]> git.proxmox.com Git - mirror_edk2.git/blame - CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2f.patch
projects / mirror_edk2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
CryptoPkg/OpensslLib: Include complete copy of opensslconf.h
[mirror_edk2.git] / CryptoPkg / Library / OpensslLib / EDKII_openssl-1.0.2f.patch
CommitLineData
f93f78ea 1diff U3 crypto/bio/bio.h crypto/bio/bio.h\r
e6b2c991
QL		 2--- crypto/bio/bio.h Thu Jan 28 21:56:08 2016\r
3+++ crypto/bio/bio.h Wed Feb 17 16:43:40 2016\r
4@@ -650,10 +650,10 @@\r
f93f78ea
QL		 5 int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,\r
6 asn1_ps_func **psuffix_free);\r
7 \r
8-# ifndef OPENSSL_NO_FP_API\r
9 BIO_METHOD *BIO_s_file(void);\r
10 BIO *BIO_new_file(const char *filename, const char *mode);\r
11 BIO *BIO_new_fp(FILE *stream, int close_flag);\r
12+# ifndef OPENSSL_NO_FP_API\r
13 # define BIO_s_file_internal BIO_s_file\r
14 # endif\r
15 BIO *BIO_new(BIO_METHOD *type);\r
16diff U3 crypto/bio/bss_file.c crypto/bio/bss_file.c\r
e6b2c991
QL		 17--- crypto/bio/bss_file.c Thu Jan 28 21:38:30 2016\r
18+++ crypto/bio/bss_file.c Wed Feb 17 16:01:02 2016\r
65202874 19@@ -467,6 +467,23 @@\r
f93f78ea
QL		 20 return (ret);\r
21 }\r
22 \r
23+# else\r
24+\r
25+BIO_METHOD *BIO_s_file(void)\r
26+{\r
27+ return NULL;\r
28+}\r
29+\r
30+BIO *BIO_new_file(const char *filename, const char *mode)\r
31+{\r
32+ return NULL;\r
33+}\r
34+\r
35+BIO *BIO_new_fp(FILE *stream, int close_flag)\r
36+{\r
37+ return NULL;\r
38+}\r
39+\r
40 # endif /* OPENSSL_NO_STDIO */\r
41 \r
42 #endif /* HEADER_BSS_FILE_C */\r
43diff U3 crypto/dh/dh_pmeth.c crypto/dh/dh_pmeth.c\r
e6b2c991
QL		 44--- crypto/dh/dh_pmeth.c Thu Jan 28 21:56:08 2016\r
45+++ crypto/dh/dh_pmeth.c Wed Feb 17 16:15:58 2016\r
f93f78ea
QL		 46@@ -449,6 +449,9 @@\r
47 *keylen = ret;\r
48 return 1;\r
49 } else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {\r
50+#ifdef OPENSSL_NO_CMS\r
51+ return 0;\r
52+#else\r
53 unsigned char *Z = NULL;\r
54 size_t Zlen = 0;\r
55 if (!dctx->kdf_outlen || !dctx->kdf_oid)\r
56@@ -478,6 +481,7 @@\r
57 OPENSSL_free(Z);\r
58 }\r
59 return ret;\r
60+#endif\r
61 }\r
62 return 1;\r
63 }\r
64diff U3 crypto/pem/pem.h crypto/pem/pem.h\r
e6b2c991
QL		 65--- crypto/pem/pem.h Thu Jan 28 21:56:08 2016\r
66+++ crypto/pem/pem.h Wed Feb 17 15:56:26 2016\r
f93f78ea
QL		 67@@ -324,6 +324,7 @@\r
68 \r
69 # define DECLARE_PEM_read_fp(name, type) /**/\r
70 # define DECLARE_PEM_write_fp(name, type) /**/\r
71+# define DECLARE_PEM_write_fp_const(name, type) /**/\r
72 # define DECLARE_PEM_write_cb_fp(name, type) /**/\r
73 # else\r
74 \r
75diff U3 crypto/pkcs7/pk7_smime.c crypto/pkcs7/pk7_smime.c\r
e6b2c991
QL		 76--- crypto/pkcs7/pk7_smime.c Thu Jan 28 21:56:08 2016\r
77+++ crypto/pkcs7/pk7_smime.c Wed Feb 17 16:22:45 2016\r
f93f78ea
QL		 78@@ -254,7 +254,8 @@\r
79 STACK_OF(PKCS7_SIGNER_INFO) *sinfos;\r
80 PKCS7_SIGNER_INFO *si;\r
81 X509_STORE_CTX cert_ctx;\r
82- char buf[4096];\r
83+ char *buf = NULL;\r
84+ int bufsiz;\r
85 int i, j = 0, k, ret = 0;\r
65202874
QL		 86 BIO *p7bio = NULL;\r
87 BIO *tmpin = NULL, *tmpout = NULL;\r
88@@ -275,12 +276,6 @@\r
89 return 0;\r
90 }\r
91 \r
92- /* Check for data and content: two sets of data */\r
93- if (!PKCS7_get_detached(p7) && indata) {\r
94- PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT);\r
95- return 0;\r
96- }\r
97-\r
98 sinfos = PKCS7_get_signer_info(p7);\r
99 \r
100 if (!sinfos || !sk_PKCS7_SIGNER_INFO_num(sinfos)) {\r
101@@ -355,9 +350,14 @@\r
f93f78ea
QL		 102 } else\r
103 tmpout = out;\r
104 \r
105+ bufsiz = 4096;\r
106+ buf = OPENSSL_malloc(bufsiz);\r
107+ if (buf == NULL) {\r
108+ goto err;\r
109+ }\r
110 /* We now have to 'read' from p7bio to calculate digests etc. */\r
111 for (;;) {\r
112- i = BIO_read(p7bio, buf, sizeof(buf));\r
113+ i = BIO_read(p7bio, buf, bufsiz);\r
114 if (i <= 0)\r
115 break;\r
116 if (tmpout)\r
e6b2c991 117@@ -394,6 +394,9 @@\r
65202874 118 }\r
f93f78ea 119 BIO_free_all(p7bio);\r
f93f78ea 120 sk_X509_free(signers);\r
f93f78ea 121+ if (buf != NULL) {\r
e6b2c991 122+ OPENSSL_free(buf);\r
f93f78ea 123+ }\r
f93f78ea
QL		 124 return ret;\r
125 }\r
65202874 126 \r
f93f78ea 127diff U3 crypto/rand/rand_unix.c crypto/rand/rand_unix.c\r
e6b2c991
QL		 128--- crypto/rand/rand_unix.c Thu Jan 28 21:38:32 2016\r
129+++ crypto/rand/rand_unix.c Wed Feb 17 15:40:02 2016\r
f93f78ea
QL		 130@@ -116,7 +116,7 @@\r
131 #include <openssl/rand.h>\r
132 #include "rand_lcl.h"\r
133 \r
134-#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))\r
135+#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_UEFI))\r
136 \r
137 # include <sys/types.h>\r
138 # include <sys/time.h>\r
139@@ -439,7 +439,7 @@\r
140 * defined(OPENSSL_SYS_VXWORKS) ||\r
141 * defined(OPENSSL_SYS_NETWARE)) */\r
142 \r
143-#if defined(OPENSSL_SYS_VXWORKS)\r
144+#if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)\r
145 int RAND_poll(void)\r
146 {\r
147 return 0;\r
148diff U3 crypto/rsa/rsa_ameth.c crypto/rsa/rsa_ameth.c\r
e6b2c991
QL		 149--- crypto/rsa/rsa_ameth.c Thu Jan 28 21:56:08 2016\r
150+++ crypto/rsa/rsa_ameth.c Wed Feb 17 15:09:46 2016\r
f93f78ea
QL		 151@@ -68,10 +68,12 @@\r
152 #endif\r
153 #include "asn1_locl.h"\r
154 \r
155+#ifndef OPENSSL_NO_CMS\r
156 static int rsa_cms_sign(CMS_SignerInfo *si);\r
157 static int rsa_cms_verify(CMS_SignerInfo *si);\r
158 static int rsa_cms_decrypt(CMS_RecipientInfo *ri);\r
159 static int rsa_cms_encrypt(CMS_RecipientInfo *ri);\r
160+#endif\r
161 \r
162 static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)\r
163 {\r
164@@ -665,6 +667,7 @@\r
165 return rv;\r
166 }\r
167 \r
168+#ifndef OPENSSL_NO_CMS\r
169 static int rsa_cms_verify(CMS_SignerInfo *si)\r
170 {\r
171 int nid, nid2;\r
172@@ -683,6 +686,7 @@\r
173 }\r
174 return 0;\r
175 }\r
176+#endif\r
177 \r
178 /*\r
179 * Customised RSA item verification routine. This is called when a signature\r
180@@ -705,6 +709,7 @@\r
181 return -1;\r
182 }\r
183 \r
184+#ifndef OPENSSL_NO_CMS\r
185 static int rsa_cms_sign(CMS_SignerInfo *si)\r
186 {\r
187 int pad_mode = RSA_PKCS1_PADDING;\r
188@@ -729,6 +734,7 @@\r
189 X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsassaPss), V_ASN1_SEQUENCE, os);\r
190 return 1;\r
191 }\r
192+#endif\r
193 \r
194 static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,\r
195 X509_ALGOR *alg1, X509_ALGOR *alg2,\r
196@@ -785,6 +791,7 @@\r
197 return pss;\r
198 }\r
199 \r
200+#ifndef OPENSSL_NO_CMS\r
201 static int rsa_cms_decrypt(CMS_RecipientInfo *ri)\r
202 {\r
203 EVP_PKEY_CTX *pkctx;\r
204@@ -857,7 +864,9 @@\r
205 X509_ALGOR_free(maskHash);\r
206 return rv;\r
207 }\r
208+#endif\r
209 \r
210+#ifndef OPENSSL_NO_CMS\r
211 static int rsa_cms_encrypt(CMS_RecipientInfo *ri)\r
212 {\r
213 const EVP_MD *md, *mgf1md;\r
214@@ -920,6 +929,7 @@\r
215 ASN1_STRING_free(os);\r
216 return rv;\r
217 }\r
218+#endif\r
219 \r
220 const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] = {\r
221 {\r
222diff U3 crypto/x509/x509_vfy.c crypto/x509/x509_vfy.c\r
e6b2c991
QL		 223--- crypto/x509/x509_vfy.c Thu Jan 28 21:56:08 2016\r
224+++ crypto/x509/x509_vfy.c Wed Feb 17 16:09:58 2016\r
65202874 225@@ -940,6 +940,8 @@\r
de0408be
DW		 226 ctx->current_crl = crl;\r
227 if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)\r
228 ptime = &ctx->param->check_time;\r
229+ else if (ctx->param->flags & X509_V_FLAG_NO_CHECK_TIME)\r
230+ return 1;\r
231 else\r
232 ptime = NULL;\r
f93f78ea 233 \r
65202874 234@@ -1663,6 +1665,8 @@\r
f93f78ea 235 \r
de0408be
DW		 236 if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)\r
237 ptime = &ctx->param->check_time;\r
238+ else if (ctx->param->flags & X509_V_FLAG_NO_CHECK_TIME)\r
239+ return 1;\r
240 else\r
241 ptime = NULL;\r
f93f78ea 242 \r
de0408be 243diff U3 crypto/x509/x509_vfy.h crypto/x509/x509_vfy.h\r
e6b2c991
QL		 244--- crypto/x509/x509_vfy.h Thu Jan 28 21:56:08 2016\r
245+++ crypto/x509/x509_vfy.h Wed Feb 17 16:08:18 2016\r
de0408be
DW		 246@@ -438,6 +438,8 @@\r
247 * will force the behaviour to match that of previous versions.\r
248 */\r
249 # define X509_V_FLAG_NO_ALT_CHAINS 0x100000\r
250+/* Do not check certificate/CRL validity against current time */\r
251+# define X509_V_FLAG_NO_CHECK_TIME 0x200000\r
f93f78ea 252 \r
de0408be
DW		 253 # define X509_VP_FLAG_DEFAULT 0x1\r
254 # define X509_VP_FLAG_OVERWRITE 0x2\r
f93f78ea 255diff U3 crypto/x509v3/ext_dat.h crypto/x509v3/ext_dat.h\r
e6b2c991
QL		 256--- crypto/x509v3/ext_dat.h Thu Jan 28 21:56:08 2016\r
257+++ crypto/x509v3/ext_dat.h Wed Feb 17 16:13:30 2016\r
f93f78ea
QL		 258@@ -127,8 +127,10 @@\r
259 &v3_idp,\r
260 &v3_alt[2],\r
261 &v3_freshest_crl,\r
262+#ifndef OPENSSL_SYS_UEFI\r
263 &v3_ct_scts[0],\r
264 &v3_ct_scts[1],\r
265+#endif\r
266 };\r
267 \r
268 /* Number of standard extensions */\r
269diff U3 crypto/crypto.h crypto/crypto.h\r
e6b2c991
QL		 270--- crypto/crypto.h Thu Jan 28 21:38:30 2016\r
271+++ crypto/crypto.h Wed Feb 17 16:33:00 2016\r
f93f78ea
QL		 272@@ -235,15 +235,15 @@\r
273 # ifndef OPENSSL_NO_LOCKING\r
274 # ifndef CRYPTO_w_lock\r
275 # define CRYPTO_w_lock(type) \\r
276- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)\r
277+ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,NULL,0)\r
278 # define CRYPTO_w_unlock(type) \\r
279- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)\r
280+ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,NULL,0)\r
281 # define CRYPTO_r_lock(type) \\r
282- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)\r
283+ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,NULL,0)\r
284 # define CRYPTO_r_unlock(type) \\r
285- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)\r
286+ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,NULL,0)\r
287 # define CRYPTO_add(addr,amount,type) \\r
288- CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)\r
289+ CRYPTO_add_lock(addr,amount,type,NULL,0)\r
290 # endif\r
291 # else\r
292 # define CRYPTO_w_lock(a)\r
293@@ -378,19 +378,19 @@\r
294 # define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)\r
295 # define is_MemCheck_on() CRYPTO_is_mem_check_on()\r
296 \r
297-# define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__)\r
298-# define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__)\r
299+# define OPENSSL_malloc(num) CRYPTO_malloc((int)num,NULL,0)\r
300+# define OPENSSL_strdup(str) CRYPTO_strdup((str),NULL,0)\r
301 # define OPENSSL_realloc(addr,num) \\r
302- CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)\r
303+ CRYPTO_realloc((char *)addr,(int)num,NULL,0)\r
304 # define OPENSSL_realloc_clean(addr,old_num,num) \\r
305- CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__)\r
306+ CRYPTO_realloc_clean(addr,old_num,num,NULL,0)\r
307 # define OPENSSL_remalloc(addr,num) \\r
308- CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)\r
309+ CRYPTO_remalloc((char **)addr,(int)num,NULL,0)\r
310 # define OPENSSL_freeFunc CRYPTO_free\r
311 # define OPENSSL_free(addr) CRYPTO_free(addr)\r
312 \r
313 # define OPENSSL_malloc_locked(num) \\r
314- CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)\r
315+ CRYPTO_malloc_locked((int)num,NULL,0)\r
316 # define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)\r
317 \r
318 const char *SSLeay_version(int type);\r
319@@ -545,7 +545,7 @@\r
320 long CRYPTO_get_mem_debug_options(void);\r
321 \r
322 # define CRYPTO_push_info(info) \\r
323- CRYPTO_push_info_(info, __FILE__, __LINE__);\r
324+ CRYPTO_push_info_(info, NULL, 0);\r
325 int CRYPTO_push_info_(const char *info, const char *file, int line);\r
326 int CRYPTO_pop_info(void);\r
327 int CRYPTO_remove_all_info(void);\r
328@@ -588,7 +588,7 @@\r
329 \r
330 /* die if we have to */\r
331 void OpenSSLDie(const char *file, int line, const char *assertion);\r
332-# define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))\r
333+# define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(NULL, 0, #e),1))\r
334 \r
335 unsigned long *OPENSSL_ia32cap_loc(void);\r
336 # define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))\r
337@@ -605,14 +605,14 @@\r
338 # define fips_md_init_ctx(alg, cx) \\r
339 int alg##_Init(cx##_CTX *c) \\r
340 { \\r
341- if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \\r
342+ if (FIPS_mode()) OpenSSLDie(NULL, 0, \\r
343 "Low level API call to digest " #alg " forbidden in FIPS mode!"); \\r
344 return private_##alg##_Init(c); \\r
345 } \\r
346 int private_##alg##_Init(cx##_CTX *c)\r
347 \r
348 # define fips_cipher_abort(alg) \\r
349- if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \\r
350+ if (FIPS_mode()) OpenSSLDie(NULL, 0, \\r
351 "Low level API call to cipher " #alg " forbidden in FIPS mode!")\r
352 \r
353 # else\r
97468ab9 354diff U3 e_os.h e_os.h\r
e6b2c991
QL		 355--- e_os.h Thu Jan 28 21:56:08 2016\r
356+++ e_os.h Wed Feb 17 15:52:08 2016\r
97468ab9
DW		 357@@ -136,7 +136,7 @@\r
358 # define MSDOS\r
359 # endif\r
360 \r
361-# if defined(MSDOS) && !defined(GETPID_IS_MEANINGLESS)\r
362+# if (defined(MSDOS) || defined(OPENSSL_SYS_UEFI)) && !defined(GETPID_IS_MEANINGLESS)\r
363 # define GETPID_IS_MEANINGLESS\r
364 # endif\r
365 \r
3b21958b 366diff U3 e_os2.h e_os2.h\r
e6b2c991
QL		 367--- e_os2.h Thu Jan 28 21:56:08 2016\r
368+++ e_os2.h Wed Feb 17 15:53:08 2016\r
3b21958b
DW		 369@@ -97,7 +97,14 @@\r
370 * For 32 bit environment, there seems to be the CygWin environment and then\r
371 * all the others that try to do the same thing Microsoft does...\r
372 */\r
373-# if defined(OPENSSL_SYSNAME_UWIN)\r
374+/*\r
375+ * UEFI lives here because it might be built with a Microsoft toolchain and\r
376+ * we need to avoid the false positive match on Windows.\r
377+ */\r
378+# if defined(OPENSSL_SYSNAME_UEFI)\r
379+# undef OPENSSL_SYS_UNIX\r
380+# define OPENSSL_SYS_UEFI\r
381+# elif defined(OPENSSL_SYSNAME_UWIN)\r
382 # undef OPENSSL_SYS_UNIX\r
383 # define OPENSSL_SYS_WIN32_UWIN\r
384 # else\r
EFI Development Kit II mirror for PVE