diff options
Diffstat (limited to 'pkgs/os-specific/linux/chromium-os/libbrillo/0004-libbrillo-Update-for-OpenSSL-1.1.patch')
| -rw-r--r-- | pkgs/os-specific/linux/chromium-os/libbrillo/0004-libbrillo-Update-for-OpenSSL-1.1.patch | 218 |
1 files changed, 0 insertions, 218 deletions
diff --git a/pkgs/os-specific/linux/chromium-os/libbrillo/0004-libbrillo-Update-for-OpenSSL-1.1.patch b/pkgs/os-specific/linux/chromium-os/libbrillo/0004-libbrillo-Update-for-OpenSSL-1.1.patch deleted file mode 100644 index 555daf7478c..00000000000 --- a/pkgs/os-specific/linux/chromium-os/libbrillo/0004-libbrillo-Update-for-OpenSSL-1.1.patch +++ /dev/null @@ -1,218 +0,0 @@ -From ad7338d648cfeffbd595e9a7681f746ce834d59e Mon Sep 17 00:00:00 2001 -From: Daniel Kurtz <djkurtz@chromium.org> -Date: Mon, 3 Jun 2019 16:46:17 -0600 -Subject: [PATCH 04/10] libbrillo: Update for OpenSSL 1.1 - -OpenSSL 1.1 has made significant non-backwards compatible changes to its -API as outlined in: -https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes - -Note: There are cases (sludge, tael, tatl), where libbrillo is built -against a libchrome that has been built w/out libbase-crypto (ie, -USE="-crypto"). For this reason, we don't use its libcrypto-compat.h. - -BUG=chromium:737445 -TEST=cros_workon --board=sarien start libbrillo -TEST=w/ openssl-1.0.2t: FEATURES=test emerge-sarien libbrillo -TEST=w/ openssl-1.1.0j: FEATURES=test emerge-sarien libbrillo - => Both build and pass all unittests - -Change-Id: I911c733e63ccbe58b7d9ef6d8e84c9e121056725 -Reviewed-on: https://chromium-review.googlesource.com/1641754 -Tested-by: Daniel Kurtz <djkurtz@chromium.org> -Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> -Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org> -Reviewed-by: Mike Frysinger <vapier@chromium.org> -Reviewed-by: Nick Crews <ncrews@chromium.org> ---- - .../brillo/streams/openssl_stream_bio.cc | 75 ++++++++++++++++--- - libbrillo/brillo/streams/tls_stream.cc | 7 +- - libbrillo/policy/device_policy_impl.cc | 10 ++- - 3 files changed, 77 insertions(+), 15 deletions(-) - -diff --git a/libbrillo/brillo/streams/openssl_stream_bio.cc b/libbrillo/brillo/streams/openssl_stream_bio.cc -index a63d9c0cc..478b11233 100644 ---- a/libbrillo/brillo/streams/openssl_stream_bio.cc -+++ b/libbrillo/brillo/streams/openssl_stream_bio.cc -@@ -13,9 +13,32 @@ namespace brillo { - - namespace { - -+// TODO(crbug.com/984789): Remove once support for OpenSSL <1.1 is dropped. -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+static void BIO_set_data(BIO* a, void* ptr) { -+ a->ptr = ptr; -+} -+ -+static void* BIO_get_data(BIO* a) { -+ return a->ptr; -+} -+ -+static void BIO_set_init(BIO* a, int init) { -+ a->init = init; -+} -+ -+static int BIO_get_init(BIO* a) { -+ return a->init; -+} -+ -+static void BIO_set_shutdown(BIO* a, int shut) { -+ a->shutdown = shut; -+} -+#endif -+ - // Internal functions for implementing OpenSSL BIO on brillo::Stream. - int stream_write(BIO* bio, const char* buf, int size) { -- brillo::Stream* stream = static_cast<brillo::Stream*>(bio->ptr); -+ brillo::Stream* stream = static_cast<brillo::Stream*>(BIO_get_data(bio)); - size_t written = 0; - BIO_clear_retry_flags(bio); - if (!stream->WriteNonBlocking(buf, size, &written, nullptr)) -@@ -30,7 +53,7 @@ int stream_write(BIO* bio, const char* buf, int size) { - } - - int stream_read(BIO* bio, char* buf, int size) { -- brillo::Stream* stream = static_cast<brillo::Stream*>(bio->ptr); -+ brillo::Stream* stream = static_cast<brillo::Stream*>(BIO_get_data(bio)); - size_t read = 0; - BIO_clear_retry_flags(bio); - bool eos = false; -@@ -49,16 +72,16 @@ int stream_read(BIO* bio, char* buf, int size) { - // NOLINTNEXTLINE(runtime/int) - long stream_ctrl(BIO* bio, int cmd, long /* num */, void* /* ptr */) { - if (cmd == BIO_CTRL_FLUSH) { -- brillo::Stream* stream = static_cast<brillo::Stream*>(bio->ptr); -+ brillo::Stream* stream = static_cast<brillo::Stream*>(BIO_get_data(bio)); - return stream->FlushBlocking(nullptr) ? 1 : 0; - } - return 0; - } - - int stream_new(BIO* bio) { -- bio->shutdown = 0; // By default do not close underlying stream on shutdown. -- bio->init = 0; -- bio->num = -1; // not used. -+ // By default do not close underlying stream on shutdown. -+ BIO_set_shutdown(bio, 0); -+ BIO_set_init(bio, 0); - return 1; - } - -@@ -66,13 +89,17 @@ int stream_free(BIO* bio) { - if (!bio) - return 0; - -- if (bio->init) { -- bio->ptr = nullptr; -- bio->init = 0; -+ if (BIO_get_init(bio)) { -+ BIO_set_data(bio, nullptr); -+ BIO_set_init(bio, 0); - } - return 1; - } - -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+// TODO(crbug.com/984789): Remove #ifdef once support for OpenSSL <1.1 is -+// dropped. -+ - // BIO_METHOD structure describing the BIO built on top of brillo::Stream. - BIO_METHOD stream_method = { - 0x7F | BIO_TYPE_SOURCE_SINK, // type: 0x7F is an arbitrary unused type ID. -@@ -87,13 +114,37 @@ BIO_METHOD stream_method = { - nullptr, // callback function, not used - }; - -+BIO_METHOD* stream_get_method() { -+ return &stream_method; -+} -+ -+#else -+ -+BIO_METHOD* stream_get_method() { -+ static BIO_METHOD* stream_method; -+ -+ if (!stream_method) { -+ stream_method = BIO_meth_new(BIO_get_new_index() | BIO_TYPE_SOURCE_SINK, -+ "stream"); -+ BIO_meth_set_write(stream_method, stream_write); -+ BIO_meth_set_read(stream_method, stream_read); -+ BIO_meth_set_ctrl(stream_method, stream_ctrl); -+ BIO_meth_set_create(stream_method, stream_new); -+ BIO_meth_set_destroy(stream_method, stream_free); -+ } -+ -+ return stream_method; -+} -+ -+#endif -+ - } // anonymous namespace - - BIO* BIO_new_stream(brillo::Stream* stream) { -- BIO* bio = BIO_new(&stream_method); -+ BIO* bio = BIO_new(stream_get_method()); - if (bio) { -- bio->ptr = stream; -- bio->init = 1; -+ BIO_set_data(bio, stream); -+ BIO_set_init(bio, 1); - } - return bio; - } -diff --git a/libbrillo/brillo/streams/tls_stream.cc b/libbrillo/brillo/streams/tls_stream.cc -index 603bd1d54..cc63258db 100644 ---- a/libbrillo/brillo/streams/tls_stream.cc -+++ b/libbrillo/brillo/streams/tls_stream.cc -@@ -68,6 +68,11 @@ const char kCACertificatePath[] = - - namespace brillo { - -+// TODO(crbug.com/984789): Remove once support for OpenSSL <1.1 is dropped. -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#define TLS_client_method() TLSv1_2_client_method() -+#endif -+ - // Helper implementation of TLS stream used to hide most of OpenSSL inner - // workings from the users of brillo::TlsStream. - class TlsStream::TlsStreamImpl { -@@ -342,7 +347,7 @@ bool TlsStream::TlsStreamImpl::Init(StreamPtr socket, - const base::Closure& success_callback, - const Stream::ErrorCallback& error_callback, - ErrorPtr* error) { -- ctx_.reset(SSL_CTX_new(TLSv1_2_client_method())); -+ ctx_.reset(SSL_CTX_new(TLS_client_method())); - if (!ctx_) - return ReportError(error, FROM_HERE, "Cannot create SSL_CTX"); - -diff --git a/libbrillo/policy/device_policy_impl.cc b/libbrillo/policy/device_policy_impl.cc -index eaf90c96a..3f96d12ee 100644 ---- a/libbrillo/policy/device_policy_impl.cc -+++ b/libbrillo/policy/device_policy_impl.cc -@@ -30,6 +30,12 @@ namespace em = enterprise_management; - - namespace policy { - -+// TODO(crbug.com/984789): Remove once support for OpenSSL <1.1 is dropped. -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#define EVP_MD_CTX_new EVP_MD_CTX_create -+#define EVP_MD_CTX_free EVP_MD_CTX_destroy -+#endif -+ - // Maximum value of RollbackAllowedMilestones policy. - const int kMaxRollbackAllowedMilestones = 4; - -@@ -55,8 +61,8 @@ bool ReadPublicKeyFromFile(const base::FilePath& key_file, - bool VerifySignature(const std::string& signed_data, - const std::string& signature, - const std::string& public_key) { -- std::unique_ptr<EVP_MD_CTX, void (*)(EVP_MD_CTX *)> ctx(EVP_MD_CTX_create(), -- EVP_MD_CTX_destroy); -+ std::unique_ptr<EVP_MD_CTX, void (*)(EVP_MD_CTX *)> ctx(EVP_MD_CTX_new(), -+ EVP_MD_CTX_free); - if (!ctx) - return false; - --- -2.24.1 - |