openssl 1.1 build break fixes
this fixes building against openssl 1.1 since it broke api in various ways by hiding structs and deprecating api's (this causes warnings not breaks unlike the struct hiding). this adapts to these changes and makes efl build again. @fix
This commit is contained in:
parent
0ac95c40bc
commit
2842165415
|
|
@ -33,10 +33,16 @@
|
|||
static int
|
||||
efl_net_socket_bio_create(BIO *b)
|
||||
{
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
BIO_set_init(b, 1);
|
||||
BIO_set_data(b, NULL);
|
||||
BIO_set_flags(b, 0);
|
||||
#else
|
||||
b->init = 1;
|
||||
b->num = 0;
|
||||
b->ptr = NULL;
|
||||
b->flags = 0;
|
||||
#endif
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
@ -44,9 +50,15 @@ static int
|
|||
efl_net_socket_bio_destroy(BIO *b)
|
||||
{
|
||||
if (!b) return 0;
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
BIO_set_init(b, 0);
|
||||
BIO_set_data(b, NULL);
|
||||
BIO_set_flags(b, 0);
|
||||
#else
|
||||
b->init = 0;
|
||||
b->ptr = NULL;
|
||||
b->flags = 0;
|
||||
#endif
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
@ -57,7 +69,11 @@ efl_net_socket_bio_read(BIO *b, char *buf, int len)
|
|||
.mem = buf,
|
||||
.len = len
|
||||
};
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
Eo *sock = BIO_get_data(b);
|
||||
#else
|
||||
Eo *sock = b->ptr;
|
||||
#endif
|
||||
Eina_Error err;
|
||||
|
||||
if ((!buf) || (len <= 0)) return 0;
|
||||
|
|
@ -89,7 +105,11 @@ efl_net_socket_bio_write(BIO *b, const char *buf, int len)
|
|||
.mem = buf,
|
||||
.len = len
|
||||
};
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
Eo *sock = BIO_get_data(b);
|
||||
#else
|
||||
Eo *sock = b->ptr;
|
||||
#endif
|
||||
Eina_Error err;
|
||||
|
||||
if ((!buf) || (len <= 0)) return 0;
|
||||
|
|
@ -129,17 +149,39 @@ efl_net_socket_bio_puts(BIO *b, const char *str)
|
|||
return efl_net_socket_bio_write(b, str, strlen(str));
|
||||
}
|
||||
|
||||
static BIO_METHOD efl_net_socket_bio = {
|
||||
0x400, /* 0x400 means source & sink */
|
||||
"efl_net_socket wrapper",
|
||||
efl_net_socket_bio_write,
|
||||
efl_net_socket_bio_read,
|
||||
efl_net_socket_bio_puts,
|
||||
NULL, /* no gets */
|
||||
efl_net_socket_bio_ctrl,
|
||||
efl_net_socket_bio_create,
|
||||
efl_net_socket_bio_destroy
|
||||
};
|
||||
static BIO_METHOD *
|
||||
__efl_net_socket_bio_get(void)
|
||||
{
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
static BIO_METHOD *efl_net_socket_bio = NULL;
|
||||
|
||||
if (efl_net_socket_bio) return efl_net_socket_bio;
|
||||
efl_net_socket_bio = BIO_meth_new(0x400 /* 0x400 means source & sink */,
|
||||
"efl_net_socket wrapper");
|
||||
BIO_meth_set_write(efl_net_socket_bio, efl_net_socket_bio_write);
|
||||
BIO_meth_set_read(efl_net_socket_bio, efl_net_socket_bio_read);
|
||||
BIO_meth_set_puts(efl_net_socket_bio, efl_net_socket_bio_puts);
|
||||
BIO_meth_set_ctrl(efl_net_socket_bio, efl_net_socket_bio_ctrl);
|
||||
BIO_meth_set_create(efl_net_socket_bio, efl_net_socket_bio_create);
|
||||
BIO_meth_set_destroy(efl_net_socket_bio, efl_net_socket_bio_destroy);
|
||||
// FIXME: some day we need to clean up, but for now a singleton alloc is ok
|
||||
// BIO_meth_free(efl_net_socket_bio);
|
||||
return efl_net_socket_bio;
|
||||
#else
|
||||
static BIO_METHOD efl_net_socket_bio = {
|
||||
0x400, /* 0x400 means source & sink */
|
||||
"efl_net_socket wrapper",
|
||||
efl_net_socket_bio_write,
|
||||
efl_net_socket_bio_read,
|
||||
efl_net_socket_bio_puts,
|
||||
NULL, /* no gets */
|
||||
efl_net_socket_bio_ctrl,
|
||||
efl_net_socket_bio_create,
|
||||
efl_net_socket_bio_destroy
|
||||
};
|
||||
return &efl_net_socket_bio;
|
||||
#endif
|
||||
}
|
||||
|
||||
struct _Efl_Net_Ssl_Conn
|
||||
{
|
||||
|
|
@ -314,10 +356,14 @@ efl_net_ssl_conn_setup(Efl_Net_Ssl_Conn *conn, Eina_Bool is_dialer, Efl_Net_Sock
|
|||
conn->ssl = efl_net_ssl_context_connection_new(context);
|
||||
EINA_SAFETY_ON_NULL_RETURN_VAL(conn->ssl, ENOSYS);
|
||||
|
||||
conn->bio = BIO_new(&efl_net_socket_bio);
|
||||
conn->bio = BIO_new(__efl_net_socket_bio_get());
|
||||
EINA_SAFETY_ON_NULL_GOTO(conn->bio, error_bio);
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
BIO_set_data(conn->bio, sock);
|
||||
#else
|
||||
conn->bio->ptr = sock;
|
||||
#endif
|
||||
|
||||
SSL_set_bio(conn->ssl, conn->bio, conn->bio);
|
||||
if (is_dialer)
|
||||
|
|
|
|||
|
|
@ -272,6 +272,7 @@ efl_net_ssl_ctx_setup(Efl_Net_Ssl_Ctx *ctx, Efl_Net_Ssl_Ctx_Config cfg)
|
|||
ERR("ssl_ctx=%p SSLv3 is disabled in your OpenSSL build", ctx);
|
||||
#endif
|
||||
break;
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||
case EFL_NET_SSL_CIPHER_TLSV1:
|
||||
ctx->ssl_ctx = SSL_CTX_new(TLSv1_client_method());
|
||||
break;
|
||||
|
|
@ -281,6 +282,7 @@ efl_net_ssl_ctx_setup(Efl_Net_Ssl_Ctx *ctx, Efl_Net_Ssl_Ctx_Config cfg)
|
|||
case EFL_NET_SSL_CIPHER_TLSV1_2:
|
||||
ctx->ssl_ctx = SSL_CTX_new(TLSv1_2_client_method());
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
ERR("ssl_ctx=%p unsupported cipher %d", ctx, cfg.cipher);
|
||||
return EINVAL;
|
||||
|
|
@ -302,6 +304,7 @@ efl_net_ssl_ctx_setup(Efl_Net_Ssl_Ctx *ctx, Efl_Net_Ssl_Ctx_Config cfg)
|
|||
ERR("ssl_ctx=%p SSLv3 is disabled in your OpenSSL build", ctx);
|
||||
#endif
|
||||
break;
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||
case EFL_NET_SSL_CIPHER_TLSV1:
|
||||
ctx->ssl_ctx = SSL_CTX_new(TLSv1_server_method());
|
||||
break;
|
||||
|
|
@ -311,6 +314,7 @@ efl_net_ssl_ctx_setup(Efl_Net_Ssl_Ctx *ctx, Efl_Net_Ssl_Ctx_Config cfg)
|
|||
case EFL_NET_SSL_CIPHER_TLSV1_2:
|
||||
ctx->ssl_ctx = SSL_CTX_new(TLSv1_2_server_method());
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
ERR("ssl_ctx=%p unsupported cipher %d", ctx, cfg.cipher);
|
||||
return EINVAL;
|
||||
|
|
|
|||
|
|
@ -475,7 +475,11 @@ eet_identity_sign(FILE *fp,
|
|||
gnutls_datum_t signum = { NULL, 0 };
|
||||
gnutls_privkey_t privkey;
|
||||
# else /* ifdef HAVE_GNUTLS */
|
||||
# if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
EVP_MD_CTX *md_ctx;
|
||||
# else
|
||||
EVP_MD_CTX md_ctx;
|
||||
# endif
|
||||
unsigned int sign_len = 0;
|
||||
int cert_len = 0;
|
||||
# endif /* ifdef HAVE_GNUTLS */
|
||||
|
|
@ -561,12 +565,24 @@ eet_identity_sign(FILE *fp,
|
|||
}
|
||||
|
||||
/* Do the signature. */
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
md_ctx = EVP_MD_CTX_new();
|
||||
EVP_SignInit(md_ctx, EVP_sha1());
|
||||
EVP_SignUpdate(md_ctx, data, st_buf.st_size);
|
||||
err = EVP_SignFinal(md_ctx,
|
||||
sign,
|
||||
(unsigned int *)&sign_len,
|
||||
key->private_key);
|
||||
EVP_MD_CTX_free(md_ctx);
|
||||
#else
|
||||
EVP_SignInit(&md_ctx, EVP_sha1());
|
||||
EVP_SignUpdate(&md_ctx, data, st_buf.st_size);
|
||||
err = EVP_SignFinal(&md_ctx,
|
||||
sign,
|
||||
(unsigned int *)&sign_len,
|
||||
key->private_key);
|
||||
EVP_MD_CTX_cleanup(&md_ctx);
|
||||
#endif
|
||||
if (err != 1)
|
||||
{
|
||||
ERR_print_errors_fp(stdout);
|
||||
|
|
@ -738,7 +754,11 @@ eet_identity_check(const void *data_base,
|
|||
const unsigned char *tmp;
|
||||
EVP_PKEY *pkey;
|
||||
X509 *x509;
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
EVP_MD_CTX *md_ctx;
|
||||
#else
|
||||
EVP_MD_CTX md_ctx;
|
||||
#endif
|
||||
int err;
|
||||
|
||||
/* Strange but d2i_X509 seems to put 0 all over the place. */
|
||||
|
|
@ -757,9 +777,18 @@ eet_identity_check(const void *data_base,
|
|||
}
|
||||
|
||||
/* Verify the signature */
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
md_ctx = EVP_MD_CTX_new();
|
||||
EVP_VerifyInit(md_ctx, EVP_sha1());
|
||||
EVP_VerifyUpdate(md_ctx, data_base, data_length);
|
||||
err = EVP_VerifyFinal(md_ctx, sign, sign_len, pkey);
|
||||
EVP_MD_CTX_free(md_ctx);
|
||||
#else
|
||||
EVP_VerifyInit(&md_ctx, EVP_sha1());
|
||||
EVP_VerifyUpdate(&md_ctx, data_base, data_length);
|
||||
err = EVP_VerifyFinal(&md_ctx, sign, sign_len, pkey);
|
||||
EVP_MD_CTX_cleanup(&md_ctx);
|
||||
#endif
|
||||
|
||||
X509_free(x509);
|
||||
EVP_PKEY_free(pkey);
|
||||
|
|
|
|||
|
|
@ -75,6 +75,16 @@ emile_binbuf_sha1(const Eina_Binbuf * data, unsigned char digest[20])
|
|||
{
|
||||
const EVP_MD *md = EVP_sha1();
|
||||
Eina_Slice slice = eina_binbuf_slice_get(data);
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
EVP_MD_CTX *ctx = EVP_MD_CTX_new();
|
||||
|
||||
EVP_DigestInit_ex(ctx, md, NULL);
|
||||
|
||||
EVP_DigestUpdate(ctx, slice.mem, slice.len);
|
||||
EVP_DigestFinal_ex(ctx, digest, NULL);
|
||||
|
||||
EVP_MD_CTX_free(ctx);
|
||||
#else
|
||||
EVP_MD_CTX ctx;
|
||||
|
||||
EVP_MD_CTX_init(&ctx);
|
||||
|
|
@ -84,6 +94,7 @@ emile_binbuf_sha1(const Eina_Binbuf * data, unsigned char digest[20])
|
|||
EVP_DigestFinal_ex(&ctx, digest, NULL);
|
||||
|
||||
EVP_MD_CTX_cleanup(&ctx);
|
||||
#endif
|
||||
return EINA_TRUE;
|
||||
}
|
||||
|
||||
|
|
@ -308,9 +319,11 @@ emile_cipher_server_listen(Emile_Cipher_Type t)
|
|||
SSL_CTX_set_options(r->ssl_ctx,
|
||||
options | SSL_OP_NO_SSLv2 | SSL_OP_SINGLE_DH_USE);
|
||||
break;
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||
case EMILE_TLSv1:
|
||||
r->ssl_ctx = SSL_CTX_new(TLSv1_server_method());
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
free(r);
|
||||
return NULL;
|
||||
|
|
@ -754,8 +767,10 @@ emile_cipher_server_connect(Emile_Cipher_Type t)
|
|||
options | SSL_OP_NO_SSLv2 | SSL_OP_SINGLE_DH_USE);
|
||||
break;
|
||||
case EMILE_TLSv1:
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||
r->ssl_ctx = SSL_CTX_new(TLSv1_client_method());
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
free(r);
|
||||
return NULL;
|
||||
|
|
|
|||
Loading…
Reference in New Issue