LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
27337 Commits
1 Branch
46 MiB
Branch: lilik-openwrt-22.03
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'lilik-openwrt-22.03'
${ noResults }
openwrt-packages-dist/net/ibrdtnd/patches/0001-ibrdtnd-added-openssl-...

189 lines
5.2 KiB
Raw Permalink Normal View History

ibrdtnd: added openssl 1.1 compatibility This patch adds compatibility with openssl 1.1.0 to ibrdtnd. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
 
  1. From c794bbd16d2f39c656478608eb1314055e877370 Mon Sep 17 00:00:00 2001
  2. From: Eneas U de Queiroz <cote2004-github@yahoo.com>
  3. Date: Sat, 26 May 2018 23:44:54 -0300
  4. Subject: [PATCH] ibrdtnd: added openssl compatibility
  5. 

  6. This patch adds compatibility with openssl 1.1.0 to ibrdtnd.
  7. 

  8. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
  9. ---

  10.  ibrdtn/daemon/src/security/exchange/DHProtocol.cpp | 36 ++++++++++---
  11.  ibrdtn/daemon/src/security/exchange/Makefile.am    |  2 +
  12.  .../src/security/exchange/openssl_compat.cpp       | 62 ++++++++++++++++++++++
  13.  .../daemon/src/security/exchange/openssl_compat.h  | 13 +++++
  14.  4 files changed, 107 insertions(+), 6 deletions(-)
  15.  create mode 100644 ibrdtn/daemon/src/security/exchange/openssl_compat.cpp
  16.  create mode 100644 ibrdtn/daemon/src/security/exchange/openssl_compat.h
  17. 

  18. --- a/src/security/exchange/DHProtocol.cpp

  19. +++ b/src/security/exchange/DHProtocol.cpp

  20. @@ -30,6 +30,7 @@

  21.  
  22.  #include <openssl/rand.h>
  23.  #include <openssl/pem.h>
  24. +#include "openssl_compat.h"

  25.  
  26.  #define DH_KEY_LENGTH 1024
  27.  
  28. @@ -132,6 +133,7 @@ namespace dtn

  29.  
  30.  		void DHProtocol::begin(KeyExchangeSession &session, KeyExchangeData &data)
  31.  		{
  32. +			const BIGNUM *pub_key, *p, *g;

  33.  			// get session state
  34.  			DHState &state = session.getState<DHState>();
  35.  
  36. @@ -159,9 +161,12 @@ namespace dtn

  37.  			// prepare request
  38.  			KeyExchangeData request(KeyExchangeData::REQUEST, session);
  39.  
  40. -			write(request, state.dh->pub_key);

  41. -			write(request, state.dh->p);

  42. -			write(request, state.dh->g);

  43. +			DH_get0_pqg(state.dh, &p, NULL, &g);

  44. +			DH_get0_key(state.dh, &pub_key, NULL);

  45. +

  46. +			write(request, pub_key);

  47. +			write(request, p);

  48. +			write(request, g);

  49.  
  50.  			manager.submit(session, request);
  51.  		}
  52. @@ -177,6 +182,15 @@ namespace dtn

  53.  				{
  54.  					if (data.getAction() == KeyExchangeData::REQUEST)
  55.  					{
  56. +						BIGNUM *p = BN_new();

  57. +						BIGNUM *g = BN_new();

  58. +						if (p == NULL || g == NULL)

  59. +						{

  60. +							BN_free(p);

  61. +							BN_free(g);

  62. +							throw ibrcommon::Exception("Error while allocating space for DH parameters");

  63. +						}

  64. +

  65.  						BIGNUM* pub_key = BN_new();
  66.  						read(data, &pub_key);
  67.  
  68. @@ -184,8 +198,16 @@ namespace dtn

  69.  						state.dh = DH_new();
  70.  
  71.  						// read p and g paramter from message
  72. -						read(data, &state.dh->p);

  73. -						read(data, &state.dh->g);

  74. +						read(data, &p);

  75. +						read(data, &g);

  76. +

  77. +						if (DH_set0_pqg(state.dh, p, NULL, g))

  78. +						{

  79. +							BN_free(p);

  80. +							BN_free(g);

  81. +							BN_free(pub_key);

  82. +							throw ibrcommon::Exception("Error while setting DH parameters");

  83. +						}

  84.  
  85.  						int codes;
  86.  						if (!DH_check(state.dh, &codes))
  87. @@ -213,7 +235,9 @@ namespace dtn

  88.  						state.secret.assign((const char*)secret, length);
  89.  
  90.  						KeyExchangeData response(KeyExchangeData::RESPONSE, session);
  91. -						write(response, state.dh->pub_key);

  92. +						const BIGNUM *state_dh_pub_key;

  93. +						DH_get0_key(state.dh, &state_dh_pub_key, NULL);

  94. +						write(response, state_dh_pub_key);

  95.  
  96.  						manager.submit(session, response);
  97.  
  98. --- a/src/security/exchange/Makefile.am

  99. +++ b/src/security/exchange/Makefile.am

  100. @@ -22,6 +22,8 @@ exchange_SOURCES += \

  101.  	NFCProtocol.cpp \
  102.  	NoneProtocol.h \
  103.  	NoneProtocol.cpp \
  104. +	openssl_compat.h \

  105. +	openssl_compat.cpp \

  106.  	QRCodeProtocol.h \
  107.  	QRCodeProtocol.cpp
  108.  	
  109. --- /dev/null

  110. +++ b/src/security/exchange/openssl_compat.cpp

  111. @@ -0,0 +1,62 @@

  112. +/*

  113. + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.

  114. + *

  115. + * Licensed under the OpenSSL license (the "License").  You may not use

  116. + * this file except in compliance with the License.  You can obtain a copy

  117. + * in the file LICENSE in the source distribution or at

  118. + * https://www.openssl.org/source/license.html

  119. + */

  120. +

  121. +#include "openssl_compat.h"

  122. +

  123. +#if OPENSSL_VERSION_NUMBER < 0x10100000L

  124. +

  125. +void DH_get0_pqg(const DH *dh,

  126. +                 const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)

  127. +{

  128. +    if (p != NULL)

  129. +        *p = dh->p;

  130. +    if (q != NULL)

  131. +        *q = dh->q;

  132. +    if (g != NULL)

  133. +        *g = dh->g;

  134. +}

  135. +

  136. +int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)

  137. +{

  138. +    /* If the fields p and g in d are NULL, the corresponding input

  139. +     * parameters MUST be non-NULL.  q may remain NULL.

  140. +     */

  141. +    if ((dh->p == NULL && p == NULL)

  142. +        || (dh->g == NULL && g == NULL))

  143. +        return 0;

  144. +

  145. +    if (p != NULL) {

  146. +        BN_free(dh->p);

  147. +        dh->p = p;

  148. +    }

  149. +    if (q != NULL) {

  150. +        BN_free(dh->q);

  151. +        dh->q = q;

  152. +    }

  153. +    if (g != NULL) {

  154. +        BN_free(dh->g);

  155. +        dh->g = g;

  156. +    }

  157. +

  158. +    if (q != NULL) {

  159. +        dh->length = BN_num_bits(q);

  160. +    }

  161. +

  162. +    return 1;

  163. +}

  164. +

  165. +void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)

  166. +{

  167. +    if (pub_key != NULL)

  168. +        *pub_key = dh->pub_key;

  169. +    if (priv_key != NULL)

  170. +        *priv_key = dh->priv_key;

  171. +}

  172. +

  173. +#endif /* OPENSSL_VERSION_NUMBER */

  174. --- /dev/null

  175. +++ b/src/security/exchange/openssl_compat.h

  176. @@ -0,0 +1,13 @@

  177. +#ifndef LIBCRYPTO_COMPAT_H

  178. +#define LIBCRYPTO_COMPAT_H

  179. +

  180. +#if OPENSSL_VERSION_NUMBER < 0x10100000L

  181. +

  182. +#include <openssl/dh.h>

  183. +

  184. +void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);

  185. +int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);

  186. +void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key);

  187. +

  188. +#endif /* OPENSSL_VERSION_NUMBER */

  189. +#endif /* LIBCRYPTO_COMPAT_H */