forked from pool/julia
352 lines
15 KiB
Diff
352 lines
15 KiB
Diff
Index: julia-1.6.2/deps/mbedtls.mk
|
|
===================================================================
|
|
--- julia-1.6.2.orig/deps/mbedtls.mk
|
|
+++ julia-1.6.2/deps/mbedtls.mk
|
|
@@ -5,7 +5,9 @@ MBEDTLS_SRC = mbedtls-$(MBEDTLS_VER)
|
|
MBEDTLS_URL = https://github.com/ARMmbed/mbedtls/archive/v$(MBEDTLS_VER).tar.gz
|
|
|
|
MBEDTLS_OPTS := $(CMAKE_COMMON) -DUSE_SHARED_MBEDTLS_LIBRARY=ON \
|
|
- -DUSE_STATIC_MBEDTLS_LIBRARY=OFF -DENABLE_PROGRAMS=OFF -DCMAKE_BUILD_TYPE=Release
|
|
+ -DUSE_STATIC_MBEDTLS_LIBRARY=OFF -DENABLE_PROGRAMS=OFF -DCMAKE_BUILD_TYPE=Release \
|
|
+ -DCMAKE_C_FLAGS="${CMAKE_C_FLAGS} -Wno-stringop-overflow -Wno-maybe-uninitialized" \
|
|
+ -DCMAKE_CXX_FLAGS="${CMAKE_CXX_FLAGS} -Wno-stringop-overflow -Wno-maybe-uninitialized"
|
|
|
|
MBEDTLS_OPTS += -DENABLE_ZLIB_SUPPORT=OFF
|
|
ifeq ($(BUILD_OS),WINNT)
|
|
@@ -36,7 +38,8 @@ $(SRCCACHE)/$(MBEDTLS_SRC)/mbedtls-cmake
|
|
# This patch merged upstream shortly after MBedTLS's 2.25.0 minor release, so chances
|
|
# are it will be included at least in their next minor release (2.26.0?).
|
|
cd $(SRCCACHE)/$(MBEDTLS_SRC) && \
|
|
- patch -p1 -f < $(SRCDIR)/patches/mbedtls-cmake-findpy.patch
|
|
+ patch -p1 -f < $(SRCDIR)/patches/mbedtls-cmake-findpy.patch && \
|
|
+ patch -p1 -f < $(SRCDIR)/patches/mbedtls-fix-build-failure-on-gcc-11.patch
|
|
echo 1 > $@
|
|
|
|
$(BUILDDIR)/$(MBEDTLS_SRC)/build-configured: \
|
|
Index: julia-1.6.2/deps/patches/mbedtls-fix-build-failure-on-gcc-11.patch
|
|
===================================================================
|
|
--- /dev/null
|
|
+++ julia-1.6.2/deps/patches/mbedtls-fix-build-failure-on-gcc-11.patch
|
|
@@ -0,0 +1,321 @@
|
|
+From 2630f6720df59a2084220b1c06f4730a0a330ea0 Mon Sep 17 00:00:00 2001
|
|
+From: Rodrigo Dias Correa <rodrigo@correas.us>
|
|
+Date: Wed, 4 Nov 2020 01:55:38 -0300
|
|
+Subject: [PATCH 1/7] Fix build failure on gcc-11
|
|
+
|
|
+Function prototypes changed to use array parameters instead of
|
|
+pointers.
|
|
+
|
|
+Signed-off-by: Rodrigo Dias Correa <rodrigo@correas.us>
|
|
+---
|
|
+ library/ssl_tls.c | 6 +++---
|
|
+ 1 file changed, 3 insertions(+), 3 deletions(-)
|
|
+
|
|
+diff --git a/library/ssl_tls.c b/library/ssl_tls.c
|
|
+index 041578e68f7..ec890d7dcdc 100644
|
|
+--- a/library/ssl_tls.c
|
|
++++ b/library/ssl_tls.c
|
|
+@@ -680,20 +680,20 @@ static void ssl_calc_finished_ssl( mbedtls_ssl_context *, unsigned char *, int )
|
|
+ #endif
|
|
+
|
|
+ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
|
|
+-static void ssl_calc_verify_tls( const mbedtls_ssl_context *, unsigned char *, size_t * );
|
|
++static void ssl_calc_verify_tls( const mbedtls_ssl_context *, unsigned char [36], size_t * );
|
|
+ static void ssl_calc_finished_tls( mbedtls_ssl_context *, unsigned char *, int );
|
|
+ #endif
|
|
+
|
|
+ #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
|
+ #if defined(MBEDTLS_SHA256_C)
|
|
+ static void ssl_update_checksum_sha256( mbedtls_ssl_context *, const unsigned char *, size_t );
|
|
+-static void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *,unsigned char *, size_t * );
|
|
++static void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *,unsigned char [32], size_t * );
|
|
+ static void ssl_calc_finished_tls_sha256( mbedtls_ssl_context *,unsigned char *, int );
|
|
+ #endif
|
|
+
|
|
+ #if defined(MBEDTLS_SHA512_C)
|
|
+ static void ssl_update_checksum_sha384( mbedtls_ssl_context *, const unsigned char *, size_t );
|
|
+-static void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *, unsigned char *, size_t * );
|
|
++static void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *, unsigned char [48], size_t * );
|
|
+ static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *, int );
|
|
+ #endif
|
|
+ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
|
+
|
|
+From 2c424570e2a85e21273313808e8c5efcf1cfc9d7 Mon Sep 17 00:00:00 2001
|
|
+From: Rodrigo Dias Correa <rodrigo@correas.us>
|
|
+Date: Tue, 10 Nov 2020 01:38:00 -0300
|
|
+Subject: [PATCH 2/7] Fix mismatched function parameters (prototype/definition)
|
|
+
|
|
+In GCC 11, parameters declared as arrays in function prototypes
|
|
+cannot be declared as pointers in the function definition. The
|
|
+same is true for the other way around.
|
|
+
|
|
+The definition of `mbedtls_aes_cmac_prf_128` was changed to match
|
|
+its public prototype in `cmac.h`. The type `output` was
|
|
+`unsigned char *`, now is `unsigned char [16]`.
|
|
+
|
|
+In `ssl_tls.c`, all the `ssl_calc_verify_*` variants now use pointers
|
|
+for the output `hash` parameter. The array parameters were removed
|
|
+because those functions must be compatible with the function pointer
|
|
+`calc_verify` (defined in `ssl_internal.h`).
|
|
+
|
|
+Signed-off-by: Rodrigo Dias Correa <rodrigo@correas.us>
|
|
+---
|
|
+ library/cmac.c | 2 +-
|
|
+ library/ssl_tls.c | 14 +++++++-------
|
|
+ 2 files changed, 8 insertions(+), 8 deletions(-)
|
|
+
|
|
+diff --git a/library/cmac.c b/library/cmac.c
|
|
+index 816bf13da38..59ece155eeb 100644
|
|
+--- a/library/cmac.c
|
|
++++ b/library/cmac.c
|
|
+@@ -420,7 +420,7 @@ int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
|
|
+ */
|
|
+ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_length,
|
|
+ const unsigned char *input, size_t in_len,
|
|
+- unsigned char *output )
|
|
++ unsigned char output[16] )
|
|
+ {
|
|
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
|
+ const mbedtls_cipher_info_t *cipher_info;
|
|
+diff --git a/library/ssl_tls.c b/library/ssl_tls.c
|
|
+index ec890d7dcdc..9d4c4622894 100644
|
|
+--- a/library/ssl_tls.c
|
|
++++ b/library/ssl_tls.c
|
|
+@@ -680,20 +680,20 @@ static void ssl_calc_finished_ssl( mbedtls_ssl_context *, unsigned char *, int )
|
|
+ #endif
|
|
+
|
|
+ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
|
|
+-static void ssl_calc_verify_tls( const mbedtls_ssl_context *, unsigned char [36], size_t * );
|
|
++static void ssl_calc_verify_tls( const mbedtls_ssl_context *, unsigned char*, size_t * );
|
|
+ static void ssl_calc_finished_tls( mbedtls_ssl_context *, unsigned char *, int );
|
|
+ #endif
|
|
+
|
|
+ #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
|
+ #if defined(MBEDTLS_SHA256_C)
|
|
+ static void ssl_update_checksum_sha256( mbedtls_ssl_context *, const unsigned char *, size_t );
|
|
+-static void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *,unsigned char [32], size_t * );
|
|
++static void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *,unsigned char*, size_t * );
|
|
+ static void ssl_calc_finished_tls_sha256( mbedtls_ssl_context *,unsigned char *, int );
|
|
+ #endif
|
|
+
|
|
+ #if defined(MBEDTLS_SHA512_C)
|
|
+ static void ssl_update_checksum_sha384( mbedtls_ssl_context *, const unsigned char *, size_t );
|
|
+-static void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *, unsigned char [48], size_t * );
|
|
++static void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *, unsigned char*, size_t * );
|
|
+ static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *, int );
|
|
+ #endif
|
|
+ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
|
+@@ -1667,7 +1667,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
|
|
+
|
|
+ #if defined(MBEDTLS_SSL_PROTO_SSL3)
|
|
+ void ssl_calc_verify_ssl( const mbedtls_ssl_context *ssl,
|
|
+- unsigned char hash[36],
|
|
++ unsigned char *hash,
|
|
+ size_t *hlen )
|
|
+ {
|
|
+ mbedtls_md5_context md5;
|
|
+@@ -1720,7 +1720,7 @@ void ssl_calc_verify_ssl( const mbedtls_ssl_context *ssl,
|
|
+
|
|
+ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
|
|
+ void ssl_calc_verify_tls( const mbedtls_ssl_context *ssl,
|
|
+- unsigned char hash[36],
|
|
++ unsigned char *hash,
|
|
+ size_t *hlen )
|
|
+ {
|
|
+ mbedtls_md5_context md5;
|
|
+@@ -1752,7 +1752,7 @@ void ssl_calc_verify_tls( const mbedtls_ssl_context *ssl,
|
|
+ #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
|
+ #if defined(MBEDTLS_SHA256_C)
|
|
+ void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *ssl,
|
|
+- unsigned char hash[32],
|
|
++ unsigned char *hash,
|
|
+ size_t *hlen )
|
|
+ {
|
|
+ #if defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
+@@ -1801,7 +1801,7 @@ void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *ssl,
|
|
+
|
|
+ #if defined(MBEDTLS_SHA512_C)
|
|
+ void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *ssl,
|
|
+- unsigned char hash[48],
|
|
++ unsigned char *hash,
|
|
+ size_t *hlen )
|
|
+ {
|
|
+ #if defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
+
|
|
+From 80448aae2c93b7bfe73a05410196e237ef2dd8e1 Mon Sep 17 00:00:00 2001
|
|
+From: Rodrigo Dias Correa <rodrigo@correas.us>
|
|
+Date: Tue, 10 Nov 2020 02:28:50 -0300
|
|
+Subject: [PATCH 3/7] Fix GCC warning about `test_snprintf`
|
|
+
|
|
+GCC 11 generated the warnings because the parameter `ret_buf`
|
|
+was declared as `const char[10]`, but some of the arguments
|
|
+provided in `run_test_snprintf` are shorter literals, like "".
|
|
+
|
|
+Now the type of `ret_buf` is `const char *`.
|
|
+Both implementations of `test_snprintf` were fixed.
|
|
+
|
|
+Signed-off-by: Rodrigo Dias Correa <rodrigo@correas.us>
|
|
+---
|
|
+ programs/test/selftest.c | 2 +-
|
|
+ tests/suites/host_test.function | 2 +-
|
|
+ 2 files changed, 2 insertions(+), 2 deletions(-)
|
|
+
|
|
+diff --git a/programs/test/selftest.c b/programs/test/selftest.c
|
|
+index 2aa379b1cf3..41d704073bc 100644
|
|
+--- a/programs/test/selftest.c
|
|
++++ b/programs/test/selftest.c
|
|
+@@ -158,7 +158,7 @@ static int calloc_self_test( int verbose )
|
|
+ }
|
|
+ #endif /* MBEDTLS_SELF_TEST */
|
|
+
|
|
+-static int test_snprintf( size_t n, const char ref_buf[10], int ref_ret )
|
|
++static int test_snprintf( size_t n, const char *ref_buf, int ref_ret )
|
|
+ {
|
|
+ int ret;
|
|
+ char buf[10] = "xxxxxxxxx";
|
|
+diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function
|
|
+index db53e9784a7..872a3a43ac4 100644
|
|
+--- a/tests/suites/host_test.function
|
|
++++ b/tests/suites/host_test.function
|
|
+@@ -335,7 +335,7 @@ static int convert_params( size_t cnt , char ** params , int * int_params_store
|
|
+ #if defined(__GNUC__)
|
|
+ __attribute__((__noinline__))
|
|
+ #endif
|
|
+-static int test_snprintf( size_t n, const char ref_buf[10], int ref_ret )
|
|
++static int test_snprintf( size_t n, const char *ref_buf, int ref_ret )
|
|
+ {
|
|
+ int ret;
|
|
+ char buf[10] = "xxxxxxxxx";
|
|
+
|
|
+From eb5d014d8ec82cfebfdd008d890d0e1a114c2abc Mon Sep 17 00:00:00 2001
|
|
+From: Rodrigo Dias Correa <rodrigo@correas.us>
|
|
+Date: Tue, 10 Nov 2020 02:51:51 -0300
|
|
+Subject: [PATCH 4/7] Fix GCC warning in `ssl_calc_finished_tls_sha384`
|
|
+
|
|
+GCC 11 generated a warning because `padbuf` was too small to be
|
|
+used as an argument for `mbedtls_sha512_finish_ret`. The `output`
|
|
+parameter of `mbedtls_sha512_finish_ret` has the type
|
|
+`unsigned char[64]`, but `padbuf` was only 48 bytes long.
|
|
+
|
|
+Even though `ssl_calc_finished_tls_sha384` uses only 48 bytes for
|
|
+the hash output, the size of `padbuf` was increased to 64 bytes.
|
|
+
|
|
+Signed-off-by: Rodrigo Dias Correa <rodrigo@correas.us>
|
|
+---
|
|
+ library/ssl_tls.c | 2 +-
|
|
+ 1 file changed, 1 insertion(+), 1 deletion(-)
|
|
+
|
|
+diff --git a/library/ssl_tls.c b/library/ssl_tls.c
|
|
+index 9d4c4622894..c69de3f1dcb 100644
|
|
+--- a/library/ssl_tls.c
|
|
++++ b/library/ssl_tls.c
|
|
+@@ -3202,7 +3202,7 @@ static void ssl_calc_finished_tls_sha384(
|
|
+ {
|
|
+ int len = 12;
|
|
+ const char *sender;
|
|
+- unsigned char padbuf[48];
|
|
++ unsigned char padbuf[64];
|
|
+ #if defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
+ size_t hash_size;
|
|
+ psa_hash_operation_t sha384_psa = PSA_HASH_OPERATION_INIT;
|
|
+
|
|
+From 683028a2f721980fa541e49a42cfdce3cc3f1c1d Mon Sep 17 00:00:00 2001
|
|
+From: Rodrigo Dias Correa <rodrigo@correas.us>
|
|
+Date: Tue, 10 Nov 2020 03:17:36 -0300
|
|
+Subject: [PATCH 5/7] Add changelog entry file to `ChangeLog.d`
|
|
+
|
|
+Signed-off-by: Rodrigo Dias Correa <rodrigo@correas.us>
|
|
+---
|
|
+ ChangeLog.d/bugfix_3782.txt | 2 ++
|
|
+ 1 file changed, 2 insertions(+)
|
|
+ create mode 100644 ChangeLog.d/bugfix_3782.txt
|
|
+
|
|
+diff --git a/ChangeLog.d/bugfix_3782.txt b/ChangeLog.d/bugfix_3782.txt
|
|
+new file mode 100644
|
|
+index 00000000000..25e18cb1821
|
|
+--- /dev/null
|
|
++++ b/ChangeLog.d/bugfix_3782.txt
|
|
+@@ -0,0 +1,2 @@
|
|
++Bugfix
|
|
++ * Fix build failures on GCC 11. Fixes #3782.
|
|
+
|
|
+From d596ca8a1e34b6ef2fda293250829d014e5d33af Mon Sep 17 00:00:00 2001
|
|
+From: Rodrigo Dias Correa <rodrigo@correas.us>
|
|
+Date: Wed, 25 Nov 2020 00:42:28 -0300
|
|
+Subject: [PATCH 6/7] Fix GCC warning in `ssl_calc_finished_tls_sha384`
|
|
+
|
|
+This commit fixes the same warning fixed by baeedbf9, but without
|
|
+wasting RAM. By casting `mbedtls_sha512_finish_ret()`, `padbuf`
|
|
+could be kept 48 bytes long without triggering any warnings.
|
|
+
|
|
+Signed-off-by: Rodrigo Dias Correa <rodrigo@correas.us>
|
|
+---
|
|
+ library/ssl_tls.c | 13 +++++++++++--
|
|
+ 1 file changed, 11 insertions(+), 2 deletions(-)
|
|
+
|
|
+diff --git a/library/ssl_tls.c b/library/ssl_tls.c
|
|
+index c69de3f1dcb..79348bd8dd0 100644
|
|
+--- a/library/ssl_tls.c
|
|
++++ b/library/ssl_tls.c
|
|
+@@ -3197,12 +3197,15 @@ static void ssl_calc_finished_tls_sha256(
|
|
+ #endif /* MBEDTLS_SHA256_C */
|
|
+
|
|
+ #if defined(MBEDTLS_SHA512_C)
|
|
++
|
|
++typedef int (*finish_sha384_t)(mbedtls_sha512_context*, unsigned char[48]);
|
|
++
|
|
+ static void ssl_calc_finished_tls_sha384(
|
|
+ mbedtls_ssl_context *ssl, unsigned char *buf, int from )
|
|
+ {
|
|
+ int len = 12;
|
|
+ const char *sender;
|
|
+- unsigned char padbuf[64];
|
|
++ unsigned char padbuf[48];
|
|
+ #if defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
+ size_t hash_size;
|
|
+ psa_hash_operation_t sha384_psa = PSA_HASH_OPERATION_INIT;
|
|
+@@ -3255,8 +3258,14 @@ static void ssl_calc_finished_tls_sha384(
|
|
+ MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha512 state", (unsigned char *)
|
|
+ sha512.state, sizeof( sha512.state ) );
|
|
+ #endif
|
|
++ /*
|
|
++ * For SHA-384, we can save 16 bytes by keeping padbuf 48 bytes long.
|
|
++ * However, to avoid stringop-overflow warning in gcc, we have to cast
|
|
++ * mbedtls_sha512_finish_ret().
|
|
++ */
|
|
++ finish_sha384_t finish = (finish_sha384_t)mbedtls_sha512_finish_ret;
|
|
++ finish( &sha512, padbuf );
|
|
+
|
|
+- mbedtls_sha512_finish_ret( &sha512, padbuf );
|
|
+ mbedtls_sha512_free( &sha512 );
|
|
+ #endif
|
|
+
|
|
+
|
|
+From f06a6144e23a1a8dcc3dd749b993ad88a96063fb Mon Sep 17 00:00:00 2001
|
|
+From: Rodrigo Dias Correa <rodrigo@correas.us>
|
|
+Date: Wed, 25 Nov 2020 07:30:26 -0300
|
|
+Subject: [PATCH 7/7] Change function casting in `ssl_calc_finished_tls_sha384`
|
|
+
|
|
+`finish_sha384_t` was made more generic by using `unsigned char*`
|
|
+instead of `unsigned char[48]` as the second parameter.
|
|
+This change tries to make the function casting more robust against
|
|
+future improvements of gcc analysis.
|
|
+
|
|
+Signed-off-by: Rodrigo Dias Correa <rodrigo@correas.us>
|
|
+---
|
|
+ library/ssl_tls.c | 2 +-
|
|
+ 1 file changed, 1 insertion(+), 1 deletion(-)
|
|
+
|
|
+diff --git a/library/ssl_tls.c b/library/ssl_tls.c
|
|
+index 79348bd8dd0..a1a5859f056 100644
|
|
+--- a/library/ssl_tls.c
|
|
++++ b/library/ssl_tls.c
|
|
+@@ -3198,7 +3198,7 @@ static void ssl_calc_finished_tls_sha256(
|
|
+
|
|
+ #if defined(MBEDTLS_SHA512_C)
|
|
+
|
|
+-typedef int (*finish_sha384_t)(mbedtls_sha512_context*, unsigned char[48]);
|
|
++typedef int (*finish_sha384_t)(mbedtls_sha512_context*, unsigned char*);
|
|
+
|
|
+ static void ssl_calc_finished_tls_sha384(
|
|
+ mbedtls_ssl_context *ssl, unsigned char *buf, int from )
|