diff options
| author |   Thomas Deutschmann <whissi@gentoo.org> | 2019-01-02 22:57:28 +0100 |
|---|---|---|
| committer | Thomas Deutschmann <whissi@gentoo.org> | 2019-01-02 22:58:20 +0100 |
| commit | 8d6b4d861cc299d5dd9691a73f9eab81e02d5f6c (patch) | |
| tree | 80c86b6f7afc34530dd38427a5588b51ed36a78a /dev-libs/openssl | |
| parent | media-gfx/cura: version bump to 3.6.0 (diff) | |
| download | gentoo-8d6b4d861cc299d5dd9691a73f9eab81e02d5f6c.tar.gz gentoo-8d6b4d861cc299d5dd9691a73f9eab81e02d5f6c.tar.bz2 gentoo-8d6b4d861cc299d5dd9691a73f9eab81e02d5f6c.zip | |
dev-libs/openssl: rev bumped to add some cherry-picked patches
Package-Manager: Portage-2.3.53, Repoman-2.3.12
Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
Diffstat (limited to 'dev-libs/openssl')
9 files changed, 1101 insertions, 0 deletions
diff --git a/dev-libs/openssl/files/openssl-1.1.1a-fix-a-minor-nit-in-hkdflabel-size.patch b/dev-libs/openssl/files/openssl-1.1.1a-fix-a-minor-nit-in-hkdflabel-size.patch new file mode 100644 index 000000000000..8014be130ab7 --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.1.1a-fix-a-minor-nit-in-hkdflabel-size.patch @@ -0,0 +1,27 @@ +From 3be71a31a1dda204bb95462a92cf7f247e64b939 Mon Sep 17 00:00:00 2001 +From: Bernd Edlinger <bernd.edlinger@hotmail.de> +Date: Sun, 16 Dec 2018 12:43:59 +0100 +Subject: [PATCH] Fix a minor nit in the hkdflabel size + +Reviewed-by: Paul Dale <paul.dale@oracle.com> +Reviewed-by: Matt Caswell <matt@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/7913) + +(cherry picked from commit 0b4233f5a4a181a6dcb7c511cd2663e500e659a4) +--- + ssl/tls13_enc.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c +index c3021d18aa9..e36b7d3a066 100644 +--- a/ssl/tls13_enc.c ++++ b/ssl/tls13_enc.c +@@ -41,7 +41,7 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret, + * + bytes for the hash itself + */ + unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) + +- + sizeof(label_prefix) + TLS13_MAX_LABEL_LEN ++ + (sizeof(label_prefix) - 1) + TLS13_MAX_LABEL_LEN + + 1 + EVP_MAX_MD_SIZE]; + WPACKET pkt; + diff --git a/dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch b/dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch new file mode 100644 index 000000000000..8f249e22a1d2 --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch @@ -0,0 +1,97 @@ +From c25ae0fff78cb3cb784ef79167329d5cd55b62de Mon Sep 17 00:00:00 2001 +From: Bernd Edlinger <bernd.edlinger@hotmail.de> +Date: Thu, 27 Dec 2018 22:18:21 +0100 +Subject: [PATCH] Fix cert with rsa instead of rsaEncryption as public key + algorithm + +Reviewed-by: Kurt Roeckx <kurt@roeckx.be> +(Merged from https://github.com/openssl/openssl/pull/7962) + +(cherry picked from commit 1f483a69bce11c940309edc437eee6e32294d5f2) +--- + crypto/rsa/rsa_ameth.c | 9 ++++++--- + test/certs/root-cert-rsa2.pem | 18 ++++++++++++++++++ + test/recipes/25-test_verify.t | 4 +++- + 3 files changed, 27 insertions(+), 4 deletions(-) + create mode 100644 test/certs/root-cert-rsa2.pem + +diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c +index a6595aec054..75debb3e0a9 100644 +--- a/crypto/rsa/rsa_ameth.c ++++ b/crypto/rsa/rsa_ameth.c +@@ -34,7 +34,7 @@ static int rsa_param_encode(const EVP_PKEY *pkey, + + *pstr = NULL; + /* If RSA it's just NULL type */ +- if (pkey->ameth->pkey_id == EVP_PKEY_RSA) { ++ if (pkey->ameth->pkey_id != EVP_PKEY_RSA_PSS) { + *pstrtype = V_ASN1_NULL; + return 1; + } +@@ -58,7 +58,7 @@ static int rsa_param_decode(RSA *rsa, const X509_ALGOR *alg) + int algptype; + + X509_ALGOR_get0(&algoid, &algptype, &algp, alg); +- if (OBJ_obj2nid(algoid) == EVP_PKEY_RSA) ++ if (OBJ_obj2nid(algoid) != EVP_PKEY_RSA_PSS) + return 1; + if (algptype == V_ASN1_UNDEF) + return 1; +@@ -109,7 +109,10 @@ static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) + RSA_free(rsa); + return 0; + } +- EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, rsa); ++ if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, rsa)) { ++ RSA_free(rsa); ++ return 0; ++ } + return 1; + } + +diff --git a/test/certs/root-cert-rsa2.pem b/test/certs/root-cert-rsa2.pem +new file mode 100644 +index 00000000000..b817fdf3e5d +--- /dev/null ++++ b/test/certs/root-cert-rsa2.pem +@@ -0,0 +1,18 @@ ++-----BEGIN CERTIFICATE----- ++MIIC7DCCAdSgAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 ++IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjASMRAwDgYDVQQD ++DAdSb290IENBMIIBHTAIBgRVCAEBBQADggEPADCCAQoCggEBAOHmAPUGvKBGOHkP ++Px5xGRNtAt8rm3Zr/KywIe3WkQhCO6VjNexSW6CiSsXWAJQDl1o9uWco0n3jIVyk ++7cY8jY6E0Z1Uwz3ZdKKWdmdx+cYaUHez/XjuW+DjjIkjwpoi7D7UN54HzcArVREX ++OjRCHGkNOhiw7RWUXsb9nofGHOeUGpLAXwXBc0PlA94JkckkztiOi34u4DFI0YYq ++alUmeugLNk6XseCkydpcaUsDgAhWg6Mfsiq4wUz+xbFN1MABqu2+ziW97mmt9gfN ++biuhiVT1aOuYCe3JYGbLM2JKA7Bo1g6rX8E1VX79Ru6669y2oqPthX9337VoIkN+ ++ZiQjr8UCAwEAAaNQME4wHQYDVR0OBBYEFI71Ja8em2uEPXyAmslTnE1y96NSMB8G ++A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ ++KoZIhvcNAQELBQADggEBAJ0OIdog3uQ1pmsjv1Qtf1w4If1geOn5uK0EOj2wYBHt ++NxlFn7l8d9+51QMZFO+RlQJ0s3Webyo1ReuaL2dMn2LGJhWMoSBAwrMALAENU3lv ++8jioRbfO2OamsdpJpKxQUyUJYudNe+BoKNX/ry3rxezmsFsRr9nDMiJZpmBCXiMm ++mFFJOJkG0CheexBbMkua4kyStIOwO4rb5bSHszVso/9ucdGHBSC7oRcJXoWSDjBx ++PdQPPBK5g4yqL8Lz26ehgsmhRKL9k32eVyjDKcIzgpmgcPTfTqNbd1KHQJKx4ssb ++7nEpGKHalSo5Oq5L9s9qYrUv37kwBY4OpJFtmGaodoI= ++-----END CERTIFICATE----- +diff --git a/test/recipes/25-test_verify.t b/test/recipes/25-test_verify.t +index 6c3deab7c67..b80a1cde3ed 100644 +--- a/test/recipes/25-test_verify.t ++++ b/test/recipes/25-test_verify.t +@@ -27,7 +27,7 @@ sub verify { + run(app([@args])); + } + +-plan tests => 134; ++plan tests => 135; + + # Canonical success + ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]), +@@ -361,6 +361,8 @@ ok(verify("some-names2", "sslserver", ["many-constraints"], ["many-constraints"] + "Not too many names and constraints to check (2)"); + ok(verify("some-names2", "sslserver", ["many-constraints"], ["many-constraints"], ), + "Not too many names and constraints to check (3)"); ++ok(verify("root-cert-rsa2", "sslserver", ["root-cert-rsa2"], [], "-check_ss_sig"), ++ "Public Key Algorithm rsa instead of rsaEncryption"); + + SKIP: { + skip "Ed25519 is not supported by this OpenSSL build", 1 diff --git a/dev-libs/openssl/files/openssl-1.1.1a-fix-some-SSL_export_keying_material-issues.patch b/dev-libs/openssl/files/openssl-1.1.1a-fix-some-SSL_export_keying_material-issues.patch new file mode 100644 index 000000000000..2db64d83e45c --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.1.1a-fix-some-SSL_export_keying_material-issues.patch @@ -0,0 +1,420 @@ +From 0fb2815b873304d145ed00283454fc9f3bd35e6b Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Tue, 4 Dec 2018 08:37:04 +0000 +Subject: [PATCH] Fix some SSL_export_keying_material() issues + +Fix some issues in tls13_hkdf_expand() which impact the above function +for TLSv1.3. In particular test that we can use the maximum label length +in TLSv1.3. + +Reviewed-by: Tim Hudson <tjh@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/7755) +--- + doc/man3/SSL_export_keying_material.pod | 3 +- + ssl/ssl_locl.h | 2 +- + ssl/statem/extensions.c | 2 +- + ssl/statem/statem_clnt.c | 2 +- + ssl/statem/statem_srvr.c | 2 +- + ssl/tls13_enc.c | 73 +++++++++++++++++-------- + test/sslapitest.c | 48 ++++++++++++---- + test/tls13secretstest.c | 2 +- + 8 files changed, 92 insertions(+), 42 deletions(-) + +diff --git a/doc/man3/SSL_export_keying_material.pod b/doc/man3/SSL_export_keying_material.pod +index abebf911fc3..4c81a60ffbb 100644 +--- a/doc/man3/SSL_export_keying_material.pod ++++ b/doc/man3/SSL_export_keying_material.pod +@@ -59,7 +59,8 @@ B<label> and should be B<llen> bytes long. Typically this will be a value from + the IANA Exporter Label Registry + (L<https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels>). + Alternatively labels beginning with "EXPERIMENTAL" are permitted by the standard +-to be used without registration. ++to be used without registration. TLSv1.3 imposes a maximum label length of ++249 bytes. + + Note that this function is only defined for TLSv1.0 and above, and DTLSv1.0 and + above. Attempting to use it in SSLv3 will result in an error. +diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h +index 70e5a1740f9..307131de93a 100644 +--- a/ssl/ssl_locl.h ++++ b/ssl/ssl_locl.h +@@ -2461,7 +2461,7 @@ __owur int tls13_hkdf_expand(SSL *s, const EVP_MD *md, + const unsigned char *secret, + const unsigned char *label, size_t labellen, + const unsigned char *data, size_t datalen, +- unsigned char *out, size_t outlen); ++ unsigned char *out, size_t outlen, int fatal); + __owur int tls13_derive_key(SSL *s, const EVP_MD *md, + const unsigned char *secret, unsigned char *key, + size_t keylen); +diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c +index 63e61c6184a..716d6d23e08 100644 +--- a/ssl/statem/extensions.c ++++ b/ssl/statem/extensions.c +@@ -1506,7 +1506,7 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart, + + /* Generate the binder key */ + if (!tls13_hkdf_expand(s, md, early_secret, label, labelsize, hash, +- hashsize, binderkey, hashsize)) { ++ hashsize, binderkey, hashsize, 1)) { + /* SSLfatal() already called */ + goto err; + } +diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c +index 5a8f1163dfa..a0e495d8e83 100644 +--- a/ssl/statem/statem_clnt.c ++++ b/ssl/statem/statem_clnt.c +@@ -2740,7 +2740,7 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt) + PACKET_data(&nonce), + PACKET_remaining(&nonce), + s->session->master_key, +- hashlen)) { ++ hashlen, 1)) { + /* SSLfatal() already called */ + goto err; + } +diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c +index e7c11c4bea4..a8e862ced55 100644 +--- a/ssl/statem/statem_srvr.c ++++ b/ssl/statem/statem_srvr.c +@@ -4099,7 +4099,7 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt) + tick_nonce, + TICKET_NONCE_SIZE, + s->session->master_key, +- hashlen)) { ++ hashlen, 1)) { + /* SSLfatal() already called */ + goto err; + } +diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c +index f7ab0fa4704..c3021d18aa9 100644 +--- a/ssl/tls13_enc.c ++++ b/ssl/tls13_enc.c +@@ -13,7 +13,7 @@ + #include <openssl/evp.h> + #include <openssl/kdf.h> + +-#define TLS13_MAX_LABEL_LEN 246 ++#define TLS13_MAX_LABEL_LEN 249 + + /* Always filled with zeros */ + static const unsigned char default_zeros[EVP_MAX_MD_SIZE]; +@@ -22,30 +22,47 @@ static const unsigned char default_zeros[EVP_MAX_MD_SIZE]; + * Given a |secret|; a |label| of length |labellen|; and |data| of length + * |datalen| (e.g. typically a hash of the handshake messages), derive a new + * secret |outlen| bytes long and store it in the location pointed to be |out|. +- * The |data| value may be zero length. Returns 1 on success 0 on failure. ++ * The |data| value may be zero length. Any errors will be treated as fatal if ++ * |fatal| is set. Returns 1 on success 0 on failure. + */ + int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret, + const unsigned char *label, size_t labellen, + const unsigned char *data, size_t datalen, +- unsigned char *out, size_t outlen) ++ unsigned char *out, size_t outlen, int fatal) + { +- const unsigned char label_prefix[] = "tls13 "; ++ static const unsigned char label_prefix[] = "tls13 "; + EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); + int ret; + size_t hkdflabellen; + size_t hashlen; + /* +- * 2 bytes for length of whole HkdfLabel + 1 byte for length of combined +- * prefix and label + bytes for the label itself + bytes for the hash ++ * 2 bytes for length of derived secret + 1 byte for length of combined ++ * prefix and label + bytes for the label itself + 1 byte length of hash ++ * + bytes for the hash itself + */ + unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) + + + sizeof(label_prefix) + TLS13_MAX_LABEL_LEN +- + EVP_MAX_MD_SIZE]; ++ + 1 + EVP_MAX_MD_SIZE]; + WPACKET pkt; + + if (pctx == NULL) + return 0; + ++ if (labellen > TLS13_MAX_LABEL_LEN) { ++ if (fatal) { ++ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND, ++ ERR_R_INTERNAL_ERROR); ++ } else { ++ /* ++ * Probably we have been called from SSL_export_keying_material(), ++ * or SSL_export_keying_material_early(). ++ */ ++ SSLerr(SSL_F_TLS13_HKDF_EXPAND, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL); ++ } ++ EVP_PKEY_CTX_free(pctx); ++ return 0; ++ } ++ + hashlen = EVP_MD_size(md); + + if (!WPACKET_init_static_len(&pkt, hkdflabel, sizeof(hkdflabel), 0) +@@ -59,8 +76,11 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret, + || !WPACKET_finish(&pkt)) { + EVP_PKEY_CTX_free(pctx); + WPACKET_cleanup(&pkt); +- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND, +- ERR_R_INTERNAL_ERROR); ++ if (fatal) ++ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND, ++ ERR_R_INTERNAL_ERROR); ++ else ++ SSLerr(SSL_F_TLS13_HKDF_EXPAND, ERR_R_INTERNAL_ERROR); + return 0; + } + +@@ -74,9 +94,13 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret, + + EVP_PKEY_CTX_free(pctx); + +- if (ret != 0) +- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND, +- ERR_R_INTERNAL_ERROR); ++ if (ret != 0) { ++ if (fatal) ++ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND, ++ ERR_R_INTERNAL_ERROR); ++ else ++ SSLerr(SSL_F_TLS13_HKDF_EXPAND, ERR_R_INTERNAL_ERROR); ++ } + + return ret == 0; + } +@@ -91,7 +115,7 @@ int tls13_derive_key(SSL *s, const EVP_MD *md, const unsigned char *secret, + static const unsigned char keylabel[] = "key"; + + return tls13_hkdf_expand(s, md, secret, keylabel, sizeof(keylabel) - 1, +- NULL, 0, key, keylen); ++ NULL, 0, key, keylen, 1); + } + + /* +@@ -104,7 +128,7 @@ int tls13_derive_iv(SSL *s, const EVP_MD *md, const unsigned char *secret, + static const unsigned char ivlabel[] = "iv"; + + return tls13_hkdf_expand(s, md, secret, ivlabel, sizeof(ivlabel) - 1, +- NULL, 0, iv, ivlen); ++ NULL, 0, iv, ivlen, 1); + } + + int tls13_derive_finishedkey(SSL *s, const EVP_MD *md, +@@ -114,7 +138,7 @@ int tls13_derive_finishedkey(SSL *s, const EVP_MD *md, + static const unsigned char finishedlabel[] = "finished"; + + return tls13_hkdf_expand(s, md, secret, finishedlabel, +- sizeof(finishedlabel) - 1, NULL, 0, fin, finlen); ++ sizeof(finishedlabel) - 1, NULL, 0, fin, finlen, 1); + } + + /* +@@ -177,7 +201,7 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md, + if (!tls13_hkdf_expand(s, md, prevsecret, + (unsigned char *)derived_secret_label, + sizeof(derived_secret_label) - 1, hash, mdlen, +- preextractsec, mdlen)) { ++ preextractsec, mdlen, 1)) { + /* SSLfatal() already called */ + EVP_PKEY_CTX_free(pctx); + return 0; +@@ -337,7 +361,7 @@ static int derive_secret_key_and_iv(SSL *s, int sending, const EVP_MD *md, + hashlen = (size_t)hashleni; + + if (!tls13_hkdf_expand(s, md, insecret, label, labellen, hash, hashlen, +- secret, hashlen)) { ++ secret, hashlen, 1)) { + /* SSLfatal() already called */ + goto err; + } +@@ -517,7 +541,8 @@ int tls13_change_cipher_state(SSL *s, int which) + early_exporter_master_secret, + sizeof(early_exporter_master_secret) - 1, + hashval, hashlen, +- s->early_exporter_master_secret, hashlen)) { ++ s->early_exporter_master_secret, hashlen, ++ 1)) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, + SSL_F_TLS13_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR); + goto err; +@@ -604,7 +629,7 @@ int tls13_change_cipher_state(SSL *s, int which) + resumption_master_secret, + sizeof(resumption_master_secret) - 1, + hashval, hashlen, s->resumption_master_secret, +- hashlen)) { ++ hashlen, 1)) { + /* SSLfatal() already called */ + goto err; + } +@@ -624,7 +649,7 @@ int tls13_change_cipher_state(SSL *s, int which) + exporter_master_secret, + sizeof(exporter_master_secret) - 1, + hash, hashlen, s->exporter_master_secret, +- hashlen)) { ++ hashlen, 1)) { + /* SSLfatal() already called */ + goto err; + } +@@ -738,10 +763,10 @@ int tls13_export_keying_material(SSL *s, unsigned char *out, size_t olen, + || EVP_DigestFinal_ex(ctx, data, &datalen) <= 0 + || !tls13_hkdf_expand(s, md, s->exporter_master_secret, + (const unsigned char *)label, llen, +- data, datalen, exportsecret, hashsize) ++ data, datalen, exportsecret, hashsize, 0) + || !tls13_hkdf_expand(s, md, exportsecret, exporterlabel, + sizeof(exporterlabel) - 1, hash, hashsize, +- out, olen)) ++ out, olen, 0)) + goto err; + + ret = 1; +@@ -797,10 +822,10 @@ int tls13_export_keying_material_early(SSL *s, unsigned char *out, size_t olen, + || EVP_DigestFinal_ex(ctx, data, &datalen) <= 0 + || !tls13_hkdf_expand(s, md, s->early_exporter_master_secret, + (const unsigned char *)label, llen, +- data, datalen, exportsecret, hashsize) ++ data, datalen, exportsecret, hashsize, 0) + || !tls13_hkdf_expand(s, md, exportsecret, exporterlabel, + sizeof(exporterlabel) - 1, hash, hashsize, +- out, olen)) ++ out, olen, 0)) + goto err; + + ret = 1; +diff --git a/test/sslapitest.c b/test/sslapitest.c +index 108d57e4781..a4bbb4fead4 100644 +--- a/test/sslapitest.c ++++ b/test/sslapitest.c +@@ -4028,20 +4028,25 @@ static int test_serverinfo(int tst) + * no test vectors so all we do is test that both sides of the communication + * produce the same results for different protocol versions. + */ ++#define SMALL_LABEL_LEN 10 ++#define LONG_LABEL_LEN 249 + static int test_export_key_mat(int tst) + { + int testresult = 0; + SSL_CTX *cctx = NULL, *sctx = NULL, *sctx2 = NULL; + SSL *clientssl = NULL, *serverssl = NULL; +- const char label[] = "test label"; ++ const char label[LONG_LABEL_LEN + 1] = "test label"; + const unsigned char context[] = "context"; + const unsigned char *emptycontext = NULL; + unsigned char ckeymat1[80], ckeymat2[80], ckeymat3[80]; + unsigned char skeymat1[80], skeymat2[80], skeymat3[80]; ++ size_t labellen; + const int protocols[] = { + TLS1_VERSION, + TLS1_1_VERSION, + TLS1_2_VERSION, ++ TLS1_3_VERSION, ++ TLS1_3_VERSION, + TLS1_3_VERSION + }; + +@@ -4058,7 +4063,7 @@ static int test_export_key_mat(int tst) + return 1; + #endif + #ifdef OPENSSL_NO_TLS1_3 +- if (tst == 3) ++ if (tst >= 3) + return 1; + #endif + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), +@@ -4076,33 +4081,52 @@ static int test_export_key_mat(int tst) + SSL_ERROR_NONE))) + goto end; + ++ if (tst == 5) { ++ /* ++ * TLSv1.3 imposes a maximum label len of 249 bytes. Check we fail if we ++ * go over that. ++ */ ++ if (!TEST_int_le(SSL_export_keying_material(clientssl, ckeymat1, ++ sizeof(ckeymat1), label, ++ LONG_LABEL_LEN + 1, context, ++ sizeof(context) - 1, 1), 0)) ++ goto end; ++ ++ testresult = 1; ++ goto end; ++ } else if (tst == 4) { ++ labellen = LONG_LABEL_LEN; ++ } else { ++ labellen = SMALL_LABEL_LEN; ++ } ++ + if (!TEST_int_eq(SSL_export_keying_material(clientssl, ckeymat1, + sizeof(ckeymat1), label, +- sizeof(label) - 1, context, ++ labellen, context, + sizeof(context) - 1, 1), 1) + || !TEST_int_eq(SSL_export_keying_material(clientssl, ckeymat2, + sizeof(ckeymat2), label, +- sizeof(label) - 1, ++ labellen, + emptycontext, + 0, 1), 1) + || !TEST_int_eq(SSL_export_keying_material(clientssl, ckeymat3, + sizeof(ckeymat3), label, +- sizeof(label) - 1, ++ labellen, + NULL, 0, 0), 1) + || !TEST_int_eq(SSL_export_keying_material(serverssl, skeymat1, + sizeof(skeymat1), label, +- sizeof(label) - 1, ++ labellen, + context, + sizeof(context) -1, 1), + 1) + || !TEST_int_eq(SSL_export_keying_material(serverssl, skeymat2, + sizeof(skeymat2), label, +- sizeof(label) - 1, ++ labellen, + emptycontext, + 0, 1), 1) + || !TEST_int_eq(SSL_export_keying_material(serverssl, skeymat3, + sizeof(skeymat3), label, +- sizeof(label) - 1, ++ labellen, + NULL, 0, 0), 1) + /* + * Check that both sides created the same key material with the +@@ -4131,10 +4155,10 @@ static int test_export_key_mat(int tst) + * Check that an empty context and no context produce different results in + * protocols less than TLSv1.3. In TLSv1.3 they should be the same. + */ +- if ((tst != 3 && !TEST_mem_ne(ckeymat2, sizeof(ckeymat2), ckeymat3, ++ if ((tst < 3 && !TEST_mem_ne(ckeymat2, sizeof(ckeymat2), ckeymat3, + sizeof(ckeymat3))) +- || (tst ==3 && !TEST_mem_eq(ckeymat2, sizeof(ckeymat2), ckeymat3, +- sizeof(ckeymat3)))) ++ || (tst >= 3 && !TEST_mem_eq(ckeymat2, sizeof(ckeymat2), ckeymat3, ++ sizeof(ckeymat3)))) + goto end; + + testresult = 1; +@@ -5909,7 +5933,7 @@ int setup_tests(void) + ADD_ALL_TESTS(test_custom_exts, 3); + #endif + ADD_ALL_TESTS(test_serverinfo, 8); +- ADD_ALL_TESTS(test_export_key_mat, 4); ++ ADD_ALL_TESTS(test_export_key_mat, 6); + #ifndef OPENSSL_NO_TLS1_3 + ADD_ALL_TESTS(test_export_key_mat_early, 3); + #endif +diff --git a/test/tls13secretstest.c b/test/tls13secretstest.c +index 319df17bab0..de318df02b4 100644 +--- a/test/tls13secretstest.c ++++ b/test/tls13secretstest.c +@@ -226,7 +226,7 @@ static int test_secret(SSL *s, unsigned char *prk, + } + + if (!tls13_hkdf_expand(s, md, prk, label, labellen, hash, hashsize, +- gensecret, hashsize)) { ++ gensecret, hashsize, 1)) { + TEST_error("Secret generation failed"); + return 0; + } diff --git a/dev-libs/openssl/files/openssl-1.1.1a-fix-wrong-return-value-in-ssl3_ctx_ctrl.patch b/dev-libs/openssl/files/openssl-1.1.1a-fix-wrong-return-value-in-ssl3_ctx_ctrl.patch new file mode 100644 index 000000000000..c2f8bb638b3a --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.1.1a-fix-wrong-return-value-in-ssl3_ctx_ctrl.patch @@ -0,0 +1,26 @@ +From 3ccccb91ae1c07a4310778b3d7ba74ff4ff787f0 Mon Sep 17 00:00:00 2001 +From: Paul Yang <yang.yang@baishancloud.com> +Date: Wed, 21 Nov 2018 13:16:27 +0800 +Subject: [PATCH] Fix wrong return value in ssl3_ctx_ctrl + +This fixes issue #7677 + +Reviewed-by: Matt Caswell <matt@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/7678) +--- + ssl/s3_lib.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c +index 866ca4dfa9b..99ae48199c2 100644 +--- a/ssl/s3_lib.c ++++ b/ssl/s3_lib.c +@@ -3781,7 +3781,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) + EVP_PKEY_security_bits(pkdh), 0, pkdh)) { + SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL); + EVP_PKEY_free(pkdh); +- return 1; ++ return 0; + } + EVP_PKEY_free(ctx->cert->dh_tmp); + ctx->cert->dh_tmp = pkdh; diff --git a/dev-libs/openssl/files/openssl-1.1.1a-make-sure-build_SYS_str_reasons_preserves_errno.patch b/dev-libs/openssl/files/openssl-1.1.1a-make-sure-build_SYS_str_reasons_preserves_errno.patch new file mode 100644 index 000000000000..cfa84c73a5bf --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.1.1a-make-sure-build_SYS_str_reasons_preserves_errno.patch @@ -0,0 +1,68 @@ +From 99992ad22019e752c7b103a45f860a48b6bc0972 Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Wed, 21 Nov 2018 11:44:42 +0000 +Subject: [PATCH] Make sure build_SYS_str_reasons() preserves errno + +This function can end up being called during ERR_get_error() if we are +initialising. ERR_get_error() must preserve errno since it gets called via +SSL_get_error(). If that function returns SSL_ERROR_SYSCALL then you are +supposed to inspect errno. + +Reviewed-by: Richard Levitte <levitte@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/7680) + +(cherry picked from commit 71b1ceffc4c795f5db21861dd1016fbe23a53a53) +--- + +diff --git a/crypto/err/err.c b/crypto/err/err.c +index 03cbd73..2eeeab2 100644 +--- a/crypto/err/err.c ++++ b/crypto/err/err.c +@@ -19,6 +19,7 @@ + #include <openssl/bio.h> + #include <openssl/opensslconf.h> + #include "internal/thread_once.h" ++#include "e_os.h" + + static int err_load_strings(const ERR_STRING_DATA *str); + +@@ -201,6 +202,7 @@ static void build_SYS_str_reasons(void) + static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON]; + static int init = 1; + int i; ++ int saveerrno = get_last_sys_error(); + + CRYPTO_THREAD_write_lock(err_string_lock); + if (!init) { +@@ -229,6 +231,8 @@ static void build_SYS_str_reasons(void) + init = 0; + + CRYPTO_THREAD_unlock(err_string_lock); ++ /* openssl_strerror_r could change errno, but we want to preserve it */ ++ set_sys_error(saveerrno); + err_load_strings(SYS_str_reasons); + } + #endif +diff --git a/e_os.h b/e_os.h +index 5340593..8e6efa9 100644 +--- a/e_os.h ++++ b/e_os.h +@@ -49,6 +49,7 @@ + + # define get_last_sys_error() errno + # define clear_sys_error() errno=0 ++# define set_sys_error(e) errno=(e) + + /******************************************************************** + The Microsoft section +@@ -66,8 +67,10 @@ + # ifdef WIN32 + # undef get_last_sys_error + # undef clear_sys_error ++# undef set_sys_error + # define get_last_sys_error() GetLastError() + # define clear_sys_error() SetLastError(0) ++# define set_sys_error(e) SetLastError(e) + # if !defined(WINNT) + # define WIN_CONSOLE_BUG + # endif diff --git a/dev-libs/openssl/files/openssl-1.1.1a-preserve-errno-on-dlopen.patch b/dev-libs/openssl/files/openssl-1.1.1a-preserve-errno-on-dlopen.patch new file mode 100644 index 000000000000..ed8f2dd96be0 --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.1.1a-preserve-errno-on-dlopen.patch @@ -0,0 +1,51 @@ +From ef97becf522fc4e2e9d98e6ae7bcb26651883d9a Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Wed, 21 Nov 2018 11:57:04 +0000 +Subject: [PATCH] Preserve errno on dlopen + +For the same reasons as in the previous commit we must preserve errno +across dlopen calls. Some implementations (e.g. solaris) do not preserve +errno even on a successful dlopen call. + +Fixes #6953 + +Reviewed-by: Richard Levitte <levitte@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/7680) + +(cherry picked from commit 3cb4e7dc1cf92022f62b9bbdd59695885a1265ff) +--- + crypto/dso/dso_dlfcn.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/crypto/dso/dso_dlfcn.c b/crypto/dso/dso_dlfcn.c +index ad8899c289a..4240f5f5e30 100644 +--- a/crypto/dso/dso_dlfcn.c ++++ b/crypto/dso/dso_dlfcn.c +@@ -17,6 +17,7 @@ + #endif + + #include "dso_locl.h" ++#include "e_os.h" + + #ifdef DSO_DLFCN + +@@ -99,6 +100,7 @@ static int dlfcn_load(DSO *dso) + /* See applicable comments in dso_dl.c */ + char *filename = DSO_convert_filename(dso, NULL); + int flags = DLOPEN_FLAG; ++ int saveerrno = get_last_sys_error(); + + if (filename == NULL) { + DSOerr(DSO_F_DLFCN_LOAD, DSO_R_NO_FILENAME); +@@ -118,6 +120,11 @@ static int dlfcn_load(DSO *dso) + ERR_add_error_data(4, "filename(", filename, "): ", dlerror()); + goto err; + } ++ /* ++ * Some dlopen() implementations (e.g. solaris) do no preserve errno, even ++ * on a successful call. ++ */ ++ set_sys_error(saveerrno); + if (!sk_void_push(dso->meth_data, (char *)ptr)) { + DSOerr(DSO_F_DLFCN_LOAD, DSO_R_STACK_ERROR); + goto err; diff --git a/dev-libs/openssl/files/openssl-1.1.1a-preserve-system-error-number-in-a-few-more-places.patch b/dev-libs/openssl/files/openssl-1.1.1a-preserve-system-error-number-in-a-few-more-places.patch new file mode 100644 index 000000000000..84c43a3c3e04 --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.1.1a-preserve-system-error-number-in-a-few-more-places.patch @@ -0,0 +1,57 @@ +From 145419423e1a74ae54cdbd3aed8bb15cbd53c7cc Mon Sep 17 00:00:00 2001 +From: Richard Levitte <levitte@openssl.org> +Date: Fri, 14 Dec 2018 19:33:55 +0100 +Subject: [PATCH] ERR: preserve system error number in a few more places + +It turns out that intialization may change the error number, so we +need to preserve the system error number in functions where +initialization is called for. +These are ERR_get_state() and err_shelve_state() + +Fixes #7897 + +Reviewed-by: Matt Caswell <matt@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/7902) + +(cherry picked from commit 91c5473035aaf2c0d86e4039c2a29a5b70541905) +--- + crypto/err/err.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/crypto/err/err.c b/crypto/err/err.c +index 5cfb02d821b..aef2543d60b 100644 +--- a/crypto/err/err.c ++++ b/crypto/err/err.c +@@ -697,6 +697,7 @@ DEFINE_RUN_ONCE_STATIC(err_do_init) + ERR_STATE *ERR_get_state(void) + { + ERR_STATE *state; ++ int saveerrno = get_last_sys_error(); + + if (!OPENSSL_init_crypto(OPENSSL_INIT_BASE_ONLY, NULL)) + return NULL; +@@ -728,6 +729,7 @@ ERR_STATE *ERR_get_state(void) + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + } + ++ set_sys_error(saveerrno); + return state; + } + +@@ -737,6 +739,8 @@ ERR_STATE *ERR_get_state(void) + */ + int err_shelve_state(void **state) + { ++ int saveerrno = get_last_sys_error(); ++ + if (!OPENSSL_init_crypto(OPENSSL_INIT_BASE_ONLY, NULL)) + return 0; + +@@ -747,6 +751,7 @@ int err_shelve_state(void **state) + if (!CRYPTO_THREAD_set_local(&err_thread_local, (ERR_STATE*)-1)) + return 0; + ++ set_sys_error(saveerrno); + return 1; + } + diff --git a/dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch b/dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch new file mode 100644 index 000000000000..5ea4fb97bfce --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch @@ -0,0 +1,56 @@ +From ed371b8cbac0d0349667558c061c1ae380cf75eb Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Mon, 3 Dec 2018 18:14:57 +0000 +Subject: [PATCH] Revert "Reduce stack usage in tls13_hkdf_expand" + +This reverts commit ec0c5f5693e39c5a013f81e6dd9dfd09ec65162d. + +SSL_export_keying_material() may use longer label lengths. + +Fixes #7712 + +Reviewed-by: Tim Hudson <tjh@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/7755) +--- + ssl/tls13_enc.c | 16 ++++------------ + 1 file changed, 4 insertions(+), 12 deletions(-) + +diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c +index b6825d20c2d..f7ab0fa4704 100644 +--- a/ssl/tls13_enc.c ++++ b/ssl/tls13_enc.c +@@ -13,14 +13,7 @@ + #include <openssl/evp.h> + #include <openssl/kdf.h> + +-/* +- * RFC 8446, 7.1 Key Schedule, says: +- * Note: With common hash functions, any label longer than 12 characters +- * requires an additional iteration of the hash function to compute. +- * The labels in this specification have all been chosen to fit within +- * this limit. +- */ +-#define TLS13_MAX_LABEL_LEN 12 ++#define TLS13_MAX_LABEL_LEN 246 + + /* Always filled with zeros */ + static const unsigned char default_zeros[EVP_MAX_MD_SIZE]; +@@ -36,15 +29,14 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret, + const unsigned char *data, size_t datalen, + unsigned char *out, size_t outlen) + { +- static const unsigned char label_prefix[] = "tls13 "; ++ const unsigned char label_prefix[] = "tls13 "; + EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); + int ret; + size_t hkdflabellen; + size_t hashlen; + /* +- * 2 bytes for length of derived secret + 1 byte for length of combined +- * prefix and label + bytes for the label itself + 1 byte length of hash +- * + bytes for the hash itself ++ * 2 bytes for length of whole HkdfLabel + 1 byte for length of combined ++ * prefix and label + bytes for the label itself + bytes for the hash + */ + unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) + + + sizeof(label_prefix) + TLS13_MAX_LABEL_LEN diff --git a/dev-libs/openssl/openssl-1.1.1a-r1.ebuild b/dev-libs/openssl/openssl-1.1.1a-r1.ebuild new file mode 100644 index 000000000000..0ad3e058c0c9 --- /dev/null +++ b/dev-libs/openssl/openssl-1.1.1a-r1.ebuild @@ -0,0 +1,299 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit flag-o-matic toolchain-funcs multilib multilib-minimal + +MY_P=${P/_/-} +DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" +HOMEPAGE="https://www.openssl.org/" +SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" + +LICENSE="openssl" +SLOT="0/1.1" # .so version of libssl/libcrypto +[[ "${PV}" = *_pre* ]] || \ +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~x86-linux" +IUSE="+asm bindist elibc_musl rfc3779 sctp cpu_flags_x86_sse2 sslv3 static-libs test tls-heartbeat vanilla zlib" +RESTRICT="!bindist? ( bindist )" + +RDEPEND=">=app-misc/c_rehash-1.7-r1 + zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )" +DEPEND="${RDEPEND} + >=dev-lang/perl-5 + sctp? ( >=net-misc/lksctp-tools-1.0.12 ) + test? ( + sys-apps/diffutils + sys-devel/bc + )" +PDEPEND="app-misc/ca-certificates" + +PATCHES=( + "${FILESDIR}"/${P}-make-sure-build_SYS_str_reasons_preserves_errno.patch + "${FILESDIR}"/${P}-preserve-errno-on-dlopen.patch + "${FILESDIR}"/${P}-fix-wrong-return-value-in-ssl3_ctx_ctrl.patch + "${FILESDIR}"/${P}-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch + "${FILESDIR}"/${P}-fix-some-SSL_export_keying_material-issues.patch + "${FILESDIR}"/${P}-preserve-system-error-number-in-a-few-more-places.patch + "${FILESDIR}"/${P}-fix-a-minor-nit-in-hkdflabel-size.patch + "${FILESDIR}"/${P}-fix-cert-with-rsa-instead-of-rsaEncryption.patch +) + +# This does not copy the entire Fedora patchset, but JUST the parts that +# are needed to make it safe to use EC with RESTRICT=bindist. +# See openssl.spec for the matching numbering of SourceNNN, PatchNNN +SOURCE1=hobble-openssl +SOURCE12=ec_curve.c +SOURCE13=ectest.c +PATCH37=openssl-1.1.1-ec-curves.patch +FEDORA_GIT_BASE='https://src.fedoraproject.org/cgit/rpms/openssl.git/plain/' +FEDORA_GIT_BRANCH='f29' +FEDORA_SRC_URI=() +FEDORA_SOURCE=( ${SOURCE1} ${SOURCE12} ${SOURCE13} ) +FEDORA_PATCH=( ${PATCH37} ) +for i in "${FEDORA_SOURCE[@]}" ; do + FEDORA_SRC_URI+=( "${FEDORA_GIT_BASE}/${i}?h=${FEDORA_GIT_BRANCH} -> ${P}_${i}" ) +done +for i in "${FEDORA_PATCH[@]}" ; do # Already have a version prefix + FEDORA_SRC_URI+=( "${FEDORA_GIT_BASE}/${i}?h=${FEDORA_GIT_BRANCH} -> ${i}" ) +done +SRC_URI+=" bindist? ( ${FEDORA_SRC_URI[@]} )" + +S="${WORKDIR}/${MY_P}" + +MULTILIB_WRAPPED_HEADERS=( + usr/include/openssl/opensslconf.h +) + +src_prepare() { + if use bindist; then + # This just removes the prefix, and puts it into WORKDIR like the RPM. + for i in "${FEDORA_SOURCE[@]}" ; do + cp -f "${DISTDIR}"/"${P}_${i}" "${WORKDIR}"/"${i}" || die + done + # .spec %prep + bash "${WORKDIR}"/"${SOURCE1}" || die + cp -f "${WORKDIR}"/"${SOURCE12}" "${S}"/crypto/ec/ || die + cp -f "${WORKDIR}"/"${SOURCE13}" "${S}"/test/ || die + for i in "${FEDORA_PATCH[@]}" ; do + eapply "${DISTDIR}"/"${i}" + done + # Also see the configure parts below: + # enable-ec \ + # $(use_ssl !bindist ec2m) \ + + fi + + # keep this in sync with app-misc/c_rehash + SSL_CNF_DIR="/etc/ssl" + + # Make sure we only ever touch Makefile.org and avoid patching a file + # that gets blown away anyways by the Configure script in src_configure + rm -f Makefile + + if ! use vanilla ; then + if [[ $(declare -p PATCHES 2>/dev/null) == "declare -a"* ]] ; then + [[ ${#PATCHES[@]} -gt 0 ]] && eapply "${PATCHES[@]}" + fi + fi + + eapply_user #332661 + + # make sure the man pages are suffixed #302165 + # don't bother building man pages if they're disabled + # Make DOCDIR Gentoo compliant + sed -i \ + -e '/^MANSUFFIX/s:=.*:=ssl:' \ + -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ + -e $(has noman FEATURES \ + && echo '/^install:/s:install_docs::' \ + || echo '/^MANDIR=/s:=.*:='${EPREFIX%/}'/usr/share/man:') \ + -e "/^DOCDIR/s@\$(BASENAME)@&-${PVR}@" \ + Configurations/unix-Makefile.tmpl \ + || die + + # quiet out unknown driver argument warnings since openssl + # doesn't have well-split CFLAGS and we're making it even worse + # and 'make depend' uses -Werror for added fun (#417795 again) + [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments + + # allow openssl to be cross-compiled + cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die + chmod a+rx gentoo.config || die + + append-flags -fno-strict-aliasing + append-flags $(test-flags-CC -Wa,--noexecstack) + append-cppflags -DOPENSSL_NO_BUF_FREELISTS + + # Prefixify Configure shebang (#141906) + sed \ + -e "1s,/usr/bin/env,${EPREFIX%/}&," \ + -i Configure || die + # Remove test target when FEATURES=test isn't set + if ! use test ; then + sed \ + -e '/^$config{dirs}/s@ "test",@@' \ + -i Configure || die + fi + # The config script does stupid stuff to prompt the user. Kill it. + sed -i '/stty -icanon min 0 time 50; read waste/d' config || die + ./config --test-sanity || die "I AM NOT SANE" + + multilib_copy_sources +} + +multilib_src_configure() { + unset APPS #197996 + unset SCRIPTS #312551 + unset CROSS_COMPILE #311473 + + tc-export CC AR RANLIB RC + + # Clean out patent-or-otherwise-encumbered code + # Camellia: Royalty Free https://en.wikipedia.org/wiki/Camellia_(cipher) + # IDEA: Expired https://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm + # EC: ????????? ??/??/2015 https://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography + # MDC2: Expired https://en.wikipedia.org/wiki/MDC-2 + # RC5: Expired https://en.wikipedia.org/wiki/RC5 + + use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } + echoit() { echo "$@" ; "$@" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + # See if our toolchain supports __uint128_t. If so, it's 64bit + # friendly and can use the nicely optimized code paths. #460790 + local ec_nistp_64_gcc_128 + # Disable it for now though #469976 + #if ! use bindist ; then + # echo "__uint128_t i;" > "${T}"/128.c + # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then + # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" + # fi + #fi + + local sslout=$(./gentoo.config) + einfo "Use configuration ${sslout:-(openssl knows best)}" + local config="Configure" + [[ -z ${sslout} ]] && config="config" + + # Fedora hobbled-EC needs 'no-ec2m' + # 'srp' was restricted until early 2017 as well. + # "disable-deprecated" option breaks too many consumers. + # Don't set it without thorough revdeps testing. + echoit \ + ./${config} \ + ${sslout} \ + $(use cpu_flags_x86_sse2 || echo "no-sse2") \ + enable-camellia \ + enable-ec \ + $(use_ssl !bindist ec2m) \ + enable-srp \ + $(use elibc_musl && echo "no-async") \ + ${ec_nistp_64_gcc_128} \ + enable-idea \ + enable-mdc2 \ + enable-rc5 \ + $(use_ssl sslv3 ssl3) \ + $(use_ssl sslv3 ssl3-method) \ + $(use_ssl asm) \ + $(use_ssl rfc3779) \ + $(use_ssl sctp) \ + $(use_ssl tls-heartbeat heartbeats) \ + $(use_ssl zlib) \ + --prefix="${EPREFIX%/}"/usr \ + --openssldir="${EPREFIX%/}"${SSL_CNF_DIR} \ + --libdir=$(get_libdir) \ + shared threads \ + || die + + # Clean out hardcoded flags that openssl uses + # Fix quoting for sed + local DEFAULT_CFLAGS=$(grep ^CFLAGS= Makefile | LC_ALL=C sed \ + -e 's:^CFLAGS=::' \ + -e 's:-fomit-frame-pointer ::g' \ + -e 's:-O[0-9] ::g' \ + -e 's:-march=[-a-z0-9]* ::g' \ + -e 's:-mcpu=[-a-z0-9]* ::g' \ + -e 's:-m[a-z0-9]* ::g' \ + -e 's:\\:\\\\:g' \ + ) + sed -i \ + -e "/^CFLAGS=/s|=.*|=${DEFAULT_CFLAGS} ${CFLAGS}|" \ + -e "/^LDFLAGS=/s|=[[:space:]]*$|=${LDFLAGS}|" \ + Makefile || die +} + +multilib_src_compile() { + # depend is needed to use $confopts; it also doesn't matter + # that it's -j1 as the code itself serializes subdirs + emake -j1 depend + emake all +} + +multilib_src_test() { + emake -j1 test +} + +multilib_src_install() { + # We need to create $ED/usr on our own to avoid a race condition #665130 + if [[ ! -d "${ED%/}/usr" ]]; then + # We can only create this directory once + mkdir "${ED%/}"/usr || die + fi + + emake DESTDIR="${D%/}" install +} + +multilib_src_install_all() { + # openssl installs perl version of c_rehash by default, but + # we provide a shell version via app-misc/c_rehash + rm "${ED%/}"/usr/bin/c_rehash || die + + dodoc CHANGES* FAQ NEWS README doc/*.txt doc/${PN}-c-indent.el + + # This is crappy in that the static archives are still built even + # when USE=static-libs. But this is due to a failing in the openssl + # build system: the static archives are built as PIC all the time. + # Only way around this would be to manually configure+compile openssl + # twice; once with shared lib support enabled and once without. + use static-libs || rm -f "${ED%/}"/usr/lib*/lib*.a + + # create the certs directory + keepdir ${SSL_CNF_DIR}/certs + + # Namespace openssl programs to prevent conflicts with other man pages + cd "${ED%/}"/usr/share/man || die + local m d s + for m in $(find . -type f | xargs grep -L '#include') ; do + d=${m%/*} ; d=${d#./} ; m=${m##*/} + [[ ${m} == openssl.1* ]] && continue + [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" + mv ${d}/{,ssl-}${m} + # fix up references to renamed man pages + sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} + ln -s ssl-${m} ${d}/openssl-${m} + # locate any symlinks that point to this man page ... we assume + # that any broken links are due to the above renaming + for s in $(find -L ${d} -type l) ; do + s=${s##*/} + rm -f ${d}/${s} + # We don't want to "|| die" here + ln -s ssl-${m} ${d}/ssl-${s} + ln -s ssl-${s} ${d}/openssl-${s} + done + done + [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" + + dodir /etc/sandbox.d #254521 + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED%/}"/etc/sandbox.d/10openssl + + diropts -m0700 + keepdir ${SSL_CNF_DIR}/private +} + +pkg_postinst() { + ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" + c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null + eend $? +} |