1 From c794bbd16d2f39c656478608eb1314055e877370 Mon Sep 17 00:00:00 2001
2 From: Eneas U de Queiroz <cote2004-github@yahoo.com>
3 Date: Sat, 26 May 2018 23:44:54 -0300
4 Subject: [PATCH] ibrdtnd: added openssl compatibility
6 This patch adds compatibility with openssl 1.1.0 to ibrdtnd.
8 Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
10 ibrdtn/daemon/src/security/exchange/DHProtocol.cpp | 36 ++++++++++---
11 ibrdtn/daemon/src/security/exchange/Makefile.am | 2 +
12 .../src/security/exchange/openssl_compat.cpp | 62 ++++++++++++++++++++++
13 .../daemon/src/security/exchange/openssl_compat.h | 13 +++++
14 4 files changed, 107 insertions(+), 6 deletions(-)
15 create mode 100644 ibrdtn/daemon/src/security/exchange/openssl_compat.cpp
16 create mode 100644 ibrdtn/daemon/src/security/exchange/openssl_compat.h
18 --- a/src/security/exchange/DHProtocol.cpp
19 +++ b/src/security/exchange/DHProtocol.cpp
22 #include <openssl/rand.h>
23 #include <openssl/pem.h>
24 +#include "openssl_compat.h"
26 #define DH_KEY_LENGTH 1024
28 @@ -132,6 +133,7 @@ namespace dtn
30 void DHProtocol::begin(KeyExchangeSession &session, KeyExchangeData &data)
32 + const BIGNUM *pub_key, *p, *g;
34 DHState &state = session.getState<DHState>();
36 @@ -159,9 +161,12 @@ namespace dtn
38 KeyExchangeData request(KeyExchangeData::REQUEST, session);
40 - write(request, state.dh->pub_key);
41 - write(request, state.dh->p);
42 - write(request, state.dh->g);
43 + DH_get0_pqg(state.dh, &p, NULL, &g);
44 + DH_get0_key(state.dh, &pub_key, NULL);
46 + write(request, pub_key);
50 manager.submit(session, request);
52 @@ -177,6 +182,15 @@ namespace dtn
54 if (data.getAction() == KeyExchangeData::REQUEST)
56 + BIGNUM *p = BN_new();
57 + BIGNUM *g = BN_new();
58 + if (p == NULL || g == NULL)
62 + throw ibrcommon::Exception("Error while allocating space for DH parameters");
65 BIGNUM* pub_key = BN_new();
68 @@ -184,8 +198,16 @@ namespace dtn
71 // read p and g paramter from message
72 - read(data, &state.dh->p);
73 - read(data, &state.dh->g);
77 + if (DH_set0_pqg(state.dh, p, NULL, g))
82 + throw ibrcommon::Exception("Error while setting DH parameters");
86 if (!DH_check(state.dh, &codes))
87 @@ -213,7 +235,9 @@ namespace dtn
88 state.secret.assign((const char*)secret, length);
90 KeyExchangeData response(KeyExchangeData::RESPONSE, session);
91 - write(response, state.dh->pub_key);
92 + const BIGNUM *state_dh_pub_key;
93 + DH_get0_key(state.dh, &state_dh_pub_key, NULL);
94 + write(response, state_dh_pub_key);
96 manager.submit(session, response);
98 --- a/src/security/exchange/Makefile.am
99 +++ b/src/security/exchange/Makefile.am
100 @@ -22,6 +22,8 @@ exchange_SOURCES += \
105 + openssl_compat.cpp \
110 +++ b/src/security/exchange/openssl_compat.cpp
113 + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
115 + * Licensed under the OpenSSL license (the "License"). You may not use
116 + * this file except in compliance with the License. You can obtain a copy
117 + * in the file LICENSE in the source distribution or at
118 + * https://www.openssl.org/source/license.html
121 +#include "openssl_compat.h"
123 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
125 +void DH_get0_pqg(const DH *dh,
126 + const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
136 +int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
138 + /* If the fields p and g in d are NULL, the corresponding input
139 + * parameters MUST be non-NULL. q may remain NULL.
141 + if ((dh->p == NULL && p == NULL)
142 + || (dh->g == NULL && g == NULL))
159 + dh->length = BN_num_bits(q);
165 +void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
167 + if (pub_key != NULL)
168 + *pub_key = dh->pub_key;
169 + if (priv_key != NULL)
170 + *priv_key = dh->priv_key;
173 +#endif /* OPENSSL_VERSION_NUMBER */
175 +++ b/src/security/exchange/openssl_compat.h
177 +#ifndef LIBCRYPTO_COMPAT_H
178 +#define LIBCRYPTO_COMPAT_H
180 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
182 +#include <openssl/dh.h>
184 +void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
185 +int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
186 +void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key);
188 +#endif /* OPENSSL_VERSION_NUMBER */
189 +#endif /* LIBCRYPTO_COMPAT_H */