save temporary stuff

aws · Aug 30, 2024 · 771ff8c · 771ff8c
1 parent 3b47c81
commit 771ff8c
Show file tree

Hide file tree

Showing 2 changed files with 69 additions and 285 deletions.
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
@@ -5731,6 +5731,13 @@ OPENSSL_EXPORT int SSL_set1_curves_list(SSL *ssl, const char *curves);
 // is intentionally not supported in AWS-LC.
 #define SSL_VERIFY_CLIENT_ONCE 0
 
+// The following are not supported in AWS-LC.
+// TODO: elaoborate
+#define SSL_OP_TLSEXT_PADDING 0
+#define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0
+#define SSL_OP_CRYPTOPRO_TLSEXT_BUG 0
+
+
 // The following have no effect in both AWS-LC and OpenSSL.
 #define SSL_OP_EPHEMERAL_RSA 0
 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0

diff --git a/tests/ci/integration/ruby_patch/ruby_3_1/aws-lc-ruby.patch b/tests/ci/integration/ruby_patch/ruby_3_1/aws-lc-ruby.patch
@@ -1,305 +1,82 @@
+diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c
+index 6c532ac..f511a7a 100644
+--- a/ext/openssl/ossl.c
++++ b/ext/openssl/ossl.c
+@@ -1244,7 +1244,9 @@ Init_openssl(void)
+     Init_ossl_hmac();
+     Init_ossl_ns_spki();
+     Init_ossl_pkcs12();
++#if !defined(OPENSSL_IS_AWSLC)
+     Init_ossl_pkcs7();
++#endif
+     Init_ossl_pkey();
+     Init_ossl_rand();
+     Init_ossl_ssl();
 diff --git a/ext/openssl/ossl_config.c b/ext/openssl/ossl_config.c
-index 0bac027..c5f00e6 100644
+index 0bac027..95e998e 100644
 --- a/ext/openssl/ossl_config.c
 +++ b/ext/openssl/ossl_config.c
-@@ -243,146 +243,146 @@ config_get_section(VALUE self, VALUE section)
-     return hash;
+@@ -252,7 +252,7 @@ get_conf_section_doall_arg(CONF_VALUE *cv, VALUE *aryp)
  }
 
--static void
--get_conf_section_doall_arg(CONF_VALUE *cv, VALUE *aryp)
--{
--    if (cv->name)
--        return;
--    rb_ary_push(*aryp, rb_str_new_cstr(cv->section));
--}
--
--/* IMPLEMENT_LHASH_DOALL_ARG_CONST() requires >= OpenSSL 1.1.0 */
+ /* IMPLEMENT_LHASH_DOALL_ARG_CONST() requires >= OpenSSL 1.1.0 */
 -static IMPLEMENT_LHASH_DOALL_ARG_FN(get_conf_section, CONF_VALUE, VALUE)
--
--/*
-- * call-seq:
-- *    config.sections -> array of string
-- *
-- * Get the names of all sections in the current configuration.
-- */
--static VALUE
--config_get_sections(VALUE self)
--{
--    CONF *conf = GetConfig(self);
--    VALUE ary;
--
--    ary = rb_ary_new();
++// static IMPLEMENT_LHASH_DOALL_ARG_FN(get_conf_section, CONF_VALUE, VALUE)
+
+ /*
+  * call-seq:
+@@ -267,8 +267,8 @@ config_get_sections(VALUE self)
+     VALUE ary;
+
+     ary = rb_ary_new();
 -    lh_doall_arg((_LHASH *)conf->data, LHASH_DOALL_ARG_FN(get_conf_section),
 -                 &ary);
--    return ary;
--}
--
--static void
--dump_conf_value_doall_arg(CONF_VALUE *cv, VALUE *strp)
--{
--    VALUE str = *strp;
--    STACK_OF(CONF_VALUE) *sk;
--    int i, num;
--
--    if (cv->name)
--        return;
--    sk = (STACK_OF(CONF_VALUE) *)cv->value;
--    num = sk_CONF_VALUE_num(sk);
--    rb_str_cat_cstr(str, "[ ");
--    rb_str_cat_cstr(str, cv->section);
--    rb_str_cat_cstr(str, " ]\n");
--    for (i = 0; i < num; i++){
--        CONF_VALUE *v = sk_CONF_VALUE_value(sk, i);
--        rb_str_cat_cstr(str, v->name ? v->name : "None");
--        rb_str_cat_cstr(str, "=");
--        rb_str_cat_cstr(str, v->value ? v->value : "None");
--        rb_str_cat_cstr(str, "\n");
--    }
--    rb_str_cat_cstr(str, "\n");
--}
--
++    // lh_doall_arg((_LHASH *)conf->data, LHASH_DOALL_ARG_FN(get_conf_section),
++    //              &ary);
+     return ary;
+ }
+
+@@ -296,7 +296,7 @@ dump_conf_value_doall_arg(CONF_VALUE *cv, VALUE *strp)
+     rb_str_cat_cstr(str, "\n");
+ }
+
 -static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_conf_value, CONF_VALUE, VALUE)
--
--/*
-- * call-seq:
-- *    config.to_s -> string
-- *
-- *
-- * Gets the parsable form of the current configuration.
-- *
-- * Given the following configuration being created:
-- *
-- *   config = OpenSSL::Config.new
-- *     #=> #<OpenSSL::Config sections=[]>
-- *   config['default'] = {"foo"=>"bar","baz"=>"buz"}
-- *     #=> {"foo"=>"bar", "baz"=>"buz"}
-- *   puts config.to_s
-- *     #=> [ default ]
-- *     #   foo=bar
-- *     #   baz=buz
-- *
-- * You can parse get the serialized configuration using #to_s and then parse
-- * it later:
-- *
-- *   serialized_config = config.to_s
-- *   # much later...
-- *   new_config = OpenSSL::Config.parse(serialized_config)
-- *     #=> #<OpenSSL::Config sections=["default"]>
-- *   puts new_config
-- *     #=> [ default ]
-- *         foo=bar
-- *         baz=buz
-- */
--static VALUE
--config_to_s(VALUE self)
--{
--    CONF *conf = GetConfig(self);
--    VALUE str;
--
--    str = rb_str_new(NULL, 0);
++// static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_conf_value, CONF_VALUE, VALUE)
+
+ /*
+  * call-seq:
+@@ -335,8 +335,8 @@ config_to_s(VALUE self)
+     VALUE str;
+
+     str = rb_str_new(NULL, 0);
 -    lh_doall_arg((_LHASH *)conf->data, LHASH_DOALL_ARG_FN(dump_conf_value),
 -                 &str);
--    return str;
--}
--
--static void
--each_conf_value_doall_arg(CONF_VALUE *cv, void *unused)
--{
--    STACK_OF(CONF_VALUE) *sk;
--    VALUE section;
--    int i, num;
--
--    if (cv->name)
--        return;
--    sk = (STACK_OF(CONF_VALUE) *)cv->value;
--    num = sk_CONF_VALUE_num(sk);
--    section = rb_str_new_cstr(cv->section);
--    for (i = 0; i < num; i++){
--        CONF_VALUE *v = sk_CONF_VALUE_value(sk, i);
--        VALUE name = v->name ? rb_str_new_cstr(v->name) : Qnil;
--        VALUE value = v->value ? rb_str_new_cstr(v->value) : Qnil;
--        rb_yield(rb_ary_new3(3, section, name, value));
--    }
--}
--
++    // lh_doall_arg((_LHASH *)conf->data, LHASH_DOALL_ARG_FN(dump_conf_value),
++    //              &str);
+     return str;
+ }
+
+@@ -360,7 +360,7 @@ each_conf_value_doall_arg(CONF_VALUE *cv, void *unused)
+     }
+ }
+
 -static IMPLEMENT_LHASH_DOALL_ARG_FN(each_conf_value, CONF_VALUE, void)
--
--/*
-- * call-seq:
-- *    config.each { |section, key, value| }
-- *
-- * Retrieves the section and its pairs for the current configuration.
-- *
-- *    config.each do |section, key, value|
-- *      # ...
-- *    end
-- */
--static VALUE
--config_each(VALUE self)
--{
--    CONF *conf = GetConfig(self);
--
--    RETURN_ENUMERATOR(self, 0, 0);
--
--    lh_doall_arg((_LHASH *)conf->data, LHASH_DOALL_ARG_FN(each_conf_value),
--                 NULL);
--    return self;
--}
-+// static void
-+// get_conf_section_doall_arg(CONF_VALUE *cv, VALUE *aryp)
-+// {
-+//     if (cv->name)
-+//         return;
-+//     rb_ary_push(*aryp, rb_str_new_cstr(cv->section));
-+// }
-+
-+// /* IMPLEMENT_LHASH_DOALL_ARG_CONST() requires >= OpenSSL 1.1.0 */
-+// static IMPLEMENT_LHASH_DOALL_ARG_FN(get_conf_section, CONF_VALUE, VALUE)
-+
-+// /*
-+//  * call-seq:
-+//  *    config.sections -> array of string
-+//  *
-+//  * Get the names of all sections in the current configuration.
-+//  */
-+// static VALUE
-+// config_get_sections(VALUE self)
-+// {
-+//     CONF *conf = GetConfig(self);
-+//     VALUE ary;
-+
-+//     ary = rb_ary_new();
-+//     lh_doall_arg((_LHASH *)conf->data, LHASH_DOALL_ARG_FN(get_conf_section),
-+//                  &ary);
-+//     return ary;
-+// }
-+
-+// static void
-+// dump_conf_value_doall_arg(CONF_VALUE *cv, VALUE *strp)
-+// {
-+//     VALUE str = *strp;
-+//     STACK_OF(CONF_VALUE) *sk;
-+//     int i, num;
-+
-+//     if (cv->name)
-+//         return;
-+//     sk = (STACK_OF(CONF_VALUE) *)cv->value;
-+//     num = sk_CONF_VALUE_num(sk);
-+//     rb_str_cat_cstr(str, "[ ");
-+//     rb_str_cat_cstr(str, cv->section);
-+//     rb_str_cat_cstr(str, " ]\n");
-+//     for (i = 0; i < num; i++){
-+//         CONF_VALUE *v = sk_CONF_VALUE_value(sk, i);
-+//         rb_str_cat_cstr(str, v->name ? v->name : "None");
-+//         rb_str_cat_cstr(str, "=");
-+//         rb_str_cat_cstr(str, v->value ? v->value : "None");
-+//         rb_str_cat_cstr(str, "\n");
-+//     }
-+//     rb_str_cat_cstr(str, "\n");
-+// }
-+
-+// static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_conf_value, CONF_VALUE, VALUE)
-+
-+// /*
-+//  * call-seq:
-+//  *    config.to_s -> string
-+//  *
-+//  *
-+//  * Gets the parsable form of the current configuration.
-+//  *
-+//  * Given the following configuration being created:
-+//  *
-+//  *   config = OpenSSL::Config.new
-+//  *     #=> #<OpenSSL::Config sections=[]>
-+//  *   config['default'] = {"foo"=>"bar","baz"=>"buz"}
-+//  *     #=> {"foo"=>"bar", "baz"=>"buz"}
-+//  *   puts config.to_s
-+//  *     #=> [ default ]
-+//  *     #   foo=bar
-+//  *     #   baz=buz
-+//  *
-+//  * You can parse get the serialized configuration using #to_s and then parse
-+//  * it later:
-+//  *
-+//  *   serialized_config = config.to_s
-+//  *   # much later...
-+//  *   new_config = OpenSSL::Config.parse(serialized_config)
-+//  *     #=> #<OpenSSL::Config sections=["default"]>
-+//  *   puts new_config
-+//  *     #=> [ default ]
-+//  *         foo=bar
-+//  *         baz=buz
-+//  */
-+// static VALUE
-+// config_to_s(VALUE self)
-+// {
-+//     CONF *conf = GetConfig(self);
-+//     VALUE str;
-+
-+//     str = rb_str_new(NULL, 0);
-+//     lh_doall_arg((_LHASH *)conf->data, LHASH_DOALL_ARG_FN(dump_conf_value),
-+//                  &str);
-+//     return str;
-+// }
-+
-+// static void
-+// each_conf_value_doall_arg(CONF_VALUE *cv, void *unused)
-+// {
-+//     STACK_OF(CONF_VALUE) *sk;
-+//     VALUE section;
-+//     int i, num;
-+
-+//     if (cv->name)
-+//         return;
-+//     sk = (STACK_OF(CONF_VALUE) *)cv->value;
-+//     num = sk_CONF_VALUE_num(sk);
-+//     section = rb_str_new_cstr(cv->section);
-+//     for (i = 0; i < num; i++){
-+//         CONF_VALUE *v = sk_CONF_VALUE_value(sk, i);
-+//         VALUE name = v->name ? rb_str_new_cstr(v->name) : Qnil;
-+//         VALUE value = v->value ? rb_str_new_cstr(v->value) : Qnil;
-+//         rb_yield(rb_ary_new3(3, section, name, value));
-+//     }
-+// }
-+
 +// static IMPLEMENT_LHASH_DOALL_ARG_FN(each_conf_value, CONF_VALUE, void)
-+
-+// /*
-+//  * call-seq:
-+//  *    config.each { |section, key, value| }
-+//  *
-+//  * Retrieves the section and its pairs for the current configuration.
-+//  *
-+//  *    config.each do |section, key, value|
-+//  *      # ...
-+//  *    end
-+//  */
-+// static VALUE
-+// config_each(VALUE self)
-+// {
-+//     CONF *conf = GetConfig(self);
-+
-+//     RETURN_ENUMERATOR(self, 0, 0);
-+
-+//     lh_doall_arg((_LHASH *)conf->data, LHASH_DOALL_ARG_FN(each_conf_value),
-+//                  NULL);
-+//     return self;
-+// }
 
  /*
   * call-seq:
-@@ -446,15 +446,15 @@ Init_ossl_config(void)
-     rb_define_method(cConfig, "get_value", config_get_value, 2);
-     rb_define_method(cConfig, "[]", config_get_section, 1);
-     rb_define_method(cConfig, "sections", config_get_sections, 0);
--    rb_define_method(cConfig, "to_s", config_to_s, 0);
--    rb_define_method(cConfig, "each", config_each, 0);
-+    // rb_define_method(cConfig, "to_s", config_to_s, 0);
-+    // rb_define_method(cConfig, "each", config_each, 0);
-     rb_define_method(cConfig, "inspect", config_inspect, 0);
+@@ -379,8 +379,8 @@ config_each(VALUE self)
+
+     RETURN_ENUMERATOR(self, 0, 0);
+
+-    lh_doall_arg((_LHASH *)conf->data, LHASH_DOALL_ARG_FN(each_conf_value),
+-                 NULL);
++    // lh_doall_arg((_LHASH *)conf->data, LHASH_DOALL_ARG_FN(each_conf_value),
++    //              NULL);
+     return self;
+ }
 
-     /* Document-const: DEFAULT_CONFIG_FILE
+@@ -454,7 +454,7 @@ Init_ossl_config(void)
       *
       * The default system configuration file for OpenSSL.
       */