external/srs
1
0
Fork 0
mirror of https://github.com/ossrs/srs.git synced 2025-03-09 15:49:59 +00:00
Code Issues Releases Wiki Activity

AppleM1: Update openssl to v1.1.1l

Browse source
This commit is contained in:
winlin 2022-08-14 19:05:01 +08:00
parent 1fe12b8e8c
commit b787656eea
990 changed files with 13406 additions and 18710 deletions
Download patch file Download diff file Expand all files Collapse all files

19
trunk/3rdparty/openssl-1.1-fit/util/perl/OpenSSL/Test.pm vendored
View file

@ -1,4 +1,4 @@
# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -65,6 +65,7 @@ use File::Spec::Functions qw/file_name_is_absolute curdir canonpath splitdir
rel2abs/;
use File::Path 2.00 qw/rmtree mkpath/;
use File::Basename;
use Cwd qw/getcwd abs_path/;
my $level = 0;
@ -164,13 +165,13 @@ C<indir> takes some additional options OPTS that affect the subdirectory:
=item B<create =E<gt> 0|1>
When set to 1 (or any value that perl preceives as true), the subdirectory
When set to 1 (or any value that perl perceives as true), the subdirectory
will be created if it doesn't already exist. This happens before BLOCK
is executed.
=item B<cleanup =E<gt> 0|1>
When set to 1 (or any value that perl preceives as true), the subdirectory
When set to 1 (or any value that perl perceives as true), the subdirectory
will be cleaned out and removed. This happens both before and after BLOCK
is executed.
@ -869,8 +870,8 @@ failures will result in a C<BAIL_OUT> at the end of its run.
sub __env {
(my $recipe_datadir = basename($0)) =~ s/\.t$/_data/i;
$directories{SRCTOP} = $ENV{SRCTOP} || $ENV{TOP};
$directories{BLDTOP} = $ENV{BLDTOP} || $ENV{TOP};
$directories{SRCTOP} = abs_path($ENV{SRCTOP} || $ENV{TOP});
$directories{BLDTOP} = abs_path($ENV{BLDTOP} || $ENV{TOP});
$directories{BLDAPPS} = $ENV{BIN_D} || __bldtop_dir("apps");
$directories{SRCAPPS} = __srctop_dir("apps");
$directories{BLDFUZZ} = __bldtop_dir("fuzz");
@ -903,26 +904,26 @@ sub __srctop_file {
BAIL_OUT("Must run setup() first") if (! $test_name);
my $f = pop;
return catfile($directories{SRCTOP},@_,$f);
return abs2rel(catfile($directories{SRCTOP},@_,$f),getcwd);
}
sub __srctop_dir {
BAIL_OUT("Must run setup() first") if (! $test_name);
return catdir($directories{SRCTOP},@_);
return abs2rel(catdir($directories{SRCTOP},@_), getcwd);
}
sub __bldtop_file {
BAIL_OUT("Must run setup() first") if (! $test_name);
my $f = pop;
return catfile($directories{BLDTOP},@_,$f);
return abs2rel(catfile($directories{BLDTOP},@_,$f), getcwd);
}
sub __bldtop_dir {
BAIL_OUT("Must run setup() first") if (! $test_name);
return catdir($directories{BLDTOP},@_);
return abs2rel(catdir($directories{BLDTOP},@_), getcwd);
}
# __exeext is a function that returns the platform dependent file extension

105
trunk/3rdparty/openssl-1.1-fit/util/perl/TLSProxy/CertificateRequest.pm vendored Normal file
View file

@ -0,0 +1,105 @@
# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
package TLSProxy::CertificateRequest;
use vars '@ISA';
push @ISA, 'TLSProxy::Message';
sub new
{
my $class = shift;
my ($server,
$data,
$records,
$startoffset,
$message_frag_lens) = @_;
my $self = $class->SUPER::new(
$server,
TLSProxy::Message::MT_CERTIFICATE_REQUEST,
$data,
$records,
$startoffset,
$message_frag_lens);
$self->{extension_data} = "";
return $self;
}
sub parse
{
my $self = shift;
my $ptr = 1;
if (TLSProxy::Proxy->is_tls13()) {
my $request_ctx_len = unpack('C', $self->data);
my $request_ctx = substr($self->data, $ptr, $request_ctx_len);
$ptr += $request_ctx_len;
my $extensions_len = unpack('n', substr($self->data, $ptr));
$ptr += 2;
my $extension_data = substr($self->data, $ptr);
if (length($extension_data) != $extensions_len) {
die "Invalid extension length\n";
}
my %extensions = ();
while (length($extension_data) >= 4) {
my ($type, $size) = unpack("nn", $extension_data);
my $extdata = substr($extension_data, 4, $size);
$extension_data = substr($extension_data, 4 + $size);
$extensions{$type} = $extdata;
}
$self->extension_data(\%extensions);
print " Extensions Len:".$extensions_len."\n";
}
# else parse TLSv1.2 version - we don't support that at the moment
}
#Reconstruct the on-the-wire message data following changes
sub set_message_contents
{
my $self = shift;
my $data;
my $extensions = "";
foreach my $key (keys %{$self->extension_data}) {
my $extdata = ${$self->extension_data}{$key};
$extensions .= pack("n", $key);
$extensions .= pack("n", length($extdata));
$extensions .= $extdata;
}
$data = pack('n', length($extensions));
$data .= $extensions;
$self->data($data);
}
#Read/write accessors
sub extension_data
{
my $self = shift;
if (@_) {
$self->{extension_data} = shift;
}
return $self->{extension_data};
}
sub set_extension
{
my ($self, $ext_type, $ext_data) = @_;
$self->{extension_data}{$ext_type} = $ext_data;
}
sub delete_extension
{
my ($self, $ext_type) = @_;
delete $self->{extension_data}{$ext_type};
}
1;

53
trunk/3rdparty/openssl-1.1-fit/util/perl/TLSProxy/Message.pm vendored
View file

@ -1,4 +1,4 @@
# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -129,6 +129,11 @@ use constant {
CIPHER_TLS13_AES_256_GCM_SHA384 => 0x1302
};
use constant {
CLIENT => 0,
SERVER => 1
};
my $payload = "";
my $messlen = -1;
my $mt;
@ -338,6 +343,15 @@ sub create_message
[@message_frag_lens]
);
$message->parse();
} elsif ($mt == MT_CERTIFICATE_REQUEST) {
$message = TLSProxy::CertificateRequest->new(
$server,
$data,
[@message_rec_list],
$startoffset,
[@message_frag_lens]
);
$message->parse();
} elsif ($mt == MT_CERTIFICATE_VERIFY) {
$message = TLSProxy::CertificateVerify->new(
$server,
@ -434,7 +448,7 @@ sub ciphersuite
}
#Update all the underlying records with the modified data from this message
#Note: Only supports re-encrypting for TLSv1.3
#Note: Only supports TLSv1.3 and ETM encryption
sub repack
{
my $self = shift;
@ -476,15 +490,38 @@ sub repack
# (If a length override is ever needed to construct invalid packets,
# use an explicit override field instead.)
$rec->decrypt_len(length($rec->decrypt_data));
$rec->len($rec->len + length($msgdata) - $old_length);
# Only support re-encryption for TLSv1.3.
if (TLSProxy::Proxy->is_tls13() && $rec->encrypted()) {
#Add content type (1 byte) and 16 tag bytes
$rec->data($rec->decrypt_data
.pack("C", TLSProxy::Record::RT_HANDSHAKE).("\0"x16));
# Only support re-encryption for TLSv1.3 and ETM.
if ($rec->encrypted()) {
if (TLSProxy::Proxy->is_tls13()) {
#Add content type (1 byte) and 16 tag bytes
$rec->data($rec->decrypt_data
.pack("C", TLSProxy::Record::RT_HANDSHAKE).("\0"x16));
} elsif ($rec->etm()) {
my $data = $rec->decrypt_data;
#Add padding
my $padval = length($data) % 16;
$padval = 15 - $padval;
for (0..$padval) {
$data .= pack("C", $padval);
}
#Add MAC. Assumed to be 20 bytes
foreach my $macval (0..19) {
$data .= pack("C", $macval);
}
if ($rec->version() >= TLSProxy::Record::VERS_TLS_1_1) {
#Explicit IV
$data = ("\0"x16).$data;
}
$rec->data($data);
} else {
die "Unsupported encryption: No ETM";
}
} else {
$rec->data($rec->decrypt_data);
}
$rec->len(length($rec->data));
#Update the fragment len in case we changed it above
${$self->message_frag_lens}[0] = length($msgdata)

3
trunk/3rdparty/openssl-1.1-fit/util/perl/TLSProxy/Proxy.pm vendored
View file

@ -19,6 +19,7 @@ use TLSProxy::ClientHello;
use TLSProxy::ServerHello;
use TLSProxy::EncryptedExtensions;
use TLSProxy::Certificate;
use TLSProxy::CertificateRequest;
use TLSProxy::CertificateVerify;
use TLSProxy::ServerKeyExchange;
use TLSProxy::NewSessionTicket;
@ -451,7 +452,7 @@ sub clientstart
} else {
# It's a bit counter-intuitive spot to make next connection to
# the s_server. Rationale is that established connection works
# as syncronization point, in sense that this way we know that
# as synchronization point, in sense that this way we know that
# s_server is actually done with current session...
$self->connect_to_server();
}

20
trunk/3rdparty/openssl-1.1-fit/util/perl/checkhandshake.pm vendored
View file

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -116,7 +116,8 @@ sub checkhandshake($$$$)
&& $message->mt() != TLSProxy::Message::MT_SERVER_HELLO
&& $message->mt() !=
TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS
&& $message->mt() != TLSProxy::Message::MT_CERTIFICATE);
&& $message->mt() != TLSProxy::Message::MT_CERTIFICATE
&& $message->mt() != TLSProxy::Message::MT_CERTIFICATE_REQUEST);
next if $message->mt() == TLSProxy::Message::MT_CERTIFICATE
&& !TLSProxy::Proxy::is_tls13();
@ -124,7 +125,7 @@ sub checkhandshake($$$$)
my $extchnum = 1;
my $extshnum = 1;
for (my $extloop = 0;
$extensions[$extloop][2] != 0;
$extensions[$extloop][3] != 0;
$extloop++) {
$extchnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_CLIENT_HELLO
&& TLSProxy::Proxy::is_tls13();
@ -135,6 +136,7 @@ sub checkhandshake($$$$)
next if $extensions[$extloop][0] == TLSProxy::Message::MT_SERVER_HELLO
&& $extshnum != $shnum;
next if ($message->mt() != $extensions[$extloop][0]);
next if ($message->server() != $extensions[$extloop][2]);
$numtests++;
}
$numtests++;
@ -182,7 +184,8 @@ sub checkhandshake($$$$)
&& $message->mt() != TLSProxy::Message::MT_SERVER_HELLO
&& $message->mt() !=
TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS
&& $message->mt() != TLSProxy::Message::MT_CERTIFICATE);
&& $message->mt() != TLSProxy::Message::MT_CERTIFICATE
&& $message->mt() != TLSProxy::Message::MT_CERTIFICATE_REQUEST);
next if $message->mt() == TLSProxy::Message::MT_CERTIFICATE
&& !TLSProxy::Proxy::is_tls13();
@ -197,7 +200,7 @@ sub checkhandshake($$$$)
my $msgexts = $message->extension_data();
my $extchnum = 1;
my $extshnum = 1;
for (my $extloop = 0, $extcount = 0; $extensions[$extloop][2] != 0;
for (my $extloop = 0, $extcount = 0; $extensions[$extloop][3] != 0;
$extloop++) {
#In TLSv1.3 we can have two ClientHellos if there has been a
#HelloRetryRequest, and they may have different extensions. Skip
@ -211,12 +214,13 @@ sub checkhandshake($$$$)
next if $extensions[$extloop][0] == TLSProxy::Message::MT_SERVER_HELLO
&& $extshnum != $shnum;
next if ($message->mt() != $extensions[$extloop][0]);
ok (($extensions[$extloop][2] & $exttype) == 0
next if ($message->server() != $extensions[$extloop][2]);
ok (($extensions[$extloop][3] & $exttype) == 0
|| defined ($msgexts->{$extensions[$extloop][1]}),
"Extension presence check (Message: ".$message->mt()
." Extension: ".($extensions[$extloop][2] & $exttype).", "
." Extension: ".($extensions[$extloop][3] & $exttype).", "
.$extloop.")");
$extcount++ if (($extensions[$extloop][2] & $exttype) != 0);
$extcount++ if (($extensions[$extloop][3] & $exttype) != 0);
}
ok($extcount == keys %$msgexts, "Extensions count mismatch ("
.$extcount.", ".(keys %$msgexts)