xref: /OK3568_Linux_fs/buildroot/package/liboauth/0001-Fixes-build-issue-with-OpenSSL-1.1.0.patch (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1*4882a593SmuzhiyunFrom 5f1c949b1703367f7f06454fcff650bdb7bac840 Mon Sep 17 00:00:00 2001
2*4882a593SmuzhiyunFrom: DJ Lucas <dj@linuxfromscratch.org>
3*4882a593SmuzhiyunDate: Sun, 9 Sep 2018 15:46:15 +0200
4*4882a593SmuzhiyunSubject: [PATCH] Fixes build issue with OpenSSL-1.1.0
5*4882a593Smuzhiyun
6*4882a593SmuzhiyunDownloaded from
7*4882a593Smuzhiyunhttp://www.linuxfromscratch.org/patches/blfs/svn/liboauth-1.0.3-openssl-1.1.0-2.patch
8*4882a593Smuzhiyun
9*4882a593SmuzhiyunPatch was sent upstream: https://github.com/x42/liboauth/issues/9
10*4882a593Smuzhiyun
11*4882a593SmuzhiyunSigned-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
12*4882a593Smuzhiyun---
13*4882a593Smuzhiyun src/hash.c | 65 ++++++++++++++++++++++++++++++++++++++++++--------------------
14*4882a593Smuzhiyun 1 file changed, 44 insertions(+), 21 deletions(-)
15*4882a593Smuzhiyun
16*4882a593Smuzhiyundiff --git a/src/hash.c b/src/hash.c
17*4882a593Smuzhiyunindex 17ff5c8..b7958f7 100644
18*4882a593Smuzhiyun--- a/src/hash.c
19*4882a593Smuzhiyun+++ b/src/hash.c
20*4882a593Smuzhiyun@@ -362,6 +362,11 @@ looser:
21*4882a593Smuzhiyun #include "oauth.h" // base64 encode fn's.
22*4882a593Smuzhiyun #include <openssl/hmac.h>
23*4882a593Smuzhiyun
24*4882a593Smuzhiyun+#if OPENSSL_VERSION_NUMBER < 0x10100000
25*4882a593Smuzhiyun+#define EVP_MD_CTX_new EVP_MD_CTX_create
26*4882a593Smuzhiyun+#define EVP_MD_CTX_free EVP_MD_CTX_destroy
27*4882a593Smuzhiyun+#endif
28*4882a593Smuzhiyun+
29*4882a593Smuzhiyun char *oauth_sign_hmac_sha1 (const char *m, const char *k) {
30*4882a593Smuzhiyun   return(oauth_sign_hmac_sha1_raw (m, strlen(m), k, strlen(k)));
31*4882a593Smuzhiyun }
32*4882a593Smuzhiyun@@ -386,7 +391,7 @@ char *oauth_sign_rsa_sha1 (const char *m, const char *k) {
33*4882a593Smuzhiyun   unsigned char *sig = NULL;
34*4882a593Smuzhiyun   unsigned char *passphrase = NULL;
35*4882a593Smuzhiyun   unsigned int len=0;
36*4882a593Smuzhiyun-  EVP_MD_CTX md_ctx;
37*4882a593Smuzhiyun+  EVP_MD_CTX *md_ctx;
38*4882a593Smuzhiyun
39*4882a593Smuzhiyun   EVP_PKEY *pkey;
40*4882a593Smuzhiyun   BIO *in;
41*4882a593Smuzhiyun@@ -399,24 +404,31 @@ char *oauth_sign_rsa_sha1 (const char *m, const char *k) {
42*4882a593Smuzhiyun     return xstrdup("liboauth/OpenSSL: can not read private key");
43*4882a593Smuzhiyun   }
44*4882a593Smuzhiyun
45*4882a593Smuzhiyun+  md_ctx = EVP_MD_CTX_new();
46*4882a593Smuzhiyun+  if (md_ctx == NULL) {
47*4882a593Smuzhiyun+          return xstrdup("liboauth/OpenSSL: failed to allocate EVP_MD_CTX");
48*4882a593Smuzhiyun+  }
49*4882a593Smuzhiyun+
50*4882a593Smuzhiyun   len = EVP_PKEY_size(pkey);
51*4882a593Smuzhiyun   sig = (unsigned char*)xmalloc((len+1)*sizeof(char));
52*4882a593Smuzhiyun
53*4882a593Smuzhiyun-  EVP_SignInit(&md_ctx, EVP_sha1());
54*4882a593Smuzhiyun-  EVP_SignUpdate(&md_ctx, m, strlen(m));
55*4882a593Smuzhiyun-  if (EVP_SignFinal (&md_ctx, sig, &len, pkey)) {
56*4882a593Smuzhiyun+  EVP_SignInit(md_ctx, EVP_sha1());
57*4882a593Smuzhiyun+  EVP_SignUpdate(md_ctx, m, strlen(m));
58*4882a593Smuzhiyun+  if (EVP_SignFinal (md_ctx, sig, &len, pkey)) {
59*4882a593Smuzhiyun     char *tmp;
60*4882a593Smuzhiyun     sig[len] = '\0';
61*4882a593Smuzhiyun     tmp = oauth_encode_base64(len,sig);
62*4882a593Smuzhiyun     OPENSSL_free(sig);
63*4882a593Smuzhiyun     EVP_PKEY_free(pkey);
64*4882a593Smuzhiyun+    EVP_MD_CTX_free(md_ctx);
65*4882a593Smuzhiyun     return tmp;
66*4882a593Smuzhiyun   }
67*4882a593Smuzhiyun+  EVP_MD_CTX_free(md_ctx);
68*4882a593Smuzhiyun   return xstrdup("liboauth/OpenSSL: rsa-sha1 signing failed");
69*4882a593Smuzhiyun }
70*4882a593Smuzhiyun
71*4882a593Smuzhiyun int oauth_verify_rsa_sha1 (const char *m, const char *c, const char *s) {
72*4882a593Smuzhiyun-  EVP_MD_CTX md_ctx;
73*4882a593Smuzhiyun+  EVP_MD_CTX *md_ctx;
74*4882a593Smuzhiyun   EVP_PKEY *pkey;
75*4882a593Smuzhiyun   BIO *in;
76*4882a593Smuzhiyun   X509 *cert = NULL;
77*4882a593Smuzhiyun@@ -437,13 +449,18 @@ int oauth_verify_rsa_sha1 (const char *m, const char *c, const char *s) {
78*4882a593Smuzhiyun     return -2;
79*4882a593Smuzhiyun   }
80*4882a593Smuzhiyun
81*4882a593Smuzhiyun+	md_ctx = EVP_MD_CTX_new();
82*4882a593Smuzhiyun+	if (md_ctx == NULL) {
83*4882a593Smuzhiyun+		return -2;
84*4882a593Smuzhiyun+	}
85*4882a593Smuzhiyun+
86*4882a593Smuzhiyun   b64d= (unsigned char*) xmalloc(sizeof(char)*strlen(s));
87*4882a593Smuzhiyun   slen = oauth_decode_base64(b64d, s);
88*4882a593Smuzhiyun
89*4882a593Smuzhiyun-  EVP_VerifyInit(&md_ctx, EVP_sha1());
90*4882a593Smuzhiyun-  EVP_VerifyUpdate(&md_ctx, m, strlen(m));
91*4882a593Smuzhiyun-  err = EVP_VerifyFinal(&md_ctx, b64d, slen, pkey);
92*4882a593Smuzhiyun-  EVP_MD_CTX_cleanup(&md_ctx);
93*4882a593Smuzhiyun+  EVP_VerifyInit(md_ctx, EVP_sha1());
94*4882a593Smuzhiyun+  EVP_VerifyUpdate(md_ctx, m, strlen(m));
95*4882a593Smuzhiyun+  err = EVP_VerifyFinal(md_ctx, b64d, slen, pkey);
96*4882a593Smuzhiyun+  EVP_MD_CTX_free(pkey);
97*4882a593Smuzhiyun   EVP_PKEY_free(pkey);
98*4882a593Smuzhiyun   xfree(b64d);
99*4882a593Smuzhiyun   return (err);
100*4882a593Smuzhiyun@@ -455,35 +472,41 @@ int oauth_verify_rsa_sha1 (const char *m, const char *c, const char *s) {
101*4882a593Smuzhiyun  */
102*4882a593Smuzhiyun char *oauth_body_hash_file(char *filename) {
103*4882a593Smuzhiyun   unsigned char fb[BUFSIZ];
104*4882a593Smuzhiyun-  EVP_MD_CTX ctx;
105*4882a593Smuzhiyun+  EVP_MD_CTX *ctx;
106*4882a593Smuzhiyun   size_t len=0;
107*4882a593Smuzhiyun   unsigned char *md;
108*4882a593Smuzhiyun   FILE *F= fopen(filename, "r");
109*4882a593Smuzhiyun   if (!F) return NULL;
110*4882a593Smuzhiyun
111*4882a593Smuzhiyun-  EVP_MD_CTX_init(&ctx);
112*4882a593Smuzhiyun-  EVP_DigestInit(&ctx,EVP_sha1());
113*4882a593Smuzhiyun+  ctx = EVP_MD_CTX_new();
114*4882a593Smuzhiyun+  if (ctx == NULL) {
115*4882a593Smuzhiyun+          return xstrdup("liboauth/OpenSSL: failed to allocate EVP_MD_CTX");
116*4882a593Smuzhiyun+  }
117*4882a593Smuzhiyun+  EVP_DigestInit(ctx,EVP_sha1());
118*4882a593Smuzhiyun   while (!feof(F) && (len=fread(fb,sizeof(char),BUFSIZ, F))>0) {
119*4882a593Smuzhiyun-    EVP_DigestUpdate(&ctx, fb, len);
120*4882a593Smuzhiyun+    EVP_DigestUpdate(ctx, fb, len);
121*4882a593Smuzhiyun   }
122*4882a593Smuzhiyun   fclose(F);
123*4882a593Smuzhiyun   len=0;
124*4882a593Smuzhiyun   md=(unsigned char*) xcalloc(EVP_MD_size(EVP_sha1()),sizeof(unsigned char));
125*4882a593Smuzhiyun-  EVP_DigestFinal(&ctx, md,(unsigned int*) &len);
126*4882a593Smuzhiyun-  EVP_MD_CTX_cleanup(&ctx);
127*4882a593Smuzhiyun+  EVP_DigestFinal(ctx, md,(unsigned int*) &len);
128*4882a593Smuzhiyun+  EVP_MD_CTX_free(ctx);
129*4882a593Smuzhiyun   return oauth_body_hash_encode(len, md);
130*4882a593Smuzhiyun }
131*4882a593Smuzhiyun
132*4882a593Smuzhiyun char *oauth_body_hash_data(size_t length, const char *data) {
133*4882a593Smuzhiyun-  EVP_MD_CTX ctx;
134*4882a593Smuzhiyun+  EVP_MD_CTX *ctx;
135*4882a593Smuzhiyun   size_t len=0;
136*4882a593Smuzhiyun   unsigned char *md;
137*4882a593Smuzhiyun   md=(unsigned char*) xcalloc(EVP_MD_size(EVP_sha1()),sizeof(unsigned char));
138*4882a593Smuzhiyun-  EVP_MD_CTX_init(&ctx);
139*4882a593Smuzhiyun-  EVP_DigestInit(&ctx,EVP_sha1());
140*4882a593Smuzhiyun-  EVP_DigestUpdate(&ctx, data, length);
141*4882a593Smuzhiyun-  EVP_DigestFinal(&ctx, md,(unsigned int*) &len);
142*4882a593Smuzhiyun-  EVP_MD_CTX_cleanup(&ctx);
143*4882a593Smuzhiyun+  ctx = EVP_MD_CTX_new();
144*4882a593Smuzhiyun+  if (ctx == NULL) {
145*4882a593Smuzhiyun+          return xstrdup("liboauth/OpenSSL: failed to allocate EVP_MD_CTX");
146*4882a593Smuzhiyun+  }
147*4882a593Smuzhiyun+  EVP_DigestInit(ctx,EVP_sha1());
148*4882a593Smuzhiyun+  EVP_DigestUpdate(ctx, data, length);
149*4882a593Smuzhiyun+  EVP_DigestFinal(ctx, md,(unsigned int*) &len);
150*4882a593Smuzhiyun+  EVP_MD_CTX_free(ctx);
151*4882a593Smuzhiyun   return oauth_body_hash_encode(len, md);
152*4882a593Smuzhiyun }
153*4882a593Smuzhiyun
154*4882a593Smuzhiyun--
155*4882a593Smuzhiyun2.14.4
156*4882a593Smuzhiyun
157