1 From 6f23daea4391c2db8bc27d2e4cb42eac02368822 Mon Sep 17 00:00:00 2001
2 From: Brad King <brad.king@kitware.com>
3 Date: Thu, 17 Nov 2016 15:44:44 -0500
4 Subject: [PATCH] libarchive: Add support for building with OpenSSL 1.1
6 OpenSSL 1.1 made some CTX structures opaque. Port our code to use the
7 structures only through pointers via OpenSSL 1.1 APIs. Use our adaption
8 layer to make this work with OpenSSL 1.0 and below.
10 Patch-by: Tomas Mraz <tmraz@redhat.com>
11 Patch-from: https://bugzilla.redhat.com/1383744
13 Utilities/cmlibarchive/libarchive/archive_cryptor.c | 9 +++++----
14 Utilities/cmlibarchive/libarchive/archive_cryptor_private.h | 2 +-
15 Utilities/cmlibarchive/libarchive/archive_digest.c | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------------
16 Utilities/cmlibarchive/libarchive/archive_digest_private.h | 12 ++++++------
17 Utilities/cmlibarchive/libarchive/archive_hmac.c | 14 ++++++++------
18 Utilities/cmlibarchive/libarchive/archive_hmac_private.h | 2 +-
19 6 files changed, 75 insertions(+), 38 deletions(-)
21 --- a/Utilities/cmlibarchive/libarchive/archive_cryptor.c
22 +++ b/Utilities/cmlibarchive/libarchive/archive_cryptor.c
23 @@ -302,6 +302,7 @@ aes_ctr_release(archive_crypto_ctx *ctx)
25 aes_ctr_init(archive_crypto_ctx *ctx, const uint8_t *key, size_t key_len)
27 + ctx->ctx = EVP_CIPHER_CTX_new();
30 case 16: ctx->type = EVP_aes_128_ecb(); break;
31 @@ -314,7 +315,7 @@ aes_ctr_init(archive_crypto_ctx *ctx, co
32 memcpy(ctx->key, key, key_len);
33 memset(ctx->nonce, 0, sizeof(ctx->nonce));
34 ctx->encr_pos = AES_BLOCK_SIZE;
35 - EVP_CIPHER_CTX_init(&ctx->ctx);
36 + EVP_CIPHER_CTX_init(ctx->ctx);
40 @@ -324,10 +325,10 @@ aes_ctr_encrypt_counter(archive_crypto_c
44 - r = EVP_EncryptInit_ex(&ctx->ctx, ctx->type, NULL, ctx->key, NULL);
45 + r = EVP_EncryptInit_ex(ctx->ctx, ctx->type, NULL, ctx->key, NULL);
48 - r = EVP_EncryptUpdate(&ctx->ctx, ctx->encr_buf, &outl, ctx->nonce,
49 + r = EVP_EncryptUpdate(ctx->ctx, ctx->encr_buf, &outl, ctx->nonce,
51 if (r == 0 || outl != AES_BLOCK_SIZE)
53 @@ -337,7 +338,7 @@ aes_ctr_encrypt_counter(archive_crypto_c
55 aes_ctr_release(archive_crypto_ctx *ctx)
57 - EVP_CIPHER_CTX_cleanup(&ctx->ctx);
58 + EVP_CIPHER_CTX_free(ctx->ctx);
59 memset(ctx->key, 0, ctx->key_len);
60 memset(ctx->nonce, 0, sizeof(ctx->nonce));
62 --- a/Utilities/cmlibarchive/libarchive/archive_cryptor_private.h
63 +++ b/Utilities/cmlibarchive/libarchive/archive_cryptor_private.h
64 @@ -104,7 +104,7 @@ typedef struct {
65 #define AES_MAX_KEY_SIZE 32
69 + EVP_CIPHER_CTX *ctx;
70 const EVP_CIPHER *type;
71 uint8_t key[AES_MAX_KEY_SIZE];
73 --- a/Utilities/cmlibarchive/libarchive/archive_digest.c
74 +++ b/Utilities/cmlibarchive/libarchive/archive_digest.c
75 @@ -207,7 +207,9 @@ __archive_nettle_md5final(archive_md5_ct
77 __archive_openssl_md5init(archive_md5_ctx *ctx)
79 - EVP_DigestInit(ctx, EVP_md5());
80 + if ((*ctx = EVP_MD_CTX_new()) == NULL)
81 + return (ARCHIVE_FAILED);
82 + EVP_DigestInit(*ctx, EVP_md5());
86 @@ -215,7 +217,7 @@ static int
87 __archive_openssl_md5update(archive_md5_ctx *ctx, const void *indata,
90 - EVP_DigestUpdate(ctx, indata, insize);
91 + EVP_DigestUpdate(*ctx, indata, insize);
95 @@ -226,8 +228,11 @@ __archive_openssl_md5final(archive_md5_c
96 * this is meant to cope with that. Real fix is probably to fix
97 * archive_write_set_format_xar.c
100 - EVP_DigestFinal(ctx, md, NULL);
102 + EVP_DigestFinal(*ctx, md, NULL);
103 + EVP_MD_CTX_free(*ctx);
109 @@ -359,7 +364,9 @@ __archive_nettle_ripemd160final(archive_
111 __archive_openssl_ripemd160init(archive_rmd160_ctx *ctx)
113 - EVP_DigestInit(ctx, EVP_ripemd160());
114 + if ((*ctx = EVP_MD_CTX_new()) == NULL)
115 + return (ARCHIVE_FAILED);
116 + EVP_DigestInit(*ctx, EVP_ripemd160());
120 @@ -367,14 +374,18 @@ static int
121 __archive_openssl_ripemd160update(archive_rmd160_ctx *ctx, const void *indata,
124 - EVP_DigestUpdate(ctx, indata, insize);
125 + EVP_DigestUpdate(*ctx, indata, insize);
130 __archive_openssl_ripemd160final(archive_rmd160_ctx *ctx, void *md)
132 - EVP_DigestFinal(ctx, md, NULL);
134 + EVP_DigestFinal(*ctx, md, NULL);
135 + EVP_MD_CTX_free(*ctx);
141 @@ -509,7 +520,9 @@ __archive_nettle_sha1final(archive_sha1_
143 __archive_openssl_sha1init(archive_sha1_ctx *ctx)
145 - EVP_DigestInit(ctx, EVP_sha1());
146 + if ((*ctx = EVP_MD_CTX_new()) == NULL)
147 + return (ARCHIVE_FAILED);
148 + EVP_DigestInit(*ctx, EVP_sha1());
152 @@ -517,7 +530,7 @@ static int
153 __archive_openssl_sha1update(archive_sha1_ctx *ctx, const void *indata,
156 - EVP_DigestUpdate(ctx, indata, insize);
157 + EVP_DigestUpdate(*ctx, indata, insize);
161 @@ -528,8 +541,11 @@ __archive_openssl_sha1final(archive_sha1
162 * this is meant to cope with that. Real fix is probably to fix
163 * archive_write_set_format_xar.c
166 - EVP_DigestFinal(ctx, md, NULL);
168 + EVP_DigestFinal(*ctx, md, NULL);
169 + EVP_MD_CTX_free(*ctx);
175 @@ -733,7 +749,9 @@ __archive_nettle_sha256final(archive_sha
177 __archive_openssl_sha256init(archive_sha256_ctx *ctx)
179 - EVP_DigestInit(ctx, EVP_sha256());
180 + if ((*ctx = EVP_MD_CTX_new()) == NULL)
181 + return (ARCHIVE_FAILED);
182 + EVP_DigestInit(*ctx, EVP_sha256());
186 @@ -741,14 +759,18 @@ static int
187 __archive_openssl_sha256update(archive_sha256_ctx *ctx, const void *indata,
190 - EVP_DigestUpdate(ctx, indata, insize);
191 + EVP_DigestUpdate(*ctx, indata, insize);
196 __archive_openssl_sha256final(archive_sha256_ctx *ctx, void *md)
198 - EVP_DigestFinal(ctx, md, NULL);
200 + EVP_DigestFinal(*ctx, md, NULL);
201 + EVP_MD_CTX_free(*ctx);
207 @@ -928,7 +950,9 @@ __archive_nettle_sha384final(archive_sha
209 __archive_openssl_sha384init(archive_sha384_ctx *ctx)
211 - EVP_DigestInit(ctx, EVP_sha384());
212 + if ((*ctx = EVP_MD_CTX_new()) == NULL)
213 + return (ARCHIVE_FAILED);
214 + EVP_DigestInit(*ctx, EVP_sha384());
218 @@ -936,14 +960,18 @@ static int
219 __archive_openssl_sha384update(archive_sha384_ctx *ctx, const void *indata,
222 - EVP_DigestUpdate(ctx, indata, insize);
223 + EVP_DigestUpdate(*ctx, indata, insize);
228 __archive_openssl_sha384final(archive_sha384_ctx *ctx, void *md)
230 - EVP_DigestFinal(ctx, md, NULL);
232 + EVP_DigestFinal(*ctx, md, NULL);
233 + EVP_MD_CTX_free(*ctx);
239 @@ -1147,7 +1175,9 @@ __archive_nettle_sha512final(archive_sha
241 __archive_openssl_sha512init(archive_sha512_ctx *ctx)
243 - EVP_DigestInit(ctx, EVP_sha512());
244 + if ((*ctx = EVP_MD_CTX_new()) == NULL)
245 + return (ARCHIVE_FAILED);
246 + EVP_DigestInit(*ctx, EVP_sha512());
250 @@ -1155,14 +1185,18 @@ static int
251 __archive_openssl_sha512update(archive_sha512_ctx *ctx, const void *indata,
254 - EVP_DigestUpdate(ctx, indata, insize);
255 + EVP_DigestUpdate(*ctx, indata, insize);
260 __archive_openssl_sha512final(archive_sha512_ctx *ctx, void *md)
262 - EVP_DigestFinal(ctx, md, NULL);
264 + EVP_DigestFinal(*ctx, md, NULL);
265 + EVP_MD_CTX_free(*ctx);
271 --- a/Utilities/cmlibarchive/libarchive/archive_digest_private.h
272 +++ b/Utilities/cmlibarchive/libarchive/archive_digest_private.h
273 @@ -161,7 +161,7 @@ typedef CC_MD5_CTX archive_md5_ctx;
274 #elif defined(ARCHIVE_CRYPTO_MD5_NETTLE)
275 typedef struct md5_ctx archive_md5_ctx;
276 #elif defined(ARCHIVE_CRYPTO_MD5_OPENSSL)
277 -typedef EVP_MD_CTX archive_md5_ctx;
278 +typedef EVP_MD_CTX *archive_md5_ctx;
279 #elif defined(ARCHIVE_CRYPTO_MD5_WIN)
280 typedef Digest_CTX archive_md5_ctx;
282 @@ -175,7 +175,7 @@ typedef RIPEMD160_CTX archive_rmd160_ctx
283 #elif defined(ARCHIVE_CRYPTO_RMD160_NETTLE)
284 typedef struct ripemd160_ctx archive_rmd160_ctx;
285 #elif defined(ARCHIVE_CRYPTO_RMD160_OPENSSL)
286 -typedef EVP_MD_CTX archive_rmd160_ctx;
287 +typedef EVP_MD_CTX *archive_rmd160_ctx;
289 typedef unsigned char archive_rmd160_ctx;
291 @@ -189,7 +189,7 @@ typedef CC_SHA1_CTX archive_sha1_ctx;
292 #elif defined(ARCHIVE_CRYPTO_SHA1_NETTLE)
293 typedef struct sha1_ctx archive_sha1_ctx;
294 #elif defined(ARCHIVE_CRYPTO_SHA1_OPENSSL)
295 -typedef EVP_MD_CTX archive_sha1_ctx;
296 +typedef EVP_MD_CTX *archive_sha1_ctx;
297 #elif defined(ARCHIVE_CRYPTO_SHA1_WIN)
298 typedef Digest_CTX archive_sha1_ctx;
300 @@ -209,7 +209,7 @@ typedef CC_SHA256_CTX archive_sha256_ctx
301 #elif defined(ARCHIVE_CRYPTO_SHA256_NETTLE)
302 typedef struct sha256_ctx archive_sha256_ctx;
303 #elif defined(ARCHIVE_CRYPTO_SHA256_OPENSSL)
304 -typedef EVP_MD_CTX archive_sha256_ctx;
305 +typedef EVP_MD_CTX *archive_sha256_ctx;
306 #elif defined(ARCHIVE_CRYPTO_SHA256_WIN)
307 typedef Digest_CTX archive_sha256_ctx;
309 @@ -227,7 +227,7 @@ typedef CC_SHA512_CTX archive_sha384_ctx
310 #elif defined(ARCHIVE_CRYPTO_SHA384_NETTLE)
311 typedef struct sha384_ctx archive_sha384_ctx;
312 #elif defined(ARCHIVE_CRYPTO_SHA384_OPENSSL)
313 -typedef EVP_MD_CTX archive_sha384_ctx;
314 +typedef EVP_MD_CTX *archive_sha384_ctx;
315 #elif defined(ARCHIVE_CRYPTO_SHA384_WIN)
316 typedef Digest_CTX archive_sha384_ctx;
318 @@ -247,7 +247,7 @@ typedef CC_SHA512_CTX archive_sha512_ctx
319 #elif defined(ARCHIVE_CRYPTO_SHA512_NETTLE)
320 typedef struct sha512_ctx archive_sha512_ctx;
321 #elif defined(ARCHIVE_CRYPTO_SHA512_OPENSSL)
322 -typedef EVP_MD_CTX archive_sha512_ctx;
323 +typedef EVP_MD_CTX *archive_sha512_ctx;
324 #elif defined(ARCHIVE_CRYPTO_SHA512_WIN)
325 typedef Digest_CTX archive_sha512_ctx;
327 --- a/Utilities/cmlibarchive/libarchive/archive_hmac.c
328 +++ b/Utilities/cmlibarchive/libarchive/archive_hmac.c
329 @@ -176,8 +176,10 @@ __hmac_sha1_cleanup(archive_hmac_sha1_ct
331 __hmac_sha1_init(archive_hmac_sha1_ctx *ctx, const uint8_t *key, size_t key_len)
333 - HMAC_CTX_init(ctx);
334 - HMAC_Init(ctx, key, key_len, EVP_sha1());
335 + *ctx = HMAC_CTX_new();
338 + HMAC_Init_ex(*ctx, key, key_len, EVP_sha1(), NULL);
342 @@ -185,22 +187,22 @@ static void
343 __hmac_sha1_update(archive_hmac_sha1_ctx *ctx, const uint8_t *data,
346 - HMAC_Update(ctx, data, data_len);
347 + HMAC_Update(*ctx, data, data_len);
351 __hmac_sha1_final(archive_hmac_sha1_ctx *ctx, uint8_t *out, size_t *out_len)
353 unsigned int len = (unsigned int)*out_len;
354 - HMAC_Final(ctx, out, &len);
355 + HMAC_Final(*ctx, out, &len);
360 __hmac_sha1_cleanup(archive_hmac_sha1_ctx *ctx)
362 - HMAC_CTX_cleanup(ctx);
363 - memset(ctx, 0, sizeof(*ctx));
364 + HMAC_CTX_free(*ctx);
369 --- a/Utilities/cmlibarchive/libarchive/archive_hmac_private.h
370 +++ b/Utilities/cmlibarchive/libarchive/archive_hmac_private.h
371 @@ -72,7 +72,7 @@ typedef struct hmac_sha1_ctx archive_hma
372 #elif defined(HAVE_LIBCRYPTO)
373 #include "archive_openssl_hmac_private.h"
375 -typedef HMAC_CTX archive_hmac_sha1_ctx;
376 +typedef HMAC_CTX* archive_hmac_sha1_ctx;