Google Git
Sign in
chromium/apps/libapps/da6ab8373726dcc1f8cf90d092be6db6ed25a5d2/./ssh_client/third_party/openssl/nacl.patch
blob: 7157ec3ad88c4e839ccef5606b434d509a76545c [file]
--- a/Configure
+++ b/Configure
@@ -419,6 +419,14 @@ my %table=(
"linux-x86_64-icc", "icc:-DL_ENDIAN -O2::-D_REENTRANT::-ldl -no_cpprt:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
"linux-x32", "gcc:-mx32 -DL_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::x32",
"linux64-s390x", "gcc:-m64 -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+
+#### NaCl configurations (glibc is much like linux-elf, newlib is
+# similar to linux-aout, since it's statically linked.
+"nacl-le32newlib", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
+"nacl-le32bionic", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"nacl-le32glibc", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"wasm32", "gcc:-DL_ENDIAN -DTERMIOS -O2 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
+
#### So called "highgprs" target for z/Architecture CPUs
# "Highgprs" is kernel feature first implemented in Linux 2.6.32, see
# /proc/cpuinfo. The idea is to preserve most significant bits of
@@ -932,6 +939,10 @@ PROCESS_ARGS:
# The check for the option is there so scripts aren't
# broken
}
+ elsif (/^[\/]/) # allow '-isystem /foo/bar' flags
+ {
+ $flags.=$_." ";
+ }
elsif (/^[-+]/)
{
if (/^--prefix=(.*)$/)
--- a/config
+++ b/config
@@ -679,6 +679,10 @@ case "$GUESSOS" in
#fi
OUT="linux64-s390x"
;;
+ le32newlib-*-nacl) OUT="nacl-le32newlib" ;;
+ le32bionic-*-nacl) OUT="nacl-le32bionic" ;;
+ le32glibc-*-nacl) OUT="nacl-le32glibc" ;;
+ wasm32*) OUT="wasm32" ;;
x86_64-*-linux?) OUT="linux-x86_64" ;;
*86-*-linux2) OUT="linux-elf"
if [ "$GCCVER" -gt 28 ]; then
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -134,7 +134,30 @@
# define FD_SETSIZE (8*sizeof(fd_set))
# endif
-# if defined(OPENSSL_SYS_VOS)
+#if defined(__native_client__)
+#include <stdlib.h>
+#include <irt.h>
+/* TODO(sehr): remove this patch when nacl_io can handle /dev/urandom. */
+int RAND_poll(void)
+{
+ unsigned char buf[ENTROPY_NEEDED];
+ size_t n = 0;
+ struct nacl_irt_random rand_intf;
+ if (nacl_interface_query(NACL_IRT_RANDOM_v0_1, &rand_intf, sizeof(rand_intf))
+ != sizeof(rand_intf))
+ abort();
+ while (n < sizeof(buf)) {
+ size_t nread;
+ if (rand_intf.get_random_bytes((unsigned char *)buf+n,
+ ENTROPY_NEEDED-n, &nread) != 0)
+ abort();
+ n += nread;
+ }
+ RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
+ memset(buf, 0, sizeof(buf));
+ return 1;
+}
+#elif defined(OPENSSL_SYS_VOS)
/*
* The following algorithm repeatedly samples the real-time clock (RTC) to
@@ -245,7 +245,7 @@
}
return 1;
}
-# elif defined __OpenBSD__
+# elif defined __OpenBSD__ || defined __wasm__
int RAND_poll(void)
{
u_int32_t rnd = 0, i;
we have to revert this change as it causes crashes at startup
https://github.com/openssl/openssl/commit/104ce8a9f02d250dd43c255eb7b8747e81b29422#diff-4818ba1aaac04d28ae24c1c0150b8212
--- a/crypto/mem_clr.c
+++ b/crypto/mem_clr.c
@@ -60,16 +60,22 @@
#include <string.h>
#include <openssl/crypto.h>
+unsigned char cleanse_ctr = 0;
-/*
- * Pointer to memset is volatile so that compiler must de-reference
- * the pointer and can't assume that it points to any function in
- * particular (such as memset, which it then might further "optimize")
- */
-typedef void *(*memset_t)(void *,int,size_t);
-
-static volatile memset_t memset_func = memset;
void OPENSSL_cleanse(void *ptr, size_t len)
{
+ unsigned char *p = ptr;
+ size_t loop = len, ctr = cleanse_ctr;
+
+ if (ptr == NULL)
+ return;
+
+ while (loop--) {
+ *(p++) = (unsigned char)ctr;
+ ctr += (17 + ((size_t)p & 0xF));
+ }
+ p = memchr(ptr, (unsigned char)ctr, len);
+ if (p)
+ ctr += (63 + (size_t)p);
+ cleanse_ctr = (unsigned char)ctr;
- memset_func(ptr, 0, len);
}
this module gets rand numbers over a unix socket which we don't care about
--- a/crypto/rand/rand_egd.c
+++ b/crypto/rand/rand_egd.c
@@ -95,7 +95,7 @@
* RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
*/
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_BEOS)
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_BEOS) || defined(__native_client__) || defined(__wasm__)
int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
{
return (-1);