LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11346 Commits
1 Branch
46 MiB
Tree: 23efd1f3f1
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '23efd1f3f1'
${ noResults }
openwrt-packages-dist/net/ibrdtnd/patches/0001-ibrdtnd-added-openssl-...

202 lines
5.8 KiB
Raw Normal View History

ibrdtnd: added openssl 1.1 compatibility This patch adds compatibility with openssl 1.1.0 to ibrdtnd. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
 
  1. From c794bbd16d2f39c656478608eb1314055e877370 Mon Sep 17 00:00:00 2001
  2. From: Eneas U de Queiroz <cote2004-github@yahoo.com>
  3. Date: Sat, 26 May 2018 23:44:54 -0300
  4. Subject: [PATCH] ibrdtnd: added openssl compatibility
  5. 

  6. This patch adds compatibility with openssl 1.1.0 to ibrdtnd.
  7. 

  8. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
  9. ---

  10.  ibrdtn/daemon/src/security/exchange/DHProtocol.cpp | 36 ++++++++++---
  11.  ibrdtn/daemon/src/security/exchange/Makefile.am    |  2 +
  12.  .../src/security/exchange/openssl_compat.cpp       | 62 ++++++++++++++++++++++
  13.  .../daemon/src/security/exchange/openssl_compat.h  | 13 +++++
  14.  4 files changed, 107 insertions(+), 6 deletions(-)
  15.  create mode 100644 ibrdtn/daemon/src/security/exchange/openssl_compat.cpp
  16.  create mode 100644 ibrdtn/daemon/src/security/exchange/openssl_compat.h
  17. 

  18. diff --git a/src/security/exchange/DHProtocol.cpp b/src/security/exchange/DHProtocol.cpp

  19. index e94c5026..3e0ad717 100644

  20. --- a/src/security/exchange/DHProtocol.cpp

  21. +++ b/src/security/exchange/DHProtocol.cpp

  22. @@ -30,6 +30,7 @@

  23.  
  24.  #include <openssl/rand.h>
  25.  #include <openssl/pem.h>
  26. +#include "openssl_compat.h"

  27.  
  28.  #define DH_KEY_LENGTH 1024
  29.  
  30. @@ -132,6 +133,7 @@ namespace dtn

  31.  
  32.  		void DHProtocol::begin(KeyExchangeSession &session, KeyExchangeData &data)
  33.  		{
  34. +			const BIGNUM *pub_key, *p, *g;

  35.  			// get session state
  36.  			DHState &state = session.getState<DHState>();
  37.  
  38. @@ -159,9 +161,12 @@ namespace dtn

  39.  			// prepare request
  40.  			KeyExchangeData request(KeyExchangeData::REQUEST, session);
  41.  
  42. -			write(request, state.dh->pub_key);

  43. -			write(request, state.dh->p);

  44. -			write(request, state.dh->g);

  45. +			DH_get0_pqg(state.dh, &p, NULL, &g);

  46. +			DH_get0_key(state.dh, &pub_key, NULL);

  47. +

  48. +			write(request, pub_key);

  49. +			write(request, p);

  50. +			write(request, g);

  51.  
  52.  			manager.submit(session, request);
  53.  		}
  54. @@ -177,6 +182,15 @@ namespace dtn

  55.  				{
  56.  					if (data.getAction() == KeyExchangeData::REQUEST)
  57.  					{
  58. +						BIGNUM *p = BN_new();

  59. +						BIGNUM *g = BN_new();

  60. +						if (p == NULL || g == NULL)

  61. +						{

  62. +							BN_free(p);

  63. +							BN_free(g);

  64. +							throw ibrcommon::Exception("Error while allocating space for DH parameters");

  65. +						}

  66. +

  67.  						BIGNUM* pub_key = BN_new();
  68.  						read(data, &pub_key);
  69.  
  70. @@ -184,8 +198,16 @@ namespace dtn

  71.  						state.dh = DH_new();
  72.  
  73.  						// read p and g paramter from message
  74. -						read(data, &state.dh->p);

  75. -						read(data, &state.dh->g);

  76. +						read(data, &p);

  77. +						read(data, &g);

  78. +

  79. +						if (DH_set0_pqg(state.dh, p, NULL, g))

  80. +						{

  81. +							BN_free(p);

  82. +							BN_free(g);

  83. +							BN_free(pub_key);

  84. +							throw ibrcommon::Exception("Error while setting DH parameters");

  85. +						}

  86.  
  87.  						int codes;
  88.  						if (!DH_check(state.dh, &codes))
  89. @@ -213,7 +235,9 @@ namespace dtn

  90.  						state.secret.assign((const char*)secret, length);
  91.  
  92.  						KeyExchangeData response(KeyExchangeData::RESPONSE, session);
  93. -						write(response, state.dh->pub_key);

  94. +						const BIGNUM *state_dh_pub_key;

  95. +						DH_get0_key(state.dh, &state_dh_pub_key, NULL);

  96. +						write(response, state_dh_pub_key);

  97.  
  98.  						manager.submit(session, response);
  99.  
  100. diff --git a/src/security/exchange/Makefile.am b/src/security/exchange/Makefile.am

  101. index a6b2f832..71ed8365 100644

  102. --- a/src/security/exchange/Makefile.am

  103. +++ b/src/security/exchange/Makefile.am

  104. @@ -22,6 +22,8 @@ exchange_SOURCES += \

  105.  	NFCProtocol.cpp \
  106.  	NoneProtocol.h \
  107.  	NoneProtocol.cpp \
  108. +	openssl_compat.h \

  109. +	openssl_compat.cpp \

  110.  	QRCodeProtocol.h \
  111.  	QRCodeProtocol.cpp
  112.  	
  113. diff --git a/src/security/exchange/openssl_compat.cpp b/src/security/exchange/openssl_compat.cpp

  114. new file mode 100644
  115. index 00000000..e3baba0f

  116. --- /dev/null

  117. +++ b/src/security/exchange/openssl_compat.cpp

  118. @@ -0,0 +1,62 @@

  119. +/*

  120. + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.

  121. + *

  122. + * Licensed under the OpenSSL license (the "License").  You may not use

  123. + * this file except in compliance with the License.  You can obtain a copy

  124. + * in the file LICENSE in the source distribution or at

  125. + * https://www.openssl.org/source/license.html

  126. + */

  127. +

  128. +#include "openssl_compat.h"

  129. +

  130. +#if OPENSSL_VERSION_NUMBER < 0x10100000L

  131. +

  132. +void DH_get0_pqg(const DH *dh,

  133. +                 const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)

  134. +{

  135. +    if (p != NULL)

  136. +        *p = dh->p;

  137. +    if (q != NULL)

  138. +        *q = dh->q;

  139. +    if (g != NULL)

  140. +        *g = dh->g;

  141. +}

  142. +

  143. +int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)

  144. +{

  145. +    /* If the fields p and g in d are NULL, the corresponding input

  146. +     * parameters MUST be non-NULL.  q may remain NULL.

  147. +     */

  148. +    if ((dh->p == NULL && p == NULL)

  149. +        || (dh->g == NULL && g == NULL))

  150. +        return 0;

  151. +

  152. +    if (p != NULL) {

  153. +        BN_free(dh->p);

  154. +        dh->p = p;

  155. +    }

  156. +    if (q != NULL) {

  157. +        BN_free(dh->q);

  158. +        dh->q = q;

  159. +    }

  160. +    if (g != NULL) {

  161. +        BN_free(dh->g);

  162. +        dh->g = g;

  163. +    }

  164. +

  165. +    if (q != NULL) {

  166. +        dh->length = BN_num_bits(q);

  167. +    }

  168. +

  169. +    return 1;

  170. +}

  171. +

  172. +void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)

  173. +{

  174. +    if (pub_key != NULL)

  175. +        *pub_key = dh->pub_key;

  176. +    if (priv_key != NULL)

  177. +        *priv_key = dh->priv_key;

  178. +}

  179. +

  180. +#endif /* OPENSSL_VERSION_NUMBER */

  181. diff --git a/src/security/exchange/openssl_compat.h b/src/security/exchange/openssl_compat.h

  182. new file mode 100644
  183. index 00000000..29e7d415

  184. --- /dev/null

  185. +++ b/src/security/exchange/openssl_compat.h

  186. @@ -0,0 +1,13 @@

  187. +#ifndef LIBCRYPTO_COMPAT_H

  188. +#define LIBCRYPTO_COMPAT_H

  189. +

  190. +#if OPENSSL_VERSION_NUMBER < 0x10100000L

  191. +

  192. +#include <openssl/dh.h>

  193. +

  194. +void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);

  195. +int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);

  196. +void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key);

  197. +

  198. +#endif /* OPENSSL_VERSION_NUMBER */

  199. +#endif /* LIBCRYPTO_COMPAT_H */

  200. -- 

  201. 2.16.1
  202.