|
|
7046857 |
Description: Compatibility with OpenSSL 3
|
|
|
7046857 |
We rely on RC4 because of the torrent protocol we're implementing, but this
|
|
|
7046857 |
is no longer available in the default provider.
|
|
|
7046857 |
Author: Steve Langasek <steve.langasek@ubuntu.com>
|
|
|
7046857 |
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1946215
|
|
|
7046857 |
Last-Update: 2021-12-13
|
|
|
7046857 |
Forwarded: no
|
|
|
7046857 |
|
|
|
7046857 |
Index: transmission-3.00/libtransmission/crypto-utils-openssl.c
|
|
|
7046857 |
===================================================================
|
|
|
7046857 |
--- libtransmission/crypto-utils-openssl.c
|
|
|
7046857 |
+++ libtransmission/crypto-utils-openssl.c
|
|
|
7046857 |
@@ -20,6 +20,9 @@
|
|
|
7046857 |
#include <openssl/rand.h>
|
|
|
7046857 |
#include <openssl/ssl.h>
|
|
|
7046857 |
#include <openssl/x509.h>
|
|
|
7046857 |
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
|
|
7046857 |
+#include <openssl/provider.h>
|
|
|
7046857 |
+#endif
|
|
|
7046857 |
|
|
|
7046857 |
#include "transmission.h"
|
|
|
7046857 |
#include "crypto-utils.h"
|
|
|
7046857 |
@@ -182,46 +185,86 @@
|
|
|
7046857 |
|
|
|
7046857 |
#endif
|
|
|
7046857 |
|
|
|
7046857 |
+typedef struct tr_rc4_ctx {
|
|
|
7046857 |
+ EVP_CIPHER_CTX *cipher_ctx;
|
|
|
7046857 |
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
|
|
7046857 |
+ OSSL_LIB_CTX *lib_ctx;
|
|
|
7046857 |
+#endif
|
|
|
7046857 |
+} tr_rc4_ctx;
|
|
|
7046857 |
+
|
|
|
7046857 |
tr_rc4_ctx_t tr_rc4_new(void)
|
|
|
7046857 |
{
|
|
|
7046857 |
- EVP_CIPHER_CTX* handle = EVP_CIPHER_CTX_new();
|
|
|
7046857 |
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
|
|
7046857 |
+ OSSL_PROVIDER *legacy_provider = NULL;
|
|
|
7046857 |
+ OSSL_PROVIDER *default_provider = NULL;
|
|
|
7046857 |
+#endif
|
|
|
7046857 |
+ const EVP_CIPHER *cipher;
|
|
|
7046857 |
|
|
|
7046857 |
- if (check_result(EVP_CipherInit_ex(handle, EVP_rc4(), NULL, NULL, NULL, -1)))
|
|
|
7046857 |
+ tr_rc4_ctx *handle = malloc(sizeof(tr_rc4_ctx));
|
|
|
7046857 |
+
|
|
|
7046857 |
+ handle->cipher_ctx = EVP_CIPHER_CTX_new();
|
|
|
7046857 |
+
|
|
|
7046857 |
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
|
|
7046857 |
+ handle->lib_ctx = OSSL_LIB_CTX_new();
|
|
|
7046857 |
+ TR_ASSERT(handle->lib_ctx);
|
|
|
7046857 |
+ legacy_provider = OSSL_PROVIDER_load(handle->lib_ctx, "legacy");
|
|
|
7046857 |
+ TR_ASSERT(legacy_provider);
|
|
|
7046857 |
+ default_provider = OSSL_PROVIDER_load(handle->lib_ctx, "default");
|
|
|
7046857 |
+ TR_ASSERT(default_provider);
|
|
|
7046857 |
+
|
|
|
7046857 |
+ cipher = EVP_CIPHER_fetch(handle->lib_ctx, "RC4", NULL);
|
|
|
7046857 |
+#else
|
|
|
7046857 |
+ cipher = EVP_rc4();
|
|
|
7046857 |
+#endif
|
|
|
7046857 |
+
|
|
|
7046857 |
+ if (check_result(EVP_CipherInit_ex(handle->cipher_ctx, cipher, NULL, NULL,
|
|
|
7046857 |
+ NULL, -1)))
|
|
|
7046857 |
{
|
|
|
7046857 |
return handle;
|
|
|
7046857 |
}
|
|
|
7046857 |
|
|
|
7046857 |
- EVP_CIPHER_CTX_free(handle);
|
|
|
7046857 |
+ EVP_CIPHER_CTX_free(handle->cipher_ctx);
|
|
|
7046857 |
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
|
|
7046857 |
+ OSSL_LIB_CTX_free(handle->lib_ctx);
|
|
|
7046857 |
+#endif
|
|
|
7046857 |
return NULL;
|
|
|
7046857 |
}
|
|
|
7046857 |
|
|
|
7046857 |
-void tr_rc4_free(tr_rc4_ctx_t handle)
|
|
|
7046857 |
+void tr_rc4_free(tr_rc4_ctx_t h)
|
|
|
7046857 |
{
|
|
|
7046857 |
- if (handle == NULL)
|
|
|
7046857 |
+ if (h == NULL)
|
|
|
7046857 |
{
|
|
|
7046857 |
return;
|
|
|
7046857 |
}
|
|
|
7046857 |
|
|
|
7046857 |
- EVP_CIPHER_CTX_free(handle);
|
|
|
7046857 |
+ tr_rc4_ctx *handle = (tr_rc4_ctx *)h;
|
|
|
7046857 |
+
|
|
|
7046857 |
+ EVP_CIPHER_CTX_free(handle->cipher_ctx);
|
|
|
7046857 |
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
|
|
7046857 |
+ OSSL_LIB_CTX_free(handle->lib_ctx);
|
|
|
7046857 |
+#endif
|
|
|
7046857 |
+ free(handle);
|
|
|
7046857 |
}
|
|
|
7046857 |
|
|
|
7046857 |
-void tr_rc4_set_key(tr_rc4_ctx_t handle, uint8_t const* key, size_t key_length)
|
|
|
7046857 |
+void tr_rc4_set_key(tr_rc4_ctx_t h, uint8_t const* key, size_t key_length)
|
|
|
7046857 |
{
|
|
|
7046857 |
- TR_ASSERT(handle != NULL);
|
|
|
7046857 |
+ TR_ASSERT(h != NULL);
|
|
|
7046857 |
TR_ASSERT(key != NULL);
|
|
|
7046857 |
|
|
|
7046857 |
- if (!check_result(EVP_CIPHER_CTX_set_key_length(handle, key_length)))
|
|
|
7046857 |
+ tr_rc4_ctx *handle = (tr_rc4_ctx *)h;
|
|
|
7046857 |
+ if (!check_result(EVP_CIPHER_CTX_set_key_length(handle->cipher_ctx, key_length)))
|
|
|
7046857 |
{
|
|
|
7046857 |
return;
|
|
|
7046857 |
}
|
|
|
7046857 |
|
|
|
7046857 |
- check_result(EVP_CipherInit_ex(handle, NULL, NULL, key, NULL, -1));
|
|
|
7046857 |
+ check_result(EVP_CipherInit_ex(handle->cipher_ctx, NULL, NULL, key, NULL, -1));
|
|
|
7046857 |
}
|
|
|
7046857 |
|
|
|
7046857 |
-void tr_rc4_process(tr_rc4_ctx_t handle, void const* input, void* output, size_t length)
|
|
|
7046857 |
+void tr_rc4_process(tr_rc4_ctx_t h, void const* input, void* output, size_t length)
|
|
|
7046857 |
{
|
|
|
7046857 |
- TR_ASSERT(handle != NULL);
|
|
|
7046857 |
+ TR_ASSERT(h != NULL);
|
|
|
7046857 |
|
|
|
7046857 |
+ tr_rc4_ctx *handle = (tr_rc4_ctx *)h;
|
|
|
7046857 |
if (length == 0)
|
|
|
7046857 |
{
|
|
|
7046857 |
return;
|
|
|
7046857 |
@@ -232,7 +275,7 @@
|
|
|
7046857 |
|
|
|
7046857 |
int output_length;
|
|
|
7046857 |
|
|
|
7046857 |
- check_result(EVP_CipherUpdate(handle, output, &output_length, input, length));
|
|
|
7046857 |
+ check_result(EVP_CipherUpdate(handle->cipher_ctx, output, &output_length, input, length));
|
|
|
7046857 |
}
|
|
|
7046857 |
|
|
|
7046857 |
/***
|