polynomial-c 15/03/19 20:47:26
Added: openssl-1.0.1m-ipv6.patch
openssl-1.0.1m-s_client-verify.patch
openssl-1.0.1m-x32.patch
openssl-1.0.1m-parallel-build.patch
openssl-1.0.2a-parallel-build.patch
openssl-1.0.0r-x32.patch
Removed: openssl-1.0.0e-x32.patch
Log:
Version bump. Removed old
(Portage version: 2.2.18/cvs/Linux x86_64, signed Manifest commit with key
0x981CA6FC)
Revision Changes Path
1.1 dev-libs/openssl/files/openssl-1.0.1m-ipv6.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/openssl-1.0.1m-ipv6.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/openssl-1.0.1m-ipv6.patch?rev=1.1&content-type=text/plain
Index: openssl-1.0.1m-ipv6.patch
===================================================================
http://rt.openssl.org/Ticket/Display.html?id=2051&user=guest&pass=guest
Forward ported from openssl-1.0.1h-ipv6.patch
Signed-off-by: Lars Wendler <polynomia...@gentoo.org>
--- openssl-1.0.1m/apps/s_apps.h
+++ openssl-1.0.1m/apps/s_apps.h
@@ -153,7 +153,7 @@ typedef fd_mask fd_set;
int do_server(int port, int type, int *ret,
int (*cb) (char *hostname, int s, unsigned char *context),
- unsigned char *context);
+ unsigned char *context, int use_ipv4, int use_ipv6);
#ifdef HEADER_X509_H
int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
#endif
@@ -161,7 +161,8 @@ int MS_CALLBACK verify_callback(int ok,
int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
#endif
-int init_client(int *sock, char *server, int port, int type);
+int init_client(int *sock, char *server, int port, int type,
+ int use_ipv4, int use_ipv6);
int should_retry(int i);
int extract_port(char *str, short *port_ptr);
int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
--- openssl-1.0.1m/apps/s_client.c
+++ openssl-1.0.1m/apps/s_client.c
@@ -299,6 +299,10 @@ static void sc_usage(void)
{
BIO_printf(bio_err, "usage: s_client args\n");
BIO_printf(bio_err, "\n");
+ BIO_printf(bio_err," -4 - use IPv4 only\n");
+#if OPENSSL_USE_IPV6
+ BIO_printf(bio_err," -6 - use IPv6 only\n");
+#endif
BIO_printf(bio_err, " -host host - use -connect instead\n");
BIO_printf(bio_err, " -port port - use -connect instead\n");
BIO_printf(bio_err,
@@ -629,6 +633,7 @@ int MAIN(int argc, char **argv)
int sbuf_len, sbuf_off;
fd_set readfds, writefds;
short port = PORT;
+ int use_ipv4, use_ipv6;
int full_log = 1;
char *host = SSL_HOST_NAME;
char *cert_file = NULL, *key_file = NULL;
@@ -673,7 +678,11 @@ int MAIN(int argc, char **argv)
#endif
char *sess_in = NULL;
char *sess_out = NULL;
- struct sockaddr peer;
+#if OPENSSL_USE_IPV6
+ struct sockaddr_storage peer;
+#else
+ struct sockaddr_in peer;
+#endif
int peerlen = sizeof(peer);
int fallback_scsv = 0;
int enable_timeouts = 0;
@@ -689,6 +698,13 @@ int MAIN(int argc, char **argv)
meth = SSLv23_client_method();
+ use_ipv4 = 1;
+#if OPENSSL_USE_IPV6
+ use_ipv6 = 1;
+#else
+ use_ipv6 = 0;
+#endif
+
apps_startup();
c_Pause = 0;
c_quiet = 0;
@@ -985,6 +1001,16 @@ int MAIN(int argc, char **argv)
jpake_secret = *++argv;
}
#endif
+ else if (strcmp(*argv,"-4") == 0) {
+ use_ipv4 = 1;
+ use_ipv6 = 0;
+ }
+#if OPENSSL_USE_IPV6
+ else if (strcmp(*argv,"-6") == 0) {
+ use_ipv4 = 0;
+ use_ipv6 = 1;
+ }
+#endif
#ifndef OPENSSL_NO_SRTP
else if (strcmp(*argv, "-use_srtp") == 0) {
if (--argc < 1)
@@ -1256,7 +1282,7 @@ int MAIN(int argc, char **argv)
re_start:
- if (init_client(&s, host, port, socket_type) == 0) {
+ if (init_client(&s, host, port, socket_type, use_ipv4, use_ipv6) == 0) {
BIO_printf(bio_err, "connect:errno=%d\n", get_last_socket_error());
SHUTDOWN(s);
goto end;
@@ -1279,7 +1305,7 @@ int MAIN(int argc, char **argv)
if (SSL_version(con) == DTLS1_VERSION) {
sbio = BIO_new_dgram(s, BIO_NOCLOSE);
- if (getsockname(s, &peer, (void *)&peerlen) < 0) {
+ if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0) {
BIO_printf(bio_err, "getsockname:errno=%d\n",
get_last_socket_error());
SHUTDOWN(s);
--- openssl-1.0.1m/apps/s_server.c
+++ openssl-1.0.1m/apps/s_server.c
@@ -609,6 +609,10 @@ static void sv_usage(void)
" -use_srtp profiles - Offer SRTP key management with a
colon-separated profile list\n");
# endif
#endif
+ BIO_printf(bio_err," -4 - use IPv4 only\n");
+#if OPENSSL_USE_IPV6
+ BIO_printf(bio_err," -6 - use IPv6 only\n");
+#endif
BIO_printf(bio_err,
" -keymatexport label - Export keying material using
label\n");
BIO_printf(bio_err,
@@ -1003,6 +1007,7 @@ int MAIN(int argc, char *argv[])
int state = 0;
const SSL_METHOD *meth = NULL;
int socket_type = SOCK_STREAM;
+ int use_ipv4, use_ipv6;
ENGINE *e = NULL;
char *inrand = NULL;
int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
@@ -1031,6 +1036,13 @@ int MAIN(int argc, char *argv[])
#endif
meth = SSLv23_server_method();
+ use_ipv4 = 1;
+#if OPENSSL_USE_IPV6
+ use_ipv6 = 1;
+#else
+ use_ipv6 = 0;
+#endif
+
local_argc = argc;
local_argv = argv;
@@ -1356,6 +1368,16 @@ int MAIN(int argc, char *argv[])
jpake_secret = *(++argv);
}
#endif
+ else if (strcmp(*argv,"-4") == 0) {
+ use_ipv4 = 1;
+ use_ipv6 = 0;
+ }
+#if OPENSSL_USE_IPV6
+ else if (strcmp(*argv,"-6") == 0) {
+ use_ipv4 = 0;
+ use_ipv6 = 1;
+ }
+#endif
#ifndef OPENSSL_NO_SRTP
else if (strcmp(*argv, "-use_srtp") == 0) {
if (--argc < 1)
@@ -1850,9 +1872,11 @@ int MAIN(int argc, char *argv[])
BIO_printf(bio_s_out, "ACCEPT\n");
(void)BIO_flush(bio_s_out);
if (www)
- do_server(port, socket_type, &accept_socket, www_body, context);
+ do_server(port, socket_type, &accept_socket, www_body, context,
+ use_ipv4, use_ipv6);
else
- do_server(port, socket_type, &accept_socket, sv_body, context);
+ do_server(port, socket_type, &accept_socket, sv_body, context,
+ use_ipv4, use_ipv6);
print_stats(bio_s_out, ctx);
ret = 0;
end:
--- openssl-1.0.1m/apps/s_socket.c
+++ openssl-1.0.1m/apps/s_socket.c
@@ -101,16 +101,16 @@ typedef unsigned int u_int;
# include "netdb.h"
# endif
-static struct hostent *GetHostByName(char *name);
+static struct hostent *GetHostByName(char *name, int domain);
# if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) &&
!defined(NETWARE_BSDSOCK))
static void ssl_sock_cleanup(void);
# endif
static int ssl_sock_init(void);
-static int init_client_ip(int *sock, unsigned char ip[4], int port, int type);
-static int init_server(int *sock, int port, int type);
-static int init_server_long(int *sock, int port, char *ip, int type);
+static int init_client_ip(int *sock, unsigned char *ip, int port, int type,
int domain);
+static int init_server(int *sock, int port, int type, int use_ipv4, int
use_ipv6);
+static int init_server_long(int *sock, int port, char *ip, int type, int
use_ipv4, int use_ipv6);
static int do_accept(int acc_sock, int *sock, char **host);
-static int host_ip(char *str, unsigned char ip[4]);
+static int host_ip(char *str, unsigned char *ip, int domain);
# ifdef OPENSSL_SYS_WIN16
# define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
@@ -231,38 +231,66 @@ static int ssl_sock_init(void)
return (1);
}
-int init_client(int *sock, char *host, int port, int type)
+int init_client(int *sock, char *host, int port, int type, int use_ipv4, int
use_ipv6)
{
+#if OPENSSL_USE_IPV6
+ unsigned char ip[16];
+#else
unsigned char ip[4];
+#endif
- memset(ip, '\0', sizeof ip);
- if (!host_ip(host, &(ip[0])))
- return 0;
- return init_client_ip(sock, ip, port, type);
-}
-
-static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
-{
- unsigned long addr;
+ if (use_ipv4)
+ if (host_ip(host,ip,AF_INET))
+ return(init_client_ip(sock,ip,port,type,AF_INET));
+#if OPENSSL_USE_IPV6
+ if (use_ipv6)
+ if (host_ip(host,ip,AF_INET6))
+ return(init_client_ip(sock,ip,port,type,AF_INET6));
+#endif
+ return 0;
+}
+
+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type,
int domain)
+{
+#if OPENSSL_USE_IPV6
+ struct sockaddr_storage them;
+ struct sockaddr_in *them_in = (struct sockaddr_in *)&them;
+ struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them;
+#else
struct sockaddr_in them;
+ struct sockaddr_in *them_in = &them;
+#endif
+ socklen_t addr_len;
int s, i;
if (!ssl_sock_init())
return (0);
memset((char *)&them, 0, sizeof(them));
- them.sin_family = AF_INET;
- them.sin_port = htons((unsigned short)port);
- addr = (unsigned long)
- ((unsigned long)ip[0] << 24L) |
- ((unsigned long)ip[1] << 16L) |
- ((unsigned long)ip[2] << 8L) | ((unsigned long)ip[3]);
- them.sin_addr.s_addr = htonl(addr);
+ if (domain == AF_INET) {
+ addr_len = (socklen_t)sizeof(struct sockaddr_in);
+ them_in->sin_family=AF_INET;
+ them_in->sin_port=htons((unsigned short)port);
+#ifndef BIT_FIELD_LIMITS
+ memcpy(&them_in->sin_addr.s_addr, ip, 4);
+#else
+ memcpy(&them_in->sin_addr, ip, 4);
+#endif
+ } else {
+#if OPENSSL_USE_IPV6
+ addr_len = (socklen_t)sizeof(struct sockaddr_in6);
+ them_in6->sin6_family=AF_INET6;
+ them_in6->sin6_port=htons((unsigned short)port);
+ memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr));
+ }
+#else
+ return(0);
+#endif
if (type == SOCK_STREAM)
- s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
+ s = socket(domain, SOCK_STREAM, SOCKET_PROTOCOL);
else /* ( type == SOCK_DGRAM) */
- s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+ s = socket(domain, SOCK_DGRAM, IPPROTO_UDP);
if (s == INVALID_SOCKET) {
perror("socket");
@@ -280,7 +308,7 @@ static int init_client_ip(int *sock, uns
}
# endif
- if (connect(s, (struct sockaddr *)&them, sizeof(them)) == -1) {
+ if (connect(s, (struct sockaddr *)&them, addr_len) == -1) {
closesocket(s);
perror("connect");
return (0);
@@ -291,14 +319,14 @@ static int init_client_ip(int *sock, uns
int do_server(int port, int type, int *ret,
int (*cb) (char *hostname, int s, unsigned char *context),
- unsigned char *context)
+ unsigned char *context, int use_ipv4, int use_ipv6)
{
int sock;
char *name = NULL;
int accept_socket = 0;
int i;
- if (!init_server(&accept_socket, port, type))
+ if (!init_server(&accept_socket, port, type, use_ipv4, use_ipv6))
return (0);
if (ret != NULL) {
@@ -325,32 +353,45 @@ int do_server(int port, int type, int *r
}
}
-static int init_server_long(int *sock, int port, char *ip, int type)
+static int init_server_long(int *sock, int port, char *ip, int type,
+ int use_ipv4, int use_ipv6)
{
int ret = 0;
+ int domain;
+#if OPENSSL_USE_IPV6
+ struct sockaddr_storage server;
+ struct sockaddr_in *server_in = (struct sockaddr_in *)&server;
+ struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server;
+#else
struct sockaddr_in server;
+ struct sockaddr_in *server_in = &server;
+#endif
+ socklen_t addr_len;
int s = -1;
+ if (!use_ipv4 && !use_ipv6)
+ goto err;
+#if OPENSSL_USE_IPV6
+ /*
+ * we are fine here
+ */
+#else
+ if (use_ipv6)
+ goto err;
+#endif
if (!ssl_sock_init())
return (0);
- memset((char *)&server, 0, sizeof(server));
- server.sin_family = AF_INET;
- server.sin_port = htons((unsigned short)port);
- if (ip == NULL)
- server.sin_addr.s_addr = INADDR_ANY;
- else
-/* Added for T3E, address-of fails on bit field (beck...@acl.lanl.gov) */
-# ifndef BIT_FIELD_LIMITS
- memcpy(&server.sin_addr.s_addr, ip, 4);
+#if OPENSSL_USE_IPV6
+ domain = use_ipv6 ? AF_INET6 : AF_INET;
# else
- memcpy(&server.sin_addr, ip, 4);
+ domain = AF_INET;
# endif
if (type == SOCK_STREAM)
- s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
+ s = socket(domain, SOCK_STREAM, SOCKET_PROTOCOL);
else /* type == SOCK_DGRAM */
- s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+ s = socket(domain, SOCK_DGRAM, IPPROTO_UDP);
if (s == INVALID_SOCKET)
goto err;
@@ -360,7 +401,44 @@ static int init_server_long(int *sock, i
setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&j, sizeof j);
}
# endif
- if (bind(s, (struct sockaddr *)&server, sizeof(server)) == -1) {
+#if OPENSSL_USE_IPV6
+ if ((use_ipv4 == 0) && (use_ipv6 == 1)) {
+ const int on = 1;
+
+ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY,
+ (const void *) &on, sizeof(int));
+ }
+#endif
+ if (domain == AF_INET) {
+ addr_len = (socklen_t)sizeof(struct sockaddr_in);
+ memset(server_in, 0, sizeof(struct sockaddr_in));
+ server_in->sin_family=AF_INET;
+ server_in->sin_port = htons((unsigned short)port);
+ if (ip == NULL)
+ server_in->sin_addr.s_addr = htonl(INADDR_ANY);
+ else
+/*
+ * Added for T3E, address-of fails on bit field (beck...@acl.lanl.gov)
+ */
+#ifndef BIT_FIELD_LIMITS
+ memcpy(&server_in->sin_addr.s_addr, ip, 4);
+#else
+ memcpy(&server_in->sin_addr, ip, 4);
+#endif
+ }
+#if OPENSSL_USE_IPV6
+ else {
+ addr_len = (socklen_t)sizeof(struct sockaddr_in6);
+ memset(server_in6, 0, sizeof(struct sockaddr_in6));
+ server_in6->sin6_family = AF_INET6;
+ server_in6->sin6_port = htons((unsigned short)port);
+ if (ip == NULL)
+ server_in6->sin6_addr = in6addr_any;
+ else
+ memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr));
+ }
+#endif
+ if (bind(s, (struct sockaddr *)&server, addr_len) == -1) {
# ifndef OPENSSL_SYS_WINDOWS
perror("bind");
# endif
@@ -378,16 +456,24 @@ static int init_server_long(int *sock, i
return (ret);
}
-static int init_server(int *sock, int port, int type)
+static int init_server(int *sock, int port, int type,
+ int use_ipv4, int use_ipv6)
{
- return (init_server_long(sock, port, NULL, type));
+ return (init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6));
}
static int do_accept(int acc_sock, int *sock, char **host)
{
int ret;
struct hostent *h1, *h2;
+#if OPENSSL_USE_IPV6
+ struct sockaddr_storage from;
+ struct sockaddr_in *from_in = (struct sockaddr_in *)&from;
+ struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from;
+#else
static struct sockaddr_in from;
+ struct sockaddr_in *from_in = &from;
+#endif
int len;
/* struct linger ling; */
@@ -437,14 +523,24 @@ static int do_accept(int acc_sock, int *
if (host == NULL)
goto end;
+#if OPENSSL_USE_IPV6
+ if (from.ss_family == AF_INET)
+#else
+ if (from.sin_family == AF_INET)
+#endif
# ifndef BIT_FIELD_LIMITS
/* I should use WSAAsyncGetHostByName() under windows */
- h1 = gethostbyaddr((char *)&from.sin_addr.s_addr,
- sizeof(from.sin_addr.s_addr), AF_INET);
+ h1 = gethostbyaddr((char *)&from_in->sin_addr.s_addr,
+ sizeof(from_in->sin_addr.s_addr), AF_INET);
# else
- h1 = gethostbyaddr((char *)&from.sin_addr,
+ h1 = gethostbyaddr((char *)&from_in->sin_addr,
sizeof(struct in_addr), AF_INET);
# endif
+#if OPENSSL_USE_IPV6
+ else
+ h1 = gethostbyaddr((char *)&from_in6->sin6_addr,
+ sizeof(struct in6_addr), AF_INET6);
+#endif
if (h1 == NULL) {
BIO_printf(bio_err, "bad gethostbyaddr\n");
*host = NULL;
@@ -457,14 +553,23 @@ static int do_accept(int acc_sock, int *
}
BUF_strlcpy(*host, h1->h_name, strlen(h1->h_name) + 1);
- h2 = GetHostByName(*host);
+#if OPENSSL_USE_IPV6
+ h2 = GetHostByName(*host, from.ss_family);
+#else
+ h2 = GetHostByName(*host, from.sin_family);
+#endif
+
if (h2 == NULL) {
BIO_printf(bio_err, "gethostbyname failure\n");
closesocket(ret);
return (0);
}
- if (h2->h_addrtype != AF_INET) {
- BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
+#if OPENSSL_USE_IPV6
+ if (h2->h_addrtype != from.ss_family) {
+#else
+ if (h2->h_addrtype != from.sin_family) {
+#endif
+ BIO_printf(bio_err, "gethostbyname addr address is not correct\n");
closesocket(ret);
return (0);
}
@@ -480,14 +585,14 @@ int extract_host_port(char *str, char **
char *h, *p;
h = str;
- p = strchr(str, ':');
+ p = strrchr(str, ':');
if (p == NULL) {
BIO_printf(bio_err, "no port defined\n");
return (0);
}
*(p++) = '\0';
- if ((ip != NULL) && !host_ip(str, ip))
+ if ((ip != NULL) && !host_ip(str, ip, AF_INET))
goto err;
if (host_ptr != NULL)
*host_ptr = h;
@@ -499,44 +604,54 @@ int extract_host_port(char *str, char **
return (0);
}
-static int host_ip(char *str, unsigned char ip[4])
+static int host_ip(char *str, unsigned char *ip, int domain)
{
unsigned int in[4];
+ unsigned long l;
int i;
- if (sscanf(str, "%u.%u.%u.%u", &(in[0]), &(in[1]), &(in[2]), &(in[3])) ==
- 4) {
+ if ((domain == AF_INET) &&
+ (sscanf(str, "%u.%u.%u.%u", &(in[0]), &(in[1]), &(in[2]), &(in[3])) ==
+ 4)) {
for (i = 0; i < 4; i++)
if (in[i] > 255) {
BIO_printf(bio_err, "invalid IP address\n");
goto err;
}
- ip[0] = in[0];
- ip[1] = in[1];
- ip[2] = in[2];
- ip[3] = in[3];
- } else { /* do a gethostbyname */
+ l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]);
+ memcpy(ip, &l, 4);
+ return 1;
+ }
+#if OPENSSL_USE_IPV6
+ else if ((domain == AF_INET6) &&
+ (inet_pton(AF_INET6, str, ip) == 1))
+ return 1;
+#endif
+ else { /* do a gethostbyname */
struct hostent *he;
if (!ssl_sock_init())
return (0);
- he = GetHostByName(str);
+ he = GetHostByName(str, domain);
if (he == NULL) {
BIO_printf(bio_err, "gethostbyname failure\n");
goto err;
}
/* cast to short because of win16 winsock definition */
- if ((short)he->h_addrtype != AF_INET) {
- BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
+ if ((short)he->h_addrtype != domain) {
+ BIO_printf(bio_err, "gethostbyname addr family is not correct\n");
return (0);
}
- ip[0] = he->h_addr_list[0][0];
- ip[1] = he->h_addr_list[0][1];
- ip[2] = he->h_addr_list[0][2];
- ip[3] = he->h_addr_list[0][3];
+ if (domain == AF_INET)
+ memset(ip, 0, 4);
+#if OPENSSL_USE_IPV6
+ else
+ memset(ip, 0, 16);
+#endif
+ memcpy(ip, he->h_addr_list[0], he->h_length);
+ return 1;
}
- return (1);
err:
return (0);
}
@@ -570,7 +685,7 @@ static struct ghbn_cache_st {
static unsigned long ghbn_hits = 0L;
static unsigned long ghbn_miss = 0L;
-static struct hostent *GetHostByName(char *name)
+static struct hostent *GetHostByName(char *name, int domain)
{
struct hostent *ret;
int i, lowi = 0;
@@ -582,13 +697,19 @@ static struct hostent *GetHostByName(cha
lowi = i;
}
if (ghbn_cache[i].order > 0) {
- if (strncmp(name, ghbn_cache[i].name, 128) == 0)
+ if ((strncmp(name, ghbn_cache[i].name, 128) == 0) &&
+ (ghbn_cache[i].ent.h_addrtype == domain))
break;
}
}
if (i == GHBN_NUM) { /* no hit */
ghbn_miss++;
- ret = gethostbyname(name);
+ if (domain == AF_INET)
+ ret = gethostbyname(name);
+#if OPENSSL_USE_IPV6
+ else
+ ret=gethostbyname2(name, AF_INET6);
+#endif
if (ret == NULL)
return (NULL);
/* else add to cache */
1.1 dev-libs/openssl/files/openssl-1.0.1m-s_client-verify.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/openssl-1.0.1m-s_client-verify.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/openssl-1.0.1m-s_client-verify.patch?rev=1.1&content-type=text/plain
Index: openssl-1.0.1m-s_client-verify.patch
===================================================================
https://bugs.gentoo.org/472584
http://rt.openssl.org/Ticket/Display.html?id=2387&user=guest&pass=guest
fix verification handling in s_client. when loading paths, make sure
we properly fallback to setting the default paths.
Forward-ported from openssl-1.0.1e-s_client-verify.patch
Signed-off-by: Lars Wendler <polynomia...@gentoo.org>
--- openssl-1.0.1m/apps/s_client.c
+++ openssl-1.0.1m/apps/s_client.c
@@ -1177,7 +1177,7 @@ int MAIN(int argc, char **argv)
if (!set_cert_key_stuff(ctx, cert, key))
goto end;
- if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
+ if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) &&
(!SSL_CTX_set_default_verify_paths(ctx))) {
/*
* BIO_printf(bio_err,"error setting default verify locations\n");
1.1 dev-libs/openssl/files/openssl-1.0.1m-x32.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/openssl-1.0.1m-x32.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/openssl-1.0.1m-x32.patch?rev=1.1&content-type=text/plain
Index: openssl-1.0.1m-x32.patch
===================================================================
--- openssl-1.0.1m/Configure
+++ openssl-1.0.1m/Configure
@@ -361,6 +361,7 @@ my %table=(
"linux-ia64-ecc","ecc:-DL_ENDIAN -O2 -Wall
-no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK
DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-ia64-icc","icc:-DL_ENDIAN -O2 -Wall
-no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1
DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-x86_64", "gcc:-m64 -DL_ENDIAN -O3
-Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT
DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-x32", "gcc:-DL_ENDIAN -DTERMIO -O2 -pipe -g
-feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT
RC4_CHUNK DES_INT
DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux64-s390x", "gcc:-m64 -DB_ENDIAN -O3
-Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT
DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
#### So called "highgprs" target for z/Architecture CPUs
# "Highgprs" is kernel feature first implemented in Linux 2.6.32, see
--- openssl-1.0.1m/crypto/bn/asm/x86_64-gcc.c
+++ openssl-1.0.1m/crypto/bn/asm/x86_64-gcc.c
@@ -55,7 +55,7 @@
* machine.
*/
-# ifdef _WIN64
+# if defined _WIN64 || !defined __LP64__
# define BN_ULONG unsigned long long
# else
# define BN_ULONG unsigned long
@@ -211,9 +211,9 @@ BN_ULONG bn_add_words(BN_ULONG *rp, cons
asm volatile (" subq %2,%2 \n"
".p2align 4 \n"
- "1: movq (%4,%2,8),%0 \n"
- " adcq (%5,%2,8),%0 \n"
- " movq %0,(%3,%2,8) \n"
+ "1: movq (%q4,%2,8),%0 \n"
+ " adcq (%q5,%2,8),%0 \n"
+ " movq %0,(%q3,%2,8) \n"
" leaq 1(%2),%2 \n"
" loop 1b \n"
" sbbq %0,%0 \n":"=&a" (ret), "+c"(n),
@@ -235,9 +235,9 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, cons
asm volatile (" subq %2,%2 \n"
".p2align 4 \n"
- "1: movq (%4,%2,8),%0 \n"
- " sbbq (%5,%2,8),%0 \n"
- " movq %0,(%3,%2,8) \n"
+ "1: movq (%q4,%2,8),%0 \n"
+ " sbbq (%q5,%2,8),%0 \n"
+ " movq %0,(%q3,%2,8) \n"
" leaq 1(%2),%2 \n"
" loop 1b \n"
" sbbq %0,%0 \n":"=&a" (ret), "+c"(n),
--- openssl-1.0.1m/crypto/bn/bn.h
+++ openssl-1.0.1m/crypto/bn/bn.h
@@ -174,6 +174,16 @@ extern "C" {
# endif
/*
+ * Address type.
+ */
+#ifdef _WIN64
+#define BN_ADDR unsigned long long
+#else
+#define BN_ADDR unsigned long
+#endif
+
+
+/*
* assuming long is 64bit - this is the DEC Alpha unsigned long long is only
* 64 bits :-(, don't define BN_LLONG for the DEC Alpha
*/
1.1 dev-libs/openssl/files/openssl-1.0.1m-parallel-build.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/openssl-1.0.1m-parallel-build.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/openssl-1.0.1m-parallel-build.patch?rev=1.1&content-type=text/plain
Index: openssl-1.0.1m-parallel-build.patch
===================================================================
http://rt.openssl.org/Ticket/Display.html?id=2084
--- openssl-1.0.1m/crypto/Makefile
+++ openssl-1.0.1m/crypto/Makefile
@@ -85,11 +85,11 @@
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@;
fi
subdirs:
- @target=all; $(RECURSIVE_MAKE)
+ +@target=all; $(RECURSIVE_MAKE)
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
- @target=files; $(RECURSIVE_MAKE)
+ +@target=files; $(RECURSIVE_MAKE)
links:
@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
@@ -100,7 +100,7 @@
# lib: $(LIB): are splitted to avoid end-less loop
lib: $(LIB)
@touch lib
-$(LIB): $(LIBOBJ)
+$(LIB): $(LIBOBJ) | subdirs
$(AR) $(LIB) $(LIBOBJ)
[ -z "$(FIPSLIBDIR)" ] || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
$(RANLIB) $(LIB) || echo Never mind.
@@ -111,7 +111,7 @@
fi
libs:
- @target=lib; $(RECURSIVE_MAKE)
+ +@target=lib; $(RECURSIVE_MAKE)
install:
@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
@@ -120,7 +120,7 @@
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
- @target=install; $(RECURSIVE_MAKE)
+ +@target=install; $(RECURSIVE_MAKE)
lint:
@target=lint; $(RECURSIVE_MAKE)
--- openssl-1.0.1m/crypto/objects/Makefile
+++ openssl-1.0.1m/crypto/objects/Makefile
@@ -44,11 +44,11 @@
# objects.pl both reads and writes obj_mac.num
obj_mac.h: objects.pl objects.txt obj_mac.num
$(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
- @sleep 1; touch obj_mac.h; sleep 1
-obj_xref.h: objxref.pl obj_xref.txt obj_mac.num
+# This doesn't really need obj_mac.h, but since that rule reads & writes
+# obj_mac.num, we can't run in parallel with it.
+obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h
$(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h
- @sleep 1; touch obj_xref.h; sleep 1
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
--- openssl-1.0.1m/engines/Makefile
+++ openssl-1.0.1m/engines/Makefile
@@ -72,7 +72,7 @@
all: lib subdirs
-lib: $(LIBOBJ)
+lib: $(LIBOBJ) | subdirs
@if [ -n "$(SHARED_LIBS)" ]; then \
set -e; \
for l in $(LIBNAMES); do \
@@ -89,7 +89,7 @@
subdirs:
echo $(EDIRS)
- @target=all; $(RECURSIVE_MAKE)
+ +@target=all; $(RECURSIVE_MAKE)
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -128,7 +128,7 @@
mv -f
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
done; \
fi
- @target=install; $(RECURSIVE_MAKE)
+ +@target=install; $(RECURSIVE_MAKE)
tags:
ctags $(SRC)
--- openssl-1.0.1m/Makefile.org
+++ openssl-1.0.1m/Makefile.org
@@ -273,17 +273,17 @@
build_libs: build_crypto build_ssl build_engines
build_crypto:
- @dir=crypto; target=all; $(BUILD_ONE_CMD)
-build_ssl:
- @dir=ssl; target=all; $(BUILD_ONE_CMD)
-build_engines:
- @dir=engines; target=all; $(BUILD_ONE_CMD)
-build_apps:
- @dir=apps; target=all; $(BUILD_ONE_CMD)
-build_tests:
- @dir=test; target=all; $(BUILD_ONE_CMD)
-build_tools:
- @dir=tools; target=all; $(BUILD_ONE_CMD)
+ +@dir=crypto; target=all; $(BUILD_ONE_CMD)
+build_ssl: build_crypto
+ +@dir=ssl; target=all; $(BUILD_ONE_CMD)
+build_engines: build_crypto
+ +@dir=engines; target=all; $(BUILD_ONE_CMD)
+build_apps: build_libs
+ +@dir=apps; target=all; $(BUILD_ONE_CMD)
+build_tests: build_libs
+ +@dir=test; target=all; $(BUILD_ONE_CMD)
+build_tools: build_libs
+ +@dir=tools; target=all; $(BUILD_ONE_CMD)
all_testapps: build_libs build_testapps
build_testapps:
@@ -538,9 +538,9 @@
dist_pem_h:
(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
-install: all install_docs install_sw
+install: install_docs install_sw
-install_sw:
+install_dirs:
@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
@@ -549,12 +549,19 @@
$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
$(INSTALL_PREFIX)$(OPENSSLDIR)/private
+ @$(PERL) $(TOP)/util/mkdir-p.pl \
+ $(INSTALL_PREFIX)$(MANDIR)/man1 \
+ $(INSTALL_PREFIX)$(MANDIR)/man3 \
+ $(INSTALL_PREFIX)$(MANDIR)/man5 \
+ $(INSTALL_PREFIX)$(MANDIR)/man7
+
+install_sw: install_dirs
@set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD)
@set -e; liblist="$(LIBS)"; for i in $$liblist ;\
do \
if [ -f "$$i" ]; then \
@@ -634,12 +641,7 @@
done; \
done
-install_docs:
- @$(PERL) $(TOP)/util/mkdir-p.pl \
- $(INSTALL_PREFIX)$(MANDIR)/man1 \
- $(INSTALL_PREFIX)$(MANDIR)/man3 \
- $(INSTALL_PREFIX)$(MANDIR)/man5 \
- $(INSTALL_PREFIX)$(MANDIR)/man7
+install_docs: install_dirs
@pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
here="`pwd`"; \
filecase=; \
--- openssl-1.0.1m/Makefile.shared
+++ openssl-1.0.1m/Makefile.shared
@@ -105,6 +105,7 @@
SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d
| uniq`; \
LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \
LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
$${SHAREDCMD} $${SHAREDFLAGS} \
-o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
@@ -122,6 +123,7 @@
done; \
fi; \
if [ -n "$$SHLIB_SOVER" ]; then \
+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
fi; \
--- openssl-1.0.1m/test/Makefile
+++ openssl-1.0.1m/test/Makefile
@@ -130,7 +130,7 @@
tags:
ctags $(SRC)
-tests: exe apps $(TESTS)
+tests: exe $(TESTS)
apps:
@(cd ..; $(MAKE) DIRS=apps all)
@@ -388,118 +388,118 @@
link_app.$${shlib_target}
$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
- @target=$(RSATEST); $(BUILD_CMD)
+ +@target=$(RSATEST); $(BUILD_CMD)
$(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
- @target=$(BNTEST); $(BUILD_CMD)
+ +@target=$(BNTEST); $(BUILD_CMD)
$(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
- @target=$(ECTEST); $(BUILD_CMD)
+ +@target=$(ECTEST); $(BUILD_CMD)
$(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
- @target=$(EXPTEST); $(BUILD_CMD)
+ +@target=$(EXPTEST); $(BUILD_CMD)
$(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
- @target=$(IDEATEST); $(BUILD_CMD)
+ +@target=$(IDEATEST); $(BUILD_CMD)
$(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
- @target=$(MD2TEST); $(BUILD_CMD)
+ +@target=$(MD2TEST); $(BUILD_CMD)
$(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
- @target=$(SHATEST); $(BUILD_CMD)
+ +@target=$(SHATEST); $(BUILD_CMD)
$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
- @target=$(SHA1TEST); $(BUILD_CMD)
+ +@target=$(SHA1TEST); $(BUILD_CMD)
$(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
- @target=$(SHA256TEST); $(BUILD_CMD)
+ +@target=$(SHA256TEST); $(BUILD_CMD)
$(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
- @target=$(SHA512TEST); $(BUILD_CMD)
+ +@target=$(SHA512TEST); $(BUILD_CMD)
$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
- @target=$(RMDTEST); $(BUILD_CMD)
+ +@target=$(RMDTEST); $(BUILD_CMD)
$(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
- @target=$(MDC2TEST); $(BUILD_CMD)
+ +@target=$(MDC2TEST); $(BUILD_CMD)
$(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
- @target=$(MD4TEST); $(BUILD_CMD)
+ +@target=$(MD4TEST); $(BUILD_CMD)
$(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
- @target=$(MD5TEST); $(BUILD_CMD)
+ +@target=$(MD5TEST); $(BUILD_CMD)
$(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
- @target=$(HMACTEST); $(BUILD_CMD)
+ +@target=$(HMACTEST); $(BUILD_CMD)
$(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
- @target=$(WPTEST); $(BUILD_CMD)
+ +@target=$(WPTEST); $(BUILD_CMD)
$(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
- @target=$(RC2TEST); $(BUILD_CMD)
+ +@target=$(RC2TEST); $(BUILD_CMD)
$(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
- @target=$(BFTEST); $(BUILD_CMD)
+ +@target=$(BFTEST); $(BUILD_CMD)
$(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
- @target=$(CASTTEST); $(BUILD_CMD)
+ +@target=$(CASTTEST); $(BUILD_CMD)
$(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
- @target=$(RC4TEST); $(BUILD_CMD)
+ +@target=$(RC4TEST); $(BUILD_CMD)
$(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
- @target=$(RC5TEST); $(BUILD_CMD)
+ +@target=$(RC5TEST); $(BUILD_CMD)
$(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
- @target=$(DESTEST); $(BUILD_CMD)
+ +@target=$(DESTEST); $(BUILD_CMD)
$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
- @target=$(RANDTEST); $(BUILD_CMD)
+ +@target=$(RANDTEST); $(BUILD_CMD)
$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
- @target=$(DHTEST); $(BUILD_CMD)
+ +@target=$(DHTEST); $(BUILD_CMD)
$(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
- @target=$(DSATEST); $(BUILD_CMD)
+ +@target=$(DSATEST); $(BUILD_CMD)
$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
- @target=$(METHTEST); $(BUILD_CMD)
+ +@target=$(METHTEST); $(BUILD_CMD)
$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
- @target=$(SSLTEST); $(FIPS_BUILD_CMD)
+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD)
$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
- @target=$(ENGINETEST); $(BUILD_CMD)
+ +@target=$(ENGINETEST); $(BUILD_CMD)
$(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
- @target=$(EVPTEST); $(BUILD_CMD)
+ +@target=$(EVPTEST); $(BUILD_CMD)
$(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO)
- @target=$(EVPEXTRATEST); $(BUILD_CMD)
+ +@target=$(EVPEXTRATEST); $(BUILD_CMD)
$(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
- @target=$(ECDSATEST); $(BUILD_CMD)
+ +@target=$(ECDSATEST); $(BUILD_CMD)
$(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
- @target=$(ECDHTEST); $(BUILD_CMD)
+ +@target=$(ECDHTEST); $(BUILD_CMD)
$(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
- @target=$(IGETEST); $(BUILD_CMD)
+ +@target=$(IGETEST); $(BUILD_CMD)
$(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
- @target=$(JPAKETEST); $(BUILD_CMD)
+ +@target=$(JPAKETEST); $(BUILD_CMD)
$(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
- @target=$(ASN1TEST); $(BUILD_CMD)
+ +@target=$(ASN1TEST); $(BUILD_CMD)
$(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
- @target=$(SRPTEST); $(BUILD_CMD)
+ +@target=$(SRPTEST); $(BUILD_CMD)
$(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO)
- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
+ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
$(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o
- @target=$(CONSTTIMETEST) $(BUILD_CMD)
+ +@target=$(CONSTTIMETEST) $(BUILD_CMD)
#$(AESTEST).o: $(AESTEST).c
# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
@@ -512,7 +512,7 @@
# fi
dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
- @target=dummytest; $(BUILD_CMD)
+ +@target=dummytest; $(BUILD_CMD)
# DO NOT DELETE THIS LINE -- make depend depends on it.
1.1 dev-libs/openssl/files/openssl-1.0.2a-parallel-build.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/openssl-1.0.2a-parallel-build.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/openssl-1.0.2a-parallel-build.patch?rev=1.1&content-type=text/plain
Index: openssl-1.0.2a-parallel-build.patch
===================================================================
http://rt.openssl.org/Ticket/Display.html?id=2084&user=guest&pass=guest
--- openssl-1.0.2a/crypto/Makefile
+++ openssl-1.0.2a/crypto/Makefile
@@ -85,11 +85,11 @@
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@;
fi
subdirs:
- @target=all; $(RECURSIVE_MAKE)
+ +@target=all; $(RECURSIVE_MAKE)
files:
$(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >>
$(TOP)/MINFO
- @target=files; $(RECURSIVE_MAKE)
+ +@target=files; $(RECURSIVE_MAKE)
links:
@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
@@ -100,7 +100,7 @@
# lib: $(LIB): are splitted to avoid end-less loop
lib: $(LIB)
@touch lib
-$(LIB): $(LIBOBJ)
+$(LIB): $(LIBOBJ) | subdirs
$(AR) $(LIB) $(LIBOBJ)
test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
$(RANLIB) $(LIB) || echo Never mind.
@@ -111,7 +111,7 @@
fi
libs:
- @target=lib; $(RECURSIVE_MAKE)
+ +@target=lib; $(RECURSIVE_MAKE)
install:
@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
@@ -120,7 +120,7 @@
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
- @target=install; $(RECURSIVE_MAKE)
+ +@target=install; $(RECURSIVE_MAKE)
lint:
@target=lint; $(RECURSIVE_MAKE)
--- openssl-1.0.2a/crypto/objects/Makefile
+++ openssl-1.0.2a/crypto/objects/Makefile
@@ -44,11 +44,11 @@
# objects.pl both reads and writes obj_mac.num
obj_mac.h: objects.pl objects.txt obj_mac.num
$(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
- @sleep 1; touch obj_mac.h; sleep 1
-obj_xref.h: objxref.pl obj_xref.txt obj_mac.num
+# This doesn't really need obj_mac.h, but since that rule reads & writes
+# obj_mac.num, we can't run in parallel with it.
+obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h
$(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h
- @sleep 1; touch obj_xref.h; sleep 1
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
--- openssl-1.0.2a/engines/Makefile
+++ openssl-1.0.2a/engines/Makefile
@@ -72,7 +72,7 @@
all: lib subdirs
-lib: $(LIBOBJ)
+lib: $(LIBOBJ) | subdirs
@if [ -n "$(SHARED_LIBS)" ]; then \
set -e; \
for l in $(LIBNAMES); do \
@@ -89,7 +89,7 @@
subdirs:
echo $(EDIRS)
- @target=all; $(RECURSIVE_MAKE)
+ +@target=all; $(RECURSIVE_MAKE)
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -128,7 +128,7 @@
mv -f
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
done; \
fi
- @target=install; $(RECURSIVE_MAKE)
+ +@target=install; $(RECURSIVE_MAKE)
tags:
ctags $(SRC)
--- openssl-1.0.2a/Makefile.org
+++ openssl-1.0.2a/Makefile.org
@@ -274,17 +274,17 @@
build_libs: build_crypto build_ssl build_engines
build_crypto:
- @dir=crypto; target=all; $(BUILD_ONE_CMD)
-build_ssl:
- @dir=ssl; target=all; $(BUILD_ONE_CMD)
-build_engines:
- @dir=engines; target=all; $(BUILD_ONE_CMD)
-build_apps:
- @dir=apps; target=all; $(BUILD_ONE_CMD)
-build_tests:
- @dir=test; target=all; $(BUILD_ONE_CMD)
-build_tools:
- @dir=tools; target=all; $(BUILD_ONE_CMD)
+ +@dir=crypto; target=all; $(BUILD_ONE_CMD)
+build_ssl: build_crypto
+ +@dir=ssl; target=all; $(BUILD_ONE_CMD)
+build_engines: build_crypto
+ +@dir=engines; target=all; $(BUILD_ONE_CMD)
+build_apps: build_libs
+ +@dir=apps; target=all; $(BUILD_ONE_CMD)
+build_tests: build_libs
+ +@dir=test; target=all; $(BUILD_ONE_CMD)
+build_tools: build_libs
+ +@dir=tools; target=all; $(BUILD_ONE_CMD)
all_testapps: build_libs build_testapps
build_testapps:
@@ -536,9 +536,9 @@
dist_pem_h:
(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
-install: all install_docs install_sw
+install: install_docs install_sw
-install_sw:
+install_dirs:
@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
@@ -547,12 +547,19 @@
$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
$(INSTALL_PREFIX)$(OPENSSLDIR)/private
+ @$(PERL) $(TOP)/util/mkdir-p.pl \
+ $(INSTALL_PREFIX)$(MANDIR)/man1 \
+ $(INSTALL_PREFIX)$(MANDIR)/man3 \
+ $(INSTALL_PREFIX)$(MANDIR)/man5 \
+ $(INSTALL_PREFIX)$(MANDIR)/man7
+
+install_sw: install_dirs
@set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD)
@set -e; liblist="$(LIBS)"; for i in $$liblist ;\
do \
if [ -f "$$i" ]; then \
@@ -636,12 +643,7 @@
done; \
done
-install_docs:
- @$(PERL) $(TOP)/util/mkdir-p.pl \
- $(INSTALL_PREFIX)$(MANDIR)/man1 \
- $(INSTALL_PREFIX)$(MANDIR)/man3 \
- $(INSTALL_PREFIX)$(MANDIR)/man5 \
- $(INSTALL_PREFIX)$(MANDIR)/man7
+install_docs: install_dirs
@pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
here="`pwd`"; \
filecase=; \
--- openssl-1.0.2a/Makefile.shared
+++ openssl-1.0.2a/Makefile.shared
@@ -105,6 +105,7 @@
SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d
| uniq`; \
LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \
LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
$${SHAREDCMD} $${SHAREDFLAGS} \
-o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
@@ -122,6 +123,7 @@
done; \
fi; \
if [ -n "$$SHLIB_SOVER" ]; then \
+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
fi; \
--- openssl-1.0.2a/test/Makefile
+++ openssl-1.0.2a/test/Makefile
@@ -133,7 +133,7 @@
tags:
ctags $(SRC)
-tests: exe apps $(TESTS)
+tests: exe $(TESTS)
apps:
@(cd ..; $(MAKE) DIRS=apps all)
@@ -402,121 +402,121 @@
link_app.$${shlib_target}
$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
- @target=$(RSATEST); $(BUILD_CMD)
+ +@target=$(RSATEST); $(BUILD_CMD)
$(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
- @target=$(BNTEST); $(BUILD_CMD)
+ +@target=$(BNTEST); $(BUILD_CMD)
$(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
- @target=$(ECTEST); $(BUILD_CMD)
+ +@target=$(ECTEST); $(BUILD_CMD)
$(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
- @target=$(EXPTEST); $(BUILD_CMD)
+ +@target=$(EXPTEST); $(BUILD_CMD)
$(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
- @target=$(IDEATEST); $(BUILD_CMD)
+ +@target=$(IDEATEST); $(BUILD_CMD)
$(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
- @target=$(MD2TEST); $(BUILD_CMD)
+ +@target=$(MD2TEST); $(BUILD_CMD)
$(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
- @target=$(SHATEST); $(BUILD_CMD)
+ +@target=$(SHATEST); $(BUILD_CMD)
$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
- @target=$(SHA1TEST); $(BUILD_CMD)
+ +@target=$(SHA1TEST); $(BUILD_CMD)
$(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
- @target=$(SHA256TEST); $(BUILD_CMD)
+ +@target=$(SHA256TEST); $(BUILD_CMD)
$(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
- @target=$(SHA512TEST); $(BUILD_CMD)
+ +@target=$(SHA512TEST); $(BUILD_CMD)
$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
- @target=$(RMDTEST); $(BUILD_CMD)
+ +@target=$(RMDTEST); $(BUILD_CMD)
$(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
- @target=$(MDC2TEST); $(BUILD_CMD)
+ +@target=$(MDC2TEST); $(BUILD_CMD)
$(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
- @target=$(MD4TEST); $(BUILD_CMD)
+ +@target=$(MD4TEST); $(BUILD_CMD)
$(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
- @target=$(MD5TEST); $(BUILD_CMD)
+ +@target=$(MD5TEST); $(BUILD_CMD)
$(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
- @target=$(HMACTEST); $(BUILD_CMD)
+ +@target=$(HMACTEST); $(BUILD_CMD)
$(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
- @target=$(WPTEST); $(BUILD_CMD)
+ +@target=$(WPTEST); $(BUILD_CMD)
$(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
- @target=$(RC2TEST); $(BUILD_CMD)
+ +@target=$(RC2TEST); $(BUILD_CMD)
$(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
- @target=$(BFTEST); $(BUILD_CMD)
+ +@target=$(BFTEST); $(BUILD_CMD)
$(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
- @target=$(CASTTEST); $(BUILD_CMD)
+ +@target=$(CASTTEST); $(BUILD_CMD)
$(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
- @target=$(RC4TEST); $(BUILD_CMD)
+ +@target=$(RC4TEST); $(BUILD_CMD)
$(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
- @target=$(RC5TEST); $(BUILD_CMD)
+ +@target=$(RC5TEST); $(BUILD_CMD)
$(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
- @target=$(DESTEST); $(BUILD_CMD)
+ +@target=$(DESTEST); $(BUILD_CMD)
$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
- @target=$(RANDTEST); $(BUILD_CMD)
+ +@target=$(RANDTEST); $(BUILD_CMD)
$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
- @target=$(DHTEST); $(BUILD_CMD)
+ +@target=$(DHTEST); $(BUILD_CMD)
$(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
- @target=$(DSATEST); $(BUILD_CMD)
+ +@target=$(DSATEST); $(BUILD_CMD)
$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
- @target=$(METHTEST); $(BUILD_CMD)
+ +@target=$(METHTEST); $(BUILD_CMD)
$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
- @target=$(SSLTEST); $(FIPS_BUILD_CMD)
+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD)
$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
- @target=$(ENGINETEST); $(BUILD_CMD)
+ +@target=$(ENGINETEST); $(BUILD_CMD)
$(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
- @target=$(EVPTEST); $(BUILD_CMD)
+ +@target=$(EVPTEST); $(BUILD_CMD)
$(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO)
- @target=$(EVPEXTRATEST); $(BUILD_CMD)
+ +@target=$(EVPEXTRATEST); $(BUILD_CMD)
$(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
- @target=$(ECDSATEST); $(BUILD_CMD)
+ +@target=$(ECDSATEST); $(BUILD_CMD)
$(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
- @target=$(ECDHTEST); $(BUILD_CMD)
+ +@target=$(ECDHTEST); $(BUILD_CMD)
$(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
- @target=$(IGETEST); $(BUILD_CMD)
+ +@target=$(IGETEST); $(BUILD_CMD)
$(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
- @target=$(JPAKETEST); $(BUILD_CMD)
+ +@target=$(JPAKETEST); $(BUILD_CMD)
$(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
- @target=$(ASN1TEST); $(BUILD_CMD)
+ +@target=$(ASN1TEST); $(BUILD_CMD)
$(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
- @target=$(SRPTEST); $(BUILD_CMD)
+ +@target=$(SRPTEST); $(BUILD_CMD)
$(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO)
- @target=$(V3NAMETEST); $(BUILD_CMD)
+ +@target=$(V3NAMETEST); $(BUILD_CMD)
$(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO)
- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
+ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
$(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o
- @target=$(CONSTTIMETEST) $(BUILD_CMD)
+ +@target=$(CONSTTIMETEST) $(BUILD_CMD)
#$(AESTEST).o: $(AESTEST).c
# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
@@ -529,7 +529,7 @@
# fi
dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
- @target=dummytest; $(BUILD_CMD)
+ +@target=dummytest; $(BUILD_CMD)
# DO NOT DELETE THIS LINE -- make depend depends on it.
1.1 dev-libs/openssl/files/openssl-1.0.0r-x32.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/openssl-1.0.0r-x32.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/openssl-1.0.0r-x32.patch?rev=1.1&content-type=text/plain
Index: openssl-1.0.0r-x32.patch
===================================================================
--- openssl-1.0.0r/Configure
+++ openssl-1.0.0r/Configure
@@ -353,6 +353,7 @@ my %table=(
"linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall
-no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK
DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall
-no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1
DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall
-DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT
DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-x32", "gcc:-DL_ENDIAN -DTERMIO -O2 -pipe -g
-feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT
RC4_CHUNK DES_INT
DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3
-Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT
DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
#### SPARC Linux setups
# Ray Miller <ray.mil...@computing-services.oxford.ac.uk> has patiently
--- openssl-1.0.0r/crypto/bn/asm/x86_64-gcc.c
+++ openssl-1.0.0r/crypto/bn/asm/x86_64-gcc.c
@@ -55,7 +55,7 @@
* machine.
*/
-# ifdef _WIN64
+# if defined _WIN64 || !defined __LP64__
# define BN_ULONG unsigned long long
# else
# define BN_ULONG unsigned long
@@ -211,9 +211,9 @@ BN_ULONG bn_add_words(BN_ULONG *rp, cons
asm volatile (" subq %2,%2 \n"
".p2align 4 \n"
- "1: movq (%4,%2,8),%0 \n"
- " adcq (%5,%2,8),%0 \n"
- " movq %0,(%3,%2,8) \n"
+ "1: movq (%q4,%2,8),%0 \n"
+ " adcq (%q5,%2,8),%0 \n"
+ " movq %0,(%q3,%2,8) \n"
" leaq 1(%2),%2 \n"
" loop 1b \n"
" sbbq %0,%0 \n":"=&a" (ret), "+c"(n),
@@ -235,9 +235,9 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, cons
asm volatile (" subq %2,%2 \n"
".p2align 4 \n"
- "1: movq (%4,%2,8),%0 \n"
- " sbbq (%5,%2,8),%0 \n"
- " movq %0,(%3,%2,8) \n"
+ "1: movq (%q4,%2,8),%0 \n"
+ " sbbq (%q5,%2,8),%0 \n"
+ " movq %0,(%q3,%2,8) \n"
" leaq 1(%2),%2 \n"
" loop 1b \n"
" sbbq %0,%0 \n":"=&a" (ret), "+c"(n),
--- openssl-1.0.0r/crypto/bn/bn_exp.c
+++ openssl-1.0.0r/crypto/bn/bn_exp.c
@@ -564,7 +564,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBU
* multiple.
*/
#define MOD_EXP_CTIME_ALIGN(x_) \
- ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH -
(((BN_ULONG)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
+ ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH -
(((BN_ADDR)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
/*
* This variant of BN_mod_exp_mont() uses fixed windows and the special
--- openssl-1.0.0r/crypto/bn/bn.h
+++ openssl-1.0.0r/crypto/bn/bn.h
@@ -174,6 +174,15 @@ extern "C" {
# endif
/*
+ * Address type.
+ */
+#ifdef _WIN64
+#define BN_ADDR unsigned long long
+#else
+#define BN_ADDR unsigned long
+#endif
+
+/*
* assuming long is 64bit - this is the DEC Alpha unsigned long long is only
* 64 bits :-(, don't define BN_LLONG for the DEC Alpha
*/
