Rebase to upstream version beta2
Related: rhbz#1903209 Signed-off-by: Sahana Prasad <sahana@redhat.com>
This commit is contained in:
parent
0b6afca185
commit
fe7445d93d
@ -280,9 +280,9 @@ index 404a706fab..e81fa9ec3e 100644
|
|||||||
--- a/util/libcrypto.num
|
--- a/util/libcrypto.num
|
||||||
+++ b/util/libcrypto.num
|
+++ b/util/libcrypto.num
|
||||||
@@ -5282,3 +5282,4 @@ OSSL_DECODER_CTX_set_input_structure ? 3_0_0 EXIST::FUNCTION:
|
@@ -5282,3 +5282,4 @@ OSSL_DECODER_CTX_set_input_structure ? 3_0_0 EXIST::FUNCTION:
|
||||||
ASN1_item_d2i_bio_ex ? 3_0_0 EXIST::FUNCTION:
|
ASN1_TIME_print_ex 5553 3_0_0 EXIST::FUNCTION:
|
||||||
ASN1_item_d2i_ex ? 3_0_0 EXIST::FUNCTION:
|
EVP_PKEY_get0_provider 5554 3_0_0 EXIST::FUNCTION:
|
||||||
ASN1_TIME_print_ex ? 3_0_0 EXIST::FUNCTION:
|
EVP_PKEY_CTX_get0_provider 5555 3_0_0 EXIST::FUNCTION:
|
||||||
+ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
+ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
||||||
--
|
--
|
||||||
2.26.2
|
2.26.2
|
||||||
|
@ -1,12 +0,0 @@
|
|||||||
diff -up openssl-3.0.0-alpha16/crypto/bio/bio_addr.c.use-explicit openssl-3.0.0-alpha16/crypto/bio/bio_addr.c
|
|
||||||
--- openssl-3.0.0-alpha16/crypto/bio/bio_addr.c.use-explicit 2021-07-06 14:06:05.706578389 +0200
|
|
||||||
+++ openssl-3.0.0-alpha16/crypto/bio/bio_addr.c 2021-07-06 14:07:24.482329505 +0200
|
|
||||||
@@ -696,7 +696,7 @@ int BIO_lookup_ex(const char *host, cons
|
|
||||||
hints.ai_protocol = protocol;
|
|
||||||
# ifdef AI_ADDRCONFIG
|
|
||||||
# ifdef AF_UNSPEC
|
|
||||||
- if (family == AF_UNSPEC)
|
|
||||||
+ if (host != NULL && family == AF_UNSPEC)
|
|
||||||
# endif
|
|
||||||
hints.ai_flags |= AI_ADDRCONFIG;
|
|
||||||
# endif
|
|
@ -1,12 +0,0 @@
|
|||||||
diff -up openssl-3.0.0-alpha16/apps/x509.c.segfault-bn openssl-3.0.0-alpha16/apps/x509.c
|
|
||||||
--- openssl-3.0.0-alpha16/apps/x509.c.segfault-bn 2021-07-06 22:12:37.021406952 +0200
|
|
||||||
+++ openssl-3.0.0-alpha16/apps/x509.c 2021-07-06 22:13:40.540996922 +0200
|
|
||||||
@@ -934,7 +934,7 @@ int x509_main(int argc, char **argv)
|
|
||||||
} else if (i == modulus) {
|
|
||||||
BIO_printf(out, "Modulus=");
|
|
||||||
if (EVP_PKEY_is_a(pkey, "RSA")) {
|
|
||||||
- BIGNUM *n;
|
|
||||||
+ BIGNUM *n = NULL;
|
|
||||||
|
|
||||||
/* Every RSA key has an 'n' */
|
|
||||||
EVP_PKEY_get_bn_param(pkey, "n", &n);
|
|
@ -251,231 +251,6 @@ diff -up openssl-3.0.0-beta1/crypto/evp/asymcipher.c.dual-abi openssl-3.0.0-beta
|
|||||||
|
|
||||||
void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx,
|
void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx,
|
||||||
void (*fn)(EVP_ASYM_CIPHER *cipher,
|
void (*fn)(EVP_ASYM_CIPHER *cipher,
|
||||||
diff -up openssl-3.0.0-beta1/crypto/evp/evp_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_lib.c
|
|
||||||
--- openssl-3.0.0-beta1/crypto/evp/evp_lib.c.dual-abi 2021-07-13 01:10:08.970210463 +0200
|
|
||||||
+++ openssl-3.0.0-beta1/crypto/evp/evp_lib.c 2021-07-13 01:10:20.596324598 +0200
|
|
||||||
@@ -31,6 +31,21 @@
|
|
||||||
#include "crypto/asn1.h"
|
|
||||||
#include "internal/provider.h"
|
|
||||||
#include "evp_local.h"
|
|
||||||
+/* Macro machinery. */
|
|
||||||
+
|
|
||||||
+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C
|
|
||||||
+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C
|
|
||||||
+ * identifier). */
|
|
||||||
+#define RHEL_ALIAS3(alias_id, new_id, old_string) \
|
|
||||||
+ extern __typeof(new_id) alias_id \
|
|
||||||
+ __asm__ (old_string) \
|
|
||||||
+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id)))
|
|
||||||
+
|
|
||||||
+/* Defines an alias using OLD_ID, which must be an macro identifier
|
|
||||||
+ * that expands to the new identifier. */
|
|
||||||
+#define RHEL_ALIAS1(old_id) \
|
|
||||||
+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id)
|
|
||||||
+
|
|
||||||
|
|
||||||
#if !defined(FIPS_MODULE)
|
|
||||||
|
|
||||||
@@ -337,6 +352,7 @@ int EVP_CIPHER_get_type(const EVP_CIPHER
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_type);
|
|
||||||
|
|
||||||
int evp_cipher_cache_constants(EVP_CIPHER *cipher)
|
|
||||||
{
|
|
||||||
@@ -389,11 +405,13 @@ int EVP_CIPHER_get_block_size(const EVP_
|
|
||||||
{
|
|
||||||
return cipher->block_size;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_block_size);
|
|
||||||
|
|
||||||
int EVP_CIPHER_CTX_get_block_size(const EVP_CIPHER_CTX *ctx)
|
|
||||||
{
|
|
||||||
return EVP_CIPHER_get_block_size(ctx->cipher);
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_CTX_block_size);
|
|
||||||
|
|
||||||
int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e)
|
|
||||||
{
|
|
||||||
@@ -466,11 +484,13 @@ int EVP_CIPHER_CTX_is_encrypting(const E
|
|
||||||
{
|
|
||||||
return ctx->encrypt;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_CTX_encrypting);
|
|
||||||
|
|
||||||
unsigned long EVP_CIPHER_get_flags(const EVP_CIPHER *cipher)
|
|
||||||
{
|
|
||||||
return cipher->flags;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_flags);
|
|
||||||
|
|
||||||
void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
|
|
||||||
{
|
|
||||||
@@ -501,6 +521,7 @@ int EVP_CIPHER_get_iv_length(const EVP_C
|
|
||||||
{
|
|
||||||
return cipher->iv_len;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_iv_length);
|
|
||||||
|
|
||||||
int EVP_CIPHER_CTX_get_iv_length(const EVP_CIPHER_CTX *ctx)
|
|
||||||
{
|
|
||||||
@@ -522,6 +543,7 @@ legacy:
|
|
||||||
}
|
|
||||||
return len;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_CTX_iv_length);
|
|
||||||
|
|
||||||
int EVP_CIPHER_CTX_get_tag_length(const EVP_CIPHER_CTX *ctx)
|
|
||||||
{
|
|
||||||
@@ -533,6 +555,7 @@ int EVP_CIPHER_CTX_get_tag_length(const
|
|
||||||
ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
|
|
||||||
return ret == 1 ? (int)v : 0;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_CTX_tag_length);
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_DEPRECATED_3_0
|
|
||||||
const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx)
|
|
||||||
@@ -615,6 +638,7 @@ int EVP_CIPHER_CTX_get_num(const EVP_CIP
|
|
||||||
|
|
||||||
return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_CTX_num);
|
|
||||||
|
|
||||||
int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num)
|
|
||||||
{
|
|
||||||
@@ -634,6 +658,7 @@ int EVP_CIPHER_get_key_length(const EVP_
|
|
||||||
{
|
|
||||||
return cipher->key_len;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_key_length);
|
|
||||||
|
|
||||||
int EVP_CIPHER_CTX_get_key_length(const EVP_CIPHER_CTX *ctx)
|
|
||||||
{
|
|
||||||
@@ -646,16 +671,19 @@ int EVP_CIPHER_CTX_get_key_length(const
|
|
||||||
|
|
||||||
return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_CTX_key_length);
|
|
||||||
|
|
||||||
int EVP_CIPHER_get_nid(const EVP_CIPHER *cipher)
|
|
||||||
{
|
|
||||||
return cipher->nid;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_nid);
|
|
||||||
|
|
||||||
int EVP_CIPHER_CTX_get_nid(const EVP_CIPHER_CTX *ctx)
|
|
||||||
{
|
|
||||||
return ctx->cipher->nid;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_CTX_nid);
|
|
||||||
|
|
||||||
int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name)
|
|
||||||
{
|
|
||||||
@@ -679,6 +707,7 @@ const char *EVP_CIPHER_get0_name(const E
|
|
||||||
return NULL;
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_name);
|
|
||||||
|
|
||||||
const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher)
|
|
||||||
{
|
|
||||||
@@ -690,6 +719,7 @@ const char *EVP_CIPHER_get0_description(
|
|
||||||
return NULL;
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_description);
|
|
||||||
|
|
||||||
int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher,
|
|
||||||
void (*fn)(const char *name, void *data),
|
|
||||||
@@ -705,11 +735,13 @@ const OSSL_PROVIDER *EVP_CIPHER_get0_pro
|
|
||||||
{
|
|
||||||
return cipher->prov;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_provider);
|
|
||||||
|
|
||||||
int EVP_CIPHER_get_mode(const EVP_CIPHER *cipher)
|
|
||||||
{
|
|
||||||
return EVP_CIPHER_get_flags(cipher) & EVP_CIPH_MODE;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_CIPHER_mode);
|
|
||||||
|
|
||||||
int EVP_MD_is_a(const EVP_MD *md, const char *name)
|
|
||||||
{
|
|
||||||
@@ -733,6 +765,7 @@ const char *EVP_MD_get0_description(cons
|
|
||||||
return NULL;
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_MD_description);
|
|
||||||
|
|
||||||
const char *EVP_MD_get0_name(const EVP_MD *md)
|
|
||||||
{
|
|
||||||
@@ -746,6 +779,7 @@ const char *EVP_MD_get0_name(const EVP_M
|
|
||||||
return NULL;
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_MD_name);
|
|
||||||
|
|
||||||
int EVP_MD_names_do_all(const EVP_MD *md,
|
|
||||||
void (*fn)(const char *name, void *data),
|
|
||||||
@@ -761,16 +795,19 @@ const OSSL_PROVIDER *EVP_MD_get0_provide
|
|
||||||
{
|
|
||||||
return md->prov;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_MD_provider);
|
|
||||||
|
|
||||||
int EVP_MD_get_type(const EVP_MD *md)
|
|
||||||
{
|
|
||||||
return md->type;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_MD_type);
|
|
||||||
|
|
||||||
int EVP_MD_get_pkey_type(const EVP_MD *md)
|
|
||||||
{
|
|
||||||
return md->pkey_type;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_MD_pkey_type);
|
|
||||||
|
|
||||||
int EVP_MD_get_block_size(const EVP_MD *md)
|
|
||||||
{
|
|
||||||
@@ -780,6 +817,7 @@ int EVP_MD_get_block_size(const EVP_MD *
|
|
||||||
}
|
|
||||||
return md->block_size;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_MD_block_size);
|
|
||||||
|
|
||||||
int EVP_MD_get_size(const EVP_MD *md)
|
|
||||||
{
|
|
||||||
@@ -789,11 +827,13 @@ int EVP_MD_get_size(const EVP_MD *md)
|
|
||||||
}
|
|
||||||
return md->md_size;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_MD_size);
|
|
||||||
|
|
||||||
unsigned long EVP_MD_get_flags(const EVP_MD *md)
|
|
||||||
{
|
|
||||||
return md->flags;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_MD_flags);
|
|
||||||
|
|
||||||
EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type)
|
|
||||||
{
|
|
||||||
@@ -1007,6 +1047,7 @@ EVP_PKEY_CTX *EVP_MD_CTX_get_pkey_ctx(co
|
|
||||||
{
|
|
||||||
return ctx->pctx;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_MD_CTX_pkey_ctx);
|
|
||||||
|
|
||||||
#if !defined(FIPS_MODULE)
|
|
||||||
void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx)
|
|
||||||
@@ -1033,6 +1074,7 @@ void *EVP_MD_CTX_get0_md_data(const EVP_
|
|
||||||
{
|
|
||||||
return ctx->md_data;
|
|
||||||
}
|
|
||||||
+RHEL_ALIAS1(EVP_MD_CTX_md_data);
|
|
||||||
|
|
||||||
int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx,
|
|
||||||
const void *data, size_t count)
|
|
||||||
diff -up openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_rand.c
|
diff -up openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_rand.c
|
||||||
--- openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi 2021-07-13 00:54:33.231325700 +0200
|
--- openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi 2021-07-13 00:54:33.231325700 +0200
|
||||||
+++ openssl-3.0.0-beta1/crypto/evp/evp_rand.c 2021-07-13 00:57:22.596922955 +0200
|
+++ openssl-3.0.0-beta1/crypto/evp/evp_rand.c 2021-07-13 00:57:22.596922955 +0200
|
||||||
@ -975,8 +750,8 @@ diff -up openssl-3.0.0-beta1/util/libcrypto.num.dual-abi openssl-3.0.0-beta1/uti
|
|||||||
--- openssl-3.0.0-beta1/util/libcrypto.num.dual-abi 2021-07-13 23:38:25.166562563 +0200
|
--- openssl-3.0.0-beta1/util/libcrypto.num.dual-abi 2021-07-13 23:38:25.166562563 +0200
|
||||||
+++ openssl-3.0.0-beta1/util/libcrypto.num 2021-07-13 23:40:38.622939932 +0200
|
+++ openssl-3.0.0-beta1/util/libcrypto.num 2021-07-13 23:40:38.622939932 +0200
|
||||||
@@ -5414,3 +5414,76 @@ ASN1_item_d2i_bio_ex
|
@@ -5414,3 +5414,76 @@ ASN1_item_d2i_bio_ex
|
||||||
ASN1_item_d2i_ex ? 3_0_0 EXIST::FUNCTION:
|
EVP_PKEY_get0_provider 5554 3_0_0 EXIST::FUNCTION:
|
||||||
ASN1_TIME_print_ex ? 3_0_0 EXIST::FUNCTION:
|
EVP_PKEY_CTX_get0_provider 5555 3_0_0 EXIST::FUNCTION:
|
||||||
ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
||||||
+EVP_ASYM_CIPHER_description ? 3_0_0 EXIST::FUNCTION:
|
+EVP_ASYM_CIPHER_description ? 3_0_0 EXIST::FUNCTION:
|
||||||
+EVP_ASYM_CIPHER_name ? 3_0_0 EXIST::FUNCTION:
|
+EVP_ASYM_CIPHER_name ? 3_0_0 EXIST::FUNCTION:
|
||||||
@ -1055,8 +830,8 @@ diff -up openssl-3.0.0-beta1/crypto/provider.c.dual-abi openssl-3.0.0-beta1/cryp
|
|||||||
--- openssl-3.0.0-beta1/crypto/provider.c.dual-abi 2021-07-14 00:37:49.301207962 +0200
|
--- openssl-3.0.0-beta1/crypto/provider.c.dual-abi 2021-07-14 00:37:49.301207962 +0200
|
||||||
+++ openssl-3.0.0-beta1/crypto/provider.c 2021-07-14 00:39:34.796200433 +0200
|
+++ openssl-3.0.0-beta1/crypto/provider.c 2021-07-14 00:39:34.796200433 +0200
|
||||||
@@ -13,6 +13,21 @@
|
@@ -13,6 +13,21 @@
|
||||||
#include <openssl/core_names.h>
|
|
||||||
#include "internal/provider.h"
|
#include "internal/provider.h"
|
||||||
|
#include "provider_local.h"
|
||||||
|
|
||||||
+/* Macro machinery. */
|
+/* Macro machinery. */
|
||||||
+
|
+
|
||||||
@ -1125,20 +900,6 @@ diff -up openssl-3.0.0-beta1/crypto/evp/asymcipher.c.dual-abi openssl-3.0.0-beta
|
|||||||
static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation,
|
static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation,
|
||||||
const OSSL_PARAM params[])
|
const OSSL_PARAM params[])
|
||||||
{
|
{
|
||||||
diff -up openssl-3.0.0-beta1/crypto/evp/evp_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_lib.c
|
|
||||||
--- openssl-3.0.0-beta1/crypto/evp/evp_lib.c.dual-abi 2021-07-17 22:24:40.140969959 +0200
|
|
||||||
+++ openssl-3.0.0-beta1/crypto/evp/evp_lib.c 2021-07-17 22:25:50.977834241 +0200
|
|
||||||
@@ -43,6 +43,10 @@
|
|
||||||
#define RHEL_ALIAS1(old_id) \
|
|
||||||
RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id)
|
|
||||||
|
|
||||||
+#define EVP_MD_description EVP_MD_get0_description
|
|
||||||
+#define EVP_MD_provider EVP_MD_get0_provider
|
|
||||||
+#define EVP_CIPHER_description EVP_CIPHER_get0_description
|
|
||||||
+#define EVP_CIPHER_provider EVP_CIPHER_get0_provider
|
|
||||||
|
|
||||||
#if !defined(FIPS_MODULE)
|
|
||||||
|
|
||||||
diff -up openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_rand.c
|
diff -up openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_rand.c
|
||||||
--- openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi 2021-07-17 22:29:25.742454581 +0200
|
--- openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi 2021-07-17 22:29:25.742454581 +0200
|
||||||
+++ openssl-3.0.0-beta1/crypto/evp/evp_rand.c 2021-07-17 22:33:36.158699400 +0200
|
+++ openssl-3.0.0-beta1/crypto/evp/evp_rand.c 2021-07-17 22:33:36.158699400 +0200
|
||||||
@ -1289,3 +1050,236 @@ diff -up openssl-3.0.0-beta1/crypto/evp/p_lib.c.dual-abi openssl-3.0.0-beta1/cry
|
|||||||
static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str,
|
static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str,
|
||||||
int len, EVP_KEYMGMT *keymgmt);
|
int len, EVP_KEYMGMT *keymgmt);
|
||||||
static void evp_pkey_free_it(EVP_PKEY *key);
|
static void evp_pkey_free_it(EVP_PKEY *key);
|
||||||
|
diff -up openssl-3.0.0-beta2/crypto/evp/evp_lib.c.dual-abi openssl-3.0.0-beta2/crypto/evp/evp_lib.c
|
||||||
|
--- openssl-3.0.0-beta2/crypto/evp/evp_lib.c.dual-abi 2021-08-03 12:50:08.359814508 +0200
|
||||||
|
+++ openssl-3.0.0-beta2/crypto/evp/evp_lib.c 2021-08-03 12:55:14.025810602 +0200
|
||||||
|
@@ -28,6 +28,26 @@
|
||||||
|
#include "internal/provider.h"
|
||||||
|
#include "evp_local.h"
|
||||||
|
|
||||||
|
+/* Macro machinery. */
|
||||||
|
+
|
||||||
|
+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C
|
||||||
|
+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C
|
||||||
|
+ * identifier). */
|
||||||
|
+#define RHEL_ALIAS3(alias_id, new_id, old_string) \
|
||||||
|
+ extern __typeof(new_id) alias_id \
|
||||||
|
+ __asm__ (old_string) \
|
||||||
|
+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id)))
|
||||||
|
+
|
||||||
|
+/* Defines an alias using OLD_ID, which must be an macro identifier
|
||||||
|
+ * that expands to the new identifier. */
|
||||||
|
+#define RHEL_ALIAS1(old_id) \
|
||||||
|
+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id)
|
||||||
|
+
|
||||||
|
+#define EVP_MD_description EVP_MD_get0_description
|
||||||
|
+#define EVP_MD_provider EVP_MD_get0_provider
|
||||||
|
+#define EVP_CIPHER_description EVP_CIPHER_get0_description
|
||||||
|
+#define EVP_CIPHER_provider EVP_CIPHER_get0_provider
|
||||||
|
+
|
||||||
|
#if !defined(FIPS_MODULE)
|
||||||
|
# include "crypto/asn1.h"
|
||||||
|
|
||||||
|
diff -up openssl-3.0.0-beta2/crypto/evp/evp_lib.c.dual-abi openssl-3.0.0-beta2/crypto/evp/evp_lib.c
|
||||||
|
--- openssl-3.0.0-beta2/crypto/evp/evp_lib.c.dual-abi 2021-08-03 13:11:46.436671855 +0200
|
||||||
|
+++ openssl-3.0.0-beta2/crypto/evp/evp_lib.c 2021-08-03 13:31:36.873461438 +0200
|
||||||
|
@@ -337,6 +337,7 @@ int EVP_CIPHER_get_type(const EVP_CIPHER
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_type);
|
||||||
|
|
||||||
|
int evp_cipher_cache_constants(EVP_CIPHER *cipher)
|
||||||
|
{
|
||||||
|
@@ -389,11 +390,13 @@ int EVP_CIPHER_get_block_size(const EVP_
|
||||||
|
{
|
||||||
|
return cipher->block_size;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_block_size);
|
||||||
|
|
||||||
|
int EVP_CIPHER_CTX_get_block_size(const EVP_CIPHER_CTX *ctx)
|
||||||
|
{
|
||||||
|
return EVP_CIPHER_get_block_size(ctx->cipher);
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_CTX_block_size);
|
||||||
|
|
||||||
|
int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e)
|
||||||
|
{
|
||||||
|
@@ -466,11 +469,13 @@ int EVP_CIPHER_CTX_is_encrypting(const E
|
||||||
|
{
|
||||||
|
return ctx->encrypt;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_CTX_encrypting);
|
||||||
|
|
||||||
|
unsigned long EVP_CIPHER_get_flags(const EVP_CIPHER *cipher)
|
||||||
|
{
|
||||||
|
return cipher->flags;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_flags);
|
||||||
|
|
||||||
|
void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
|
||||||
|
{
|
||||||
|
@@ -501,6 +506,7 @@ int EVP_CIPHER_get_iv_length(const EVP_C
|
||||||
|
{
|
||||||
|
return cipher->iv_len;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_iv_length);
|
||||||
|
|
||||||
|
int EVP_CIPHER_CTX_get_iv_length(const EVP_CIPHER_CTX *ctx)
|
||||||
|
{
|
||||||
|
@@ -522,6 +543,7 @@ legacy:
|
||||||
|
}
|
||||||
|
return len;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_CTX_iv_length);
|
||||||
|
|
||||||
|
int EVP_CIPHER_CTX_get_tag_length(const EVP_CIPHER_CTX *ctx)
|
||||||
|
{
|
||||||
|
@@ -533,6 +539,7 @@ int EVP_CIPHER_CTX_get_tag_length(const
|
||||||
|
ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
|
||||||
|
return ret == 1 ? (int)v : 0;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_CTX_tag_length);
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_DEPRECATED_3_0
|
||||||
|
const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx)
|
||||||
|
@@ -615,6 +622,7 @@ int EVP_CIPHER_CTX_get_num(const EVP_CIP
|
||||||
|
|
||||||
|
return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_CTX_num);
|
||||||
|
|
||||||
|
int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num)
|
||||||
|
{
|
||||||
|
@@ -634,6 +642,7 @@ int EVP_CIPHER_get_key_length(const EVP_
|
||||||
|
{
|
||||||
|
return cipher->key_len;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_key_length);
|
||||||
|
|
||||||
|
int EVP_CIPHER_CTX_get_key_length(const EVP_CIPHER_CTX *ctx)
|
||||||
|
{
|
||||||
|
@@ -646,16 +655,19 @@ int EVP_CIPHER_CTX_get_key_length(const
|
||||||
|
|
||||||
|
return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_CTX_key_length);
|
||||||
|
|
||||||
|
int EVP_CIPHER_get_nid(const EVP_CIPHER *cipher)
|
||||||
|
{
|
||||||
|
return cipher->nid;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_nid);
|
||||||
|
|
||||||
|
int EVP_CIPHER_CTX_get_nid(const EVP_CIPHER_CTX *ctx)
|
||||||
|
{
|
||||||
|
return ctx->cipher->nid;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_CTX_nid);
|
||||||
|
|
||||||
|
int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name)
|
||||||
|
{
|
||||||
|
@@ -679,6 +691,7 @@ const char *EVP_CIPHER_get0_name(const E
|
||||||
|
return NULL;
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_name);
|
||||||
|
|
||||||
|
const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher)
|
||||||
|
{
|
||||||
|
@@ -690,6 +703,7 @@ const char *EVP_CIPHER_get0_description(
|
||||||
|
return NULL;
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_description);
|
||||||
|
|
||||||
|
int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher,
|
||||||
|
void (*fn)(const char *name, void *data),
|
||||||
|
@@ -705,11 +719,13 @@ const OSSL_PROVIDER *EVP_CIPHER_get0_pro
|
||||||
|
{
|
||||||
|
return cipher->prov;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_provider);
|
||||||
|
|
||||||
|
int EVP_CIPHER_get_mode(const EVP_CIPHER *cipher)
|
||||||
|
{
|
||||||
|
return EVP_CIPHER_get_flags(cipher) & EVP_CIPH_MODE;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_CIPHER_mode);
|
||||||
|
|
||||||
|
int EVP_MD_is_a(const EVP_MD *md, const char *name)
|
||||||
|
{
|
||||||
|
@@ -733,6 +749,7 @@ const char *EVP_MD_get0_description(cons
|
||||||
|
return NULL;
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_MD_description);
|
||||||
|
|
||||||
|
const char *EVP_MD_get0_name(const EVP_MD *md)
|
||||||
|
{
|
||||||
|
@@ -746,6 +763,7 @@ const char *EVP_MD_get0_name(const EVP_M
|
||||||
|
return NULL;
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_MD_name);
|
||||||
|
|
||||||
|
int EVP_MD_names_do_all(const EVP_MD *md,
|
||||||
|
void (*fn)(const char *name, void *data),
|
||||||
|
@@ -761,16 +779,19 @@ const OSSL_PROVIDER *EVP_MD_get0_provide
|
||||||
|
{
|
||||||
|
return md->prov;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_MD_provider);
|
||||||
|
|
||||||
|
int EVP_MD_get_type(const EVP_MD *md)
|
||||||
|
{
|
||||||
|
return md->type;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_MD_type);
|
||||||
|
|
||||||
|
int EVP_MD_get_pkey_type(const EVP_MD *md)
|
||||||
|
{
|
||||||
|
return md->pkey_type;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_MD_pkey_type);
|
||||||
|
|
||||||
|
int EVP_MD_get_block_size(const EVP_MD *md)
|
||||||
|
{
|
||||||
|
@@ -780,6 +801,7 @@ int EVP_MD_get_block_size(const EVP_MD *
|
||||||
|
}
|
||||||
|
return md->block_size;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_MD_block_size);
|
||||||
|
|
||||||
|
int EVP_MD_get_size(const EVP_MD *md)
|
||||||
|
{
|
||||||
|
@@ -789,11 +811,13 @@ int EVP_MD_get_size(const EVP_MD *md)
|
||||||
|
}
|
||||||
|
return md->md_size;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_MD_size);
|
||||||
|
|
||||||
|
unsigned long EVP_MD_get_flags(const EVP_MD *md)
|
||||||
|
{
|
||||||
|
return md->flags;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_MD_flags);
|
||||||
|
|
||||||
|
EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type)
|
||||||
|
{
|
||||||
|
@@ -1008,6 +1032,7 @@ EVP_PKEY_CTX *EVP_MD_CTX_get_pkey_ctx(co
|
||||||
|
{
|
||||||
|
return ctx->pctx;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_MD_CTX_pkey_ctx);
|
||||||
|
|
||||||
|
#if !defined(FIPS_MODULE)
|
||||||
|
void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx)
|
||||||
|
@@ -1034,6 +1059,7 @@ void *EVP_MD_CTX_get0_md_data(const EVP_
|
||||||
|
{
|
||||||
|
return ctx->md_data;
|
||||||
|
}
|
||||||
|
+RHEL_ALIAS1(EVP_MD_CTX_md_data);
|
||||||
|
|
||||||
|
int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx,
|
||||||
|
const void *data, size_t count)
|
||||||
|
@ -1,75 +0,0 @@
|
|||||||
diff -up openssl-3.0.0-beta1/apps/pkcs12.c.dup-pkcs12 openssl-3.0.0-beta1/apps/pkcs12.c
|
|
||||||
--- openssl-3.0.0-beta1/apps/pkcs12.c.dup-pkcs12 2021-07-22 14:59:14.777544688 +0200
|
|
||||||
+++ openssl-3.0.0-beta1/apps/pkcs12.c 2021-07-22 15:06:04.768908265 +0200
|
|
||||||
@@ -571,8 +571,6 @@ int pkcs12_main(int argc, char **argv)
|
|
||||||
infile);
|
|
||||||
goto export_end;
|
|
||||||
}
|
|
||||||
- } else {
|
|
||||||
- ee_cert = X509_dup(sk_X509_value(certs, 0)); /* take 1st cert */
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -588,8 +586,13 @@ int pkcs12_main(int argc, char **argv)
|
|
||||||
int vret;
|
|
||||||
STACK_OF(X509) *chain2;
|
|
||||||
X509_STORE *store;
|
|
||||||
+ X509 *ee_cert_tmp = ee_cert;
|
|
||||||
|
|
||||||
- if (ee_cert == NULL) {
|
|
||||||
+ /* Assume the first cert if we haven't got anything else */
|
|
||||||
+ if (ee_cert_tmp == NULL && certs != NULL)
|
|
||||||
+ ee_cert_tmp = sk_X509_value(certs, 0);
|
|
||||||
+
|
|
||||||
+ if (ee_cert_tmp == NULL) {
|
|
||||||
BIO_printf(bio_err,
|
|
||||||
"No end entity certificate to check with -chain\n");
|
|
||||||
goto export_end;
|
|
||||||
@@ -600,7 +603,7 @@ int pkcs12_main(int argc, char **argv)
|
|
||||||
== NULL)
|
|
||||||
goto export_end;
|
|
||||||
|
|
||||||
- vret = get_cert_chain(ee_cert, store, untrusted_certs, &chain2);
|
|
||||||
+ vret = get_cert_chain(ee_cert_tmp, store, untrusted_certs, &chain2);
|
|
||||||
X509_STORE_free(store);
|
|
||||||
|
|
||||||
if (vret == X509_V_OK) {
|
|
||||||
diff -up openssl-3.0.0-beta1/test/recipes/80-test_pkcs12.t.dup-pkcs12 openssl-3.0.0-beta1/test/recipes/80-test_pkcs12.t
|
|
||||||
--- openssl-3.0.0-beta1/test/recipes/80-test_pkcs12.t.dup-pkcs12 2021-07-22 15:06:22.715077291 +0200
|
|
||||||
+++ openssl-3.0.0-beta1/test/recipes/80-test_pkcs12.t 2021-07-22 15:17:52.250559784 +0200
|
|
||||||
@@ -54,7 +54,7 @@ if (eval { require Win32::API; 1; }) {
|
|
||||||
}
|
|
||||||
$ENV{OPENSSL_WIN32_UTF8}=1;
|
|
||||||
|
|
||||||
-plan tests => 7;
|
|
||||||
+plan tests => 10;
|
|
||||||
|
|
||||||
# Test different PKCS#12 formats
|
|
||||||
ok(run(test(["pkcs12_format_test"])), "test pkcs12 formats");
|
|
||||||
@@ -73,6 +73,7 @@ my @path = qw(test certs);
|
|
||||||
my $outfile1 = "out1.p12";
|
|
||||||
my $outfile2 = "out2.p12";
|
|
||||||
my $outfile3 = "out3.p12";
|
|
||||||
+my $outfile5 = "out5.p12";
|
|
||||||
|
|
||||||
# Test the -chain option with -untrusted
|
|
||||||
ok(run(app(["openssl", "pkcs12", "-export", "-chain",
|
|
||||||
@@ -108,4 +109,18 @@ SKIP: {
|
|
||||||
"test_pkcs12_passcerts_legacy");
|
|
||||||
}
|
|
||||||
|
|
||||||
+ok(run(app(["openssl", "pkcs12", "-export", "-out", $outfile5,
|
|
||||||
+ "-in", srctop_file(@path, "ee-cert.pem"), "-caname", "testname",
|
|
||||||
+ "-nokeys", "-passout", "pass:", "-certpbe", "NONE"])),
|
|
||||||
+ "test nokeys single cert");
|
|
||||||
+
|
|
||||||
+my @pkcs12info = run(app(["openssl", "pkcs12", "-info", "-in", $outfile5,
|
|
||||||
+ "-passin", "pass:"]), capture => 1);
|
|
||||||
+
|
|
||||||
+# Test that with one input certificate, we get one output certificate
|
|
||||||
+ok(grep(/subject=CN = server.example/, @pkcs12info) == 1,
|
|
||||||
+ "test one cert in output");
|
|
||||||
+# Test that the expected friendly name is present in the output
|
|
||||||
+ok(grep(/testname/, @pkcs12info) == 1, "test friendly name in output");
|
|
||||||
+
|
|
||||||
SetConsoleOutputCP($savedcp) if (defined($savedcp));
|
|
14
openssl.spec
14
openssl.spec
@ -15,7 +15,7 @@
|
|||||||
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
||||||
Name: openssl
|
Name: openssl
|
||||||
Version: 3.0.0
|
Version: 3.0.0
|
||||||
Release: 0.beta1.5%{?dist}
|
Release: 0.beta2.1%{?dist}
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
# We have to remove certain patented algorithms from the openssl source
|
# We have to remove certain patented algorithms from the openssl source
|
||||||
# tarball with the hobble-openssl script which is included below.
|
# tarball with the hobble-openssl script which is included below.
|
||||||
@ -52,14 +52,8 @@ Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch
|
|||||||
#Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch
|
#Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch
|
||||||
# remove unsupported EC curves
|
# remove unsupported EC curves
|
||||||
Patch11: 0011-Remove-EC-curves.patch
|
Patch11: 0011-Remove-EC-curves.patch
|
||||||
# Use AI_ADDRCONFIG only when explicit host name is given
|
|
||||||
Patch17: 0017-use-AI-ADDRCONFIG-explicit-hostname.patch
|
|
||||||
# Fix segmentation fault in BN_lebin2bn()
|
|
||||||
Patch18: 0018-Fix-crash-BN_lebin2bn.patch
|
|
||||||
# Temporary dual-ABI build patch
|
# Temporary dual-ABI build patch
|
||||||
Patch19: 0019-dual-abi.patch
|
Patch19: 0019-dual-abi.patch
|
||||||
# Prevents creation of duplicate cert entries in PKCS #12 files
|
|
||||||
Patch20: 0020-no-dup-cert-entries.patch
|
|
||||||
|
|
||||||
License: ASL 2.0
|
License: ASL 2.0
|
||||||
URL: http://www.openssl.org/
|
URL: http://www.openssl.org/
|
||||||
@ -115,7 +109,7 @@ package provides Perl scripts for converting certificates and keys
|
|||||||
from other formats to the formats used by the OpenSSL toolkit.
|
from other formats to the formats used by the OpenSSL toolkit.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%autosetup -S git -n %{name}-%{version}-beta1
|
%autosetup -S git -n %{name}-%{version}-beta2
|
||||||
|
|
||||||
# The hobble_openssl is called here redundantly, just to be sure.
|
# The hobble_openssl is called here redundantly, just to be sure.
|
||||||
# The tarball has already the sources removed.
|
# The tarball has already the sources removed.
|
||||||
@ -382,6 +376,10 @@ install -m644 %{SOURCE9} \
|
|||||||
%ldconfig_scriptlets libs
|
%ldconfig_scriptlets libs
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Aug 03 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta2.1
|
||||||
|
- Rebase to upstream version beta2
|
||||||
|
- Related: rhbz#1903209
|
||||||
|
|
||||||
* Thu Jul 22 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.5
|
* Thu Jul 22 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.5
|
||||||
- Prevents creation of duplicate cert entries in PKCS #12 files
|
- Prevents creation of duplicate cert entries in PKCS #12 files
|
||||||
- Resolves: rhbz#1978670
|
- Resolves: rhbz#1978670
|
||||||
|
2
sources
2
sources
@ -1 +1 @@
|
|||||||
SHA512 (openssl-3.0.0-hobbled.tar.xz) = 05f3e01621be98e776061a86b8fec68bdafeac720c8f968b1c4fafc5f328839701d2ffd67d6bd695c3dbf67e3efb03b3c856ed046d751359bc89b867205b7fe9
|
SHA512 (openssl-3.0.0-hobbled.tar.xz) = 096758a79680921d2b18929177d2ee43b7fb62fa30164a16ab1749b8349aac5e6e3d0761419b6c9f0a591c8991c133d142e56ab92f197d142649b58e66d876f7
|
||||||
|
Loading…
Reference in New Issue
Block a user