diff options
Diffstat (limited to 'openssl-1.1.diff')
-rw-r--r-- | openssl-1.1.diff | 310 |
1 files changed, 0 insertions, 310 deletions
diff --git a/openssl-1.1.diff b/openssl-1.1.diff deleted file mode 100644 index acac9ab6092d..000000000000 --- a/openssl-1.1.diff +++ /dev/null @@ -1,310 +0,0 @@ -diff -ur ccnet-server-v6.0.10/lib/rsa.c ccnet-server/lib/rsa.c ---- ccnet-server-v6.0.10/lib/rsa.c 2017-05-14 09:14:22.274184846 +0200 -+++ ccnet-server/lib/rsa.c 2017-05-14 13:33:46.600971500 +0200 -@@ -11,13 +11,55 @@ - #include "rsa.h" - #include "utils.h" - -+/* Forward compatibility functions if libssl < 1.1.0. */ -+ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ -+int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) -+{ -+ /* If the fields n and e in r are NULL, the corresponding input -+ * parameters MUST be non-NULL for n and e. d may be -+ * left NULL (in case only the public key is used). -+ */ -+ if ((r->n == NULL && n == NULL) -+ || (r->e == NULL && e == NULL)) -+ return 0; -+ if (n != NULL) { -+ BN_free(r->n); -+ r->n = n; -+ } -+ if (e != NULL) { -+ BN_free(r->e); -+ r->e = e; -+ } -+ if (d != NULL) { -+ BN_free(r->d); -+ r->d = d; -+ } -+ return 1; -+} -+ -+void RSA_get0_key(const RSA *r, -+ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) -+{ -+ if (n != NULL) -+ *n = r->n; -+ if (e != NULL) -+ *e = r->e; -+ if (d != NULL) -+ *d = r->d; -+} -+ -+#endif -+ - RSA* - private_key_to_pub(RSA *priv) - { - RSA *pub = RSA_new(); -+ const BIGNUM *n, *e; - -- pub->n = BN_dup(priv->n); -- pub->e = BN_dup(priv->e); -+ RSA_get0_key (priv, &n, &e, NULL); -+ RSA_set0_key (pub, BN_dup(n), BN_dup(e), NULL); - - return pub; - } -@@ -28,18 +70,21 @@ - GString *buf = g_string_new(NULL); - unsigned char *temp; - char *coded; -+ const BIGNUM *n, *e; - -- gsize len = BN_num_bytes(rsa->n); -+ RSA_get0_key (rsa, &n, &e, NULL); -+ -+ gsize len = BN_num_bytes(n); - temp = malloc(len); -- BN_bn2bin(rsa->n, temp); -+ BN_bn2bin(n, temp); - coded = g_base64_encode(temp, len); - g_string_append (buf, coded); - g_string_append_c (buf, ' '); - g_free(coded); - -- len = BN_num_bytes(rsa->e); -+ len = BN_num_bytes(e); - temp = realloc(temp, len); -- BN_bn2bin(rsa->e, temp); -+ BN_bn2bin(e, temp); - coded = g_base64_encode(temp, len); - g_string_append (buf, coded); - g_free(coded); -@@ -54,18 +99,21 @@ - { - unsigned char *temp; - char *coded; -+ const BIGNUM *n, *e; -+ -+ RSA_get0_key (rsa, &n, &e, NULL); - -- gsize len = BN_num_bytes(rsa->n); -+ gsize len = BN_num_bytes(n); - temp = malloc(len); -- BN_bn2bin(rsa->n, temp); -+ BN_bn2bin(n, temp); - coded = g_base64_encode(temp, len); - g_string_append (buf, coded); - g_string_append_c (buf, ' '); - g_free(coded); - -- len = BN_num_bytes(rsa->e); -+ len = BN_num_bytes(e); - temp = realloc(temp, len); -- BN_bn2bin(rsa->e, temp); -+ BN_bn2bin(e, temp); - coded = g_base64_encode(temp, len); - g_string_append (buf, coded); - g_free(coded); -@@ -86,24 +134,31 @@ - *p = '\0'; - - RSA *key = RSA_new(); -+ BIGNUM *n = NULL, *e = NULL; - - num = g_base64_decode(str, &len); -- key->n = BN_bin2bn(num, len, NULL); -- if (!key->n) -+ n = BN_bin2bn(num, len, NULL); -+ if (!n) - goto err; - g_free(num); - - num = g_base64_decode(p+1, &len); -- key->e = BN_bin2bn(num, len, NULL); -- if (!key->e) -+ e = BN_bin2bn(num, len, NULL); -+ if (!e) - goto err; - g_free(num); - -+ RSA_set0_key (key, n, e, NULL); -+ - *p = ' '; - return key; - err: - *p = ' '; - RSA_free (key); -+ if (n) -+ BN_free (n); -+ if (e) -+ BN_free (e); - g_free(num); - return NULL; - } -@@ -153,9 +208,22 @@ - generate_private_key(u_int bits) - { - RSA *private = NULL; -- -- private = RSA_generate_key(bits, 35, NULL, NULL); -- if (private == NULL) -- g_error ("rsa_generate_private_key: key generation failed."); -+ BIGNUM* bne = NULL; -+ -+ bne = BN_new(); -+ if (!BN_set_word(bne, RSA_3)) -+ goto free_all; -+ -+ private = RSA_new(); -+ -+ if (!RSA_generate_key_ex(private, bits, bne, NULL)) -+ goto free_all; -+ - return private; -+ -+free_all: -+ RSA_free(private); -+ BN_free(bne); -+ g_error ("rsa_generate_private_key: key generation failed."); -+ return NULL; - } -diff -ur ccnet-server-v6.0.10/lib/utils.c ccnet-server/lib/utils.c ---- ccnet-server-v6.0.10/lib/utils.c 2017-05-14 09:14:22.274184846 +0200 -+++ ccnet-server/lib/utils.c 2017-05-14 09:51:57.671395998 +0200 -@@ -1053,14 +1053,14 @@ - return -1; - } - -- EVP_CIPHER_CTX ctx; -+ EVP_CIPHER_CTX *ctx; - int ret; - int blks; - - /* Prepare CTX for encryption. */ -- EVP_CIPHER_CTX_init (&ctx); -+ ctx = EVP_CIPHER_CTX_new (); - -- ret = EVP_EncryptInit_ex (&ctx, -+ ret = EVP_EncryptInit_ex (ctx, - EVP_aes_256_cbc(), /* cipher mode */ - NULL, /* engine, NULL for default */ - key, /* derived key */ -@@ -1068,6 +1068,7 @@ - - if (ret == ENC_FAILURE) { - g_warning ("error init\n"); -+ EVP_CIPHER_CTX_free (ctx); - return -1; - } - -@@ -1089,7 +1090,7 @@ - int update_len, final_len; - - /* Do the encryption. */ -- ret = EVP_EncryptUpdate (&ctx, -+ ret = EVP_EncryptUpdate (ctx, - (unsigned char*)*data_out, - &update_len, - (unsigned char*)data_in, -@@ -1100,7 +1101,7 @@ - } - - /* Finish the possible partial block. */ -- ret = EVP_EncryptFinal_ex (&ctx, -+ ret = EVP_EncryptFinal_ex (ctx, - (unsigned char*)*data_out + update_len, - &final_len); - *out_len = update_len + final_len; -@@ -1109,11 +1110,11 @@ - goto enc_error; - } - -- EVP_CIPHER_CTX_cleanup (&ctx); -+ EVP_CIPHER_CTX_free (ctx); - return 0; - - enc_error: -- EVP_CIPHER_CTX_cleanup (&ctx); -+ EVP_CIPHER_CTX_free (ctx); - *out_len = -1; - if (*data_out != NULL) - g_free (*data_out); -@@ -1138,22 +1139,24 @@ - return -1; - } - -- EVP_CIPHER_CTX ctx; -+ EVP_CIPHER_CTX *ctx; - int ret; - - *data_out = NULL; - *out_len = -1; - - /* Prepare CTX for decryption. */ -- EVP_CIPHER_CTX_init (&ctx); -- ret = EVP_DecryptInit_ex (&ctx, -+ ctx = EVP_CIPHER_CTX_new (); -+ ret = EVP_DecryptInit_ex (ctx, - EVP_aes_256_cbc(), /* cipher mode */ - NULL, /* engine, NULL for default */ - key, /* derived key */ - iv); /* initial vector */ - -- if (ret == DEC_FAILURE) -+ if (ret == DEC_FAILURE) { -+ EVP_CIPHER_CTX_free (ctx); - return -1; -+ } - - /* Allocating output buffer. */ - *data_out = (char *)g_malloc (in_len); -@@ -1165,7 +1168,7 @@ - int update_len, final_len; - - /* Do the decryption. */ -- ret = EVP_DecryptUpdate (&ctx, -+ ret = EVP_DecryptUpdate (ctx, - (unsigned char*)*data_out, - &update_len, - (unsigned char*)data_in, -@@ -1174,7 +1177,7 @@ - goto dec_error; - - /* Finish the possible partial block. */ -- ret = EVP_DecryptFinal_ex (&ctx, -+ ret = EVP_DecryptFinal_ex (ctx, - (unsigned char*)*data_out + update_len, - &final_len); - *out_len = update_len + final_len; -@@ -1182,11 +1185,11 @@ - if (ret == DEC_FAILURE || *out_len > in_len) - goto dec_error; - -- EVP_CIPHER_CTX_cleanup (&ctx); -+ EVP_CIPHER_CTX_free (ctx); - return 0; - - dec_error: -- EVP_CIPHER_CTX_cleanup (&ctx); -+ EVP_CIPHER_CTX_free (ctx); - *out_len = -1; - if (*data_out != NULL) - g_free (*data_out); -diff -ur ccnet-server-v6.0.10/tools/ccnet-init.c ccnet-server/tools/ccnet-init.c ---- ccnet-server-v6.0.10/tools/ccnet-init.c 2017-05-14 09:14:22.282184865 +0200 -+++ ccnet-server/tools/ccnet-init.c 2017-05-14 09:57:45.256750068 +0200 -@@ -162,7 +162,7 @@ - - config_dir = ccnet_expand_path (config_dir); - /* printf("[conf_dir=%s\n]", config_dir); */ -- SSLeay_add_all_algorithms(); -+ OpenSSL_add_all_algorithms(); - - if (RAND_status() != 1) { /* it should be seeded automatically */ - fprintf(stderr, "PRNG is not seeded\n"); |