From 03794dc2087785e630e5e8c9b226312631ff812a Mon Sep 17 00:00:00 2001 From: DeckerSU Date: Fri, 19 Apr 2019 21:57:10 +0300 Subject: [PATCH 01/12] first approach to get HTTPS in libcurl work 1. libcurl.mk now changed to build against static openssl from deps. 2. but, it won't work with openssl 1.1.1a, bcz of SSL: couldn't create a context: error:00000000:lib(0):func(0):reason(0) , so, in test i decided to upgrade openssl to 1.1.1b. 3. original openssl.mk was with many disabled features, i enable all of them, of course it's don't needed and we need to leave only SSL/TLS things enabled in OpenSSL build. 4. probably i broke something in Windows and MacOS build. This commit is only first approach to continue work. --- depends/packages/libcurl.mk | 23 +++++++++--- depends/packages/openssl.mk | 72 +----------------------------------- depends/packages/packages.mk | 2 +- 3 files changed, 21 insertions(+), 76 deletions(-) diff --git a/depends/packages/libcurl.mk b/depends/packages/libcurl.mk index 642fc066d..1ce0a9161 100644 --- a/depends/packages/libcurl.mk +++ b/depends/packages/libcurl.mk @@ -1,9 +1,10 @@ package=libcurl -$(package)_version=7.54.0 +$(package)_version=7.64.1 +$(package)_dependencies=openssl $(package)_download_path=https://curl.haxx.se/download $(package)_file_name=curl-$($(package)_version).tar.gz -$(package)_sha256_hash=a84b635941c74e26cce69dd817489bec687eb1f230e7d1897fc5b5f108b59adf -$(package)_config_opts_linux=--disable-shared --enable-static --prefix=$(host_prefix) +$(package)_sha256_hash=432d3f466644b9416bc5b649d344116a753aeaa520c8beaf024a90cba9d3d35d +$(package)_config_opts_linux=--disable-shared --enable-static --prefix=$(host_prefix) --host=x86_64-unknown-linux-gnu $(package)_config_opts_mingw32=--enable-mingw --disable-shared --enable-static --prefix=$(host_prefix) --host=x86_64-w64-mingw32 $(package)_config_opts_darwin=--disable-shared --enable-static --prefix=$(host_prefix) $(package)_cflags_darwin=-mmacosx-version-min=10.9 @@ -15,11 +16,21 @@ define $(package)_set_vars endef endif -define $(package)_config_cmds - $($(package)_conf_tool) $($(package)_config_opts) +ifeq ($(build_os),linux) +define $(package)_set_vars + $(package)_config_env=LD_LIBRARY_PATH="$(host_prefix)/lib" PKG_CONFIG_LIBDIR="$(host_prefix)/lib/pkgconfig" CPPFLAGS="-I$(host_prefix)/include" LDFLAGS="-L$(host_prefix)/lib" endef +endif +define $(package)_config_cmds + echo '=== config for $(package):' && \ + echo '$($(package)_config_env) $($(package)_conf_tool) $($(package)_config_opts)' && \ + sleep 10 && \ + echo '=== ' && \ + $($(package)_config_env) $($(package)_conf_tool) $($(package)_config_opts) +endef + ifeq ($(build_os),darwin) define $(package)_build_cmds $(MAKE) CPPFLAGS='-fPIC' CFLAGS='-mmacosx-version-min=10.9' @@ -31,5 +42,7 @@ endef endif define $(package)_stage_cmds + echo 'Staging dir: $($(package)_staging_dir)$(host_prefix)/' && \ + sleep 10 && \ $(MAKE) DESTDIR=$($(package)_staging_dir) install endef diff --git a/depends/packages/openssl.mk b/depends/packages/openssl.mk index e378088e6..96908e151 100644 --- a/depends/packages/openssl.mk +++ b/depends/packages/openssl.mk @@ -1,81 +1,13 @@ package=openssl -$(package)_version=1.1.1a +$(package)_version=1.1.1b $(package)_download_path=https://www.openssl.org/source $(package)_file_name=$(package)-$($(package)_version).tar.gz -$(package)_sha256_hash=fc20130f8b7cbd2fb918b2f14e2f429e109c31ddd0fb38fc5d71d9ffed3f9f41 +$(package)_sha256_hash=5c557b023230413dfb0756f3137a13e6d726838ccd1430888ad15bfb2b43ea4b define $(package)_set_vars $(package)_config_env=AR="$($(package)_ar)" RANLIB="$($(package)_ranlib)" CC="$($(package)_cc)" $(package)_config_opts=--prefix=$(host_prefix) --openssldir=$(host_prefix)/etc/openssl -$(package)_config_opts+=no-afalgeng -$(package)_config_opts+=no-asm -$(package)_config_opts+=no-async -$(package)_config_opts+=no-bf -$(package)_config_opts+=no-blake2 -$(package)_config_opts+=no-camellia -$(package)_config_opts+=no-capieng -$(package)_config_opts+=no-cast -$(package)_config_opts+=no-chacha -$(package)_config_opts+=no-cmac -$(package)_config_opts+=no-cms -$(package)_config_opts+=no-comp -$(package)_config_opts+=no-crypto-mdebug -$(package)_config_opts+=no-crypto-mdebug-backtrace -$(package)_config_opts+=no-ct -$(package)_config_opts+=no-des -$(package)_config_opts+=no-dgram -$(package)_config_opts+=no-dsa -$(package)_config_opts+=no-dso -$(package)_config_opts+=no-dtls -$(package)_config_opts+=no-dtls1 -$(package)_config_opts+=no-dtls1-method -$(package)_config_opts+=no-dynamic-engine -$(package)_config_opts+=no-ec2m -$(package)_config_opts+=no-ec_nistp_64_gcc_128 -$(package)_config_opts+=no-egd -$(package)_config_opts+=no-engine -$(package)_config_opts+=no-err -$(package)_config_opts+=no-gost -$(package)_config_opts+=no-heartbeats -$(package)_config_opts+=no-idea -$(package)_config_opts+=no-md2 -$(package)_config_opts+=no-md4 -$(package)_config_opts+=no-mdc2 -$(package)_config_opts+=no-multiblock -$(package)_config_opts+=no-nextprotoneg -$(package)_config_opts+=no-ocb -$(package)_config_opts+=no-ocsp -$(package)_config_opts+=no-poly1305 -$(package)_config_opts+=no-posix-io -$(package)_config_opts+=no-psk -$(package)_config_opts+=no-rc2 -$(package)_config_opts+=no-rc4 -$(package)_config_opts+=no-rc5 -$(package)_config_opts+=no-rdrand -$(package)_config_opts+=no-rfc3779 -$(package)_config_opts+=no-rmd160 -$(package)_config_opts+=no-scrypt -$(package)_config_opts+=no-sctp -$(package)_config_opts+=no-seed $(package)_config_opts+=no-shared -$(package)_config_opts+=no-sock -$(package)_config_opts+=no-srp -$(package)_config_opts+=no-srtp -$(package)_config_opts+=no-ssl -$(package)_config_opts+=no-ssl3 -$(package)_config_opts+=no-ssl3-method -$(package)_config_opts+=no-ssl-trace -$(package)_config_opts+=no-stdio -$(package)_config_opts+=no-tls -$(package)_config_opts+=no-tls1 -$(package)_config_opts+=no-tls1-method -$(package)_config_opts+=no-ts -$(package)_config_opts+=no-ui -$(package)_config_opts+=no-unit-test -$(package)_config_opts+=no-weak-ssl-ciphers -$(package)_config_opts+=no-whirlpool -$(package)_config_opts+=no-zlib -$(package)_config_opts+=no-zlib-dynamic $(package)_config_opts+=$($(package)_cflags) $($(package)_cppflags) $(package)_config_opts+=-DPURIFY $(package)_config_opts_linux=-fPIC -Wa,--noexecstack diff --git a/depends/packages/packages.mk b/depends/packages/packages.mk index 5bc8fcda6..e29c62580 100644 --- a/depends/packages/packages.mk +++ b/depends/packages/packages.mk @@ -47,7 +47,7 @@ native_packages := native_ccache wallet_packages=bdb ifeq ($(host_os),linux) - packages := boost openssl libevent zeromq $(zcash_packages) googletest #googlemock + packages := boost openssl libevent zeromq $(zcash_packages) googletest libcurl #googlemock else packages := boost openssl libevent zeromq $(zcash_packages) libcurl googletest #googlemock endif From 2f19aeaa4adab8c5462b76ef65f93e0fd1c0e204 Mon Sep 17 00:00:00 2001 From: DeckerSU Date: Fri, 19 Apr 2019 22:01:54 +0300 Subject: [PATCH 02/12] + debug (ssl and curl version printout) --- src/komodo_bitcoind.h | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/komodo_bitcoind.h b/src/komodo_bitcoind.h index bb5a093d3..92943089a 100644 --- a/src/komodo_bitcoind.h +++ b/src/komodo_bitcoind.h @@ -206,8 +206,11 @@ try_again: if ( strncmp(url,"https",5) == 0 ) { - curl_easy_setopt(curl_handle,CURLOPT_SSL_VERIFYPEER,0); - curl_easy_setopt(curl_handle,CURLOPT_SSL_VERIFYHOST,0); + + /* printf("[ Decker ] SSL: %s\n", curl_version()); */ + curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYHOST, 0L); + //curl_easy_setopt(curl_handle, CURLOPT_VERBOSE, 1L); // this is useful for debug, but seems crash on libcurl/7.64.1 OpenSSL/1.1.1b zlib/1.2.8 librtmp/2.3 } if ( userpass != 0 ) curl_easy_setopt(curl_handle,CURLOPT_USERPWD, userpass); From 06bed214f9af422fbc72dad021290761d6c3e315 Mon Sep 17 00:00:00 2001 From: jl777 Date: Sun, 21 Apr 2019 02:16:55 -1100 Subject: [PATCH 03/12] Check for null ptr before -> --- src/komodo_bitcoind.h | 11 +++++++++++ src/komodo_defs.h | 1 + src/wallet/asyncrpcoperation_mergetoaddress.cpp | 2 +- src/wallet/asyncrpcoperation_sendmany.cpp | 2 +- src/wallet/rpcwallet.cpp | 6 +++--- 5 files changed, 17 insertions(+), 5 deletions(-) diff --git a/src/komodo_bitcoind.h b/src/komodo_bitcoind.h index bb5a093d3..b342cc932 100644 --- a/src/komodo_bitcoind.h +++ b/src/komodo_bitcoind.h @@ -1091,6 +1091,17 @@ int32_t komodo_blockheight(uint256 hash) return(0); } +uint32_t komodo_blocktime(uint256 hash) +{ + BlockMap::const_iterator it; CBlockIndex *pindex = 0; + if ( (it = mapBlockIndex.find(hash)) != mapBlockIndex.end() ) + { + if ( (pindex= it->second) != 0 ) + return(pindex->nTime); + } + return(0); +} + int32_t komodo_checkpoint(int32_t *notarized_heightp,int32_t nHeight,uint256 hash) { int32_t notarized_height,MoMdepth; uint256 MoM,notarized_hash,notarized_desttxid; CBlockIndex *notary,*pindex; diff --git a/src/komodo_defs.h b/src/komodo_defs.h index ecaf7339a..ee44132bc 100644 --- a/src/komodo_defs.h +++ b/src/komodo_defs.h @@ -95,6 +95,7 @@ char *bitcoin_address(char *coinaddr,uint8_t addrtype,uint8_t *pubkey_or_rmd160, int32_t komodo_minerids(uint8_t *minerids,int32_t height,int32_t width); int32_t komodo_kvsearch(uint256 *refpubkeyp,int32_t current_height,uint32_t *flagsp,int32_t *heightp,uint8_t value[IGUANA_MAXSCRIPTSIZE],uint8_t *key,int32_t keylen); +uint32_t komodo_blocktime(uint256 hash); int32_t komodo_longestchain(); int32_t komodo_dpowconfs(int32_t height,int32_t numconfs); int8_t komodo_segid(int32_t nocache,int32_t height); diff --git a/src/wallet/asyncrpcoperation_mergetoaddress.cpp b/src/wallet/asyncrpcoperation_mergetoaddress.cpp index bba44fe50..e5ce59a17 100644 --- a/src/wallet/asyncrpcoperation_mergetoaddress.cpp +++ b/src/wallet/asyncrpcoperation_mergetoaddress.cpp @@ -677,7 +677,7 @@ bool AsyncRPCOperation_mergetoaddress::main_impl() if (mapBlockIndex.find(wtx.hashBlock) == mapBlockIndex.end()) { throw JSONRPCError(RPC_WALLET_ERROR, strprintf("mapBlockIndex does not contain block hash %s", wtx.hashBlock.ToString())); } - wtxHeight = mapBlockIndex[wtx.hashBlock]->GetHeight(); + wtxHeight = komodo_blockheight(wtx.hashBlock); wtxDepth = wtx.GetDepthInMainChain(); } LogPrint("zrpcunsafe", "%s: spending note (txid=%s, vjoinsplit=%d, ciphertext=%d, amount=%s, height=%d, confirmations=%d)\n", diff --git a/src/wallet/asyncrpcoperation_sendmany.cpp b/src/wallet/asyncrpcoperation_sendmany.cpp index 0ea17a5f8..45d61b885 100644 --- a/src/wallet/asyncrpcoperation_sendmany.cpp +++ b/src/wallet/asyncrpcoperation_sendmany.cpp @@ -836,7 +836,7 @@ bool AsyncRPCOperation_sendmany::main_impl() { if (mapBlockIndex.find(wtx.hashBlock) == mapBlockIndex.end()) { throw JSONRPCError(RPC_WALLET_ERROR, strprintf("mapBlockIndex does not contain block hash %s", wtx.hashBlock.ToString())); } - wtxHeight = mapBlockIndex[wtx.hashBlock]->GetHeight(); + wtxHeight = komodo_blockheight(wtx.hashBlock); wtxDepth = wtx.GetDepthInMainChain(); } LogPrint("zrpcunsafe", "%s: spending note (txid=%s, vjoinsplit=%d, ciphertext=%d, amount=%s, height=%d, confirmations=%d)\n", diff --git a/src/wallet/rpcwallet.cpp b/src/wallet/rpcwallet.cpp index 847205ec1..028b18861 100644 --- a/src/wallet/rpcwallet.cpp +++ b/src/wallet/rpcwallet.cpp @@ -122,10 +122,10 @@ void WalletTxToJSON(const CWalletTx& wtx, UniValue& entry) entry.push_back(Pair("generated", true)); if (confirms > 0) { - entry.push_back(Pair("confirmations", komodo_dpowconfs((int32_t)mapBlockIndex[wtx.hashBlock]->GetHeight(),confirms))); + entry.push_back(Pair("confirmations", komodo_dpowconfs((int32_t)komodo_blockheight(wtx.hashBlock),confirms))); entry.push_back(Pair("blockhash", wtx.hashBlock.GetHex())); entry.push_back(Pair("blockindex", wtx.nIndex)); - entry.push_back(Pair("blocktime", mapBlockIndex[wtx.hashBlock]->GetBlockTime())); + entry.push_back(Pair("blocktime", komodo_blocktime(wtx.hashBlock))); entry.push_back(Pair("expiryheight", (int64_t)wtx.nExpiryHeight)); } else entry.push_back(Pair("confirmations", confirms)); uint256 hash = wtx.GetHash(); @@ -1624,7 +1624,7 @@ UniValue ListReceived(const UniValue& params, bool fByAccounts) tallyitem& item = mapTally[address]; item.nAmount += txout.nValue; // komodo_interest? item.nConf = min(item.nConf, nDepth); - item.nHeight = mapBlockIndex[wtx.hashBlock]->GetHeight(); + item.nHeight = komodo_blockheight(wtx.hashBlock); item.txids.push_back(wtx.GetHash()); if (mine & ISMINE_WATCH_ONLY) item.fIsWatchonly = true; From 564da3c9826d7d830453693a3060f2e3ddb31e1c Mon Sep 17 00:00:00 2001 From: jl777 Date: Sun, 21 Apr 2019 02:33:31 -1100 Subject: [PATCH 04/12] Change mapblockindex[] into function calls with guards --- src/cc/CCutils.cpp | 2 +- src/cc/payments.cpp | 6 +++--- src/main.cpp | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/cc/CCutils.cpp b/src/cc/CCutils.cpp index 3c4c6c67c..f47bc4212 100644 --- a/src/cc/CCutils.cpp +++ b/src/cc/CCutils.cpp @@ -623,7 +623,7 @@ bool komodo_txnotarizedconfirmed(uint256 txid) fprintf(stderr,"komodo_txnotarizedconfirmed no hashBlock for txid %s\n",txid.ToString().c_str()); return(0); } - else if ( (pindex= mapBlockIndex[hashBlock]) == 0 || (txheight= pindex->GetHeight()) <= 0 ) + else if ( (pindex= komodo_blockindex(hashBlock)) == 0 || (txheight= pindex->GetHeight()) <= 0 ) { fprintf(stderr,"komodo_txnotarizedconfirmed no txheight.%d %p for txid %s\n",txheight,pindex,txid.ToString().c_str()); return(0); diff --git a/src/cc/payments.cpp b/src/cc/payments.cpp index 526fea52f..8bd41b333 100644 --- a/src/cc/payments.cpp +++ b/src/cc/payments.cpp @@ -314,10 +314,10 @@ bool PaymentsValidate(struct CCcontract_info *cp,Eval* eval,const CTransaction & } } // check the chain depth vs locked blocks requirement. - CBlockIndex* pblockindex = mapBlockIndex[blockhash]; - if ( pblockindex->GetHeight() > ht-lockedblocks ) + CBlockIndex* pblockindex = komodo_blockindex(blockhash); + if ( pblockindex == 0 || pblockindex->GetHeight() > ht-lockedblocks ) { - fprintf(stderr, "vin.%i is not elegible to be spent yet height.%i vs elegible_ht.%i\n", i, pblockindex->GetHeight(), ht-lockedblocks); + fprintf(stderr, "vin.%i is not elegible to be spent yet height.%i vs elegible_ht.%i\n", i, pblockindex!=0?pblockindex->GetHeight():0, ht-lockedblocks); return(eval->Invalid("vin not elegible")); } } else return(eval->Invalid("cant get vin transaction")); diff --git a/src/main.cpp b/src/main.cpp index 40da1b855..2e0102b8b 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -6413,8 +6413,8 @@ bool LoadExternalBlockFile(FILE* fileIn, CDiskBlockPos *dbp) nLoaded++; if (state.IsError()) break; - } else if (hash != chainparams.GetConsensus().hashGenesisBlock && mapBlockIndex[hash]->GetHeight() % 1000 == 0) { - LogPrintf("Block Import: already had block %s at height %d\n", hash.ToString(), mapBlockIndex[hash]->GetHeight()); + } else if (hash != chainparams.GetConsensus().hashGenesisBlock && komodo_blockheight(hash) % 1000 == 0) { + LogPrintf("Block Import: already had block %s at height %d\n", hash.ToString(), komodo_blockheight(hash)); } // Recursively process earlier encountered successors of this block From f79d72fb94630e8c4e962fc1681725c6c4615ac2 Mon Sep 17 00:00:00 2001 From: jl777 Date: Sun, 21 Apr 2019 02:34:31 -1100 Subject: [PATCH 05/12] Include file --- src/wallet/asyncrpcoperation_mergetoaddress.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/src/wallet/asyncrpcoperation_mergetoaddress.cpp b/src/wallet/asyncrpcoperation_mergetoaddress.cpp index e5ce59a17..3268c2f0d 100644 --- a/src/wallet/asyncrpcoperation_mergetoaddress.cpp +++ b/src/wallet/asyncrpcoperation_mergetoaddress.cpp @@ -46,6 +46,7 @@ #include #include "paymentdisclosuredb.h" +#include "komodo_defs.h" using namespace libzcash; From 124156f956a3bdb8bcb79589ddb0d83b89743f00 Mon Sep 17 00:00:00 2001 From: jl777 Date: Sun, 21 Apr 2019 02:36:46 -1100 Subject: [PATCH 06/12] int32_t komodo_blockheight(uint256 hash); --- src/wallet/asyncrpcoperation_mergetoaddress.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wallet/asyncrpcoperation_mergetoaddress.cpp b/src/wallet/asyncrpcoperation_mergetoaddress.cpp index 3268c2f0d..82860d18e 100644 --- a/src/wallet/asyncrpcoperation_mergetoaddress.cpp +++ b/src/wallet/asyncrpcoperation_mergetoaddress.cpp @@ -46,7 +46,7 @@ #include #include "paymentdisclosuredb.h" -#include "komodo_defs.h" +int32_t komodo_blockheight(uint256 hash); using namespace libzcash; From 70015ce70d6ee1dfe9cb5ab867513f7d29bf380e Mon Sep 17 00:00:00 2001 From: jl777 Date: Sun, 21 Apr 2019 02:37:51 -1100 Subject: [PATCH 07/12] int32_t komodo_blockheight(uint256 hash); --- src/wallet/asyncrpcoperation_sendmany.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/src/wallet/asyncrpcoperation_sendmany.cpp b/src/wallet/asyncrpcoperation_sendmany.cpp index 45d61b885..bc335fc4c 100644 --- a/src/wallet/asyncrpcoperation_sendmany.cpp +++ b/src/wallet/asyncrpcoperation_sendmany.cpp @@ -55,6 +55,7 @@ using namespace libzcash; extern char ASSETCHAINS_SYMBOL[65]; int32_t komodo_dpowconfs(int32_t height,int32_t numconfs); +int32_t komodo_blockheight(uint256 hash); int tx_height( const uint256 &hash ); extern UniValue signrawtransaction(const UniValue& params, bool fHelp); extern UniValue sendrawtransaction(const UniValue& params, bool fHelp); From 0b66a88ba29347d1f171e255836fe70326717c84 Mon Sep 17 00:00:00 2001 From: jl777 Date: Sun, 21 Apr 2019 02:40:49 -1100 Subject: [PATCH 08/12] int32_t komodo_blockheight(uint256 hash); --- src/wallet/rpcwallet.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wallet/rpcwallet.cpp b/src/wallet/rpcwallet.cpp index 028b18861..c73e177cd 100644 --- a/src/wallet/rpcwallet.cpp +++ b/src/wallet/rpcwallet.cpp @@ -125,7 +125,7 @@ void WalletTxToJSON(const CWalletTx& wtx, UniValue& entry) entry.push_back(Pair("confirmations", komodo_dpowconfs((int32_t)komodo_blockheight(wtx.hashBlock),confirms))); entry.push_back(Pair("blockhash", wtx.hashBlock.GetHex())); entry.push_back(Pair("blockindex", wtx.nIndex)); - entry.push_back(Pair("blocktime", komodo_blocktime(wtx.hashBlock))); + entry.push_back(Pair("blocktime", (uint64_t)komodo_blocktime(wtx.hashBlock))); entry.push_back(Pair("expiryheight", (int64_t)wtx.nExpiryHeight)); } else entry.push_back(Pair("confirmations", confirms)); uint256 hash = wtx.GetHash(); From 74b256333469d431bf8020cca4125de26d4a2570 Mon Sep 17 00:00:00 2001 From: "Jonathan \"Duke\" Leto" Date: Sun, 21 Apr 2019 07:58:05 -0700 Subject: [PATCH 09/12] Reduce unnecessary warnings to STDOUT --- src/komodo_bitcoind.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/komodo_bitcoind.h b/src/komodo_bitcoind.h index b342cc932..2fc8f480e 100644 --- a/src/komodo_bitcoind.h +++ b/src/komodo_bitcoind.h @@ -75,7 +75,8 @@ int tx_height( const uint256 &hash ){ nHeight = it->second->GetHeight(); //fprintf(stderr,"blockHash %s height %d\n",hashBlock.ToString().c_str(), nHeight); } else { - fprintf(stderr,"block hash %s does not exist!\n", hashBlock.ToString().c_str() ); + // Unconfirmed xtns + //fprintf(stderr,"block hash %s does not exist!\n", hashBlock.ToString().c_str() ); } return nHeight; } From 1a9f6cb60796f5ee49520c22b2ea332403505ced Mon Sep 17 00:00:00 2001 From: DeckerSU Date: Mon, 22 Apr 2019 20:27:28 +0300 Subject: [PATCH 10/12] return OpenSSL 1.1.1a and applied patch More info: - https://github.com/openssl/openssl/issues/7350 - https://github.com/openssl/openssl/commit/f725fe5b4b6504df08e30f5194d321c3025e2336 Without this patch we will get following error: ``` SSL: couldn't create a context: error:00000000:lib(0):func(0):reason(0) ``` during trying to connect HTTPS. --- depends/packages/openssl.mk | 8 +- depends/patches/openssl/ssl_fix.patch | 273 ++++++++++++++++++++++++++ 2 files changed, 278 insertions(+), 3 deletions(-) create mode 100644 depends/patches/openssl/ssl_fix.patch diff --git a/depends/packages/openssl.mk b/depends/packages/openssl.mk index 96908e151..5c689fe0b 100644 --- a/depends/packages/openssl.mk +++ b/depends/packages/openssl.mk @@ -1,8 +1,9 @@ package=openssl -$(package)_version=1.1.1b +$(package)_version=1.1.1a $(package)_download_path=https://www.openssl.org/source $(package)_file_name=$(package)-$($(package)_version).tar.gz -$(package)_sha256_hash=5c557b023230413dfb0756f3137a13e6d726838ccd1430888ad15bfb2b43ea4b +$(package)_sha256_hash=fc20130f8b7cbd2fb918b2f14e2f429e109c31ddd0fb38fc5d71d9ffed3f9f41 +$(package)_patches=ssl_fix.patch define $(package)_set_vars $(package)_config_env=AR="$($(package)_ar)" RANLIB="$($(package)_ranlib)" CC="$($(package)_cc)" @@ -25,7 +26,8 @@ endef define $(package)_preprocess_cmds sed -i.old 's/built on: $date/built on: not available/' util/mkbuildinf.pl && \ - sed -i.old "s|\"engines\", \"apps\", \"test\"|\"engines\"|" Configure + sed -i.old "s|\"engines\", \"apps\", \"test\"|\"engines\"|" Configure && \ + patch -p1 < $($(package)_patch_dir)/ssl_fix.patch endef define $(package)_config_cmds diff --git a/depends/patches/openssl/ssl_fix.patch b/depends/patches/openssl/ssl_fix.patch new file mode 100644 index 000000000..d7f79fed5 --- /dev/null +++ b/depends/patches/openssl/ssl_fix.patch @@ -0,0 +1,273 @@ +From f725fe5b4b6504df08e30f5194d321c3025e2336 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Tue, 20 Nov 2018 15:32:55 +0000 +Subject: [PATCH] Fix a RUN_ONCE bug + +We have a number of instances where there are multiple "init" functions for +a single CRYPTO_ONCE variable, e.g. to load config automatically or to not +load config automatically. Unfortunately the RUN_ONCE mechanism was not +correctly giving the right return value where an alternative init function +was being used. + +Reviewed-by: Tim Hudson +(Merged from https://github.com/openssl/openssl/pull/7983) +--- + crypto/init.c | 38 +++++++++----- + include/internal/thread_once.h | 92 ++++++++++++++++++++++++++++++++++ + ssl/ssl_init.c | 6 ++- + 3 files changed, 121 insertions(+), 15 deletions(-) + +diff --git a/crypto/init.c b/crypto/init.c +index 209d1a483da..f20a12f069a 100644 +--- a/crypto/init.c ++++ b/crypto/init.c +@@ -177,12 +177,6 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_nodelete) + + static CRYPTO_ONCE load_crypto_strings = CRYPTO_ONCE_STATIC_INIT; + static int load_crypto_strings_inited = 0; +-DEFINE_RUN_ONCE_STATIC(ossl_init_no_load_crypto_strings) +-{ +- /* Do nothing in this case */ +- return 1; +-} +- + DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings) + { + int ret = 1; +@@ -201,6 +195,13 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings) + return ret; + } + ++DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_load_crypto_strings, ++ ossl_init_load_crypto_strings) ++{ ++ /* Do nothing in this case */ ++ return 1; ++} ++ + static CRYPTO_ONCE add_all_ciphers = CRYPTO_ONCE_STATIC_INIT; + DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_ciphers) + { +@@ -218,6 +219,13 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_ciphers) + return 1; + } + ++DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_ciphers, ++ ossl_init_add_all_ciphers) ++{ ++ /* Do nothing */ ++ return 1; ++} ++ + static CRYPTO_ONCE add_all_digests = CRYPTO_ONCE_STATIC_INIT; + DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_digests) + { +@@ -235,7 +243,8 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_digests) + return 1; + } + +-DEFINE_RUN_ONCE_STATIC(ossl_init_no_add_algs) ++DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_digests, ++ ossl_init_add_all_digests) + { + /* Do nothing */ + return 1; +@@ -255,7 +264,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_config) + config_inited = 1; + return 1; + } +-DEFINE_RUN_ONCE_STATIC(ossl_init_no_config) ++DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_config, ossl_init_config) + { + #ifdef OPENSSL_INIT_DEBUG + fprintf(stderr, +@@ -595,8 +604,9 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) + return 0; + + if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS) +- && !RUN_ONCE(&load_crypto_strings, +- ossl_init_no_load_crypto_strings)) ++ && !RUN_ONCE_ALT(&load_crypto_strings, ++ ossl_init_no_load_crypto_strings, ++ ossl_init_load_crypto_strings)) + return 0; + + if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS) +@@ -604,7 +614,8 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) + return 0; + + if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS) +- && !RUN_ONCE(&add_all_ciphers, ossl_init_no_add_algs)) ++ && !RUN_ONCE_ALT(&add_all_ciphers, ossl_init_no_add_all_ciphers, ++ ossl_init_add_all_ciphers)) + return 0; + + if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS) +@@ -612,7 +623,8 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) + return 0; + + if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS) +- && !RUN_ONCE(&add_all_digests, ossl_init_no_add_algs)) ++ && !RUN_ONCE_ALT(&add_all_digests, ossl_init_no_add_all_digests, ++ ossl_init_add_all_digests)) + return 0; + + if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS) +@@ -624,7 +636,7 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) + return 0; + + if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG) +- && !RUN_ONCE(&config, ossl_init_no_config)) ++ && !RUN_ONCE_ALT(&config, ossl_init_no_config, ossl_init_config)) + return 0; + + if (opts & OPENSSL_INIT_LOAD_CONFIG) { +diff --git a/include/internal/thread_once.h b/include/internal/thread_once.h +index 224244353ab..e268a959ef3 100644 +--- a/include/internal/thread_once.h ++++ b/include/internal/thread_once.h +@@ -9,6 +9,20 @@ + + #include + ++/* ++ * DEFINE_RUN_ONCE: Define an initialiser function that should be run exactly ++ * once. It takes no arguments and returns and int result (1 for success or ++ * 0 for failure). Typical usage might be: ++ * ++ * DEFINE_RUN_ONCE(myinitfunc) ++ * { ++ * do_some_initialisation(); ++ * if (init_is_successful()) ++ * return 1; ++ * ++ * return 0; ++ * } ++ */ + #define DEFINE_RUN_ONCE(init) \ + static int init(void); \ + int init##_ossl_ret_ = 0; \ +@@ -17,10 +31,30 @@ + init##_ossl_ret_ = init(); \ + } \ + static int init(void) ++ ++/* ++ * DECLARE_RUN_ONCE: Declare an initialiser function that should be run exactly ++ * once that has been defined in another file via DEFINE_RUN_ONCE(). ++ */ + #define DECLARE_RUN_ONCE(init) \ + extern int init##_ossl_ret_; \ + void init##_ossl_(void); + ++/* ++ * DEFINE_RUN_ONCE_STATIC: Define an initialiser function that should be run ++ * exactly once. This function will be declared as static within the file. It ++ * takes no arguments and returns and int result (1 for success or 0 for ++ * failure). Typical usage might be: ++ * ++ * DEFINE_RUN_ONCE_STATIC(myinitfunc) ++ * { ++ * do_some_initialisation(); ++ * if (init_is_successful()) ++ * return 1; ++ * ++ * return 0; ++ * } ++ */ + #define DEFINE_RUN_ONCE_STATIC(init) \ + static int init(void); \ + static int init##_ossl_ret_ = 0; \ +@@ -30,6 +64,46 @@ + } \ + static int init(void) + ++/* ++ * DEFINE_RUN_ONCE_STATIC_ALT: Define an alternative initialiser function. This ++ * function will be declared as static within the file. It takes no arguments ++ * and returns an int result (1 for success or 0 for failure). An alternative ++ * initialiser function is expected to be associated with a primary initialiser ++ * function defined via DEFINE_ONCE_STATIC where both functions use the same ++ * CRYPTO_ONCE object to synchronise. Where an alternative initialiser function ++ * is used only one of the primary or the alternative initialiser function will ++ * ever be called - and that function will be called exactly once. Definitition ++ * of an alternative initialiser function MUST occur AFTER the definition of the ++ * primary initialiser function. ++ * ++ * Typical usage might be: ++ * ++ * DEFINE_RUN_ONCE_STATIC(myinitfunc) ++ * { ++ * do_some_initialisation(); ++ * if (init_is_successful()) ++ * return 1; ++ * ++ * return 0; ++ * } ++ * ++ * DEFINE_RUN_ONCE_STATIC_ALT(myaltinitfunc, myinitfunc) ++ * { ++ * do_some_alternative_initialisation(); ++ * if (init_is_successful()) ++ * return 1; ++ * ++ * return 0; ++ * } ++ */ ++#define DEFINE_RUN_ONCE_STATIC_ALT(initalt, init) \ ++ static int initalt(void); \ ++ static void initalt##_ossl_(void) \ ++ { \ ++ init##_ossl_ret_ = initalt(); \ ++ } \ ++ static int initalt(void) ++ + /* + * RUN_ONCE - use CRYPTO_THREAD_run_once, and check if the init succeeded + * @once: pointer to static object of type CRYPTO_ONCE +@@ -43,3 +117,21 @@ + */ + #define RUN_ONCE(once, init) \ + (CRYPTO_THREAD_run_once(once, init##_ossl_) ? init##_ossl_ret_ : 0) ++ ++/* ++ * RUN_ONCE_ALT - use CRYPTO_THREAD_run_once, to run an alternative initialiser ++ * function and check if that initialisation succeeded ++ * @once: pointer to static object of type CRYPTO_ONCE ++ * @initalt: alternative initialiser function name that was previously given to ++ * DEFINE_RUN_ONCE_STATIC_ALT. This function must return 1 for ++ * success or 0 for failure. ++ * @init: primary initialiser function name that was previously given to ++ * DEFINE_RUN_ONCE_STATIC. This function must return 1 for success or ++ * 0 for failure. ++ * ++ * The return value is 1 on success (*) or 0 in case of error. ++ * ++ * (*) by convention, since the init function must return 1 on success. ++ */ ++#define RUN_ONCE_ALT(once, initalt, init) \ ++ (CRYPTO_THREAD_run_once(once, initalt##_ossl_) ? init##_ossl_ret_ : 0) +diff --git a/ssl/ssl_init.c b/ssl/ssl_init.c +index c0ccb9304a6..96526472c57 100644 +--- a/ssl/ssl_init.c ++++ b/ssl/ssl_init.c +@@ -134,7 +134,8 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_load_ssl_strings) + return 1; + } + +-DEFINE_RUN_ONCE_STATIC(ossl_init_no_load_ssl_strings) ++DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_load_ssl_strings, ++ ossl_init_load_ssl_strings) + { + /* Do nothing in this case */ + return 1; +@@ -207,7 +208,8 @@ int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS * settings) + return 0; + + if ((opts & OPENSSL_INIT_NO_LOAD_SSL_STRINGS) +- && !RUN_ONCE(&ssl_strings, ossl_init_no_load_ssl_strings)) ++ && !RUN_ONCE_ALT(&ssl_strings, ossl_init_no_load_ssl_strings, ++ ossl_init_load_ssl_strings)) + return 0; + + if ((opts & OPENSSL_INIT_LOAD_SSL_STRINGS) From 0930945aa0c7db4a990726ee24bfed7b1c8bd04b Mon Sep 17 00:00:00 2001 From: DeckerSU Date: Mon, 22 Apr 2019 20:54:49 +0300 Subject: [PATCH 11/12] remove debug delays in libcurl.mk --- depends/packages/libcurl.mk | 2 -- 1 file changed, 2 deletions(-) diff --git a/depends/packages/libcurl.mk b/depends/packages/libcurl.mk index 1ce0a9161..71e9803a4 100644 --- a/depends/packages/libcurl.mk +++ b/depends/packages/libcurl.mk @@ -26,7 +26,6 @@ endif define $(package)_config_cmds echo '=== config for $(package):' && \ echo '$($(package)_config_env) $($(package)_conf_tool) $($(package)_config_opts)' && \ - sleep 10 && \ echo '=== ' && \ $($(package)_config_env) $($(package)_conf_tool) $($(package)_config_opts) endef @@ -43,6 +42,5 @@ endif define $(package)_stage_cmds echo 'Staging dir: $($(package)_staging_dir)$(host_prefix)/' && \ - sleep 10 && \ $(MAKE) DESTDIR=$($(package)_staging_dir) install endef From c4c5746e9c9988de03c506ca02354b580865e8d6 Mon Sep 17 00:00:00 2001 From: DeckerSU Date: Mon, 22 Apr 2019 20:56:25 +0300 Subject: [PATCH 12/12] added config flags to openssl to make libcurl HTTPS connections work OpenSSL needs to be built with sock, ssl, tls and des. all other config options can be disabled, like in ZCash. --- depends/packages/openssl.mk | 64 +++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) diff --git a/depends/packages/openssl.mk b/depends/packages/openssl.mk index 5c689fe0b..c5ac5bb32 100644 --- a/depends/packages/openssl.mk +++ b/depends/packages/openssl.mk @@ -8,7 +8,71 @@ $(package)_patches=ssl_fix.patch define $(package)_set_vars $(package)_config_env=AR="$($(package)_ar)" RANLIB="$($(package)_ranlib)" CC="$($(package)_cc)" $(package)_config_opts=--prefix=$(host_prefix) --openssldir=$(host_prefix)/etc/openssl +$(package)_config_opts+=no-afalgeng +$(package)_config_opts+=no-asm +$(package)_config_opts+=no-async +$(package)_config_opts+=no-bf +$(package)_config_opts+=no-blake2 +$(package)_config_opts+=no-camellia +$(package)_config_opts+=no-capieng +$(package)_config_opts+=no-cast +$(package)_config_opts+=no-chacha +$(package)_config_opts+=no-cmac +$(package)_config_opts+=no-cms +$(package)_config_opts+=no-comp +$(package)_config_opts+=no-crypto-mdebug +$(package)_config_opts+=no-crypto-mdebug-backtrace +$(package)_config_opts+=no-ct +$(package)_config_opts+=no-dgram +$(package)_config_opts+=no-dsa +$(package)_config_opts+=no-dso +$(package)_config_opts+=no-dtls +$(package)_config_opts+=no-dtls1 +$(package)_config_opts+=no-dtls1-method +$(package)_config_opts+=no-dynamic-engine +$(package)_config_opts+=no-ec2m +$(package)_config_opts+=no-ec_nistp_64_gcc_128 +$(package)_config_opts+=no-egd +$(package)_config_opts+=no-engine +$(package)_config_opts+=no-err +$(package)_config_opts+=no-gost +$(package)_config_opts+=no-heartbeats +$(package)_config_opts+=no-idea +$(package)_config_opts+=no-md2 +$(package)_config_opts+=no-md4 +$(package)_config_opts+=no-mdc2 +$(package)_config_opts+=no-multiblock +$(package)_config_opts+=no-nextprotoneg +$(package)_config_opts+=no-ocb +$(package)_config_opts+=no-ocsp +$(package)_config_opts+=no-poly1305 +$(package)_config_opts+=no-posix-io +$(package)_config_opts+=no-psk +$(package)_config_opts+=no-rc2 +$(package)_config_opts+=no-rc4 +$(package)_config_opts+=no-rc5 +$(package)_config_opts+=no-rdrand +$(package)_config_opts+=no-rfc3779 +$(package)_config_opts+=no-rmd160 +$(package)_config_opts+=no-scrypt +$(package)_config_opts+=no-sctp +$(package)_config_opts+=no-seed $(package)_config_opts+=no-shared +$(package)_config_opts+=no-srp +$(package)_config_opts+=no-srtp +$(package)_config_opts+=no-ssl3 +$(package)_config_opts+=no-ssl3-method +$(package)_config_opts+=no-ssl-trace +$(package)_config_opts+=no-stdio +$(package)_config_opts+=no-tls1 +$(package)_config_opts+=no-tls1-method +$(package)_config_opts+=no-ts +$(package)_config_opts+=no-ui +$(package)_config_opts+=no-unit-test +$(package)_config_opts+=no-weak-ssl-ciphers +$(package)_config_opts+=no-whirlpool +$(package)_config_opts+=no-zlib +$(package)_config_opts+=no-zlib-dynamic $(package)_config_opts+=$($(package)_cflags) $($(package)_cppflags) $(package)_config_opts+=-DPURIFY $(package)_config_opts_linux=-fPIC -Wa,--noexecstack