diff options
Diffstat (limited to 'freefilesync/ffs_openssl.patch')
-rw-r--r-- | freefilesync/ffs_openssl.patch | 137 |
1 files changed, 43 insertions, 94 deletions
diff --git a/freefilesync/ffs_openssl.patch b/freefilesync/ffs_openssl.patch index 47fd5cc..7097d33 100644 --- a/freefilesync/ffs_openssl.patch +++ b/freefilesync/ffs_openssl.patch @@ -1,103 +1,52 @@ -Summary: Revert 11.14 openssl 3.0.0 usage +Summary: Compile for libss-dev 1.1.1m Author: bgstack15 -Date: 2021-09-22 -Version: 11.14 -Message: Zenju updated FreeFileSync 11.14 to use openssl 3.0.0 but my distros are not ready for that. By reverting to the 11.13 logic, the application can compile against openssl 1.1.1l as before. +Date: 2022-01-04 +Version: 11.16 +Message: Compile on Devuan Ceres with libssl-dev_1.1.1m-1 diff -aur 11.13/zen/open_ssl.cpp 11.14/zen/open_ssl.cpp ---- 11.13/zen/open_ssl.cpp -+++ 11.14/zen/open_ssl.cpp -@@ -179,9 +179,9 @@ std::shared_ptr<EVP_PKEY> streamToKey(const std::string& keyStream, RsaStreamTyp +--- 11.16-0/zen/open_ssl.cpp 2022-01-04 10:04:34.135914294 -0500 ++++ 11.16-1/zen/open_ssl.cpp 2022-01-04 10:29:12.544451067 -0500 +@@ -201,7 +201,7 @@ //================================================================================ --using EvpToBioFunc = int (*)(BIO* bio, const EVP_PKEY* evp); -+using EvpToBioFunc = int (*)(BIO* bio, EVP_PKEY* evp); - --std::string evpKeyToStream(const EVP_PKEY* evp, EvpToBioFunc evpToBio, const char* functionName) //throw SysError -+std::string evpKeyToStream(EVP_PKEY* evp, EvpToBioFunc evpToBio, const char* functionName) //throw SysError - { - BIO* bio = ::BIO_new(BIO_s_mem()); - if (!bio) -@@ -205,16 +205,16 @@ std::string evpKeyToStream(const EVP_PKEY* evp, EvpToBioFunc evpToBio, const cha - } - - --using RsaToBioFunc = int (*)(BIO* bp, const RSA* x); -+using RsaToBioFunc = int (*)(BIO* bp, RSA* x); - --std::string evpKeyToStream(const EVP_PKEY* evp, RsaToBioFunc rsaToBio, const char* functionName) //throw SysError -+std::string evpKeyToStream(EVP_PKEY* evp, RsaToBioFunc rsaToBio, const char* functionName) //throw SysError - { - BIO* bio = ::BIO_new(BIO_s_mem()); - if (!bio) - throw SysError(formatLastOpenSSLError("BIO_new")); - ZEN_ON_SCOPE_EXIT(::BIO_free_all(bio)); - -- const RSA* rsa = ::EVP_PKEY_get0_RSA(evp); //unowned reference! -+ RSA* rsa = ::EVP_PKEY_get0_RSA(evp); //unowned reference! - if (!rsa) - throw SysError(formatLastOpenSSLError("EVP_PKEY_get0_RSA")); - -@@ -236,33 +236,33 @@ std::string evpKeyToStream(const EVP_PKEY* evp, RsaToBioFunc rsaToBio, const cha - - - //fix OpenSSL API inconsistencies: --int PEM_write_bio_PrivateKey2(BIO* bio, const EVP_PKEY* key) -+int PEM_write_bio_PrivateKey2(BIO* bio, EVP_PKEY* key) - { - return ::PEM_write_bio_PrivateKey(bio, //BIO* bp -- key, //const EVP_PKEY* x -+ key, //EVP_PKEY* x - nullptr, //const EVP_CIPHER* enc -- nullptr, //const unsigned char* kstr -+ nullptr, //unsigned char* kstr - 0, //int klen - nullptr, //pem_password_cb* cb - nullptr); //void* u - } - --int PEM_write_bio_RSAPrivateKey2(BIO* bio, const RSA* rsa) -+int PEM_write_bio_RSAPrivateKey2(BIO* bio, RSA* rsa) - { - return ::PEM_write_bio_RSAPrivateKey(bio, //BIO* bp -- rsa, //const RSA* x -+ rsa, //RSA* x - nullptr, //const EVP_CIPHER* enc -- nullptr, //const unsigned char* kstr -+ nullptr, //unsigned char* kstr - 0, //int klen - nullptr, //pem_password_cb* cb - nullptr); //void* u - } - --int PEM_write_bio_RSAPublicKey2(BIO* bio, const RSA* rsa) { return ::PEM_write_bio_RSAPublicKey(bio, rsa); } -+int PEM_write_bio_RSAPublicKey2(BIO* bio, RSA* rsa) { return ::PEM_write_bio_RSAPublicKey(bio, rsa); } - - //-------------------------------------------------------------------------------- - -std::string keyToStream(const EVP_PKEY* evp, RsaStreamType streamType, bool publicKey) //throw SysError +std::string keyToStream(EVP_PKEY* evp, RsaStreamType streamType, bool publicKey) //throw SysError { - switch (streamType) - { -@@ -571,15 +571,15 @@ public: - if (sslError == SSL_ERROR_ZERO_RETURN) - return 0; //EOF + close_notify alert + //assert(::EVP_PKEY_get_base_id(evp) == EVP_PKEY_RSA); + +@@ -210,7 +210,7 @@ + case RsaStreamType::pkix: + { + //fix OpenSSL API inconsistencies: +- auto PEM_write_bio_PrivateKey2 = [](BIO* bio, const EVP_PKEY* key) ++ auto PEM_write_bio_PrivateKey2 = [](BIO* bio, EVP_PKEY* key) + { + return ::PEM_write_bio_PrivateKey(bio, //BIO* bp + key, //const EVP_PKEY* x +@@ -269,7 +269,7 @@ + return {reinterpret_cast<const char*>(keyBuf), keyLen}; + #else + //fix OpenSSL API inconsistencies: +- auto PEM_write_bio_RSAPrivateKey2 = [](BIO* bio, const RSA* rsa) ++ auto PEM_write_bio_RSAPrivateKey2 = [](BIO* bio, RSA* rsa) + { + return ::PEM_write_bio_RSAPrivateKey(bio, //BIO* bp + rsa, //const RSA* x +@@ -279,14 +279,14 @@ + nullptr, //pem_password_cb* cb + nullptr); //void* u + }; +- auto PEM_write_bio_RSAPublicKey2 = [](BIO* bio, const RSA* rsa) { return ::PEM_write_bio_RSAPublicKey(bio, rsa); }; ++ auto PEM_write_bio_RSAPublicKey2 = [](BIO* bio, RSA* rsa) { return ::PEM_write_bio_RSAPublicKey(bio, rsa); }; + + BIO* bio = ::BIO_new(BIO_s_mem()); + if (!bio) + throw SysError(formatLastOpenSSLError("BIO_new")); + ZEN_ON_SCOPE_EXIT(::BIO_free_all(bio)); + +- const RSA* rsa = ::EVP_PKEY_get0_RSA(evp); //unowned reference! ++ RSA* rsa = ::EVP_PKEY_get0_RSA(evp); //unowned reference! + if (!rsa) + throw SysError(formatLastOpenSSLError("EVP_PKEY_get0_RSA")); --#if OPENSSL_VERSION_NUMBER >= 0x30000000L /*OpenSSL 3.0.0*/ || \ -- OPENSSL_VERSION_NUMBER == 0x1010105fL /*OpenSSL 1.1.1e*/ -+#if OPENSSL_VERSION_NUMBER == 0x1010105fL //OpenSSL 1.1.1e - const auto ec = ::ERR_peek_last_error(); - if (sslError == SSL_ERROR_SSL && ERR_GET_REASON(ec) == SSL_R_UNEXPECTED_EOF_WHILE_READING) //EOF: only expected for HTTP/1.0 --#else //obsolete handling: https://github.com/openssl/openssl/issues/10880#issuecomment-575746226 -+ return 0; -+#else //obsolete handling, at least in OpenSSL 1.1.1e (but valid again with OpenSSL 1.1.1f!) -+ //https://github.com/openssl/openssl/issues/10880#issuecomment-575746226 - if ((sslError == SSL_ERROR_SYSCALL && ::ERR_peek_last_error() == 0)) //EOF: only expected for HTTP/1.0 --#endif - return 0; -- -+#endif - throw SysError(formatLastOpenSSLError("SSL_read_ex") + L' ' + getSslErrorLiteral(sslError)); - } - assert(bytesReceived > 0); //SSL_read_ex() considers EOF an error! |