OSSM-4294 Tidy up generatable/generated/extra functions

bssl-compat/cmake/boringssl.cmake

@@ -47,12 +47,12 @@ function(target_add_bssl_source target)
 endfunction()
 
 function(target_add_bssl_function target)
-  set(gen-cc-sh ${CMAKE_CURRENT_SOURCE_DIR}/tools/generate.cc.sh)
+  set(gen-c-sh ${CMAKE_CURRENT_SOURCE_DIR}/tools/generate.c.sh)
   foreach(function ${ARGN})
-    set(gen-file ${CMAKE_CURRENT_BINARY_DIR}/${function}.cc)
-    set(gen-cmd ${gen-cc-sh} ${function} ${gen-file})
+    set(gen-file ${CMAKE_CURRENT_BINARY_DIR}/${function}.c)
+    set(gen-cmd flock ${gen-c-sh} -c "${gen-c-sh} ${function} ${gen-file}")
     target_sources(${target} PRIVATE ${gen-file})
-    add_custom_command(OUTPUT ${gen-file} COMMAND ${gen-cmd} DEPENDS ${gen-cc-sh})
+    add_custom_command(OUTPUT ${gen-file} COMMAND ${gen-cmd} DEPENDS ${gen-c-sh})
   endforeach()
 endfunction()
 

bssl-compat/patch/include/openssl/asn1.h.patch

@@ -99,8 +99,12 @@
  // OPENSSL_EXPORT void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *str);
  // OPENSSL_EXPORT void ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *str);
  // OPENSSL_EXPORT void ASN1_T61STRING_free(ASN1_T61STRING *str);
-@@ -1040,7 +1040,7 @@
- // OPENSSL_EXPORT ASN1_INTEGER *ASN1_INTEGER_new(void);
+@@ -1037,10 +1037,10 @@
+
+ // ASN1_INTEGER_new calls |ASN1_STRING_type_new| with |V_ASN1_INTEGER|. The
+ // resulting object has value zero.
+-// OPENSSL_EXPORT ASN1_INTEGER *ASN1_INTEGER_new(void);
++OPENSSL_EXPORT ASN1_INTEGER *ASN1_INTEGER_new(void);
 
  // ASN1_INTEGER_free calls |ASN1_STRING_free|.
 -// OPENSSL_EXPORT void ASN1_INTEGER_free(ASN1_INTEGER *str);
@@ -176,7 +180,7 @@
 
  // ASN1_TIME_check returns one if |t| is a valid UTCTime or GeneralizedTime, and
  // zero otherwise. |t|'s type determines which check is performed. This
-@@ -1815,38 +1815,38 @@
+@@ -1837,38 +1837,38 @@
  // prototypes directly. Particularly when |type|, |itname|, or |name| differ,
  // the macros can be difficult to understand.
 
@@ -240,7 +244,7 @@
 
 
  // Deprecated functions.
-@@ -1965,22 +1965,22 @@
+@@ -1987,22 +1987,22 @@
  // DECLARE_ASN1_ITEM(ASN1_PRINTABLE)
 
 
@@ -271,7 +275,7 @@
 
  #ifdef ossl_ASN1_R_ASN1_LENGTH_MISMATCH
  #define ASN1_R_ASN1_LENGTH_MISMATCH ossl_ASN1_R_ASN1_LENGTH_MISMATCH
-@@ -2274,4 +2274,4 @@
+@@ -2296,4 +2296,4 @@
  #define ASN1_R_INVALID_INTEGER ossl_ASN1_R_INVALID_INTEGER
  #endif
 

bssl-compat/patch/include/openssl/bio.h.patch

@@ -80,6 +80,15 @@
 
  // BIO_write_all writes |len| bytes from |data| to |bio|, looping as necessary.
  // It returns one if all bytes were successfully written and zero on error.
+@@ -127,7 +127,7 @@
+
+ // BIO_puts writes a NUL terminated string from |buf| to |bio|. It returns the
+ // number of bytes written or a negative number on error.
+-// OPENSSL_EXPORT int BIO_puts(BIO *bio, const char *buf);
++OPENSSL_EXPORT int BIO_puts(BIO *bio, const char *buf);
+
+ // BIO_flush flushes any buffered output. It returns one on success and zero
+ // otherwise.
 @@ -155,7 +155,7 @@
  // BIO_reset resets |bio| to its initial state, the precise meaning of which
  // depends on the concrete type of |bio|. It returns one on success and zero
@@ -104,6 +113,29 @@
 
  // BIO_should_retry returns non-zero if the reason that caused a failed I/O
  // operation is temporary and thus the operation should be retried. Otherwise,
+@@ -208,11 +208,11 @@
+
+ // BIO_set_retry_read sets the |BIO_FLAGS_READ| and |BIO_FLAGS_SHOULD_RETRY|
+ // flags on |bio|.
+-// OPENSSL_EXPORT void BIO_set_retry_read(BIO *bio);
++OPENSSL_EXPORT void BIO_set_retry_read(BIO *bio);
+
+ // BIO_set_retry_write sets the |BIO_FLAGS_WRITE| and |BIO_FLAGS_SHOULD_RETRY|
+ // flags on |bio|.
+-// OPENSSL_EXPORT void BIO_set_retry_write(BIO *bio);
++OPENSSL_EXPORT void BIO_set_retry_write(BIO *bio);
+
+ // BIO_get_retry_flags gets the |BIO_FLAGS_READ|, |BIO_FLAGS_WRITE|,
+ // |BIO_FLAGS_IO_SPECIAL| and |BIO_FLAGS_SHOULD_RETRY| flags from |bio|.
+@@ -220,7 +220,7 @@
+
+ // BIO_clear_retry_flags clears the |BIO_FLAGS_READ|, |BIO_FLAGS_WRITE|,
+ // |BIO_FLAGS_IO_SPECIAL| and |BIO_FLAGS_SHOULD_RETRY| flags from |bio|.
+-// OPENSSL_EXPORT void BIO_clear_retry_flags(BIO *bio);
++OPENSSL_EXPORT void BIO_clear_retry_flags(BIO *bio);
+
+ // BIO_method_type returns the type of |bio|, which is one of the |BIO_TYPE_*|
+ // values.
 @@ -243,8 +243,8 @@
  // with |BIO_CB_RETURN| if the callback is being made after the operation in
  // question. In that case, |return_value| will contain the return value from
@@ -165,6 +197,15 @@
 
  // BIO_get_mem_data sets |*contents| to point to the current contents of |bio|
  // and returns the length of the data.
+@@ -419,7 +419,7 @@
+ //
+ // For a read-only BIO, the default is zero (EOF). For a writable BIO, the
+ // default is -1 so that additional data can be written once exhausted.
+-// OPENSSL_EXPORT int BIO_set_mem_eof_return(BIO *bio, int eof_value);
++OPENSSL_EXPORT int BIO_set_mem_eof_return(BIO *bio, int eof_value);
+
+
+ // File descriptor BIOs.
 @@ -561,7 +561,7 @@
  // be provided with |BIO_set_conn_port|.
  //

bssl-compat/patch/include/openssl/cipher.h.patch

@@ -117,7 +117,14 @@
 
  // EVP_Cipher performs a one-shot encryption/decryption operation for non-AEAD
  // ciphers. No partial blocks are maintained between calls. However, any
-@@ -324,11 +324,11 @@
+@@ -318,17 +318,17 @@
+
+ // EVP_CIPHER_block_size returns the block size, in bytes, for |cipher|, or one
+ // if |cipher| is a stream cipher.
+-// OPENSSL_EXPORT unsigned EVP_CIPHER_block_size(const EVP_CIPHER *cipher);
++OPENSSL_EXPORT unsigned EVP_CIPHER_block_size(const EVP_CIPHER *cipher);
+
+ // EVP_CIPHER_key_length returns the key size, in bytes, for |cipher|. If
  // |cipher| can take a variable key length then this function returns the
  // default key length and |EVP_CIPHER_flags| will return a value with
  // |EVP_CIPH_VARIABLE_LENGTH| set.
@@ -131,7 +138,7 @@
 
  // EVP_CIPHER_flags returns a value which is the OR of zero or more
  // |EVP_CIPH_*| flags.
-@@ -595,26 +595,26 @@
+@@ -601,26 +601,26 @@
  // } EVP_CIPHER_INFO;
 
 
@@ -168,7 +175,7 @@
 
  #ifdef ossl_CIPHER_R_AES_KEY_SETUP_FAILED
  #define CIPHER_R_AES_KEY_SETUP_FAILED ossl_CIPHER_R_AES_KEY_SETUP_FAILED
-@@ -695,4 +695,4 @@
+@@ -701,4 +701,4 @@
  #define CIPHER_R_INVALID_NONCE ossl_CIPHER_R_INVALID_NONCE
  #endif
 

bssl-compat/patch/include/openssl/cipher.h.sh

@@ -1,4 +1,4 @@
 #!/bin/bash
 
-sed -i -e 's|^// \(#[ \t]*define[ \t]*\)\(CIPHER_R_[a-zA-Z0-9_]*\)[^a-zA-Z0-9_].*$|#ifdef ossl_\2\n\1\2 ossl_\2\n#endif|g' "$1"
-
+sed -i -e 's|^// \(#[ \t]*define[ \t]*\)\(CIPHER_R_[a-zA-Z0-9_]*\)[^a-zA-Z0-9_].*$|#ifdef ossl_\2\n\1\2 ossl_\2\n#endif|g' \
+       -e 's|^// \(#[ \t]*define[ \t]*\)\(EVP_MAX_[A-Z0-9_]*\)[^a-zA-Z0-9_].*$|#ifdef ossl_\2\n\1\2 ossl_\2\n#endif|g' "$1"

bssl-compat/patch/include/openssl/digest.h.patch

@@ -83,7 +83,7 @@
 
 
  // Digest operations.
-@@ -145,8 +145,8 @@
+@@ -145,22 +145,22 @@
  // EVP_DigestInit_ex configures |ctx|, which must already have been
  // initialised, for a fresh hashing operation using |type|. It returns one on
  // success and zero on allocation failure.
@@ -94,7 +94,8 @@
 
  // EVP_DigestInit acts like |EVP_DigestInit_ex| except that |ctx| is
  // initialised before use.
-@@ -154,13 +154,13 @@
+-// OPENSSL_EXPORT int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
++OPENSSL_EXPORT int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
 
  // EVP_DigestUpdate hashes |len| bytes from |data| into the hashing operation
  // in |ctx|. It returns one.
@@ -111,7 +112,7 @@
 
  // EVP_MAX_MD_BLOCK_SIZE is the largest digest block size supported, in
  // bytes.
-@@ -172,8 +172,8 @@
+@@ -172,13 +172,13 @@
  // number of bytes written. It returns one. After this call, the hash cannot be
  // updated or finished again until |EVP_DigestInit_ex| is called to start
  // another hashing operation.
@@ -122,7 +123,22 @@
 
  // EVP_DigestFinal acts like |EVP_DigestFinal_ex| except that
  // |EVP_MD_CTX_cleanup| is called on |ctx| before returning.
-@@ -203,7 +203,7 @@
+-// OPENSSL_EXPORT int EVP_DigestFinal(EVP_MD_CTX *ctx, uint8_t *md_out,
+-//                                    unsigned int *out_size);
++OPENSSL_EXPORT int EVP_DigestFinal(EVP_MD_CTX *ctx, uint8_t *md_out,
++                                   unsigned int *out_size);
+
+ // EVP_Digest performs a complete hashing operation in one call. It hashes |len|
+ // bytes from |data| and writes the digest to |md_out|. |EVP_MD_CTX_size| bytes
+@@ -196,14 +196,14 @@
+ // function.
+
+ // EVP_MD_type returns a NID identifying |md|. (For example, |NID_sha256|.)
+-// OPENSSL_EXPORT int EVP_MD_type(const EVP_MD *md);
++OPENSSL_EXPORT int EVP_MD_type(const EVP_MD *md);
+
+ // EVP_MD_flags returns the flags for |md|, which is a set of |EVP_MD_FLAG_*|
+ // values, ORed together.
  // OPENSSL_EXPORT uint32_t EVP_MD_flags(const EVP_MD *md);
 
  // EVP_MD_size returns the digest size of |md|, in bytes.

bssl-compat/patch/include/openssl/err.h.patch

@@ -46,6 +46,25 @@
 
  // ERR_get_error_line acts like |ERR_get_error|, except that the file and line
  // number of the call that added the error are also returned.
+@@ -199,14 +200,14 @@
+
+ // The "peek" functions act like the |ERR_get_error| functions, above, but they
+ // do not remove the error from the queue.
+-// OPENSSL_EXPORT uint32_t ERR_peek_error(void);
++OPENSSL_EXPORT uint32_t ERR_peek_error(void);
+ // OPENSSL_EXPORT uint32_t ERR_peek_error_line(const char **file, int *line);
+-// OPENSSL_EXPORT uint32_t ERR_peek_error_line_data(const char **file, int *line,
+-//                                                  const char **data, int *flags);
++OPENSSL_EXPORT uint32_t ERR_peek_error_line_data(const char **file, int *line,
++                                                 const char **data, int *flags);
+
+ // The "peek last" functions act like the "peek" functions, above, except that
+ // they return the most recent error.
+-// OPENSSL_EXPORT uint32_t ERR_peek_last_error(void);
++OPENSSL_EXPORT uint32_t ERR_peek_last_error(void);
+ // OPENSSL_EXPORT uint32_t ERR_peek_last_error_line(const char **file, int *line);
+ // OPENSSL_EXPORT uint32_t ERR_peek_last_error_line_data(const char **file,
+ //                                                       int *line,
 @@ -224,17 +225,17 @@
  //
  // error code is an 8 digit hexadecimal number; library name and reason string

bssl-compat/patch/include/openssl/evp.h.patch

@@ -108,6 +108,32 @@
 
  // EVP_marshal_public_key marshals |key| as a DER-encoded SubjectPublicKeyInfo
  // structure (RFC 5280) and appends the result to |cbb|. It returns one on
+@@ -366,9 +366,9 @@
+ // used concurrently with other non-mutating functions on |pkey|.
+ //
+ // It returns one on success, or zero on error.
+-// OPENSSL_EXPORT int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+-//                                         const EVP_MD *type, ENGINE *e,
+-//                                         EVP_PKEY *pkey);
++OPENSSL_EXPORT int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
++                                        const EVP_MD *type, ENGINE *e,
++                                        EVP_PKEY *pkey);
+
+ // EVP_DigestVerifyUpdate appends |len| bytes from |data| to the data which
+ // will be verified by |EVP_DigestVerifyFinal|. It returns one.
+@@ -391,9 +391,9 @@
+
+ // EVP_DigestVerify verifies that |sig_len| bytes from |sig| are a valid
+ // signature for |data|. It returns one on success or zero on error.
+-// OPENSSL_EXPORT int EVP_DigestVerify(EVP_MD_CTX *ctx, const uint8_t *sig,
+-//                                     size_t sig_len, const uint8_t *data,
+-//                                     size_t len);
++OPENSSL_EXPORT int EVP_DigestVerify(EVP_MD_CTX *ctx, const uint8_t *sig,
++                                    size_t sig_len, const uint8_t *data,
++                                    size_t len);
+
+
+ // Signing (old functions)
 @@ -1089,20 +1089,20 @@
  // } /* EVP_PKEY */;
 

bssl-compat/patch/include/openssl/mem.h.patch

@@ -46,6 +46,15 @@
 
  // OPENSSL_cleanse zeros out |len| bytes of memory at |ptr|. This is similar to
  // |memset_s| from C11.
+@@ -96,7 +96,7 @@
+ // of |a| and |b|. Unlike memcmp, it cannot be used to put elements into a
+ // defined order as the return value when a != b is undefined, other than to be
+ // non-zero.
+-// OPENSSL_EXPORT int CRYPTO_memcmp(const void *a, const void *b, size_t len);
++OPENSSL_EXPORT int CRYPTO_memcmp(const void *a, const void *b, size_t len);
+
+ // OPENSSL_hash32 implements the 32 bit, FNV-1a hash.
+ // OPENSSL_EXPORT uint32_t OPENSSL_hash32(const void *ptr, size_t len);
 @@ -124,8 +124,8 @@
  // #define DECIMAL_SIZE(type)	((sizeof(type)*8+2)/3+1)
 

bssl-compat/patch/include/openssl/ssl.h.patch

@@ -278,6 +278,15 @@
 
 
  // Options.
+@@ -802,7 +803,7 @@
+ // SSL_CTX_set_options enables all options set in |options| (which should be one
+ // or more of the |SSL_OP_*| values, ORed together) in |ctx|. It returns a
+ // bitmask representing the resulting enabled options.
+-// OPENSSL_EXPORT uint32_t SSL_CTX_set_options(SSL_CTX *ctx, uint32_t options);
++OPENSSL_EXPORT uint32_t SSL_CTX_set_options(SSL_CTX *ctx, uint32_t options);
+
+ // SSL_CTX_clear_options disables all options set in |options| (which should be
+ // one or more of the |SSL_OP_*| values, ORed together) in |ctx|. It returns a
 @@ -811,7 +812,7 @@
 
  // SSL_CTX_get_options returns a bitmask of |SSL_OP_*| values that represent all

bssl-compat/patch/include/openssl/x509v3.h.patch

@@ -58,7 +58,7 @@
 
  // struct NAME_CONSTRAINTS_st {
  //   STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
-@@ -489,7 +493,7 @@
+@@ -507,7 +511,7 @@
 
  // DEFINE_STACK_OF(X509_PURPOSE)
 
@@ -67,7 +67,7 @@
 
  // TODO(https://crbug.com/boringssl/407): This is not const because it contains
  // an |X509_NAME|.
-@@ -497,14 +501,14 @@
+@@ -515,14 +519,14 @@
 
  // TODO(https://crbug.com/boringssl/407): This is not const because it contains
  // an |X509_NAME|.
@@ -85,7 +85,7 @@
 
  // i2v_GENERAL_NAME serializes |gen| as a |CONF_VALUE|. If |ret| is non-NULL, it
  // appends the value to |ret| and returns |ret| on success or NULL on error. If
-@@ -522,7 +526,7 @@
+@@ -540,7 +544,7 @@
 
  // TODO(https://crbug.com/boringssl/407): This is not const because it contains
  // an |X509_NAME|.
@@ -94,7 +94,18 @@
 
  // i2v_GENERAL_NAMES serializes |gen| as a list of |CONF_VALUE|s. If |ret| is
  // non-NULL, it appends the values to |ret| and returns |ret| on success or NULL
-@@ -597,10 +601,10 @@
+@@ -561,8 +565,8 @@
+ // DECLARE_ASN1_FUNCTIONS_const(OTHERNAME)
+ // DECLARE_ASN1_FUNCTIONS_const(EDIPARTYNAME)
+ // OPENSSL_EXPORT int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b);
+-// OPENSSL_EXPORT void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type,
+-//                                             void *value);
++OPENSSL_EXPORT void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type,
++                                            void *value);
+ // OPENSSL_EXPORT void *GENERAL_NAME_get0_value(const GENERAL_NAME *a, int *ptype);
+ // OPENSSL_EXPORT int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
+ //                                                ASN1_OBJECT *oid,
+@@ -615,10 +619,10 @@
  // DECLARE_ASN1_ITEM(POLICY_MAPPINGS)
 
  // DECLARE_ASN1_ITEM(GENERAL_SUBTREE)
@@ -107,7 +118,7 @@
 
  // DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
  // DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
-@@ -857,8 +861,8 @@
+@@ -875,8 +879,8 @@
  // OPENSSL_EXPORT int X509_check_issued(X509 *issuer, X509 *subject);
  // OPENSSL_EXPORT int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
 
@@ -118,7 +129,7 @@
  // OPENSSL_EXPORT uint32_t X509_get_extended_key_usage(X509 *x);
 
  // X509_get0_subject_key_id returns |x509|'s subject key identifier, if present.
-@@ -958,29 +962,29 @@
+@@ -976,29 +980,29 @@
  // made after this point may be overwritten when the script is next run.
 
 
@@ -159,7 +170,7 @@
 
  #ifdef ossl_X509V3_R_BAD_IP_ADDRESS
  #define X509V3_R_BAD_IP_ADDRESS ossl_X509V3_R_BAD_IP_ADDRESS
-@@ -1178,4 +1182,4 @@
+@@ -1196,4 +1200,4 @@
  #define X509V3_R_TRAILING_DATA_IN_EXTENSION ossl_X509V3_R_TRAILING_DATA_IN_EXTENSION
  #endif
 

bssl-compat/source/ASN1_TIME_free.cc

@@ -0,0 +1,7 @@
+#include <openssl/asn1.h>
+#include <ossl.h>
+
+
+void ASN1_TIME_free(ASN1_TIME *s) {
+  ossl.ossl_ASN1_TIME_free(s);
+}