Unapplying patches to prevent spurious conflicts.

parent 3967dc65
diff --git a/Cryptlib/SysCall/BaseMemAllocation.c b/Cryptlib/SysCall/BaseMemAllocation.c
index 68bc25a..1abe78e 100644
--- a/Cryptlib/SysCall/BaseMemAllocation.c
+++ b/Cryptlib/SysCall/BaseMemAllocation.c
@@ -32,7 +32,7 @@ void *realloc (void *ptr, size_t size)
// BUG: hardcode OldSize == size! We have no any knowledge about
// memory size of original pointer ptr.
//
- return ReallocatePool ((UINTN)size, (UINTN)size, ptr);
+ return ReallocatePool (ptr, (UINTN)size, (UINTN)size);
}
/* De-allocates or frees a memory block */
diff --git a/Cryptlib/SysCall/TimerWrapper.c b/Cryptlib/SysCall/TimerWrapper.c
index 805e6b4..bb7bcba 100644
--- a/Cryptlib/SysCall/TimerWrapper.c
+++ b/Cryptlib/SysCall/TimerWrapper.c
@@ -13,9 +13,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
-#include <Uefi.h>
#include <OpenSslSupport.h>
-#include <Library/UefiRuntimeServicesTableLib.h>
//
// -- Time Management Routines --
@@ -78,7 +76,7 @@ time_t time (time_t *timer)
//
// Get the current time and date information
//
- gRT->GetTime (&Time, NULL);
+ uefi_call_wrapper(RT->GetTime, 2, &Time, NULL);
//
// Years Handling
diff --git a/Cryptlib/SysCall/CrtWrapper.c b/Cryptlib/SysCall/CrtWrapper.c
index fb446b6..5a8322d 100644
--- a/Cryptlib/SysCall/CrtWrapper.c
+++ b/Cryptlib/SysCall/CrtWrapper.c
@@ -293,16 +293,6 @@ size_t fwrite (const void *buffer, size_t size, size_t count, FILE *stream)
// -- Dummy OpenSSL Support Routines --
//
-int BIO_printf (void *bio, const char *format, ...)
-{
- return 0;
-}
-
-int BIO_snprintf(char *buf, size_t n, const char *format, ...)
-{
- return 0;
-}
-
void *UI_OpenSSL(void)
{
return NULL;
#ifndef HEADER_OPENSSLV_H
#define HEADER_OPENSSLV_H
/* Numeric release version identifier:
* MNNFFPPS: major minor fix patch status
* The status nibble has one of the values 0 for development, 1 to e for betas
* 1 to 14, and f for release. The patch level is exactly that.
* For example:
* 0.9.3-dev 0x00903000
* 0.9.3-beta1 0x00903001
* 0.9.3-beta2-dev 0x00903002
* 0.9.3-beta2 0x00903002 (same as ...beta2-dev)
* 0.9.3 0x0090300f
* 0.9.3a 0x0090301f
* 0.9.4 0x0090400f
* 1.2.3z 0x102031af
*
* For continuity reasons (because 0.9.5 is already out, and is coded
* 0x00905100), between 0.9.5 and 0.9.6 the coding of the patch level
* part is slightly different, by setting the highest bit. This means
* that 0.9.5a looks like this: 0x0090581f. At 0.9.6, we can start
* with 0x0090600S...
*
* (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.)
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
#define OPENSSL_VERSION_NUMBER 0x0090817fL
#ifdef OPENSSL_FIPS
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8w-fips 23 Apr 2012"
#else
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8w 23 Apr 2012"
#endif
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
/* The macros below are to be used for shared library (.so, .dll, ...)
* versioning. That kind of versioning works a bit differently between
* operating systems. The most usual scheme is to set a major and a minor
* number, and have the runtime loader check that the major number is equal
* to what it was at application link time, while the minor number has to
* be greater or equal to what it was at application link time. With this
* scheme, the version number is usually part of the file name, like this:
*
* libcrypto.so.0.9
*
* Some unixen also make a softlink with the major verson number only:
*
* libcrypto.so.0
*
* On Tru64 and IRIX 6.x it works a little bit differently. There, the
* shared library version is stored in the file, and is actually a series
* of versions, separated by colons. The rightmost version present in the
* library when linking an application is stored in the application to be
* matched at run time. When the application is run, a check is done to
* see if the library version stored in the application matches any of the
* versions in the version string of the library itself.
* This version string can be constructed in any way, depending on what
* kind of matching is desired. However, to implement the same scheme as
* the one used in the other unixen, all compatible versions, from lowest
* to highest, should be part of the string. Consecutive builds would
* give the following versions strings:
*
* 3.0
* 3.0:3.1
* 3.0:3.1:3.2
* 4.0
* 4.0:4.1
*
* Notice how version 4 is completely incompatible with version, and
* therefore give the breach you can see.
*
* There may be other schemes as well that I haven't yet discovered.
*
* So, here's the way it works here: first of all, the library version
* number doesn't need at all to match the overall OpenSSL version.
* However, it's nice and more understandable if it actually does.
* The current library version is stored in the macro SHLIB_VERSION_NUMBER,
* which is just a piece of text in the format "M.m.e" (Major, minor, edit).
* For the sake of Tru64, IRIX, and any other OS that behaves in similar ways,
* we need to keep a history of version numbers, which is done in the
* macro SHLIB_VERSION_HISTORY. The numbers are separated by colons and
* should only keep the versions that are binary compatible with the current.
*/
#define SHLIB_VERSION_HISTORY ""
#define SHLIB_VERSION_NUMBER "0.9.8"
#endif /* HEADER_OPENSSLV_H */
ARCH = $(shell uname -m | sed s,i[3456789]86,ia32,)
LIB_PATH = /usr/lib64
EFI_INCLUDE = /usr/include/efi
EFI_INCLUDES = -nostdinc -IInclude -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol
EFI_PATH = /usr/lib64/gnuefi
LIB_GCC = $(shell $(CC) -print-libgcc-file-name)
EFI_LIBS = -lefi -lgnuefi $(LIB_GCC)
CFLAGS = -ggdb -O0 -I. -fno-stack-protector -fno-strict-aliasing -fpic -fshort-wchar \
-Wall $(EFI_INCLUDES) -mno-red-zone -maccumulate-outgoing-args -mno-sse -mno-mmx
ifeq ($(ARCH),x86_64)
CFLAGS += -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI
endif
LDFLAGS = -nostdlib -znocombreloc
TARGET = libcryptlib.a
OBJS = Hash/CryptMd4.o \
Hash/CryptMd5.o \
Hash/CryptSha1.o \
Hash/CryptSha256.o \
Hmac/CryptHmacMd5.o \
Hmac/CryptHmacSha1.o \
Cipher/CryptAes.o \
Cipher/CryptTdes.o \
Cipher/CryptArc4.o \
Rand/CryptRand.o \
Pk/CryptRsaBasic.o \
Pk/CryptRsaExt.o \
Pk/CryptPkcs7.o \
Pk/CryptDh.o \
Pk/CryptX509.o \
Pk/CryptAuthenticode.o \
Pem/CryptPem.o \
SysCall/CrtWrapper.o \
SysCall/TimerWrapper.o \
SysCall/BaseMemAllocation.o \
SysCall/BaseStrings.o
all: $(TARGET)
libcryptlib.a: $(OBJS)
ar rcs libcryptlib.a $(OBJS)
clean:
rm -f $(TARGET) $(OBJS)
/* o_init.c */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
/* ====================================================================
* Copyright (c) 2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <e_os.h>
#include <openssl/err.h>
/* Internal only functions: only ever used here */
#ifdef OPENSSL_FIPS
extern void int_ERR_lib_init(void);
# ifndef OPENSSL_NO_ENGINE
extern void int_EVP_MD_init_engine_callbacks(void );
extern void int_EVP_CIPHER_init_engine_callbacks(void );
extern void int_RAND_init_engine_callbacks(void );
# endif
#endif
/* Perform any essential OpenSSL initialization operations.
* Currently only sets FIPS callbacks
*/
void OPENSSL_init(void)
{
#ifdef OPENSSL_FIPS
static int done = 0;
if (!done)
{
int_ERR_lib_init();
#ifdef CRYPTO_MDEBUG
CRYPTO_malloc_debug_init();
#endif
#ifndef OPENSSL_NO_ENGINE
int_EVP_MD_init_engine_callbacks();
int_EVP_CIPHER_init_engine_callbacks();
int_RAND_init_engine_callbacks();
#endif
done = 1;
}
#endif
}
This diff is collapsed.
prototypes
second-stage-path
sbsigntool-not-pesign
0001-Update-openssl-to-0.9.8za.patch
CVE-2014-3675.patch
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
......@@ -6,8 +6,8 @@ index 68bc25a..1abe78e 100644
// BUG: hardcode OldSize == size! We have no any knowledge about
// memory size of original pointer ptr.
//
- return ReallocatePool ((UINTN) size, (UINTN) size, ptr);
+ return ReallocatePool (ptr, (UINTN) size, (UINTN) size);
- return ReallocatePool ((UINTN)size, (UINTN)size, ptr);
+ return ReallocatePool (ptr, (UINTN)size, (UINTN)size);
}
/* De-allocates or frees a memory block */
......
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
......@@ -116,7 +116,7 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
int pad=0,ret,i,neg;
unsigned char *p,*n,pb=0;
if (a == NULL) return(0);
if ((a == NULL) || (a->data == NULL)) return(0);
neg=a->type & V_ASN1_NEG;
if (a->length == 0)
ret=1;
......
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment