You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

353 lines
10 KiB

  1. From fe7ae129b8be052e5178b07e76e19ede21b13261 Mon Sep 17 00:00:00 2001
  2. From: Eneas U de Queiroz <cote2004-github@yahoo.com>
  3. Date: Tue, 22 May 2018 16:40:20 -0300
  4. Subject: [PATCH] ibrcommon: added openssl 1.1 compatibility
  5. This patch adds compatibility to openssl 1.1.0.
  6. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
  7. ---
  8. ibrcommon/ssl/HMacStream.cpp | 11 ++++----
  9. ibrcommon/ssl/HMacStream.h | 2 +-
  10. ibrcommon/ssl/RSASHA256Stream.cpp | 28 +++++++++---------
  11. ibrcommon/ssl/RSASHA256Stream.h | 2 +-
  12. ibrcommon/ssl/iostreamBIO.cpp | 44 ++++++++++++++++++++++-------
  13. ibrcommon/ssl/openssl_compat.h | 38 +++++++++++++++++++++++++
  14. 6 files changed, 95 insertions(+), 30 deletions(-)
  15. create mode 100644 ibrcommon/ssl/openssl_compat.h
  16. diff --git a/ibrcommon/ssl/HMacStream.cpp b/ibrcommon/ssl/HMacStream.cpp
  17. index e5d317e3..66d8ce42 100644
  18. --- a/ibrcommon/ssl/HMacStream.cpp
  19. +++ b/ibrcommon/ssl/HMacStream.cpp
  20. @@ -20,29 +20,30 @@
  21. */
  22. #include "ibrcommon/ssl/HMacStream.h"
  23. +#include "openssl_compat.h"
  24. namespace ibrcommon
  25. {
  26. HMacStream::HMacStream(const unsigned char * const key, const int key_size)
  27. : HashStream(EVP_MAX_MD_SIZE, BUFF_SIZE), key_(key), key_size_(key_size)
  28. {
  29. - HMAC_CTX_init(&ctx_);
  30. - HMAC_Init_ex(&ctx_, key_, key_size_, EVP_sha1(), NULL);
  31. + ctx_ = HMAC_CTX_new();
  32. + HMAC_Init_ex(ctx_, key_, key_size_, EVP_sha1(), NULL);
  33. }
  34. HMacStream::~HMacStream()
  35. {
  36. - HMAC_CTX_cleanup(&ctx_);
  37. + HMAC_CTX_free(ctx_);
  38. }
  39. void HMacStream::update(char *buf, const size_t size)
  40. {
  41. // hashing
  42. - HMAC_Update(&ctx_, (unsigned char*)buf, size);
  43. + HMAC_Update(ctx_, (unsigned char*)buf, size);
  44. }
  45. void HMacStream::finalize(char * hash, unsigned int &size)
  46. {
  47. - HMAC_Final(&ctx_, (unsigned char*)hash, &size);
  48. + HMAC_Final(ctx_, (unsigned char*)hash, &size);
  49. }
  50. }
  51. diff --git a/ibrcommon/ssl/HMacStream.h b/ibrcommon/ssl/HMacStream.h
  52. index 7dcea168..d04bceb8 100644
  53. --- a/ibrcommon/ssl/HMacStream.h
  54. +++ b/ibrcommon/ssl/HMacStream.h
  55. @@ -44,7 +44,7 @@ namespace ibrcommon
  56. const unsigned char * const key_;
  57. const int key_size_;
  58. - HMAC_CTX ctx_;
  59. + HMAC_CTX* ctx_;
  60. };
  61. }
  62. diff --git a/ibrcommon/ssl/RSASHA256Stream.cpp b/ibrcommon/ssl/RSASHA256Stream.cpp
  63. index d94430ed..d25c5d2f 100644
  64. --- a/ibrcommon/ssl/RSASHA256Stream.cpp
  65. +++ b/ibrcommon/ssl/RSASHA256Stream.cpp
  66. @@ -21,6 +21,7 @@
  67. #include "ibrcommon/ssl/RSASHA256Stream.h"
  68. #include "ibrcommon/Logger.h"
  69. +#include "openssl_compat.h"
  70. #include <openssl/err.h>
  71. namespace ibrcommon
  72. @@ -30,11 +31,11 @@ namespace ibrcommon
  73. {
  74. // Initialize get pointer. This should be zero so that underflow is called upon first read.
  75. setp(&out_buf_[0], &out_buf_[BUFF_SIZE - 1]);
  76. - EVP_MD_CTX_init(&_ctx);
  77. + _ctx = EVP_MD_CTX_new();
  78. if (!_verify)
  79. {
  80. - if (!EVP_SignInit_ex(&_ctx, EVP_sha256(), NULL))
  81. + if (!EVP_SignInit_ex(_ctx, EVP_sha256(), NULL))
  82. {
  83. IBRCOMMON_LOGGER_TAG("RSASHA256Stream", critical) << "failed to initialize the signature function" << IBRCOMMON_LOGGER_ENDL;
  84. ERR_print_errors_fp(stderr);
  85. @@ -42,7 +43,7 @@ namespace ibrcommon
  86. }
  87. else
  88. {
  89. - if (!EVP_VerifyInit_ex(&_ctx, EVP_sha256(), NULL))
  90. + if (!EVP_VerifyInit_ex(_ctx, EVP_sha256(), NULL))
  91. {
  92. IBRCOMMON_LOGGER_TAG("RSASHA256Stream", critical) << "failed to initialize the verification function" << IBRCOMMON_LOGGER_ENDL;
  93. ERR_print_errors_fp(stderr);
  94. @@ -52,18 +53,19 @@ namespace ibrcommon
  95. RSASHA256Stream::~RSASHA256Stream()
  96. {
  97. - EVP_MD_CTX_cleanup(&_ctx);
  98. + EVP_MD_CTX_free(_ctx);
  99. }
  100. void RSASHA256Stream::reset()
  101. {
  102. - EVP_MD_CTX_cleanup(&_ctx);
  103. -
  104. - EVP_MD_CTX_init(&_ctx);
  105. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  106. + EVP_MD_CTX_cleanup(_ctx);
  107. +#endif
  108. + EVP_MD_CTX_init(_ctx);
  109. if (!_verify)
  110. {
  111. - if (!EVP_SignInit_ex(&_ctx, EVP_sha256(), NULL))
  112. + if (!EVP_SignInit_ex(_ctx, EVP_sha256(), NULL))
  113. {
  114. IBRCOMMON_LOGGER_TAG("RSASHA256Stream", critical) << "failed to initialize the signature function" << IBRCOMMON_LOGGER_ENDL;
  115. ERR_print_errors_fp(stderr);
  116. @@ -71,7 +73,7 @@ namespace ibrcommon
  117. }
  118. else
  119. {
  120. - if (!EVP_VerifyInit_ex(&_ctx, EVP_sha256(), NULL))
  121. + if (!EVP_VerifyInit_ex(_ctx, EVP_sha256(), NULL))
  122. {
  123. IBRCOMMON_LOGGER_TAG("RSASHA256Stream", critical) << "failed to initialize the verfication function" << IBRCOMMON_LOGGER_ENDL;
  124. ERR_print_errors_fp(stderr);
  125. @@ -91,7 +93,7 @@ namespace ibrcommon
  126. std::vector<unsigned char> sign(EVP_PKEY_size(_pkey));
  127. unsigned int size = EVP_PKEY_size(_pkey);
  128. - _return_code = EVP_SignFinal(&_ctx, &sign[0], &size, _pkey);
  129. + _return_code = EVP_SignFinal(_ctx, &sign[0], &size, _pkey);
  130. _sign = std::string((const char*)&sign[0], size);
  131. @@ -107,7 +109,7 @@ namespace ibrcommon
  132. if (!_sign_valid)
  133. {
  134. sync();
  135. - _return_code = EVP_VerifyFinal(&_ctx, reinterpret_cast<const unsigned char *>(their_sign.c_str()), static_cast<unsigned int>(their_sign.size()), _pkey);
  136. + _return_code = EVP_VerifyFinal(_ctx, reinterpret_cast<const unsigned char *>(their_sign.c_str()), static_cast<unsigned int>(their_sign.size()), _pkey);
  137. _sign_valid = true;
  138. }
  139. return _return_code;
  140. @@ -145,7 +147,7 @@ namespace ibrcommon
  141. if (!_verify)
  142. // hashing
  143. {
  144. - if (!EVP_SignUpdate(&_ctx, &out_buf_[0], iend - ibegin))
  145. + if (!EVP_SignUpdate(_ctx, &out_buf_[0], iend - ibegin))
  146. {
  147. IBRCOMMON_LOGGER_TAG("RSASHA256Stream", critical) << "failed to feed data into the signature function" << IBRCOMMON_LOGGER_ENDL;
  148. ERR_print_errors_fp(stderr);
  149. @@ -153,7 +155,7 @@ namespace ibrcommon
  150. }
  151. else
  152. {
  153. - if (!EVP_VerifyUpdate(&_ctx, &out_buf_[0], iend - ibegin))
  154. + if (!EVP_VerifyUpdate(_ctx, &out_buf_[0], iend - ibegin))
  155. {
  156. IBRCOMMON_LOGGER_TAG("RSASHA256Stream", critical) << "failed to feed data into the verification function" << IBRCOMMON_LOGGER_ENDL;
  157. ERR_print_errors_fp(stderr);
  158. diff --git a/ibrcommon/ssl/RSASHA256Stream.h b/ibrcommon/ssl/RSASHA256Stream.h
  159. index 344f8e10..6f3a1168 100644
  160. --- a/ibrcommon/ssl/RSASHA256Stream.h
  161. +++ b/ibrcommon/ssl/RSASHA256Stream.h
  162. @@ -106,7 +106,7 @@ namespace ibrcommon
  163. /** the context in which the streamed data will be feed into for
  164. calculation of the hash/signature */
  165. - EVP_MD_CTX _ctx;
  166. + EVP_MD_CTX * _ctx;
  167. /** tells if the context needs to be finalized to get a valid signature or
  168. verification */
  169. diff --git a/ibrcommon/ssl/iostreamBIO.cpp b/ibrcommon/ssl/iostreamBIO.cpp
  170. index 18c1b55c..ea6c63eb 100644
  171. --- a/ibrcommon/ssl/iostreamBIO.cpp
  172. +++ b/ibrcommon/ssl/iostreamBIO.cpp
  173. @@ -23,6 +23,7 @@
  174. #include "ibrcommon/Logger.h"
  175. +#include "openssl_compat.h"
  176. #include <openssl/err.h>
  177. namespace ibrcommon
  178. @@ -42,7 +43,20 @@ static int create(BIO *bio);
  179. //static int destroy(BIO *bio);
  180. //static long (*callback_ctrl)(BIO *, int, bio_info_cb *);
  181. -
  182. +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
  183. +BIO_METHOD * BIO_iostream_method()
  184. +{
  185. + static BIO_METHOD *iostream_method = NULL;
  186. + if (iostream_method) {
  187. + iostream_method = BIO_meth_new(iostreamBIO::type, iostreamBIO::name);
  188. + BIO_meth_set_write(iostream_method, bwrite);
  189. + BIO_meth_set_read(iostream_method, bread);
  190. + BIO_meth_set_ctrl(iostream_method, ctrl);
  191. + BIO_meth_set_create(iostream_method, create);
  192. + }
  193. + return iostream_method;
  194. +}
  195. +#else
  196. static BIO_METHOD iostream_method =
  197. {
  198. iostreamBIO::type,
  199. @@ -56,12 +70,17 @@ static BIO_METHOD iostream_method =
  200. NULL,//destroy,
  201. NULL//callback_ctrl
  202. };
  203. +BIO_METHOD * BIO_iostream_method()
  204. +{
  205. + return &iostream_method;
  206. +}
  207. +#endif
  208. iostreamBIO::iostreamBIO(iostream *stream)
  209. : _stream(stream)
  210. {
  211. /* create BIO */
  212. - _bio = BIO_new(&iostream_method);
  213. + _bio = BIO_new(BIO_iostream_method());
  214. if(!_bio){
  215. /* creation failed, throw exception */
  216. char err_buf[ERR_BUF_SIZE];
  217. @@ -72,7 +91,7 @@ iostreamBIO::iostreamBIO(iostream *stream)
  218. }
  219. /* save the iostream in the bio object */
  220. - _bio->ptr = stream;
  221. + BIO_set_data(_bio, (void *) stream);
  222. }
  223. BIO * iostreamBIO::getBIO(){
  224. @@ -81,10 +100,10 @@ BIO * iostreamBIO::getBIO(){
  225. static int create(BIO *bio)
  226. {
  227. - bio->ptr = NULL;
  228. - /* (from openssl memory bio) */
  229. - bio->shutdown=1;
  230. - bio->init=1;
  231. + BIO_set_data(bio, NULL);
  232. + BIO_set_shutdown(bio, 1);
  233. + BIO_set_init(bio, 1);
  234. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  235. /* from bss_mem.c (openssl):
  236. * bio->num is used to hold the value to return on 'empty', if it is
  237. * 0, should_retry is not set
  238. @@ -93,6 +112,7 @@ static int create(BIO *bio)
  239. * it is set to 0 since the underlying stream is blocking
  240. */
  241. bio->num= 0;
  242. +#endif
  243. return 1;
  244. }
  245. @@ -102,7 +122,7 @@ static int create(BIO *bio)
  246. static long ctrl(BIO *bio, int cmd, long num, void *)
  247. {
  248. long ret;
  249. - iostream *stream = reinterpret_cast<iostream*>(bio->ptr);
  250. + iostream *stream = reinterpret_cast<iostream*>(BIO_get_data(bio));
  251. IBRCOMMON_LOGGER_DEBUG_TAG("iostreamBIO", 90) << "ctrl called, cmd: " << cmd << ", num: " << num << "." << IBRCOMMON_LOGGER_ENDL;
  252. @@ -147,8 +167,12 @@ static long ctrl(BIO *bio, int cmd, long num, void *)
  253. static int bread(BIO *bio, char *buf, int len)
  254. {
  255. - iostream *stream = reinterpret_cast<iostream*>(bio->ptr);
  256. + iostream *stream = reinterpret_cast<iostream*>(BIO_get_data(bio));
  257. +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
  258. + int num_bytes = 0;
  259. +#else
  260. int num_bytes = bio->num;
  261. +#endif
  262. try{
  263. /* make sure to read at least 1 byte and then read as much as we can */
  264. @@ -170,7 +194,7 @@ static int bwrite(BIO *bio, const char *buf, int len)
  265. if(len == 0){
  266. return 0;
  267. }
  268. - iostream *stream = reinterpret_cast<iostream*>(bio->ptr);
  269. + iostream *stream = reinterpret_cast<iostream*>(BIO_get_data(bio));
  270. /* write the data */
  271. try{
  272. diff --git a/ibrcommon/ssl/openssl_compat.h b/ibrcommon/ssl/openssl_compat.h
  273. new file mode 100644
  274. index 00000000..e491677f
  275. --- /dev/null
  276. +++ b/ibrcommon/ssl/openssl_compat.h
  277. @@ -0,0 +1,38 @@
  278. +#ifndef OPENSSL_COMPAT_H
  279. +#define OPENSSL_COMPAT_H
  280. +
  281. +#include <openssl/crypto.h>
  282. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  283. +
  284. +#include <openssl/evp.h>
  285. +#include <openssl/hmac.h>
  286. +
  287. +static inline EVP_MD_CTX * EVP_MD_CTX_new()
  288. +{
  289. + EVP_MD_CTX *ctx;
  290. +
  291. + ctx = (EVP_MD_CTX *) OPENSSL_malloc(sizeof(EVP_MD_CTX));
  292. + EVP_MD_CTX_init(ctx);
  293. + return ctx;
  294. +}
  295. +#define EVP_MD_CTX_free(c) if (c != NULL) OPENSSL_free(c)
  296. +
  297. +static inline HMAC_CTX * HMAC_CTX_new()
  298. +{
  299. + HMAC_CTX *ctx;
  300. +
  301. + ctx = (HMAC_CTX *) OPENSSL_malloc(sizeof(HMAC_CTX));
  302. + HMAC_CTX_init(ctx);
  303. + return ctx;
  304. +}
  305. +#define HMAC_CTX_free(c) if (c != NULL) OPENSSL_free(c)
  306. +
  307. +#define BIO_get_data(b) b->ptr
  308. +#define BIO_set_data(b, v) b->ptr=v
  309. +#define BIO_set_shutdown(b, v) b->shutdown=v
  310. +#define BIO_set_init(b, v) b->init=v
  311. +
  312. +#endif /* OPENSSL_VERSION_NUMBER */
  313. +
  314. +#endif /* OPENSSL_COMPAT_H */
  315. +
  316. --
  317. 2.16.1