Revert lots of Cryptlib updates.

OpenSSL changes quite a bit of the key validation, and most of the keys
I can find in the wild aren't marked as trusted by the new checker.

Intel noticed this too: https://github.com/vathpela/edk2/commit/f536d7c3ed
but instead of fixing the compatibility error, they switched their test
data to match the bug.

So that's pretty broken.

For now, I'm reverting OpenSSL 1.1.0e, because we need those certs in
the wild to work.

This reverts commit 513cbe2aea689bf968f171f894f3d4cdb43524d5.
This reverts commit e9cc33d6f2b7f35c6f5e349fd83fb9ae0bc66226.
This reverts commit 80d49f758ead0180bfe6161931838e0578248303.
This reverts commit 9bc647e2b23bcfd69a0077c0717fbc454c919a57.
This reverts commit ae75df6232ad30f3e8736e9449692d58a7439260.
This reverts commit e883479f35644d17db7efed710657c8543cfcb68.
This reverts commit 97469449fda5ba933a64280917e776487301a127.
This reverts commit e39692647f78e13d757ddbfdd36f440d5f526050.
This reverts commit 0f3dfc01e2d5e7df882c963dd8dc4a0dfbfc96ad.
This reverts commit 4da6ac819510c7cc4ba21d7a735d69b45daa5873.
This reverts commit d064bd7eef201f26cb926450a76260b5187ac689.
This reverts commit 9bc86cfd6f9387f0da9d5c0102b6aa5627e91c91.
This reverts commit ab9a05a10f16b33f7ee1e9da360c7801eebdb9d2.

Signed-off-by: Peter Jones <pjones@redhat.com>

1 files changed, 1 insertions, 153 deletions

diff --git a/Cryptlib/OpenSSL/crypto/bio/bio_lcl.h b/Cryptlib/OpenSSL/crypto/bio/bio_lcl.h
index 39178cf5..741884da 100644
--- a/Cryptlib/OpenSSL/crypto/bio/bio_lcl.h
+++ b/Cryptlib/OpenSSL/crypto/bio/bio_lcl.h
@@ -1,154 +1,4 @@
-/*
- * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#define USE_SOCKETS
-#include "e_os.h"
-
-/* BEGIN BIO_ADDRINFO/BIO_ADDR stuff. */
-
-#ifndef OPENSSL_NO_SOCK
-/*
- * Throughout this file and b_addr.c, the existence of the macro
- * AI_PASSIVE is used to detect the availability of struct addrinfo,
- * getnameinfo() and getaddrinfo().  If that macro doesn't exist,
- * we use our own implementation instead.
- */
-
-/*
- * It's imperative that these macros get defined before openssl/bio.h gets
- * included.  Otherwise, the AI_PASSIVE hack will not work properly.
- * For clarity, we check for internal/cryptlib.h since it's a common header
- * that also includes bio.h.
- */
-# ifdef HEADER_CRYPTLIB_H
-#  error internal/cryptlib.h included before bio_lcl.h
-# endif
-# ifdef HEADER_BIO_H
-#  error openssl/bio.h included before bio_lcl.h
-# endif
-
-/*
- * Undefine AF_UNIX on systems that define it but don't support it.
- */
-# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VMS)
-#  undef AF_UNIX
-# endif
-
-# ifdef AI_PASSIVE
-
-/*
- * There's a bug in VMS C header file netdb.h, where struct addrinfo
- * always is the P32 variant, but the functions that handle that structure,
- * such as getaddrinfo() and freeaddrinfo() adapt to the initial pointer
- * size.  The easiest workaround is to force struct addrinfo to be the
- * 64-bit variant when compiling in P64 mode.
- */
-#  if defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE == 64
-#   define addrinfo __addrinfo64
-#  endif
-
-#  define bio_addrinfo_st addrinfo
-#  define bai_family      ai_family
-#  define bai_socktype    ai_socktype
-#  define bai_protocol    ai_protocol
-#  define bai_addrlen     ai_addrlen
-#  define bai_addr        ai_addr
-#  define bai_next        ai_next
-# else
-struct bio_addrinfo_st {
-    int bai_family;
-    int bai_socktype;
-    int bai_protocol;
-    size_t bai_addrlen;
-    struct sockaddr *bai_addr;
-    struct bio_addrinfo_st *bai_next;
-};
-# endif
-
-union bio_addr_st {
-    struct sockaddr sa;
-# ifdef AF_INET6
-    struct sockaddr_in6 s_in6;
-# endif
-    struct sockaddr_in s_in;
-# ifdef AF_UNIX
-    struct sockaddr_un s_un;
-# endif
-};
-#endif
-
-/* END BIO_ADDRINFO/BIO_ADDR stuff. */
-
-#include "internal/cryptlib.h"
-#include <internal/bio.h>
-
-typedef struct bio_f_buffer_ctx_struct {
-    /*-
-     * Buffers are setup like this:
-     *
-     * <---------------------- size ----------------------->
-     * +---------------------------------------------------+
-     * | consumed | remaining          | free space        |
-     * +---------------------------------------------------+
-     * <-- off --><------- len ------->
-     */
-    /*- BIO *bio; *//*
-     * this is now in the BIO struct
-     */
-    int ibuf_size;              /* how big is the input buffer */
-    int obuf_size;              /* how big is the output buffer */
-    char *ibuf;                 /* the char array */
-    int ibuf_len;               /* how many bytes are in it */
-    int ibuf_off;               /* write/read offset */
-    char *obuf;                 /* the char array */
-    int obuf_len;               /* how many bytes are in it */
-    int obuf_off;               /* write/read offset */
-} BIO_F_BUFFER_CTX;
-
-struct bio_st {
-    const BIO_METHOD *method;
-    /* bio, mode, argp, argi, argl, ret */
-    long (*callback) (struct bio_st *, int, const char *, int, long, long);
-    char *cb_arg;               /* first argument for the callback */
-    int init;
-    int shutdown;
-    int flags;                  /* extra storage */
-    int retry_reason;
-    int num;
-    void *ptr;
-    struct bio_st *next_bio;    /* used by filter BIOs */
-    struct bio_st *prev_bio;    /* used by filter BIOs */
-    int references;
-    uint64_t num_read;
-    uint64_t num_write;
-    CRYPTO_EX_DATA ex_data;
-    CRYPTO_RWLOCK *lock;
-};
-
-#ifndef OPENSSL_NO_SOCK
-# ifdef OPENSSL_SYS_VMS
-typedef unsigned int socklen_t;
-# endif
-
-extern CRYPTO_RWLOCK *bio_lookup_lock;
-
-int BIO_ADDR_make(BIO_ADDR *ap, const struct sockaddr *sa);
-const struct sockaddr *BIO_ADDR_sockaddr(const BIO_ADDR *ap);
-struct sockaddr *BIO_ADDR_sockaddr_noconst(BIO_ADDR *ap);
-socklen_t BIO_ADDR_sockaddr_size(const BIO_ADDR *ap);
-socklen_t BIO_ADDRINFO_sockaddr_size(const BIO_ADDRINFO *bai);
-const struct sockaddr *BIO_ADDRINFO_sockaddr(const BIO_ADDRINFO *bai);
-#endif
-
-extern CRYPTO_RWLOCK *bio_type_lock;
-
-void bio_sock_cleanup_int(void);
+#include <openssl/bio.h>
 
 #if BIO_FLAGS_UPLINK==0
 /* Shortcut UPLINK calls on most platforms... */
@@ -183,6 +33,4 @@ void bio_sock_cleanup_int(void);
 #  define UP_lseek        lseek
 #  define UP_close        close
 # endif
-
 #endif
-