Attachment 519864 Details for Bug 647914 – sbsigntools-0.9.1-openssl-1.1.0-compat.patch

[patch] sbsigntools-0.9.1-openssl-1.1.0-compat.patch

sbsigntools-0.9.1-openssl-1.1.0-compat.patch (text/plain), 4.62 KB, created by Quentin Minster on 2018-02-17 04:30:34 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Quentin Minster

Created: 2018-02-17 04:30:34 UTC

Size: 4.62 KB

patch

obsolete

>diff --git a/src/fileio.c b/src/fileio.c
>index 032eb1e..09bc3aa 100644
>--- a/src/fileio.c
>+++ b/src/fileio.c
>@@ -40,6 +40,7 @@
> #include <openssl/pem.h>
> #include <openssl/err.h>
> #include <openssl/engine.h>
>+#include <openssl/ui.h>
> 
> #include <ccan/talloc/talloc.h>
> #include <ccan/read_write_all/read_write_all.h>
>diff --git a/src/idc.c b/src/idc.c
>index 236cefd..6d87bd4 100644
>--- a/src/idc.c
>+++ b/src/idc.c
>@@ -238,7 +238,11 @@ struct idc *IDC_get(PKCS7 *p7, BIO *bio)
> 
> 	/* extract the idc from the signed PKCS7 'other' data */
> 	str = p7->d.sign->contents->d.other->value.asn1_string;
>+#if OPENSSL_VERSION_NUMBER < 0x10100000L
> 	idcbuf = buf = ASN1_STRING_data(str);
>+#else
>+	idcbuf = buf = ASN1_STRING_get0_data(str);
>+#endif
> 	idc = d2i_IDC(NULL, &buf, ASN1_STRING_length(str));
> 
> 	/* If we were passed a BIO, write the idc data, minus type and length,
>@@ -289,7 +293,11 @@ int IDC_check_hash(struct idc *idc, struct image *image)
> 	}
> 
> 	/* check hash against the one we calculated from the image */
>+#if OPENSSL_VERSION_NUMBER < 0x10100000L
> 	buf = ASN1_STRING_data(str);
>+#else
>+	buf = ASN1_STRING_get0_data(str);
>+#endif
> 	if (memcmp(buf, sha, sizeof(sha))) {
> 		fprintf(stderr, "Hash doesn't match image\n");
> 		fprintf(stderr, " got:       %s\n", sha256_str(buf));
>diff --git a/src/sbattach.c b/src/sbattach.c
>index a0c01b8..e89a23e 100644
>--- a/src/sbattach.c
>+++ b/src/sbattach.c
>@@ -231,6 +231,7 @@ int main(int argc, char **argv)
> 		return EXIT_FAILURE;
> 	}
> 
>+#if OPENSSL_VERSION_NUMBER < 0x10100000L
> 	ERR_load_crypto_strings();
> 	OpenSSL_add_all_digests();
> 	OPENSSL_config(NULL);
>@@ -239,6 +240,7 @@ int main(int argc, char **argv)
> 	 * module isn't present).  In either case ignore the errors
> 	 * (malloc will cause other failures out lower down */
> 	ERR_clear_error();
>+#endif
> 
> 	image = image_load(image_filename);
> 	if (!image) {
>diff --git a/src/sbkeysync.c b/src/sbkeysync.c
>index 7b17f40..419b1e7 100644
>--- a/src/sbkeysync.c
>+++ b/src/sbkeysync.c
>@@ -208,7 +208,11 @@ static int x509_key_parse(struct key *key, uint8_t *data, size_t len)
> 		goto out;
> 
> 	key->id_len = ASN1_STRING_length(serial);
>+#if OPENSSL_VERSION_NUMBER < 0x10100000L
> 	key->id = talloc_memdup(key, ASN1_STRING_data(serial), key->id_len);
>+#else
>+	key->id = talloc_memdup(key, ASN1_STRING_get0_data(serial), key->id_len);
>+#endif
> 
> 	key->description = talloc_array(key, char, description_len);
> 	X509_NAME_oneline(X509_get_subject_name(x509),
>@@ -927,6 +931,7 @@ int main(int argc, char **argv)
> 		return EXIT_FAILURE;
> 	}
> 
>+#if OPENSSL_VERSION_NUMBER < 0x10100000L
> 	ERR_load_crypto_strings();
> 	OpenSSL_add_all_digests();
> 	OpenSSL_add_all_ciphers();
>@@ -936,6 +941,7 @@ int main(int argc, char **argv)
> 	 * module isn't present).  In either case ignore the errors
> 	 * (malloc will cause other failures out lower down */
> 	ERR_clear_error();
>+#endif
> 
> 	ctx->filesystem_keys = init_keyset(ctx);
> 	ctx->firmware_keys = init_keyset(ctx);
>diff --git a/src/sbsign.c b/src/sbsign.c
>index ff1fdfd..78d8d64 100644
>--- a/src/sbsign.c
>+++ b/src/sbsign.c
>@@ -188,6 +188,7 @@ int main(int argc, char **argv)
> 
> 	talloc_steal(ctx, ctx->image);
> 
>+#if OPENSSL_VERSION_NUMBER < 0x10100000L
> 	ERR_load_crypto_strings();
> 	OpenSSL_add_all_digests();
> 	OpenSSL_add_all_ciphers();
>@@ -197,6 +198,7 @@ int main(int argc, char **argv)
> 	 * module isn't present).  In either case ignore the errors
> 	 * (malloc will cause other failures out lower down */
> 	ERR_clear_error();
>+#endif
> 	if (engine)
> 		pkey = fileio_read_engine_key(engine, keyfilename);
> 	else
>diff --git a/src/sbvarsign.c b/src/sbvarsign.c
>index 7dcbe51..9319c8b 100644
>--- a/src/sbvarsign.c
>+++ b/src/sbvarsign.c
>@@ -509,6 +509,7 @@ int main(int argc, char **argv)
> 		return EXIT_FAILURE;
> 	}
> 
>+#if OPENSSL_VERSION_NUMBER < 0x10100000L
> 	/* initialise openssl */
> 	OpenSSL_add_all_digests();
> 	OpenSSL_add_all_ciphers();
>@@ -519,6 +520,7 @@ int main(int argc, char **argv)
> 	 * module isn't present).  In either case ignore the errors
> 	 * (malloc will cause other failures out lower down */
> 	ERR_clear_error();
>+#endif
> 
> 	/* set up the variable signing context */
> 	varname = argv[optind];
>diff --git a/src/sbverify.c b/src/sbverify.c
>index 3920d91..d0b203a 100644
>--- a/src/sbverify.c
>+++ b/src/sbverify.c
>@@ -250,6 +250,7 @@ int main(int argc, char **argv)
> 	verbose = false;
> 	detached_sig_filename = NULL;
> 
>+#if OPENSSL_VERSION_NUMBER < 0x10100000L
> 	OpenSSL_add_all_digests();
> 	ERR_load_crypto_strings();
> 	OPENSSL_config(NULL);
>@@ -258,6 +259,7 @@ int main(int argc, char **argv)
> 	 * module isn't present).  In either case ignore the errors
> 	 * (malloc will cause other failures out lower down */
> 	ERR_clear_error();
>+#endif
> 
> 	for (;;) {
> 		int idx;

Actions: View | Diff

Attachments on bug 647914: 519862 | 519864 | 519866