LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12612 Commits
1 Branch
46 MiB
Tree: 1b4fe309fe
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '1b4fe309fe'
${ noResults }
openwrt-packages-dist/libs/ibrcommon/patches/010-build-with-openssl-1.1....

353 lines
10 KiB
Raw Normal View History

ibrcommon: add openssl 1.1 compatibility This patch has been merged upstream. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
 
  1. From fe7ae129b8be052e5178b07e76e19ede21b13261 Mon Sep 17 00:00:00 2001
  2. From: Eneas U de Queiroz <cote2004-github@yahoo.com>
  3. Date: Tue, 22 May 2018 16:40:20 -0300
  4. Subject: [PATCH] ibrcommon: added openssl 1.1 compatibility
  5. 

  6. This patch adds compatibility to openssl 1.1.0.
  7. 

  8. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
  9. ---

  10.  ibrcommon/ssl/HMacStream.cpp      | 11 ++++----
  11.  ibrcommon/ssl/HMacStream.h        |  2 +-
  12.  ibrcommon/ssl/RSASHA256Stream.cpp | 28 +++++++++---------
  13.  ibrcommon/ssl/RSASHA256Stream.h   |  2 +-
  14.  ibrcommon/ssl/iostreamBIO.cpp     | 44 ++++++++++++++++++++++-------
  15.  ibrcommon/ssl/openssl_compat.h    | 38 +++++++++++++++++++++++++
  16.  6 files changed, 95 insertions(+), 30 deletions(-)
  17.  create mode 100644 ibrcommon/ssl/openssl_compat.h
  18. 

  19. diff --git a/ibrcommon/ssl/HMacStream.cpp b/ibrcommon/ssl/HMacStream.cpp

  20. index e5d317e3..66d8ce42 100644

  21. --- a/ibrcommon/ssl/HMacStream.cpp

  22. +++ b/ibrcommon/ssl/HMacStream.cpp

  23. @@ -20,29 +20,30 @@

  24.   */
  25.  
  26.  #include "ibrcommon/ssl/HMacStream.h"
  27. +#include "openssl_compat.h"

  28.  
  29.  namespace ibrcommon
  30.  {
  31.  	HMacStream::HMacStream(const unsigned char * const key, const int key_size)
  32.  	 : HashStream(EVP_MAX_MD_SIZE, BUFF_SIZE), key_(key), key_size_(key_size)
  33.  	{
  34. -		HMAC_CTX_init(&ctx_);

  35. -		HMAC_Init_ex(&ctx_, key_, key_size_, EVP_sha1(), NULL);

  36. +		ctx_ = HMAC_CTX_new();

  37. +		HMAC_Init_ex(ctx_, key_, key_size_, EVP_sha1(), NULL);

  38.  	}
  39.  
  40.  	HMacStream::~HMacStream()
  41.  	{
  42. -		HMAC_CTX_cleanup(&ctx_);

  43. +		HMAC_CTX_free(ctx_);

  44.  	}
  45.  
  46.  	void HMacStream::update(char *buf, const size_t size)
  47.  	{
  48.  		// hashing
  49. -		HMAC_Update(&ctx_, (unsigned char*)buf, size);

  50. +		HMAC_Update(ctx_, (unsigned char*)buf, size);

  51.  	}
  52.  
  53.  	void HMacStream::finalize(char * hash, unsigned int &size)
  54.  	{
  55. -		HMAC_Final(&ctx_, (unsigned char*)hash, &size);

  56. +		HMAC_Final(ctx_, (unsigned char*)hash, &size);

  57.  	}
  58.  }
  59. diff --git a/ibrcommon/ssl/HMacStream.h b/ibrcommon/ssl/HMacStream.h

  60. index 7dcea168..d04bceb8 100644

  61. --- a/ibrcommon/ssl/HMacStream.h

  62. +++ b/ibrcommon/ssl/HMacStream.h

  63. @@ -44,7 +44,7 @@ namespace ibrcommon

  64.  		const unsigned char * const key_;
  65.  		const int key_size_;
  66.  
  67. -		HMAC_CTX ctx_;

  68. +		HMAC_CTX* ctx_;

  69.  	};
  70.  }
  71.  
  72. diff --git a/ibrcommon/ssl/RSASHA256Stream.cpp b/ibrcommon/ssl/RSASHA256Stream.cpp

  73. index d94430ed..d25c5d2f 100644

  74. --- a/ibrcommon/ssl/RSASHA256Stream.cpp

  75. +++ b/ibrcommon/ssl/RSASHA256Stream.cpp

  76. @@ -21,6 +21,7 @@

  77.  
  78.  #include "ibrcommon/ssl/RSASHA256Stream.h"
  79.  #include "ibrcommon/Logger.h"
  80. +#include "openssl_compat.h"

  81.  #include <openssl/err.h>
  82.  
  83.  namespace ibrcommon
  84. @@ -30,11 +31,11 @@ namespace ibrcommon

  85.  	{
  86.  		// Initialize get pointer.  This should be zero so that underflow is called upon first read.
  87.  		setp(&out_buf_[0], &out_buf_[BUFF_SIZE - 1]);
  88. -		EVP_MD_CTX_init(&_ctx);

  89. +		_ctx = EVP_MD_CTX_new();

  90.  
  91.  		if (!_verify)
  92.  		{
  93. -			if (!EVP_SignInit_ex(&_ctx, EVP_sha256(), NULL))

  94. +			if (!EVP_SignInit_ex(_ctx, EVP_sha256(), NULL))

  95.  			{
  96.  				IBRCOMMON_LOGGER_TAG("RSASHA256Stream", critical) << "failed to initialize the signature function" << IBRCOMMON_LOGGER_ENDL;
  97.  				ERR_print_errors_fp(stderr);
  98. @@ -42,7 +43,7 @@ namespace ibrcommon

  99.  		}
  100.  		else
  101.  		{
  102. -			if (!EVP_VerifyInit_ex(&_ctx, EVP_sha256(), NULL))

  103. +			if (!EVP_VerifyInit_ex(_ctx, EVP_sha256(), NULL))

  104.  			{
  105.  				IBRCOMMON_LOGGER_TAG("RSASHA256Stream", critical) << "failed to initialize the verification function" << IBRCOMMON_LOGGER_ENDL;
  106.  				ERR_print_errors_fp(stderr);
  107. @@ -52,18 +53,19 @@ namespace ibrcommon

  108.  
  109.  	RSASHA256Stream::~RSASHA256Stream()
  110.  	{
  111. -		EVP_MD_CTX_cleanup(&_ctx);

  112. +		EVP_MD_CTX_free(_ctx);

  113.  	}
  114.  
  115.  	void RSASHA256Stream::reset()
  116.  	{
  117. -		EVP_MD_CTX_cleanup(&_ctx);

  118. -

  119. -		EVP_MD_CTX_init(&_ctx);

  120. +#if OPENSSL_VERSION_NUMBER < 0x10100000L

  121. +		EVP_MD_CTX_cleanup(_ctx);

  122. +#endif

  123. +		EVP_MD_CTX_init(_ctx);

  124.  
  125.  		if (!_verify)
  126.  		{
  127. -			if (!EVP_SignInit_ex(&_ctx, EVP_sha256(), NULL))

  128. +			if (!EVP_SignInit_ex(_ctx, EVP_sha256(), NULL))

  129.  			{
  130.  				IBRCOMMON_LOGGER_TAG("RSASHA256Stream", critical) << "failed to initialize the signature function" << IBRCOMMON_LOGGER_ENDL;
  131.  				ERR_print_errors_fp(stderr);
  132. @@ -71,7 +73,7 @@ namespace ibrcommon

  133.  		}
  134.  		else
  135.  		{
  136. -			if (!EVP_VerifyInit_ex(&_ctx, EVP_sha256(), NULL))

  137. +			if (!EVP_VerifyInit_ex(_ctx, EVP_sha256(), NULL))

  138.  			{
  139.  				IBRCOMMON_LOGGER_TAG("RSASHA256Stream", critical) << "failed to initialize the verfication function" << IBRCOMMON_LOGGER_ENDL;
  140.  				ERR_print_errors_fp(stderr);
  141. @@ -91,7 +93,7 @@ namespace ibrcommon

  142.  			std::vector<unsigned char> sign(EVP_PKEY_size(_pkey));
  143.  			unsigned int size = EVP_PKEY_size(_pkey);
  144.  
  145. -			_return_code = EVP_SignFinal(&_ctx, &sign[0], &size, _pkey);

  146. +			_return_code = EVP_SignFinal(_ctx, &sign[0], &size, _pkey);

  147.  
  148.  			_sign = std::string((const char*)&sign[0], size);
  149.  
  150. @@ -107,7 +109,7 @@ namespace ibrcommon

  151.  		if (!_sign_valid)
  152.  		{
  153.  			sync();
  154. -			_return_code = EVP_VerifyFinal(&_ctx, reinterpret_cast<const unsigned char *>(their_sign.c_str()), static_cast<unsigned int>(their_sign.size()), _pkey);

  155. +			_return_code = EVP_VerifyFinal(_ctx, reinterpret_cast<const unsigned char *>(their_sign.c_str()), static_cast<unsigned int>(their_sign.size()), _pkey);

  156.  			_sign_valid = true;
  157.  		}
  158.  		return _return_code;
  159. @@ -145,7 +147,7 @@ namespace ibrcommon

  160.  		if (!_verify)
  161.  			// hashing
  162.  		{
  163. -			if (!EVP_SignUpdate(&_ctx, &out_buf_[0], iend - ibegin))

  164. +			if (!EVP_SignUpdate(_ctx, &out_buf_[0], iend - ibegin))

  165.  			{
  166.  				IBRCOMMON_LOGGER_TAG("RSASHA256Stream", critical) << "failed to feed data into the signature function" << IBRCOMMON_LOGGER_ENDL;
  167.  				ERR_print_errors_fp(stderr);
  168. @@ -153,7 +155,7 @@ namespace ibrcommon

  169.  		}
  170.  		else
  171.  		{
  172. -			if (!EVP_VerifyUpdate(&_ctx, &out_buf_[0], iend - ibegin))

  173. +			if (!EVP_VerifyUpdate(_ctx, &out_buf_[0], iend - ibegin))

  174.  			{
  175.  				IBRCOMMON_LOGGER_TAG("RSASHA256Stream", critical) << "failed to feed data into the verification function" << IBRCOMMON_LOGGER_ENDL;
  176.  				ERR_print_errors_fp(stderr);
  177. diff --git a/ibrcommon/ssl/RSASHA256Stream.h b/ibrcommon/ssl/RSASHA256Stream.h

  178. index 344f8e10..6f3a1168 100644

  179. --- a/ibrcommon/ssl/RSASHA256Stream.h

  180. +++ b/ibrcommon/ssl/RSASHA256Stream.h

  181. @@ -106,7 +106,7 @@ namespace ibrcommon

  182.  
  183.  		/** the context in which the streamed data will be feed into for
  184.  		calculation of the hash/signature */
  185. -		EVP_MD_CTX _ctx;

  186. +		EVP_MD_CTX * _ctx;

  187.  
  188.  		/** tells if the context needs to be finalized to get a valid signature or
  189.  		verification */
  190. diff --git a/ibrcommon/ssl/iostreamBIO.cpp b/ibrcommon/ssl/iostreamBIO.cpp

  191. index 18c1b55c..ea6c63eb 100644

  192. --- a/ibrcommon/ssl/iostreamBIO.cpp

  193. +++ b/ibrcommon/ssl/iostreamBIO.cpp

  194. @@ -23,6 +23,7 @@

  195.  
  196.  #include "ibrcommon/Logger.h"
  197.  
  198. +#include "openssl_compat.h"

  199.  #include <openssl/err.h>
  200.  
  201.  namespace ibrcommon
  202. @@ -42,7 +43,20 @@ static int create(BIO *bio);

  203.  //static int destroy(BIO *bio);
  204.  //static long (*callback_ctrl)(BIO *, int, bio_info_cb *);
  205.  
  206. -

  207. +#if OPENSSL_VERSION_NUMBER >= 0x10100000L

  208. +BIO_METHOD * BIO_iostream_method()

  209. +{

  210. +	static BIO_METHOD *iostream_method = NULL;

  211. +	if (iostream_method) {

  212. +		iostream_method = BIO_meth_new(iostreamBIO::type, iostreamBIO::name);

  213. +		BIO_meth_set_write(iostream_method, bwrite);

  214. +		BIO_meth_set_read(iostream_method, bread);

  215. +		BIO_meth_set_ctrl(iostream_method, ctrl);

  216. +		BIO_meth_set_create(iostream_method, create);

  217. +	}

  218. +	return iostream_method;

  219. +}

  220. +#else

  221.  static BIO_METHOD iostream_method =
  222.  {
  223.  		iostreamBIO::type,
  224. @@ -56,12 +70,17 @@ static BIO_METHOD iostream_method =

  225.  		NULL,//destroy,
  226.  		NULL//callback_ctrl
  227.  };
  228. +BIO_METHOD * BIO_iostream_method()

  229. +{

  230. +	return &iostream_method;

  231. +}

  232. +#endif

  233.  
  234.  iostreamBIO::iostreamBIO(iostream *stream)
  235.  	:	_stream(stream)
  236.  {
  237.  	/* create BIO */
  238. -	_bio = BIO_new(&iostream_method);

  239. +	_bio = BIO_new(BIO_iostream_method());

  240.  	if(!_bio){
  241.  		/* creation failed, throw exception */
  242.  		char err_buf[ERR_BUF_SIZE];
  243. @@ -72,7 +91,7 @@ iostreamBIO::iostreamBIO(iostream *stream)

  244.  	}
  245.  
  246.  	/* save the iostream in the bio object */
  247. -	_bio->ptr = stream;

  248. +	BIO_set_data(_bio, (void *) stream);

  249.  }
  250.  
  251.  BIO * iostreamBIO::getBIO(){
  252. @@ -81,10 +100,10 @@ BIO * iostreamBIO::getBIO(){

  253.  
  254.  static int create(BIO *bio)
  255.  {
  256. -	bio->ptr = NULL;

  257. -	/* (from openssl memory bio) */

  258. -	bio->shutdown=1;

  259. -	bio->init=1;

  260. +	BIO_set_data(bio, NULL);

  261. +	BIO_set_shutdown(bio, 1);

  262. +	BIO_set_init(bio, 1);

  263. +#if OPENSSL_VERSION_NUMBER < 0x10100000L

  264.  	/* from bss_mem.c (openssl):
  265.  	 * bio->num is used to hold the value to return on 'empty', if it is
  266.  	 * 0, should_retry is not set
  267. @@ -93,6 +112,7 @@ static int create(BIO *bio)

  268.  	 * it is set to 0 since the underlying stream is blocking
  269.  	 */
  270.  	bio->num= 0;
  271. +#endif

  272.  
  273.  	return 1;
  274.  }
  275. @@ -102,7 +122,7 @@ static int create(BIO *bio)

  276.  static long ctrl(BIO *bio, int cmd, long  num, void *)
  277.  {
  278.  	long ret;
  279. -	iostream *stream = reinterpret_cast<iostream*>(bio->ptr);

  280. +	iostream *stream = reinterpret_cast<iostream*>(BIO_get_data(bio));

  281.  
  282.  	IBRCOMMON_LOGGER_DEBUG_TAG("iostreamBIO", 90) << "ctrl called, cmd: " << cmd << ", num: " << num << "." << IBRCOMMON_LOGGER_ENDL;
  283.  
  284. @@ -147,8 +167,12 @@ static long ctrl(BIO *bio, int cmd, long  num, void *)

  285.  
  286.  static int bread(BIO *bio, char *buf, int len)
  287.  {
  288. -	iostream *stream = reinterpret_cast<iostream*>(bio->ptr);

  289. +	iostream *stream = reinterpret_cast<iostream*>(BIO_get_data(bio));

  290. +#if OPENSSL_VERSION_NUMBER >= 0x10100000L

  291. +	int num_bytes = 0;

  292. +#else

  293.  	int num_bytes = bio->num;
  294. +#endif

  295.  
  296.  	try{
  297.  		/* make sure to read at least 1 byte and then read as much as we can */
  298. @@ -170,7 +194,7 @@ static int bwrite(BIO *bio, const char *buf, int len)

  299.  	if(len == 0){
  300.  		return 0;
  301.  	}
  302. -	iostream *stream = reinterpret_cast<iostream*>(bio->ptr);

  303. +	iostream *stream = reinterpret_cast<iostream*>(BIO_get_data(bio));

  304.  
  305.  	/* write the data */
  306.  	try{
  307. diff --git a/ibrcommon/ssl/openssl_compat.h b/ibrcommon/ssl/openssl_compat.h

  308. new file mode 100644
  309. index 00000000..e491677f

  310. --- /dev/null

  311. +++ b/ibrcommon/ssl/openssl_compat.h

  312. @@ -0,0 +1,38 @@

  313. +#ifndef OPENSSL_COMPAT_H

  314. +#define OPENSSL_COMPAT_H

  315. +

  316. +#include <openssl/crypto.h>

  317. +#if OPENSSL_VERSION_NUMBER < 0x10100000L

  318. +

  319. +#include <openssl/evp.h>

  320. +#include <openssl/hmac.h>

  321. +

  322. +static inline EVP_MD_CTX * EVP_MD_CTX_new()

  323. +{

  324. +	EVP_MD_CTX *ctx;

  325. +

  326. +	ctx = (EVP_MD_CTX *) OPENSSL_malloc(sizeof(EVP_MD_CTX));

  327. +	EVP_MD_CTX_init(ctx);

  328. +        return ctx;

  329. +}

  330. +#define EVP_MD_CTX_free(c) if (c != NULL) OPENSSL_free(c)

  331. +

  332. +static inline HMAC_CTX * HMAC_CTX_new()

  333. +{

  334. +        HMAC_CTX *ctx;

  335. +

  336. +        ctx = (HMAC_CTX *) OPENSSL_malloc(sizeof(HMAC_CTX));

  337. +        HMAC_CTX_init(ctx);

  338. +        return ctx;

  339. +}

  340. +#define HMAC_CTX_free(c) if (c != NULL) OPENSSL_free(c)

  341. +

  342. +#define BIO_get_data(b) b->ptr

  343. +#define BIO_set_data(b, v) b->ptr=v

  344. +#define BIO_set_shutdown(b, v) b->shutdown=v

  345. +#define BIO_set_init(b, v) b->init=v

  346. +

  347. +#endif /* OPENSSL_VERSION_NUMBER */

  348. +

  349. +#endif /* OPENSSL_COMPAT_H */

  350. +

  351. -- 

  352. 2.16.1
  353.