[webkit-changes] [209452] trunk/Tools

Wed, 07 Dec 2016 01:16:03 -0800

Title: [209452] trunk/Tools
Revision
209452
Author
ph...@webkit.org
Date
2016-12-07 01:15:37 -0800 (Wed, 07 Dec 2016)

Log Message

[GTK][jhbuild] gst-plugins-bad fails to build with OpenSSL 1.1.0
https://bugs.webkit.org/show_bug.cgi?id=165520

Reviewed by Carlos Garcia Campos.

* gtk/jhbuild.modules: Added missing dependency on openh264 in
gst-plugins-bad, along with 2 upstream patches fixing the build
against OpenSSL 1.1.0.
* gtk/patches/gst-plugins-bad-0001-dtls-port-to-OpenSSL-1.1.0.patch: Added.
* gtk/patches/gst-plugins-bad-0002-dtlscertificate-Fix-error-checking-in-RSA_generate_k.patch: Added.

Modified Paths

Added Paths

Diff

Modified: trunk/Tools/ChangeLog (209451 => 209452)


--- trunk/Tools/ChangeLog	2016-12-07 07:48:23 UTC (rev 209451)
+++ trunk/Tools/ChangeLog	2016-12-07 09:15:37 UTC (rev 209452)
@@ -1,3 +1,16 @@
+2016-12-07  Philippe Normand  <pnorm...@igalia.com>
+
+        [GTK][jhbuild] gst-plugins-bad fails to build with OpenSSL 1.1.0
+        https://bugs.webkit.org/show_bug.cgi?id=165520
+
+        Reviewed by Carlos Garcia Campos.
+
+        * gtk/jhbuild.modules: Added missing dependency on openh264 in
+        gst-plugins-bad, along with 2 upstream patches fixing the build
+        against OpenSSL 1.1.0.
+        * gtk/patches/gst-plugins-bad-0001-dtls-port-to-OpenSSL-1.1.0.patch: Added.
+        * gtk/patches/gst-plugins-bad-0002-dtlscertificate-Fix-error-checking-in-RSA_generate_k.patch: Added.
+
 2016-12-06  Alexey Proskuryakov  <a...@apple.com>
 
         Correct SDKROOT values in xcconfig files

Modified: trunk/Tools/gtk/jhbuild.modules (209451 => 209452)


--- trunk/Tools/gtk/jhbuild.modules	2016-12-07 07:48:23 UTC (rev 209451)
+++ trunk/Tools/gtk/jhbuild.modules	2016-12-07 09:15:37 UTC (rev 209452)
@@ -399,11 +399,15 @@
     </if>
     <dependencies>
       <dep package="gst-plugins-base"/>
+      <dep package="openh264"/>
     </dependencies>
     <branch module="gst-plugins-bad/gst-plugins-bad-${version}.tar.xz" version="1.8.0"
             repo="gstreamer"
             hash="sha256:116376dd1085082422e0b21b0ecd3d1cb345c469c58e32463167d4675f4ca90e"
-            md5sum="1c2d797bb96a81e9ef570c7a0a37203e"/>
+            md5sum="1c2d797bb96a81e9ef570c7a0a37203e">
+      <patch file="gst-plugins-bad-0001-dtls-port-to-OpenSSL-1.1.0.patch" strip="1"/>
+      <patch file="gst-plugins-bad-0002-dtlscertificate-Fix-error-checking-in-RSA_generate_k.patch" strip="1"/>
+    </branch>
   </autotools>
 
   <autotools id="gst-libav" autogenargs="--with-libav-extra-configure='--disable-yasm' --disable-gtk-doc">

Added: trunk/Tools/gtk/patches/gst-plugins-bad-0001-dtls-port-to-OpenSSL-1.1.0.patch (0 => 209452)


--- trunk/Tools/gtk/patches/gst-plugins-bad-0001-dtls-port-to-OpenSSL-1.1.0.patch	                        (rev 0)
+++ trunk/Tools/gtk/patches/gst-plugins-bad-0001-dtls-port-to-OpenSSL-1.1.0.patch	2016-12-07 09:15:37 UTC (rev 209452)
@@ -0,0 +1,236 @@
+From e938933167c494cdca443334f658b02a03c4486b Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <du...@redhat.com>
+Date: Wed, 26 Oct 2016 14:51:01 +0200
+Subject: [PATCH] dtls: port to OpenSSL 1.1.0
+
+Changes are:
+
+- Use the wrapper functions to access opaque data types.  To preserve
+  backward compatibility, define fallback definitions
+
+- Remove the use of idiom "pqueue_size(ssl->d1->sent_messages)", since
+  there is no replacement
+
+- Use RSA_generate_key_ex instead of the deprecated RSA_generate_key
+
+https://bugzilla.gnome.org/show_bug.cgi?id=773540
+---
+ ext/dtls/gstdtlscertificate.c | 15 ++++++++
+ ext/dtls/gstdtlsconnection.c  | 87 ++++++++++++++++++++++++++++++++++++++-----
+ 2 files changed, 93 insertions(+), 9 deletions(-)
+
+diff --git a/ext/dtls/gstdtlscertificate.c b/ext/dtls/gstdtlscertificate.c
+index 95fbb83..c1c9602 100644
+--- a/ext/dtls/gstdtlscertificate.c
++++ b/ext/dtls/gstdtlscertificate.c
+@@ -199,7 +199,22 @@ init_generated (GstDtlsCertificate * self)
+     priv->private_key = NULL;
+     return;
+   }
++
++  /* XXX: RSA_generate_key is actually deprecated in 0.9.8 */
++#if OPENSSL_VERSION_NUMBER < 0x10100001L
+   rsa = RSA_generate_key (2048, RSA_F4, NULL, NULL);
++#else
++  rsa = RSA_new ();
++  if (rsa != NULL) {
++    BIGNUM *e = BN_new ();
++    if (e != NULL && BN_set_word (e, RSA_F4)
++        && RSA_generate_key_ex (rsa, 2048, e, NULL)) {
++      RSA_free (rsa);
++      rsa = NULL;
++    }
++    BN_free (e);
++  }
++#endif
+ 
+   if (!rsa) {
+     GST_WARNING_OBJECT (self, "failed to generate RSA");
+diff --git a/ext/dtls/gstdtlsconnection.c b/ext/dtls/gstdtlsconnection.c
+index 36f6d63..728f5a7 100644
+--- a/ext/dtls/gstdtlsconnection.c
++++ b/ext/dtls/gstdtlsconnection.c
+@@ -42,6 +42,8 @@
+ #include <openssl/err.h>
+ #include <openssl/ssl.h>
+ 
++#include <string.h>
++
+ GST_DEBUG_CATEGORY_STATIC (gst_dtls_connection_debug);
+ #define GST_CAT_DEFAULT gst_dtls_connection_debug
+ G_DEFINE_TYPE_WITH_CODE (GstDtlsConnection, gst_dtls_connection, G_TYPE_OBJECT,
+@@ -216,6 +218,38 @@ gst_dtls_connection_finalize (GObject * gobject)
+   G_OBJECT_CLASS (gst_dtls_connection_parent_class)->finalize (gobject);
+ }
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100001L
++static void
++BIO_set_data (BIO * bio, void *ptr)
++{
++  bio->ptr = ptr;
++}
++
++static void *
++BIO_get_data (BIO * bio)
++{
++  return bio->ptr;
++}
++
++static void
++BIO_set_shutdown (BIO * bio, int shutdown)
++{
++  bio->shutdown = shutdown;
++}
++
++static void
++BIO_set_init (BIO * bio, int init)
++{
++  bio->init = init;
++}
++
++static X509 *
++X509_STORE_CTX_get0_cert (X509_STORE_CTX * ctx)
++{
++  return ctx->cert;
++}
++#endif
++
+ static void
+ gst_dtls_connection_set_property (GObject * object, guint prop_id,
+     const GValue * value, GParamSpec * pspec)
+@@ -239,7 +273,7 @@ gst_dtls_connection_set_property (GObject * object, guint prop_id,
+       priv->bio = BIO_new (BIO_s_gst_dtls_connection ());
+       g_return_if_fail (priv->bio);
+ 
+-      priv->bio->ptr = self;
++      BIO_set_data (priv->bio, self);
+       SSL_set_bio (priv->ssl, priv->bio, priv->bio);
+ 
+       SSL_set_verify (priv->ssl,
+@@ -573,6 +607,7 @@ log_state (GstDtlsConnection * self, const gchar * str)
+   states |= (! !SSL_want_write (priv->ssl) << 20);
+   states |= (! !SSL_want_read (priv->ssl) << 24);
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100001L
+   GST_LOG_OBJECT (self, "%s: role=%s buf=(%d,%p:%d/%d) %x|%x %s",
+       str,
+       priv->is_client ? "client" : "server",
+@@ -581,6 +616,15 @@ log_state (GstDtlsConnection * self, const gchar * str)
+       priv->bio_buffer_offset,
+       priv->bio_buffer_len,
+       states, SSL_get_state (priv->ssl), SSL_state_string_long (priv->ssl));
++#else
++  GST_LOG_OBJECT (self, "%s: role=%s buf=(%p:%d/%d) %x|%x %s",
++      str,
++      priv->is_client ? "client" : "server",
++      priv->bio_buffer,
++      priv->bio_buffer_offset,
++      priv->bio_buffer_len,
++      states, SSL_get_state (priv->ssl), SSL_state_string_long (priv->ssl));
++#endif
+ }
+ 
+ static void
+@@ -737,7 +781,7 @@ openssl_verify_callback (int preverify_ok, X509_STORE_CTX * x509_ctx)
+   self = SSL_get_ex_data (ssl, connection_ex_index);
+   g_return_val_if_fail (GST_IS_DTLS_CONNECTION (self), FALSE);
+ 
+-  pem = _gst_dtls_x509_to_pem (x509_ctx->cert);
++  pem = _gst_dtls_x509_to_pem (X509_STORE_CTX_get0_cert (x509_ctx));
+ 
+   if (!pem) {
+     GST_WARNING_OBJECT (self,
+@@ -749,7 +793,8 @@ openssl_verify_callback (int preverify_ok, X509_STORE_CTX * x509_ctx)
+       gint len;
+ 
+       len =
+-          X509_NAME_print_ex (bio, X509_get_subject_name (x509_ctx->cert), 1,
++          X509_NAME_print_ex (bio,
++          X509_get_subject_name (X509_STORE_CTX_get0_cert (x509_ctx)), 1,
+           XN_FLAG_MULTILINE);
+       BIO_read (bio, buffer, len);
+       buffer[len] = '\0';
+@@ -777,6 +822,7 @@ openssl_verify_callback (int preverify_ok, X509_STORE_CTX * x509_ctx)
+     ########  ####  #######
+ */
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100001L
+ static BIO_METHOD custom_bio_methods = {
+   BIO_TYPE_BIO,
+   "stream",
+@@ -795,11 +841,34 @@ BIO_s_gst_dtls_connection (void)
+ {
+   return &custom_bio_methods;
+ }
++#else
++static BIO_METHOD *custom_bio_methods;
++
++static BIO_METHOD *
++BIO_s_gst_dtls_connection (void)
++{
++  if (custom_bio_methods != NULL)
++    return custom_bio_methods;
++
++  custom_bio_methods = BIO_meth_new (BIO_TYPE_BIO, "stream");
++  if (custom_bio_methods == NULL
++      || !BIO_meth_set_write (custom_bio_methods, bio_method_write)
++      || !BIO_meth_set_read (custom_bio_methods, bio_method_read)
++      || !BIO_meth_set_ctrl (custom_bio_methods, bio_method_ctrl)
++      || !BIO_meth_set_create (custom_bio_methods, bio_method_new)
++      || !BIO_meth_set_destroy (custom_bio_methods, bio_method_free)) {
++    BIO_meth_free (custom_bio_methods);
++    return NULL;
++  }
++
++  return custom_bio_methods;
++}
++#endif
+ 
+ static int
+ bio_method_write (BIO * bio, const char *data, int size)
+ {
+-  GstDtlsConnection *self = GST_DTLS_CONNECTION (bio->ptr);
++  GstDtlsConnection *self = GST_DTLS_CONNECTION (BIO_get_data (bio));
+ 
+   GST_LOG_OBJECT (self, "BIO: writing %d", size);
+ 
+@@ -824,7 +893,7 @@ bio_method_write (BIO * bio, const char *data, int size)
+ static int
+ bio_method_read (BIO * bio, char *out_buffer, int size)
+ {
+-  GstDtlsConnection *self = GST_DTLS_CONNECTION (bio->ptr);
++  GstDtlsConnection *self = GST_DTLS_CONNECTION (BIO_get_data (bio));
+   GstDtlsConnectionPrivate *priv = self->priv;
+   guint internal_size;
+   gint copy_size;
+@@ -868,7 +937,7 @@ bio_method_read (BIO * bio, char *out_buffer, int size)
+ static long
+ bio_method_ctrl (BIO * bio, int cmd, long arg1, void *arg2)
+ {
+-  GstDtlsConnection *self = GST_DTLS_CONNECTION (bio->ptr);
++  GstDtlsConnection *self = GST_DTLS_CONNECTION (BIO_get_data (bio));
+   GstDtlsConnectionPrivate *priv = self->priv;
+ 
+   switch (cmd) {
+@@ -916,8 +985,8 @@ bio_method_new (BIO * bio)
+ {
+   GST_LOG_OBJECT (NULL, "BIO: new");
+ 
+-  bio->shutdown = 0;
+-  bio->init = 1;
++  BIO_set_shutdown (bio, 0);
++  BIO_set_init (bio, 1);
+ 
+   return 1;
+ }
+@@ -930,6 +999,6 @@ bio_method_free (BIO * bio)
+     return 0;
+   }
+ 
+-  GST_LOG_OBJECT (GST_DTLS_CONNECTION (bio->ptr), "BIO free");
++  GST_LOG_OBJECT (GST_DTLS_CONNECTION (BIO_get_data (bio)), "BIO free");
+   return 0;
+ }
+-- 
+2.10.2
+

Added: trunk/Tools/gtk/patches/gst-plugins-bad-0002-dtlscertificate-Fix-error-checking-in-RSA_generate_k.patch (0 => 209452)


--- trunk/Tools/gtk/patches/gst-plugins-bad-0002-dtlscertificate-Fix-error-checking-in-RSA_generate_k.patch	                        (rev 0)
+++ trunk/Tools/gtk/patches/gst-plugins-bad-0002-dtlscertificate-Fix-error-checking-in-RSA_generate_k.patch	2016-12-07 09:15:37 UTC (rev 209452)
@@ -0,0 +1,37 @@
+From 3a069193e25364ebdacac86f4b03022c151ea29c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebast...@centricular.com>
+Date: Mon, 14 Nov 2016 11:32:17 +0200
+Subject: [PATCH] dtlscertificate: Fix error checking in RSA_generate_key_ex()
+ usage
+
+Was broken during the port for OpenSSL 1.1.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=774328
+---
+ ext/dtls/gstdtlscertificate.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/ext/dtls/gstdtlscertificate.c b/ext/dtls/gstdtlscertificate.c
+index c1c9602..c2d9bb2 100644
+--- a/ext/dtls/gstdtlscertificate.c
++++ b/ext/dtls/gstdtlscertificate.c
+@@ -207,12 +207,13 @@ init_generated (GstDtlsCertificate * self)
+   rsa = RSA_new ();
+   if (rsa != NULL) {
+     BIGNUM *e = BN_new ();
+-    if (e != NULL && BN_set_word (e, RSA_F4)
+-        && RSA_generate_key_ex (rsa, 2048, e, NULL)) {
++    if (e == NULL || !BN_set_word (e, RSA_F4)
++        || !RSA_generate_key_ex (rsa, 2048, e, NULL)) {
+       RSA_free (rsa);
+       rsa = NULL;
+     }
+-    BN_free (e);
++    if (e)
++      BN_free (e);
+   }
+ #endif
+ 
+-- 
+2.10.2
+

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to