Browse Source
Merge pull request #9097 from neheb/softe
softethervpn: Fix compilation with full/stub iconvlilik-openwrt-22.03
Rosen Penev
5 years ago
committed by
GitHub
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 216 additions and 1 deletions
Split View
Diff Options
+ 4
- 1
net/softethervpn/Makefile
View File
+ 212
- 0
net/softethervpn/patches/120-openssl-deprecated.patch
View File
| @ -0,0 +1,212 @@ | |||
| diff --git a/src/Mayaqua/Encrypt.c b/src/Mayaqua/Encrypt.c | |||
| index f3b3908..06b7fea 100644 | |||
| --- a/src/Mayaqua/Encrypt.c | |||
| +++ b/src/Mayaqua/Encrypt.c | |||
| @@ -129,6 +129,7 @@ | |||
| #include <openssl/rand.h> | |||
| #include <openssl/engine.h> | |||
| #include <openssl/bio.h> | |||
| +#include <openssl/bn.h> | |||
| #include <openssl/x509.h> | |||
| #include <openssl/pkcs7.h> | |||
| #include <openssl/pkcs12.h> | |||
| @@ -137,6 +138,7 @@ | |||
| #include <openssl/md4.h> | |||
| #include <openssl/hmac.h> | |||
| #include <openssl/sha.h> | |||
| +#include <openssl/rsa.h> | |||
| #include <openssl/des.h> | |||
| #include <openssl/aes.h> | |||
| #include <openssl/dh.h> | |||
| @@ -634,7 +636,7 @@ UINT CipherProcess(CIPHER *c, void *iv, void *dest, void *src, UINT size) | |||
| return 0; | |||
| } | |||
| - if (EVP_CipherFinal(c->Ctx, ((UCHAR *)dest) + (UINT)r, &r2) == 0) | |||
| + if (EVP_CipherFinal_ex(c->Ctx, ((UCHAR *)dest) + (UINT)r, &r2) == 0) | |||
| { | |||
| return 0; | |||
| } | |||
| @@ -933,6 +935,7 @@ BUF *BigNumToBuf(const BIGNUM *bn) | |||
| // Initialization of the lock of OpenSSL | |||
| void OpenSSL_InitLock() | |||
| { | |||
| +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |||
| UINT i; | |||
| // Initialization of the lock object | |||
| @@ -946,11 +949,13 @@ void OpenSSL_InitLock() | |||
| // Setting the lock function | |||
| CRYPTO_set_locking_callback(OpenSSL_Lock); | |||
| CRYPTO_set_id_callback(OpenSSL_Id); | |||
| +#endif | |||
| } | |||
| // Release of the lock of OpenSSL | |||
| void OpenSSL_FreeLock() | |||
| { | |||
| +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |||
| UINT i; | |||
| for (i = 0;i < ssl_lock_num;i++) | |||
| @@ -962,11 +967,13 @@ void OpenSSL_FreeLock() | |||
| CRYPTO_set_locking_callback(NULL); | |||
| CRYPTO_set_id_callback(NULL); | |||
| +#endif | |||
| } | |||
| // Lock function for OpenSSL | |||
| void OpenSSL_Lock(int mode, int n, const char *file, int line) | |||
| { | |||
| +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |||
| LOCK *lock = ssl_lock_obj[n]; | |||
| if (mode & CRYPTO_LOCK) | |||
| @@ -979,12 +986,15 @@ void OpenSSL_Lock(int mode, int n, const char *file, int line) | |||
| // Unlock | |||
| Unlock(lock); | |||
| } | |||
| +#endif | |||
| } | |||
| // Return the thread ID | |||
| unsigned long OpenSSL_Id(void) | |||
| { | |||
| +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |||
| return (unsigned long)ThreadId(); | |||
| +#endif | |||
| } | |||
| // Get the display name of the certificate | |||
| @@ -1908,8 +1918,8 @@ X509 *NewX509(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial) | |||
| X509_set_version(x509, 2L); | |||
| // Set the Expiration | |||
| - t1 = X509_get_notBefore(x509); | |||
| - t2 = X509_get_notAfter(x509); | |||
| + t1 = X509_getm_notBefore(x509); | |||
| + t2 = X509_getm_notAfter(x509); | |||
| if (!UINT64ToAsn1Time(t1, notBefore)) | |||
| { | |||
| FreeX509(x509); | |||
| @@ -2050,8 +2060,8 @@ X509 *NewRootX509(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial) | |||
| X509_set_version(x509, 2L); | |||
| // Set the Expiration | |||
| - t1 = X509_get_notBefore(x509); | |||
| - t2 = X509_get_notAfter(x509); | |||
| + t1 = X509_getm_notBefore(x509); | |||
| + t2 = X509_getm_notAfter(x509); | |||
| if (!UINT64ToAsn1Time(t1, notBefore)) | |||
| { | |||
| FreeX509(x509); | |||
| @@ -2677,6 +2687,43 @@ bool RsaCheckEx() | |||
| return false; | |||
| } | |||
| + | |||
| +// RSA key generation | |||
| +static RSA *RsaGenKey(UINT bit, BN_ULONG e) | |||
| +{ | |||
| + RSA *rsa = NULL; | |||
| + char errbuf[MAX_SIZE]; | |||
| + BIGNUM *bne = NULL; | |||
| + | |||
| + if ((bne = BN_new()) == NULL) | |||
| + { | |||
| + Debug("BN_new: err=%s\n", ERR_error_string(ERR_get_error(), errbuf)); | |||
| + return NULL; | |||
| + } | |||
| + if (BN_set_word(bne, e) == 0) | |||
| + { | |||
| + Debug("BN_set_word: err=%s\n", ERR_error_string(ERR_get_error(), errbuf)); | |||
| + goto fail; | |||
| + } | |||
| + if ((rsa = RSA_new()) == NULL) | |||
| + { | |||
| + Debug("RSA_new: err=%s\n", ERR_error_string(ERR_get_error(), errbuf)); | |||
| + goto fail; | |||
| + } | |||
| + if (RSA_generate_key_ex(rsa, bit, bne, NULL) == 0) | |||
| + { | |||
| + Debug("RSA_generate_key_ex: err=%s\n", ERR_error_string(ERR_get_error(), errbuf)); | |||
| + goto fail; | |||
| + } | |||
| + BN_free(bne); | |||
| + return rsa; | |||
| + | |||
| +fail: | |||
| + RSA_free(rsa); | |||
| + BN_free(bne); | |||
| + return NULL; | |||
| +} | |||
| + | |||
| bool RsaCheck() | |||
| { | |||
| RSA *rsa; | |||
| @@ -2690,12 +2737,11 @@ bool RsaCheck() | |||
| // Key generation | |||
| Lock(openssl_lock); | |||
| { | |||
| - rsa = RSA_generate_key(bit, RSA_F4, NULL, NULL); | |||
| + rsa = RsaGenKey(bit, RSA_F4); | |||
| } | |||
| Unlock(openssl_lock); | |||
| if (rsa == NULL) | |||
| { | |||
| - Debug("RSA_generate_key: err=%s\n", ERR_error_string(ERR_get_error(), errbuf)); | |||
| return false; | |||
| } | |||
| @@ -2760,12 +2806,11 @@ bool RsaGen(K **priv, K **pub, UINT bit) | |||
| // Key generation | |||
| Lock(openssl_lock); | |||
| { | |||
| - rsa = RSA_generate_key(bit, RSA_F4, NULL, NULL); | |||
| + rsa = RsaGenKey(bit, RSA_F4); | |||
| } | |||
| Unlock(openssl_lock); | |||
| if (rsa == NULL) | |||
| { | |||
| - Debug("RSA_generate_key: err=%s\n", ERR_error_string(ERR_get_error(), errbuf)); | |||
| return false; | |||
| } | |||
| @@ -3875,7 +3920,7 @@ X *X509ToX(X509 *x509) | |||
| { | |||
| if (OBJ_obj2nid(ad->method) == NID_ad_ca_issuers && ad->location->type == GEN_URI) | |||
| { | |||
| - char *uri = (char *)ASN1_STRING_data(ad->location->d.uniformResourceIdentifier); | |||
| + char *uri = (char *)ASN1_STRING_get0_data(ad->location->d.uniformResourceIdentifier); | |||
| if (IsEmptyStr(uri) == false) | |||
| { | |||
| @@ -4088,7 +4133,9 @@ void Rand(void *buf, UINT size) | |||
| // Delete a thread-specific information that OpenSSL has holded | |||
| void FreeOpenSSLThreadState() | |||
| { | |||
| +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |||
| ERR_remove_state(0); | |||
| +#endif | |||
| } | |||
| // Release the Crypt library | |||
| @@ -4110,13 +4157,16 @@ void InitCryptLibrary() | |||
| CheckIfIntelAesNiSupportedInit(); | |||
| // RAND_Init_For_SoftEther() | |||
| openssl_lock = NewLock(); | |||
| +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |||
| SSL_library_init(); | |||
| //OpenSSL_add_all_algorithms(); | |||
| OpenSSL_add_all_ciphers(); | |||
| OpenSSL_add_all_digests(); | |||
| ERR_load_crypto_strings(); | |||
| SSL_load_error_strings(); | |||
| - | |||
| +#else | |||
| + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL); | |||
| +#endif | |||
| #ifdef OS_UNIX | |||
| { | |||
| char *name1 = "/dev/random"; | |||