Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 567520 Details for
Bug 598410
dev-libs/libp11: libressl support
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
libp11-0.4.4-libressl-2.8.3.patch
libp11-libre.patch (text/plain), 8.73 KB, created by
pagorman
on 2019-03-02 23:11:43 UTC
(
hide
)
Description:
libp11-0.4.4-libressl-2.8.3.patch
Filename:
MIME Type:
Creator:
pagorman
Created:
2019-03-02 23:11:43 UTC
Size:
8.73 KB
patch
obsolete
>--- a/src/p11_misc.c 2016-03-19 13:42:13.000000000 -0400 >+++ b/src/p11_misc.c 2019-02-26 22:47:09.801888291 -0500 >@@ -43,7 +43,7 @@ > * CRYPTO dynlock wrappers: 0 is an invalid dynamic lock ID > */ > >-#if OPENSSL_VERSION_NUMBER < 0x10100004L >+#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100004L > > int CRYPTO_THREAD_lock_new() > { >--- a/src/p11_rsa.c 2016-11-29 13:57:01.000000000 -0500 >+++ b/src/p11_rsa.c 2019-02-26 23:00:05.804934673 -0500 >@@ -29,7 +29,7 @@ > > static int rsa_ex_index = 0; > >-#if OPENSSL_VERSION_NUMBER < 0x10100003L >+#if OPENSSL_VERSION_NUMBER < 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER) > #define EVP_PKEY_get0_RSA(key) ((key)->pkey.rsa) > #endif > >@@ -310,7 +310,7 @@ > return RSA_size(rsa); > } > >-#if OPENSSL_VERSION_NUMBER < 0x10100005L >+#if OPENSSL_VERSION_NUMBER < 0x10100005L || defined(LIBRESSL_VERSION_NUMBER) > > int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth)) > (int flen, const unsigned char *from, >@@ -374,7 +374,7 @@ > static void free_rsa_ex_index() > { > /* CRYPTO_free_ex_index requires OpenSSL version >= 1.1.0-pre1 */ >-#if OPENSSL_VERSION_NUMBER >= 0x10100001L >+#if OPENSSL_VERSION_NUMBER >= 0x10100001L && !defined(LIBRESSL_VERSION_NUMBER) > if (rsa_ex_index > 0) { > CRYPTO_free_ex_index(CRYPTO_EX_INDEX_RSA, rsa_ex_index); > rsa_ex_index = 0; >@@ -382,7 +382,17 @@ > #endif > } > >-#if OPENSSL_VERSION_NUMBER < 0x10100005L >+#if defined(LIBRESSL_VERSION_NUMBER) >+ >+static int RSA_meth_set_flags(RSA_METHOD *meth, int flags) >+{ >+ meth->flags = flags; >+ return 1; >+} >+ >+#endif >+ >+#if OPENSSL_VERSION_NUMBER < 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER) > > static RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth) > { > >--- a/src/libp11-int.h 2016-10-01 16:46:51.000000000 -0400 >+++ b/src/libp11-int.h 2019-02-28 00:24:14.686400582 -0500 >@@ -32,8 +32,9 @@ > extern void *C_LoadModule(const char *name, CK_FUNCTION_LIST_PTR_PTR); > extern CK_RV C_UnloadModule(void *module); > >-#if OPENSSL_VERSION_NUMBER < 0x10100004L >+#if (defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100004L) > typedef int PKCS11_RWLOCK; >+typedef PKCS11_RWLOCK CRYPTO_RWLOCK; > #else > typedef CRYPTO_RWLOCK *PKCS11_RWLOCK; > #endif >@@ -144,7 +145,7 @@ > #define PKCS11_DUP(s) \ > pkcs11_strdup((char *) s, sizeof(s)) > >-#if OPENSSL_VERSION_NUMBER < 0x10100004L >+#if (defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100004L) > /* Emulate the OpenSSL 1.1 locking API for older OpenSSL versions */ > int CRYPTO_THREAD_lock_new(); > void CRYPTO_THREAD_lock_free(int); >--- a/src/eng_back.c 2017-01-18 13:52:25.000000000 -0500 >+++ b/src/eng_back.c 2019-02-26 19:45:07.384235457 -0500 >@@ -49,7 +49,7 @@ > char *init_args; > > /* Engine initialization mutex */ >-#if OPENSSL_VERSION_NUMBER >= 0x10100004L >+#if OPENSSL_VERSION_NUMBER >= 0x10100004L && !defined(LIBRESSL_VERSION_NUMBER) > CRYPTO_RWLOCK *rwlock; > #else > int rwlock; >@@ -206,7 +206,7 @@ > #endif > } > >-#if OPENSSL_VERSION_NUMBER >= 0x10100004L >+#if OPENSSL_VERSION_NUMBER >= 0x10100004L && !defined(LIBRESSL_VERSION_NUMBER) > ctx->rwlock = CRYPTO_THREAD_lock_new(); > #else > ctx->rwlock = CRYPTO_get_dynlock_create_callback() ? >@@ -224,7 +224,7 @@ > ctx_destroy_pin(ctx); > OPENSSL_free(ctx->module); > OPENSSL_free(ctx->init_args); >-#if OPENSSL_VERSION_NUMBER >= 0x10100004L >+#if OPENSSL_VERSION_NUMBER >= 0x10100004L && !defined(LIBRESSL_VERSION_NUMBER) > CRYPTO_THREAD_lock_free(ctx->rwlock); > #else > if (ctx->rwlock) >@@ -274,7 +274,7 @@ > > static int ctx_init_libp11(ENGINE_CTX *ctx) > { >-#if OPENSSL_VERSION_NUMBER >= 0x10100004L >+#if OPENSSL_VERSION_NUMBER >= 0x10100004L && !defined(LIBRESSL_VERSION_NUMBER) > CRYPTO_THREAD_write_lock(ctx->rwlock); > #else > if (ctx->rwlock) >@@ -282,7 +282,7 @@ > #endif > if (ctx->pkcs11_ctx == NULL || ctx->slot_list == NULL) > ctx_init_libp11_unlocked(ctx); >-#if OPENSSL_VERSION_NUMBER >= 0x10100004L >+#if OPENSSL_VERSION_NUMBER >= 0x10100004L && !defined(LIBRESSL_VERSION_NUMBER) > CRYPTO_THREAD_unlock(ctx->rwlock); > #else > if (ctx->rwlock) >@@ -302,7 +302,7 @@ > /* Only attempt initialization when dynamic locks are unavailable. > * This likely also indicates a single-threaded application, > * so temporarily unlocking CRYPTO_LOCK_ENGINE should be safe. */ >-#if OPENSSL_VERSION_NUMBER < 0x10100004L >+#if (defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100004L) > if (CRYPTO_get_dynlock_create_callback() == NULL || > CRYPTO_get_dynlock_lock_callback() == NULL || > CRYPTO_get_dynlock_destroy_callback() == NULL) { >--- a/src/libp11.h 2016-12-02 15:36:16.000000000 -0500 >+++ b/src/libp11.h 2019-02-26 19:55:20.286272090 -0500 >@@ -370,7 +370,7 @@ > */ > RSA_METHOD *PKCS11_get_rsa_method(void); > /* Also define unsupported methods to retain backward compatibility */ >-#if OPENSSL_VERSION_NUMBER >= 0x10100002L >+#if OPENSSL_VERSION_NUMBER >= 0x10100002L && !defined(LIBRESSL_VERSION_NUMBER) > EC_KEY_METHOD *PKCS11_get_ec_key_method(void); > void *PKCS11_get_ecdsa_method(void); > void *PKCS11_get_ecdh_method(void); >--- a/src/p11_ec.c 2016-12-02 15:36:16.000000000 -0500 >+++ b/src/p11_ec.c 2019-03-02 17:08:21.722942462 -0500 >@@ -56,7 +56,7 @@ > typedef ECDSA_SIG *(*sign_sig_fn)(const unsigned char *, int, > const BIGNUM *, const BIGNUM *, EC_KEY *); > >-#if OPENSSL_VERSION_NUMBER < 0x10100000L >+#if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) > > /* ecdsa_method maintains unchanged layout between 0.9.8 and 1.0.2 */ > >@@ -73,7 +73,7 @@ > > #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ > >-#if OPENSSL_VERSION_NUMBER < 0x10002000L >+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) > > /* Define missing functions */ > >@@ -104,7 +104,7 @@ > > /********** Missing ECDH_METHOD functions for OpenSSL < 1.1.0 */ > >-#if OPENSSL_VERSION_NUMBER < 0x10100000L >+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) > > /* ecdh_method maintains unchanged layout between 0.9.8 and 1.0.2 */ > >@@ -156,7 +156,7 @@ > { > if (ec_ex_index == 0) { > while (ec_ex_index == 0) /* Workaround for OpenSSL RT3710 */ >-#if OPENSSL_VERSION_NUMBER >= 0x10100002L >+#if OPENSSL_VERSION_NUMBER >= 0x10100002L && !defined(LIBRESSL_VERSION_NUMBER) > ec_ex_index = EC_KEY_get_ex_new_index(0, "libp11 ec_key", > NULL, NULL, NULL); > #else >@@ -265,7 +265,7 @@ > EVP_PKEY_set1_EC_KEY(pk, ec); /* Also increments the ec ref count */ > > if (key->isPrivate) { >-#if OPENSSL_VERSION_NUMBER >= 0x10100000L >+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) > EC_KEY_set_method(ec, PKCS11_get_ec_key_method()); > #else > ECDSA_set_method(ec, PKCS11_get_ecdsa_method()); >@@ -275,7 +275,7 @@ > /* TODO: Retrieve the ECDSA private key object attributes instead, > * unless the key has the "sensitive" attribute set */ > >-#if OPENSSL_VERSION_NUMBER >= 0x10100000L >+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) > EC_KEY_set_ex_data(ec, ec_ex_index, key); > #else > ECDSA_set_ex_data(ec, ec_ex_index, key); >@@ -345,14 +345,14 @@ > (void)kinv; /* Precomputed values are not used for PKCS#11 */ > (void)rp; /* Precomputed values are not used for PKCS#11 */ > >-#if OPENSSL_VERSION_NUMBER >= 0x10100000L >+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) > key = (PKCS11_KEY *)EC_KEY_get_ex_data(ec, ec_ex_index); > #else > key = (PKCS11_KEY *)ECDSA_get_ex_data(ec, ec_ex_index); > #endif > if (key == NULL) { > sign_sig_fn orig_sign_sig; >-#if OPENSSL_VERSION_NUMBER >= 0x10100000L >+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) > const EC_KEY_METHOD *meth = EC_KEY_OpenSSL(); > EC_KEY_METHOD_get_sign((EC_KEY_METHOD *)meth, > NULL, NULL, &orig_sign_sig); >@@ -515,7 +515,7 @@ > return 0; > } > >-#if OPENSSL_VERSION_NUMBER >= 0x10100004L >+#if OPENSSL_VERSION_NUMBER >= 0x10100004L && !defined(LIBRESSL_VERSION_NUMBER) > > /** > * ECDH key derivation method (replaces ossl_ecdh_compute_key) >@@ -578,13 +578,18 @@ > size_t buflen; > int rv; > >-#if OPENSSL_VERSION_NUMBER >= 0x10100000L >+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) > key = (PKCS11_KEY *)EC_KEY_get_ex_data(ecdh, ec_ex_index); > #else > key = (PKCS11_KEY *)ECDSA_get_ex_data((EC_KEY *)ecdh, ec_ex_index); > #endif >+#if !defined(LIBRESSL_VERSION_NUMBER) > if (key == NULL) /* The private key is not handled by PKCS#11 */ > return ossl_ecdh_compute_key(out, outlen, peer_point, ecdh, KDF); >+#else >+ if (key ==NULL) >+ return ECDH_compute_key(out, outlen, peer_point, ecdh, KDF); >+#endif > /* TODO: Add an atfork check */ > > /* both peer and ecdh use same group parameters */ >@@ -623,7 +628,7 @@ > /* New way to allocate an ECDSA_METOD object */ > /* OpenSSL 1.1 has single method EC_KEY_METHOD for ECDSA and ECDH */ > >-#if OPENSSL_VERSION_NUMBER >= 0x10100000L >+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined (LIBRESSL_VERSION_NUMBER) > > EC_KEY_METHOD *PKCS11_get_ec_key_method(void) > {
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=567520">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 598410
:
451804
|
451806
|
451808
|
451810
| 567520 |
567826
