View | Details | Raw Unified | Return to bug 217013
Collapse All | Expand All

(-)security/certificate-transparency/files/patch-Makefile.am (+27 lines)
Lines 9-14 Link Here
9
 	cpp/monitoring/prometheus/metrics.pb.cc \
9
 	cpp/monitoring/prometheus/metrics.pb.cc \
10
 	cpp/monitoring/prometheus/metrics.pb.h \
10
 	cpp/monitoring/prometheus/metrics.pb.h \
11
 	proto/ct.pb.cc \
11
 	proto/ct.pb.cc \
12
@@ -112,7 +110,7 @@ TESTS = \
13
 	cpp/util/sync_task_test \
14
 	cpp/util/task_test
15
 
16
-if !OPENSSL_IS_BORINGSSL
17
+if !OPENSSL_NO_CMS
18
 TESTS += cpp/log/cms_verifier_test
19
 endif
20
 
12
@@ -131,9 +129,6 @@ endif
21
@@ -131,9 +129,6 @@ endif
13
 cpp/gtest-all.cc: $(GTEST_DIR)/src/gtest-all.cc
22
 cpp/gtest-all.cc: $(GTEST_DIR)/src/gtest-all.cc
14
 	$(AM_V_at)cp $^ $@
23
 	$(AM_V_at)cp $^ $@
Lines 19-24 Link Here
19
 test/testdata/urlfetcher_test_certs/localhost-key.pem: test/create_url_fetcher_test_certs.sh
28
 test/testdata/urlfetcher_test_certs/localhost-key.pem: test/create_url_fetcher_test_certs.sh
20
 	$(AM_V_GEN)test/create_url_fetcher_test_certs.sh
29
 	$(AM_V_GEN)test/create_url_fetcher_test_certs.sh
21
 
30
 
31
@@ -217,7 +212,7 @@ cpp_libcore_a_SOURCES = \
32
 	proto/ct.pb.cc \
33
 	proto/ct.pb.h
34
 
35
-if !OPENSSL_IS_BORINGSSL
36
+if !OPENSSL_NO_CMS
37
 cpp_libcore_a_SOURCES += cpp/log/cms_verifier.cc
38
 endif
39
 
22
@@ -226,8 +221,6 @@ cpp_libtest_a_CPPFLAGS = \
40
@@ -226,8 +221,6 @@ cpp_libtest_a_CPPFLAGS = \
23
 	-I$(GTEST_DIR) \
41
 	-I$(GTEST_DIR) \
24
 	$(AM_CPPFLAGS)
42
 	$(AM_CPPFLAGS)
Lines 28-30 Link Here
28
 	cpp/util/testing.cc
46
 	cpp/util/testing.cc
29
 
47
 
30
 cpp_server_ct_mirror_LDADD = \
48
 cpp_server_ct_mirror_LDADD = \
49
@@ -907,7 +900,7 @@ cpp_log_cert_test_SOURCES = \
50
 	cpp/log/cert_test.cc \
51
 	cpp/util/util.cc
52
 
53
-if !OPENSSL_IS_BORINGSSL
54
+if !OPENSSL_NO_CMS
55
 cpp_log_cms_verifier_test_LDADD = \
56
 	cpp/libcore.a \
57
 	cpp/libtest.a \
(-)security/certificate-transparency/files/patch-configure.ac (+26 lines)
Lines 29-31 Link Here
29
 save_LIBS="$LIBS"
29
 save_LIBS="$LIBS"
30
 AS_UNSET([LIBS])
30
 AS_UNSET([LIBS])
31
 AC_SEARCH_LIBS([snappy_compress], [snappy],,, [$save_LIBS])
31
 AC_SEARCH_LIBS([snappy_compress], [snappy],,, [$save_LIBS])
32
@@ -146,6 +147,17 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#in
33
                   [AC_MSG_RESULT([yes]); openssl_is_boringssl=1],
34
                   [AC_MSG_RESULT([no])])
35
 
36
+AC_MSG_CHECKING([for LibreSSL])
37
+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <openssl/opensslv.h>]],
38
+                                   [[
39
+                                     #ifndef LIBRESSL_VERSION_NUMBER
40
+                                     # error not LibreSSL
41
+                                     #endif
42
+                                   ]])
43
+                  ],
44
+                  [AC_MSG_RESULT([yes]); openssl_is_libressl=1],
45
+                  [AC_MSG_RESULT([no])])
46
+
47
 save_LIBS="$LIBS"
48
 AS_UNSET([LIBS])
49
 AC_SEARCH_LIBS([event_base_dispatch], [event],, [missing_libevent=1],
50
@@ -212,6 +224,7 @@ AM_CONDITIONAL([HAVE_ANT], [test -n "$AN
51
 AM_CONDITIONAL([HAVE_LDNS], [test -z "$missing_ldns"])
52
 AM_CONDITIONAL([HAVE_OBJECTHASH], [test -z "$missing_objecthash"])
53
 AM_CONDITIONAL([OPENSSL_IS_BORINGSSL], [test -n "$openssl_is_boringssl"])
54
+AM_CONDITIONAL([OPENSSL_NO_CMS], [test -z "$openssl_is_boringssl" -o -z "$openssl_is_boringssl"])
55
 AC_DEFINE_UNQUOTED([TEST_SRCDIR], ["$srcdir"], [Top of the source directory, for tests.])
56
 AC_SUBST([INSTALL_DIR])
57
 AC_CONFIG_FILES([Makefile])
(-)security/certificate-transparency/files/patch-cpp-client-ct.cc (-47 / +9 lines)
Lines 1-49 Link Here
1
--- cpp/client/ct.cc.orig	2016-10-14 17:11:57 UTC
1
--- cpp/client/ct.cc.orig	2017-02-11 20:58:57 UTC
2
+++ cpp/client/ct.cc
2
+++ cpp/client/ct.cc
3
@@ -451,8 +451,8 @@ static void MakeCert() {
3
@@ -530,7 +530,7 @@ static void ProofToExtensionData() {
4
 // (This means the relevant section should be last in the configuration.)
4
                       << " for writing:" << strerror(errno);
5
 // 1.2.3.1=DER:[raw encoding of proof]
6
 static void WriteProofToConfig() {
7
-  CHECK(!FLAGS_sct_token.empty()) << google::ProgramUsage();
8
-  CHECK(!FLAGS_extensions_config_out.empty()) << google::ProgramUsage();
9
+  CHECK(!FLAGS_sct_token.empty()) << gflags::ProgramUsage();
10
+  CHECK(!FLAGS_extensions_config_out.empty()) << gflags::ProgramUsage();
11
 
5
 
12
   string sct;
6
 // Work around broken PEM_write() declaration in older OpenSSL versions.
13
 
7
-#if OPENSSL_VERSION_NUMBER < 0x10002000L
14
@@ -479,8 +479,8 @@ static const char kPEMLabel[] = "SERVERI
8
+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
15
 // Wrap the proof in the format expected by the TLS extension,
9
   PEM_write(out, const_cast<char*>(kPEMLabel), const_cast<char*>(""),
16
 // so that we can feed it to OpenSSL.
10
             const_cast<unsigned char*>(reinterpret_cast<const unsigned char*>(
17
 static void ProofToExtensionData() {
11
                 extension_data_out.str().data())),
18
-  CHECK(!FLAGS_sct_token.empty()) << google::ProgramUsage();
19
-  CHECK(!FLAGS_tls_extension_data_out.empty()) << google::ProgramUsage();
20
+  CHECK(!FLAGS_sct_token.empty()) << gflags::ProgramUsage();
21
+  CHECK(!FLAGS_tls_extension_data_out.empty()) << gflags::ProgramUsage();
22
 
23
   string serialized_sct;
24
   PCHECK(util::ReadBinaryFile(FLAGS_sct_token, &serialized_sct))
25
@@ -939,13 +939,13 @@ int GetSTH() {
26
 // Exit code upon abnormal exit (CHECK failures): != 0
27
 // (on UNIX, 134 is expected)
28
 int main(int argc, char** argv) {
29
-  google::SetUsageMessage(argv[0] + string(kUsage));
30
+  gflags::SetUsageMessage(argv[0] + string(kUsage));
31
   util::InitCT(&argc, &argv);
32
   ConfigureSerializerForV1CT();
33
 
34
   const string main_command(argv[0]);
35
   if (argc < 2) {
36
-    std::cout << google::ProgramUsage();
37
+    std::cout << gflags::ProgramUsage();
38
     return 1;
39
   }
40
 
41
@@ -983,7 +983,7 @@ int main(int argc, char** argv) {
42
   } else if (cmd == "sth") {
43
     ret = GetSTH();
44
   } else {
45
-    std::cout << google::ProgramUsage();
46
+    std::cout << gflags::ProgramUsage();
47
     ret = 1;
48
   }
49
 
(-)security/certificate-transparency/files/patch-cpp_client_ssl__client.cc (+11 lines)
Line 0 Link Here
1
--- cpp/client/ssl_client.cc.orig	2016-10-14 17:11:57 UTC
2
+++ cpp/client/ssl_client.cc
3
@@ -88,7 +88,7 @@ SSLClient::SSLClient(const string& serve
4
 
5
   SSL_CTX_set_cert_verify_callback(ctx_.get(), &VerifyCallback, &verify_args_);
6
 
7
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
8
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
9
   SSL_CTX_add_client_custom_ext(ctx_.get(), CT_EXTENSION_TYPE, NULL, NULL,
10
                                 NULL, ExtensionCallback, &verify_args_);
11
 #else
(-)security/certificate-transparency/files/patch-cpp_log_cert.cc (+20 lines)
Line 0 Link Here
1
--- cpp/log/cert.cc.orig	2016-10-14 17:11:57 UTC
2
+++ cpp/log/cert.cc
3
@@ -31,7 +31,7 @@ using util::StatusOr;
4
 using util::error::Code;
5
 
6
 
7
-#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(OPENSSL_IS_BORINGSSL)
8
+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(OPENSSL_IS_BORINGSSL) || defined(LIBRESSL_VERSION_NUMBER)
9
 // Backport from 1.0.2-beta3.
10
 static int i2d_re_X509_tbs(X509* x, unsigned char** pp) {
11
   x->cert_info->enc.modified = 1;
12
@@ -39,7 +39,7 @@ static int i2d_re_X509_tbs(X509* x, unsi
13
 }
14
 #endif
15
 
16
-#if OPENSSL_VERSION_NUMBER < 0x10002000L
17
+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
18
 static int X509_get_signature_nid(const X509* x) {
19
   return OBJ_obj2nid(x->sig_alg->algorithm);
20
 }

Return to bug 217013