Home Explore Help
Register Sign In
FreifunkHochstift
/
gluon
6
0
Fork 0
Files Issues 0 Pull Requests 0
Branch: v2016.2.x
Branches Tags
gluon
/
patches
/
openwrt
/
0098-tools-mkimage-fix-build-with-OpenSSL-1.1.x-FS-182.patch

0098-tools-mkimage-fix-build-with-OpenSSL-1.1.x-FS-182.patch 3.0 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115 
  1. From: Jo-Philipp Wich <jo@mein.io>
    2. 

  2. Date: Wed, 30 Nov 2016 18:09:05 +0100
    3. 

  3. Subject: tools: mkimage: fix build with OpenSSL 1.1.x (FS#182)
    4. 

  4. 

  5. The OpenSSL 1.1.x version series undergone some major API changes which made
    6. 

  6. the RSA structure opaque and deprecated a number of methods, so add some
    7. 

  7. conditional compat code to make the u-boot source build again.
    8. 

  8. 

  9. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
    10. 

  10. 

  11. Backport of LEDE 70b104f98c0657323b28fce140b73a94bf3eb756
    12. 

  12. 

  13. diff --git a/tools/mkimage/patches/210-openssl-1.1.x-compat.patch b/tools/mkimage/patches/210-openssl-1.1.x-compat.patch
    14. 

  14. new file mode 100644
    15. 

  15. index 0000000000000000000000000000000000000000..fa7c99f39b0a65f0d784473ca9b8fde836e4fa6e
    16. 

  16. --- /dev/null
    17. 

  17. +++ b/tools/mkimage/patches/210-openssl-1.1.x-compat.patch
    18. 

  18. @@ -0,0 +1,97 @@
    19. 

  19. +--- a/lib/rsa/rsa-sign.c
    20. 

  20. ++++ b/lib/rsa/rsa-sign.c
    21. 

  21. +@@ -15,10 +15,25 @@
    22. 

  22. + #include <openssl/ssl.h>
    23. 

  23. + #include <openssl/evp.h>
    24. 

  24. + 
    25. 

  25. +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
    26. 

  26. ++#if OPENSSL_VERSION_NUMBER < 0x10000000L
    27. 

  27. ++#define HAVE_ERR_REMOVE_STATE
    28. 

  28. ++#elif OPENSSL_VERSION_NUMBER < 0x10100000L
    29. 

  29. + #define HAVE_ERR_REMOVE_THREAD_STATE
    30. 

  30. + #endif
    31. 

  31. + 
    32. 

  32. ++#if OPENSSL_VERSION_NUMBER < 0x10100005L
    33. 

  33. ++static void RSA_get0_key(const RSA *r,
    34. 

  34. ++                         const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
    35. 

  35. ++{
    36. 

  36. ++   if (n != NULL)
    37. 

  37. ++       *n = r->n;
    38. 

  38. ++   if (e != NULL)
    39. 

  39. ++       *e = r->e;
    40. 

  40. ++   if (d != NULL)
    41. 

  41. ++       *d = r->d;
    42. 

  42. ++}
    43. 

  43. ++#endif
    44. 

  44. ++
    45. 

  45. + static int rsa_err(const char *msg)
    46. 

  46. + {
    47. 

  47. + 	unsigned long sslErr = ERR_get_error();
    48. 

  48. +@@ -154,7 +169,8 @@ static void rsa_remove(void)
    49. 

  49. + 	ERR_free_strings();
    50. 

  50. + #ifdef HAVE_ERR_REMOVE_THREAD_STATE
    51. 

  51. + 	ERR_remove_thread_state(NULL);
    52. 

  52. +-#else
    53. 

  53. ++#endif
    54. 

  54. ++#ifdef HAVE_ERR_REMOVE_STATE
    55. 

  55. + 	ERR_remove_state(0);
    56. 

  56. + #endif
    57. 

  57. + 	EVP_cleanup();
    58. 

  58. +@@ -210,7 +226,6 @@ static int rsa_sign_with_key(RSA *rsa, s
    59. 

  59. + 		ret = rsa_err("Could not obtain signature");
    60. 

  60. + 		goto err_sign;
    61. 

  61. + 	}
    62. 

  62. +-	EVP_MD_CTX_cleanup(context);
    63. 

  63. + 	EVP_MD_CTX_destroy(context);
    64. 

  64. + 	EVP_PKEY_free(key);
    65. 

  65. + 
    66. 

  66. +@@ -270,23 +285,26 @@ static int rsa_get_exponent(RSA *key, ui
    67. 

  67. + 	BIGNUM *bn_te;
    68. 

  68. + 	uint64_t te;
    69. 

  69. + 
    70. 

  70. ++	const BIGNUM *bn_e;
    71. 

  71. ++	RSA_get0_key(key, NULL, &bn_e, NULL);
    72. 

  72. ++
    73. 

  73. + 	ret = -EINVAL;
    74. 

  74. + 	bn_te = NULL;
    75. 

  75. + 
    76. 

  76. + 	if (!e)
    77. 

  77. + 		goto cleanup;
    78. 

  78. + 
    79. 

  79. +-	if (BN_num_bits(key->e) > 64)
    80. 

  80. ++	if (BN_num_bits(bn_e) > 64)
    81. 

  81. + 		goto cleanup;
    82. 

  82. + 
    83. 

  83. +-	*e = BN_get_word(key->e);
    84. 

  84. ++	*e = BN_get_word(bn_e);
    85. 

  85. + 
    86. 

  86. +-	if (BN_num_bits(key->e) < 33) {
    87. 

  87. ++	if (BN_num_bits(bn_e) < 33) {
    88. 

  88. + 		ret = 0;
    89. 

  89. + 		goto cleanup;
    90. 

  90. + 	}
    91. 

  91. + 
    92. 

  92. +-	bn_te = BN_dup(key->e);
    93. 

  93. ++	bn_te = BN_dup(bn_e);
    94. 

  94. + 	if (!bn_te)
    95. 

  95. + 		goto cleanup;
    96. 

  96. + 
    97. 

  97. +@@ -319,6 +337,9 @@ int rsa_get_params(RSA *key, uint64_t *e
    98. 

  98. + 	BN_CTX *bn_ctx = BN_CTX_new();
    99. 

  99. + 	int ret = 0;
    100. 

  100. + 
    101. 

  101. ++	const BIGNUM *bn_n;
    102. 

  102. ++	RSA_get0_key(key, &bn_n, NULL, NULL);
    103. 

  103. ++
    104. 

  104. + 	/* Initialize BIGNUMs */
    105. 

  105. + 	big1 = BN_new();
    106. 

  106. + 	big2 = BN_new();
    107. 

  107. +@@ -337,7 +358,7 @@ int rsa_get_params(RSA *key, uint64_t *e
    108. 

  108. + 	if (0 != rsa_get_exponent(key, exponent))
    109. 

  109. + 		ret = -1;
    110. 

  110. + 
    111. 

  111. +-	if (!BN_copy(n, key->n) || !BN_set_word(big1, 1L) ||
    112. 

  112. ++	if (!BN_copy(n, bn_n) || !BN_set_word(big1, 1L) ||
    113. 

  113. + 	    !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L))
    114. 

  114. + 		ret = -1;
    115. 

  115. + 
    116.