mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-28 09:53:10 +00:00
Merge pull request #254574 from helsinki-systems/upd/openssl_1_1
openssl_1_1: 1.1.1v -> 1.1.1w
This commit is contained in:
commit
c5aab69eaa
@ -1,44 +0,0 @@
|
||||
From 4bfac4471f53c4f74c8d81020beb938f92d84ca5 Mon Sep 17 00:00:00 2001
|
||||
From: Bernd Edlinger <bernd.edlinger@hotmail.de>
|
||||
Date: Tue, 22 Aug 2023 16:07:30 +0200
|
||||
Subject: [PATCH] Avoid clobbering non-volatile XMM registers
|
||||
|
||||
This affects some Poly1305 assembler functions
|
||||
which are only used for certain CPU types.
|
||||
|
||||
Remove those functions for Windows targets,
|
||||
as a simple interim solution.
|
||||
|
||||
Fixes #21522
|
||||
|
||||
Reviewed-by: Tomas Mraz <tomas@openssl.org>
|
||||
Reviewed-by: Paul Dale <pauli@openssl.org>
|
||||
(Merged from https://github.com/openssl/openssl/pull/21808)
|
||||
|
||||
(cherry picked from commit 7b8e27bc2e02238986d89ef0ece067ec1b48e165)
|
||||
---
|
||||
crypto/poly1305/asm/poly1305-x86_64.pl | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/crypto/poly1305/asm/poly1305-x86_64.pl b/crypto/poly1305/asm/poly1305-x86_64.pl
|
||||
index fa9bfb7a7b81..24bab9d0bcf9 100755
|
||||
--- a/crypto/poly1305/asm/poly1305-x86_64.pl
|
||||
+++ b/crypto/poly1305/asm/poly1305-x86_64.pl
|
||||
@@ -195,7 +195,7 @@ sub poly1305_iteration {
|
||||
bt \$`5+32`,%r9 # AVX2?
|
||||
cmovc %rax,%r10
|
||||
___
|
||||
-$code.=<<___ if ($avx>3);
|
||||
+$code.=<<___ if ($avx>3 && !$win64);
|
||||
mov \$`(1<<31|1<<21|1<<16)`,%rax
|
||||
shr \$32,%r9
|
||||
and %rax,%r9
|
||||
@@ -2724,7 +2724,7 @@ sub poly1305_iteration {
|
||||
.cfi_endproc
|
||||
.size poly1305_blocks_avx512,.-poly1305_blocks_avx512
|
||||
___
|
||||
-if ($avx>3) {
|
||||
+if ($avx>3 && !$win64) {
|
||||
########################################################################
|
||||
# VPMADD52 version using 2^44 radix.
|
||||
#
|
@ -236,14 +236,11 @@ in {
|
||||
# the permitted insecure version to ensure it gets cached for our users
|
||||
# and backport this to stable release (23.05).
|
||||
openssl_1_1 = common {
|
||||
version = "1.1.1v";
|
||||
sha256 = "sha256-1ml+KHHncjhGBALpNi1H0YOCsV758karpse9eA04prA=";
|
||||
version = "1.1.1w";
|
||||
sha256 = "sha256-zzCYlQy02FOtlcCEHx+cbT3BAtzPys1SHZOSUgi3asg=";
|
||||
patches = [
|
||||
./1.1/nix-ssl-cert-file.patch
|
||||
|
||||
# https://www.openssl.org/news/secadv/20230908.txt
|
||||
./1.1/CVE-2023-4807.patch
|
||||
|
||||
(if stdenv.hostPlatform.isDarwin
|
||||
then ./use-etc-ssl-certs-darwin.patch
|
||||
else ./use-etc-ssl-certs.patch)
|
||||
|
@ -26,7 +26,7 @@
|
||||
# for no real reason.
|
||||
# Remove them for 23.11.
|
||||
"nodejs-16.20.2"
|
||||
"openssl-1.1.1v"
|
||||
"openssl-1.1.1w"
|
||||
];
|
||||
}; }
|
||||
}:
|
||||
|
Loading…
Reference in New Issue
Block a user