]>
Commit | Line | Data |
---|---|---|
53591743 | 1 | Index: crypto/bio/bss_file.c\r |
2 | ===================================================================\r | |
3 | --- crypto/bio/bss_file.c (revision 1)\r | |
4 | +++ crypto/bio/bss_file.c (working copy)\r | |
5 | @@ -428,6 +428,23 @@\r | |
97f98500 HT |
6 | return(ret);\r |
7 | }\r | |
8 | \r | |
9 | +#else\r | |
10 | +\r | |
11 | +BIO_METHOD *BIO_s_file(void)\r | |
12 | + {\r | |
13 | + return NULL;\r | |
14 | + }\r | |
15 | +\r | |
16 | +BIO *BIO_new_file(const char *filename, const char *mode)\r | |
17 | + {\r | |
18 | + return NULL;\r | |
19 | + }\r | |
20 | +\r | |
21 | +BIO *BIO_new_fp(FILE *stream, int close_flag)\r | |
22 | + {\r | |
23 | + return NULL;\r | |
24 | + }\r | |
25 | +\r | |
26 | #endif /* OPENSSL_NO_STDIO */\r | |
27 | \r | |
28 | #endif /* HEADER_BSS_FILE_C */\r | |
f4184cbd | 29 | Index: crypto/crypto.h\r |
30 | ===================================================================\r | |
31 | --- crypto/crypto.h (revision 1)\r | |
32 | +++ crypto/crypto.h (working copy)\r | |
33 | @@ -235,15 +235,15 @@\r | |
34 | #ifndef OPENSSL_NO_LOCKING\r | |
35 | #ifndef CRYPTO_w_lock\r | |
36 | #define CRYPTO_w_lock(type) \\r | |
37 | - CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)\r | |
38 | + CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,NULL,0)\r | |
39 | #define CRYPTO_w_unlock(type) \\r | |
40 | - CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)\r | |
41 | + CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,NULL,0)\r | |
42 | #define CRYPTO_r_lock(type) \\r | |
43 | - CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)\r | |
44 | + CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,NULL,0)\r | |
45 | #define CRYPTO_r_unlock(type) \\r | |
46 | - CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)\r | |
47 | + CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,NULL,0)\r | |
48 | #define CRYPTO_add(addr,amount,type) \\r | |
49 | - CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)\r | |
50 | + CRYPTO_add_lock(addr,amount,type,NULL,0)\r | |
51 | #endif\r | |
52 | #else\r | |
53 | #define CRYPTO_w_lock(a)\r | |
54 | @@ -361,19 +361,19 @@\r | |
55 | #define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)\r | |
56 | #define is_MemCheck_on() CRYPTO_is_mem_check_on()\r | |
57 | \r | |
58 | -#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__)\r | |
59 | -#define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__)\r | |
60 | +#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,NULL,0)\r | |
61 | +#define OPENSSL_strdup(str) CRYPTO_strdup((str),NULL,0)\r | |
62 | #define OPENSSL_realloc(addr,num) \\r | |
63 | - CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)\r | |
64 | + CRYPTO_realloc((char *)addr,(int)num,NULL,0)\r | |
65 | #define OPENSSL_realloc_clean(addr,old_num,num) \\r | |
66 | - CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__)\r | |
67 | + CRYPTO_realloc_clean(addr,old_num,num,NULL,0)\r | |
68 | #define OPENSSL_remalloc(addr,num) \\r | |
69 | - CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)\r | |
70 | + CRYPTO_remalloc((char **)addr,(int)num,NULL,0)\r | |
71 | #define OPENSSL_freeFunc CRYPTO_free\r | |
72 | #define OPENSSL_free(addr) CRYPTO_free(addr)\r | |
73 | \r | |
74 | #define OPENSSL_malloc_locked(num) \\r | |
75 | - CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)\r | |
76 | + CRYPTO_malloc_locked((int)num,NULL,0)\r | |
77 | #define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)\r | |
78 | \r | |
79 | \r | |
80 | @@ -487,7 +487,7 @@\r | |
81 | long CRYPTO_get_mem_debug_options(void);\r | |
82 | \r | |
83 | #define CRYPTO_push_info(info) \\r | |
84 | - CRYPTO_push_info_(info, __FILE__, __LINE__);\r | |
85 | + CRYPTO_push_info_(info, NULL, 0);\r | |
86 | int CRYPTO_push_info_(const char *info, const char *file, int line);\r | |
87 | int CRYPTO_pop_info(void);\r | |
88 | int CRYPTO_remove_all_info(void);\r | |
89 | @@ -528,17 +528,17 @@\r | |
90 | \r | |
91 | /* die if we have to */\r | |
92 | void OpenSSLDie(const char *file,int line,const char *assertion);\r | |
93 | -#define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))\r | |
94 | +#define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(NULL, 0, #e),1))\r | |
95 | \r | |
96 | unsigned long *OPENSSL_ia32cap_loc(void);\r | |
97 | #define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))\r | |
98 | int OPENSSL_isservice(void);\r | |
99 | \r | |
100 | #ifdef OPENSSL_FIPS\r | |
101 | -#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \\r | |
102 | +#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(NULL, 0, \\r | |
103 | alg " previous FIPS forbidden algorithm error ignored");\r | |
104 | \r | |
105 | -#define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \\r | |
106 | +#define FIPS_BAD_ABORT(alg) OpenSSLDie(NULL, 0, \\r | |
107 | #alg " Algorithm forbidden in FIPS mode");\r | |
108 | \r | |
109 | #ifdef OPENSSL_FIPS_STRICT\r | |
53591743 | 110 | Index: crypto/err/err.c\r |
111 | ===================================================================\r | |
112 | --- crypto/err/err.c (revision 1)\r | |
113 | +++ crypto/err/err.c (working copy)\r | |
4d6afad3 | 114 | @@ -313,7 +313,12 @@\r |
115 | es->err_data_flags[i]=flags;\r | |
116 | }\r | |
117 | \r | |
118 | +/* Add EFIAPI for UEFI version. */\r | |
119 | +#if defined(OPENSSL_SYS_UEFI)\r | |
120 | +void EFIAPI ERR_add_error_data(int num, ...)\r | |
121 | +#else\r | |
122 | void ERR_add_error_data(int num, ...)\r | |
123 | +#endif\r | |
124 | {\r | |
125 | va_list args;\r | |
126 | int i,n,s;\r | |
53591743 | 127 | Index: crypto/err/err.h\r |
128 | ===================================================================\r | |
129 | --- crypto/err/err.h (revision 1)\r | |
130 | +++ crypto/err/err.h (working copy)\r | |
4d6afad3 | 131 | @@ -286,8 +286,14 @@\r |
132 | #endif\r | |
133 | #ifndef OPENSSL_NO_BIO\r | |
134 | void ERR_print_errors(BIO *bp);\r | |
135 | +\r | |
136 | +/* Add EFIAPI for UEFI version. */\r | |
137 | +#if defined(OPENSSL_SYS_UEFI)\r | |
138 | +void EFIAPI ERR_add_error_data(int num, ...);\r | |
139 | +#else\r | |
140 | void ERR_add_error_data(int num, ...);\r | |
141 | #endif\r | |
142 | +#endif\r | |
143 | void ERR_load_strings(int lib,ERR_STRING_DATA str[]);\r | |
144 | void ERR_unload_strings(int lib,ERR_STRING_DATA str[]);\r | |
145 | void ERR_load_ERR_strings(void);\r | |
53591743 | 146 | Index: crypto/opensslconf.h\r |
147 | ===================================================================\r | |
148 | --- crypto/opensslconf.h (revision 1)\r | |
149 | +++ crypto/opensslconf.h (working copy)\r | |
4d6afad3 | 150 | @@ -162,6 +162,9 @@\r |
151 | /* The prime number generation stuff may not work when\r | |
152 | * EIGHT_BIT but I don't care since I've only used this mode\r | |
153 | * for debuging the bignum libraries */\r | |
154 | +\r | |
155 | +/* Bypass following definition for UEFI version. */\r | |
156 | +#if !defined(OPENSSL_SYS_UEFI)\r | |
157 | #undef SIXTY_FOUR_BIT_LONG\r | |
158 | #undef SIXTY_FOUR_BIT\r | |
159 | #define THIRTY_TWO_BIT\r | |
160 | @@ -169,6 +172,8 @@\r | |
161 | #undef EIGHT_BIT\r | |
162 | #endif\r | |
163 | \r | |
164 | +#endif\r | |
165 | +\r | |
166 | #if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)\r | |
167 | #define CONFIG_HEADER_RC4_LOCL_H\r | |
168 | /* if this is defined data[i] is used instead of *data, this is a %20\r | |
53591743 | 169 | Index: crypto/pkcs7/pk7_smime.c\r |
170 | ===================================================================\r | |
171 | --- crypto/pkcs7/pk7_smime.c (revision 1)\r | |
172 | +++ crypto/pkcs7/pk7_smime.c (working copy)\r | |
a2d111ed | 173 | @@ -88,7 +88,10 @@\r |
174 | if (!PKCS7_content_new(p7, NID_pkcs7_data))\r | |
175 | goto err;\r | |
176 | \r | |
177 | - if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) {\r | |
178 | + /* \r | |
179 | + NOTE: Update to SHA-256 digest algorithm for UEFI version.\r | |
180 | + */\r | |
181 | + if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha256()))) {\r | |
182 | PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);\r | |
183 | goto err;\r | |
184 | }\r | |
e98e59c2 | 185 | @@ -173,7 +176,8 @@\r |
186 | STACK_OF(PKCS7_SIGNER_INFO) *sinfos;\r | |
187 | PKCS7_SIGNER_INFO *si;\r | |
188 | X509_STORE_CTX cert_ctx;\r | |
189 | - char buf[4096];\r | |
190 | + char *buf = NULL;\r | |
191 | + int bufsiz;\r | |
192 | int i, j=0, k, ret = 0;\r | |
193 | BIO *p7bio;\r | |
194 | BIO *tmpin, *tmpout;\r | |
195 | @@ -284,10 +288,16 @@\r | |
196 | BIO_set_mem_eof_return(tmpout, 0);\r | |
197 | } else tmpout = out;\r | |
198 | \r | |
199 | + bufsiz = 4096;\r | |
200 | + buf = OPENSSL_malloc (bufsiz);\r | |
201 | + if (buf == NULL) {\r | |
202 | + goto err;\r | |
203 | + }\r | |
204 | +\r | |
205 | /* We now have to 'read' from p7bio to calculate digests etc. */\r | |
206 | for (;;)\r | |
207 | {\r | |
208 | - i=BIO_read(p7bio,buf,sizeof(buf));\r | |
209 | + i=BIO_read(p7bio,buf,bufsiz);\r | |
210 | if (i <= 0) break;\r | |
211 | if (tmpout) BIO_write(tmpout, buf, i);\r | |
212 | }\r | |
213 | @@ -326,6 +336,10 @@\r | |
214 | \r | |
215 | sk_X509_free(signers);\r | |
216 | \r | |
217 | + if (buf != NULL) {\r | |
218 | + OPENSSL_free (buf);\r | |
219 | + }\r | |
220 | +\r | |
221 | return ret;\r | |
222 | }\r | |
223 | \r | |
53591743 | 224 | Index: crypto/rand/rand_egd.c\r |
225 | ===================================================================\r | |
226 | --- crypto/rand/rand_egd.c (revision 1)\r | |
227 | +++ crypto/rand/rand_egd.c (working copy)\r | |
97f98500 HT |
228 | @@ -95,7 +95,7 @@\r |
229 | * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.\r | |
230 | */\r | |
231 | \r | |
232 | -#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS)\r | |
233 | +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI)\r | |
234 | int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)\r | |
235 | {\r | |
236 | return(-1);\r | |
53591743 | 237 | Index: crypto/rand/rand_unix.c\r |
238 | ===================================================================\r | |
239 | --- crypto/rand/rand_unix.c (revision 1)\r | |
240 | +++ crypto/rand/rand_unix.c (working copy)\r | |
97f98500 HT |
241 | @@ -116,7 +116,7 @@\r |
242 | #include <openssl/rand.h>\r | |
243 | #include "rand_lcl.h"\r | |
244 | \r | |
245 | -#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))\r | |
246 | +#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_UEFI))\r | |
247 | \r | |
248 | #include <sys/types.h>\r | |
249 | #include <sys/time.h>\r | |
250 | @@ -322,7 +322,7 @@\r | |
251 | #endif /* !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) */\r | |
252 | \r | |
253 | \r | |
254 | -#if defined(OPENSSL_SYS_VXWORKS)\r | |
255 | +#if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)\r | |
256 | int RAND_poll(void)\r | |
257 | {\r | |
258 | return 0;\r | |
53591743 | 259 | Index: crypto/x509/x509_vfy.c\r |
260 | ===================================================================\r | |
261 | --- crypto/x509/x509_vfy.c (revision 1)\r | |
262 | +++ crypto/x509/x509_vfy.c (working copy)\r | |
02ee8d3b | 263 | @@ -899,6 +899,10 @@\r |
97f98500 HT |
264 | \r |
265 | static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)\r | |
266 | {\r | |
267 | +#if defined(OPENSSL_SYS_UEFI)\r | |
268 | + /* Bypass Certificate Time Checking for UEFI version. */\r | |
269 | + return 1;\r | |
270 | +#else\r | |
271 | time_t *ptime;\r | |
272 | int i;\r | |
273 | \r | |
02ee8d3b | 274 | @@ -942,6 +946,7 @@\r |
97f98500 HT |
275 | }\r |
276 | \r | |
277 | return 1;\r | |
53591743 | 278 | +#endif \r |
97f98500 HT |
279 | }\r |
280 | \r | |
281 | static int internal_verify(X509_STORE_CTX *ctx)\r |