|
|
aca7c2c |
From: Razvan Crainea <razvan@opensips.org>
|
|
|
aca7c2c |
Date: Wed, 30 Nov 2016 20:39:14 +0200
|
|
|
aca7c2c |
Subject: [PATCH] identity: add support for openssl 1.1.0
|
|
|
aca7c2c |
|
|
|
aca7c2c |
Reported by Petr Pisar in issue #996
|
|
|
aca7c2c |
|
|
|
aca7c2c |
diff --git a/modules/identity/identity.c b/modules/identity/identity.c
|
|
|
aca7c2c |
index 3daeee6..1d54b6d 100644
|
|
|
aca7c2c |
--- a/modules/identity/identity.c
|
|
|
aca7c2c |
+++ b/modules/identity/identity.c
|
|
|
aca7c2c |
@@ -831,7 +831,12 @@ static int addIdentity(char * dateHF, struct sip_msg * msg)
|
|
|
aca7c2c |
{
|
|
|
aca7c2c |
#define IDENTITY_HDR_S "Identity: \""
|
|
|
aca7c2c |
#define IDENTITY_HDR_L (sizeof(IDENTITY_HDR_S)-1)
|
|
|
aca7c2c |
- EVP_MD_CTX ctx;
|
|
|
aca7c2c |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
|
aca7c2c |
+ EVP_MD_CTX *pctx;
|
|
|
aca7c2c |
+#else
|
|
|
aca7c2c |
+#define W_EVP_CTX_free EVP_MD_CTX_cleanup
|
|
|
aca7c2c |
+ EVP_MD_CTX ctx, *pctx = &ctx;
|
|
|
aca7c2c |
+#endif
|
|
|
aca7c2c |
unsigned int siglen = 0;
|
|
|
aca7c2c |
int b64len = 0;
|
|
|
aca7c2c |
unsigned char * sig = NULL;
|
|
|
aca7c2c |
@@ -843,27 +848,30 @@ static int addIdentity(char * dateHF, struct sip_msg * msg)
|
|
|
aca7c2c |
LM_ERR("error making digest string\n");
|
|
|
aca7c2c |
return 0;
|
|
|
aca7c2c |
}
|
|
|
aca7c2c |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
|
aca7c2c |
+ pctx = EVP_MD_CTX_new();
|
|
|
aca7c2c |
+#endif
|
|
|
aca7c2c |
|
|
|
aca7c2c |
- EVP_SignInit(&ctx, EVP_sha1());
|
|
|
aca7c2c |
+ EVP_SignInit(pctx, EVP_sha1());
|
|
|
aca7c2c |
|
|
|
aca7c2c |
- EVP_SignUpdate(&ctx, digestString, strlen(digestString));
|
|
|
aca7c2c |
+ EVP_SignUpdate(pctx, digestString, strlen(digestString));
|
|
|
aca7c2c |
|
|
|
aca7c2c |
sig = pkg_malloc(EVP_PKEY_size(privKey_evp));
|
|
|
aca7c2c |
if(!sig)
|
|
|
aca7c2c |
{
|
|
|
aca7c2c |
- EVP_MD_CTX_cleanup(&ctx;;
|
|
|
aca7c2c |
+ W_EVP_CTX_free(pctx);
|
|
|
aca7c2c |
LM_ERR("failed allocating memory\n");
|
|
|
aca7c2c |
return 0;
|
|
|
aca7c2c |
}
|
|
|
aca7c2c |
|
|
|
aca7c2c |
- if(!EVP_SignFinal(&ctx, sig, &siglen, privKey_evp))
|
|
|
aca7c2c |
+ if(!EVP_SignFinal(pctx, sig, &siglen, privKey_evp))
|
|
|
aca7c2c |
{
|
|
|
aca7c2c |
- EVP_MD_CTX_cleanup(&ctx;;
|
|
|
aca7c2c |
+ W_EVP_CTX_free(pctx);
|
|
|
aca7c2c |
pkg_free(sig);
|
|
|
aca7c2c |
LM_ERR("error calculating signature\n");
|
|
|
aca7c2c |
return 0;
|
|
|
aca7c2c |
}
|
|
|
aca7c2c |
- EVP_MD_CTX_cleanup(&ctx;;
|
|
|
aca7c2c |
+ W_EVP_CTX_free(pctx);
|
|
|
aca7c2c |
|
|
|
aca7c2c |
/* ###Base64-encoding### */
|
|
|
aca7c2c |
/* annotation: The next few lines are based on example 7-11 of [VIE-02] */
|
|
|
aca7c2c |
@@ -1138,6 +1146,10 @@ static int checkAuthority(X509 * cert, struct sip_msg * msg)
|
|
|
aca7c2c |
const unsigned char * data;
|
|
|
aca7c2c |
STACK_OF(CONF_VALUE) * val;
|
|
|
aca7c2c |
CONF_VALUE * nval;
|
|
|
aca7c2c |
+ int len;
|
|
|
aca7c2c |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
|
aca7c2c |
+ ASN1_OCTET_STRING *adata;
|
|
|
aca7c2c |
+#endif
|
|
|
aca7c2c |
|
|
|
aca7c2c |
if(!cert || !msg)
|
|
|
aca7c2c |
{
|
|
|
aca7c2c |
@@ -1190,15 +1202,22 @@ static int checkAuthority(X509 * cert, struct sip_msg * msg)
|
|
|
aca7c2c |
LM_ERR("X509V3_EXT_get failed\n");
|
|
|
aca7c2c |
return 0;
|
|
|
aca7c2c |
}
|
|
|
aca7c2c |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
|
aca7c2c |
+ adata = X509_EXTENSION_get_data(cext);
|
|
|
aca7c2c |
+ data = ASN1_STRING_get0_data(adata);
|
|
|
aca7c2c |
+ len = ASN1_STRING_length(adata);
|
|
|
aca7c2c |
+#else
|
|
|
aca7c2c |
data = cext->value->data;
|
|
|
aca7c2c |
+ len = cext->value->length;
|
|
|
aca7c2c |
+#endif
|
|
|
aca7c2c |
if(meth->it)
|
|
|
aca7c2c |
{
|
|
|
aca7c2c |
ext_str = ASN1_item_d2i(NULL, &data,
|
|
|
aca7c2c |
- cext->value->length, ASN1_ITEM_ptr(meth->it));
|
|
|
aca7c2c |
+ len, ASN1_ITEM_ptr(meth->it));
|
|
|
aca7c2c |
}
|
|
|
aca7c2c |
else
|
|
|
aca7c2c |
{
|
|
|
aca7c2c |
- ext_str = meth->d2i(NULL, &data, cext->value->length);
|
|
|
aca7c2c |
+ ext_str = meth->d2i(NULL, &data, len);
|
|
|
aca7c2c |
}
|
|
|
aca7c2c |
|
|
|
aca7c2c |
val = meth->i2v(meth, ext_str, NULL);
|