2010-10-03 17:40:42 -04:00
|
|
|
$OpenBSD: patch-smime_c,v 1.2 2010/10/03 21:40:42 jasper Exp $
|
|
|
|
|
|
|
|
* Fix for OpenSSL 1.0.0. (STACK has gone.)
|
|
|
|
* Use proper sk_TYPE_num, sk_TYPE_value for each TYPE.
|
|
|
|
From NetBSD patch-ae.
|
|
|
|
|
|
|
|
--- smime.c.orig Tue Jun 3 03:58:57 2008
|
|
|
|
+++ smime.c Sun Oct 3 22:49:16 2010
|
|
|
|
@@ -108,7 +108,7 @@ smime_decrypt(struct state *state)
|
|
|
|
struct header *hdr;
|
|
|
|
char buf[BUFSIZ];
|
|
|
|
#ifndef OPENSSL_BUG_FIXED
|
|
|
|
- STACK *sk;
|
|
|
|
+ STACK_OF(PKCS7_RECIP_INFO) *sk;
|
|
|
|
PKCS7_RECIP_INFO *ri;
|
2008-12-16 13:47:51 -05:00
|
|
|
#endif
|
2010-10-03 17:40:42 -04:00
|
|
|
|
|
|
|
@@ -174,10 +174,10 @@ smime_decrypt(struct state *state)
|
|
|
|
sk = NULL;
|
|
|
|
break;
|
|
|
|
case NID_pkcs7_signedAndEnveloped:
|
|
|
|
- sk = (STACK *)p7->d.signed_and_enveloped->recipientinfo;
|
|
|
|
+ sk = p7->d.signed_and_enveloped->recipientinfo;
|
|
|
|
break;
|
|
|
|
case NID_pkcs7_enveloped:
|
|
|
|
- sk = (STACK *)p7->d.enveloped->recipientinfo;
|
|
|
|
+ sk = p7->d.enveloped->recipientinfo;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
sk = NULL;
|
|
|
|
@@ -185,7 +185,7 @@ smime_decrypt(struct state *state)
|
|
|
|
}
|
|
|
|
if (sk) {
|
|
|
|
for (;;) {
|
|
|
|
- if (sk_num(sk) == 0) {
|
|
|
|
+ if (sk_PKCS7_RECIP_INFO_num(sk) == 0) {
|
|
|
|
strlcpy(state->status,
|
|
|
|
"Cannot find recipient info for me\n",
|
|
|
|
sizeof(state->status));
|
|
|
|
@@ -194,11 +194,11 @@ smime_decrypt(struct state *state)
|
|
|
|
PKCS7_free(p7);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
- ri=(PKCS7_RECIP_INFO *)sk_value(sk,0);
|
|
|
|
+ ri=sk_PKCS7_RECIP_INFO_value(sk,0);
|
|
|
|
if (X509_name_cmp(ri->issuer_and_serial->issuer, X509_get_issuer_name(x509)) == 0
|
|
|
|
&& ASN1_INTEGER_cmp(ri->issuer_and_serial->serial, X509_get_serialNumber(x509)) == 0)
|
|
|
|
break;
|
|
|
|
- sk_shift(sk);
|
|
|
|
+ sk_PKCS7_RECIP_INFO_shift(sk);
|
|
|
|
PKCS7_RECIP_INFO_free(ri);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@@ -401,7 +401,7 @@ smime_verify(struct state *state)
|
|
|
|
cbuf_t *cb, cbuf, sproto, from;
|
|
|
|
int i, ret;
|
|
|
|
PKCS7 *p7;
|
|
|
|
- STACK *sk;
|
|
|
|
+ STACK_OF(PKCS7_SIGNER_INFO) *sk;
|
|
|
|
char *p, *ep;
|
|
|
|
BIO *detached, *p7bio;
|
|
|
|
PKCS7_SIGNER_INFO *si;
|
|
|
|
@@ -496,11 +496,11 @@ BIO_read_filename(detached, "/tmp/smime.txt");
|
|
|
|
getenv("SSL_CERT_DIR"));
|
|
|
|
ERR_clear_error();
|
|
|
|
|
|
|
|
- sk = (STACK *)PKCS7_get_signer_info(p7);
|
|
|
|
+ sk = PKCS7_get_signer_info(p7);
|
|
|
|
strlcpy(state->status, "S/MIME verify OK", sizeof(state->status));
|
|
|
|
ret = 1;
|
|
|
|
- for (i = 0; i < sk_num(sk); i++) {
|
|
|
|
- si = (PKCS7_SIGNER_INFO *)sk_value(sk, i);
|
|
|
|
+ for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sk); i++) {
|
|
|
|
+ si = sk_PKCS7_SIGNER_INFO_value(sk, i);
|
|
|
|
if (PKCS7_dataVerify(cert_store, &cert_ctx, p7bio, p7, si) <= 0) {
|
|
|
|
ret = -1;
|
|
|
|
snprintf(state->status, sizeof(state->status),
|
|
|
|
@@ -560,7 +560,7 @@ smime_sign(struct state *state)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
PKCS7 *p7;
|
|
|
|
- STACK *sk;
|
|
|
|
+ STACK_OF(X509) *sk;
|
|
|
|
char *p;
|
|
|
|
BIO *in, *p7bio;
|
|
|
|
PKCS7_SIGNER_INFO *si;
|
|
|
|
@@ -675,9 +675,9 @@ smime_sign(struct state *state)
|
|
|
|
PKCS7_free(p7);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
- sk = (STACK *)X509_STORE_CTX_get_chain(&cert_ctx);
|
|
|
|
- for (i = 0; i < sk_num(sk); i++) {
|
|
|
|
- x = (X509 *)sk_value(sk, i);
|
|
|
|
+ sk = X509_STORE_CTX_get_chain(&cert_ctx);
|
|
|
|
+ for (i = 0; i < sk_X509_num(sk); i++) {
|
|
|
|
+ x = sk_X509_value(sk, i);
|
|
|
|
PKCS7_add_certificate(p7, x);
|
|
|
|
}
|
|
|
|
|
|
|
|
@@ -975,7 +975,7 @@ smime_encrypt(struct state *state)
|
|
|
|
BIO_ctrl(p7bio, BIO_C_GET_CIPHER_CTX, 1, (char *)&ctx);
|
|
|
|
if (EVP_CIPHER_CTX_nid(ctx) == NID_rc2_cbc) {
|
|
|
|
const EVP_CIPHER *cipher;
|
|
|
|
- STACK *rsk;
|
|
|
|
+ STACK_OF(PKCS7_RECIP_INFO) *rsk;
|
|
|
|
PKCS7_RECIP_INFO *ri;
|
|
|
|
u_char key[EVP_MAX_KEY_LENGTH];
|
|
|
|
u_char iv[EVP_MAX_IV_LENGTH];
|
|
|
|
@@ -983,7 +983,7 @@ smime_encrypt(struct state *state)
|
|
|
|
int keylen, ivlen, buflen, len;
|
|
|
|
u_char *buf, *q;
|
|
|
|
|
|
|
|
- rsk = (STACK *)p7->d.enveloped->recipientinfo;
|
|
|
|
+ rsk = p7->d.enveloped->recipientinfo;
|
|
|
|
cipher = EVP_rc2_40_cbc(); /* XXX */
|
|
|
|
keylen = EVP_CIPHER_key_length(cipher);
|
|
|
|
ivlen = EVP_CIPHER_iv_length(cipher);
|
|
|
|
@@ -992,8 +992,8 @@ smime_encrypt(struct state *state)
|
|
|
|
EVP_CipherInit(ctx, cipher, key, iv, 1);
|
|
|
|
buf = NULL;
|
|
|
|
buflen = 0;
|
|
|
|
- for (i = 0; i < sk_num(rsk); i++) {
|
|
|
|
- ri = (PKCS7_RECIP_INFO *)sk_value(rsk, i);
|
|
|
|
+ for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
|
|
|
|
+ ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
|
|
|
|
pkey = X509_get_pubkey(ri->cert);
|
|
|
|
len = EVP_PKEY_size(pkey);
|
|
|
|
if (buflen < len) {
|