diff --git a/contrib/src/gnutls/fetch_and_patch.bat b/contrib/src/gnutls/fetch_and_patch.bat new file mode 100644 index 0000000000000000000000000000000000000000..a7c369384d52c76f5943eb0cd2a215ae2d28c73c --- /dev/null +++ b/contrib/src/gnutls/fetch_and_patch.bat @@ -0,0 +1,14 @@ +set BUILD=..\..\build +set SRC=..\..\src + +mkdir %BUILD% +cd %BUILD% +git clone https://github.com/ShiftMediaProject/gnutls.git + +cd gnutls + +git apply --reject --whitespace=fix %SRC%\gnutls\gnutls-no-egd.patch +git apply --reject --whitespace=fix %SRC%\gnutls\read-file-limits.h.patch +git apply --reject --whitespace=fix %SRC%\gnutls\gnutls-uwp.patch + +cd %SRC% \ No newline at end of file diff --git a/contrib/src/gnutls/gnutls-uwp.patch b/contrib/src/gnutls/gnutls-uwp.patch new file mode 100644 index 0000000000000000000000000000000000000000..5a670747d159ae0dbd130bf4e63b8a7e2febe753 --- /dev/null +++ b/contrib/src/gnutls/gnutls-uwp.patch @@ -0,0 +1,334 @@ +--- a/SMP/libgnutls.vcxproj ++++ b/SMP/libgnutls.vcxproj +@@ -795,7 +795,7 @@ + <CustomBuildAfterTargets>Clean</CustomBuildAfterTargets> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> +- <IntDir>$(SolutionDir)obj\$(Configuration)\$(Platform)\$(ProjectName)\</IntDir> ++ <IntDir>$(ProjectDir)obj\$(Configuration)\$(Platform)\$(ProjectName)\</IntDir> + <TargetName>libgnutls</TargetName> + <OutDir>$(ProjectDir)..\..\..\msvc\</OutDir> + <CustomBuildAfterTargets>Clean</CustomBuildAfterTargets> +@@ -1834,7 +1834,7 @@ del /f /q $(OutDir)\licenses\gnutls.txt + <BufferSecurityCheck>false</BufferSecurityCheck> + <FloatingPointModel>Fast</FloatingPointModel> + <FloatingPointExceptions>false</FloatingPointExceptions> +- <PreprocessorDefinitions>HAVE_CONFIG_H;inline=__inline;ASN1_BUILDING;ASN1_STATIC;LOCALEDIR=".";__func__=__FUNCTION__;ASM_X86;ASM_X86_64;_WIN32_WINNT=0x0600;NDEBUG;_WINDOWS;%(PreprocessorDefinitions)</PreprocessorDefinitions> ++ <PreprocessorDefinitions>RING_UWP;HAVE_WIN32_LOCKS;HAVE_CONFIG_H;inline=__inline;ASN1_BUILDING;ASN1_STATIC;LOCALEDIR=".";__func__=__FUNCTION__;ASM_X86_64;_WIN32_WINNT=0x0600;NDEBUG;_WINDOWS;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <AdditionalIncludeDirectories>.\;.\lib;..\lib;..\lib\accelerated;..\lib\auth;..\lib\ext;..\lib\extras;..\lib\minitasn1;..\lib\nettle;..\lib\nettle\int;..\lib\openpgp;..\lib\opencdk;..\lib\x509;..\lib\includes;..\gl;$(OutDir)\include;..\lib\accelerated\x86;$(ProjectDir)\..\..\prebuilt\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> + <ExceptionHandling>false</ExceptionHandling> + <DisableSpecificWarnings>4996;4244;4018;4146;4267;4028;4101;4020;4047;4024;4005;4311;4312;4334;4116;4090;%(DisableSpecificWarnings)</DisableSpecificWarnings> +@@ -1850,7 +1850,7 @@ del /f /q $(OutDir)\licenses\gnutls.txt + <OutputFile>$(OutDir)\lib\x64\$(TargetName)$(TargetExt)</OutputFile> + <TargetMachine>MachineX64</TargetMachine> + <SubSystem>Windows</SubSystem> +- <AdditionalDependencies>Crypt32.lib;Ws2_32.lib;libzlib.lib;libiconv.lib;libhogweed.lib;libgmp.lib;libnettle.lib;%(AdditionalDependencies)</AdditionalDependencies> ++ <AdditionalDependencies>bcrypt.lib;Ws2_32.lib;libzlib.lib;libiconv.lib;libhogweed.lib;libgmp.lib;libnettle.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalLibraryDirectories>$(OutDir)\lib\x64\;$(ProjectDir)\..\..\prebuilt\lib\x64\;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories> + <AdditionalOptions>/IGNORE:4006,4221,4042 %(AdditionalOptions)</AdditionalOptions> + </Lib> +--- a/lib/nettle/rnd-common.c ++++ b/lib/nettle/rnd-common.c +@@ -45,6 +45,7 @@ + #include <sys/types.h> + #include <sys/stat.h> + #include <unistd.h> ++#include <bcrypt.h> + + /* gnulib wants to claim strerror even if it cannot provide it. WTF */ + #undef strerror +@@ -88,16 +89,25 @@ void _rnd_get_event(struct event_st *e) + #include <wincrypt.h> + + static HCRYPTPROV device_fd = 0; ++static BCRYPT_ALG_HANDLE bdevice_fd = 0; + + static + int _rnd_get_system_entropy_win32(void* rnd, size_t size) + { ++#ifndef RING_UWP + if (!CryptGenRandom(device_fd, (DWORD) size, rnd)) { + _gnutls_debug_log("Error in CryptGenRandom: %d\n", + (int)GetLastError()); + return GNUTLS_E_RANDOM_DEVICE_ERROR; + } +- ++#else ++ NTSTATUS ret = BCryptGenRandom(bdevice_fd, rnd, (ULONG) size, 0); ++ if (!(BCRYPT_SUCCESS(ret))) { ++ _gnutls_debug_log("Error in BCryptGenRandom: %d\n", ++ (int)GetLastError()); ++ return GNUTLS_E_RANDOM_DEVICE_ERROR; ++ } ++#endif + return 0; + } + +@@ -111,7 +121,7 @@ int _rnd_system_entropy_check(void) + int _rnd_system_entropy_init(void) + { + int old; +- ++#ifndef RING_UWP + if (!CryptAcquireContext + (&device_fd, NULL, NULL, PROV_RSA_FULL, + CRYPT_SILENT | CRYPT_VERIFYCONTEXT)) { +@@ -119,13 +129,26 @@ int _rnd_system_entropy_init(void) + ("error in CryptAcquireContext!\n"); + return GNUTLS_E_RANDOM_DEVICE_ERROR; + } +- ++#else ++ NTSTATUS ret = BCryptOpenAlgorithmProvider(&bdevice_fd, ++ BCRYPT_RNG_ALGORITHM, MS_PRIMITIVE_PROVIDER, ++ 0); ++ if (!(BCRYPT_SUCCESS(ret))) { ++ _gnutls_debug_log ++ ("error in BCryptOpenAlgorithmProvider!\n"); ++ return GNUTLS_E_RANDOM_DEVICE_ERROR; ++ } ++#endif + return 0; + } + + void _rnd_system_entropy_deinit(void) + { ++#ifndef RING_UWP + CryptReleaseContext(device_fd, 0); ++#else ++ BCryptCloseAlgorithmProvider(bdevice_fd, 0); ++#endif + } + + #else /* POSIX */ +--- a/lib/opencdk/misc.c ++++ b/lib/opencdk/misc.c +@@ -34,7 +34,6 @@ + #include <gnutls_int.h> + #include <gnutls_str.h> + +- + u32 _cdk_buftou32(const byte * buf) + { + u32 u; +@@ -149,6 +148,13 @@ int _cdk_check_args(int overwrite, const char *in, const char *out) + } + + #ifdef _WIN32 ++#if (_WIN32_WINNT >= 0x0600) ++FILE *_cdk_tmpfile(void) ++{ ++ return NULL; ++} ++#else ++ + #include <io.h> + #include <fcntl.h> + +@@ -183,6 +189,7 @@ FILE *_cdk_tmpfile(void) + _close(fd); + return NULL; + } ++#endif /*_WIN32*/ + #else + FILE *_cdk_tmpfile(void) + { +--- a/lib/system-keys-win.c ++++ b/lib/system-keys-win.c +@@ -20,9 +20,10 @@ + + // Before including any Windows header we need to set _WIN32_WINNT to Vista + // (or higher) so that the NCRYPT stuff can be used. +-#if _WIN32_WINNT < 0x600 ++#define _WIN32_WINNT 0x0A00 ++#if _WIN32_WINNT < 0x0600 + #undef _WIN32_WINNT +-#define _WIN32_WINNT 0x600 ++#define _WIN32_WINNT 0x0600 + #endif + + +@@ -1075,7 +1076,11 @@ int _gnutls_system_key_init(void) + int ret; + + #ifdef DYN_NCRYPT +- ncrypt_lib = LoadLibraryA("ncrypt.dll"); ++#if (_WIN32_WINNT < 0x0A00) ++ ncrypt_lib = LoadLibrary("ncrypt.dll"); ++#else ++ ncrypt_lib = LoadPackagedLibrary("ncrypt.dll", 0); ++#endif + if (ncrypt_lib == NULL) { + return gnutls_assert_val(GNUTLS_E_CRYPTO_INIT_FAILED); + } +--- a/lib/system-keys-win.c ++++ b/lib/system-keys-win.c +@@ -396,7 +396,11 @@ _gnutls_privkey_import_system_url(gnutls_privkey_t pkey, + blob.cbData = id_size; + blob.pbData = id; + +- store = CertOpenSystemStore(0, "MY"); ++ store = CertOpenStore( CERT_STORE_PROV_SYSTEM_A, ++ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, ++ 0, ++ CERT_SYSTEM_STORE_CURRENT_USER, ++ (const void*)"MY"); + if (store == NULL) { + gnutls_assert(); + ret = GNUTLS_E_FILE_ERROR; +@@ -535,7 +539,11 @@ _gnutls_x509_crt_import_system_url(gnutls_x509_crt_t crt, const char *url) + blob.cbData = id_size; + blob.pbData = id; + +- store = CertOpenSystemStore(0, "MY"); ++ store = CertOpenStore( CERT_STORE_PROV_SYSTEM_A, ++ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, ++ 0, ++ CERT_SYSTEM_STORE_CURRENT_USER, ++ (const void*)"MY"); + if (store == NULL) { + gnutls_assert(); + ret = GNUTLS_E_FILE_ERROR; +@@ -776,7 +784,11 @@ gnutls_system_key_iter_get_info(gnutls_system_key_iter_t *iter, + if (*iter == NULL) + return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); + +- (*iter)->store = CertOpenSystemStore(0, "MY"); ++ (*iter)->store = CertOpenStore( CERT_STORE_PROV_SYSTEM_A, ++ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, ++ 0, ++ CERT_SYSTEM_STORE_CURRENT_USER, ++ (const void*)"MY"); + if ((*iter)->store == NULL) { + gnutls_free(*iter); + *iter = NULL; +@@ -841,7 +853,11 @@ int gnutls_system_key_delete(const char *cert_url, const char *key_url) + blob.cbData = id_size; + blob.pbData = id; + +- store = CertOpenSystemStore(0, "MY"); ++ store = CertOpenStore( CERT_STORE_PROV_SYSTEM_A, ++ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, ++ 0, ++ CERT_SYSTEM_STORE_CURRENT_USER, ++ (const void*)"MY"); + if (store != NULL) { + do { + cert = CertFindCertificateInStore(store, +--- a/lib/system.c ++++ b/lib/system.c +@@ -446,9 +446,17 @@ int add_system_trust(gnutls_x509_trust_list_t list, unsigned int tl_flags, + gnutls_datum_t data; + + if (i == 0) +- store = CertOpenSystemStore(0, "ROOT"); ++ store = CertOpenStore( CERT_STORE_PROV_SYSTEM_A, ++ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, ++ 0, ++ CERT_SYSTEM_STORE_CURRENT_USER, ++ (const void*)"ROOT"); + else +- store = CertOpenSystemStore(0, "CA"); ++ store = CertOpenStore( CERT_STORE_PROV_SYSTEM_A, ++ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, ++ 0, ++ CERT_SYSTEM_STORE_CURRENT_USER, ++ (const void*)"CA"); + + if (store == NULL) + return GNUTLS_E_FILE_ERROR; +--- a/lib/accelerated/x86/x86-common.c ++++ b/lib/accelerated/x86/x86-common.c +@@ -652,6 +652,7 @@ void register_x86_intel_crypto(unsigned capabilities) + + void register_x86_crypto(void) + { ++#ifndef RING_UWP + unsigned capabilities = 0; + char *p; + p = secure_getenv("GNUTLS_CPUID_OVERRIDE"); +@@ -663,5 +664,7 @@ void register_x86_crypto(void) + #ifdef ENABLE_PADLOCK + register_x86_padlock_crypto(capabilities); + #endif ++#endif ++ register_x86_intel_crypto(0); + } + +--- a/lib/gnutls_global.c ++++ b/lib/gnutls_global.c +@@ -240,7 +240,9 @@ int gnutls_global_init(void) + + _gnutls_switch_lib_state(LIB_STATE_INIT); + ++#ifndef RING_UWP + e = secure_getenv("GNUTLS_DEBUG_LEVEL"); ++#endif + if (e != NULL) { + level = atoi(e); + gnutls_global_set_log_level(level); +@@ -473,8 +475,10 @@ const char *e; + if (_gnutls_global_init_skip() != 0) + return; + ++#ifndef RING_UWP + e = secure_getenv("GNUTLS_NO_EXPLICIT_INIT"); +- if (e != NULL) { ++#endif ++ if (e != NULL) { + ret = atoi(e); + if (ret == 1) + return; +@@ -494,7 +498,9 @@ static void _DESTRUCTOR lib_deinit(void) + if (_gnutls_global_init_skip() != 0) + return; + ++#ifndef RING_UWP + e = secure_getenv("GNUTLS_NO_EXPLICIT_INIT"); ++#endif + if (e != NULL) { + int ret = atoi(e); + if (ret == 1) +--- a/lib/gnutls_kx.c ++++ b/lib/gnutls_kx.c +@@ -105,7 +105,9 @@ static void write_nss_key_log(gnutls_session_t session, const gnutls_datum_t *pr + + if (!checked_env) { + checked_env = 1; ++#ifndef RING_UWP + keylogfile = secure_getenv("SSLKEYLOGFILE"); ++#endif + } + + if (keylogfile == NULL) +--- a/lib/system.c ++++ b/lib/system.c +@@ -340,7 +340,11 @@ void gnutls_system_global_deinit(void) + */ + int _gnutls_find_config_path(char *path, size_t max_size) + { +- const char *home_dir = secure_getenv("HOME"); ++#ifndef RING_UWP ++ const char *home_dir = secure_getenv("HOME"); ++#else ++ const char *home_dir = NULL; ++#endif + + if (home_dir != NULL && home_dir[0] != 0) { + snprintf(path, max_size, "%s/" CONFIG_PATH, home_dir); +@@ -349,8 +353,13 @@ int _gnutls_find_config_path(char *path, size_t max_size) + + #ifdef _WIN32 + if (home_dir == NULL || home_dir[0] == '\0') { ++#ifndef RING_UWP + const char *home_drive = getenv("HOMEDRIVE"); + const char *home_path = getenv("HOMEPATH"); ++#else ++ const char *home_drive = NULL; ++ const char *home_path = NULL; ++#endif + + if (home_drive != NULL && home_path != NULL) { + snprintf(path, max_size, "%s%s\\" CONFIG_PATH, home_drive, home_path); +2.8.1.windows.1 +