|
 |
aca7c2c |
From: Peter Lemenkov <lemenkov@gmail.com>
|
|
|
aca7c2c |
Date: Thu, 12 Jan 2017 17:57:06 +0300
|
|
|
aca7c2c |
Subject: [PATCH] Finalize OpenSSL 1.1.0 migration
|
|
|
aca7c2c |
|
|
|
aca7c2c |
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
|
|
|
aca7c2c |
|
|
|
aca7c2c |
diff --git a/modules/identity/identity.c b/modules/identity/identity.c
|
|
|
aca7c2c |
index 9024e61..ccde589 100644
|
|
|
aca7c2c |
--- a/modules/identity/identity.c
|
|
|
aca7c2c |
+++ b/modules/identity/identity.c
|
|
|
aca7c2c |
@@ -859,19 +859,31 @@ static int addIdentity(char * dateHF, struct sip_msg * msg)
|
|
|
aca7c2c |
sig = pkg_malloc(EVP_PKEY_size(privKey_evp));
|
|
|
aca7c2c |
if(!sig)
|
|
|
aca7c2c |
{
|
|
|
aca7c2c |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
|
aca7c2c |
+ EVP_MD_CTX_free(pctx);
|
|
|
aca7c2c |
+#else
|
|
|
aca7c2c |
W_EVP_CTX_free(pctx);
|
|
|
aca7c2c |
+#endif
|
|
|
aca7c2c |
LM_ERR("failed allocating memory\n");
|
|
|
aca7c2c |
return 0;
|
|
|
aca7c2c |
}
|
|
|
aca7c2c |
|
|
|
aca7c2c |
if(!EVP_SignFinal(pctx, sig, &siglen, privKey_evp))
|
|
|
aca7c2c |
{
|
|
|
aca7c2c |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
|
aca7c2c |
+ EVP_MD_CTX_free(pctx);
|
|
|
aca7c2c |
+#else
|
|
|
aca7c2c |
W_EVP_CTX_free(pctx);
|
|
|
aca7c2c |
+#endif
|
|
|
aca7c2c |
pkg_free(sig);
|
|
|
aca7c2c |
LM_ERR("error calculating signature\n");
|
|
|
aca7c2c |
return 0;
|
|
|
aca7c2c |
}
|
|
|
aca7c2c |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
|
aca7c2c |
+ EVP_MD_CTX_free(pctx);
|
|
|
aca7c2c |
+#else
|
|
|
aca7c2c |
W_EVP_CTX_free(pctx);
|
|
|
aca7c2c |
+#endif
|
|
|
aca7c2c |
|
|
|
aca7c2c |
/* ###Base64-encoding### */
|
|
|
aca7c2c |
/* annotation: The next few lines are based on example 7-11 of [VIE-02] */
|
|
|
aca7c2c |
@@ -1270,7 +1282,12 @@ static int checkSign(X509 * cert, char * identityHF, struct sip_msg * msg)
|
|
|
aca7c2c |
int siglen = -1;
|
|
|
aca7c2c |
unsigned char * sigbuf = NULL;
|
|
|
aca7c2c |
int b64len = 0;
|
|
|
aca7c2c |
- EVP_MD_CTX ctx;
|
|
|
aca7c2c |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
|
aca7c2c |
+ EVP_MD_CTX *pctx;
|
|
|
aca7c2c |
+#else
|
|
|
aca7c2c |
+#define W_EVP_CTX_free EVP_MD_CTX_cleanup
|
|
|
aca7c2c |
+ EVP_MD_CTX ctx, *pctx = &ctx;
|
|
|
aca7c2c |
+#endif
|
|
|
aca7c2c |
int result = 0;
|
|
|
aca7c2c |
char *p;
|
|
|
aca7c2c |
unsigned long err;
|
|
|
aca7c2c |
@@ -1314,22 +1331,34 @@ static int checkSign(X509 * cert, char * identityHF, struct sip_msg * msg)
|
|
|
aca7c2c |
p=strstr(identityHF , "=");
|
|
|
aca7c2c |
siglen-=strspn(p , "=");
|
|
|
aca7c2c |
|
|
|
aca7c2c |
- EVP_VerifyInit(&ctx, EVP_sha1());
|
|
|
aca7c2c |
- EVP_VerifyUpdate(&ctx, digestString, strlen(digestString));
|
|
|
aca7c2c |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
|
aca7c2c |
+ pctx = EVP_MD_CTX_new();
|
|
|
aca7c2c |
+#endif
|
|
|
aca7c2c |
+
|
|
|
aca7c2c |
+ EVP_VerifyInit(pctx, EVP_sha1());
|
|
|
aca7c2c |
+ EVP_VerifyUpdate(pctx, digestString, strlen(digestString));
|
|
|
aca7c2c |
|
|
|
aca7c2c |
pubkey = X509_get_pubkey(cert);
|
|
|
aca7c2c |
if(!pubkey)
|
|
|
aca7c2c |
{
|
|
|
aca7c2c |
- EVP_MD_CTX_cleanup(&ctx;;
|
|
|
aca7c2c |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
|
aca7c2c |
+ EVP_MD_CTX_free(pctx);
|
|
|
aca7c2c |
+#else
|
|
|
aca7c2c |
+ W_EVP_CTX_free(pctx);
|
|
|
aca7c2c |
+#endif
|
|
|
aca7c2c |
pkg_free(sigbuf);
|
|
|
aca7c2c |
LM_ERR("error reading pubkey from cert\n");
|
|
|
aca7c2c |
return 0;
|
|
|
aca7c2c |
}
|
|
|
aca7c2c |
|
|
|
aca7c2c |
- result = EVP_VerifyFinal(&ctx, sigbuf, siglen, pubkey);
|
|
|
aca7c2c |
+ result = EVP_VerifyFinal(pctx, sigbuf, siglen, pubkey);
|
|
|
aca7c2c |
|
|
|
aca7c2c |
EVP_PKEY_free(pubkey);
|
|
|
aca7c2c |
- EVP_MD_CTX_cleanup(&ctx;;
|
|
|
aca7c2c |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
|
aca7c2c |
+ EVP_MD_CTX_free(pctx);
|
|
|
aca7c2c |
+#else
|
|
|
aca7c2c |
+ W_EVP_CTX_free(pctx);
|
|
|
aca7c2c |
+#endif
|
|
|
aca7c2c |
pkg_free(sigbuf);
|
|
|
aca7c2c |
|
|
|
aca7c2c |
switch(result)
|