wok-current view ruby/stuff/openssl-1.0.patch @ rev 25659

Update expat CVE-2023-52425,CVE-2023-52426, patch libxml2 CVE-2024-25062
author Stanislas Leduc <shann@slitaz.org>
date Sun Feb 18 10:03:28 2024 +0000 (10 months ago)
parents
children
line source
1 diff -Nura ruby-1.9.1-p378.orig/ext/openssl/ossl.c ruby-1.9.1-p378/ext/openssl/ossl.c
2 --- ruby-1.9.1-p378.orig/ext/openssl/ossl.c 2009-01-15 16:39:30.000000000 +0100
3 +++ ruby-1.9.1-p378/ext/openssl/ossl.c 2010-04-01 07:41:19.397603813 +0200
4 @@ -92,7 +92,7 @@
6 #define OSSL_IMPL_SK2ARY(name, type) \
7 VALUE \
8 -ossl_##name##_sk2ary(STACK *sk) \
9 +ossl_##name##_sk2ary(STACK_OF(type) *sk) \
10 { \
11 type *t; \
12 int i, num; \
13 @@ -102,7 +102,7 @@
14 OSSL_Debug("empty sk!"); \
15 return Qnil; \
16 } \
17 - num = sk_num(sk); \
18 + num = sk_##type##_num(sk); \
19 if (num < 0) { \
20 OSSL_Debug("items in sk < -1???"); \
21 return rb_ary_new(); \
22 @@ -110,7 +110,7 @@
23 ary = rb_ary_new2(num); \
24 \
25 for (i=0; i<num; i++) { \
26 - t = (type *)sk_value(sk, i); \
27 + t = sk_##type##_value(sk, i); \
28 rb_ary_push(ary, ossl_##name##_new(t)); \
29 } \
30 return ary; \
31 diff -Nura ruby-1.9.1-p378.orig/ext/openssl/ossl_pkcs7.c ruby-1.9.1-p378/ext/openssl/ossl_pkcs7.c
32 --- ruby-1.9.1-p378.orig/ext/openssl/ossl_pkcs7.c 2008-07-22 17:34:23.000000000 +0200
33 +++ ruby-1.9.1-p378/ext/openssl/ossl_pkcs7.c 2010-04-01 07:41:19.415105324 +0200
34 @@ -572,12 +572,11 @@
35 return self;
36 }
38 -static STACK *
39 -pkcs7_get_certs_or_crls(VALUE self, int want_certs)
40 +static STACK_OF(X509) *
41 +pkcs7_get_certs(VALUE self)
42 {
43 PKCS7 *pkcs7;
44 STACK_OF(X509) *certs;
45 - STACK_OF(X509_CRL) *crls;
46 int i;
48 GetPKCS7(self, pkcs7);
49 @@ -585,17 +584,38 @@
50 switch(i){
51 case NID_pkcs7_signed:
52 certs = pkcs7->d.sign->cert;
53 - crls = pkcs7->d.sign->crl;
54 break;
55 case NID_pkcs7_signedAndEnveloped:
56 certs = pkcs7->d.signed_and_enveloped->cert;
57 + break;
58 + default:
59 + certs = NULL;
60 + }
61 +
62 + return certs;
63 +}
64 +
65 +static STACK_OF(X509_CRL) *
66 +pkcs7_get_crls(VALUE self)
67 +{
68 + PKCS7 *pkcs7;
69 + STACK_OF(X509_CRL) *crls;
70 + int i;
71 +
72 + GetPKCS7(self, pkcs7);
73 + i = OBJ_obj2nid(pkcs7->type);
74 + switch(i){
75 + case NID_pkcs7_signed:
76 + crls = pkcs7->d.sign->crl;
77 + break;
78 + case NID_pkcs7_signedAndEnveloped:
79 crls = pkcs7->d.signed_and_enveloped->crl;
80 break;
81 default:
82 - certs = crls = NULL;
83 + crls = NULL;
84 }
86 - return want_certs ? certs : crls;
87 + return crls;
88 }
90 static VALUE
91 @@ -610,7 +630,7 @@
92 STACK_OF(X509) *certs;
93 X509 *cert;
95 - certs = pkcs7_get_certs_or_crls(self, 1);
96 + certs = pkcs7_get_certs(self);
97 while((cert = sk_X509_pop(certs))) X509_free(cert);
98 rb_block_call(ary, rb_intern("each"), 0, 0, ossl_pkcs7_set_certs_i, self);
100 @@ -620,7 +640,7 @@
101 static VALUE
102 ossl_pkcs7_get_certificates(VALUE self)
103 {
104 - return ossl_x509_sk2ary(pkcs7_get_certs_or_crls(self, 1));
105 + return ossl_x509_sk2ary(pkcs7_get_certs(self));
106 }
108 static VALUE
109 @@ -650,7 +670,7 @@
110 STACK_OF(X509_CRL) *crls;
111 X509_CRL *crl;
113 - crls = pkcs7_get_certs_or_crls(self, 0);
114 + crls = pkcs7_get_crls(self);
115 while((crl = sk_X509_CRL_pop(crls))) X509_CRL_free(crl);
116 rb_block_call(ary, rb_intern("each"), 0, 0, ossl_pkcs7_set_crls_i, self);
118 @@ -660,7 +680,7 @@
119 static VALUE
120 ossl_pkcs7_get_crls(VALUE self)
121 {
122 - return ossl_x509crl_sk2ary(pkcs7_get_certs_or_crls(self, 0));
123 + return ossl_x509crl_sk2ary(pkcs7_get_crls(self));
124 }
126 static VALUE
127 diff -Nura ruby-1.9.1-p378.orig/ext/openssl/ossl_ssl.c ruby-1.9.1-p378/ext/openssl/ossl_ssl.c
128 --- ruby-1.9.1-p378.orig/ext/openssl/ossl_ssl.c 2009-04-19 15:32:18.000000000 +0200
129 +++ ruby-1.9.1-p378/ext/openssl/ossl_ssl.c 2010-04-01 07:41:19.450937427 +0200
130 @@ -88,12 +88,18 @@
132 ID ID_callback_state;
134 +#if OPENSSL_VERSION_NUMBER >= 0x10000000L
135 +#define OSSL_MORE_CONST const
136 +#define STACK _STACK
137 +#else
138 +#define OSSL_MORE_CONST
139 +#endif
140 /*
141 * SSLContext class
142 */
143 struct {
144 const char *name;
145 - SSL_METHOD *(*func)(void);
146 + OSSL_MORE_CONST SSL_METHOD *(*func)(void);
147 } ossl_ssl_method_tab[] = {
148 #define OSSL_SSL_METHOD_ENTRY(name) { #name, name##_method }
149 OSSL_SSL_METHOD_ENTRY(TLSv1),
150 @@ -142,7 +148,7 @@
151 static VALUE
152 ossl_sslctx_set_ssl_version(VALUE self, VALUE ssl_method)
153 {
154 - SSL_METHOD *method = NULL;
155 + OSSL_MORE_CONST SSL_METHOD *method = NULL;
156 const char *s;
157 int i;
159 @@ -585,7 +591,7 @@
160 }
162 static VALUE
163 -ossl_ssl_cipher_to_ary(SSL_CIPHER *cipher)
164 +ossl_ssl_cipher_to_ary(OSSL_MORE_CONST SSL_CIPHER *cipher)
165 {
166 VALUE ary;
167 int bits, alg_bits;
168 @@ -1213,7 +1219,7 @@
169 ossl_ssl_get_cipher(VALUE self)
170 {
171 SSL *ssl;
172 - SSL_CIPHER *cipher;
173 + OSSL_MORE_CONST SSL_CIPHER *cipher;
175 Data_Get_Struct(self, SSL, ssl);
176 if (!ssl) {