mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-20 04:02:27 +00:00
- Fix build with OpenSSL 1.1
PR: 232375
This commit is contained in:
parent
dc35f4185d
commit
83e6118d80
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=487284
833
databases/pgadmin3/files/patch-openssl11
Normal file
833
databases/pgadmin3/files/patch-openssl11
Normal file
@ -0,0 +1,833 @@
|
||||
--- pgadmin/include/libssh2/openssl.h.orig 2016-01-07 18:47:32.000000000 +0600
|
||||
+++ pgadmin/include/libssh2/openssl.h 2018-12-12 14:42:16.774278000 +0700
|
||||
@@ -114,54 +114,61 @@
|
||||
|
||||
#define _libssh2_random(buf, len) RAND_bytes ((buf), (len))
|
||||
|
||||
-#define libssh2_sha1_ctx EVP_MD_CTX
|
||||
+void _libssh2_digest_final(EVP_MD_CTX *ctx, unsigned char *out);
|
||||
+
|
||||
+#define libssh2_sha1_ctx EVP_MD_CTX *
|
||||
|
||||
/* returns 0 in case of failure */
|
||||
int _libssh2_sha1_init(libssh2_sha1_ctx *ctx);
|
||||
#define libssh2_sha1_init(x) _libssh2_sha1_init(x)
|
||||
-#define libssh2_sha1_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len)
|
||||
-#define libssh2_sha1_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
|
||||
+#define libssh2_sha1_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len)
|
||||
+#define libssh2_sha1_final(ctx, out) _libssh2_digest_final(ctx, out)
|
||||
int _libssh2_sha1(const unsigned char *message, unsigned long len,
|
||||
unsigned char *out);
|
||||
#define libssh2_sha1(x,y,z) _libssh2_sha1(x,y,z)
|
||||
|
||||
-#define libssh2_sha256_ctx EVP_MD_CTX
|
||||
+#define libssh2_sha256_ctx EVP_MD_CTX *
|
||||
|
||||
/* returns 0 in case of failure */
|
||||
int _libssh2_sha256_init(libssh2_sha256_ctx *ctx);
|
||||
#define libssh2_sha256_init(x) _libssh2_sha256_init(x)
|
||||
-#define libssh2_sha256_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len)
|
||||
-#define libssh2_sha256_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
|
||||
+#define libssh2_sha256_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len)
|
||||
+#define libssh2_sha256_final(ctx, out) _libssh2_digest_final(ctx, out)
|
||||
int _libssh2_sha256(const unsigned char *message, unsigned long len,
|
||||
unsigned char *out);
|
||||
#define libssh2_sha256(x,y,z) _libssh2_sha256(x,y,z)
|
||||
|
||||
-#define libssh2_md5_ctx EVP_MD_CTX
|
||||
+#define libssh2_md5_ctx EVP_MD_CTX *
|
||||
|
||||
/* returns 0 in case of failure */
|
||||
int _libssh2_md5_init(libssh2_md5_ctx *);
|
||||
#define libssh2_md5_init(x) _libssh2_md5_init(x)
|
||||
-#define libssh2_md5_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len)
|
||||
-#define libssh2_md5_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
|
||||
+#define libssh2_md5_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len)
|
||||
+#define libssh2_md5_final(ctx, out) _libssh2_digest_final(ctx, out)
|
||||
+
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
+HMAC_CTX *HMAC_CTX_new(void);
|
||||
+void HMAC_CTX_free(HMAC_CTX *ctx);
|
||||
+#endif
|
||||
|
||||
-#define libssh2_hmac_ctx HMAC_CTX
|
||||
+#define libssh2_hmac_ctx HMAC_CTX *
|
||||
#define libssh2_hmac_ctx_init(ctx) \
|
||||
- HMAC_CTX_init(&ctx)
|
||||
-#define libssh2_hmac_sha1_init(ctx, key, keylen) \
|
||||
- HMAC_Init_ex(ctx, key, keylen, EVP_sha1(), NULL)
|
||||
-#define libssh2_hmac_md5_init(ctx, key, keylen) \
|
||||
- HMAC_Init_ex(ctx, key, keylen, EVP_md5(), NULL)
|
||||
-#define libssh2_hmac_ripemd160_init(ctx, key, keylen) \
|
||||
- HMAC_Init_ex(ctx, key, keylen, EVP_ripemd160(), NULL)
|
||||
-#define libssh2_hmac_sha256_init(ctx, key, keylen) \
|
||||
- HMAC_Init_ex(ctx, key, keylen, EVP_sha256(), NULL)
|
||||
-#define libssh2_hmac_sha512_init(ctx, key, keylen) \
|
||||
- HMAC_Init_ex(ctx, key, keylen, EVP_sha512(), NULL)
|
||||
+ ctx = HMAC_CTX_new()
|
||||
+#define libssh2_hmac_sha1_init(pctx, key, keylen) \
|
||||
+ HMAC_Init_ex(*(pctx), key, keylen, EVP_sha1(), NULL)
|
||||
+#define libssh2_hmac_md5_init(pctx, key, keylen) \
|
||||
+ HMAC_Init_ex(*(pctx), key, keylen, EVP_md5(), NULL)
|
||||
+#define libssh2_hmac_ripemd160_init(pctx, key, keylen) \
|
||||
+ HMAC_Init_ex(*(pctx), key, keylen, EVP_ripemd160(), NULL)
|
||||
+#define libssh2_hmac_sha256_init(pctx, key, keylen) \
|
||||
+ HMAC_Init_ex(*(pctx), key, keylen, EVP_sha256(), NULL)
|
||||
+#define libssh2_hmac_sha512_init(pctx, key, keylen) \
|
||||
+ HMAC_Init_ex(*(pctx), key, keylen, EVP_sha512(), NULL)
|
||||
|
||||
#define libssh2_hmac_update(ctx, data, datalen) \
|
||||
- HMAC_Update(&(ctx), data, datalen)
|
||||
-#define libssh2_hmac_final(ctx, data) HMAC_Final(&(ctx), data, NULL)
|
||||
-#define libssh2_hmac_cleanup(ctx) HMAC_cleanup(ctx)
|
||||
+ HMAC_Update(ctx, data, datalen)
|
||||
+#define libssh2_hmac_final(ctx, data) HMAC_Final(ctx, data, NULL)
|
||||
+#define libssh2_hmac_cleanup(ctx) HMAC_CTX_free(*(ctx))
|
||||
|
||||
#define libssh2_crypto_init() \
|
||||
OpenSSL_add_all_algorithms(); \
|
||||
@@ -180,7 +187,7 @@
|
||||
#define _libssh2_dsa_free(dsactx) DSA_free(dsactx)
|
||||
|
||||
#define _libssh2_cipher_type(name) const EVP_CIPHER *(*name)(void)
|
||||
-#define _libssh2_cipher_ctx EVP_CIPHER_CTX
|
||||
+#define _libssh2_cipher_ctx EVP_CIPHER_CTX *
|
||||
|
||||
#define _libssh2_cipher_aes256 EVP_aes_256_cbc
|
||||
#define _libssh2_cipher_aes192 EVP_aes_192_cbc
|
||||
@@ -199,7 +206,7 @@
|
||||
#define _libssh2_cipher_cast5 EVP_cast5_cbc
|
||||
#define _libssh2_cipher_3des EVP_des_ede3_cbc
|
||||
|
||||
-#define _libssh2_cipher_dtor(ctx) EVP_CIPHER_CTX_cleanup(ctx)
|
||||
+#define _libssh2_cipher_dtor(ctx) EVP_CIPHER_CTX_free(*(ctx))
|
||||
|
||||
#define _libssh2_bn BIGNUM
|
||||
#define _libssh2_bn_ctx BN_CTX
|
||||
--- pgadmin/libssh2/openssl.c.orig 2016-01-07 18:47:32.000000000 +0600
|
||||
+++ pgadmin/libssh2/openssl.c 2018-12-12 14:50:08.851143000 +0700
|
||||
@@ -48,6 +48,280 @@
|
||||
#define EVP_MAX_BLOCK_LENGTH 32
|
||||
#endif
|
||||
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
+static void *
|
||||
+OPENSSL_zalloc(size_t num)
|
||||
+{
|
||||
+ void *ret = OPENSSL_malloc(num);
|
||||
+
|
||||
+ if (ret != NULL)
|
||||
+ memset(ret, 0, num);
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
+HMAC_CTX *
|
||||
+HMAC_CTX_new(void)
|
||||
+{
|
||||
+ HMAC_CTX *ctx = OPENSSL_zalloc(sizeof(HMAC_CTX));
|
||||
+
|
||||
+ if (ctx != NULL) {
|
||||
+ HMAC_CTX_init(ctx);
|
||||
+ }
|
||||
+ return ctx;
|
||||
+}
|
||||
+
|
||||
+void
|
||||
+HMAC_CTX_free(HMAC_CTX *ctx)
|
||||
+{
|
||||
+ if (ctx != NULL) {
|
||||
+ HMAC_CTX_cleanup(ctx);
|
||||
+ OPENSSL_free(ctx);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+static EVP_MD_CTX *
|
||||
+EVP_MD_CTX_new(void)
|
||||
+{
|
||||
+ return EVP_MD_CTX_create();
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+EVP_MD_CTX_free(EVP_MD_CTX *ctx)
|
||||
+{
|
||||
+ EVP_MD_CTX_destroy(ctx);
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+RSA_get0_key(const RSA *r,
|
||||
+ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
|
||||
+{
|
||||
+ if (n != NULL)
|
||||
+ *n = r->n;
|
||||
+ if (e != NULL)
|
||||
+ *e = r->e;
|
||||
+ if (d != NULL)
|
||||
+ *d = r->d;
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
|
||||
+{
|
||||
+ /* If the fields n and e in r are NULL, the corresponding input
|
||||
+ * parameters MUST be non-NULL for n and e. d may be
|
||||
+ * left NULL (in case only the public key is used).
|
||||
+ */
|
||||
+ if ((r->n == NULL && n == NULL)
|
||||
+ || (r->e == NULL && e == NULL))
|
||||
+ return 0;
|
||||
+
|
||||
+ if (n != NULL) {
|
||||
+ BN_free(r->n);
|
||||
+ r->n = n;
|
||||
+ }
|
||||
+ if (e != NULL) {
|
||||
+ BN_free(r->e);
|
||||
+ r->e = e;
|
||||
+ }
|
||||
+ if (d != NULL) {
|
||||
+ BN_free(r->d);
|
||||
+ r->d = d;
|
||||
+ }
|
||||
+
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q)
|
||||
+{
|
||||
+ /* If the fields p and q in r are NULL, the corresponding input
|
||||
+ * parameters MUST be non-NULL.
|
||||
+ */
|
||||
+ if ((r->p == NULL && p == NULL)
|
||||
+ || (r->q == NULL && q == NULL))
|
||||
+ return 0;
|
||||
+
|
||||
+ if (p != NULL) {
|
||||
+ BN_free(r->p);
|
||||
+ r->p = p;
|
||||
+ }
|
||||
+ if (q != NULL) {
|
||||
+ BN_free(r->q);
|
||||
+ r->q = q;
|
||||
+ }
|
||||
+
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp)
|
||||
+{
|
||||
+ /* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input
|
||||
+ * parameters MUST be non-NULL.
|
||||
+ */
|
||||
+ if ((r->dmp1 == NULL && dmp1 == NULL)
|
||||
+ || (r->dmq1 == NULL && dmq1 == NULL)
|
||||
+ || (r->iqmp == NULL && iqmp == NULL))
|
||||
+ return 0;
|
||||
+
|
||||
+ if (dmp1 != NULL) {
|
||||
+ BN_free(r->dmp1);
|
||||
+ r->dmp1 = dmp1;
|
||||
+ }
|
||||
+ if (dmq1 != NULL) {
|
||||
+ BN_free(r->dmq1);
|
||||
+ r->dmq1 = dmq1;
|
||||
+ }
|
||||
+ if (iqmp != NULL) {
|
||||
+ BN_free(r->iqmp);
|
||||
+ r->iqmp = iqmp;
|
||||
+ }
|
||||
+
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+DSA_get0_pqg(const DSA *d,
|
||||
+ const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
|
||||
+{
|
||||
+ if (p != NULL)
|
||||
+ *p = d->p;
|
||||
+ if (q != NULL)
|
||||
+ *q = d->q;
|
||||
+ if (g != NULL)
|
||||
+ *g = d->g;
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g)
|
||||
+{
|
||||
+ /* If the fields p, q and g in d are NULL, the corresponding input
|
||||
+ * parameters MUST be non-NULL.
|
||||
+ */
|
||||
+ if ((d->p == NULL && p == NULL)
|
||||
+ || (d->q == NULL && q == NULL)
|
||||
+ || (d->g == NULL && g == NULL))
|
||||
+ return 0;
|
||||
+
|
||||
+ if (p != NULL) {
|
||||
+ BN_free(d->p);
|
||||
+ d->p = p;
|
||||
+ }
|
||||
+ if (q != NULL) {
|
||||
+ BN_free(d->q);
|
||||
+ d->q = q;
|
||||
+ }
|
||||
+ if (g != NULL) {
|
||||
+ BN_free(d->g);
|
||||
+ d->g = g;
|
||||
+ }
|
||||
+
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+DSA_get0_key(const DSA *d,
|
||||
+ const BIGNUM **pub_key, const BIGNUM **priv_key)
|
||||
+{
|
||||
+ if (pub_key != NULL)
|
||||
+ *pub_key = d->pub_key;
|
||||
+ if (priv_key != NULL)
|
||||
+ *priv_key = d->priv_key;
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key)
|
||||
+{
|
||||
+ /* If the field pub_key in d is NULL, the corresponding input
|
||||
+ * parameters MUST be non-NULL. The priv_key field may
|
||||
+ * be left NULL.
|
||||
+ */
|
||||
+ if (d->pub_key == NULL && pub_key == NULL)
|
||||
+ return 0;
|
||||
+
|
||||
+ if (pub_key != NULL) {
|
||||
+ BN_free(d->pub_key);
|
||||
+ d->pub_key = pub_key;
|
||||
+ }
|
||||
+ if (priv_key != NULL) {
|
||||
+ BN_free(d->priv_key);
|
||||
+ d->priv_key = priv_key;
|
||||
+ }
|
||||
+
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s)
|
||||
+{
|
||||
+ if (r == NULL || s == NULL)
|
||||
+ return 0;
|
||||
+ BN_clear_free(sig->r);
|
||||
+ BN_clear_free(sig->s);
|
||||
+ sig->r = r;
|
||||
+ sig->s = s;
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps)
|
||||
+{
|
||||
+ if (pr != NULL)
|
||||
+ *pr = sig->r;
|
||||
+ if (ps != NULL)
|
||||
+ *ps = sig->s;
|
||||
+}
|
||||
+
|
||||
+static EVP_CIPHER *
|
||||
+EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len)
|
||||
+{
|
||||
+ EVP_CIPHER *cipher = OPENSSL_zalloc(sizeof(EVP_CIPHER));
|
||||
+
|
||||
+ if (cipher != NULL) {
|
||||
+ cipher->nid = cipher_type;
|
||||
+ cipher->block_size = block_size;
|
||||
+ cipher->key_len = key_len;
|
||||
+ }
|
||||
+ return cipher;
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len)
|
||||
+{
|
||||
+ cipher->iv_len = iv_len;
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
|
||||
+ int (*init) (EVP_CIPHER_CTX *ctx,
|
||||
+ const unsigned char *key,
|
||||
+ const unsigned char *iv,
|
||||
+ int enc))
|
||||
+{
|
||||
+ cipher->init = init;
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
|
||||
+ int (*do_cipher) (EVP_CIPHER_CTX *ctx,
|
||||
+ unsigned char *out,
|
||||
+ const unsigned char *in,
|
||||
+ size_t inl))
|
||||
+{
|
||||
+ cipher->do_cipher = do_cipher;
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
|
||||
+ int (*cleanup) (EVP_CIPHER_CTX *))
|
||||
+{
|
||||
+ cipher->cleanup = cleanup;
|
||||
+ return 1;
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
int
|
||||
_libssh2_rsa_new(libssh2_rsa_ctx ** rsa,
|
||||
const unsigned char *edata,
|
||||
@@ -67,31 +341,43 @@
|
||||
const unsigned char *coeffdata, unsigned long coefflen)
|
||||
{
|
||||
*rsa = RSA_new();
|
||||
+ BIGNUM *e, *n;
|
||||
+
|
||||
+ e = BN_new();
|
||||
+ BN_bin2bn(edata, elen, e);
|
||||
|
||||
- (*rsa)->e = BN_new();
|
||||
- BN_bin2bn(edata, elen, (*rsa)->e);
|
||||
+ n = BN_new();
|
||||
+ BN_bin2bn(ndata, nlen, n);
|
||||
|
||||
- (*rsa)->n = BN_new();
|
||||
- BN_bin2bn(ndata, nlen, (*rsa)->n);
|
||||
+ RSA_set0_key(*rsa, n, e, NULL);
|
||||
|
||||
if (ddata) {
|
||||
- (*rsa)->d = BN_new();
|
||||
- BN_bin2bn(ddata, dlen, (*rsa)->d);
|
||||
+ BIGNUM *d;
|
||||
+ BIGNUM *p, *q, *dmp1, *dmq1, *iqmp;
|
||||
+
|
||||
+ d = BN_new();
|
||||
+ BN_bin2bn(ddata, dlen, d);
|
||||
+
|
||||
+ RSA_set0_key(*rsa, 0, 0, d);
|
||||
+
|
||||
+ p = BN_new();
|
||||
+ BN_bin2bn(pdata, plen, p);
|
||||
+
|
||||
+ q = BN_new();
|
||||
+ BN_bin2bn(qdata, qlen, q);
|
||||
|
||||
- (*rsa)->p = BN_new();
|
||||
- BN_bin2bn(pdata, plen, (*rsa)->p);
|
||||
+ RSA_set0_factors(*rsa, p, q);
|
||||
|
||||
- (*rsa)->q = BN_new();
|
||||
- BN_bin2bn(qdata, qlen, (*rsa)->q);
|
||||
+ dmp1 = BN_new();
|
||||
+ BN_bin2bn(e1data, e1len, dmp1);
|
||||
|
||||
- (*rsa)->dmp1 = BN_new();
|
||||
- BN_bin2bn(e1data, e1len, (*rsa)->dmp1);
|
||||
+ dmq1 = BN_new();
|
||||
+ BN_bin2bn(e2data, e2len, dmq1);
|
||||
|
||||
- (*rsa)->dmq1 = BN_new();
|
||||
- BN_bin2bn(e2data, e2len, (*rsa)->dmq1);
|
||||
+ iqmp = BN_new();
|
||||
+ BN_bin2bn(coeffdata, coefflen, iqmp);
|
||||
|
||||
- (*rsa)->iqmp = BN_new();
|
||||
- BN_bin2bn(coeffdata, coefflen, (*rsa)->iqmp);
|
||||
+ RSA_set0_crt_params(*rsa, dmp1, dmq1, iqmp);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
@@ -125,25 +411,34 @@
|
||||
unsigned long y_len,
|
||||
const unsigned char *x, unsigned long x_len)
|
||||
{
|
||||
+ BIGNUM *pn, *qn, *gn;
|
||||
+ BIGNUM *pub_key, *priv_key;
|
||||
+
|
||||
*dsactx = DSA_new();
|
||||
|
||||
- (*dsactx)->p = BN_new();
|
||||
- BN_bin2bn(p, p_len, (*dsactx)->p);
|
||||
+ pn = BN_new();
|
||||
+ BN_bin2bn(p, p_len, pn);
|
||||
+
|
||||
+ qn = BN_new();
|
||||
+ BN_bin2bn(q, q_len, qn);
|
||||
|
||||
- (*dsactx)->q = BN_new();
|
||||
- BN_bin2bn(q, q_len, (*dsactx)->q);
|
||||
+ gn = BN_new();
|
||||
+ BN_bin2bn(g, g_len, gn);
|
||||
|
||||
- (*dsactx)->g = BN_new();
|
||||
- BN_bin2bn(g, g_len, (*dsactx)->g);
|
||||
+ DSA_set0_pqg(*dsactx, pn, qn, gn);
|
||||
|
||||
- (*dsactx)->pub_key = BN_new();
|
||||
- BN_bin2bn(y, y_len, (*dsactx)->pub_key);
|
||||
+ pub_key = BN_new();
|
||||
+ BN_bin2bn(y, y_len, pub_key);
|
||||
|
||||
if (x_len) {
|
||||
- (*dsactx)->priv_key = BN_new();
|
||||
- BN_bin2bn(x, x_len, (*dsactx)->priv_key);
|
||||
+ priv_key = BN_new();
|
||||
+ BN_bin2bn(x, x_len, priv_key);
|
||||
+ } else {
|
||||
+ priv_key = NULL;
|
||||
}
|
||||
|
||||
+ DSA_set0_key(*dsactx, pub_key, priv_key);
|
||||
+
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -153,20 +448,22 @@
|
||||
const unsigned char *m, unsigned long m_len)
|
||||
{
|
||||
unsigned char hash[SHA_DIGEST_LENGTH];
|
||||
- DSA_SIG dsasig;
|
||||
+ DSA_SIG *dsasig;
|
||||
+ BIGNUM *r, *s;
|
||||
int ret = -1;
|
||||
|
||||
- dsasig.r = BN_new();
|
||||
- BN_bin2bn(sig, 20, dsasig.r);
|
||||
- dsasig.s = BN_new();
|
||||
- BN_bin2bn(sig + 20, 20, dsasig.s);
|
||||
+ dsasig = DSA_SIG_new();
|
||||
+ r = BN_new();
|
||||
+ BN_bin2bn(sig, 20, r);
|
||||
+ s = BN_new();
|
||||
+ BN_bin2bn(sig + 20, 20, s);
|
||||
+ DSA_SIG_set0(dsasig, r, s);
|
||||
|
||||
if (!_libssh2_sha1(m, m_len, hash))
|
||||
/* _libssh2_sha1() succeeded */
|
||||
- ret = DSA_do_verify(hash, SHA_DIGEST_LENGTH, &dsasig, dsactx);
|
||||
+ ret = DSA_do_verify(hash, SHA_DIGEST_LENGTH, dsasig, dsactx);
|
||||
|
||||
- BN_clear_free(dsasig.s);
|
||||
- BN_clear_free(dsasig.r);
|
||||
+ DSA_SIG_free(dsasig);
|
||||
|
||||
return (ret == 1) ? 0 : -1;
|
||||
}
|
||||
@@ -177,8 +474,8 @@
|
||||
_libssh2_cipher_type(algo),
|
||||
unsigned char *iv, unsigned char *secret, int encrypt)
|
||||
{
|
||||
- EVP_CIPHER_CTX_init(h);
|
||||
- return !EVP_CipherInit(h, algo(), secret, iv, encrypt);
|
||||
+ *h = EVP_CIPHER_CTX_new();
|
||||
+ return !EVP_CipherInit(*h, algo(), secret, iv, encrypt);
|
||||
}
|
||||
|
||||
int
|
||||
@@ -191,7 +488,7 @@
|
||||
(void) algo;
|
||||
(void) encrypt;
|
||||
|
||||
- ret = EVP_Cipher(ctx, buf, block, blocksize);
|
||||
+ ret = EVP_Cipher(*ctx, buf, block, blocksize);
|
||||
if (ret == 1) {
|
||||
memcpy(block, buf, blocksize);
|
||||
}
|
||||
@@ -222,7 +519,7 @@
|
||||
const EVP_CIPHER *aes_cipher;
|
||||
(void) enc;
|
||||
|
||||
- switch (ctx->key_len) {
|
||||
+ switch (EVP_CIPHER_CTX_key_length(ctx)) {
|
||||
case 16:
|
||||
aes_cipher = EVP_aes_128_ecb();
|
||||
break;
|
||||
@@ -240,7 +537,7 @@
|
||||
if (c == NULL)
|
||||
return 0;
|
||||
|
||||
- c->aes_ctx = malloc(sizeof(EVP_CIPHER_CTX));
|
||||
+ c->aes_ctx = EVP_CIPHER_CTX_new();
|
||||
if (c->aes_ctx == NULL) {
|
||||
free(c);
|
||||
return 0;
|
||||
@@ -312,7 +609,7 @@
|
||||
}
|
||||
|
||||
if (c->aes_ctx != NULL) {
|
||||
- _libssh2_cipher_dtor(c->aes_ctx);
|
||||
+ _libssh2_cipher_dtor(&(c->aes_ctx));
|
||||
free(c->aes_ctx);
|
||||
}
|
||||
|
||||
@@ -322,40 +619,40 @@
|
||||
}
|
||||
|
||||
static const EVP_CIPHER *
|
||||
-make_ctr_evp (size_t keylen, EVP_CIPHER *aes_ctr_cipher)
|
||||
+make_ctr_evp (size_t keylen, EVP_CIPHER **aes_ctr_cipher)
|
||||
{
|
||||
- aes_ctr_cipher->block_size = 16;
|
||||
- aes_ctr_cipher->key_len = keylen;
|
||||
- aes_ctr_cipher->iv_len = 16;
|
||||
- aes_ctr_cipher->init = aes_ctr_init;
|
||||
- aes_ctr_cipher->do_cipher = aes_ctr_do_cipher;
|
||||
- aes_ctr_cipher->cleanup = aes_ctr_cleanup;
|
||||
+ if (*aes_ctr_cipher == NULL) {
|
||||
+ *aes_ctr_cipher = EVP_CIPHER_meth_new(0, 16, keylen);
|
||||
+ if (*aes_ctr_cipher != NULL) {
|
||||
+ EVP_CIPHER_meth_set_iv_length(*aes_ctr_cipher, 16);
|
||||
+ EVP_CIPHER_meth_set_init(*aes_ctr_cipher, aes_ctr_init);
|
||||
+ EVP_CIPHER_meth_set_do_cipher(*aes_ctr_cipher, aes_ctr_do_cipher);
|
||||
+ EVP_CIPHER_meth_set_cleanup(*aes_ctr_cipher, aes_ctr_cleanup);
|
||||
+ }
|
||||
+ }
|
||||
|
||||
- return aes_ctr_cipher;
|
||||
+ return *aes_ctr_cipher;
|
||||
}
|
||||
|
||||
const EVP_CIPHER *
|
||||
_libssh2_EVP_aes_128_ctr(void)
|
||||
{
|
||||
- static EVP_CIPHER aes_ctr_cipher;
|
||||
- return !aes_ctr_cipher.key_len?
|
||||
- make_ctr_evp (16, &aes_ctr_cipher) : &aes_ctr_cipher;
|
||||
+ static EVP_CIPHER *aes_ctr_cipher;
|
||||
+ return make_ctr_evp(16, &aes_ctr_cipher);
|
||||
}
|
||||
|
||||
const EVP_CIPHER *
|
||||
_libssh2_EVP_aes_192_ctr(void)
|
||||
{
|
||||
- static EVP_CIPHER aes_ctr_cipher;
|
||||
- return !aes_ctr_cipher.key_len?
|
||||
- make_ctr_evp (24, &aes_ctr_cipher) : &aes_ctr_cipher;
|
||||
+ static EVP_CIPHER *aes_ctr_cipher;
|
||||
+ return make_ctr_evp(24, &aes_ctr_cipher);
|
||||
}
|
||||
|
||||
const EVP_CIPHER *
|
||||
_libssh2_EVP_aes_256_ctr(void)
|
||||
{
|
||||
- static EVP_CIPHER aes_ctr_cipher;
|
||||
- return !aes_ctr_cipher.key_len?
|
||||
- make_ctr_evp (32, &aes_ctr_cipher) : &aes_ctr_cipher;
|
||||
+ static EVP_CIPHER *aes_ctr_cipher;
|
||||
+ return make_ctr_evp(32, &aes_ctr_cipher);
|
||||
}
|
||||
|
||||
void _libssh2_init_aes_ctr(void)
|
||||
@@ -536,6 +833,7 @@
|
||||
unsigned long hash_len, unsigned char *signature)
|
||||
{
|
||||
DSA_SIG *sig;
|
||||
+ const BIGNUM *r, *s;
|
||||
int r_len, s_len;
|
||||
(void) hash_len;
|
||||
|
||||
@@ -544,12 +842,13 @@
|
||||
return -1;
|
||||
}
|
||||
|
||||
- r_len = BN_num_bytes(sig->r);
|
||||
+ DSA_SIG_get0(sig, &r, &s);
|
||||
+ r_len = BN_num_bytes(r);
|
||||
if (r_len < 1 || r_len > 20) {
|
||||
DSA_SIG_free(sig);
|
||||
return -1;
|
||||
}
|
||||
- s_len = BN_num_bytes(sig->s);
|
||||
+ s_len = BN_num_bytes(s);
|
||||
if (s_len < 1 || s_len > 20) {
|
||||
DSA_SIG_free(sig);
|
||||
return -1;
|
||||
@@ -557,8 +856,8 @@
|
||||
|
||||
memset(signature, 0, 40);
|
||||
|
||||
- BN_bn2bin(sig->r, signature + (20 - r_len));
|
||||
- BN_bn2bin(sig->s, signature + 20 + (20 - s_len));
|
||||
+ BN_bn2bin(r, signature + (20 - r_len));
|
||||
+ BN_bn2bin(s, signature + 20 + (20 - s_len));
|
||||
|
||||
DSA_SIG_free(sig);
|
||||
|
||||
@@ -566,55 +865,66 @@
|
||||
}
|
||||
#endif /* LIBSSH_DSA */
|
||||
|
||||
+void
|
||||
+_libssh2_digest_final(libssh2_md5_ctx ctx, unsigned char *out)
|
||||
+{
|
||||
+ EVP_DigestFinal(ctx, out, NULL);
|
||||
+ EVP_MD_CTX_free(ctx);
|
||||
+}
|
||||
+
|
||||
int
|
||||
_libssh2_sha1_init(libssh2_sha1_ctx *ctx)
|
||||
{
|
||||
- EVP_MD_CTX_init(ctx);
|
||||
- return EVP_DigestInit(ctx, EVP_get_digestbyname("sha1"));
|
||||
+ EVP_MD_CTX_init(*ctx);
|
||||
+ return EVP_DigestInit(*ctx, EVP_get_digestbyname("sha1"));
|
||||
}
|
||||
|
||||
int
|
||||
_libssh2_sha1(const unsigned char *message, unsigned long len,
|
||||
unsigned char *out)
|
||||
{
|
||||
- EVP_MD_CTX ctx;
|
||||
+ EVP_MD_CTX *ctx;
|
||||
|
||||
- EVP_MD_CTX_init(&ctx);
|
||||
- if (EVP_DigestInit(&ctx, EVP_get_digestbyname("sha1"))) {
|
||||
- EVP_DigestUpdate(&ctx, message, len);
|
||||
- EVP_DigestFinal(&ctx, out, NULL);
|
||||
+ ctx = EVP_MD_CTX_new();
|
||||
+ if (EVP_DigestInit(ctx, EVP_get_digestbyname("sha1"))) {
|
||||
+ EVP_DigestUpdate(ctx, message, len);
|
||||
+ EVP_DigestFinal(ctx, out, NULL);
|
||||
+ EVP_MD_CTX_free(ctx);
|
||||
return 0; /* success */
|
||||
}
|
||||
+ EVP_MD_CTX_free(ctx);
|
||||
return 1; /* error */
|
||||
}
|
||||
|
||||
int
|
||||
_libssh2_sha256_init(libssh2_sha256_ctx *ctx)
|
||||
{
|
||||
- EVP_MD_CTX_init(ctx);
|
||||
- return EVP_DigestInit(ctx, EVP_get_digestbyname("sha256"));
|
||||
+ EVP_MD_CTX_init(*ctx);
|
||||
+ return EVP_DigestInit(*ctx, EVP_get_digestbyname("sha256"));
|
||||
}
|
||||
|
||||
int
|
||||
_libssh2_sha256(const unsigned char *message, unsigned long len,
|
||||
unsigned char *out)
|
||||
{
|
||||
- EVP_MD_CTX ctx;
|
||||
+ EVP_MD_CTX *ctx;
|
||||
|
||||
- EVP_MD_CTX_init(&ctx);
|
||||
- if(EVP_DigestInit(&ctx, EVP_get_digestbyname("sha256"))) {
|
||||
- EVP_DigestUpdate(&ctx, message, len);
|
||||
- EVP_DigestFinal(&ctx, out, NULL);
|
||||
+ ctx = EVP_MD_CTX_new();
|
||||
+ if(EVP_DigestInit(ctx, EVP_get_digestbyname("sha256"))) {
|
||||
+ EVP_DigestUpdate(ctx, message, len);
|
||||
+ EVP_DigestFinal(ctx, out, NULL);
|
||||
+ EVP_MD_CTX_free(ctx);
|
||||
return 0; /* success */
|
||||
}
|
||||
+ EVP_MD_CTX_free(ctx);
|
||||
return 1; /* error */
|
||||
}
|
||||
|
||||
int
|
||||
_libssh2_md5_init(libssh2_md5_ctx *ctx)
|
||||
{
|
||||
- EVP_MD_CTX_init(ctx);
|
||||
- return EVP_DigestInit(ctx, EVP_get_digestbyname("md5"));
|
||||
+ EVP_MD_CTX_init(*ctx);
|
||||
+ return EVP_DigestInit(*ctx, EVP_get_digestbyname("md5"));
|
||||
}
|
||||
|
||||
static unsigned char *
|
||||
@@ -639,13 +949,15 @@
|
||||
gen_publickey_from_rsa(LIBSSH2_SESSION *session, RSA *rsa,
|
||||
size_t *key_len)
|
||||
{
|
||||
+ const BIGNUM *e, *n;
|
||||
int e_bytes, n_bytes;
|
||||
unsigned long len;
|
||||
unsigned char* key;
|
||||
unsigned char* p;
|
||||
|
||||
- e_bytes = BN_num_bytes(rsa->e) + 1;
|
||||
- n_bytes = BN_num_bytes(rsa->n) + 1;
|
||||
+ RSA_get0_key(rsa, &n, &e, NULL);
|
||||
+ e_bytes = BN_num_bytes(e) + 1;
|
||||
+ n_bytes = BN_num_bytes(n) + 1;
|
||||
|
||||
/* Key form is "ssh-rsa" + e + n. */
|
||||
len = 4 + 7 + 4 + e_bytes + 4 + n_bytes;
|
||||
@@ -663,8 +975,8 @@
|
||||
memcpy(p, "ssh-rsa", 7);
|
||||
p += 7;
|
||||
|
||||
- p = write_bn(p, rsa->e, e_bytes);
|
||||
- p = write_bn(p, rsa->n, n_bytes);
|
||||
+ p = write_bn(p, e, e_bytes);
|
||||
+ p = write_bn(p, n, n_bytes);
|
||||
|
||||
*key_len = (size_t)(p - key);
|
||||
return key;
|
||||
@@ -675,15 +987,18 @@
|
||||
gen_publickey_from_dsa(LIBSSH2_SESSION* session, DSA *dsa,
|
||||
size_t *key_len)
|
||||
{
|
||||
+ const BIGNUM *pn, *qn, *gn, *pub_key;
|
||||
int p_bytes, q_bytes, g_bytes, k_bytes;
|
||||
unsigned long len;
|
||||
unsigned char* key;
|
||||
unsigned char* p;
|
||||
|
||||
- p_bytes = BN_num_bytes(dsa->p) + 1;
|
||||
- q_bytes = BN_num_bytes(dsa->q) + 1;
|
||||
- g_bytes = BN_num_bytes(dsa->g) + 1;
|
||||
- k_bytes = BN_num_bytes(dsa->pub_key) + 1;
|
||||
+ DSA_get0_pqg(dsa, &pn, &qn, &gn);
|
||||
+ p_bytes = BN_num_bytes(pn) + 1;
|
||||
+ q_bytes = BN_num_bytes(qn) + 1;
|
||||
+ g_bytes = BN_num_bytes(gn) + 1;
|
||||
+ DSA_get0_key(dsa, &pub_key, NULL);
|
||||
+ k_bytes = BN_num_bytes(pub_key) + 1;
|
||||
|
||||
/* Key form is "ssh-dss" + p + q + g + pub_key. */
|
||||
len = 4 + 7 + 4 + p_bytes + 4 + q_bytes + 4 + g_bytes + 4 + k_bytes;
|
||||
@@ -701,10 +1016,10 @@
|
||||
memcpy(p, "ssh-dss", 7);
|
||||
p += 7;
|
||||
|
||||
- p = write_bn(p, dsa->p, p_bytes);
|
||||
- p = write_bn(p, dsa->q, q_bytes);
|
||||
- p = write_bn(p, dsa->g, g_bytes);
|
||||
- p = write_bn(p, dsa->pub_key, k_bytes);
|
||||
+ p = write_bn(p, pn, p_bytes);
|
||||
+ p = write_bn(p, qn, q_bytes);
|
||||
+ p = write_bn(p, gn, g_bytes);
|
||||
+ p = write_bn(p, pub_key, k_bytes);
|
||||
|
||||
*key_len = (size_t)(p - key);
|
||||
return key;
|
||||
@@ -867,7 +1182,7 @@
|
||||
"private key file format");
|
||||
}
|
||||
|
||||
- switch (pk->type) {
|
||||
+ switch (EVP_PKEY_base_id(pk)) {
|
||||
case EVP_PKEY_RSA :
|
||||
st = gen_publickey_from_rsa_evp(
|
||||
session, method, method_len, pubkeydata, pubkeydata_len, pk);
|
||||
@@ -936,7 +1251,7 @@
|
||||
"private key file format");
|
||||
}
|
||||
|
||||
- switch (pk->type) {
|
||||
+ switch (EVP_PKEY_base_id(pk)) {
|
||||
case EVP_PKEY_RSA :
|
||||
st = gen_publickey_from_rsa_evp(session, method, method_len,
|
||||
pubkeydata, pubkeydata_len, pk);
|
Loading…
Reference in New Issue
Block a user