openssl: add patch reverting behaviour change introduced in 1.1.1e (#5075)
* openssl: add patch reverting behaviour change introduced in 1.1.1e Upstream issue: https://github.com/openssl/openssl/issues/11378 Quite a lot of programs needs to be fixed before they work with 1.1.1e. Plan seem to be to release 1.1.1f shortly with this patch, and save the changes for the next major release instead. * openssl: update patch header
This commit is contained in:
parent
765f58a35b
commit
5ff68e884b
@ -3,6 +3,7 @@ TERMUX_PKG_DESCRIPTION="Library implementing the SSL and TLS protocols as well a
|
||||
TERMUX_PKG_LICENSE="BSD"
|
||||
TERMUX_PKG_DEPENDS="ca-certificates"
|
||||
TERMUX_PKG_VERSION=1.1.1e
|
||||
TERMUX_PKG_REVISION=1
|
||||
TERMUX_PKG_SRCURL=https://www.openssl.org/source/openssl-${TERMUX_PKG_VERSION/\~/-}.tar.gz
|
||||
TERMUX_PKG_SHA256=694f61ac11cb51c9bf73f54e771ff6022b0327a43bbdfa1b2f19de1662a6dcbe
|
||||
TERMUX_PKG_CONFFILES="etc/tls/openssl.cnf"
|
||||
|
81
packages/openssl/revert-eof-detection.patch
Normal file
81
packages/openssl/revert-eof-detection.patch
Normal file
@ -0,0 +1,81 @@
|
||||
commit 30d190caf311d534867df97e26b552e628cb7d85
|
||||
Author: Tomas Mraz <tmraz@fedoraproject.org>
|
||||
Date: Wed Mar 25 14:15:31 2020 +0100
|
||||
|
||||
Partially revert "Detect EOF while reading in libssl"
|
||||
|
||||
This partially reverts commit db943f43a60d1b5b1277e4b5317e8f288e7a0a3a.
|
||||
|
||||
Reviewed-by: Matt Caswell <matt@openssl.org>
|
||||
(Merged from https://github.com/openssl/openssl/pull/11400)
|
||||
|
||||
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
|
||||
index f5324c6819..35512f9caf 100644
|
||||
--- a/crypto/err/openssl.txt
|
||||
+++ b/crypto/err/openssl.txt
|
||||
@@ -2852,7 +2852,6 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines
|
||||
SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES:243:unable to load ssl3 sha1 routines
|
||||
SSL_R_UNEXPECTED_CCS_MESSAGE:262:unexpected ccs message
|
||||
SSL_R_UNEXPECTED_END_OF_EARLY_DATA:178:unexpected end of early data
|
||||
-SSL_R_UNEXPECTED_EOF_WHILE_READING:294:unexpected eof while reading
|
||||
SSL_R_UNEXPECTED_MESSAGE:244:unexpected message
|
||||
SSL_R_UNEXPECTED_RECORD:245:unexpected record
|
||||
SSL_R_UNINITIALIZED:276:uninitialized
|
||||
diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
|
||||
index 0ef684f3c1..ba4c4ae5fb 100644
|
||||
--- a/include/openssl/sslerr.h
|
||||
+++ b/include/openssl/sslerr.h
|
||||
@@ -1,6 +1,6 @@
|
||||
/*
|
||||
* Generated by util/mkerr.pl DO NOT EDIT
|
||||
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@@ -734,7 +734,6 @@ int ERR_load_SSL_strings(void);
|
||||
# define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
|
||||
# define SSL_R_UNEXPECTED_CCS_MESSAGE 262
|
||||
# define SSL_R_UNEXPECTED_END_OF_EARLY_DATA 178
|
||||
-# define SSL_R_UNEXPECTED_EOF_WHILE_READING 294
|
||||
# define SSL_R_UNEXPECTED_MESSAGE 244
|
||||
# define SSL_R_UNEXPECTED_RECORD 245
|
||||
# define SSL_R_UNINITIALIZED 276
|
||||
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
|
||||
index 1c885a664f..b2a7a47eb0 100644
|
||||
--- a/ssl/record/rec_layer_s3.c
|
||||
+++ b/ssl/record/rec_layer_s3.c
|
||||
@@ -296,12 +296,6 @@ int ssl3_read_n(SSL *s, size_t n, size_t max, int extend, int clearold,
|
||||
ret = BIO_read(s->rbio, pkt + len + left, max - left);
|
||||
if (ret >= 0)
|
||||
bioread = ret;
|
||||
- if (ret <= 0
|
||||
- && !BIO_should_retry(s->rbio)
|
||||
- && BIO_eof(s->rbio)) {
|
||||
- SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_SSL3_READ_N,
|
||||
- SSL_R_UNEXPECTED_EOF_WHILE_READING);
|
||||
- }
|
||||
} else {
|
||||
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_READ_N,
|
||||
SSL_R_READ_BIO_NOT_SET);
|
||||
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
|
||||
index a0c7b79659..4b12ed1485 100644
|
||||
--- a/ssl/ssl_err.c
|
||||
+++ b/ssl/ssl_err.c
|
||||
@@ -1,6 +1,6 @@
|
||||
/*
|
||||
* Generated by util/mkerr.pl DO NOT EDIT
|
||||
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@@ -1205,8 +1205,6 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
|
||||
"unexpected ccs message"},
|
||||
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_END_OF_EARLY_DATA),
|
||||
"unexpected end of early data"},
|
||||
- {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_EOF_WHILE_READING),
|
||||
- "unexpected eof while reading"},
|
||||
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_MESSAGE), "unexpected message"},
|
||||
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_RECORD), "unexpected record"},
|
||||
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNINITIALIZED), "uninitialized"},
|
Loading…
Reference in New Issue
Block a user