1.18.2

2016-10-19 11:31:08 -04:00 · 2016-10-19 11:31:08 -04:00 · 35d7791d06
parent eac5da8c9d
commit 35d7791d06
4 changed files with 257 additions and 2 deletions
--- a/.gitignore
+++ b/.gitignore
@ -10,3 +10,4 @@
 /efl-1.17.1.tar.xz
 /efl-1.17.2.tar.xz
 /efl-1.18.0.tar.xz
+/efl-1.18.2.tar.xz
--- a/efl-1.18.2-openssl-1.1.patch
+++ b/efl-1.18.2-openssl-1.1.patch
@ -0,0 +1,247 @@
+diff -up efl-1.18.2/src/lib/eet/eet_cipher.c.fixup efl-1.18.2/src/lib/eet/eet_cipher.c
+--- efl-1.18.2/src/lib/eet/eet_cipher.c.fixup	2016-10-19 10:31:31.601037298 -0400
+++ efl-1.18.2/src/lib/eet/eet_cipher.c	2016-10-19 10:43:13.258515381 -0400
+@@ -475,9 +475,15 @@ eet_identity_sign(FILE    *fp,
+    gnutls_datum_t signum = { NULL, 0 };
+    gnutls_privkey_t privkey;
+ # else /* ifdef HAVE_GNUTLS */
+-   EVP_MD_CTX md_ctx;
+    unsigned int sign_len = 0;
+    int cert_len = 0;
+#  if OPENSSL_VERSION_NUMBER >= 0x10100000L
+   EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
+   if (md_ctx == NULL)
+     return EET_ERROR_BAD_OBJECT;
+#  else /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
+   EVP_MD_CTX md_ctx;
+#  endif /* if OPENSSL_VERSION_NUMBER >= 0x10100000L */
+ # endif /* ifdef HAVE_GNUTLS */
+ 
+    /* A few check and flush pending write. */
+@@ -560,6 +566,15 @@ eet_identity_sign(FILE    *fp,
+         goto on_error;
+      }
+ 
+#  if OPENSSL_VERSION_NUMBER >= 0x10100000L
+   /* Do the signature. */
+   EVP_SignInit(md_ctx, EVP_sha1());
+   EVP_SignUpdate(md_ctx, data, st_buf.st_size);
+   err = EVP_SignFinal(md_ctx,
+                       sign,
+                       (unsigned int *)&sign_len,
+                       key->private_key);
+#  else
+    /* Do the signature. */
+    EVP_SignInit(&md_ctx, EVP_sha1());
+    EVP_SignUpdate(&md_ctx, data, st_buf.st_size);
+@@ -567,6 +582,7 @@ eet_identity_sign(FILE    *fp,
+                        sign,
+                        (unsigned int *)&sign_len,
+                        key->private_key);
+#  endif
+    if (err != 1)
+      {
+         ERR_print_errors_fp(stdout);
+@@ -615,6 +631,9 @@ on_error:
+ # else /* ifdef HAVE_GNUTLS */
+    if (cert)
+      OPENSSL_free(cert);
+#  if OPENSSL_VERSION_NUMBER >= 0x10100000L
+   EVP_MD_CTX_free(md_ctx);
+#  endif /* if OPENSSL_VERSION_NUMBER >= 0x10100000L */
+ 
+ # endif /* ifdef HAVE_GNUTLS */
+    if (sign)
+@@ -739,7 +758,13 @@ eet_identity_check(const void   *data_ba
+    const unsigned char *tmp;
+    EVP_PKEY *pkey;
+    X509 *x509;
+#  if OPENSSL_VERSION_NUMBER >= 0x10100000L
+   EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
+   if (md_ctx == NULL)
+     return NULL;
+#  else /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
+    EVP_MD_CTX md_ctx;
+#  endif /* if OPENSSL_VERSION_NUMBER >= 0x10100000L */
+    int err;
+ 
+    /* Strange but d2i_X509 seems to put 0 all over the place. */
+@@ -757,10 +782,17 @@ eet_identity_check(const void   *data_ba
+         return NULL;
+      }
+ 
+#  if OPENSSL_VERSION_NUMBER >= 0x10100000L
+   /* Verify the signature */
+   EVP_VerifyInit(md_ctx, EVP_sha1());
+   EVP_VerifyUpdate(md_ctx, data_base, data_length);
+   err = EVP_VerifyFinal(md_ctx, sign, sign_len, pkey);
+#  else /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
+    /* Verify the signature */
+    EVP_VerifyInit(&md_ctx, EVP_sha1());
+    EVP_VerifyUpdate(&md_ctx, data_base, data_length);
+    err = EVP_VerifyFinal(&md_ctx, sign, sign_len, pkey);
+#  endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
+ 
+    X509_free(x509);
+    EVP_PKEY_free(pkey);
+@@ -800,6 +832,9 @@ eet_identity_check(const void   *data_ba
+    raw_signature_base = NULL;
+    raw_signature_length = NULL;
+    x509_length = NULL;
+#  if OPENSSL_VERSION_NUMBER >= 0x10100000L
+   EVP_MD_CTX_free(md_ctx);
+#  endif /* if OPENSSL_VERSION_NUMBER >= 0x10100000L */
+    return NULL;
+ #endif /* ifdef HAVE_SIGNATURE */
+ }
+diff -up efl-1.18.2/src/lib/emile/emile_cipher_openssl.c.fixup efl-1.18.2/src/lib/emile/emile_cipher_openssl.c
+--- efl-1.18.2/src/lib/emile/emile_cipher_openssl.c.fixup	2016-10-19 10:10:05.735351607 -0400
+++ efl-1.18.2/src/lib/emile/emile_cipher_openssl.c	2016-10-19 10:30:27.529498249 -0400
+@@ -87,7 +87,11 @@ emile_binbuf_cipher(Emile_Cipher_Algorit
+    unsigned int crypted_length;
+    int opened = 0;
+    /* Openssl declarations*/
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+   EVP_CIPHER_CTX *ctx;
+#else
+    EVP_CIPHER_CTX ctx;
+#endif
+    unsigned int *buffer = NULL;
+    int tmp_len;
+ 
+@@ -134,17 +138,43 @@ emile_binbuf_cipher(Emile_Cipher_Algorit
+ 
+    /* Openssl create the corresponding cipher
+       AES with a 256 bit key, Cipher Block Chaining mode */
+-   EVP_CIPHER_CTX_init(&ctx);
+-   if (!EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, ik, iv))
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+   ctx = EVP_CIPHER_CTX_new();
+   if (ctx == NULL)
+     goto on_error;
+
+   opened = 1;
+
+   if (!EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, ik, iv))
+      goto on_error;
+#else
+   EVP_CIPHER_CTX_init(&ctx);
+ 
+    opened = 1;
+ 
+   if (!EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, ik, iv))
+     goto on_error;
+#endif
+
+    memset(iv, 0, sizeof (iv));
+    memset(ik, 0, sizeof (ik));
+ 
+    pointer = (unsigned char*) eina_binbuf_string_get(result);
+ 
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+   /* Openssl encrypt */
+   if (!EVP_EncryptUpdate(ctx, pointer + sizeof (int), &tmp_len,
+                          (unsigned char *)buffer,
+                          eina_binbuf_length_get(data) + sizeof(unsigned int)))
+     goto on_error;
+
+   /* Openssl close the cipher */
+   if (!EVP_EncryptFinal_ex(ctx, pointer + sizeof (int) + tmp_len,
+                            &tmp_len))
+     goto on_error;
+
+   EVP_CIPHER_CTX_free(ctx);
+#else
+    /* Openssl encrypt */
+    if (!EVP_EncryptUpdate(&ctx, pointer + sizeof (int), &tmp_len,
+                           (unsigned char *)buffer,
+@@ -157,6 +187,8 @@ emile_binbuf_cipher(Emile_Cipher_Algorit
+      goto on_error;
+ 
+    EVP_CIPHER_CTX_cleanup(&ctx);
+#endif
+
+    free(buffer);
+ 
+    return result;
+@@ -167,8 +199,11 @@ on_error:
+ 
+    /* Openssl error */
+    if (opened)
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+     EVP_CIPHER_CTX_free(ctx);
+#else
+      EVP_CIPHER_CTX_cleanup(&ctx);
+-
+#endif
+    free(buffer);
+ 
+    /* General error */
+@@ -186,7 +221,11 @@ emile_binbuf_decipher(Emile_Cipher_Algor
+ {
+    Eina_Binbuf *result = NULL;
+    unsigned int *over;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+   EVP_CIPHER_CTX *ctx;
+#else
+    EVP_CIPHER_CTX ctx;
+#endif
+    unsigned char ik[MAX_KEY_LEN];
+    unsigned char iv[MAX_IV_LEN];
+    unsigned char key_material[MAX_KEY_LEN + MAX_IV_LEN];
+@@ -230,15 +269,35 @@ emile_binbuf_decipher(Emile_Cipher_Algor
+    eina_binbuf_append_length(result, (unsigned char*) (over + 1), tmp_len);
+ 
+    /* Openssl create the corresponding cipher */
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+   ctx = EVP_CIPHER_CTX_new();
+   if (ctx == NULL)
+     goto on_error;
+   opened = 1;
+
+   if (!EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, ik, iv))
+     goto on_error;
+#else
+    EVP_CIPHER_CTX_init(&ctx);
+    opened = 1;
+ 
+    if (!EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, ik, iv))
+      goto on_error;
+#endif
+ 
+    memset(iv, 0, sizeof (iv));
+    memset(ik, 0, sizeof (ik));
+ 
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+   /* Openssl decrypt */
+   if (!EVP_DecryptUpdate(ctx,
+                          (void*) eina_binbuf_string_get(result), &tmp,
+                          (void*) (over + 1), tmp_len))
+     goto on_error;
+
+   /* Openssl close the cipher*/
+   EVP_CIPHER_CTX_free(ctx);
+#else
+    /* Openssl decrypt */
+    if (!EVP_DecryptUpdate(&ctx,
+                           (void*) eina_binbuf_string_get(result), &tmp,
+@@ -247,6 +306,7 @@ emile_binbuf_decipher(Emile_Cipher_Algor
+ 
+    /* Openssl close the cipher*/
+    EVP_CIPHER_CTX_cleanup(&ctx);
+#endif
+ 
+    /* Get the decrypted data size */
+    tmp = *(unsigned int*)(eina_binbuf_string_get(result));
+@@ -265,7 +325,11 @@ on_error:
+    memset(ik, 0, sizeof (ik));
+ 
+    if (opened)
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+     EVP_CIPHER_CTX_free(ctx);
+#else
+      EVP_CIPHER_CTX_cleanup(&ctx);
+#endif
+ 
+    eina_binbuf_free(result);
+ 
--- a/efl.spec
+++ b/efl.spec
@ -29,7 +29,7 @@


 Name:		efl
-Version:	1.18.1
+Version:	1.18.2
 Release:	1%{?dist}
 Summary:	Collection of Enlightenment libraries
 License:	BSD and LGPLv2+ and GPLv2 and zlib
@ -40,6 +40,9 @@ Patch0:		efl-1.11.4-tslibfix.patch
 # There is probably a way to conditionalize this in the code that could go upstream
 # but this works for now.
 Patch1:		efl-1.17.1-old-nomodifier-in-drm_mode_fb_cmd2.patch
+# Support openssl 1.1+
+# https://phab.enlightenment.org/T4746
+Patch2:		efl-1.18.2-openssl-1.1.patch
 BuildRequires:	bullet-devel libpng-devel libjpeg-devel gstreamer1-devel zlib-devel
 BuildRequires:	gstreamer1-plugins-base-devel libtiff-devel openssl-devel
 BuildRequires:	curl-devel dbus-devel glibc-devel fontconfig-devel freetype-devel
@ -192,6 +195,7 @@ Development files for EFL.
 %if 0%{?fedora} <= 22
 %patch1 -p1 -b .old
 %endif
+%patch2 -p1 -b .openssl11
 autoreconf -ifv

 # This is why hardcoding paths is bad.
@ -540,6 +544,9 @@ fi
 %{_libdir}/pkgconfig/evas*.pc

 %changelog
+* Wed Oct 19 2016 Tom Callaway <spot@fedoraproject.org> - 1.18.2-1
+- update to 1.18.2
+
 * Wed Sep 21 2016 Tom Callaway <spot@fedoraproject.org> - 1.18.1-1
 - update to 1.18.1

--- a/2
+++ b/2
@ -1 +1 @@
-d51fe1251df6a68f20be82e8ae6e0c4c  efl-1.18.1.tar.xz
+adf7637b861fbdde644eff0692c6cdf3  efl-1.18.2.tar.xz