summaryrefslogtreecommitdiff
path: root/libraries/liboauth/liboauth-1.0.3-openssl-1.1.0-2.patch
blob: eafd3eb9bffa413c6108333db74e49e356fcc440 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
Submitted by:            DJ Lucas (dj_AT_linuxfromscratch_DOT_org)
Date:                    2017-05-27
Initial Package Version: 1.0.3
Update by:               Bruce Dubbs
Date:                    2017-06-14
Upstream Status:         Submitted
Origin:                  https://github.com/x42/liboauth/issues/9
Description:             Fixes build issue with OpenSSL-1.1.0.
Update:                  Additional fix from upstream.  Three lines changed.

diff -Naurp liboauth-1.0.3-orig/src/hash.c liboauth-1.0.3/src/hash.c
--- liboauth-1.0.3-orig/src/hash.c	2013-10-04 08:02:50.000000000 -0500
+++ liboauth-1.0.3/src/hash.c	2017-05-27 00:51:04.708633351 -0500
@@ -362,6 +362,11 @@ looser:
 #include "oauth.h" // base64 encode fn's.
 #include <openssl/hmac.h>
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000
+#define EVP_MD_CTX_new EVP_MD_CTX_create
+#define EVP_MD_CTX_free EVP_MD_CTX_destroy
+#endif
+
 char *oauth_sign_hmac_sha1 (const char *m, const char *k) {
   return(oauth_sign_hmac_sha1_raw (m, strlen(m), k, strlen(k)));
 }
@@ -386,7 +391,7 @@ char *oauth_sign_rsa_sha1 (const char *m
   unsigned char *sig = NULL;
   unsigned char *passphrase = NULL;
   unsigned int len=0;
-  EVP_MD_CTX md_ctx;
+  EVP_MD_CTX *md_ctx;
 
   EVP_PKEY *pkey;
   BIO *in;
@@ -399,24 +404,31 @@ char *oauth_sign_rsa_sha1 (const char *m
     return xstrdup("liboauth/OpenSSL: can not read private key");
   }
 
+  md_ctx = EVP_MD_CTX_new();
+  if (md_ctx == NULL) {
+          return xstrdup("liboauth/OpenSSL: failed to allocate EVP_MD_CTX");
+  }
+
   len = EVP_PKEY_size(pkey);
   sig = (unsigned char*)xmalloc((len+1)*sizeof(char));
 
-  EVP_SignInit(&md_ctx, EVP_sha1());
-  EVP_SignUpdate(&md_ctx, m, strlen(m));
-  if (EVP_SignFinal (&md_ctx, sig, &len, pkey)) {
+  EVP_SignInit(md_ctx, EVP_sha1());
+  EVP_SignUpdate(md_ctx, m, strlen(m));
+  if (EVP_SignFinal (md_ctx, sig, &len, pkey)) {
     char *tmp;
     sig[len] = '\0';
     tmp = oauth_encode_base64(len,sig);
     OPENSSL_free(sig);
     EVP_PKEY_free(pkey);
+    EVP_MD_CTX_free(md_ctx);
     return tmp;
   }
+  EVP_MD_CTX_free(md_ctx);
   return xstrdup("liboauth/OpenSSL: rsa-sha1 signing failed");
 }
 
 int oauth_verify_rsa_sha1 (const char *m, const char *c, const char *s) {
-  EVP_MD_CTX md_ctx;
+  EVP_MD_CTX *md_ctx;
   EVP_PKEY *pkey;
   BIO *in;
   X509 *cert = NULL;
@@ -437,13 +449,18 @@ int oauth_verify_rsa_sha1 (const char *m
     return -2;
   }
 
+	md_ctx = EVP_MD_CTX_new();
+	if (md_ctx == NULL) {
+		return -2;
+	}
+
   b64d= (unsigned char*) xmalloc(sizeof(char)*strlen(s));
   slen = oauth_decode_base64(b64d, s);
 
-  EVP_VerifyInit(&md_ctx, EVP_sha1());
-  EVP_VerifyUpdate(&md_ctx, m, strlen(m));
-  err = EVP_VerifyFinal(&md_ctx, b64d, slen, pkey);
-  EVP_MD_CTX_cleanup(&md_ctx);
+  EVP_VerifyInit(md_ctx, EVP_sha1());
+  EVP_VerifyUpdate(md_ctx, m, strlen(m));
+  err = EVP_VerifyFinal(md_ctx, b64d, slen, pkey);
+  EVP_MD_CTX_free(pkey);
   EVP_PKEY_free(pkey);
   xfree(b64d);
   return (err);
@@ -455,35 +472,41 @@ int oauth_verify_rsa_sha1 (const char *m
  */
 char *oauth_body_hash_file(char *filename) {
   unsigned char fb[BUFSIZ];
-  EVP_MD_CTX ctx;
+  EVP_MD_CTX *ctx;
   size_t len=0;
   unsigned char *md;
   FILE *F= fopen(filename, "r");
   if (!F) return NULL;
 
-  EVP_MD_CTX_init(&ctx);
-  EVP_DigestInit(&ctx,EVP_sha1());
+  ctx = EVP_MD_CTX_new();
+  if (ctx == NULL) {
+          return xstrdup("liboauth/OpenSSL: failed to allocate EVP_MD_CTX");
+  }
+  EVP_DigestInit(ctx,EVP_sha1());
   while (!feof(F) && (len=fread(fb,sizeof(char),BUFSIZ, F))>0) {
-    EVP_DigestUpdate(&ctx, fb, len);
+    EVP_DigestUpdate(ctx, fb, len);
   }
   fclose(F);
   len=0;
   md=(unsigned char*) xcalloc(EVP_MD_size(EVP_sha1()),sizeof(unsigned char));
-  EVP_DigestFinal(&ctx, md,(unsigned int*) &len);
-  EVP_MD_CTX_cleanup(&ctx);
+  EVP_DigestFinal(ctx, md,(unsigned int*) &len);
+  EVP_MD_CTX_free(ctx);
   return oauth_body_hash_encode(len, md);
 }
 
 char *oauth_body_hash_data(size_t length, const char *data) {
-  EVP_MD_CTX ctx;
+  EVP_MD_CTX *ctx;
   size_t len=0;
   unsigned char *md;
   md=(unsigned char*) xcalloc(EVP_MD_size(EVP_sha1()),sizeof(unsigned char));
-  EVP_MD_CTX_init(&ctx);
-  EVP_DigestInit(&ctx,EVP_sha1());
-  EVP_DigestUpdate(&ctx, data, length);
-  EVP_DigestFinal(&ctx, md,(unsigned int*) &len);
-  EVP_MD_CTX_cleanup(&ctx);
+  ctx = EVP_MD_CTX_new();
+  if (ctx == NULL) {
+          return xstrdup("liboauth/OpenSSL: failed to allocate EVP_MD_CTX");
+  }
+  EVP_DigestInit(ctx,EVP_sha1());
+  EVP_DigestUpdate(ctx, data, length);
+  EVP_DigestFinal(ctx, md,(unsigned int*) &len);
+  EVP_MD_CTX_free(ctx);
   return oauth_body_hash_encode(len, md);
 }