upstream/oracle/userland-gate: comparison components/openssl/openssl-1.0.1/patches/30

equal deleted inserted replaced

-:29dc96079508
+:7f9e1e7611b8
 ENGDIRS= ccgost
 SHLIBDIRS= crypto ssl
 --- openssl-1.0.0e/crypto/cryptlib.c	2011-06-22 08:39:00.000000000 -0700
 +++ openssl-1.0.0e_patched/crypto/cryptlib.c	2011-12-12 06:17:45.422476900 -0800
-@@ -415,6 +415,7 @@
+@@ -412,6 +412,7 @@
 static void solaris_locking_callback(int mode, int type, const char *file,
 int line)
 	{
 +#ifndef	_BOOT
 	if (mode & CRYPTO_LOCK)
 		{
 		pthread_mutex_lock(&solaris_openssl_locks[type]);
-@@ -423,6 +424,7 @@
+@@ -420,6 +421,7 @@
 		{
 		pthread_mutex_unlock(&solaris_openssl_locks[type]);
 		}
 +#endif
 	}
-@@ -456,6 +458,12 @@
+@@ -453,6 +455,12 @@
 		}
 	/*
 +	 * pthread_* can't be used in wanboot.
 +	 * wanboot needs not be thread-safe and mutexes and locking callback
 +#ifndef	_BOOT
 +	/*
 	 * Set atfork handler so that child can setup its own mutexes and
 	 * locking callbacks when it is forked
 	 */
-@@ -478,7 +486,7 @@
+@@ -475,7 +483,7 @@
 		pthread_mutex_init(&solaris_openssl_locks[i], NULL);
 		}
 	locking_callback = solaris_locking_callback;
 -
 +#endif
-	}
+}
-void CRYPTO_set_locking_callback(void (*func)(int mode,int type,
+void CRYPTO_set_locking_callback(void (*func) (int mode, int type,
-@@ -979,6 +979,10 @@
+@@ -1021,6 +1029,12 @@
-	MessageBox (NULL,buf,_T("OpenSSL: FATAL"),MB_OK|MB_ICONSTOP);
+MessageBox(NULL, buf, _T("OpenSSL: FATAL"), MB_OK | MB_ICONSTOP);
 }
 #else
-+/* Solaris libsa.a used for WAN boot doesn't provide for vfprintf(). Since
++/*
-+ *  * OPENSSL_showfatal() is not used anywhere else then here we can safely use
++ * Solaris libsa.a used for WAN boot doesn't provide for vfprintf(). Since
-+ *   * the code from 0.9.7d version. */
++ * OPENSSL_showfatal() is not used anywhere else then here we can safely use
-+#ifndef	_BOOT
++ * the code from 0.9.7d version.
-void OPENSSL_showfatal (const char *fmta,...)
++ */
-{ va_list ap;
++#ifndef	_BOOT
+void OPENSSL_showfatal(const char *fmta, ...)
-@@ -986,14 +990,21 @@
+{
-vfprintf (stderr,fmta,ap);
+va_list ap;
-va_end (ap);
+@@ -1029,6 +1043,7 @@
+vfprintf(stderr, fmta, ap);
+va_end(ap);
 }
 +#endif	/* _BOOT */
-int OPENSSL_isservice (void) { return 0; }
-#endif
+int OPENSSL_isservice(void)
+{
-void OpenSSLDie(const char *file,int line,const char *assertion)
+@@ -1038,9 +1053,15 @@
-	{
+void OpenSSLDie(const char *file, int line, const char *assertion)
+{
 +#ifndef	_BOOT
-	OPENSSL_showfatal(
+OPENSSL_showfatal
-		"%s(%d): OpenSSL internal error, assertion failed: %s\n",
+("%s(%d): OpenSSL internal error, assertion failed: %s\n", file, line,
-		file,line,assertion);
+assertion);
 +#else
 +	fprintf(stderr,
 +		"%s(%d): OpenSSL internal error, assertion failed: %s\n",
 +		file,line,assertion);
 +#endif
 #if !defined(_WIN32) || defined(__CYGWIN__)
-	abort();
+abort();
 #else
 --- openssl-1.0.0e/crypto/err/err_all.c	2009-08-09 07:58:05.000000000 -0700
 +++ openssl-1.0.0e_patched/crypto/err/err_all.c	2011-12-13 05:22:01.205351400 -0800
 @@ -148,7 +148,9 @@
-	ERR_load_X509V3_strings();
+ERR_load_X509V3_strings();
-	ERR_load_PKCS12_strings();
+ERR_load_PKCS12_strings();
-	ERR_load_RAND_strings();
+ERR_load_RAND_strings();
 +#ifndef _BOOT
-	ERR_load_DSO_strings();
+ERR_load_DSO_strings();
 +#endif /* _BOOT */
-	ERR_load_TS_strings();
+ERR_load_TS_strings();
-#ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_ENGINE
-	ERR_load_ENGINE_strings();
+ERR_load_ENGINE_strings();
 --- openssl-1.0.0e/crypto/evp/evp_key.c	2010-03-27 12:27:50.000000000 -0700
 +++ openssl-1.0.0e_patched/crypto/evp/evp_key.c	2011-12-13 05:19:32.956908600 -0800
-@@ -84,7 +84,7 @@
+@@ -83,7 +83,7 @@
-	else
+else
-		return(prompt_string);
+return (prompt_string);
-	}
+}
 -
 +#ifndef	_BOOT
-/* For historical reasons, the standard function for reading passwords is
+/*
-* in the DES library -- if someone ever wants to disable DES,
+* For historical reasons, the standard function for reading passwords is in
-* this function will fail */
+* the DES library -- if someone ever wants to disable DES, this function
-@@ -111,6 +111,7 @@
+@@ -115,6 +115,7 @@
-	OPENSSL_cleanse(buff,BUFSIZ);
+OPENSSL_cleanse(buff, BUFSIZ);
-	return ret;
+return ret;
-	}
+}
 +#endif	/* !_BOOT */
 int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
-	     const unsigned char *salt, const unsigned char *data, int datal,
+const unsigned char *salt, const unsigned char *data,
 --- openssl-1.0.0e/crypto/rand/rand_unix.c	2009-04-06 07:31:36.000000000 -0700
 +++ openssl-1.0.0e_patched/crypto/rand/rand_unix.c	2011-12-19 07:28:39.988944800 -0800
 @@ -122,7 +122,11 @@
-#include <sys/time.h>
+# include <sys/time.h>
-#include <sys/times.h>
+# include <sys/times.h>
-#include <sys/stat.h>
+# include <sys/stat.h>
 +#ifdef	_BOOT
-+#include <sys/fcntl.h>
++# include <sys/fcntl.h>
 +#else
-#include <fcntl.h>
+# include <fcntl.h>
 +#endif
-#include <unistd.h>
+# include <unistd.h>
-#include <time.h>
+# include <time.h>
-#if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually everywhere */
+# if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually
-@@ -253,6 +257,11 @@
+@@ -259,6 +263,11 @@
-	const char **egdsocket = NULL;
+const char **egdsocket = NULL;
-#endif
+#  endif
 +#ifdef _BOOT
 +/* open() is provided by standalone libsa not visible from here */
 +extern int open(const char *, int);
 +#endif
 +
-#ifdef DEVRANDOM
+#  ifdef DEVRANDOM
-	memset(randomstats,0,sizeof(randomstats));
+memset(randomstats, 0, sizeof(randomstats));
-	/* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
+/*
-@@ -295,9 +304,13 @@
+@@ -307,11 +316,15 @@
-				{
+do {
-				int try_read = 0;
+int try_read = 0;
--#if defined(OPENSSL_SYS_BEOS_R5)
+-#   if defined(OPENSSL_SYS_BEOS_R5)
-+#if defined(OPENSSL_SYS_BEOS_R5) || defined(_BOOT)
++#   if defined(OPENSSL_SYS_BEOS_R5) || defined(_BOOT)
-				/* select() is broken in BeOS R5, so we simply
+/*
-				 *  try to read something and snooze if we couldn't */
+* select() is broken in BeOS R5, so we simply try to read
-+				/*
+* something and snooze if we couldn't
-+				 * select() is not available when linking stand-alone
+*/
-+				 * library for wanboot
++               /*
-+				 */
++                * select() is not available when linking stand-alone
-				try_read = 1;
++                * library for wanboot
++                */
-#elif defined(OPENSSL_SYS_LINUX)
+try_read = 1;
-@@ -355,6 +368,7 @@
-				else
+#   elif defined(OPENSSL_SYS_LINUX)
-					r = -1;
+@@ -365,6 +378,7 @@
+} else
-+#ifndef	_BOOT
+r = -1;
-				/* Some Unixen will update t in select(), some
-				   won't.  For those who won't, or if we
++#ifndef        _BOOT
-				   didn't use select() in the first place,
+/*
-@@ -366,13 +380,17 @@
+* Some Unixen will update t in select(), some won't.  For
-				}
+* those who won't, or if we didn't use select() in the first
-			while ((r > 0 ||
+@@ -377,13 +391,17 @@
-			       (errno == EINTR || errno == EAGAIN)) && usec != 0 && n < ENTROPY_NEEDED);
+while ((r > 0 ||
-+#else	/* _BOOT */
+(errno == EINTR || errno == EAGAIN)) && usec != 0
-+				}
+&& n < ENTROPY_NEEDED);
-+			while (r > 0 && n < ENTROPY_NEEDED);
++#else  /* _BOOT */
-+#endif	/* _BOOT */
++            }
++            while (r > 0 && n < ENTROPY_NEEDED);
-			close(fd);
++#endif /* _BOOT */
-			}
-		}
+close(fd);
-#endif /* defined(DEVRANDOM) */
+}
+}
--#ifdef DEVRANDOM_EGD
+#  endif                        /* defined(DEVRANDOM) */
-+#if defined(DEVRANDOM_EGD) && !defined(_BOOT)
-	/* Use an EGD socket to read entropy from an EGD or PRNGD entropy
+-#  ifdef DEVRANDOM_EGD
-	 * collecting daemon. */
++#  if defined(DEVRANDOM_EGD) && !defined(_BOOT)
+/*
-@@ -395,6 +413,7 @@
+* Use an EGD socket to read entropy from an EGD or PRNGD entropy
-		}
+* collecting daemon.
-#endif
+@@ -407,6 +424,7 @@
+}
-+#ifndef	_BOOT
+#  endif
-	/* put in some default random data, we need more than just this */
-	l=curr_pid;
++#ifndef	_BOOT
-	RAND_add(&l,sizeof(l),0.0);
+/* put in some default random data, we need more than just this */
-@@ -403,6 +422,7 @@
+l = curr_pid;
+RAND_add(&l, sizeof(l), 0.0);
-	l=time(NULL);
+@@ -415,6 +433,7 @@
-	RAND_add(&l,sizeof(l),0.0);
+l = time(NULL);
+RAND_add(&l, sizeof(l), 0.0);
 +#endif /* !_BOOT */
-#if defined(OPENSSL_SYS_BEOS)
+#  if defined(OPENSSL_SYS_BEOS)
-	{
+{
 --- openssl-1.0.0e/crypto/rand/randfile.c	2011-03-19 02:44:37.000000000 -0700
 +++ openssl-1.0.0e_patched/crypto/rand/randfile.c	2011-12-13 05:26:51.884824200 -0800
 @@ -57,9 +57,11 @@
 */
 /* We need to define this to get macros like S_IFBLK and S_IFCHR */
 +#ifndef	_BOOT
 #if !defined(OPENSSL_SYS_VXWORKS)
-#define _XOPEN_SOURCE 500
+# define _XOPEN_SOURCE 500
 #endif
 +#endif	/* _BOOT */
 #include <errno.h>
 #include <stdio.h>
-@@ -179,6 +181,7 @@
+@@ -191,6 +193,7 @@
-	return(ret);
+return (ret);
-	}
+}
 +#ifndef	_BOOT
 int RAND_write_file(const char *file)
-	{
+{
-	unsigned char buf[BUFSIZE];
+unsigned char buf[BUFSIZE];
-@@ -327,3 +330,5 @@
+@@ -335,3 +338,5 @@
 #endif
-	return(buf);
+return (buf);
-	}
+}
 +
 +#endif /* _BOOT */
 --- openssl-1.0.0e/crypto/x509v3/v3_utl.c	2009-07-27 14:08:53.000000000 -0700
 +++ openssl-1.0.0e_patched/crypto/x509v3/v3_utl.c	2011-12-13 05:10:08.844191400 -0800
-@@ -659,9 +659,52 @@
+@@ -715,9 +715,50 @@
-		}
+}
-	}
+}
 +#if	defined(_BOOT)
 +/* This function was copied from bio/b_sock.c */
 +static int get_ip(const char *str, unsigned char ip[4])
-+	{
++{
-+	unsigned int tmp[4];
++    unsigned int tmp[4];
-+	int num=0,c,ok=0;
++    int num = 0, c, ok = 0;
 +
-+	tmp[0]=tmp[1]=tmp[2]=tmp[3]=0;
++    tmp[0]=tmp[1]=tmp[2]=tmp[3]=0;
 +
-+	for (;;)
++    for (;;) {
-+		{
++        c = *(str++);
-+		c= *(str++);
++        if ((c >= '0') && (c <= '9')) {
-+		if ((c >= '0') && (c <= '9'))
++            ok = 1;
-+			{
++            tmp[num] = tmp[num]*10+c-'0';
-+			ok=1;
++            if (tmp[num] > 255)
-+			tmp[num]=tmp[num]*10+c-'0';
++                return(0);
-+			if (tmp[num] > 255) return(0);
++        } else if (c == '.') {
-+			}
++            if (!ok)
-+		else if (c == '.')
++                return (-1);
-+			{
++            if (num == 3)
-+			if (!ok) return(-1);
++                return (0);
-+			if (num == 3) return(0);
++            num++;
-+			num++;
++            ok = 0;
-+			ok=0;
++        } else if (c == '\0' && (num == 3) && ok)
-+			}
++            break;
-+		else if (c == '\0' && (num == 3) && ok)
++        else
-+			break;
++            return(0);
-+		else
++        }
-+			return(0);
++    ip[0]=tmp[0];
-+		}
++    ip[1]=tmp[1];
-+	ip[0]=tmp[0];
++    ip[2]=tmp[2];
-+	ip[1]=tmp[1];
++    ip[3]=tmp[3];
-+	ip[2]=tmp[2];
++    return(1);
-+	ip[3]=tmp[3];
++}
-+	return(1);
-+	}
 +#endif /* _BOOT */
 +
 static int ipv4_from_asc(unsigned char *v4, const char *in)
-	{
+{
-	int a0, a1, a2, a3;
+int a0, a1, a2, a3;
 +
 +#if	defined(_BOOT)
 +	if (get_ip(in, v4) != 1)
 +		return 0;
 +#else	/* _BOOT */
-	if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4)
+if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4)
-		return 0;
+return 0;
-	if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255)
+if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255)
-@@ -671,6 +716,7 @@
+@@ -727,6 +768,7 @@
-	v4[1] = a1;
+v4[1] = a1;
-	v4[2] = a2;
+v4[2] = a2;
-	v4[3] = a3;
+v4[3] = a3;
 +#endif	/* _BOOT */
-	return 1;
+return 1;
-	}
+}
 --- openssl-1.0.0e/e_os.h	2011-12-19 04:17:51.631087400 -0800
 +++ openssl-1.0.0e_patched/e_os.h	2011-12-19 04:15:15.776668900 -0800
-@@ -206,10 +206,19 @@
+@@ -213,10 +213,19 @@
-#define get_last_socket_error()	errno
+#  define get_last_socket_error() errno
-#define clear_socket_error()	errno=0
+#  define clear_socket_error()    errno=0
-#define ioctlsocket(a,b,c)	ioctl(a,b,c)
+#  define ioctlsocket(a,b,c)      ioctl(a,b,c)
 +#ifdef	_BOOT
 +#include <netinet/in.h>
 +extern int socket_read(int, void *, size_t, int);
 +extern int socket_close(int);
-+#define	closesocket(s)		socket_close(s)
++#  define closesocket(s)          socket_close(s)
-+#define	readsocket(s,b,n)	socket_read((s),(b),(n), 200)
++#  define readsocket(s,b,n)       socket_read((s),(b),(n), 200)
-+#define	writesocket(s,b,n)	send((s),(b),(n), 0)
++#  define writesocket(s,b,n)      send((s),(b),(n), 0)
 +#else  /* !_BOOT */
-#define closesocket(s)		close(s)
+#  define closesocket(s)          close(s)
-#define readsocket(s,b,n)	read((s),(b),(n))
+#  define readsocket(s,b,n)       read((s),(b),(n))
-#define writesocket(s,b,n)	write((s),(b),(n))
+#  define writesocket(s,b,n)      write((s),(b),(n))
-#endif
+# endif
 +#endif
-#ifdef WIN16 /* never the case */
+# ifdef WIN16                   /* never the case */
-#  define MS_CALLBACK	_far _loadds
+#  define MS_CALLBACK   _far _loadds
 --- openssl-1.0.0e/crypto/sparcv9cap.c	2010-09-05 12:48:01.000000000 -0700
 +++ openssl-1.0.0e_patched/crypto/sparcv9cap.c	2011-12-23 05:24:02.011607700 -0800
 @@ -12,7 +12,11 @@
-#define SPARCV9_VIS2		(1<<3)	/* reserved */
+#define SPARCV9_VIS2            (1<<3) /* reserved */
-#define SPARCV9_FMADD		(1<<4)	/* reserved for SPARC64 V */
+#define SPARCV9_FMADD           (1<<4) /* reserved for SPARC64 V */
-+#ifndef	_BOOT
++#ifndef        _BOOT
-static int OPENSSL_sparcv9cap_P=SPARCV9_TICK_PRIVILEGED;
+static int OPENSSL_sparcv9cap_P = SPARCV9_TICK_PRIVILEGED;
 +#else
 +static int OPENSSL_sparcv9cap_P = SPARCV9_VIS1;
 +#endif
-int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num)
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-	{
+const BN_ULONG *np, const BN_ULONG *n0, int num)
-@@ -33,6 +37,7 @@
+@@ -36,6 +40,7 @@
-void		_sparcv9_vis2_probe(void);
+void _sparcv9_vis2_probe(void);
-void		_sparcv9_fmadd_probe(void);
+void _sparcv9_fmadd_probe(void);
 +#ifndef _BOOT
 unsigned long OPENSSL_rdtsc(void)
-	{
+{
-	if (OPENSSL_sparcv9cap_P&SPARCV9_TICK_PRIVILEGED)
+if (OPENSSL_sparcv9cap_P & SPARCV9_TICK_PRIVILEGED)
-@@ -44,8 +49,19 @@
+@@ -47,8 +52,19 @@
-	else
+else
-		return _sparcv9_rdtick();
+return _sparcv9_rdtick();
-	}
+}
 +#endif
 +
 +#if defined(_BOOT)
 +/*
 + * Hardcoding sparc capabilities for wanboot.
 + * Older CPUs are EOLed anyway.
 + */
 +void OPENSSL_cpuid_setup(void)
-+	{
++       {
-+	OPENSSL_sparcv9cap_P = SPARCV9_VIS1;
++       OPENSSL_sparcv9cap_P = SPARCV9_VIS1;
-+	}
++       }
 -#if 0 && defined(__sun) && defined(__SVR4)
 +#elif 0 && defined(__sun) && defined(__SVR4)
-/* This code path is disabled, because of incompatibility of
+/*
-* libdevinfo.so.1 and libmalloc.so.1 (see below for details)
+* This code path is disabled, because of incompatibility of libdevinfo.so.1
-*/
+* and libmalloc.so.1 (see below for details)
 --- openssl-1.0.0e/crypto/sparccpuid.S	2010-09-05 12:48:01.000000000 -0700
 +++ openssl-1.0.0e_patched/crypto/sparccpuid.S	2012-02-13 07:42:58.259478325 -0800
 @@ -397,8 +397,13 @@
 .type	OPENSSL_cleanse,#function
 .size	OPENSSL_cleanse,.-OPENSSL_cleanse
 +	nop
 +	nop
 +#endif
 --- openssl-1.0.1c/crypto/Makefile      Thu Aug  2 12:56:38 2012
 +++ openssl-1.0.1c/crypto/Makefile.new  Thu Aug  2 12:59:43 2012
-@@ -35,9 +35,9 @@
+@@ -36,9 +36,9 @@
 LIB= $(TOP)/libcrypto.a
 SHARED_LIB= libcrypto$(SHLIB_EXT)
 LIBSRC=	cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
 -	ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fips.c o_init.c fips_ers.c
 +	ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fips.c o_init.c fips_ers.c wanboot-stubs.c
 SRC= $(LIBSRC)
 --- openssl-1.0.1f/ssl/s3_clnt.c    Thu Jan 30 02:53:33 2014
 +++ openssl-1.0.1f/ssl/s3_clnt.c.new   Thu Jan 30 02:57:51 2014
-@@ -681,8 +681,13 @@
+@@ -668,7 +668,11 @@
-		p=s->s3->client_random;
+p = s->s3->client_random;
 +#ifndef	_BOOT
-		if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
+if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
-			goto err;
++#else
-+#else
++        if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE) <= 0)
-+		if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE) <= 0)
++#endif
-+			goto err;
+goto err;
-+#endif
+/* Do the message type and length last */
-		/* Do the message type and length last */
-		d=p= &(buf[4]);
 --- openssl-1.0.1f/ssl/s3_lib.c       Wed Oct 15 11:18:30 2014
 +++ openssl-1.0.1f/ssl/s3_lib.c.new    Wed Oct 15 11:20:07 2014
-@@ -3364,7 +3364,11 @@
+@@ -3343,7 +3343,11 @@
-			return 1;
+* Apparently we're using a version-flexible SSL_METHOD (not at its
-		/* Apparently we're using a version-flexible SSL_METHOD
+* highest protocol version).
-		 * (not at its highest protocol version). */
+*/
 +#ifndef	_BOOT
-		if (s->ctx->method->version == SSLv23_method()->version)
+if (s->ctx->method->version == SSLv23_method()->version) {
 +#else
-+		if (s->ctx->method->version == TLS1_2_VERSION)
++        if (s->ctx->method->version == TLS1_2_VERSION) {
 +#endif
-			{
 #if TLS_MAX_VERSION != TLS1_2_VERSION
-#  error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION.
+# error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION.
+#endif

branch	s11u2-sru
changeset 4016	7f9e1e7611b8
parent 3402	110b254c69b8
child 4366	8e8f535e48a5