jinql
/
openssl-patch
mirror of https://github.com/hakasenyang/openssl-patch
1
0
Fork 0
Code Issues Releases Wiki Activity

Update pre9 compatible

openssl-1.1.1
Hakase 2018-07-08 16:01:41 +09:00
parent 8031759584
commit c59106617a
3 changed files with 28 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -17,7 +17,7 @@
**Support TLS 1.3 draft 28 browsers - _Chrome Canary, Firefox Nightly_**
[Compatible OpenSSL-1.1.1-pre9-dev (OpenSSL, 22461 commits)](https://github.com/openssl/openssl/tree/a9f3f1ccbbf84f4ef804ede82d4b072492b54c03)
[Compatible OpenSSL-1.1.1-pre9-dev (OpenSSL, 22476 commits)](https://github.com/openssl/openssl/tree/74bfb980377f43367035959a2c0afb5ec501c033)
## Patch files

28
openssl-equal-pre9.patch
View File

@ -25,7 +25,7 @@ index e3278eb6db..8e43cdd028 100644
The following lists give the SSL or TLS cipher suites names from the
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index bbcfb3c0b3..a4e0316980 100644
index 2376828e70..3da623a7af 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -173,12 +173,12 @@ extern "C" {
@ -819,10 +819,10 @@ index 9ce643ae8e..b88c534495 100644
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNINITIALIZED), "uninitialized"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_ALERT_TYPE), "unknown alert type"},
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 1387067b30..1dbc36139b 100644
index 38391fd2c0..80a5be26dd 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1111,6 +1111,71 @@ int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
@@ -1112,6 +1112,71 @@ int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
return X509_VERIFY_PARAM_set1(ssl->param, vpm);
}
@ -894,7 +894,7 @@ index 1387067b30..1dbc36139b 100644
X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx)
{
return ctx->param;
@@ -1151,7 +1216,8 @@ void SSL_free(SSL *s)
@@ -1152,7 +1217,8 @@ void SSL_free(SSL *s)
BUF_MEM_free(s->init_buf);
/* add extra stuff */
@ -904,7 +904,7 @@ index 1387067b30..1dbc36139b 100644
sk_SSL_CIPHER_free(s->cipher_list_by_id);
sk_SSL_CIPHER_free(s->tls13_ciphersuites);
@@ -2434,9 +2500,9 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
@@ -2435,9 +2501,9 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
{
if (s != NULL) {
if (s->cipher_list != NULL) {
@ -916,7 +916,7 @@ index 1387067b30..1dbc36139b 100644
}
}
return NULL;
@@ -2510,8 +2576,8 @@ const char *SSL_get_cipher_list(const SSL *s, int n)
@@ -2511,8 +2577,8 @@ const char *SSL_get_cipher_list(const SSL *s, int n)
* preference */
STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx)
{
@ -927,7 +927,7 @@ index 1387067b30..1dbc36139b 100644
return NULL;
}
@@ -2935,7 +3001,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
@@ -2936,7 +3002,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
ret->tls13_ciphersuites,
&ret->cipher_list, &ret->cipher_list_by_id,
SSL_DEFAULT_CIPHER_LIST, ret->cert)
@ -936,7 +936,7 @@ index 1387067b30..1dbc36139b 100644
SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
goto err2;
}
@@ -3098,7 +3164,7 @@ void SSL_CTX_free(SSL_CTX *a)
@@ -3109,7 +3175,7 @@ void SSL_CTX_free(SSL_CTX *a)
#ifndef OPENSSL_NO_CT
CTLOG_STORE_free(a->ctlog_store);
#endif
@ -945,7 +945,7 @@ index 1387067b30..1dbc36139b 100644
sk_SSL_CIPHER_free(a->cipher_list_by_id);
sk_SSL_CIPHER_free(a->tls13_ciphersuites);
ssl_cert_free(a->cert);
@@ -3754,13 +3820,15 @@ SSL *SSL_dup(SSL *s)
@@ -3765,13 +3831,15 @@ SSL *SSL_dup(SSL *s)
/* dup the cipher_list and cipher_list_by_id stacks */
if (s->cipher_list != NULL) {
@ -966,7 +966,7 @@ index 1387067b30..1dbc36139b 100644
/* Dup the client_CA list */
if (s->ca_names != NULL) {
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 6a2edeb190..53dbbd596c 100644
index 0bf3f16f35..b1ff09509c 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -736,9 +736,46 @@ typedef struct ssl_ctx_ext_secure_st {
@ -1017,7 +1017,7 @@ index 6a2edeb190..53dbbd596c 100644
/* same as above but sorted for lookup */
STACK_OF(SSL_CIPHER) *cipher_list_by_id;
/* TLSv1.3 specific ciphersuites */
@@ -1119,7 +1156,7 @@ struct ssl_st {
@@ -1128,7 +1165,7 @@ struct ssl_st {
/* Per connection DANE state */
SSL_DANE dane;
/* crypto */
@ -1026,7 +1026,7 @@ index 6a2edeb190..53dbbd596c 100644
STACK_OF(SSL_CIPHER) *cipher_list_by_id;
/* TLSv1.3 specific ciphersuites */
STACK_OF(SSL_CIPHER) *tls13_ciphersuites;
@@ -2232,7 +2269,7 @@ __owur int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
@@ -2250,7 +2287,7 @@ __owur int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
__owur int set_ciphersuites(STACK_OF(SSL_CIPHER) **currciphers, const char *str);
__owur STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
STACK_OF(SSL_CIPHER) *tls13_ciphersuites,
@ -1035,7 +1035,7 @@ index 6a2edeb190..53dbbd596c 100644
STACK_OF(SSL_CIPHER) **cipher_list_by_id,
const char *rule_str,
CERT *c);
@@ -2242,6 +2279,13 @@ __owur int bytes_to_cipher_list(SSL *s, PACKET *cipher_suites,
@@ -2260,6 +2297,13 @@ __owur int bytes_to_cipher_list(SSL *s, PACKET *cipher_suites,
STACK_OF(SSL_CIPHER) **scsvs, int sslv2format,
int fatal);
void ssl_update_cache(SSL *s, int mode);
@ -1049,7 +1049,7 @@ index 6a2edeb190..53dbbd596c 100644
__owur int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
const EVP_MD **md, int *mac_pkey_type,
size_t *mac_secret_size, SSL_COMP **comp,
@@ -2324,7 +2368,7 @@ __owur unsigned long ssl3_output_cert_chain(SSL *s, WPACKET *pkt,
@@ -2342,7 +2386,7 @@ __owur unsigned long ssl3_output_cert_chain(SSL *s, WPACKET *pkt,
CERT_PKEY *cpk);
__owur const SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,
STACK_OF(SSL_CIPHER) *clnt,

26
openssl-equal-pre9_ciphers.patch
View File

@ -854,10 +854,10 @@ index 9ce643ae8e..b88c534495 100644
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNINITIALIZED), "uninitialized"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_ALERT_TYPE), "unknown alert type"},
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 1387067b30..1dbc36139b 100644
index 38391fd2c0..80a5be26dd 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1111,6 +1111,71 @@ int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
@@ -1112,6 +1112,71 @@ int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
return X509_VERIFY_PARAM_set1(ssl->param, vpm);
}
@ -929,7 +929,7 @@ index 1387067b30..1dbc36139b 100644
X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx)
{
return ctx->param;
@@ -1151,7 +1216,8 @@ void SSL_free(SSL *s)
@@ -1152,7 +1217,8 @@ void SSL_free(SSL *s)
BUF_MEM_free(s->init_buf);
/* add extra stuff */
@ -939,7 +939,7 @@ index 1387067b30..1dbc36139b 100644
sk_SSL_CIPHER_free(s->cipher_list_by_id);
sk_SSL_CIPHER_free(s->tls13_ciphersuites);
@@ -2434,9 +2500,9 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
@@ -2435,9 +2501,9 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
{
if (s != NULL) {
if (s->cipher_list != NULL) {
@ -951,7 +951,7 @@ index 1387067b30..1dbc36139b 100644
}
}
return NULL;
@@ -2510,8 +2576,8 @@ const char *SSL_get_cipher_list(const SSL *s, int n)
@@ -2511,8 +2577,8 @@ const char *SSL_get_cipher_list(const SSL *s, int n)
* preference */
STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx)
{
@ -962,7 +962,7 @@ index 1387067b30..1dbc36139b 100644
return NULL;
}
@@ -2935,7 +3001,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
@@ -2936,7 +3002,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
ret->tls13_ciphersuites,
&ret->cipher_list, &ret->cipher_list_by_id,
SSL_DEFAULT_CIPHER_LIST, ret->cert)
@ -971,7 +971,7 @@ index 1387067b30..1dbc36139b 100644
SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
goto err2;
}
@@ -3098,7 +3164,7 @@ void SSL_CTX_free(SSL_CTX *a)
@@ -3109,7 +3175,7 @@ void SSL_CTX_free(SSL_CTX *a)
#ifndef OPENSSL_NO_CT
CTLOG_STORE_free(a->ctlog_store);
#endif
@ -980,7 +980,7 @@ index 1387067b30..1dbc36139b 100644
sk_SSL_CIPHER_free(a->cipher_list_by_id);
sk_SSL_CIPHER_free(a->tls13_ciphersuites);
ssl_cert_free(a->cert);
@@ -3754,13 +3820,15 @@ SSL *SSL_dup(SSL *s)
@@ -3765,13 +3831,15 @@ SSL *SSL_dup(SSL *s)
/* dup the cipher_list and cipher_list_by_id stacks */
if (s->cipher_list != NULL) {
@ -1001,7 +1001,7 @@ index 1387067b30..1dbc36139b 100644
/* Dup the client_CA list */
if (s->ca_names != NULL) {
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 6a2edeb190..53dbbd596c 100644
index 0bf3f16f35..b1ff09509c 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -736,9 +736,46 @@ typedef struct ssl_ctx_ext_secure_st {
@ -1052,7 +1052,7 @@ index 6a2edeb190..53dbbd596c 100644
/* same as above but sorted for lookup */
STACK_OF(SSL_CIPHER) *cipher_list_by_id;
/* TLSv1.3 specific ciphersuites */
@@ -1119,7 +1156,7 @@ struct ssl_st {
@@ -1128,7 +1165,7 @@ struct ssl_st {
/* Per connection DANE state */
SSL_DANE dane;
/* crypto */
@ -1061,7 +1061,7 @@ index 6a2edeb190..53dbbd596c 100644
STACK_OF(SSL_CIPHER) *cipher_list_by_id;
/* TLSv1.3 specific ciphersuites */
STACK_OF(SSL_CIPHER) *tls13_ciphersuites;
@@ -2232,7 +2269,7 @@ __owur int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
@@ -2250,7 +2287,7 @@ __owur int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
__owur int set_ciphersuites(STACK_OF(SSL_CIPHER) **currciphers, const char *str);
__owur STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
STACK_OF(SSL_CIPHER) *tls13_ciphersuites,
@ -1070,7 +1070,7 @@ index 6a2edeb190..53dbbd596c 100644
STACK_OF(SSL_CIPHER) **cipher_list_by_id,
const char *rule_str,
CERT *c);
@@ -2242,6 +2279,13 @@ __owur int bytes_to_cipher_list(SSL *s, PACKET *cipher_suites,
@@ -2260,6 +2297,13 @@ __owur int bytes_to_cipher_list(SSL *s, PACKET *cipher_suites,
STACK_OF(SSL_CIPHER) **scsvs, int sslv2format,
int fatal);
void ssl_update_cache(SSL *s, int mode);
@ -1084,7 +1084,7 @@ index 6a2edeb190..53dbbd596c 100644
__owur int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
const EVP_MD **md, int *mac_pkey_type,
size_t *mac_secret_size, SSL_COMP **comp,
@@ -2324,7 +2368,7 @@ __owur unsigned long ssl3_output_cert_chain(SSL *s, WPACKET *pkt,
@@ -2342,7 +2386,7 @@ __owur unsigned long ssl3_output_cert_chain(SSL *s, WPACKET *pkt,
CERT_PKEY *cpk);
__owur const SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,
STACK_OF(SSL_CIPHER) *clnt,