path: root/ics-openvpn-stripped/main/openssl/
diff options
authorParménides GV <>2014-11-05 16:51:16 +0100
committerParménides GV <>2014-11-05 16:51:16 +0100
commit6544b8d32ccf81a6c1d832217642b873be8dc6b7 (patch)
treeb07723b530e20b23ae83de822387f6551ea7f9f4 /ics-openvpn-stripped/main/openssl/
parent713c3a98f53a6bd1ad94e90f28d3e37d20abfab9 (diff)
parent5304543ebd60778ad46123cd63142e27627fa150 (diff)
Merge branch 'bug/Android-5-Lollipop-VPN-fails-#6232' into develop
Diffstat (limited to 'ics-openvpn-stripped/main/openssl/')
1 files changed, 722 insertions, 0 deletions
diff --git a/ics-openvpn-stripped/main/openssl/ b/ics-openvpn-stripped/main/openssl/
new file mode 100755
index 00000000..f16596bc
--- /dev/null
+++ b/ics-openvpn-stripped/main/openssl/
@@ -0,0 +1,722 @@
+# Copyright (C) 2009 The Android Open Source Project
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# This script imports new versions of OpenSSL ( into the
+# Android source tree. To run, (1) fetch the appropriate tarball from the OpenSSL repository,
+# (2) check the gpg/pgp signature, and then (3) run:
+# ./ import openssl-*.tar.gz
+# IMPORTANT: See for additional details.
+# turn on exit on error as well as a warning when it happens
+set -e
+trap "echo WARNING: Exiting on non-zero subprocess exit code" ERR;
+# Make sure we're in the right directory.
+cd $(dirname $0)
+# Ensure consistent sorting order / tool output.
+export LANG=C
+export LC_ALL=C
+PERL_EXE="perl -C0"
+function die() {
+ declare -r message=$1
+ echo $message
+ exit 1
+function usage() {
+ declare -r message=$1
+ if [ ! "$message" = "" ]; then
+ echo $message
+ fi
+ echo "Usage:"
+ echo " ./ import </path/to/openssl-*.tar.gz>"
+ echo " ./ regenerate <patch/*.patch>"
+ echo " ./ generate <patch/*.patch> </path/to/openssl-*.tar.gz>"
+ exit 1
+function main() {
+ if [ ! -d patches ]; then
+ die "OpenSSL patch directory patches/ not found"
+ fi
+ if [ ! -f openssl.version ]; then
+ die "openssl.version not found"
+ fi
+ source ./openssl.version
+ if [ "$OPENSSL_VERSION" == "" ]; then
+ die "Invalid openssl.version; see for more information"
+ fi
+ if [ ! -f openssl.config ]; then
+ die "openssl.config not found"
+ fi
+ source ./openssl.config
+ if [ "$CONFIGURE_ARGS" == "" -o "$UNNEEDED_SOURCES" == "" -o "$NEEDED_SOURCES" == "" ]; then
+ die "Invalid openssl.config; see for more information"
+ fi
+ declare -r command=$1
+ shift || usage "No command specified. Try import, regenerate, or generate."
+ if [ "$command" = "import" ]; then
+ declare -r tar=$1
+ shift || usage "No tar file specified."
+ import $tar
+ elif [ "$command" = "regenerate" ]; then
+ declare -r patch=$1
+ shift || usage "No patch file specified."
+ [ -d $OPENSSL_DIR ] || usage "$OPENSSL_DIR not found, did you mean to use generate?"
+ [ -d $OPENSSL_DIR_ORIG ] || usage "$OPENSSL_DIR_ORIG not found, did you mean to use generate?"
+ regenerate $patch
+ elif [ "$command" = "generate" ]; then
+ declare -r patch=$1
+ shift || usage "No patch file specified."
+ declare -r tar=$1
+ shift || usage "No tar file specified."
+ generate $patch $tar
+ else
+ usage "Unknown command specified $command. Try import, regenerate, or generate."
+ fi
+# Compute the name of an assembly source file generated by one of the
+# gen_asm_xxxx() functions below. The logic is the following:
+# - if "$2" is not empty, output it directly
+# - otherwise, change the file extension of $1 from .pl to .S and output
+# it.
+# Usage: default_asm_file "$1" "$2"
+# or default_asm_file "$@"
+# $1: generator path (perl script)
+# $2: optional output file name.
+function default_asm_file () {
+ if [ "$2" ]; then
+ echo "$2"
+ else
+ echo "${}.S"
+ fi
+# Generate an ARM assembly file.
+# $1: generator (perl script)
+# $2: [optional] output file name
+function gen_asm_arm () {
+ local OUT
+ OUT=$(default_asm_file "$@")
+ $PERL_EXE "$1" void "$OUT" > "$OUT"
+# Generate an ARMv8 64-bit assembly file.
+# $1: generator (perl script)
+# $2: [optional] output file name
+function gen_asm_arm64 () {
+ local OUT
+ OUT=$(default_asm_file "$@")
+ $PERL_EXE "$1" linux64 "$OUT" > "$OUT"
+function gen_asm_mips () {
+ local OUT
+ OUT=$(default_asm_file "$@")
+ # The perl scripts expect to run the target compiler as $CC to determine
+ # the endianess of the target. Setting CC to true is a hack that forces the scripts
+ # to generate little endian output
+ CC=true $PERL_EXE "$1" o32 > "$OUT"
+function gen_asm_x86 () {
+ local OUT
+ OUT=$(default_asm_file "$@")
+ $PERL_EXE "$1" elf -fPIC $(print_values_with_prefix -D $OPENSSL_CRYPTO_DEFINES_x86) > "$OUT"
+function gen_asm_x86_64 () {
+ local OUT
+ OUT=$(default_asm_file "$@")
+ $PERL_EXE "$1" elf "$OUT" > "$OUT"
+# Filter all items in a list that match a given pattern.
+# $1: space-separated list
+# $2: egrep pattern.
+# Out: items in $1 that match $2
+function filter_by_egrep() {
+ declare -r pattern=$1
+ shift
+ echo "$@" | tr ' ' '\n' | grep -e "$pattern" | tr '\n' ' '
+# Sort and remove duplicates in a space-separated list
+# $1: space-separated list
+# Out: new space-separated list
+function uniq_sort () {
+ echo "$@" | tr ' ' '\n' | sort -u | tr '\n' ' '
+function print_autogenerated_header() {
+ echo "# Auto-generated - DO NOT EDIT!"
+ echo "# To regenerate, edit openssl.config, then run:"
+ echo "# ./ import /path/to/openssl-$OPENSSL_VERSION.tar.gz"
+ echo "#"
+function run_verbose() {
+ echo Running: $@
+ $@
+function scan_opensslconf_for_flags() {
+ for flag in "$@"; do
+ awk "/^#define ${flag}$/ { print \$2 }" crypto/opensslconf.h
+ done
+function check_asm_flags() {
+ local arch="$1"
+ local target="$2"
+ local unsorted_flags
+ local expected_flags
+ local actual_flags
+ local defines="OPENSSL_CRYPTO_DEFINES_$arch"
+ PERL=/usr/bin/perl run_verbose ./Configure $CONFIGURE_ARGS $target
+ unsorted_flags="$(awk '/^CFLAG=/ { sub(/^CFLAG= .*-Wall /, ""); gsub(/-D/, ""); print; }' Makefile)"
+ unsorted_flags="$unsorted_flags $(scan_opensslconf_for_flags "${CRYPTO_CONF_FLAGS[@]}")"
+ expected_flags="$(echo $unsorted_flags | tr ' ' '\n' | sort | tr '\n' ' ')"
+ actual_flags="$(echo ${!defines} | tr ' ' '\n' | sort | tr '\n' ' ')"
+ if [[ $actual_flags != $expected_flags ]]; then
+ echo ${defines} is wrong!
+ echo " $actual_flags"
+ echo Please update to:
+ echo " $expected_flags"
+ exit 1
+ fi
+# Run Configure and generate headers
+# $1: 32 for 32-bit arch, 64 for 64-bit arch, trusty for Trusty
+# $2: 1 if building for static version
+# Out: returns the cflags and depflags in variable $flags
+function generate_build_config_headers() {
+ chmod +x ./Configure
+ local configure_args_bits=CONFIGURE_ARGS_$1
+ local configure_args_stat=''
+ local outname=$1
+ if [[ $2 == 1 ]] ; then
+ configure_args_stat=CONFIGURE_ARGS_STATIC
+ outname="static-$1"
+ fi
+ if [[ $1 == trusty ]] ; then
+ PERL=/usr/bin/perl run_verbose ./Configure $CONFIGURE_ARGS_TRUSTY
+ else
+ PERL=/usr/bin/perl run_verbose ./Configure $CONFIGURE_ARGS ${!configure_args_bits} ${!configure_args_stat}
+ fi
+ rm -f apps/ crypto/opensslconf.h.bak
+ mv -f crypto/opensslconf.h crypto/opensslconf-$outname.h
+ cp -f crypto/opensslconf-$outname.h include/openssl/opensslconf-$outname.h
+ local tmpfile=$(mktemp tmp.XXXXXXXXXX)
+ (grep -e -D Makefile | grep -v CONFIGURE_ARGS= | grep -v OPTIONS= | \
+ grep -v -e -DOPENSSL_NO_DEPRECATED) > $tmpfile
+ declare -r cflags=$(filter_by_egrep "^-D" $(grep -e "^CFLAG=" $tmpfile))
+ declare -r depflags=$(filter_by_egrep "^-D" $(grep -e "^DEPFLAG=" $tmpfile))
+ rm -f $tmpfile
+ flags="$cflags $depflags"
+# Run Configure and generate makefiles
+function generate_build_config_mk() {
+ chmod +x ./Configure
+ for bits in 32 64 trusty; do
+ # Header flags are output in $flags, first static, then dynamic
+ generate_build_config_headers $bits 1
+ local flags_static=$flags
+ generate_build_config_headers $bits
+ echo "Generating build-config-$"
+ (
+ print_autogenerated_header
+ echo "openssl_cflags_$bits := \\"
+ for flag in $flags ; do echo " $flag \\" ; done
+ echo ""
+ echo "openssl_cflags_static_$bits := \\"
+ for flag in $flags_static; do echo " $flag \\" ; done
+ echo ""
+ ) > ../build-config-$
+ done
+# Generate crypto/opensslconf.h file including arch-specific files
+function generate_opensslconf_h() {
+ echo "Generating opensslconf.h"
+ (
+ echo "// Auto-generated - DO NOT EDIT!"
+ echo "#ifndef OPENSSL_SYS_TRUSTY"
+ echo "#if defined(__LP64__)"
+ echo "#include \"opensslconf-64.h\""
+ echo "#else"
+ echo "#include \"opensslconf-32.h\""
+ echo "#endif"
+ echo "#else"
+ echo "#include \"opensslconf-trusty.h\""
+ echo "#endif"
+ ) > crypto/opensslconf.h
+ # Generate a compatible version for the static library builds
+ echo "Generating opensslconf-static.h"
+ (
+ echo "// Auto-generated - DO NOT EDIT!"
+ echo "#if defined(__LP64__)"
+ echo "#include \"opensslconf-static-64.h\""
+ echo "#else"
+ echo "#include \"opensslconf-static-32.h\""
+ echo "#endif"
+ ) > crypto/opensslconf-static.h
+ # move it to output include files as well
+ cp -f crypto/opensslconf-static.h include/openssl/opensslconf-static.h
+# Return the value of a computed variable name.
+# E.g.:
+# FOO=foo
+# BAR=bar
+# echo $(var_value FOO_$BAR) -> prints the value of ${FOO_bar}
+# $1: Variable name
+# Out: variable value
+var_value() {
+ # Note: don't use 'echo' here, because it's sensitive to values
+ # that begin with an underscore (e.g. "-n")
+ eval printf \"%s\\n\" \$$1
+# Same as var_value, but returns sorted output without duplicates.
+# $1: Variable name
+# Out: variable value (if space-separated list, sorted with no duplicates)
+var_sorted_value() {
+ uniq_sort $(var_value $1)
+# Print the values in a list with a prefix
+# $1: prefix to use
+# $2+: values of list
+print_values_with_prefix() {
+ declare -r prefix=$1
+ shift
+ for src; do
+ echo -n " $prefix$src "
+ done
+# Print the definition of a given variable in a GNU Make build file.
+# $1: Variable name (e.g. common_src_files)
+# $2: prefix for each variable contents
+# $3+: Variable value (e.g. list of sources)
+print_vardef_with_prefix_in_mk() {
+ declare -r varname=$1
+ declare -r prefix=$2
+ shift
+ shift
+ if [ -z "$1" ]; then
+ echo "$varname :="
+ else
+ echo "$varname := \\"
+ for src; do
+ echo " $prefix$src \\"
+ done
+ fi
+ echo ""
+# Print the definition of a given variable in a GNU Make build file.
+# $1: Variable name (e.g. common_src_files)
+# $2+: Variable value (e.g. list of sources)
+print_vardef_in_mk() {
+ declare -r varname=$1
+ shift
+ print_vardef_with_prefix_in_mk $varname "" $@
+# Same as print_vardef_in_mk, but print a CFLAGS definition from
+# a list of compiler defines.
+# $1: Variable name (e.g. common_cflags)
+# $2: List of defines (e.g. OPENSSL_NO_CAMELLIA ...)
+print_defines_in_mk() {
+ declare -r varname=$1
+ shift
+ if [ -z "$1" ]; then
+ echo "$varname :="
+ else
+ echo "$varname := \\"
+ for def; do
+ echo " -D$def \\"
+ done
+ fi
+ echo ""
+# Generate a configuration file like
+# This uses variable definitions from openssl.config to build a config
+# file that can compute the list of target- and host-specific sources /
+# compiler flags for a given component.
+# $1: Target file name. (e.g.
+# $2: Variable prefix. (e.g. CRYPTO)
+# $3: "host" or "target"
+function generate_config_mk() {
+ declare -r output="$1"
+ declare -r prefix="$2"
+ declare -r all_archs="arm arm64 x86 x86_64 mips"
+ echo "Generating $(basename $output)"
+ (
+ print_autogenerated_header
+ echo \
+"# This script will append to the following variables:
+ common_defines=$(var_sorted_value OPENSSL_${prefix}_DEFINES)
+ print_defines_in_mk common_cflags $common_defines
+ common_sources=$(var_sorted_value OPENSSL_${prefix}_SOURCES)
+ print_vardef_in_mk common_src_files $common_sources
+ common_includes=$(var_sorted_value OPENSSL_${prefix}_INCLUDES)
+ print_vardef_with_prefix_in_mk common_c_includes external/openssl/ $common_includes
+ for arch in $all_archs; do
+ arch_defines=$(var_sorted_value OPENSSL_${prefix}_DEFINES_${arch})
+ print_defines_in_mk ${arch}_cflags $arch_defines
+ arch_sources=$(var_sorted_value OPENSSL_${prefix}_SOURCES_${arch})
+ print_vardef_in_mk ${arch}_src_files $arch_sources
+ arch_exclude_sources=$(var_sorted_value OPENSSL_${prefix}_SOURCES_EXCLUDES_${arch})
+ print_vardef_in_mk ${arch}_exclude_files $arch_exclude_sources
+ done
+ if [ $3 == "target" ]; then
+ echo "
+LOCAL_CFLAGS += \$(common_cflags)
+LOCAL_C_INCLUDES += \$(common_c_includes)"
+ for arch in $all_archs; do
+ echo "
+LOCAL_SRC_FILES_${arch} += \$(filter-out \$(${arch}_exclude_files),\$(common_src_files) \$(${arch}_src_files))
+LOCAL_CFLAGS_${arch} += \$(${arch}_cflags)"
+ done
+ else
+ echo "
+LOCAL_CFLAGS += \$(common_cflags)
+LOCAL_C_INCLUDES += \$(common_c_includes) \$(local_c_includes)
+ifeq (\$(HOST_OS),linux)
+LOCAL_CFLAGS_x86 += \$(x86_cflags)
+LOCAL_SRC_FILES_x86 += \$(filter-out \$(x86_exclude_files), \$(common_src_files) \$(x86_src_files))
+LOCAL_CFLAGS_x86_64 += \$(x86_64_cflags)
+LOCAL_SRC_FILES_x86_64 += \$(filter-out \$(x86_64_exclude_files), \$(common_src_files) \$(x86_64_src_files))
+\$(warning Unknown host OS \$(HOST_OS))
+LOCAL_SRC_FILES += \$(common_src_files)
+ fi
+ ) > "$output"
+function import() {
+ declare -r OPENSSL_SOURCE=$1
+ untar $OPENSSL_SOURCE readonly
+ applypatches $OPENSSL_DIR
+ convert_iso8859_to_utf8 $OPENSSL_DIR
+ # Check the ASM flags for each arch
+ check_asm_flags arm linux-armv4
+ check_asm_flags arm64 linux-aarch64
+ check_asm_flags x86 linux-elf
+ check_asm_flags x86_64 linux-x86_64
+ generate_build_config_mk
+ generate_opensslconf_h
+ # Avoid checking in symlinks
+ for i in `find include/openssl -type l`; do
+ target=`readlink $i`
+ rm -f $i
+ if [ -f include/openssl/$target ]; then
+ cp include/openssl/$target $i
+ fi
+ done
+ # Generate arm asm
+ gen_asm_arm crypto/aes/asm/
+ gen_asm_arm crypto/aes/asm/
+ gen_asm_arm crypto/aes/asm/
+ gen_asm_arm crypto/bn/asm/
+ gen_asm_arm crypto/bn/asm/
+ gen_asm_arm crypto/modes/asm/
+ gen_asm_arm crypto/modes/asm/
+ gen_asm_arm crypto/sha/asm/
+ gen_asm_arm crypto/sha/asm/
+ gen_asm_arm crypto/sha/asm/
+ # Generate armv8 asm
+ gen_asm_arm64 crypto/aes/asm/ crypto/aes/asm/aesv8-armx-64.S
+ gen_asm_arm64 crypto/modes/asm/ crypto/modes/asm/ghashv8-armx-64.S
+ gen_asm_arm64 crypto/sha/asm/
+ gen_asm_arm64 crypto/sha/asm/ crypto/sha/asm/sha256-armv8.S
+ gen_asm_arm64 crypto/sha/asm/
+ # Generate mips asm
+ gen_asm_mips crypto/aes/asm/
+ gen_asm_mips crypto/bn/asm/ crypto/bn/asm/bn-mips.S
+ gen_asm_mips crypto/bn/asm/
+ gen_asm_mips crypto/sha/asm/
+ gen_asm_mips crypto/sha/asm/ crypto/sha/asm/sha256-mips.S
+ # Generate x86 asm
+ gen_asm_x86 crypto/
+ gen_asm_x86 crypto/aes/asm/
+ gen_asm_x86 crypto/aes/asm/
+ gen_asm_x86 crypto/aes/asm/
+ gen_asm_x86 crypto/bn/asm/
+ gen_asm_x86 crypto/bn/asm/
+ gen_asm_x86 crypto/bn/asm/
+ gen_asm_x86 crypto/bn/asm/
+ gen_asm_x86 crypto/modes/asm/
+ gen_asm_x86 crypto/sha/asm/
+ gen_asm_x86 crypto/sha/asm/
+ gen_asm_x86 crypto/sha/asm/
+ gen_asm_x86 crypto/md5/asm/
+ gen_asm_x86 crypto/des/asm/
+ gen_asm_x86 crypto/des/asm/
+ gen_asm_x86 crypto/bf/asm/
+ # Generate x86_64 asm
+ gen_asm_x86_64 crypto/
+ gen_asm_x86_64 crypto/sha/asm/
+ gen_asm_x86_64 crypto/sha/asm/ crypto/sha/asm/sha256-x86_64.S
+ gen_asm_x86_64 crypto/sha/asm/
+ gen_asm_x86_64 crypto/modes/asm/
+ gen_asm_x86_64 crypto/aes/asm/
+ gen_asm_x86_64 crypto/aes/asm/
+ gen_asm_x86_64 crypto/aes/asm/
+ gen_asm_x86_64 crypto/aes/asm/
+ gen_asm_x86_64 crypto/aes/asm/
+ gen_asm_x86_64 crypto/md5/asm/
+ gen_asm_x86_64 crypto/bn/asm/
+ gen_asm_x86_64 crypto/bn/asm/
+ gen_asm_x86_64 crypto/bn/asm/
+ gen_asm_x86_64 crypto/bn/asm/
+ gen_asm_x86_64 crypto/rc4/asm/
+ gen_asm_x86_64 crypto/rc4/asm/
+ # Setup android.testssl directory
+ mkdir android.testssl
+ cat test/testssl | \
+ sed 's#../util/ ./ssltest#adb shell /system/bin/ssltest#' | \
+ sed 's#../util/ ../apps/openssl#adb shell /system/bin/openssl#' | \
+ sed 's#adb shell /system/bin/openssl no-dh#[ `adb shell /system/bin/openssl no-dh` = no-dh ]#' | \
+ sed 's#adb shell /system/bin/openssl no-rsa#[ `adb shell /system/bin/openssl no-rsa` = no-dh ]#' | \
+ sed 's#../apps/server2.pem#/sdcard/android.testssl/server2.pem#' | \
+ cat > \
+ android.testssl/testssl
+ chmod +x android.testssl/testssl
+ cat test/Uss.cnf | sed 's#./.rnd#/sdcard/android.testssl/.rnd#' >> android.testssl/Uss.cnf
+ cat test/CAss.cnf | sed 's#./.rnd#/sdcard/android.testssl/.rnd#' >> android.testssl/CAss.cnf
+ cp apps/server2.pem android.testssl/
+ cp ../patches/ android.testssl/
+ cd ..
+ generate_config_mk CRYPTO target
+ generate_config_mk CRYPTO host
+ generate_config_mk CRYPTO_TRUSTY target
+ generate_config_mk SSL target
+ generate_config_mk SSL host
+ generate_config_mk APPS target
+ generate_config_mk APPS host
+ # Prune unnecessary sources
+ prune
+ for i in $NEEDED_SOURCES; do
+ echo "Updating $i"
+ rm -r $i
+ mv $OPENSSL_DIR/$i .
+ done
+ cleantar
+function regenerate() {
+ declare -r patch=$1
+ generatepatch $patch
+function generate() {
+ declare -r patch=$1
+ declare -r OPENSSL_SOURCE=$2
+ applypatches $OPENSSL_DIR_ORIG $patch
+ prune
+ for i in $NEEDED_SOURCES; do
+ echo "Restoring $i"
+ rm -r $OPENSSL_DIR/$i
+ cp -rf $i $OPENSSL_DIR/$i
+ done
+ generatepatch $patch
+ cleantar
+# Find all files in a sub-directory that are encoded in ISO-8859
+# $1: Directory.
+# Out: list of files in $1 that are encoded as ISO-8859.
+function find_iso8859_files() {
+ find $1 -type f -print0 | xargs -0 file --mime-encoding | grep -i "iso-8859" | cut -d: -f1
+# Convert all ISO-8859 files in a given subdirectory to UTF-8
+# $1: Directory name
+function convert_iso8859_to_utf8() {
+ declare -r iso_files=$(find_iso8859_files "$1")
+ for iso_file in $iso_files; do
+ iconv --from-code iso-8859-1 --to-code utf-8 $iso_file > $iso_file.tmp
+ rm -f $iso_file
+ mv $iso_file.tmp $iso_file
+ done
+function untar() {
+ declare -r OPENSSL_SOURCE=$1
+ declare -r readonly=$2
+ # Remove old source
+ cleantar
+ # Process new source
+ tar -zxf $OPENSSL_SOURCE
+ if [ ! -z $readonly ]; then
+ find $OPENSSL_DIR_ORIG -type f -print0 | xargs -0 chmod a-w
+ fi
+function prune() {
+ echo "Removing $UNNEEDED_SOURCES"
+function cleantar() {
+ rm -rf $OPENSSL_DIR
+function applypatches () {
+ declare -r dir=$1
+ declare -r skip_patch=$2
+ cd $dir
+ # Apply appropriate patches
+ patches=(../patches/[0-9][0-9][0-9][0-9]-*.patch)
+ for i in "${patches[@]}"; do
+ if [[ $skip_patch != ${i##*/} ]]; then
+ echo "Applying patch $i"
+ patch -p1 < $i || die "Could not apply $i. Fix source and run: $0 regenerate patches/${i##*/}"
+ else
+ echo "Skiping patch ${i##*/}"
+ fi
+ done
+ # Cleanup patch output
+ find . \( -type f -o -type l \) -name "*.orig" -print0 | xargs -0 rm -f
+ cd ..
+function generatepatch() {
+ declare -r patch=$1
+ # Cleanup stray files before generating patch
+ find $OPENSSL_DIR -type f -name "*.orig" -print0 | xargs -0 rm -f
+ find $OPENSSL_DIR -type f -name "*~" -print0 | xargs -0 rm -f
+ # Find the files the patch touches and only keep those in the output patch
+ declare -r sources=`patch -p1 --dry-run -d $OPENSSL_DIR < $patch | awk '/^patching file / { print $3 }'`
+ rm -f $patch
+ touch $patch
+ for i in $sources; do
+ LC_ALL=C TZ=UTC0 diff -aup $OPENSSL_DIR_ORIG/$i $OPENSSL_DIR/$i >> $patch && die "ERROR: No diff for patch $path in file $i"
+ done
+ echo "Generated patch $patch"
+ echo "NOTE To make sure there are not unwanted changes from conflicting patches, be sure to review the generated patch."
+main $@