From 35d7791d061c592bb626a113906338ee806a546b Mon Sep 17 00:00:00 2001 From: Tom Callaway Date: Wed, 19 Oct 2016 11:31:08 -0400 Subject: [PATCH] 1.18.2 --- .gitignore | 1 + efl-1.18.2-openssl-1.1.patch | 247 +++++++++++++++++++++++++++++++++++ efl.spec | 9 +- sources | 2 +- 4 files changed, 257 insertions(+), 2 deletions(-) create mode 100644 efl-1.18.2-openssl-1.1.patch diff --git a/.gitignore b/.gitignore index 79f9c47..ab8fdd6 100644 --- a/.gitignore +++ b/.gitignore @@ -10,3 +10,4 @@ /efl-1.17.1.tar.xz /efl-1.17.2.tar.xz /efl-1.18.0.tar.xz +/efl-1.18.2.tar.xz diff --git a/efl-1.18.2-openssl-1.1.patch b/efl-1.18.2-openssl-1.1.patch new file mode 100644 index 0000000..a569a99 --- /dev/null +++ b/efl-1.18.2-openssl-1.1.patch @@ -0,0 +1,247 @@ +diff -up efl-1.18.2/src/lib/eet/eet_cipher.c.fixup efl-1.18.2/src/lib/eet/eet_cipher.c +--- efl-1.18.2/src/lib/eet/eet_cipher.c.fixup 2016-10-19 10:31:31.601037298 -0400 ++++ efl-1.18.2/src/lib/eet/eet_cipher.c 2016-10-19 10:43:13.258515381 -0400 +@@ -475,9 +475,15 @@ eet_identity_sign(FILE *fp, + gnutls_datum_t signum = { NULL, 0 }; + gnutls_privkey_t privkey; + # else /* ifdef HAVE_GNUTLS */ +- EVP_MD_CTX md_ctx; + unsigned int sign_len = 0; + int cert_len = 0; ++# if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); ++ if (md_ctx == NULL) ++ return EET_ERROR_BAD_OBJECT; ++# else /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ ++ EVP_MD_CTX md_ctx; ++# endif /* if OPENSSL_VERSION_NUMBER >= 0x10100000L */ + # endif /* ifdef HAVE_GNUTLS */ + + /* A few check and flush pending write. */ +@@ -560,6 +566,15 @@ eet_identity_sign(FILE *fp, + goto on_error; + } + ++# if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ /* Do the signature. */ ++ EVP_SignInit(md_ctx, EVP_sha1()); ++ EVP_SignUpdate(md_ctx, data, st_buf.st_size); ++ err = EVP_SignFinal(md_ctx, ++ sign, ++ (unsigned int *)&sign_len, ++ key->private_key); ++# else + /* Do the signature. */ + EVP_SignInit(&md_ctx, EVP_sha1()); + EVP_SignUpdate(&md_ctx, data, st_buf.st_size); +@@ -567,6 +582,7 @@ eet_identity_sign(FILE *fp, + sign, + (unsigned int *)&sign_len, + key->private_key); ++# endif + if (err != 1) + { + ERR_print_errors_fp(stdout); +@@ -615,6 +631,9 @@ on_error: + # else /* ifdef HAVE_GNUTLS */ + if (cert) + OPENSSL_free(cert); ++# if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_MD_CTX_free(md_ctx); ++# endif /* if OPENSSL_VERSION_NUMBER >= 0x10100000L */ + + # endif /* ifdef HAVE_GNUTLS */ + if (sign) +@@ -739,7 +758,13 @@ eet_identity_check(const void *data_ba + const unsigned char *tmp; + EVP_PKEY *pkey; + X509 *x509; ++# if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); ++ if (md_ctx == NULL) ++ return NULL; ++# else /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ + EVP_MD_CTX md_ctx; ++# endif /* if OPENSSL_VERSION_NUMBER >= 0x10100000L */ + int err; + + /* Strange but d2i_X509 seems to put 0 all over the place. */ +@@ -757,10 +782,17 @@ eet_identity_check(const void *data_ba + return NULL; + } + ++# if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ /* Verify the signature */ ++ EVP_VerifyInit(md_ctx, EVP_sha1()); ++ EVP_VerifyUpdate(md_ctx, data_base, data_length); ++ err = EVP_VerifyFinal(md_ctx, sign, sign_len, pkey); ++# else /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ + /* Verify the signature */ + EVP_VerifyInit(&md_ctx, EVP_sha1()); + EVP_VerifyUpdate(&md_ctx, data_base, data_length); + err = EVP_VerifyFinal(&md_ctx, sign, sign_len, pkey); ++# endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ + + X509_free(x509); + EVP_PKEY_free(pkey); +@@ -800,6 +832,9 @@ eet_identity_check(const void *data_ba + raw_signature_base = NULL; + raw_signature_length = NULL; + x509_length = NULL; ++# if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_MD_CTX_free(md_ctx); ++# endif /* if OPENSSL_VERSION_NUMBER >= 0x10100000L */ + return NULL; + #endif /* ifdef HAVE_SIGNATURE */ + } +diff -up efl-1.18.2/src/lib/emile/emile_cipher_openssl.c.fixup efl-1.18.2/src/lib/emile/emile_cipher_openssl.c +--- efl-1.18.2/src/lib/emile/emile_cipher_openssl.c.fixup 2016-10-19 10:10:05.735351607 -0400 ++++ efl-1.18.2/src/lib/emile/emile_cipher_openssl.c 2016-10-19 10:30:27.529498249 -0400 +@@ -87,7 +87,11 @@ emile_binbuf_cipher(Emile_Cipher_Algorit + unsigned int crypted_length; + int opened = 0; + /* Openssl declarations*/ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_CIPHER_CTX *ctx; ++#else + EVP_CIPHER_CTX ctx; ++#endif + unsigned int *buffer = NULL; + int tmp_len; + +@@ -134,17 +138,43 @@ emile_binbuf_cipher(Emile_Cipher_Algorit + + /* Openssl create the corresponding cipher + AES with a 256 bit key, Cipher Block Chaining mode */ +- EVP_CIPHER_CTX_init(&ctx); +- if (!EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, ik, iv)) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) ++ goto on_error; ++ ++ opened = 1; ++ ++ if (!EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, ik, iv)) + goto on_error; ++#else ++ EVP_CIPHER_CTX_init(&ctx); + + opened = 1; + ++ if (!EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, ik, iv)) ++ goto on_error; ++#endif ++ + memset(iv, 0, sizeof (iv)); + memset(ik, 0, sizeof (ik)); + + pointer = (unsigned char*) eina_binbuf_string_get(result); + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ /* Openssl encrypt */ ++ if (!EVP_EncryptUpdate(ctx, pointer + sizeof (int), &tmp_len, ++ (unsigned char *)buffer, ++ eina_binbuf_length_get(data) + sizeof(unsigned int))) ++ goto on_error; ++ ++ /* Openssl close the cipher */ ++ if (!EVP_EncryptFinal_ex(ctx, pointer + sizeof (int) + tmp_len, ++ &tmp_len)) ++ goto on_error; ++ ++ EVP_CIPHER_CTX_free(ctx); ++#else + /* Openssl encrypt */ + if (!EVP_EncryptUpdate(&ctx, pointer + sizeof (int), &tmp_len, + (unsigned char *)buffer, +@@ -157,6 +187,8 @@ emile_binbuf_cipher(Emile_Cipher_Algorit + goto on_error; + + EVP_CIPHER_CTX_cleanup(&ctx); ++#endif ++ + free(buffer); + + return result; +@@ -167,8 +199,11 @@ on_error: + + /* Openssl error */ + if (opened) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_CIPHER_CTX_free(ctx); ++#else + EVP_CIPHER_CTX_cleanup(&ctx); +- ++#endif + free(buffer); + + /* General error */ +@@ -186,7 +221,11 @@ emile_binbuf_decipher(Emile_Cipher_Algor + { + Eina_Binbuf *result = NULL; + unsigned int *over; ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_CIPHER_CTX *ctx; ++#else + EVP_CIPHER_CTX ctx; ++#endif + unsigned char ik[MAX_KEY_LEN]; + unsigned char iv[MAX_IV_LEN]; + unsigned char key_material[MAX_KEY_LEN + MAX_IV_LEN]; +@@ -230,15 +269,35 @@ emile_binbuf_decipher(Emile_Cipher_Algor + eina_binbuf_append_length(result, (unsigned char*) (over + 1), tmp_len); + + /* Openssl create the corresponding cipher */ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) ++ goto on_error; ++ opened = 1; ++ ++ if (!EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, ik, iv)) ++ goto on_error; ++#else + EVP_CIPHER_CTX_init(&ctx); + opened = 1; + + if (!EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, ik, iv)) + goto on_error; ++#endif + + memset(iv, 0, sizeof (iv)); + memset(ik, 0, sizeof (ik)); + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ /* Openssl decrypt */ ++ if (!EVP_DecryptUpdate(ctx, ++ (void*) eina_binbuf_string_get(result), &tmp, ++ (void*) (over + 1), tmp_len)) ++ goto on_error; ++ ++ /* Openssl close the cipher*/ ++ EVP_CIPHER_CTX_free(ctx); ++#else + /* Openssl decrypt */ + if (!EVP_DecryptUpdate(&ctx, + (void*) eina_binbuf_string_get(result), &tmp, +@@ -247,6 +306,7 @@ emile_binbuf_decipher(Emile_Cipher_Algor + + /* Openssl close the cipher*/ + EVP_CIPHER_CTX_cleanup(&ctx); ++#endif + + /* Get the decrypted data size */ + tmp = *(unsigned int*)(eina_binbuf_string_get(result)); +@@ -265,7 +325,11 @@ on_error: + memset(ik, 0, sizeof (ik)); + + if (opened) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_CIPHER_CTX_free(ctx); ++#else + EVP_CIPHER_CTX_cleanup(&ctx); ++#endif + + eina_binbuf_free(result); + diff --git a/efl.spec b/efl.spec index 4c59af0..3434fa5 100644 --- a/efl.spec +++ b/efl.spec @@ -29,7 +29,7 @@ Name: efl -Version: 1.18.1 +Version: 1.18.2 Release: 1%{?dist} Summary: Collection of Enlightenment libraries License: BSD and LGPLv2+ and GPLv2 and zlib @@ -40,6 +40,9 @@ Patch0: efl-1.11.4-tslibfix.patch # There is probably a way to conditionalize this in the code that could go upstream # but this works for now. Patch1: efl-1.17.1-old-nomodifier-in-drm_mode_fb_cmd2.patch +# Support openssl 1.1+ +# https://phab.enlightenment.org/T4746 +Patch2: efl-1.18.2-openssl-1.1.patch BuildRequires: bullet-devel libpng-devel libjpeg-devel gstreamer1-devel zlib-devel BuildRequires: gstreamer1-plugins-base-devel libtiff-devel openssl-devel BuildRequires: curl-devel dbus-devel glibc-devel fontconfig-devel freetype-devel @@ -192,6 +195,7 @@ Development files for EFL. %if 0%{?fedora} <= 22 %patch1 -p1 -b .old %endif +%patch2 -p1 -b .openssl11 autoreconf -ifv # This is why hardcoding paths is bad. @@ -540,6 +544,9 @@ fi %{_libdir}/pkgconfig/evas*.pc %changelog +* Wed Oct 19 2016 Tom Callaway - 1.18.2-1 +- update to 1.18.2 + * Wed Sep 21 2016 Tom Callaway - 1.18.1-1 - update to 1.18.1 diff --git a/sources b/sources index c9264a9..4bf1df1 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -d51fe1251df6a68f20be82e8ae6e0c4c efl-1.18.1.tar.xz +adf7637b861fbdde644eff0692c6cdf3 efl-1.18.2.tar.xz