| Index: patches.chromium/0001-channelid.patch
|
| diff --git a/patches.chromium/0001-channelid.patch b/patches.chromium/0001-channelid.patch
|
| deleted file mode 100644
|
| index 90833c550bcbfdadf16270c3dfc262b3d72eab2d..0000000000000000000000000000000000000000
|
| --- a/patches.chromium/0001-channelid.patch
|
| +++ /dev/null
|
| @@ -1,279 +0,0 @@
|
| -diff -urN android-openssl.orig/openssl.config android-openssl/openssl.config
|
| ---- android-openssl.orig/openssl.config 2013-10-28 13:39:11.618121779 -0400
|
| -+++ android-openssl/openssl.config 2013-10-28 14:40:32.642178484 -0400
|
| -@@ -992,6 +992,7 @@
|
| - handshake_cutthrough.patch \
|
| - jsse.patch \
|
| - channelid.patch \
|
| -+channelidchromium.patch \
|
| - eng_dyn_dirs.patch \
|
| - fix_clang_build.patch \
|
| - x509_hash_name_algorithm_change.patch \
|
| -diff -urN android-openssl.orig/patches/channelidchromium.patch android-openssl/patches/channelidchromium.patch
|
| ---- android-openssl.orig/patches/channelidchromium.patch 1969-12-31 19:00:00.000000000 -0500
|
| -+++ android-openssl/patches/channelidchromium.patch 2013-10-28 14:34:42.945588394 -0400
|
| -@@ -0,0 +1,264 @@
|
| -+diff -burN android-openssl.orig/crypto/bio/bio.h android-openssl/crypto/bio/bio.h
|
| -+--- android-openssl.orig/crypto/bio/bio.h 2013-02-11 16:26:04.000000000 +0100
|
| -++++ android-openssl/crypto/bio/bio.h 2013-10-22 18:22:42.080337200 +0200
|
| -+@@ -266,6 +266,9 @@
|
| -+ #define BIO_RR_CONNECT 0x02
|
| -+ /* Returned from the accept BIO when an accept would have blocked */
|
| -+ #define BIO_RR_ACCEPT 0x03
|
| -++/* Returned from the SSL bio when the channel id retrieval code cannot find the
|
| -++ * private key. */
|
| -++#define BIO_RR_SSL_CHANNEL_ID_LOOKUP 0x04
|
| -+
|
| -+ /* These are passed by the BIO callback */
|
| -+ #define BIO_CB_FREE 0x01
|
| -+diff -burN android-openssl.orig/include/openssl/bio.h android-openssl/include/openssl/bio.h
|
| -+--- android-openssl.orig/include/openssl/bio.h 2013-10-22 18:20:42.249270230 +0200
|
| -++++ android-openssl/include/openssl/bio.h 2013-10-22 18:22:42.080337200 +0200
|
| -+@@ -266,6 +266,9 @@
|
| -+ #define BIO_RR_CONNECT 0x02
|
| -+ /* Returned from the accept BIO when an accept would have blocked */
|
| -+ #define BIO_RR_ACCEPT 0x03
|
| -++/* Returned from the SSL bio when the channel id retrieval code cannot find the
|
| -++ * private key. */
|
| -++#define BIO_RR_SSL_CHANNEL_ID_LOOKUP 0x04
|
| -+
|
| -+ /* These are passed by the BIO callback */
|
| -+ #define BIO_CB_FREE 0x01
|
| -+diff -burN android-openssl.orig/include/openssl/ssl.h android-openssl/include/openssl/ssl.h
|
| -+--- android-openssl.orig/include/openssl/ssl.h 2013-10-22 18:20:42.259270320 +0200
|
| -++++ android-openssl/include/openssl/ssl.h 2013-10-22 18:24:14.771162612 +0200
|
| -+@@ -848,6 +848,9 @@
|
| -+ /* get client cert callback */
|
| -+ int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
|
| -+
|
| -++ /* get channel id callback */
|
| -++ void (*channel_id_cb)(SSL *ssl, EVP_PKEY **pkey);
|
| -++
|
| -+ /* cookie generate callback */
|
| -+ int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie,
|
| -+ unsigned int *cookie_len);
|
| -+@@ -1043,6 +1046,8 @@
|
| -+ void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,int type,int val);
|
| -+ void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
|
| -+ int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
|
| -++void SSL_CTX_set_channel_id_cb(SSL_CTX *ctx, void (*channel_id_cb)(SSL *ssl, EVP_PKEY **pkey));
|
| -++void (*SSL_CTX_get_channel_id_cb(SSL_CTX *ctx))(SSL *ssl, EVP_PKEY **pkey);
|
| -+ #ifndef OPENSSL_NO_ENGINE
|
| -+ int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
|
| -+ #endif
|
| -+@@ -1104,12 +1109,14 @@
|
| -+ #define SSL_WRITING 2
|
| -+ #define SSL_READING 3
|
| -+ #define SSL_X509_LOOKUP 4
|
| -++#define SSL_CHANNEL_ID_LOOKUP 5
|
| -+
|
| -+ /* These will only be used when doing non-blocking IO */
|
| -+ #define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
|
| -+ #define SSL_want_read(s) (SSL_want(s) == SSL_READING)
|
| -+ #define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
|
| -+ #define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
|
| -++#define SSL_want_channel_id_lookup(s) (SSL_want(s) == SSL_CHANNEL_ID_LOOKUP)
|
| -+
|
| -+ #define SSL_MAC_FLAG_READ_MAC_STREAM 1
|
| -+ #define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
|
| -+@@ -1535,6 +1542,7 @@
|
| -+ #define SSL_ERROR_ZERO_RETURN 6
|
| -+ #define SSL_ERROR_WANT_CONNECT 7
|
| -+ #define SSL_ERROR_WANT_ACCEPT 8
|
| -++#define SSL_ERROR_WANT_CHANNEL_ID_LOOKUP 9
|
| -+
|
| -+ #define SSL_CTRL_NEED_TMP_RSA 1
|
| -+ #define SSL_CTRL_SET_TMP_RSA 2
|
| -+@@ -1672,10 +1680,11 @@
|
| -+ #define SSL_set_tmp_ecdh(ssl,ecdh) \
|
| -+ SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
|
| -+
|
| -+-/* SSL_enable_tls_channel_id configures a TLS server to accept TLS client
|
| -+- * IDs from clients. Returns 1 on success. */
|
| -+-#define SSL_enable_tls_channel_id(ctx) \
|
| -+- SSL_ctrl(ctx,SSL_CTRL_CHANNEL_ID,0,NULL)
|
| -++/* SSL_enable_tls_channel_id either configures a TLS server to accept TLS client
|
| -++ * IDs from clients, or configure a client to send TLS client IDs to server.
|
| -++ * Returns 1 on success. */
|
| -++#define SSL_enable_tls_channel_id(s) \
|
| -++ SSL_ctrl(s,SSL_CTRL_CHANNEL_ID,0,NULL)
|
| -+ /* SSL_set1_tls_channel_id configures a TLS client to send a TLS Channel ID to
|
| -+ * compatible servers. private_key must be a P-256 EVP_PKEY*. Returns 1 on
|
| -+ * success. */
|
| -+diff -burN android-openssl.orig/ssl/bio_ssl.c android-openssl/ssl/bio_ssl.c
|
| -+--- android-openssl.orig/ssl/bio_ssl.c 2013-02-11 16:26:04.000000000 +0100
|
| -++++ android-openssl/ssl/bio_ssl.c 2013-10-22 18:22:42.090337290 +0200
|
| -+@@ -206,6 +206,10 @@
|
| -+ BIO_set_retry_special(b);
|
| -+ retry_reason=BIO_RR_SSL_X509_LOOKUP;
|
| -+ break;
|
| -++ case SSL_ERROR_WANT_CHANNEL_ID_LOOKUP:
|
| -++ BIO_set_retry_special(b);
|
| -++ retry_reason=BIO_RR_SSL_CHANNEL_ID_LOOKUP;
|
| -++ break;
|
| -+ case SSL_ERROR_WANT_ACCEPT:
|
| -+ BIO_set_retry_special(b);
|
| -+ retry_reason=BIO_RR_ACCEPT;
|
| -+@@ -280,6 +284,10 @@
|
| -+ BIO_set_retry_special(b);
|
| -+ retry_reason=BIO_RR_SSL_X509_LOOKUP;
|
| -+ break;
|
| -++ case SSL_ERROR_WANT_CHANNEL_ID_LOOKUP:
|
| -++ BIO_set_retry_special(b);
|
| -++ retry_reason=BIO_RR_SSL_CHANNEL_ID_LOOKUP;
|
| -++ break;
|
| -+ case SSL_ERROR_WANT_CONNECT:
|
| -+ BIO_set_retry_special(b);
|
| -+ retry_reason=BIO_RR_CONNECT;
|
| -+diff -burN android-openssl.orig/ssl/s3_clnt.c android-openssl/ssl/s3_clnt.c
|
| -+--- android-openssl.orig/ssl/s3_clnt.c 2013-10-22 18:20:40.289252781 +0200
|
| -++++ android-openssl/ssl/s3_clnt.c 2013-10-22 18:22:42.090337290 +0200
|
| -+@@ -3414,6 +3414,22 @@
|
| -+ if (s->state != SSL3_ST_CW_CHANNEL_ID_A)
|
| -+ return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
|
| -+
|
| -++ if (!s->tlsext_channel_id_private && s->ctx->channel_id_cb)
|
| -++ {
|
| -++ EVP_PKEY *key = NULL;
|
| -++ s->ctx->channel_id_cb(s, &key);
|
| -++ if (key != NULL)
|
| -++ {
|
| -++ s->tlsext_channel_id_private = key;
|
| -++ }
|
| -++ }
|
| -++ if (!s->tlsext_channel_id_private)
|
| -++ {
|
| -++ s->rwstate=SSL_CHANNEL_ID_LOOKUP;
|
| -++ return (-1);
|
| -++ }
|
| -++ s->rwstate=SSL_NOTHING;
|
| -++
|
| -+ d = (unsigned char *)s->init_buf->data;
|
| -+ *(d++)=SSL3_MT_ENCRYPTED_EXTENSIONS;
|
| -+ l2n3(2 + 2 + TLSEXT_CHANNEL_ID_SIZE, d);
|
| -+diff -burN android-openssl.orig/ssl/s3_lib.c android-openssl/ssl/s3_lib.c
|
| -+--- android-openssl.orig/ssl/s3_lib.c 2013-10-22 18:20:40.289252781 +0200
|
| -++++ android-openssl/ssl/s3_lib.c 2013-10-22 18:22:42.090337290 +0200
|
| -+@@ -3358,8 +3358,6 @@
|
| -+ break;
|
| -+ #endif
|
| -+ case SSL_CTRL_CHANNEL_ID:
|
| -+- if (!s->server)
|
| -+- break;
|
| -+ s->tlsext_channel_id_enabled = 1;
|
| -+ ret = 1;
|
| -+ break;
|
| -+@@ -3375,7 +3373,7 @@
|
| -+ }
|
| -+ if (s->tlsext_channel_id_private)
|
| -+ EVP_PKEY_free(s->tlsext_channel_id_private);
|
| -+- s->tlsext_channel_id_private = (EVP_PKEY*) parg;
|
| -++ s->tlsext_channel_id_private = EVP_PKEY_dup((EVP_PKEY*) parg);
|
| -+ ret = 1;
|
| -+ break;
|
| -+
|
| -+@@ -3690,7 +3688,7 @@
|
| -+ }
|
| -+ if (ctx->tlsext_channel_id_private)
|
| -+ EVP_PKEY_free(ctx->tlsext_channel_id_private);
|
| -+- ctx->tlsext_channel_id_private = (EVP_PKEY*) parg;
|
| -++ ctx->tlsext_channel_id_private = EVP_PKEY_dup((EVP_PKEY*) parg);
|
| -+ break;
|
| -+
|
| -+ default:
|
| -+diff -burN android-openssl.orig/ssl/ssl.h android-openssl/ssl/ssl.h
|
| -+--- android-openssl.orig/ssl/ssl.h 2013-10-22 18:20:40.299252871 +0200
|
| -++++ android-openssl/ssl/ssl.h 2013-10-22 18:24:24.121245879 +0200
|
| -+@@ -848,6 +848,9 @@
|
| -+ /* get client cert callback */
|
| -+ int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
|
| -+
|
| -++ /* get channel id callback */
|
| -++ void (*channel_id_cb)(SSL *ssl, EVP_PKEY **pkey);
|
| -++
|
| -+ /* cookie generate callback */
|
| -+ int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie,
|
| -+ unsigned int *cookie_len);
|
| -+@@ -1043,6 +1046,8 @@
|
| -+ void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,int type,int val);
|
| -+ void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
|
| -+ int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
|
| -++void SSL_CTX_set_channel_id_cb(SSL_CTX *ctx, void (*channel_id_cb)(SSL *ssl, EVP_PKEY **pkey));
|
| -++void (*SSL_CTX_get_channel_id_cb(SSL_CTX *ctx))(SSL *ssl, EVP_PKEY **pkey);
|
| -+ #ifndef OPENSSL_NO_ENGINE
|
| -+ int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
|
| -+ #endif
|
| -+@@ -1104,12 +1109,14 @@
|
| -+ #define SSL_WRITING 2
|
| -+ #define SSL_READING 3
|
| -+ #define SSL_X509_LOOKUP 4
|
| -++#define SSL_CHANNEL_ID_LOOKUP 5
|
| -+
|
| -+ /* These will only be used when doing non-blocking IO */
|
| -+ #define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
|
| -+ #define SSL_want_read(s) (SSL_want(s) == SSL_READING)
|
| -+ #define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
|
| -+ #define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
|
| -++#define SSL_want_channel_id_lookup(s) (SSL_want(s) == SSL_CHANNEL_ID_LOOKUP)
|
| -+
|
| -+ #define SSL_MAC_FLAG_READ_MAC_STREAM 1
|
| -+ #define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
|
| -+@@ -1535,6 +1542,7 @@
|
| -+ #define SSL_ERROR_ZERO_RETURN 6
|
| -+ #define SSL_ERROR_WANT_CONNECT 7
|
| -+ #define SSL_ERROR_WANT_ACCEPT 8
|
| -++#define SSL_ERROR_WANT_CHANNEL_ID_LOOKUP 9
|
| -+
|
| -+ #define SSL_CTRL_NEED_TMP_RSA 1
|
| -+ #define SSL_CTRL_SET_TMP_RSA 2
|
| -+@@ -1672,10 +1680,11 @@
|
| -+ #define SSL_set_tmp_ecdh(ssl,ecdh) \
|
| -+ SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
|
| -+
|
| -+-/* SSL_enable_tls_channel_id configures a TLS server to accept TLS client
|
| -+- * IDs from clients. Returns 1 on success. */
|
| -+-#define SSL_enable_tls_channel_id(ctx) \
|
| -+- SSL_ctrl(ctx,SSL_CTRL_CHANNEL_ID,0,NULL)
|
| -++/* SSL_enable_tls_channel_id either configures a TLS server to accept TLS client
|
| -++ * IDs from clients, or configure a client to send TLS client IDs to server.
|
| -++ * Returns 1 on success. */
|
| -++#define SSL_enable_tls_channel_id(s) \
|
| -++ SSL_ctrl(s,SSL_CTRL_CHANNEL_ID,0,NULL)
|
| -+ /* SSL_set1_tls_channel_id configures a TLS client to send a TLS Channel ID to
|
| -+ * compatible servers. private_key must be a P-256 EVP_PKEY*. Returns 1 on
|
| -+ * success. */
|
| -+diff -burN android-openssl.orig/ssl/ssl_lib.c android-openssl/ssl/ssl_lib.c
|
| -+--- android-openssl.orig/ssl/ssl_lib.c 2013-10-22 18:20:40.299252871 +0200
|
| -++++ android-openssl/ssl/ssl_lib.c 2013-10-22 18:22:42.090337290 +0200
|
| -+@@ -2561,6 +2561,10 @@
|
| -+ {
|
| -+ return(SSL_ERROR_WANT_X509_LOOKUP);
|
| -+ }
|
| -++ if ((i < 0) && SSL_want_channel_id_lookup(s))
|
| -++ {
|
| -++ return(SSL_ERROR_WANT_CHANNEL_ID_LOOKUP);
|
| -++ }
|
| -+
|
| -+ if (i == 0)
|
| -+ {
|
| -+diff -burN android-openssl.orig/ssl/ssl_sess.c android-openssl/ssl/ssl_sess.c
|
| -+--- android-openssl.orig/ssl/ssl_sess.c 2013-10-22 18:20:40.289252781 +0200
|
| -++++ android-openssl/ssl/ssl_sess.c 2013-10-22 18:22:42.090337290 +0200
|
| -+@@ -1132,6 +1132,17 @@
|
| -+ return ctx->client_cert_cb;
|
| -+ }
|
| -+
|
| -++void SSL_CTX_set_channel_id_cb(SSL_CTX *ctx,
|
| -++ void (*cb)(SSL *ssl, EVP_PKEY **pkey))
|
| -++ {
|
| -++ ctx->channel_id_cb=cb;
|
| -++ }
|
| -++
|
| -++void (*SSL_CTX_get_channel_id_cb(SSL_CTX *ctx))(SSL * ssl, EVP_PKEY **pkey)
|
| -++ {
|
| -++ return ctx->channel_id_cb;
|
| -++ }
|
| -++
|
| -+ #ifndef OPENSSL_NO_ENGINE
|
| -+ int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
|
| -+ {
|
|
|
Chromium Code Reviews
Issue 2072073002:
Delete bundled copy of OpenSSL and replace with README. (Closed)
Base URL: https://chromium.googlesource.com/chromium/deps/openssl@master