wok-current diff ruby/stuff/openssl-1.0.patch @ rev 25659
Update expat CVE-2023-52425,CVE-2023-52426, patch libxml2 CVE-2024-25062
author | Stanislas Leduc <shann@slitaz.org> |
---|---|
date | Sun Feb 18 10:03:28 2024 +0000 (10 months ago) |
parents | |
children |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/ruby/stuff/openssl-1.0.patch Sun Feb 18 10:03:28 2024 +0000 1.3 @@ -0,0 +1,176 @@ 1.4 +diff -Nura ruby-1.9.1-p378.orig/ext/openssl/ossl.c ruby-1.9.1-p378/ext/openssl/ossl.c 1.5 +--- ruby-1.9.1-p378.orig/ext/openssl/ossl.c 2009-01-15 16:39:30.000000000 +0100 1.6 ++++ ruby-1.9.1-p378/ext/openssl/ossl.c 2010-04-01 07:41:19.397603813 +0200 1.7 +@@ -92,7 +92,7 @@ 1.8 + 1.9 + #define OSSL_IMPL_SK2ARY(name, type) \ 1.10 + VALUE \ 1.11 +-ossl_##name##_sk2ary(STACK *sk) \ 1.12 ++ossl_##name##_sk2ary(STACK_OF(type) *sk) \ 1.13 + { \ 1.14 + type *t; \ 1.15 + int i, num; \ 1.16 +@@ -102,7 +102,7 @@ 1.17 + OSSL_Debug("empty sk!"); \ 1.18 + return Qnil; \ 1.19 + } \ 1.20 +- num = sk_num(sk); \ 1.21 ++ num = sk_##type##_num(sk); \ 1.22 + if (num < 0) { \ 1.23 + OSSL_Debug("items in sk < -1???"); \ 1.24 + return rb_ary_new(); \ 1.25 +@@ -110,7 +110,7 @@ 1.26 + ary = rb_ary_new2(num); \ 1.27 + \ 1.28 + for (i=0; i<num; i++) { \ 1.29 +- t = (type *)sk_value(sk, i); \ 1.30 ++ t = sk_##type##_value(sk, i); \ 1.31 + rb_ary_push(ary, ossl_##name##_new(t)); \ 1.32 + } \ 1.33 + return ary; \ 1.34 +diff -Nura ruby-1.9.1-p378.orig/ext/openssl/ossl_pkcs7.c ruby-1.9.1-p378/ext/openssl/ossl_pkcs7.c 1.35 +--- ruby-1.9.1-p378.orig/ext/openssl/ossl_pkcs7.c 2008-07-22 17:34:23.000000000 +0200 1.36 ++++ ruby-1.9.1-p378/ext/openssl/ossl_pkcs7.c 2010-04-01 07:41:19.415105324 +0200 1.37 +@@ -572,12 +572,11 @@ 1.38 + return self; 1.39 + } 1.40 + 1.41 +-static STACK * 1.42 +-pkcs7_get_certs_or_crls(VALUE self, int want_certs) 1.43 ++static STACK_OF(X509) * 1.44 ++pkcs7_get_certs(VALUE self) 1.45 + { 1.46 + PKCS7 *pkcs7; 1.47 + STACK_OF(X509) *certs; 1.48 +- STACK_OF(X509_CRL) *crls; 1.49 + int i; 1.50 + 1.51 + GetPKCS7(self, pkcs7); 1.52 +@@ -585,17 +584,38 @@ 1.53 + switch(i){ 1.54 + case NID_pkcs7_signed: 1.55 + certs = pkcs7->d.sign->cert; 1.56 +- crls = pkcs7->d.sign->crl; 1.57 + break; 1.58 + case NID_pkcs7_signedAndEnveloped: 1.59 + certs = pkcs7->d.signed_and_enveloped->cert; 1.60 ++ break; 1.61 ++ default: 1.62 ++ certs = NULL; 1.63 ++ } 1.64 ++ 1.65 ++ return certs; 1.66 ++} 1.67 ++ 1.68 ++static STACK_OF(X509_CRL) * 1.69 ++pkcs7_get_crls(VALUE self) 1.70 ++{ 1.71 ++ PKCS7 *pkcs7; 1.72 ++ STACK_OF(X509_CRL) *crls; 1.73 ++ int i; 1.74 ++ 1.75 ++ GetPKCS7(self, pkcs7); 1.76 ++ i = OBJ_obj2nid(pkcs7->type); 1.77 ++ switch(i){ 1.78 ++ case NID_pkcs7_signed: 1.79 ++ crls = pkcs7->d.sign->crl; 1.80 ++ break; 1.81 ++ case NID_pkcs7_signedAndEnveloped: 1.82 + crls = pkcs7->d.signed_and_enveloped->crl; 1.83 + break; 1.84 + default: 1.85 +- certs = crls = NULL; 1.86 ++ crls = NULL; 1.87 + } 1.88 + 1.89 +- return want_certs ? certs : crls; 1.90 ++ return crls; 1.91 + } 1.92 + 1.93 + static VALUE 1.94 +@@ -610,7 +630,7 @@ 1.95 + STACK_OF(X509) *certs; 1.96 + X509 *cert; 1.97 + 1.98 +- certs = pkcs7_get_certs_or_crls(self, 1); 1.99 ++ certs = pkcs7_get_certs(self); 1.100 + while((cert = sk_X509_pop(certs))) X509_free(cert); 1.101 + rb_block_call(ary, rb_intern("each"), 0, 0, ossl_pkcs7_set_certs_i, self); 1.102 + 1.103 +@@ -620,7 +640,7 @@ 1.104 + static VALUE 1.105 + ossl_pkcs7_get_certificates(VALUE self) 1.106 + { 1.107 +- return ossl_x509_sk2ary(pkcs7_get_certs_or_crls(self, 1)); 1.108 ++ return ossl_x509_sk2ary(pkcs7_get_certs(self)); 1.109 + } 1.110 + 1.111 + static VALUE 1.112 +@@ -650,7 +670,7 @@ 1.113 + STACK_OF(X509_CRL) *crls; 1.114 + X509_CRL *crl; 1.115 + 1.116 +- crls = pkcs7_get_certs_or_crls(self, 0); 1.117 ++ crls = pkcs7_get_crls(self); 1.118 + while((crl = sk_X509_CRL_pop(crls))) X509_CRL_free(crl); 1.119 + rb_block_call(ary, rb_intern("each"), 0, 0, ossl_pkcs7_set_crls_i, self); 1.120 + 1.121 +@@ -660,7 +680,7 @@ 1.122 + static VALUE 1.123 + ossl_pkcs7_get_crls(VALUE self) 1.124 + { 1.125 +- return ossl_x509crl_sk2ary(pkcs7_get_certs_or_crls(self, 0)); 1.126 ++ return ossl_x509crl_sk2ary(pkcs7_get_crls(self)); 1.127 + } 1.128 + 1.129 + static VALUE 1.130 +diff -Nura ruby-1.9.1-p378.orig/ext/openssl/ossl_ssl.c ruby-1.9.1-p378/ext/openssl/ossl_ssl.c 1.131 +--- ruby-1.9.1-p378.orig/ext/openssl/ossl_ssl.c 2009-04-19 15:32:18.000000000 +0200 1.132 ++++ ruby-1.9.1-p378/ext/openssl/ossl_ssl.c 2010-04-01 07:41:19.450937427 +0200 1.133 +@@ -88,12 +88,18 @@ 1.134 + 1.135 + ID ID_callback_state; 1.136 + 1.137 ++#if OPENSSL_VERSION_NUMBER >= 0x10000000L 1.138 ++#define OSSL_MORE_CONST const 1.139 ++#define STACK _STACK 1.140 ++#else 1.141 ++#define OSSL_MORE_CONST 1.142 ++#endif 1.143 + /* 1.144 + * SSLContext class 1.145 + */ 1.146 + struct { 1.147 + const char *name; 1.148 +- SSL_METHOD *(*func)(void); 1.149 ++ OSSL_MORE_CONST SSL_METHOD *(*func)(void); 1.150 + } ossl_ssl_method_tab[] = { 1.151 + #define OSSL_SSL_METHOD_ENTRY(name) { #name, name##_method } 1.152 + OSSL_SSL_METHOD_ENTRY(TLSv1), 1.153 +@@ -142,7 +148,7 @@ 1.154 + static VALUE 1.155 + ossl_sslctx_set_ssl_version(VALUE self, VALUE ssl_method) 1.156 + { 1.157 +- SSL_METHOD *method = NULL; 1.158 ++ OSSL_MORE_CONST SSL_METHOD *method = NULL; 1.159 + const char *s; 1.160 + int i; 1.161 + 1.162 +@@ -585,7 +591,7 @@ 1.163 + } 1.164 + 1.165 + static VALUE 1.166 +-ossl_ssl_cipher_to_ary(SSL_CIPHER *cipher) 1.167 ++ossl_ssl_cipher_to_ary(OSSL_MORE_CONST SSL_CIPHER *cipher) 1.168 + { 1.169 + VALUE ary; 1.170 + int bits, alg_bits; 1.171 +@@ -1213,7 +1219,7 @@ 1.172 + ossl_ssl_get_cipher(VALUE self) 1.173 + { 1.174 + SSL *ssl; 1.175 +- SSL_CIPHER *cipher; 1.176 ++ OSSL_MORE_CONST SSL_CIPHER *cipher; 1.177 + 1.178 + Data_Get_Struct(self, SSL, ssl); 1.179 + if (!ssl) {