diff options
author | Giuliano Procida <gprocida@google.com> | 2022-05-31 19:21:21 +0100 |
---|---|---|
committer | Giuliano Procida <gprocida@google.com> | 2022-05-31 19:21:21 +0100 |
commit | 057795e5981d447985fd0d33c99412ad7f02be9c (patch) | |
tree | 0715c0fed9c339da46bda3fb6adaa843d26ac4bb | |
parent | 1f9a169ac19d0a20c8266bc078eb5c48b572b134 (diff) | |
download | build-tools-057795e5981d447985fd0d33c99412ad7f02be9c.tar.gz |
Update kernel-build-tools to ab/8664722android-t-beta-3.2_r0.4
https://ci.android.com/builds/branches/aosp_kernel-build-tools/grid?head=8664722&tail=8664722
Test: treehugger
Change-Id: I5304ffd81f8f1f96be12b07dd1c3a0877af8ebfc
22 files changed, 167 insertions, 81 deletions
diff --git a/linux-x86/bin/abitidy b/linux-x86/bin/abitidy Binary files differindex 906010e..abed941 100755 --- a/linux-x86/bin/abitidy +++ b/linux-x86/bin/abitidy diff --git a/linux-x86/bin/avbtool b/linux-x86/bin/avbtool Binary files differindex a804bce..e7c3289 100755 --- a/linux-x86/bin/avbtool +++ b/linux-x86/bin/avbtool diff --git a/linux-x86/bin/build_image b/linux-x86/bin/build_image Binary files differindex bef4693..45d1324 100755 --- a/linux-x86/bin/build_image +++ b/linux-x86/bin/build_image diff --git a/linux-x86/bin/build_super_image b/linux-x86/bin/build_super_image Binary files differindex 37923c4..2eca448 100755 --- a/linux-x86/bin/build_super_image +++ b/linux-x86/bin/build_super_image diff --git a/linux-x86/bin/certify_bootimg b/linux-x86/bin/certify_bootimg Binary files differindex 02c7867..e037662 100755 --- a/linux-x86/bin/certify_bootimg +++ b/linux-x86/bin/certify_bootimg diff --git a/linux-x86/bin/fec b/linux-x86/bin/fec Binary files differindex 9b90462..eca3e5d 100755 --- a/linux-x86/bin/fec +++ b/linux-x86/bin/fec diff --git a/linux-x86/include/openssl/aead.h b/linux-x86/include/openssl/aead.h index 38eb076..5486b4b 100644 --- a/linux-x86/include/openssl/aead.h +++ b/linux-x86/include/openssl/aead.h @@ -212,15 +212,15 @@ union evp_aead_ctx_st_state { uint64_t alignment; }; -// An EVP_AEAD_CTX represents an AEAD algorithm configured with a specific key -// and message-independent IV. -typedef struct evp_aead_ctx_st { +// An evp_aead_ctx_st (typedefed as |EVP_AEAD_CTX| in base.h) represents an AEAD +// algorithm configured with a specific key and message-independent IV. +struct evp_aead_ctx_st { const EVP_AEAD *aead; union evp_aead_ctx_st_state state; // tag_len may contain the actual length of the authentication tag if it is // known at initialization time. uint8_t tag_len; -} EVP_AEAD_CTX; +}; // EVP_AEAD_MAX_KEY_LENGTH contains the maximum key length used by // any AEAD defined in this header. diff --git a/linux-x86/include/openssl/asn1.h b/linux-x86/include/openssl/asn1.h index d6fa2f7..5ae0064 100644 --- a/linux-x86/include/openssl/asn1.h +++ b/linux-x86/include/openssl/asn1.h @@ -1650,6 +1650,8 @@ OPENSSL_EXPORT int ASN1_TIME_print(BIO *out, const ASN1_TIME *a); // replaced with '.'. OPENSSL_EXPORT int ASN1_STRING_print(BIO *out, const ASN1_STRING *str); +// The following flags must not collide with |XN_FLAG_*|. + // ASN1_STRFLGS_ESC_2253 causes characters to be escaped as in RFC 2253, section // 2.4. #define ASN1_STRFLGS_ESC_2253 1 diff --git a/linux-x86/include/openssl/asn1t.h b/linux-x86/include/openssl/asn1t.h index b65272d..75bc6f0 100644 --- a/linux-x86/include/openssl/asn1t.h +++ b/linux-x86/include/openssl/asn1t.h @@ -509,19 +509,8 @@ const char *sname; /* Structure name */ #define ASN1_ITYPE_MSTRING 0x5 -/* Cache for ASN1 tag and length, so we - * don't keep re-reading it for things - * like CHOICE - */ - -struct ASN1_TLC_st{ - char valid; /* Values below are valid */ - int ret; /* return value */ - long plen; /* length */ - int ptag; /* class value */ - int pclass; /* class value */ - int hdrlen; /* header length */ -}; +/* Deprecated tag and length cache */ +struct ASN1_TLC_st; /* Typedefs for ASN1 function pointers */ diff --git a/linux-x86/include/openssl/base.h b/linux-x86/include/openssl/base.h index b630236..4ab9eca 100644 --- a/linux-x86/include/openssl/base.h +++ b/linux-x86/include/openssl/base.h @@ -402,6 +402,7 @@ typedef struct engine_st ENGINE; typedef struct env_md_ctx_st EVP_MD_CTX; typedef struct env_md_st EVP_MD; typedef struct evp_aead_st EVP_AEAD; +typedef struct evp_aead_ctx_st EVP_AEAD_CTX; typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX; typedef struct evp_cipher_st EVP_CIPHER; typedef struct evp_encode_ctx_st EVP_ENCODE_CTX; @@ -448,7 +449,6 @@ typedef struct trust_token_issuer_st TRUST_TOKEN_ISSUER; typedef struct trust_token_method_st TRUST_TOKEN_METHOD; typedef struct v3_ext_ctx X509V3_CTX; typedef struct x509_attributes_st X509_ATTRIBUTE; -typedef struct x509_crl_method_st X509_CRL_METHOD; typedef struct x509_lookup_st X509_LOOKUP; typedef struct x509_lookup_method_st X509_LOOKUP_METHOD; typedef struct x509_object_st X509_OBJECT; diff --git a/linux-x86/include/openssl/bytestring.h b/linux-x86/include/openssl/bytestring.h index 199d89c..68c1ba4 100644 --- a/linux-x86/include/openssl/bytestring.h +++ b/linux-x86/include/openssl/bytestring.h @@ -265,6 +265,10 @@ OPENSSL_EXPORT int CBS_get_any_asn1_element(CBS *cbs, CBS *out, // also true for empty elements so |*out_indefinite| should be checked). If // |out_ber_found| is not NULL then it is set to one if any case of invalid DER // but valid BER is found, and to zero otherwise. +// +// This function will not successfully parse an end-of-contents (EOC) as an +// element. Callers parsing indefinite-length encoding must check for EOC +// separately. OPENSSL_EXPORT int CBS_get_any_ber_asn1_element(CBS *cbs, CBS *out, unsigned *out_tag, size_t *out_header_len, diff --git a/linux-x86/include/openssl/crypto.h b/linux-x86/include/openssl/crypto.h index 117b347..b1f696f 100644 --- a/linux-x86/include/openssl/crypto.h +++ b/linux-x86/include/openssl/crypto.h @@ -178,6 +178,9 @@ OPENSSL_EXPORT void OPENSSL_cleanup(void); // |BORINGSSL_FIPS| and zero otherwise. OPENSSL_EXPORT int FIPS_mode_set(int on); +// FIPS_module_name returns the name of the FIPS module. +OPENSSL_EXPORT const char *FIPS_module_name(void); + // FIPS_version returns the version of the FIPS module, or zero if the build // isn't exactly at a verified version. The version, expressed in base 10, will // be a date in the form yyyymmddXX where XX is often "00", but can be diff --git a/linux-x86/include/openssl/pkcs8.h b/linux-x86/include/openssl/pkcs8.h index 968640b..8774681 100644 --- a/linux-x86/include/openssl/pkcs8.h +++ b/linux-x86/include/openssl/pkcs8.h @@ -122,6 +122,8 @@ OPENSSL_EXPORT EVP_PKEY *PKCS8_parse_encrypted_private_key(CBS *cbs, // and decrypts it using |password|, sets |*out_key| to the included private // key and appends the included certificates to |out_certs|. It returns one on // success and zero on error. The caller takes ownership of the outputs. +// Any friendlyName attributes (RFC 2985) in the PKCS#12 structure will be +// returned on the |X509| objects as aliases. See also |X509_alias_get0|. OPENSSL_EXPORT int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, CBS *in, const char *password); @@ -219,6 +221,11 @@ OPENSSL_EXPORT int PKCS12_verify_mac(const PKCS12 *p12, const char *password, // implemented for compatibility with external packages. Note the output still // requires a password for the MAC. Unencrypted keys in PKCS#12 are also not // widely supported and may not open in other implementations. +// +// If |cert| or |chain| have associated aliases (see |X509_alias_set1|), they +// will be included in the output as friendlyName attributes (RFC 2985). It is +// an error to specify both an alias on |cert| and a non-NULL |name| +// parameter. OPENSSL_EXPORT PKCS12 *PKCS12_create(const char *password, const char *name, const EVP_PKEY *pkey, X509 *cert, const STACK_OF(X509) *chain, int key_nid, @@ -278,5 +285,6 @@ BSSL_NAMESPACE_END #define PKCS8_R_UNSUPPORTED_PRF 130 #define PKCS8_R_INVALID_CHARACTERS 131 #define PKCS8_R_UNSUPPORTED_OPTIONS 132 +#define PKCS8_R_AMBIGUOUS_FRIENDLY_NAME 133 #endif // OPENSSL_HEADER_PKCS8_H diff --git a/linux-x86/include/openssl/service_indicator.h b/linux-x86/include/openssl/service_indicator.h new file mode 100644 index 0000000..33b38b2 --- /dev/null +++ b/linux-x86/include/openssl/service_indicator.h @@ -0,0 +1,96 @@ +/* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#ifndef OPENSSL_HEADER_SERVICE_INDICATOR_H +#define OPENSSL_HEADER_SERVICE_INDICATOR_H + +#include <openssl/base.h> + +#if defined(__cplusplus) +extern "C" { +#endif + +// FIPS_service_indicator_before_call and |FIPS_service_indicator_after_call| +// both currently return the same local thread counter which is slowly +// incremented whenever approved services are called. The +// |CALL_SERVICE_AND_CHECK_APPROVED| macro is strongly recommended over calling +// these functions directly. +// +// |FIPS_service_indicator_before_call| is intended to be called immediately +// before an approved service, while |FIPS_service_indicator_after_call| should +// be called immediately after. If the values returned from these two functions +// are not equal, this means that the service called inbetween is deemed to be +// approved. If the values are still the same, this means the counter has not +// been incremented, and the service called is not approved for FIPS. +// +// In non-FIPS builds, |FIPS_service_indicator_before_call| always returns zero +// and |FIPS_service_indicator_after_call| always returns one. Thus calls always +// appear to be approved. This is intended to simplify testing. +OPENSSL_EXPORT uint64_t FIPS_service_indicator_before_call(void); +OPENSSL_EXPORT uint64_t FIPS_service_indicator_after_call(void); + +#if defined(__cplusplus) +} + +#if !defined(BORINGSSL_NO_CXX) + +extern "C++" { + +// CALL_SERVICE_AND_CHECK_APPROVED runs |func| and sets |approved| to one of the +// |FIPSStatus*| values, above, depending on whether |func| invoked an +// approved service. The result of |func| becomes the result of this macro. +#define CALL_SERVICE_AND_CHECK_APPROVED(approved, func) \ + [&] { \ + bssl::FIPSIndicatorHelper fips_indicator_helper(&approved); \ + return func; \ + }() + +namespace bssl { + +enum class FIPSStatus { + NOT_APPROVED = 0, + APPROVED = 1, +}; + +// FIPSIndicatorHelper records whether the service indicator counter advanced +// during its lifetime. +class FIPSIndicatorHelper { + public: + FIPSIndicatorHelper(FIPSStatus *result) + : result_(result), before_(FIPS_service_indicator_before_call()) { + *result_ = FIPSStatus::NOT_APPROVED; + } + + ~FIPSIndicatorHelper() { + uint64_t after = FIPS_service_indicator_after_call(); + if (after != before_) { + *result_ = FIPSStatus::APPROVED; + } + } + + FIPSIndicatorHelper(const FIPSIndicatorHelper&) = delete; + FIPSIndicatorHelper &operator=(const FIPSIndicatorHelper &) = delete; + + private: + FIPSStatus *const result_; + const uint64_t before_; +}; + +} // namespace bssl +} // extern "C++" + +#endif // !BORINGSSL_NO_CXX +#endif // __cplusplus + +#endif // OPENSSL_HEADER_SERVICE_INDICATOR_H diff --git a/linux-x86/include/openssl/span.h b/linux-x86/include/openssl/span.h index 38e9a96..67a1a5c 100644 --- a/linux-x86/include/openssl/span.h +++ b/linux-x86/include/openssl/span.h @@ -99,12 +99,11 @@ class Span : private internal::SpanBase<const T> { // Heuristically test whether C is a container type that can be converted into // a Span by checking for data() and size() member functions. // - // TODO(davidben): Require C++14 support and switch to std::enable_if_t. - // Perhaps even C++17 now? + // TODO(davidben): Require C++17 support for std::is_convertible_v, etc. template <typename C> - using EnableIfContainer = typename std::enable_if< + using EnableIfContainer = std::enable_if_t< std::is_convertible<decltype(std::declval<C>().data()), T *>::value && - std::is_integral<decltype(std::declval<C>().size())>::value>::type; + std::is_integral<decltype(std::declval<C>().size())>::value>; public: constexpr Span() : Span(nullptr, 0) {} @@ -113,14 +112,12 @@ class Span : private internal::SpanBase<const T> { template <size_t N> constexpr Span(T (&array)[N]) : Span(array, N) {} - template < - typename C, typename = EnableIfContainer<C>, - typename = typename std::enable_if<std::is_const<T>::value, C>::type> + template <typename C, typename = EnableIfContainer<C>, + typename = std::enable_if_t<std::is_const<T>::value, C>> Span(const C &container) : data_(container.data()), size_(container.size()) {} - template < - typename C, typename = EnableIfContainer<C>, - typename = typename std::enable_if<!std::is_const<T>::value, C>::type> + template <typename C, typename = EnableIfContainer<C>, + typename = std::enable_if_t<!std::is_const<T>::value, C>> explicit Span(C &container) : data_(container.data()), size_(container.size()) {} diff --git a/linux-x86/include/openssl/ssl.h b/linux-x86/include/openssl/ssl.h index a3b530e..f0ca7f7 100644 --- a/linux-x86/include/openssl/ssl.h +++ b/linux-x86/include/openssl/ssl.h @@ -2281,6 +2281,13 @@ OPENSSL_EXPORT void SSL_CTX_set_ticket_aead_method( OPENSSL_EXPORT SSL_SESSION *SSL_process_tls13_new_session_ticket( SSL *ssl, const uint8_t *buf, size_t buf_len); +// SSL_CTX_set_num_tickets configures |ctx| to send |num_tickets| immediately +// after a successful TLS 1.3 handshake as a server. It returns one. Large +// values of |num_tickets| will be capped within the library. +// +// By default, BoringSSL sends two tickets. +OPENSSL_EXPORT int SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets); + // Elliptic curve Diffie-Hellman. // diff --git a/linux-x86/include/openssl/stack.h b/linux-x86/include/openssl/stack.h index 04e942c..df54713 100644 --- a/linux-x86/include/openssl/stack.h +++ b/linux-x86/include/openssl/stack.h @@ -443,16 +443,14 @@ namespace internal { // Stacks defined with |DEFINE_CONST_STACK_OF| are freed with |sk_free|. template <typename Stack> -struct DeleterImpl< - Stack, typename std::enable_if<StackTraits<Stack>::kIsConst>::type> { +struct DeleterImpl<Stack, std::enable_if_t<StackTraits<Stack>::kIsConst>> { static void Free(Stack *sk) { sk_free(reinterpret_cast<_STACK *>(sk)); } }; // Stacks defined with |DEFINE_STACK_OF| are freed with |sk_pop_free| and the // corresponding type's deleter. template <typename Stack> -struct DeleterImpl< - Stack, typename std::enable_if<!StackTraits<Stack>::kIsConst>::type> { +struct DeleterImpl<Stack, std::enable_if_t<!StackTraits<Stack>::kIsConst>> { static void Free(Stack *sk) { // sk_FOO_pop_free is defined by macros and bound by name, so we cannot // access it from C++ here. @@ -502,18 +500,17 @@ class StackIteratorImpl { }; template <typename Stack> -using StackIterator = typename std::enable_if<StackTraits<Stack>::kIsStack, - StackIteratorImpl<Stack>>::type; +using StackIterator = + std::enable_if_t<StackTraits<Stack>::kIsStack, StackIteratorImpl<Stack>>; } // namespace internal // PushToStack pushes |elem| to |sk|. It returns true on success and false on // allocation failure. template <typename Stack> -inline - typename std::enable_if<!internal::StackTraits<Stack>::kIsConst, bool>::type - PushToStack(Stack *sk, - UniquePtr<typename internal::StackTraits<Stack>::Type> elem) { +inline std::enable_if_t<!internal::StackTraits<Stack>::kIsConst, bool> +PushToStack(Stack *sk, + UniquePtr<typename internal::StackTraits<Stack>::Type> elem) { if (!sk_push(reinterpret_cast<_STACK *>(sk), elem.get())) { return false; } diff --git a/linux-x86/include/openssl/type_check.h b/linux-x86/include/openssl/type_check.h index c267938..41de895 100644 --- a/linux-x86/include/openssl/type_check.h +++ b/linux-x86/include/openssl/type_check.h @@ -71,7 +71,12 @@ extern "C" { // C11 defines the |_Static_assert| keyword and the |static_assert| macro in // assert.h. While the former is available at all versions in Clang and GCC, the // later depends on libc and, in glibc, depends on being built in C11 mode. We -// do not require this, for now, so use |_Static_assert| directly. +// require C11 mode to build the library but, for now, do not require it in +// public headers. Use |_Static_assert| directly. +// +// TODO(davidben): In July 2022, if the C11 change has not been reverted, switch +// all uses of this macro within the library to C11 |static_assert|. This macro +// will only be necessary in public headers. #define OPENSSL_STATIC_ASSERT(cond, msg) _Static_assert(cond, msg) #endif diff --git a/linux-x86/include/openssl/x509.h b/linux-x86/include/openssl/x509.h index 3633186..4d312c7 100644 --- a/linux-x86/include/openssl/x509.h +++ b/linux-x86/include/openssl/x509.h @@ -199,7 +199,8 @@ DEFINE_STACK_OF(X509_TRUST) #define X509_FLAG_NO_ATTRIBUTES (1L << 11) #define X509_FLAG_NO_IDS (1L << 12) -// Flags specific to X509_NAME_print_ex() +// Flags specific to X509_NAME_print_ex(). These flags must not collide with +// |ASN1_STRFLGS_*|. // The field separator information @@ -311,11 +312,8 @@ struct Netscape_spki_st { #define X509_VERSION_2 1 #define X509_VERSION_3 2 -// X509_get_version returns the numerical value of |x509|'s version. Callers may -// compare the result to the |X509_VERSION_*| constants. Unknown versions are -// rejected by the parser, but a manually-created |X509| object may encode -// invalid versions. In that case, the function will return the invalid version, -// or -1 on overflow. +// X509_get_version returns the numerical value of |x509|'s version, which will +// be one of the |X509_VERSION_*| constants. OPENSSL_EXPORT long X509_get_version(const X509 *x509); // X509_set_version sets |x509|'s version to |version|, which should be one of @@ -393,15 +391,12 @@ OPENSSL_EXPORT void X509_get0_uids(const X509 *x509, // |EXFLAG_INVALID| bit. OPENSSL_EXPORT long X509_get_pathlen(X509 *x509); -// X509_REQ_VERSION_1 is the version constant for |X509_REQ| objects. Note no -// other versions are defined. +// X509_REQ_VERSION_1 is the version constant for |X509_REQ| objects. No other +// versions are defined. #define X509_REQ_VERSION_1 0 // X509_REQ_get_version returns the numerical value of |req|'s version. This -// will be |X509_REQ_VERSION_1| for valid certificate requests. If |req| is -// invalid, it may return another value, or -1 on overflow. -// -// TODO(davidben): Enforce the version number in the parser. +// will always be |X509_REQ_VERSION_1|. OPENSSL_EXPORT long X509_REQ_get_version(const X509_REQ *req); // X509_REQ_get_subject_name returns |req|'s subject name. Note this function is @@ -417,11 +412,8 @@ OPENSSL_EXPORT X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req); #define X509_CRL_VERSION_1 0 #define X509_CRL_VERSION_2 1 -// X509_CRL_get_version returns the numerical value of |crl|'s version. Callers -// may compare the result to |X509_CRL_VERSION_*| constants. If |crl| is -// invalid, it may return another value, or -1 on overflow. -// -// TODO(davidben): Enforce the version number in the parser. +// X509_CRL_get_version returns the numerical value of |crl|'s version, which +// will be one of the |X509_CRL_VERSION_*| constants. OPENSSL_EXPORT long X509_CRL_get_version(const X509_CRL *crl); // X509_CRL_get0_lastUpdate returns |crl|'s lastUpdate time. @@ -480,17 +472,6 @@ OPENSSL_EXPORT void X509_SIG_get0(const X509_SIG *sig, OPENSSL_EXPORT void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **out_alg, ASN1_OCTET_STRING **out_digest); -OPENSSL_EXPORT void X509_CRL_set_default_method(const X509_CRL_METHOD *meth); -OPENSSL_EXPORT X509_CRL_METHOD *X509_CRL_METHOD_new( - int (*crl_init)(X509_CRL *crl), int (*crl_free)(X509_CRL *crl), - int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret, ASN1_INTEGER *ser, - X509_NAME *issuer), - int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk)); -OPENSSL_EXPORT void X509_CRL_METHOD_free(X509_CRL_METHOD *m); - -OPENSSL_EXPORT void X509_CRL_set_meth_data(X509_CRL *crl, void *dat); -OPENSSL_EXPORT void *X509_CRL_get_meth_data(X509_CRL *crl); - // X509_get_X509_PUBKEY returns the public key of |x509|. Note this function is // not const-correct for legacy reasons. Callers should not modify the returned // object. @@ -816,9 +797,6 @@ OPENSSL_EXPORT const char *X509_get_default_cert_dir_env(void); OPENSSL_EXPORT const char *X509_get_default_cert_file_env(void); OPENSSL_EXPORT const char *X509_get_default_private_dir(void); -OPENSSL_EXPORT X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, - const EVP_MD *md); - DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS) DECLARE_ASN1_FUNCTIONS(X509_PUBKEY) @@ -1087,7 +1065,8 @@ OPENSSL_EXPORT const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x509); // X509_REQ_set_version sets |req|'s version to |version|, which should be // |X509_REQ_VERSION_1|. It returns one on success and zero on error. // -// Note no versions other than |X509_REQ_VERSION_1| are defined for CSRs. +// The only defined CSR version is |X509_REQ_VERSION_1|, so there is no need to +// call this function. OPENSSL_EXPORT int X509_REQ_set_version(X509_REQ *req, long version); // X509_REQ_set_subject_name sets |req|'s subject to a copy of |name|. It @@ -2398,7 +2377,6 @@ BORINGSSL_MAKE_DELETER(X509_ALGOR, X509_ALGOR_free) BORINGSSL_MAKE_DELETER(X509_ATTRIBUTE, X509_ATTRIBUTE_free) BORINGSSL_MAKE_DELETER(X509_CRL, X509_CRL_free) BORINGSSL_MAKE_UP_REF(X509_CRL, X509_CRL_up_ref) -BORINGSSL_MAKE_DELETER(X509_CRL_METHOD, X509_CRL_METHOD_free) BORINGSSL_MAKE_DELETER(X509_EXTENSION, X509_EXTENSION_free) BORINGSSL_MAKE_DELETER(X509_INFO, X509_INFO_free) BORINGSSL_MAKE_DELETER(X509_LOOKUP, X509_LOOKUP_free) diff --git a/linux-x86/lib64/libbase.so b/linux-x86/lib64/libbase.so Binary files differindex e3c0ae2..87dd400 100755 --- a/linux-x86/lib64/libbase.so +++ b/linux-x86/lib64/libbase.so diff --git a/linux-x86/lib64/libcrypto-host.so b/linux-x86/lib64/libcrypto-host.so Binary files differindex efbd04f..0ef2896 100755 --- a/linux-x86/lib64/libcrypto-host.so +++ b/linux-x86/lib64/libcrypto-host.so diff --git a/manifest.xml b/manifest.xml index 7f2af47..723474d 100644 --- a/manifest.xml +++ b/manifest.xml @@ -7,15 +7,15 @@ <superproject name="kernel/superproject" remote="aosp" revision="build-tools" /> - <project path="prebuilts/kernel-build-tools" name="kernel/prebuilts/build-tools" clone-depth="1" revision="87c786adc3e4687344a6af2dafb345fe5de0869a" /> + <project path="prebuilts/kernel-build-tools" name="kernel/prebuilts/build-tools" clone-depth="1" revision="1f9a169ac19d0a20c8266bc078eb5c48b572b134" /> - <project path="build/blueprint" name="platform/build/blueprint" revision="57d5937e6fd4438aea9c0d6d06a85d2c69cbb61b" /> + <project path="build/blueprint" name="platform/build/blueprint" revision="2a95e590b6727ead76d0474bc70bb14971595896" /> - <project path="build/make" name="platform/build" groups="pdk" revision="d0035d5d8817fcbfd3ef92e3dc35c92805257890"> + <project path="build/make" name="platform/build" groups="pdk" revision="4449692fa960bb10378ac8f779a0bfe710237851"> <linkfile dest="build/tools" src="tools" /> </project> - <project path="build/soong" name="platform/build/soong" revision="1db9d96d6ada504e5a95bbca09f3f2d35ad2e11c"> + <project path="build/soong" name="platform/build/soong" revision="ced67ded0b9b962c575989c1835ebe9d9b776d50"> <linkfile dest="Android.bp" src="root.bp" /> <linkfile dest="bootstrap.bash" src="bootstrap.bash" /> @@ -35,7 +35,7 @@ <project path="bionic" name="platform/bionic" revision="4ebdeebef74ffa09fe8176f73b32d5a21f4be4ae" /> - <project path="external/boringssl" name="platform/external/boringssl" revision="a8f71fcea2b133b323af7c88bc074ccfd09f4fd1" /> + <project path="external/boringssl" name="platform/external/boringssl" revision="e6e9a5d015a010d2fab0a13392eca548f7c370cc" /> <project path="external/dwarves" name="platform/external/dwarves" revision="3c8f7e8b2cf7ff902b71c42d00fda30f30114b07" /> @@ -57,7 +57,7 @@ <project path="external/libbpf" name="platform/external/libbpf" revision="ae6cd3345b78a75652e83afb072e99e70e5887d8" /> - <project path="external/libabigail" name="platform/external/libabigail" revision="ebd2d3dda1d729bd411fade7edf58229fd02719b" /> + <project path="external/libabigail" name="platform/external/libabigail" revision="8456ad92a96e0e0484766a44dada4e08c5144d81" /> <project path="external/libcxx" name="platform/external/libcxx" revision="0b1ac82ded2bcb4e16abda1b2491fb34c39b554c" /> @@ -91,13 +91,13 @@ <project path="prebuilts/clang-tools" name="platform/prebuilts/clang-tools" clone-depth="1" revision="91f4dc745f5ac520ba307d41dcccfcf1da87c8e1" /> - <project path="system/core" name="platform/system/core" revision="ab2d6cdc8fcab494f06effc7a9eb1855313bcf3b" /> + <project path="system/core" name="platform/system/core" revision="762543a34fd8d5dccdaa842e92dc8c0f012b3d39" /> <project path="system/logging" name="platform/system/logging" revision="24f69a13c3bb27aceac1b9a0ef13c4cd41f618cf" /> - <project path="system/extras" name="platform/system/extras" revision="6bdbd3017db9c36dea28f92568d4bc1b525ee9eb" /> + <project path="system/extras" name="platform/system/extras" revision="2e9d437cb773e29c144df4e4480487879fe8202a" /> - <project path="system/libbase" name="platform/system/libbase" revision="91a10d912827b818d0c1931ede3a2afaa93b18cd" /> + <project path="system/libbase" name="platform/system/libbase" revision="3e6e44249aa066e3b15620ac355d640268afa985" /> <project path="system/security" name="platform/system/security" revision="cc15f26ecddc5b060d2ab70a07bb3af11a980142" /> |