--- a/components/openssl/openssl-1.0.1/patches/30_wanboot.patch Sat Mar 21 08:00:32 2015 -0700
+++ b/components/openssl/openssl-1.0.1/patches/30_wanboot.patch Sun Mar 22 13:14:43 2015 -0700
@@ -36,7 +36,7 @@
--- openssl-1.0.0e/crypto/cryptlib.c 2011-06-22 08:39:00.000000000 -0700
+++ openssl-1.0.0e_patched/crypto/cryptlib.c 2011-12-12 06:17:45.422476900 -0800
-@@ -415,6 +415,7 @@
+@@ -412,6 +412,7 @@
static void solaris_locking_callback(int mode, int type, const char *file,
int line)
{
@@ -44,15 +44,15 @@
if (mode & CRYPTO_LOCK)
{
pthread_mutex_lock(&solaris_openssl_locks[type]);
-@@ -423,6 +424,7 @@
+@@ -420,6 +421,7 @@
{
pthread_mutex_unlock(&solaris_openssl_locks[type]);
}
+#endif
}
-
-
-@@ -456,6 +458,12 @@
+
+
+@@ -453,6 +455,12 @@
}
/*
@@ -65,164 +65,169 @@
* Set atfork handler so that child can setup its own mutexes and
* locking callbacks when it is forked
*/
-@@ -478,7 +486,7 @@
+@@ -475,7 +483,7 @@
pthread_mutex_init(&solaris_openssl_locks[i], NULL);
}
locking_callback = solaris_locking_callback;
-
+#endif
- }
+ }
- void CRYPTO_set_locking_callback(void (*func)(int mode,int type,
-@@ -979,6 +979,10 @@
- MessageBox (NULL,buf,_T("OpenSSL: FATAL"),MB_OK|MB_ICONSTOP);
+ void CRYPTO_set_locking_callback(void (*func) (int mode, int type,
+@@ -1021,6 +1029,12 @@
+ MessageBox(NULL, buf, _T("OpenSSL: FATAL"), MB_OK | MB_ICONSTOP);
}
#else
-+/* Solaris libsa.a used for WAN boot doesn't provide for vfprintf(). Since
-+ * * OPENSSL_showfatal() is not used anywhere else then here we can safely use
-+ * * the code from 0.9.7d version. */
++/*
++ * Solaris libsa.a used for WAN boot doesn't provide for vfprintf(). Since
++ * OPENSSL_showfatal() is not used anywhere else then here we can safely use
++ * the code from 0.9.7d version.
++ */
+#ifndef _BOOT
- void OPENSSL_showfatal (const char *fmta,...)
- { va_list ap;
-
-@@ -986,14 +990,21 @@
- vfprintf (stderr,fmta,ap);
- va_end (ap);
+ void OPENSSL_showfatal(const char *fmta, ...)
+ {
+ va_list ap;
+@@ -1029,6 +1043,7 @@
+ vfprintf(stderr, fmta, ap);
+ va_end(ap);
}
+#endif /* _BOOT */
- int OPENSSL_isservice (void) { return 0; }
- #endif
+
+ int OPENSSL_isservice(void)
+ {
+@@ -1038,9 +1053,15 @@
- void OpenSSLDie(const char *file,int line,const char *assertion)
- {
+ void OpenSSLDie(const char *file, int line, const char *assertion)
+ {
+#ifndef _BOOT
- OPENSSL_showfatal(
- "%s(%d): OpenSSL internal error, assertion failed: %s\n",
- file,line,assertion);
+ OPENSSL_showfatal
+ ("%s(%d): OpenSSL internal error, assertion failed: %s\n", file, line,
+ assertion);
+#else
+ fprintf(stderr,
+ "%s(%d): OpenSSL internal error, assertion failed: %s\n",
+ file,line,assertion);
+#endif
#if !defined(_WIN32) || defined(__CYGWIN__)
- abort();
+ abort();
#else
--- openssl-1.0.0e/crypto/err/err_all.c 2009-08-09 07:58:05.000000000 -0700
+++ openssl-1.0.0e_patched/crypto/err/err_all.c 2011-12-13 05:22:01.205351400 -0800
@@ -148,7 +148,9 @@
- ERR_load_X509V3_strings();
- ERR_load_PKCS12_strings();
- ERR_load_RAND_strings();
+ ERR_load_X509V3_strings();
+ ERR_load_PKCS12_strings();
+ ERR_load_RAND_strings();
+#ifndef _BOOT
- ERR_load_DSO_strings();
+ ERR_load_DSO_strings();
+#endif /* _BOOT */
- ERR_load_TS_strings();
- #ifndef OPENSSL_NO_ENGINE
- ERR_load_ENGINE_strings();
+ ERR_load_TS_strings();
+ # ifndef OPENSSL_NO_ENGINE
+ ERR_load_ENGINE_strings();
--- openssl-1.0.0e/crypto/evp/evp_key.c 2010-03-27 12:27:50.000000000 -0700
+++ openssl-1.0.0e_patched/crypto/evp/evp_key.c 2011-12-13 05:19:32.956908600 -0800
-@@ -84,7 +84,7 @@
- else
- return(prompt_string);
- }
+@@ -83,7 +83,7 @@
+ else
+ return (prompt_string);
+ }
-
+#ifndef _BOOT
- /* For historical reasons, the standard function for reading passwords is
- * in the DES library -- if someone ever wants to disable DES,
- * this function will fail */
-@@ -111,6 +111,7 @@
- OPENSSL_cleanse(buff,BUFSIZ);
- return ret;
- }
+ /*
+ * For historical reasons, the standard function for reading passwords is in
+ * the DES library -- if someone ever wants to disable DES, this function
+@@ -115,6 +115,7 @@
+ OPENSSL_cleanse(buff, BUFSIZ);
+ return ret;
+ }
+#endif /* !_BOOT */
- int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
- const unsigned char *salt, const unsigned char *data, int datal,
+ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
+ const unsigned char *salt, const unsigned char *data,
--- openssl-1.0.0e/crypto/rand/rand_unix.c 2009-04-06 07:31:36.000000000 -0700
+++ openssl-1.0.0e_patched/crypto/rand/rand_unix.c 2011-12-19 07:28:39.988944800 -0800
@@ -122,7 +122,11 @@
- #include <sys/time.h>
- #include <sys/times.h>
- #include <sys/stat.h>
+ # include <sys/time.h>
+ # include <sys/times.h>
+ # include <sys/stat.h>
+#ifdef _BOOT
-+#include <sys/fcntl.h>
++# include <sys/fcntl.h>
+#else
- #include <fcntl.h>
+ # include <fcntl.h>
+#endif
- #include <unistd.h>
- #include <time.h>
- #if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually everywhere */
-@@ -253,6 +257,11 @@
- const char **egdsocket = NULL;
- #endif
+ # include <unistd.h>
+ # include <time.h>
+ # if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually
+@@ -259,6 +263,11 @@
+ const char **egdsocket = NULL;
+ # endif
+#ifdef _BOOT
+/* open() is provided by standalone libsa not visible from here */
+extern int open(const char *, int);
+#endif
+
- #ifdef DEVRANDOM
- memset(randomstats,0,sizeof(randomstats));
- /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
-@@ -295,9 +304,13 @@
- {
- int try_read = 0;
-
--#if defined(OPENSSL_SYS_BEOS_R5)
-+#if defined(OPENSSL_SYS_BEOS_R5) || defined(_BOOT)
- /* select() is broken in BeOS R5, so we simply
- * try to read something and snooze if we couldn't */
-+ /*
-+ * select() is not available when linking stand-alone
-+ * library for wanboot
-+ */
- try_read = 1;
+ # ifdef DEVRANDOM
+ memset(randomstats, 0, sizeof(randomstats));
+ /*
+@@ -307,11 +316,15 @@
+ do {
+ int try_read = 0;
+
+-# if defined(OPENSSL_SYS_BEOS_R5)
++# if defined(OPENSSL_SYS_BEOS_R5) || defined(_BOOT)
+ /*
+ * select() is broken in BeOS R5, so we simply try to read
+ * something and snooze if we couldn't
+ */
++ /*
++ * select() is not available when linking stand-alone
++ * library for wanboot
++ */
+ try_read = 1;
- #elif defined(OPENSSL_SYS_LINUX)
-@@ -355,6 +368,7 @@
- else
- r = -1;
-
-+#ifndef _BOOT
- /* Some Unixen will update t in select(), some
- won't. For those who won't, or if we
- didn't use select() in the first place,
-@@ -366,13 +380,17 @@
- }
- while ((r > 0 ||
- (errno == EINTR || errno == EAGAIN)) && usec != 0 && n < ENTROPY_NEEDED);
-+#else /* _BOOT */
-+ }
-+ while (r > 0 && n < ENTROPY_NEEDED);
-+#endif /* _BOOT */
-
- close(fd);
- }
- }
- #endif /* defined(DEVRANDOM) */
-
--#ifdef DEVRANDOM_EGD
-+#if defined(DEVRANDOM_EGD) && !defined(_BOOT)
- /* Use an EGD socket to read entropy from an EGD or PRNGD entropy
- * collecting daemon. */
-
-@@ -395,6 +413,7 @@
- }
- #endif
+ # elif defined(OPENSSL_SYS_LINUX)
+@@ -365,6 +378,7 @@
+ } else
+ r = -1;
+
++#ifndef _BOOT
+ /*
+ * Some Unixen will update t in select(), some won't. For
+ * those who won't, or if we didn't use select() in the first
+@@ -377,13 +391,17 @@
+ while ((r > 0 ||
+ (errno == EINTR || errno == EAGAIN)) && usec != 0
+ && n < ENTROPY_NEEDED);
++#else /* _BOOT */
++ }
++ while (r > 0 && n < ENTROPY_NEEDED);
++#endif /* _BOOT */
+
+ close(fd);
+ }
+ }
+ # endif /* defined(DEVRANDOM) */
+
+-# ifdef DEVRANDOM_EGD
++# if defined(DEVRANDOM_EGD) && !defined(_BOOT)
+ /*
+ * Use an EGD socket to read entropy from an EGD or PRNGD entropy
+ * collecting daemon.
+@@ -407,6 +424,7 @@
+ }
+ # endif
+#ifndef _BOOT
- /* put in some default random data, we need more than just this */
- l=curr_pid;
- RAND_add(&l,sizeof(l),0.0);
-@@ -403,6 +422,7 @@
+ /* put in some default random data, we need more than just this */
+ l = curr_pid;
+ RAND_add(&l, sizeof(l), 0.0);
+@@ -415,6 +433,7 @@
- l=time(NULL);
- RAND_add(&l,sizeof(l),0.0);
+ l = time(NULL);
+ RAND_add(&l, sizeof(l), 0.0);
+#endif /* !_BOOT */
- #if defined(OPENSSL_SYS_BEOS)
- {
-
+ # if defined(OPENSSL_SYS_BEOS)
+ {
--- openssl-1.0.0e/crypto/rand/randfile.c 2011-03-19 02:44:37.000000000 -0700
+++ openssl-1.0.0e_patched/crypto/rand/randfile.c 2011-12-13 05:26:51.884824200 -0800
@@ -57,9 +57,11 @@
@@ -231,137 +236,135 @@
/* We need to define this to get macros like S_IFBLK and S_IFCHR */
+#ifndef _BOOT
#if !defined(OPENSSL_SYS_VXWORKS)
- #define _XOPEN_SOURCE 500
+ # define _XOPEN_SOURCE 500
#endif
+#endif /* _BOOT */
#include <errno.h>
#include <stdio.h>
-@@ -179,6 +181,7 @@
- return(ret);
- }
+@@ -191,6 +193,7 @@
+ return (ret);
+ }
+#ifndef _BOOT
int RAND_write_file(const char *file)
- {
- unsigned char buf[BUFSIZE];
-@@ -327,3 +330,5 @@
+ {
+ unsigned char buf[BUFSIZE];
+@@ -335,3 +338,5 @@
#endif
- return(buf);
- }
+ return (buf);
+ }
+
+#endif /* _BOOT */
--- openssl-1.0.0e/crypto/x509v3/v3_utl.c 2009-07-27 14:08:53.000000000 -0700
+++ openssl-1.0.0e_patched/crypto/x509v3/v3_utl.c 2011-12-13 05:10:08.844191400 -0800
-@@ -659,9 +659,52 @@
- }
- }
+@@ -715,9 +715,50 @@
+ }
+ }
+#if defined(_BOOT)
+/* This function was copied from bio/b_sock.c */
+static int get_ip(const char *str, unsigned char ip[4])
-+ {
-+ unsigned int tmp[4];
-+ int num=0,c,ok=0;
++{
++ unsigned int tmp[4];
++ int num = 0, c, ok = 0;
+
-+ tmp[0]=tmp[1]=tmp[2]=tmp[3]=0;
++ tmp[0]=tmp[1]=tmp[2]=tmp[3]=0;
+
-+ for (;;)
-+ {
-+ c= *(str++);
-+ if ((c >= '0') && (c <= '9'))
-+ {
-+ ok=1;
-+ tmp[num]=tmp[num]*10+c-'0';
-+ if (tmp[num] > 255) return(0);
-+ }
-+ else if (c == '.')
-+ {
-+ if (!ok) return(-1);
-+ if (num == 3) return(0);
-+ num++;
-+ ok=0;
-+ }
-+ else if (c == '\0' && (num == 3) && ok)
-+ break;
-+ else
-+ return(0);
-+ }
-+ ip[0]=tmp[0];
-+ ip[1]=tmp[1];
-+ ip[2]=tmp[2];
-+ ip[3]=tmp[3];
-+ return(1);
-+ }
++ for (;;) {
++ c = *(str++);
++ if ((c >= '0') && (c <= '9')) {
++ ok = 1;
++ tmp[num] = tmp[num]*10+c-'0';
++ if (tmp[num] > 255)
++ return(0);
++ } else if (c == '.') {
++ if (!ok)
++ return (-1);
++ if (num == 3)
++ return (0);
++ num++;
++ ok = 0;
++ } else if (c == '\0' && (num == 3) && ok)
++ break;
++ else
++ return(0);
++ }
++ ip[0]=tmp[0];
++ ip[1]=tmp[1];
++ ip[2]=tmp[2];
++ ip[3]=tmp[3];
++ return(1);
++}
+#endif /* _BOOT */
+
static int ipv4_from_asc(unsigned char *v4, const char *in)
- {
- int a0, a1, a2, a3;
+ {
+ int a0, a1, a2, a3;
+
+#if defined(_BOOT)
+ if (get_ip(in, v4) != 1)
+ return 0;
+#else /* _BOOT */
- if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4)
- return 0;
- if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255)
-@@ -671,6 +716,7 @@
- v4[1] = a1;
- v4[2] = a2;
- v4[3] = a3;
+ if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4)
+ return 0;
+ if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255)
+@@ -727,6 +768,7 @@
+ v4[1] = a1;
+ v4[2] = a2;
+ v4[3] = a3;
+#endif /* _BOOT */
- return 1;
- }
-
+ return 1;
+ }
+
--- openssl-1.0.0e/e_os.h 2011-12-19 04:17:51.631087400 -0800
+++ openssl-1.0.0e_patched/e_os.h 2011-12-19 04:15:15.776668900 -0800
-@@ -206,10 +206,19 @@
- #define get_last_socket_error() errno
- #define clear_socket_error() errno=0
- #define ioctlsocket(a,b,c) ioctl(a,b,c)
+@@ -213,10 +213,19 @@
+ # define get_last_socket_error() errno
+ # define clear_socket_error() errno=0
+ # define ioctlsocket(a,b,c) ioctl(a,b,c)
+#ifdef _BOOT
+#include <netinet/in.h>
+extern int socket_read(int, void *, size_t, int);
+extern int socket_close(int);
-+#define closesocket(s) socket_close(s)
-+#define readsocket(s,b,n) socket_read((s),(b),(n), 200)
-+#define writesocket(s,b,n) send((s),(b),(n), 0)
++# define closesocket(s) socket_close(s)
++# define readsocket(s,b,n) socket_read((s),(b),(n), 200)
++# define writesocket(s,b,n) send((s),(b),(n), 0)
+#else /* !_BOOT */
- #define closesocket(s) close(s)
- #define readsocket(s,b,n) read((s),(b),(n))
- #define writesocket(s,b,n) write((s),(b),(n))
- #endif
+ # define closesocket(s) close(s)
+ # define readsocket(s,b,n) read((s),(b),(n))
+ # define writesocket(s,b,n) write((s),(b),(n))
+ # endif
+#endif
- #ifdef WIN16 /* never the case */
- # define MS_CALLBACK _far _loadds
+ # ifdef WIN16 /* never the case */
+ # define MS_CALLBACK _far _loadds
--- openssl-1.0.0e/crypto/sparcv9cap.c 2010-09-05 12:48:01.000000000 -0700
+++ openssl-1.0.0e_patched/crypto/sparcv9cap.c 2011-12-23 05:24:02.011607700 -0800
@@ -12,7 +12,11 @@
- #define SPARCV9_VIS2 (1<<3) /* reserved */
- #define SPARCV9_FMADD (1<<4) /* reserved for SPARC64 V */
-
-+#ifndef _BOOT
- static int OPENSSL_sparcv9cap_P=SPARCV9_TICK_PRIVILEGED;
+ #define SPARCV9_VIS2 (1<<3) /* reserved */
+ #define SPARCV9_FMADD (1<<4) /* reserved for SPARC64 V */
+
++#ifndef _BOOT
+ static int OPENSSL_sparcv9cap_P = SPARCV9_TICK_PRIVILEGED;
+#else
+static int OPENSSL_sparcv9cap_P = SPARCV9_VIS1;
+#endif
- int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num)
- {
-@@ -33,6 +37,7 @@
- void _sparcv9_vis2_probe(void);
- void _sparcv9_fmadd_probe(void);
+ int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0, int num)
+@@ -36,6 +40,7 @@
+ void _sparcv9_vis2_probe(void);
+ void _sparcv9_fmadd_probe(void);
+#ifndef _BOOT
unsigned long OPENSSL_rdtsc(void)
- {
- if (OPENSSL_sparcv9cap_P&SPARCV9_TICK_PRIVILEGED)
-@@ -44,8 +49,19 @@
- else
- return _sparcv9_rdtick();
- }
+ {
+ if (OPENSSL_sparcv9cap_P & SPARCV9_TICK_PRIVILEGED)
+@@ -47,8 +52,19 @@
+ else
+ return _sparcv9_rdtick();
+ }
+#endif
+
+#if defined(_BOOT)
@@ -370,15 +373,15 @@
+ * Older CPUs are EOLed anyway.
+ */
+void OPENSSL_cpuid_setup(void)
-+ {
-+ OPENSSL_sparcv9cap_P = SPARCV9_VIS1;
-+ }
-
++ {
++ OPENSSL_sparcv9cap_P = SPARCV9_VIS1;
++ }
+
-#if 0 && defined(__sun) && defined(__SVR4)
+#elif 0 && defined(__sun) && defined(__SVR4)
- /* This code path is disabled, because of incompatibility of
- * libdevinfo.so.1 and libmalloc.so.1 (see below for details)
- */
+ /*
+ * This code path is disabled, because of incompatibility of libdevinfo.so.1
+ * and libmalloc.so.1 (see below for details)
--- openssl-1.0.0e/crypto/sparccpuid.S 2010-09-05 12:48:01.000000000 -0700
+++ openssl-1.0.0e_patched/crypto/sparccpuid.S 2012-02-13 07:42:58.259478325 -0800
@@ -397,8 +397,13 @@
@@ -397,7 +400,7 @@
+#endif
--- openssl-1.0.1c/crypto/Makefile Thu Aug 2 12:56:38 2012
+++ openssl-1.0.1c/crypto/Makefile.new Thu Aug 2 12:59:43 2012
-@@ -35,9 +35,9 @@
+@@ -36,9 +36,9 @@
LIB= $(TOP)/libcrypto.a
SHARED_LIB= libcrypto$(SHLIB_EXT)
LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
@@ -411,31 +414,29 @@
--- openssl-1.0.1f/ssl/s3_clnt.c Thu Jan 30 02:53:33 2014
+++ openssl-1.0.1f/ssl/s3_clnt.c.new Thu Jan 30 02:57:51 2014
-@@ -681,8 +681,13 @@
+@@ -668,7 +668,11 @@
- p=s->s3->client_random;
-
+ p = s->s3->client_random;
+
+#ifndef _BOOT
- if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
- goto err;
+ if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
+#else
-+ if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE) <= 0)
-+ goto err;
++ if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE) <= 0)
+#endif
+ goto err;
- /* Do the message type and length last */
- d=p= &(buf[4]);
+ /* Do the message type and length last */
--- openssl-1.0.1f/ssl/s3_lib.c Wed Oct 15 11:18:30 2014
+++ openssl-1.0.1f/ssl/s3_lib.c.new Wed Oct 15 11:20:07 2014
-@@ -3364,7 +3364,11 @@
- return 1;
- /* Apparently we're using a version-flexible SSL_METHOD
- * (not at its highest protocol version). */
+@@ -3343,7 +3343,11 @@
+ * Apparently we're using a version-flexible SSL_METHOD (not at its
+ * highest protocol version).
+ */
+#ifndef _BOOT
- if (s->ctx->method->version == SSLv23_method()->version)
+ if (s->ctx->method->version == SSLv23_method()->version) {
+#else
-+ if (s->ctx->method->version == TLS1_2_VERSION)
++ if (s->ctx->method->version == TLS1_2_VERSION) {
+#endif
- {
#if TLS_MAX_VERSION != TLS1_2_VERSION
- # error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION.
+ # error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION.
+ #endif