[U-Boot] [PATCH] Fix LibreSSL before v2.7.0
From: Nomble nomble@palism.com
Signed-off-by: Nomble nomble@palism.com Signed-off-by: Caliph Nomble nomble@palism.com --- lib/rsa/rsa-sign.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index cfe09cc94c..ab8572894d 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -20,7 +20,7 @@ #define HAVE_ERR_REMOVE_THREAD_STATE #endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) static void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) { @@ -299,7 +299,7 @@ static int rsa_init(void) { int ret;
-#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ret = SSL_library_init(); #else ret = OPENSSL_init_ssl(0, NULL); @@ -308,7 +308,7 @@ static int rsa_init(void) fprintf(stderr, "Failure to init SSL library\n"); return -1; } -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) SSL_load_error_strings();
OpenSSL_add_all_algorithms(); @@ -354,7 +354,7 @@ err_set_rsa: err_engine_init: ENGINE_free(e); err_engine_by_id: -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) ENGINE_cleanup(); #endif return ret; @@ -362,7 +362,7 @@ err_engine_by_id:
static void rsa_remove(void) { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) CRYPTO_cleanup_all_ex_data(); ERR_free_strings(); #ifdef HAVE_ERR_REMOVE_THREAD_STATE @@ -432,7 +432,8 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo, ret = rsa_err("Could not obtain signature"); goto err_sign; } - #if OPENSSL_VERSION_NUMBER < 0x10100000L + + #if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) EVP_MD_CTX_cleanup(context); #else EVP_MD_CTX_reset(context);
On Tue, Jul 24, 2018 at 07:47:48PM -0400, nomble@palism.com wrote:
From: Nomble nomble@palism.com
Signed-off-by: Nomble nomble@palism.com Signed-off-by: Caliph Nomble nomble@palism.com
lib/rsa/rsa-sign.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index cfe09cc94c..ab8572894d 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -20,7 +20,7 @@ #define HAVE_ERR_REMOVE_THREAD_STATE #endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL)
This should be put on a newline like the use in tools/kwbimage.c and tools/mxsimage.c same with other uses.
static void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) { @@ -299,7 +299,7 @@ static int rsa_init(void) { int ret;
-#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
LibreSSL has OPENSSL_init_ssl() version should be tested
ret = SSL_library_init(); #else ret = OPENSSL_init_ssl(0, NULL); @@ -308,7 +308,7 @@ static int rsa_init(void) fprintf(stderr, "Failure to init SSL library\n"); return -1; } -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
This should probably be version tested as well.
SSL_load_error_strings();
OpenSSL_add_all_algorithms(); @@ -354,7 +354,7 @@ err_set_rsa: err_engine_init: ENGINE_free(e); err_engine_by_id: -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) ENGINE_cleanup(); #endif return ret; @@ -362,7 +362,7 @@ err_engine_by_id:
static void rsa_remove(void) { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) CRYPTO_cleanup_all_ex_data(); ERR_free_strings(); #ifdef HAVE_ERR_REMOVE_THREAD_STATE @@ -432,7 +432,8 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo, ret = rsa_err("Could not obtain signature"); goto err_sign; }
- #if OPENSSL_VERSION_NUMBER < 0x10100000L
- #if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) EVP_MD_CTX_cleanup(context); #else EVP_MD_CTX_reset(context);
-- 2.16.4
U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot
From: Caliph Nomble nomble@palism.com
Fix LibreSSL compilation for versions before v2.7.0.
Signed-off-by: Caliph Nomble nomble@palism.com --- Tested compilation on LibreSSL v2.7.4 and v2.6.4 with no new errors or warnings.
Changes for v2: - fixed commit message conventions - fixed coding style
lib/rsa/rsa-sign.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index cfe09cc94c..05ac67b822 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -20,7 +20,8 @@ #define HAVE_ERR_REMOVE_THREAD_STATE #endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ + (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) static void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) { @@ -299,7 +300,8 @@ static int rsa_init(void) { int ret;
-#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ + (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) ret = SSL_library_init(); #else ret = OPENSSL_init_ssl(0, NULL); @@ -308,7 +310,8 @@ static int rsa_init(void) fprintf(stderr, "Failure to init SSL library\n"); return -1; } -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ + (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) SSL_load_error_strings();
OpenSSL_add_all_algorithms(); @@ -354,7 +357,8 @@ err_set_rsa: err_engine_init: ENGINE_free(e); err_engine_by_id: -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ + (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) ENGINE_cleanup(); #endif return ret; @@ -362,7 +366,8 @@ err_engine_by_id:
static void rsa_remove(void) { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ + (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) CRYPTO_cleanup_all_ex_data(); ERR_free_strings(); #ifdef HAVE_ERR_REMOVE_THREAD_STATE @@ -432,7 +437,8 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo, ret = rsa_err("Could not obtain signature"); goto err_sign; } - #if OPENSSL_VERSION_NUMBER < 0x10100000L + #if OPENSSL_VERSION_NUMBER < 0x10100000L || \ + (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) EVP_MD_CTX_cleanup(context); #else EVP_MD_CTX_reset(context);
On Wed, Jul 25, 2018 at 10:13:03PM -0400, nomble@palism.com wrote:
From: Caliph Nomble nomble@palism.com
Fix LibreSSL compilation for versions before v2.7.0.
Signed-off-by: Caliph Nomble nomble@palism.com
Tested compilation on LibreSSL v2.7.4 and v2.6.4 with no new errors or warnings.
Builds on OpenBSD -current with 2.8.0. bcm7445 config resulted in building it.
Could be 0x2070000fL not 0x02070000fL to match the other uses but that is just cosmetic.
Reviewed-by: Jonathan Gray jsg@jsg.id.au
Changes for v2:
- fixed commit message conventions
- fixed coding style
lib/rsa/rsa-sign.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index cfe09cc94c..05ac67b822 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -20,7 +20,8 @@ #define HAVE_ERR_REMOVE_THREAD_STATE #endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
- (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL)
static void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) { @@ -299,7 +300,8 @@ static int rsa_init(void) { int ret;
-#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
- (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) ret = SSL_library_init();
#else ret = OPENSSL_init_ssl(0, NULL); @@ -308,7 +310,8 @@ static int rsa_init(void) fprintf(stderr, "Failure to init SSL library\n"); return -1; } -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
(defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) SSL_load_error_strings();
OpenSSL_add_all_algorithms();
@@ -354,7 +357,8 @@ err_set_rsa: err_engine_init: ENGINE_free(e); err_engine_by_id: -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
- (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) ENGINE_cleanup();
#endif return ret; @@ -362,7 +366,8 @@ err_engine_by_id:
static void rsa_remove(void) { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
- (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL) CRYPTO_cleanup_all_ex_data(); ERR_free_strings();
#ifdef HAVE_ERR_REMOVE_THREAD_STATE @@ -432,7 +437,8 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo, ret = rsa_err("Could not obtain signature"); goto err_sign; }
- #if OPENSSL_VERSION_NUMBER < 0x10100000L
- #if OPENSSL_VERSION_NUMBER < 0x10100000L || \
(defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL)-- 2.16.4
U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot
On Wed, Jul 25, 2018 at 10:13:03PM -0400, nomble@palism.com wrote:
From: Caliph Nomble nomble@palism.com
Fix LibreSSL compilation for versions before v2.7.0.
Signed-off-by: Caliph Nomble nomble@palism.com Reviewed-by: Jonathan Gray jsg@jsg.id.au
Applied to u-boot/master, thanks!
participants (3)
-
Jonathan Gray -
nomble@palism.com -
Tom Rini