Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Thomas Deutschmann <whissi@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: dev-libs/openssl/, dev-libs/openssl/files/
Date: Wed, 02 Jan 2019 21:58:32
Message-Id: 1546466300.8d6b4d861cc299d5dd9691a73f9eab81e02d5f6c.whissi@gentoo
1 commit: 8d6b4d861cc299d5dd9691a73f9eab81e02d5f6c
2 Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
3 AuthorDate: Wed Jan 2 21:57:28 2019 +0000
4 Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
5 CommitDate: Wed Jan 2 21:58:20 2019 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8d6b4d86
7
8 dev-libs/openssl: rev bumped to add some cherry-picked patches
9
10 Package-Manager: Portage-2.3.53, Repoman-2.3.12
11 Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>
12
13 ...-1.1.1a-fix-a-minor-nit-in-hkdflabel-size.patch | 27 ++
14 ...ix-cert-with-rsa-instead-of-rsaEncryption.patch | 97 +++++
15 ...ix-some-SSL_export_keying_material-issues.patch | 420 +++++++++++++++++++++
16 ...a-fix-wrong-return-value-in-ssl3_ctx_ctrl.patch | 26 ++
17 ...ure-build_SYS_str_reasons_preserves_errno.patch | 68 ++++
18 .../openssl-1.1.1a-preserve-errno-on-dlopen.patch | 51 +++
19 ...-system-error-number-in-a-few-more-places.patch | 57 +++
20 ...t-reduce-stack-usage-in-tls13_hkdf_expand.patch | 56 +++
21 dev-libs/openssl/openssl-1.1.1a-r1.ebuild | 299 +++++++++++++++
22 9 files changed, 1101 insertions(+)
23
24 diff --git a/dev-libs/openssl/files/openssl-1.1.1a-fix-a-minor-nit-in-hkdflabel-size.patch b/dev-libs/openssl/files/openssl-1.1.1a-fix-a-minor-nit-in-hkdflabel-size.patch
25 new file mode 100644
26 index 00000000000..8014be130ab
27 --- /dev/null
28 +++ b/dev-libs/openssl/files/openssl-1.1.1a-fix-a-minor-nit-in-hkdflabel-size.patch
29 @@ -0,0 +1,27 @@
30 +From 3be71a31a1dda204bb95462a92cf7f247e64b939 Mon Sep 17 00:00:00 2001
31 +From: Bernd Edlinger <bernd.edlinger@×××××××.de>
32 +Date: Sun, 16 Dec 2018 12:43:59 +0100
33 +Subject: [PATCH] Fix a minor nit in the hkdflabel size
34 +
35 +Reviewed-by: Paul Dale <paul.dale@××××××.com>
36 +Reviewed-by: Matt Caswell <matt@×××××××.org>
37 +(Merged from https://github.com/openssl/openssl/pull/7913)
38 +
39 +(cherry picked from commit 0b4233f5a4a181a6dcb7c511cd2663e500e659a4)
40 +---
41 + ssl/tls13_enc.c | 2 +-
42 + 1 file changed, 1 insertion(+), 1 deletion(-)
43 +
44 +diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
45 +index c3021d18aa9..e36b7d3a066 100644
46 +--- a/ssl/tls13_enc.c
47 ++++ b/ssl/tls13_enc.c
48 +@@ -41,7 +41,7 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret,
49 + * + bytes for the hash itself
50 + */
51 + unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) +
52 +- + sizeof(label_prefix) + TLS13_MAX_LABEL_LEN
53 ++ + (sizeof(label_prefix) - 1) + TLS13_MAX_LABEL_LEN
54 + + 1 + EVP_MAX_MD_SIZE];
55 + WPACKET pkt;
56 +
57
58 diff --git a/dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch b/dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch
59 new file mode 100644
60 index 00000000000..8f249e22a1d
61 --- /dev/null
62 +++ b/dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch
63 @@ -0,0 +1,97 @@
64 +From c25ae0fff78cb3cb784ef79167329d5cd55b62de Mon Sep 17 00:00:00 2001
65 +From: Bernd Edlinger <bernd.edlinger@×××××××.de>
66 +Date: Thu, 27 Dec 2018 22:18:21 +0100
67 +Subject: [PATCH] Fix cert with rsa instead of rsaEncryption as public key
68 + algorithm
69 +
70 +Reviewed-by: Kurt Roeckx <kurt@××××××.be>
71 +(Merged from https://github.com/openssl/openssl/pull/7962)
72 +
73 +(cherry picked from commit 1f483a69bce11c940309edc437eee6e32294d5f2)
74 +---
75 + crypto/rsa/rsa_ameth.c | 9 ++++++---
76 + test/certs/root-cert-rsa2.pem | 18 ++++++++++++++++++
77 + test/recipes/25-test_verify.t | 4 +++-
78 + 3 files changed, 27 insertions(+), 4 deletions(-)
79 + create mode 100644 test/certs/root-cert-rsa2.pem
80 +
81 +diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
82 +index a6595aec054..75debb3e0a9 100644
83 +--- a/crypto/rsa/rsa_ameth.c
84 ++++ b/crypto/rsa/rsa_ameth.c
85 +@@ -34,7 +34,7 @@ static int rsa_param_encode(const EVP_PKEY *pkey,
86 +
87 + *pstr = NULL;
88 + /* If RSA it's just NULL type */
89 +- if (pkey->ameth->pkey_id == EVP_PKEY_RSA) {
90 ++ if (pkey->ameth->pkey_id != EVP_PKEY_RSA_PSS) {
91 + *pstrtype = V_ASN1_NULL;
92 + return 1;
93 + }
94 +@@ -58,7 +58,7 @@ static int rsa_param_decode(RSA *rsa, const X509_ALGOR *alg)
95 + int algptype;
96 +
97 + X509_ALGOR_get0(&algoid, &algptype, &algp, alg);
98 +- if (OBJ_obj2nid(algoid) == EVP_PKEY_RSA)
99 ++ if (OBJ_obj2nid(algoid) != EVP_PKEY_RSA_PSS)
100 + return 1;
101 + if (algptype == V_ASN1_UNDEF)
102 + return 1;
103 +@@ -109,7 +109,10 @@ static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
104 + RSA_free(rsa);
105 + return 0;
106 + }
107 +- EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, rsa);
108 ++ if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, rsa)) {
109 ++ RSA_free(rsa);
110 ++ return 0;
111 ++ }
112 + return 1;
113 + }
114 +
115 +diff --git a/test/certs/root-cert-rsa2.pem b/test/certs/root-cert-rsa2.pem
116 +new file mode 100644
117 +index 00000000000..b817fdf3e5d
118 +--- /dev/null
119 ++++ b/test/certs/root-cert-rsa2.pem
120 +@@ -0,0 +1,18 @@
121 ++-----BEGIN CERTIFICATE-----
122 ++MIIC7DCCAdSgAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
123 ++IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjASMRAwDgYDVQQD
124 ++DAdSb290IENBMIIBHTAIBgRVCAEBBQADggEPADCCAQoCggEBAOHmAPUGvKBGOHkP
125 ++Px5xGRNtAt8rm3Zr/KywIe3WkQhCO6VjNexSW6CiSsXWAJQDl1o9uWco0n3jIVyk
126 ++7cY8jY6E0Z1Uwz3ZdKKWdmdx+cYaUHez/XjuW+DjjIkjwpoi7D7UN54HzcArVREX
127 ++OjRCHGkNOhiw7RWUXsb9nofGHOeUGpLAXwXBc0PlA94JkckkztiOi34u4DFI0YYq
128 ++alUmeugLNk6XseCkydpcaUsDgAhWg6Mfsiq4wUz+xbFN1MABqu2+ziW97mmt9gfN
129 ++biuhiVT1aOuYCe3JYGbLM2JKA7Bo1g6rX8E1VX79Ru6669y2oqPthX9337VoIkN+
130 ++ZiQjr8UCAwEAAaNQME4wHQYDVR0OBBYEFI71Ja8em2uEPXyAmslTnE1y96NSMB8G
131 ++A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ
132 ++KoZIhvcNAQELBQADggEBAJ0OIdog3uQ1pmsjv1Qtf1w4If1geOn5uK0EOj2wYBHt
133 ++NxlFn7l8d9+51QMZFO+RlQJ0s3Webyo1ReuaL2dMn2LGJhWMoSBAwrMALAENU3lv
134 ++8jioRbfO2OamsdpJpKxQUyUJYudNe+BoKNX/ry3rxezmsFsRr9nDMiJZpmBCXiMm
135 ++mFFJOJkG0CheexBbMkua4kyStIOwO4rb5bSHszVso/9ucdGHBSC7oRcJXoWSDjBx
136 ++PdQPPBK5g4yqL8Lz26ehgsmhRKL9k32eVyjDKcIzgpmgcPTfTqNbd1KHQJKx4ssb
137 ++7nEpGKHalSo5Oq5L9s9qYrUv37kwBY4OpJFtmGaodoI=
138 ++-----END CERTIFICATE-----
139 +diff --git a/test/recipes/25-test_verify.t b/test/recipes/25-test_verify.t
140 +index 6c3deab7c67..b80a1cde3ed 100644
141 +--- a/test/recipes/25-test_verify.t
142 ++++ b/test/recipes/25-test_verify.t
143 +@@ -27,7 +27,7 @@ sub verify {
144 + run(app([@args]));
145 + }
146 +
147 +-plan tests => 134;
148 ++plan tests => 135;
149 +
150 + # Canonical success
151 + ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]),
152 +@@ -361,6 +361,8 @@ ok(verify("some-names2", "sslserver", ["many-constraints"], ["many-constraints"]
153 + "Not too many names and constraints to check (2)");
154 + ok(verify("some-names2", "sslserver", ["many-constraints"], ["many-constraints"], ),
155 + "Not too many names and constraints to check (3)");
156 ++ok(verify("root-cert-rsa2", "sslserver", ["root-cert-rsa2"], [], "-check_ss_sig"),
157 ++ "Public Key Algorithm rsa instead of rsaEncryption");
158 +
159 + SKIP: {
160 + skip "Ed25519 is not supported by this OpenSSL build", 1
161
162 diff --git a/dev-libs/openssl/files/openssl-1.1.1a-fix-some-SSL_export_keying_material-issues.patch b/dev-libs/openssl/files/openssl-1.1.1a-fix-some-SSL_export_keying_material-issues.patch
163 new file mode 100644
164 index 00000000000..2db64d83e45
165 --- /dev/null
166 +++ b/dev-libs/openssl/files/openssl-1.1.1a-fix-some-SSL_export_keying_material-issues.patch
167 @@ -0,0 +1,420 @@
168 +From 0fb2815b873304d145ed00283454fc9f3bd35e6b Mon Sep 17 00:00:00 2001
169 +From: Matt Caswell <matt@×××××××.org>
170 +Date: Tue, 4 Dec 2018 08:37:04 +0000
171 +Subject: [PATCH] Fix some SSL_export_keying_material() issues
172 +
173 +Fix some issues in tls13_hkdf_expand() which impact the above function
174 +for TLSv1.3. In particular test that we can use the maximum label length
175 +in TLSv1.3.
176 +
177 +Reviewed-by: Tim Hudson <tjh@×××××××.org>
178 +(Merged from https://github.com/openssl/openssl/pull/7755)
179 +---
180 + doc/man3/SSL_export_keying_material.pod | 3 +-
181 + ssl/ssl_locl.h | 2 +-
182 + ssl/statem/extensions.c | 2 +-
183 + ssl/statem/statem_clnt.c | 2 +-
184 + ssl/statem/statem_srvr.c | 2 +-
185 + ssl/tls13_enc.c | 73 +++++++++++++++++--------
186 + test/sslapitest.c | 48 ++++++++++++----
187 + test/tls13secretstest.c | 2 +-
188 + 8 files changed, 92 insertions(+), 42 deletions(-)
189 +
190 +diff --git a/doc/man3/SSL_export_keying_material.pod b/doc/man3/SSL_export_keying_material.pod
191 +index abebf911fc3..4c81a60ffbb 100644
192 +--- a/doc/man3/SSL_export_keying_material.pod
193 ++++ b/doc/man3/SSL_export_keying_material.pod
194 +@@ -59,7 +59,8 @@ B<label> and should be B<llen> bytes long. Typically this will be a value from
195 + the IANA Exporter Label Registry
196 + (L<https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels>).
197 + Alternatively labels beginning with "EXPERIMENTAL" are permitted by the standard
198 +-to be used without registration.
199 ++to be used without registration. TLSv1.3 imposes a maximum label length of
200 ++249 bytes.
201 +
202 + Note that this function is only defined for TLSv1.0 and above, and DTLSv1.0 and
203 + above. Attempting to use it in SSLv3 will result in an error.
204 +diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
205 +index 70e5a1740f9..307131de93a 100644
206 +--- a/ssl/ssl_locl.h
207 ++++ b/ssl/ssl_locl.h
208 +@@ -2461,7 +2461,7 @@ __owur int tls13_hkdf_expand(SSL *s, const EVP_MD *md,
209 + const unsigned char *secret,
210 + const unsigned char *label, size_t labellen,
211 + const unsigned char *data, size_t datalen,
212 +- unsigned char *out, size_t outlen);
213 ++ unsigned char *out, size_t outlen, int fatal);
214 + __owur int tls13_derive_key(SSL *s, const EVP_MD *md,
215 + const unsigned char *secret, unsigned char *key,
216 + size_t keylen);
217 +diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
218 +index 63e61c6184a..716d6d23e08 100644
219 +--- a/ssl/statem/extensions.c
220 ++++ b/ssl/statem/extensions.c
221 +@@ -1506,7 +1506,7 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart,
222 +
223 + /* Generate the binder key */
224 + if (!tls13_hkdf_expand(s, md, early_secret, label, labelsize, hash,
225 +- hashsize, binderkey, hashsize)) {
226 ++ hashsize, binderkey, hashsize, 1)) {
227 + /* SSLfatal() already called */
228 + goto err;
229 + }
230 +diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
231 +index 5a8f1163dfa..a0e495d8e83 100644
232 +--- a/ssl/statem/statem_clnt.c
233 ++++ b/ssl/statem/statem_clnt.c
234 +@@ -2740,7 +2740,7 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt)
235 + PACKET_data(&nonce),
236 + PACKET_remaining(&nonce),
237 + s->session->master_key,
238 +- hashlen)) {
239 ++ hashlen, 1)) {
240 + /* SSLfatal() already called */
241 + goto err;
242 + }
243 +diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
244 +index e7c11c4bea4..a8e862ced55 100644
245 +--- a/ssl/statem/statem_srvr.c
246 ++++ b/ssl/statem/statem_srvr.c
247 +@@ -4099,7 +4099,7 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
248 + tick_nonce,
249 + TICKET_NONCE_SIZE,
250 + s->session->master_key,
251 +- hashlen)) {
252 ++ hashlen, 1)) {
253 + /* SSLfatal() already called */
254 + goto err;
255 + }
256 +diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
257 +index f7ab0fa4704..c3021d18aa9 100644
258 +--- a/ssl/tls13_enc.c
259 ++++ b/ssl/tls13_enc.c
260 +@@ -13,7 +13,7 @@
261 + #include <openssl/evp.h>
262 + #include <openssl/kdf.h>
263 +
264 +-#define TLS13_MAX_LABEL_LEN 246
265 ++#define TLS13_MAX_LABEL_LEN 249
266 +
267 + /* Always filled with zeros */
268 + static const unsigned char default_zeros[EVP_MAX_MD_SIZE];
269 +@@ -22,30 +22,47 @@ static const unsigned char default_zeros[EVP_MAX_MD_SIZE];
270 + * Given a |secret|; a |label| of length |labellen|; and |data| of length
271 + * |datalen| (e.g. typically a hash of the handshake messages), derive a new
272 + * secret |outlen| bytes long and store it in the location pointed to be |out|.
273 +- * The |data| value may be zero length. Returns 1 on success 0 on failure.
274 ++ * The |data| value may be zero length. Any errors will be treated as fatal if
275 ++ * |fatal| is set. Returns 1 on success 0 on failure.
276 + */
277 + int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret,
278 + const unsigned char *label, size_t labellen,
279 + const unsigned char *data, size_t datalen,
280 +- unsigned char *out, size_t outlen)
281 ++ unsigned char *out, size_t outlen, int fatal)
282 + {
283 +- const unsigned char label_prefix[] = "tls13 ";
284 ++ static const unsigned char label_prefix[] = "tls13 ";
285 + EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
286 + int ret;
287 + size_t hkdflabellen;
288 + size_t hashlen;
289 + /*
290 +- * 2 bytes for length of whole HkdfLabel + 1 byte for length of combined
291 +- * prefix and label + bytes for the label itself + bytes for the hash
292 ++ * 2 bytes for length of derived secret + 1 byte for length of combined
293 ++ * prefix and label + bytes for the label itself + 1 byte length of hash
294 ++ * + bytes for the hash itself
295 + */
296 + unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) +
297 + + sizeof(label_prefix) + TLS13_MAX_LABEL_LEN
298 +- + EVP_MAX_MD_SIZE];
299 ++ + 1 + EVP_MAX_MD_SIZE];
300 + WPACKET pkt;
301 +
302 + if (pctx == NULL)
303 + return 0;
304 +
305 ++ if (labellen > TLS13_MAX_LABEL_LEN) {
306 ++ if (fatal) {
307 ++ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND,
308 ++ ERR_R_INTERNAL_ERROR);
309 ++ } else {
310 ++ /*
311 ++ * Probably we have been called from SSL_export_keying_material(),
312 ++ * or SSL_export_keying_material_early().
313 ++ */
314 ++ SSLerr(SSL_F_TLS13_HKDF_EXPAND, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL);
315 ++ }
316 ++ EVP_PKEY_CTX_free(pctx);
317 ++ return 0;
318 ++ }
319 ++
320 + hashlen = EVP_MD_size(md);
321 +
322 + if (!WPACKET_init_static_len(&pkt, hkdflabel, sizeof(hkdflabel), 0)
323 +@@ -59,8 +76,11 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret,
324 + || !WPACKET_finish(&pkt)) {
325 + EVP_PKEY_CTX_free(pctx);
326 + WPACKET_cleanup(&pkt);
327 +- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND,
328 +- ERR_R_INTERNAL_ERROR);
329 ++ if (fatal)
330 ++ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND,
331 ++ ERR_R_INTERNAL_ERROR);
332 ++ else
333 ++ SSLerr(SSL_F_TLS13_HKDF_EXPAND, ERR_R_INTERNAL_ERROR);
334 + return 0;
335 + }
336 +
337 +@@ -74,9 +94,13 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret,
338 +
339 + EVP_PKEY_CTX_free(pctx);
340 +
341 +- if (ret != 0)
342 +- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND,
343 +- ERR_R_INTERNAL_ERROR);
344 ++ if (ret != 0) {
345 ++ if (fatal)
346 ++ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND,
347 ++ ERR_R_INTERNAL_ERROR);
348 ++ else
349 ++ SSLerr(SSL_F_TLS13_HKDF_EXPAND, ERR_R_INTERNAL_ERROR);
350 ++ }
351 +
352 + return ret == 0;
353 + }
354 +@@ -91,7 +115,7 @@ int tls13_derive_key(SSL *s, const EVP_MD *md, const unsigned char *secret,
355 + static const unsigned char keylabel[] = "key";
356 +
357 + return tls13_hkdf_expand(s, md, secret, keylabel, sizeof(keylabel) - 1,
358 +- NULL, 0, key, keylen);
359 ++ NULL, 0, key, keylen, 1);
360 + }
361 +
362 + /*
363 +@@ -104,7 +128,7 @@ int tls13_derive_iv(SSL *s, const EVP_MD *md, const unsigned char *secret,
364 + static const unsigned char ivlabel[] = "iv";
365 +
366 + return tls13_hkdf_expand(s, md, secret, ivlabel, sizeof(ivlabel) - 1,
367 +- NULL, 0, iv, ivlen);
368 ++ NULL, 0, iv, ivlen, 1);
369 + }
370 +
371 + int tls13_derive_finishedkey(SSL *s, const EVP_MD *md,
372 +@@ -114,7 +138,7 @@ int tls13_derive_finishedkey(SSL *s, const EVP_MD *md,
373 + static const unsigned char finishedlabel[] = "finished";
374 +
375 + return tls13_hkdf_expand(s, md, secret, finishedlabel,
376 +- sizeof(finishedlabel) - 1, NULL, 0, fin, finlen);
377 ++ sizeof(finishedlabel) - 1, NULL, 0, fin, finlen, 1);
378 + }
379 +
380 + /*
381 +@@ -177,7 +201,7 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md,
382 + if (!tls13_hkdf_expand(s, md, prevsecret,
383 + (unsigned char *)derived_secret_label,
384 + sizeof(derived_secret_label) - 1, hash, mdlen,
385 +- preextractsec, mdlen)) {
386 ++ preextractsec, mdlen, 1)) {
387 + /* SSLfatal() already called */
388 + EVP_PKEY_CTX_free(pctx);
389 + return 0;
390 +@@ -337,7 +361,7 @@ static int derive_secret_key_and_iv(SSL *s, int sending, const EVP_MD *md,
391 + hashlen = (size_t)hashleni;
392 +
393 + if (!tls13_hkdf_expand(s, md, insecret, label, labellen, hash, hashlen,
394 +- secret, hashlen)) {
395 ++ secret, hashlen, 1)) {
396 + /* SSLfatal() already called */
397 + goto err;
398 + }
399 +@@ -517,7 +541,8 @@ int tls13_change_cipher_state(SSL *s, int which)
400 + early_exporter_master_secret,
401 + sizeof(early_exporter_master_secret) - 1,
402 + hashval, hashlen,
403 +- s->early_exporter_master_secret, hashlen)) {
404 ++ s->early_exporter_master_secret, hashlen,
405 ++ 1)) {
406 + SSLfatal(s, SSL_AD_INTERNAL_ERROR,
407 + SSL_F_TLS13_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
408 + goto err;
409 +@@ -604,7 +629,7 @@ int tls13_change_cipher_state(SSL *s, int which)
410 + resumption_master_secret,
411 + sizeof(resumption_master_secret) - 1,
412 + hashval, hashlen, s->resumption_master_secret,
413 +- hashlen)) {
414 ++ hashlen, 1)) {
415 + /* SSLfatal() already called */
416 + goto err;
417 + }
418 +@@ -624,7 +649,7 @@ int tls13_change_cipher_state(SSL *s, int which)
419 + exporter_master_secret,
420 + sizeof(exporter_master_secret) - 1,
421 + hash, hashlen, s->exporter_master_secret,
422 +- hashlen)) {
423 ++ hashlen, 1)) {
424 + /* SSLfatal() already called */
425 + goto err;
426 + }
427 +@@ -738,10 +763,10 @@ int tls13_export_keying_material(SSL *s, unsigned char *out, size_t olen,
428 + || EVP_DigestFinal_ex(ctx, data, &datalen) <= 0
429 + || !tls13_hkdf_expand(s, md, s->exporter_master_secret,
430 + (const unsigned char *)label, llen,
431 +- data, datalen, exportsecret, hashsize)
432 ++ data, datalen, exportsecret, hashsize, 0)
433 + || !tls13_hkdf_expand(s, md, exportsecret, exporterlabel,
434 + sizeof(exporterlabel) - 1, hash, hashsize,
435 +- out, olen))
436 ++ out, olen, 0))
437 + goto err;
438 +
439 + ret = 1;
440 +@@ -797,10 +822,10 @@ int tls13_export_keying_material_early(SSL *s, unsigned char *out, size_t olen,
441 + || EVP_DigestFinal_ex(ctx, data, &datalen) <= 0
442 + || !tls13_hkdf_expand(s, md, s->early_exporter_master_secret,
443 + (const unsigned char *)label, llen,
444 +- data, datalen, exportsecret, hashsize)
445 ++ data, datalen, exportsecret, hashsize, 0)
446 + || !tls13_hkdf_expand(s, md, exportsecret, exporterlabel,
447 + sizeof(exporterlabel) - 1, hash, hashsize,
448 +- out, olen))
449 ++ out, olen, 0))
450 + goto err;
451 +
452 + ret = 1;
453 +diff --git a/test/sslapitest.c b/test/sslapitest.c
454 +index 108d57e4781..a4bbb4fead4 100644
455 +--- a/test/sslapitest.c
456 ++++ b/test/sslapitest.c
457 +@@ -4028,20 +4028,25 @@ static int test_serverinfo(int tst)
458 + * no test vectors so all we do is test that both sides of the communication
459 + * produce the same results for different protocol versions.
460 + */
461 ++#define SMALL_LABEL_LEN 10
462 ++#define LONG_LABEL_LEN 249
463 + static int test_export_key_mat(int tst)
464 + {
465 + int testresult = 0;
466 + SSL_CTX *cctx = NULL, *sctx = NULL, *sctx2 = NULL;
467 + SSL *clientssl = NULL, *serverssl = NULL;
468 +- const char label[] = "test label";
469 ++ const char label[LONG_LABEL_LEN + 1] = "test label";
470 + const unsigned char context[] = "context";
471 + const unsigned char *emptycontext = NULL;
472 + unsigned char ckeymat1[80], ckeymat2[80], ckeymat3[80];
473 + unsigned char skeymat1[80], skeymat2[80], skeymat3[80];
474 ++ size_t labellen;
475 + const int protocols[] = {
476 + TLS1_VERSION,
477 + TLS1_1_VERSION,
478 + TLS1_2_VERSION,
479 ++ TLS1_3_VERSION,
480 ++ TLS1_3_VERSION,
481 + TLS1_3_VERSION
482 + };
483 +
484 +@@ -4058,7 +4063,7 @@ static int test_export_key_mat(int tst)
485 + return 1;
486 + #endif
487 + #ifdef OPENSSL_NO_TLS1_3
488 +- if (tst == 3)
489 ++ if (tst >= 3)
490 + return 1;
491 + #endif
492 + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(),
493 +@@ -4076,33 +4081,52 @@ static int test_export_key_mat(int tst)
494 + SSL_ERROR_NONE)))
495 + goto end;
496 +
497 ++ if (tst == 5) {
498 ++ /*
499 ++ * TLSv1.3 imposes a maximum label len of 249 bytes. Check we fail if we
500 ++ * go over that.
501 ++ */
502 ++ if (!TEST_int_le(SSL_export_keying_material(clientssl, ckeymat1,
503 ++ sizeof(ckeymat1), label,
504 ++ LONG_LABEL_LEN + 1, context,
505 ++ sizeof(context) - 1, 1), 0))
506 ++ goto end;
507 ++
508 ++ testresult = 1;
509 ++ goto end;
510 ++ } else if (tst == 4) {
511 ++ labellen = LONG_LABEL_LEN;
512 ++ } else {
513 ++ labellen = SMALL_LABEL_LEN;
514 ++ }
515 ++
516 + if (!TEST_int_eq(SSL_export_keying_material(clientssl, ckeymat1,
517 + sizeof(ckeymat1), label,
518 +- sizeof(label) - 1, context,
519 ++ labellen, context,
520 + sizeof(context) - 1, 1), 1)
521 + || !TEST_int_eq(SSL_export_keying_material(clientssl, ckeymat2,
522 + sizeof(ckeymat2), label,
523 +- sizeof(label) - 1,
524 ++ labellen,
525 + emptycontext,
526 + 0, 1), 1)
527 + || !TEST_int_eq(SSL_export_keying_material(clientssl, ckeymat3,
528 + sizeof(ckeymat3), label,
529 +- sizeof(label) - 1,
530 ++ labellen,
531 + NULL, 0, 0), 1)
532 + || !TEST_int_eq(SSL_export_keying_material(serverssl, skeymat1,
533 + sizeof(skeymat1), label,
534 +- sizeof(label) - 1,
535 ++ labellen,
536 + context,
537 + sizeof(context) -1, 1),
538 + 1)
539 + || !TEST_int_eq(SSL_export_keying_material(serverssl, skeymat2,
540 + sizeof(skeymat2), label,
541 +- sizeof(label) - 1,
542 ++ labellen,
543 + emptycontext,
544 + 0, 1), 1)
545 + || !TEST_int_eq(SSL_export_keying_material(serverssl, skeymat3,
546 + sizeof(skeymat3), label,
547 +- sizeof(label) - 1,
548 ++ labellen,
549 + NULL, 0, 0), 1)
550 + /*
551 + * Check that both sides created the same key material with the
552 +@@ -4131,10 +4155,10 @@ static int test_export_key_mat(int tst)
553 + * Check that an empty context and no context produce different results in
554 + * protocols less than TLSv1.3. In TLSv1.3 they should be the same.
555 + */
556 +- if ((tst != 3 && !TEST_mem_ne(ckeymat2, sizeof(ckeymat2), ckeymat3,
557 ++ if ((tst < 3 && !TEST_mem_ne(ckeymat2, sizeof(ckeymat2), ckeymat3,
558 + sizeof(ckeymat3)))
559 +- || (tst ==3 && !TEST_mem_eq(ckeymat2, sizeof(ckeymat2), ckeymat3,
560 +- sizeof(ckeymat3))))
561 ++ || (tst >= 3 && !TEST_mem_eq(ckeymat2, sizeof(ckeymat2), ckeymat3,
562 ++ sizeof(ckeymat3))))
563 + goto end;
564 +
565 + testresult = 1;
566 +@@ -5909,7 +5933,7 @@ int setup_tests(void)
567 + ADD_ALL_TESTS(test_custom_exts, 3);
568 + #endif
569 + ADD_ALL_TESTS(test_serverinfo, 8);
570 +- ADD_ALL_TESTS(test_export_key_mat, 4);
571 ++ ADD_ALL_TESTS(test_export_key_mat, 6);
572 + #ifndef OPENSSL_NO_TLS1_3
573 + ADD_ALL_TESTS(test_export_key_mat_early, 3);
574 + #endif
575 +diff --git a/test/tls13secretstest.c b/test/tls13secretstest.c
576 +index 319df17bab0..de318df02b4 100644
577 +--- a/test/tls13secretstest.c
578 ++++ b/test/tls13secretstest.c
579 +@@ -226,7 +226,7 @@ static int test_secret(SSL *s, unsigned char *prk,
580 + }
581 +
582 + if (!tls13_hkdf_expand(s, md, prk, label, labellen, hash, hashsize,
583 +- gensecret, hashsize)) {
584 ++ gensecret, hashsize, 1)) {
585 + TEST_error("Secret generation failed");
586 + return 0;
587 + }
588
589 diff --git a/dev-libs/openssl/files/openssl-1.1.1a-fix-wrong-return-value-in-ssl3_ctx_ctrl.patch b/dev-libs/openssl/files/openssl-1.1.1a-fix-wrong-return-value-in-ssl3_ctx_ctrl.patch
590 new file mode 100644
591 index 00000000000..c2f8bb638b3
592 --- /dev/null
593 +++ b/dev-libs/openssl/files/openssl-1.1.1a-fix-wrong-return-value-in-ssl3_ctx_ctrl.patch
594 @@ -0,0 +1,26 @@
595 +From 3ccccb91ae1c07a4310778b3d7ba74ff4ff787f0 Mon Sep 17 00:00:00 2001
596 +From: Paul Yang <yang.yang@××××××××××××.com>
597 +Date: Wed, 21 Nov 2018 13:16:27 +0800
598 +Subject: [PATCH] Fix wrong return value in ssl3_ctx_ctrl
599 +
600 +This fixes issue #7677
601 +
602 +Reviewed-by: Matt Caswell <matt@×××××××.org>
603 +(Merged from https://github.com/openssl/openssl/pull/7678)
604 +---
605 + ssl/s3_lib.c | 2 +-
606 + 1 file changed, 1 insertion(+), 1 deletion(-)
607 +
608 +diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
609 +index 866ca4dfa9b..99ae48199c2 100644
610 +--- a/ssl/s3_lib.c
611 ++++ b/ssl/s3_lib.c
612 +@@ -3781,7 +3781,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
613 + EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
614 + SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL);
615 + EVP_PKEY_free(pkdh);
616 +- return 1;
617 ++ return 0;
618 + }
619 + EVP_PKEY_free(ctx->cert->dh_tmp);
620 + ctx->cert->dh_tmp = pkdh;
621
622 diff --git a/dev-libs/openssl/files/openssl-1.1.1a-make-sure-build_SYS_str_reasons_preserves_errno.patch b/dev-libs/openssl/files/openssl-1.1.1a-make-sure-build_SYS_str_reasons_preserves_errno.patch
623 new file mode 100644
624 index 00000000000..cfa84c73a5b
625 --- /dev/null
626 +++ b/dev-libs/openssl/files/openssl-1.1.1a-make-sure-build_SYS_str_reasons_preserves_errno.patch
627 @@ -0,0 +1,68 @@
628 +From 99992ad22019e752c7b103a45f860a48b6bc0972 Mon Sep 17 00:00:00 2001
629 +From: Matt Caswell <matt@×××××××.org>
630 +Date: Wed, 21 Nov 2018 11:44:42 +0000
631 +Subject: [PATCH] Make sure build_SYS_str_reasons() preserves errno
632 +
633 +This function can end up being called during ERR_get_error() if we are
634 +initialising. ERR_get_error() must preserve errno since it gets called via
635 +SSL_get_error(). If that function returns SSL_ERROR_SYSCALL then you are
636 +supposed to inspect errno.
637 +
638 +Reviewed-by: Richard Levitte <levitte@×××××××.org>
639 +(Merged from https://github.com/openssl/openssl/pull/7680)
640 +
641 +(cherry picked from commit 71b1ceffc4c795f5db21861dd1016fbe23a53a53)
642 +---
643 +
644 +diff --git a/crypto/err/err.c b/crypto/err/err.c
645 +index 03cbd73..2eeeab2 100644
646 +--- a/crypto/err/err.c
647 ++++ b/crypto/err/err.c
648 +@@ -19,6 +19,7 @@
649 + #include <openssl/bio.h>
650 + #include <openssl/opensslconf.h>
651 + #include "internal/thread_once.h"
652 ++#include "e_os.h"
653 +
654 + static int err_load_strings(const ERR_STRING_DATA *str);
655 +
656 +@@ -201,6 +202,7 @@ static void build_SYS_str_reasons(void)
657 + static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON];
658 + static int init = 1;
659 + int i;
660 ++ int saveerrno = get_last_sys_error();
661 +
662 + CRYPTO_THREAD_write_lock(err_string_lock);
663 + if (!init) {
664 +@@ -229,6 +231,8 @@ static void build_SYS_str_reasons(void)
665 + init = 0;
666 +
667 + CRYPTO_THREAD_unlock(err_string_lock);
668 ++ /* openssl_strerror_r could change errno, but we want to preserve it */
669 ++ set_sys_error(saveerrno);
670 + err_load_strings(SYS_str_reasons);
671 + }
672 + #endif
673 +diff --git a/e_os.h b/e_os.h
674 +index 5340593..8e6efa9 100644
675 +--- a/e_os.h
676 ++++ b/e_os.h
677 +@@ -49,6 +49,7 @@
678 +
679 + # define get_last_sys_error() errno
680 + # define clear_sys_error() errno=0
681 ++# define set_sys_error(e) errno=(e)
682 +
683 + /********************************************************************
684 + The Microsoft section
685 +@@ -66,8 +67,10 @@
686 + # ifdef WIN32
687 + # undef get_last_sys_error
688 + # undef clear_sys_error
689 ++# undef set_sys_error
690 + # define get_last_sys_error() GetLastError()
691 + # define clear_sys_error() SetLastError(0)
692 ++# define set_sys_error(e) SetLastError(e)
693 + # if !defined(WINNT)
694 + # define WIN_CONSOLE_BUG
695 + # endif
696
697 diff --git a/dev-libs/openssl/files/openssl-1.1.1a-preserve-errno-on-dlopen.patch b/dev-libs/openssl/files/openssl-1.1.1a-preserve-errno-on-dlopen.patch
698 new file mode 100644
699 index 00000000000..ed8f2dd96be
700 --- /dev/null
701 +++ b/dev-libs/openssl/files/openssl-1.1.1a-preserve-errno-on-dlopen.patch
702 @@ -0,0 +1,51 @@
703 +From ef97becf522fc4e2e9d98e6ae7bcb26651883d9a Mon Sep 17 00:00:00 2001
704 +From: Matt Caswell <matt@×××××××.org>
705 +Date: Wed, 21 Nov 2018 11:57:04 +0000
706 +Subject: [PATCH] Preserve errno on dlopen
707 +
708 +For the same reasons as in the previous commit we must preserve errno
709 +across dlopen calls. Some implementations (e.g. solaris) do not preserve
710 +errno even on a successful dlopen call.
711 +
712 +Fixes #6953
713 +
714 +Reviewed-by: Richard Levitte <levitte@×××××××.org>
715 +(Merged from https://github.com/openssl/openssl/pull/7680)
716 +
717 +(cherry picked from commit 3cb4e7dc1cf92022f62b9bbdd59695885a1265ff)
718 +---
719 + crypto/dso/dso_dlfcn.c | 7 +++++++
720 + 1 file changed, 7 insertions(+)
721 +
722 +diff --git a/crypto/dso/dso_dlfcn.c b/crypto/dso/dso_dlfcn.c
723 +index ad8899c289a..4240f5f5e30 100644
724 +--- a/crypto/dso/dso_dlfcn.c
725 ++++ b/crypto/dso/dso_dlfcn.c
726 +@@ -17,6 +17,7 @@
727 + #endif
728 +
729 + #include "dso_locl.h"
730 ++#include "e_os.h"
731 +
732 + #ifdef DSO_DLFCN
733 +
734 +@@ -99,6 +100,7 @@ static int dlfcn_load(DSO *dso)
735 + /* See applicable comments in dso_dl.c */
736 + char *filename = DSO_convert_filename(dso, NULL);
737 + int flags = DLOPEN_FLAG;
738 ++ int saveerrno = get_last_sys_error();
739 +
740 + if (filename == NULL) {
741 + DSOerr(DSO_F_DLFCN_LOAD, DSO_R_NO_FILENAME);
742 +@@ -118,6 +120,11 @@ static int dlfcn_load(DSO *dso)
743 + ERR_add_error_data(4, "filename(", filename, "): ", dlerror());
744 + goto err;
745 + }
746 ++ /*
747 ++ * Some dlopen() implementations (e.g. solaris) do no preserve errno, even
748 ++ * on a successful call.
749 ++ */
750 ++ set_sys_error(saveerrno);
751 + if (!sk_void_push(dso->meth_data, (char *)ptr)) {
752 + DSOerr(DSO_F_DLFCN_LOAD, DSO_R_STACK_ERROR);
753 + goto err;
754
755 diff --git a/dev-libs/openssl/files/openssl-1.1.1a-preserve-system-error-number-in-a-few-more-places.patch b/dev-libs/openssl/files/openssl-1.1.1a-preserve-system-error-number-in-a-few-more-places.patch
756 new file mode 100644
757 index 00000000000..84c43a3c3e0
758 --- /dev/null
759 +++ b/dev-libs/openssl/files/openssl-1.1.1a-preserve-system-error-number-in-a-few-more-places.patch
760 @@ -0,0 +1,57 @@
761 +From 145419423e1a74ae54cdbd3aed8bb15cbd53c7cc Mon Sep 17 00:00:00 2001
762 +From: Richard Levitte <levitte@×××××××.org>
763 +Date: Fri, 14 Dec 2018 19:33:55 +0100
764 +Subject: [PATCH] ERR: preserve system error number in a few more places
765 +
766 +It turns out that intialization may change the error number, so we
767 +need to preserve the system error number in functions where
768 +initialization is called for.
769 +These are ERR_get_state() and err_shelve_state()
770 +
771 +Fixes #7897
772 +
773 +Reviewed-by: Matt Caswell <matt@×××××××.org>
774 +(Merged from https://github.com/openssl/openssl/pull/7902)
775 +
776 +(cherry picked from commit 91c5473035aaf2c0d86e4039c2a29a5b70541905)
777 +---
778 + crypto/err/err.c | 5 +++++
779 + 1 file changed, 5 insertions(+)
780 +
781 +diff --git a/crypto/err/err.c b/crypto/err/err.c
782 +index 5cfb02d821b..aef2543d60b 100644
783 +--- a/crypto/err/err.c
784 ++++ b/crypto/err/err.c
785 +@@ -697,6 +697,7 @@ DEFINE_RUN_ONCE_STATIC(err_do_init)
786 + ERR_STATE *ERR_get_state(void)
787 + {
788 + ERR_STATE *state;
789 ++ int saveerrno = get_last_sys_error();
790 +
791 + if (!OPENSSL_init_crypto(OPENSSL_INIT_BASE_ONLY, NULL))
792 + return NULL;
793 +@@ -728,6 +729,7 @@ ERR_STATE *ERR_get_state(void)
794 + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
795 + }
796 +
797 ++ set_sys_error(saveerrno);
798 + return state;
799 + }
800 +
801 +@@ -737,6 +739,8 @@ ERR_STATE *ERR_get_state(void)
802 + */
803 + int err_shelve_state(void **state)
804 + {
805 ++ int saveerrno = get_last_sys_error();
806 ++
807 + if (!OPENSSL_init_crypto(OPENSSL_INIT_BASE_ONLY, NULL))
808 + return 0;
809 +
810 +@@ -747,6 +751,7 @@ int err_shelve_state(void **state)
811 + if (!CRYPTO_THREAD_set_local(&err_thread_local, (ERR_STATE*)-1))
812 + return 0;
813 +
814 ++ set_sys_error(saveerrno);
815 + return 1;
816 + }
817 +
818
819 diff --git a/dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch b/dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch
820 new file mode 100644
821 index 00000000000..5ea4fb97bfc
822 --- /dev/null
823 +++ b/dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch
824 @@ -0,0 +1,56 @@
825 +From ed371b8cbac0d0349667558c061c1ae380cf75eb Mon Sep 17 00:00:00 2001
826 +From: Matt Caswell <matt@×××××××.org>
827 +Date: Mon, 3 Dec 2018 18:14:57 +0000
828 +Subject: [PATCH] Revert "Reduce stack usage in tls13_hkdf_expand"
829 +
830 +This reverts commit ec0c5f5693e39c5a013f81e6dd9dfd09ec65162d.
831 +
832 +SSL_export_keying_material() may use longer label lengths.
833 +
834 +Fixes #7712
835 +
836 +Reviewed-by: Tim Hudson <tjh@×××××××.org>
837 +(Merged from https://github.com/openssl/openssl/pull/7755)
838 +---
839 + ssl/tls13_enc.c | 16 ++++------------
840 + 1 file changed, 4 insertions(+), 12 deletions(-)
841 +
842 +diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
843 +index b6825d20c2d..f7ab0fa4704 100644
844 +--- a/ssl/tls13_enc.c
845 ++++ b/ssl/tls13_enc.c
846 +@@ -13,14 +13,7 @@
847 + #include <openssl/evp.h>
848 + #include <openssl/kdf.h>
849 +
850 +-/*
851 +- * RFC 8446, 7.1 Key Schedule, says:
852 +- * Note: With common hash functions, any label longer than 12 characters
853 +- * requires an additional iteration of the hash function to compute.
854 +- * The labels in this specification have all been chosen to fit within
855 +- * this limit.
856 +- */
857 +-#define TLS13_MAX_LABEL_LEN 12
858 ++#define TLS13_MAX_LABEL_LEN 246
859 +
860 + /* Always filled with zeros */
861 + static const unsigned char default_zeros[EVP_MAX_MD_SIZE];
862 +@@ -36,15 +29,14 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret,
863 + const unsigned char *data, size_t datalen,
864 + unsigned char *out, size_t outlen)
865 + {
866 +- static const unsigned char label_prefix[] = "tls13 ";
867 ++ const unsigned char label_prefix[] = "tls13 ";
868 + EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
869 + int ret;
870 + size_t hkdflabellen;
871 + size_t hashlen;
872 + /*
873 +- * 2 bytes for length of derived secret + 1 byte for length of combined
874 +- * prefix and label + bytes for the label itself + 1 byte length of hash
875 +- * + bytes for the hash itself
876 ++ * 2 bytes for length of whole HkdfLabel + 1 byte for length of combined
877 ++ * prefix and label + bytes for the label itself + bytes for the hash
878 + */
879 + unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) +
880 + + sizeof(label_prefix) + TLS13_MAX_LABEL_LEN
881
882 diff --git a/dev-libs/openssl/openssl-1.1.1a-r1.ebuild b/dev-libs/openssl/openssl-1.1.1a-r1.ebuild
883 new file mode 100644
884 index 00000000000..0ad3e058c0c
885 --- /dev/null
886 +++ b/dev-libs/openssl/openssl-1.1.1a-r1.ebuild
887 @@ -0,0 +1,299 @@
888 +# Copyright 1999-2019 Gentoo Authors
889 +# Distributed under the terms of the GNU General Public License v2
890 +
891 +EAPI="6"
892 +
893 +inherit flag-o-matic toolchain-funcs multilib multilib-minimal
894 +
895 +MY_P=${P/_/-}
896 +DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
897 +HOMEPAGE="https://www.openssl.org/"
898 +SRC_URI="mirror://openssl/source/${MY_P}.tar.gz"
899 +
900 +LICENSE="openssl"
901 +SLOT="0/1.1" # .so version of libssl/libcrypto
902 +[[ "${PV}" = *_pre* ]] || \
903 +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~x86-linux"
904 +IUSE="+asm bindist elibc_musl rfc3779 sctp cpu_flags_x86_sse2 sslv3 static-libs test tls-heartbeat vanilla zlib"
905 +RESTRICT="!bindist? ( bindist )"
906 +
907 +RDEPEND=">=app-misc/c_rehash-1.7-r1
908 + zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )"
909 +DEPEND="${RDEPEND}
910 + >=dev-lang/perl-5
911 + sctp? ( >=net-misc/lksctp-tools-1.0.12 )
912 + test? (
913 + sys-apps/diffutils
914 + sys-devel/bc
915 + )"
916 +PDEPEND="app-misc/ca-certificates"
917 +
918 +PATCHES=(
919 + "${FILESDIR}"/${P}-make-sure-build_SYS_str_reasons_preserves_errno.patch
920 + "${FILESDIR}"/${P}-preserve-errno-on-dlopen.patch
921 + "${FILESDIR}"/${P}-fix-wrong-return-value-in-ssl3_ctx_ctrl.patch
922 + "${FILESDIR}"/${P}-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch
923 + "${FILESDIR}"/${P}-fix-some-SSL_export_keying_material-issues.patch
924 + "${FILESDIR}"/${P}-preserve-system-error-number-in-a-few-more-places.patch
925 + "${FILESDIR}"/${P}-fix-a-minor-nit-in-hkdflabel-size.patch
926 + "${FILESDIR}"/${P}-fix-cert-with-rsa-instead-of-rsaEncryption.patch
927 +)
928 +
929 +# This does not copy the entire Fedora patchset, but JUST the parts that
930 +# are needed to make it safe to use EC with RESTRICT=bindist.
931 +# See openssl.spec for the matching numbering of SourceNNN, PatchNNN
932 +SOURCE1=hobble-openssl
933 +SOURCE12=ec_curve.c
934 +SOURCE13=ectest.c
935 +PATCH37=openssl-1.1.1-ec-curves.patch
936 +FEDORA_GIT_BASE='https://src.fedoraproject.org/cgit/rpms/openssl.git/plain/'
937 +FEDORA_GIT_BRANCH='f29'
938 +FEDORA_SRC_URI=()
939 +FEDORA_SOURCE=( ${SOURCE1} ${SOURCE12} ${SOURCE13} )
940 +FEDORA_PATCH=( ${PATCH37} )
941 +for i in "${FEDORA_SOURCE[@]}" ; do
942 + FEDORA_SRC_URI+=( "${FEDORA_GIT_BASE}/${i}?h=${FEDORA_GIT_BRANCH} -> ${P}_${i}" )
943 +done
944 +for i in "${FEDORA_PATCH[@]}" ; do # Already have a version prefix
945 + FEDORA_SRC_URI+=( "${FEDORA_GIT_BASE}/${i}?h=${FEDORA_GIT_BRANCH} -> ${i}" )
946 +done
947 +SRC_URI+=" bindist? ( ${FEDORA_SRC_URI[@]} )"
948 +
949 +S="${WORKDIR}/${MY_P}"
950 +
951 +MULTILIB_WRAPPED_HEADERS=(
952 + usr/include/openssl/opensslconf.h
953 +)
954 +
955 +src_prepare() {
956 + if use bindist; then
957 + # This just removes the prefix, and puts it into WORKDIR like the RPM.
958 + for i in "${FEDORA_SOURCE[@]}" ; do
959 + cp -f "${DISTDIR}"/"${P}_${i}" "${WORKDIR}"/"${i}" || die
960 + done
961 + # .spec %prep
962 + bash "${WORKDIR}"/"${SOURCE1}" || die
963 + cp -f "${WORKDIR}"/"${SOURCE12}" "${S}"/crypto/ec/ || die
964 + cp -f "${WORKDIR}"/"${SOURCE13}" "${S}"/test/ || die
965 + for i in "${FEDORA_PATCH[@]}" ; do
966 + eapply "${DISTDIR}"/"${i}"
967 + done
968 + # Also see the configure parts below:
969 + # enable-ec \
970 + # $(use_ssl !bindist ec2m) \
971 +
972 + fi
973 +
974 + # keep this in sync with app-misc/c_rehash
975 + SSL_CNF_DIR="/etc/ssl"
976 +
977 + # Make sure we only ever touch Makefile.org and avoid patching a file
978 + # that gets blown away anyways by the Configure script in src_configure
979 + rm -f Makefile
980 +
981 + if ! use vanilla ; then
982 + if [[ $(declare -p PATCHES 2>/dev/null) == "declare -a"* ]] ; then
983 + [[ ${#PATCHES[@]} -gt 0 ]] && eapply "${PATCHES[@]}"
984 + fi
985 + fi
986 +
987 + eapply_user #332661
988 +
989 + # make sure the man pages are suffixed #302165
990 + # don't bother building man pages if they're disabled
991 + # Make DOCDIR Gentoo compliant
992 + sed -i \
993 + -e '/^MANSUFFIX/s:=.*:=ssl:' \
994 + -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
995 + -e $(has noman FEATURES \
996 + && echo '/^install:/s:install_docs::' \
997 + || echo '/^MANDIR=/s:=.*:='${EPREFIX%/}'/usr/share/man:') \
998 + -e "/^DOCDIR/s@\$(BASENAME)@&-${PVR}@" \
999 + Configurations/unix-Makefile.tmpl \
1000 + || die
1001 +
1002 + # quiet out unknown driver argument warnings since openssl
1003 + # doesn't have well-split CFLAGS and we're making it even worse
1004 + # and 'make depend' uses -Werror for added fun (#417795 again)
1005 + [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments
1006 +
1007 + # allow openssl to be cross-compiled
1008 + cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die
1009 + chmod a+rx gentoo.config || die
1010 +
1011 + append-flags -fno-strict-aliasing
1012 + append-flags $(test-flags-CC -Wa,--noexecstack)
1013 + append-cppflags -DOPENSSL_NO_BUF_FREELISTS
1014 +
1015 + # Prefixify Configure shebang (#141906)
1016 + sed \
1017 + -e "1s,/usr/bin/env,${EPREFIX%/}&," \
1018 + -i Configure || die
1019 + # Remove test target when FEATURES=test isn't set
1020 + if ! use test ; then
1021 + sed \
1022 + -e '/^$config{dirs}/s@ "test",@@' \
1023 + -i Configure || die
1024 + fi
1025 + # The config script does stupid stuff to prompt the user. Kill it.
1026 + sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
1027 + ./config --test-sanity || die "I AM NOT SANE"
1028 +
1029 + multilib_copy_sources
1030 +}
1031 +
1032 +multilib_src_configure() {
1033 + unset APPS #197996
1034 + unset SCRIPTS #312551
1035 + unset CROSS_COMPILE #311473
1036 +
1037 + tc-export CC AR RANLIB RC
1038 +
1039 + # Clean out patent-or-otherwise-encumbered code
1040 + # Camellia: Royalty Free https://en.wikipedia.org/wiki/Camellia_(cipher)
1041 + # IDEA: Expired https://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
1042 + # EC: ????????? ??/??/2015 https://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
1043 + # MDC2: Expired https://en.wikipedia.org/wiki/MDC-2
1044 + # RC5: Expired https://en.wikipedia.org/wiki/RC5
1045 +
1046 + use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
1047 + echoit() { echo "$@" ; "$@" ; }
1048 +
1049 + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
1050 +
1051 + # See if our toolchain supports __uint128_t. If so, it's 64bit
1052 + # friendly and can use the nicely optimized code paths. #460790
1053 + local ec_nistp_64_gcc_128
1054 + # Disable it for now though #469976
1055 + #if ! use bindist ; then
1056 + # echo "__uint128_t i;" > "${T}"/128.c
1057 + # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
1058 + # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
1059 + # fi
1060 + #fi
1061 +
1062 + local sslout=$(./gentoo.config)
1063 + einfo "Use configuration ${sslout:-(openssl knows best)}"
1064 + local config="Configure"
1065 + [[ -z ${sslout} ]] && config="config"
1066 +
1067 + # Fedora hobbled-EC needs 'no-ec2m'
1068 + # 'srp' was restricted until early 2017 as well.
1069 + # "disable-deprecated" option breaks too many consumers.
1070 + # Don't set it without thorough revdeps testing.
1071 + echoit \
1072 + ./${config} \
1073 + ${sslout} \
1074 + $(use cpu_flags_x86_sse2 || echo "no-sse2") \
1075 + enable-camellia \
1076 + enable-ec \
1077 + $(use_ssl !bindist ec2m) \
1078 + enable-srp \
1079 + $(use elibc_musl && echo "no-async") \
1080 + ${ec_nistp_64_gcc_128} \
1081 + enable-idea \
1082 + enable-mdc2 \
1083 + enable-rc5 \
1084 + $(use_ssl sslv3 ssl3) \
1085 + $(use_ssl sslv3 ssl3-method) \
1086 + $(use_ssl asm) \
1087 + $(use_ssl rfc3779) \
1088 + $(use_ssl sctp) \
1089 + $(use_ssl tls-heartbeat heartbeats) \
1090 + $(use_ssl zlib) \
1091 + --prefix="${EPREFIX%/}"/usr \
1092 + --openssldir="${EPREFIX%/}"${SSL_CNF_DIR} \
1093 + --libdir=$(get_libdir) \
1094 + shared threads \
1095 + || die
1096 +
1097 + # Clean out hardcoded flags that openssl uses
1098 + # Fix quoting for sed
1099 + local DEFAULT_CFLAGS=$(grep ^CFLAGS= Makefile | LC_ALL=C sed \
1100 + -e 's:^CFLAGS=::' \
1101 + -e 's:-fomit-frame-pointer ::g' \
1102 + -e 's:-O[0-9] ::g' \
1103 + -e 's:-march=[-a-z0-9]* ::g' \
1104 + -e 's:-mcpu=[-a-z0-9]* ::g' \
1105 + -e 's:-m[a-z0-9]* ::g' \
1106 + -e 's:\\:\\\\:g' \
1107 + )
1108 + sed -i \
1109 + -e "/^CFLAGS=/s|=.*|=${DEFAULT_CFLAGS} ${CFLAGS}|" \
1110 + -e "/^LDFLAGS=/s|=[[:space:]]*$|=${LDFLAGS}|" \
1111 + Makefile || die
1112 +}
1113 +
1114 +multilib_src_compile() {
1115 + # depend is needed to use $confopts; it also doesn't matter
1116 + # that it's -j1 as the code itself serializes subdirs
1117 + emake -j1 depend
1118 + emake all
1119 +}
1120 +
1121 +multilib_src_test() {
1122 + emake -j1 test
1123 +}
1124 +
1125 +multilib_src_install() {
1126 + # We need to create $ED/usr on our own to avoid a race condition #665130
1127 + if [[ ! -d "${ED%/}/usr" ]]; then
1128 + # We can only create this directory once
1129 + mkdir "${ED%/}"/usr || die
1130 + fi
1131 +
1132 + emake DESTDIR="${D%/}" install
1133 +}
1134 +
1135 +multilib_src_install_all() {
1136 + # openssl installs perl version of c_rehash by default, but
1137 + # we provide a shell version via app-misc/c_rehash
1138 + rm "${ED%/}"/usr/bin/c_rehash || die
1139 +
1140 + dodoc CHANGES* FAQ NEWS README doc/*.txt doc/${PN}-c-indent.el
1141 +
1142 + # This is crappy in that the static archives are still built even
1143 + # when USE=static-libs. But this is due to a failing in the openssl
1144 + # build system: the static archives are built as PIC all the time.
1145 + # Only way around this would be to manually configure+compile openssl
1146 + # twice; once with shared lib support enabled and once without.
1147 + use static-libs || rm -f "${ED%/}"/usr/lib*/lib*.a
1148 +
1149 + # create the certs directory
1150 + keepdir ${SSL_CNF_DIR}/certs
1151 +
1152 + # Namespace openssl programs to prevent conflicts with other man pages
1153 + cd "${ED%/}"/usr/share/man || die
1154 + local m d s
1155 + for m in $(find . -type f | xargs grep -L '#include') ; do
1156 + d=${m%/*} ; d=${d#./} ; m=${m##*/}
1157 + [[ ${m} == openssl.1* ]] && continue
1158 + [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
1159 + mv ${d}/{,ssl-}${m}
1160 + # fix up references to renamed man pages
1161 + sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
1162 + ln -s ssl-${m} ${d}/openssl-${m}
1163 + # locate any symlinks that point to this man page ... we assume
1164 + # that any broken links are due to the above renaming
1165 + for s in $(find -L ${d} -type l) ; do
1166 + s=${s##*/}
1167 + rm -f ${d}/${s}
1168 + # We don't want to "|| die" here
1169 + ln -s ssl-${m} ${d}/ssl-${s}
1170 + ln -s ssl-${s} ${d}/openssl-${s}
1171 + done
1172 + done
1173 + [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
1174 +
1175 + dodir /etc/sandbox.d #254521
1176 + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED%/}"/etc/sandbox.d/10openssl
1177 +
1178 + diropts -m0700
1179 + keepdir ${SSL_CNF_DIR}/private
1180 +}
1181 +
1182 +pkg_postinst() {
1183 + ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
1184 + c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
1185 + eend $?
1186 +}
Report Message
Find on MARC Find on Google Groups