crypto: include openssl/rand.h explicitly

nodejs/node#55425

Author: codebytere

patches/node/fix_handle_boringssl_and_openssl_incompatibilities.patch

@@ -17,15 +17,10 @@ Upstreams:
 - https://github.com/nodejs/node/pull/39136
 
 diff --git a/deps/ncrypto/ncrypto.cc b/deps/ncrypto/ncrypto.cc
-index 457bd2f6c5b18956d06c716fbfae429496fb352d..e954cb2e53f3d8c297d21ef9f698d824ca574106 100644
+index ac2d771555126a4f43b8c3a3fd299d40019e6622..769fe636ef2b5d02ecc9ff753e64d93ea5075700 100644
 --- a/deps/ncrypto/ncrypto.cc
 +++ b/deps/ncrypto/ncrypto.cc
-@@ -6,13 +6,11 @@
- #include <openssl/evp.h>
- #include <openssl/hmac.h>
- #include <openssl/pkcs12.h>
-+#include <openssl/rand.h>
- #include <openssl/x509v3.h>
+@@ -11,9 +11,6 @@
  #if OPENSSL_VERSION_MAJOR >= 3
  #include <openssl/provider.h>
  #endif
@@ -35,30 +30,31 @@ index 457bd2f6c5b18956d06c716fbfae429496fb352d..e954cb2e53f3d8c297d21ef9f698d824
 
  namespace ncrypto {
  namespace {
-@@ -694,7 +692,7 @@ bool SafeX509SubjectAltNamePrint(const BIOPointer& out, X509_EXTENSION* ext) {
+@@ -708,7 +705,7 @@ bool SafeX509SubjectAltNamePrint(const BIOPointer& out, X509_EXTENSION* ext) {
 
    bool ok = true;
 
 -  for (int i = 0; i < sk_GENERAL_NAME_num(names); i++) {
 +  for (size_t i = 0; i < sk_GENERAL_NAME_num(names); i++) {
      GENERAL_NAME* gen = sk_GENERAL_NAME_value(names, i);
 
-     if (i != 0)
-@@ -720,7 +718,7 @@ bool SafeX509InfoAccessPrint(const BIOPointer& out, X509_EXTENSION* ext) {
+     if (i != 0) BIO_write(out.get(), ", ", 2);
+@@ -732,7 +729,7 @@ bool SafeX509InfoAccessPrint(const BIOPointer& out, X509_EXTENSION* ext) {
 
    bool ok = true;
 
 -  for (int i = 0; i < sk_ACCESS_DESCRIPTION_num(descs); i++) {
 +  for (size_t i = 0; i < sk_ACCESS_DESCRIPTION_num(descs); i++) {
      ACCESS_DESCRIPTION* desc = sk_ACCESS_DESCRIPTION_value(descs, i);
 
-     if (i != 0)
-@@ -857,13 +855,17 @@ BIOPointer X509View::getValidTo() const {
+     if (i != 0) BIO_write(out.get(), "\n", 1);
+@@ -874,13 +871,17 @@ BIOPointer X509View::getValidTo() const {
 
  int64_t X509View::getValidToTime() const {
    struct tm tp;
+-  ASN1_TIME_to_tm(X509_get0_notAfter(cert_), &tp);
 +#ifndef OPENSSL_IS_BORINGSSL
-   ASN1_TIME_to_tm(X509_get0_notAfter(cert_), &tp);
++   ASN1_TIME_to_tm(X509_get0_notAfter(cert_), &tp);
 +#endif
    return PortableTimeGM(&tp);
  }
@@ -71,21 +67,22 @@ index 457bd2f6c5b18956d06c716fbfae429496fb352d..e954cb2e53f3d8c297d21ef9f698d824
    return PortableTimeGM(&tp);
  }
 
-@@ -1043,7 +1045,11 @@ BIOPointer BIOPointer::NewMem() {
+@@ -1085,7 +1086,11 @@ BIOPointer BIOPointer::NewMem() {
  }
 
  BIOPointer BIOPointer::NewSecMem() {
+-  return BIOPointer(BIO_new(BIO_s_secmem()));
 +#ifdef OPENSSL_IS_BORINGSSL
 +  return BIOPointer(BIO_new(BIO_s_mem()));
 +#else
-   return BIOPointer(BIO_new(BIO_s_secmem()));
++   return BIOPointer(BIO_new(BIO_s_secmem()));
 +#endif
  }
 
  BIOPointer BIOPointer::New(const BIO_METHOD* method) {
-@@ -1098,8 +1104,10 @@ BignumPointer DHPointer::FindGroup(const std::string_view name,
-                                    FindGroupOption option) {
- #define V(n, p) if (EqualNoCase(name, n)) return BignumPointer(p(nullptr));
+@@ -1149,8 +1154,10 @@ BignumPointer DHPointer::FindGroup(const std::string_view name,
+ #define V(n, p)                                                                \
+   if (EqualNoCase(name, n)) return BignumPointer(p(nullptr));
    if (option != FindGroupOption::NO_SMALL_PRIMES) {
 +#ifndef OPENSSL_IS_BORINGSSL
      V("modp1", BN_get_rfc2409_prime_768);
@@ -94,7 +91,7 @@ index 457bd2f6c5b18956d06c716fbfae429496fb352d..e954cb2e53f3d8c297d21ef9f698d824
      V("modp5", BN_get_rfc3526_prime_1536);
    }
    V("modp14", BN_get_rfc3526_prime_2048);
-@@ -1171,11 +1179,13 @@ DHPointer::CheckPublicKeyResult DHPointer::checkPublicKey(const BignumPointer& p
+@@ -1223,11 +1230,13 @@ DHPointer::CheckPublicKeyResult DHPointer::checkPublicKey(
    int codes = 0;
    if (DH_check_pub_key(dh_.get(), pub_key.get(), &codes) != 1)
      return DHPointer::CheckPublicKeyResult::CHECK_FAILED;