You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
163 lines
4.3 KiB
163 lines
4.3 KiB
Bug: https://bugs.gentoo.org/594998
|
|
Issue: https://github.com/rethinkdb/rethinkdb/issues/6336
|
|
Patch: https://git.alpinelinux.org/cgit/aports/tree/community/rethinkdb/libressl.patch?id=146fb0d67a1b861d5c776d97f533efe0bb26af7a
|
|
|
|
From d52a694a806c1a8b6dd4d7d17d0671a96240449a Mon Sep 17 00:00:00 2001
|
|
From: Natanael Copa <ncopa@alpinelinux.org>
|
|
Date: Wed, 4 Jan 2017 15:31:40 +0100
|
|
Subject: [PATCH] Improve OpenSSL compatibility
|
|
|
|
Refactor the conditionals for openssl 1.1 support so we avoid multiple
|
|
if/else and add a check for LibreSSL as well.
|
|
---
|
|
src/crypto/hash.cc | 13 +++++--------
|
|
src/crypto/hmac.cc | 34 ++++++++++++++++++----------------
|
|
src/crypto/initialization_guard.cc | 15 ++++++---------
|
|
3 files changed, 29 insertions(+), 33 deletions(-)
|
|
|
|
diff --git a/src/crypto/hash.cc b/src/crypto/hash.cc
|
|
index 4427dfddeb..e035f695fc 100644
|
|
--- a/src/crypto/hash.cc
|
|
+++ b/src/crypto/hash.cc
|
|
@@ -8,27 +8,24 @@
|
|
|
|
#include "crypto/error.hpp"
|
|
|
|
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
|
+#define EVP_MD_CTX_new EVP_MD_CTX_create
|
|
+#define EVP_MD_CTX_free EVP_MD_CTX_destroy
|
|
+#endif
|
|
+
|
|
namespace crypto {
|
|
|
|
class evp_md_ctx_wrapper_t {
|
|
public:
|
|
evp_md_ctx_wrapper_t() {
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
- m_evp_md_ctx = EVP_MD_CTX_create();
|
|
-#else
|
|
m_evp_md_ctx = EVP_MD_CTX_new();
|
|
-#endif
|
|
if (m_evp_md_ctx == nullptr) {
|
|
throw openssl_error_t(ERR_get_error());
|
|
}
|
|
}
|
|
|
|
~evp_md_ctx_wrapper_t() {
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
- EVP_MD_CTX_destroy(m_evp_md_ctx);
|
|
-#else
|
|
EVP_MD_CTX_free(m_evp_md_ctx);
|
|
-#endif
|
|
}
|
|
|
|
EVP_MD_CTX *get() {
|
|
diff --git a/src/crypto/hmac.cc b/src/crypto/hmac.cc
|
|
index 2ac4314e24..0e3f91a0c1 100644
|
|
--- a/src/crypto/hmac.cc
|
|
+++ b/src/crypto/hmac.cc
|
|
@@ -7,43 +7,45 @@
|
|
|
|
#include "crypto/error.hpp"
|
|
|
|
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
|
+
|
|
+inline HMAC_CTX *HMAC_CTX_new() {
|
|
+ HMAC_CTX *tmp = (HMAC_CTX *)OPENSSL_malloc(sizeof(HMAC_CTX));
|
|
+ if (tmp)
|
|
+ HMAC_CTX_init(tmp);
|
|
+ return tmp;
|
|
+}
|
|
+
|
|
+inline void HMAC_CTX_free(HMAC_CTX *ctx) {
|
|
+ if (ctx) {
|
|
+ HMAC_CTX_cleanup(ctx);
|
|
+ OPENSSL_free(ctx);
|
|
+ }
|
|
+}
|
|
+
|
|
+#endif
|
|
+
|
|
namespace crypto {
|
|
|
|
class hmac_ctx_wrapper_t {
|
|
public:
|
|
hmac_ctx_wrapper_t() {
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
- HMAC_CTX_init(&m_hmac_ctx);
|
|
-#else
|
|
m_hmac_ctx = HMAC_CTX_new();
|
|
if (m_hmac_ctx == nullptr) {
|
|
throw openssl_error_t(ERR_get_error());
|
|
}
|
|
-#endif
|
|
}
|
|
|
|
~hmac_ctx_wrapper_t() {
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
- HMAC_CTX_cleanup(&m_hmac_ctx);
|
|
-#else
|
|
HMAC_CTX_free(m_hmac_ctx);
|
|
-#endif
|
|
}
|
|
|
|
HMAC_CTX *get() {
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
- return &m_hmac_ctx;
|
|
-#else
|
|
return m_hmac_ctx;
|
|
-#endif
|
|
}
|
|
|
|
private:
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
- HMAC_CTX m_hmac_ctx;
|
|
-#else
|
|
HMAC_CTX *m_hmac_ctx;
|
|
-#endif
|
|
};
|
|
|
|
std::array<unsigned char, SHA256_DIGEST_LENGTH> detail::hmac_sha256(
|
|
diff --git a/src/crypto/initialization_guard.cc b/src/crypto/initialization_guard.cc
|
|
index ba0503efc6..f76ffd96da 100644
|
|
--- a/src/crypto/initialization_guard.cc
|
|
+++ b/src/crypto/initialization_guard.cc
|
|
@@ -14,16 +14,17 @@
|
|
#include "arch/io/concurrency.hpp"
|
|
#include "arch/runtime/runtime.hpp"
|
|
|
|
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
|
+#define OPENSSL_init_ssl(x, y) SSL_library_init()
|
|
+#define OPENSSL_init_crypto(x, y) SSL_load_error_strings()
|
|
+#define OPENSSL_cleanup ERR_free_strings
|
|
+#endif
|
|
+
|
|
namespace crypto {
|
|
|
|
initialization_guard_t::initialization_guard_t() {
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
- SSL_library_init();
|
|
- SSL_load_error_strings();
|
|
-#else
|
|
OPENSSL_init_ssl(0, nullptr);
|
|
OPENSSL_init_crypto(0, nullptr);
|
|
-#endif
|
|
|
|
// Make OpenSSL thread-safe by registering the required callbacks
|
|
CRYPTO_THREADID_set_callback([](CRYPTO_THREADID *thread_out) {
|
|
@@ -49,11 +50,7 @@ initialization_guard_t::initialization_guard_t() {
|
|
}
|
|
|
|
initialization_guard_t::~initialization_guard_t() {
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
- ERR_free_strings();
|
|
-#else
|
|
OPENSSL_cleanup();
|
|
-#endif
|
|
}
|
|
|
|
} // namespace crypto
|
|
--
|
|
2.11.0
|
|
|