From 0bf3b438fd59d0543542f1a44664cd2e2a545e40 Mon Sep 17 00:00:00 2001 From: Igor Gnatenko Date: Tue, 10 Jan 2017 19:09:30 +0100 Subject: [PATCH] remove openssl patches Signed-off-by: Igor Gnatenko --- ...ort-for-OpenSSL-1.1.0-for-BIO-filter.patch | 115 ------- ...-the-OpenSSL-1.1-BIO-interface-for-o.patch | 300 ------------------ ..._STRING_get0_data-when-compiling-aga.patch | 55 ---- ...OpenSSL-headers-only-when-we-re-buli.patch | 58 ---- libgit2.spec | 5 - 5 files changed, 533 deletions(-) delete mode 100644 0001-add-support-for-OpenSSL-1.1.0-for-BIO-filter.patch delete mode 100644 0002-openssl-recreate-the-OpenSSL-1.1-BIO-interface-for-o.patch delete mode 100644 0003-openssl-use-ASN1_STRING_get0_data-when-compiling-aga.patch delete mode 100644 0004-openssl-include-OpenSSL-headers-only-when-we-re-buli.patch diff --git a/0001-add-support-for-OpenSSL-1.1.0-for-BIO-filter.patch b/0001-add-support-for-OpenSSL-1.1.0-for-BIO-filter.patch deleted file mode 100644 index 0996bc3..0000000 --- a/0001-add-support-for-OpenSSL-1.1.0-for-BIO-filter.patch +++ /dev/null @@ -1,115 +0,0 @@ -From eee5cc4e72ee70e0df7bb6c4fc9ba5499d1e0d22 Mon Sep 17 00:00:00 2001 -From: Igor Gnatenko -Date: Wed, 12 Oct 2016 12:41:36 +0200 -Subject: [PATCH 1/4] add support for OpenSSL 1.1.0 for BIO filter - -Closes: https://github.com/libgit2/libgit2/issues/3959 -Signed-off-by: Igor Gnatenko -(cherry picked from commit feb330d50d0fc10aceec6309131e912e152a1027) ---- - src/openssl_stream.c | 37 +++++++++++++++++++++++++++++++++++++ - 1 file changed, 37 insertions(+) - -diff --git a/src/openssl_stream.c b/src/openssl_stream.c -index 9d97bae..fc580cf 100644 ---- a/src/openssl_stream.c -+++ b/src/openssl_stream.c -@@ -156,10 +156,14 @@ int git_openssl_set_locking(void) - - static int bio_create(BIO *b) - { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - b->init = 1; - b->num = 0; - b->ptr = NULL; - b->flags = 0; -+#else -+ BIO_set_init(b, 1); -+#endif - - return 1; - } -@@ -169,23 +173,36 @@ static int bio_destroy(BIO *b) - if (!b) - return 0; - -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - b->init = 0; - b->num = 0; - b->ptr = NULL; - b->flags = 0; -+#else -+ BIO_set_init(b, 0); -+ BIO_set_data(b, NULL); -+#endif - - return 1; - } - - static int bio_read(BIO *b, char *buf, int len) - { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - git_stream *io = (git_stream *) b->ptr; -+#else -+ git_stream *io = (git_stream *) BIO_get_data(b); -+#endif - return (int) git_stream_read(io, buf, len); - } - - static int bio_write(BIO *b, const char *buf, int len) - { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - git_stream *io = (git_stream *) b->ptr; -+#else -+ git_stream *io = (git_stream *) BIO_get_data(b); -+#endif - return (int) git_stream_write(io, buf, len, 0); - } - -@@ -214,6 +231,7 @@ static int bio_puts(BIO *b, const char *str) - return bio_write(b, str, strlen(str)); - } - -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - static BIO_METHOD git_stream_bio_method = { - BIO_TYPE_SOURCE_SINK, - "git_stream", -@@ -225,6 +243,9 @@ static BIO_METHOD git_stream_bio_method = { - bio_create, - bio_destroy - }; -+#else -+static BIO_METHOD *git_stream_bio_method = NULL; -+#endif - - static int ssl_set_error(SSL *ssl, int error) - { -@@ -445,9 +466,25 @@ int openssl_connect(git_stream *stream) - - st->connected = true; - -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - bio = BIO_new(&git_stream_bio_method); -+#else -+ git_stream_bio_method = BIO_meth_new(BIO_TYPE_SOURCE_SINK | BIO_get_new_index(), "git_stream"); -+ BIO_meth_set_write(git_stream_bio_method, bio_write); -+ BIO_meth_set_read(git_stream_bio_method, bio_read); -+ BIO_meth_set_puts(git_stream_bio_method, bio_puts); -+ BIO_meth_set_gets(git_stream_bio_method, bio_gets); -+ BIO_meth_set_ctrl(git_stream_bio_method, bio_ctrl); -+ BIO_meth_set_create(git_stream_bio_method, bio_create); -+ BIO_meth_set_destroy(git_stream_bio_method, bio_destroy); -+ bio = BIO_new(git_stream_bio_method); -+#endif - GITERR_CHECK_ALLOC(bio); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - bio->ptr = st->io; -+#else -+ BIO_set_data(bio, st->io); -+#endif - - SSL_set_bio(st->ssl, bio, bio); - /* specify the host in case SNI is needed */ --- -2.10.1 - diff --git a/0002-openssl-recreate-the-OpenSSL-1.1-BIO-interface-for-o.patch b/0002-openssl-recreate-the-OpenSSL-1.1-BIO-interface-for-o.patch deleted file mode 100644 index 4be35bf..0000000 --- a/0002-openssl-recreate-the-OpenSSL-1.1-BIO-interface-for-o.patch +++ /dev/null @@ -1,300 +0,0 @@ -From d3a5f68ae759bd5abaa5eb2ffb265210392462e1 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Carlos=20Mart=C3=ADn=20Nieto?= -Date: Wed, 2 Nov 2016 12:28:25 +0100 -Subject: [PATCH 2/4] openssl: recreate the OpenSSL 1.1 BIO interface for older - versions - -We want to program against the interface, so recreate it when we compile -against pre-1.1 versions. - -(cherry picked from commit f15eedb3a390dcbe441cd77231c3449ff941d189) ---- - src/openssl_stream.c | 92 ++++++++++++++++++++----------------------------- - src/openssl_stream.h | 97 ++++++++++++++++++++++++++++++++++++++++++++++++++++ - 2 files changed, 134 insertions(+), 55 deletions(-) - -diff --git a/src/openssl_stream.c b/src/openssl_stream.c -index fc580cf..328a131 100644 ---- a/src/openssl_stream.c -+++ b/src/openssl_stream.c -@@ -13,6 +13,7 @@ - #include "posix.h" - #include "stream.h" - #include "socket_stream.h" -+#include "openssl_stream.h" - #include "netops.h" - #include "git2/transport.h" - #include "git2/sys/openssl.h" -@@ -71,12 +72,20 @@ static void shutdown_ssl_locking(void) - - #endif /* GIT_THREADS */ - -+static BIO_METHOD *git_stream_bio_method; -+static int init_bio_method(void); -+ - /** - * This function aims to clean-up the SSL context which - * we allocated. - */ - static void shutdown_ssl(void) - { -+ if (git_stream_bio_method) { -+ BIO_meth_free(git_stream_bio_method); -+ git_stream_bio_method = NULL; -+ } -+ - if (git__ssl_ctx) { - SSL_CTX_free(git__ssl_ctx); - git__ssl_ctx = NULL; -@@ -121,6 +130,13 @@ int git_openssl_stream_global_init(void) - git__ssl_ctx = NULL; - return -1; - } -+ -+ if (init_bio_method() < 0) { -+ SSL_CTX_free(git__ssl_ctx); -+ git__ssl_ctx = NULL; -+ return -1; -+ } -+ - #endif - - git__on_shutdown(shutdown_ssl); -@@ -156,14 +172,8 @@ int git_openssl_set_locking(void) - - static int bio_create(BIO *b) - { --#if OPENSSL_VERSION_NUMBER < 0x10100000L -- b->init = 1; -- b->num = 0; -- b->ptr = NULL; -- b->flags = 0; --#else - BIO_set_init(b, 1); --#endif -+ BIO_set_data(b, NULL); - - return 1; - } -@@ -173,36 +183,22 @@ static int bio_destroy(BIO *b) - if (!b) - return 0; - --#if OPENSSL_VERSION_NUMBER < 0x10100000L -- b->init = 0; -- b->num = 0; -- b->ptr = NULL; -- b->flags = 0; --#else -- BIO_set_init(b, 0); - BIO_set_data(b, NULL); --#endif - - return 1; - } - - static int bio_read(BIO *b, char *buf, int len) - { --#if OPENSSL_VERSION_NUMBER < 0x10100000L -- git_stream *io = (git_stream *) b->ptr; --#else - git_stream *io = (git_stream *) BIO_get_data(b); --#endif -+ - return (int) git_stream_read(io, buf, len); - } - - static int bio_write(BIO *b, const char *buf, int len) - { --#if OPENSSL_VERSION_NUMBER < 0x10100000L -- git_stream *io = (git_stream *) b->ptr; --#else - git_stream *io = (git_stream *) BIO_get_data(b); --#endif -+ - return (int) git_stream_write(io, buf, len, 0); - } - -@@ -231,21 +227,22 @@ static int bio_puts(BIO *b, const char *str) - return bio_write(b, str, strlen(str)); - } - --#if OPENSSL_VERSION_NUMBER < 0x10100000L --static BIO_METHOD git_stream_bio_method = { -- BIO_TYPE_SOURCE_SINK, -- "git_stream", -- bio_write, -- bio_read, -- bio_puts, -- bio_gets, -- bio_ctrl, -- bio_create, -- bio_destroy --}; --#else --static BIO_METHOD *git_stream_bio_method = NULL; --#endif -+static int init_bio_method(void) -+{ -+ /* Set up the BIO_METHOD we use for wrapping our own stream implementations */ -+ git_stream_bio_method = BIO_meth_new(BIO_TYPE_SOURCE_SINK | BIO_get_new_index(), "git_stream"); -+ GITERR_CHECK_ALLOC(git_stream_bio_method); -+ -+ BIO_meth_set_write(git_stream_bio_method, bio_write); -+ BIO_meth_set_read(git_stream_bio_method, bio_read); -+ BIO_meth_set_puts(git_stream_bio_method, bio_puts); -+ BIO_meth_set_gets(git_stream_bio_method, bio_gets); -+ BIO_meth_set_ctrl(git_stream_bio_method, bio_ctrl); -+ BIO_meth_set_create(git_stream_bio_method, bio_create); -+ BIO_meth_set_destroy(git_stream_bio_method, bio_destroy); -+ -+ return 0; -+} - - static int ssl_set_error(SSL *ssl, int error) - { -@@ -466,27 +463,12 @@ int openssl_connect(git_stream *stream) - - st->connected = true; - --#if OPENSSL_VERSION_NUMBER < 0x10100000L -- bio = BIO_new(&git_stream_bio_method); --#else -- git_stream_bio_method = BIO_meth_new(BIO_TYPE_SOURCE_SINK | BIO_get_new_index(), "git_stream"); -- BIO_meth_set_write(git_stream_bio_method, bio_write); -- BIO_meth_set_read(git_stream_bio_method, bio_read); -- BIO_meth_set_puts(git_stream_bio_method, bio_puts); -- BIO_meth_set_gets(git_stream_bio_method, bio_gets); -- BIO_meth_set_ctrl(git_stream_bio_method, bio_ctrl); -- BIO_meth_set_create(git_stream_bio_method, bio_create); -- BIO_meth_set_destroy(git_stream_bio_method, bio_destroy); - bio = BIO_new(git_stream_bio_method); --#endif - GITERR_CHECK_ALLOC(bio); --#if OPENSSL_VERSION_NUMBER < 0x10100000L -- bio->ptr = st->io; --#else -- BIO_set_data(bio, st->io); --#endif - -+ BIO_set_data(bio, st->io); - SSL_set_bio(st->ssl, bio, bio); -+ - /* specify the host in case SNI is needed */ - #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME - SSL_set_tlsext_host_name(st->ssl, st->host); -diff --git a/src/openssl_stream.h b/src/openssl_stream.h -index 82b5110..509e404 100644 ---- a/src/openssl_stream.h -+++ b/src/openssl_stream.h -@@ -7,10 +7,107 @@ - #ifndef INCLUDE_openssl_stream_h__ - #define INCLUDE_openssl_stream_h__ - -+#include -+#include -+#include -+#include -+ - #include "git2/sys/stream.h" - - extern int git_openssl_stream_global_init(void); - - extern int git_openssl_stream_new(git_stream **out, const char *host, const char *port); - -+/* -+ * OpenSSL 1.1 made BIO opaque so we have to use functions to interact with it -+ * which do not exist in previous versions. We define these inline functions so -+ * we can program against the interface instead of littering the implementation -+ * with ifdefs. -+ */ -+# if OPENSSL_VERSION_NUMBER < 0x10100000L -+ -+GIT_INLINE(BIO_METHOD*) BIO_meth_new(int type, const char *name) -+{ -+ BIO_METHOD *meth = git__calloc(1, sizeof(BIO_METHOD)); -+ if (!meth) { -+ return NULL; -+ } -+ -+ meth->type = type; -+ meth->name = name; -+ -+ return meth; -+} -+ -+GIT_INLINE(void) BIO_meth_free(BIO_METHOD *biom) -+{ -+ git__free(biom); -+} -+ -+GIT_INLINE(int) BIO_meth_set_write(BIO_METHOD *biom, int (*write) (BIO *, const char *, int)) -+{ -+ biom->bwrite = write; -+ return 1; -+} -+ -+GIT_INLINE(int) BIO_meth_set_read(BIO_METHOD *biom, int (*read) (BIO *, char *, int)) -+{ -+ biom->bread = read; -+ return 1; -+} -+ -+GIT_INLINE(int) BIO_meth_set_puts(BIO_METHOD *biom, int (*puts) (BIO *, const char *)) -+{ -+ biom->bputs = puts; -+ return 1; -+} -+ -+GIT_INLINE(int) BIO_meth_set_gets(BIO_METHOD *biom, int (*gets) (BIO *, char *, int)) -+ -+{ -+ biom->bgets = gets; -+ return 1; -+} -+ -+GIT_INLINE(int) BIO_meth_set_ctrl(BIO_METHOD *biom, long (*ctrl) (BIO *, int, long, void *)) -+{ -+ biom->ctrl = ctrl; -+ return 1; -+} -+ -+GIT_INLINE(int) BIO_meth_set_create(BIO_METHOD *biom, int (*create) (BIO *)) -+{ -+ biom->create = create; -+ return 1; -+} -+ -+GIT_INLINE(int) BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy) (BIO *)) -+{ -+ biom->destroy = destroy; -+ return 1; -+} -+ -+GIT_INLINE(int) BIO_get_new_index(void) -+{ -+ /* This exists as of 1.1 so before we'd just have 0 */ -+ return 0; -+} -+ -+GIT_INLINE(void) BIO_set_init(BIO *b, int init) -+{ -+ b->init = init; -+} -+ -+GIT_INLINE(void) BIO_set_data(BIO *a, void *ptr) -+{ -+ a->ptr = ptr; -+} -+ -+GIT_INLINE(void*) BIO_get_data(BIO *a) -+{ -+ return a->ptr; -+} -+ -+# endif -+ - #endif --- -2.10.1 - diff --git a/0003-openssl-use-ASN1_STRING_get0_data-when-compiling-aga.patch b/0003-openssl-use-ASN1_STRING_get0_data-when-compiling-aga.patch deleted file mode 100644 index c177297..0000000 --- a/0003-openssl-use-ASN1_STRING_get0_data-when-compiling-aga.patch +++ /dev/null @@ -1,55 +0,0 @@ -From c16736c6b5c13350df4c41f76b1815e6bbe6ee0a Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Carlos=20Mart=C3=ADn=20Nieto?= -Date: Wed, 2 Nov 2016 12:35:46 +0100 -Subject: [PATCH 3/4] openssl: use ASN1_STRING_get0_data when compiling against - 1.1 - -For older versions we can fall back on the deprecated ASN1_STRING_data. - -(cherry picked from commit 2f3adf9513b1579ae17489d45d032b962bba885a) ---- - src/openssl_stream.c | 4 ++-- - src/openssl_stream.h | 5 +++++ - 2 files changed, 7 insertions(+), 2 deletions(-) - -diff --git a/src/openssl_stream.c b/src/openssl_stream.c -index 328a131..64187a8 100644 ---- a/src/openssl_stream.c -+++ b/src/openssl_stream.c -@@ -357,7 +357,7 @@ static int verify_server_cert(SSL *ssl, const char *host) - num = sk_GENERAL_NAME_num(alts); - for (i = 0; i < num && matched != 1; i++) { - const GENERAL_NAME *gn = sk_GENERAL_NAME_value(alts, i); -- const char *name = (char *) ASN1_STRING_data(gn->d.ia5); -+ const char *name = (char *) ASN1_STRING_get0_data(gn->d.ia5); - size_t namelen = (size_t) ASN1_STRING_length(gn->d.ia5); - - /* Skip any names of a type we're not looking for */ -@@ -412,7 +412,7 @@ static int verify_server_cert(SSL *ssl, const char *host) - if (size > 0) { - peer_cn = OPENSSL_malloc(size + 1); - GITERR_CHECK_ALLOC(peer_cn); -- memcpy(peer_cn, ASN1_STRING_data(str), size); -+ memcpy(peer_cn, ASN1_STRING_get0_data(str), size); - peer_cn[size] = '\0'; - } else { - goto cert_fail_name; -diff --git a/src/openssl_stream.h b/src/openssl_stream.h -index 509e404..e8ce5d9 100644 ---- a/src/openssl_stream.h -+++ b/src/openssl_stream.h -@@ -108,6 +108,11 @@ GIT_INLINE(void*) BIO_get_data(BIO *a) - return a->ptr; - } - -+GIT_INLINE(const unsigned char *) ASN1_STRING_get0_data(const ASN1_STRING *x) -+{ -+ return ASN1_STRING_data((ASN1_STRING *)x); -+} -+ - # endif - - #endif --- -2.10.1 - diff --git a/0004-openssl-include-OpenSSL-headers-only-when-we-re-buli.patch b/0004-openssl-include-OpenSSL-headers-only-when-we-re-buli.patch deleted file mode 100644 index dced450..0000000 --- a/0004-openssl-include-OpenSSL-headers-only-when-we-re-buli.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 57f32d20013fe0fc975e8fcc11b0a91c56df5d04 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Carlos=20Mart=C3=ADn=20Nieto?= -Date: Wed, 2 Nov 2016 13:11:31 +0100 -Subject: [PATCH 4/4] openssl: include OpenSSL headers only when we're buliding - against it - -We need to include the initialisation and construction functions in all -backend, so we include this header when building against SecureTransport -and WinHTTP as well. - -(cherry picked from commit 3b832a085b8c5dc304dd803979894b9bae05df6d) ---- - src/openssl_stream.h | 16 ++++++++++------ - 1 file changed, 10 insertions(+), 6 deletions(-) - -diff --git a/src/openssl_stream.h b/src/openssl_stream.h -index e8ce5d9..b769437 100644 ---- a/src/openssl_stream.h -+++ b/src/openssl_stream.h -@@ -7,11 +7,6 @@ - #ifndef INCLUDE_openssl_stream_h__ - #define INCLUDE_openssl_stream_h__ - --#include --#include --#include --#include -- - #include "git2/sys/stream.h" - - extern int git_openssl_stream_global_init(void); -@@ -24,6 +19,14 @@ extern int git_openssl_stream_new(git_stream **out, const char *host, const char - * we can program against the interface instead of littering the implementation - * with ifdefs. - */ -+#ifdef GIT_OPENSSL -+# include -+# include -+# include -+# include -+ -+ -+ - # if OPENSSL_VERSION_NUMBER < 0x10100000L - - GIT_INLINE(BIO_METHOD*) BIO_meth_new(int type, const char *name) -@@ -113,6 +116,7 @@ GIT_INLINE(const unsigned char *) ASN1_STRING_get0_data(const ASN1_STRING *x) - return ASN1_STRING_data((ASN1_STRING *)x); - } - --# endif -+# endif // OpenSSL < 1.1 -+#endif // GIT_OPENSSL - - #endif --- -2.10.1 - diff --git a/libgit2.spec b/libgit2.spec index e917af9..520bc1b 100644 --- a/libgit2.spec +++ b/libgit2.spec @@ -5,11 +5,6 @@ Summary: C implementation of the Git core methods as a library with a sol License: GPLv2 with exceptions URL: http://libgit2.github.com/ Source0: https://github.com/libgit2/libgit2/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz -# OpenSSL 1.1.0 support, cherry-picked from master -Patch0001: 0001-add-support-for-OpenSSL-1.1.0-for-BIO-filter.patch -Patch0002: 0002-openssl-recreate-the-OpenSSL-1.1-BIO-interface-for-o.patch -Patch0003: 0003-openssl-use-ASN1_STRING_get0_data-when-compiling-aga.patch -Patch0004: 0004-openssl-include-OpenSSL-headers-only-when-we-re-buli.patch BuildRequires: cmake BuildRequires: http-parser-devel