You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

105 lines
3.1 KiB

  1. From 4607bbf78040789dee29266878ce109136b984ef Mon Sep 17 00:00:00 2001
  2. From: rakshasa <sundell.software@gmail.com>
  3. Date: Tue, 20 Dec 2016 19:51:02 +0900
  4. Subject: [PATCH] Added support for openssl 1.1.
  5. ---
  6. configure.ac | 4 ++++
  7. src/utils/diffie_hellman.cc | 36 ++++++++++++++++++++++++++++++++++--
  8. 2 files changed, 38 insertions(+), 2 deletions(-)
  9. diff --git a/configure.ac b/configure.ac
  10. index 65e34872..27e33570 100644
  11. --- a/configure.ac
  12. +++ b/configure.ac
  13. @@ -71,12 +71,15 @@ AC_ARG_ENABLE(openssl,
  14. [ --disable-openssl Don't use OpenSSL's SHA1 implementation.],
  15. [
  16. if test "$enableval" = "yes"; then
  17. +dnl move to scripts.
  18. PKG_CHECK_MODULES(OPENSSL, libcrypto,
  19. CXXFLAGS="$CXXFLAGS $OPENSSL_CFLAGS";
  20. LIBS="$LIBS $OPENSSL_LIBS")
  21. AC_DEFINE(USE_OPENSSL, 1, Using OpenSSL.)
  22. AC_DEFINE(USE_OPENSSL_SHA, 1, Using OpenSSL's SHA1 implementation.)
  23. + AC_CHECK_LIB([crypto], [DH_set0_pqg], [AC_DEFINE(USE_OPENSSL_1_1, 1, Using OpenSSL 1.1.)])
  24. +
  25. else
  26. AC_DEFINE(USE_NSS_SHA, 1, Using Mozilla's SHA1 implementation.)
  27. fi
  28. @@ -87,6 +90,7 @@ AC_ARG_ENABLE(openssl,
  29. AC_DEFINE(USE_OPENSSL, 1, Using OpenSSL.)
  30. AC_DEFINE(USE_OPENSSL_SHA, 1, Using OpenSSL's SHA1 implementation.)
  31. + AC_CHECK_LIB([crypto], [DH_set0_pqg], [AC_DEFINE(USE_OPENSSL_1_1, 1, Using OpenSSL 1.1.)])
  32. ]
  33. )
  34. diff --git a/src/utils/diffie_hellman.cc b/src/utils/diffie_hellman.cc
  35. index aa653d45..7ec13165 100644
  36. --- a/src/utils/diffie_hellman.cc
  37. +++ b/src/utils/diffie_hellman.cc
  38. @@ -54,11 +54,23 @@ DiffieHellman::DiffieHellman(const unsigned char *prime, int primeLength,
  39. m_secret(NULL), m_size(0) {
  40. #ifdef USE_OPENSSL
  41. +
  42. m_dh = DH_new();
  43. +
  44. +#ifdef USE_OPENSSL_1_1
  45. + BIGNUM * const dh_p = BN_bin2bn(prime, primeLength, NULL);
  46. + BIGNUM * const dh_g = BN_bin2bn(generator, generatorLength, NULL);
  47. +
  48. + if (dh_p == NULL || dh_g == NULL ||
  49. + !DH_set0_pqg(m_dh, dh_p, NULL, dh_g))
  50. + throw internal_error("Could not generate Diffie-Hellman parameters");
  51. +#else
  52. m_dh->p = BN_bin2bn(prime, primeLength, NULL);
  53. m_dh->g = BN_bin2bn(generator, generatorLength, NULL);
  54. +#endif
  55. DH_generate_key(m_dh);
  56. +
  57. #else
  58. throw internal_error("Compiled without encryption support.");
  59. #endif
  60. @@ -74,7 +86,19 @@ DiffieHellman::~DiffieHellman() {
  61. bool
  62. DiffieHellman::is_valid() const {
  63. #ifdef USE_OPENSSL
  64. + if (m_dh == NULL)
  65. + return false;
  66. +
  67. +#ifdef USE_OPENSSL_1_1
  68. + const BIGNUM *pub_key;
  69. +
  70. + DH_get0_key(m_dh, &pub_key, NULL);
  71. +
  72. + return pub_key != NULL;
  73. +#else
  74. return m_dh != NULL && m_dh->pub_key != NULL;
  75. +#endif
  76. +
  77. #else
  78. return false;
  79. #endif
  80. @@ -103,8 +127,16 @@ DiffieHellman::store_pub_key(unsigned char* dest, unsigned int length) {
  81. #ifdef USE_OPENSSL
  82. std::memset(dest, 0, length);
  83. - if ((int)length >= BN_num_bytes(m_dh->pub_key))
  84. - BN_bn2bin(m_dh->pub_key, dest + length - BN_num_bytes(m_dh->pub_key));
  85. + const BIGNUM *pub_key;
  86. +
  87. +#ifdef USE_OPENSSL_1_1
  88. + DH_get0_key(m_dh, &pub_key, NULL);
  89. +#else
  90. + pub_key = m_dh->pub_key;
  91. +#endif
  92. +
  93. + if ((int)length >= BN_num_bytes(pub_key))
  94. + BN_bn2bin(pub_key, dest + length - BN_num_bytes(pub_key));
  95. #endif
  96. }