rpms / jabberd

Clone
Source Code
GIT

Files

el5 el6 epel7 epel8 epel9 f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 fc6 main rawhide
  1.   f34
  2.   0002-authreg_ldapfull-adapt-to-openssl-1.1.patch
Blob Blame History Raw 
From 8a0cc8f79faae57c3d4e6c801c554970780416db Mon Sep 17 00:00:00 2001
From: Adrian Reber <adrian@lisas.de>
Date: Fri, 2 Dec 2016 12:20:29 +0100
Subject: [PATCH 2/3] authreg_ldapfull: adapt to openssl-1.1

Adding #ifdefs to use the new openssl-1.1 API if detected.

Signed-off-by: Adrian Reber <adrian@lisas.de>
---
 storage/authreg_ldapfull.c | 107 +++++++++++++++++++++++++++++++++++++++------
 1 file changed, 94 insertions(+), 13 deletions(-)

diff --git a/storage/authreg_ldapfull.c b/storage/authreg_ldapfull.c
index 7b32d48..6dbf202 100644
--- a/storage/authreg_ldapfull.c
+++ b/storage/authreg_ldapfull.c
@@ -39,6 +39,7 @@
 
 #ifdef HAVE_SSL
 #include <openssl/rand.h>
+#include <openssl/evp.h>
 #endif
 
 #include <lber.h>
@@ -228,13 +229,18 @@ int _ldapfull_base64_decode( const char *src, const unsigned char **ret, int *rl
     int rc, tlen = 0;
     int i;
     unsigned char *text;
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
     EVP_ENCODE_CTX EVP_ctx;
+#else
+    EVP_ENCODE_CTX *EVP_ctx;
+#endif
 
     text = (unsigned char *)malloc(((strlen(src)+3)/4 * 3) + 1);
     if (text == NULL) {
         return 0;
     }
 
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
     EVP_DecodeInit(&EVP_ctx);
     rc = EVP_DecodeUpdate(&EVP_ctx, text, &i, (const unsigned char *)src, strlen(src));
     if (rc < 0) {
@@ -243,40 +249,70 @@ int _ldapfull_base64_decode( const char *src, const unsigned char **ret, int *rl
     }
     tlen+=i;
     EVP_DecodeFinal(&EVP_ctx, (unsigned char*)text, &i);
+#else
+    EVP_ctx = EVP_ENCODE_CTX_new();
+    EVP_DecodeInit(EVP_ctx);
+    rc = EVP_DecodeUpdate(EVP_ctx, text, &i, (const unsigned char *)src, strlen(src));
+    if (rc < 0) {
+        free(text);
+        EVP_ENCODE_CTX_free(EVP_ctx);
+        return 0;
+    }
+    tlen+=i;
+    EVP_DecodeFinal(EVP_ctx, (unsigned char*)text, &i);
+#endif
 
     *ret = text;
     if (rlen != NULL) {
         *rlen = tlen;
     }
 
+#if !(OPENSSL_VERSION_NUMBER < 0x10100005L)
+    EVP_ENCODE_CTX_free(EVP_ctx);
+#endif
     return 1;
 }
 
 static int _ldapfull_base64_encode( const unsigned char *src, int srclen, char **ret, int *rlen ) {
     int tlen = 0;
     unsigned char *text;
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
     EVP_ENCODE_CTX EVP_ctx;
+#else
+    EVP_ENCODE_CTX *EVP_ctx;
+#endif
+
 
     text = (unsigned char *)malloc((srclen*4/3) + 1 );
     if (text == NULL) {
         return 0;
     }
 
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
     EVP_EncodeInit(&EVP_ctx);
     EVP_EncodeUpdate(&EVP_ctx, text, &tlen, src, srclen);
     EVP_EncodeFinal(&EVP_ctx, text, &tlen);
+#else
+    EVP_ctx = EVP_ENCODE_CTX_new();
+    EVP_EncodeInit(EVP_ctx);
+    EVP_EncodeUpdate(EVP_ctx, text, &tlen, src, srclen);
+    EVP_EncodeFinal(EVP_ctx, text, &tlen);
+#endif
 
     *ret = (char*)text;
     if (rlen != NULL) {
         *rlen = tlen;
     }
 
+#if !(OPENSSL_VERSION_NUMBER < 0x10100005L)
+    EVP_ENCODE_CTX_free(EVP_ctx);
+#endif
     return 1;
 }
 
 int _ldapfull_chk_hashed(moddata_t data, const char *scheme, int salted, const char *hash, const char *passwd) {
     const unsigned char *bhash; // binary hash, will get it from base64
-    EVP_MD_CTX mdctx;
+    EVP_MD_CTX *mdctx;
     const EVP_MD *md;
     unsigned char digest[EVP_MAX_MD_SIZE];
     int bhlen, rc;
@@ -289,22 +325,32 @@ int _ldapfull_chk_hashed(moddata_t data, const char *scheme, int salted, const c
         return 0;
     }
 
-    EVP_DigestInit(&mdctx, md);
-    EVP_DigestUpdate(&mdctx, passwd, strlen(passwd));
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+    mdctx = EVP_MD_CTX_create();
+#else
+    mdctx = EVP_MD_CTX_new();
+#endif
+    EVP_DigestInit(mdctx, md);
+    EVP_DigestUpdate(mdctx, passwd, strlen(passwd));
     if (salted) {
-        EVP_DigestUpdate(&mdctx, &bhash[EVP_MD_size(md)],
+        EVP_DigestUpdate(mdctx, &bhash[EVP_MD_size(md)],
                 bhlen - EVP_MD_size(md));
     }
-    EVP_DigestFinal(&mdctx, digest, NULL);
+    EVP_DigestFinal(mdctx, digest, NULL);
 
     rc = memcmp((char *)bhash, (char *)digest, EVP_MD_size(md));
     free((void*)bhash);
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+    EVP_MD_CTX_destroy(mdctx);
+#else
+    EVP_MD_CTX_free(mdctx);
+#endif
     return !rc;
 }
 
 int _ldapfull_set_hashed(moddata_t data, const char *scheme, const char *prefix, int saltlen, const char *passwd, char *buf, int buflen) {
     char *hash = 0; // base64 hash
-    EVP_MD_CTX mdctx;
+    EVP_MD_CTX *mdctx;
     const EVP_MD *md;
     unsigned char *digest;
     unsigned char *salt;
@@ -316,30 +362,48 @@ int _ldapfull_set_hashed(moddata_t data, const char *scheme, const char *prefix,
     if (!md) {
         return 0;
     }
-    EVP_DigestInit(&mdctx, md);
-    EVP_DigestUpdate(&mdctx, passwd, strlen(passwd));
+
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+    mdctx = EVP_MD_CTX_create();
+#else
+    mdctx = EVP_MD_CTX_new();
+#endif
+    EVP_DigestInit(mdctx, md);
+    EVP_DigestUpdate(mdctx, passwd, strlen(passwd));
     if (saltlen) {
         salt = (unsigned char *)malloc(saltlen);
         if( !salt ) {
-            EVP_MD_CTX_cleanup(&mdctx);
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+            EVP_MD_CTX_destroy(mdctx);
+#else
+            EVP_MD_CTX_free(mdctx);
+#endif
             return 0;
         }
         if( !RAND_bytes(salt,saltlen) ) {
-            EVP_MD_CTX_cleanup(&mdctx);
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+            EVP_MD_CTX_destroy(mdctx);
+#else
+            EVP_MD_CTX_free(mdctx);
+#endif
             free(salt);
             return 0;
         }
-        EVP_DigestUpdate(&mdctx, salt, saltlen);
+        EVP_DigestUpdate(mdctx, salt, saltlen);
     }
     digest = (unsigned char *)malloc(EVP_MD_size(md) + saltlen);
     if( !digest ) {
         if (saltlen) {
             free(salt);
         }
-        EVP_MD_CTX_cleanup(&mdctx);
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+        EVP_MD_CTX_destroy(mdctx);
+#else
+        EVP_MD_CTX_free(mdctx);
+#endif
         return 0;
     }
-    EVP_DigestFinal(&mdctx, digest, &dlen);
+    EVP_DigestFinal(mdctx, digest, &dlen);
 
     memcpy(digest+dlen,salt,saltlen);
     if (saltlen) {
@@ -352,6 +416,12 @@ int _ldapfull_set_hashed(moddata_t data, const char *scheme, const char *prefix,
     free(digest);
     if( !rc ) {
         free(hash);
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+        EVP_MD_CTX_destroy(mdctx);
+#else
+        EVP_MD_CTX_free(mdctx);
+#endif
+        return 0;
         return 0;
     }
 
@@ -359,12 +429,23 @@ int _ldapfull_set_hashed(moddata_t data, const char *scheme, const char *prefix,
     if( hlen + plen >= buflen ) {
         log_write(data->ar->c2s->log,LOG_ERR,"_ldapfull_set_hashed: buffer is too short (%i bytes)",buflen);
         free(hash);
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+        EVP_MD_CTX_destroy(mdctx);
+#else
+        EVP_MD_CTX_free(mdctx);
+#endif
+        return 0;
         return 0;
     }
     memcpy(buf,prefix,plen);
     memcpy(buf+plen,hash,hlen);
     buf[hlen+plen]='\0';
     free(hash);
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+    EVP_MD_CTX_destroy(mdctx);
+#else
+    EVP_MD_CTX_free(mdctx);
+#endif
 
     return 1;
 }
-- 
2.9.3
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.