Unbreak the build against modern versions of OpenSSL.

This commit is contained in:
Alexey Dokuchaev 2020-09-10 09:37:39 +00:00
parent 78617d7cd3
commit 4c04b51c3f
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=548192
4 changed files with 124 additions and 16 deletions

View File

@ -21,13 +21,6 @@ USE_GNOME= libxml2
INSTALL_TARGET= install-strip
USE_LDCONFIG= yes
.include <bsd.port.pre.mk>
.if ${SSL_DEFAULT} == base
BROKEN_FreeBSD_12= variable has incomplete type 'EVP_CIPHER_CTX' (aka 'evp_cipher_ctx_st')
BROKEN_FreeBSD_13= variable has incomplete type 'EVP_CIPHER_CTX' (aka 'evp_cipher_ctx_st')
.endif
post-patch:
@${FIND} ${WRKSRC} -name Makefile.in | ${XARGS} \
${REINPLACE_CMD} -e 's|dclib-0.3/||g'
@ -35,4 +28,4 @@ post-patch:
@${REINPLACE_CMD} -e 's|-D_XOPEN_SOURCE=500||g; \
s|-D_BSD_SOURCE||g' ${WRKSRC}/configure
.include <bsd.port.post.mk>
.include <bsd.port.mk>

View File

@ -0,0 +1,96 @@
--- dclib/core/cssl.cpp.orig 2020-09-10 07:59:41 UTC
+++ dclib/core/cssl.cpp
@@ -429,7 +429,7 @@ CString CSSL::EncryptData( CSSLObject * SSLObject, CSt
CString res;
CByteArray bain,baout;
int i,tmplen;
- EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX *ctx;
// sanity check
if ( !SSLObject || (s.IsEmpty()) )
@@ -437,8 +437,9 @@ CString CSSL::EncryptData( CSSLObject * SSLObject, CSt
return res;
}
- EVP_CIPHER_CTX_init(&ctx);
- EVP_EncryptInit(&ctx, EVP_bf_cbc(), SSLObject->m_remotekey, SSLObject->m_remoteiv);
+ ctx = EVP_CIPHER_CTX_new();
+ EVP_CIPHER_CTX_init(ctx);
+ EVP_EncryptInit(ctx, EVP_bf_cbc(), SSLObject->m_remotekey, SSLObject->m_remoteiv);
// init input array
bain.SetSize(2);
@@ -448,13 +449,13 @@ CString CSSL::EncryptData( CSSLObject * SSLObject, CSt
// init output array
// input size + cipher_block_size for EVP_EncryptUpdate
// plus cipher_block_size for EVP_EncryptFinal
- baout.SetSize( bain.Size() + ( 2 * EVP_CIPHER_CTX_block_size(&ctx) ) );
+ baout.SetSize( bain.Size() + ( 2 * EVP_CIPHER_CTX_block_size(ctx) ) );
//printf("CSSL::EncryptData: wrong old size=%lu new size=%lu\n",bain.Size()*2,baout.Size());
i = baout.Size();
- if ( EVP_EncryptUpdate(&ctx, baout.Data(), &i, bain.Data(), bain.Size() ) )
+ if ( EVP_EncryptUpdate(ctx, baout.Data(), &i, bain.Data(), bain.Size() ) )
{
- if ( EVP_EncryptFinal(&ctx, baout.Data()+i, &tmplen) )
+ if ( EVP_EncryptFinal(ctx, baout.Data()+i, &tmplen) )
{
i+=tmplen;
bain.SetSize(0);
@@ -465,7 +466,7 @@ CString CSSL::EncryptData( CSSLObject * SSLObject, CSt
}
}
- EVP_CIPHER_CTX_cleanup(&ctx);
+ EVP_CIPHER_CTX_free(ctx);
return res;
}
@@ -476,7 +477,7 @@ CString CSSL::DecryptData( CSSLObject * SSLObject, CSt
CString res;
CByteArray bain,baout;
int i,tmplen;
- EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX *ctx;
// sanity check
if ( !SSLObject || (s.IsEmpty()) )
@@ -484,22 +485,23 @@ CString CSSL::DecryptData( CSSLObject * SSLObject, CSt
return res;
}
- EVP_CIPHER_CTX_init(&ctx);
- EVP_DecryptInit(&ctx, EVP_bf_cbc(), SSLObject->m_localkey, SSLObject->m_localiv);
+ ctx = EVP_CIPHER_CTX_new();
+ EVP_CIPHER_CTX_init(ctx);
+ EVP_DecryptInit(ctx, EVP_bf_cbc(), SSLObject->m_localkey, SSLObject->m_localiv);
bain.SetSize(0);
bain.Append(s.Data(),s.Length());
if ( CBase64::Decode(&baout,&bain) > 0 )
{
- bain.SetSize( baout.Size() + ( 2 * EVP_CIPHER_CTX_block_size(&ctx) ) );
+ bain.SetSize( baout.Size() + ( 2 * EVP_CIPHER_CTX_block_size(ctx) ) );
//printf("CSSL::DecryptData: wrong old size=%lu new size=%lu\n",baout.Size()*2,bain.Size());
i = 0;
- if ( EVP_DecryptUpdate(&ctx, bain.Data(), &i, baout.Data(), (int)baout.Size() ) )
+ if ( EVP_DecryptUpdate(ctx, bain.Data(), &i, baout.Data(), (int)baout.Size() ) )
{
tmplen = 0;
- if ( EVP_DecryptFinal(&ctx, bain.Data()+i, &tmplen) )
+ if ( EVP_DecryptFinal(ctx, bain.Data()+i, &tmplen) )
{
i+=tmplen;
res.Set((const char*)bain.Data()+2,i-2);
@@ -507,7 +509,7 @@ CString CSSL::DecryptData( CSSLObject * SSLObject, CSt
}
}
- EVP_CIPHER_CTX_cleanup(&ctx);
+ EVP_CIPHER_CTX_free(ctx);
return res;
}

View File

@ -21,13 +21,6 @@ PLIST_FILES= bin/sslsniffer
OPTIONS_DEFINE= DOCS
.include <bsd.port.pre.mk>
.if ${SSL_DEFAULT} == base
BROKEN_FreeBSD_12= incomplete definition of type 'struct evp_pkey_st'
BROKEN_FreeBSD_13= incomplete definition of type 'struct evp_pkey_st'
.endif
do-install:
${INSTALL_PROGRAM} ${WRKSRC}/sslsniffer ${STAGEDIR}${PREFIX}/bin
@ -35,4 +28,4 @@ do-install-DOCS-on:
@${MKDIR} ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
.include <bsd.port.post.mk>
.include <bsd.port.mk>

View File

@ -0,0 +1,26 @@
--- sslsniffer.c.orig 2001-10-08 22:10:44 UTC
+++ sslsniffer.c
@@ -1573,14 +1573,22 @@ PrintCertificateInfo(UTL_CERT_INFO *buf, EVP_PKEY *key
if (key == NULL) return;
- switch (key->type)
+ switch (EVP_PKEY_id(key))
{
case EVP_PKEY_RSA:
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
buf->keysize = RSA_size(key->pkey.rsa)*8;
+#else
+ buf->keysize = RSA_size(EVP_PKEY_get0_RSA(key))*8;
+#endif
printf(" RSA Public key size %d bits\n\n",buf->keysize);
break;
case EVP_PKEY_DSA:
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
buf->keysize = DSA_size(key->pkey.dsa)*8;
+#else
+ buf->keysize = DSA_size(EVP_PKEY_get0_DSA(key))*8;
+#endif
printf(" DSS Public key size %d bits\n\n",buf->keysize);
break;
default: