From: Peter Lemenkov Date: Thu, 12 Jan 2017 17:57:06 +0300 Subject: [PATCH] Finalize OpenSSL 1.1.0 migration Signed-off-by: Peter Lemenkov diff --git a/modules/identity/identity.c b/modules/identity/identity.c index 9024e61..ccde589 100644 --- a/modules/identity/identity.c +++ b/modules/identity/identity.c @@ -859,19 +859,31 @@ static int addIdentity(char * dateHF, struct sip_msg * msg) sig = pkg_malloc(EVP_PKEY_size(privKey_evp)); if(!sig) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + EVP_MD_CTX_free(pctx); +#else W_EVP_CTX_free(pctx); +#endif LM_ERR("failed allocating memory\n"); return 0; } if(!EVP_SignFinal(pctx, sig, &siglen, privKey_evp)) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + EVP_MD_CTX_free(pctx); +#else W_EVP_CTX_free(pctx); +#endif pkg_free(sig); LM_ERR("error calculating signature\n"); return 0; } +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + EVP_MD_CTX_free(pctx); +#else W_EVP_CTX_free(pctx); +#endif /* ###Base64-encoding### */ /* annotation: The next few lines are based on example 7-11 of [VIE-02] */ @@ -1270,7 +1282,12 @@ static int checkSign(X509 * cert, char * identityHF, struct sip_msg * msg) int siglen = -1; unsigned char * sigbuf = NULL; int b64len = 0; - EVP_MD_CTX ctx; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + EVP_MD_CTX *pctx; +#else +#define W_EVP_CTX_free EVP_MD_CTX_cleanup + EVP_MD_CTX ctx, *pctx = &ctx; +#endif int result = 0; char *p; unsigned long err; @@ -1314,22 +1331,34 @@ static int checkSign(X509 * cert, char * identityHF, struct sip_msg * msg) p=strstr(identityHF , "="); siglen-=strspn(p , "="); - EVP_VerifyInit(&ctx, EVP_sha1()); - EVP_VerifyUpdate(&ctx, digestString, strlen(digestString)); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + pctx = EVP_MD_CTX_new(); +#endif + + EVP_VerifyInit(pctx, EVP_sha1()); + EVP_VerifyUpdate(pctx, digestString, strlen(digestString)); pubkey = X509_get_pubkey(cert); if(!pubkey) { - EVP_MD_CTX_cleanup(&ctx); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + EVP_MD_CTX_free(pctx); +#else + W_EVP_CTX_free(pctx); +#endif pkg_free(sigbuf); LM_ERR("error reading pubkey from cert\n"); return 0; } - result = EVP_VerifyFinal(&ctx, sigbuf, siglen, pubkey); + result = EVP_VerifyFinal(pctx, sigbuf, siglen, pubkey); EVP_PKEY_free(pubkey); - EVP_MD_CTX_cleanup(&ctx); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + EVP_MD_CTX_free(pctx); +#else + W_EVP_CTX_free(pctx); +#endif pkg_free(sigbuf); switch(result)