Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 12 Dec 2018 08:47:55 +0000 (UTC)
From:      Max Khon <fjoe@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r487284 - head/databases/pgadmin3/files
Message-ID:  <201812120847.wBC8ltqA059776@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: fjoe
Date: Wed Dec 12 08:47:55 2018
New Revision: 487284
URL: https://svnweb.freebsd.org/changeset/ports/487284

Log:
  - Fix build with OpenSSL 1.1
  
  PR:		232375

Added:
  head/databases/pgadmin3/files/patch-openssl11   (contents, props changed)

Added: head/databases/pgadmin3/files/patch-openssl11
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/databases/pgadmin3/files/patch-openssl11	Wed Dec 12 08:47:55 2018	(r487284)
@@ -0,0 +1,833 @@
+--- pgadmin/include/libssh2/openssl.h.orig	2016-01-07 18:47:32.000000000 +0600
++++ pgadmin/include/libssh2/openssl.h	2018-12-12 14:42:16.774278000 +0700
+@@ -114,54 +114,61 @@
+ 
+ #define _libssh2_random(buf, len) RAND_bytes ((buf), (len))
+ 
+-#define libssh2_sha1_ctx EVP_MD_CTX
++void _libssh2_digest_final(EVP_MD_CTX *ctx, unsigned char *out);
++
++#define libssh2_sha1_ctx EVP_MD_CTX *
+ 
+ /* returns 0 in case of failure */
+ int _libssh2_sha1_init(libssh2_sha1_ctx *ctx);
+ #define libssh2_sha1_init(x) _libssh2_sha1_init(x)
+-#define libssh2_sha1_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len)
+-#define libssh2_sha1_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
++#define libssh2_sha1_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len)
++#define libssh2_sha1_final(ctx, out) _libssh2_digest_final(ctx, out)
+ int _libssh2_sha1(const unsigned char *message, unsigned long len,
+                   unsigned char *out);
+ #define libssh2_sha1(x,y,z) _libssh2_sha1(x,y,z)
+ 
+-#define libssh2_sha256_ctx EVP_MD_CTX
++#define libssh2_sha256_ctx EVP_MD_CTX *
+ 
+ /* returns 0 in case of failure */
+ int _libssh2_sha256_init(libssh2_sha256_ctx *ctx);
+ #define libssh2_sha256_init(x) _libssh2_sha256_init(x)
+-#define libssh2_sha256_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len)
+-#define libssh2_sha256_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
++#define libssh2_sha256_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len)
++#define libssh2_sha256_final(ctx, out) _libssh2_digest_final(ctx, out)
+ int _libssh2_sha256(const unsigned char *message, unsigned long len,
+                   unsigned char *out);
+ #define libssh2_sha256(x,y,z) _libssh2_sha256(x,y,z)
+ 
+-#define libssh2_md5_ctx EVP_MD_CTX
++#define libssh2_md5_ctx EVP_MD_CTX *
+ 
+ /* returns 0 in case of failure */
+ int _libssh2_md5_init(libssh2_md5_ctx *);
+ #define libssh2_md5_init(x) _libssh2_md5_init(x)
+-#define libssh2_md5_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len)
+-#define libssh2_md5_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
++#define libssh2_md5_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len)
++#define libssh2_md5_final(ctx, out) _libssh2_digest_final(ctx, out)
++
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++HMAC_CTX *HMAC_CTX_new(void);
++void HMAC_CTX_free(HMAC_CTX *ctx);
++#endif
+ 
+-#define libssh2_hmac_ctx HMAC_CTX
++#define libssh2_hmac_ctx HMAC_CTX *
+ #define libssh2_hmac_ctx_init(ctx) \
+-  HMAC_CTX_init(&ctx)
+-#define libssh2_hmac_sha1_init(ctx, key, keylen) \
+-  HMAC_Init_ex(ctx, key, keylen, EVP_sha1(), NULL)
+-#define libssh2_hmac_md5_init(ctx, key, keylen) \
+-  HMAC_Init_ex(ctx, key, keylen, EVP_md5(), NULL)
+-#define libssh2_hmac_ripemd160_init(ctx, key, keylen) \
+-  HMAC_Init_ex(ctx, key, keylen, EVP_ripemd160(), NULL)
+-#define libssh2_hmac_sha256_init(ctx, key, keylen) \
+-  HMAC_Init_ex(ctx, key, keylen, EVP_sha256(), NULL)
+-#define libssh2_hmac_sha512_init(ctx, key, keylen) \
+-  HMAC_Init_ex(ctx, key, keylen, EVP_sha512(), NULL)
++  ctx = HMAC_CTX_new()
++#define libssh2_hmac_sha1_init(pctx, key, keylen) \
++  HMAC_Init_ex(*(pctx), key, keylen, EVP_sha1(), NULL)
++#define libssh2_hmac_md5_init(pctx, key, keylen) \
++  HMAC_Init_ex(*(pctx), key, keylen, EVP_md5(), NULL)
++#define libssh2_hmac_ripemd160_init(pctx, key, keylen) \
++  HMAC_Init_ex(*(pctx), key, keylen, EVP_ripemd160(), NULL)
++#define libssh2_hmac_sha256_init(pctx, key, keylen) \
++  HMAC_Init_ex(*(pctx), key, keylen, EVP_sha256(), NULL)
++#define libssh2_hmac_sha512_init(pctx, key, keylen) \
++  HMAC_Init_ex(*(pctx), key, keylen, EVP_sha512(), NULL)
+ 
+ #define libssh2_hmac_update(ctx, data, datalen) \
+-  HMAC_Update(&(ctx), data, datalen)
+-#define libssh2_hmac_final(ctx, data) HMAC_Final(&(ctx), data, NULL)
+-#define libssh2_hmac_cleanup(ctx) HMAC_cleanup(ctx)
++  HMAC_Update(ctx, data, datalen)
++#define libssh2_hmac_final(ctx, data) HMAC_Final(ctx, data, NULL)
++#define libssh2_hmac_cleanup(ctx) HMAC_CTX_free(*(ctx))
+ 
+ #define libssh2_crypto_init() \
+   OpenSSL_add_all_algorithms(); \
+@@ -180,7 +187,7 @@
+ #define _libssh2_dsa_free(dsactx) DSA_free(dsactx)
+ 
+ #define _libssh2_cipher_type(name) const EVP_CIPHER *(*name)(void)
+-#define _libssh2_cipher_ctx EVP_CIPHER_CTX
++#define _libssh2_cipher_ctx EVP_CIPHER_CTX *
+ 
+ #define _libssh2_cipher_aes256 EVP_aes_256_cbc
+ #define _libssh2_cipher_aes192 EVP_aes_192_cbc
+@@ -199,7 +206,7 @@
+ #define _libssh2_cipher_cast5 EVP_cast5_cbc
+ #define _libssh2_cipher_3des EVP_des_ede3_cbc
+ 
+-#define _libssh2_cipher_dtor(ctx) EVP_CIPHER_CTX_cleanup(ctx)
++#define _libssh2_cipher_dtor(ctx) EVP_CIPHER_CTX_free(*(ctx))
+ 
+ #define _libssh2_bn BIGNUM
+ #define _libssh2_bn_ctx BN_CTX
+--- pgadmin/libssh2/openssl.c.orig	2016-01-07 18:47:32.000000000 +0600
++++ pgadmin/libssh2/openssl.c	2018-12-12 14:50:08.851143000 +0700
+@@ -48,6 +48,280 @@
+ #define EVP_MAX_BLOCK_LENGTH 32
+ #endif
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++static void *
++OPENSSL_zalloc(size_t num)
++{
++    void *ret = OPENSSL_malloc(num);
++
++    if (ret != NULL)
++        memset(ret, 0, num);
++    return ret;
++}
++
++HMAC_CTX *
++HMAC_CTX_new(void)
++{   
++    HMAC_CTX *ctx = OPENSSL_zalloc(sizeof(HMAC_CTX));
++    
++    if (ctx != NULL) {
++        HMAC_CTX_init(ctx);
++    }
++    return ctx;
++}
++
++void
++HMAC_CTX_free(HMAC_CTX *ctx)
++{
++    if (ctx != NULL) {
++        HMAC_CTX_cleanup(ctx);
++        OPENSSL_free(ctx);
++    }
++}
++
++static EVP_MD_CTX *
++EVP_MD_CTX_new(void)
++{
++    return EVP_MD_CTX_create();
++}
++
++static void
++EVP_MD_CTX_free(EVP_MD_CTX *ctx)
++{
++    EVP_MD_CTX_destroy(ctx);
++}
++
++static void
++RSA_get0_key(const RSA *r,
++             const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
++{
++    if (n != NULL)
++        *n = r->n;
++    if (e != NULL)
++        *e = r->e;
++    if (d != NULL)
++        *d = r->d;
++}
++
++static int
++RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
++{
++    /* If the fields n and e in r are NULL, the corresponding input
++     * parameters MUST be non-NULL for n and e.  d may be
++     * left NULL (in case only the public key is used).
++     */
++    if ((r->n == NULL && n == NULL)
++        || (r->e == NULL && e == NULL))
++        return 0;
++
++    if (n != NULL) {
++        BN_free(r->n);
++        r->n = n;
++    }
++    if (e != NULL) {
++        BN_free(r->e);
++        r->e = e;
++    }
++    if (d != NULL) {
++        BN_free(r->d);
++        r->d = d;
++    }
++
++    return 1;
++}
++
++static int
++RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q)
++{
++    /* If the fields p and q in r are NULL, the corresponding input
++     * parameters MUST be non-NULL.
++     */
++    if ((r->p == NULL && p == NULL)
++        || (r->q == NULL && q == NULL))
++        return 0;
++
++    if (p != NULL) {
++        BN_free(r->p);
++        r->p = p;
++    }
++    if (q != NULL) {
++        BN_free(r->q);
++        r->q = q;
++    }
++
++    return 1;
++}
++
++static int
++RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp)
++{
++    /* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input
++     * parameters MUST be non-NULL.
++     */
++    if ((r->dmp1 == NULL && dmp1 == NULL)
++        || (r->dmq1 == NULL && dmq1 == NULL)
++        || (r->iqmp == NULL && iqmp == NULL))
++        return 0;
++
++    if (dmp1 != NULL) {
++        BN_free(r->dmp1);
++        r->dmp1 = dmp1;
++    }
++    if (dmq1 != NULL) {
++        BN_free(r->dmq1);
++        r->dmq1 = dmq1;
++    }
++    if (iqmp != NULL) {
++        BN_free(r->iqmp);
++        r->iqmp = iqmp;
++    }
++
++    return 1;
++}
++
++static void
++DSA_get0_pqg(const DSA *d,
++             const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
++{
++    if (p != NULL)
++        *p = d->p;
++    if (q != NULL)
++        *q = d->q;
++    if (g != NULL)
++        *g = d->g;
++}
++
++static int
++DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g)
++{
++    /* If the fields p, q and g in d are NULL, the corresponding input
++     * parameters MUST be non-NULL.
++     */
++    if ((d->p == NULL && p == NULL)
++        || (d->q == NULL && q == NULL)
++        || (d->g == NULL && g == NULL))
++        return 0;
++
++    if (p != NULL) {
++        BN_free(d->p);
++        d->p = p;
++    }
++    if (q != NULL) {
++        BN_free(d->q);
++        d->q = q;
++    }
++    if (g != NULL) {
++        BN_free(d->g);
++        d->g = g;
++    }
++
++    return 1;
++}
++
++static void
++DSA_get0_key(const DSA *d,
++             const BIGNUM **pub_key, const BIGNUM **priv_key)
++{
++    if (pub_key != NULL)
++        *pub_key = d->pub_key;
++    if (priv_key != NULL)
++        *priv_key = d->priv_key;
++}
++
++static int
++DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key)
++{
++    /* If the field pub_key in d is NULL, the corresponding input
++     * parameters MUST be non-NULL.  The priv_key field may
++     * be left NULL.
++     */
++    if (d->pub_key == NULL && pub_key == NULL)
++        return 0;
++
++    if (pub_key != NULL) {
++        BN_free(d->pub_key);
++        d->pub_key = pub_key;
++    }
++    if (priv_key != NULL) {
++        BN_free(d->priv_key);
++        d->priv_key = priv_key;
++    }
++
++    return 1;
++}
++
++static int
++DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s)
++{
++    if (r == NULL || s == NULL)
++        return 0;
++    BN_clear_free(sig->r);
++    BN_clear_free(sig->s);
++    sig->r = r;
++    sig->s = s;
++    return 1;
++}
++
++static void
++DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps)
++{
++    if (pr != NULL)
++        *pr = sig->r;
++    if (ps != NULL)
++        *ps = sig->s;
++}
++
++static EVP_CIPHER *
++EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len)
++{
++    EVP_CIPHER *cipher = OPENSSL_zalloc(sizeof(EVP_CIPHER));
++
++    if (cipher != NULL) {
++        cipher->nid = cipher_type;
++        cipher->block_size = block_size;
++        cipher->key_len = key_len;
++    }
++    return cipher;
++}
++
++static int
++EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len)
++{
++    cipher->iv_len = iv_len;
++    return 1;
++}
++
++static int
++EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
++                         int (*init) (EVP_CIPHER_CTX *ctx,
++                                      const unsigned char *key,
++                                      const unsigned char *iv,
++                                      int enc))
++{
++    cipher->init = init;
++    return 1;
++}
++
++static int
++EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
++                              int (*do_cipher) (EVP_CIPHER_CTX *ctx,
++                                                unsigned char *out,
++                                                const unsigned char *in,
++                                                size_t inl))
++{
++    cipher->do_cipher = do_cipher;
++    return 1;
++}
++
++static int
++EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
++                            int (*cleanup) (EVP_CIPHER_CTX *))
++{
++    cipher->cleanup = cleanup;
++    return 1;
++}
++#endif
++
+ int
+ _libssh2_rsa_new(libssh2_rsa_ctx ** rsa,
+                  const unsigned char *edata,
+@@ -67,31 +341,43 @@
+                  const unsigned char *coeffdata, unsigned long coefflen)
+ {
+     *rsa = RSA_new();
++    BIGNUM *e, *n;
++
++    e = BN_new();
++    BN_bin2bn(edata, elen, e);
+ 
+-    (*rsa)->e = BN_new();
+-    BN_bin2bn(edata, elen, (*rsa)->e);
++    n = BN_new();
++    BN_bin2bn(ndata, nlen, n);
+ 
+-    (*rsa)->n = BN_new();
+-    BN_bin2bn(ndata, nlen, (*rsa)->n);
++    RSA_set0_key(*rsa, n, e, NULL);
+ 
+     if (ddata) {
+-        (*rsa)->d = BN_new();
+-        BN_bin2bn(ddata, dlen, (*rsa)->d);
++        BIGNUM *d;
++        BIGNUM *p, *q, *dmp1, *dmq1, *iqmp;
++
++        d = BN_new();
++        BN_bin2bn(ddata, dlen, d);
++
++        RSA_set0_key(*rsa, 0, 0, d);
++
++        p = BN_new();
++        BN_bin2bn(pdata, plen, p);
++
++        q = BN_new();
++        BN_bin2bn(qdata, qlen, q);
+ 
+-        (*rsa)->p = BN_new();
+-        BN_bin2bn(pdata, plen, (*rsa)->p);
++        RSA_set0_factors(*rsa, p, q);
+ 
+-        (*rsa)->q = BN_new();
+-        BN_bin2bn(qdata, qlen, (*rsa)->q);
++        dmp1 = BN_new();
++        BN_bin2bn(e1data, e1len, dmp1);
+ 
+-        (*rsa)->dmp1 = BN_new();
+-        BN_bin2bn(e1data, e1len, (*rsa)->dmp1);
++        dmq1 = BN_new();
++        BN_bin2bn(e2data, e2len, dmq1);
+ 
+-        (*rsa)->dmq1 = BN_new();
+-        BN_bin2bn(e2data, e2len, (*rsa)->dmq1);
++        iqmp = BN_new();
++        BN_bin2bn(coeffdata, coefflen, iqmp);
+ 
+-        (*rsa)->iqmp = BN_new();
+-        BN_bin2bn(coeffdata, coefflen, (*rsa)->iqmp);
++        RSA_set0_crt_params(*rsa, dmp1, dmq1, iqmp);
+     }
+     return 0;
+ }
+@@ -125,25 +411,34 @@
+                  unsigned long y_len,
+                  const unsigned char *x, unsigned long x_len)
+ {
++    BIGNUM *pn, *qn, *gn;
++    BIGNUM *pub_key, *priv_key;
++
+     *dsactx = DSA_new();
+ 
+-    (*dsactx)->p = BN_new();
+-    BN_bin2bn(p, p_len, (*dsactx)->p);
++    pn = BN_new();
++    BN_bin2bn(p, p_len, pn);
++
++    qn = BN_new();
++    BN_bin2bn(q, q_len, qn);
+ 
+-    (*dsactx)->q = BN_new();
+-    BN_bin2bn(q, q_len, (*dsactx)->q);
++    gn = BN_new();
++    BN_bin2bn(g, g_len, gn);
+ 
+-    (*dsactx)->g = BN_new();
+-    BN_bin2bn(g, g_len, (*dsactx)->g);
++    DSA_set0_pqg(*dsactx, pn, qn, gn);
+ 
+-    (*dsactx)->pub_key = BN_new();
+-    BN_bin2bn(y, y_len, (*dsactx)->pub_key);
++    pub_key = BN_new();
++    BN_bin2bn(y, y_len, pub_key);
+ 
+     if (x_len) {
+-        (*dsactx)->priv_key = BN_new();
+-        BN_bin2bn(x, x_len, (*dsactx)->priv_key);
++        priv_key = BN_new();
++        BN_bin2bn(x, x_len, priv_key);
++    } else {
++        priv_key = NULL;
+     }
+ 
++    DSA_set0_key(*dsactx, pub_key, priv_key);
++
+     return 0;
+ }
+ 
+@@ -153,20 +448,22 @@
+                          const unsigned char *m, unsigned long m_len)
+ {
+     unsigned char hash[SHA_DIGEST_LENGTH];
+-    DSA_SIG dsasig;
++    DSA_SIG *dsasig;
++    BIGNUM *r, *s;
+     int ret = -1;
+ 
+-    dsasig.r = BN_new();
+-    BN_bin2bn(sig, 20, dsasig.r);
+-    dsasig.s = BN_new();
+-    BN_bin2bn(sig + 20, 20, dsasig.s);
++    dsasig = DSA_SIG_new();
++    r = BN_new();
++    BN_bin2bn(sig, 20, r);
++    s = BN_new();
++    BN_bin2bn(sig + 20, 20, s);
++    DSA_SIG_set0(dsasig, r, s);
+ 
+     if (!_libssh2_sha1(m, m_len, hash))
+         /* _libssh2_sha1() succeeded */
+-        ret = DSA_do_verify(hash, SHA_DIGEST_LENGTH, &dsasig, dsactx);
++        ret = DSA_do_verify(hash, SHA_DIGEST_LENGTH, dsasig, dsactx);
+ 
+-    BN_clear_free(dsasig.s);
+-    BN_clear_free(dsasig.r);
++    DSA_SIG_free(dsasig);
+ 
+     return (ret == 1) ? 0 : -1;
+ }
+@@ -177,8 +474,8 @@
+                      _libssh2_cipher_type(algo),
+                      unsigned char *iv, unsigned char *secret, int encrypt)
+ {
+-    EVP_CIPHER_CTX_init(h);
+-    return !EVP_CipherInit(h, algo(), secret, iv, encrypt);
++    *h = EVP_CIPHER_CTX_new();
++    return !EVP_CipherInit(*h, algo(), secret, iv, encrypt);
+ }
+ 
+ int
+@@ -191,7 +488,7 @@
+     (void) algo;
+     (void) encrypt;
+ 
+-    ret = EVP_Cipher(ctx, buf, block, blocksize);
++    ret = EVP_Cipher(*ctx, buf, block, blocksize);
+     if (ret == 1) {
+         memcpy(block, buf, blocksize);
+     }
+@@ -222,7 +519,7 @@
+     const EVP_CIPHER *aes_cipher;
+     (void) enc;
+ 
+-    switch (ctx->key_len) {
++    switch (EVP_CIPHER_CTX_key_length(ctx)) {
+     case 16:
+         aes_cipher = EVP_aes_128_ecb();
+         break;
+@@ -240,7 +537,7 @@
+     if (c == NULL)
+         return 0;
+ 
+-    c->aes_ctx = malloc(sizeof(EVP_CIPHER_CTX));
++    c->aes_ctx = EVP_CIPHER_CTX_new();
+     if (c->aes_ctx == NULL) {
+         free(c);
+         return 0;
+@@ -312,7 +609,7 @@
+     }
+ 
+     if (c->aes_ctx != NULL) {
+-        _libssh2_cipher_dtor(c->aes_ctx);
++        _libssh2_cipher_dtor(&(c->aes_ctx));
+         free(c->aes_ctx);
+     }
+ 
+@@ -322,40 +619,40 @@
+ }
+ 
+ static const EVP_CIPHER *
+-make_ctr_evp (size_t keylen, EVP_CIPHER *aes_ctr_cipher)
++make_ctr_evp (size_t keylen, EVP_CIPHER **aes_ctr_cipher)
+ {
+-    aes_ctr_cipher->block_size = 16;
+-    aes_ctr_cipher->key_len = keylen;
+-    aes_ctr_cipher->iv_len = 16;
+-    aes_ctr_cipher->init = aes_ctr_init;
+-    aes_ctr_cipher->do_cipher = aes_ctr_do_cipher;
+-    aes_ctr_cipher->cleanup = aes_ctr_cleanup;
++    if (*aes_ctr_cipher == NULL) {
++        *aes_ctr_cipher = EVP_CIPHER_meth_new(0, 16, keylen);
++        if (*aes_ctr_cipher != NULL) {
++            EVP_CIPHER_meth_set_iv_length(*aes_ctr_cipher, 16);
++            EVP_CIPHER_meth_set_init(*aes_ctr_cipher, aes_ctr_init);
++            EVP_CIPHER_meth_set_do_cipher(*aes_ctr_cipher, aes_ctr_do_cipher);
++            EVP_CIPHER_meth_set_cleanup(*aes_ctr_cipher, aes_ctr_cleanup);
++        }
++    }
+ 
+-    return aes_ctr_cipher;
++    return *aes_ctr_cipher;
+ }
+ 
+ const EVP_CIPHER *
+ _libssh2_EVP_aes_128_ctr(void)
+ {
+-    static EVP_CIPHER aes_ctr_cipher;
+-    return !aes_ctr_cipher.key_len?
+-        make_ctr_evp (16, &aes_ctr_cipher) : &aes_ctr_cipher;
++    static EVP_CIPHER *aes_ctr_cipher;
++    return make_ctr_evp(16, &aes_ctr_cipher);
+ }
+ 
+ const EVP_CIPHER *
+ _libssh2_EVP_aes_192_ctr(void)
+ {
+-    static EVP_CIPHER aes_ctr_cipher;
+-    return !aes_ctr_cipher.key_len?
+-        make_ctr_evp (24, &aes_ctr_cipher) : &aes_ctr_cipher;
++    static EVP_CIPHER *aes_ctr_cipher;
++    return make_ctr_evp(24, &aes_ctr_cipher);
+ }
+ 
+ const EVP_CIPHER *
+ _libssh2_EVP_aes_256_ctr(void)
+ {
+-    static EVP_CIPHER aes_ctr_cipher;
+-    return !aes_ctr_cipher.key_len?
+-        make_ctr_evp (32, &aes_ctr_cipher) : &aes_ctr_cipher;
++    static EVP_CIPHER *aes_ctr_cipher;
++    return make_ctr_evp(32, &aes_ctr_cipher);
+ }
+ 
+ void _libssh2_init_aes_ctr(void)
+@@ -536,6 +833,7 @@
+                        unsigned long hash_len, unsigned char *signature)
+ {
+     DSA_SIG *sig;
++    const BIGNUM *r, *s;
+     int r_len, s_len;
+     (void) hash_len;
+ 
+@@ -544,12 +842,13 @@
+         return -1;
+     }
+ 
+-    r_len = BN_num_bytes(sig->r);
++    DSA_SIG_get0(sig, &r, &s);
++    r_len = BN_num_bytes(r);
+     if (r_len < 1 || r_len > 20) {
+         DSA_SIG_free(sig);
+         return -1;
+     }
+-    s_len = BN_num_bytes(sig->s);
++    s_len = BN_num_bytes(s);
+     if (s_len < 1 || s_len > 20) {
+         DSA_SIG_free(sig);
+         return -1;
+@@ -557,8 +856,8 @@
+ 
+     memset(signature, 0, 40);
+ 
+-    BN_bn2bin(sig->r, signature + (20 - r_len));
+-    BN_bn2bin(sig->s, signature + 20 + (20 - s_len));
++    BN_bn2bin(r, signature + (20 - r_len));
++    BN_bn2bin(s, signature + 20 + (20 - s_len));
+ 
+     DSA_SIG_free(sig);
+ 
+@@ -566,55 +865,66 @@
+ }
+ #endif /* LIBSSH_DSA */
+ 
++void
++_libssh2_digest_final(libssh2_md5_ctx ctx, unsigned char *out)
++{
++    EVP_DigestFinal(ctx, out, NULL);
++    EVP_MD_CTX_free(ctx);
++}
++
+ int
+ _libssh2_sha1_init(libssh2_sha1_ctx *ctx)
+ {
+-    EVP_MD_CTX_init(ctx);
+-    return EVP_DigestInit(ctx, EVP_get_digestbyname("sha1"));
++    EVP_MD_CTX_init(*ctx);
++    return EVP_DigestInit(*ctx, EVP_get_digestbyname("sha1"));
+ }
+ 
+ int
+ _libssh2_sha1(const unsigned char *message, unsigned long len,
+               unsigned char *out)
+ {
+-    EVP_MD_CTX ctx;
++    EVP_MD_CTX *ctx;
+ 
+-    EVP_MD_CTX_init(&ctx);
+-    if (EVP_DigestInit(&ctx, EVP_get_digestbyname("sha1"))) {
+-        EVP_DigestUpdate(&ctx, message, len);
+-        EVP_DigestFinal(&ctx, out, NULL);
++    ctx = EVP_MD_CTX_new();
++    if (EVP_DigestInit(ctx, EVP_get_digestbyname("sha1"))) {
++        EVP_DigestUpdate(ctx, message, len);
++        EVP_DigestFinal(ctx, out, NULL);
++        EVP_MD_CTX_free(ctx);
+         return 0; /* success */
+     }
++    EVP_MD_CTX_free(ctx);
+     return 1; /* error */
+ }
+ 
+ int
+ _libssh2_sha256_init(libssh2_sha256_ctx *ctx)
+ {
+-    EVP_MD_CTX_init(ctx);
+-    return EVP_DigestInit(ctx, EVP_get_digestbyname("sha256"));
++    EVP_MD_CTX_init(*ctx);
++    return EVP_DigestInit(*ctx, EVP_get_digestbyname("sha256"));
+ }
+ 
+ int
+ _libssh2_sha256(const unsigned char *message, unsigned long len,
+                 unsigned char *out)
+ {
+-    EVP_MD_CTX ctx;
++    EVP_MD_CTX *ctx;
+ 
+-    EVP_MD_CTX_init(&ctx);
+-    if(EVP_DigestInit(&ctx, EVP_get_digestbyname("sha256"))) {
+-        EVP_DigestUpdate(&ctx, message, len);
+-        EVP_DigestFinal(&ctx, out, NULL);
++    ctx = EVP_MD_CTX_new();
++    if(EVP_DigestInit(ctx, EVP_get_digestbyname("sha256"))) {
++        EVP_DigestUpdate(ctx, message, len);
++        EVP_DigestFinal(ctx, out, NULL);
++        EVP_MD_CTX_free(ctx);
+         return 0; /* success */
+     }
++    EVP_MD_CTX_free(ctx);
+     return 1; /* error */
+ }
+ 
+ int
+ _libssh2_md5_init(libssh2_md5_ctx *ctx)
+ {
+-    EVP_MD_CTX_init(ctx);
+-    return EVP_DigestInit(ctx, EVP_get_digestbyname("md5"));
++    EVP_MD_CTX_init(*ctx);
++    return EVP_DigestInit(*ctx, EVP_get_digestbyname("md5"));
+ }
+ 
+ static unsigned char *
+@@ -639,13 +949,15 @@
+ gen_publickey_from_rsa(LIBSSH2_SESSION *session, RSA *rsa,
+                        size_t *key_len)
+ {
++    const BIGNUM *e, *n;
+     int            e_bytes, n_bytes;
+     unsigned long  len;
+     unsigned char* key;
+     unsigned char* p;
+ 
+-    e_bytes = BN_num_bytes(rsa->e) + 1;
+-    n_bytes = BN_num_bytes(rsa->n) + 1;
++    RSA_get0_key(rsa, &n, &e, NULL);
++    e_bytes = BN_num_bytes(e) + 1;
++    n_bytes = BN_num_bytes(n) + 1;
+ 
+     /* Key form is "ssh-rsa" + e + n. */
+     len = 4 + 7 + 4 + e_bytes + 4 + n_bytes;
+@@ -663,8 +975,8 @@
+     memcpy(p, "ssh-rsa", 7);
+     p += 7;
+ 
+-    p = write_bn(p, rsa->e, e_bytes);
+-    p = write_bn(p, rsa->n, n_bytes);
++    p = write_bn(p, e, e_bytes);
++    p = write_bn(p, n, n_bytes);
+ 
+     *key_len = (size_t)(p - key);
+     return key;
+@@ -675,15 +987,18 @@
+ gen_publickey_from_dsa(LIBSSH2_SESSION* session, DSA *dsa,
+                        size_t *key_len)
+ {
++    const BIGNUM *pn, *qn, *gn, *pub_key;
+     int            p_bytes, q_bytes, g_bytes, k_bytes;
+     unsigned long  len;
+     unsigned char* key;
+     unsigned char* p;
+ 
+-    p_bytes = BN_num_bytes(dsa->p) + 1;
+-    q_bytes = BN_num_bytes(dsa->q) + 1;
+-    g_bytes = BN_num_bytes(dsa->g) + 1;
+-    k_bytes = BN_num_bytes(dsa->pub_key) + 1;
++    DSA_get0_pqg(dsa, &pn, &qn, &gn);
++    p_bytes = BN_num_bytes(pn) + 1;
++    q_bytes = BN_num_bytes(qn) + 1;
++    g_bytes = BN_num_bytes(gn) + 1;
++    DSA_get0_key(dsa, &pub_key, NULL);
++    k_bytes = BN_num_bytes(pub_key) + 1;
+ 
+     /* Key form is "ssh-dss" + p + q + g + pub_key. */
+     len = 4 + 7 + 4 + p_bytes + 4 + q_bytes + 4 + g_bytes + 4 + k_bytes;
+@@ -701,10 +1016,10 @@
+     memcpy(p, "ssh-dss", 7);
+     p += 7;
+ 
+-    p = write_bn(p, dsa->p, p_bytes);
+-    p = write_bn(p, dsa->q, q_bytes);
+-    p = write_bn(p, dsa->g, g_bytes);
+-    p = write_bn(p, dsa->pub_key, k_bytes);
++    p = write_bn(p, pn, p_bytes);
++    p = write_bn(p, qn, q_bytes);
++    p = write_bn(p, gn, g_bytes);
++    p = write_bn(p, pub_key, k_bytes);
+ 
+     *key_len = (size_t)(p - key);
+     return key;
+@@ -867,7 +1182,7 @@
+                               "private key file format");
+     }
+ 
+-    switch (pk->type) {
++    switch (EVP_PKEY_base_id(pk)) {
+     case EVP_PKEY_RSA :
+         st = gen_publickey_from_rsa_evp(
+             session, method, method_len, pubkeydata, pubkeydata_len, pk);
+@@ -936,7 +1251,7 @@
+                               "private key file format");
+     }
+ 
+-    switch (pk->type) {
++    switch (EVP_PKEY_base_id(pk)) {
+     case EVP_PKEY_RSA :
+         st = gen_publickey_from_rsa_evp(session, method, method_len,
+                                         pubkeydata, pubkeydata_len, pk);



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201812120847.wBC8ltqA059776>