Blob Blame Raw
From: Razvan Crainea <razvan@opensips.org>
Date: Wed, 30 Nov 2016 20:39:14 +0200
Subject: [PATCH] identity: add support for openssl 1.1.0

Reported by Petr Pisar in issue #996

diff --git a/modules/identity/identity.c b/modules/identity/identity.c
index 3daeee6..1d54b6d 100644
--- a/modules/identity/identity.c
+++ b/modules/identity/identity.c
@@ -831,7 +831,12 @@ static int addIdentity(char * dateHF, struct sip_msg * msg)
 {
 	#define IDENTITY_HDR_S  "Identity: \""
 	#define IDENTITY_HDR_L  (sizeof(IDENTITY_HDR_S)-1)
-	EVP_MD_CTX ctx;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	EVP_MD_CTX *pctx;
+#else
+#define W_EVP_CTX_free	EVP_MD_CTX_cleanup
+	EVP_MD_CTX ctx, *pctx = &ctx;
+#endif
 	unsigned int siglen = 0;
 	int b64len = 0;
 	unsigned char * sig = NULL;
@@ -843,27 +848,30 @@ static int addIdentity(char * dateHF, struct sip_msg * msg)
 		LM_ERR("error making digest string\n");
 		return 0;
 	}
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	pctx = EVP_MD_CTX_new();
+#endif
 
-	EVP_SignInit(&ctx, EVP_sha1());
+	EVP_SignInit(pctx, EVP_sha1());
 
-	EVP_SignUpdate(&ctx, digestString, strlen(digestString));
+	EVP_SignUpdate(pctx, digestString, strlen(digestString));
 
 	sig = pkg_malloc(EVP_PKEY_size(privKey_evp));
 	if(!sig)
 	{
-		EVP_MD_CTX_cleanup(&ctx);
+		W_EVP_CTX_free(pctx);
 		LM_ERR("failed allocating memory\n");
 		return 0;
 	}
 
-	if(!EVP_SignFinal(&ctx, sig, &siglen, privKey_evp))
+	if(!EVP_SignFinal(pctx, sig, &siglen, privKey_evp))
 	{
-		EVP_MD_CTX_cleanup(&ctx);
+		W_EVP_CTX_free(pctx);
 		pkg_free(sig);
 		LM_ERR("error calculating signature\n");
 		return 0;
 	}
-	EVP_MD_CTX_cleanup(&ctx);
+	W_EVP_CTX_free(pctx);
 
 	/* ###Base64-encoding### */
 	/* annotation: The next few lines are based on example 7-11 of [VIE-02] */
@@ -1138,6 +1146,10 @@ static int checkAuthority(X509 * cert, struct sip_msg * msg)
 	const unsigned char * data;
 	STACK_OF(CONF_VALUE) * val;
 	CONF_VALUE * nval;
+	int len;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	ASN1_OCTET_STRING *adata;
+#endif
 
 	if(!cert || !msg)
 	{
@@ -1190,15 +1202,22 @@ static int checkAuthority(X509 * cert, struct sip_msg * msg)
 				LM_ERR("X509V3_EXT_get failed\n");
 				return 0;
 			}
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+			adata = X509_EXTENSION_get_data(cext);
+			data = ASN1_STRING_get0_data(adata);
+			len = ASN1_STRING_length(adata);
+#else
 			data = cext->value->data;
+			len = cext->value->length;
+#endif
 			if(meth->it)
 			{
 				ext_str = ASN1_item_d2i(NULL, &data,
-					cext->value->length, ASN1_ITEM_ptr(meth->it));
+					len, ASN1_ITEM_ptr(meth->it));
 			}
 			else
 			{
-				 ext_str = meth->d2i(NULL, &data, cext->value->length);
+				 ext_str = meth->d2i(NULL, &data, len);
 			}
 
 			val = meth->i2v(meth, ext_str, NULL);