From 9c0ae378bcc9801aed3c1578432305302004adf3 Mon Sep 17 00:00:00 2001 From: Kongqun Yang Date: Fri, 24 Jul 2015 11:44:52 -0700 Subject: [PATCH] Switch to boringssl. Also update curl accordingly. Boringssl and yasm gyp and patches will follow in a separate cl. Bug: 22463853 Change-Id: I87b91ac089866db58ac433def006fe9ac4744bd6 --- .gitignore | 4 +- DEPS | 28 +++-- packager/app/libcrypto_threading.cc | 2 +- packager/media/base/media_base.gyp | 4 +- packager/media/base/rsa_key_unittest.cc | 23 +++- packager/media/formats/mp4/mp4.gyp | 2 +- packager/packager.gyp | 2 +- packager/third_party/curl/README.packager | 7 +- .../third_party/curl/config/curl/curlbuild.h | 4 +- .../curl/config/linux/curl_config.h | 105 +++++++++--------- packager/third_party/curl/curl.gyp | 10 +- 11 files changed, 108 insertions(+), 83 deletions(-) diff --git a/.gitignore b/.gitignore index 42a631707b..a39a190718 100644 --- a/.gitignore +++ b/.gitignore @@ -9,9 +9,8 @@ /packager/base/ /packager/build/ /packager/docs/ -/packager/ipc/ -/packager/net/ /packager/testing/ +/packager/third_party/boringssl/src/ /packager/third_party/curl/source/ /packager/third_party/gflags/ /packager/third_party/gold/ @@ -22,6 +21,7 @@ /packager/third_party/modp_b64/ /packager/third_party/openssl/ /packager/third_party/protobuf/ +/packager/third_party/yasm/source/patched-yasm/ /packager/third_party/zlib/ /packager/tools/clang/ /packager/tools/gyp/ diff --git a/DEPS b/DEPS index fddd6badc0..d18061628c 100644 --- a/DEPS +++ b/DEPS @@ -9,10 +9,13 @@ vars = { "chromium_git": "https://chromium.googlesource.com", "chromium_svn": "http://src.chromium.org/chrome/trunk", - "chromium_rev": "275581", + "chromium_rev": "296101", + + "googlesource_git": "https://%s.googlesource.com", "curl_url": "https://github.com/bagder/curl.git", - "curl_rev": "curl-7_37_0", + # TODO(kqyang): Replace with an official release. + "curl_rev": "26ddc536b0ab5fc62d6503c82c34dd3dbf112dc3", } deps = { @@ -34,6 +37,11 @@ deps = { "src/packager/testing/gtest": Var("chromium_git") + "/external/googletest@00a70a9667d92a4695d84e4fa36b64f611f147da", #725 + # Make sure the version matches the one in + # src/packager/third_party/boringssl, which contains perl generated files. + "src/packager/third_party/boringssl/src": + (Var("googlesource_git") % "boringssl") + "/boringssl@209b2562235f7dab66b8260624e7b3c5b00d14a6", + "src/packager/third_party/curl/source": Var("curl_url") + "@" + Var("curl_rev"), @@ -57,16 +65,9 @@ deps = { "src/packager/third_party/modp_b64": Var("chromium_git") + "/chromium/src/third_party/modp_b64@3a0e3b4ef6c54678a2d14522533df56b33b56119", - "src/packager/third_party/openssl": - Var("chromium_svn") + "/deps/third_party/openssl@" + Var("chromium_rev"), - "src/packager/third_party/protobuf": Var("chromium_svn") + "/src/third_party/protobuf@" + Var("chromium_rev"), - # Required by build/linux/system.gyp and third_party/curl/curl.gyp. - "src/packager/third_party/zlib": - Var("chromium_git") + "/chromium/src/third_party/zlib@bcf81d2e5f3a62b698d179c1fadba94604c5dad3", - "src/packager/tools/clang": Var("chromium_git") + "/chromium/src/tools/clang@0de8f3bb6af64e13876273c601704795d5e00faf", @@ -82,10 +83,19 @@ deps = { deps_os = { "unix": { # Linux, actually. + # Required by build/linux/system.gyp. + "src/packager/third_party/zlib": + Var("chromium_git") + "/chromium/src/third_party/zlib@bcf81d2e5f3a62b698d179c1fadba94604c5dad3", + # Linux gold build to build faster. "src/packager/third_party/gold": Var("chromium_git") + "/chromium/deps/gold@29ae7431b4688df544ea840b0b66784e5dd298fe", }, + "win": { + # Required by boringssl. + "src/packager/third_party/yasm/source/patched-yasm": + Var("chromium_git") + "/chromium/deps/yasm/patched-yasm.git@4671120cd8558ce62ee8672ebf3eb6f5216f909b", + }, } hooks = [ diff --git a/packager/app/libcrypto_threading.cc b/packager/app/libcrypto_threading.cc index 174bf95f09..60dbdaa352 100644 --- a/packager/app/libcrypto_threading.cc +++ b/packager/app/libcrypto_threading.cc @@ -6,7 +6,7 @@ #include "packager/app/libcrypto_threading.h" -#include +#include #include diff --git a/packager/media/base/media_base.gyp b/packager/media/base/media_base.gyp index 36ea032ea1..8b6b94e82a 100644 --- a/packager/media/base/media_base.gyp +++ b/packager/media/base/media_base.gyp @@ -76,8 +76,8 @@ ], 'dependencies': [ '../../base/base.gyp:base', + '../../third_party/boringssl/boringssl.gyp:boringssl', '../../third_party/curl/curl.gyp:libcurl', - '../../third_party/openssl/openssl.gyp:openssl', ], }, { @@ -107,7 +107,7 @@ 'dependencies': [ '../../testing/gtest.gyp:gtest', '../../testing/gmock.gyp:gmock', - '../../third_party/openssl/openssl.gyp:openssl', + '../../third_party/boringssl/boringssl.gyp:boringssl', '../file/file.gyp:file', '../test/media_test.gyp:media_test_support', 'base', diff --git a/packager/media/base/rsa_key_unittest.cc b/packager/media/base/rsa_key_unittest.cc index d3567c7866..bd5d908cd9 100644 --- a/packager/media/base/rsa_key_unittest.cc +++ b/packager/media/base/rsa_key_unittest.cc @@ -13,6 +13,12 @@ #include "packager/media/base/test/fake_prng.h" #include "packager/media/base/test/rsa_test_data.h" +namespace { +// BoringSSL does not support RAND_set_rand_method yet, so we cannot use fake +// prng with boringssl. +const bool kIsFakePrngSupported = false; +} // namespace + namespace edash_packager { namespace media { @@ -21,15 +27,20 @@ class RsaKeyTest : public ::testing::TestWithParam { RsaKeyTest() : test_set_(GetParam()) {} void SetUp() override { - // Make OpenSSL RSA deterministic. - ASSERT_TRUE(fake_prng::StartFakePrng()); + if (kIsFakePrngSupported) { + // Make OpenSSL RSA deterministic. + ASSERT_TRUE(fake_prng::StartFakePrng()); + } private_key_.reset(RsaPrivateKey::Create(test_set_.private_key)); ASSERT_TRUE(private_key_ != NULL); public_key_.reset(RsaPublicKey::Create(test_set_.public_key)); ASSERT_TRUE(public_key_ != NULL); } - void TearDown() override { fake_prng::StopFakePrng(); } + void TearDown() override { + if (kIsFakePrngSupported) + fake_prng::StopFakePrng(); + } protected: const RsaTestSet& test_set_; @@ -75,7 +86,8 @@ TEST_P(RsaKeyTest, LoadPrivateKeyInPublicKey) { TEST_P(RsaKeyTest, EncryptAndDecrypt) { std::string encrypted_message; EXPECT_TRUE(public_key_->Encrypt(test_set_.test_message, &encrypted_message)); - EXPECT_EQ(test_set_.encrypted_message, encrypted_message); + if (kIsFakePrngSupported) + EXPECT_EQ(test_set_.encrypted_message, encrypted_message); std::string decrypted_message; EXPECT_TRUE(private_key_->Decrypt(encrypted_message, &decrypted_message)); @@ -112,7 +124,8 @@ TEST_P(RsaKeyTest, SignAndVerify) { std::string signature; EXPECT_TRUE( private_key_->GenerateSignature(test_set_.test_message, &signature)); - EXPECT_EQ(test_set_.signature, signature); + if (kIsFakePrngSupported) + EXPECT_EQ(test_set_.signature, signature); EXPECT_TRUE(public_key_->VerifySignature(test_set_.test_message, signature)); } diff --git a/packager/media/formats/mp4/mp4.gyp b/packager/media/formats/mp4/mp4.gyp index f4e15d933e..c8618fa245 100644 --- a/packager/media/formats/mp4/mp4.gyp +++ b/packager/media/formats/mp4/mp4.gyp @@ -56,7 +56,7 @@ 'track_run_iterator.h', ], 'dependencies': [ - '../../../third_party/openssl/openssl.gyp:openssl', + '../../../third_party/boringssl/boringssl.gyp:boringssl', '../../base/media_base.gyp:base', '../../event/media_event.gyp:media_event', '../../filters/filters.gyp:filters', diff --git a/packager/packager.gyp b/packager/packager.gyp index a3de0609af..7cc2973d4c 100644 --- a/packager/packager.gyp +++ b/packager/packager.gyp @@ -40,8 +40,8 @@ 'media/formats/mpeg/mpeg.gyp:mpeg', 'media/formats/wvm/wvm.gyp:wvm', 'mpd/mpd.gyp:mpd_builder', + 'third_party/boringssl/boringssl.gyp:boringssl', 'third_party/gflags/gflags.gyp:gflags', - 'third_party/openssl/openssl.gyp:openssl', ], }, { diff --git a/packager/third_party/curl/README.packager b/packager/third_party/curl/README.packager index d40de2a9b0..ddae514e58 100644 --- a/packager/third_party/curl/README.packager +++ b/packager/third_party/curl/README.packager @@ -26,9 +26,10 @@ Description of source tree. A dummy manual required to build curl command line tool. config/linux/curl_config.h - An *auto-generated* configuration file by running source/buildconf on - linux platform, with a few features disabled to build correctly on a - fresh linux box. + An *auto-generated* configuration file by running "source/configure + --with-ssl --without-ca-bundle --without-ca-path --without-zlib + --without-libidn --without-librtmp" on linux platform, with a few + features disabled to build correctly on a fresh linux box. config/linux/find_curl_ca_bundle.sh A script used to find the path to curl_ca_bundle in the target system. diff --git a/packager/third_party/curl/config/curl/curlbuild.h b/packager/third_party/curl/config/curl/curlbuild.h index 3ad2f018d8..f09419a843 100644 --- a/packager/third_party/curl/config/curl/curlbuild.h +++ b/packager/third_party/curl/config/curl/curlbuild.h @@ -528,7 +528,7 @@ #elif defined(__GNUC__) # if defined(__ILP32__) || \ - defined(__i386__) || defined(__ppc__) || defined(__arm__) + defined(__i386__) || defined(__ppc__) || defined(__arm__) || defined(__sparc__) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long long # define CURL_FORMAT_CURL_OFF_T "lld" @@ -538,7 +538,7 @@ # define CURL_SUFFIX_CURL_OFF_T LL # define CURL_SUFFIX_CURL_OFF_TU ULL # elif defined(__LP64__) || \ - defined(__x86_64__) || defined(__ppc64__) + defined(__x86_64__) || defined(__ppc64__) || defined(__sparc64__) # define CURL_SIZEOF_LONG 8 # define CURL_TYPEOF_CURL_OFF_T long # define CURL_FORMAT_CURL_OFF_T "ld" diff --git a/packager/third_party/curl/config/linux/curl_config.h b/packager/third_party/curl/config/linux/curl_config.h index 82722d52be..d0183abb2b 100644 --- a/packager/third_party/curl/config/linux/curl_config.h +++ b/packager/third_party/curl/config/linux/curl_config.h @@ -2,7 +2,7 @@ /* lib/curl_config.h.in. Generated from configure.ac by autoheader. */ /* Location of default ca bundle */ -/* CURL_CA_BUNDLE is defined by GYP */ +/* #undef CURL_CA_BUNDLE */ /* Location of default ca path */ /* #undef CURL_CA_PATH */ @@ -49,6 +49,9 @@ /* to disable RTSP */ /* #undef CURL_DISABLE_RTSP */ +/* to disable SMB/CIFS */ +/* #undef CURL_DISABLE_SMB */ + /* to disable SMTP */ /* #undef CURL_DISABLE_SMTP */ @@ -67,9 +70,6 @@ /* Definition to make a library symbol externally visible. */ #define CURL_EXTERN_SYMBOL __attribute__ ((__visibility__ ("default"))) -/* Use Windows LDAP implementation */ -/* #undef CURL_LDAP_WIN */ - /* your Entropy Gathering Daemon socket pathname */ /* #undef EGD_SOCKET */ @@ -121,7 +121,12 @@ /* Define to 1 if bool is an available type. */ #define HAVE_BOOL_T 1 +/* Define to 1 if using BoringSSL. */ +/* packager uses BORINGSSL. */ +#define HAVE_BORINGSSL 1 + /* Define to 1 if you have the clock_gettime function and monotonic timer. */ +/* Disabled for packager. */ /* #undef HAVE_CLOCK_GETTIME_MONOTONIC */ /* Define to 1 if you have the closesocket function. */ @@ -142,14 +147,24 @@ /* Define to 1 if you have the header file. */ /* #undef HAVE_CYASSL_ERROR_SSL_H */ +/* Define to 1 if you have the header file. */ +/* #undef HAVE_CYASSL_OPTIONS_H */ + +/* Define to 1 if you have the `DES_set_odd_parity' function. */ +#define HAVE_DES_SET_ODD_PARITY 1 + /* Define to 1 if you have the header file. */ #define HAVE_DLFCN_H 1 /* Define to 1 if you have the `ENGINE_cleanup' function. */ +#ifndef HAVE_BORINGSSL #define HAVE_ENGINE_CLEANUP 1 +#endif /* Define to 1 if you have the `ENGINE_load_builtin_engines' function. */ +#ifndef HAVE_BORINGSSL #define HAVE_ENGINE_LOAD_BUILTIN_ENGINES 1 +#endif /* Define to 1 if you have the header file. */ #define HAVE_ERRNO_H 1 @@ -253,6 +268,10 @@ /* Define to 1 if you have the `getpwuid' function. */ #define HAVE_GETPWUID 1 +/* Define to 1 if you have the `getpwuid_r' function. */ +/* Disabled for packager. Not verified yet. */ +/* #undef HAVE_GETPWUID_R */ + /* Define to 1 if you have the `getrlimit' function. */ #define HAVE_GETRLIMIT 1 @@ -293,17 +312,21 @@ /* #undef HAVE_GSSMIT */ /* Define to 1 if you have the `idna_strerror' function. */ -#define HAVE_IDNA_STRERROR 1 +/* #undef HAVE_IDNA_STRERROR */ /* Define to 1 if you have the `idn_free' function. */ -#define HAVE_IDN_FREE 1 +/* #undef HAVE_IDN_FREE */ /* Define to 1 if you have the header file. */ -#define HAVE_IDN_FREE_H 1 +/* #undef HAVE_IDN_FREE_H */ /* Define to 1 if you have the header file. */ #define HAVE_IFADDRS_H 1 +/* Define to 1 if you have the `if_nametoindex' function. */ +/* Disabled for packager. Not verified yet. */ +/* #undef HAVE_IF_NAMETOINDEX */ + /* Define to 1 if you have the `inet_addr' function. */ #define HAVE_INET_ADDR 1 @@ -380,35 +403,23 @@ /* Define to 1 if you have the `resolve' library (-lresolve). */ /* #undef HAVE_LIBRESOLVE */ +/* Define to 1 if using libressl. */ +/* #undef HAVE_LIBRESSL */ + /* Define to 1 if you have the header file. */ -#define HAVE_LIBRTMP_RTMP_H 1 +/* #undef HAVE_LIBRTMP_RTMP_H */ /* Define to 1 if you have the `ssh2' library (-lssh2). */ /* #undef HAVE_LIBSSH2 */ -/* Define to 1 if you have the `libssh2_exit' function. */ -/* #undef HAVE_LIBSSH2_EXIT */ - /* Define to 1 if you have the header file. */ /* #undef HAVE_LIBSSH2_H */ -/* Define to 1 if you have the `libssh2_init' function. */ -/* #undef HAVE_LIBSSH2_INIT */ - -/* Define to 1 if you have the `libssh2_scp_send64' function. */ -/* #undef HAVE_LIBSSH2_SCP_SEND64 */ - -/* Define to 1 if you have the `libssh2_session_handshake' function. */ -/* #undef HAVE_LIBSSH2_SESSION_HANDSHAKE */ - -/* Define to 1 if you have the `libssh2_version' function. */ -/* #undef HAVE_LIBSSH2_VERSION */ - /* Define to 1 if you have the `ssl' library (-lssl). */ #define HAVE_LIBSSL 1 /* if zlib is available */ -#define HAVE_LIBZ 1 +/* #undef HAVE_LIBZ */ /* Define to 1 if you have the header file. */ #define HAVE_LIMITS_H 1 @@ -463,7 +474,9 @@ #define HAVE_OPENSSL_CRYPTO_H 1 /* Define to 1 if you have the header file. */ +#ifndef HAVE_BORINGSSL #define HAVE_OPENSSL_ENGINE_H 1 +#endif /* Define to 1 if you have the header file. */ #define HAVE_OPENSSL_ERR_H 1 @@ -477,6 +490,9 @@ /* Define to 1 if you have the header file. */ #define HAVE_OPENSSL_RSA_H 1 +/* if you have the function SRP_Calc_client_key */ +#define HAVE_OPENSSL_SRP 1 + /* Define to 1 if you have the header file. */ #define HAVE_OPENSSL_SSL_H 1 @@ -585,24 +601,9 @@ /* Define to 1 if you have the header file. */ /* #undef HAVE_SOCKET_H */ -/* Define this if you have the SPNEGO library fbopenssl */ -/* #undef HAVE_SPNEGO */ - -/* if you have the function SRP_Calc_client_key */ -#define HAVE_SSLEAY_SRP 1 - /* Define to 1 if you have the `SSLv2_client_method' function. */ /* #undef HAVE_SSLV2_CLIENT_METHOD */ -/* Define to 1 if you have the `SSL_CTX_set_alpn_protos' function. */ -/* #undef HAVE_SSL_CTX_SET_ALPN_PROTOS */ - -/* Define to 1 if you have the `SSL_CTX_set_alpn_select_cb' function. */ -/* #undef HAVE_SSL_CTX_SET_ALPN_SELECT_CB */ - -/* Define to 1 if you have the `SSL_CTX_set_next_proto_select_cb' function. */ -#define HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB 1 - /* Define to 1 if you have the `SSL_get_shutdown' function. */ #define HAVE_SSL_GET_SHUTDOWN 1 @@ -730,7 +731,7 @@ /* #undef HAVE_TLD_H */ /* Define to 1 if you have the `tld_strerror' function. */ -#define HAVE_TLD_STRERROR 1 +/* #undef HAVE_TLD_STRERROR */ /* Define to 1 if you have the `uname' function. */ #define HAVE_UNAME 1 @@ -778,7 +779,7 @@ /* #undef HAVE_X509_H */ /* if you have the zlib.h header file */ -#define HAVE_ZLIB_H 1 +/* #undef HAVE_ZLIB_H */ /* Define to the sub-directory in which libtool stores uninstalled libraries. */ @@ -799,9 +800,6 @@ /* Define to 1 if _THREAD_SAFE preprocessor symbol must be defined. */ /* #undef NEED_THREAD_SAFE */ -/* Define to 1 if your C compiler doesn't accept -c and -o together. */ -/* #undef NO_MINUS_C_MINUS_O */ - /* Define to enable NTLM delegation to winbind's ntlm_auth helper. */ #define NTLM_WB_ENABLED 1 @@ -967,14 +965,16 @@ /* to enable Windows native SSL/TLS support */ /* #undef USE_SCHANNEL */ -/* if SSL is enabled */ -#define USE_SSLEAY 1 - /* if you want POSIX threaded DNS lookup */ /* #undef USE_THREADS_POSIX */ /* Use TLS-SRP authentication */ +#ifndef HAVE_BORINGSSL #define USE_TLS_SRP 1 +#endif + +/* Use Unix domain sockets */ +#define USE_UNIX_SOCKETS 1 /* Define to 1 if you have the `normaliz' (WinIDN) library (-lnormaliz). */ /* #undef USE_WIN32_IDN */ @@ -983,6 +983,9 @@ */ /* #undef USE_WIN32_LARGE_FILES */ +/* Use Windows LDAP implementation */ +/* #undef USE_WIN32_LDAP */ + /* Define to 1 if you are building a Windows target without large file support. */ /* #undef USE_WIN32_SMALL_FILES */ @@ -990,9 +993,6 @@ /* to enable SSPI support */ /* #undef USE_WINDOWS_SSPI */ -/* Define to 1 if using yaSSL in OpenSSL compatibility mode. */ -/* #undef USE_YASSLEMUL */ - /* Version number of package */ #define VERSION "-" @@ -1007,6 +1007,11 @@ /* # undef _ALL_SOURCE */ #endif +/* Enable large inode numbers on Mac OS X 10.5. */ +#ifndef _DARWIN_USE_64_BIT_INODE +# define _DARWIN_USE_64_BIT_INODE 1 +#endif + /* Number of bits in a file offset, on hosts where this is settable. */ /* #undef _FILE_OFFSET_BITS */ diff --git a/packager/third_party/curl/curl.gyp b/packager/third_party/curl/curl.gyp index be458f4d26..32a69cadf4 100644 --- a/packager/third_party/curl/curl.gyp +++ b/packager/third_party/curl/curl.gyp @@ -17,7 +17,6 @@ 'HTTP_ONLY', 'USE_IPV6', 'USE_OPENSSL' - 'USE_SSLEAY', ], 'include_dirs': [ 'config', @@ -70,8 +69,7 @@ 'source/include', ], 'dependencies': [ - '../openssl/openssl.gyp:openssl', - '../zlib/zlib.gyp:zlib', + '../boringssl/boringssl.gyp:boringssl', 'curl_config', ], 'direct_dependent_settings': { @@ -91,7 +89,6 @@ 'source/lib/asyn-ares.c', 'source/lib/asyn-thread.c', 'source/lib/base64.c', - 'source/lib/bundles.c', 'source/lib/conncache.c', 'source/lib/connect.c', 'source/lib/content_encoding.c', @@ -183,16 +180,15 @@ 'source/lib/url.c', 'source/lib/version.c', 'source/lib/vtls/axtls.c', - 'source/lib/vtls/curl_darwinssl.c', - 'source/lib/vtls/curl_schannel.c', 'source/lib/vtls/cyassl.c', + 'source/lib/vtls/darwinssl.c', 'source/lib/vtls/gskit.c', 'source/lib/vtls/gtls.c', 'source/lib/vtls/nss.c', 'source/lib/vtls/openssl.c', 'source/lib/vtls/polarssl.c', 'source/lib/vtls/polarssl_threadlock.c', - 'source/lib/vtls/qssl.c', + 'source/lib/vtls/schannel.c', 'source/lib/vtls/vtls.c', 'source/lib/warnless.c', 'source/lib/wildcard.c',