From owner-svn-src-projects@freebsd.org  Wed Sep 19 07:06:21 2018
Return-Path: <owner-svn-src-projects@freebsd.org>
Delivered-To: svn-src-projects@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7CEEA1091B4E
 for <svn-src-projects@mailman.ysv.freebsd.org>;
 Wed, 19 Sep 2018 07:06:21 +0000 (UTC)
 (envelope-from jkim@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 2959A74627;
 Wed, 19 Sep 2018 07:06:21 +0000 (UTC)
 (envelope-from jkim@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 20CD63AF9;
 Wed, 19 Sep 2018 07:06:21 +0000 (UTC)
 (envelope-from jkim@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w8J76KnQ071920;
 Wed, 19 Sep 2018 07:06:20 GMT (envelope-from jkim@FreeBSD.org)
Received: (from jkim@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id w8J76KSD071919;
 Wed, 19 Sep 2018 07:06:20 GMT (envelope-from jkim@FreeBSD.org)
Message-Id: <201809190706.w8J76KSD071919@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: jkim set sender to
 jkim@FreeBSD.org using -f
From: Jung-uk Kim <jkim@FreeBSD.org>
Date: Wed, 19 Sep 2018 07:06:20 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-projects@freebsd.org
Subject: svn commit: r338781 - projects/openssl111/lib/libradius
X-SVN-Group: projects
X-SVN-Commit-Author: jkim
X-SVN-Commit-Paths: projects/openssl111/lib/libradius
X-SVN-Commit-Revision: 338781
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-projects@freebsd.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "SVN commit messages for the src &quot; projects&quot;
 tree" <svn-src-projects.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-projects>, 
 <mailto:svn-src-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-projects/>
List-Post: <mailto:svn-src-projects@freebsd.org>
List-Help: <mailto:svn-src-projects-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-projects>, 
 <mailto:svn-src-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Sep 2018 07:06:21 -0000

Author: jkim
Date: Wed Sep 19 07:06:20 2018
New Revision: 338781
URL: https://svnweb.freebsd.org/changeset/base/338781

Log:
  Make libradius(3) buildable.

Modified:
  projects/openssl111/lib/libradius/radlib.c

Modified: projects/openssl111/lib/libradius/radlib.c
==============================================================================
--- projects/openssl111/lib/libradius/radlib.c	Wed Sep 19 07:05:31 2018	(r338780)
+++ projects/openssl111/lib/libradius/radlib.c	Wed Sep 19 07:06:20 2018	(r338781)
@@ -156,22 +156,21 @@ insert_message_authenticator(struct rad_handle *h, int
 	u_char md[EVP_MAX_MD_SIZE];
 	u_int md_len;
 	const struct rad_server *srvp;
-	HMAC_CTX ctx;
+	HMAC_CTX *ctx;
 	srvp = &h->servers[h->srv];
 
 	if (h->authentic_pos != 0) {
-		HMAC_CTX_init(&ctx);
-		HMAC_Init(&ctx, srvp->secret, strlen(srvp->secret), EVP_md5());
-		HMAC_Update(&ctx, &h->out[POS_CODE], POS_AUTH - POS_CODE);
+		ctx = HMAC_CTX_new();
+		HMAC_Init_ex(ctx, srvp->secret, strlen(srvp->secret), EVP_md5(), NULL);
+		HMAC_Update(ctx, &h->out[POS_CODE], POS_AUTH - POS_CODE);
 		if (resp)
-		    HMAC_Update(&ctx, &h->in[POS_AUTH], LEN_AUTH);
+		    HMAC_Update(ctx, &h->in[POS_AUTH], LEN_AUTH);
 		else
-		    HMAC_Update(&ctx, &h->out[POS_AUTH], LEN_AUTH);
-		HMAC_Update(&ctx, &h->out[POS_ATTRS],
+		    HMAC_Update(ctx, &h->out[POS_AUTH], LEN_AUTH);
+		HMAC_Update(ctx, &h->out[POS_ATTRS],
 		    h->out_len - POS_ATTRS);
-		HMAC_Final(&ctx, md, &md_len);
-		HMAC_CTX_cleanup(&ctx);
-		HMAC_cleanup(&ctx);
+		HMAC_Final(ctx, md, &md_len);
+		HMAC_CTX_free(ctx);
 		memcpy(&h->out[h->authentic_pos + 2], md, md_len);
 	}
 #endif
@@ -190,7 +189,7 @@ is_valid_response(struct rad_handle *h, int srv,
 	const struct rad_server *srvp;
 	int len;
 #ifdef WITH_SSL
-	HMAC_CTX hctx;
+	HMAC_CTX *hctx;
 	u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE];
 	u_int md_len;
 	int pos;
@@ -232,31 +231,33 @@ is_valid_response(struct rad_handle *h, int srv,
 		pos = POS_ATTRS;
 
 		/* Search and verify the Message-Authenticator */
+		hctx = HMAC_CTX_new();
 		while (pos < len - 2) {
 
 			if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) {
 				/* zero fill the Message-Authenticator */
 				memset(&resp[pos + 2], 0, MD5_DIGEST_LENGTH);
 
-				HMAC_CTX_init(&hctx);
-				HMAC_Init(&hctx, srvp->secret,
-				    strlen(srvp->secret), EVP_md5());
-				HMAC_Update(&hctx, &h->in[POS_CODE],
+				HMAC_Init_ex(hctx, srvp->secret,
+				    strlen(srvp->secret), EVP_md5(), NULL);
+				HMAC_Update(hctx, &h->in[POS_CODE],
 				    POS_AUTH - POS_CODE);
-				HMAC_Update(&hctx, &h->out[POS_AUTH],
+				HMAC_Update(hctx, &h->out[POS_AUTH],
 				    LEN_AUTH);
-				HMAC_Update(&hctx, &resp[POS_ATTRS],
+				HMAC_Update(hctx, &resp[POS_ATTRS],
 				    h->in_len - POS_ATTRS);
-				HMAC_Final(&hctx, md, &md_len);
-				HMAC_CTX_cleanup(&hctx);
-				HMAC_cleanup(&hctx);
+				HMAC_Final(hctx, md, &md_len);
+				HMAC_CTX_reset(hctx);
 				if (memcmp(md, &h->in[pos + 2],
-				    MD5_DIGEST_LENGTH) != 0)
+				    MD5_DIGEST_LENGTH) != 0) {
+					HMAC_CTX_free(hctx);
 					return 0;
+				}
 				break;
 			}
 			pos += h->in[pos + 1];
 		}
+		HMAC_CTX_free(hctx);
 	}
 #endif
 	return 1;
@@ -273,7 +274,7 @@ is_valid_request(struct rad_handle *h)
 	const struct rad_server *srvp;
 	int len;
 #ifdef WITH_SSL
-	HMAC_CTX hctx;
+	HMAC_CTX *hctx;
 	u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE];
 	u_int md_len;
 	int pos;
@@ -304,6 +305,7 @@ is_valid_request(struct rad_handle *h)
 #ifdef WITH_SSL
 	/* Search and verify the Message-Authenticator */
 	pos = POS_ATTRS;
+	hctx = HMAC_CTX_new();
 	while (pos < len - 2) {
 		if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) {
 			memcpy(resp, h->in, MSGSIZE);
@@ -313,20 +315,21 @@ is_valid_request(struct rad_handle *h)
 			/* zero fill the Message-Authenticator */
 			memset(&resp[pos + 2], 0, MD5_DIGEST_LENGTH);
 
-			HMAC_CTX_init(&hctx);
-			HMAC_Init(&hctx, srvp->secret,
-			    strlen(srvp->secret), EVP_md5());
-			HMAC_Update(&hctx, resp, h->in_len);
-			HMAC_Final(&hctx, md, &md_len);
-			HMAC_CTX_cleanup(&hctx);
-			HMAC_cleanup(&hctx);
+			HMAC_Init_ex(hctx, srvp->secret,
+			    strlen(srvp->secret), EVP_md5(), NULL);
+			HMAC_Update(hctx, resp, h->in_len);
+			HMAC_Final(hctx, md, &md_len);
+			HMAC_CTX_reset(hctx);
 			if (memcmp(md, &h->in[pos + 2],
-			    MD5_DIGEST_LENGTH) != 0)
+			    MD5_DIGEST_LENGTH) != 0) {
+				HMAC_CTX_free(hctx);
 				return (0);
+			}
 			break;
 		}
 		pos += h->in[pos + 1];
 	}
+	HMAC_CTX_free(hctx);
 #endif
 	return (1);
 }