From 1b789c2cc8d8889b80eaeebaf533370897784355 Mon Sep 17 00:00:00 2001 From: Kevin Mihelich Date: Wed, 18 Apr 2012 02:26:27 -0400 Subject: [PATCH] core/openssl(-cryptodev) to 1.0.1-3 --- core/openssl-cryptodev/PKGBUILD | 8 +++- core/openssl-cryptodev/vpaes.patch | 69 ++++++++++++++++++++++++++++++ core/openssl/PKGBUILD | 10 +++-- core/openssl/vpaes.patch | 69 ++++++++++++++++++++++++++++++ 4 files changed, 151 insertions(+), 5 deletions(-) create mode 100644 core/openssl-cryptodev/vpaes.patch create mode 100644 core/openssl/vpaes.patch diff --git a/core/openssl-cryptodev/PKGBUILD b/core/openssl-cryptodev/PKGBUILD index a014030db..b4f0dbfc3 100644 --- a/core/openssl-cryptodev/PKGBUILD +++ b/core/openssl-cryptodev/PKGBUILD @@ -30,13 +30,15 @@ source=("https://www.openssl.org/source/${_pkgname}-${_ver}.tar.gz" 'fix-manpages.patch' 'no-rpath.patch' 'ca-dir.patch' - 'disable-tls12-client.patch') + 'disable-tls12-client.patch' + 'vpaes.patch') md5sums=('134f168bc2a8333f19f81d684841710b' 'efbe93c11747fed52e60567819409d8a' '5bbc0655bda2af95bc8eb568963ce8ba' 'dc78d3d06baffc16217519242ce92478' '3bf51be3a1bbd262be46dc619f92aa90' - '365328e1fff7239777adcb50dc4edd42') + '365328e1fff7239777adcb50dc4edd42' + '55ad53e8ec3db1db6978af55e3ce1b5d') build() { cd $srcdir/$_pkgname-$_ver @@ -58,6 +60,8 @@ build() { patch -p0 -i $srcdir/ca-dir.patch # workaround for PR#2771 patch -p1 -i $srcdir/disable-tls12-client.patch + # fix for PR#2775 + patch -p1 -i $srcdir/vpaes.patch # mark stack as non-executable: http://bugs.archlinux.org/task/12434 ./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \ -DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS -DHASH_MAX_LEN=64 \ diff --git a/core/openssl-cryptodev/vpaes.patch b/core/openssl-cryptodev/vpaes.patch new file mode 100644 index 000000000..eac56959b --- /dev/null +++ b/core/openssl-cryptodev/vpaes.patch @@ -0,0 +1,69 @@ +Index: openssl/crypto/aes/asm/vpaes-x86.pl +RCS File: /v/openssl/cvs/openssl/crypto/aes/asm/vpaes-x86.pl,v +rcsdiff -q -kk '-r1.5.4.4' '-r1.5.4.5' -u '/v/openssl/cvs/openssl/crypto/aes/asm/vpaes-x86.pl,v' 2>/dev/null +--- vpaes-x86.pl 2011/12/15 22:20:26 1.5.4.4 ++++ vpaes-x86.pl 2012/03/31 16:55:18 1.5.4.5 +@@ -843,6 +843,8 @@ + &mov ($out,&wparam(1)); # out + &mov ($round,&wparam(2)); # len + &mov ($key,&wparam(3)); # key ++ &sub ($round,16); ++ &jc (&label("cbc_abort")); + &lea ($base,&DWP(-56,"esp")); + &mov ($const,&wparam(4)); # ivp + &and ($base,-16); +@@ -853,7 +855,6 @@ + &mov (&DWP(48,"esp"),$base); + + &mov (&DWP(0,"esp"),$out); # save out +- &sub ($round,16); + &mov (&DWP(4,"esp"),$key) # save key + &mov (&DWP(8,"esp"),$const); # save ivp + &mov ($out,$round); # $out works as $len +@@ -896,6 +897,7 @@ + &mov ($base,&DWP(8,"esp")); # restore ivp + &mov ("esp",&DWP(48,"esp")); + &movdqu (&QWP(0,$base),"xmm1"); # write IV ++&set_label("cbc_abort"); + &function_end("${PREFIX}_cbc_encrypt"); + + &asm_finish(); +Index: openssl/crypto/aes/asm/vpaes-x86_64.pl +RCS File: /v/openssl/cvs/openssl/crypto/aes/asm/vpaes-x86_64.pl,v +rcsdiff -q -kk '-r1.4.4.2' '-r1.4.4.3' -u '/v/openssl/cvs/openssl/crypto/aes/asm/vpaes-x86_64.pl,v' 2>/dev/null +--- vpaes-x86_64.pl 2011/11/14 21:01:17 1.4.4.2 ++++ vpaes-x86_64.pl 2012/03/31 16:55:18 1.4.4.3 +@@ -263,7 +263,7 @@ + pshufb %xmm2, %xmm4 # 4 = sbou + pxor %xmm0, %xmm4 # 4 = sb1u + k + movdqa 0x70(%r10), %xmm0 # 0 : sbot +- movdqa .Lk_sr-.Lk_dsbd(%r11), %xmm2 ++ movdqa -0x160(%r11), %xmm2 # .Lk_sr-.Lk_dsbd=-0x160 + pshufb %xmm3, %xmm0 # 0 = sb1t + pxor %xmm4, %xmm0 # 0 = A + pshufb %xmm2, %xmm0 +@@ -869,6 +869,8 @@ + ___ + ($len,$key)=($key,$len); + $code.=<<___; ++ sub \$16,$len ++ jc .Lcbc_abort + ___ + $code.=<<___ if ($win64); + lea -0xb8(%rsp),%rsp +@@ -887,7 +889,6 @@ + $code.=<<___; + movdqu ($ivp),%xmm6 # load IV + sub $inp,$out +- sub \$16,$len + call _vpaes_preheat + cmp \$0,${enc}d + je .Lcbc_dec_loop +@@ -932,6 +933,7 @@ + .Lcbc_epilogue: + ___ + $code.=<<___; ++.Lcbc_abort: + ret + .size ${PREFIX}_cbc_encrypt,.-${PREFIX}_cbc_encrypt + ___ diff --git a/core/openssl/PKGBUILD b/core/openssl/PKGBUILD index fb0ce993e..1fc1a8451 100644 --- a/core/openssl/PKGBUILD +++ b/core/openssl/PKGBUILD @@ -11,7 +11,7 @@ _ver=1.0.1 # use a pacman compatible version scheme #pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}} pkgver=$_ver -pkgrel=2 +pkgrel=3 pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security' arch=('i686' 'x86_64') url='https://www.openssl.org' @@ -25,13 +25,15 @@ source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz" 'fix-manpages.patch' 'no-rpath.patch' 'ca-dir.patch' - 'disable-tls12-client.patch') + 'disable-tls12-client.patch' + 'vpaes.patch') md5sums=('134f168bc2a8333f19f81d684841710b' 'efbe93c11747fed52e60567819409d8a' '5bbc0655bda2af95bc8eb568963ce8ba' 'dc78d3d06baffc16217519242ce92478' '3bf51be3a1bbd262be46dc619f92aa90' - '26432b9d7af63c63828b6405c9185400') + '26432b9d7af63c63828b6405c9185400' + '55ad53e8ec3db1db6978af55e3ce1b5d') build() { cd $srcdir/$pkgname-$_ver @@ -53,6 +55,8 @@ build() { patch -p0 -i $srcdir/ca-dir.patch # workaround for PR#2771 patch -p1 -i $srcdir/disable-tls12-client.patch + # fix for PR#2775 + patch -p1 -i $srcdir/vpaes.patch # mark stack as non-executable: http://bugs.archlinux.org/task/12434 ./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \ shared zlib enable-md2 \ diff --git a/core/openssl/vpaes.patch b/core/openssl/vpaes.patch new file mode 100644 index 000000000..eac56959b --- /dev/null +++ b/core/openssl/vpaes.patch @@ -0,0 +1,69 @@ +Index: openssl/crypto/aes/asm/vpaes-x86.pl +RCS File: /v/openssl/cvs/openssl/crypto/aes/asm/vpaes-x86.pl,v +rcsdiff -q -kk '-r1.5.4.4' '-r1.5.4.5' -u '/v/openssl/cvs/openssl/crypto/aes/asm/vpaes-x86.pl,v' 2>/dev/null +--- vpaes-x86.pl 2011/12/15 22:20:26 1.5.4.4 ++++ vpaes-x86.pl 2012/03/31 16:55:18 1.5.4.5 +@@ -843,6 +843,8 @@ + &mov ($out,&wparam(1)); # out + &mov ($round,&wparam(2)); # len + &mov ($key,&wparam(3)); # key ++ &sub ($round,16); ++ &jc (&label("cbc_abort")); + &lea ($base,&DWP(-56,"esp")); + &mov ($const,&wparam(4)); # ivp + &and ($base,-16); +@@ -853,7 +855,6 @@ + &mov (&DWP(48,"esp"),$base); + + &mov (&DWP(0,"esp"),$out); # save out +- &sub ($round,16); + &mov (&DWP(4,"esp"),$key) # save key + &mov (&DWP(8,"esp"),$const); # save ivp + &mov ($out,$round); # $out works as $len +@@ -896,6 +897,7 @@ + &mov ($base,&DWP(8,"esp")); # restore ivp + &mov ("esp",&DWP(48,"esp")); + &movdqu (&QWP(0,$base),"xmm1"); # write IV ++&set_label("cbc_abort"); + &function_end("${PREFIX}_cbc_encrypt"); + + &asm_finish(); +Index: openssl/crypto/aes/asm/vpaes-x86_64.pl +RCS File: /v/openssl/cvs/openssl/crypto/aes/asm/vpaes-x86_64.pl,v +rcsdiff -q -kk '-r1.4.4.2' '-r1.4.4.3' -u '/v/openssl/cvs/openssl/crypto/aes/asm/vpaes-x86_64.pl,v' 2>/dev/null +--- vpaes-x86_64.pl 2011/11/14 21:01:17 1.4.4.2 ++++ vpaes-x86_64.pl 2012/03/31 16:55:18 1.4.4.3 +@@ -263,7 +263,7 @@ + pshufb %xmm2, %xmm4 # 4 = sbou + pxor %xmm0, %xmm4 # 4 = sb1u + k + movdqa 0x70(%r10), %xmm0 # 0 : sbot +- movdqa .Lk_sr-.Lk_dsbd(%r11), %xmm2 ++ movdqa -0x160(%r11), %xmm2 # .Lk_sr-.Lk_dsbd=-0x160 + pshufb %xmm3, %xmm0 # 0 = sb1t + pxor %xmm4, %xmm0 # 0 = A + pshufb %xmm2, %xmm0 +@@ -869,6 +869,8 @@ + ___ + ($len,$key)=($key,$len); + $code.=<<___; ++ sub \$16,$len ++ jc .Lcbc_abort + ___ + $code.=<<___ if ($win64); + lea -0xb8(%rsp),%rsp +@@ -887,7 +889,6 @@ + $code.=<<___; + movdqu ($ivp),%xmm6 # load IV + sub $inp,$out +- sub \$16,$len + call _vpaes_preheat + cmp \$0,${enc}d + je .Lcbc_dec_loop +@@ -932,6 +933,7 @@ + .Lcbc_epilogue: + ___ + $code.=<<___; ++.Lcbc_abort: + ret + .size ${PREFIX}_cbc_encrypt,.-${PREFIX}_cbc_encrypt + ___