Browse Source

Move patches to specific folder

new-scoring
aeris 1 month ago
parent
commit
e47888fdac

+ 47
- 47
Makefile View File

@@ -1,10 +1,10 @@
PWD = $(shell pwd)
OPENSSL_LIB_VERSION = 1.0.0
OPENSSL_VERSION = 1.0.2g
OPENSSL_VERSION = 1.0.2j
OPENSSL_NAME = openssl-$(OPENSSL_VERSION)
OPENSSL_DIR = build/$(OPENSSL_NAME)
RUBY_MAJOR_VERSION = 2.3
RUBY_VERSION = $(RUBY_MAJOR_VERSION).3
RUBY_VERSION = $(RUBY_MAJOR_VERSION).8
RUBY_NAME = ruby-$(RUBY_VERSION)
RUBY_DIR = build/$(RUBY_NAME)
RUBY_OPENSSL_EXT_DIR = $(RUBY_DIR)/ext/openssl
@@ -12,7 +12,7 @@ RBENV_DIR = $(RBENV_ROOT)/versions/$(RUBY_VERSION)-cryptcheck
RUBY_LIB_DIR = $(RBENV_DIR)/lib/ruby/$(RUBY_MAJOR_VERSION).0
RBENV_ROOT ?= ~/.rbenv
export LIBRARY_PATH ?= $(PWD)/lib
export C_INCLUDE_PATH ?= $(PWD)/$(OPENSSL_DIR)/include
export C_INCLUDE_PATH ?= $(PWD)/build/openssl/include
export LD_LIBRARY_PATH ?= $(PWD)/lib

.SECONDARY:
@@ -22,49 +22,52 @@ all: libs ext

clean: clean-libs clean-ext
clean-libs:
[ -d $(OPENSSL_DIR) ] \
&& find $(OPENSSL_DIR) \( -name "*.o" -o -name "*.so" \) -delete \
[ -d "build/openssl/" ] \
&& find "build/openssl/" \( -name "*.o" -o -name "*.so" \) -delete \
|| true
rm -f lib/libcrypto.so* lib/libssl.so* $(OPENSSL_DIR)/Makefile
rm -f lib/libcrypto.so* lib/libssl.so* "build/openssl//Makefile"
clean-ext:
[ -d $(RUBY_OPENSSL_EXT_DIR) ] \
&& find $(RUBY_OPENSSL_EXT_DIR) \( -name "*.o" -o -name "*.so" \) -delete \
[ -d "$(RUBY_OPENSSL_EXT_DIR)" ] \
&& find "$(RUBY_OPENSSL_EXT_DIR)" \( -name "*.o" -o -name "*.so" \) -delete \
|| true
rm -f lib/openssl.so
mr-proper:
rm -rf lib/libcrypto.so* lib/libssl.so* lib/openssl.so build

build/:
mkdir $@
mkdir "$@"

build/chacha-poly.patch: | build/
wget https://github.com/cloudflare/sslconfig/raw/master/patches/openssl__chacha20_poly1305_draft_and_rfc_ossl102g.patch -O $@
wget https://github.com/cloudflare/sslconfig/raw/master/patches/openssl__chacha20_poly1305_draft_and_rfc_ossl102j.patch -O "$@"

build/$(OPENSSL_NAME).tar.gz: | build/
wget https://www.openssl.org/source/$(OPENSSL_NAME).tar.gz -O $@
wget "https://www.openssl.org/source/$(OPENSSL_NAME).tar.gz" -O "$@"

build/openssl/: | $(OPENSSL_DIR)/
ln -s "$(OPENSSL_NAME)" "build/openssl"

$(OPENSSL_DIR)/: build/$(OPENSSL_NAME).tar.gz build/chacha-poly.patch
tar -C build -xf build/$(OPENSSL_NAME).tar.gz
patch -d $(OPENSSL_DIR) -p1 < build/chacha-poly.patch
patch -d $(OPENSSL_DIR) -p1 < disable_digest_check.patch
tar -C build -xf "build/$(OPENSSL_NAME).tar.gz"
patch -d "$(OPENSSL_DIR)" -p1 < build/chacha-poly.patch
patch -d "$(OPENSSL_DIR)" -p1 < patches/openssl/00_disable_digest_check.patch

$(OPENSSL_DIR)/Makefile: | $(OPENSSL_DIR)/
build/openssl/Makefile: | build/openssl/
#cd $(OPENSSL_DIR) && ./Configure enable-ssl2 enable-ssl3 enable-weak-ssl-ciphers enable-zlib enable-rc5 enable-rc2 enable-gost enable-md2 enable-mdc2 enable-shared linux-x86_64
#cd $(OPENSSL_DIR) && ./config enable-ssl2 enable-ssl3 enable-md2 enable-rc5 enable-weak-ssl-ciphers shared
cd $(OPENSSL_DIR) && ./config enable-ssl2 enable-ssl3 enable-ssl3-method enable-md2 enable-rc5 enable-weak-ssl-ciphers enable-shared
cd build/openssl/ && ./config enable-ssl2 enable-ssl3 enable-ssl3-method enable-md2 enable-rc5 enable-weak-ssl-ciphers enable-shared

$(OPENSSL_DIR)/libssl.so \
$(OPENSSL_DIR)/libcrypto.so: $(OPENSSL_DIR)/Makefile
$(MAKE) -C $(OPENSSL_DIR)
build/openssl/libssl.so \
build/openssl/libcrypto.so: build/openssl/Makefile
$(MAKE) -C build/openssl/

install-openssl: $(OPENSSL_DIR)/Makefile
$(MAKE) -C $(OPENSSL_DIR) install
install-openssl: build/openssl/Makefile
$(MAKE) -C build/openssl/ install

LIBS = lib/libssl.so lib/libcrypto.so lib/libssl.so.$(OPENSSL_LIB_VERSION) lib/libcrypto.so.$(OPENSSL_LIB_VERSION)
lib/%.so: $(OPENSSL_DIR)/%.so
cp $< $@
lib/%.so: build/openssl/%.so
cp "$<" "$@"
lib/%.so.$(OPENSSL_LIB_VERSION): lib/%.so
ln -fs $(notdir $(subst .$(OPENSSL_LIB_VERSION),,$@)) $@
ln -fs "$(notdir $(subst .$(OPENSSL_LIB_VERSION),,$@))" "$@"
libs: $(LIBS)

$(RBENV_ROOT)/:
@@ -76,56 +79,53 @@ $(RBENV_ROOT)/plugins/ruby-build/: | $(RBENV_ROOT)/
$(RBENV_ROOT)/plugins/ruby-build/share/ruby-build/$(RUBY_VERSION): | $(RBENV_ROOT)/plugins/ruby-build/

build/$(RUBY_VERSION)-cryptcheck: $(RBENV_ROOT)/plugins/ruby-build/share/ruby-build/$(RUBY_VERSION)
cp $< $@
cp "$<" "$@"

install-rbenv: build/$(RUBY_VERSION)-cryptcheck

install-rbenv-cryptcheck: build/$(RUBY_VERSION)-cryptcheck $(LIBS) | $(OPENSSL_DIR)/
cat tmp_key.patch set_ecdh_curves.patch fallback_scsv.patch multiple_certs.patch | \
RUBY_BUILD_CACHE_PATH=$(PWD)/build \
RUBY_BUILD_DEFINITIONS=$(PWD)/build \
rbenv install -fp $(RUBY_VERSION)-cryptcheck
# rbenv sequester $(RUBY_VERSION)-cryptcheck
rbenv local $(RUBY_VERSION)-cryptcheck
install-rbenv-cryptcheck: build/$(RUBY_VERSION)-cryptcheck $(LIBS) | build/openssl/
cat patches/ruby/*.patch | \
RUBY_BUILD_CACHE_PATH="$(PWD)/build" \
RUBY_BUILD_DEFINITIONS="$(PWD)/build" \
rbenv install -fp "$(RUBY_VERSION)-cryptcheck"
rbenv local "$(RUBY_VERSION)-cryptcheck"
gem update --system
gem install bundler
bundle install --without test development
# bundle install --without test development

$(RUBY_LIB_DIR)/openssl/ssl.rb: $(RUBY_OPENSSL_EXT_DIR)/lib/openssl/ssl.rb
cp $< $@
cp "$<" "$@"

$(RUBY_LIB_DIR)/x86_64-linux/openssl.so: $(RUBY_OPENSSL_EXT_DIR)/openssl.so
cp $< $@
cp "$<" "$@"

sync-ruby: $(RUBY_LIB_DIR)/openssl/ssl.rb $(RUBY_LIB_DIR)/x86_64-linux/openssl.so

build/$(RUBY_NAME).tar.xz: | build/
wget http://cache.ruby-lang.org/pub/ruby/$(RUBY_MAJOR_VERSION)/$(RUBY_NAME).tar.xz -O $@
wget "http://cache.ruby-lang.org/pub/ruby/$(RUBY_MAJOR_VERSION)/$(RUBY_NAME).tar.xz" -O "$@"

$(RUBY_DIR)/: build/$(RUBY_NAME).tar.xz
tar -C build -xf $<
patch -d $@ -p1 < tmp_key.patch
patch -d $@ -p1 < set_ecdh_curves.patch
patch -d $@ -p1 < fallback_scsv.patch
patch -d $@ -p1 < multiple_certs.patch
tar -C build -xf "$<"
for p in patches/ruby/*.patch; do patch -d "$@" -p1 < $i; done

$(RUBY_OPENSSL_EXT_DIR)/Makefile: libs | $(RUBY_DIR)/
cd $(RUBY_OPENSSL_EXT_DIR) && ruby extconf.rb
cd "$(RUBY_OPENSSL_EXT_DIR)" && ruby extconf.rb

$(RUBY_OPENSSL_EXT_DIR)/openssl.so: $(LIBS) $(RUBY_OPENSSL_EXT_DIR)/Makefile
top_srcdir=../.. $(MAKE) -C $(RUBY_OPENSSL_EXT_DIR)
top_srcdir=../.. $(MAKE) -C "$(RUBY_OPENSSL_EXT_DIR)"

lib/openssl.so: $(RUBY_OPENSSL_EXT_DIR)/openssl.so
cp $< $@
cp "$<" "$@"

ext: lib/openssl.so

install-ruby: $(RUBY_DIR)/
cd $(RUBY_DIR)/ && ./configure --enable-shared --disable-install-rdoc && make install
cd "$(RUBY_DIR)/" && ./configure --enable-shared --disable-install-rdoc && make install

spec/faketime/libfaketime.so: spec/faketime/faketime.c spec/faketime/faketime.h
$(CC) $^ -o $@ -shared -fPIC -ldl -std=c99 -Werror -Wall
$(CC) "$^" -o "$@" -shared -fPIC -ldl -std=c99 -Werror -Wall
lib/libfaketime.so: spec/faketime/libfaketime.so
ln -fs ../$< $@
ln -fs "../$<" "$@"
faketime: lib/libfaketime.so

test-material:

disable_digest_check.patch → patches/openssl/00_disable_digest_check.patch View File


tmp_key.patch → patches/ruby/01_tmp_key.patch View File


set_ecdh_curves.patch → patches/ruby/02_set_ecdh_curves.patch View File


fallback_scsv.patch → patches/ruby/03_fallback_scsv.patch View File


multiple_certs.patch → patches/ruby/04_multiple_certs.patch View File


+ 137
- 0
patches/ruby/05_resolv_rr_length.patch.disabled View File

@@ -0,0 +1,137 @@
--- a/lib/resolv.rb 2017-10-29 13:02:49.280729153 +0100
+++ b/lib/resolv.rb 2017-10-29 13:02:37.340717366 +0100
@@ -1644,7 +1641,7 @@
name = self.get_name
type, klass, ttl = self.get_unpack('nnN')
typeclass = Resource.get_class(type, klass)
- res = self.get_length16 { typeclass.decode_rdata self }
+ res = self.get_length16 { |l| typeclass.decode_rdata self, l }
res.instance_variable_set :@ttl, ttl
return name, ttl, res
end
@@ -1659,7 +1656,7 @@
raise EncodeError.new("#{self.class} is query.")
end

- def self.decode_rdata(msg) # :nodoc:
+ def self.decode_rdata(msg, len) # :nodoc:
raise DecodeError.new("#{self.class} is query.")
end
end
@@ -1680,7 +1677,7 @@
raise NotImplementedError.new
end

- def self.decode_rdata(msg) # :nodoc:
+ def self.decode_rdata(msg, len) # :nodoc:
raise NotImplementedError.new
end

@@ -1737,7 +1734,7 @@
msg.put_bytes(data)
end

- def self.decode_rdata(msg) # :nodoc:
+ def self.decode_rdata(msg, _) # :nodoc:
return self.new(msg.get_bytes)
end

@@ -1772,7 +1769,7 @@
msg.put_name(@name)
end

- def self.decode_rdata(msg) # :nodoc:
+ def self.decode_rdata(msg, _) # :nodoc:
return self.new(msg.get_name)
end
end
@@ -1860,7 +1857,7 @@
msg.put_pack('NNNNN', @serial, @refresh, @retry, @expire, @minimum)
end

- def self.decode_rdata(msg) # :nodoc:
+ def self.decode_rdata(msg, _) # :nodoc:
mname = msg.get_name
rname = msg.get_name
serial, refresh, retry_, expire, minimum = msg.get_unpack('NNNNN')
@@ -1906,7 +1903,7 @@
msg.put_string(@os)
end

- def self.decode_rdata(msg) # :nodoc:
+ def self.decode_rdata(msg, _) # :nodoc:
cpu = msg.get_string
os = msg.get_string
return self.new(cpu, os)
@@ -1940,7 +1937,7 @@
msg.put_name(@emailbx)
end

- def self.decode_rdata(msg) # :nodoc:
+ def self.decode_rdata(msg, _) # :nodoc:
rmailbx = msg.get_string
emailbx = msg.get_string
return self.new(rmailbx, emailbx)
@@ -1978,7 +1975,7 @@
msg.put_name(@exchange)
end

- def self.decode_rdata(msg) # :nodoc:
+ def self.decode_rdata(msg, _) # :nodoc:
preference, = msg.get_unpack('n')
exchange = msg.get_name
return self.new(preference, exchange)
@@ -2012,7 +2009,7 @@
msg.put_string_list(@strings)
end

- def self.decode_rdata(msg) # :nodoc:
+ def self.decode_rdata(msg, _) # :nodoc:
strings = msg.get_string_list
return self.new(*strings)
end
@@ -2089,7 +2086,7 @@
msg.put_bytes(@altitude.altitude)
end

- def self.decode_rdata(msg) # :nodoc:
+ def self.decode_rdata(msg, _) # :nodoc:
version = msg.get_bytes(1)
ssize = msg.get_bytes(1)
hprecision = msg.get_bytes(1)
@@ -2159,7 +2156,7 @@
msg.put_bytes(@address.address)
end

- def self.decode_rdata(msg) # :nodoc:
+ def self.decode_rdata(msg, _) # :nodoc:
return self.new(IPv4.new(msg.get_bytes(4)))
end
end
@@ -2204,7 +2201,7 @@
msg.put_bytes(@bitmap)
end

- def self.decode_rdata(msg) # :nodoc:
+ def self.decode_rdata(msg, _) # :nodoc:
address = IPv4.new(msg.get_bytes(4))
protocol, = msg.get_unpack("n")
bitmap = msg.get_bytes
@@ -2236,7 +2233,7 @@
msg.put_bytes(@address.address)
end

- def self.decode_rdata(msg) # :nodoc:
+ def self.decode_rdata(msg, _) # :nodoc:
return self.new(IPv6.new(msg.get_bytes(16)))
end
end
@@ -2306,7 +2303,7 @@
msg.put_name(@target)
end

- def self.decode_rdata(msg) # :nodoc:
+ def self.decode_rdata(msg, _) # :nodoc:
priority, = msg.get_unpack("n")
weight, = msg.get_unpack("n")
port, = msg.get_unpack("n")

Loading…
Cancel
Save