- Merged patches from native Fedora openssl (up to 1.0.0-0.16.beta4)
- Dropped the patch to fix non-fips mingw build, as it's now merged into fips patch from native openssl
This commit is contained in:
parent
839965ca75
commit
45fb3a2724
@ -1,130 +0,0 @@
|
||||
diff -up openssl-1.0.0-beta4/crypto/dsa/dsa_key.c.mingw-nofips openssl-1.0.0-beta4/crypto/dsa/dsa_key.c
|
||||
--- openssl-1.0.0-beta4/crypto/dsa/dsa_key.c.mingw-nofips 2009-11-22 19:07:58.000000000 +0200
|
||||
+++ openssl-1.0.0-beta4/crypto/dsa/dsa_key.c 2009-11-22 19:07:58.000000000 +0200
|
||||
@@ -65,7 +65,9 @@
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/evp.h>
|
||||
+#ifdef OPENSSL_FIPS
|
||||
#include <openssl/fips.h>
|
||||
+#endif
|
||||
#include "fips_locl.h"
|
||||
|
||||
static int dsa_builtin_keygen(DSA *dsa);
|
||||
diff -up openssl-1.0.0-beta4/crypto/fips/fips_aes_selftest.c.mingw-nofips openssl-1.0.0-beta4/crypto/fips/fips_aes_selftest.c
|
||||
--- openssl-1.0.0-beta4/crypto/fips/fips_aes_selftest.c.mingw-nofips 2009-11-22 19:07:58.000000000 +0200
|
||||
+++ openssl-1.0.0-beta4/crypto/fips/fips_aes_selftest.c 2009-11-22 19:07:58.000000000 +0200
|
||||
@@ -49,7 +49,9 @@
|
||||
|
||||
#include <string.h>
|
||||
#include <openssl/err.h>
|
||||
+#ifdef OPENSSL_FIPS
|
||||
#include <openssl/fips.h>
|
||||
+#endif
|
||||
#include <openssl/evp.h>
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
diff -up openssl-1.0.0-beta4/crypto/fips/fips_des_selftest.c.mingw-nofips openssl-1.0.0-beta4/crypto/fips/fips_des_selftest.c
|
||||
--- openssl-1.0.0-beta4/crypto/fips/fips_des_selftest.c.mingw-nofips 2009-11-22 19:07:58.000000000 +0200
|
||||
+++ openssl-1.0.0-beta4/crypto/fips/fips_des_selftest.c 2009-11-22 19:07:58.000000000 +0200
|
||||
@@ -49,7 +49,9 @@
|
||||
|
||||
#include <string.h>
|
||||
#include <openssl/err.h>
|
||||
+#ifdef OPENSSL_FIPS
|
||||
#include <openssl/fips.h>
|
||||
+#endif
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/opensslconf.h>
|
||||
|
||||
diff -up openssl-1.0.0-beta4/crypto/fips/fips_dsa_selftest.c.mingw-nofips openssl-1.0.0-beta4/crypto/fips/fips_dsa_selftest.c
|
||||
--- openssl-1.0.0-beta4/crypto/fips/fips_dsa_selftest.c.mingw-nofips 2009-11-22 19:07:58.000000000 +0200
|
||||
+++ openssl-1.0.0-beta4/crypto/fips/fips_dsa_selftest.c 2009-11-22 19:07:58.000000000 +0200
|
||||
@@ -59,7 +59,9 @@
|
||||
#include <string.h>
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/dsa.h>
|
||||
+#ifdef OPENSSL_FIPS
|
||||
#include <openssl/fips.h>
|
||||
+#endif
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/bn.h>
|
||||
diff -up openssl-1.0.0-beta4/crypto/fips/fips_hmac_selftest.c.mingw-nofips openssl-1.0.0-beta4/crypto/fips/fips_hmac_selftest.c
|
||||
--- openssl-1.0.0-beta4/crypto/fips/fips_hmac_selftest.c.mingw-nofips 2009-11-22 19:07:58.000000000 +0200
|
||||
+++ openssl-1.0.0-beta4/crypto/fips/fips_hmac_selftest.c 2009-11-22 19:07:58.000000000 +0200
|
||||
@@ -49,7 +49,9 @@
|
||||
|
||||
#include <string.h>
|
||||
#include <openssl/err.h>
|
||||
+#ifdef OPENSSL_FIPS
|
||||
#include <openssl/fips.h>
|
||||
+#endif
|
||||
#include <openssl/hmac.h>
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
diff -up openssl-1.0.0-beta4/crypto/fips/fips_rand.c.mingw-nofips openssl-1.0.0-beta4/crypto/fips/fips_rand.c
|
||||
--- openssl-1.0.0-beta4/crypto/fips/fips_rand.c.mingw-nofips 2009-11-22 19:07:58.000000000 +0200
|
||||
+++ openssl-1.0.0-beta4/crypto/fips/fips_rand.c 2009-11-22 19:07:58.000000000 +0200
|
||||
@@ -76,7 +76,9 @@
|
||||
# endif
|
||||
#endif
|
||||
#include <string.h>
|
||||
+#ifdef OPENSSL_FIPS
|
||||
#include <openssl/fips.h>
|
||||
+#endif
|
||||
#include "fips_locl.h"
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
diff -up openssl-1.0.0-beta4/crypto/fips/fips_rand_selftest.c.mingw-nofips openssl-1.0.0-beta4/crypto/fips/fips_rand_selftest.c
|
||||
--- openssl-1.0.0-beta4/crypto/fips/fips_rand_selftest.c.mingw-nofips 2009-11-22 19:07:58.000000000 +0200
|
||||
+++ openssl-1.0.0-beta4/crypto/fips/fips_rand_selftest.c 2009-11-22 19:07:58.000000000 +0200
|
||||
@@ -49,7 +49,9 @@
|
||||
|
||||
#include <string.h>
|
||||
#include <openssl/err.h>
|
||||
+#ifdef OPENSSL_FIPS
|
||||
#include <openssl/fips.h>
|
||||
+#endif
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/fips_rand.h>
|
||||
|
||||
diff -up openssl-1.0.0-beta4/crypto/fips/fips_rsa_selftest.c.mingw-nofips openssl-1.0.0-beta4/crypto/fips/fips_rsa_selftest.c
|
||||
--- openssl-1.0.0-beta4/crypto/fips/fips_rsa_selftest.c.mingw-nofips 2009-11-22 19:07:58.000000000 +0200
|
||||
+++ openssl-1.0.0-beta4/crypto/fips/fips_rsa_selftest.c 2009-11-22 19:07:58.000000000 +0200
|
||||
@@ -49,7 +49,9 @@
|
||||
|
||||
#include <string.h>
|
||||
#include <openssl/err.h>
|
||||
+#ifdef OPENSSL_FIPS
|
||||
#include <openssl/fips.h>
|
||||
+#endif
|
||||
#include <openssl/rsa.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/bn.h>
|
||||
diff -up openssl-1.0.0-beta4/crypto/fips/fips_sha1_selftest.c.mingw-nofips openssl-1.0.0-beta4/crypto/fips/fips_sha1_selftest.c
|
||||
--- openssl-1.0.0-beta4/crypto/fips/fips_sha1_selftest.c.mingw-nofips 2009-11-22 19:07:58.000000000 +0200
|
||||
+++ openssl-1.0.0-beta4/crypto/fips/fips_sha1_selftest.c 2009-11-22 19:07:58.000000000 +0200
|
||||
@@ -49,7 +49,9 @@
|
||||
|
||||
#include <string.h>
|
||||
#include <openssl/err.h>
|
||||
+#ifdef OPENSSL_FIPS
|
||||
#include <openssl/fips.h>
|
||||
+#endif
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/sha.h>
|
||||
|
||||
diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.mingw-nofips openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c
|
||||
--- openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.mingw-nofips 2009-11-22 19:07:58.000000000 +0200
|
||||
+++ openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c 2009-11-22 19:07:58.000000000 +0200
|
||||
@@ -115,7 +115,9 @@
|
||||
#include <openssl/rsa.h>
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/err.h>
|
||||
+#ifdef OPENSSL_FIPS
|
||||
#include <openssl/fips.h>
|
||||
+#endif
|
||||
|
||||
#ifndef RSA_NULL
|
||||
|
@ -31,7 +31,7 @@
|
||||
|
||||
Name: mingw32-openssl
|
||||
Version: 1.0.0
|
||||
Release: 0.5.%{beta}%{?dist}
|
||||
Release: 0.6.%{beta}%{?dist}
|
||||
Summary: MinGW port of the OpenSSL toolkit
|
||||
|
||||
License: OpenSSL
|
||||
@ -83,6 +83,7 @@ Patch60: openssl-1.0.0-beta4-reneg.patch
|
||||
Patch61: openssl-1.0.0-beta4-client-reneg.patch
|
||||
Patch62: openssl-1.0.0-beta4-backports.patch
|
||||
Patch63: openssl-1.0.0-beta4-reneg-err.patch
|
||||
Patch64: openssl-1.0.0-beta4-dtls-ipv6.patch
|
||||
|
||||
# MinGW-specific patches.
|
||||
# Use MINGW32_CFLAGS (set below) in Configure script
|
||||
@ -94,8 +95,6 @@ Patch102: mingw32-openssl-1.0.0-beta3-sfx.patch
|
||||
# Ugly patch to fix a compilation error (the linker can't find
|
||||
# some symbols mentioned in an autogenerated .def file)
|
||||
Patch105: mingw32-openssl-1.0.0-beta3-linker-fix.patch
|
||||
# Fix build without fips
|
||||
Patch106: mingw32-openssl-1.0.0-beta4-nofips.patch
|
||||
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
|
||||
@ -189,12 +188,12 @@ Static version of the MinGW port of the OpenSSL toolkit.
|
||||
%patch61 -p1 -b .client-reneg
|
||||
%patch62 -p1 -b .backports
|
||||
%patch63 -p1 -b .reneg-err
|
||||
%patch64 -p1 -b .dtls-ipv6
|
||||
|
||||
%patch100 -p1 -b .mingw-configure
|
||||
%patch101 -p1 -b .mingw-libversion
|
||||
%patch102 -p1 -b .mingw-sfx
|
||||
%patch105 -p0 -b .mingw-linker-fix
|
||||
%patch106 -p1 -b .mingw-nofips
|
||||
|
||||
# Modify the various perl scripts to reference perl in the right location.
|
||||
perl util/perlpath.pl `dirname %{__perl}`
|
||||
@ -353,6 +352,11 @@ rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
|
||||
%changelog
|
||||
* Thu Nov 26 2009 Kalev Lember <kalev@smartlink.ee> - 1.0.0-0.6.beta4
|
||||
- Merged patches from native Fedora openssl (up to 1.0.0-0.16.beta4)
|
||||
- Dropped the patch to fix non-fips mingw build,
|
||||
as it's now merged into fips patch from native openssl
|
||||
|
||||
* Sun Nov 22 2009 Kalev Lember <kalev@smartlink.ee> - 1.0.0-0.5.beta4
|
||||
- Updated to version 1.0.0 beta 4
|
||||
- Merged patches from native Fedora openssl (up to 1.0.0-0.15.beta4)
|
||||
|
219
openssl-1.0.0-beta4-dtls-ipv6.patch
Normal file
219
openssl-1.0.0-beta4-dtls-ipv6.patch
Normal file
@ -0,0 +1,219 @@
|
||||
diff -up openssl-1.0.0-beta4/crypto/bio/b_sock.c.dtls-ipv6 openssl-1.0.0-beta4/crypto/bio/b_sock.c
|
||||
--- openssl-1.0.0-beta4/crypto/bio/b_sock.c.dtls-ipv6 2009-11-09 15:09:53.000000000 +0100
|
||||
+++ openssl-1.0.0-beta4/crypto/bio/b_sock.c 2009-11-23 08:50:45.000000000 +0100
|
||||
@@ -822,7 +822,8 @@ int BIO_accept(int sock, char **addr)
|
||||
if (sizeof(sa.len.i)!=sizeof(sa.len.s) && sa.len.i==0)
|
||||
{
|
||||
OPENSSL_assert(sa.len.s<=sizeof(sa.from));
|
||||
- sa.len.i = (unsigned int)sa.len.s;
|
||||
+ sa.len.i = (int)sa.len.s;
|
||||
+ /* use sa.len.i from this point */
|
||||
}
|
||||
if (ret == INVALID_SOCKET)
|
||||
{
|
||||
diff -up openssl-1.0.0-beta4/crypto/bio/bss_dgram.c.dtls-ipv6 openssl-1.0.0-beta4/crypto/bio/bss_dgram.c
|
||||
--- openssl-1.0.0-beta4/crypto/bio/bss_dgram.c.dtls-ipv6 2009-10-15 19:41:44.000000000 +0200
|
||||
+++ openssl-1.0.0-beta4/crypto/bio/bss_dgram.c 2009-11-23 08:50:45.000000000 +0100
|
||||
@@ -108,11 +108,13 @@ static BIO_METHOD methods_dgramp=
|
||||
|
||||
typedef struct bio_dgram_data_st
|
||||
{
|
||||
+ union {
|
||||
+ struct sockaddr sa;
|
||||
+ struct sockaddr_in sa_in;
|
||||
#if OPENSSL_USE_IPV6
|
||||
- struct sockaddr_storage peer;
|
||||
-#else
|
||||
- struct sockaddr_in peer;
|
||||
+ struct sockaddr_in6 sa_in6;
|
||||
#endif
|
||||
+ } peer;
|
||||
unsigned int connected;
|
||||
unsigned int _errno;
|
||||
unsigned int mtu;
|
||||
@@ -278,28 +280,38 @@ static int dgram_read(BIO *b, char *out,
|
||||
int ret=0;
|
||||
bio_dgram_data *data = (bio_dgram_data *)b->ptr;
|
||||
|
||||
+ struct {
|
||||
+ /*
|
||||
+ * See commentary in b_sock.c. <appro>
|
||||
+ */
|
||||
+ union { size_t s; int i; } len;
|
||||
+ union {
|
||||
+ struct sockaddr sa;
|
||||
+ struct sockaddr_in sa_in;
|
||||
#if OPENSSL_USE_IPV6
|
||||
- struct sockaddr_storage peer;
|
||||
-#else
|
||||
- struct sockaddr_in peer;
|
||||
+ struct sockaddr_in6 sa_in6;
|
||||
#endif
|
||||
- int peerlen = sizeof(peer);
|
||||
+ } peer;
|
||||
+ } sa;
|
||||
+
|
||||
+ sa.len.s=0;
|
||||
+ sa.len.i=sizeof(sa.peer);
|
||||
|
||||
if (out != NULL)
|
||||
{
|
||||
clear_socket_error();
|
||||
- memset(&peer, 0x00, peerlen);
|
||||
- /* Last arg in recvfrom is signed on some platforms and
|
||||
- * unsigned on others. It is of type socklen_t on some
|
||||
- * but this is not universal. Cast to (void *) to avoid
|
||||
- * compiler warnings.
|
||||
- */
|
||||
+ memset(&sa.peer, 0x00, sizeof(sa.peer));
|
||||
dgram_adjust_rcv_timeout(b);
|
||||
- ret=recvfrom(b->num,out,outl,0,(struct sockaddr *)&peer,(void *)&peerlen);
|
||||
+ ret=recvfrom(b->num,out,outl,0,&sa.peer.sa,(void *)&sa.len);
|
||||
+ if (sizeof(sa.len.i)!=sizeof(sa.len.s) && sa.len.i==0)
|
||||
+ {
|
||||
+ OPENSSL_assert(sa.len.s<=sizeof(sa.peer));
|
||||
+ sa.len.i = (int)sa.len.s;
|
||||
+ }
|
||||
dgram_reset_rcv_timeout(b);
|
||||
|
||||
if ( ! data->connected && ret >= 0)
|
||||
- BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &peer);
|
||||
+ BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer);
|
||||
|
||||
BIO_clear_retry_flags(b);
|
||||
if (ret < 0)
|
||||
@@ -323,25 +335,10 @@ static int dgram_write(BIO *b, const cha
|
||||
if ( data->connected )
|
||||
ret=writesocket(b->num,in,inl);
|
||||
else
|
||||
-#if OPENSSL_USE_IPV6
|
||||
- if (data->peer.ss_family == AF_INET)
|
||||
#if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
|
||||
- ret=sendto(b->num, (char *)in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in));
|
||||
+ ret=sendto(b->num, (char *)in, inl, 0, &data->peer.sa, sizeof(data->peer));
|
||||
#else
|
||||
- ret=sendto(b->num, in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in));
|
||||
-#endif
|
||||
- else
|
||||
-#if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
|
||||
- ret=sendto(b->num, (char *)in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in6));
|
||||
-#else
|
||||
- ret=sendto(b->num, in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in6));
|
||||
-#endif
|
||||
-#else
|
||||
-#if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
|
||||
- ret=sendto(b->num, (char *)in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in));
|
||||
-#else
|
||||
- ret=sendto(b->num, in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in));
|
||||
-#endif
|
||||
+ ret=sendto(b->num, in, inl, 0, &data->peer.sa, sizeof(data->peer));
|
||||
#endif
|
||||
|
||||
BIO_clear_retry_flags(b);
|
||||
@@ -428,11 +425,20 @@ static long dgram_ctrl(BIO *b, int cmd,
|
||||
else
|
||||
{
|
||||
#endif
|
||||
+ switch (to->sa_family)
|
||||
+ {
|
||||
+ case AF_INET:
|
||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in));
|
||||
+ break;
|
||||
#if OPENSSL_USE_IPV6
|
||||
- memcpy(&(data->peer),to, sizeof(struct sockaddr_storage));
|
||||
-#else
|
||||
- memcpy(&(data->peer),to, sizeof(struct sockaddr_in));
|
||||
-#endif
|
||||
+ case AF_INET6:
|
||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
|
||||
+ break;
|
||||
+#endif
|
||||
+ default:
|
||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa));
|
||||
+ break;
|
||||
+ }
|
||||
#if 0
|
||||
}
|
||||
#endif
|
||||
@@ -537,41 +543,60 @@ static long dgram_ctrl(BIO *b, int cmd,
|
||||
if ( to != NULL)
|
||||
{
|
||||
data->connected = 1;
|
||||
+ switch (to->sa_family)
|
||||
+ {
|
||||
+ case AF_INET:
|
||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in));
|
||||
+ break;
|
||||
#if OPENSSL_USE_IPV6
|
||||
- memcpy(&(data->peer),to, sizeof(struct sockaddr_storage));
|
||||
-#else
|
||||
- memcpy(&(data->peer),to, sizeof(struct sockaddr_in));
|
||||
-#endif
|
||||
+ case AF_INET6:
|
||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
|
||||
+ break;
|
||||
+#endif
|
||||
+ default:
|
||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa));
|
||||
+ break;
|
||||
+ }
|
||||
}
|
||||
else
|
||||
{
|
||||
data->connected = 0;
|
||||
-#if OPENSSL_USE_IPV6
|
||||
- memset(&(data->peer), 0x00, sizeof(struct sockaddr_storage));
|
||||
-#else
|
||||
- memset(&(data->peer), 0x00, sizeof(struct sockaddr_in));
|
||||
-#endif
|
||||
+ memset(&(data->peer), 0x00, sizeof(data->peer));
|
||||
}
|
||||
break;
|
||||
case BIO_CTRL_DGRAM_GET_PEER:
|
||||
to = (struct sockaddr *) ptr;
|
||||
-
|
||||
+ switch (to->sa_family)
|
||||
+ {
|
||||
+ case AF_INET:
|
||||
+ memcpy(to,&data->peer,(ret=sizeof(data->peer.sa_in)));
|
||||
+ break;
|
||||
#if OPENSSL_USE_IPV6
|
||||
- memcpy(to, &(data->peer), sizeof(struct sockaddr_storage));
|
||||
- ret = sizeof(struct sockaddr_storage);
|
||||
-#else
|
||||
- memcpy(to, &(data->peer), sizeof(struct sockaddr_in));
|
||||
- ret = sizeof(struct sockaddr_in);
|
||||
-#endif
|
||||
+ case AF_INET6:
|
||||
+ memcpy(to,&data->peer,(ret=sizeof(data->peer.sa_in6)));
|
||||
+ break;
|
||||
+#endif
|
||||
+ default:
|
||||
+ memcpy(to,&data->peer,(ret=sizeof(data->peer.sa)));
|
||||
+ break;
|
||||
+ }
|
||||
break;
|
||||
case BIO_CTRL_DGRAM_SET_PEER:
|
||||
to = (struct sockaddr *) ptr;
|
||||
-
|
||||
+ switch (to->sa_family)
|
||||
+ {
|
||||
+ case AF_INET:
|
||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in));
|
||||
+ break;
|
||||
#if OPENSSL_USE_IPV6
|
||||
- memcpy(&(data->peer), to, sizeof(struct sockaddr_storage));
|
||||
-#else
|
||||
- memcpy(&(data->peer), to, sizeof(struct sockaddr_in));
|
||||
-#endif
|
||||
+ case AF_INET6:
|
||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
|
||||
+ break;
|
||||
+#endif
|
||||
+ default:
|
||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa));
|
||||
+ break;
|
||||
+ }
|
||||
break;
|
||||
case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
|
||||
memcpy(&(data->next_timeout), ptr, sizeof(struct timeval));
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user