From c4251c714a2fa6263e77103561b3dc4f6f5fed40 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= Date: Mon, 21 Oct 2013 01:48:05 -0300 Subject: [PATCH] libcrypto: Hide library-private symbols --- apps/Makefile | 2 +- crypto/asn1/asn1_locl.h | 4 ++++ crypto/bn/bn_lcl.h | 4 ++++ crypto/camellia/cmll_locl.h | 3 +++ crypto/cast/cast_lcl.h | 2 ++ crypto/cms/cms_lcl.h | 5 ++++- crypto/des/des_locl.h | 2 ++ crypto/dsa/dsa_locl.h | 2 +- crypto/ec/ec_lcl.h | 4 ++++ crypto/ecdh/ech_locl.h | 4 +++- crypto/ecdsa/ecs_locl.h | 4 ++++ crypto/engine/eng_int.h | 4 +++- crypto/engine/eng_rsax.c | 2 +- crypto/evp/e_aes.c | 10 ++++++++++ crypto/evp/e_aes_cbc_hmac_sha1.c | 4 ++++ crypto/evp/evp_locl.h | 4 ++++ crypto/md4/md4_locl.h | 2 +- crypto/md5/md5_locl.h | 2 +- crypto/modes/modes_lcl.h | 4 +++- crypto/o_str.h | 4 ++++ crypto/o_time.h | 4 ++++ crypto/ripemd/rmd_locl.h | 2 +- crypto/rsa/rsa_locl.h | 2 +- crypto/sha/sha256.c | 2 +- crypto/sha/sha512.c | 2 +- crypto/sha/sha_locl.h | 2 +- crypto/store/str_locl.h | 4 +++- crypto/ui/ui_locl.h | 4 +++- crypto/whrlpool/wp_locl.h | 2 +- crypto/x509v3/ext_dat.h | 3 +++ crypto/x509v3/pcy_int.h | 3 +++ 31 files changed, 85 insertions(+), 17 deletions(-) Index: openssl-1.0.2b/apps/Makefile =================================================================== --- openssl-1.0.2b.orig/apps/Makefile 2015-06-11 15:55:38.000000000 +0200 +++ openssl-1.0.2b/apps/Makefile 2015-06-11 17:50:03.669860202 +0200 @@ -20,7 +20,7 @@ EXE_EXT= SHLIB_TARGET= -CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG) +CFLAGS= -fvisibility=hidden -DMONOLITH $(INCLUDES) $(CFLAG) GENERAL=Makefile makeapps.com install.com Index: openssl-1.0.2b/crypto/asn1/asn1_locl.h =================================================================== --- openssl-1.0.2b.orig/crypto/asn1/asn1_locl.h 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/asn1/asn1_locl.h 2015-06-11 17:50:03.670860215 +0200 @@ -62,6 +62,8 @@ int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d); int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d); +#pragma GCC visibility push(hidden) + /* ASN1 print context structure */ struct asn1_pctx_st { @@ -133,3 +135,5 @@ struct x509_crl_method_st { ASN1_INTEGER *ser, X509_NAME *issuer); int (*crl_verify) (X509_CRL *crl, EVP_PKEY *pk); }; + +#pragma GCC visibility pop Index: openssl-1.0.2b/crypto/bn/bn_lcl.h =================================================================== --- openssl-1.0.2b.orig/crypto/bn/bn_lcl.h 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/bn/bn_lcl.h 2015-06-11 17:50:03.670860215 +0200 @@ -505,6 +505,8 @@ unsigned __int64 _umul128(unsigned __int # undef bn_div_words # endif +#pragma GCC visibility push(hidden) + void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb); void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b); void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b); @@ -530,6 +532,8 @@ BN_ULONG bn_sub_part_words(BN_ULONG *r, int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num); +#pragma GCC visibility pop + #ifdef __cplusplus } #endif Index: openssl-1.0.2b/crypto/cast/cast_lcl.h =================================================================== --- openssl-1.0.2b.orig/crypto/cast/cast_lcl.h 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/cast/cast_lcl.h 2015-06-11 17:50:03.670860215 +0200 @@ -217,6 +217,7 @@ } #endif +#pragma GCC visibility push(hidden) extern const CAST_LONG CAST_S_table0[256]; extern const CAST_LONG CAST_S_table1[256]; extern const CAST_LONG CAST_S_table2[256]; @@ -225,3 +226,4 @@ extern const CAST_LONG CAST_S_table4[256 extern const CAST_LONG CAST_S_table5[256]; extern const CAST_LONG CAST_S_table6[256]; extern const CAST_LONG CAST_S_table7[256]; +#pragma GCC visibility pop Index: openssl-1.0.2b/crypto/cms/cms_lcl.h =================================================================== --- openssl-1.0.2b.orig/crypto/cms/cms_lcl.h 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/cms/cms_lcl.h 2015-06-11 17:50:03.670860215 +0200 @@ -410,6 +410,8 @@ DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerA # define CMS_OIK_KEYIDENTIFIER 1 # define CMS_OIK_PUBKEY 2 +#pragma GCC visibility push(hidden) + BIO *cms_content_bio(CMS_ContentInfo *cms); CMS_ContentInfo *cms_Data_create(void); @@ -465,6 +467,8 @@ int cms_RecipientInfo_kari_encrypt(CMS_C int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, int en_de); +#pragma GCC visibility pop + #ifdef __cplusplus } #endif Index: openssl-1.0.2b/crypto/des/des_locl.h =================================================================== --- openssl-1.0.2b.orig/crypto/des/des_locl.h 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/des/des_locl.h 2015-06-11 17:50:03.670860215 +0200 @@ -432,10 +432,12 @@ PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \ } +#pragma GCC visibility push(hidden) extern const DES_LONG DES_SPtrans[8][64]; void fcrypt_body(DES_LONG *out, DES_key_schedule *ks, DES_LONG Eswap0, DES_LONG Eswap1); +#pragma GCC visibility pop # ifdef OPENSSL_SMALL_FOOTPRINT # undef DES_UNROLL Index: openssl-1.0.2b/crypto/dsa/dsa_locl.h =================================================================== --- openssl-1.0.2b.orig/crypto/dsa/dsa_locl.h 2015-06-11 17:41:59.488534507 +0200 +++ openssl-1.0.2b/crypto/dsa/dsa_locl.h 2015-06-11 17:50:03.670860215 +0200 @@ -58,7 +58,7 @@ int dsa_builtin_paramgen(DSA *ret, size_ const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len, int *counter_ret, unsigned long *h_ret, - BN_GENCB *cb); + BN_GENCB *cb) __attribute__ ((visibility ("hidden"))); int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, const EVP_MD *evpmd, const unsigned char *seed_in, Index: openssl-1.0.2b/crypto/ec/ec_lcl.h =================================================================== --- openssl-1.0.2b.orig/crypto/ec/ec_lcl.h 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/ec/ec_lcl.h 2015-06-11 17:50:03.671860227 +0200 @@ -89,6 +89,8 @@ * change in future versions. */ +#pragma GCC visibility push(hidden) + struct ec_method_st { /* Various method flags */ int flags; @@ -566,3 +568,5 @@ EC_GROUP *FIPS_ec_group_new_curve_gf2m(c const BIGNUM *b, BN_CTX *ctx); EC_GROUP *FIPS_ec_group_new_by_curve_name(int nid); #endif + +#pragma GCC visibility pop Index: openssl-1.0.2b/crypto/ecdh/ech_locl.h =================================================================== --- openssl-1.0.2b.orig/crypto/ecdh/ech_locl.h 2015-06-11 15:01:06.000000000 +0200 +++ openssl-1.0.2b/crypto/ecdh/ech_locl.h 2015-06-11 17:50:03.671860227 +0200 @@ -58,6 +58,8 @@ # include +#pragma GCC visibility push(hidden) + #ifdef __cplusplus extern "C" { #endif @@ -101,4 +103,5 @@ ECDH_DATA *ecdh_check(EC_KEY *); } #endif +#pragma GCC visibility pop #endif /* HEADER_ECH_LOCL_H */ Index: openssl-1.0.2b/crypto/ecdsa/ecs_locl.h =================================================================== --- openssl-1.0.2b.orig/crypto/ecdsa/ecs_locl.h 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/ecdsa/ecs_locl.h 2015-06-11 17:50:03.671860227 +0200 @@ -61,6 +61,8 @@ # include +#pragma GCC visibility push(hidden) + #ifdef __cplusplus extern "C" { #endif @@ -117,4 +119,5 @@ ECDSA_DATA *ecdsa_check(EC_KEY *eckey); } #endif +#pragma GCC visibility pop #endif /* HEADER_ECS_LOCL_H */ Index: openssl-1.0.2b/crypto/engine/eng_int.h =================================================================== --- openssl-1.0.2b.orig/crypto/engine/eng_int.h 2015-06-11 15:01:06.000000000 +0200 +++ openssl-1.0.2b/crypto/engine/eng_int.h 2015-06-11 17:50:03.671860227 +0200 @@ -69,6 +69,8 @@ /* Take public definitions from engine.h */ # include +#pragma GCC visibility push(hidden) + #ifdef __cplusplus extern "C" { #endif @@ -221,4 +223,5 @@ struct engine_st { } #endif +#pragma GCC visibility pop #endif /* HEADER_ENGINE_INT_H */ Index: openssl-1.0.2b/crypto/evp/e_aes.c =================================================================== --- openssl-1.0.2b.orig/crypto/evp/e_aes.c 2015-06-11 17:41:59.490534533 +0200 +++ openssl-1.0.2b/crypto/evp/e_aes.c 2015-06-11 17:50:03.671860227 +0200 @@ -116,6 +116,8 @@ typedef struct { # define MAXBITCHUNK ((size_t)1<<(sizeof(size_t)*8-4)) +#pragma GCC visibility push(hidden) + # ifdef VPAES_ASM int vpaes_set_encrypt_key(const unsigned char *userKey, int bits, AES_KEY *key); @@ -146,6 +148,7 @@ void bsaes_xts_decrypt(const unsigned ch size_t len, const AES_KEY *key1, const AES_KEY *key2, const unsigned char iv[16]); # endif +#pragma GCC visibility pop # ifdef AES_CTR_ASM void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out, size_t blocks, const AES_KEY *key, @@ -194,6 +197,8 @@ extern unsigned int OPENSSL_ia32cap_P[]; */ # define AESNI_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(57-32))) +#pragma GCC visibility push(hidden) + int aesni_set_encrypt_key(const unsigned char *userKey, int bits, AES_KEY *key); int aesni_set_decrypt_key(const unsigned char *userKey, int bits, @@ -263,6 +268,8 @@ void gcm_ghash_avx(u64 Xi[2], const u128 # undef AES_GCM_ASM2 /* minor size optimization */ # endif +#pragma GCC visibility pop + static int aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { Index: openssl-1.0.2b/crypto/evp/e_aes_cbc_hmac_sha1.c =================================================================== --- openssl-1.0.2b.orig/crypto/evp/e_aes_cbc_hmac_sha1.c 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/evp/e_aes_cbc_hmac_sha1.c 2015-06-11 17:50:03.672860241 +0200 @@ -97,6 +97,8 @@ typedef struct { extern unsigned int OPENSSL_ia32cap_P[]; # define AESNI_CAPABLE (1<<(57-32)) +#pragma GCC visibility push(hidden) + int aesni_set_encrypt_key(const unsigned char *userKey, int bits, AES_KEY *key); int aesni_set_decrypt_key(const unsigned char *userKey, int bits, @@ -115,6 +117,8 @@ void aesni256_cbc_sha1_dec(const void *i const AES_KEY *key, unsigned char iv[16], SHA_CTX *ctx, const void *in0); +#pragma GCC visibility pop + # define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data) static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, Index: openssl-1.0.2b/crypto/evp/evp_locl.h =================================================================== --- openssl-1.0.2b.orig/crypto/evp/evp_locl.h 2015-06-11 17:41:59.492534560 +0200 +++ openssl-1.0.2b/crypto/evp/evp_locl.h 2015-06-11 17:50:03.672860241 +0200 @@ -261,6 +261,8 @@ const EVP_CIPHER *EVP_##cname##_ecb(void EVP_CIPH_FLAG_DEFAULT_ASN1, \ cipher##_init_key, NULL, NULL, NULL, NULL) +#pragma GCC visibility push(hidden) + struct evp_pkey_ctx_st { /* Method associated with this operation */ const EVP_PKEY_METHOD *pmeth; @@ -334,6 +336,8 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_ const EVP_MD *evp_get_fips_md(const EVP_MD *md); const EVP_CIPHER *evp_get_fips_cipher(const EVP_CIPHER *cipher); +#pragma GCC visibility pop + #ifdef OPENSSL_FIPS # ifdef OPENSSL_DOING_MAKEDEPEND Index: openssl-1.0.2b/crypto/md4/md4_locl.h =================================================================== --- openssl-1.0.2b.orig/crypto/md4/md4_locl.h 2015-06-11 15:01:06.000000000 +0200 +++ openssl-1.0.2b/crypto/md4/md4_locl.h 2015-06-11 17:50:03.672860241 +0200 @@ -65,7 +65,7 @@ # define MD4_LONG_LOG2 2 /* default to 32 bits */ #endif -void md4_block_data_order(MD4_CTX *c, const void *p, size_t num); +void md4_block_data_order(MD4_CTX *c, const void *p, size_t num) __attribute__ ((visibility ("hidden"))); #define DATA_ORDER_IS_LITTLE_ENDIAN Index: openssl-1.0.2b/crypto/md5/md5_locl.h =================================================================== --- openssl-1.0.2b.orig/crypto/md5/md5_locl.h 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/md5/md5_locl.h 2015-06-11 17:50:03.672860241 +0200 @@ -76,7 +76,7 @@ # endif #endif -void md5_block_data_order(MD5_CTX *c, const void *p, size_t num); +void md5_block_data_order(MD5_CTX *c, const void *p, size_t num) __attribute__ ((visibility ("hidden"))); #define DATA_ORDER_IS_LITTLE_ENDIAN Index: openssl-1.0.2b/crypto/modes/modes_lcl.h =================================================================== --- openssl-1.0.2b.orig/crypto/modes/modes_lcl.h 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/modes/modes_lcl.h 2015-06-11 17:50:03.672860241 +0200 @@ -89,6 +89,9 @@ _asm mov eax, val _asm bswap eax} # define GETU32(p) ((u32)(p)[0]<<24|(u32)(p)[1]<<16|(u32)(p)[2]<<8|(u32)(p)[3]) # define PUTU32(p,v) ((p)[0]=(u8)((v)>>24),(p)[1]=(u8)((v)>>16),(p)[2]=(u8)((v)>>8),(p)[3]=(u8)(v)) #endif + +#pragma GCC visibility push(hidden) + /*- GCM definitions */ typedef struct { u64 hi, lo; } u128; @@ -141,3 +144,5 @@ struct ccm128_context { block128_f block; void *key; }; + +#pragma GCC visibility pop Index: openssl-1.0.2b/crypto/o_str.h =================================================================== --- openssl-1.0.2b.orig/crypto/o_str.h 2015-06-11 15:01:06.000000000 +0200 +++ openssl-1.0.2b/crypto/o_str.h 2015-06-11 17:50:03.672860241 +0200 @@ -61,9 +61,11 @@ # define HEADER_O_STR_H # include /* to get size_t */ +#pragma GCC visibility push(hidden) int OPENSSL_strcasecmp(const char *str1, const char *str2); int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n); int OPENSSL_memcmp(const void *p1, const void *p2, size_t n); +#pragma GCC visibility pop #endif Index: openssl-1.0.2b/crypto/o_time.h =================================================================== --- openssl-1.0.2b.orig/crypto/o_time.h 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/o_time.h 2015-06-11 17:50:03.672860241 +0200 @@ -61,10 +61,12 @@ # define HEADER_O_TIME_H # include +#pragma GCC visibility push(hidden) struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result); int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec); int OPENSSL_gmtime_diff(int *pday, int *psec, const struct tm *from, const struct tm *to); +#pragma GCC visibility pop #endif Index: openssl-1.0.2b/crypto/ripemd/rmd_locl.h =================================================================== --- openssl-1.0.2b.orig/crypto/ripemd/rmd_locl.h 2015-06-11 15:01:06.000000000 +0200 +++ openssl-1.0.2b/crypto/ripemd/rmd_locl.h 2015-06-11 17:50:03.673860254 +0200 @@ -76,7 +76,7 @@ # endif #endif -void ripemd160_block_data_order(RIPEMD160_CTX *c, const void *p, size_t num); +void ripemd160_block_data_order(RIPEMD160_CTX *c, const void *p, size_t num) __attribute__ ((visibility ("hidden"))); #define DATA_ORDER_IS_LITTLE_ENDIAN Index: openssl-1.0.2b/crypto/rsa/rsa_locl.h =================================================================== --- openssl-1.0.2b.orig/crypto/rsa/rsa_locl.h 2015-06-11 15:00:12.000000000 +0200 +++ openssl-1.0.2b/crypto/rsa/rsa_locl.h 2015-06-11 17:50:03.673860254 +0200 @@ -1,4 +1,4 @@ extern int int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, unsigned char *rm, size_t *prm_len, const unsigned char *sigbuf, - size_t siglen, RSA *rsa); + size_t siglen, RSA *rsa) __attribute__ ((visibility ("hidden"))); Index: openssl-1.0.2b/crypto/sha/sha256.c =================================================================== --- openssl-1.0.2b.orig/crypto/sha/sha256.c 2015-06-11 17:41:59.509534778 +0200 +++ openssl-1.0.2b/crypto/sha/sha256.c 2015-06-11 17:50:03.673860254 +0200 @@ -135,7 +135,7 @@ int SHA224_Final(unsigned char *md, SHA2 # ifndef SHA256_ASM static # endif -void sha256_block_data_order(SHA256_CTX *ctx, const void *in, size_t num); +void sha256_block_data_order(SHA256_CTX *ctx, const void *in, size_t num) __attribute__ ((visibility ("hidden"))); # include "md32_common.h" Index: openssl-1.0.2b/crypto/sha/sha512.c =================================================================== --- openssl-1.0.2b.orig/crypto/sha/sha512.c 2015-06-11 17:41:59.509534778 +0200 +++ openssl-1.0.2b/crypto/sha/sha512.c 2015-06-11 17:50:03.673860254 +0200 @@ -109,7 +109,7 @@ fips_md_init(SHA512) # ifndef SHA512_ASM static # endif -void sha512_block_data_order(SHA512_CTX *ctx, const void *in, size_t num); +void sha512_block_data_order(SHA512_CTX *ctx, const void *in, size_t num) __attribute__ ((visibility ("hidden"))); int SHA512_Final(unsigned char *md, SHA512_CTX *c) { Index: openssl-1.0.2b/crypto/sha/sha_locl.h =================================================================== --- openssl-1.0.2b.orig/crypto/sha/sha_locl.h 2015-06-11 17:41:59.509534778 +0200 +++ openssl-1.0.2b/crypto/sha/sha_locl.h 2015-06-11 17:50:03.673860254 +0200 @@ -108,7 +108,7 @@ static void sha_block_data_order(SHA_CTX # ifndef SHA1_ASM static # endif -void sha1_block_data_order(SHA_CTX *c, const void *p, size_t num); +void sha1_block_data_order(SHA_CTX *c, const void *p, size_t num) __attribute__ ((visibility ("hidden"))); #else # error "Either SHA_0 or SHA_1 must be defined." Index: openssl-1.0.2b/crypto/store/str_locl.h =================================================================== --- openssl-1.0.2b.orig/crypto/store/str_locl.h 2015-03-19 15:02:02.000000000 +0100 +++ openssl-1.0.2b/crypto/store/str_locl.h 2015-06-11 17:50:03.673860254 +0200 @@ -63,6 +63,8 @@ # include # include +#pragma GCC visibility push(hidden) + #ifdef __cplusplus extern "C" { #endif @@ -121,5 +123,5 @@ struct store_st { #ifdef __cplusplus } #endif - +#pragma GCC visibility pop #endif Index: openssl-1.0.2b/crypto/ui/ui_locl.h =================================================================== --- openssl-1.0.2b.orig/crypto/ui/ui_locl.h 2015-03-19 15:02:02.000000000 +0100 +++ openssl-1.0.2b/crypto/ui/ui_locl.h 2015-06-11 17:50:03.673860254 +0200 @@ -67,6 +67,8 @@ # undef _ # endif +#pragma GCC visibility push(hidden) + struct ui_method_st { char *name; /* @@ -142,4 +144,5 @@ struct ui_st { int flags; }; +#pragma GCC visibility pop #endif Index: openssl-1.0.2b/crypto/whrlpool/wp_locl.h =================================================================== --- openssl-1.0.2b.orig/crypto/whrlpool/wp_locl.h 2015-06-11 15:00:12.000000000 +0200 +++ openssl-1.0.2b/crypto/whrlpool/wp_locl.h 2015-06-11 17:50:03.673860254 +0200 @@ -1,3 +1,3 @@ #include -void whirlpool_block(WHIRLPOOL_CTX *, const void *, size_t); +void whirlpool_block(WHIRLPOOL_CTX *, const void *, size_t) __attribute__ ((visibility ("hidden"))); Index: openssl-1.0.2b/crypto/x509v3/ext_dat.h =================================================================== --- openssl-1.0.2b.orig/crypto/x509v3/ext_dat.h 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/x509v3/ext_dat.h 2015-06-11 17:50:03.674860267 +0200 @@ -58,6 +58,8 @@ */ /* This file contains a table of "standard" extensions */ +#pragma GCC visibility push(hidden) + extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku; extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet, v3_info, v3_sinfo; extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id; @@ -131,6 +133,7 @@ static const X509V3_EXT_METHOD *standard &v3_ct_scts[1], }; +#pragma GCC visibility pop /* Number of standard extensions */ #define STANDARD_EXTENSION_COUNT (sizeof(standard_exts)/sizeof(X509V3_EXT_METHOD *)) Index: openssl-1.0.2b/crypto/x509v3/pcy_int.h =================================================================== --- openssl-1.0.2b.orig/crypto/x509v3/pcy_int.h 2015-06-11 15:00:12.000000000 +0200 +++ openssl-1.0.2b/crypto/x509v3/pcy_int.h 2015-06-11 17:50:03.674860267 +0200 @@ -57,6 +57,8 @@ * */ +#pragma GCC visibility push(hidden) + typedef struct X509_POLICY_DATA_st X509_POLICY_DATA; DECLARE_STACK_OF(X509_POLICY_DATA) @@ -215,3 +217,5 @@ int policy_node_match(const X509_POLICY_ const X509_POLICY_NODE *node, const ASN1_OBJECT *oid); const X509_POLICY_CACHE *policy_cache_set(X509 *x); + +#pragma GCC visibility pop Index: openssl-1.0.2b/crypto/modes/gcm128.c =================================================================== --- openssl-1.0.2b.orig/crypto/modes/gcm128.c 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/modes/gcm128.c 2015-06-11 17:50:03.674860267 +0200 @@ -602,9 +602,9 @@ static void gcm_ghash_4bit(u64 Xi[2], co } # endif # else -void gcm_gmult_4bit(u64 Xi[2], const u128 Htable[16]); +void gcm_gmult_4bit(u64 Xi[2], const u128 Htable[16]) __attribute__ ((visibility ("hidden"))); void gcm_ghash_4bit(u64 Xi[2], const u128 Htable[16], const u8 *inp, - size_t len); + size_t len) __attribute__ ((visibility ("hidden"))); # endif # define GCM_MUL(ctx,Xi) gcm_gmult_4bit(ctx->Xi.u,ctx->Htable) @@ -696,10 +696,10 @@ static void gcm_gmult_1bit(u64 Xi[2], co # define GCM_FUNCREF_4BIT extern unsigned int OPENSSL_ia32cap_P[]; -void gcm_init_clmul(u128 Htable[16], const u64 Xi[2]); -void gcm_gmult_clmul(u64 Xi[2], const u128 Htable[16]); +void gcm_init_clmul(u128 Htable[16], const u64 Xi[2]) __attribute__ ((visibility ("hidden"))); +void gcm_gmult_clmul(u64 Xi[2], const u128 Htable[16]) __attribute__ ((visibility ("hidden"))); void gcm_ghash_clmul(u64 Xi[2], const u128 Htable[16], const u8 *inp, - size_t len); + size_t len) __attribute__ ((visibility ("hidden"))); # if defined(__i386) || defined(__i386__) || defined(_M_IX86) # define gcm_init_avx gcm_init_clmul Index: openssl-1.0.2b/crypto/evp/e_rc4_hmac_md5.c =================================================================== --- openssl-1.0.2b.orig/crypto/evp/e_rc4_hmac_md5.c 2015-06-11 15:01:06.000000000 +0200 +++ openssl-1.0.2b/crypto/evp/e_rc4_hmac_md5.c 2015-06-11 17:50:03.674860267 +0200 @@ -78,7 +78,7 @@ typedef struct { # define NO_PAYLOAD_LENGTH ((size_t)-1) void rc4_md5_enc(RC4_KEY *key, const void *in0, void *out, - MD5_CTX *ctx, const void *inp, size_t blocks); + MD5_CTX *ctx, const void *inp, size_t blocks) __attribute__ ((visibility ("hidden"))); # define data(ctx) ((EVP_RC4_HMAC_MD5 *)(ctx)->cipher_data) Index: openssl-1.0.2b/crypto/cmac/cm_ameth.c =================================================================== --- openssl-1.0.2b.orig/crypto/cmac/cm_ameth.c 2015-06-11 15:01:06.000000000 +0200 +++ openssl-1.0.2b/crypto/cmac/cm_ameth.c 2015-06-11 17:50:03.674860267 +0200 @@ -73,7 +73,7 @@ static void cmac_key_free(EVP_PKEY *pkey if (cmctx) CMAC_CTX_free(cmctx); } - + __attribute__ ((visibility ("hidden"))) const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = { EVP_PKEY_CMAC, EVP_PKEY_CMAC, Index: openssl-1.0.2b/crypto/evp/pmeth_lib.c =================================================================== --- openssl-1.0.2b.orig/crypto/evp/pmeth_lib.c 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/evp/pmeth_lib.c 2015-06-11 17:50:03.675860280 +0200 @@ -71,7 +71,7 @@ typedef int sk_cmp_fn_type(const char *const *a, const char *const *b); DECLARE_STACK_OF(EVP_PKEY_METHOD) -STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL; +static STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL; extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth; extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth; Index: openssl-1.0.2b/crypto/cmac/cm_pmeth.c =================================================================== --- openssl-1.0.2b.orig/crypto/cmac/cm_pmeth.c 2015-06-11 15:01:06.000000000 +0200 +++ openssl-1.0.2b/crypto/cmac/cm_pmeth.c 2015-06-11 17:50:03.675860280 +0200 @@ -182,6 +182,7 @@ static int pkey_cmac_ctrl_str(EVP_PKEY_C return -2; } + __attribute__ ((visibility ("hidden"))) const EVP_PKEY_METHOD cmac_pkey_meth = { EVP_PKEY_CMAC, EVP_PKEY_FLAG_SIGCTX_CUSTOM, Index: openssl-1.0.2b/crypto/rand/md_rand.c =================================================================== --- openssl-1.0.2b.orig/crypto/rand/md_rand.c 2015-06-11 17:41:59.506534739 +0200 +++ openssl-1.0.2b/crypto/rand/md_rand.c 2015-06-11 17:50:03.675860280 +0200 @@ -164,7 +164,7 @@ static int ssleay_rand_nopseudo_bytes(un static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num); static int ssleay_rand_status(void); -RAND_METHOD rand_ssleay_meth = { +static RAND_METHOD rand_ssleay_meth = { ssleay_rand_seed, ssleay_rand_nopseudo_bytes, ssleay_rand_cleanup, Index: openssl-1.0.2b/crypto/dh/dh_ameth.c =================================================================== --- openssl-1.0.2b.orig/crypto/dh/dh_ameth.c 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/dh/dh_ameth.c 2015-06-11 17:50:03.675860280 +0200 @@ -584,6 +584,7 @@ static int dh_pkey_ctrl(EVP_PKEY *pkey, } + __attribute__ ((visibility ("hidden"))) const EVP_PKEY_ASN1_METHOD dh_asn1_meth = { EVP_PKEY_DH, EVP_PKEY_DH, Index: openssl-1.0.2b/crypto/dh/dh_pmeth.c =================================================================== --- openssl-1.0.2b.orig/crypto/dh/dh_pmeth.c 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/dh/dh_pmeth.c 2015-06-11 17:50:03.675860280 +0200 @@ -482,6 +482,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX * return 1; } + __attribute__ ((visibility ("hidden"))) const EVP_PKEY_METHOD dh_pkey_meth = { EVP_PKEY_DH, 0, Index: openssl-1.0.2b/crypto/dsa/dsa_ameth.c =================================================================== --- openssl-1.0.2b.orig/crypto/dsa/dsa_ameth.c 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/dsa/dsa_ameth.c 2015-06-11 17:50:03.676860293 +0200 @@ -620,6 +620,7 @@ static int dsa_pkey_ctrl(EVP_PKEY *pkey, /* NB these are sorted in pkey_id order, lowest first */ + __attribute__ ((visibility ("hidden"))) const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = { { Index: openssl-1.0.2b/crypto/dsa/dsa_pmeth.c =================================================================== --- openssl-1.0.2b.orig/crypto/dsa/dsa_pmeth.c 2015-06-11 17:41:59.488534507 +0200 +++ openssl-1.0.2b/crypto/dsa/dsa_pmeth.c 2015-06-11 17:50:03.676860293 +0200 @@ -278,6 +278,7 @@ static int pkey_dsa_keygen(EVP_PKEY_CTX return DSA_generate_key(pkey->pkey.dsa); } + __attribute__ ((visibility ("hidden"))) const EVP_PKEY_METHOD dsa_pkey_meth = { EVP_PKEY_DSA, EVP_PKEY_FLAG_AUTOARGLEN, Index: openssl-1.0.2b/crypto/ec/ec_ameth.c =================================================================== --- openssl-1.0.2b.orig/crypto/ec/ec_ameth.c 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/ec/ec_ameth.c 2015-06-11 17:50:03.676860293 +0200 @@ -608,6 +608,7 @@ static int ec_pkey_ctrl(EVP_PKEY *pkey, } + __attribute__ ((visibility ("hidden"))) const EVP_PKEY_ASN1_METHOD eckey_asn1_meth = { EVP_PKEY_EC, EVP_PKEY_EC, Index: openssl-1.0.2b/crypto/ec/ec_pmeth.c =================================================================== --- openssl-1.0.2b.orig/crypto/ec/ec_pmeth.c 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/ec/ec_pmeth.c 2015-06-11 17:50:03.676860293 +0200 @@ -491,6 +491,7 @@ static int pkey_ec_keygen(EVP_PKEY_CTX * return EC_KEY_generate_key(pkey->pkey.ec); } + __attribute__ ((visibility ("hidden"))) const EVP_PKEY_METHOD ec_pkey_meth = { EVP_PKEY_EC, 0, Index: openssl-1.0.2b/crypto/hmac/hm_ameth.c =================================================================== --- openssl-1.0.2b.orig/crypto/hmac/hm_ameth.c 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/hmac/hm_ameth.c 2015-06-11 17:50:03.676860293 +0200 @@ -135,6 +135,7 @@ static int old_hmac_encode(const EVP_PKE #endif + __attribute__ ((visibility ("hidden"))) const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = { EVP_PKEY_HMAC, EVP_PKEY_HMAC, Index: openssl-1.0.2b/crypto/hmac/hm_pmeth.c =================================================================== --- openssl-1.0.2b.orig/crypto/hmac/hm_pmeth.c 2015-06-11 15:01:06.000000000 +0200 +++ openssl-1.0.2b/crypto/hmac/hm_pmeth.c 2015-06-11 17:50:03.676860293 +0200 @@ -228,6 +228,7 @@ static int pkey_hmac_ctrl_str(EVP_PKEY_C return -2; } + __attribute__ ((visibility ("hidden"))) const EVP_PKEY_METHOD hmac_pkey_meth = { EVP_PKEY_HMAC, 0, Index: openssl-1.0.2b/crypto/rsa/rsa_ameth.c =================================================================== --- openssl-1.0.2b.orig/crypto/rsa/rsa_ameth.c 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/rsa/rsa_ameth.c 2015-06-11 17:50:03.677860306 +0200 @@ -921,6 +921,7 @@ static int rsa_cms_encrypt(CMS_Recipient return rv; } + __attribute__ ((visibility ("hidden"))) const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] = { { EVP_PKEY_RSA, Index: openssl-1.0.2b/crypto/rsa/rsa_pmeth.c =================================================================== --- openssl-1.0.2b.orig/crypto/rsa/rsa_pmeth.c 2015-06-11 17:41:59.508534765 +0200 +++ openssl-1.0.2b/crypto/rsa/rsa_pmeth.c 2015-06-11 17:50:03.677860306 +0200 @@ -723,6 +723,7 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX return ret; } + __attribute__ ((visibility ("hidden"))) const EVP_PKEY_METHOD rsa_pkey_meth = { EVP_PKEY_RSA, EVP_PKEY_FLAG_AUTOARGLEN, Index: openssl-1.0.2b/crypto/objects/obj_xref.c =================================================================== --- openssl-1.0.2b.orig/crypto/objects/obj_xref.c 2015-06-11 15:01:06.000000000 +0200 +++ openssl-1.0.2b/crypto/objects/obj_xref.c 2015-06-11 17:50:03.677860306 +0200 @@ -61,7 +61,7 @@ #include "obj_xref.h" DECLARE_STACK_OF(nid_triple) -STACK_OF(nid_triple) *sig_app, *sigx_app; +static STACK_OF(nid_triple) *sig_app, *sigx_app; static int sig_cmp(const nid_triple *a, const nid_triple *b) { Index: openssl-1.0.2b/crypto/pem/pem_lib.c =================================================================== --- openssl-1.0.2b.orig/crypto/pem/pem_lib.c 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/pem/pem_lib.c 2015-06-11 17:50:03.677860306 +0200 @@ -80,7 +80,7 @@ const char PEM_version[] = "PEM" OPENSSL static int load_iv(char **fromp, unsigned char *to, int num); static int check_pem(const char *nm, const char *name); -int pem_check_suffix(const char *pem_str, const char *suffix); +int pem_check_suffix(const char *pem_str, const char *suffix) __attribute__ ((visibility ("hidden"))); int PEM_def_callback(char *buf, int num, int w, void *key) { Index: openssl-1.0.2b/crypto/asn1/tasn_prn.c =================================================================== --- openssl-1.0.2b.orig/crypto/asn1/tasn_prn.c 2015-06-11 15:01:06.000000000 +0200 +++ openssl-1.0.2b/crypto/asn1/tasn_prn.c 2015-06-11 17:50:03.677860306 +0200 @@ -73,7 +73,7 @@ /* ASN1_PCTX routines */ -ASN1_PCTX default_pctx = { +static ASN1_PCTX default_pctx = { ASN1_PCTX_FLAGS_SHOW_ABSENT, /* flags */ 0, /* nm_flags */ 0, /* cert_flags */ Index: openssl-1.0.2b/crypto/bn/bn_exp.c =================================================================== --- openssl-1.0.2b.orig/crypto/bn/bn_exp.c 2015-06-11 15:50:11.000000000 +0200 +++ openssl-1.0.2b/crypto/bn/bn_exp.c 2015-06-11 17:50:03.678860319 +0200 @@ -947,10 +947,10 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr */ void bn_mul_mont_gather5(BN_ULONG *rp, const BN_ULONG *ap, const void *table, const BN_ULONG *np, - const BN_ULONG *n0, int num, int power); + const BN_ULONG *n0, int num, int power) __attribute__ ((visibility ("hidden"))); void bn_scatter5(const BN_ULONG *inp, size_t num, - void *table, size_t power); - void bn_gather5(BN_ULONG *out, size_t num, void *table, size_t power); + void *table, size_t power) __attribute__ ((visibility ("hidden"))); + void bn_gather5(BN_ULONG *out, size_t num, void *table, size_t power) __attribute__ ((visibility ("hidden"))); void bn_power5(BN_ULONG *rp, const BN_ULONG *ap, const void *table, const BN_ULONG *np, const BN_ULONG *n0, int num, int power); Index: openssl-1.0.2b/crypto/bn/bn_gf2m.c =================================================================== --- openssl-1.0.2b.orig/crypto/bn/bn_gf2m.c 2015-06-11 15:52:57.000000000 +0200 +++ openssl-1.0.2b/crypto/bn/bn_gf2m.c 2015-06-11 17:50:03.678860319 +0200 @@ -321,7 +321,7 @@ static void bn_GF2m_mul_2x2(BN_ULONG *r, } # else void bn_GF2m_mul_2x2(BN_ULONG *r, BN_ULONG a1, BN_ULONG a0, BN_ULONG b1, - BN_ULONG b0); + BN_ULONG b0) __attribute__ ((visibility ("hidden"))); # endif /*