diff options
Diffstat (limited to 'pkgs/os-specific/linux/chromium-os/libbrillo/0003-libbrillo-Use-a-unique_ptr-for-EVP_MD_CTX.patch')
-rw-r--r-- | pkgs/os-specific/linux/chromium-os/libbrillo/0003-libbrillo-Use-a-unique_ptr-for-EVP_MD_CTX.patch | 86 |
1 files changed, 0 insertions, 86 deletions
diff --git a/pkgs/os-specific/linux/chromium-os/libbrillo/0003-libbrillo-Use-a-unique_ptr-for-EVP_MD_CTX.patch b/pkgs/os-specific/linux/chromium-os/libbrillo/0003-libbrillo-Use-a-unique_ptr-for-EVP_MD_CTX.patch deleted file mode 100644 index 98257d98254..00000000000 --- a/pkgs/os-specific/linux/chromium-os/libbrillo/0003-libbrillo-Use-a-unique_ptr-for-EVP_MD_CTX.patch +++ /dev/null @@ -1,86 +0,0 @@ -From d79343f36918fd99861426f658fdfb53237661f0 Mon Sep 17 00:00:00 2001 -From: Daniel Kurtz <djkurtz@chromium.org> -Date: Thu, 17 Oct 2019 20:45:53 +1100 -Subject: [PATCH 03/10] libbrillo: Use a unique_ptr for EVP_MD_CTX - -In OpenSSL 1.1, the EVP_MD_CTX struct will become opaque, and therefore -it will not be possible to allocate on the stack. - -Replace this stack allocation with a heap allocated EVP_MD_CTX using the -existing OpenSSL 1.0.2 create/destroy APIs, and manage its lifetime using -a unique_ptr<>. - -Note: There are cases (sludge, tael, tatl), where libbrillo is built -against a libchrome that has been built w/out libbase-crypto (ie, -USE="-crypto"). For this reason, we don't use the equivalent -crypto::ScopedEVP_MD_CTX type for this one instance of this in libbrillo. - -BUG=chromium:737445 -TEST=cros_workon --board=sarien start libbrillo -TEST=w/ openssl-1.0.2t: FEATURES=test emerge-sarien libbrillo -TEST=w/ openssl-1.1.0j: FEATURES=test emerge-sarien libbrillo - => Both build and pass all unittests - -Change-Id: Ic0a43b9c85fcb967c1b381b1602c03f48ac5dcef -Reviewed-on: https://chromium-review.googlesource.com/1866378 -Tested-by: Daniel Kurtz <djkurtz@chromium.org> -Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> -Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org> -Reviewed-by: Mike Frysinger <vapier@chromium.org> -Reviewed-by: Nick Crews <ncrews@chromium.org> ---- - libbrillo/policy/device_policy_impl.cc | 18 ++++++++---------- - 1 file changed, 8 insertions(+), 10 deletions(-) - -diff --git a/libbrillo/policy/device_policy_impl.cc b/libbrillo/policy/device_policy_impl.cc -index 958b7ebb7..eaf90c96a 100644 ---- a/libbrillo/policy/device_policy_impl.cc -+++ b/libbrillo/policy/device_policy_impl.cc -@@ -55,36 +55,34 @@ bool ReadPublicKeyFromFile(const base::FilePath& key_file, - bool VerifySignature(const std::string& signed_data, - const std::string& signature, - const std::string& public_key) { -- EVP_MD_CTX ctx; -- EVP_MD_CTX_init(&ctx); -+ std::unique_ptr<EVP_MD_CTX, void (*)(EVP_MD_CTX *)> ctx(EVP_MD_CTX_create(), -+ EVP_MD_CTX_destroy); -+ if (!ctx) -+ return false; - - const EVP_MD* digest = EVP_sha1(); - - char* key = const_cast<char*>(public_key.data()); - BIO* bio = BIO_new_mem_buf(key, public_key.length()); -- if (!bio) { -- EVP_MD_CTX_cleanup(&ctx); -+ if (!bio) - return false; -- } - - EVP_PKEY* public_key_ssl = d2i_PUBKEY_bio(bio, nullptr); - if (!public_key_ssl) { - BIO_free_all(bio); -- EVP_MD_CTX_cleanup(&ctx); - return false; - } - - const unsigned char* sig = - reinterpret_cast<const unsigned char*>(signature.data()); -- int rv = EVP_VerifyInit_ex(&ctx, digest, nullptr); -+ int rv = EVP_VerifyInit_ex(ctx.get(), digest, nullptr); - if (rv == 1) { -- EVP_VerifyUpdate(&ctx, signed_data.data(), signed_data.length()); -- rv = EVP_VerifyFinal(&ctx, sig, signature.length(), public_key_ssl); -+ EVP_VerifyUpdate(ctx.get(), signed_data.data(), signed_data.length()); -+ rv = EVP_VerifyFinal(ctx.get(), sig, signature.length(), public_key_ssl); - } - - EVP_PKEY_free(public_key_ssl); - BIO_free_all(bio); -- EVP_MD_CTX_cleanup(&ctx); - - return rv == 1; - } --- -2.24.1 - |