--- /dev/null
+From c842faae63b562acc7d989a9cdc815def9ee2ed6 Mon Sep 17 00:00:00 2001
+From: Sven-Haegar Koch <haegar@sdinet.de>
+Date: Wed, 2 Nov 2016 23:08:24 +0100
+Subject: [PATCH] OpenSSL 1.1.0 compile fix.
+
+---
+ crypto.c | 53 +++++++++++++++++++++++++++++++++++------------------
+ 1 file changed, 35 insertions(+), 18 deletions(-)
+
+diff --git a/crypto.c b/crypto.c
+index e476611..e8b72d3 100644
+--- a/crypto.c
++++ b/crypto.c
+@@ -46,6 +46,10 @@ openssl dgst \
+
+ */
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#define EVP_PKEY_get0_RSA(a) ((a)->pkey.rsa)
++#endif
++
+ EVP_PKEY *
+ crypto_load_key(const char *key, const bool is_private)
+ {
+@@ -80,7 +84,7 @@ crypto_rsa_verify_signature(struct string *databuffer, struct string *signature,
+ {
+ int err;
+ bool retval;
+- EVP_MD_CTX md_ctx;
++ EVP_MD_CTX *md_ctx;
+ EVP_PKEY *pkey;
+
+ /* load public key into openssl structure */
+@@ -89,15 +93,22 @@ crypto_rsa_verify_signature(struct string *databuffer, struct string *signature,
+ log_err("crypto_verify_signature: key loading failed\n");
+ return false;
+ }
+-
++
++ md_ctx = EVP_MD_CTX_create();
++ if (!md_ctx) {
++ log_err("crypto_verify_signature: md_ctx alloc failed\n");
++ return false;
++ }
++
+ /* Verify the signature */
+- if (EVP_VerifyInit(&md_ctx, EVP_sha512()) != 1) {
++ if (EVP_VerifyInit(md_ctx, EVP_sha512()) != 1) {
+ log_err("crypto_verify_signature: libcrypto verify init failed\n");
++ EVP_MD_CTX_destroy(md_ctx);
+ EVP_PKEY_free(pkey);
+ return false;
+ }
+- EVP_VerifyUpdate(&md_ctx, string_get(databuffer), string_length(databuffer));
+- err = EVP_VerifyFinal(&md_ctx, (unsigned char*)string_get(signature), string_length(signature), pkey);
++ EVP_VerifyUpdate(md_ctx, string_get(databuffer), string_length(databuffer));
++ err = EVP_VerifyFinal(md_ctx, (unsigned char*)string_get(signature), string_length(signature), pkey);
+ EVP_PKEY_free(pkey);
+
+ if (err != 1) {
+@@ -110,7 +121,7 @@ crypto_rsa_verify_signature(struct string *databuffer, struct string *signature,
+ retval = true;
+
+ bailout_ctx_cleanup:
+- EVP_MD_CTX_cleanup(&md_ctx);
++ EVP_MD_CTX_destroy(md_ctx);
+
+ //log_info("Signature Verified Ok.\n");
+ return retval;
+@@ -146,7 +157,7 @@ crypto_rsa_decrypt(struct string *ciphertext, const char *privkey, struct string
+ len = RSA_private_decrypt(string_length(ciphertext),
+ (unsigned char*)string_get(ciphertext),
+ (unsigned char*)string_get(decrypted),
+- pkey->pkey.rsa,
++ EVP_PKEY_get0_RSA(pkey),
+ RSA_PKCS1_OAEP_PADDING);
+ if (len >= 0) {
+ /* TODO: need cleaner way: */
+@@ -167,28 +178,33 @@ bool
+ crypto_aes_decrypt(struct string *ciphertext, struct string *aes_key, struct string *aes_iv, struct string *decrypted)
+ {
+ bool retval = false;
+- EVP_CIPHER_CTX ctx;
++ EVP_CIPHER_CTX *ctx;
+ int decryptspace;
+ int decryptdone;
+
+- EVP_CIPHER_CTX_init(&ctx);
+- if (!EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL,
++ ctx = EVP_CIPHER_CTX_new();
++ if (!ctx) {
++ log_err("crypto_aes_decrypt: ctx alloc failed\n");
++ goto bail_out;
++ }
++
++ if (!EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL,
+ (unsigned char *)string_get(aes_key),
+ (unsigned char *)string_get(aes_iv))) {
+ log_err("crypto_aes_decrypt: init failed\n");
+ ERR_print_errors_fp(stderr);
+ goto bail_out;
+ }
+- EVP_CIPHER_CTX_set_padding(&ctx, 1);
++ EVP_CIPHER_CTX_set_padding(ctx, 1);
+
+- if (string_length(aes_key) != EVP_CIPHER_CTX_key_length(&ctx)) {
++ if (string_length(aes_key) != EVP_CIPHER_CTX_key_length(ctx)) {
+ log_err("crypto_aes_decrypt: invalid key size (%" PRIuPTR " vs expected %d)\n",
+- string_length(aes_key), EVP_CIPHER_CTX_key_length(&ctx));
++ string_length(aes_key), EVP_CIPHER_CTX_key_length(ctx));
+ goto bail_out;
+ }
+- if (string_length(aes_iv) != EVP_CIPHER_CTX_iv_length(&ctx)) {
++ if (string_length(aes_iv) != EVP_CIPHER_CTX_iv_length(ctx)) {
+ log_err("crypto_aes_decrypt: invalid iv size (%" PRIuPTR " vs expected %d)\n",
+- string_length(aes_iv), EVP_CIPHER_CTX_iv_length(&ctx));
++ string_length(aes_iv), EVP_CIPHER_CTX_iv_length(ctx));
+ goto bail_out;
+ }
+
+@@ -201,7 +217,7 @@ crypto_aes_decrypt(struct string *ciphertext, struct string *aes_key, struct str
+ goto bail_out;
+ }
+
+- if (EVP_DecryptUpdate(&ctx, (unsigned char*)string_get(decrypted),
++ if (EVP_DecryptUpdate(ctx, (unsigned char*)string_get(decrypted),
+ &decryptdone, (unsigned char*)string_get(ciphertext),
+ string_length(ciphertext))) {
+ /* TODO: need cleaner way: */
+@@ -212,7 +228,7 @@ crypto_aes_decrypt(struct string *ciphertext, struct string *aes_key, struct str
+ goto bail_out;
+ }
+
+- if (EVP_DecryptFinal_ex(&ctx,
++ if (EVP_DecryptFinal_ex(ctx,
+ (unsigned char*)string_get(decrypted)+string_length(decrypted),
+ &decryptdone)) {
+ /* TODO: need cleaner way: */
+@@ -226,7 +242,8 @@ crypto_aes_decrypt(struct string *ciphertext, struct string *aes_key, struct str
+ retval = true;
+
+ bail_out:
+- EVP_CIPHER_CTX_cleanup(&ctx);
++ if (ctx)
++ EVP_CIPHER_CTX_free(ctx);
+ return retval;
+ }
+
projects / feed / packages.git / commitdiff