[third-party] Netty fork of Tomcat Native

third_party/netty-tcnative/README.chromium

Index: third_party/netty-tcnative/README.chromium
diff --git a/third_party/netty-tcnative/README.chromium b/third_party/netty-tcnative/README.chromium
new file mode 100644
index 0000000000000000000000000000000000000000..8531f157f9c0e7f0d4167bfa35d601940809e97f
--- /dev/null
+++ b/third_party/netty-tcnative/README.chromium
@@ -0,0 +1,126 @@
+Name: Tomcat Native Fork for Netty
+Short Name: netty-tcnative
+URL: https://github.com/netty/netty-tcnative
+SHA: 856865181ca38c07b7d2be619903ee98f6f77a23 netty-tcnative-1.1.33.zip
+Version: 1.1.33
+Date: October 13, 2015
+Revision: 2aa47be27783ec31086ca9881402f845543de4e6
+License: Apache 2.0
+License File: NOT_SHIPPED
+Security Critical: no
+The library is not security critical because it is used for tests only.
+Do not link it into production code.
+
+Description:
+    netty-tcnative is a fork of Tomcat Native. It includes a set of changes contributed
+    by Twitter, Inc, such as:
+
+    Simplified distribution and linkage of native library
+    Complete mavenization of the project
+    Improved OpenSSL support
+
+Local Modifications:
+
+diff -ruN ./original/src/main/c/ssl.c ./src/third_party/netty-tcnative/src/c/ssl.c
+--- ./original/src/main/c/ssl.c	2015-10-13 08:36:59.000000000 -0400
++++ ./src/third_party/netty-tcnative/src/c/ssl.c	2016-01-04 10:18:31.729765992 -0500
+@@ -1821,7 +1821,7 @@
+     verify = SSL_VERIFY_NONE;
+
+     UNREFERENCED(o);
+-    TCN_ASSERT(ctx != 0);
++    TCN_ASSERT(c->ctx != 0);
+     c->verify_mode = level;
+
+     if (c->verify_mode == SSL_CVERIFY_UNSET)
+
+diff --git a/c/ssl.c b/c/ssl.c
+index 89e6cad..c80f1ea 100644
+--- a/c/ssl.c
++++ b/c/ssl.c
+@@ -232,8 +232,8 @@ static const jint supported_ssl_opts = 0
+ static int ssl_tmp_key_init_rsa(int bits, int idx)
+ {
+ #if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(OPENSSL_USE_DEPRECATED)
+-    if (!(SSL_temp_keys[idx] =
+-          RSA_generate_key(bits, RSA_F4, NULL, NULL))) {
++    SSL_temp_keys[idx] = RSA_new();
++    if (RSA_generate_key_ex(SSL_temp_keys[idx], bits, RSA_F4, NULL)) {
+ #ifdef OPENSSL_FIPS
+         /**
+          * With FIPS mode short RSA keys cannot be
+@@ -246,6 +246,8 @@ static int ssl_tmp_key_init_rsa(int bits, int idx)
+         return 1;
+     }
+     else {
++        RSA_free(SSL_temp_keys[idx]);
++        SSL_temp_keys[idx] = NULL;
+         return 0;
+     }
+ #else
+@@ -610,45 +612,6 @@ int SSL_rand_seed(const char *file)
+     return RAND_status();
+ }
+
+-static int ssl_rand_make(const char *file, int len, int base64)
+-{
+-    int r;
+-    int num = len;
+-    BIO *out = NULL;
+-
+-    out = BIO_new(BIO_s_file());
+-    if (out == NULL)
+-        return 0;
+-    if ((r = BIO_write_filename(out, (char *)file)) < 0) {
+-        BIO_free_all(out);
+-        return 0;
+-    }
+-    if (base64) {
+-        BIO *b64 = BIO_new(BIO_f_base64());
+-        if (b64 == NULL) {
+-            BIO_free_all(out);
+-            return 0;
+-        }
+-        out = BIO_push(b64, out);
+-    }
+-    while (num > 0) {
+-        unsigned char buf[4096];
+-        int len = num;
+-        if (len > sizeof(buf))
+-            len = sizeof(buf);
+-        r = RAND_bytes(buf, len);
+-        if (r <= 0) {
+-            BIO_free_all(out);
+-            return 0;
+-        }
+-        BIO_write(out, buf, len);
+-        num -= len;
+-    }
+-    r = BIO_flush(out);
+-    BIO_free_all(out);
+-    return r > 0 ? 1 : 0;
+-}
+-
+ TCN_IMPLEMENT_CALL(jint, SSL, initialize)(TCN_STDARGS, jstring engine)
+ {
+     int r = 0;
+@@ -785,17 +748,6 @@ TCN_IMPLEMENT_CALL(jboolean, SSL, randSave)(TCN_STDARGS, jstring file)
+     return r ? JNI_TRUE : JNI_FALSE;
+ }
+
+-TCN_IMPLEMENT_CALL(jboolean, SSL, randMake)(TCN_STDARGS, jstring file,
+-                                            jint length, jboolean base64)
+-{
+-    TCN_ALLOC_CSTRING(file);
+-    int r;
+-    UNREFERENCED(o);
+-    r = ssl_rand_make(J2S(file), length, base64);
+-    TCN_FREE_CSTRING(file);
+-    return r ? JNI_TRUE : JNI_FALSE;
+-}
+-
+ TCN_IMPLEMENT_CALL(void, SSL, randSet)(TCN_STDARGS, jstring file)
+ {
+     TCN_ALLOC_CSTRING(file);
+
+