Accepting request 547923 from home:garloff:branches:Base:System

- Update to 1.99.8: * Support openssl-1.1 (patch from Marcus Meissner) * cryptalgo->recycle to reuse crypto context (neeeded for openssl) * Fix memleak in test_aes * Use test_aes in check target to ensure all algorithms work * Use std probe mech in test_aes, so we don't fail with SIGILL * Fix build without openssl OBS-URL: https://build.opensuse.org/request/show/547923 OBS-URL: https://build.opensuse.org/package/show/Base:System/dd_rescue?expand=0&rev=39
2017-12-04 08:13:50 +00:00 · 2017-12-04 08:13:50 +00:00 · e05c271a76
commit e05c271a76
parent f6a3f2f774
7 changed files with 36 additions and 466 deletions
--- a/dd_rescue-1.99.7.tar.bz2
+++ b/dd_rescue-1.99.7.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:24c7ef2d3195b1e2e42f705e773613a474129eea63556e805cf0b41243446134
-size 172414
--- a/dd_rescue-1.99.7.tar.bz2.asc
+++ b/dd_rescue-1.99.7.tar.bz2.asc
@ -1,17 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.22 (GNU/Linux)
-
-iQIVAwUAWgWkI95PGzor/8W/AQjV2Q/7BzIFxNqmiCxBCuLuSZhnG6hfiWMUNIY3
-moKs3DphPDj+OU4sLtMwRz2at4LGIH4pBVyWHAS4FPh/LRI2Jl6przzgP9oQeFiS
-rWKUAhXhzc5S3wZKJNILI7HcAC7W99PDTqyjKSES5WujwPIgCxncBW2Fv9WAur/6
-M/8FvzAOwZMXf+JLbyI+QJggyRLgedBz1DhFyb5k21SryeUkHufqkpS0FEbdkSvm
-RJbXaa+UIX3K4Z70LRcNuAmvpbpo+p3L3GROQcrcrehoOcLkH7vtsadJi97H0pvk
-5qFLPiT2rs6JIxRUCpHRmV3z2+7rIiD7TH/bt+vmqWyDKWctAoZP+aLfP478yGk1
-Y1m7MBVmpUxZWjBWkrQD9vwHTtQdgHgjSg4Fxh7slBMVBJdgSJhpAzSjkVnlp8Ax
-R+/b06FAjNAdN9HWiXiRcSHaGuIFXYgfjd1SgLyT4nn6junOsepQFK5652i3Cb2b
-XOyr7BCd/RtRapqjn3gqWidkDKjAyfr/Va3RqmZyVhLvMS+2mCcMmruQ92+lVr4D
-Cwe0yGEONagveA7oyuJK86rXBChUdJs2maoU92nwe0WJeo/qFv6NGWnRg/bCGVeg
-D8uHzyp75lTTpfqJ3GPpbJCsOHa1z8mZ1tHOXrJ/1LPpiuTz0s+9T4PZ43NmW45M
-v3S49wOzPTQ=
-=I9NO
-----END PGP SIGNATURE-----
--- a/dd_rescue-1.99.8.tar.bz2
+++ b/dd_rescue-1.99.8.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:90db76716af6a6a2370d9726804ff26cc63e61109af9967078a5eb941faa7dbd
+size 174594
--- a/dd_rescue-1.99.8.tar.bz2.asc
+++ b/dd_rescue-1.99.8.tar.bz2.asc
@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2
+
+iQIVAwUAWiR0qt5PGzor/8W/AQhhLg//WUrDjN/VeduumCk+CIO5uA0V0ld1BZqs
+caCa4kJW1tOeDtuIsHmgicumTlKYebhPvgo695sumDr+3yOd/5uF/7YyQjsbLhL+
+xukhPD4g6KUEk3lbT91rEvPp0aulY8ZLkYd1IY0O5eJWE0d9laYOvs2F5/ZBftvd
+9CD7lc1Df+KLnKvbywif9AfJkugP4Twypgo8WEyXAuQGZw4Nx+av3E2yYWLrW4g6
+nVSzTAr5DMqBQgoJvK8LfXyybCsa6/gqJEgU+fsfZ2ucQrFn29CY5iqCuRRcxH19
+vq2fsduJ/0w1cTCM6nVTm5EaSBcCAER0B/g0OU9cFZ3sqLUkYgiB/qwWAKg5yKv9
+BQys6/HGytbxYXi75vp9XL2k+FAkgeTCmrfIs9grPXHXZULltomeVEl7bHr2YD8T
+0/2CMoyusQmMN87n1DvCX9KGa4AzAfgPvUEvimWK2nwjd4u4vIvh3TMBu3qeaa3
+a2Tc0GeXcjLHmSER98y7gRlOaz/rnNvH+8wOX6gPy8pGPnr5/+vGeWrw1h+Vxau2
+w90G4/gGW7FAog7WpDxZNPG8YLiH3hBgISXo1OXertkTXOKl8ytmn21zbMKYBanW
+CJ7QMsBGrYXSQrnBtCFqzSwKsEcOSOkASQh9A0YWceTrF2MpoSFsEBqXHxcheoeQ
+DbdAjCIjHcU=
+=ZkW1
+-----END PGP SIGNATURE-----
--- a/dd_rescue-openssl11.patch
+++ b/dd_rescue-openssl11.patch
@ -1,440 +0,0 @@
-Index: dd_rescue-1.99.7/aes_ossl.c
-===================================================================
--- dd_rescue-1.99.7.orig/aes_ossl.c
-+++ dd_rescue-1.99.7/aes_ossl.c
-@@ -17,15 +17,17 @@
- 
- void AES_OSSL_Bits_EKey_Expand(const EVP_CIPHER *cipher, const unsigned char* userkey, unsigned char *ctx)
- {
-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;
-	EVP_CIPHER_CTX_init(evpctx);
-	EVP_EncryptInit_ex(evpctx, cipher, NULL, userkey, NULL);
-+	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;
-+	evpctx[0] = EVP_CIPHER_CTX_new();						\
-+	EVP_CIPHER_CTX_init(evpctx[0]);
-+	EVP_EncryptInit_ex(evpctx[0], cipher, NULL, userkey, NULL);
- }
- void AES_OSSL_Bits_DKey_Expand(const EVP_CIPHER *cipher, const unsigned char* userkey, unsigned char *ctx)
- {
-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;
-	EVP_CIPHER_CTX_init(evpctx);
-	EVP_DecryptInit_ex(evpctx, cipher, NULL, userkey, NULL);
-+	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;
-+	evpctx[0] = EVP_CIPHER_CTX_new();						\
-+	EVP_CIPHER_CTX_init(evpctx[0]);
-+	EVP_DecryptInit_ex(evpctx[0], cipher, NULL, userkey, NULL);
- }
- 
- 
-@@ -48,28 +50,27 @@ int AES_OSSL_##BITCHAIN##_Encrypt(const
- 				ssize_t len, ssize_t *flen)			\
- {								\
- 	int olen, elen, ores;					\
-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;		\
-	EVP_EncryptInit(evpctx, NULL, NULL, NULL);		\
-	EVP_CIPHER_CTX_set_padding(evpctx, DOPAD? pad: 0);	\
-+	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;	\
-+	EVP_CIPHER_CTX_set_padding(evpctx[0], DOPAD? pad: 0);	\
- 	if (IV) {						\
-		memcpy(evpctx->oiv, iv, 16); memcpy(evpctx->iv, iv, 16);	\
-+		memcpy(EVP_CIPHER_CTX_original_iv(evpctx[0]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[0]), iv, 16);	\
- 	}							\
-        	if (DOPAD && !pad && (len&15)) {			\
-		ores = EVP_EncryptUpdate(evpctx, out, &olen, in, len-(len&15));	\
-+		ores = EVP_EncryptUpdate(evpctx[0], out, &olen, in, len-(len&15));	\
- 		assert(ores);					\
- 		uchar ibf[16];					\
- 		memcpy(ibf, in+olen, len&15);			\
- 		memset(ibf+(len&15), 0, 16-(len&15));		\
-		ores = EVP_EncryptUpdate(evpctx, out+olen, &elen, ibf, 16);	\
-+		ores = EVP_EncryptUpdate(evpctx[0], out+olen, &elen, ibf, 16);	\
- 		memset(ibf, 0, len&15);				\
- 		asm("":::"memory");				\
- 		assert(ores);					\
- 	} else {								\
- 		if (DOPAD && !(len%15) && pad == PAD_ASNEEDED)	\
-			EVP_CIPHER_CTX_set_padding(evpctx, 0);	\
-		ores = EVP_EncryptUpdate(evpctx, out, &olen, in, len);		\
-+			EVP_CIPHER_CTX_set_padding(evpctx[0], 0);	\
-+		ores = EVP_EncryptUpdate(evpctx[0], out, &olen, in, len);		\
- 		assert(ores);					\
-		ores = EVP_EncryptFinal(evpctx, out+olen, &elen);\
-+		ores = EVP_EncryptFinal(evpctx[0], out+olen, &elen);\
- 		assert(ores);					\
- 		if (0 && elen && (len&15)) olen -= 16;		\
- 	}							\
-@@ -80,7 +81,7 @@ int AES_OSSL_##BITCHAIN##_Encrypt(const
- 		fprintf(stderr, "Encryption length mismatch %i+%i != %zi\n",	\
- 			olen, elen, len);			\
- 	if (IV)							\
-		memcpy(iv, evpctx->iv, 16);			\
-+		memcpy(iv, EVP_CIPHER_CTX_iv(evpctx[0]), 16);			\
- 	return (DOPAD && (pad == PAD_ALWAYS || (len&15)))? 16-(len&15): 0;	\
- };								\
- int AES_OSSL_##BITCHAIN##_Decrypt(const unsigned char* ctx, unsigned int rounds,\
-@@ -90,49 +91,48 @@ int AES_OSSL_##BITCHAIN##_Decrypt(const
- {								\
- 	int olen, elen = 0, ores;				\
- 	int ilen = (len&15)? len+15-(len&15): len;		\
-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;		\
-	EVP_DecryptInit(evpctx, NULL, NULL, NULL);		\
-	EVP_CIPHER_CTX_set_padding(evpctx, DOPAD && pad != PAD_ASNEEDED?pad:0);	\
-+	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;	\
-+	EVP_CIPHER_CTX_set_padding(evpctx[0], DOPAD && pad != PAD_ASNEEDED?pad:0);	\
- 	if (IV) {						\
-		memcpy(evpctx->oiv, iv, 16); memcpy(evpctx->iv, iv, 16);	\
-+		memcpy(EVP_CIPHER_CTX_original_iv(evpctx[0]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[0]), iv, 16);	\
- 	}							\
- 	if (DOPAD && pad == PAD_ASNEEDED) {			\
- 		int olen1;					\
- 		uchar buf[16];					\
-		ores = EVP_DecryptUpdate(evpctx, out, &olen, in, ilen-16);	\
-+		ores = EVP_DecryptUpdate(evpctx[0], out, &olen, in, ilen-16);	\
- 		assert(ores);					\
-		EVP_CIPHER_CTX ctx2;				\
-		memcpy(&ctx2, evpctx, sizeof(ctx2));		\
-+		EVP_CIPHER_CTX *ctx2 = EVP_CIPHER_CTX_new();	\
-+		EVP_CIPHER_CTX_copy(ctx2, evpctx[0]);		\
- 		/* Save piece that gets overwritten */		\
- 		if (in == out)					\
- 			memcpy(buf, out+olen, 16);		\
-		EVP_CIPHER_CTX_set_padding(evpctx, 1);		\
-		ores = EVP_DecryptUpdate(evpctx, out+olen, &olen1, in+ilen-16, 16);	\
-+		EVP_CIPHER_CTX_set_padding(evpctx[0], 1);		\
-+		ores = EVP_DecryptUpdate(evpctx[0], out+olen, &olen1, in+ilen-16, 16);	\
- 		assert(ores); assert(!olen1);			\
-		ores = EVP_DecryptFinal(evpctx, out+olen, &elen);		\
-+		ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen);		\
- 		if (!ores) {					\
-			memcpy(evpctx, &ctx2, sizeof(ctx2));	\
-+			EVP_CIPHER_CTX_copy(evpctx[0], ctx2);	\
- 			if (in == out)				\
- 				memcpy(out+olen, buf, 16);	\
-			ores = EVP_DecryptUpdate(evpctx, out+olen, &olen1, in+ilen-16, 16);	\
-+			ores = EVP_DecryptUpdate(evpctx[0], out+olen, &olen1, in+ilen-16, 16);	\
- 			assert(ores); assert(olen1 == 16);	\
- 			olen += olen1;				\
-			ores = EVP_DecryptFinal(evpctx, out+olen, &elen);	\
-+			ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen);	\
- 			assert(ores);				\
- 		}						\
-		memset(&ctx2, 0, sizeof(ctx2));			\
-+		EVP_CIPHER_CTX_free(ctx2);			\
- 		asm("":::"memory");				\
- 	} else {						\
-		ores = EVP_DecryptUpdate(evpctx, out, &olen, in, ilen);	\
-+		ores = EVP_DecryptUpdate(evpctx[0], out, &olen, in, ilen);	\
- 		assert(ores);					\
-		ores = EVP_DecryptFinal(evpctx, out+olen, &elen);	\
-+		ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen);	\
- 	}							\
- 	if (DOPAD && pad) {					\
- 		*flen = olen + elen;				\
- 	} else							\
- 		*flen = len;					\
- 	if (IV)							\
-		memcpy(iv, evpctx->iv, 16);			\
-+		memcpy(iv, EVP_CIPHER_CTX_iv(evpctx[0]), 16);	\
- 	if (DOPAD && pad == PAD_ASNEEDED)			\
- 		return (elen? 16-elen: 1);			\
- 	return ores - 1;					\
-@@ -140,8 +140,8 @@ int AES_OSSL_##BITCHAIN##_Decrypt(const
- 
- void AES_OSSL_Release(unsigned char *ctx, unsigned int rounds)
- {
-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;
-	EVP_CIPHER_CTX_cleanup(evpctx);
-+	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;
-+	EVP_CIPHER_CTX_cleanup(evpctx[0]);
- }
- 
- AES_OSSL_KEY_EX(128, AES_128_ROUNDS, ecb);
-@@ -180,37 +180,41 @@ AES_OSSL_CRYPT(256_CTR, 1, 0);
- 
- void AES_OSSL_Bits_EKey_ExpandX2(const EVP_CIPHER *cipher, const unsigned char* userkey, unsigned char *ctx, unsigned int bits)
- {
-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;
-	EVP_CIPHER_CTX_init(evpctx);
-	EVP_EncryptInit_ex(evpctx, cipher, NULL, userkey, NULL);
-	//EVP_CIPHER_CTX_set_padding(evpctx, 0);
-+	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;
-+	evpctx[0] = EVP_CIPHER_CTX_new();						\
-+	evpctx[1] = EVP_CIPHER_CTX_new();						\
-+	EVP_CIPHER_CTX_init(evpctx[0]);
-+	EVP_EncryptInit_ex(evpctx[0], cipher, NULL, userkey, NULL);
-+	//EVP_CIPHER_CTX_set_padding(evpctx[0], 0);
- 	hash_t hv;
- 	sha256_init(&hv);
- 	sha256_calc(userkey, bits/8, bits/8, &hv);
- 	uchar usrkey2[32];
- 	sha256_beout(usrkey2, &hv);
- 	sha256_init(&hv);
-	EVP_CIPHER_CTX_init(evpctx+1);
-	EVP_EncryptInit_ex(evpctx+1, cipher, NULL, usrkey2, NULL);
-+	EVP_CIPHER_CTX_init(evpctx[1]);
-+	EVP_EncryptInit_ex(evpctx[1], cipher, NULL, usrkey2, NULL);
- 	//EVP_CIPHER_CTX_set_padding(evpctx+1, 0);
- 	memset(usrkey2, 0, 32);
- 	asm("":::"memory");
- }
- void AES_OSSL_Bits_DKey_ExpandX2(const EVP_CIPHER *cipher, const unsigned char* userkey, unsigned char *ctx, unsigned int bits)
- {
-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;
-	EVP_CIPHER_CTX_init(evpctx);
-	EVP_DecryptInit_ex(evpctx, cipher, NULL, userkey, NULL);
-	//EVP_CIPHER_CTX_set_padding(evpctx, 0);
-+	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;
-+	evpctx[0] = EVP_CIPHER_CTX_new();						\
-+	evpctx[1] = EVP_CIPHER_CTX_new();						\
-+	EVP_CIPHER_CTX_init(evpctx[0]);
-+	EVP_DecryptInit_ex(evpctx[0], cipher, NULL, userkey, NULL);
-+	//EVP_CIPHER_CTX_set_padding(evpctx[0], 0);
- 	hash_t hv;
- 	sha256_init(&hv);
- 	sha256_calc(userkey, bits/8, bits/8, &hv);
- 	uchar usrkey2[32];
- 	sha256_beout(usrkey2, &hv);
- 	sha256_init(&hv);
-	EVP_CIPHER_CTX_init(evpctx+1);
-	EVP_DecryptInit_ex(evpctx+1, cipher, NULL, usrkey2, NULL);
-	//EVP_CIPHER_CTX_set_padding(evpctx+1, 0);
-+	EVP_CIPHER_CTX_init(evpctx[1]);
-+	EVP_DecryptInit_ex(evpctx[1], cipher, NULL, usrkey2, NULL);
-+	//EVP_CIPHER_CTX_set_padding(evpctx[1], 0);
- 	memset(usrkey2, 0, 32);
- 	asm("":::"memory");
- }
-@@ -235,40 +239,40 @@ int  AES_OSSL_##BITCHAIN##_EncryptX2(con
- 	       			ssize_t len, ssize_t *flen)				\
- {								\
- 	int olen, elen, ores;					\
-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;		\
-	EVP_EncryptInit(evpctx, NULL, NULL, NULL);		\
-	EVP_EncryptInit(evpctx+1, NULL, NULL, NULL);		\
-	EVP_CIPHER_CTX_set_padding(evpctx, pad);		\
-	EVP_CIPHER_CTX_set_padding(evpctx+1, 0);		\
-+	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;	\
-+	EVP_EncryptInit(evpctx[0], NULL, NULL, NULL);		\
-+	EVP_EncryptInit(evpctx[1], NULL, NULL, NULL);		\
-+	EVP_CIPHER_CTX_set_padding(evpctx[0], pad);		\
-+	EVP_CIPHER_CTX_set_padding(evpctx[1], 0);		\
- 	if (IV) {						\
-		memcpy(evpctx->oiv, iv, 16); memcpy(evpctx->iv, iv, 16);		\
-		memcpy((evpctx+1)->oiv, iv, 16); memcpy((evpctx+1)->iv, iv, 16);	\
-+		memcpy(EVP_CIPHER_CTX_original_iv(evpctx[0]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[0]), iv, 16);		\
-+		memcpy(EVP_CIPHER_CTX_original_iv(evpctx[1]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[1]), iv, 16);	\
- 	}							\
-        	if (!pad && (len&15)) {					\
-		ores = EVP_EncryptUpdate(evpctx, out, &olen, in, len-(len&15));		\
-+		ores = EVP_EncryptUpdate(evpctx[0], out, &olen, in, len-(len&15));		\
- 		assert(ores);					\
- 		uchar ibf[16];					\
- 		memcpy(ibf, in+olen, len&15);			\
- 		memset(ibf+(len&15), 0, 16-(len&15));		\
-		ores = EVP_EncryptUpdate(evpctx, out+olen, &elen, ibf, 16);		\
-+		ores = EVP_EncryptUpdate(evpctx[0], out+olen, &elen, ibf, 16);		\
- 		memset(ibf, 0, len&15);				\
- 		asm("":::"memory");				\
- 		assert(ores);					\
- 	} else {						\
-		ores = EVP_EncryptUpdate(evpctx, out, &olen, in, len);	\
-+		ores = EVP_EncryptUpdate(evpctx[0], out, &olen, in, len);	\
- 		assert(ores);					\
-		ores = EVP_EncryptFinal(evpctx, out+olen, &elen);	\
-+		ores = EVP_EncryptFinal(evpctx[0], out+olen, &elen);	\
- 		assert(ores);					\
- 	}							\
-	ores = EVP_EncryptUpdate(evpctx+1, out, &olen, out, olen+elen);	\
-+	ores = EVP_EncryptUpdate(evpctx[1], out, &olen, out, olen+elen);	\
- 	assert(ores);						\
-	ores = EVP_EncryptFinal(evpctx+1, out+olen, &elen);	\
-+	ores = EVP_EncryptFinal(evpctx[1], out+olen, &elen);	\
- 	assert(ores);						\
- 	*flen = olen+elen;					\
- 	if (pad == PAD_ASNEEDED && !(len&15))			\
- 		*flen -= 16;					\
- 	if (IV)							\
-		memcpy(iv, evpctx->iv, 16);			\
-+		memcpy(iv, EVP_CIPHER_CTX_iv(evpctx[0]), 16);	\
- 	return (pad == PAD_ALWAYS || (len&15))? 16-(len&15): 0;	\
- };								\
- int  AES_OSSL_##BITCHAIN##_DecryptX2(const unsigned char* ctx, unsigned int rounds,	\
-@@ -278,54 +282,52 @@ int  AES_OSSL_##BITCHAIN##_DecryptX2(con
- {								\
- 	int olen, elen, ores;					\
- 	int rlen = (len&15)? len+16-(len&15): len;		\
-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;		\
-	EVP_DecryptInit(evpctx+1, NULL, NULL, NULL);		\
-	EVP_DecryptInit(evpctx, NULL, NULL, NULL);		\
-	EVP_CIPHER_CTX_set_padding(evpctx+1, 0);		\
-	EVP_CIPHER_CTX_set_padding(evpctx, pad==PAD_ASNEEDED? 0: pad);	\
-+	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;	\
-+	EVP_CIPHER_CTX_set_padding(evpctx[1], 0);		\
-+	EVP_CIPHER_CTX_set_padding(evpctx[0], pad==PAD_ASNEEDED? 0: pad);	\
- 	if (IV) {						\
-		memcpy((evpctx+1)->oiv, iv, 16); memcpy((evpctx+1)->iv, iv, 16);	\
-		memcpy(evpctx->oiv, iv, 16); memcpy(evpctx->iv, iv, 16);		\
-+		memcpy(EVP_CIPHER_CTX_original_iv(evpctx[1]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[1]), iv, 16);	\
-+		memcpy(EVP_CIPHER_CTX_original_iv(evpctx[0]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[0]), iv, 16);	\
- 	}							\
-	ores = EVP_DecryptUpdate(evpctx+1, out, &olen, in, rlen);		\
-+	ores = EVP_DecryptUpdate(evpctx[1], out, &olen, in, rlen);		\
- 	assert(ores);						\
-	ores = EVP_DecryptFinal(evpctx+1, out+olen, &elen);	\
-+	ores = EVP_DecryptFinal(evpctx[1], out+olen, &elen);	\
- 	assert(ores);						\
- 	if (pad == PAD_ASNEEDED) {				\
- 		int ilen = olen, olen1;				\
- 		uchar buf[16];					\
-		ores = EVP_DecryptUpdate(evpctx, out, &olen, out, ilen-16);	\
-+		ores = EVP_DecryptUpdate(evpctx[0], out, &olen, out, ilen-16);	\
- 		assert(ores); assert(olen == ilen-16);		\
- 		/* Save piece that gets overwritten */		\
- 		memcpy(buf, out+olen, 16);			\
-		EVP_CIPHER_CTX ctx2;				\
-		memcpy(&ctx2, evpctx, sizeof(ctx2));		\
-		EVP_CIPHER_CTX_set_padding(evpctx, 1);		\
-		ores = EVP_DecryptUpdate(evpctx, out+olen, &olen1, out+ilen-16, 16);	\
-+		EVP_CIPHER_CTX *ctx2 = EVP_CIPHER_CTX_new();	\
-+		EVP_CIPHER_CTX_copy(ctx2, evpctx[0]);		\
-+		EVP_CIPHER_CTX_set_padding(evpctx[0], 1);	\
-+		ores = EVP_DecryptUpdate(evpctx[0], out+olen, &olen1, out+ilen-16, 16);	\
- 		assert(ores); assert(!olen1);			\
-		ores = EVP_DecryptFinal(evpctx, out+olen, &elen);		\
-+		ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen);		\
- 		if (!ores) {					\
-			memcpy(evpctx, &ctx2, sizeof(ctx2));	\
-+			EVP_CIPHER_CTX_copy(evpctx[0], ctx2);	\
- 			memcpy(out+olen, buf, 16);		\
-			ores = EVP_DecryptUpdate(evpctx, out+olen, &olen1, out+ilen-16, 16);	\
-+			ores = EVP_DecryptUpdate(evpctx[0], out+olen, &olen1, out+ilen-16, 16);	\
- 			assert(ores); assert(olen1 == 16);	\
- 			olen += olen1;				\
-			ores = EVP_DecryptFinal(evpctx, out+olen, &elen);	\
-+			ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen);	\
- 			assert(ores);				\
- 		}						\
-		memset(&ctx2, 0, sizeof(ctx2));			\
-+		EVP_CIPHER_CTX_free(ctx2);			\
- 		asm("":::"memory");				\
- 	} else {						\
-		ores = EVP_DecryptUpdate(evpctx, out, &olen, out, olen+elen);	\
-		assert(ores);						\
-		ores = EVP_DecryptFinal(evpctx, out+olen, &elen);	\
-+		ores = EVP_DecryptUpdate(evpctx[0], out, &olen, out, olen+elen);	\
-+		assert(ores);					\
-+		ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen);	\
- 	}							\
- 	if (pad)						\
- 		*flen = olen+elen;				\
- 	else							\
- 		*flen = len;					\
- 	if (IV)							\
-		memcpy(iv, evpctx->iv, 16);			\
-+		memcpy(iv, EVP_CIPHER_CTX_iv(evpctx[0]), 16);	\
- 	if (pad == PAD_ASNEEDED)				\
- 		return (elen? 16-elen: 1);			\
- 	return ores - 1;					\
-@@ -333,9 +335,10 @@ int  AES_OSSL_##BITCHAIN##_DecryptX2(con
- 
- void AES_OSSL_ReleaseX2(unsigned char *ctx, unsigned int rounds)
- {
-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;
-	EVP_CIPHER_CTX_cleanup(evpctx);
-	EVP_CIPHER_CTX_cleanup(evpctx+1);
-+	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;
-+	EVP_CIPHER_CTX_cleanup(evpctx[0]);
-+	EVP_CIPHER_CTX_cleanup(evpctx[1]);
-+	/* FIXME: free ? */
- }
- 
- AES_OSSL_KEY_EX2(128, AES_128_ROUNDS, ecb);
-@@ -365,22 +368,22 @@ AES_OSSL_CRYPT2(256_ECB, 0);
- void AES_OSSL_Blk_EncryptX2(const unsigned char *ctx, unsigned int rounds,
- 			    const unsigned char *in, unsigned char *out)			
- {
-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;
-+	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;
- 	int olen;
- 	uchar blk[16];
-	EVP_EncryptUpdate(evpctx, blk, &olen, in, 16);
-	EVP_EncryptUpdate(evpctx+1, out, &olen, blk, olen);
-+	EVP_EncryptUpdate(evpctx[0], blk, &olen, in, 16);
-+	EVP_EncryptUpdate(evpctx[1], out, &olen, blk, olen);
- 	memset(blk, 0, 16);
- 	asm("":::"memory");
- }
- void AES_OSSL_Blk_DecryptX2(const unsigned char *ctx, unsigned int rounds,
- 			    const unsigned char *in, unsigned char *out)			
- {
-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;
-+	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;
- 	int olen;
- 	uchar blk[16];
-	EVP_DecryptUpdate(evpctx+1, blk, &olen, in, 16);
-	EVP_DecryptUpdate(evpctx, out, &olen, blk, olen);
-+	EVP_DecryptUpdate(evpctx[1], blk, &olen, in, 16);
-+	EVP_DecryptUpdate(evpctx[0], out, &olen, blk, olen);
- 	memset(blk, 0, 16);
- 	asm("":::"memory");
- }
-@@ -392,11 +395,11 @@ int  AES_OSSL_##BITS##_CBC_EncryptX2(con
- 				     const unsigned char* in, unsigned char *out,	\
- 	       			     ssize_t len, ssize_t *olen)			\
- {											\
-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;					\
-	EVP_EncryptInit(evpctx, NULL, NULL, NULL);					\
-	EVP_EncryptInit(evpctx+1, NULL, NULL, NULL);					\
-	EVP_CIPHER_CTX_set_padding(evpctx, 0);						\
-	EVP_CIPHER_CTX_set_padding(evpctx+1, 0);					\
-+	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;				\
-+	EVP_EncryptInit(evpctx[0], NULL, NULL, NULL);					\
-+	EVP_EncryptInit(evpctx[1], NULL, NULL, NULL);					\
-+	EVP_CIPHER_CTX_set_padding(evpctx[0], 0);					\
-+	EVP_CIPHER_CTX_set_padding(evpctx[1], 0);					\
- 	return AES_Gen_CBC_Enc(AES_OSSL_Blk_EncryptX2, ctx, rounds, iv, pad, in, out, len, olen);	\
- };											\
- int  AES_OSSL_##BITS##_CBC_DecryptX2(const unsigned char *ctx, unsigned int rounds,	\
-@@ -404,11 +407,9 @@ int  AES_OSSL_##BITS##_CBC_DecryptX2(con
- 				     const unsigned char* in, unsigned char *out,	\
- 	       			     ssize_t len, ssize_t *olen)			\
- {											\
-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;					\
-	EVP_DecryptInit(evpctx+1, NULL, NULL, NULL);					\
-	EVP_DecryptInit(evpctx, NULL, NULL, NULL);					\
-	EVP_CIPHER_CTX_set_padding(evpctx+1, 0);					\
-	EVP_CIPHER_CTX_set_padding(evpctx, 0);						\
-+	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;				\
-+	EVP_CIPHER_CTX_set_padding(evpctx[1], 0);					\
-+	EVP_CIPHER_CTX_set_padding(evpctx[0], 0);					\
- 	return AES_Gen_CBC_Dec(AES_OSSL_Blk_DecryptX2, ctx, rounds, iv, pad, in, out, len, olen);	\
- }
- 
-@@ -424,11 +425,11 @@ int  AES_OSSL_##BITS##_CTR_CryptX2(const
- 	       			     ssize_t len, ssize_t *olen)			\
- {											\
- 	*olen = len;									\
-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;					\
-	EVP_EncryptInit(evpctx, NULL, NULL, NULL);					\
-	EVP_EncryptInit(evpctx+1, NULL, NULL, NULL);					\
-	EVP_CIPHER_CTX_set_padding(evpctx, 0);						\
-	EVP_CIPHER_CTX_set_padding(evpctx+1, 0);					\
-+	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;				\
-+	EVP_EncryptInit(evpctx[0], NULL, NULL, NULL);					\
-+	EVP_EncryptInit(evpctx[1], NULL, NULL, NULL);					\
-+	EVP_CIPHER_CTX_set_padding(evpctx[0], 0);					\
-+	EVP_CIPHER_CTX_set_padding(evpctx[1], 0);					\
- 	return AES_Gen_CTR_Crypt(AES_OSSL_Blk_EncryptX2, ctx, rounds, iv, in, out, len);\
- }
- 
-@@ -437,8 +438,8 @@ AES_OSSL_DECL_CTR_X2(192);
- AES_OSSL_DECL_CTR_X2(256);
- 
- 
-#define EVP_CTX_SZ sizeof(EVP_CIPHER_CTX)
-#define EVP_CTX_SZX2 2*sizeof(EVP_CIPHER_CTX)
-+#define EVP_CTX_SZ sizeof(EVP_CIPHER_CTX*)
-+#define EVP_CTX_SZX2 2*sizeof(EVP_CIPHER_CTX*)
- 
- ciph_desc_t AES_OSSL_Methods[] = {
- 				 {"AES128-ECB"  , 128, 10, 16, EVP_CTX_SZ, &aes_stream_ecb,
--- a/dd_rescue.changes
+++ b/dd_rescue.changes
@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Sun Dec  3 22:11:29 CET 2017 - kurt@garloff.de
+
+- Update to 1.99.8:
+  * Support openssl-1.1 (patch from Marcus Meissner)
+  * cryptalgo->recycle to reuse crypto context (neeeded for openssl)
+  * Fix memleak in test_aes
+  * Use test_aes in check target to ensure all algorithms work
+  * Use std probe mech in test_aes, so we don't fail with SIGILL
+  * Fix build without openssl
+
 -------------------------------------------------------------------
 Wed Nov 29 17:25:01 UTC 2017 - meissner@suse.com

--- a/dd_rescue.spec
+++ b/dd_rescue.spec
@ -17,7 +17,7 @@


 Name:           dd_rescue
-Version:        1.99.7
+Version:        1.99.8
 Release:        0
 Summary:        Data copying in the presence of I/O Errors
 License:        GPL-2.0 or GPL-3.0
@ -27,14 +27,15 @@ Source0:        http://garloff.de/kurt/linux/ddrescue/%{name}-%{version}.tar.bz2
 Source1:        http://garloff.de/kurt/linux/ddrescue/%{name}-%{version}.tar.bz2.asc
 Source2:        %{name}.keyring
 Source99:       %{name}.changes
-Patch0:         dd_rescue-openssl11.patch
 BuildRequires:  autoconf
 BuildRequires:  libattr-devel
 %if 0%{?is_opensuse}
 BuildRequires:  libfallocate-devel
 %endif
 BuildRequires:  lzo-devel
+%if 0%{?suse_version} >= 1200
 BuildRequires:  lzop
+%endif
 BuildRequires:  pkgconfig
 BuildRequires:  python
 Requires:       bc
@ -46,7 +47,8 @@ Recommends:     libfallocate0
 Provides:       ddrescue = %{version}
 Obsoletes:      ddrescue < %{version}
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
-BuildRequires:  pkgconfig(libcrypto)
+#BuildRequires:  pkgconfig(libcrypto)
+BuildRequires:	libopenssl-devel

 %description
 dd_rescue helps when nothing else can: your disk has crashed and you
@ -111,9 +113,6 @@ data to the decompressor; the plugin is still young and might expose bugs.

 %prep
 %setup -q
-if pkg-config --atleast-version=1.1.0 libssl; then
-%patch0 -p1
-fi

 # Remove build time references so build-compare can do its work
 FAKE_BUILDTIME=$(LC_ALL=C date -u -r %{SOURCE99} '+%%H:%%M')