File 0005-libssl-Hide-library-private-symbols.patch of Package openssl

From 89d5aecbc62842651cf22e48c405eb435feb0df3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= <crrodriguez@opensuse.org>
Date: Wed, 24 Jul 2013 23:29:05 -0400
Subject: [PATCH 5/5] libssl: Hide library private symbols

This patch only contains the libssl part (the easy one)
patch to libcrypto will follow after it is complete and good enough.

It hides all the library symbols that are not part of the public
API/ABI when GCC 4 or later is used.


Sun Nov  6 21:44:18 CET 2016 - draht@schaltsekun.de
patch re-diffed


diff -rNU 30 ../openssl-1.0.1u-o/ssl/kssl_lcl.h ./ssl/kssl_lcl.h
--- ../openssl-1.0.1u-o/ssl/kssl_lcl.h	2016-09-22 12:23:06.000000000 +0200
+++ ./ssl/kssl_lcl.h	2016-11-06 21:42:33.000000000 +0100
@@ -34,55 +34,62 @@
  *
  * 6. Redistributions of any form whatsoever must retain the following
  *    acknowledgment:
  *    "This product includes software developed by the OpenSSL Project
  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  *
  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  * OF THE POSSIBILITY OF SUCH DAMAGE.
  * ====================================================================
  *
  * This product includes cryptographic software written by Eric Young
  * (eay@cryptsoft.com).  This product includes software written by Tim
  * Hudson (tjh@cryptsoft.com).
  *
  */
 
 #ifndef KSSL_LCL_H
 # define KSSL_LCL_H
 
 # include <openssl/kssl.h>
+#if defined(__GNUC__) && __GNUC__ >= 4
+#pragma GCC visibility push(hidden)
+#endif
 
 # ifndef OPENSSL_NO_KRB5
 
 #ifdef  __cplusplus
 extern "C" {
 #endif
 
 /* Private (internal to OpenSSL) */
 void print_krb5_data(char *label, krb5_data *kdata);
 void print_krb5_authdata(char *label, krb5_authdata **adata);
 void print_krb5_keyblock(char *label, krb5_keyblock *keyblk);
 
 char *kstring(char *string);
 char *knumber(int len, krb5_octet *contents);
 
 const EVP_CIPHER *kssl_map_enc(krb5_enctype enctype);
 
 int kssl_keytab_is_available(KSSL_CTX *kssl_ctx);
 int kssl_tgt_is_available(KSSL_CTX *kssl_ctx);
 
 #ifdef  __cplusplus
 }
 #endif
 # endif                         /* OPENSSL_NO_KRB5 */
+#if defined(__GNUC__) && __GNUC__ >= 4
+#pragma GCC visibility pop
+#endif
+
 #endif                          /* KSSL_LCL_H */
diff -rNU 30 ../openssl-1.0.1u-o/ssl/ssl_locl.h ./ssl/ssl_locl.h
--- ../openssl-1.0.1u-o/ssl/ssl_locl.h	2016-09-22 12:29:27.000000000 +0200
+++ ./ssl/ssl_locl.h	2016-11-06 21:43:44.000000000 +0100
@@ -138,60 +138,64 @@
  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
  * OTHERWISE.
  */
 
 #ifndef HEADER_SSL_LOCL_H
 # define HEADER_SSL_LOCL_H
 # include <stdlib.h>
 # include <time.h>
 # include <string.h>
 # include <errno.h>
 
 # include "e_os.h"
 
 # include <openssl/buffer.h>
 # ifndef OPENSSL_NO_COMP
 #  include <openssl/comp.h>
 # endif
 # include <openssl/bio.h>
 # include <openssl/stack.h>
 # ifndef OPENSSL_NO_RSA
 #  include <openssl/rsa.h>
 # endif
 # ifndef OPENSSL_NO_DSA
 #  include <openssl/dsa.h>
 # endif
 # include <openssl/err.h>
 # include <openssl/ssl.h>
 # include <openssl/symhacks.h>
 
+#if defined(__GNUC__) && __GNUC__ >= 4
+#pragma GCC visibility push(hidden)
+#endif
+
 # ifdef OPENSSL_BUILD_SHLIBSSL
 #  undef OPENSSL_EXTERN
 #  define OPENSSL_EXTERN OPENSSL_EXPORT
 # endif
 
 # undef PKCS1_CHECK
 
 # define c2l(c,l)        (l = ((unsigned long)(*((c)++)))     , \
                          l|=(((unsigned long)(*((c)++)))<< 8), \
                          l|=(((unsigned long)(*((c)++)))<<16), \
                          l|=(((unsigned long)(*((c)++)))<<24))
 
 /* NOTE - c is not incremented as per c2l */
 # define c2ln(c,l1,l2,n) { \
                         c+=n; \
                         l1=l2=0; \
                         switch (n) { \
                         case 8: l2 =((unsigned long)(*(--(c))))<<24; \
                         case 7: l2|=((unsigned long)(*(--(c))))<<16; \
                         case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
                         case 5: l2|=((unsigned long)(*(--(c))));     \
                         case 4: l1 =((unsigned long)(*(--(c))))<<24; \
                         case 3: l1|=((unsigned long)(*(--(c))))<<16; \
                         case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
                         case 1: l1|=((unsigned long)(*(--(c))));     \
                                 } \
                         }
 
 # define l2c(l,c)        (*((c)++)=(unsigned char)(((l)    )&0xff), \
                          *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
@@ -1217,31 +1221,36 @@
                             SSL3_RECORD *rec,
                             unsigned block_size, unsigned mac_size);
 int tls1_cbc_remove_padding(const SSL *s,
                             SSL3_RECORD *rec,
                             unsigned block_size, unsigned mac_size);
 char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
 int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
                            unsigned char *md_out,
                            size_t *md_out_size,
                            const unsigned char header[13],
                            const unsigned char *data,
                            size_t data_plus_mac_size,
                            size_t data_plus_mac_plus_padding_size,
                            const unsigned char *mac_secret,
                            unsigned mac_secret_length, char is_sslv3);
 
 void tls_fips_digest_extra(const EVP_CIPHER_CTX *cipher_ctx,
                            EVP_MD_CTX *mac_ctx, const unsigned char *data,
                            size_t data_len, size_t orig_len);
 
 int srp_verify_server_param(SSL *s, int *al);
 
 # else
 
 #  define ssl_init_wbio_buffer SSL_test_functions()->p_ssl_init_wbio_buffer
 #  define ssl3_setup_buffers SSL_test_functions()->p_ssl3_setup_buffers
 #  define tls1_process_heartbeat SSL_test_functions()->p_tls1_process_heartbeat
 #  define dtls1_process_heartbeat SSL_test_functions()->p_dtls1_process_heartbeat
 
 # endif
+
+#if defined(__GNUC__) && __GNUC__ >= 4
+#pragma GCC visibility pop
+#endif
+
 #endif
openSUSE Build Service is sponsored by