1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
From 5c163e5063e01dfe94f73b2a3729c475cdd75467 Mon Sep 17 00:00:00 2001
From: Eneas U de Queiroz <cote2004-github@yahoo.com>
Date: Thu, 24 May 2018 23:15:12 -0300
Subject: [PATCH] Openssl 1.1 support
This adds openssl 1.1.0 support.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
---
lib/ssl_openssl.c | 24 +++++++++++++++---------
1 file changed, 15 insertions(+), 9 deletions(-)
diff --git a/lib/ssl_openssl.c b/lib/ssl_openssl.c
index 2f668da2..16e05a94 100644
--- a/lib/ssl_openssl.c
+++ b/lib/ssl_openssl.c
@@ -64,11 +64,17 @@ void ssl_init(void)
{
const SSL_METHOD *meth;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
SSL_library_init();
meth = SSLv23_client_method();
ssl_ctx = SSL_CTX_new(meth);
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
+#else
+ meth = TLS_client_method();
+ ssl_ctx = SSL_CTX_new(meth);
+ SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_VERSION);
+#endif
initialized = TRUE;
}
@@ -300,20 +306,20 @@ size_t ssl_des3_encrypt(const unsigned char *key, size_t key_len, const unsigned
const unsigned char *iv, unsigned char **res)
{
int output_length = 0;
- EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX *ctx;
*res = g_new0(unsigned char, 72);
/* Don't set key or IV because we will modify the parameters */
- EVP_CIPHER_CTX_init(&ctx);
- EVP_CipherInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, NULL, NULL, 1);
- EVP_CIPHER_CTX_set_key_length(&ctx, key_len);
- EVP_CIPHER_CTX_set_padding(&ctx, 0);
+ ctx = EVP_CIPHER_CTX_new();
+ EVP_CipherInit_ex(ctx, EVP_des_ede3_cbc(), NULL, NULL, NULL, 1);
+ EVP_CIPHER_CTX_set_key_length(ctx, key_len);
+ EVP_CIPHER_CTX_set_padding(ctx, 0);
/* We finished modifying parameters so now we can set key and IV */
- EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, 1);
- EVP_CipherUpdate(&ctx, *res, &output_length, input, input_len);
- EVP_CipherFinal_ex(&ctx, *res, &output_length);
- EVP_CIPHER_CTX_cleanup(&ctx);
+ EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1);
+ EVP_CipherUpdate(ctx, *res, &output_length, input, input_len);
+ EVP_CipherFinal_ex(ctx, *res, &output_length);
+ EVP_CIPHER_CTX_free(ctx);
//EVP_cleanup();
return output_length;
|
