Attachment 498616 Details for Bug 614760 – ruby-2.4.2-openssl-1.1.patch

[patch] ruby-2.4.2-openssl-1.1.patch

ruby-2.4.2-openssl-1.1.patch (text/plain), 6.94 KB, created by Mark Wright on 2017-10-14 07:14:14 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Mark Wright

Created: 2017-10-14 07:14:14 UTC

Size: 6.94 KB

patch

obsolete

>--- ruby-2.4.2-orig/ext/openssl/ossl.c	2017-09-09 00:38:12.000000000 +1000
>+++ ruby-2.4.2/ext/openssl/ossl.c	2017-10-14 16:31:14.025619962 +1100
>@@ -1010,10 +1010,8 @@
>      */
>     /* CRYPTO_malloc_init(); */
>     /* ENGINE_load_builtin_engines(); */
>-    OpenSSL_add_ssl_algorithms();
>-    OpenSSL_add_all_algorithms();
>-    ERR_load_crypto_strings();
>-    SSL_load_error_strings();
>+
>+    OPENSSL_init_ssl(0, NULL);
> 
>     /*
>      * FIXME:
>@@ -1048,7 +1046,7 @@
>     /*
>      * Version of OpenSSL the ruby OpenSSL extension is running with
>      */
>-    rb_define_const(mOSSL, "OPENSSL_LIBRARY_VERSION", rb_str_new2(SSLeay_version(SSLEAY_VERSION)));
>+    rb_define_const(mOSSL, "OPENSSL_LIBRARY_VERSION", rb_str_new2(OpenSSL_version(OPENSSL_VERSION)));
> 
>     /*
>      * Version number of OpenSSL the ruby OpenSSL extension was built with
>--- ruby-2.4.2-orig/ext/openssl/ossl.h	2016-12-01 01:41:46.000000000 +1100
>+++ ruby-2.4.2/ext/openssl/ossl.h	2017-10-14 17:14:53.060910657 +1100
>@@ -35,6 +35,11 @@
> #if !defined(OPENSSL_NO_OCSP)
> #  include <openssl/ocsp.h>
> #endif
>+#include <openssl/bn.h>
>+#include <openssl/rsa.h>
>+#include <openssl/dsa.h>
>+#include <openssl/evp.h>
>+#include <openssl/dh.h>
> 
> /*
>  * Common Module
>--- ruby-2.4.2-orig/ext/openssl/ossl_cipher.c	2017-08-03 23:43:01.000000000 +1000
>+++ ruby-2.4.2/ext/openssl/ossl_cipher.c	2017-10-14 17:14:10.245740284 +1100
>@@ -513,8 +513,8 @@
>     GetCipher(self, ctx);
> 
> #if defined(HAVE_AUTHENTICATED_ENCRYPTION)
>-    if (EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER)
>-	iv_len = (int)(VALUE)EVP_CIPHER_CTX_get_app_data(ctx);
>+    if (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER)
>+      iv_len = (int)(VALUE)EVP_CIPHER_CTX_get_app_data(ctx);
> #endif
>     if (!iv_len)
> 	iv_len = EVP_CIPHER_CTX_iv_length(ctx);
>@@ -542,7 +542,7 @@
>     GetCipher(self, ctx);
> 
> #if defined(HAVE_AUTHENTICATED_ENCRYPTION)
>-    return (EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER) ? Qtrue : Qfalse;
>+    return (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER) ? Qtrue : Qfalse;
> #else
>     return Qfalse;
> #endif
>@@ -617,7 +617,7 @@
> 
>     GetCipher(self, ctx);
> 
>-    if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER))
>+    if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER))
> 	ossl_raise(eCipherError, "authentication tag not supported by this cipher");
> 
>     ret = rb_str_new(NULL, tag_len);
>@@ -654,7 +654,7 @@
>     tag_len = RSTRING_LENINT(vtag);
> 
>     GetCipher(self, ctx);
>-    if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER))
>+    if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER))
> 	ossl_raise(eCipherError, "authentication tag not supported by this cipher");
> 
>     if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag_len, tag))
>@@ -681,7 +681,7 @@
>     EVP_CIPHER_CTX *ctx;
> 
>     GetCipher(self, ctx);
>-    if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER))
>+    if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER))
> 	ossl_raise(eCipherError, "AEAD not supported by this cipher");
> 
>     if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag_len, NULL))
>@@ -708,7 +708,7 @@
>     EVP_CIPHER_CTX *ctx;
> 
>     GetCipher(self, ctx);
>-    if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER))
>+    if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER))
> 	ossl_raise(eCipherError, "cipher does not support AEAD");
> 
>     if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, len, NULL))
>@@ -807,7 +807,7 @@
> 
>     GetCipher(self, ctx);
> #if defined(HAVE_AUTHENTICATED_ENCRYPTION)
>-    if (EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER)
>+    if (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER)
> 	len = (int)(VALUE)EVP_CIPHER_CTX_get_app_data(ctx);
> #endif
>     if (!len)
>--- ruby-2.4.2-orig/ext/openssl/ossl_engine.c	2016-12-10 19:12:02.000000000 +1100
>+++ ruby-2.4.2/ext/openssl/ossl_engine.c	2017-10-14 17:12:42.740390541 +1100
>@@ -53,7 +53,7 @@
> #define OSSL_ENGINE_LOAD_IF_MATCH(x) \
> do{\
>   if(!strcmp(#x, RSTRING_PTR(name))){\
>-    ENGINE_load_##x();\
>+    OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_##x, NULL); \
>     return Qtrue;\
>   }\
> }while(0)
>@@ -99,7 +99,7 @@
>     StringValueCStr(name);
> #ifndef OPENSSL_NO_STATIC_ENGINE
> #if HAVE_ENGINE_LOAD_DYNAMIC
>-    OSSL_ENGINE_LOAD_IF_MATCH(dynamic);
>+    OSSL_ENGINE_LOAD_IF_MATCH(DYNAMIC);
> #endif
> #if HAVE_ENGINE_LOAD_4758CCA
>     OSSL_ENGINE_LOAD_IF_MATCH(4758cca);
>@@ -126,10 +126,10 @@
>     OSSL_ENGINE_LOAD_IF_MATCH(ubsec);
> #endif
> #if HAVE_ENGINE_LOAD_PADLOCK
>-    OSSL_ENGINE_LOAD_IF_MATCH(padlock);
>+    OSSL_ENGINE_LOAD_IF_MATCH(PADLOCK);
> #endif
> #if HAVE_ENGINE_LOAD_CAPI
>-    OSSL_ENGINE_LOAD_IF_MATCH(capi);
>+    OSSL_ENGINE_LOAD_IF_MATCH(CAPI);
> #endif
> #if HAVE_ENGINE_LOAD_GMP
>     OSSL_ENGINE_LOAD_IF_MATCH(gmp);
>@@ -138,7 +138,7 @@
>     OSSL_ENGINE_LOAD_IF_MATCH(gost);
> #endif
> #if HAVE_ENGINE_LOAD_CRYPTODEV
>-    OSSL_ENGINE_LOAD_IF_MATCH(cryptodev);
>+    OSSL_ENGINE_LOAD_IF_MATCH(CRYPTODEV);
> #endif
> #if HAVE_ENGINE_LOAD_AESNI
>     OSSL_ENGINE_LOAD_IF_MATCH(aesni);
>@@ -147,7 +147,7 @@
> #ifdef HAVE_ENGINE_LOAD_OPENBSD_DEV_CRYPTO
>     OSSL_ENGINE_LOAD_IF_MATCH(openbsd_dev_crypto);
> #endif
>-    OSSL_ENGINE_LOAD_IF_MATCH(openssl);
>+    OSSL_ENGINE_LOAD_IF_MATCH(OPENSSL);
>     rb_warning("no such builtin loader for `%"PRIsVALUE"'", name);
>     return Qnil;
> #endif /* HAVE_ENGINE_LOAD_BUILTIN_ENGINES */
>@@ -165,7 +165,6 @@
> static VALUE
> ossl_engine_s_cleanup(VALUE self)
> {
>-    ENGINE_cleanup();
>     return Qnil;
> }
> 
>--- ruby-2.4.2-orig/ext/openssl/ossl_x509cert.c	2017-09-09 00:38:12.000000000 +1000
>+++ ruby-2.4.2/ext/openssl/ossl_x509cert.c	2017-10-14 17:32:44.932029602 +1100
>@@ -478,7 +478,7 @@
> 
>     GetX509(self, x509);
>     asn1time = ossl_x509_time_adjust(NULL, time);
>-    if (!X509_set_notBefore(x509, asn1time)) {
>+    if (!X509_set1_notBefore(x509, asn1time)) {
> 	ASN1_TIME_free(asn1time);
> 	ossl_raise(eX509CertError, "X509_set_notBefore");
>     }
>@@ -517,7 +517,7 @@
> 
>     GetX509(self, x509);
>     asn1time = ossl_x509_time_adjust(NULL, time);
>-    if (!X509_set_notAfter(x509, asn1time)) {
>+    if (!X509_set1_notAfter(x509, asn1time)) {
> 	ASN1_TIME_free(asn1time);
> 	ossl_raise(eX509CertError, "X509_set_notAfter");
>     }
>--- ruby-2.4.2-orig/ext/openssl/ossl_x509crl.c	2017-09-09 00:38:12.000000000 +1000
>+++ ruby-2.4.2/ext/openssl/ossl_x509crl.c	2017-10-14 17:34:03.985323274 +1100
>@@ -237,7 +237,7 @@
> 
>     GetX509CRL(self, crl);
>     asn1time = ossl_x509_time_adjust(NULL, time);
>-    if (!X509_CRL_set_lastUpdate(crl, asn1time)) {
>+    if (!X509_CRL_set1_lastUpdate(crl, asn1time)) {
> 	ASN1_TIME_free(asn1time);
> 	ossl_raise(eX509CRLError, "X509_CRL_set_lastUpdate");
>     }
>@@ -264,7 +264,7 @@
> 
>     GetX509CRL(self, crl);
>     asn1time = ossl_x509_time_adjust(NULL, time);
>-    if (!X509_CRL_set_nextUpdate(crl, asn1time)) {
>+    if (!X509_CRL_set1_nextUpdate(crl, asn1time)) {
> 	ASN1_TIME_free(asn1time);
> 	ossl_raise(eX509CRLError, "X509_CRL_set_nextUpdate");
>     }

Actions: View | Diff

Attachments on bug 614760: 469240 | 498616 | 498654