diff options
Diffstat (limited to 'dev-lang/ruby/files/2.4/012-openssl_1.1.patch')
-rw-r--r-- | dev-lang/ruby/files/2.4/012-openssl_1.1.patch | 339 |
1 files changed, 0 insertions, 339 deletions
diff --git a/dev-lang/ruby/files/2.4/012-openssl_1.1.patch b/dev-lang/ruby/files/2.4/012-openssl_1.1.patch deleted file mode 100644 index edf344bedc8c..000000000000 --- a/dev-lang/ruby/files/2.4/012-openssl_1.1.patch +++ /dev/null @@ -1,339 +0,0 @@ -From 7af808153dd34a980e027a04d4490ae38019b3ed Mon Sep 17 00:00:00 2001 -From: Mark Wright <gienah@gentoo.org> -Date: Sun, 15 Oct 2017 01:24:12 +1100 -Subject: [PATCH] Fix build failure against OpenSSL 1.1 built with - no-deprecated Thanks rhenium for the code review and fixes. - ---- - ext/openssl/openssl_missing.h | 4 +++ - ext/openssl/ossl.c | 23 ++++++--------- - ext/openssl/ossl.h | 5 ++++ - ext/openssl/ossl_cipher.c | 14 ++++----- - ext/openssl/ossl_engine.c | 54 ++++++++++++++++++++++------------- - ext/openssl/ossl_ssl.c | 2 +- - ext/openssl/ossl_x509cert.c | 4 +-- - ext/openssl/ossl_x509crl.c | 4 +-- - 8 files changed, 63 insertions(+), 47 deletions(-) - -diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h -index cc31f6ac..debd25ad 100644 ---- a/ext/openssl/openssl_missing.h -+++ b/ext/openssl/openssl_missing.h -@@ -209,6 +209,10 @@ IMPL_PKEY_GETTER(EC_KEY, ec) - # define X509_get0_notAfter(x) X509_get_notAfter(x) - # define X509_CRL_get0_lastUpdate(x) X509_CRL_get_lastUpdate(x) - # define X509_CRL_get0_nextUpdate(x) X509_CRL_get_nextUpdate(x) -+# define X509_set1_notBefore(x, t) X509_set_notBefore(x, t) -+# define X509_set1_notAfter(x, t) X509_set_notAfter(x, t) -+# define X509_CRL_set1_lastUpdate(x, t) X509_CRL_set_lastUpdate(x, t) -+# define X509_CRL_set1_nextUpdate(x, t) X509_CRL_set_nextUpdate(x, t) - #endif - - #if !defined(HAVE_SSL_SESSION_GET_PROTOCOL_VERSION) -diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c -index 93ecc7d4..245385e7 100644 ---- a/ext/openssl/ossl.c -+++ b/ext/openssl/ossl.c -@@ -1109,25 +1109,14 @@ Init_openssl(void) - /* - * Init all digests, ciphers - */ -- /* CRYPTO_malloc_init(); */ -- /* ENGINE_load_builtin_engines(); */ -+#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000 -+ if (!OPENSSL_init_ssl(0, NULL)) -+ rb_raise(rb_eRuntimeError, "OPENSSL_init_ssl"); -+#else - OpenSSL_add_ssl_algorithms(); - OpenSSL_add_all_algorithms(); - ERR_load_crypto_strings(); - SSL_load_error_strings(); -- -- /* -- * FIXME: -- * On unload do: -- */ --#if 0 -- CONF_modules_unload(1); -- destroy_ui_method(); -- EVP_cleanup(); -- ENGINE_cleanup(); -- CRYPTO_cleanup_all_ex_data(); -- ERR_remove_state(0); -- ERR_free_strings(); - #endif - - /* -@@ -1149,7 +1138,11 @@ Init_openssl(void) - /* - * Version of OpenSSL the ruby OpenSSL extension is running with - */ -+#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000 -+ rb_define_const(mOSSL, "OPENSSL_LIBRARY_VERSION", rb_str_new2(OpenSSL_version(OPENSSL_VERSION))); -+#else - rb_define_const(mOSSL, "OPENSSL_LIBRARY_VERSION", rb_str_new2(SSLeay_version(SSLEAY_VERSION))); -+#endif - - /* - * Version number of OpenSSL the ruby OpenSSL extension was built with -diff --git a/ext/openssl/ossl.h b/ext/openssl/ossl.h -index f08889b2..5a15839c 100644 ---- a/ext/openssl/ossl.h -+++ b/ext/openssl/ossl.h -@@ -35,6 +35,11 @@ - #if !defined(OPENSSL_NO_OCSP) - # include <openssl/ocsp.h> - #endif -+#include <openssl/bn.h> -+#include <openssl/rsa.h> -+#include <openssl/dsa.h> -+#include <openssl/evp.h> -+#include <openssl/dh.h> - - /* - * Common Module -diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c -index bfa76c1a..e6179733 100644 ---- a/ext/openssl/ossl_cipher.c -+++ b/ext/openssl/ossl_cipher.c -@@ -508,9 +508,9 @@ ossl_cipher_set_iv(VALUE self, VALUE iv) - StringValue(iv); - GetCipher(self, ctx); - - #if defined(HAVE_AUTHENTICATED_ENCRYPTION) -- if (EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER) -+ if (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER) - iv_len = (int)(VALUE)EVP_CIPHER_CTX_get_app_data(ctx); - #endif - if (!iv_len) - iv_len = EVP_CIPHER_CTX_iv_length(ctx); -@@ -535,7 +535,7 @@ ossl_cipher_is_authenticated(VALUE self) - - GetCipher(self, ctx); - - #if defined(HAVE_AUTHENTICATED_ENCRYPTION) -- return (EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER) ? Qtrue : Qfalse; -+ return (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER) ? Qtrue : Qfalse; - #else - return Qfalse; - #endif -@@ -606,7 +606,7 @@ ossl_cipher_get_auth_tag(int argc, VALUE *argv, VALUE self) - - GetCipher(self, ctx); - -- if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER)) -+ if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER)) - ossl_raise(eCipherError, "authentication tag not supported by this cipher"); - - ret = rb_str_new(NULL, tag_len); -@@ -641,7 +641,7 @@ ossl_cipher_set_auth_tag(VALUE self, VALUE vtag) - tag_len = RSTRING_LENINT(vtag); - - GetCipher(self, ctx); -- if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER)) -+ if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER)) - ossl_raise(eCipherError, "authentication tag not supported by this cipher"); - - if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag_len, tag)) -@@ -668,7 +668,7 @@ ossl_cipher_set_auth_tag_len(VALUE self, VALUE vlen) - EVP_CIPHER_CTX *ctx; - - GetCipher(self, ctx); -- if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER)) -+ if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER)) - ossl_raise(eCipherError, "AEAD not supported by this cipher"); - - if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag_len, NULL)) -@@ -695,7 +695,7 @@ ossl_cipher_set_iv_length(VALUE self, VALUE iv_length) - EVP_CIPHER_CTX *ctx; - - GetCipher(self, ctx); -- if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER)) -+ if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER)) - ossl_raise(eCipherError, "cipher does not support AEAD"); - - if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, len, NULL)) -@@ -786,9 +786,9 @@ ossl_cipher_iv_length(VALUE self) - int len = 0; - - GetCipher(self, ctx); - #if defined(HAVE_AUTHENTICATED_ENCRYPTION) -- if (EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER) -+ if (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER) - len = (int)(VALUE)EVP_CIPHER_CTX_get_app_data(ctx); - #endif - if (!len) - len = EVP_CIPHER_CTX_iv_length(ctx); -diff --git a/ext/openssl/ossl_engine.c b/ext/openssl/ossl_engine.c -index d69b5dca..5ca0d4ca 100644 ---- a/ext/openssl/ossl_engine.c -+++ b/ext/openssl/ossl_engine.c -@@ -46,13 +46,25 @@ VALUE eEngineError; - /* - * Private - */ --#define OSSL_ENGINE_LOAD_IF_MATCH(x) \ -+#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000 -+#define OSSL_ENGINE_LOAD_IF_MATCH(engine_name, x) \ - do{\ -- if(!strcmp(#x, RSTRING_PTR(name))){\ -- ENGINE_load_##x();\ -+ if(!strcmp(#engine_name, RSTRING_PTR(name))){\ -+ if (OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_##x, NULL))\ -+ return Qtrue;\ -+ else\ -+ ossl_raise(eEngineError, "OPENSSL_init_crypto"); \ -+ }\ -+}while(0) -+#else -+#define OSSL_ENGINE_LOAD_IF_MATCH(engine_name, x) \ -+do{\ -+ if(!strcmp(#engine_name, RSTRING_PTR(name))){\ -+ ENGINE_load_##engine_name();\ - return Qtrue;\ - }\ - }while(0) -+#endif - - static void - ossl_engine_free(void *engine) -@@ -94,55 +106,55 @@ ossl_engine_s_load(int argc, VALUE *argv, VALUE klass) - StringValueCStr(name); - #ifndef OPENSSL_NO_STATIC_ENGINE - #if HAVE_ENGINE_LOAD_DYNAMIC -- OSSL_ENGINE_LOAD_IF_MATCH(dynamic); -+ OSSL_ENGINE_LOAD_IF_MATCH(dynamic, DYNAMIC); - #endif - #if HAVE_ENGINE_LOAD_4758CCA -- OSSL_ENGINE_LOAD_IF_MATCH(4758cca); -+ OSSL_ENGINE_LOAD_IF_MATCH(4758cca, 4758CCA); - #endif - #if HAVE_ENGINE_LOAD_AEP -- OSSL_ENGINE_LOAD_IF_MATCH(aep); -+ OSSL_ENGINE_LOAD_IF_MATCH(aep, AEP); - #endif - #if HAVE_ENGINE_LOAD_ATALLA -- OSSL_ENGINE_LOAD_IF_MATCH(atalla); -+ OSSL_ENGINE_LOAD_IF_MATCH(atalla, ATALLA); - #endif - #if HAVE_ENGINE_LOAD_CHIL -- OSSL_ENGINE_LOAD_IF_MATCH(chil); -+ OSSL_ENGINE_LOAD_IF_MATCH(chil, CHIL); - #endif - #if HAVE_ENGINE_LOAD_CSWIFT -- OSSL_ENGINE_LOAD_IF_MATCH(cswift); -+ OSSL_ENGINE_LOAD_IF_MATCH(cswift, CSWIFT); - #endif - #if HAVE_ENGINE_LOAD_NURON -- OSSL_ENGINE_LOAD_IF_MATCH(nuron); -+ OSSL_ENGINE_LOAD_IF_MATCH(nuron, NURON); - #endif - #if HAVE_ENGINE_LOAD_SUREWARE -- OSSL_ENGINE_LOAD_IF_MATCH(sureware); -+ OSSL_ENGINE_LOAD_IF_MATCH(sureware, SUREWARE); - #endif - #if HAVE_ENGINE_LOAD_UBSEC -- OSSL_ENGINE_LOAD_IF_MATCH(ubsec); -+ OSSL_ENGINE_LOAD_IF_MATCH(ubsec, UBSEC); - #endif - #if HAVE_ENGINE_LOAD_PADLOCK -- OSSL_ENGINE_LOAD_IF_MATCH(padlock); -+ OSSL_ENGINE_LOAD_IF_MATCH(padlock, PADLOCK); - #endif - #if HAVE_ENGINE_LOAD_CAPI -- OSSL_ENGINE_LOAD_IF_MATCH(capi); -+ OSSL_ENGINE_LOAD_IF_MATCH(capi, CAPI); - #endif - #if HAVE_ENGINE_LOAD_GMP -- OSSL_ENGINE_LOAD_IF_MATCH(gmp); -+ OSSL_ENGINE_LOAD_IF_MATCH(gmp, GMP); - #endif - #if HAVE_ENGINE_LOAD_GOST -- OSSL_ENGINE_LOAD_IF_MATCH(gost); -+ OSSL_ENGINE_LOAD_IF_MATCH(gost, GOST); - #endif - #if HAVE_ENGINE_LOAD_CRYPTODEV -- OSSL_ENGINE_LOAD_IF_MATCH(cryptodev); -+ OSSL_ENGINE_LOAD_IF_MATCH(cryptodev, CRYPTODEV); - #endif - #if HAVE_ENGINE_LOAD_AESNI -- OSSL_ENGINE_LOAD_IF_MATCH(aesni); -+ OSSL_ENGINE_LOAD_IF_MATCH(aesni, AESNI); - #endif - #endif - #ifdef HAVE_ENGINE_LOAD_OPENBSD_DEV_CRYPTO -- OSSL_ENGINE_LOAD_IF_MATCH(openbsd_dev_crypto); -+ OSSL_ENGINE_LOAD_IF_MATCH(openbsd_dev_crypto, OPENBSD_DEV_CRYPTO); - #endif -- OSSL_ENGINE_LOAD_IF_MATCH(openssl); -+ OSSL_ENGINE_LOAD_IF_MATCH(openssl, OPENSSL); - rb_warning("no such builtin loader for `%"PRIsVALUE"'", name); - return Qnil; - #endif /* HAVE_ENGINE_LOAD_BUILTIN_ENGINES */ -@@ -160,7 +172,9 @@ ossl_engine_s_load(int argc, VALUE *argv, VALUE klass) - static VALUE - ossl_engine_s_cleanup(VALUE self) - { -+#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000 - ENGINE_cleanup(); -+#endif - return Qnil; - } - -diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c -index 8e3c0c42..d32a299c 100644 ---- a/ext/openssl/ossl_ssl.c -+++ b/ext/openssl/ossl_ssl.c -@@ -379,7 +379,7 @@ ossl_call_session_get_cb(VALUE ary) - - /* this method is currently only called for servers (in OpenSSL <= 0.9.8e) */ - static SSL_SESSION * --#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER) - ossl_sslctx_session_get_cb(SSL *ssl, const unsigned char *buf, int len, int *copy) - #else - ossl_sslctx_session_get_cb(SSL *ssl, unsigned char *buf, int len, int *copy) -diff --git a/ext/openssl/ossl_x509cert.c b/ext/openssl/ossl_x509cert.c -index cf82a53d..8d16b9b7 100644 ---- a/ext/openssl/ossl_x509cert.c -+++ b/ext/openssl/ossl_x509cert.c -@@ -440,7 +440,7 @@ ossl_x509_set_not_before(VALUE self, VALUE time) - - GetX509(self, x509); - asn1time = ossl_x509_time_adjust(NULL, time); -- if (!X509_set_notBefore(x509, asn1time)) { -+ if (!X509_set1_notBefore(x509, asn1time)) { - ASN1_TIME_free(asn1time); - ossl_raise(eX509CertError, "X509_set_notBefore"); - } -@@ -479,7 +479,7 @@ ossl_x509_set_not_after(VALUE self, VALUE time) - - GetX509(self, x509); - asn1time = ossl_x509_time_adjust(NULL, time); -- if (!X509_set_notAfter(x509, asn1time)) { -+ if (!X509_set1_notAfter(x509, asn1time)) { - ASN1_TIME_free(asn1time); - ossl_raise(eX509CertError, "X509_set_notAfter"); - } -diff --git a/ext/openssl/ossl_x509crl.c b/ext/openssl/ossl_x509crl.c -index 5ecd7ea0..45cf7fb4 100644 ---- a/ext/openssl/ossl_x509crl.c -+++ b/ext/openssl/ossl_x509crl.c -@@ -226,7 +226,7 @@ ossl_x509crl_set_last_update(VALUE self, VALUE time) - - GetX509CRL(self, crl); - asn1time = ossl_x509_time_adjust(NULL, time); -- if (!X509_CRL_set_lastUpdate(crl, asn1time)) { -+ if (!X509_CRL_set1_lastUpdate(crl, asn1time)) { - ASN1_TIME_free(asn1time); - ossl_raise(eX509CRLError, "X509_CRL_set_lastUpdate"); - } -@@ -257,7 +257,7 @@ ossl_x509crl_set_next_update(VALUE self, VALUE time) - - GetX509CRL(self, crl); - asn1time = ossl_x509_time_adjust(NULL, time); -- if (!X509_CRL_set_nextUpdate(crl, asn1time)) { -+ if (!X509_CRL_set1_nextUpdate(crl, asn1time)) { - ASN1_TIME_free(asn1time); - ossl_raise(eX509CRLError, "X509_CRL_set_nextUpdate"); - } |