LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11704 Commits
1 Branch
46 MiB
Tree: f4cdfcf15a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f4cdfcf15a'
${ noResults }
openwrt-packages-dist/lang/luasec/patches/010-openssl-1.1-compatibili...

180 lines
4.9 KiB
Raw Normal View History

luasec: added openssl 1.1.0 compatibility This patch was a backport of 0.7alpha, without changing version 0.6 functionality. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
 
  1. --- a/src/context.c

  2. +++ b/src/context.c

  3. @@ -24,7 +24,7 @@

  4.  #include "context.h"
  5.  #include "options.h"
  6.  
  7. -#ifndef OPENSSL_NO_ECDH

  8. +#ifndef OPENSSL_NO_EC

  9.  #include <openssl/ec.h>
  10.  #include "ec.h"
  11.  #endif
  12. @@ -35,10 +35,6 @@ typedef const SSL_METHOD LSEC_SSL_METHOD

  13.  typedef       SSL_METHOD LSEC_SSL_METHOD;
  14.  #endif
  15.  
  16. -#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

  17. -#define SSLv23_method() TLS_method()

  18. -#endif

  19. -

  20.  /*-- Compat - Lua 5.1 --------------------------------------------------------*/
  21.  
  22.  #if (LUA_VERSION_NUM == 501)
  23. @@ -304,7 +300,7 @@ static int verify_cb(int preverify_ok, X

  24.    return (verify & LSEC_VERIFY_CONTINUE ? 1 : preverify_ok);
  25.  }
  26.  
  27. -#ifndef OPENSSL_NO_ECDH

  28. +#ifndef OPENSSL_NO_EC

  29.  static EC_KEY *find_ec_key(const char *str)
  30.  {
  31.    p_ec ptr;
  32. @@ -565,7 +561,7 @@ static int set_dhparam(lua_State *L)

  33.  /**
  34.   * Set elliptic curve.
  35.   */
  36. -#ifdef OPENSSL_NO_ECDH

  37. +#ifdef OPENSSL_NO_EC

  38.  static int set_curve(lua_State *L)
  39.  {
  40.    lua_pushboolean(L, 0);
  41. --- a/src/ssl.c

  42. +++ b/src/ssl.c

  43. @@ -31,6 +31,13 @@

  44.  #include "context.h"
  45.  #include "ssl.h"
  46.  
  47. +

  48. +#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER<0x10100000L

  49. +#define SSL_is_server(s) (s->server)

  50. +#define X509_up_ref(c)   CRYPTO_add(&c->references, 1, CRYPTO_LOCK_X509)

  51. +#endif

  52. +

  53. +

  54.  /**
  55.   * Underline socket error.
  56.   */
  57. @@ -406,7 +413,9 @@ static int meth_want(lua_State *L)

  58.   */
  59.  static int meth_compression(lua_State *L)
  60.  {
  61. -#if !defined(OPENSSL_NO_COMP)

  62. +#ifdef OPENSSL_NO_COMP

  63. +  const void *comp;

  64. +#else

  65.    const COMP_METHOD *comp;
  66.  #endif
  67.    p_ssl ssl = (p_ssl)luaL_checkudata(L, 1, "SSL:Connection");
  68. @@ -415,15 +424,11 @@ static int meth_compression(lua_State *L

  69.      lua_pushstring(L, "closed");
  70.      return 2;
  71.    }
  72. -#if !defined(OPENSSL_NO_COMP)

  73.    comp = SSL_get_current_compression(ssl->ssl);
  74.    if (comp)
  75.      lua_pushstring(L, SSL_COMP_get_name(comp));
  76.    else
  77.      lua_pushnil(L);
  78. -#else

  79. -  lua_pushnil(L);

  80. -#endif

  81.    return 1;
  82.  }
  83.  
  84. @@ -461,7 +466,7 @@ static int meth_getpeercertificate(lua_S

  85.    /* In a server-context, the stack doesn't contain the peer cert,
  86.     * so adjust accordingly.
  87.     */
  88. -  if (ssl->ssl->server)

  89. +  if (SSL_is_server(ssl->ssl))

  90.      --n;
  91.    certs = SSL_get_peer_cert_chain(ssl->ssl);
  92.    if (n >= sk_X509_num(certs)) {
  93. @@ -471,7 +476,7 @@ static int meth_getpeercertificate(lua_S

  94.    cert = sk_X509_value(certs, n);
  95.    /* Increment the reference counting of the object. */
  96.    /* See SSL_get_peer_certificate() source code.     */
  97. -  CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);

  98. +  X509_up_ref(cert);

  99.    lsec_pushx509(L, cert);
  100.    return 1;
  101.  }
  102. @@ -493,7 +498,7 @@ static int meth_getpeerchain(lua_State *

  103.      return 2;
  104.    }
  105.    lua_newtable(L);
  106. -  if (ssl->ssl->server) {

  107. +  if (SSL_is_server(ssl->ssl)) {

  108.      lsec_pushx509(L, SSL_get_peer_certificate(ssl->ssl));
  109.      lua_rawseti(L, -2, idx++);
  110.    }
  111. @@ -503,7 +508,7 @@ static int meth_getpeerchain(lua_State *

  112.      cert = sk_X509_value(certs, i);
  113.      /* Increment the reference counting of the object. */
  114.      /* See SSL_get_peer_certificate() source code.     */
  115. -    CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);

  116. +    X509_up_ref(cert);

  117.      lsec_pushx509(L, cert);
  118.      lua_rawseti(L, -2, idx++);
  119.    }
  120. --- a/src/x509.c

  121. +++ b/src/x509.c

  122. @@ -32,6 +32,17 @@

  123.  
  124.  #include "x509.h"
  125.  
  126. +

  127. +/*

  128. + * ASN1_STRING_data is deprecated in OpenSSL 1.1.0

  129. + */

  130. +#if OPENSSL_VERSION_NUMBER>=0x1010000fL && !defined(LIBRESSL_VERSION_NUMBER)

  131. +#define LSEC_ASN1_STRING_data(x) ASN1_STRING_get0_data(x)

  132. +#else

  133. +#define LSEC_ASN1_STRING_data(x) ASN1_STRING_data(x)

  134. +#endif

  135. +

  136. +

  137.  static const char* hex_tab = "0123456789abcdef";
  138.  
  139.  /**
  140. @@ -146,7 +157,7 @@ static void push_asn1_string(lua_State*

  141.    }
  142.    switch (encode) {
  143.    case LSEC_AI5_STRING:
  144. -    lua_pushlstring(L, (char*)ASN1_STRING_data(string),

  145. +    lua_pushlstring(L, (char*)LSEC_ASN1_STRING_data(string),

  146.                         ASN1_STRING_length(string));
  147.      break;
  148.    case LSEC_UTF8_STRING:
  149. @@ -182,7 +193,7 @@ static void push_asn1_ip(lua_State *L, A

  150.  {
  151.    int af;
  152.    char dst[INET6_ADDRSTRLEN];
  153. -  unsigned char *ip = ASN1_STRING_data(string);

  154. +  unsigned char *ip = (unsigned char*)LSEC_ASN1_STRING_data(string);

  155.    switch(ASN1_STRING_length(string)) {
  156.    case 4:
  157.      af = AF_INET;
  158. @@ -293,11 +304,11 @@ int meth_extensions(lua_State* L)

  159.        break;
  160.  
  161.      /* Push ret[oid] */
  162. -    push_asn1_objname(L, extension->object, 1);

  163. +    push_asn1_objname(L, X509_EXTENSION_get_object(extension), 1);

  164.      push_subtable(L, -2);
  165.  
  166.      /* Set ret[oid].name = name */
  167. -    push_asn1_objname(L, extension->object, 0);

  168. +    push_asn1_objname(L, X509_EXTENSION_get_object(extension), 0);

  169.      lua_setfield(L, -2, "name");
  170.  
  171.      n_general_names = sk_GENERAL_NAME_num(values);
  172. @@ -404,7 +415,7 @@ static int meth_pubkey(lua_State* L)

  173.      bytes = BIO_get_mem_data(bio, &data);
  174.      if (bytes > 0) {
  175.        lua_pushlstring(L, data, bytes);
  176. -      switch(EVP_PKEY_type(pkey->type)) {

  177. +      switch(EVP_PKEY_base_id(pkey)) {

  178.          case EVP_PKEY_RSA:
  179.            lua_pushstring(L, "RSA");
  180.            break;