mirror of
https://git.freebsd.org/ports.git
synced 2025-05-27 16:36:28 -04:00
33ee03fa1f
The OpenSSL 1.1.1 support added in ports r483489 was incomplete and leads to segfaults and build failures in consumers [1,2]. Amend the patch to actually allocate some memory. While here hook up the test suite. [1] http://beefy11.nyi.freebsd.org/data/head-i386-default/p483632_s339979/logs/bundy-0.20170618_10.log [2] http://beefy11.nyi.freebsd.org/data/head-i386-default/p483632_s339979/logs/monotone-1.1_13.log PR: 229030 Approved by: lapo@lapo.it (maintainer timeout, 2 weeks) Pointy hat: fluffy
262 lines
8.4 KiB
Text
262 lines
8.4 KiB
Text
--- src/engine/openssl/ossl_bc.cpp.orig 2017-10-02 06:00:00 UTC
|
|
+++ src/engine/openssl/ossl_bc.cpp
|
|
@@ -8,10 +8,6 @@
|
|
#include <botan/internal/openssl_engine.h>
|
|
#include <openssl/evp.h>
|
|
|
|
-#if OPENSSL_VERSION_NUMBER >= 0x10100000
|
|
- #error "OpenSSL 1.1 API not supported in Botan 1.10, upgrade to 2.x"
|
|
-#endif
|
|
-
|
|
namespace Botan {
|
|
|
|
namespace {
|
|
@@ -44,7 +40,7 @@ class EVP_BlockCipher : public BlockCipher
|
|
size_t block_sz;
|
|
Key_Length_Specification cipher_key_spec;
|
|
std::string cipher_name;
|
|
- mutable EVP_CIPHER_CTX encrypt, decrypt;
|
|
+ mutable EVP_CIPHER_CTX *encrypt, *decrypt;
|
|
};
|
|
|
|
/*
|
|
@@ -59,14 +55,15 @@ EVP_BlockCipher::EVP_BlockCipher(const EVP_CIPHER* alg
|
|
if(EVP_CIPHER_mode(algo) != EVP_CIPH_ECB_MODE)
|
|
throw Invalid_Argument("EVP_BlockCipher: Non-ECB EVP was passed in");
|
|
|
|
- EVP_CIPHER_CTX_init(&encrypt);
|
|
- EVP_CIPHER_CTX_init(&decrypt);
|
|
+ if ((encrypt = EVP_CIPHER_CTX_new()) == NULL)
|
|
+ throw Invalid_Argument("EVP_BlockCipher: EVP_CIPHER_CTX_new failed");
|
|
+ EVP_EncryptInit_ex(encrypt, algo, 0, 0, 0);
|
|
+ EVP_CIPHER_CTX_set_padding(encrypt, 0);
|
|
|
|
- EVP_EncryptInit_ex(&encrypt, algo, 0, 0, 0);
|
|
- EVP_DecryptInit_ex(&decrypt, algo, 0, 0, 0);
|
|
-
|
|
- EVP_CIPHER_CTX_set_padding(&encrypt, 0);
|
|
- EVP_CIPHER_CTX_set_padding(&decrypt, 0);
|
|
+ if ((decrypt = EVP_CIPHER_CTX_new()) == NULL)
|
|
+ throw Invalid_Argument("EVP_BlockCipher: EVP_CIPHER_CTX_new failed");
|
|
+ EVP_DecryptInit_ex(decrypt, algo, 0, 0, 0);
|
|
+ EVP_CIPHER_CTX_set_padding(decrypt, 0);
|
|
}
|
|
|
|
/*
|
|
@@ -83,14 +80,15 @@ EVP_BlockCipher::EVP_BlockCipher(const EVP_CIPHER* alg
|
|
if(EVP_CIPHER_mode(algo) != EVP_CIPH_ECB_MODE)
|
|
throw Invalid_Argument("EVP_BlockCipher: Non-ECB EVP was passed in");
|
|
|
|
- EVP_CIPHER_CTX_init(&encrypt);
|
|
- EVP_CIPHER_CTX_init(&decrypt);
|
|
+ if ((encrypt = EVP_CIPHER_CTX_new()) == NULL)
|
|
+ throw Invalid_Argument("EVP_BlockCipher: EVP_CIPHER_CTX_new failed");
|
|
+ EVP_EncryptInit_ex(encrypt, algo, 0, 0, 0);
|
|
+ EVP_CIPHER_CTX_set_padding(encrypt, 0);
|
|
|
|
- EVP_EncryptInit_ex(&encrypt, algo, 0, 0, 0);
|
|
- EVP_DecryptInit_ex(&decrypt, algo, 0, 0, 0);
|
|
-
|
|
- EVP_CIPHER_CTX_set_padding(&encrypt, 0);
|
|
- EVP_CIPHER_CTX_set_padding(&decrypt, 0);
|
|
+ if ((decrypt = EVP_CIPHER_CTX_new()) == NULL)
|
|
+ throw Invalid_Argument("EVP_BlockCipher: EVP_CIPHER_CTX_new failed");
|
|
+ EVP_DecryptInit_ex(decrypt, algo, 0, 0, 0);
|
|
+ EVP_CIPHER_CTX_set_padding(decrypt, 0);
|
|
}
|
|
|
|
/*
|
|
@@ -98,8 +96,8 @@ EVP_BlockCipher::EVP_BlockCipher(const EVP_CIPHER* alg
|
|
*/
|
|
EVP_BlockCipher::~EVP_BlockCipher()
|
|
{
|
|
- EVP_CIPHER_CTX_cleanup(&encrypt);
|
|
- EVP_CIPHER_CTX_cleanup(&decrypt);
|
|
+ EVP_CIPHER_CTX_cleanup(encrypt);
|
|
+ EVP_CIPHER_CTX_cleanup(decrypt);
|
|
}
|
|
|
|
/*
|
|
@@ -109,7 +107,7 @@ void EVP_BlockCipher::encrypt_n(const byte in[], byte
|
|
size_t blocks) const
|
|
{
|
|
int out_len = 0;
|
|
- EVP_EncryptUpdate(&encrypt, out, &out_len, in, blocks * block_sz);
|
|
+ EVP_EncryptUpdate(encrypt, out, &out_len, in, blocks * block_sz);
|
|
}
|
|
|
|
/*
|
|
@@ -119,7 +117,7 @@ void EVP_BlockCipher::decrypt_n(const byte in[], byte
|
|
size_t blocks) const
|
|
{
|
|
int out_len = 0;
|
|
- EVP_DecryptUpdate(&decrypt, out, &out_len, in, blocks * block_sz);
|
|
+ EVP_DecryptUpdate(decrypt, out, &out_len, in, blocks * block_sz);
|
|
}
|
|
|
|
/*
|
|
@@ -134,19 +132,19 @@ void EVP_BlockCipher::key_schedule(const byte key[], s
|
|
full_key += std::make_pair(key, 8);
|
|
}
|
|
else
|
|
- if(EVP_CIPHER_CTX_set_key_length(&encrypt, length) == 0 ||
|
|
- EVP_CIPHER_CTX_set_key_length(&decrypt, length) == 0)
|
|
+ if(EVP_CIPHER_CTX_set_key_length(encrypt, length) == 0 ||
|
|
+ EVP_CIPHER_CTX_set_key_length(decrypt, length) == 0)
|
|
throw Invalid_Argument("EVP_BlockCipher: Bad key length for " +
|
|
cipher_name);
|
|
|
|
if(cipher_name == "RC2")
|
|
{
|
|
- EVP_CIPHER_CTX_ctrl(&encrypt, EVP_CTRL_SET_RC2_KEY_BITS, length*8, 0);
|
|
- EVP_CIPHER_CTX_ctrl(&decrypt, EVP_CTRL_SET_RC2_KEY_BITS, length*8, 0);
|
|
+ EVP_CIPHER_CTX_ctrl(encrypt, EVP_CTRL_SET_RC2_KEY_BITS, length*8, 0);
|
|
+ EVP_CIPHER_CTX_ctrl(decrypt, EVP_CTRL_SET_RC2_KEY_BITS, length*8, 0);
|
|
}
|
|
|
|
- EVP_EncryptInit_ex(&encrypt, 0, 0, full_key.begin(), 0);
|
|
- EVP_DecryptInit_ex(&decrypt, 0, 0, full_key.begin(), 0);
|
|
+ EVP_EncryptInit_ex(encrypt, 0, 0, full_key.begin(), 0);
|
|
+ EVP_DecryptInit_ex(decrypt, 0, 0, full_key.begin(), 0);
|
|
}
|
|
|
|
/*
|
|
@@ -154,7 +152,7 @@ void EVP_BlockCipher::key_schedule(const byte key[], s
|
|
*/
|
|
BlockCipher* EVP_BlockCipher::clone() const
|
|
{
|
|
- return new EVP_BlockCipher(EVP_CIPHER_CTX_cipher(&encrypt),
|
|
+ return new EVP_BlockCipher(EVP_CIPHER_CTX_cipher(encrypt),
|
|
cipher_name,
|
|
cipher_key_spec.minimum_keylength(),
|
|
cipher_key_spec.maximum_keylength(),
|
|
@@ -166,16 +164,16 @@ BlockCipher* EVP_BlockCipher::clone() const
|
|
*/
|
|
void EVP_BlockCipher::clear()
|
|
{
|
|
- const EVP_CIPHER* algo = EVP_CIPHER_CTX_cipher(&encrypt);
|
|
+ const EVP_CIPHER* algo = EVP_CIPHER_CTX_cipher(encrypt);
|
|
|
|
- EVP_CIPHER_CTX_cleanup(&encrypt);
|
|
- EVP_CIPHER_CTX_cleanup(&decrypt);
|
|
- EVP_CIPHER_CTX_init(&encrypt);
|
|
- EVP_CIPHER_CTX_init(&decrypt);
|
|
- EVP_EncryptInit_ex(&encrypt, algo, 0, 0, 0);
|
|
- EVP_DecryptInit_ex(&decrypt, algo, 0, 0, 0);
|
|
- EVP_CIPHER_CTX_set_padding(&encrypt, 0);
|
|
- EVP_CIPHER_CTX_set_padding(&decrypt, 0);
|
|
+ EVP_CIPHER_CTX_cleanup(encrypt);
|
|
+ EVP_CIPHER_CTX_cleanup(decrypt);
|
|
+ EVP_CIPHER_CTX_init(encrypt);
|
|
+ EVP_CIPHER_CTX_init(decrypt);
|
|
+ EVP_EncryptInit_ex(encrypt, algo, 0, 0, 0);
|
|
+ EVP_DecryptInit_ex(decrypt, algo, 0, 0, 0);
|
|
+ EVP_CIPHER_CTX_set_padding(encrypt, 0);
|
|
+ EVP_CIPHER_CTX_set_padding(decrypt, 0);
|
|
}
|
|
|
|
}
|
|
--- src/engine/openssl/ossl_md.cpp.orig 2017-10-02 06:00:00 UTC
|
|
+++ src/engine/openssl/ossl_md.cpp
|
|
@@ -8,10 +8,6 @@
|
|
#include <botan/internal/openssl_engine.h>
|
|
#include <openssl/evp.h>
|
|
|
|
-#if OPENSSL_VERSION_NUMBER >= 0x10100000
|
|
- #error "OpenSSL 1.1 API not supported in Botan 1.10, upgrade to 2.x"
|
|
-#endif
|
|
-
|
|
namespace Botan {
|
|
|
|
namespace {
|
|
@@ -28,12 +24,12 @@ class EVP_HashFunction : public HashFunction
|
|
|
|
size_t output_length() const
|
|
{
|
|
- return EVP_MD_size(EVP_MD_CTX_md(&md));
|
|
+ return EVP_MD_size(EVP_MD_CTX_md(md));
|
|
}
|
|
|
|
size_t hash_block_size() const
|
|
{
|
|
- return EVP_MD_block_size(EVP_MD_CTX_md(&md));
|
|
+ return EVP_MD_block_size(EVP_MD_CTX_md(md));
|
|
}
|
|
|
|
EVP_HashFunction(const EVP_MD*, const std::string&);
|
|
@@ -44,7 +40,7 @@ class EVP_HashFunction : public HashFunction
|
|
|
|
size_t block_size;
|
|
std::string algo_name;
|
|
- EVP_MD_CTX md;
|
|
+ EVP_MD_CTX *md;
|
|
};
|
|
|
|
/*
|
|
@@ -52,7 +48,7 @@ class EVP_HashFunction : public HashFunction
|
|
*/
|
|
void EVP_HashFunction::add_data(const byte input[], size_t length)
|
|
{
|
|
- EVP_DigestUpdate(&md, input, length);
|
|
+ EVP_DigestUpdate(md, input, length);
|
|
}
|
|
|
|
/*
|
|
@@ -60,9 +56,9 @@ void EVP_HashFunction::add_data(const byte input[], si
|
|
*/
|
|
void EVP_HashFunction::final_result(byte output[])
|
|
{
|
|
- EVP_DigestFinal_ex(&md, output, 0);
|
|
- const EVP_MD* algo = EVP_MD_CTX_md(&md);
|
|
- EVP_DigestInit_ex(&md, algo, 0);
|
|
+ EVP_DigestFinal_ex(md, output, 0);
|
|
+ const EVP_MD* algo = EVP_MD_CTX_md(md);
|
|
+ EVP_DigestInit_ex(md, algo, 0);
|
|
}
|
|
|
|
/*
|
|
@@ -70,8 +66,8 @@ void EVP_HashFunction::final_result(byte output[])
|
|
*/
|
|
void EVP_HashFunction::clear()
|
|
{
|
|
- const EVP_MD* algo = EVP_MD_CTX_md(&md);
|
|
- EVP_DigestInit_ex(&md, algo, 0);
|
|
+ const EVP_MD* algo = EVP_MD_CTX_md(md);
|
|
+ EVP_DigestInit_ex(md, algo, 0);
|
|
}
|
|
|
|
/*
|
|
@@ -79,7 +75,7 @@ void EVP_HashFunction::clear()
|
|
*/
|
|
HashFunction* EVP_HashFunction::clone() const
|
|
{
|
|
- const EVP_MD* algo = EVP_MD_CTX_md(&md);
|
|
+ const EVP_MD* algo = EVP_MD_CTX_md(md);
|
|
return new EVP_HashFunction(algo, name());
|
|
}
|
|
|
|
@@ -90,8 +86,9 @@ EVP_HashFunction::EVP_HashFunction(const EVP_MD* algo,
|
|
const std::string& name) :
|
|
algo_name(name)
|
|
{
|
|
- EVP_MD_CTX_init(&md);
|
|
- EVP_DigestInit_ex(&md, algo, 0);
|
|
+ if ((md = EVP_MD_CTX_new()) == NULL)
|
|
+ throw Invalid_Argument("EVP_HashFunction: EVP_MD_CTX_new failed");
|
|
+ EVP_DigestInit_ex(md, algo, 0);
|
|
}
|
|
|
|
/*
|
|
@@ -99,7 +96,11 @@ EVP_HashFunction::EVP_HashFunction(const EVP_MD* algo,
|
|
*/
|
|
EVP_HashFunction::~EVP_HashFunction()
|
|
{
|
|
- EVP_MD_CTX_cleanup(&md);
|
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000
|
|
+ EVP_MD_CTX_free(md);
|
|
+#else
|
|
+ EVP_MD_CTX_cleanup(md);
|
|
+#endif
|
|
}
|
|
|
|
}
|