aboutsummaryrefslogtreecommitdiffstats
path: root/community/rethinkdb/libressl.patch
blob: 6f273a0258d8a363f7ba03e3de5d9695430abad5 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
From d52a694a806c1a8b6dd4d7d17d0671a96240449a Mon Sep 17 00:00:00 2001
From: Natanael Copa <ncopa@alpinelinux.org>
Date: Wed, 4 Jan 2017 15:31:40 +0100
Subject: [PATCH] Improve OpenSSL compatibility

Refactor the conditionals for openssl 1.1 support so we avoid multiple
if/else and add a check for LibreSSL as well.
---
 src/crypto/hash.cc                 | 13 +++++--------
 src/crypto/hmac.cc                 | 34 ++++++++++++++++++----------------
 src/crypto/initialization_guard.cc | 15 ++++++---------
 3 files changed, 29 insertions(+), 33 deletions(-)

diff --git a/src/crypto/hash.cc b/src/crypto/hash.cc
index 4427dfddeb..e035f695fc 100644
--- a/src/crypto/hash.cc
+++ b/src/crypto/hash.cc
@@ -8,27 +8,24 @@
 
 #include "crypto/error.hpp"
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#define EVP_MD_CTX_new     EVP_MD_CTX_create
+#define EVP_MD_CTX_free    EVP_MD_CTX_destroy
+#endif
+
 namespace crypto {
 
 class evp_md_ctx_wrapper_t {
 public:
     evp_md_ctx_wrapper_t() {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-        m_evp_md_ctx = EVP_MD_CTX_create();
-#else
         m_evp_md_ctx = EVP_MD_CTX_new();
-#endif
         if (m_evp_md_ctx == nullptr) {
             throw openssl_error_t(ERR_get_error());
         }
     }
 
     ~evp_md_ctx_wrapper_t() {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-        EVP_MD_CTX_destroy(m_evp_md_ctx);
-#else
         EVP_MD_CTX_free(m_evp_md_ctx);
-#endif
     }
 
     EVP_MD_CTX *get() {
diff --git a/src/crypto/hmac.cc b/src/crypto/hmac.cc
index 2ac4314e24..0e3f91a0c1 100644
--- a/src/crypto/hmac.cc
+++ b/src/crypto/hmac.cc
@@ -7,43 +7,45 @@
 
 #include "crypto/error.hpp"
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+
+inline HMAC_CTX *HMAC_CTX_new() {
+    HMAC_CTX *tmp = (HMAC_CTX *)OPENSSL_malloc(sizeof(HMAC_CTX));
+    if (tmp)
+        HMAC_CTX_init(tmp);
+    return tmp;
+}
+
+inline void HMAC_CTX_free(HMAC_CTX *ctx) {
+    if (ctx) {
+        HMAC_CTX_cleanup(ctx);
+        OPENSSL_free(ctx);
+    }
+}
+
+#endif
+
 namespace crypto {
 
 class hmac_ctx_wrapper_t {
 public:
     hmac_ctx_wrapper_t() {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-        HMAC_CTX_init(&m_hmac_ctx);
-#else
         m_hmac_ctx = HMAC_CTX_new();
         if (m_hmac_ctx == nullptr) {
             throw openssl_error_t(ERR_get_error());
         }
-#endif
     }
 
     ~hmac_ctx_wrapper_t() {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-        HMAC_CTX_cleanup(&m_hmac_ctx);
-#else
         HMAC_CTX_free(m_hmac_ctx);
-#endif
     }
 
     HMAC_CTX *get() {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-        return &m_hmac_ctx;
-#else
         return m_hmac_ctx;
-#endif
     }
 
 private:
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-    HMAC_CTX m_hmac_ctx;
-#else
     HMAC_CTX *m_hmac_ctx;
-#endif
 };
 
 std::array<unsigned char, SHA256_DIGEST_LENGTH> detail::hmac_sha256(
diff --git a/src/crypto/initialization_guard.cc b/src/crypto/initialization_guard.cc
index ba0503efc6..f76ffd96da 100644
--- a/src/crypto/initialization_guard.cc
+++ b/src/crypto/initialization_guard.cc
@@ -14,16 +14,17 @@
 #include "arch/io/concurrency.hpp"
 #include "arch/runtime/runtime.hpp"
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#define OPENSSL_init_ssl(x, y)     SSL_library_init()
+#define OPENSSL_init_crypto(x, y)  SSL_load_error_strings()
+#define OPENSSL_cleanup            ERR_free_strings
+#endif
+
 namespace crypto {
 
 initialization_guard_t::initialization_guard_t() {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-    SSL_library_init();
-    SSL_load_error_strings();
-#else
     OPENSSL_init_ssl(0, nullptr);
     OPENSSL_init_crypto(0, nullptr);
-#endif
 
     // Make OpenSSL thread-safe by registering the required callbacks
     CRYPTO_THREADID_set_callback([](CRYPTO_THREADID *thread_out) {
@@ -49,11 +50,7 @@ initialization_guard_t::initialization_guard_t() {
 }
 
 initialization_guard_t::~initialization_guard_t() {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-    ERR_free_strings();
-#else
     OPENSSL_cleanup();
-#endif
 }
 
 }  // namespace crypto
-- 
2.11.0