From b5a4f5aac504055d9cf0f6080285be408a068622 Mon Sep 17 00:00:00 2001 From: Shubham Mittal Date: Tue, 27 Feb 2024 15:37:49 -0800 Subject: [PATCH 1/6] OPENSSL_init added --- crypto/crypto.c | 4 ++++ include/openssl/crypto.h | 3 +++ 2 files changed, 7 insertions(+) diff --git a/crypto/crypto.c b/crypto/crypto.c index 578f5ebb35..59db64a13e 100644 --- a/crypto/crypto.c +++ b/crypto/crypto.c @@ -153,4 +153,8 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) { return 1; } +void OPENSSL_init(void) { + return; +} + void OPENSSL_cleanup(void) {} diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h index ec7219a8a0..bb1be29a40 100644 --- a/include/openssl/crypto.h +++ b/include/openssl/crypto.h @@ -177,6 +177,9 @@ OPENSSL_EXPORT void OPENSSL_load_builtin_modules(void); OPENSSL_EXPORT int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings); +// OPENSSL_init does nothing. +OPENSSL_EXPORT void OPENSSL_init(void); + // OPENSSL_cleanup does nothing. OPENSSL_EXPORT void OPENSSL_cleanup(void); From 83976c9ad931594a1ac224f4fb240bf3dc9d646c Mon Sep 17 00:00:00 2001 From: Shubham Mittal Date: Tue, 5 Mar 2024 13:40:12 -0800 Subject: [PATCH 2/6] added SSL_CTX_set_dh_auto as no-op --- include/openssl/ssl.h | 3 +++ ssl/ssl_lib.cc | 4 ++++ 2 files changed, 7 insertions(+) diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 7e94bbaf1a..60aa86f41b 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -5159,6 +5159,9 @@ OPENSSL_EXPORT void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*cb)(SSL *ssl, int is_export, int keylength)); +// SSL_CTX_set_dh_auto does nothing. +OPENSSL_EXPORT long SSL_CTX_set_dh_auto(SSL_CTX *ctx, int onoff); + // SSL_CTX_set1_sigalgs takes |num_values| ints and interprets them as pairs // where the first is the nid of a hash function and the second is an // |EVP_PKEY_*| value. It configures the signature algorithm preferences for diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc index 1069db2017..e48415bea0 100644 --- a/ssl/ssl_lib.cc +++ b/ssl/ssl_lib.cc @@ -2760,6 +2760,10 @@ void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*cb)(SSL *ssl, int is_export, int keylength)) {} +long SSL_CTX_set_dh_auto(SSL_CTX *ctx, int onoff) { + return 0; +} + static int use_psk_identity_hint(UniquePtr *out, const char *identity_hint) { if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) { From 78e08284b890fa978ae514488e368d16ce76efb0 Mon Sep 17 00:00:00 2001 From: Shubham Mittal Date: Tue, 5 Mar 2024 13:59:15 -0800 Subject: [PATCH 3/6] added BIO_s_secmem --- crypto/bio/bio_mem.c | 4 ++++ include/openssl/bio.h | 3 +++ 2 files changed, 7 insertions(+) diff --git a/crypto/bio/bio_mem.c b/crypto/bio/bio_mem.c index 1751e2156a..5486445081 100644 --- a/crypto/bio/bio_mem.c +++ b/crypto/bio/bio_mem.c @@ -303,3 +303,7 @@ int BIO_set_mem_buf(BIO *bio, BUF_MEM *b, int take_ownership) { int BIO_set_mem_eof_return(BIO *bio, int eof_value) { return (int)BIO_ctrl(bio, BIO_C_SET_BUF_MEM_EOF_RETURN, eof_value, NULL); } + +const BIO_METHOD *BIO_s_secmem(void) { + return BIO_s_mem(); +} \ No newline at end of file diff --git a/include/openssl/bio.h b/include/openssl/bio.h index d140b9b029..75dcb3f828 100644 --- a/include/openssl/bio.h +++ b/include/openssl/bio.h @@ -447,6 +447,9 @@ OPENSSL_EXPORT int BIO_set_mem_buf(BIO *bio, BUF_MEM *b, int take_ownership); // default is -1 so that additional data can be written once exhausted. OPENSSL_EXPORT int BIO_set_mem_eof_return(BIO *bio, int eof_value); +// Returns the normal BIO_METHOD |BIO_s_mem|. Deprecated since AWS-LC does not +// support secure heaps. +OPENSSL_EXPORT OPENSSL_DEPRECATED const BIO_METHOD *BIO_s_secmem(void); // BIO close flags. // From 4eda08e00d6195777a70f50cc751c21eb65cd32c Mon Sep 17 00:00:00 2001 From: Shubham Mittal Date: Tue, 5 Mar 2024 14:02:48 -0800 Subject: [PATCH 4/6] changed no-op return value for compiler safety --- crypto/crypto.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/crypto/crypto.c b/crypto/crypto.c index 59db64a13e..4aa9d1276c 100644 --- a/crypto/crypto.c +++ b/crypto/crypto.c @@ -153,8 +153,6 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) { return 1; } -void OPENSSL_init(void) { - return; -} +void OPENSSL_init(void) {} void OPENSSL_cleanup(void) {} From 8d8214ff30edba4fb0dc35c3b70ef29b298789bb Mon Sep 17 00:00:00 2001 From: Shubham Mittal Date: Tue, 5 Mar 2024 18:06:43 -0800 Subject: [PATCH 5/6] Moving BIO_s_secmem to seperate commit --- crypto/bio/bio_mem.c | 4 ---- include/openssl/bio.h | 4 ---- 2 files changed, 8 deletions(-) diff --git a/crypto/bio/bio_mem.c b/crypto/bio/bio_mem.c index 5486445081..2bd92017e6 100644 --- a/crypto/bio/bio_mem.c +++ b/crypto/bio/bio_mem.c @@ -302,8 +302,4 @@ int BIO_set_mem_buf(BIO *bio, BUF_MEM *b, int take_ownership) { int BIO_set_mem_eof_return(BIO *bio, int eof_value) { return (int)BIO_ctrl(bio, BIO_C_SET_BUF_MEM_EOF_RETURN, eof_value, NULL); -} - -const BIO_METHOD *BIO_s_secmem(void) { - return BIO_s_mem(); } \ No newline at end of file diff --git a/include/openssl/bio.h b/include/openssl/bio.h index 75dcb3f828..4d8260d69e 100644 --- a/include/openssl/bio.h +++ b/include/openssl/bio.h @@ -447,10 +447,6 @@ OPENSSL_EXPORT int BIO_set_mem_buf(BIO *bio, BUF_MEM *b, int take_ownership); // default is -1 so that additional data can be written once exhausted. OPENSSL_EXPORT int BIO_set_mem_eof_return(BIO *bio, int eof_value); -// Returns the normal BIO_METHOD |BIO_s_mem|. Deprecated since AWS-LC does not -// support secure heaps. -OPENSSL_EXPORT OPENSSL_DEPRECATED const BIO_METHOD *BIO_s_secmem(void); - // BIO close flags. // // These can be used as symbolic arguments when a "close flag" is passed to a From bcf863a42ba967afa4d0a2992d0bea65e1f11722 Mon Sep 17 00:00:00 2001 From: Shubham Mittal Date: Mon, 11 Mar 2024 19:28:05 -0700 Subject: [PATCH 6/6] fixed spacing and documentation --- crypto/bio/bio_mem.c | 2 +- include/openssl/bio.h | 1 + include/openssl/ssl.h | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/crypto/bio/bio_mem.c b/crypto/bio/bio_mem.c index 2bd92017e6..1751e2156a 100644 --- a/crypto/bio/bio_mem.c +++ b/crypto/bio/bio_mem.c @@ -302,4 +302,4 @@ int BIO_set_mem_buf(BIO *bio, BUF_MEM *b, int take_ownership) { int BIO_set_mem_eof_return(BIO *bio, int eof_value) { return (int)BIO_ctrl(bio, BIO_C_SET_BUF_MEM_EOF_RETURN, eof_value, NULL); -} \ No newline at end of file +} diff --git a/include/openssl/bio.h b/include/openssl/bio.h index 4d8260d69e..d140b9b029 100644 --- a/include/openssl/bio.h +++ b/include/openssl/bio.h @@ -447,6 +447,7 @@ OPENSSL_EXPORT int BIO_set_mem_buf(BIO *bio, BUF_MEM *b, int take_ownership); // default is -1 so that additional data can be written once exhausted. OPENSSL_EXPORT int BIO_set_mem_eof_return(BIO *bio, int eof_value); + // BIO close flags. // // These can be used as symbolic arguments when a "close flag" is passed to a diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 60aa86f41b..37dc1e1e61 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -5159,7 +5159,7 @@ OPENSSL_EXPORT void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*cb)(SSL *ssl, int is_export, int keylength)); -// SSL_CTX_set_dh_auto does nothing. +// SSL_CTX_set_dh_auto does nothing and returns 0 for error. OPENSSL_EXPORT long SSL_CTX_set_dh_auto(SSL_CTX *ctx, int onoff); // SSL_CTX_set1_sigalgs takes |num_values| ints and interprets them as pairs