Skip to content

Commit

Permalink
update patch for updated symbols
Browse files Browse the repository at this point in the history
  • Loading branch information
samuel40791765 committed Sep 18, 2024
1 parent 5c1dcff commit 26b722a
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 126 deletions.
1 change: 0 additions & 1 deletion include/openssl/ssl.h
Original file line number Diff line number Diff line change
Expand Up @@ -5755,7 +5755,6 @@ OPENSSL_EXPORT int SSL_set1_curves_list(SSL *ssl, const char *curves);
// draft when GOST ciphersuite is negotiated (which we don't support).
#define SSL_OP_CRYPTOPRO_TLSEXT_BUG 0


// The following have no effect in both AWS-LC and OpenSSL.
#define SSL_OP_EPHEMERAL_RSA 0
#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0
Expand Down
141 changes: 16 additions & 125 deletions tests/ci/integration/ruby_patch/ruby_3_1/aws-lc-ruby-temp.patch
Original file line number Diff line number Diff line change
@@ -1,63 +1,27 @@
diff --git a/ext/openssl/lib/openssl/ssl.rb b/ext/openssl/lib/openssl/ssl.rb
index a9103ec..7b9aa22 100644
--- a/ext/openssl/lib/openssl/ssl.rb
+++ b/ext/openssl/lib/openssl/ssl.rb
@@ -30,24 +30,24 @@ class SSLContext
}.call
}

- if defined?(OpenSSL::PKey::DH)
- DEFAULT_2048 = OpenSSL::PKey::DH.new <<-_end_of_pem_
------BEGIN DH PARAMETERS-----
-MIIBCAKCAQEA7E6kBrYiyvmKAMzQ7i8WvwVk9Y/+f8S7sCTN712KkK3cqd1jhJDY
-JbrYeNV3kUIKhPxWHhObHKpD1R84UpL+s2b55+iMd6GmL7OYmNIT/FccKhTcveab
-VBmZT86BZKYyf45hUF9FOuUM9xPzuK3Vd8oJQvfYMCd7LPC0taAEljQLR4Edf8E6
-YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3
-1bNveX5wInh5GDx1FGhKBZ+s1H+aedudCm7sCgRwv8lKWYGiHzObSma8A86KG+MD
-7Lo5JquQ3DlBodj3IDyPrxIv96lvRPFtAwIBAg==
------END DH PARAMETERS-----
- _end_of_pem_
- private_constant :DEFAULT_2048
-
- DEFAULT_TMP_DH_CALLBACK = lambda { |ctx, is_export, keylen| # :nodoc:
- warn "using default DH parameters." if $VERBOSE
- DEFAULT_2048
- }
- end
+# if defined?(OpenSSL::PKey::DH)
+# DEFAULT_2048 = OpenSSL::PKey::DH.new <<-_end_of_pem_
+# -----BEGIN DH PARAMETERS-----
+# MIIBCAKCAQEA7E6kBrYiyvmKAMzQ7i8WvwVk9Y/+f8S7sCTN712KkK3cqd1jhJDY
+# JbrYeNV3kUIKhPxWHhObHKpD1R84UpL+s2b55+iMd6GmL7OYmNIT/FccKhTcveab
+# VBmZT86BZKYyf45hUF9FOuUM9xPzuK3Vd8oJQvfYMCd7LPC0taAEljQLR4Edf8E6
+# YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3
+# 1bNveX5wInh5GDx1FGhKBZ+s1H+aedudCm7sCgRwv8lKWYGiHzObSma8A86KG+MD
+# 7Lo5JquQ3DlBodj3IDyPrxIv96lvRPFtAwIBAg==
+# -----END DH PARAMETERS-----
+# _end_of_pem_
+# private_constant :DEFAULT_2048
+
+# DEFAULT_TMP_DH_CALLBACK = lambda { |ctx, is_export, keylen| # :nodoc:
+# warn "using default DH parameters." if $VERBOSE
+# DEFAULT_2048
+# }
+# end

if !(OpenSSL::OPENSSL_VERSION.start_with?("OpenSSL") &&
OpenSSL::OPENSSL_VERSION_NUMBER >= 0x10100000)
diff --git a/ext/openssl/ossl_config.c b/ext/openssl/ossl_config.c
index 0bac027..7d499a0 100644
index 0bac027..d4a789f 100644
--- a/ext/openssl/ossl_config.c
+++ b/ext/openssl/ossl_config.c
@@ -9,6 +9,8 @@
@@ -9,8 +9,6 @@
*/
#include "ossl.h"

-static VALUE cConfig, eConfigError;
-
static void
nconf_free(void *conf)
{
@@ -36,6 +34,10 @@ GetConfig(VALUE obj)
return conf;
}

+#if !defined(OPENSSL_IS_AWSLC)
+
static VALUE cConfig, eConfigError;

static void
+static VALUE cConfig, eConfigError;
+
static VALUE
config_s_alloc(VALUE klass)
{
@@ -458,3 +460,9 @@ Init_ossl_config(void)
path_str = ossl_buf2str(path, rb_long2int(strlen(path)));
rb_define_const(cConfig, "DEFAULT_CONFIG_FILE", path_str);
Expand All @@ -69,21 +33,6 @@ index 0bac027..7d499a0 100644
+}
+#endif
\ No newline at end of file
diff --git a/ext/openssl/ossl_config.h b/ext/openssl/ossl_config.h
index 4e604f1..1c55ba1 100644
--- a/ext/openssl/ossl_config.h
+++ b/ext/openssl/ossl_config.h
@@ -10,7 +10,10 @@
#ifndef OSSL_CONFIG_H
#define OSSL_CONFIG_H

+#if !defined(OPENSSL_IS_AWSLC)
CONF *GetConfig(VALUE obj);
+#endif
+
void Init_ossl_config(void);

#endif /* OSSL_CONFIG_H */
diff --git a/ext/openssl/ossl_ocsp.c b/ext/openssl/ossl_ocsp.c
index 1e87484..343b5cb 100644
--- a/ext/openssl/ossl_ocsp.c
Expand Down Expand Up @@ -176,64 +125,6 @@ index 3e1b094..f85efcc 100644

void Init_ossl_pkcs7(void);

diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c
index 4aa4489..be5769c 100644
--- a/ext/openssl/ossl_pkey.c
+++ b/ext/openssl/ossl_pkey.c
@@ -178,9 +178,9 @@ ossl_pkey_read_generic(BIO *bio, VALUE pass)
OSSL_BIO_reset(bio);
if ((pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL)))
goto out;
- OSSL_BIO_reset(bio);
- if ((pkey = PEM_read_bio_Parameters(bio, NULL)))
- goto out;
+ // OSSL_BIO_reset(bio);
+ // if ((pkey = PEM_read_bio_Parameters(bio, NULL)))
+ // goto out;

out:
return pkey;
@@ -710,23 +710,23 @@ ossl_pkey_export_traditional(int argc, VALUE *argv, VALUE self, int to_der)
}
}
else {
-#if OPENSSL_VERSION_NUMBER >= 0x10100000
- if (!PEM_write_bio_PrivateKey_traditional(bio, pkey, enc, NULL, 0,
- ossl_pem_passwd_cb,
- (void *)pass)) {
-#else
- char pem_str[80];
- const char *aname;
-
- EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, &aname, pkey->ameth);
- snprintf(pem_str, sizeof(pem_str), "%s PRIVATE KEY", aname);
- if (!PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey, pem_str, bio,
- pkey, enc, NULL, 0, ossl_pem_passwd_cb,
- (void *)pass)) {
-#endif
- BIO_free(bio);
- ossl_raise(ePKeyError, "PEM_write_bio_PrivateKey_traditional");
- }
+// #if OPENSSL_VERSION_NUMBER >= 0x10100000
+// if (!PEM_write_bio_PrivateKey_traditional(bio, pkey, enc, NULL, 0,
+// ossl_pem_passwd_cb,
+// (void *)pass)) {
+// #else
+// char pem_str[80];
+// const char *aname;
+
+// EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, &aname, pkey->ameth);
+// snprintf(pem_str, sizeof(pem_str), "%s PRIVATE KEY", aname);
+// if (!PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey, pem_str, bio,
+// pkey, enc, NULL, 0, ossl_pem_passwd_cb,
+// (void *)pass)) {
+// #endif
+ // BIO_free(bio);
+ // ossl_raise(ePKeyError, "PEM_write_bio_PrivateKey_traditional");
+ // }
}
return ossl_membio2str(bio);
}
diff --git a/ext/openssl/ossl_pkey_ec.c b/ext/openssl/ossl_pkey_ec.c
index 06d59c2..f248a96 100644
--- a/ext/openssl/ossl_pkey_ec.c
Expand Down

0 comments on commit 26b722a

Please sign in to comment.