DragonX/hush3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #1449 from DeckerSU/patch-curl

Browse Source 
[Linux] fix libcurl HTTPS connections
This commit is contained in:
jl777
2019-04-22 07:01:55 -11:00
committed by GitHub
parent e8771704e0 c4c5746e9c
commit 49f9276e8a
5 changed files with 298 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
depends/packages/libcurl.mk
View File

@@ -1,9 +1,10 @@
package=libcurl
$(package)_version=7.54.0
$(package)_version=7.64.1
$(package)_dependencies=openssl
$(package)_download_path=https://curl.haxx.se/download
$(package)_file_name=curl-$($(package)_version).tar.gz
$(package)_sha256_hash=a84b635941c74e26cce69dd817489bec687eb1f230e7d1897fc5b5f108b59adf
$(package)_config_opts_linux=--disable-shared --enable-static --prefix=$(host_prefix)
$(package)_sha256_hash=432d3f466644b9416bc5b649d344116a753aeaa520c8beaf024a90cba9d3d35d
$(package)_config_opts_linux=--disable-shared --enable-static --prefix=$(host_prefix) --host=x86_64-unknown-linux-gnu
$(package)_config_opts_mingw32=--enable-mingw --disable-shared --enable-static --prefix=$(host_prefix) --host=x86_64-w64-mingw32
$(package)_config_opts_darwin=--disable-shared --enable-static --prefix=$(host_prefix)
$(package)_cflags_darwin=-mmacosx-version-min=10.9
@@ -15,11 +16,20 @@ define $(package)_set_vars
endef
endif
define $(package)_config_cmds
$($(package)_conf_tool) $($(package)_config_opts)
ifeq ($(build_os),linux)
define $(package)_set_vars
$(package)_config_env=LD_LIBRARY_PATH="$(host_prefix)/lib" PKG_CONFIG_LIBDIR="$(host_prefix)/lib/pkgconfig" CPPFLAGS="-I$(host_prefix)/include" LDFLAGS="-L$(host_prefix)/lib"
endef
endif
define $(package)_config_cmds
echo '=== config for $(package):' && \
echo '$($(package)_config_env) $($(package)_conf_tool) $($(package)_config_opts)' && \
echo '=== ' && \
$($(package)_config_env) $($(package)_conf_tool) $($(package)_config_opts)
endef
ifeq ($(build_os),darwin)
define $(package)_build_cmds
$(MAKE) CPPFLAGS='-fPIC' CFLAGS='-mmacosx-version-min=10.9'
@@ -31,5 +41,6 @@ endef
endif
define $(package)_stage_cmds
echo 'Staging dir: $($(package)_staging_dir)$(host_prefix)/' && \
$(MAKE) DESTDIR=$($(package)_staging_dir) install
endef

8
depends/packages/openssl.mk
View File

@@ -3,6 +3,7 @@ $(package)_version=1.1.1a
$(package)_download_path=https://www.openssl.org/source
$(package)_file_name=$(package)-$($(package)_version).tar.gz
$(package)_sha256_hash=fc20130f8b7cbd2fb918b2f14e2f429e109c31ddd0fb38fc5d71d9ffed3f9f41
$(package)_patches=ssl_fix.patch
define $(package)_set_vars
$(package)_config_env=AR="$($(package)_ar)" RANLIB="$($(package)_ranlib)" CC="$($(package)_cc)"
@@ -22,7 +23,6 @@ $(package)_config_opts+=no-comp
$(package)_config_opts+=no-crypto-mdebug
$(package)_config_opts+=no-crypto-mdebug-backtrace
$(package)_config_opts+=no-ct
$(package)_config_opts+=no-des
$(package)_config_opts+=no-dgram
$(package)_config_opts+=no-dsa
$(package)_config_opts+=no-dso
@@ -58,15 +58,12 @@ $(package)_config_opts+=no-scrypt
$(package)_config_opts+=no-sctp
$(package)_config_opts+=no-seed
$(package)_config_opts+=no-shared
$(package)_config_opts+=no-sock
$(package)_config_opts+=no-srp
$(package)_config_opts+=no-srtp
$(package)_config_opts+=no-ssl
$(package)_config_opts+=no-ssl3
$(package)_config_opts+=no-ssl3-method
$(package)_config_opts+=no-ssl-trace
$(package)_config_opts+=no-stdio
$(package)_config_opts+=no-tls
$(package)_config_opts+=no-tls1
$(package)_config_opts+=no-tls1-method
$(package)_config_opts+=no-ts
@@ -93,7 +90,8 @@ endef
define $(package)_preprocess_cmds
sed -i.old 's/built on: $date/built on: not available/' util/mkbuildinf.pl && \
sed -i.old "s|\"engines\", \"apps\", \"test\"|\"engines\"|" Configure
sed -i.old "s|\"engines\", \"apps\", \"test\"|\"engines\"|" Configure && \
patch -p1 < $($(package)_patch_dir)/ssl_fix.patch
endef
define $(package)_config_cmds

2
depends/packages/packages.mk
View File

@@ -47,7 +47,7 @@ native_packages := native_ccache
wallet_packages=bdb
ifeq ($(host_os),linux)
packages := boost openssl libevent zeromq $(zcash_packages) googletest #googlemock
packages := boost openssl libevent zeromq $(zcash_packages) googletest libcurl #googlemock
else
packages := boost openssl libevent zeromq $(zcash_packages) libcurl googletest #googlemock
endif

273
depends/patches/openssl/ssl_fix.patch Normal file
View File

@@ -0,0 +1,273 @@
From f725fe5b4b6504df08e30f5194d321c3025e2336 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Tue, 20 Nov 2018 15:32:55 +0000
Subject: [PATCH] Fix a RUN_ONCE bug
We have a number of instances where there are multiple "init" functions for
a single CRYPTO_ONCE variable, e.g. to load config automatically or to not
load config automatically. Unfortunately the RUN_ONCE mechanism was not
correctly giving the right return value where an alternative init function
was being used.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7983)
---
crypto/init.c | 38 +++++++++-----
include/internal/thread_once.h | 92 ++++++++++++++++++++++++++++++++++
ssl/ssl_init.c | 6 ++-
3 files changed, 121 insertions(+), 15 deletions(-)
diff --git a/crypto/init.c b/crypto/init.c
index 209d1a483da..f20a12f069a 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -177,12 +177,6 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_nodelete)
static CRYPTO_ONCE load_crypto_strings = CRYPTO_ONCE_STATIC_INIT;
static int load_crypto_strings_inited = 0;
-DEFINE_RUN_ONCE_STATIC(ossl_init_no_load_crypto_strings)
-{
- /* Do nothing in this case */
- return 1;
-}
-
DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings)
{
int ret = 1;
@@ -201,6 +195,13 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings)
return ret;
}
+DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_load_crypto_strings,
+ ossl_init_load_crypto_strings)
+{
+ /* Do nothing in this case */
+ return 1;
+}
+
static CRYPTO_ONCE add_all_ciphers = CRYPTO_ONCE_STATIC_INIT;
DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_ciphers)
{
@@ -218,6 +219,13 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_ciphers)
return 1;
}
+DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_ciphers,
+ ossl_init_add_all_ciphers)
+{
+ /* Do nothing */
+ return 1;
+}
+
static CRYPTO_ONCE add_all_digests = CRYPTO_ONCE_STATIC_INIT;
DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_digests)
{
@@ -235,7 +243,8 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_digests)
return 1;
}
-DEFINE_RUN_ONCE_STATIC(ossl_init_no_add_algs)
+DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_digests,
+ ossl_init_add_all_digests)
{
/* Do nothing */
return 1;
@@ -255,7 +264,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_config)
config_inited = 1;
return 1;
}
-DEFINE_RUN_ONCE_STATIC(ossl_init_no_config)
+DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_config, ossl_init_config)
{
#ifdef OPENSSL_INIT_DEBUG
fprintf(stderr,
@@ -595,8 +604,9 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
return 0;
if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS)
- && !RUN_ONCE(&load_crypto_strings,
- ossl_init_no_load_crypto_strings))
+ && !RUN_ONCE_ALT(&load_crypto_strings,
+ ossl_init_no_load_crypto_strings,
+ ossl_init_load_crypto_strings))
return 0;
if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS)
@@ -604,7 +614,8 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
return 0;
if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS)
- && !RUN_ONCE(&add_all_ciphers, ossl_init_no_add_algs))
+ && !RUN_ONCE_ALT(&add_all_ciphers, ossl_init_no_add_all_ciphers,
+ ossl_init_add_all_ciphers))
return 0;
if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS)
@@ -612,7 +623,8 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
return 0;
if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS)
- && !RUN_ONCE(&add_all_digests, ossl_init_no_add_algs))
+ && !RUN_ONCE_ALT(&add_all_digests, ossl_init_no_add_all_digests,
+ ossl_init_add_all_digests))
return 0;
if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS)
@@ -624,7 +636,7 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
return 0;
if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG)
- && !RUN_ONCE(&config, ossl_init_no_config))
+ && !RUN_ONCE_ALT(&config, ossl_init_no_config, ossl_init_config))
return 0;
if (opts & OPENSSL_INIT_LOAD_CONFIG) {
diff --git a/include/internal/thread_once.h b/include/internal/thread_once.h
index 224244353ab..e268a959ef3 100644
--- a/include/internal/thread_once.h
+++ b/include/internal/thread_once.h
@@ -9,6 +9,20 @@
#include <openssl/crypto.h>
+/*
+ * DEFINE_RUN_ONCE: Define an initialiser function that should be run exactly
+ * once. It takes no arguments and returns and int result (1 for success or
+ * 0 for failure). Typical usage might be:
+ *
+ * DEFINE_RUN_ONCE(myinitfunc)
+ * {
+ * do_some_initialisation();
+ * if (init_is_successful())
+ * return 1;
+ *
+ * return 0;
+ * }
+ */
#define DEFINE_RUN_ONCE(init) \
static int init(void); \
int init##_ossl_ret_ = 0; \
@@ -17,10 +31,30 @@
init##_ossl_ret_ = init(); \
} \
static int init(void)
+
+/*
+ * DECLARE_RUN_ONCE: Declare an initialiser function that should be run exactly
+ * once that has been defined in another file via DEFINE_RUN_ONCE().
+ */
#define DECLARE_RUN_ONCE(init) \
extern int init##_ossl_ret_; \
void init##_ossl_(void);
+/*
+ * DEFINE_RUN_ONCE_STATIC: Define an initialiser function that should be run
+ * exactly once. This function will be declared as static within the file. It
+ * takes no arguments and returns and int result (1 for success or 0 for
+ * failure). Typical usage might be:
+ *
+ * DEFINE_RUN_ONCE_STATIC(myinitfunc)
+ * {
+ * do_some_initialisation();
+ * if (init_is_successful())
+ * return 1;
+ *
+ * return 0;
+ * }
+ */
#define DEFINE_RUN_ONCE_STATIC(init) \
static int init(void); \
static int init##_ossl_ret_ = 0; \
@@ -30,6 +64,46 @@
} \
static int init(void)
+/*
+ * DEFINE_RUN_ONCE_STATIC_ALT: Define an alternative initialiser function. This
+ * function will be declared as static within the file. It takes no arguments
+ * and returns an int result (1 for success or 0 for failure). An alternative
+ * initialiser function is expected to be associated with a primary initialiser
+ * function defined via DEFINE_ONCE_STATIC where both functions use the same
+ * CRYPTO_ONCE object to synchronise. Where an alternative initialiser function
+ * is used only one of the primary or the alternative initialiser function will
+ * ever be called - and that function will be called exactly once. Definitition
+ * of an alternative initialiser function MUST occur AFTER the definition of the
+ * primary initialiser function.
+ *
+ * Typical usage might be:
+ *
+ * DEFINE_RUN_ONCE_STATIC(myinitfunc)
+ * {
+ * do_some_initialisation();
+ * if (init_is_successful())
+ * return 1;
+ *
+ * return 0;
+ * }
+ *
+ * DEFINE_RUN_ONCE_STATIC_ALT(myaltinitfunc, myinitfunc)
+ * {
+ * do_some_alternative_initialisation();
+ * if (init_is_successful())
+ * return 1;
+ *
+ * return 0;
+ * }
+ */
+#define DEFINE_RUN_ONCE_STATIC_ALT(initalt, init) \
+ static int initalt(void); \
+ static void initalt##_ossl_(void) \
+ { \
+ init##_ossl_ret_ = initalt(); \
+ } \
+ static int initalt(void)
+
/*
* RUN_ONCE - use CRYPTO_THREAD_run_once, and check if the init succeeded
* @once: pointer to static object of type CRYPTO_ONCE
@@ -43,3 +117,21 @@
*/
#define RUN_ONCE(once, init) \
(CRYPTO_THREAD_run_once(once, init##_ossl_) ? init##_ossl_ret_ : 0)
+
+/*
+ * RUN_ONCE_ALT - use CRYPTO_THREAD_run_once, to run an alternative initialiser
+ * function and check if that initialisation succeeded
+ * @once: pointer to static object of type CRYPTO_ONCE
+ * @initalt: alternative initialiser function name that was previously given to
+ * DEFINE_RUN_ONCE_STATIC_ALT. This function must return 1 for
+ * success or 0 for failure.
+ * @init: primary initialiser function name that was previously given to
+ * DEFINE_RUN_ONCE_STATIC. This function must return 1 for success or
+ * 0 for failure.
+ *
+ * The return value is 1 on success (*) or 0 in case of error.
+ *
+ * (*) by convention, since the init function must return 1 on success.
+ */
+#define RUN_ONCE_ALT(once, initalt, init) \
+ (CRYPTO_THREAD_run_once(once, initalt##_ossl_) ? init##_ossl_ret_ : 0)
diff --git a/ssl/ssl_init.c b/ssl/ssl_init.c
index c0ccb9304a6..96526472c57 100644
--- a/ssl/ssl_init.c
+++ b/ssl/ssl_init.c
@@ -134,7 +134,8 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_load_ssl_strings)
return 1;
}
-DEFINE_RUN_ONCE_STATIC(ossl_init_no_load_ssl_strings)
+DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_load_ssl_strings,
+ ossl_init_load_ssl_strings)
{
/* Do nothing in this case */
return 1;
@@ -207,7 +208,8 @@ int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS * settings)
return 0;
if ((opts & OPENSSL_INIT_NO_LOAD_SSL_STRINGS)
- && !RUN_ONCE(&ssl_strings, ossl_init_no_load_ssl_strings))
+ && !RUN_ONCE_ALT(&ssl_strings, ossl_init_no_load_ssl_strings,
+ ossl_init_load_ssl_strings))
return 0;
if ((opts & OPENSSL_INIT_LOAD_SSL_STRINGS)

7
src/komodo_bitcoind.h
View File

@@ -207,8 +207,11 @@ try_again:
if ( strncmp(url,"https",5) == 0 )
{
curl_easy_setopt(curl_handle,CURLOPT_SSL_VERIFYPEER,0);
curl_easy_setopt(curl_handle,CURLOPT_SSL_VERIFYHOST,0);
/* printf("[ Decker ] SSL: %s\n", curl_version()); */
curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYPEER, 0L);
curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYHOST, 0L);
//curl_easy_setopt(curl_handle, CURLOPT_VERBOSE, 1L); // this is useful for debug, but seems crash on libcurl/7.64.1 OpenSSL/1.1.1b zlib/1.2.8 librtmp/2.3
}
if ( userpass != 0 )
curl_easy_setopt(curl_handle,CURLOPT_USERPWD, userpass);