File 0002-authreg_ldapfull-adapt-to-openssl-1.1.patch of Package jabberd

Overview Repositories Revisions Requests Users Attributes Meta

File 0002-authreg_ldapfull-adapt-to-openssl-1.1.patch of Package jabberd

From 8a0cc8f79faae57c3d4e6c801c554970780416db Mon Sep 17 00:00:00 2001
From: Adrian Reber <adrian@lisas.de>
Date: Fri, 2 Dec 2016 12:20:29 +0100
Subject: [PATCH 2/3] authreg_ldapfull: adapt to openssl-1.1

Adding #ifdefs to use the new openssl-1.1 API if detected.

Signed-off-by: Adrian Reber <adrian@lisas.de>
---
 storage/authreg_ldapfull.c | 107 +++++++++++++++++++++++++++++++++++++++------
 1 file changed, 94 insertions(+), 13 deletions(-)

diff --git a/storage/authreg_ldapfull.c b/storage/authreg_ldapfull.c
index 7b32d48..6dbf202 100644
--- a/storage/authreg_ldapfull.c
+++ b/storage/authreg_ldapfull.c
@@ -39,6 +39,7 @@
 
 #ifdef HAVE_SSL
 #include <openssl/rand.h>
+#include <openssl/evp.h>
 #endif
 
 #include <lber.h>
@@ -228,13 +229,18 @@ int _ldapfull_base64_decode( const char *src, const unsigned char **ret, int *rl
     int rc, tlen = 0;
     int i;
     unsigned char *text;
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
     EVP_ENCODE_CTX EVP_ctx;
+#else
+    EVP_ENCODE_CTX *EVP_ctx;
+#endif
 
     text = (unsigned char *)malloc(((strlen(src)+3)/4 * 3) + 1);
     if (text == NULL) {
         return 0;
     }
 
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
     EVP_DecodeInit(&EVP_ctx);
     rc = EVP_DecodeUpdate(&EVP_ctx, text, &i, (const unsigned char *)src, strlen(src));
     if (rc < 0) {
@@ -243,40 +249,70 @@ int _ldapfull_base64_decode( const char *src, const unsigned char **ret, int *rl
     }
     tlen+=i;
     EVP_DecodeFinal(&EVP_ctx, (unsigned char*)text, &i);
+#else
+    EVP_ctx = EVP_ENCODE_CTX_new();
+    EVP_DecodeInit(EVP_ctx);
+    rc = EVP_DecodeUpdate(EVP_ctx, text, &i, (const unsigned char *)src, strlen(src));
+    if (rc < 0) {
+        free(text);
+        EVP_ENCODE_CTX_free(EVP_ctx);
+        return 0;
+    }
+    tlen+=i;
+    EVP_DecodeFinal(EVP_ctx, (unsigned char*)text, &i);
+#endif
 
     *ret = text;
     if (rlen != NULL) {
         *rlen = tlen;
     }
 
+#if !(OPENSSL_VERSION_NUMBER < 0x10100005L)
+    EVP_ENCODE_CTX_free(EVP_ctx);
+#endif
     return 1;
 }
 
 static int _ldapfull_base64_encode( const unsigned char *src, int srclen, char **ret, int *rlen ) {
     int tlen = 0;
     unsigned char *text;
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
     EVP_ENCODE_CTX EVP_ctx;
+#else
+    EVP_ENCODE_CTX *EVP_ctx;
+#endif
+
 
     text = (unsigned char *)malloc((srclen*4/3) + 1 );
     if (text == NULL) {
         return 0;
     }
 
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
     EVP_EncodeInit(&EVP_ctx);
     EVP_EncodeUpdate(&EVP_ctx, text, &tlen, src, srclen);
     EVP_EncodeFinal(&EVP_ctx, text, &tlen);
+#else
+    EVP_ctx = EVP_ENCODE_CTX_new();
+    EVP_EncodeInit(EVP_ctx);
+    EVP_EncodeUpdate(EVP_ctx, text, &tlen, src, srclen);
+    EVP_EncodeFinal(EVP_ctx, text, &tlen);
+#endif
 
     *ret = (char*)text;
     if (rlen != NULL) {
         *rlen = tlen;
     }
 
+#if !(OPENSSL_VERSION_NUMBER < 0x10100005L)
+    EVP_ENCODE_CTX_free(EVP_ctx);
+#endif
     return 1;
 }
 
 int _ldapfull_chk_hashed(moddata_t data, const char *scheme, int salted, const char *hash, const char *passwd) {
     const unsigned char *bhash; // binary hash, will get it from base64
-    EVP_MD_CTX mdctx;
+    EVP_MD_CTX *mdctx;
     const EVP_MD *md;
     unsigned char digest[EVP_MAX_MD_SIZE];
     int bhlen, rc;
@@ -289,22 +325,32 @@ int _ldapfull_chk_hashed(moddata_t data, const char *scheme, int salted, const c
         return 0;
     }
 
-    EVP_DigestInit(&mdctx, md);
-    EVP_DigestUpdate(&mdctx, passwd, strlen(passwd));
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+    mdctx = EVP_MD_CTX_create();
+#else
+    mdctx = EVP_MD_CTX_new();
+#endif
+    EVP_DigestInit(mdctx, md);
+    EVP_DigestUpdate(mdctx, passwd, strlen(passwd));
     if (salted) {
-        EVP_DigestUpdate(&mdctx, &bhash[EVP_MD_size(md)],
+        EVP_DigestUpdate(mdctx, &bhash[EVP_MD_size(md)],
                 bhlen - EVP_MD_size(md));
     }
-    EVP_DigestFinal(&mdctx, digest, NULL);
+    EVP_DigestFinal(mdctx, digest, NULL);
 
     rc = memcmp((char *)bhash, (char *)digest, EVP_MD_size(md));
     free((void*)bhash);
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+    EVP_MD_CTX_destroy(mdctx);
+#else
+    EVP_MD_CTX_free(mdctx);
+#endif
     return !rc;
 }
 
 int _ldapfull_set_hashed(moddata_t data, const char *scheme, const char *prefix, int saltlen, const char *passwd, char *buf, int buflen) {
     char *hash = 0; // base64 hash
-    EVP_MD_CTX mdctx;
+    EVP_MD_CTX *mdctx;
     const EVP_MD *md;
     unsigned char *digest;
     unsigned char *salt;
@@ -316,30 +362,48 @@ int _ldapfull_set_hashed(moddata_t data, const char *scheme, const char *prefix,
     if (!md) {
         return 0;
     }
-    EVP_DigestInit(&mdctx, md);
-    EVP_DigestUpdate(&mdctx, passwd, strlen(passwd));
+
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+    mdctx = EVP_MD_CTX_create();
+#else
+    mdctx = EVP_MD_CTX_new();
+#endif
+    EVP_DigestInit(mdctx, md);
+    EVP_DigestUpdate(mdctx, passwd, strlen(passwd));
     if (saltlen) {
         salt = (unsigned char *)malloc(saltlen);
         if( !salt ) {
-            EVP_MD_CTX_cleanup(&mdctx);
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+            EVP_MD_CTX_destroy(mdctx);
+#else
+            EVP_MD_CTX_free(mdctx);
+#endif
             return 0;
         }
         if( !RAND_bytes(salt,saltlen) ) {
-            EVP_MD_CTX_cleanup(&mdctx);
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+            EVP_MD_CTX_destroy(mdctx);
+#else
+            EVP_MD_CTX_free(mdctx);
+#endif
             free(salt);
             return 0;
         }
-        EVP_DigestUpdate(&mdctx, salt, saltlen);
+        EVP_DigestUpdate(mdctx, salt, saltlen);
     }
     digest = (unsigned char *)malloc(EVP_MD_size(md) + saltlen);
     if( !digest ) {
         if (saltlen) {
             free(salt);
         }
-        EVP_MD_CTX_cleanup(&mdctx);
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+        EVP_MD_CTX_destroy(mdctx);
+#else
+        EVP_MD_CTX_free(mdctx);
+#endif
         return 0;
     }
-    EVP_DigestFinal(&mdctx, digest, &dlen);
+    EVP_DigestFinal(mdctx, digest, &dlen);
 
     memcpy(digest+dlen,salt,saltlen);
     if (saltlen) {
@@ -352,6 +416,12 @@ int _ldapfull_set_hashed(moddata_t data, const char *scheme, const char *prefix,
     free(digest);
     if( !rc ) {
         free(hash);
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+        EVP_MD_CTX_destroy(mdctx);
+#else
+        EVP_MD_CTX_free(mdctx);
+#endif
+        return 0;
         return 0;
     }
 
@@ -359,12 +429,23 @@ int _ldapfull_set_hashed(moddata_t data, const char *scheme, const char *prefix,
     if( hlen + plen >= buflen ) {
         log_write(data->ar->c2s->log,LOG_ERR,"_ldapfull_set_hashed: buffer is too short (%i bytes)",buflen);
         free(hash);
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+        EVP_MD_CTX_destroy(mdctx);
+#else
+        EVP_MD_CTX_free(mdctx);
+#endif
+        return 0;
         return 0;
     }
     memcpy(buf,prefix,plen);
     memcpy(buf+plen,hash,hlen);
     buf[hlen+plen]='\0';
     free(hash);
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
+    EVP_MD_CTX_destroy(mdctx);
+#else
+    EVP_MD_CTX_free(mdctx);
+#endif
 
     return 1;
 }
-- 
2.9.3

Places

File 0002-authreg_ldapfull-adapt-to-openssl-1.1.patch of Package jabberd

Places