testing/yafic/openssl-1.1.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136

diff --git a/crypto.c b/crypto.c
index 43f62ae..8d7f3c4 100644
--- a/crypto.c
+++ b/crypto.c
@@ -100,7 +100,7 @@ void
 SignFile (int fd, const char *filename, const char *sigfile)
 {
   const EVP_MD *mdType;
-  EVP_MD_CTX ctx;
+  EVP_MD_CTX *ctx;
   ssize_t len;
   unsigned char *sig = NULL;
   unsigned int sigLen;
@@ -111,8 +111,7 @@ SignFile (int fd, const char *filename, const char *sigfile)
   if (!pkey)
     return;
 
-  mdType = EVP_PKEY_type (pkey->type) == EVP_PKEY_DSA ? EVP_dss1 () :
-    EVP_sha1 ();
+  mdType = EVP_sha1 ();
 
   if (!sigfile) {
     int tlen = strlen (filename) + 4 + 1;
@@ -122,11 +121,9 @@ SignFile (int fd, const char *filename, const char *sigfile)
     sigfile = tsigfile;
   }
 
-#ifdef HAVE_EVP_MD_CTX_INIT
-  EVP_MD_CTX_init (&ctx);
-#endif
+  ctx = EVP_MD_CTX_new();
 #ifdef EVP_DIGESTINIT_VOID
-  EVP_SignInit (&ctx, mdType);
+  EVP_SignInit (ctx, mdType);
 #else
   if (!EVP_SignInit (&ctx, mdType))
     opensslError ("EVP_SignInit");
@@ -134,7 +131,7 @@ SignFile (int fd, const char *filename, const char *sigfile)
 
   while ((len = read (fd, HashBuffer, HASH_BUFFER_SIZE)) > 0) {
 #ifdef EVP_DIGESTINIT_VOID
-    EVP_SignUpdate (&ctx, HashBuffer, len);
+    EVP_SignUpdate (ctx, HashBuffer, len);
 #else
     if (!EVP_SignUpdate (&ctx, HashBuffer, len))
       opensslError ("EVP_SignUpdate");
@@ -146,7 +143,7 @@ SignFile (int fd, const char *filename, const char *sigfile)
 
   sig = mymalloc (EVP_PKEY_size (pkey));
 
-  if (EVP_SignFinal (&ctx, sig, &sigLen, pkey)) {
+  if (EVP_SignFinal (ctx, sig, &sigLen, pkey)) {
     if ((f = open (sigfile, O_CREAT|O_WRONLY|O_TRUNC, 0600)) != -1) {
       if (write (f, sig, sigLen) != sigLen)
 	yaficError (sigfile);
@@ -162,7 +159,7 @@ SignFile (int fd, const char *filename, const char *sigfile)
   if (sig) free (sig);
   if (tsigfile) free (tsigfile);
 #ifdef HAVE_EVP_MD_CTX_CLEANUP
-  EVP_MD_CTX_cleanup (&ctx);
+  EVP_MD_CTX_cleanup (ctx);
 #endif
 }
 
@@ -170,7 +167,7 @@ void
 VerifyFile (int fd, const char *filename, const char *sigfile)
 {
   const EVP_MD *mdType;
-  EVP_MD_CTX ctx;
+  EVP_MD_CTX *ctx;
   ssize_t len;
   unsigned char *sig = NULL;
   int f;
@@ -181,8 +178,7 @@ VerifyFile (int fd, const char *filename, const char *sigfile)
   if (!pkey)
     return;
 
-  mdType = EVP_PKEY_type (pkey->type) == EVP_PKEY_DSA ? EVP_dss1 () :
-    EVP_sha1 ();
+  mdType = EVP_sha1 ();
 
   if (!sigfile) {
     int tlen = strlen (filename) + 4 + 1;
@@ -195,11 +191,9 @@ VerifyFile (int fd, const char *filename, const char *sigfile)
   fprintf (stderr, "Verifying %s: ", filename);
   fflush (stderr);
 
-#ifdef HAVE_EVP_MD_CTX_INIT
-  EVP_MD_CTX_init (&ctx);
-#endif
+  ctx = EVP_MD_CTX_new();
 #ifdef EVP_DIGESTINIT_VOID
-  EVP_VerifyInit (&ctx, mdType);
+  EVP_VerifyInit (ctx, mdType);
 #else
   if (!EVP_VerifyInit (&ctx, mdType)) {
     fprintf (stderr, "Error\n");
@@ -209,9 +203,9 @@ VerifyFile (int fd, const char *filename, const char *sigfile)
 
   while ((len = read (fd, HashBuffer, HASH_BUFFER_SIZE)) > 0) {
 #ifdef EVP_DIGESTINIT_VOID
-    EVP_VerifyUpdate (&ctx, HashBuffer, len);
+    EVP_VerifyUpdate (ctx, HashBuffer, len);
 #else
-    if (!EVP_VerifyUpdate (&ctx, HashBuffer, len)) {
+    if (!EVP_VerifyUpdate (ctx, HashBuffer, len)) {
       fprintf (stderr, "Error\n");
       opensslError ("EVP_SignUpdate");
     }
@@ -233,7 +227,7 @@ VerifyFile (int fd, const char *filename, const char *sigfile)
 
     close (f);
 
-    ret = EVP_VerifyFinal (&ctx, sig, len, pkey);
+    ret = EVP_VerifyFinal (ctx, sig, len, pkey);
     if (ret < 0) {
       fprintf (stderr, "Error\n");
       opensslError ("EVP_VerifyFinal");
@@ -254,7 +248,7 @@ VerifyFile (int fd, const char *filename, const char *sigfile)
   if (sig) free (sig);
   if (tsigfile) free (tsigfile);
 #ifdef HAVE_EVP_MD_CTX_CLEANUP
-  EVP_MD_CTX_cleanup (&ctx);
+  EVP_MD_CTX_cleanup (ctx);
 #endif
 }
 
@@ -265,7 +259,7 @@ KeyTypeStr (void)
 
   if (pkey) {
     int bits = EVP_PKEY_bits (pkey);
-    int type = EVP_PKEY_type (pkey->type);
+    int type = EVP_PKEY_base_id (pkey);
 
     switch (type) {
     case EVP_PKEY_RSA: