Browse Source

openssl: add patch reverting behaviour change introduced in 1.1.1e (#5075)

* openssl: add patch reverting behaviour change introduced in 1.1.1e

Upstream issue: https://github.com/openssl/openssl/issues/11378

Quite a lot of programs needs to be fixed before they work with 1.1.1e.

Plan seem to be to release 1.1.1f shortly with this patch, and save the changes
for the next major release instead.

* openssl: update patch header
master
Henrik Grimler 5 years ago
committed by GitHub
parent
commit
97a21a1254
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
  1. 1
      packages/openssl/build.sh
  2. 81
      packages/openssl/revert-eof-detection.patch

1
packages/openssl/build.sh

@ -3,6 +3,7 @@ TERMUX_PKG_DESCRIPTION="Library implementing the SSL and TLS protocols as well a
TERMUX_PKG_LICENSE="BSD"
TERMUX_PKG_DEPENDS="ca-certificates"
TERMUX_PKG_VERSION=1.1.1e
TERMUX_PKG_REVISION=1
TERMUX_PKG_SRCURL=https://www.openssl.org/source/openssl-${TERMUX_PKG_VERSION/\~/-}.tar.gz
TERMUX_PKG_SHA256=694f61ac11cb51c9bf73f54e771ff6022b0327a43bbdfa1b2f19de1662a6dcbe
TERMUX_PKG_CONFFILES="etc/tls/openssl.cnf"

81
packages/openssl/revert-eof-detection.patch

@ -0,0 +1,81 @@
commit 30d190caf311d534867df97e26b552e628cb7d85
Author: Tomas Mraz <tmraz@fedoraproject.org>
Date: Wed Mar 25 14:15:31 2020 +0100
Partially revert "Detect EOF while reading in libssl"
This partially reverts commit db943f43a60d1b5b1277e4b5317e8f288e7a0a3a.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11400)
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index f5324c6819..35512f9caf 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2852,7 +2852,6 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines
SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES:243:unable to load ssl3 sha1 routines
SSL_R_UNEXPECTED_CCS_MESSAGE:262:unexpected ccs message
SSL_R_UNEXPECTED_END_OF_EARLY_DATA:178:unexpected end of early data
-SSL_R_UNEXPECTED_EOF_WHILE_READING:294:unexpected eof while reading
SSL_R_UNEXPECTED_MESSAGE:244:unexpected message
SSL_R_UNEXPECTED_RECORD:245:unexpected record
SSL_R_UNINITIALIZED:276:uninitialized
diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
index 0ef684f3c1..ba4c4ae5fb 100644
--- a/include/openssl/sslerr.h
+++ b/include/openssl/sslerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -734,7 +734,6 @@ int ERR_load_SSL_strings(void);
# define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
# define SSL_R_UNEXPECTED_CCS_MESSAGE 262
# define SSL_R_UNEXPECTED_END_OF_EARLY_DATA 178
-# define SSL_R_UNEXPECTED_EOF_WHILE_READING 294
# define SSL_R_UNEXPECTED_MESSAGE 244
# define SSL_R_UNEXPECTED_RECORD 245
# define SSL_R_UNINITIALIZED 276
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 1c885a664f..b2a7a47eb0 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -296,12 +296,6 @@ int ssl3_read_n(SSL *s, size_t n, size_t max, int extend, int clearold,
ret = BIO_read(s->rbio, pkt + len + left, max - left);
if (ret >= 0)
bioread = ret;
- if (ret <= 0
- && !BIO_should_retry(s->rbio)
- && BIO_eof(s->rbio)) {
- SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_SSL3_READ_N,
- SSL_R_UNEXPECTED_EOF_WHILE_READING);
- }
} else {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_READ_N,
SSL_R_READ_BIO_NOT_SET);
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index a0c7b79659..4b12ed1485 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -1205,8 +1205,6 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
"unexpected ccs message"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_END_OF_EARLY_DATA),
"unexpected end of early data"},
- {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_EOF_WHILE_READING),
- "unexpected eof while reading"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_MESSAGE), "unexpected message"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_RECORD), "unexpected record"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNINITIALIZED), "uninitialized"},
Loading…
Cancel
Save