3.17 cleanup

This commit is contained in:
build@apk-groulx 2023-01-11 00:40:45 +00:00
parent fd44669b56
commit 7c2d413554
312 changed files with 2761 additions and 6111 deletions

462
backports/electron/APKBUILD Normal file
View file

@ -0,0 +1,462 @@
# Maintainer: psykose <alice@ayaya.dev>
pkgname=electron
pkgver=21.3.3
pkgrel=3
_chromium=106.0.5249.199
_depot_tools=6fde0fbe9226ae3fc9f5c709adb93249924e5c49
pkgdesc="Electron cross-platform desktop toolkit"
url="https://github.com/electron/electron"
arch="aarch64 x86_64" # same as chromium
license="MIT"
depends="gtk+3.0 so:libudev.so.1 xdg-utils"
makedepends="
alsa-lib-dev
aom-dev
bash
brotli-dev
bsd-compat-headers
bzip2-dev
c-ares-dev
cairo-dev
clang-dev
clang-extra-tools
compiler-rt
cups-dev
curl-dev
dav1d-dev
dbus-glib-dev
eudev-dev
ffmpeg-dev
findutils
flac-dev
flex
freetype-dev
gperf
gtk+3.0-dev
gn
gzip
harfbuzz-dev
hunspell-dev
http-parser-dev
hwids-usb
java-jdk
jpeg-dev
jsoncpp-dev
krb5-dev
lcms2-dev
libarchive-tools
libavif-dev
libbsd-dev
libcap-dev
libevent-dev
libexif-dev
libgcrypt-dev
libjpeg-turbo-dev
libnotify-dev
libusb-dev
libva-dev
libwebp-dev
libxcomposite-dev
libxcursor-dev
libxinerama-dev
libxml2-dev
libxrandr-dev
libxscrnsaver-dev
libxslt-dev
linux-headers
lld
llvm
mesa-dev
minizip-dev
nghttp2-dev
nodejs
npm
nss-dev
opus-dev
pciutils-dev
perl
pipewire-dev
pulseaudio-dev
py3-httplib2
py3-parsing
py3-six
python3
re2-dev
samurai
snappy-dev
speex-dev
sqlite-dev
woff2-dev
xcb-proto
yarn
zlib-dev
"
subpackages="$pkgname-lang $pkgname-dev"
# the lower patches are specific to electron, the top ones are from the equivalent chromium version
source="https://dev.alpinelinux.org/archive/electron/electron-$pkgver.tar.xz
angle-wayland-include.patch
canonicalize-file-name.patch
chromium-VirtualCursor-standard-layout.patch
chromium-revert-drop-of-system-java.patch
chromium-use-alpine-target.patch
credentials-sys-types-header.patch
default-pthread-stacksize.patch
dns-resolver.patch
fix-crashpad.patch
fix-missing-cstdint-include-musl.patch
fix-narrowing-cast.patch
gdbinit.patch
jsoncpp.patch
memory-tagging-arm64.patch
musl-sandbox.patch
musl-tid-caching.patch
musl-v8-monotonic-pthread-cont_timedwait.patch
no-execinfo.patch
no-glibc-version.patch
no-mallinfo.patch
no-res-ninit-nclose.patch
no-stat-redefine.patch
nullptr-t.patch
partition-atfork.patch
py3.11.patch
quiche-arena-size.patch
roll-src-third_party-ffmpeg-102.patch
roll-src-third_party-ffmpeg-106.patch
scoped-file-no-close.patch
temp-failure-retry.patch
wtf-stacksize.patch
icon.patch
python-jinja-3.10.patch
system-node.patch
vector-const.patch
webpack-hash.patch
default.conf
electron.desktop
electron-launcher.sh
"
options="!check suid"
# clang uses much less memory (and this doesn't support gcc)
export CC=clang
export CXX=clang++
# required to find the tools
export AR=llvm-ar
export NM=llvm-nm
export LD=clang++
# less log spam, reproducible
export CFLAGS="${CFLAGS/-g/} -O2 -Wno-unknown-warning-option -Wno-builtin-macro-redefined"
export CXXFLAGS="${CXXFLAGS/-g/} -O2 -Wno-unknown-warning-option -Wno-builtin-macro-redefined"
export CPPFLAGS="$CPPFLAGS -D__DATE__= -D__TIME__= -D__TIMESTAMP__="
_gn_flags() {
echo "$@"
}
# creates a dist tarball that does not need to git clone everything at build time.
snapshot() {
export CHROMIUM_BUILDTOOLS_PATH="$srcdir/src/buildtools"
mkdir -p "$srcdir"
cd "$srcdir"
git clone --branch=$_chromium --depth=1 \
https://chromium.googlesource.com/chromium/src.git
git clone https://github.com/electron/electron.git
(
git clone --depth 1 -b main https://chromium.googlesource.com/chromium/tools/depot_tools.git
cd depot_tools
git fetch --depth 1 origin $_depot_tools
git checkout $_depot_tools
)
export PATH="$PATH:$srcdir/depot_tools"
echo "solutions = [
{
\"name\": \"src/electron\",
\"url\": \"file://$srcdir/electron@v$pkgver\",
\"deps_file\": \"DEPS\",
\"managed\": False,
\"custom_deps\": {
\"src\": None,
},
\"custom_vars\": {},
},
]" > .gclient
python3 depot_tools/gclient.py sync \
--with_branch_heads \
--with_tags \
--nohooks
python3 src/build/landmines.py
python3 src/build/util/lastchange.py -o src/build/util/LASTCHANGE
python3 src/build/util/lastchange.py -s src/third_party/dawn \
--revision src/gpu/webgpu/DAWN_VERSION
python3 src/build/util/lastchange.py -m GPU_LISTS_VERSION \
--revision-id-only --header src/gpu/config/gpu_lists_version.h
python3 src/build/util/lastchange.py -m SKIA_COMMIT_HASH \
-s src/third_party/skia --header src/skia/ext/skia_commit_hash.h
# why?
cp -r electron/patches/ffmpeg src/electron/patches/
python3 electron/script/apply_all_patches.py \
electron/patches/config.json
python3 src/tools/download_optimization_profile.py \
--newest_state=src/chrome/android/profiles/newest.txt \
--local_state=src/chrome/android/profiles/local.txt \
--output_name=src/chrome/android/profiles/afdo.prof \
--gs_url_base=chromeos-prebuilt/afdo-job/llvm
mv src $pkgname-$pkgver
# extra binaries are most likely things we don't want, so nuke them all
for elf in $(scanelf -RA -F "%F" $pkgname-$pkgver); do
rm -f "$elf"
done
msg "generating tarball.. (this takes a while)"
tar -cf $pkgname-$pkgver.tar \
--exclude="ChangeLog*" \
--exclude="testdata/" \
--exclude="test_data/" \
--exclude="android_rust_toolchain/toolchain/" \
--exclude-backups \
--exclude-caches-all \
--exclude-vcs \
$pkgname-$pkgver
xz -T0 -e -9 -vv -k $pkgname-$pkgver.tar
}
prepare() {
default_prepare
git init .
# link to system tools
ln -sfv /usr/bin/clang-format buildtools/linux64/clang-format
mkdir -p third_party/node/linux/node-linux-x64/bin
ln -sfv /usr/bin/node third_party/node/linux/node-linux-x64/bin/node
ln -sfv /usr/bin/java third_party/jdk/current/bin/java
(
cd electron
git init .
git config user.email "example@example.com"
git config user.name "example"
git add LICENSE
git commit -m "init"
git tag "v$pkgver"
# jesus christ what the fuck is wrong with you?
touch .git/packed-refs
yarn install --frozen-lockfile
)
(
cd third_party/node
npm ci
)
local use_system="
brotli
dav1d
ffmpeg
flac
fontconfig
freetype
harfbuzz-ng
icu
jsoncpp
libaom
libavif
libdrm
libevent
libjpeg
libwebp
libxml
libxslt
opus
re2
snappy
woff2
zlib
"
for _lib in $use_system libjpeg_turbo; do
msg "Removing buildscripts for system provided $_lib"
find . -type f -path "*third_party/$_lib/*" \
\! -path "*third_party/$_lib/chromium/*" \
\! -path "*third_party/$_lib/google/*" \
\! -path './base/third_party/icu/*' \
\! -path './third_party/libxml/*' \
\! -path './third_party/pdfium/third_party/freetype/include/pstables.h' \
\! -path './third_party/harfbuzz-ng/utils/hb_scoped.h' \
\! -path './third_party/crashpad/crashpad/third_party/zlib/zlib_crashpad.h' \
\! -regex '.*\.\(gn\|gni\|isolate\|py\)' \
-delete
done
# https://groups.google.com/a/chromium.org/d/topic/chromium-packagers/9JX1N2nf4PU/discussion
touch chrome/test/data/webui/i18n_process_css_test.html
# Use the file at run time instead of effectively compiling it in
sed 's|//third_party/usb_ids/usb.ids|/usr/share/hwdata/usb.ids|g' \
-i services/device/public/cpp/usb/BUILD.gn
python3 build/linux/unbundle/replace_gn_files.py --system-libraries \
$use_system
python3 third_party/libaddressinput/chromium/tools/update-strings.py
# prevent annoying errors when regenerating gni
sed -i 's,^update_readme$,#update_readme,' \
third_party/libvpx/generate_gni.sh
# allow system dependencies in "official builds"
sed -i 's/OFFICIAL_BUILD/GOOGLE_CHROME_BUILD/' \
tools/generate_shim_headers/generate_shim_headers.py
# https://crbug.com/893950
sed -i -e 's/\<xmlMalloc\>/malloc/' -e 's/\<xmlFree\>/free/' \
third_party/blink/renderer/core/xml/*.cc \
third_party/blink/renderer/core/xml/parser/xml_document_parser.cc \
third_party/libxml/chromium/*.cc \
third_party/maldoca/src/maldoca/ole/oss_utils.h
msg "Configuring build"
local gn_config="
import(\"//electron/build/args/release.gn\")
blink_enable_generated_code_formatting=false
chrome_pgo_phase=0
clang_use_chrome_plugins=false
custom_toolchain=\"//build/toolchain/linux/unbundle:default\"
disable_fieldtrial_testing_config=true
enable_hangout_services_extension=true
enable_nacl=false
enable_stripping=false
enable_vr=false
fatal_linker_warnings=false
ffmpeg_branding=\"Chrome\"
host_toolchain=\"//build/toolchain/linux/unbundle:default\"
icu_use_data_file=true
is_cfi=false
is_component_ffmpeg=true
is_debug=false
is_official_build=true
link_pulseaudio=true
proprietary_codecs=true
rtc_link_pipewire=true
rtc_use_pipewire=true
symbol_level=0
treat_warnings_as_errors=false
use_custom_libcxx=false
use_gnome_keyring=false
use_pulseaudio=true
use_sysroot=false
use_system_freetype=true
use_system_harfbuzz=true
use_system_lcms2=true
use_system_libdrm=true
use_system_libjpeg=true
use_system_wayland_scanner=true
use_system_zlib=true
use_vaapi=true
"
gn gen out/Release \
--args="$(echo $gn_config)" \
--export-compile-commands
}
build() {
ninja -C out/Release \
electron_dist_zip \
node_gypi_headers \
node_version_header \
tar_headers
}
package() {
mkdir -p "$pkgdir"/usr/lib/electron "$pkgdir"/usr/bin
bsdtar -xf out/Release/dist.zip -C "$pkgdir"/usr/lib/electron
chmod u+s "$pkgdir"/usr/lib/electron/chrome-sandbox
install -Dm755 "$srcdir"/electron-launcher.sh "$pkgdir"/usr/bin/electron
install -Dm755 "$srcdir"/default.conf "$pkgdir"/etc/electron/default.conf
mkdir -p "$pkgdir"/usr/include/electron
mv -v "$builddir"/out/Release/gen/node_headers "$pkgdir"/usr/include/electron
ln -sv /usr/include/electron/node_headers/include/node "$pkgdir"/usr/include/electron/node
mkdir -p "$pkgdir"/usr/include/electron/node_headers/include/nan
cp -v "$builddir"/third_party/nan/*.h "$pkgdir"/usr/include/electron/node_headers/include/nan
ln -sv /usr/include/electron/node_headers/include/nan "$pkgdir"/usr/include/electron/nan
install -Dm644 electron/default_app/icon.png \
"$pkgdir"/usr/share/icons/hicolor/1024x1024/apps/electron.png
install -Dm644 "$srcdir"/electron.desktop \
-t "$pkgdir"/usr/share/applications/
}
lang() {
pkgdesc="$pkgdesc (translations)"
install_if="$pkgname=$pkgver-r$pkgrel lang"
mkdir -p "$subpkgdir"/usr/lib/electron/locales
mv "$pkgdir"/usr/lib/electron/locales/*.pak \
"$subpkgdir"/usr/lib/electron/locales
mv "$subpkgdir"/usr/lib/electron/locales/en-US.pak \
"$pkgdir"/usr/lib/electron/locales
}
sha512sums="
1d21e74875ade836625c28d8d9351b41d2776def248193e9c82d4cd50375e9e9b2f7c40026673fe2a191a936f05c3fe639b0423964356ad678f41545aceede3c electron-21.3.3.tar.xz
f19ba0c0f542115e6f53019659df256471e811a23d2f37569c9d4dfa265c0c1ace3e62c74d7507f82e6b7b4152c704e651810a00616f8f531592b14bb2af01d9 angle-wayland-include.patch
252b37a2ecc5e7a25385943045f426dc2e30991b28d206ceaff1be7fd8ffeeb024310a8fca6b3e69a4b1c57db535d51c570935351053525f393682d5ecd0f9a9 canonicalize-file-name.patch
ac0a80174f95d733f33ddc06fc88cdcf7db0973378c28d8544dc9c19e2dabeac47f91c99b3e7384f650b3405554a9e222543f0860b6acc407c078a8c9180d727 chromium-VirtualCursor-standard-layout.patch
c4654d5b23c6f5d9502507e534fe1951d6749c62251e49b6adfe10d1569431e7f7a5a6fa5ff09ec30984415ced27a5e20985df8c91295de34af3c84557fa5b91 chromium-revert-drop-of-system-java.patch
d2b5b0396173367fcf1804aaee8e7fbefce9c63ac2a91c3a1ede759cb85e567317a57e4d4f82d3ca021682fb7856e15c074276a03eda946d9b28e1cb706b07ad chromium-use-alpine-target.patch
ec04bf43278a19d4bb090eddd636ad7093c7e757cb2ffa1875971e0709761174790e109b9be03a8e299d4077a87fbd8dabd301b8754bb6fe53c055396e8af556 credentials-sys-types-header.patch
4ab8261bf95547b10df44e4d528c06a64c33602c10a1e09d531190dc8947ba6ef9e69145405b801cd364707570f791fee6d93e3bf5d57831f5a85212ddf01729 default-pthread-stacksize.patch
f011f66e5aae5a6f0d440492ee9400878b47b66214c1bc8dc1477fdd07ad0a508cdbb74415e55e27085c4e61e112e7c2ae2edfa217f2fb387e13097b24cb17b1 dns-resolver.patch
9d1edb1e0624ee61825e3af23fbb8c5dbc09d2b92d7769d19f8ca618edae8de8a3e051fedf4ad92c230e1373dc8495922c46971aef93a580c04ad80bc33516c0 fix-crashpad.patch
8bebf4a9d5225c6e47edc5b07c4b97be24a45cc221f49632836915ceeb4ecb69b7f79a31ea7f82171cde3443f45fec541f409892542cf1014e81aa6acd01566d fix-missing-cstdint-include-musl.patch
efe97b9dd2ec5965fa0cdf1b2a3c01253835c2df710da7ea105c4ce008c11f9caaf8b4321736a2b91f06d8d61972c08e225b16509dc05176a2c39337688ad5b9 fix-narrowing-cast.patch
cf73cbe5bf19d6a22157fb7aafb43f326885e852fc6292728f4ed1cd145d07ba5af51b6ec808095136cd406478aaa427ee1b9611c855fbd87976e1a91e1609bd gdbinit.patch
fa2637f92f851614347e296fbab744af2c5d7edcbb444aeb4a5d3182a8ec2549593d75e717d7e78e9b2a7257e693b48fc88c149c1591052d7ae802f4fda0a775 jsoncpp.patch
e0afb7066c2cb41aa461feb9e45e571517229deab9d06186490b527783a7ba826a4d67d3a14a33a164eea64fa561eb5b93a1d4dfd0acc2e7a9eb038e6ee273db memory-tagging-arm64.patch
fdf8ba7badbd5b61d415ad9d49c66b6ef0a6a40ec95a47e13af48711fe1bd3a5574e987929a3c486cdd02c239863b8517e7f834cecd30f156479e43a9441a18e musl-sandbox.patch
85c2842a251a3f8aa59c701ca5f2ce2f5d49b5c7e4773d5387dc597447fb47c9d876f5fb308576686c9a8abc7e35cfc172b6cdfb9f5f1dc1509329e3590b38d8 musl-tid-caching.patch
d2825aa9525fcbb53791f0ef2502c0f444a9d668f09db6ae4987b94dc4d0e6f1cf58a6e9e772ab11c896a469ca32242feb3ad9c9dbb20df9316cd74151ab0ec9 musl-v8-monotonic-pthread-cont_timedwait.patch
ebd5cf28277853dc5e984961c370ab4a6331488ae7cff45083fea0470262f56486664bc9bd7947fdd796c8635e479633c4d08cfd89270c0310f3ec21cc6642d2 no-execinfo.patch
f0bf97a80e663041e33cb0468fd8c47c5f351d6de61059ce1f359a813c40db8e247eaef294c3f562c0a8204e4f1992a918f1d879b1da9891027500e21f482b79 no-glibc-version.patch
10ae0f74a4c1db899b571508100af63e5af8d0f7c41a37fc9b7987cbf9f27f4c55894c02d6820957d7522a528929059f562f96c2f05fd6509f60c6c71d9d8256 no-mallinfo.patch
a5aa82c30402773903db1d3876208132fdef175f56ebc0ce1ee4c104a98d498d709c5565c4381736c04c238203b3c8a9cd7a5b5e69876f6afb65d7fc48df23d0 no-res-ninit-nclose.patch
2c0d7239728d98c0564ad7b81d6d243e58e56de58a21357fa30c39e333fc29c1aa98529c6e1b6fa7694169b513391ca27fa542f69b483bbde644cc2ed739bbdd no-stat-redefine.patch
5e9f6279698195467e3b506cea9be0d97ec2d970672b1b12d3d7880eec4f6f53b8f92942dc3fc6738b02889382534ce0f4310a1f94b33e21f8fbc70b85640b81 nullptr-t.patch
ad563e29ac7d83c203f5af966c4ed3ebdeb5c997835a45fb28ecde08dde5231d0a775fb413f44867af28724504c42316b27d5a6aaa602057642dcbdf7ec20a7a partition-atfork.patch
65aa0c7c9909a803e59b88ecb6d79c4db491079f3324f7bd02ee485a7bb7a81674b8f0591dab766c97070a401116db7f629fee36af7416a0fefc38f4ae0ad13d py3.11.patch
083ed731e0a3788f2cb04a3035022fbb3e4db99eba01516ea233ea3229f7d898943d8115463a48655ac83eb3cc7a48aceb8bf17c68930a5a1d83b1af95dfade8 quiche-arena-size.patch
128ec0fd14349e065c8bb0910d53cbea7423182a06e06f7b7765f3cba1e5ba5e7a8bccbcdab079335b5235abb7bf0d46dee21ecc8c221be7e1c5c6d9795f958e roll-src-third_party-ffmpeg-102.patch
1063e68f477645914ddf5641eabdd3eaf744e569635d645ea860c3546f67a7ef91eded99331378ee75071b67ecfe9bd4be307bd3da7c7ad93509e2bd634d1ec3 roll-src-third_party-ffmpeg-106.patch
3cf36b269e9fcfa74975d267bbf31bef68b533a51672e5ed81ae511a70f28a45206168af370961a3dab5695ddaff41cb8839c8c2fa53f22a9f3c88d207cb2996 scoped-file-no-close.patch
f2f7673f9e793dfbf4456ff8c2be785ea551c36bd512572245d04bf44da08b0133e98d85a1ffd51158009754c83121cad48d755cbc153735df2d2e73233856c0 temp-failure-retry.patch
1d4e8c6e65205e6b72af47b9a2fa6f96aaada9b7d5a74f4e11a345a885df3078b523d02aaf8e9dac3aa30d72bbbd07cd6dc7edcf44fb9ae57a7f81251c398f65 wtf-stacksize.patch
905565c10f5e5600e7d4db965c892cc45009a258e9995da958974d838ace469e1db1019195307e8807860d5b55ba6bfeea478b1f39a9b99e82c619b2816a1a22 icon.patch
e05180199ee1d559e4e577cedd3e589844ecf40d98a86321bf1bea5607b02eeb5feb486deddae40e1005b644550331f6b8500177aa7e79bcb3750d3c1ceb76c3 python-jinja-3.10.patch
26a8e4040e69f335a7104f42d012b9d933a40985b33a7be02add27a801c097c5a2be4c6e69faf9175ce8945210ae4c5592ecad2123ccff2beee5473194a765e3 system-node.patch
71571b15cf8bd6259b7fd22bea0e46b64890f3db776365de33fe539f26ce9ef99459e05c3dde9434c3657225bc67160abc915acd93033cb487c770c6a2a5975f vector-const.patch
2aa340854316f1284217c0ca17cbf44953684ad6c7da90815117df30928612eb9fb9ffb734b948dfc309cd25d1a67cd57f77aac2d052a3dd9aca07a3a58cbb30 webpack-hash.patch
08460b15037511a4e5469ceac6ae5dd4db4c8cb87c129aaaf40ba58b16c60b8a307ffdd85805efead235758abed09ec31db1ef4cf9159f7b9acdcee3031bc96c default.conf
191559fc7aa1ea0353c6fb0cc321ee1d5803a0e44848c8be941cfab96277b0de6a59962d373e2a2a1686c8f9be2bcf2d2f33706759a339a959e297d3f7fda463 electron.desktop
03750694e5e0b66f084c6e43135e60be15abb059e23486346ee4352dcc236984f2f35467b47f2b2ad46c98c22091cc2b978de8e73680febadba169d960f13f9f electron-launcher.sh
"

View file

@ -0,0 +1,39 @@
Patch-Source: https://github.com/archlinux/svntogit-packages/blob/a353833a5a731abfaa465b658f61894a516aa49b/trunk/angle-wayland-include-protocol.patch
diff -upr third_party/angle.orig/BUILD.gn third_party/angle/BUILD.gn
--- a/third_party/angle.orig/BUILD.gn 2022-08-17 19:38:11.000000000 +0000
+++ b/third_party/angle/BUILD.gn 2022-08-18 11:04:09.061751111 +0000
@@ -489,6 +489,12 @@ config("angle_vulkan_wayland_config") {
if (angle_enable_vulkan && angle_use_wayland &&
defined(vulkan_wayland_include_dirs)) {
include_dirs = vulkan_wayland_include_dirs
+ } else if (angle_enable_vulkan && angle_use_wayland) {
+ include_dirs = [
+ "$wayland_gn_dir/src/src",
+ "$wayland_gn_dir/include/src",
+ "$wayland_gn_dir/include/protocol",
+ ]
}
}
@@ -1073,6 +1079,7 @@ if (angle_use_wayland) {
include_dirs = [
"$wayland_dir/egl",
"$wayland_dir/src",
+ "$wayland_gn_dir/include/protocol",
]
}
diff -upr third_party/angle.orig/src/third_party/volk/BUILD.gn third_party/angle/src/third_party/volk/BUILD.gn
--- a/third_party/angle.orig/src/third_party/volk/BUILD.gn 2022-08-17 19:38:12.000000000 +0000
+++ b/third_party/angle/src/third_party/volk/BUILD.gn 2022-08-18 11:04:36.499828006 +0000
@@ -21,6 +21,9 @@ source_set("volk") {
configs += [ "$angle_root:angle_no_cfi_icall" ]
public_deps = [ "$angle_vulkan_headers_dir:vulkan_headers" ]
if (angle_use_wayland) {
- include_dirs = [ "$wayland_dir/src" ]
+ include_dirs = [
+ "$wayland_dir/src",
+ "$wayland_gn_dir/include/protocol",
+ ]
}
}

View file

@ -0,0 +1,13 @@
no canonicalize_file_name on musl. funnily, the file using this says this is
not portable, but avoids the nonportability of realpath(path, NULL);
--- a/third_party/nasm/config/config-linux.h
+++ b/third_party/nasm/config/config-linux.h
@@ -139,7 +139,7 @@
#define HAVE_ACCESS 1
/* Define to 1 if you have the `canonicalize_file_name' function. */
-#define HAVE_CANONICALIZE_FILE_NAME 1
+/* #define HAVE_CANONICALIZE_FILE_NAME 1 */
/* Define to 1 if you have the `cpu_to_le16' intrinsic function. */
/* #undef HAVE_CPU_TO_LE16 */

View file

@ -0,0 +1,217 @@
needed for libstdc++11 + clang only
diff --git a/sql/recover_module/btree.cc b/sql/recover_module/btree.cc
index 9ecaafe..839318a 100644
--- a/sql/recover_module/btree.cc
+++ b/sql/recover_module/btree.cc
@@ -135,16 +135,25 @@
"Move the destructor to the .cc file if it's non-trival");
#endif // !DCHECK_IS_ON()
-LeafPageDecoder::LeafPageDecoder(DatabasePageReader* db_reader) noexcept
- : page_id_(db_reader->page_id()),
- db_reader_(db_reader),
- cell_count_(ComputeCellCount(db_reader)),
- next_read_index_(0),
- last_record_size_(0) {
+void LeafPageDecoder::Initialize(DatabasePageReader* db_reader) {
+ DCHECK(db_reader);
DCHECK(IsOnValidPage(db_reader));
+ page_id_ = db_reader->page_id();
+ db_reader_ = db_reader;
+ cell_count_ = ComputeCellCount(db_reader);
+ next_read_index_ = 0;
+ last_record_size_ = 0;
DCHECK(DatabasePageReader::IsValidPageId(page_id_));
}
+void LeafPageDecoder::Reset() {
+ db_reader_ = nullptr;
+ page_id_ = 0;
+ cell_count_ = 0;
+ next_read_index_ = 0;
+ last_record_size_ = 0;
+}
+
bool LeafPageDecoder::TryAdvance() {
DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
DCHECK(CanAdvance());
diff --git a/sql/recover_module/btree.h b/sql/recover_module/btree.h
index d76d076..33114b0 100644
--- a/sql/recover_module/btree.h
+++ b/sql/recover_module/btree.h
@@ -102,7 +102,7 @@
//
// |db_reader| must have been used to read an inner page of a table B-tree.
// |db_reader| must outlive this instance.
- explicit LeafPageDecoder(DatabasePageReader* db_reader) noexcept;
+ explicit LeafPageDecoder() noexcept = default;
~LeafPageDecoder() noexcept = default;
LeafPageDecoder(const LeafPageDecoder&) = delete;
@@ -150,6 +150,15 @@
// read as long as CanAdvance() returns true.
bool TryAdvance();
+ // Initialize with DatabasePageReader
+ void Initialize(DatabasePageReader* db_reader);
+
+ // Reset internal DatabasePageReader
+ void Reset();
+
+ // True if DatabasePageReader is valid
+ bool IsValid() { return (db_reader_ != nullptr); }
+
// True if the given reader may point to an inner page in a table B-tree.
//
// The last ReadPage() call on |db_reader| must have succeeded.
@@ -163,14 +172,14 @@
static int ComputeCellCount(DatabasePageReader* db_reader);
// The number of the B-tree page this reader is reading.
- const int64_t page_id_;
+ int64_t page_id_;
// Used to read the tree page.
//
// Raw pointer usage is acceptable because this instance's owner is expected
// to ensure that the DatabasePageReader outlives this.
- DatabasePageReader* const db_reader_;
+ DatabasePageReader* db_reader_;
// Caches the ComputeCellCount() value for this reader's page.
- const int cell_count_ = ComputeCellCount(db_reader_);
+ int cell_count_;
// The reader's cursor state.
//
diff --git a/sql/recover_module/cursor.cc b/sql/recover_module/cursor.cc
index 0029ff9..42548bc 100644
--- a/sql/recover_module/cursor.cc
+++ b/sql/recover_module/cursor.cc
@@ -26,7 +26,7 @@
int VirtualCursor::First() {
DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
inner_decoders_.clear();
- leaf_decoder_ = nullptr;
+ leaf_decoder_.Reset();
AppendPageDecoder(table_->root_page_id());
return Next();
@@ -36,18 +36,18 @@
DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
record_reader_.Reset();
- while (!inner_decoders_.empty() || leaf_decoder_.get()) {
- if (leaf_decoder_.get()) {
- if (!leaf_decoder_->CanAdvance()) {
+ while (!inner_decoders_.empty() || leaf_decoder_.IsValid()) {
+ if (leaf_decoder_.IsValid()) {
+ if (!leaf_decoder_.CanAdvance()) {
// The leaf has been exhausted. Remove it from the DFS stack.
- leaf_decoder_ = nullptr;
+ leaf_decoder_.Reset();
continue;
}
- if (!leaf_decoder_->TryAdvance())
+ if (!leaf_decoder_.TryAdvance())
continue;
- if (!payload_reader_.Initialize(leaf_decoder_->last_record_size(),
- leaf_decoder_->last_record_offset())) {
+ if (!payload_reader_.Initialize(leaf_decoder_.last_record_size(),
+ leaf_decoder_.last_record_offset())) {
continue;
}
if (!record_reader_.Initialize())
@@ -99,13 +99,13 @@
int64_t VirtualCursor::RowId() {
DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
DCHECK(record_reader_.IsInitialized());
- DCHECK(leaf_decoder_.get());
- return leaf_decoder_->last_record_rowid();
+ DCHECK(leaf_decoder_.IsValid());
+ return leaf_decoder_.last_record_rowid();
}
void VirtualCursor::AppendPageDecoder(int page_id) {
DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
- DCHECK(leaf_decoder_.get() == nullptr)
+ DCHECK(!leaf_decoder_.IsValid())
<< __func__
<< " must only be called when the current path has no leaf decoder";
@@ -113,7 +113,7 @@
return;
if (LeafPageDecoder::IsOnValidPage(&db_reader_)) {
- leaf_decoder_ = std::make_unique<LeafPageDecoder>(&db_reader_);
+ leaf_decoder_.Initialize(&db_reader_);
return;
}
diff --git a/sql/recover_module/cursor.h b/sql/recover_module/cursor.h
index afcd690..b15c31d 100644
--- a/sql/recover_module/cursor.h
+++ b/sql/recover_module/cursor.h
@@ -129,7 +129,7 @@
std::vector<std::unique_ptr<InnerPageDecoder>> inner_decoders_;
// Decodes the leaf page containing records.
- std::unique_ptr<LeafPageDecoder> leaf_decoder_;
+ LeafPageDecoder leaf_decoder_;
SEQUENCE_CHECKER(sequence_checker_);
};
diff --git a/sql/recover_module/pager.cc b/sql/recover_module/pager.cc
index 58e75de..5fe9620 100644
--- a/sql/recover_module/pager.cc
+++ b/sql/recover_module/pager.cc
@@ -23,8 +23,7 @@
"ints are not appropriate for representing page IDs");
DatabasePageReader::DatabasePageReader(VirtualTable* table)
- : page_data_(std::make_unique<uint8_t[]>(table->page_size())),
- table_(table) {
+ : page_data_(), table_(table) {
DCHECK(table != nullptr);
DCHECK(IsValidPageSize(table->page_size()));
}
@@ -57,8 +56,8 @@
std::numeric_limits<int64_t>::max(),
"The |read_offset| computation above may overflow");
- int sqlite_status =
- RawRead(sqlite_file, read_size, read_offset, page_data_.get());
+ int sqlite_status = RawRead(sqlite_file, read_size, read_offset,
+ const_cast<uint8_t*>(page_data_.data()));
// |page_id_| needs to be set to kInvalidPageId if the read failed.
// Otherwise, future ReadPage() calls with the previous |page_id_| value
diff --git a/sql/recover_module/pager.h b/sql/recover_module/pager.h
index 0e388ddc..99314e3 100644
--- a/sql/recover_module/pager.h
+++ b/sql/recover_module/pager.h
@@ -5,6 +5,7 @@
#ifndef SQL_RECOVER_MODULE_PAGER_H_
#define SQL_RECOVER_MODULE_PAGER_H_
+#include <array>
#include <cstdint>
#include <memory>
@@ -70,7 +71,7 @@
DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
DCHECK_NE(page_id_, kInvalidPageId)
<< "Successful ReadPage() required before accessing pager state";
- return page_data_.get();
+ return page_data_.data();
}
// The number of bytes in the page read by the last ReadPage() call.
@@ -137,7 +138,7 @@
int page_id_ = kInvalidPageId;
// Stores the bytes of the last page successfully read by ReadPage().
// The content is undefined if the last call to ReadPage() did not succeed.
- const std::unique_ptr<uint8_t[]> page_data_;
+ const std::array<uint8_t, kMaxPageSize> page_data_;
// Raw pointer usage is acceptable because this instance's owner is expected
// to ensure that the VirtualTable outlives this.
VirtualTable* const table_;

View file

@ -0,0 +1,15 @@
This was dropped for some reason in 6951c37cecd05979b232a39e5c10e6346a0f74ef
--- a/third_party/closure_compiler/compiler.py 2021-05-20 04:17:53.000000000 +0200
+++ b/third_party/closure_compiler/compiler.py 2021-05-20 04:17:53.000000000 +0200
@@ -13,8 +13,9 @@
_CURRENT_DIR = os.path.join(os.path.dirname(__file__))
-_JAVA_PATH = os.path.join(_CURRENT_DIR, "..", "jdk", "current", "bin", "java")
-assert os.path.isfile(_JAVA_PATH), "java only allowed in android builds"
+_JAVA_BIN = "java"
+_JDK_PATH = os.path.join(_CURRENT_DIR, "..", "jdk", "current", "bin", "java")
+_JAVA_PATH = _JDK_PATH if os.path.isfile(_JDK_PATH) else _JAVA_BIN
class Compiler(object):
"""Runs the Closure compiler on given source files to typecheck them

View file

@ -0,0 +1,13 @@
--- a/build/config/compiler/BUILD.gn
+++ b/build/config/compiler/BUILD.gn
@@ -917,8 +917,8 @@
} else if (current_cpu == "arm64") {
if (is_clang && !is_android && !is_nacl && !is_fuchsia &&
!(is_chromeos_lacros && is_chromeos_device)) {
- cflags += [ "--target=aarch64-linux-gnu" ]
- ldflags += [ "--target=aarch64-linux-gnu" ]
+ cflags += [ "--target=aarch64-alpine-linux-musl" ]
+ ldflags += [ "--target=aarch64-alpine-linux-musl" ]
}
if (is_android) {
# Outline atomics crash on Exynos 9810. http://crbug.com/1272795

View file

@ -0,0 +1,11 @@
--- a/sandbox/linux/services/credentials.h
+++ b/sandbox/linux/services/credentials.h
@@ -14,6 +14,8 @@
#include <string>
#include <vector>
+#include <sys/types.h>
+
#include "sandbox/linux/system_headers/capability.h"
#include "sandbox/sandbox_export.h"

View file

@ -0,0 +1,45 @@
--- a/base/threading/platform_thread_linux.cc
+++ b/base/threading/platform_thread_linux.cc
@@ -186,7 +186,8 @@
size_t GetDefaultThreadStackSize(const pthread_attr_t& attributes) {
#if !defined(THREAD_SANITIZER)
- return 0;
+ // use 2mb to avoid running out of space. This is what android uses
+ return 2 * (1 << 20);
#else
// ThreadSanitizer bloats the stack heavily. Evidence has been that the
// default stack size isn't enough for some browser tests.
--- a/base/threading/platform_thread_unittest.cc
+++ b/base/threading/platform_thread_unittest.cc
@@ -420,7 +420,7 @@
((BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)) && \
!defined(THREAD_SANITIZER)) || \
(BUILDFLAG(IS_ANDROID) && !defined(ADDRESS_SANITIZER))
- EXPECT_EQ(0u, stack_size);
+ EXPECT_EQ(2u << 20, stack_size);
#else
EXPECT_GT(stack_size, 0u);
EXPECT_LT(stack_size, 20u * (1 << 20));
--- a/chrome/browser/shutdown_signal_handlers_posix.cc
+++ b/chrome/browser/shutdown_signal_handlers_posix.cc
@@ -187,11 +187,19 @@
g_shutdown_pipe_read_fd = pipefd[0];
g_shutdown_pipe_write_fd = pipefd[1];
#if !defined(ADDRESS_SANITIZER)
+# if defined(__GLIBC__)
const size_t kShutdownDetectorThreadStackSize = PTHREAD_STACK_MIN * 2;
+# else
+ const size_t kShutdownDetectorThreadStackSize = PTHREAD_STACK_MIN * 2 * 8; // match up musls 2k PTHREAD_STACK_MIN with glibcs 16k
+# endif
#else
+# if defined(__GLIBC__)
// ASan instrumentation bloats the stack frames, so we need to increase the
// stack size to avoid hitting the guard page.
const size_t kShutdownDetectorThreadStackSize = PTHREAD_STACK_MIN * 4;
+# else
+ const size_t kShutdownDetectorThreadStackSize = PTHREAD_STACK_MIN * 4 * 8; // match up musls 2k PTHREAD_STACK_MIN with glibcs 16k
+# endif
#endif
ShutdownDetector* detector = new ShutdownDetector(
g_shutdown_pipe_read_fd, std::move(shutdown_callback), task_runner);

View file

@ -0,0 +1,5 @@
# Default settings for electron. This file is sourced by /bin/sh from
# the electron launcher.
# Options to pass to electron.
ELECTRON_FLAGS="--ozone-platform-hint=auto"

View file

@ -0,0 +1,36 @@
--- a/net/dns/host_resolver_manager.cc
+++ b/net/dns/host_resolver_manager.cc
@@ -3014,8 +3014,7 @@
NetworkChangeNotifier::AddConnectionTypeObserver(this);
if (system_dns_config_notifier_)
system_dns_config_notifier_->AddObserver(this);
-#if BUILDFLAG(IS_POSIX) && !BUILDFLAG(IS_APPLE) && !BUILDFLAG(IS_OPENBSD) && \
- !BUILDFLAG(IS_ANDROID)
+#if defined(__GLIBC__)
EnsureDnsReloaderInit();
#endif
--- a/net/dns/dns_reloader.cc
+++ b/net/dns/dns_reloader.cc
@@ -6,8 +6,7 @@
#include "build/build_config.h"
-#if BUILDFLAG(IS_POSIX) && !BUILDFLAG(IS_APPLE) && !BUILDFLAG(IS_OPENBSD) && \
- !BUILDFLAG(IS_ANDROID) && !BUILDFLAG(IS_FUCHSIA)
+#if defined(__GLIBC__)
#include <resolv.h>
--- a/net/dns/host_resolver_proc.cc
+++ b/net/dns/host_resolver_proc.cc
@@ -176,8 +176,7 @@
base::ScopedBlockingCall scoped_blocking_call(FROM_HERE,
base::BlockingType::WILL_BLOCK);
-#if BUILDFLAG(IS_POSIX) && \
- !(BUILDFLAG(IS_APPLE) || BUILDFLAG(IS_OPENBSD) || BUILDFLAG(IS_ANDROID))
+#if defined(__GLIBC__)
DnsReloaderMaybeReload();
#endif
absl::optional<AddressInfo> ai;

View file

@ -0,0 +1,14 @@
#!/bin/sh
# Allow the user to override command-line flags
# This is based on Debian's chromium-browser package, and is intended
# to be consistent with Debian.
for f in /etc/electron/*.conf; do
[ -f ${f} ] && . "${f}"
done
# Prefer user defined ELECTRON_USER_FLAGS (from env) over system
# default ELECTRON_FLAGS (from /etc/electron/default.conf).
ELECTRON_FLAGS=${ELECTRON_USER_FLAGS:-"$ELECTRON_FLAGS"}
exec "/usr/lib/electron/electron" "$@" ${ELECTRON_FLAGS}

View file

@ -0,0 +1,8 @@
[Desktop Entry]
Type=Application
Name=electron21
Icon=electron
Exec=electron %u
Categories=Development;GTK;
StartupNotify=true
StartupWMClass=electron

View file

@ -0,0 +1,31 @@
--- a/third_party/crashpad/crashpad/client/BUILD.gn
+++ b/third_party/crashpad/crashpad/client/BUILD.gn
@@ -81,6 +81,7 @@
deps = [
":common",
"$mini_chromium_source_parent:chromeos_buildflags",
+ "../util",
]
if (crashpad_is_win) {
--- a/third_party/crashpad/crashpad/util/linux/ptracer.cc
+++ b/third_party/crashpad/crashpad/util/linux/ptracer.cc
@@ -26,6 +26,7 @@
#if defined(ARCH_CPU_X86_FAMILY)
#include <asm/ldt.h>
+#include <asm/ptrace-abi.h>
#endif
namespace crashpad {
--- a/third_party/crashpad/crashpad/util/linux/thread_info.h
+++ b/third_party/crashpad/crashpad/util/linux/thread_info.h
@@ -273,7 +273,7 @@ union FloatContext {
"Size mismatch");
#elif defined(ARCH_CPU_ARMEL)
static_assert(sizeof(f32_t::fpregs) == sizeof(user_fpregs), "Size mismatch");
-#if !defined(__GLIBC__)
+#if defined(OS_ANDROID)
static_assert(sizeof(f32_t::vfp) == sizeof(user_vfp), "Size mismatch");
#endif
#elif defined(ARCH_CPU_ARM64)

View file

@ -0,0 +1,11 @@
Patch-Source: https://github.com/void-linux/void-packages/blob/378db3cf5087877588aebaaa8ca3c9d94dfb54e0/srcpkgs/chromium/patches/fix-missing-cstdint-include-musl.patch
--- a/net/third_party/quiche/src/quiche/http2/adapter/window_manager.h
+++ b/net/third_party/quiche/src/quiche/http2/adapter/window_manager.h
@@ -3,6 +3,7 @@
#include <stddef.h>
+#include <cstdint>
#include <functional>
#include "common/platform/api/quiche_export.h"

View file

@ -0,0 +1,44 @@
--- a/base/files/file_util_linux.cc
+++ b/base/files/file_util_linux.cc
@@ -30,7 +30,7 @@
case EXT2_SUPER_MAGIC: // Also ext3 and ext4
case MSDOS_SUPER_MAGIC:
case REISERFS_SUPER_MAGIC:
- case static_cast<int>(BTRFS_SUPER_MAGIC):
+ case BTRFS_SUPER_MAGIC:
case 0x5346544E: // NTFS
case 0x58465342: // XFS
case 0x3153464A: // JFS
@@ -40,14 +40,14 @@
*type = FILE_SYSTEM_NFS;
break;
case SMB_SUPER_MAGIC:
- case static_cast<int>(0xFF534D42): // CIFS
+ case 0xFF534D42: // CIFS
*type = FILE_SYSTEM_SMB;
break;
case CODA_SUPER_MAGIC:
*type = FILE_SYSTEM_CODA;
break;
- case static_cast<int>(HUGETLBFS_MAGIC):
- case static_cast<int>(RAMFS_MAGIC):
+ case HUGETLBFS_MAGIC:
+ case RAMFS_MAGIC:
case TMPFS_MAGIC:
*type = FILE_SYSTEM_MEMORY;
break;
--- a/base/system/sys_info_posix.cc
+++ b/base/system/sys_info_posix.cc
@@ -100,10 +100,10 @@
if (HANDLE_EINTR(statfs(path.value().c_str(), &stats)) != 0)
return false;
switch (stats.f_type) {
case TMPFS_MAGIC:
- case static_cast<int>(HUGETLBFS_MAGIC):
- case static_cast<int>(RAMFS_MAGIC):
+ case HUGETLBFS_MAGIC:
+ case RAMFS_MAGIC:
return true;
}
return false;

View file

@ -0,0 +1,21 @@
--- a/tools/gdb/gdbinit
+++ b/tools/gdb/gdbinit
@@ -50,17 +50,7 @@
def set_src_dir(compile_dir):
global src_dir
- git = subprocess.Popen(
- ['git', '-C', compile_dir, 'rev-parse', '--show-toplevel'],
- stdout=subprocess.PIPE,
- stderr=subprocess.PIPE)
- src_dir, _ = git.communicate()
- if git.returncode:
- return
- if isinstance(src_dir, str):
- src_dir = src_dir.rstrip()
- else:
- src_dir = src_dir.decode('utf-8').rstrip()
+ src_dir = os.path.abspath(os.getcwd())
load_libcxx_pretty_printers(src_dir)

View file

@ -0,0 +1,21 @@
--- a/electron/default_app/default_app.ts
+++ b/electron/default_app/default_app.ts
@@ -60,7 +60,7 @@
};
if (process.platform === 'linux') {
- options.icon = path.join(__dirname, 'icon.png');
+ options.icon = '/usr/share/icons/hicolor/1024x1024/apps/electron.png';
}
mainWindow = new BrowserWindow(options);
--- a/electron/filenames.gni
+++ b/electron/filenames.gni
@@ -6,7 +6,6 @@
]
default_app_static_sources = [
- "default_app/icon.png",
"default_app/index.html",
"default_app/package.json",
"default_app/styles.css",

View file

@ -0,0 +1,39 @@
Patch-Source: https://github.com/archlinux/svntogit-packages/blob/bf2401407df5bcc938382eb03748fbef41e41c89/trunk/unbundle-jsoncpp-avoid-CFI-faults-with-is_cfi-true.patch
From ed8d931e35f81d8566835a579caf7d61368f85b7 Mon Sep 17 00:00:00 2001
From: Evangelos Foutras <evangelos@foutrelis.com>
Date: Tue, 27 Sep 2022 22:20:41 +0000
Subject: [PATCH] unbundle/jsoncpp: avoid CFI faults with is_cfi=true
Ensure jsoncpp symbols have public visibility and are thus excluded from
CFI checks and whole-program optimization. This is achieved by defining
JSON_DLL_BUILD which in turn causes json/config.h to define JSON_API as
__attribute__((visibility("default"))). The latter macro is used to tag
jsoncpp classes and namespace functions throughout jsoncpp's headers.
BUG=1365218
Change-Id: I56277737b7d9ecaeb5e17c8d21a2e55f3d5d5bc9
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3919652
Reviewed-by: Thomas Anderson <thomasanderson@chromium.org>
Commit-Queue: Thomas Anderson <thomasanderson@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1052077}
---
build/linux/unbundle/jsoncpp.gn | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/build/linux/unbundle/jsoncpp.gn b/build/linux/unbundle/jsoncpp.gn
index 544f9d13c9..e84a0ef27a 100644
--- a/build/linux/unbundle/jsoncpp.gn
+++ b/build/linux/unbundle/jsoncpp.gn
@@ -3,6 +3,11 @@ import("//build/shim_headers.gni")
pkg_config("jsoncpp_config") {
packages = [ "jsoncpp" ]
+
+ # Defining JSON_DLL_BUILD applies public visibility to jsoncpp classes
+ # thus deactivating CFI checks for them. This avoids CFI violations in
+ # virtual calls to system jsoncpp library (https://crbug.com/1365218).
+ defines = [ "JSON_DLL_BUILD" ]
}
shim_headers("jsoncpp_shim") {

View file

@ -0,0 +1,18 @@
--- a/base/allocator/partition_allocator/tagging.cc
+++ b/base/allocator/partition_allocator/tagging.cc
@@ -19,15 +19,6 @@
#define PR_GET_TAGGED_ADDR_CTRL 56
#define PR_TAGGED_ADDR_ENABLE (1UL << 0)
-#if BUILDFLAG(IS_LINUX)
-#include <linux/version.h>
-
-// Linux headers already provide these since v5.10.
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 10, 0)
-#define HAS_PR_MTE_MACROS
-#endif
-#endif
-
#ifndef HAS_PR_MTE_MACROS
#define PR_MTE_TCF_SHIFT 1
#define PR_MTE_TCF_NONE (0UL << PR_MTE_TCF_SHIFT)

View file

@ -0,0 +1,107 @@
diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc ./sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
index ff5a1c0..da56b9b 100644
--- a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
+++ b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
@@ -139,21 +139,11 @@ namespace sandbox {
// present (as in newer versions of posix_spawn).
ResultExpr RestrictCloneToThreadsAndEPERMFork() {
const Arg<unsigned long> flags(0);
-
- // TODO(mdempsky): Extend DSL to support (flags & ~mask1) == mask2.
- const uint64_t kAndroidCloneMask = CLONE_VM | CLONE_FS | CLONE_FILES |
- CLONE_SIGHAND | CLONE_THREAD |
- CLONE_SYSVSEM;
- const uint64_t kObsoleteAndroidCloneMask = kAndroidCloneMask | CLONE_DETACHED;
-
- const uint64_t kGlibcPthreadFlags =
- CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND | CLONE_THREAD |
- CLONE_SYSVSEM | CLONE_SETTLS | CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID;
- const BoolExpr glibc_test = flags == kGlibcPthreadFlags;
-
- const BoolExpr android_test =
- AnyOf(flags == kAndroidCloneMask, flags == kObsoleteAndroidCloneMask,
- flags == kGlibcPthreadFlags);
+ const int required = CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND |
+ CLONE_THREAD | CLONE_SYSVSEM;
+ const int safe = CLONE_SETTLS | CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID |
+ CLONE_DETACHED;
+ const BoolExpr thread_clone_ok = (flags&~safe)==required;
// The following two flags are the two important flags in any vfork-emulating
// clone call. EPERM any clone call that contains both of them.
@@ -163,7 +153,7 @@ ResultExpr RestrictCloneToThreadsAndEPERMFork() {
AnyOf((flags & (CLONE_VM | CLONE_THREAD)) == 0,
(flags & kImportantCloneVforkFlags) == kImportantCloneVforkFlags);
- return If(IsAndroid() ? android_test : glibc_test, Allow())
+ return If(thread_clone_ok, Allow())
.ElseIf(is_fork_or_clone_vfork, Error(EPERM))
.Else(CrashSIGSYSClone());
}
diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc ./sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
index d9d1882..0567557 100644
--- a/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
+++ b/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
@@ -392,6 +392,7 @@ bool SyscallSets::IsAllowedProcessStartOrDeath(int sysno) {
#if defined(__i386__)
case __NR_waitpid:
#endif
+ case __NR_set_tid_address:
return true;
case __NR_clone: // Should be parameter-restricted.
case __NR_setns: // Privileged.
@@ -404,7 +405,6 @@ bool SyscallSets::IsAllowedProcessStartOrDeath(int sysno) {
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__)
case __NR_set_thread_area:
#endif
- case __NR_set_tid_address:
case __NR_unshare:
#if !defined(__mips__) && !defined(__aarch64__)
case __NR_vfork:
@@ -514,6 +514,8 @@ bool SyscallSets::IsAllowedAddressSpaceAccess(int sysno) {
case __NR_mlock:
case __NR_munlock:
case __NR_munmap:
+ case __NR_mremap:
+ case __NR_membarrier:
return true;
case __NR_madvise:
case __NR_mincore:
@@ -531,7 +533,6 @@ bool SyscallSets::IsAllowedAddressSpaceAccess(int sysno) {
case __NR_modify_ldt:
#endif
case __NR_mprotect:
- case __NR_mremap:
case __NR_msync:
case __NR_munlockall:
case __NR_readahead:
diff --git a/sandbox/linux/system_headers/linux_syscalls.h ./sandbox/linux/system_headers/linux_syscalls.h
index 2b78a0c..b6fedb5 100644
--- a/sandbox/linux/system_headers/linux_syscalls.h
+++ b/sandbox/linux/system_headers/linux_syscalls.h
@@ -10,6 +10,7 @@
#define SANDBOX_LINUX_SYSTEM_HEADERS_LINUX_SYSCALLS_H_
#include "build/build_config.h"
+#include <sys/syscall.h>
#if defined(__x86_64__)
#include "sandbox/linux/system_headers/x86_64_linux_syscalls.h"
diff --git a/services/service_manager/sandbox/linux/bpf_renderer_policy_linux.cc ./services/service_manager/sandbox/linux/bpf_renderer_policy_linux.cc
index a85c0ea..715aa1e 100644
--- a/sandbox/policy/linux/bpf_renderer_policy_linux.cc
+++ b/sandbox/policy/linux/bpf_renderer_policy_linux.cc
@@ -102,11 +102,11 @@
#if defined(__arm__) || defined(__aarch64__)
case __NR_getcpu:
#endif
- return Allow();
- case __NR_sched_getaffinity:
case __NR_sched_getparam:
case __NR_sched_getscheduler:
case __NR_sched_setscheduler:
+ return Allow();
+ case __NR_sched_getaffinity:
return RestrictSchedTarget(GetPolicyPid(), sysno);
case __NR_prlimit64:
// See crbug.com/662450 and setrlimit comment above.

View file

@ -0,0 +1,81 @@
--- a/sandbox/linux/services/namespace_sandbox.cc
+++ b/sandbox/linux/services/namespace_sandbox.cc
@@ -209,6 +209,70 @@
return base::LaunchProcess(argv, launch_options_copy);
}
+#if defined(__aarch64__)
+#define TLS_ABOVE_TP
+#endif
+
+struct musl_pthread
+{
+ /* Part 1 -- these fields may be external or
+ * internal (accessed via asm) ABI. Do not change. */
+ struct pthread *self;
+#ifndef TLS_ABOVE_TP
+ uintptr_t *dtv;
+#endif
+ struct pthread *prev, *next; /* non-ABI */
+ uintptr_t sysinfo;
+#ifndef TLS_ABOVE_TP
+#ifdef CANARY_PAD
+ uintptr_t canary_pad;
+#endif
+ uintptr_t canary;
+#endif
+
+/* Part 2 -- implementation details, non-ABI. */
+ int tid;
+ int errno_val;
+ volatile int detach_state;
+ volatile int cancel;
+ volatile unsigned char canceldisable, cancelasync;
+ unsigned char tsd_used:1;
+ unsigned char dlerror_flag:1;
+ unsigned char *map_base;
+ size_t map_size;
+ void *stack;
+ size_t stack_size;
+ size_t guard_size;
+ void *result;
+ struct __ptcb *cancelbuf;
+ void **tsd;
+ struct {
+ volatile void *volatile head;
+ long off;
+ volatile void *volatile pending;
+ } robust_list;
+ int h_errno_val;
+ volatile int timer_id;
+ locale_t locale;
+ volatile int killlock[1];
+ char *dlerror_buf;
+ void *stdio_locks;
+
+ /* Part 3 -- the positions of these fields relative to
+ * the end of the structure is external and internal ABI. */
+#ifdef TLS_ABOVE_TP
+ uintptr_t canary;
+ uintptr_t *dtv;
+#endif
+};
+
+void MaybeUpdateMuslTidCache()
+{
+ pid_t real_tid = sys_gettid();
+ pid_t* cached_tid_location = &reinterpret_cast<struct musl_pthread*>(pthread_self())->tid;
+ *cached_tid_location = real_tid;
+}
+
// static
pid_t NamespaceSandbox::ForkInNewPidNamespace(bool drop_capabilities_in_child) {
const pid_t pid =
@@ -226,6 +290,7 @@
#if defined(LIBC_GLIBC)
MaybeUpdateGlibcTidCache();
#endif
+ MaybeUpdateMuslTidCache();
return 0;
}

View file

@ -0,0 +1,22 @@
Use monotonic clock for pthread_cond_timedwait with musl too.
--- a/v8/src/base/platform/condition-variable.cc
+++ b/v8/src/base/platform/condition-variable.cc
@@ -16,7 +16,7 @@
ConditionVariable::ConditionVariable() {
#if (V8_OS_FREEBSD || V8_OS_NETBSD || V8_OS_OPENBSD || \
- (V8_OS_LINUX && V8_LIBC_GLIBC))
+ V8_OS_LINUX)
// On Free/Net/OpenBSD and Linux with glibc we can change the time
// source for pthread_cond_timedwait() to use the monotonic clock.
pthread_condattr_t attr;
@@ -92,7 +92,7 @@
&native_handle_, &mutex->native_handle(), &ts);
#else
#if (V8_OS_FREEBSD || V8_OS_NETBSD || V8_OS_OPENBSD || \
- (V8_OS_LINUX && V8_LIBC_GLIBC))
+ V8_OS_LINUX)
// On Free/Net/OpenBSD and Linux with glibc we can change the time
// source for pthread_cond_timedwait() to use the monotonic clock.
result = clock_gettime(CLOCK_MONOTONIC, &ts);

View file

@ -0,0 +1,107 @@
--- a/base/debug/stack_trace_posix.cc
+++ b/base/debug/stack_trace_posix.cc
@@ -27,7 +27,7 @@
#if !defined(USE_SYMBOLIZE)
#include <cxxabi.h>
#endif
-#if !defined(__UCLIBC__) && !defined(_AIX)
+#if defined(__GLIBC__) && !defined(_AIX)
#include <execinfo.h>
#endif
@@ -89,7 +89,7 @@
// Note: code in this function is NOT async-signal safe (std::string uses
// malloc internally).
-#if !defined(__UCLIBC__) && !defined(_AIX)
+#if defined(__GLIBC__) && !defined(_AIX)
std::string::size_type search_from = 0;
while (search_from < text->size()) {
// Look for the start of a mangled symbol, from search_from.
@@ -136,7 +136,7 @@
virtual ~BacktraceOutputHandler() = default;
};
-#if !defined(__UCLIBC__) && !defined(_AIX)
+#if defined(__GLIBC__) && !defined(_AIX)
void OutputPointer(void* pointer, BacktraceOutputHandler* handler) {
// This should be more than enough to store a 64-bit number in hex:
// 16 hex digits + 1 for null-terminator.
@@ -839,7 +839,7 @@
// If we do not have unwind tables, then try tracing using frame pointers.
return base::debug::TraceStackFramePointers(const_cast<const void**>(trace),
count, 0);
-#elif !defined(__UCLIBC__) && !defined(_AIX)
+#elif defined(__GLIBC__) && !defined(_AIX)
// Though the backtrace API man page does not list any possible negative
// return values, we take no chance.
return base::saturated_cast<size_t>(backtrace(trace, count));
@@ -852,13 +852,13 @@
// NOTE: This code MUST be async-signal safe (it's used by in-process
// stack dumping signal handler). NO malloc or stdio is allowed here.
-#if !defined(__UCLIBC__) && !defined(_AIX)
+#if defined(__GLIBC__) && !defined(_AIX)
PrintBacktraceOutputHandler handler;
ProcessBacktrace(trace_, count_, prefix_string, &handler);
#endif
}
-#if !defined(__UCLIBC__) && !defined(_AIX)
+#if defined(__GLIBC__) && !defined(_AIX)
void StackTrace::OutputToStreamWithPrefix(std::ostream* os,
const char* prefix_string) const {
StreamBacktraceOutputHandler handler(os);
--- a/v8/src/codegen/external-reference-table.cc
+++ b/v8/src/codegen/external-reference-table.cc
@@ -11,7 +11,9 @@
#if defined(DEBUG) && defined(V8_OS_LINUX) && !defined(V8_OS_ANDROID)
#define SYMBOLIZE_FUNCTION
+#if defined(__GLIBC__)
#include <execinfo.h>
+#endif
#include <vector>
@@ -96,7 +98,7 @@
}
const char* ExternalReferenceTable::ResolveSymbol(void* address) {
-#ifdef SYMBOLIZE_FUNCTION
+#if defined(SYMBOLIZE_FUNCTION) && defined(__GLIBC__)
char** names = backtrace_symbols(&address, 1);
const char* name = names[0];
// The array of names is malloc'ed. However, each name string is static
--- a/third_party/swiftshader/third_party/llvm-subzero/build/Linux/include/llvm/Config/config.h
+++ b/third_party/swiftshader/third_party/llvm-subzero/build/Linux/include/llvm/Config/config.h
@@ -58,7 +58,7 @@
#define HAVE_ERRNO_H 1
/* Define to 1 if you have the <execinfo.h> header file. */
-#define HAVE_EXECINFO_H 1
+/* #define HAVE_EXECINFO_H 1 */
/* Define to 1 if you have the <fcntl.h> header file. */
#define HAVE_FCNTL_H 1
--- a/base/debug/stack_trace.cc
+++ b/base/debug/stack_trace.cc
@@ -251,7 +253,9 @@
}
void StackTrace::OutputToStream(std::ostream* os) const {
+#if defined(__GLIBC__) && !defined(_AIX)
OutputToStreamWithPrefix(os, nullptr);
+#endif
}
std::string StackTrace::ToString() const {
@@ -281,7 +281,7 @@
}
std::string StackTrace::ToStringWithPrefix(const char* prefix_string) const {
std::stringstream stream;
-#if !defined(__UCLIBC__) && !defined(_AIX)
+#if defined(__GLIBC__) && !defined(_AIX)
OutputToStreamWithPrefix(&stream, prefix_string);
#endif
return stream.str();

View file

@ -0,0 +1,19 @@
--- a/chrome/browser/metrics/chrome_browser_main_extra_parts_metrics.cc
+++ b/chrome/browser/metrics/chrome_browser_main_extra_parts_metrics.cc
@@ -61,7 +61,6 @@
// TODO(crbug.com/1052397): Revisit the macro expression once build flag switch
// of lacros-chrome is complete.
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_LACROS)
-#include <gnu/libc-version.h>
#include "base/linux_util.h"
#include "base/strings/string_split.h"
@@ -324,7 +323,7 @@
void RecordLinuxGlibcVersion() {
// TODO(crbug.com/1052397): Revisit the macro expression once build flag switch
// of lacros-chrome is complete.
-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_LACROS)
+#if defined(__GLIBC__) || BUILDFLAG(IS_CHROMEOS_LACROS)
base::Version version(gnu_get_libc_version());
UMALinuxGlibcVersion glibc_version_result = UMA_LINUX_GLIBC_NOT_PARSEABLE;

View file

@ -0,0 +1,110 @@
--- a/base/trace_event/malloc_dump_provider.cc
+++ b/base/trace_event/malloc_dump_provider.cc
@@ -185,7 +185,6 @@
#define MALLINFO2_FOUND_IN_LIBC
struct mallinfo2 info = mallinfo2();
#endif
-#endif // defined(__GLIBC__) && defined(__GLIBC_PREREQ)
#if !defined(MALLINFO2_FOUND_IN_LIBC)
struct mallinfo info = mallinfo();
#endif
@@ -205,6 +204,7 @@
sys_alloc_dump->AddScalar(MemoryAllocatorDump::kNameSize,
MemoryAllocatorDump::kUnitsBytes, info.uordblks);
}
+#endif // defined(__GLIBC__) && defined(__GLIBC_PREREQ)
}
#endif
@@ -339,7 +340,7 @@
&allocated_objects_count);
#elif BUILDFLAG(IS_FUCHSIA)
// TODO(fuchsia): Port, see https://crbug.com/706592.
-#else
+#elif defined(__GLIBC__)
ReportMallinfoStats(/*pmd=*/nullptr, &total_virtual_size, &resident_size,
&allocated_objects_size, &allocated_objects_count);
#endif
--- a/base/process/process_metrics_posix.cc
+++ b/base/process/process_metrics_posix.cc
@@ -105,7 +105,7 @@
#endif // !BUILDFLAG(IS_FUCHSIA)
-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_ANDROID)
+#if (BUILDFLAG(IS_LINUX) && defined(__GLIBC__)) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_ANDROID)
namespace {
size_t GetMallocUsageMallinfo() {
@@ -123,7 +123,7 @@
}
} // namespace
-#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) ||
+#endif // (BUILDFLAG(IS_LINUX) && defined(__GLIBC__)) || BUILDFLAG(IS_CHROMEOS) ||
// BUILDFLAG(IS_ANDROID)
size_t ProcessMetrics::GetMallocUsage() {
@@ -131,9 +131,9 @@
malloc_statistics_t stats = {0};
malloc_zone_statistics(nullptr, &stats);
return stats.size_in_use;
-#elif BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_ANDROID)
+#elif (BUILDFLAG(IS_LINUX) && defined(__GLIBC__)) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_ANDROID)
return GetMallocUsageMallinfo();
-#elif BUILDFLAG(IS_FUCHSIA)
+#else
// TODO(fuchsia): Not currently exposed. https://crbug.com/735087.
return 0;
#endif
--- a/third_party/tflite/src/tensorflow/lite/profiling/memory_info.cc
+++ b/third_party/tflite/src/tensorflow/lite/profiling/memory_info.cc
@@ -35,7 +35,7 @@
MemoryUsage GetMemoryUsage() {
MemoryUsage result;
-#ifdef __linux__
+#if defined(__linux__) && defined(__GLIBC__)
rusage res;
if (getrusage(RUSAGE_SELF, &res) == 0) {
result.max_rss_kb = res.ru_maxrss;
--- a/third_party/swiftshader/third_party/llvm-subzero/lib/Support/Unix/Process.inc
+++ b/third_party/swiftshader/third_party/llvm-subzero/lib/Support/Unix/Process.inc
@@ -86,11 +86,11 @@
}
size_t Process::GetMallocUsage() {
-#if defined(HAVE_MALLINFO2)
+#if defined(HAVE_MALLINFO2) && defined(__GLIBC__)
struct mallinfo2 mi;
mi = ::mallinfo2();
return mi.uordblks;
-#elif defined(HAVE_MALLINFO)
+#elif defined(HAVE_MALLINFO) && defined(__GLIBC__)
struct mallinfo mi;
mi = ::mallinfo();
return mi.uordblks;
--- a/third_party/swiftshader/third_party/llvm-10.0/configs/linux/include/llvm/Config/config.h
+++ b/third_party/swiftshader/third_party/llvm-10.0/configs/linux/include/llvm/Config/config.h
@@ -122,7 +122,9 @@
/* #undef HAVE_MALLCTL */
/* Define to 1 if you have the `mallinfo' function. */
+#if defined(__GLIBC__)
#define HAVE_MALLINFO 1
+#endif
/* Define to 1 if you have the <malloc.h> header file. */
#define HAVE_MALLOC_H 1
--- a/base/allocator/allocator_shim_default_dispatch_to_partition_alloc.cc
+++ b/base/allocator/allocator_shim_default_dispatch_to_partition_alloc.cc
@@ -717,7 +717,7 @@
#endif // !BUILDFLAG(IS_APPLE) && !BUILDFLAG(IS_ANDROID)
-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
+#if 0
SHIM_ALWAYS_EXPORT struct mallinfo mallinfo(void) __THROW {
base::SimplePartitionStatsDumper allocator_dumper;
Allocator()->DumpStats("malloc", true, &allocator_dumper);

View file

@ -0,0 +1,30 @@
--- a/net/dns/public/scoped_res_state.cc
+++ b/net/dns/public/scoped_res_state.cc
@@ -13,7 +13,7 @@
namespace net {
ScopedResState::ScopedResState() {
-#if BUILDFLAG(IS_OPENBSD) || BUILDFLAG(IS_FUCHSIA)
+#if BUILDFLAG(IS_OPENBSD) || BUILDFLAG(IS_FUCHSIA) || defined(_GNU_SOURCE)
// Note: res_ninit in glibc always returns 0 and sets RES_INIT.
// res_init behaves the same way.
memset(&_res, 0, sizeof(_res));
@@ -25,16 +25,8 @@
}
ScopedResState::~ScopedResState() {
-#if !BUILDFLAG(IS_OPENBSD) && !BUILDFLAG(IS_FUCHSIA)
-
- // Prefer res_ndestroy where available.
-#if BUILDFLAG(IS_APPLE) || BUILDFLAG(IS_FREEBSD)
- res_ndestroy(&res_);
-#else
- res_nclose(&res_);
-#endif // BUILDFLAG(IS_APPLE) || BUILDFLAG(IS_FREEBSD)
-
-#endif // !BUILDFLAG(IS_OPENBSD) && !BUILDFLAG(IS_FUCHSIA)
+ // musl res_init() doesn't actually do anything
+ // no destruction is necessary as no memory has been allocated
}
bool ScopedResState::IsValid() const {

View file

@ -0,0 +1,12 @@
--- a/base/files/file.h
+++ b/base/files/file.h
@@ -19,7 +19,8 @@
#include "build/build_config.h"
#if BUILDFLAG(IS_BSD) || BUILDFLAG(IS_APPLE) || BUILDFLAG(IS_NACL) || \
- BUILDFLAG(IS_FUCHSIA) || (BUILDFLAG(IS_ANDROID) && __ANDROID_API__ < 21)
+ BUILDFLAG(IS_FUCHSIA) || (BUILDFLAG(IS_ANDROID) && __ANDROID_API__ < 21) || \
+ (defined(OS_LINUX) && !defined(__GLIBC__))
struct stat;
namespace base {
typedef struct stat stat_wrapper_t;

View file

@ -0,0 +1,11 @@
--- a/chrome/browser/ui/autofill/autofill_popup_controller_impl.h
+++ b/chrome/browser/ui/autofill/autofill_popup_controller_impl.h
@@ -178,7 +178,7 @@
class AutofillPopupViewPtr {
public:
AutofillPopupViewPtr() = default;
- AutofillPopupViewPtr(nullptr_t) : ptr_(nullptr) {}
+ AutofillPopupViewPtr(std::nullptr_t) : ptr_(nullptr) {}
AutofillPopupViewPtr(AutofillPopupView* ptr) : ptr_(ptr) {}
explicit operator bool() const { return ptr_; }

View file

@ -0,0 +1,15 @@
--- a/base/allocator/partition_allocator/partition_root.cc
+++ b/base/allocator/partition_allocator/partition_root.cc
@@ -248,9 +248,9 @@
// However, no perfect solution really exists to make threads + fork()
// cooperate, but deadlocks are real (and fork() is used in DEATH_TEST()s),
// and other malloc() implementations use the same techniques.
- int err =
- pthread_atfork(BeforeForkInParent, AfterForkInParent, AfterForkInChild);
- PA_CHECK(err == 0);
+ //int err =
+ // pthread_atfork(BeforeForkInParent, AfterForkInParent, AfterForkInChild);
+ //PA_CHECK(err == 0);
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
}

View file

@ -0,0 +1,11 @@
--- a/tools/grit/grit/util.py
+++ b/tools/grit/grit/util.py
@@ -209,7 +209,7 @@
mode = 'rb'
encoding = None
else:
- mode = 'rU'
+ mode = 'r'
with io.open(filename, mode, encoding=encoding) as f:
return f.read()

View file

@ -0,0 +1,22 @@
--- a/third_party/electron_node/tools/inspector_protocol/jinja2/runtime.py
+++ b/third_party/electron_node/tools/inspector_protocol/jinja2/runtime.py
@@ -315,7 +315,7 @@ class Context(with_metaclass(ContextMeta
# register the context as mapping if possible
try:
- from collections import Mapping
+ from collections.abc import Mapping
Mapping.register(Context)
except ImportError:
pass
--- a/third_party/electron_node/tools/inspector_protocol/jinja2/sandbox.py
+++ b/third_party/electron_node/tools/inspector_protocol/jinja2/sandbox.py
@@ -14,7 +14,7 @@
"""
import types
import operator
-from collections import Mapping
+from collections.abc import Mapping
from jinja2.environment import Environment
from jinja2.exceptions import SecurityError
from jinja2._compat import string_types, PY2

View file

@ -0,0 +1,11 @@
--- a/net/third_party/quiche/src/quiche/quic/core/quic_one_block_arena.h
+++ b/net/third_party/quiche/src/quiche/quic/core/quic_one_block_arena.h
@@ -69,7 +69,7 @@
// QuicConnections currently use around 1KB of polymorphic types which would
// ordinarily be on the heap. Instead, store them inline in an arena.
-using QuicConnectionArena = QuicOneBlockArena<1280>;
+using QuicConnectionArena = QuicOneBlockArena<1504>;
} // namespace quic

View file

@ -0,0 +1,287 @@
--- a/media/cdm/library_cdm/clear_key_cdm/ffmpeg_cdm_audio_decoder.cc
+++ b/media/cdm/library_cdm/clear_key_cdm/ffmpeg_cdm_audio_decoder.cc
@@ -74,7 +74,7 @@
codec_context->sample_fmt = AV_SAMPLE_FMT_NONE;
}
- codec_context->ch_layout.nb_channels = config.channel_count;
+ codec_context->channels = config.channel_count;
codec_context->sample_rate = config.samples_per_second;
if (config.extra_data) {
@@ -124,8 +124,8 @@
case cdm::kAudioFormatPlanarS16:
case cdm::kAudioFormatPlanarF32: {
const int decoded_size_per_channel =
- decoded_audio_size / av_frame.ch_layout.nb_channels;
- for (int i = 0; i < av_frame.ch_layout.nb_channels; ++i) {
+ decoded_audio_size / av_frame.channels;
+ for (int i = 0; i < av_frame.channels; ++i) {
memcpy(output_buffer, av_frame.extended_data[i],
decoded_size_per_channel);
output_buffer += decoded_size_per_channel;
@@ -185,14 +185,13 @@
// Success!
decoding_loop_ = std::make_unique<FFmpegDecodingLoop>(codec_context_.get());
samples_per_second_ = config.samples_per_second;
- bytes_per_frame_ =
- codec_context_->ch_layout.nb_channels * config.bits_per_channel / 8;
+ bytes_per_frame_ = codec_context_->channels * config.bits_per_channel / 8;
output_timestamp_helper_ =
std::make_unique<AudioTimestampHelper>(config.samples_per_second);
is_initialized_ = true;
// Store initial values to guard against midstream configuration changes.
- channels_ = codec_context_->ch_layout.nb_channels;
+ channels_ = codec_context_->channels;
av_sample_format_ = codec_context_->sample_fmt;
return true;
@@ -292,19 +291,17 @@
for (auto& frame : audio_frames) {
int decoded_audio_size = 0;
if (frame->sample_rate != samples_per_second_ ||
- frame->ch_layout.nb_channels != channels_ ||
- frame->format != av_sample_format_) {
+ frame->channels != channels_ || frame->format != av_sample_format_) {
DLOG(ERROR) << "Unsupported midstream configuration change!"
<< " Sample Rate: " << frame->sample_rate << " vs "
- << samples_per_second_
- << ", Channels: " << frame->ch_layout.nb_channels << " vs "
- << channels_ << ", Sample Format: " << frame->format << " vs "
- << av_sample_format_;
+ << samples_per_second_ << ", Channels: " << frame->channels
+ << " vs " << channels_ << ", Sample Format: " << frame->format
+ << " vs " << av_sample_format_;
return cdm::kDecodeError;
}
decoded_audio_size = av_samples_get_buffer_size(
- nullptr, codec_context_->ch_layout.nb_channels, frame->nb_samples,
+ nullptr, codec_context_->channels, frame->nb_samples,
codec_context_->sample_fmt, 1);
if (!decoded_audio_size)
continue;
@@ -323,9 +320,9 @@
size_t* total_size,
std::vector<std::unique_ptr<AVFrame, ScopedPtrAVFreeFrame>>* audio_frames,
AVFrame* frame) {
- *total_size += av_samples_get_buffer_size(
- nullptr, codec_context_->ch_layout.nb_channels, frame->nb_samples,
- codec_context_->sample_fmt, 1);
+ *total_size += av_samples_get_buffer_size(nullptr, codec_context_->channels,
+ frame->nb_samples,
+ codec_context_->sample_fmt, 1);
audio_frames->emplace_back(av_frame_clone(frame));
return true;
}
--- a/media/ffmpeg/ffmpeg_common.cc
+++ b/media/ffmpeg/ffmpeg_common.cc
@@ -345,11 +345,10 @@
codec_context->sample_fmt, codec_context->codec_id);
ChannelLayout channel_layout =
- codec_context->ch_layout.nb_channels > 8
+ codec_context->channels > 8
? CHANNEL_LAYOUT_DISCRETE
- : ChannelLayoutToChromeChannelLayout(
- codec_context->ch_layout.u.mask,
- codec_context->ch_layout.nb_channels);
+ : ChannelLayoutToChromeChannelLayout(codec_context->channel_layout,
+ codec_context->channels);
int sample_rate = codec_context->sample_rate;
switch (codec) {
@@ -402,7 +401,7 @@
extra_data, encryption_scheme, seek_preroll,
codec_context->delay);
if (channel_layout == CHANNEL_LAYOUT_DISCRETE)
- config->SetChannelsForDiscrete(codec_context->ch_layout.nb_channels);
+ config->SetChannelsForDiscrete(codec_context->channels);
#if BUILDFLAG(ENABLE_PLATFORM_AC3_EAC3_AUDIO)
// These are bitstream formats unknown to ffmpeg, so they don't have
@@ -471,7 +470,7 @@
// TODO(scherkus): should we set |channel_layout|? I'm not sure if FFmpeg uses
// said information to decode.
- codec_context->ch_layout.nb_channels = config.channels();
+ codec_context->channels = config.channels();
codec_context->sample_rate = config.samples_per_second();
if (config.extra_data().empty()) {
--- a/media/filters/audio_file_reader.cc
+++ b/media/filters/audio_file_reader.cc
@@ -113,15 +113,14 @@
// Verify the channel layout is supported by Chrome. Acts as a sanity check
// against invalid files. See http://crbug.com/171962
- if (ChannelLayoutToChromeChannelLayout(
- codec_context_->ch_layout.u.mask,
- codec_context_->ch_layout.nb_channels) ==
+ if (ChannelLayoutToChromeChannelLayout(codec_context_->channel_layout,
+ codec_context_->channels) ==
CHANNEL_LAYOUT_UNSUPPORTED) {
return false;
}
// Store initial values to guard against midstream configuration changes.
- channels_ = codec_context_->ch_layout.nb_channels;
+ channels_ = codec_context_->channels;
audio_codec_ = CodecIDToAudioCodec(codec_context_->codec_id);
sample_rate_ = codec_context_->sample_rate;
av_sample_format_ = codec_context_->sample_fmt;
@@ -224,7 +223,7 @@
if (frames_read < 0)
return false;
- const int channels = frame->ch_layout.nb_channels;
+ const int channels = frame->channels;
if (frame->sample_rate != sample_rate_ || channels != channels_ ||
frame->format != av_sample_format_) {
DLOG(ERROR) << "Unsupported midstream configuration change!"
--- a/media/filters/audio_file_reader_unittest.cc
+++ b/media/filters/audio_file_reader_unittest.cc
@@ -121,11 +121,11 @@
EXPECT_FALSE(reader_->Open());
}
- void RunTestFailingDecode(const char* fn, int expect_read = 0) {
+ void RunTestFailingDecode(const char* fn) {
Initialize(fn);
EXPECT_TRUE(reader_->Open());
std::vector<std::unique_ptr<AudioBus>> decoded_audio_packets;
- EXPECT_EQ(reader_->Read(&decoded_audio_packets), expect_read);
+ EXPECT_EQ(reader_->Read(&decoded_audio_packets), 0);
}
void RunTestPartialDecode(const char* fn) {
@@ -219,7 +219,7 @@
}
TEST_F(AudioFileReaderTest, MidStreamConfigChangesFail) {
- RunTestFailingDecode("midstream_config_change.mp3", 42624);
+ RunTestFailingDecode("midstream_config_change.mp3");
}
#endif
--- a/media/filters/audio_video_metadata_extractor.cc
+++ b/media/filters/audio_video_metadata_extractor.cc
@@ -113,15 +113,6 @@
if (!stream)
continue;
- void* display_matrix =
- av_stream_get_side_data(stream, AV_PKT_DATA_DISPLAYMATRIX, nullptr);
- if (display_matrix) {
- rotation_ = VideoTransformation::FromFFmpegDisplayMatrix(
- static_cast<int32_t*>(display_matrix))
- .rotation;
- info.tags["rotate"] = base::NumberToString(rotation_);
- }
-
// Extract dictionary from streams also. Needed for containers that attach
// metadata to contained streams instead the container itself, like OGG.
ExtractDictionary(stream->metadata, &info.tags);
@@ -264,6 +255,8 @@
if (raw_tags->find(tag->key) == raw_tags->end())
(*raw_tags)[tag->key] = tag->value;
+ if (ExtractInt(tag, "rotate", &rotation_))
+ continue;
if (ExtractString(tag, "album", &album_))
continue;
if (ExtractString(tag, "artist", &artist_))
--- a/media/filters/ffmpeg_aac_bitstream_converter.cc
+++ b/media/filters/ffmpeg_aac_bitstream_converter.cc
@@ -195,15 +195,14 @@
if (!header_generated_ || codec_ != stream_codec_parameters_->codec_id ||
audio_profile_ != stream_codec_parameters_->profile ||
sample_rate_index_ != sample_rate_index ||
- channel_configuration_ !=
- stream_codec_parameters_->ch_layout.nb_channels ||
+ channel_configuration_ != stream_codec_parameters_->channels ||
frame_length_ != header_plus_packet_size) {
header_generated_ =
GenerateAdtsHeader(stream_codec_parameters_->codec_id,
0, // layer
stream_codec_parameters_->profile, sample_rate_index,
0, // private stream
- stream_codec_parameters_->ch_layout.nb_channels,
+ stream_codec_parameters_->channels,
0, // originality
0, // home
0, // copyrighted_stream
@@ -215,7 +214,7 @@
codec_ = stream_codec_parameters_->codec_id;
audio_profile_ = stream_codec_parameters_->profile;
sample_rate_index_ = sample_rate_index;
- channel_configuration_ = stream_codec_parameters_->ch_layout.nb_channels;
+ channel_configuration_ = stream_codec_parameters_->channels;
frame_length_ = header_plus_packet_size;
}
--- a/media/filters/ffmpeg_aac_bitstream_converter_unittest.cc
+++ b/media/filters/ffmpeg_aac_bitstream_converter_unittest.cc
@@ -34,7 +34,7 @@
memset(&test_parameters_, 0, sizeof(AVCodecParameters));
test_parameters_.codec_id = AV_CODEC_ID_AAC;
test_parameters_.profile = FF_PROFILE_AAC_MAIN;
- test_parameters_.ch_layout.nb_channels = 2;
+ test_parameters_.channels = 2;
test_parameters_.extradata = extradata_header_;
test_parameters_.extradata_size = sizeof(extradata_header_);
}
--- a/media/filters/ffmpeg_audio_decoder.cc
+++ b/media/filters/ffmpeg_audio_decoder.cc
@@ -28,7 +28,7 @@
// Return the number of channels from the data in |frame|.
static inline int DetermineChannels(AVFrame* frame) {
- return frame->ch_layout.nb_channels;
+ return frame->channels;
}
// Called by FFmpeg's allocation routine to allocate a buffer. Uses
@@ -231,7 +231,7 @@
// Translate unsupported into discrete layouts for discrete configurations;
// ffmpeg does not have a labeled discrete configuration internally.
ChannelLayout channel_layout = ChannelLayoutToChromeChannelLayout(
- codec_context_->ch_layout.u.mask, codec_context_->ch_layout.nb_channels);
+ codec_context_->channel_layout, codec_context_->channels);
if (channel_layout == CHANNEL_LAYOUT_UNSUPPORTED &&
config_.channel_layout() == CHANNEL_LAYOUT_DISCRETE) {
channel_layout = CHANNEL_LAYOUT_DISCRETE;
@@ -348,11 +348,11 @@
// Success!
av_sample_format_ = codec_context_->sample_fmt;
- if (codec_context_->ch_layout.nb_channels != config.channels()) {
+ if (codec_context_->channels != config.channels()) {
MEDIA_LOG(ERROR, media_log_)
<< "Audio configuration specified " << config.channels()
<< " channels, but FFmpeg thinks the file contains "
- << codec_context_->ch_layout.nb_channels << " channels";
+ << codec_context_->channels << " channels";
ReleaseFFmpegResources();
state_ = DecoderState::kUninitialized;
return false;
@@ -403,7 +403,7 @@
if (frame->nb_samples <= 0)
return AVERROR(EINVAL);
- if (s->ch_layout.nb_channels != channels) {
+ if (s->channels != channels) {
DLOG(ERROR) << "AVCodecContext and AVFrame disagree on channel count.";
return AVERROR(EINVAL);
}
@@ -436,8 +436,7 @@
ChannelLayout channel_layout =
config_.channel_layout() == CHANNEL_LAYOUT_DISCRETE
? CHANNEL_LAYOUT_DISCRETE
- : ChannelLayoutToChromeChannelLayout(s->ch_layout.u.mask,
- s->ch_layout.nb_channels);
+ : ChannelLayoutToChromeChannelLayout(s->channel_layout, s->channels);
if (channel_layout == CHANNEL_LAYOUT_UNSUPPORTED) {
DLOG(ERROR) << "Unsupported channel layout.";

View file

@ -0,0 +1,15 @@
--- a/media/filters/audio_file_reader.cc
+++ b/media/filters/audio_file_reader.cc
@@ -243,10 +243,10 @@
// silence from being output. In the case where we are also discarding some
// portion of the packet (as indicated by a negative pts), we further want to
// adjust the duration downward by however much exists before zero.
- if (audio_codec_ == AudioCodec::kAAC && frame->duration) {
+ if (audio_codec_ == AudioCodec::kAAC && frame->pkt_duration) {
const base::TimeDelta pkt_duration = ConvertFromTimeBase(
glue_->format_context()->streams[stream_index_]->time_base,
- frame->duration + std::min(static_cast<int64_t>(0), frame->pts));
+ frame->pkt_duration + std::min(static_cast<int64_t>(0), frame->pts));
const base::TimeDelta frame_duration =
base::Seconds(frames_read / static_cast<double>(sample_rate_));

View file

@ -0,0 +1,22 @@
for some reason this breaks and the fd returned after close() after a few
cycles is still in the lock array
so, just don't enforce or wrap anything.
--- a/base/files/scoped_file_linux.cc
+++ b/base/files/scoped_file_linux.cc
@@ -77,15 +77,3 @@
}
} // namespace base
-
-extern "C" {
-
-int __close(int);
-
-__attribute__((visibility("default"), noinline)) int close(int fd) {
- if (base::IsFDOwned(fd) && g_is_ownership_enforced)
- CrashOnFdOwnershipViolation();
- return __close(fd);
-}
-
-} // extern "C"

View file

@ -0,0 +1,53 @@
--- a/third_party/electron_node/BUILD.gn
+++ b/third_party/electron_node/BUILD.gn
@@ -42,6 +42,18 @@
node_module_version = ""
}
+if (is_linux) {
+ import("//build/config/linux/pkg_config.gni")
+
+ pkg_config("cares") {
+ packages = [ "libcares" ]
+ }
+
+ pkg_config("nghttp2") {
+ packages = [ "libnghttp2" ]
+ }
+}
+
assert(!node_use_dtrace, "node_use_dtrace not supported in GN")
assert(!node_use_etw, "node_use_etw not supported in GN")
@@ -182,11 +194,9 @@
component("node_lib") {
deps = [
":node_js2c",
- "deps/cares",
"deps/histogram",
"deps/googletest:gtest",
"deps/llhttp",
- "deps/nghttp2",
"deps/uvwasi",
"//third_party/zlib",
"//third_party/brotli:dec",
@@ -202,6 +212,19 @@
public_configs = [ ":node_lib_config" ]
include_dirs = [ "src" ]
libs = []
+ if (is_linux) {
+ configs += [
+ ":cares",
+ ":nghttp2",
+ ]
+ libs += [ "http_parser" ]
+ } else {
+ deps += [
+ "deps/cares",
+ "deps/http_parser",
+ "deps/nghttp2",
+ ]
+ }
frameworks = []
cflags_cc = [
"-Wno-deprecated-declarations",

View file

@ -0,0 +1,18 @@
random glibc macro
--- a/sandbox/linux/suid/process_util.h
+++ b/sandbox/linux/suid/process_util.h
@@ -11,6 +11,14 @@
#include <stdbool.h>
#include <sys/types.h>
+// Some additional functions
+# define TEMP_FAILURE_RETRY(expression) \
+ (__extension__ \
+ ({ long int __result; \
+ do __result = (long int) (expression); \
+ while (__result == -1L && errno == EINTR); \
+ __result; }))
+
// This adjusts /proc/process/oom_score_adj so the Linux OOM killer
// will prefer certain process types over others. The range for the
// adjustment is [-1000, 1000], with [0, 1000] being user accessible.

View file

@ -0,0 +1,113 @@
--- a/chrome/browser/process_singleton_posix.cc
+++ b/chrome/browser/process_singleton_posix.cc
@@ -607,7 +607,7 @@
// |reader| is for sending back ACK message.
void HandleMessage(const std::string& current_dir,
const std::vector<std::string>& argv,
- const std::vector<const uint8_t> additional_data,
+ const std::vector<uint8_t> additional_data,
SocketReader* reader);
private:
@@ -664,7 +664,7 @@
void ProcessSingleton::LinuxWatcher::HandleMessage(
const std::string& current_dir,
const std::vector<std::string>& argv,
- const std::vector<const uint8_t> additional_data,
+ const std::vector<uint8_t> additional_data,
SocketReader* reader) {
DCHECK(ui_task_runner_->BelongsToCurrentThread());
DCHECK(reader);
@@ -754,7 +754,7 @@
base::StringToSizeT(tokens[0], &num_args);
std::vector<std::string> command_line(tokens.begin() + 1, tokens.begin() + 1 + num_args);
- std::vector<const uint8_t> additional_data;
+ std::vector<uint8_t> additional_data;
if (tokens.size() >= 3 + num_args) {
size_t additional_data_size;
base::StringToSizeT(tokens[1 + num_args], &additional_data_size);
@@ -763,7 +763,7 @@
std::string(1, kTokenDelimiter));
const uint8_t* additional_data_bits =
reinterpret_cast<const uint8_t*>(remaining_args.c_str());
- additional_data = std::vector<const uint8_t>(
+ additional_data = std::vector<uint8_t>(
additional_data_bits, additional_data_bits + additional_data_size);
}
--- a/chrome/browser/process_singleton.h
+++ b/chrome/browser/process_singleton.h
@@ -102,7 +102,7 @@
using NotificationCallback =
base::RepeatingCallback<bool(const base::CommandLine& command_line,
const base::FilePath& current_directory,
- const std::vector<const uint8_t> additional_data)>;
+ const std::vector<uint8_t> additional_data)>;
#if BUILDFLAG(IS_WIN)
ProcessSingleton(const std::string& program_name,
--- a/chrome/browser/process_singleton_win.cc
+++ b/chrome/browser/process_singleton_win.cc
@@ -81,7 +81,7 @@
bool ParseCommandLine(const COPYDATASTRUCT* cds,
base::CommandLine* parsed_command_line,
base::FilePath* current_directory,
- std::vector<const uint8_t>* parsed_additional_data) {
+ std::vector<uint8_t>* parsed_additional_data) {
// We should have enough room for the shortest command (min_message_size)
// and also be a multiple of wchar_t bytes. The shortest command
// possible is L"START\0\0" (empty command line, current directory,
@@ -163,7 +163,7 @@
msg.substr(fourth_null + 1, fifth_null - fourth_null);
const uint8_t* additional_data_bytes =
reinterpret_cast<const uint8_t*>(additional_data.c_str());
- *parsed_additional_data = std::vector<const uint8_t>(additional_data_bytes,
+ *parsed_additional_data = std::vector<uint8_t>(additional_data_bytes,
additional_data_bytes + additional_data_length);
return true;
@@ -187,7 +187,7 @@
base::CommandLine parsed_command_line(base::CommandLine::NO_PROGRAM);
base::FilePath current_directory;
- std::vector<const uint8_t> additional_data;
+ std::vector<uint8_t> additional_data;
if (!ParseCommandLine(cds, &parsed_command_line, &current_directory, &additional_data)) {
*result = TRUE;
return true;
--- a/electron/shell/browser/api/electron_api_app.cc
+++ b/electron/shell/browser/api/electron_api_app.cc
@@ -519,10 +519,10 @@
const base::RepeatingCallback<
void(const base::CommandLine& command_line,
const base::FilePath& current_directory,
- const std::vector<const uint8_t> additional_data)>& callback,
+ const std::vector<uint8_t> additional_data)>& callback,
const base::CommandLine& cmd,
const base::FilePath& cwd,
- const std::vector<const uint8_t> additional_data) {
+ const std::vector<uint8_t> additional_data) {
// Make sure the callback is called after app gets ready.
if (Browser::Get()->is_ready()) {
callback.Run(cmd, cwd, std::move(additional_data));
@@ -1082,7 +1082,7 @@
void App::OnSecondInstance(const base::CommandLine& cmd,
const base::FilePath& cwd,
- const std::vector<const uint8_t> additional_data) {
+ const std::vector<uint8_t> additional_data) {
v8::Isolate* isolate = JavascriptEnvironment::GetIsolate();
v8::Locker locker(isolate);
v8::HandleScope handle_scope(isolate);
--- a/electron/shell/browser/api/electron_api_app.h
+++ b/electron/shell/browser/api/electron_api_app.h
@@ -195,7 +195,7 @@
std::string GetLocaleCountryCode();
void OnSecondInstance(const base::CommandLine& cmd,
const base::FilePath& cwd,
- const std::vector<const uint8_t> additional_data);
+ const std::vector<uint8_t> additional_data);
bool HasSingleInstanceLock() const;
bool RequestSingleInstanceLock(gin::Arguments* args);
void ReleaseSingleInstanceLock();

View file

@ -0,0 +1,12 @@
--- a/electron/build/webpack/webpack.config.base.js
+++ b/electron/build/webpack/webpack.config.base.js
@@ -117,7 +117,8 @@
entry,
target: alwaysHasNode ? 'node' : 'web',
output: {
- filename: outputFilename
+ filename: outputFilename,
+ hashFunction: 'sha256'
},
resolve: {
alias: {

View file

@ -0,0 +1,20 @@
--- a/third_party/blink/renderer/platform/wtf/stack_util.cc
+++ b/third_party/blink/renderer/platform/wtf/stack_util.cc
@@ -29,7 +29,7 @@
// FIXME: On Mac OSX and Linux, this method cannot estimate stack size
// correctly for the main thread.
-#elif defined(__GLIBC__) || BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_FREEBSD) || \
+#elif BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_FREEBSD) || \
BUILDFLAG(IS_FUCHSIA)
// pthread_getattr_np() can fail if the thread is not invoked by
// pthread_create() (e.g., the main thread of blink_unittests).
@@ -97,7 +97,7 @@
}
void* GetStackStart() {
-#if defined(__GLIBC__) || BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_FREEBSD) || \
+#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_FREEBSD) || \
BUILDFLAG(IS_FUCHSIA)
pthread_attr_t attr;
int error;

View file

@ -23,25 +23,22 @@ depends="
"
makedepends="perl-module-build"
subpackages="$pkgname-doc"
source="$pkgname-$pkgver.tar.gz::https://github.com/bbusschots/$pkgname/archive/v$pkgver.tar.gz"
source="$pkgname-$pkgver.tar.gz::https://github.com/bbusschots/hsxkpasswd/archive/v$pkgver.tar.gz"
build() {
unset PERL5LIB PERL_MM_OPT PERL_MB_OPT PERL_LOCAL_LIB_ROOT
export PERL_MM_USE_DEFAULT=1 MODULEBUILDRC=/dev/null
perl ./Build.PL
PERL_MM_USE_DEFAULT=1 MODULEBUILDRC=/dev/null perl ./Build.PL
./Build
}
check() {
unset PERL5LIB PERL_MM_OPT PERL_MB_OPT PERL_LOCAL_LIB_ROOT
export PERL_MM_USE_DEFAULT=1
./Build test
PERL_MM_USE_DEFAULT=1 ./Build test
}
package() {
unset PERL5LIB PERL_MM_OPT PERL_MB_OPT PERL_LOCAL_LIB_ROOT
./Build install --installdirs=vendor --destdir="$pkgdir"
find "$pkgdir" \( -name perllocal.pod -o -name .packlist \) -delete
}
sha512sums="
b93f3e8a209152def43040d05f27ed404ff7d596f69f831d1666cbd1dcb06907558b0e9ab9b256cfa25aa528fc92e13b816a0b8d476f4334a53f69b44612708f hsxkpasswd-3.6.tar.gz
"

41
backports/llhttp/APKBUILD Normal file
View file

@ -0,0 +1,41 @@
# Contributor: Michał Polański <michal@polanski.me>
# Maintainer: Michał Polański <michal@polanski.me>
pkgname=llhttp
pkgver=6.0.10
pkgrel=0
pkgdesc="Port of http_parser to llparse"
url="https://llhttp.org/"
license="MIT"
arch="all"
makedepends="cmake clang npm"
subpackages="$pkgname-dev $pkgname-doc"
source="https://github.com/nodejs/llhttp/archive/v$pkgver/llhttp-$pkgver.tar.gz"
prepare() {
default_prepare
sed -i "s/_TAG_/$pkgver/" CMakeLists.txt
npm ci
}
build() {
make release
cmake -S release -B releasebuild \
-DCMAKE_BUILD_TYPE=MinSizeRel \
-DCMAKE_INSTALL_PREFIX=/usr \
-DBUILD_SHARED_LIBS=ON
cmake --build releasebuild
}
check() {
npm test
}
package() {
DESTDIR="$pkgdir" cmake --install releasebuild
install -Dm644 LICENSE-MIT "$pkgdir"/usr/share/doc/$pkgname/LICENSE
}
sha512sums="
b417fe97467404426c673a6e0303a92b8c3420c6c2bc44bbea6398112879b860ab439119f9d07cfa782a329e42cb9a6d566bf02f147cdfce007527a580acad28 llhttp-6.0.10.tar.gz
"

View file

@ -0,0 +1,34 @@
# Contributor: TBK <alpine@jjtc.eu>
# Maintainer: Andy Postnikov <apostnikov@gmail.com>
pkgname=php81-pecl-mcrypt
_extname=mcrypt
pkgver=1.0.4
pkgrel=0
pkgdesc="Provides PHP 8.1 bindings for the unmaintained libmcrypt - PECL"
url="https://pecl.php.net/package/mcrypt"
arch="all"
license="PHP-3.01"
depends="php81-common"
makedepends="php81-dev libmcrypt-dev"
source="php-pecl-$_extname-$pkgver.tgz::https://pecl.php.net/get/$_extname-$pkgver.tgz"
builddir="$srcdir/$_extname-$pkgver"
build() {
phpize81
./configure --prefix=/usr --with-php-config=php-config81
make
}
check() {
rm -f tests/mcrypt_rijndael128_128BitKey.phpt # fails
make NO_INTERACTION=1 REPORT_EXIT_STATUS=1 test
}
package() {
make INSTALL_ROOT="$pkgdir" install
local _confdir="$pkgdir"/etc/php81/conf.d
install -d $_confdir
echo "extension=$_extname" > $_confdir/$_extname.ini
}
sha512sums="6a8244761035640366041a5f26057ab14bb85eaaa973ddf604e152b786ef750ec775ae91d7582044700d6fdef902425f3a9d6839113a52e0a9f957bf9d0c189a php-pecl-mcrypt-1.0.4.tgz"

View file

@ -0,0 +1,39 @@
# Maintainer: Andy Postnikov <apostnikov@gmail.com>
pkgname=php81-pecl-xmlrpc
_extname=xmlrpc
pkgver=1.0.0_rc3
_pkgver=${pkgver/_rc/RC}
pkgrel=0
pkgdesc="PHP 8.1 extension to write XML-RPC servers and clients - PECL"
url="https://pecl.php.net/package/xmlrpc"
arch="all"
license="PHP-3.01"
depends="php81-xml"
makedepends="php81-dev libxml2-dev"
source="php-pecl-$_extname-$pkgver.tar.gz::https://pecl.php.net/get/$_extname-$_pkgver.tgz"
builddir="$srcdir"/$_extname-$_pkgver
build() {
phpize81
./configure --prefix=/usr --with-php-config=/usr/bin/php-config81
make
}
check() {
make NO_INTERACTION=1 REPORT_EXIT_STATUS=1 test TESTS=--show-diff \
PHP_TEST_SHARED_EXTENSIONS=" \
-d extension=/usr/lib/php81/modules/xml.so \
-d extension=modules/$_extname.so"
php81 -d extension=modules/$_extname.so --ri $_extname
}
package() {
make INSTALL_ROOT="$pkgdir" install
local _confdir="$pkgdir"/etc/php81/conf.d
install -d $_confdir
echo "extension=$_extname" > $_confdir/$_extname.ini
}
sha512sums="
aa8e24d5a732b175adb9870357991d48ead046faed89e579eb63afe06c7ef20af9de29e2d70e71e54e5a15ee37265f69a7d52b39ef2465ced93ba818c1f7e9c1 php-pecl-xmlrpc-1.0.0_rc3.tar.gz
"

View file

@ -0,0 +1,41 @@
# Maintainer: Drew DeVault <sir@cmpwn.com>
pkgname=py3-billiard
pkgver=3.6.4.0
pkgrel=2
pkgdesc="a message queue abstraction layer"
url="https://pypi.python.org/pypi/billiard/"
arch="noarch"
license="BSD-3-Clause"
makedepends="py3-setuptools"
checkdepends="py3-psutil py3-pytest py3-nose py3-case"
source="https://files.pythonhosted.org/packages/source/b/billiard/billiard-$pkgver.tar.gz
$pkgname-py311.patch::https://github.com/celery/billiard/commit/ff8efc5d689ef048f5203593390f1ff6a052a5d5.patch
"
builddir="$srcdir/billiard-$pkgver"
replaces="py-billiard" # Backwards compatibility
provides="py-billiard=$pkgver-r$pkgrel" # Backwards compatibility
build() {
python3 setup.py build
}
check() {
# Uses wrong name for 'queue' module.
# Uses internal 'test' and 'test.support' modules.
rm -f t/integration/tests/test_multiprocessing.py
# Windows only
rm -f t/unit/test_win32.py
py.test-3
}
package() {
python3 setup.py install --skip-build --root="$pkgdir"
}
sha512sums="
9f2a44024e45c4e7667472a0a3ade7caae755ec7c163929433f818e4b87165218b9cc9545bdee2254e7159c206e525306e383d38906b00fd5428bd1616c39b8f billiard-3.6.4.0.tar.gz
589f57ce516cec2740cff6f06f396caac856b75ff4c7dc022c6b1b60f0d97f590667ff3c0ee4887926556c073241d89a4734658d35dcfb41fc71117fdc2c8426 py3-billiard-py311.patch
"

View file

@ -0,0 +1,41 @@
# Contributor: Marian Buschsieweke <marian.buschsieweke@ovgu.de>
# Maintainer: Marian Buschsieweke <marian.buschsieweke@ovgu.de>
pkgname=py3-cbor2
pkgver=5.4.6
pkgrel=0
pkgdesc="encoding and decoding for CBOR (RFC 8949)"
url="https://github.com/agronholm/cbor2"
arch="all"
license="MIT"
depends="
python3
"
makedepends="
py3-setuptools
py3-setuptools_scm
py3-wheel
python3-dev
"
checkdepends="
py3-pytest
py3-pytest-cov
py3-tomli
"
source="$pkgname-$pkgver.tar.gz::https://files.pythonhosted.org/packages/source/c/cbor2/cbor2-$pkgver.tar.gz"
builddir="$srcdir/"cbor2-$pkgver
build() {
python3 setup.py build
}
check() {
PYTHONPATH="$(echo "$PWD"/build/lib.linux*)" pytest
}
package() {
python3 setup.py install --skip-build --root="$pkgdir"
}
sha512sums="
44fb3e2e2249c79b1454487670d53eb672ffae4c22374d2a2bb9e314ac15470e4e7913e4eb1981a8bd4d722e6827328dde7e57c5f0556843e951c4723ae5bd8e py3-cbor2-5.4.6.tar.gz
"

View file

@ -0,0 +1,32 @@
# Contributor: Marian Buschsieweke <marian.buschsieweke@ovgu.de>
# Maintainer: Marian Buschsieweke <marian.buschsieweke@ovgu.de>
pkgname=py3-codespell
_pkgname=${pkgname#py3-}
pkgver=2.2.2
pkgrel=0
pkgdesc="Fix common misspellings in text files, primarily source code"
options="!check" # No testsuite
url="https://github.com/codespell-project/codespell/"
arch="noarch"
license="GPL-2.0-only"
makedepends="py3-setuptools"
checkdepends="py3-pytest"
depends="py3-chardet"
source="$pkgname-$pkgver.tar.gz::https://github.com/codespell-project/codespell/archive/refs/tags/v$pkgver.tar.gz"
builddir="$srcdir"/$_pkgname-$pkgver
check() {
python3 setup.py test
}
build() {
python3 setup.py build
}
package() {
python3 setup.py install --skip-build --root="$pkgdir"
}
sha512sums="
1783505829e2abe2eb75854cbc83403bbaeebc61d5eb1832803b065a7314c4140f936ec5018c62883befbf51e4425f96ed8298596fc9a103bcce90fb3dbf5e8d py3-codespell-2.2.2.tar.gz
"

View file

@ -3,7 +3,7 @@
pkgname=py3-flask-principal
_pkgname=flask-principal
pkgver=0.4.0
pkgrel=3
pkgrel=4
pkgdesc="Flask Identity management"
url="https://pythonhosted.org/Flask-Principal/"
arch="noarch"

View file

@ -3,7 +3,7 @@
pkgname=py3-fuzzywuzzy
_pyname=fuzzywuzzy
pkgver=0.18.0
pkgrel=1
pkgrel=2
pkgdesc="Fuzzy string matching in python"
url="https://github.com/seatgeek/fuzzywuzzy"
arch="noarch"

View file

@ -1,31 +0,0 @@
# Contributor: Rasmus Thomsen <oss@cogitri.dev>
# Maintainer: Rasmus Thomsen <oss@cogitri.dev>
pkgname=py3-gnupg
pkgver=0.4.9
pkgrel=0
pkgdesc="Python3 wrapper for the Gnu Privacy Guard (GPG or GnuPG)"
url="https://gnupg.readthedocs.io/en/latest/"
arch="noarch"
license="BSD-3-Clause"
depends="python3 gnupg"
makedepends="py3-setuptools py3-wheel py3-build py3-installer"
checkdepends="py3-pytest"
source="https://pypi.io/packages/source/p/python-gnupg/python-gnupg-$pkgver.tar.gz"
builddir="$srcdir/python-gnupg-$pkgver"
build() {
python3 -m build --no-isolation --wheel
}
check() {
NO_EXTERNAL_TESTS=no pytest -v
}
package() {
python3 -m installer -d "$pkgdir" \
dist/python_gnupg-$pkgver-py2.py3-none-any.whl
}
sha512sums="
e59685bea966addbfacfd5516601c518c9ccd7a828250584a00dca5c2062b30bd859ae73b467bd16db60abd800bd0b66f68177e56d3c48654416a294e72f3e8f python-gnupg-0.4.9.tar.gz
"

View file

@ -0,0 +1,31 @@
# Contributor: Michał Polański <michal@polanski.me>
# Maintainer: Michał Polański <michal@polanski.me>
pkgname=py3-httptools
pkgver=0.4.0
pkgrel=0
pkgdesc="Fast HTTP parser"
url="https://github.com/MagicStack/httptools"
license="MIT"
arch="all !riscv64" # llhttp
depends="python3"
makedepends="py3-setuptools python3-dev cython http-parser-dev llhttp-dev"
checkdepends="py3-pytest py3-aiohttp py3-openssl py3-psutil"
source="$pkgname-$pkgver.tar.gz::https://github.com/MagicStack/httptools/archive/v$pkgver/py3-httptools-$pkgver.tar.gz"
builddir="$srcdir/httptools-$pkgver"
build() {
python3 setup.py build build_ext --inplace \
--use-system-http-parser --use-system-llhttp
}
check() {
PYTHONPATH="$(echo "$PWD"/build/lib.linux-*)" pytest
}
package() {
python3 setup.py install --root="$pkgdir" --skip-build
}
sha512sums="
b1e374f0b924bb0ff699d106038603f126da9065a63bc53080efc630392e0c666b1b87f8ca410fe23ee0fd07c77e89b590bf4154c4c07ad59982977630605961 py3-httptools-0.4.0.tar.gz
"

View file

@ -0,0 +1,31 @@
# Contributor: prspkt <prspkt@protonmail.com>
# Maintainer: prspkt <prspkt@protonmail.com>
pkgname=py3-jwcrypto
_pkgname=jwcrypto
pkgver=0.8
pkgrel=3
pkgdesc="Python module implementing JOSE Web standards"
url="https://github.com/latchset/jwcrypto"
arch="noarch"
license="LGPL-3.0-only"
depends="python3 py3-cryptography py3-six"
makedepends="py3-setuptools"
checkdepends="py3-pytest"
subpackages="$pkgname-doc"
source="https://files.pythonhosted.org/packages/source/${_pkgname:0:1}/$_pkgname/$_pkgname-$pkgver.tar.gz"
builddir="$srcdir"/$_pkgname-$pkgver
build() {
python3 setup.py build
}
check() {
cd "$builddir"/$_pkgname
py.test-3
}
package() {
python3 setup.py install --skip-build --root="$pkgdir"
}
sha512sums="e8dc62d6159e5722a572e049c41edc8e31fe0d022aa47987ab6720c7057cbac2f98cec5d35af1ea02f6bc6efde769810fde4b868e019956b138cfac529cc027d jwcrypto-0.8.tar.gz"

View file

@ -0,0 +1,25 @@
# Contributor: Galen Abell <galen@galenabell.com>
# Maintainer: Galen Abell <galen@galenabell.com>
pkgname=py3-levenshtein
_pyname=python-Levenshtein
pkgver=0.12.2
pkgrel=2
pkgdesc="Python extension for computing string edit distances and similarities"
url="https://github.com/ztane/python-Levenshtein"
arch="all"
license="GPL-2.0-only"
options="!check" # no tests
depends="python3"
makedepends="py3-setuptools python3-dev"
source="https://files.pythonhosted.org/packages/source/${_pyname%${_pyname#?}}/$_pyname/$_pyname-$pkgver.tar.gz"
builddir="$srcdir/$_pyname-$pkgver"
build() {
python3 setup.py build
}
package() {
python3 setup.py install --prefix=/usr --root="$pkgdir"
}
sha512sums="97eac9d19121758af7620ad3963846e48434ceabb5376a83f28452015adf1a620620bfb53edb1c4f60b0fc8ec2b0faf35a105d7e2a0fc5df7a45fce81ba0dcdb python-Levenshtein-0.12.2.tar.gz"

View file

@ -0,0 +1,34 @@
# Contributor: Iztok Fister, Jr. <iztok@iztok-jr-fister.eu>
# Maintainer: Iztok Fister, Jr. <iztok@iztok-jr-fister.eu>
pkgname=py3-pdf2image
pkgver=1.16.2
pkgrel=0
pkgdesc="A python module that wraps the pdftoppm utility to convert PDF to PIL Image object"
url="https://github.com/Belval/pdf2image"
arch="noarch"
license="MIT"
options="!check" # missing dependency that is no longer actively developed
depends="
python3
py3-pillow
poppler-utils
"
makedepends="py3-setuptools"
source="https://github.com/Belval/pdf2image/archive/v$pkgver/pdf2image-$pkgver.tar.gz"
builddir="$srcdir/pdf2image-$pkgver"
build() {
python3 setup.py build
}
check() {
python3 setup.py test
}
package() {
python3 setup.py install --skip-build --root="$pkgdir"
}
sha512sums="
2e074fa6231e4b089e7f144eae4d1a5f365921e011d8894647f5de1af1c22e15cc0868a186c5d9723c270ac9f218e52e720689e28bc8482fc2e5e78e0f868e13 pdf2image-1.16.2.tar.gz
"

View file

@ -0,0 +1,55 @@
# Maintainer: psykose <alice@ayaya.dev>
pkgname=py3-rapidfuzz
pkgver=2.13.7
pkgrel=0
pkgdesc="Rapid fuzzy string matching in Python using various string metrics"
url="https://github.com/maxbachmann/RapidFuzz"
arch="all"
license="MIT"
makedepends="
cmake
cython
py3-gpep517
py3-rapidfuzz-capi
py3-scikit-build
py3-setuptools
python3-dev
samurai
"
checkdepends="
py3-hypothesis
py3-numpy
pytest
"
source="https://files.pythonhosted.org/packages/source/r/rapidfuzz/rapidfuzz-$pkgver.tar.gz"
builddir="$srcdir/rapidfuzz-$pkgver"
case "$CARCH" in
x86*)
# float rounding
options="$options !check"
;;
esac
build() {
RAPIDFUZZ_BUILD_EXTENSION=1 \
gpep517 build-wheel \
--wheel-dir dist \
--output-fd 1
}
check() {
python3 -m venv --system-site-packages testenv
testenv/bin/python3 -m installer \
dist/rapidfuzz*.whl
testenv/bin/python3 -m pytest
}
package() {
python3 -m installer -d "$pkgdir" \
dist/rapidfuzz*.whl
}
sha512sums="
5d2c4620c09b44fc8bd48e236b46af6e28ef3b86f32e0697408bd77230af46d711bfc28eb7fcfc8b1403a84b51235fc39b9a1d2fedb6421918bcb700b2b88f9c rapidfuzz-2.13.7.tar.gz
"

View file

@ -0,0 +1,32 @@
# Maintainer:
pkgname=py3-vine
pkgver=5.0.0
pkgrel=0
pkgdesc="futures and promises implementation for python"
url="https://github.com/celery/vine"
arch="noarch"
license="BSD-3-Clause"
depends="python3"
makedepends="py3-setuptools"
checkdepends="py3-pytest py3-case py3-nose"
source="https://files.pythonhosted.org/packages/source/v/vine/vine-$pkgver.tar.gz"
builddir="$srcdir/vine-$pkgver"
replaces="py-vine" # Backwards compatibility
provides="py-vine=$pkgver-r$pkgrel" # Backwards compatibility
build() {
python3 setup.py build
}
check() {
python3 -m pytest
}
package() {
python3 setup.py install --skip-build --root="$pkgdir"
}
sha512sums="
ff8f4b3f675220772ed0523e468eedbaec4aca793877b984e9a215603d1288cc3cc71dfeb152219d22f98de0ac7e9f9fa0cc35c2424ff36044cfc8f28192c159 vine-5.0.0.tar.gz
"

30
backports/re2/APKBUILD Normal file
View file

@ -0,0 +1,30 @@
# Contributor: Francesco Colista <fcolista@alpinelinux.org>
# Maintainer: Francesco Colista <fcolista@alpinelinux.org>
pkgname=re2
pkgver=2022.12.01
_pkgver=${pkgver//./-}
pkgrel=0
pkgdesc="Efficient, principled regular expression library"
url="https://github.com/google/re2"
arch="all"
license="BSD-3-Clause"
subpackages="$pkgname-dev"
provides="libre2=$pkgver-r$pkgrel"
source="$pkgname-$pkgver.tar.gz::https://github.com/google/re2/archive/$_pkgver.tar.gz"
builddir="$srcdir"/$pkgname-$_pkgver
build() {
make
}
check() {
make test
}
package() {
make DESTDIR="$pkgdir" prefix=/usr install
}
sha512sums="
783f856e6556ce60f0e9a15b2366cb4df21ca019cdc85ef7ad47a11d0345935300dede5da61892bdc77d2642da82ddc81b6670049eb87f357a64a9c684140ec9 re2-2022.12.01.tar.gz
"

View file

@ -1,5 +1,6 @@
Patch-Source: https://salsa.debian.org/debian/shntool/-/commit/57efcd7b34c2107dd785c11d79dfcd4520b2bc41
--
Origin: https://github.com/max619/shntool/commit/cfd06e4ed
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950803
From cfd06e4edecdca2013e0fe04db135fd110a68203 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=9C=D0=B0=D0=BA=D1=81=D0=B8=D0=BC=20=D0=91=D0=B0=D0=B3?=
=?UTF-8?q?=D1=80=D1=8F=D0=BD=D1=86=D0=B5=D0=B2?= <maxbag97619@gmail.com>
@ -43,4 +44,3 @@ Subject: [PATCH] Added WAVE_FORMAT_EXTENSIBLE with value 0xfffe and supressed
}
return "Unknown";
}

View file

@ -1,27 +1,21 @@
# Contributor: Carlo Landmeter <clandmeter@gmail.com>
# Maintainer: Jean-Louis Fuchs <ganwell@fangorn.ch>
# Contributor: Carlo Landmeter <clandmeter@alpinelinux.org>
# Maintainer: Jean-Louis Fuchs <jean-louis.fuchs@adfinis-sygroup.ch>
pkgname=shntool
pkgver=3.0.10
pkgrel=5
pkgrel=4
pkgdesc="A multi-purpose WAVE data processing and reporting utility"
url="http://www.etree.org/shnutils/shntool/"
url="http://shnutils.freeshell.org/shntool/"
arch="all"
license="GPL"
license="GPL-2.0-or-later"
makedepends="sox"
subpackages="$pkgname-doc"
source="
http://shnutils.freeshell.org/shntool/dist/src/shntool-3.0.10.tar.gz
cfd06e4edecdca2013e0fe04db135fd110a68203.patch
large-size.patch
large-times.patch
no-cdquality-check.patch
"
builddir="$srcdir"/shntool-$pkgver
source="http://shnutils.freeshell.org/shntool/dist/src/shntool-$pkgver.tar.gz
shntool-3.0.10-large-size.patch
shntool-3.0.10-large-times.patch
24bit.patch
"
build() {
cd "$builddir"
update_config_sub
./configure \
--build=$CBUILD \
@ -35,7 +29,6 @@ build() {
}
package() {
cd "$builddir"
make DESTDIR="$pkgdir" install
}
@ -65,8 +58,9 @@ check() {
rm -r test
}
sha512sums="2150d7123860abb54a56a1615bda991ed3713d73c338723f28b7d01a63c49a47809be16dc57b5b4edeee1567b003f9a4b54945c1cd08440f9503d22b91eaa06d shntool-3.0.10.tar.gz
1eaed454e4a9c32e61ed6d564f9be5f870bc15c46863958be81a432c0be945969ab23eecb855d5029dc7fa4d72b9f9ba12c6fe3e5db79337cb1c2d61a03e402a cfd06e4edecdca2013e0fe04db135fd110a68203.patch
8dbd3ee61ce637a05fda4487eb6ed4c18a825984ba302037553f27a02ab22f035226ea0fec7bc4d8afdc7dd6f44e35b64a5b4404dc04a3e639a67f06a26caf1b large-size.patch
b44f1351d6a1830b5d6b509003dc960dfe7fef16139114fefe2a2afc52a7c2e04322c54b3d1b056299fc97f3e670d2a7c9bfac64ac2fb517c8be16dd10c1e934 large-times.patch
e5b5fe4894eea92e026eec666900bde2b10ea33d4b0ffbf74a231e443c476e11b50eebc21bc2ff2b844ca48af0a41a7b6af77fdc524d0b1bd33d03f133d99992 no-cdquality-check.patch"
sha512sums="
2150d7123860abb54a56a1615bda991ed3713d73c338723f28b7d01a63c49a47809be16dc57b5b4edeee1567b003f9a4b54945c1cd08440f9503d22b91eaa06d shntool-3.0.10.tar.gz
fc44bca63d79b279db6d275caaacdb73cbebd6b902276a9052f005146fa125f4674e3cf559d46405637a337192f4a38f9bec4836af46e7ae52e4f220352c1ba7 shntool-3.0.10-large-size.patch
9780f22d93e20dd01d18067978bdf6cbb0b460bb80f41c4f4752b3322c3d70182b3acf35b789e30fc36ca52af6127e24c00599fb49b916f01448613721a94ebe shntool-3.0.10-large-times.patch
3c9cdd7936a6572a3c9dfc7575f5ff9a0981dd557add8e1113454487091c7b161040d25d3266937449295a1bb5317ee3515a84c3d7168360bf84643ed828e202 24bit.patch
"

View file

@ -1,13 +1,7 @@
Last-Update: 2014-11-15
Forwarded: yes
From: Adam Sampson <ats@offog.org>
Bug-Debian: http://bugs.debian.org/684600
Description: fix large files processing.
--- a/src/core_fileio.c
+++ b/src/core_fileio.c
@@ -109,12 +109,18 @@
diff -aur shntool-3.0.10-clean/src/core_fileio.c shntool-3.0.10-size/src/core_fileio.c
--- shntool-3.0.10-clean/src/core_fileio.c 2009-03-11 17:18:01.000000000 +0000
+++ shntool-3.0.10-size/src/core_fileio.c 2012-08-11 17:20:14.000000000 +0100
@@ -110,10 +110,16 @@
buf[4] = 0;
if (be_val)
@ -26,4 +20,4 @@ Description: fix large files processing.
if (tag_val)
tagcpy(tag_val,buf);

View file

@ -1,13 +1,7 @@
Last-Update: 2014-11-15
Forwarded: yes
From: Adam Sampson <ats@offog.org>
Bug-Debian: http://bugs.debian.org/684600
Description: fix large files processing.
--- a/src/core_mode.c
+++ b/src/core_mode.c
@@ -309,10 +309,10 @@
diff -aur shntool-3.0.10-clean/src/core_mode.c shntool-3.0.10/src/core_mode.c
--- shntool-3.0.10-clean/src/core_mode.c 2009-03-30 06:55:33.000000000 +0100
+++ shntool-3.0.10/src/core_mode.c 2012-08-11 16:37:58.000000000 +0100
@@ -310,8 +310,8 @@
if (sec >= 60)
st_error("invalid value for seconds: [%d]",sec);
@ -18,9 +12,7 @@ Description: fix large files processing.
return bytes;
}
@@ -357,11 +357,11 @@
@@ -358,9 +358,9 @@
if (frames >= 75)
st_error("invalid value for frames: [%d]",frames);
@ -33,9 +25,7 @@ Description: fix large files processing.
return bytes;
}
@@ -402,10 +402,10 @@
st_error("invalid value for seconds: [%d]",sec);
@@ -403,8 +403,8 @@
nearest_byte = (int)((((double)ms * (double)info->rate) / 1000.0) + 0.5);
@ -46,4 +36,5 @@ Description: fix large files processing.
if (PROB_NOT_CD(info)) {
bytes += nearest_byte;
}

View file

@ -1,34 +0,0 @@
From c276ddc394dd402327603959271eac63a2e1ec1c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Thu, 5 Feb 2015 08:40:00 +0200
Subject: [PATCH] busybox basename
---
Makefile.org | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/Makefile.org b/Makefile.org
index b7a3f96..035fa83 100644
--- a/Makefile.org
+++ b/Makefile.org
@@ -649,7 +649,7 @@ install_docs:
filecase=-i; \
esac; \
set -e; for i in doc/apps/*.pod; do \
- fn=`basename $$i .pod`; \
+ fn=`basename $$i .pod || true`; \
sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
(cd `$(PERL) util/dirname.pl $$i`; \
@@ -666,7 +666,7 @@ install_docs:
done); \
done; \
set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
- fn=`basename $$i .pod`; \
+ fn=`basename $$i .pod || true`; \
sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
(cd `$(PERL) util/dirname.pl $$i`; \
--
2.2.2

View file

@ -1,26 +0,0 @@
From 5caf1bdcdb56358c0ce38ef404fedbe323e66cb9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Thu, 5 Feb 2015 08:40:32 +0200
Subject: [PATCH] use termios
---
crypto/ui/ui_openssl.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c
index 8bda83c..a89b5f2 100644
--- a/crypto/ui/ui_openssl.c
+++ b/crypto/ui/ui_openssl.c
@@ -224,6 +224,9 @@
# undef SGTTY
#endif
+#define TERMIOS
+#undef TERMIO
+
#ifdef TERMIOS
# include <termios.h>
# define TTY_STRUCT struct termios
--
2.2.2

View file

@ -1,79 +0,0 @@
From 09e6425ad6927a825b077af85c50b2fb04773757 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Thu, 5 Feb 2015 08:52:05 +0200
Subject: [PATCH] fix default ca path for apps
---
apps/s_server.c | 22 ++++++++++++++--------
apps/s_time.c | 13 ++++++-------
3 files changed, 26 insertions(+), 22 deletions(-)
diff --git a/apps/s_server.c b/apps/s_server.c
index baa2455..2d5dc97 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1770,12 +1770,14 @@ int MAIN(int argc, char *argv[])
}
#endif
- if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
- (!SSL_CTX_set_default_verify_paths(ctx))) {
- /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
- ERR_print_errors(bio_err);
- /* goto end; */
+ if (CAfile == NULL && CApath == NULL) {
+ if (!SSL_CTX_set_default_verify_paths(ctx))
+ ERR_print_errors(bio_err);
+ } else {
+ if (!SSL_CTX_load_verify_locations(ctx, CAfile, CApath))
+ ERR_print_errors(bio_err);
}
+
if (vpm)
SSL_CTX_set1_param(ctx, vpm);
@@ -1838,10 +1840,14 @@ int MAIN(int argc, char *argv[])
else
SSL_CTX_sess_set_cache_size(ctx2, 128);
- if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
- (!SSL_CTX_set_default_verify_paths(ctx2))) {
- ERR_print_errors(bio_err);
+ if (CAfile == NULL && CApath == NULL) {
+ if (!SSL_CTX_set_default_verify_paths(ctx2))
+ ERR_print_errors(bio_err);
+ } else {
+ if (!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath))
+ ERR_print_errors(bio_err);
}
+
if (vpm)
SSL_CTX_set1_param(ctx2, vpm);
diff --git a/apps/s_time.c b/apps/s_time.c
index 5846f3a..c8f371a 100644
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -377,13 +377,12 @@ int MAIN(int argc, char **argv)
SSL_load_error_strings();
- if ((!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath)) ||
- (!SSL_CTX_set_default_verify_paths(tm_ctx))) {
- /*
- * BIO_printf(bio_err,"error setting default verify locations\n");
- */
- ERR_print_errors(bio_err);
- /* goto end; */
+ if (CAfile == NULL && CApath == NULL) {
+ if (!SSL_CTX_set_default_verify_paths(tm_ctx))
+ ERR_print_errors(bio_err);
+ } else {
+ if (!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath))
+ ERR_print_errors(bio_err);
}
if (tm_cipher == NULL)
--
2.2.2

View file

@ -1,349 +0,0 @@
diff -ru openssl-1.0.2a.orig/Makefile.org openssl-1.0.2a/Makefile.org
--- openssl-1.0.2d.orig/Makefile.org 2015-07-09 16:30:50.201986573 -0300
+++ openssl-1.0.2d/Makefile.org 2015-07-09 16:30:50.201986573 -0300
@@ -278,17 +278,17 @@
build_libssl: build_ssl libssl.pc
build_crypto:
- @dir=crypto; target=all; $(BUILD_ONE_CMD)
+ +@dir=crypto; target=all; $(BUILD_ONE_CMD)
build_ssl: build_crypto
- @dir=ssl; target=all; $(BUILD_ONE_CMD)
+ +@dir=ssl; target=all; $(BUILD_ONE_CMD)
build_engines: build_crypto
- @dir=engines; target=all; $(BUILD_ONE_CMD)
+ +@dir=engines; target=all; $(BUILD_ONE_CMD)
build_apps: build_libs
- @dir=apps; target=all; $(BUILD_ONE_CMD)
+ +@dir=apps; target=all; $(BUILD_ONE_CMD)
build_tests: build_libs
- @dir=test; target=all; $(BUILD_ONE_CMD)
+ +@dir=test; target=all; $(BUILD_ONE_CMD)
build_tools: build_libs
- @dir=tools; target=all; $(BUILD_ONE_CMD)
+ +@dir=tools; target=all; $(BUILD_ONE_CMD)
all_testapps: build_libs build_testapps
build_testapps:
@@ -536,9 +536,9 @@
dist_pem_h:
(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
-install: all install_docs install_sw
+install: install_docs install_sw
-install_sw:
+install_dirs:
@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
@@ -547,12 +547,19 @@
$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
$(INSTALL_PREFIX)$(OPENSSLDIR)/private
+ @$(PERL) $(TOP)/util/mkdir-p.pl \
+ $(INSTALL_PREFIX)$(MANDIR)/man1 \
+ $(INSTALL_PREFIX)$(MANDIR)/man3 \
+ $(INSTALL_PREFIX)$(MANDIR)/man5 \
+ $(INSTALL_PREFIX)$(MANDIR)/man7
+
+install_sw: install_dirs
@set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD)
@set -e; liblist="$(LIBS)"; for i in $$liblist ;\
do \
if [ -f "$$i" ]; then \
@@ -636,12 +643,7 @@
done; \
done
-install_docs:
- @$(PERL) $(TOP)/util/mkdir-p.pl \
- $(INSTALL_PREFIX)$(MANDIR)/man1 \
- $(INSTALL_PREFIX)$(MANDIR)/man3 \
- $(INSTALL_PREFIX)$(MANDIR)/man5 \
- $(INSTALL_PREFIX)$(MANDIR)/man7
+install_docs: install_dirs
@pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
here="`pwd`"; \
filecase=; \
diff -ru openssl-1.0.2a.orig/Makefile.shared openssl-1.0.2a/Makefile.shared
--- openssl-1.0.2a.orig/Makefile.shared 2015-01-20 12:33:36.000000000 +0000
+++ openssl-1.0.2a/Makefile.shared 2015-03-19 14:53:31.246908039 +0000
@@ -105,6 +105,7 @@
SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \
LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
$${SHAREDCMD} $${SHAREDFLAGS} \
-o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
@@ -122,6 +123,7 @@
done; \
fi; \
if [ -n "$$SHLIB_SOVER" ]; then \
+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
fi; \
diff -ru openssl-1.0.2a.orig/crypto/Makefile openssl-1.0.2a/crypto/Makefile
--- openssl-1.0.2a.orig/crypto/Makefile 2015-03-19 13:31:02.000000000 +0000
+++ openssl-1.0.2a/crypto/Makefile 2015-03-19 14:53:31.246908039 +0000
@@ -85,11 +85,11 @@
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
subdirs:
- @target=all; $(RECURSIVE_MAKE)
+ +@target=all; $(RECURSIVE_MAKE)
files:
$(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO
- @target=files; $(RECURSIVE_MAKE)
+ +@target=files; $(RECURSIVE_MAKE)
links:
@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
@@ -100,7 +100,7 @@
# lib: $(LIB): are splitted to avoid end-less loop
lib: $(LIB)
@touch lib
-$(LIB): $(LIBOBJ)
+$(LIB): $(LIBOBJ) | subdirs
$(AR) $(LIB) $(LIBOBJ)
test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
$(RANLIB) $(LIB) || echo Never mind.
@@ -111,7 +111,7 @@
fi
libs:
- @target=lib; $(RECURSIVE_MAKE)
+ +@target=lib; $(RECURSIVE_MAKE)
install:
@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
@@ -120,7 +120,7 @@
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
- @target=install; $(RECURSIVE_MAKE)
+ +@target=install; $(RECURSIVE_MAKE)
lint:
@target=lint; $(RECURSIVE_MAKE)
diff -ru openssl-1.0.2a.orig/engines/Makefile openssl-1.0.2a/engines/Makefile
--- openssl-1.0.2a.orig/engines/Makefile 2015-03-19 13:31:14.000000000 +0000
+++ openssl-1.0.2a/engines/Makefile 2015-03-19 14:53:31.246908039 +0000
@@ -72,7 +72,7 @@
all: lib subdirs
-lib: $(LIBOBJ)
+lib: $(LIBOBJ) | subdirs
@if [ -n "$(SHARED_LIBS)" ]; then \
set -e; \
for l in $(LIBNAMES); do \
@@ -89,7 +89,7 @@
subdirs:
echo $(EDIRS)
- @target=all; $(RECURSIVE_MAKE)
+ +@target=all; $(RECURSIVE_MAKE)
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -128,7 +128,7 @@
mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
done; \
fi
- @target=install; $(RECURSIVE_MAKE)
+ +@target=install; $(RECURSIVE_MAKE)
tags:
ctags $(SRC)
diff -ru openssl-1.0.2a.orig/test/Makefile openssl-1.0.2a/test/Makefile
--- openssl-1.0.2a.orig/test/Makefile 2015-03-19 13:31:16.000000000 +0000
+++ openssl-1.0.2a/test/Makefile 2015-03-19 14:55:44.146017128 +0000
@@ -133,7 +133,7 @@
tags:
ctags $(SRC)
-tests: exe apps $(TESTS)
+tests: exe $(TESTS)
apps:
@(cd ..; $(MAKE) DIRS=apps all)
@@ -402,121 +402,121 @@
link_app.$${shlib_target}
$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
- @target=$(RSATEST); $(BUILD_CMD)
+ +@target=$(RSATEST); $(BUILD_CMD)
$(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
- @target=$(BNTEST); $(BUILD_CMD)
+ +@target=$(BNTEST); $(BUILD_CMD)
$(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
- @target=$(ECTEST); $(BUILD_CMD)
+ +@target=$(ECTEST); $(BUILD_CMD)
$(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
- @target=$(EXPTEST); $(BUILD_CMD)
+ +@target=$(EXPTEST); $(BUILD_CMD)
$(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
- @target=$(IDEATEST); $(BUILD_CMD)
+ +@target=$(IDEATEST); $(BUILD_CMD)
$(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
- @target=$(MD2TEST); $(BUILD_CMD)
+ +@target=$(MD2TEST); $(BUILD_CMD)
$(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
- @target=$(SHATEST); $(BUILD_CMD)
+ +@target=$(SHATEST); $(BUILD_CMD)
$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
- @target=$(SHA1TEST); $(BUILD_CMD)
+ +@target=$(SHA1TEST); $(BUILD_CMD)
$(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
- @target=$(SHA256TEST); $(BUILD_CMD)
+ +@target=$(SHA256TEST); $(BUILD_CMD)
$(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
- @target=$(SHA512TEST); $(BUILD_CMD)
+ +@target=$(SHA512TEST); $(BUILD_CMD)
$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
- @target=$(RMDTEST); $(BUILD_CMD)
+ +@target=$(RMDTEST); $(BUILD_CMD)
$(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
- @target=$(MDC2TEST); $(BUILD_CMD)
+ +@target=$(MDC2TEST); $(BUILD_CMD)
$(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
- @target=$(MD4TEST); $(BUILD_CMD)
+ +@target=$(MD4TEST); $(BUILD_CMD)
$(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
- @target=$(MD5TEST); $(BUILD_CMD)
+ +@target=$(MD5TEST); $(BUILD_CMD)
$(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
- @target=$(HMACTEST); $(BUILD_CMD)
+ +@target=$(HMACTEST); $(BUILD_CMD)
$(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
- @target=$(WPTEST); $(BUILD_CMD)
+ +@target=$(WPTEST); $(BUILD_CMD)
$(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
- @target=$(RC2TEST); $(BUILD_CMD)
+ +@target=$(RC2TEST); $(BUILD_CMD)
$(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
- @target=$(BFTEST); $(BUILD_CMD)
+ +@target=$(BFTEST); $(BUILD_CMD)
$(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
- @target=$(CASTTEST); $(BUILD_CMD)
+ +@target=$(CASTTEST); $(BUILD_CMD)
$(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
- @target=$(RC4TEST); $(BUILD_CMD)
+ +@target=$(RC4TEST); $(BUILD_CMD)
$(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
- @target=$(RC5TEST); $(BUILD_CMD)
+ +@target=$(RC5TEST); $(BUILD_CMD)
$(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
- @target=$(DESTEST); $(BUILD_CMD)
+ +@target=$(DESTEST); $(BUILD_CMD)
$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
- @target=$(RANDTEST); $(BUILD_CMD)
+ +@target=$(RANDTEST); $(BUILD_CMD)
$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
- @target=$(DHTEST); $(BUILD_CMD)
+ +@target=$(DHTEST); $(BUILD_CMD)
$(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
- @target=$(DSATEST); $(BUILD_CMD)
+ +@target=$(DSATEST); $(BUILD_CMD)
$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
- @target=$(METHTEST); $(BUILD_CMD)
+ +@target=$(METHTEST); $(BUILD_CMD)
$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
- @target=$(SSLTEST); $(FIPS_BUILD_CMD)
+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD)
$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
- @target=$(ENGINETEST); $(BUILD_CMD)
+ +@target=$(ENGINETEST); $(BUILD_CMD)
$(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
- @target=$(EVPTEST); $(BUILD_CMD)
+ +@target=$(EVPTEST); $(BUILD_CMD)
$(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO)
- @target=$(EVPEXTRATEST); $(BUILD_CMD)
+ +@target=$(EVPEXTRATEST); $(BUILD_CMD)
$(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
- @target=$(ECDSATEST); $(BUILD_CMD)
+ +@target=$(ECDSATEST); $(BUILD_CMD)
$(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
- @target=$(ECDHTEST); $(BUILD_CMD)
+ +@target=$(ECDHTEST); $(BUILD_CMD)
$(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
- @target=$(IGETEST); $(BUILD_CMD)
+ +@target=$(IGETEST); $(BUILD_CMD)
$(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
- @target=$(JPAKETEST); $(BUILD_CMD)
+ +@target=$(JPAKETEST); $(BUILD_CMD)
$(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
- @target=$(ASN1TEST); $(BUILD_CMD)
+ +@target=$(ASN1TEST); $(BUILD_CMD)
$(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
- @target=$(SRPTEST); $(BUILD_CMD)
+ +@target=$(SRPTEST); $(BUILD_CMD)
$(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO)
- @target=$(V3NAMETEST); $(BUILD_CMD)
+ +@target=$(V3NAMETEST); $(BUILD_CMD)
$(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO)
- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
+ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
$(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o
- @target=$(CONSTTIMETEST) $(BUILD_CMD)
+ +@target=$(CONSTTIMETEST) $(BUILD_CMD)
#$(AESTEST).o: $(AESTEST).c
# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
@@ -529,7 +529,7 @@
# fi
dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
- @target=dummytest; $(BUILD_CMD)
+ +@target=dummytest; $(BUILD_CMD)
# DO NOT DELETE THIS LINE -- make depend depends on it.

View file

@ -1,68 +0,0 @@
From 4785c095dbfb3630ddf6685f23e3a19c7c804cbc Mon Sep 17 00:00:00 2001
From: William Pitcock <nenolod@dereferenced.org>
Date: Thu, 5 Feb 2015 09:02:00 +0200
Subject: [PATCH] add ircv3 tls-3.1 extension support to s_client
---
apps/s_client.c | 24 ++++++++++++++++++++++--
1 file changed, 22 insertions(+), 2 deletions(-)
diff --git a/apps/s_client.c b/apps/s_client.c
index 8aee02a..0a28b89 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -401,7 +401,7 @@ static void sc_usage(void)
BIO_printf(bio_err,
" 'prot' defines which one to assume. Currently,\n");
BIO_printf(bio_err,
- " only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n");
+ " only \"smtp\", \"pop3\", \"imap\", \"ftp\", \"xmpp\" and \"ircv3\"\n");
BIO_printf(bio_err, " are supported.\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,
@@ -640,7 +640,8 @@ enum {
PROTO_POP3,
PROTO_IMAP,
PROTO_FTP,
- PROTO_XMPP
+ PROTO_XMPP,
+ PROTO_IRCV3,
};
int MAIN(int, char **);
@@ -1062,6 +1063,8 @@ int MAIN(int argc, char **argv)
starttls_proto = PROTO_FTP;
else if (strcmp(*argv, "xmpp") == 0)
starttls_proto = PROTO_XMPP;
+ else if (strcmp(*argv, "ircv3") == 0)
+ starttls_proto = PROTO_IRCV3;
else
goto bad;
}
@@ -1646,6 +1649,23 @@ int MAIN(int argc, char **argv)
goto shut;
mbuf[0] = 0;
}
+ if (starttls_proto == PROTO_IRCV3) {
+ int seen = 0;
+ BIO_printf(sbio,"CAP REQ :tls\r\n");
+
+ while (!strstr(mbuf,"CAP")) {
+ seen = BIO_read(sbio,mbuf,BUFSIZZ);
+ mbuf[seen] = 0;
+ }
+ if (!strstr(mbuf,"ACK"))
+ goto shut;
+ BIO_printf(sbio,"CAP END\r\nSTARTTLS\r\n");
+ while (!strstr(sbuf, "670")) {
+ seen = BIO_read(sbio,sbuf,BUFSIZZ);
+ sbuf[seen] = 0;
+ }
+ mbuf[0] = 0;
+ }
for (;;) {
FD_ZERO(&readfds);
--
2.2.2

View file

@ -1,27 +0,0 @@
From 7457e26d3a78c7cd923242d87d04febadddea086 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Thu, 5 Feb 2015 10:06:31 +0200
Subject: [PATCH] maintain abi compat with no-freelist and regular build
---
ssl/ssl.h | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 2b0f662..636cb5d 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1113,6 +1113,10 @@ struct ssl_ctx_st {
unsigned int freelist_max_len;
struct ssl3_buf_freelist_st *wbuf_freelist;
struct ssl3_buf_freelist_st *rbuf_freelist;
+# else
+ unsigned int freelist_dummy0;
+ void *freelist_dummy1;
+ void *freelist_dummy2;
# endif
# ifndef OPENSSL_NO_SRP
SRP_CTX srp_ctx; /* ctx for SRP authentication */
--
2.2.2

View file

@ -1,11 +0,0 @@
--- a/Makefile.shared 2005-06-23 22:47:54.000000000 +0200
+++ b/Makefile.shared 2005-11-16 22:35:37.000000000 +0100
@@ -153,7 +153,7 @@
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
+DO_GNU_APP=LDFLAGS="$(CFLAGS)"
#This is rather special. It's a special target with which one can link
#applications without bothering with any features that have anything to

View file

@ -1,38 +0,0 @@
diff -ru openssl-1.0.2a.orig/doc/ssl/SSL_COMP_add_compression_method.pod openssl-1.0.2a/doc/ssl/SSL_COMP_add_compression_method.pod
--- openssl-1.0.2a.orig/doc/ssl/SSL_COMP_add_compression_method.pod 2015-01-15 16:43:14.000000000 -0200
+++ openssl-1.0.2a/doc/ssl/SSL_COMP_add_compression_method.pod 2015-03-27 15:18:47.280054883 -0200
@@ -47,6 +47,13 @@
been standardized, the compression API will most likely be changed. Using
it in the current state is not recommended.
+It is also not recommended to use compression if data transfered contain
+untrusted parts that can be manipulated by an attacker as he could then
+get information about the encrypted data. See the CRIME attack. For
+that reason the default loading of the zlib compression method is
+disabled and enabled only if the environment variable B<OPENSSL_DEFAULT_ZLIB>
+is present during the library initialization.
+
=head1 RETURN VALUES
SSL_COMP_add_compression_method() may return the following values:
diff -ru openssl-1.0.2a.orig/ssl/ssl_ciph.c openssl-1.0.2a/ssl/ssl_ciph.c
--- openssl-1.0.2a.orig/ssl/ssl_ciph.c 2015-03-19 15:30:36.000000000 -0200
+++ openssl-1.0.2a/ssl/ssl_ciph.c 2015-03-27 15:23:05.960057092 -0200
@@ -141,6 +141,8 @@
*/
#include <stdio.h>
+#include <stdlib.h>
+#include <sys/auxv.h>
#include <openssl/objects.h>
#ifndef OPENSSL_NO_COMP
# include <openssl/comp.h>
@@ -481,7 +483,7 @@
MemCheck_off();
ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp);
- if (ssl_comp_methods != NULL) {
+ if (ssl_comp_methods != NULL && getauxval(AT_SECURE) == 0 && getenv("OPENSSL_DEFAULT_ZLIB") != NULL) {
comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
if (comp != NULL) {
comp->method = COMP_zlib();

View file

@ -1,88 +0,0 @@
From 83c96cbc76604daccbc31cea9411555aea96fd6d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Thu, 5 Feb 2015 09:16:51 +0200
Subject: [PATCH] crypto/hmac: support EVP_MD_CTX_FLAG_ONESHOT and set it
properly
Some engines (namely VIA C7 Padlock) work only if EVP_MD_CTX_FLAG_ONESHOT
is set before final update. This is because some crypto accelerators cannot
perform non-finalizing transform of the digest.
The usage of EVP_MD_CTX_FLAG_ONESHOT is used semantically slightly
differently here. It is set before the final EVP_DigestUpdate call, not
necessarily before EVP_DigestInit call. This will not cause any problems
though.
---
crypto/hmac/hmac.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 1fc9e2c..6f16578 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -109,7 +109,8 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
j = EVP_MD_block_size(md);
OPENSSL_assert(j <= (int)sizeof(ctx->key));
if (j < len) {
- if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl))
+ EVP_MD_CTX_set_flags(&ctx->md_ctx, EVP_MD_CTX_FLAG_ONESHOT);
+ if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl))
goto err;
if (!EVP_DigestUpdate(&ctx->md_ctx, key, len))
goto err;
@@ -129,6 +130,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
if (reset) {
for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
pad[i] = 0x36 ^ ctx->key[i];
+ EVP_MD_CTX_clear_flags(&ctx->i_ctx, EVP_MD_CTX_FLAG_ONESHOT);
if (!EVP_DigestInit_ex(&ctx->i_ctx, md, impl))
goto err;
if (!EVP_DigestUpdate(&ctx->i_ctx, pad, EVP_MD_block_size(md)))
@@ -136,6 +138,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
pad[i] = 0x5c ^ ctx->key[i];
+ EVP_MD_CTX_clear_flags(&ctx->o_ctx, EVP_MD_CTX_FLAG_ONESHOT);
if (!EVP_DigestInit_ex(&ctx->o_ctx, md, impl))
goto err;
if (!EVP_DigestUpdate(&ctx->o_ctx, pad, EVP_MD_block_size(md)))
@@ -143,6 +146,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
}
if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx))
goto err;
+ EVP_MD_CTX_clear_flags(&ctx->md_ctx, EVP_MD_CTX_FLAG_ONESHOT);
return 1;
err:
return 0;
@@ -177,6 +181,7 @@ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
goto err;
if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx))
goto err;
+ EVP_MD_CTX_set_flags(&ctx->md_ctx,EVP_MD_CTX_FLAG_ONESHOT);
if (!EVP_DigestUpdate(&ctx->md_ctx, buf, i))
goto err;
if (!EVP_DigestFinal_ex(&ctx->md_ctx, md, len))
@@ -233,8 +238,9 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
if (md == NULL)
md = m;
HMAC_CTX_init(&c);
- if (!HMAC_Init(&c, key, key_len, evp_md))
+ if (!HMAC_Init_ex(&c, key, key_len, evp_md, NULL))
goto err;
+ HMAC_CTX_set_flags(&c,EVP_MD_CTX_FLAG_ONESHOT);
if (!HMAC_Update(&c, d, n))
goto err;
if (!HMAC_Final(&c, md, md_len))
@@ -247,7 +253,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
{
- EVP_MD_CTX_set_flags(&ctx->i_ctx, flags);
- EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);
+ EVP_MD_CTX_set_flags(&ctx->i_ctx, flags & ~EVP_MD_CTX_FLAG_ONESHOT);
+ EVP_MD_CTX_set_flags(&ctx->o_ctx, flags & ~EVP_MD_CTX_FLAG_ONESHOT);
EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
}
--
2.2.2

View file

@ -1,200 +0,0 @@
From ba17588a940ee712c3ef6d458adb1087f0c84521 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Thu, 5 Feb 2015 09:28:10 +0200
Subject: [PATCH] backport changes from upstream padlock module.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Includes support for VIA Nano 64-bit mode.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
---
engines/e_padlock.c | 142 +++++++++++++++++++++++++++++++++++++++++++++-------
1 file changed, 125 insertions(+), 17 deletions(-)
diff --git a/engines/e_padlock.c b/engines/e_padlock.c
index 2898e4c..94406cb 100644
--- a/engines/e_padlock.c
+++ b/engines/e_padlock.c
@@ -101,7 +101,10 @@
*/
# undef COMPILE_HW_PADLOCK
# if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM)
-# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \
+# if (defined(__GNUC__) && __GNUC__>=2 && \
+ (defined(__i386__) || defined(__i386) || \
+ defined(__x86_64__) || defined(__x86_64)) \
+ ) || \
(defined(_MSC_VER) && defined(_M_IX86))
# define COMPILE_HW_PADLOCK
# endif
@@ -303,6 +306,7 @@ static volatile struct padlock_cipher_data *padlock_saved_context;
* =======================================================
*/
# if defined(__GNUC__) && __GNUC__>=2
+# if defined(__i386__) || defined(__i386)
/*
* As for excessive "push %ebx"/"pop %ebx" found all over.
* When generating position-independent code GCC won't let
@@ -379,22 +383,6 @@ static int padlock_available(void)
return padlock_use_ace + padlock_use_rng;
}
-# ifndef OPENSSL_NO_AES
-# ifndef AES_ASM
-/* Our own htonl()/ntohl() */
-static inline void padlock_bswapl(AES_KEY *ks)
-{
- size_t i = sizeof(ks->rd_key) / sizeof(ks->rd_key[0]);
- unsigned int *key = ks->rd_key;
-
- while (i--) {
- asm volatile ("bswapl %0":"+r" (*key));
- key++;
- }
-}
-# endif
-# endif
-
/*
* Force key reload from memory to the CPU microcode. Loading EFLAGS from the
* stack clears EFLAGS[30] which does the trick.
@@ -448,6 +436,110 @@ static inline void *name(size_t cnt, \
: "edx", "cc", "memory"); \
return iv; \
}
+#endif
+
+#elif defined(__x86_64__) || defined(__x86_64)
+
+/* Load supported features of the CPU to see if
+ the PadLock is available. */
+static int
+padlock_available(void)
+{
+ char vendor_string[16];
+ unsigned int eax, edx;
+
+ /* Are we running on the Centaur (VIA) CPU? */
+ eax = 0x00000000;
+ vendor_string[12] = 0;
+ asm volatile (
+ "cpuid\n"
+ "movl %%ebx,(%1)\n"
+ "movl %%edx,4(%1)\n"
+ "movl %%ecx,8(%1)\n"
+ : "+a"(eax) : "r"(vendor_string) : "rbx", "rcx", "rdx");
+ if (strcmp(vendor_string, "CentaurHauls") != 0)
+ return 0;
+
+ /* Check for Centaur Extended Feature Flags presence */
+ eax = 0xC0000000;
+ asm volatile ("cpuid"
+ : "+a"(eax) : : "rbx", "rcx", "rdx");
+ if (eax < 0xC0000001)
+ return 0;
+
+ /* Read the Centaur Extended Feature Flags */
+ eax = 0xC0000001;
+ asm volatile ("cpuid"
+ : "+a"(eax), "=d"(edx) : : "rbx", "rcx");
+
+ /* Fill up some flags */
+ padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6));
+ padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2));
+
+ return padlock_use_ace + padlock_use_rng;
+}
+
+/* Force key reload from memory to the CPU microcode.
+ Loading EFLAGS from the stack clears EFLAGS[30]
+ which does the trick. */
+static inline void
+padlock_reload_key(void)
+{
+ asm volatile ("pushfq; popfq");
+}
+
+#ifndef OPENSSL_NO_AES
+/*
+ * This is heuristic key context tracing. At first one
+ * believes that one should use atomic swap instructions,
+ * but it's not actually necessary. Point is that if
+ * padlock_saved_context was changed by another thread
+ * after we've read it and before we compare it with cdata,
+ * our key *shall* be reloaded upon thread context switch
+ * and we are therefore set in either case...
+ */
+static inline void
+padlock_verify_context(struct padlock_cipher_data *cdata)
+{
+ asm volatile (
+ "pushfq\n"
+" btl $30,(%%rsp)\n"
+" jnc 1f\n"
+" cmpq %2,%1\n"
+" je 1f\n"
+" popfq\n"
+" subq $8,%%rsp\n"
+"1: addq $8,%%rsp\n"
+" movq %2,%0"
+ :"+m"(padlock_saved_context)
+ : "r"(padlock_saved_context), "r"(cdata) : "cc");
+}
+
+/* Template for padlock_xcrypt_* modes */
+/* BIG FAT WARNING:
+ * The offsets used with 'leal' instructions
+ * describe items of the 'padlock_cipher_data'
+ * structure.
+ */
+#define PADLOCK_XCRYPT_ASM(name,rep_xcrypt) \
+static inline void *name(size_t cnt, \
+ struct padlock_cipher_data *cdata, \
+ void *out, const void *inp) \
+{ void *iv; \
+ asm volatile ( "leaq 16(%0),%%rdx\n" \
+ " leaq 32(%0),%%rbx\n" \
+ rep_xcrypt "\n" \
+ : "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \
+ : "0"(cdata), "1"(cnt), "2"(out), "3"(inp) \
+ : "rbx", "rdx", "cc", "memory"); \
+ return iv; \
+}
+#endif
+
+#endif /* cpu */
+
+
+# ifndef OPENSSL_NO_AES
/* Generate all functions with appropriate opcodes */
/* rep xcryptecb */
@@ -458,7 +550,23 @@ PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8")
PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0")
/* rep xcryptofb */
PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8")
+
+# ifndef AES_ASM
+/* Our own htonl()/ntohl() */
+static inline void padlock_bswapl(AES_KEY *ks)
+{
+ size_t i = sizeof(ks->rd_key) / sizeof(ks->rd_key[0]);
+ unsigned int *key = ks->rd_key;
+
+ while (i--) {
+ asm volatile ("bswapl %0":"+r" (*key));
+ key++;
+ }
+}
+# endif
+
# endif
+
/* The RNG call itself */
static inline unsigned int padlock_xstore(void *addr, unsigned int edx_in)
{
--
2.2.2

View file

@ -1,782 +0,0 @@
From 728af0306505f1ff91364ac2175fb6bf5da90ec3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Thu, 5 Feb 2015 09:41:12 +0200
Subject: [PATCH] engines/e_padlock: implement sha1/sha224/sha256 acceleration
Limited support for VIA C7 that works only when EVP_MD_CTX_FLAG_ONESHOT
is used appropriately (as done by EVP_Digest, and my previous HMAC patch).
Full support for VIA Nano including partial transformation and 64-bit mode.
Benchmarks from VIA Nano 1.6GHz, done with including the previous HMAC and
apps/speed patches done. From single run, error margin of about 100-200k.
No padlock
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
sha1 20057.60k 51514.05k 99721.39k 130167.81k 142811.14k
sha256 7757.72k 16907.18k 28937.05k 35181.23k 37568.51k
hmac(sha1) 8582.53k 27644.69k 70402.30k 114602.67k 140167.85k
With the patch
sha1 37713.77k 114562.71k 259637.33k 379907.41k 438818.13k
sha256 34262.86k 103233.75k 232476.07k 338386.60k 389860.01k
hmac(sha1) 8424.70k 31475.11k 104036.10k 245559.30k 406667.26k
---
engines/e_padlock.c | 663 ++++++++++++++++++++++++++++++++++++++++++++++++----
1 file changed, 614 insertions(+), 49 deletions(-)
diff --git a/engines/e_padlock.c b/engines/e_padlock.c
index 94406cb..5e99114 100644
--- a/engines/e_padlock.c
+++ b/engines/e_padlock.c
@@ -3,6 +3,9 @@
* Written by Michal Ludvig <michal@logix.cz>
* http://www.logix.cz/michal
*
+ * SHA support by Timo Teras <timo.teras@iki.fi>. Portions based on
+ * code originally written by Michal Ludvig.
+ *
* Big thanks to Andy Polyakov for a help with optimization,
* assembler fixes, port to MS Windows and a lot of other
* valuable work on this engine!
@@ -63,7 +66,9 @@
*/
#include <stdio.h>
+#include <stdint.h>
#include <string.h>
+#include <netinet/in.h>
#include <openssl/opensslconf.h>
#include <openssl/crypto.h>
@@ -73,11 +78,32 @@
#ifndef OPENSSL_NO_AES
# include <openssl/aes.h>
#endif
+#ifndef OPENSSL_NO_SHA
+# include <openssl/sha.h>
+#endif
#include <openssl/rand.h>
#include <openssl/err.h>
#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_PADLOCK
+# ifndef OPENSSL_NO_HW_PADLOCK
+
+/* PadLock RNG is disabled by default */
+# define PADLOCK_NO_RNG 1
+
+/* No ASM routines for SHA in MSC yet */
+# ifdef _MSC_VER
+# define OPENSSL_NO_SHA
+# endif
+
+/* 64-bit mode does not need software SHA1 as fallback, we can
+ * do all operations with padlock */
+# if defined(__x86_64__) || defined(__x86_64)
+# define PADLOCK_NEED_FALLBACK_SHA 0
+# else
+# define PADLOCK_NEED_FALLBACK_SHA 1
+# endif
+
+# define PADLOCK_MAX_FINALIZING_LENGTH 0x1FFFFFFE
/* Attempt to have a single source for both 0.9.7 and 0.9.8 :-) */
# if (OPENSSL_VERSION_NUMBER >= 0x00908000L)
@@ -151,60 +177,42 @@ void ENGINE_load_padlock(void)
static int padlock_available(void);
static int padlock_init(ENGINE *e);
+# ifndef PADLOCK_NO_RNG
/* RNG Stuff */
static RAND_METHOD padlock_rand;
-
-/* Cipher Stuff */
-# ifndef OPENSSL_NO_AES
-static int padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
- const int **nids, int nid);
# endif
/* Engine names */
static const char *padlock_id = "padlock";
static char padlock_name[100];
+static int padlock_bind_helper(ENGINE *e);
+
/* Available features */
-static int padlock_use_ace = 0; /* Advanced Cryptography Engine */
-static int padlock_use_rng = 0; /* Random Number Generator */
+enum padlock_flags {
+ PADLOCK_RNG = 0x01,
+ PADLOCK_ACE = 0x02,
+ PADLOCK_ACE2 = 0x04,
+ PADLOCK_PHE = 0x08,
+ PADLOCK_PMM = 0x10,
+ PADLOCK_NANO = 0x20,
+};
+enum padlock_flags padlock_flags;
+
+#define PADLOCK_HAVE_RNG (padlock_flags & PADLOCK_RNG)
+#define PADLOCK_HAVE_ACE (padlock_flags & (PADLOCK_ACE|PADLOCK_ACE2))
+#define PADLOCK_HAVE_ACE1 (padlock_flags & PADLOCK_ACE)
+#define PADLOCK_HAVE_ACE2 (padlock_flags & PADLOCK_ACE2)
+#define PADLOCK_HAVE_PHE (padlock_flags & PADLOCK_PHE)
+#define PADLOCK_HAVE_PMM (padlock_flags & PADLOCK_PMM)
+#define PADLOCK_HAVE_NANO (padlock_flags & PADLOCK_NANO)
+
# ifndef OPENSSL_NO_AES
static int padlock_aes_align_required = 1;
# endif
/* ===== Engine "management" functions ===== */
-/* Prepare the ENGINE structure for registration */
-static int padlock_bind_helper(ENGINE *e)
-{
- /* Check available features */
- padlock_available();
-
-# if 1 /* disable RNG for now, see commentary in
- * vicinity of RNG code */
- padlock_use_rng = 0;
-# endif
-
- /* Generate a nice engine name with available features */
- BIO_snprintf(padlock_name, sizeof(padlock_name),
- "VIA PadLock (%s, %s)",
- padlock_use_rng ? "RNG" : "no-RNG",
- padlock_use_ace ? "ACE" : "no-ACE");
-
- /* Register everything or return with an error */
- if (!ENGINE_set_id(e, padlock_id) ||
- !ENGINE_set_name(e, padlock_name) ||
- !ENGINE_set_init_function(e, padlock_init) ||
-# ifndef OPENSSL_NO_AES
- (padlock_use_ace && !ENGINE_set_ciphers(e, padlock_ciphers)) ||
-# endif
- (padlock_use_rng && !ENGINE_set_RAND(e, &padlock_rand))) {
- return 0;
- }
-
- /* Everything looks good */
- return 1;
-}
-
# ifdef OPENSSL_NO_DYNAMIC_ENGINE
/* Constructor */
@@ -229,7 +237,7 @@ static ENGINE *ENGINE_padlock(void)
/* Check availability of the engine */
static int padlock_init(ENGINE *e)
{
- return (padlock_use_rng || padlock_use_ace);
+ return padlock_flags;
}
/*
@@ -377,10 +385,20 @@ static int padlock_available(void)
"=d"(edx)::"ecx");
/* Fill up some flags */
- padlock_use_ace = ((edx & (0x3 << 6)) == (0x3 << 6));
- padlock_use_rng = ((edx & (0x3 << 2)) == (0x3 << 2));
-
- return padlock_use_ace + padlock_use_rng;
+ padlock_flags |= ((edx & (0x3<<3)) ? PADLOCK_RNG : 0);
+ padlock_flags |= ((edx & (0x3<<7)) ? PADLOCK_ACE : 0);
+ padlock_flags |= ((edx & (0x3<<9)) ? PADLOCK_ACE2 : 0);
+ padlock_flags |= ((edx & (0x3<<11)) ? PADLOCK_PHE : 0);
+ padlock_flags |= ((edx & (0x3<<13)) ? PADLOCK_PMM : 0);
+
+ /* Check for VIA Nano CPU */
+ eax = 0x00000001;
+ asm volatile ("pushl %%ebx; cpuid; popl %%ebx"
+ : "+a"(eax) : : "ecx", "edx");
+ if ((eax | 0x000F) == 0x06FF)
+ padlock_flags |= PADLOCK_NANO;
+
+ return padlock_flags;
}
/*
@@ -473,10 +491,14 @@ padlock_available(void)
: "+a"(eax), "=d"(edx) : : "rbx", "rcx");
/* Fill up some flags */
- padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6));
- padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2));
-
- return padlock_use_ace + padlock_use_rng;
+ padlock_flags |= ((edx & (0x3<<3)) ? PADLOCK_RNG : 0);
+ padlock_flags |= ((edx & (0x3<<7)) ? PADLOCK_ACE : 0);
+ padlock_flags |= ((edx & (0x3<<9)) ? PADLOCK_ACE2 : 0);
+ padlock_flags |= ((edx & (0x3<<11)) ? PADLOCK_PHE : 0);
+ padlock_flags |= ((edx & (0x3<<13)) ? PADLOCK_PMM : 0);
+ padlock_flags |= PADLOCK_NANO;
+
+ return padlock_flags;
}
/* Force key reload from memory to the CPU microcode.
@@ -1293,6 +1315,496 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
# endif /* OPENSSL_NO_AES */
+#ifndef OPENSSL_NO_SHA
+
+static inline void
+padlock_copy_bswap(void *dst, void *src, size_t count)
+{
+ uint32_t *udst = dst, *usrc = src;
+ int i = 0;
+
+ for (i = 0; i < count; i++)
+ udst[i] = htonl(usrc[i]);
+}
+
+static unsigned long padlock_sha_prepare_padding(
+ EVP_MD_CTX *ctx,
+ unsigned char *padding,
+ unsigned char *data, size_t data_len,
+ uint64_t total)
+{
+ unsigned int padding_len;
+
+ padding_len = data_len < 56 ? SHA_CBLOCK : 2 * SHA_CBLOCK;
+ if (data_len)
+ memcpy(padding, data, data_len);
+
+ memset(padding + data_len, 0, padding_len - data_len);
+ padding[data_len] = 0x80;
+ *(uint32_t *)(padding + padding_len - 8) = htonl(total >> 32);
+ *(uint32_t *)(padding + padding_len - 4) = htonl(total & 0xffffffff);
+
+ return data_len < 56 ? 1 : 2;
+}
+
+#define PADLOCK_SHA_ALIGN(dd) (uint32_t*)(((uintptr_t)(dd) + 15) & ~15)
+#define PADLOCK_SHA_HWCTX (128+16)
+
+static void
+padlock_sha1(void *hwctx, const void *buf, unsigned long total, unsigned long now)
+{
+ unsigned long pos = total - now;
+
+ asm volatile ("xsha1"
+ : "+S"(buf), "+D"(hwctx), "+a"(pos), "+c"(total)
+ : : "memory");
+}
+
+static void
+padlock_sha1_partial(void *hwctx, const void *buf, unsigned long blocks)
+{
+ asm volatile ("xsha1"
+ : "+S"(buf), "+D"(hwctx), "+c"(blocks)
+ : "a"(-1L) : "memory");
+}
+
+static int padlock_sha1_init(EVP_MD_CTX *ctx)
+{
+ return SHA1_Init(ctx->md_data);
+}
+
+#if PADLOCK_NEED_FALLBACK_SHA
+
+static int padlock_sha1_update_eden(EVP_MD_CTX *ctx, const void *data,
+ size_t len)
+{
+ unsigned char hwctx[PADLOCK_SHA_HWCTX];
+ uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
+ SHA_CTX *c = ctx->md_data;
+ uint_fast64_t total;
+ const unsigned char *p = data;
+ unsigned long l = 0;
+
+ /* Calculate total length (Nl,Nh) is length in bits */
+ total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
+ total += len;
+
+ if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
+ (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
+ if (c->num != 0) {
+ l = (len < SHA_CBLOCK - c->num) ? len : (SHA_CBLOCK - c->num);
+ if (!SHA1_Update(c, data, l))
+ return 0;
+ p += l;
+ if (c->num != 0) {
+ p = (unsigned char *) c->data;
+ len = c->num;
+ l = 0;
+ }
+ }
+ memcpy(aligned, &c->h0, 5 * sizeof(SHA_LONG));
+ padlock_sha1(aligned, p, total, len - l);
+ memcpy(&c->h0, aligned, 5 * sizeof(SHA_LONG));
+ c->num = -1;
+ return 1;
+ }
+
+ return SHA1_Update(c, data, len);
+}
+#endif
+
+static int padlock_sha1_update(EVP_MD_CTX *ctx, const void *data,
+ size_t len)
+{
+ unsigned char hwctx[PADLOCK_SHA_HWCTX];
+ uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
+ SHA_CTX *c = ctx->md_data;
+ uint_fast64_t total;
+ unsigned char *p;
+ unsigned long n;
+
+ /* Calculate total length (Nl,Nh) is length in bits */
+ total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
+ total += len;
+ c->Nh = total >> 29;
+ c->Nl = (total << 3) & 0xffffffffUL;
+
+ memcpy(aligned, &c->h0, 5 * sizeof(SHA_LONG));
+
+ /* Check partial data */
+ n = c->num;
+ if (n) {
+ p = (unsigned char *) c->data;
+ if (len >= SHA_CBLOCK || len+n >= SHA_CBLOCK) {
+ memcpy(p+n, data, SHA_CBLOCK-n);
+ padlock_sha1_partial(aligned, p, 1);
+ n = SHA_CBLOCK - n;
+ data += n;
+ len -= n;
+ c->num = 0;
+ memset(p, 0, SHA_CBLOCK);
+ } else {
+ memcpy(p+n, data, len);
+ c->num += (unsigned int)len;
+ return 1;
+ }
+ }
+
+ /* Can we finalize straight away? */
+ if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
+ (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
+ padlock_sha1(aligned, data, total, len);
+ memcpy(&c->h0, aligned, 5 * sizeof(SHA_LONG));
+ c->num = -1;
+ return 1;
+ }
+
+ /* Use nonfinalizing update */
+ n = len / SHA_CBLOCK;
+ if (n != 0) {
+ padlock_sha1_partial(aligned, data, n);
+ data += n * SHA_CBLOCK;
+ len -= n * SHA_CBLOCK;
+ }
+ memcpy(&c->h0, aligned, 5 * sizeof(SHA_LONG));
+
+ /* Buffer remaining bytes */
+ if (len) {
+ memcpy(c->data, data, len);
+ c->num = len;
+ }
+
+ return 1;
+}
+
+static int padlock_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+ unsigned char hwctx[PADLOCK_SHA_HWCTX];
+ uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
+ uint64_t total;
+ SHA_CTX *c = ctx->md_data;
+
+ if (c->num == -1) {
+ padlock_copy_bswap(md, &c->h0, 5);
+ c->num = 0;
+ return 1;
+ }
+
+ total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
+#if PADLOCK_NEED_FALLBACK_SHA
+ if ((!PADLOCK_HAVE_NANO) && (total > PADLOCK_MAX_FINALIZING_LENGTH))
+ return SHA1_Final(md, c);
+#endif
+
+ memcpy(aligned, &c->h0, 5 * sizeof(SHA_LONG));
+ if (total > PADLOCK_MAX_FINALIZING_LENGTH) {
+ unsigned char padding[2 * SHA_CBLOCK];
+ unsigned long n;
+
+ n = padlock_sha_prepare_padding(ctx, padding,
+ (unsigned char *) c->data, c->num, total << 3);
+ padlock_sha1_partial(aligned, padding, n);
+ } else {
+ padlock_sha1(aligned, c->data, total, c->num);
+ }
+ padlock_copy_bswap(md, aligned, 5);
+ c->num = 0;
+
+ return 1;
+}
+
+static EVP_MD padlock_sha1_md = {
+ NID_sha1,
+ NID_sha1WithRSAEncryption,
+ SHA_DIGEST_LENGTH,
+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
+ padlock_sha1_init,
+ padlock_sha1_update,
+ padlock_sha1_final,
+ NULL,
+ NULL,
+ EVP_PKEY_RSA_method,
+ SHA_CBLOCK,
+ sizeof(SHA_CTX),
+};
+
+static EVP_MD padlock_dss1_md = {
+ NID_dsa,
+ NID_dsaWithSHA1,
+ SHA_DIGEST_LENGTH,
+ 0,
+ padlock_sha1_init,
+ padlock_sha1_update,
+ padlock_sha1_final,
+ NULL,
+ NULL,
+ EVP_PKEY_DSA_method,
+ SHA_CBLOCK,
+ sizeof(SHA_CTX),
+};
+
+
+#if !defined(OPENSSL_NO_SHA256)
+
+static void
+padlock_sha256(void *hwctx, const void *buf, unsigned long total, unsigned long now)
+{
+ unsigned long pos = total - now;
+
+ asm volatile ("xsha256"
+ : "+S"(buf), "+D"(hwctx), "+a"(pos), "+c"(total)
+ : : "memory");
+}
+
+static void
+padlock_sha256_partial(void *hwctx, const void *buf, unsigned long blocks)
+{
+ asm volatile ("xsha256"
+ : "+S"(buf), "+D"(hwctx), "+c"(blocks)
+ : "a"(-1L) : "memory");
+}
+
+#if PADLOCK_NEED_FALLBACK_SHA
+
+static int padlock_sha256_update_eden(EVP_MD_CTX *ctx, const void *data,
+ size_t len)
+{
+ unsigned char hwctx[PADLOCK_SHA_HWCTX];
+ uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
+ SHA256_CTX *c = ctx->md_data;
+ uint_fast64_t total;
+ const unsigned char *p = data;
+ unsigned int l = 0;
+
+ /* Calculate total length (Nl,Nh) is length in bits */
+ total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
+ total += len;
+
+ if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
+ (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
+ if (c->num != 0) {
+ l = (len < SHA256_CBLOCK - c->num) ? len : (SHA256_CBLOCK - c->num);
+ if (!SHA256_Update(c, data, l))
+ return 0;
+ p += l;
+ if (c->num != 0) {
+ p = (unsigned char *) c->data;
+ len = c->num;
+ l = 0;
+ }
+ }
+ memcpy(aligned, c->h, sizeof(c->h));
+ padlock_sha256(aligned, p, total, len - l);
+ memcpy(c->h, aligned, sizeof(c->h));
+ c->num = -1;
+ return 1;
+ }
+
+ return SHA256_Update(c, data, len);
+}
+
+#endif
+
+static int padlock_sha256_update(EVP_MD_CTX *ctx, const void *data,
+ size_t len)
+{
+ unsigned char hwctx[PADLOCK_SHA_HWCTX];
+ uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
+ SHA256_CTX *c = ctx->md_data;
+ uint_fast64_t total;
+ unsigned char *p;
+ unsigned long n;
+
+ /* Calculate total length (Nl,Nh) is length in bits */
+ total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
+ total += len;
+ c->Nh = total >> 29;
+ c->Nl = (total << 3) & 0xffffffffUL;
+
+ memcpy(aligned, c->h, sizeof(c->h));
+
+ /* Check partial data */
+ n = c->num;
+ if (n) {
+ p = (unsigned char *) c->data;
+ if (len >= SHA256_CBLOCK || len+n >= SHA256_CBLOCK) {
+ memcpy(p+n, data, SHA256_CBLOCK-n);
+ padlock_sha256_partial(aligned, p, 1);
+ n = SHA256_CBLOCK - n;
+ data += n;
+ len -= n;
+ c->num = 0;
+ memset(p, 0, SHA256_CBLOCK);
+ } else {
+ memcpy(p+n, data, len);
+ c->num += (unsigned int)len;
+ return 1;
+ }
+ }
+
+ /* Can we finalize straight away? */
+ if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
+ (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
+ padlock_sha256(aligned, data, total, len);
+ memcpy(c->h, aligned, sizeof(c->h));
+ c->num = -1;
+ return 1;
+ }
+
+ /* Use nonfinalizing update */
+ n = len / SHA256_CBLOCK;
+ if (n != 0) {
+ padlock_sha256_partial(aligned, data, n);
+ data += n * SHA256_CBLOCK;
+ len -= n * SHA256_CBLOCK;
+ }
+ memcpy(c->h, aligned, sizeof(c->h));
+
+ /* Buffer remaining bytes */
+ if (len) {
+ memcpy(c->data, data, len);
+ c->num = len;
+ }
+
+ return 1;
+}
+
+static int padlock_sha256_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+ unsigned char hwctx[PADLOCK_SHA_HWCTX];
+ uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
+ uint64_t total;
+ SHA256_CTX *c = ctx->md_data;
+
+ if (c->num == -1) {
+ padlock_copy_bswap(md, c->h, sizeof(c->h)/sizeof(c->h[0]));
+ c->num = 0;
+ return 1;
+ }
+
+ total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
+#if PADLOCK_NEED_FALLBACK_SHA
+ if ((!PADLOCK_HAVE_NANO) && (total > PADLOCK_MAX_FINALIZING_LENGTH))
+ return SHA256_Final(md, c);
+#endif
+
+ memcpy(aligned, c->h, sizeof(c->h));
+ if (total > PADLOCK_MAX_FINALIZING_LENGTH) {
+ unsigned char padding[2 * SHA_CBLOCK];
+ unsigned long n;
+
+ n = padlock_sha_prepare_padding(ctx, padding,
+ (unsigned char *) c->data, c->num, total << 3);
+ padlock_sha256_partial(aligned, padding, n);
+ } else {
+ padlock_sha256(aligned, c->data, total, c->num);
+ }
+ padlock_copy_bswap(md, aligned, sizeof(c->h)/sizeof(c->h[0]));
+ c->num = 0;
+ return 1;
+}
+
+#if !defined(OPENSSL_NO_SHA224)
+
+static int padlock_sha224_init(EVP_MD_CTX *ctx)
+{
+ return SHA224_Init(ctx->md_data);
+}
+
+static EVP_MD padlock_sha224_md = {
+ NID_sha224,
+ NID_sha224WithRSAEncryption,
+ SHA224_DIGEST_LENGTH,
+ 0,
+ padlock_sha224_init,
+ padlock_sha256_update,
+ padlock_sha256_final,
+ NULL,
+ NULL,
+ EVP_PKEY_RSA_method,
+ SHA_CBLOCK,
+ sizeof(SHA256_CTX),
+};
+#endif /* !OPENSSL_NO_SHA224 */
+
+static int padlock_sha256_init(EVP_MD_CTX *ctx)
+{
+ return SHA256_Init(ctx->md_data);
+}
+
+static EVP_MD padlock_sha256_md = {
+ NID_sha256,
+ NID_sha256WithRSAEncryption,
+ SHA256_DIGEST_LENGTH,
+ 0,
+ padlock_sha256_init,
+ padlock_sha256_update,
+ padlock_sha256_final,
+ NULL,
+ NULL,
+ EVP_PKEY_RSA_method,
+ SHA_CBLOCK,
+ sizeof(SHA256_CTX),
+};
+#endif /* !OPENSSL_NO_SHA256 */
+
+static int padlock_digest_nids[] = {
+#if !defined(OPENSSL_NO_SHA)
+ NID_sha1,
+ NID_dsa,
+#endif
+#if !defined(OPENSSL_NO_SHA256)
+#if !defined(OPENSSL_NO_SHA224)
+ NID_sha224,
+#endif
+ NID_sha256,
+#endif
+};
+
+static int padlock_digest_nids_num = sizeof(padlock_digest_nids)/sizeof(padlock_digest_nids[0]);
+
+static int
+padlock_digests (ENGINE *e, const EVP_MD **digest, const int **nids, int nid)
+{
+ /* No specific digest => return a list of supported nids ... */
+ if (!digest) {
+ *nids = padlock_digest_nids;
+ return padlock_digest_nids_num;
+ }
+
+ /* ... or the requested "digest" otherwise */
+ switch (nid) {
+#if !defined(OPENSSL_NO_SHA)
+ case NID_sha1:
+ *digest = &padlock_sha1_md;
+ break;
+ case NID_dsa:
+ *digest = &padlock_dss1_md;
+ break;
+#endif
+#if !defined(OPENSSL_NO_SHA256)
+#if !defined(OPENSSL_NO_SHA224)
+ case NID_sha224:
+ *digest = &padlock_sha224_md;
+ break;
+#endif /* OPENSSL_NO_SHA224 */
+ case NID_sha256:
+ *digest = &padlock_sha256_md;
+ break;
+#endif /* OPENSSL_NO_SHA256 */
+ default:
+ /* Sorry, we don't support this NID */
+ *digest = NULL;
+ return 0;
+ }
+
+ return 1;
+}
+
+#endif /* OPENSSL_NO_SHA */
+
+#ifndef PADLOCK_NO_RNG
+
/* ===== Random Number Generator ===== */
/*
* This code is not engaged. The reason is that it does not comply
@@ -1356,6 +1868,59 @@ static RAND_METHOD padlock_rand = {
padlock_rand_bytes, /* pseudorand */
padlock_rand_status, /* rand status */
};
+#endif /* PADLOCK_NO_RNG */
+
+/* Prepare the ENGINE structure for registration */
+static int
+padlock_bind_helper(ENGINE *e)
+{
+ /* Check available features */
+ padlock_available();
+
+ /* Generate a nice engine name with available features */
+ BIO_snprintf(padlock_name, sizeof(padlock_name),
+ "VIA PadLock: %s%s%s%s%s%s",
+ padlock_flags ? "" : "not supported",
+ PADLOCK_HAVE_RNG ? "RNG " : "",
+ PADLOCK_HAVE_ACE ? (PADLOCK_HAVE_ACE2 ? "ACE2 " : "ACE ") : "",
+ PADLOCK_HAVE_PHE ? "PHE " : "",
+ PADLOCK_HAVE_PMM ? "PMM " : "",
+ PADLOCK_HAVE_NANO ? "NANO " : ""
+ );
+
+#if PADLOCK_NEED_FALLBACK_SHA && !defined(OPENSSL_NO_SHA)
+ if (!PADLOCK_HAVE_NANO) {
+ padlock_sha1_md.update = padlock_sha1_update_eden;
+ padlock_dss1_md.update = padlock_sha1_update_eden;
+#if !defined(OPENSSL_NO_SHA256)
+#if !defined(OPENSSL_NO_SHA224)
+ padlock_sha224_md.update = padlock_sha256_update_eden;
+#endif
+ padlock_sha256_md.update = padlock_sha256_update_eden;
+#endif
+ }
+#endif
+
+ /* Register everything or return with an error */
+ if (!ENGINE_set_id(e, padlock_id) ||
+ !ENGINE_set_name(e, padlock_name) ||
+ !ENGINE_set_init_function(e, padlock_init)
+#ifndef OPENSSL_NO_AES
+ || (PADLOCK_HAVE_ACE && !ENGINE_set_ciphers (e, padlock_ciphers))
+#endif
+#ifndef OPENSSL_NO_SHA
+ || (PADLOCK_HAVE_PHE && !ENGINE_set_digests (e, padlock_digests))
+#endif
+#ifndef PADLOCK_NO_RNG
+ || (PADLOCK_HAVE_RNG && !ENGINE_set_RAND (e, &padlock_rand))
+#endif
+ ) {
+ return 0;
+ }
+
+ /* Everything looks good */
+ return 1;
+}
# else /* !COMPILE_HW_PADLOCK */
# ifndef OPENSSL_NO_DYNAMIC_ENGINE
--
2.2.2

View file

@ -1,33 +0,0 @@
From a58658f191e83f4c6417d2cc879fa572f7978537 Mon Sep 17 00:00:00 2001
From: Natanael Copa <ncopa@alpinelinux.org>
Date: Thu, 4 Feb 2016 16:28:15 +0100
Subject: [PATCH] crypto/engine: autoload padlock dynamic engine
---
crypto/engine/eng_all.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c
index 48ad0d2..822aa23 100644
--- a/crypto/engine/eng_all.c
+++ b/crypto/engine/eng_all.c
@@ -120,6 +120,16 @@ void ENGINE_load_builtin_engines(void)
ENGINE_load_capi();
# endif
#endif
+#ifdef OPENSSL_NO_STATIC_ENGINE
+ {
+ ENGINE *e = ENGINE_by_id("padlock");
+ if (e != NULL) {
+ ENGINE_add(e);
+ ENGINE_free(e);
+ ERR_clear_error();
+ }
+ }
+#endif
ENGINE_register_all_complete();
}
--
2.7.0

View file

@ -1,151 +0,0 @@
# Maintainer: Timo Teras <timo.teras@iki.fi>
pkgname=openssl10
_pkgname=openssl
pkgver=1.0.2o
pkgrel=1
pkgdesc="Toolkit for SSL v2/v3 and TLS v1"
url="http://openssl.org"
depends=
makedepends_build="perl"
makedepends_host="zlib-dev"
makedepends="$makedepends_host $makedepends_build"
depends_dev="zlib-dev"
arch="all"
license="openssl"
subpackages="$pkgname-dbg $pkgname-dev $pkgname-doc libcrypto1.0:libcrypto libssl1.0:libssl"
source="http://www.openssl.org/source/${_pkgname}-${pkgver}.tar.gz
0002-busybox-basename.patch
0003-use-termios.patch
0004-fix-default-ca-path-for-apps.patch
0005-fix-parallel-build.patch
0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
0009-no-rpath.patch
0010-ssl-env-zlib.patch
1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
1002-backport-changes-from-upstream-padlock-module.patch
1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
CVE-2018-0732.patch
"
# secfixes:
# 1.0.2h-r0:
# - CVE-2016-2107
# - CVE-2016-2105
# - CVE-2016-2106
# - CVE-2016-2109
# - CVE-2016-2176
# 1.0.2h-r1:
# - CVE-2016-2177
# - CVE-2016-2178
# 1.0.2h-r2:
# - CVE-2016-2180
# 1.0.2h-r3:
# - CVE-2016-2179
# - CVE-2016-2182
# - CVE-2016-6302
# - CVE-2016-6303
# 1.0.2h-r4:
# - CVE-2016-2181
# 1.0.2i-r0:
# - CVE-2016-2183
# - CVE-2016-6304
# - CVE-2016-6306
# 1.0.2m-r0:
# - CVE-2017-3735
# - CVE-2017-3736
# 1.0.2n-r0:
# - CVE-2017-3737
# - CVE-2017-3738
# 1.0.2o-r0:
# - CVE-2017-3738
# - CVE-2018-0733
# - CVE-2018-0739
# 1.0.2o-r1:
# - CVE-2018-0732
builddir="$srcdir"/$_pkgname-$pkgver
build() {
local _target _optflags
cd "$builddir"
# openssl will prepend crosscompile always core CC et al
CC=${CC#${CROSS_COMPILE}}
CXX=${CXX#${CROSS_COMPILE}}
CPP=${CPP#${CROSS_COMPILE}}
# determine target OS for openssl
case "$CARCH" in
aarch64*) _target="linux-aarch64" ;;
arm*) _target="linux-armv4" ;;
ppc64le) _target="linux-ppc64le" ;;
x86) _target="linux-elf" ;;
x86_64) _target="linux-x86_64"; _optflags="enable-ec_nistp_64_gcc_128" ;;
s390x) _target="linux64-s390x";;
*) msg "Unable to determine architecture from (CARCH=$CARCH)" ; return 1 ;;
esac
# Configure assumes --options are for it, so can't use
# gcc's --sysroot fake this by overriding CC
[ -n "$CBUILDROOT" ] && CC="$CC --sysroot=${CBUILDROOT}"
perl ./Configure $_target --prefix=/usr \
--libdir=lib \
--openssldir=/etc/ssl \
shared zlib enable-montasm enable-md2 $_optflags \
-DOPENSSL_NO_BUF_FREELISTS \
$CPPFLAGS $CFLAGS $LDFLAGS -Wa,--noexecstack \
enable-ssl2
make && make build-shared
}
check() {
cd "$builddir"
make -j1 test
}
package() {
cd "$builddir"
make INSTALL_PREFIX="$pkgdir" MANDIR=/usr/share/man MANSUFFIX=ssl install
# remove the script c_rehash
rm "$pkgdir"/usr/bin/c_rehash
}
libcrypto() {
pkgdesc="Crypto library from openssl"
mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib
for i in "$pkgdir"/usr/lib/libcrypto*; do
mv $i "$subpkgdir"/lib/
ln -s ../../lib/${i##*/} "$subpkgdir"/usr/lib/${i##*/}
done
mv "$pkgdir"/usr/lib/engines "$subpkgdir"/usr/lib/
}
libssl() {
pkgdesc="SSL shared libraries"
mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib
for i in "$pkgdir"/usr/lib/libssl*; do
mv $i "$subpkgdir"/lib/
ln -s ../../lib/${i##*/} "$subpkgdir"/usr/lib/${i##*/}
done
}
sha512sums="8a2c93657c85143e76785bb32ee836908c31a6f5f8db993fa9777acba6079e630cdddd03edbad65d1587199fc13a1507789eacf038b56eb99139c2091d9df7fd openssl-1.0.2o.tar.gz
2244f46cb18e6b98f075051dd2446c47f7590abccd108fbab707f168a20cad8d32220d704635973f09e3b2879f523be5160f1ffbc12ab3900f8a8891dc855c5c 0002-busybox-basename.patch
58e42058a0c8086c49d681b1e226da39a8cf8cb88c51cf739dec2ff12e1bb5d7208ac5033264b186d58e9bdfe992fe9ddb95701d01caf1824396b2cefe30c0a4 0003-use-termios.patch
c67472879a31b5dbdd313892df6d37e7c93e8c0237d406c30d50b1016c2618ead3c13277f5dc723ef1ceed092d36e3c15a9777daa844f59b9fa2b0a4f04fd9ae 0004-fix-default-ca-path-for-apps.patch
5d4191482f8bbf62c75fe6bc2d9587388022c3310703c2a913788a983b1d1406e706cf3916a5792604f0b0f220a87432d3b82b442cea9915f2abb6fdd8478fcb 0005-fix-parallel-build.patch
820d4ce1c222696fe3f1dd0d11815c06262ec230fdb174532fd507286667a0aefbf858ea5edac4245a54b950cd0556545ecd0c5cf494692a2ba131c667e7bcd5 0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
17ad683bb91a3a3c5bcc456c8aed7f0b42414c6de06ebafa4753af93c42d9827c9978a43d4d53d741a45df7f7895c6f6163172af57cc7b391cfd15f45ce6c351 0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
5dbbc01985190ae1254350fb12565beb6abb916b6a7bb1f0f22d9762b1e575d124aaf9aa4cfe5f908e420978f691072d48c61a72660f09dfd6d9a2f83f862bc1 0009-no-rpath.patch
5febe20948e3f12d981e378e1f4ea538711657aacb6865a1aa91339d4a04277e250f490a1f2abc2c6f290bdc2b1bffdba1d00983b4c09f7ea983eef8163f9420 0010-ssl-env-zlib.patch
8c181760d7a149aa18d246d50f1c0438ffb63c98677b05306dfc00400ad0429b47d31e7c8d85126005c67f743d23e7a8a81174ffe98556f4caf9cf6b04d9ff17 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
a3555440b5f544bfd6b9ad97557d8f4c1d673f6a35219f65056a72035d186be5f354717ddf9784899b602464d48657b090ade24379552d43af97609c0f48c389 1002-backport-changes-from-upstream-padlock-module.patch
6353c7a94016c20db5d683dde37775f6780952ecdb1a5f39f878d04ba37f6ad79ae10fb6d65d181d912505a5d1e22463004cd855d548b364c00b120da2b0fdbc 1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
ff91298629f157496a012da00ba7325923f5d087bfa54b60e205bf2dfb06374e958912e0df39dbdf39773555455c1a3afa3dcde1ddfec6e85cf89b0b62cc0eb4 CVE-2018-0732.patch"

View file

@ -1,39 +0,0 @@
From 3984ef0b72831da8b3ece4745cac4f8575b19098 Mon Sep 17 00:00:00 2001
From: Guido Vranken <guidovranken@gmail.com>
Date: Mon, 11 Jun 2018 19:38:54 +0200
Subject: [PATCH] Reject excessively large primes in DH key generation.
CVE-2018-0732
Signed-off-by: Guido Vranken <guidovranken@gmail.com>
(cherry picked from commit 91f7361f47b082ae61ffe1a7b17bb2adf213c7fe)
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6457)
---
crypto/dh/dh_key.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index 387558f1467..f235e0d682b 100644
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -130,10 +130,15 @@ static int generate_key(DH *dh)
int ok = 0;
int generate_new_key = 0;
unsigned l;
- BN_CTX *ctx;
+ BN_CTX *ctx = NULL;
BN_MONT_CTX *mont = NULL;
BIGNUM *pub_key = NULL, *priv_key = NULL;
+ if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
+ DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE);
+ return 0;
+ }
+
ctx = BN_CTX_new();
if (ctx == NULL)
goto err;

View file

@ -1,5 +1,5 @@
# Maintainer: Maxime Gauduin <alucryd@archlinux.org>
# Contributor: Daniel Bermond <dbermond@archlinux.org>
# Maintainer: Antoine Martin (ayakael) <dev@ayakael.net)
# Contributor: Antoine Martin (ayakael) <dev@ayakael.net)
pkgname=amf-headers
pkgver=1.4.21

View file

@ -1,6 +1,5 @@
# Maintainer: Giovanni Scafora <giovanni@archlinux.org>
# Contributor: Alexander 'dma147' Mieland <dma147@linux-stats.org>
# Contributor: Simon Morgan <simon@16hz.net>
# Maintainer: Antoine Martin (ayakael) <dev@ayakael.net>
# Contributor: Antoine Martin (ayakael) <dev@ayakael.net>
pkgname=chmlib
pkgver=0.40

View file

@ -183,7 +183,6 @@ build() {
--enable-libvpx \
--enable-libx264 \
--enable-libx265 \
--enable-opencl \
--enable-vaapi \
--enable-amf \
--enable-cuvid \
@ -198,6 +197,7 @@ build() {
# --enable-cuda-llvm \
# --enable-cuda \
# --enable-libmfx \
# --enable-opencl \
make
${CC:-gcc} -o tools/qt-faststart $CFLAGS tools/qt-faststart.c

Some files were not shown because too many files have changed in this diff Show more