diff options
Diffstat (limited to 'meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager/0001-image_verify-Add-support-for-OpenSSL-1.1.0.patch')
-rw-r--r-- | meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager/0001-image_verify-Add-support-for-OpenSSL-1.1.0.patch | 130 |
1 files changed, 0 insertions, 130 deletions
diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager/0001-image_verify-Add-support-for-OpenSSL-1.1.0.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager/0001-image_verify-Add-support-for-OpenSSL-1.1.0.patch deleted file mode 100644 index c5850473c..000000000 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/flash/phosphor-software-manager/0001-image_verify-Add-support-for-OpenSSL-1.1.0.patch +++ /dev/null @@ -1,130 +0,0 @@ -From fa124c7944088624d40d6b265bac0651bd8235bb Mon Sep 17 00:00:00 2001 -From: Adriana Kobylak <anoo@us.ibm.com> -Date: Thu, 6 Sep 2018 13:15:34 -0500 -Subject: [PATCH] image_verify: Add support for OpenSSL 1.1.0 - -With OpenSSL 1.1.0, some of the functions were renamed, for -example EVP_MD_CTX_create() and EVP_MD_CTX_destroy() were -renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free(). -Reference: https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes -Abstract them to support old and new APIs. - -Resolves openbmc/openbmc#3136 - -Tested: Verified the signature verification was successful. - -Change-Id: I2297243fdd652055fe9ea88f26eb2dcf473d24e6 -Signed-off-by: Adriana Kobylak <anoo@us.ibm.com> - -%% original patch: 0001-image_verify-Add-support-for-OpenSSL-1.1.0.patch ---- - Makefile.am | 8 ++++++-- - image_verify.cpp | 2 +- - image_verify.hpp | 1 + - utils.cpp | 29 +++++++++++++++++++++++++++++ - utils.hpp | 15 +++++++++++++++ - 5 files changed, 52 insertions(+), 3 deletions(-) - create mode 100644 utils.cpp - create mode 100644 utils.hpp - -diff --git a/Makefile.am b/Makefile.am -index adba0e4..21b556f 100755 ---- a/Makefile.am -+++ b/Makefile.am -@@ -42,8 +42,12 @@ phosphor_image_updater_SOURCES = \ - include ubi/Makefile.am.include - - if WANT_SIGNATURE_VERIFY_BUILD --noinst_HEADERS += image_verify.hpp --phosphor_image_updater_SOURCES += image_verify.cpp -+noinst_HEADERS += \ -+ image_verify.hpp \ -+ utils.hpp -+phosphor_image_updater_SOURCES += \ -+ image_verify.cpp \ -+ utils.cpp - endif - - if WANT_SYNC -diff --git a/image_verify.cpp b/image_verify.cpp -index 7d59910..ba6b24d 100644 ---- a/image_verify.cpp -+++ b/image_verify.cpp -@@ -216,7 +216,7 @@ bool Signature::verifyFile(const fs::path& file, const fs::path& sigFile, - EVP_PKEY_assign_RSA(pKeyPtr.get(), publicRSA); - - // Initializes a digest context. -- EVP_MD_CTX_Ptr rsaVerifyCtx(EVP_MD_CTX_create(), ::EVP_MD_CTX_destroy); -+ EVP_MD_CTX_Ptr rsaVerifyCtx(EVP_MD_CTX_new(), ::EVP_MD_CTX_free); - - // Adds all digest algorithms to the internal table - OpenSSL_add_all_digests(); -diff --git a/image_verify.hpp b/image_verify.hpp -index cbd0e39..22ee5f9 100644 ---- a/image_verify.hpp -+++ b/image_verify.hpp -@@ -1,4 +1,5 @@ - #pragma once -+#include "utils.hpp" - #include <openssl/rsa.h> - #include <openssl/evp.h> - #include <openssl/pem.h> -diff --git a/utils.cpp b/utils.cpp -new file mode 100644 -index 0000000..95fc2e0 ---- /dev/null -+++ b/utils.cpp -@@ -0,0 +1,29 @@ -+#include "utils.hpp" -+ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ -+#include <string.h> -+ -+static void* OPENSSL_zalloc(size_t num) -+{ -+ void* ret = OPENSSL_malloc(num); -+ -+ if (ret != NULL) -+ { -+ memset(ret, 0, num); -+ } -+ return ret; -+} -+ -+EVP_MD_CTX* EVP_MD_CTX_new(void) -+{ -+ return (EVP_MD_CTX*)OPENSSL_zalloc(sizeof(EVP_MD_CTX)); -+} -+ -+void EVP_MD_CTX_free(EVP_MD_CTX* ctx) -+{ -+ EVP_MD_CTX_cleanup(ctx); -+ OPENSSL_free(ctx); -+} -+ -+#endif // OPENSSL_VERSION_NUMBER < 0x10100000L -diff --git a/utils.hpp b/utils.hpp -new file mode 100644 -index 0000000..90569bf ---- /dev/null -+++ b/utils.hpp -@@ -0,0 +1,15 @@ -+#pragma once -+ -+// With OpenSSL 1.1.0, some functions were deprecated. Need to abstract them -+// to make the code backward compatible with older OpenSSL veresions. -+// Reference: https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ -+#include <openssl/evp.h> -+ -+extern "C" { -+EVP_MD_CTX* EVP_MD_CTX_new(void); -+void EVP_MD_CTX_free(EVP_MD_CTX* ctx); -+} -+ -+#endif // OPENSSL_VERSION_NUMBER < 0x10100000L --- -2.7.4 - |