Disable AT_SECURE check when OpenSSL reads environment variables

Author: mhsmith

android-env.sh

@@ -62,12 +62,12 @@ export CFLAGS=""
 export LDFLAGS="-Wl,--build-id=sha1 -Wl,--no-rosegment"
 
 # Many packages get away with omitting this on standard Linux, but Android is stricter.
-LDFLAGS+=" -lm"
+LDFLAGS="$LDFLAGS -lm"
 
 # -mstackrealign is included where necessary in the clang launcher scripts which are
 # pointed to by $CC, so we don't need to include it here.
 if [ $HOST = "arm-linux-androideabi" ]; then
-    CFLAGS+=" -march=armv7-a -mthumb"
+    CFLAGS="$CFLAGS -march=armv7-a -mthumb"
 fi
 
 if [ -n "${PREFIX:-}" ]; then

openssl/at_secure.patch

@@ -0,0 +1,15 @@
+--- a/crypto/uid.c	2024-01-30 13:28:16
++++ b/crypto/uid.c	2024-03-09 12:34:25
+@@ -46,7 +46,11 @@
+
+ int OPENSSL_issetugid(void)
+ {
+-# ifdef OSSL_IMPLEMENT_GETAUXVAL
++// CPython: due to the way Android apps are started, they always have AT_SECURE set
++// (https://android.googlesource.com/platform/bionic/+/6bb01b6%5E%21/). But all their
++// environment variables come either from the operating system or the app itself, so
++// there's no security risk here.
++# if defined(OSSL_IMPLEMENT_GETAUXVAL) && !defined(__ANDROID__)
+     return getauxval(AT_SECURE) != 0;
+ # else
+     return getuid() != geteuid() || getgid() != getegid();

openssl/build.sh

@@ -20,6 +20,8 @@ cd $build_dir
 tar -xf $version_dir/$src_filename
 cd $(basename $src_filename .tar.gz)
 
+patch -p1 -i $recipe_dir/at_secure.patch
+
 # CFLAGS environment variable replaces default flags rather than adding to them.
 CFLAGS+=" -O2"
 export LDLIBS="-latomic"