asm/trampoline-armv4.pl
+++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/test/asm/trampoline-armv4.pl
++@@ -49,7 +49,7 @@ my ($func, $state, $argv, $argc) = ("r0"
++ my $code = <<____;
++ .syntax	unified
++ 
++-.arch	armv7-a
+++.arch	armv6
++ .fpu	vfp
++ 
++ .text
++Index: android-platform-external-boringssl-10.0.0+r36/src/include/openssl/arm_arch.h
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/src/include/openssl/arm_arch.h
+++++ android-platform-external-boringssl-10.0.0+r36/src/include/openssl/arm_arch.h
++@@ -100,7 +100,7 @@
++ 
++ // Even when building for 32-bit ARM, support for aarch64 crypto instructions
++ // will be included.
++-#define __ARM_MAX_ARCH__ 8
+++#define __ARM_MAX_ARCH__ 6
++ 
++ // ARMV7_NEON is true when a NEON unit is present in the current CPU.
++ #define ARMV7_NEON (1 << 0)
++Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/aes/internal.h
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/aes/internal.h
+++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/aes/internal.h
++@@ -42,7 +42,7 @@ OPENSSL_INLINE int vpaes_capable(void) {
++   return (OPENSSL_ia32cap_get()[1] & (1 << (41 - 32))) != 0;
++ }
++ 
++-#elif defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)
+++#elif false
++ #define HWAES
++ 
++ OPENSSL_INLINE int hwaes_capable(void) { return CRYPTO_is_ARMv8_AES_capable(); }
++Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/modes/internal.h
++===================================================================
++--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/modes/internal.h
+++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/modes/internal.h
++@@ -314,7 +314,7 @@ void gcm_ghash_4bit_mmx(uint64_t Xi[2],
++                         size_t len);
++ #endif  // OPENSSL_X86
++ 
++-#elif defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)
+++#elif false
++ #define GHASH_ASM_ARM
++ #define GCM_FUNCREF_4BIT
++ 
diff --cc debian/patches/series
index 0000000,0000000..ebe53ce
new file mode 100644
--- /dev/null
+++ b/debian/patches/series
@@@ -1,0 -1,0 +1,1 @@@
++armv6.patch
diff --cc debian/rules
index 0000000,0000000..e15c3a1
new file mode 100755
--- /dev/null
+++ b/debian/rules
@@@ -1,0 -1,0 +1,13 @@@
++#!/usr/bin/make -f
++
++include /usr/share/dpkg/architecture.mk
++include /usr/share/dpkg/pkg-info.mk
++
++export DEB_LDFLAGS_MAINT_APPEND = -fPIC
++export DEB_BUILD_MAINT_OPTIONS = hardening=+all
++
++%:
++	dh $@
++override_dh_auto_build:
++	dh_auto_build --buildsystem=makefile -- -f debian/libcrypto.mk
++	dh_auto_build --buildsystem=makefile -- -f debian/libssl.mk
diff --cc debian/source/format
index 0000000,0000000..46ebe02
new file mode 100644
--- /dev/null
+++ b/debian/source/format
@@@ -1,0 -1,0 +1,1 @@@
++3.0 (quilt)
diff --cc debian/source/lintian-overrides
index 0000000,0000000..c6344f5
new file mode 100644
--- /dev/null
+++ b/debian/source/lintian-overrides
@@@ -1,0 -1,0 +1,5 @@@
++# These are only test files for the ar implementation in Go.
++source: source-is-missing src/util/ar/testdata/linux/bar.cc.o
++source: source-is-missing src/util/ar/testdata/linux/foo.c.o
++source: source-contains-prebuilt-binary src/util/ar/testdata/linux/bar.cc.o
++source: source-contains-prebuilt-binary src/util/ar/testdata/linux/foo.c.o
diff --cc debian/watch
index 0000000,0000000..bb69267
new file mode 100644
--- /dev/null
+++ b/debian/watch
@@@ -1,0 -1,0 +1,6 @@@
++version=4
++opts="pagemangle=s%\">android-%\.tar\.gz\">android-%g;s%/\+/refs/tags/%/+archive/%g, \
++      uversionmangle=s%\.(\d+)\.\.tar\.gz%\+r$1%, \
++      filenamemangle=s%[\w\/]+\+archive\/android-%@PACKAGE@-%" \
++https://android.googlesource.com/platform/external/boringssl/+refs \
++    [\w\/]+\+archive\/android-([0-9\.]+)_r(\d+|\d+\.\d+|\w)(\.tar\.gz) debian uupdate