Skip to content

Commit

Permalink
project: Update for 3.8.6 merge.
Browse files Browse the repository at this point in the history
  • Loading branch information
Sibras committed Oct 19, 2024
1 parent 0c572de commit 26d2eba
Show file tree
Hide file tree
Showing 16 changed files with 153 additions and 174 deletions.
58 changes: 53 additions & 5 deletions SMP/SMP.patch
Original file line number Diff line number Diff line change
Expand Up @@ -111,24 +111,42 @@ index 718740c10..fdd331940 100644
int ret;
const char *e;
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index e31aad3a0..66fe3789d 100644
index 6b87610c4..641e67330 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -37,7 +37,13 @@
@@ -37,7 +37,15 @@
#define GNUTLS_GNUTLS_H

/* Get ssize_t. */
-#include <sys/types.h>
+#ifdef _MSC_VER
+# include <BaseTsd.h>
+# ifndef ssize_t
+typedef SSIZE_T ssize_t;
+# endif
+# include <sys/types.h>
+#else
+# include <sys/types.h>
+#endif

/* Get size_t. */
#include <stddef.h>
diff --git a/lib/includes/gnutls/ocsp.h b/lib/includes/gnutls/ocsp.h
index 9e271476c..80d8ccc8f 100644
--- a/lib/includes/gnutls/ocsp.h
+++ b/lib/includes/gnutls/ocsp.h
@@ -224,9 +224,9 @@ int gnutls_ocsp_resp_get_single(gnutls_ocsp_resp_const_t resp, unsigned indx,
gnutls_datum_t *issuer_name_hash,
gnutls_datum_t *issuer_key_hash,
gnutls_datum_t *serial_number,
- unsigned int *cert_status, time_t *this_update,
+ gnutls_ocsp_cert_status_t *cert_status, time_t *this_update,
time_t *next_update, time_t *revocation_time,
- unsigned int *revocation_reason);
+ gnutls_x509_crl_reason_t *revocation_reason);
int gnutls_ocsp_resp_get_extension(gnutls_ocsp_resp_const_t resp, unsigned indx,
gnutls_datum_t *oid, unsigned int *critical,
gnutls_datum_t *data);
diff --git a/lib/system/fastopen.c b/lib/system/fastopen.c
index 7132a0817..f62907966 100644
--- a/lib/system/fastopen.c
Expand Down Expand Up @@ -172,11 +190,41 @@ index 536b75c10..8ff65b992 100644

/*-
* _gnutls_mask_to_prefix:
diff --git a/lib/x509/ocsp.c b/lib/x509/ocsp.c
index 0120129d5..3a46f2d17 100644
--- a/lib/x509/ocsp.c
+++ b/lib/x509/ocsp.c
@@ -1433,9 +1433,9 @@ int gnutls_ocsp_resp_get_single(gnutls_ocsp_resp_const_t resp, unsigned indx,
gnutls_datum_t *issuer_name_hash,
gnutls_datum_t *issuer_key_hash,
gnutls_datum_t *serial_number,
- unsigned int *cert_status, time_t *this_update,
+ gnutls_ocsp_cert_status_t *cert_status, time_t *this_update,
time_t *next_update, time_t *revocation_time,
- unsigned int *revocation_reason)
+ gnutls_x509_crl_reason_t *revocation_reason)
{
char name[MAX_NAME_SIZE];
int ret, result;
diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c
index aacc24a7d..3562e741f 100644
--- a/lib/x509/verify-high.c
+++ b/lib/x509/verify-high.c
@@ -1423,7 +1423,8 @@ int gnutls_x509_trust_list_verify_crt2(
}

/* Allocate extra for retrieved certificates. */
- if (!INT_ADD_OK(cert_list_size, DEFAULT_MAX_VERIFY_DEPTH,
+ size_t size = DEFAULT_MAX_VERIFY_DEPTH;
+ if (!INT_ADD_OK(cert_list_size, size,
&cert_list_max_size))
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

diff --git a/lib/x509/verify-high2.c b/lib/x509/verify-high2.c
index 9fd73e487..3c494c85a 100644
index dc975baeb..b6b02a1ac 100644
--- a/lib/x509/verify-high2.c
+++ b/lib/x509/verify-high2.c
@@ -465,7 +465,9 @@ static int load_dir_certs(const char *dirname, gnutls_x509_trust_list_t list,
@@ -466,7 +466,9 @@ static int load_dir_certs(const char *dirname, gnutls_x509_trust_list_t list,
switch (d->d_type) {
case DT_REG:
case DT_LNK:
Expand All @@ -187,7 +235,7 @@ index 9fd73e487..3c494c85a 100644
default:
continue;
diff --git a/lib/x509/x509_ext.c b/lib/x509/x509_ext.c
index ad3af1430..ba373e582 100644
index ae7216f23..e3701fe14 100644
--- a/lib/x509/x509_ext.c
+++ b/lib/x509/x509_ext.c
@@ -3539,7 +3539,7 @@ static const struct sct_sign_algorithm_st algos[] = {
Expand Down
168 changes: 11 additions & 157 deletions SMP/config.h
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@
#define ENABLE_ECDHE 1

/* Enable FIPS140-2 mode */
/* #undef ENABLE_FIPS140 */
/* #undef ENABLE_FIPS */

/* enable GOST support */
/* #undef ENABLE_GOST */
Expand Down Expand Up @@ -176,162 +176,6 @@ whether the gnulib module snprintf shall be considered present. */
whether the gnulib module strerror shall be considered present. */
#define GNULIB_STRERROR 1

/* Define to 1 when the gnulib module accept should be tested. */
#define GNULIB_TEST_ACCEPT 1

/* Define to 1 when the gnulib module bind should be tested. */
#define GNULIB_TEST_BIND 1

/* Define to 1 when the gnulib module close should be tested. */
#define GNULIB_TEST_CLOSE 1

/* Define to 1 when the gnulib module connect should be tested. */
#define GNULIB_TEST_CONNECT 1

/* Define to 1 when the gnulib module dup2 should be tested. */
#define GNULIB_TEST_DUP2 1

/* Define to 1 when the gnulib module environ should be tested. */
#define GNULIB_TEST_ENVIRON 1

/* Define to 1 when the gnulib module fdopen should be tested. */
#define GNULIB_TEST_FDOPEN 1

/* Define to 1 when the gnulib module fseek should be tested. */
#define GNULIB_TEST_FSEEK 1

/* Define to 1 when the gnulib module fseeko should be tested. */
#define GNULIB_TEST_FSEEKO 1

/* Define to 1 when the gnulib module fstat should be tested. */
#define GNULIB_TEST_FSTAT 1

/* Define to 1 when the gnulib module ftell should be tested. */
#define GNULIB_TEST_FTELL 1

/* Define to 1 when the gnulib module ftello should be tested. */
#define GNULIB_TEST_FTELLO 1

/* Define to 1 when the gnulib module getaddrinfo should be tested. */
#define GNULIB_TEST_GETADDRINFO 1

/* Define to 1 when the gnulib module getdelim should be tested. */
#define GNULIB_TEST_GETDELIM 1

/* Define to 1 when the gnulib module getline should be tested. */
#define GNULIB_TEST_GETLINE 1

/* Define to 1 when the gnulib module getpagesize should be tested. */
#define GNULIB_TEST_GETPAGESIZE 1

/* Define to 1 when the gnulib module getpeername should be tested. */
#define GNULIB_TEST_GETPEERNAME 1

/* Define to 1 when the gnulib module gettimeofday should be tested. */
#define GNULIB_TEST_GETTIMEOFDAY 1

/* Define to 1 when the gnulib module listen should be tested. */
#define GNULIB_TEST_LISTEN 1

/* Define to 1 when the gnulib module lseek should be tested. */
#define GNULIB_TEST_LSEEK 1

/* Define to 1 when the gnulib module malloc-posix should be tested. */
#define GNULIB_TEST_MALLOC_POSIX 1

/* Define to 1 when the gnulib module memchr should be tested. */
#define GNULIB_TEST_MEMCHR 1

/* Define to 1 when the gnulib module memmem should be tested. */
#define GNULIB_TEST_MEMMEM 1

/* Define to 1 when the gnulib module mktime should be tested. */
#define GNULIB_TEST_MKTIME 1

/* Define to 1 when the gnulib module realloc-posix should be tested. */
#define GNULIB_TEST_REALLOC_POSIX 1

/* Define to 1 when the gnulib module recv should be tested. */
#define GNULIB_TEST_RECV 1

/* Define to 1 when the gnulib module recvfrom should be tested. */
#define GNULIB_TEST_RECVFROM 1

/* Define to 1 when the gnulib module secure_getenv should be tested. */
#define GNULIB_TEST_SECURE_GETENV 1

/* Define to 1 when the gnulib module select should be tested. */
#define GNULIB_TEST_SELECT 1

/* Define to 1 when the gnulib module send should be tested. */
#define GNULIB_TEST_SEND 1

/* Define to 1 when the gnulib module sendto should be tested. */
#define GNULIB_TEST_SENDTO 1

/* Define to 1 when the gnulib module setenv should be tested. */
#define GNULIB_TEST_SETENV 1

/* Define to 1 when the gnulib module setsockopt should be tested. */
#define GNULIB_TEST_SETSOCKOPT 1

/* Define to 1 when the gnulib module shutdown should be tested. */
#define GNULIB_TEST_SHUTDOWN 1

/* Define to 1 when the gnulib module snprintf should be tested. */
#define GNULIB_TEST_SNPRINTF 1

/* Define to 1 when the gnulib module socket should be tested. */
#define GNULIB_TEST_SOCKET 1

/* Define to 1 when the gnulib module strdup should be tested. */
#define GNULIB_TEST_STRDUP 1

/* Define to 1 when the gnulib module strerror should be tested. */
#define GNULIB_TEST_STRERROR 1

/* Define to 1 when the gnulib module strndup should be tested. */
#define GNULIB_TEST_STRNDUP 1

/* Define to 1 when the gnulib module strnlen should be tested. */
#define GNULIB_TEST_STRNLEN 1

/* Define to 1 when the gnulib module strtok_r should be tested. */
#define GNULIB_TEST_STRTOK_R 1

/* Define to 1 when the gnulib module strverscmp should be tested. */
#define GNULIB_TEST_STRVERSCMP 1

/* Define to 1 when the gnulib module timegm should be tested. */
#define GNULIB_TEST_TIMEGM 1

/* Define to 1 when the gnulib module time_r should be tested. */
#define GNULIB_TEST_TIME_R 1

/* Define to 1 when the gnulib module time_rz should be tested. */
#define GNULIB_TEST_TIME_RZ 1

/* Define to 1 when the gnulib module uninorm/u16-normalize should be tested.
*/
#define GNULIB_TEST_UNINORM_U16_NORMALIZE 1

/* Define to 1 when the gnulib module uninorm/u32-normalize should be tested.
*/
#define GNULIB_TEST_UNINORM_U32_NORMALIZE 1

/* Define to 1 when the gnulib module uninorm/u8-normalize should be tested.
*/
#define GNULIB_TEST_UNINORM_U8_NORMALIZE 1

/* Define to 1 when the gnulib module unsetenv should be tested. */
#define GNULIB_TEST_UNSETENV 1

/* Define to 1 when the gnulib module vasprintf should be tested. */
#define GNULIB_TEST_VASPRINTF 1

/* Define to 1 when the gnulib module vsnprintf should be tested. */
#define GNULIB_TEST_VSNPRINTF 1

/* Define to a C preprocessor expression that evaluates to 1 or 0, depending
whether the gnulib module unistr/u16-mbtoucr shall be considered present.
*/
Expand Down Expand Up @@ -386,6 +230,10 @@ whether the gnulib module unistr/u8-uctomb shall be considered present. */
/* Define to 1 if you have the <arpa/inet.h> header file. */
/* #undef HAVE_ARPA_INET_H */

/* Define to a C preprocessor expression that evaluates to 1 or 0, depending
whether the module bcrypt shall be considered present. */
#define HAVE_BCRYPT 1

/* Define to 1 if you have the <bp-sym.h> header file. */
/* #undef HAVE_BP_SYM_H */

Expand Down Expand Up @@ -813,6 +661,9 @@ don't. */
concept. */
#define HAVE_MSVC_INVALID_PARAMETER_HANDLER 1

/* Define to 1 if you have the `nettle_cbc_aes128_encrypt' function. */
#define HAVE_NETTLE_CBC_AES128_ENCRYPT 1

/* Define to 1 if you have the `nettle_cmac_magma_update' function. */
#define HAVE_NETTLE_CMAC_MAGMA_UPDATE 1

Expand Down Expand Up @@ -840,6 +691,9 @@ don't. */
/* Define to 1 if you have the `nettle_magma_set_key' function. */
#define HAVE_NETTLE_MAGMA_SET_KEY 1

/* Define to 1 if you have the `nettle_sha3_128_shake_output' function. */
#define HAVE_NETTLE_SHA3_128_SHAKE_OUTPUT 1

/* Define to 1 if you have the `nettle_streebog512_update' function. */
#define HAVE_NETTLE_STREEBOG512_UPDATE 1

Expand Down
19 changes: 11 additions & 8 deletions SMP/gnutls/gnutls.h
Original file line number Diff line number Diff line change
Expand Up @@ -57,14 +57,14 @@ typedef SSIZE_T ssize_t;
extern "C" {
#endif

#define GNUTLS_VERSION "3.8.4"
#define GNUTLS_VERSION "3.8.6"

/* clang-format off */
#define GNUTLS_VERSION_MAJOR 3
#define GNUTLS_VERSION_MINOR 8
#define GNUTLS_VERSION_PATCH 4
#define GNUTLS_VERSION_PATCH 6

#define GNUTLS_VERSION_NUMBER 0x030804
#define GNUTLS_VERSION_NUMBER 0x030806
/* clang-format on */

#define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC
Expand Down Expand Up @@ -326,8 +326,8 @@ typedef enum {
* @GNUTLS_MAC_SHA3_384: Reserved; unimplemented.
* @GNUTLS_MAC_SHA3_512: Reserved; unimplemented.
* @GNUTLS_MAC_GOST28147_TC26Z_IMIT: The GOST 28147-89 working in IMIT mode with TC26 Z S-box.
* @GNUTLS_MAC_SHAKE_128: Reserved; unimplemented.
* @GNUTLS_MAC_SHAKE_256: Reserved; unimplemented.
* @GNUTLS_MAC_SHAKE_128: The SHAKE128 extendable output function.
* @GNUTLS_MAC_SHAKE_256: The SHAKE256 extendable output function.
* @GNUTLS_MAC_MAGMA_OMAC: GOST R 34.12-2015 (Magma) in OMAC (CMAC) mode.
* @GNUTLS_MAC_KUZNYECHIK_OMAC: GOST R 34.12-2015 (Kuznyechik) in OMAC (CMAC) mode.
*
Expand Down Expand Up @@ -367,7 +367,9 @@ typedef enum {
GNUTLS_MAC_SHAKE_128 = 209,
GNUTLS_MAC_SHAKE_256 = 210,
GNUTLS_MAC_MAGMA_OMAC = 211,
GNUTLS_MAC_KUZNYECHIK_OMAC = 212
GNUTLS_MAC_KUZNYECHIK_OMAC = 212,
GNUTLS_MAC_PBMAC1 =
213 /* indicates that PBMAC1 is embedded the PKCS#12 structure */
} gnutls_mac_algorithm_t;

/**
Expand All @@ -390,8 +392,8 @@ typedef enum {
* @GNUTLS_DIG_GOSTR_94: GOST R 34.11-94 algorithm.
* @GNUTLS_DIG_STREEBOG_256: GOST R 34.11-2001 (Streebog) algorithm, 256 bit.
* @GNUTLS_DIG_STREEBOG_512: GOST R 34.11-2001 (Streebog) algorithm, 512 bit.
* @GNUTLS_DIG_SHAKE_128: Reserved; unimplemented.
* @GNUTLS_DIG_SHAKE_256: Reserved; unimplemented.
* @GNUTLS_DIG_SHAKE_128: The SHAKE128 extendable output function.
* @GNUTLS_DIG_SHAKE_256: The SHAKE256 extendable output function.
*
* Enumeration of different digest (hash) algorithms.
*/
Expand Down Expand Up @@ -3390,6 +3392,7 @@ gnutls_transport_is_ktls_enabled(gnutls_session_t session);
#define GNUTLS_E_TOO_MANY_HANDSHAKE_PACKETS -81
#define GNUTLS_E_RECEIVED_DISALLOWED_NAME -82 /* GNUTLS_A_ILLEGAL_PARAMETER */
#define GNUTLS_E_CERTIFICATE_REQUIRED -112 /* GNUTLS_A_CERTIFICATE_REQUIRED */
#define GNUTLS_E_UNSUPPORTED_ENCRYPTION_ALGORITHM -113

/* returned if you need to generate temporary RSA
* parameters. These are needed for export cipher suites.
Expand Down
5 changes: 5 additions & 0 deletions SMP/lib/accelerated/x86/coff/aes-ssse3-x86_64.asm
Original file line number Diff line number Diff line change
Expand Up @@ -637,6 +637,7 @@ $L$SEH_begin_vpaes_set_encrypt_key:



DB 243,15,30,250
lea rsp,[((-184))+rsp]
movaps XMMWORD[16+rsp],xmm6
movaps XMMWORD[32+rsp],xmm7
Expand Down Expand Up @@ -690,6 +691,7 @@ $L$SEH_begin_vpaes_set_decrypt_key:



DB 243,15,30,250
lea rsp,[((-184))+rsp]
movaps XMMWORD[16+rsp],xmm6
movaps XMMWORD[32+rsp],xmm7
Expand Down Expand Up @@ -748,6 +750,7 @@ $L$SEH_begin_vpaes_encrypt:



DB 243,15,30,250
lea rsp,[((-184))+rsp]
movaps XMMWORD[16+rsp],xmm6
movaps XMMWORD[32+rsp],xmm7
Expand Down Expand Up @@ -796,6 +799,7 @@ $L$SEH_begin_vpaes_decrypt:



DB 243,15,30,250
lea rsp,[((-184))+rsp]
movaps XMMWORD[16+rsp],xmm6
movaps XMMWORD[32+rsp],xmm7
Expand Down Expand Up @@ -846,6 +850,7 @@ $L$SEH_begin_vpaes_cbc_encrypt:



DB 243,15,30,250
xchg rdx,rcx
sub rcx,16
jc NEAR $L$cbc_abort
Expand Down
Loading

0 comments on commit 26d2eba

Please sign in to comment.