mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-08-08 06:47:09 +02:00
29efe5822c
The s390x patch conflicts with both the ppc64le patch and the paxmark. The PaX kernel is only supported for x86_64 so we can conditionally apply the ppc64le, s390x or paxmark patch depending on arch.
159 lines
4.0 KiB
Diff
159 lines
4.0 KiB
Diff
From d52a694a806c1a8b6dd4d7d17d0671a96240449a Mon Sep 17 00:00:00 2001
|
|
From: Natanael Copa <ncopa@alpinelinux.org>
|
|
Date: Wed, 4 Jan 2017 15:31:40 +0100
|
|
Subject: [PATCH] Improve OpenSSL compatibility
|
|
|
|
Refactor the conditionals for openssl 1.1 support so we avoid multiple
|
|
if/else and add a check for LibreSSL as well.
|
|
---
|
|
src/crypto/hash.cc | 13 +++++--------
|
|
src/crypto/hmac.cc | 34 ++++++++++++++++++----------------
|
|
src/crypto/initialization_guard.cc | 15 ++++++---------
|
|
3 files changed, 29 insertions(+), 33 deletions(-)
|
|
|
|
diff --git a/src/crypto/hash.cc b/src/crypto/hash.cc
|
|
index 4427dfddeb..e035f695fc 100644
|
|
--- a/src/crypto/hash.cc
|
|
+++ b/src/crypto/hash.cc
|
|
@@ -8,27 +8,24 @@
|
|
|
|
#include "crypto/error.hpp"
|
|
|
|
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
|
+#define EVP_MD_CTX_new EVP_MD_CTX_create
|
|
+#define EVP_MD_CTX_free EVP_MD_CTX_destroy
|
|
+#endif
|
|
+
|
|
namespace crypto {
|
|
|
|
class evp_md_ctx_wrapper_t {
|
|
public:
|
|
evp_md_ctx_wrapper_t() {
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
- m_evp_md_ctx = EVP_MD_CTX_create();
|
|
-#else
|
|
m_evp_md_ctx = EVP_MD_CTX_new();
|
|
-#endif
|
|
if (m_evp_md_ctx == nullptr) {
|
|
throw openssl_error_t(ERR_get_error());
|
|
}
|
|
}
|
|
|
|
~evp_md_ctx_wrapper_t() {
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
- EVP_MD_CTX_destroy(m_evp_md_ctx);
|
|
-#else
|
|
EVP_MD_CTX_free(m_evp_md_ctx);
|
|
-#endif
|
|
}
|
|
|
|
EVP_MD_CTX *get() {
|
|
diff --git a/src/crypto/hmac.cc b/src/crypto/hmac.cc
|
|
index 2ac4314e24..0e3f91a0c1 100644
|
|
--- a/src/crypto/hmac.cc
|
|
+++ b/src/crypto/hmac.cc
|
|
@@ -7,43 +7,45 @@
|
|
|
|
#include "crypto/error.hpp"
|
|
|
|
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
|
+
|
|
+inline HMAC_CTX *HMAC_CTX_new() {
|
|
+ HMAC_CTX *tmp = (HMAC_CTX *)OPENSSL_malloc(sizeof(HMAC_CTX));
|
|
+ if (tmp)
|
|
+ HMAC_CTX_init(tmp);
|
|
+ return tmp;
|
|
+}
|
|
+
|
|
+inline void HMAC_CTX_free(HMAC_CTX *ctx) {
|
|
+ if (ctx) {
|
|
+ HMAC_CTX_cleanup(ctx);
|
|
+ OPENSSL_free(ctx);
|
|
+ }
|
|
+}
|
|
+
|
|
+#endif
|
|
+
|
|
namespace crypto {
|
|
|
|
class hmac_ctx_wrapper_t {
|
|
public:
|
|
hmac_ctx_wrapper_t() {
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
- HMAC_CTX_init(&m_hmac_ctx);
|
|
-#else
|
|
m_hmac_ctx = HMAC_CTX_new();
|
|
if (m_hmac_ctx == nullptr) {
|
|
throw openssl_error_t(ERR_get_error());
|
|
}
|
|
-#endif
|
|
}
|
|
|
|
~hmac_ctx_wrapper_t() {
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
- HMAC_CTX_cleanup(&m_hmac_ctx);
|
|
-#else
|
|
HMAC_CTX_free(m_hmac_ctx);
|
|
-#endif
|
|
}
|
|
|
|
HMAC_CTX *get() {
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
- return &m_hmac_ctx;
|
|
-#else
|
|
return m_hmac_ctx;
|
|
-#endif
|
|
}
|
|
|
|
private:
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
- HMAC_CTX m_hmac_ctx;
|
|
-#else
|
|
HMAC_CTX *m_hmac_ctx;
|
|
-#endif
|
|
};
|
|
|
|
std::array<unsigned char, SHA256_DIGEST_LENGTH> detail::hmac_sha256(
|
|
diff --git a/src/crypto/initialization_guard.cc b/src/crypto/initialization_guard.cc
|
|
index ba0503efc6..f76ffd96da 100644
|
|
--- a/src/crypto/initialization_guard.cc
|
|
+++ b/src/crypto/initialization_guard.cc
|
|
@@ -14,16 +14,17 @@
|
|
#include "arch/io/concurrency.hpp"
|
|
#include "arch/runtime/runtime.hpp"
|
|
|
|
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
|
+#define OPENSSL_init_ssl(x, y) SSL_library_init()
|
|
+#define OPENSSL_init_crypto(x, y) SSL_load_error_strings()
|
|
+#define OPENSSL_cleanup ERR_free_strings
|
|
+#endif
|
|
+
|
|
namespace crypto {
|
|
|
|
initialization_guard_t::initialization_guard_t() {
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
- SSL_library_init();
|
|
- SSL_load_error_strings();
|
|
-#else
|
|
OPENSSL_init_ssl(0, nullptr);
|
|
OPENSSL_init_crypto(0, nullptr);
|
|
-#endif
|
|
|
|
// Make OpenSSL thread-safe by registering the required callbacks
|
|
CRYPTO_THREADID_set_callback([](CRYPTO_THREADID *thread_out) {
|
|
@@ -49,11 +50,7 @@ initialization_guard_t::initialization_guard_t() {
|
|
}
|
|
|
|
initialization_guard_t::~initialization_guard_t() {
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
- ERR_free_strings();
|
|
-#else
|
|
OPENSSL_cleanup();
|
|
-#endif
|
|
}
|
|
|
|
} // namespace crypto
|
|
--
|
|
2.11.0
|
|
|