Attachment 193625 Details for Bug 226903 – 9.12.1P2

[patch] 9.12.1P2

bind912-9.12.1P2.patch (text/plain), 10.95 KB, created by Charlie Li on 2018-05-23 02:29:01 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Charlie Li

Created: 2018-05-23 02:29:01 UTC

Size: 10.95 KB

patch

obsolete

>diff --git dns/bind912/files/patch-config.h.in dns/bind912/files/patch-config.h.in
>new file mode 100644
>index 000000000000..617750ee7d9b
>--- /dev/null
>+++ dns/bind912/files/patch-config.h.in
>@@ -0,0 +1,35 @@
>+--- config.h.in.orig	2018-05-16 18:06:47 UTC
>++++ config.h.in
>+@@ -203,6 +203,9 @@ int sigwait(const unsigned int *set, int *sig);
>+ /* Define to 1 if you have the <devpoll.h> header file. */
>+ #undef HAVE_DEVPOLL_H
>+ 
>++/* Define to 1 if you have the `DH_get0_key' function. */
>++#undef HAVE_DH_GET0_KEY
>++
>+ /* Define to 1 if you have the `dlclose' function. */
>+ #undef HAVE_DLCLOSE
>+ 
>+@@ -218,6 +221,12 @@ int sigwait(const unsigned int *set, int *sig);
>+ /* Define to 1 to enable dnstap support */
>+ #undef HAVE_DNSTAP
>+ 
>++/* Define to 1 if you have the `DSA_get0_pqg' function. */
>++#undef HAVE_DSA_GET0_PQG
>++
>++/* Define to 1 if you have the `ECDSA_SIG_get0' function. */
>++#undef HAVE_ECDSA_SIG_GET0
>++
>+ /* Define to 1 if you have the <editline/readline.h> header file. */
>+ #undef HAVE_EDITLINE_READLINE_H
>+ 
>+@@ -427,6 +436,9 @@ int sigwait(const unsigned int *set, int *sig);
>+ 
>+ /* Define to 1 if you have the <regex.h> header file. */
>+ #undef HAVE_REGEX_H
>++
>++/* Define to 1 if you have the `RSA_set0_key' function. */
>++#undef HAVE_RSA_SET0_KEY
>+ 
>+ /* Define to 1 if you have the <sched.h> header file. */
>+ #undef HAVE_SCHED_H
>diff --git dns/bind912/files/patch-configure dns/bind912/files/patch-configure
>index 5fbe06fae97c..1809e0cc3178 100644
>--- dns/bind912/files/patch-configure
>+++ dns/bind912/files/patch-configure
>@@ -1,6 +1,6 @@
>---- configure.orig	2018-03-08 20:56:40 UTC
>+--- configure.orig	2018-05-16 18:06:47 UTC
> +++ configure
>-@@ -14455,27 +14455,9 @@ done
>+@@ -14443,27 +14443,9 @@ done
>  		# problems start to show up.
>  		saved_libs="$LIBS"
>  		for TRY_LIBS in \
>@@ -30,7 +30,7 @@
>  		    { $as_echo "$as_me:${as_lineno-$LINENO}: checking linking as $TRY_LIBS" >&5
>  $as_echo_n "checking linking as $TRY_LIBS... " >&6; }
>  		    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
>-@@ -14518,47 +14500,7 @@ $as_echo "no" >&6; } ;;
>+@@ -14506,47 +14488,7 @@ $as_echo "no" >&6; } ;;
>  		no) as_fn_error $? "could not determine proper GSSAPI linkage" "$LINENO" 5 ;;
>  		esac
>  
>@@ -79,7 +79,27 @@
>  		DNS_GSSAPI_LIBS="$LIBS"
>  
>  		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: using GSSAPI from $use_gssapi/lib and $use_gssapi/include" >&5
>-@@ -23197,7 +23139,7 @@ $as_echo "" >&6; }
>+@@ -16288,6 +16230,19 @@ fi
>+ done
>+ 
>+ 
>++	for ac_func in DH_get0_key ECDSA_SIG_get0 RSA_set0_key DSA_get0_pqg
>++do :
>++  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
>++ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
>++if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
>++  cat >>confdefs.h <<_ACEOF
>++#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
>++_ACEOF
>++
>++fi
>++done
>++
>++
>+ 	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for OpenSSL ECDSA support" >&5
>+ $as_echo_n "checking for OpenSSL ECDSA support... " >&6; }
>+ 	have_ecdsa=""
>+@@ -23203,7 +23158,7 @@ $as_echo "" >&6; }
>  			# Check other locations for includes.
>  			# Order is important (sigh).
>  
>diff --git dns/bind912/files/patch-configure.in dns/bind912/files/patch-configure.in
>new file mode 100644
>index 000000000000..e2e2ff931575
>--- /dev/null
>+++ dns/bind912/files/patch-configure.in
>@@ -0,0 +1,11 @@
>+--- configure.in.orig	2018-05-16 18:06:47 UTC
>++++ configure.in
>+@@ -1815,6 +1815,8 @@ esac
>+ 
>+ 	AC_CHECK_FUNCS(EVP_sha256 EVP_sha384 EVP_sha512)
>+ 
>++	AC_CHECK_FUNCS([DH_get0_key ECDSA_SIG_get0 RSA_set0_key DSA_get0_pqg])
>++
>+ 	AC_MSG_CHECKING(for OpenSSL ECDSA support)
>+ 	have_ecdsa=""
>+ 	AC_TRY_RUN([
>diff --git dns/bind912/files/patch-lib_dns_openssldh__link.c dns/bind912/files/patch-lib_dns_openssldh__link.c
>new file mode 100644
>index 000000000000..070fe2e7e116
>--- /dev/null
>+++ dns/bind912/files/patch-lib_dns_openssldh__link.c
>@@ -0,0 +1,134 @@
>+--- lib/dns/openssldh_link.c.orig	2018-05-16 18:06:47 UTC
>++++ lib/dns/openssldh_link.c
>+@@ -42,6 +42,8 @@
>+ 
>+ #include <dst/result.h>
>+ 
>++#include <openssl/opensslv.h>
>++
>+ #include "dst_internal.h"
>+ #include "dst_openssl.h"
>+ #include "dst_parse.h"
>+@@ -69,62 +71,81 @@ static isc_result_t openssldh_todns(const dst_key_t *k
>+ 
>+ static BIGNUM *bn2, *bn768, *bn1024, *bn1536;
>+ 
>+-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
>++#if !defined(HAVE_DH_GET0_KEY)
>+ /*
>+  * DH_get0_key, DH_set0_key, DH_get0_pqg and DH_set0_pqg
>+  * are from OpenSSL 1.1.0.
>+  */
>+ static void
>+ DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) {
>+-	if (pub_key != NULL)
>++	if (pub_key != NULL) {
>+ 		*pub_key = dh->pub_key;
>+-	if (priv_key != NULL)
>++	}
>++	if (priv_key != NULL) {
>+ 		*priv_key = dh->priv_key;
>++	}
>+ }
>+ 
>+ static int
>+ DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) {
>+-	/* Note that it is valid for priv_key to be NULL */
>+-	if (pub_key == NULL)
>+-		return 0;
>++	if (pub_key != NULL) {
>++		BN_free(dh->pub_key);
>++		dh->pub_key = pub_key;
>++	}
>+ 
>+-	BN_free(dh->pub_key);
>+-	BN_free(dh->priv_key);
>+-	dh->pub_key = pub_key;
>+-	dh->priv_key = priv_key;
>++	if (priv_key != NULL) {
>++		BN_free(dh->priv_key);
>++		dh->priv_key = priv_key;
>++	}
>+ 
>+-	return 1;
>++	return (1);
>+ }
>+ 
>+ static void
>+ DH_get0_pqg(const DH *dh,
>+ 	    const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
>+ {
>+-	if (p != NULL)
>++	if (p != NULL) {
>+ 		*p = dh->p;
>+-	if (q != NULL)
>++	}
>++	if (q != NULL) {
>+ 		*q = dh->q;
>+-	if (g != NULL)
>++	}
>++	if (g != NULL) {
>+ 		*g = dh->g;
>++	}
>+ }
>+ 
>+ static int
>+-DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {
>+-	/* q is optional */
>+-	if (p == NULL || g == NULL)
>+-		return(0);
>+-	BN_free(dh->p);
>+-	BN_free(dh->q);
>+-	BN_free(dh->g);
>+-	dh->p = p;
>+-	dh->q = q;
>+-	dh->g = g;
>++DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
>++{
>++	/* If the fields p and g in d are NULL, the corresponding input
>++	 * parameters MUST be non-NULL.  q may remain NULL.
>++	 */
>++	if ((dh->p == NULL && p == NULL)
>++	    || (dh->g == NULL && g == NULL))
>++	{
>++		return 0;
>++	}
>+ 
>++	if (p != NULL) {
>++		BN_free(dh->p);
>++		dh->p = p;
>++	}
>+ 	if (q != NULL) {
>++		BN_free(dh->q);
>++		dh->q = q;
>++	}
>++	if (g != NULL) {
>++		BN_free(dh->g);
>++		dh->g = g;
>++	}
>++
>++	if (q != NULL) {
>+ 		dh->length = BN_num_bits(q);
>+ 	}
>+ 
>+-	return(1);
>++	return (1);
>+ }
>+ 
>+ #define DH_clear_flags(d, f) (d)->flags &= ~(f)
>+@@ -542,7 +563,15 @@ openssldh_fromdns(dst_key_t *key, isc_buffer_t *data) 
>+ 		DH_free(dh);
>+ 		return (dst__openssl_toresult(ISC_R_NOMEMORY));
>+ 	}
>++#if (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) && (LIBRESSL_VERSION_NUMBER <= 0x2070200fL)
>++	/*
>++	 * LibreSSL << 2.7.3 DH_get0_key requires priv_key to be set when
>++	 * DH structure is empty, hence we cannot use DH_get0_key().
>++	 */
>++	dh->pub_key = pub_key;
>++#else /* LIBRESSL_VERSION_NUMBER */
>+ 	DH_set0_key(dh, pub_key, NULL);
>++#endif /* LIBRESSL_VERSION_NUMBER */
>+ 	isc_region_consume(&r, publen);
>+ 
>+ 	key->key_size = BN_num_bits(p);
>diff --git dns/bind912/files/patch-lib_dns_openssldsa__link.c dns/bind912/files/patch-lib_dns_openssldsa__link.c
>new file mode 100644
>index 000000000000..8f54b52e9881
>--- /dev/null
>+++ dns/bind912/files/patch-lib_dns_openssldsa__link.c
>@@ -0,0 +1,11 @@
>+--- lib/dns/openssldsa_link.c.orig	2018-05-16 18:06:47 UTC
>++++ lib/dns/openssldsa_link.c
>+@@ -49,7 +49,7 @@
>+ 
>+ static isc_result_t openssldsa_todns(const dst_key_t *key, isc_buffer_t *data);
>+ 
>+-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
>++#if !defined(HAVE_DSA_GET0_PQG)
>+ static void
>+ DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q,
>+ 	     const BIGNUM **g)
>diff --git dns/bind912/files/patch-lib_dns_opensslecdsa__link.c dns/bind912/files/patch-lib_dns_opensslecdsa__link.c
>new file mode 100644
>index 000000000000..1397baf5404e
>--- /dev/null
>+++ dns/bind912/files/patch-lib_dns_opensslecdsa__link.c
>@@ -0,0 +1,30 @@
>+--- lib/dns/opensslecdsa_link.c.orig	2018-05-16 18:06:47 UTC
>++++ lib/dns/opensslecdsa_link.c
>+@@ -42,20 +42,23 @@
>+ 
>+ #define DST_RET(a) {ret = a; goto err;}
>+ 
>+-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
>++#if !defined(HAVE_ECDSA_SIG_GET0)
>+ /* From OpenSSL 1.1 */
>+ static void
>+ ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) {
>+-	if (pr != NULL)
>++	if (pr != NULL) {
>+ 		*pr = sig->r;
>+-	if (ps != NULL)
>++	}
>++	if (ps != NULL) {
>+ 		*ps = sig->s;
>++	}
>+ }
>+ 
>+ static int
>+ ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s) {
>+-	if (r == NULL || s == NULL)
>++	if (r == NULL || s == NULL) {
>+ 		return 0;
>++	}
>+ 
>+ 	BN_clear_free(sig->r);
>+ 	BN_clear_free(sig->s);
>diff --git dns/bind912/files/patch-lib_dns_opensslrsa__link.c dns/bind912/files/patch-lib_dns_opensslrsa__link.c
>new file mode 100644
>index 000000000000..fefb192b5220
>--- /dev/null
>+++ dns/bind912/files/patch-lib_dns_opensslrsa__link.c
>@@ -0,0 +1,93 @@
>+--- lib/dns/opensslrsa_link.c.orig	2018-05-16 18:06:47 UTC
>++++ lib/dns/opensslrsa_link.c
>+@@ -121,7 +121,7 @@
>+ #endif
>+ #define DST_RET(a) {ret = a; goto err;}
>+ 
>+-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
>++#if !defined(HAVE_RSA_SET0_KEY)
>+ /* From OpenSSL 1.1.0 */
>+ static int
>+ RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) {
>+@@ -131,8 +131,9 @@ RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) 
>+ 	 * parameters MUST be non-NULL for n and e.  d may be
>+ 	 * left NULL (in case only the public key is used).
>+ 	 */
>+-	if ((r->n == NULL && n == NULL) || (r->e == NULL && e == NULL))
>++	if ((r->n == NULL && n == NULL) || (r->e == NULL && e == NULL)) {
>+ 		return 0;
>++	}
>+ 
>+ 	if (n != NULL) {
>+ 		BN_free(r->n);
>+@@ -157,8 +158,9 @@ RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q) {
>+ 	 * If the fields p and q in r are NULL, the corresponding input
>+ 	 * parameters MUST be non-NULL.
>+ 	 */
>+-	if ((r->p == NULL && p == NULL) || (r->q == NULL && q == NULL))
>++	if ((r->p == NULL && p == NULL) || (r->q == NULL && q == NULL)) {
>+ 		return 0;
>++	}
>+ 
>+ 	if (p != NULL) {
>+ 		BN_free(r->p);
>+@@ -181,7 +183,9 @@ RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1
>+ 	if ((r->dmp1 == NULL && dmp1 == NULL) ||
>+ 	    (r->dmq1 == NULL && dmq1 == NULL) ||
>+ 	    (r->iqmp == NULL && iqmp == NULL))
>++	{
>+ 		return 0;
>++	}
>+ 
>+ 	if (dmp1 != NULL) {
>+ 		BN_free(r->dmp1);
>+@@ -203,32 +207,40 @@ static void
>+ RSA_get0_key(const RSA *r,
>+ 	     const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
>+ {
>+-	if (n != NULL)
>++	if (n != NULL) {
>+ 		*n = r->n;
>+-	if (e != NULL)
>++	}
>++	if (e != NULL) {
>+ 		*e = r->e;
>+-	if (d != NULL)
>++	}
>++	if (d != NULL) {
>+ 		*d = r->d;
>++	}
>+ }
>+ 
>+ static void
>+ RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) {
>+-	if (p != NULL)
>++	if (p != NULL) {
>+ 		*p = r->p;
>+-	if (q != NULL)
>+-	*q = r->q;
>++	}
>++	if (q != NULL) {
>++		*q = r->q;
>++	}
>+ }
>+ 
>+ static void
>+ RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1,
>+ 		    const BIGNUM **iqmp)
>+ {
>+-	if (dmp1 != NULL)
>++	if (dmp1 != NULL) {
>+ 		*dmp1 = r->dmp1;
>+-	if (dmq1 != NULL)
>++	}
>++	if (dmq1 != NULL) {
>+ 		*dmq1 = r->dmq1;
>+-	if (iqmp != NULL)
>++	}
>++	if (iqmp != NULL) {
>+ 		*iqmp = r->iqmp;
>++	}
>+ }
>+ 
>+ static int

Actions: View | Diff

Attachments on bug 226903: 191794 | 193625 | 194059