openssl upgrade fix provided by Shokara Kou, thank you

This commit is contained in:
psyc://psyced.org/~lynX 2016-08-10 15:45:02 +00:00
parent 2d84973630
commit ea71901049
2 changed files with 24 additions and 17 deletions

View File

@ -153,7 +153,8 @@ tls_verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
char buf[512];
printf("%s tls_verify_callback(%d, ...)\n", time_stamp(), preverify_ok);
X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, sizeof buf);
X509_NAME_oneline(X509_get_issuer_name(X509_STORE_CTX_get_current_cert(ctx)),
buf, sizeof buf);
printf("depth %d: %s\n", X509_STORE_CTX_get_error_depth(ctx), buf);
}
#if 0
@ -1270,11 +1271,11 @@ f_tls_check_certificate(svalue_t *sp)
break;
}
/* extension name */
len = OBJ_obj2txt(buf, sizeof buf, ext->object, 1);
len = OBJ_obj2txt(buf, sizeof buf, X509_EXTENSION_get_object(ext), 1);
if (len > sizeof buf) len = sizeof buf;
put_c_n_string(&(extensions->item[3 * i]), (char *)buf, len);
len = OBJ_obj2txt(buf, sizeof buf, ext->object, 0);
len = OBJ_obj2txt(buf, sizeof buf, X509_EXTENSION_get_object(ext), 0);
if (len > sizeof buf) len = sizeof buf;
put_c_n_string(&(extensions->item[3 * i + 1]), (char *)buf, len);
@ -1573,16 +1574,18 @@ f_tls_query_connection_info (svalue_t *sp)
vector_t * rc;
rc = allocate_array(TLS_INFO_MAX);
#ifdef HAS_OPENSSL
SSL_SESSION *sess = SSL_get_session(ip->tls_session);
unsigned int sess_id_len;
put_c_string(&(rc->item[TLS_CIPHER])
, SSL_get_cipher(ip->tls_session));
put_number(&(rc->item[TLS_COMP]), ip->tls_session->session->compress_meth);
put_number(&(rc->item[TLS_COMP]), SSL_SESSION_get_compress_id(sess));
put_number(&(rc->item[TLS_KX]), 0);
put_number(&(rc->item[TLS_MAC]), 0);
put_c_string(&(rc->item[TLS_PROT])
, SSL_get_version(ip->tls_session));
/* warning: this session id is binary .. maybe fix it someday */
put_c_n_string(&(rc->item[TLS_SESSION])
, (char*) ip->tls_session->session->session_id, ip->tls_session->session->session_id_length);
, (char*) SSL_SESSION_get_id(sess, &sess_id_len), sess_id_len);
#elif defined(HAS_GNUTLS)
put_number(&(rc->item[TLS_CIPHER])
, gnutls_cipher_get(ip->tls_session));
@ -1751,7 +1754,7 @@ v_hash(svalue_t *sp, int num_arg)
errorf("GnuTLS does not provide the hash API.\n");
/* NOTREACHED */
#else
EVP_MD_CTX ctx;
EVP_MD_CTX *ctx;
const EVP_MD *md = NULL;
char *tmp;
string_t *digest;
@ -1808,16 +1811,18 @@ v_hash(svalue_t *sp, int num_arg)
memsafe(tmp = xalloc(hashlen), hashlen, "hash result");
EVP_DigestInit(&ctx, md);
EVP_DigestUpdate(&ctx, (unsigned char *)get_txt(sp->u.str),
ctx = EVP_MD_CTX_new();
EVP_DigestInit(ctx, md);
EVP_DigestUpdate(ctx, (unsigned char *)get_txt(sp->u.str),
mstrsize(sp->u.str));
EVP_DigestFinal(&ctx, (unsigned char*)tmp, &len);
EVP_DigestFinal(ctx, (unsigned char*)tmp, &len);
while (--iterations > 0)
{
EVP_DigestInit(&ctx, md);
EVP_DigestUpdate(&ctx, tmp, len);
EVP_DigestFinal(&ctx, (unsigned char*)tmp, &len);
EVP_DigestInit(ctx, md);
EVP_DigestUpdate(ctx, tmp, len);
EVP_DigestFinal(ctx, (unsigned char*)tmp, &len);
}
memsafe(digest = alloc_mstring(2 * len), 2 & len, "hex hash result");
@ -1855,7 +1860,7 @@ f_hmac(svalue_t *sp)
errorf("OpenSSL wasn't configured to provide the hmac() method.");
/* NOTREACHED */
#else
HMAC_CTX ctx;
HMAC_CTX *ctx;
const EVP_MD *md = NULL;
char *tmp;
string_t *digest;
@ -1895,9 +1900,11 @@ f_hmac(svalue_t *sp)
memsafe(tmp = xalloc(hashlen), hashlen, "hash result");
HMAC_Init(&ctx, get_txt(sp[-1].u.str), mstrsize(sp[-1].u.str), md);
HMAC_Update(&ctx, (unsigned char*)get_txt(sp->u.str), mstrsize(sp->u.str));
HMAC_Final(&ctx, (unsigned char*)tmp, &len);
ctx = HMAC_CTX_new();
HMAC_Init(ctx, get_txt(sp[-1].u.str), mstrsize(sp[-1].u.str), md);
HMAC_Update(ctx, (unsigned char*)get_txt(sp->u.str), mstrsize(sp->u.str));
HMAC_Final(ctx, (unsigned char*)tmp, &len);
memsafe(digest = alloc_mstring(2 * hashlen)
, 2 & hashlen, "hmac result");

View File

@ -17,7 +17,7 @@ version_longtype="stable"
# A timestamp, to be used by bumpversion and other scripts.
# It can be used, for example, to 'touch' this file on every build, thus
# forcing revision control systems to add it on every checkin automatically.
version_stamp="Wed Mar 1 18:42:11 CET 2017"
version_stamp="Mon Nov 21 10:43:28 AM CET 2022"
# Okay, LDMUD is using 3.x.x so to avoid conflicts let's just use 4.x.x
version_major=4