1*4882a593SmuzhiyunFrom eb471de8f26e0367dd08d299d2252fa8b2b958a9 Mon Sep 17 00:00:00 2001 2*4882a593SmuzhiyunFrom: Emilio <emilio.campos@zevenet.com> 3*4882a593SmuzhiyunDate: Mon, 17 Jul 2017 09:41:32 +0200 4*4882a593SmuzhiyunSubject: [PATCH] [Improvement] Added support to compile pound with openssl 5*4882a593Smuzhiyun 1.0.2 6*4882a593Smuzhiyun 7*4882a593SmuzhiyunSigned-off-by: Emilio <emilio.campos@zevenet.com> 8*4882a593Smuzhiyun 9*4882a593Smuzhiyun new file: dh2048.h 10*4882a593Smuzhiyun modified: svc.c 11*4882a593Smuzhiyun 12*4882a593SmuzhiyunPatch was downloaded from 3rd-party repo: 13*4882a593Smuzhiyunhttps://github.com/zevenet/pound/commit/eb471de8f26e0367dd08d299d2252fa8b2b958a9 14*4882a593Smuzhiyun 15*4882a593SmuzhiyunThis repo was announced on upstream mailinglist: 16*4882a593Smuzhiyunhttp://www.apsis.ch/pound/pound_list/archive/2017/2017-07/1500287626000#1500287626000 17*4882a593Smuzhiyun 18*4882a593SmuzhiyunSigned-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> 19*4882a593Smuzhiyun--- 20*4882a593Smuzhiyun dh2048.h | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 21*4882a593Smuzhiyun svc.c | 33 +++++++++++++++++++++++++++++++++ 22*4882a593Smuzhiyun 2 files changed, 86 insertions(+) 23*4882a593Smuzhiyun create mode 100644 dh2048.h 24*4882a593Smuzhiyun 25*4882a593Smuzhiyundiff --git a/dh2048.h b/dh2048.h 26*4882a593Smuzhiyunnew file mode 100644 27*4882a593Smuzhiyunindex 0000000..79c693c 28*4882a593Smuzhiyun--- /dev/null 29*4882a593Smuzhiyun+++ b/dh2048.h 30*4882a593Smuzhiyun@@ -0,0 +1,53 @@ 31*4882a593Smuzhiyun+#ifndef HEADER_DH_H 32*4882a593Smuzhiyun+# include <openssl/dh.h> 33*4882a593Smuzhiyun+#endif 34*4882a593Smuzhiyun+ 35*4882a593Smuzhiyun+DH *get_dh2048() 36*4882a593Smuzhiyun+{ 37*4882a593Smuzhiyun+ static unsigned char dhp_2048[] = { 38*4882a593Smuzhiyun+ 0xBF, 0x6C, 0xC6, 0xBD, 0xEA, 0x10, 0x84, 0x59, 0x40, 0xC2, 39*4882a593Smuzhiyun+ 0xC6, 0xA2, 0x9B, 0x19, 0xD3, 0x2E, 0x2F, 0xAB, 0xE6, 0xE4, 40*4882a593Smuzhiyun+ 0x1E, 0x91, 0x0D, 0x59, 0xDC, 0x96, 0x3F, 0x6E, 0x65, 0x38, 41*4882a593Smuzhiyun+ 0xB9, 0xBE, 0xBB, 0x8F, 0xDF, 0x73, 0xAC, 0xAC, 0xB3, 0x2F, 42*4882a593Smuzhiyun+ 0xA7, 0x02, 0x0B, 0x87, 0xB7, 0x3F, 0x3A, 0x42, 0x8A, 0x94, 43*4882a593Smuzhiyun+ 0xDD, 0xEC, 0x33, 0xA4, 0x25, 0xB1, 0xBF, 0x84, 0x91, 0x87, 44*4882a593Smuzhiyun+ 0xD8, 0x1C, 0x42, 0xB9, 0x8E, 0x00, 0x1F, 0x49, 0xED, 0x57, 45*4882a593Smuzhiyun+ 0xA4, 0x48, 0xB0, 0xCC, 0xD8, 0xB8, 0x83, 0xCA, 0x3E, 0xDF, 46*4882a593Smuzhiyun+ 0xA2, 0xF2, 0x07, 0x71, 0x71, 0x18, 0x1F, 0x50, 0x45, 0x3A, 47*4882a593Smuzhiyun+ 0x66, 0x04, 0x7F, 0x15, 0xB2, 0xA8, 0x02, 0x77, 0xCE, 0xC6, 48*4882a593Smuzhiyun+ 0xF9, 0x7C, 0x63, 0xE4, 0x52, 0x41, 0xFA, 0x62, 0xB9, 0x0D, 49*4882a593Smuzhiyun+ 0xDC, 0x08, 0x62, 0xEC, 0x00, 0xAB, 0xB0, 0xF7, 0x79, 0x48, 50*4882a593Smuzhiyun+ 0x75, 0x22, 0x85, 0xCC, 0x67, 0x3C, 0xEA, 0x09, 0x32, 0xAC, 51*4882a593Smuzhiyun+ 0x30, 0xED, 0x1E, 0x67, 0xDC, 0x74, 0xF8, 0xD9, 0xC3, 0xD0, 52*4882a593Smuzhiyun+ 0xA0, 0x60, 0x4D, 0xCE, 0x52, 0xBC, 0xA3, 0xE5, 0x18, 0x7B, 53*4882a593Smuzhiyun+ 0x0B, 0xC8, 0xCE, 0x70, 0xA2, 0xC8, 0x21, 0xCA, 0xCE, 0xA5, 54*4882a593Smuzhiyun+ 0xD4, 0xCB, 0x85, 0xFC, 0xC7, 0x07, 0x5C, 0x05, 0x87, 0xFC, 55*4882a593Smuzhiyun+ 0x2F, 0x67, 0x4D, 0x2D, 0x4F, 0xA4, 0xEE, 0x63, 0x98, 0x49, 56*4882a593Smuzhiyun+ 0xE4, 0x2E, 0xD7, 0x3F, 0x7D, 0x69, 0x68, 0x0A, 0xA2, 0x3E, 57*4882a593Smuzhiyun+ 0x5A, 0x04, 0xD4, 0xDD, 0xBB, 0xC7, 0xB4, 0x34, 0xB7, 0x21, 58*4882a593Smuzhiyun+ 0xD3, 0xAC, 0x99, 0xD7, 0x87, 0x45, 0x5E, 0x18, 0x68, 0x16, 59*4882a593Smuzhiyun+ 0x3A, 0xAF, 0xE2, 0x04, 0x57, 0xB8, 0x6A, 0xB8, 0x2F, 0x75, 60*4882a593Smuzhiyun+ 0xD5, 0x79, 0x96, 0x60, 0x8D, 0xD1, 0xCC, 0xD1, 0x33, 0x85, 61*4882a593Smuzhiyun+ 0x53, 0x88, 0x87, 0x34, 0xA6, 0x4B, 0x49, 0x24, 0x53, 0xD6, 62*4882a593Smuzhiyun+ 0xF1, 0x1E, 0x4E, 0x98, 0x4D, 0x6B, 0x44, 0x31, 0x94, 0xFF, 63*4882a593Smuzhiyun+ 0x46, 0xC2, 0x38, 0x2E, 0xEA, 0xBB 64*4882a593Smuzhiyun+ }; 65*4882a593Smuzhiyun+ static unsigned char dhg_2048[] = { 66*4882a593Smuzhiyun+ 0x05 67*4882a593Smuzhiyun+ }; 68*4882a593Smuzhiyun+ DH *dh = DH_new(); 69*4882a593Smuzhiyun+ BIGNUM *dhp_bn, *dhg_bn; 70*4882a593Smuzhiyun+ 71*4882a593Smuzhiyun+ if (dh == NULL) 72*4882a593Smuzhiyun+ return NULL; 73*4882a593Smuzhiyun+ dhp_bn = BN_bin2bn(dhp_2048, sizeof (dhp_2048), NULL); 74*4882a593Smuzhiyun+ dhg_bn = BN_bin2bn(dhg_2048, sizeof (dhg_2048), NULL); 75*4882a593Smuzhiyun+ if (dhp_bn == NULL || dhg_bn == NULL 76*4882a593Smuzhiyun+ || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) { 77*4882a593Smuzhiyun+ DH_free(dh); 78*4882a593Smuzhiyun+ BN_free(dhp_bn); 79*4882a593Smuzhiyun+ BN_free(dhg_bn); 80*4882a593Smuzhiyun+ return NULL; 81*4882a593Smuzhiyun+ } 82*4882a593Smuzhiyun+ return dh; 83*4882a593Smuzhiyun+} 84*4882a593Smuzhiyundiff --git a/svc.c b/svc.c 85*4882a593Smuzhiyunindex 1341397..758dfbd 100644 86*4882a593Smuzhiyun--- a/svc.c 87*4882a593Smuzhiyun+++ b/svc.c 88*4882a593Smuzhiyun@@ -1512,6 +1512,39 @@ do_RSAgen(void) 89*4882a593Smuzhiyun return; 90*4882a593Smuzhiyun } 91*4882a593Smuzhiyun 92*4882a593Smuzhiyun+ 93*4882a593Smuzhiyun+#if OPENSSL_VERSION_NUMBER < 0x10100000 94*4882a593Smuzhiyun+static inline int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) 95*4882a593Smuzhiyun+{ 96*4882a593Smuzhiyun+ /* If the fields p and g in d are NULL, the corresponding input 97*4882a593Smuzhiyun+ * parameters MUST be non-NULL. q may remain NULL. 98*4882a593Smuzhiyun+ */ 99*4882a593Smuzhiyun+ if ((dh->p == NULL && p == NULL) 100*4882a593Smuzhiyun+ || (dh->g == NULL && g == NULL)) 101*4882a593Smuzhiyun+ return 0; 102*4882a593Smuzhiyun+ 103*4882a593Smuzhiyun+ if (p != NULL) { 104*4882a593Smuzhiyun+ BN_free(dh->p); 105*4882a593Smuzhiyun+ dh->p = p; 106*4882a593Smuzhiyun+ } 107*4882a593Smuzhiyun+ if (q != NULL) { 108*4882a593Smuzhiyun+ BN_free(dh->q); 109*4882a593Smuzhiyun+ dh->q = q; 110*4882a593Smuzhiyun+ } 111*4882a593Smuzhiyun+ if (g != NULL) { 112*4882a593Smuzhiyun+ BN_free(dh->g); 113*4882a593Smuzhiyun+ dh->g = g; 114*4882a593Smuzhiyun+ } 115*4882a593Smuzhiyun+ 116*4882a593Smuzhiyun+ if (q != NULL) { 117*4882a593Smuzhiyun+ dh->length = BN_num_bits(q); 118*4882a593Smuzhiyun+ } 119*4882a593Smuzhiyun+ 120*4882a593Smuzhiyun+ return 1; 121*4882a593Smuzhiyun+} 122*4882a593Smuzhiyun+#endif 123*4882a593Smuzhiyun+ 124*4882a593Smuzhiyun+ 125*4882a593Smuzhiyun #include "dh512.h" 126*4882a593Smuzhiyun 127*4882a593Smuzhiyun #if DH_LEN == 1024 128