Skip to content

Commit 37106e3

Browse files
rheniumrhenium
authored
Merge pull request #160 from markwright/master
Fix build failure against OpenSSL 1.1 built with no-deprecated
2 parents 819d7e5 + 7af8081 commit 37106e3

File tree

8 files changed

+63
-47
lines changed

8 files changed

+63
-47
lines changed

ext/openssl/openssl_missing.h

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -209,6 +209,10 @@ IMPL_PKEY_GETTER(EC_KEY, ec)
209209
# define X509_get0_notAfter(x) X509_get_notAfter(x)
210210
# define X509_CRL_get0_lastUpdate(x) X509_CRL_get_lastUpdate(x)
211211
# define X509_CRL_get0_nextUpdate(x) X509_CRL_get_nextUpdate(x)
212+
# define X509_set1_notBefore(x, t) X509_set_notBefore(x, t)
213+
# define X509_set1_notAfter(x, t) X509_set_notAfter(x, t)
214+
# define X509_CRL_set1_lastUpdate(x, t) X509_CRL_set_lastUpdate(x, t)
215+
# define X509_CRL_set1_nextUpdate(x, t) X509_CRL_set_nextUpdate(x, t)
212216
#endif
213217

214218
#if !defined(HAVE_SSL_SESSION_GET_PROTOCOL_VERSION)

ext/openssl/ossl.c

Lines changed: 8 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1109,25 +1109,14 @@ Init_openssl(void)
11091109
/*
11101110
* Init all digests, ciphers
11111111
*/
1112-
/* CRYPTO_malloc_init(); */
1113-
/* ENGINE_load_builtin_engines(); */
1112+
#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000
1113+
if (!OPENSSL_init_ssl(0, NULL))
1114+
rb_raise(rb_eRuntimeError, "OPENSSL_init_ssl");
1115+
#else
11141116
OpenSSL_add_ssl_algorithms();
11151117
OpenSSL_add_all_algorithms();
11161118
ERR_load_crypto_strings();
11171119
SSL_load_error_strings();
1118-
1119-
/*
1120-
* FIXME:
1121-
* On unload do:
1122-
*/
1123-
#if 0
1124-
CONF_modules_unload(1);
1125-
destroy_ui_method();
1126-
EVP_cleanup();
1127-
ENGINE_cleanup();
1128-
CRYPTO_cleanup_all_ex_data();
1129-
ERR_remove_state(0);
1130-
ERR_free_strings();
11311120
#endif
11321121

11331122
/*
@@ -1149,7 +1138,11 @@ Init_openssl(void)
11491138
/*
11501139
* Version of OpenSSL the ruby OpenSSL extension is running with
11511140
*/
1141+
#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000
1142+
rb_define_const(mOSSL, "OPENSSL_LIBRARY_VERSION", rb_str_new2(OpenSSL_version(OPENSSL_VERSION)));
1143+
#else
11521144
rb_define_const(mOSSL, "OPENSSL_LIBRARY_VERSION", rb_str_new2(SSLeay_version(SSLEAY_VERSION)));
1145+
#endif
11531146

11541147
/*
11551148
* Version number of OpenSSL the ruby OpenSSL extension was built with

ext/openssl/ossl.h

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,11 @@
3535
#if !defined(OPENSSL_NO_OCSP)
3636
# include <openssl/ocsp.h>
3737
#endif
38+
#include <openssl/bn.h>
39+
#include <openssl/rsa.h>
40+
#include <openssl/dsa.h>
41+
#include <openssl/evp.h>
42+
#include <openssl/dh.h>
3843

3944
/*
4045
* Common Module

ext/openssl/ossl_cipher.c

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -508,7 +508,7 @@ ossl_cipher_set_iv(VALUE self, VALUE iv)
508508
StringValue(iv);
509509
GetCipher(self, ctx);
510510

511-
if (EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER)
511+
if (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER)
512512
iv_len = (int)(VALUE)EVP_CIPHER_CTX_get_app_data(ctx);
513513
if (!iv_len)
514514
iv_len = EVP_CIPHER_CTX_iv_length(ctx);
@@ -535,7 +535,7 @@ ossl_cipher_is_authenticated(VALUE self)
535535

536536
GetCipher(self, ctx);
537537

538-
return (EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER) ? Qtrue : Qfalse;
538+
return (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER) ? Qtrue : Qfalse;
539539
}
540540

541541
/*
@@ -606,7 +606,7 @@ ossl_cipher_get_auth_tag(int argc, VALUE *argv, VALUE self)
606606

607607
GetCipher(self, ctx);
608608

609-
if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER))
609+
if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER))
610610
ossl_raise(eCipherError, "authentication tag not supported by this cipher");
611611

612612
ret = rb_str_new(NULL, tag_len);
@@ -641,7 +641,7 @@ ossl_cipher_set_auth_tag(VALUE self, VALUE vtag)
641641
tag_len = RSTRING_LENINT(vtag);
642642

643643
GetCipher(self, ctx);
644-
if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER))
644+
if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER))
645645
ossl_raise(eCipherError, "authentication tag not supported by this cipher");
646646

647647
if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag_len, tag))
@@ -668,7 +668,7 @@ ossl_cipher_set_auth_tag_len(VALUE self, VALUE vlen)
668668
EVP_CIPHER_CTX *ctx;
669669

670670
GetCipher(self, ctx);
671-
if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER))
671+
if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER))
672672
ossl_raise(eCipherError, "AEAD not supported by this cipher");
673673

674674
if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag_len, NULL))
@@ -695,7 +695,7 @@ ossl_cipher_set_iv_length(VALUE self, VALUE iv_length)
695695
EVP_CIPHER_CTX *ctx;
696696

697697
GetCipher(self, ctx);
698-
if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER))
698+
if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER))
699699
ossl_raise(eCipherError, "cipher does not support AEAD");
700700

701701
if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, len, NULL))
@@ -786,7 +786,7 @@ ossl_cipher_iv_length(VALUE self)
786786
int len = 0;
787787

788788
GetCipher(self, ctx);
789-
if (EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER)
789+
if (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER)
790790
len = (int)(VALUE)EVP_CIPHER_CTX_get_app_data(ctx);
791791
if (!len)
792792
len = EVP_CIPHER_CTX_iv_length(ctx);

ext/openssl/ossl_engine.c

Lines changed: 34 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -46,13 +46,25 @@ VALUE eEngineError;
4646
/*
4747
* Private
4848
*/
49-
#define OSSL_ENGINE_LOAD_IF_MATCH(x) \
49+
#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000
50+
#define OSSL_ENGINE_LOAD_IF_MATCH(engine_name, x) \
5051
do{\
51-
if(!strcmp(#x, RSTRING_PTR(name))){\
52-
ENGINE_load_##x();\
52+
if(!strcmp(#engine_name, RSTRING_PTR(name))){\
53+
if (OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_##x, NULL))\
54+
return Qtrue;\
55+
else\
56+
ossl_raise(eEngineError, "OPENSSL_init_crypto"); \
57+
}\
58+
}while(0)
59+
#else
60+
#define OSSL_ENGINE_LOAD_IF_MATCH(engine_name, x) \
61+
do{\
62+
if(!strcmp(#engine_name, RSTRING_PTR(name))){\
63+
ENGINE_load_##engine_name();\
5364
return Qtrue;\
5465
}\
5566
}while(0)
67+
#endif
5668

5769
static void
5870
ossl_engine_free(void *engine)
@@ -94,55 +106,55 @@ ossl_engine_s_load(int argc, VALUE *argv, VALUE klass)
94106
StringValueCStr(name);
95107
#ifndef OPENSSL_NO_STATIC_ENGINE
96108
#if HAVE_ENGINE_LOAD_DYNAMIC
97-
OSSL_ENGINE_LOAD_IF_MATCH(dynamic);
109+
OSSL_ENGINE_LOAD_IF_MATCH(dynamic, DYNAMIC);
98110
#endif
99111
#if HAVE_ENGINE_LOAD_4758CCA
100-
OSSL_ENGINE_LOAD_IF_MATCH(4758cca);
112+
OSSL_ENGINE_LOAD_IF_MATCH(4758cca, 4758CCA);
101113
#endif
102114
#if HAVE_ENGINE_LOAD_AEP
103-
OSSL_ENGINE_LOAD_IF_MATCH(aep);
115+
OSSL_ENGINE_LOAD_IF_MATCH(aep, AEP);
104116
#endif
105117
#if HAVE_ENGINE_LOAD_ATALLA
106-
OSSL_ENGINE_LOAD_IF_MATCH(atalla);
118+
OSSL_ENGINE_LOAD_IF_MATCH(atalla, ATALLA);
107119
#endif
108120
#if HAVE_ENGINE_LOAD_CHIL
109-
OSSL_ENGINE_LOAD_IF_MATCH(chil);
121+
OSSL_ENGINE_LOAD_IF_MATCH(chil, CHIL);
110122
#endif
111123
#if HAVE_ENGINE_LOAD_CSWIFT
112-
OSSL_ENGINE_LOAD_IF_MATCH(cswift);
124+
OSSL_ENGINE_LOAD_IF_MATCH(cswift, CSWIFT);
113125
#endif
114126
#if HAVE_ENGINE_LOAD_NURON
115-
OSSL_ENGINE_LOAD_IF_MATCH(nuron);
127+
OSSL_ENGINE_LOAD_IF_MATCH(nuron, NURON);
116128
#endif
117129
#if HAVE_ENGINE_LOAD_SUREWARE
118-
OSSL_ENGINE_LOAD_IF_MATCH(sureware);
130+
OSSL_ENGINE_LOAD_IF_MATCH(sureware, SUREWARE);
119131
#endif
120132
#if HAVE_ENGINE_LOAD_UBSEC
121-
OSSL_ENGINE_LOAD_IF_MATCH(ubsec);
133+
OSSL_ENGINE_LOAD_IF_MATCH(ubsec, UBSEC);
122134
#endif
123135
#if HAVE_ENGINE_LOAD_PADLOCK
124-
OSSL_ENGINE_LOAD_IF_MATCH(padlock);
136+
OSSL_ENGINE_LOAD_IF_MATCH(padlock, PADLOCK);
125137
#endif
126138
#if HAVE_ENGINE_LOAD_CAPI
127-
OSSL_ENGINE_LOAD_IF_MATCH(capi);
139+
OSSL_ENGINE_LOAD_IF_MATCH(capi, CAPI);
128140
#endif
129141
#if HAVE_ENGINE_LOAD_GMP
130-
OSSL_ENGINE_LOAD_IF_MATCH(gmp);
142+
OSSL_ENGINE_LOAD_IF_MATCH(gmp, GMP);
131143
#endif
132144
#if HAVE_ENGINE_LOAD_GOST
133-
OSSL_ENGINE_LOAD_IF_MATCH(gost);
145+
OSSL_ENGINE_LOAD_IF_MATCH(gost, GOST);
134146
#endif
135147
#if HAVE_ENGINE_LOAD_CRYPTODEV
136-
OSSL_ENGINE_LOAD_IF_MATCH(cryptodev);
148+
OSSL_ENGINE_LOAD_IF_MATCH(cryptodev, CRYPTODEV);
137149
#endif
138150
#if HAVE_ENGINE_LOAD_AESNI
139-
OSSL_ENGINE_LOAD_IF_MATCH(aesni);
151+
OSSL_ENGINE_LOAD_IF_MATCH(aesni, AESNI);
140152
#endif
141153
#endif
142154
#ifdef HAVE_ENGINE_LOAD_OPENBSD_DEV_CRYPTO
143-
OSSL_ENGINE_LOAD_IF_MATCH(openbsd_dev_crypto);
155+
OSSL_ENGINE_LOAD_IF_MATCH(openbsd_dev_crypto, OPENBSD_DEV_CRYPTO);
144156
#endif
145-
OSSL_ENGINE_LOAD_IF_MATCH(openssl);
157+
OSSL_ENGINE_LOAD_IF_MATCH(openssl, OPENSSL);
146158
rb_warning("no such builtin loader for `%"PRIsVALUE"'", name);
147159
return Qnil;
148160
#endif /* HAVE_ENGINE_LOAD_BUILTIN_ENGINES */
@@ -160,7 +172,9 @@ ossl_engine_s_load(int argc, VALUE *argv, VALUE klass)
160172
static VALUE
161173
ossl_engine_s_cleanup(VALUE self)
162174
{
175+
#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000
163176
ENGINE_cleanup();
177+
#endif
164178
return Qnil;
165179
}
166180

ext/openssl/ossl_ssl.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -379,7 +379,7 @@ ossl_call_session_get_cb(VALUE ary)
379379

380380
/* this method is currently only called for servers (in OpenSSL <= 0.9.8e) */
381381
static SSL_SESSION *
382-
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
382+
#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
383383
ossl_sslctx_session_get_cb(SSL *ssl, const unsigned char *buf, int len, int *copy)
384384
#else
385385
ossl_sslctx_session_get_cb(SSL *ssl, unsigned char *buf, int len, int *copy)

ext/openssl/ossl_x509cert.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -440,7 +440,7 @@ ossl_x509_set_not_before(VALUE self, VALUE time)
440440

441441
GetX509(self, x509);
442442
asn1time = ossl_x509_time_adjust(NULL, time);
443-
if (!X509_set_notBefore(x509, asn1time)) {
443+
if (!X509_set1_notBefore(x509, asn1time)) {
444444
ASN1_TIME_free(asn1time);
445445
ossl_raise(eX509CertError, "X509_set_notBefore");
446446
}
@@ -479,7 +479,7 @@ ossl_x509_set_not_after(VALUE self, VALUE time)
479479

480480
GetX509(self, x509);
481481
asn1time = ossl_x509_time_adjust(NULL, time);
482-
if (!X509_set_notAfter(x509, asn1time)) {
482+
if (!X509_set1_notAfter(x509, asn1time)) {
483483
ASN1_TIME_free(asn1time);
484484
ossl_raise(eX509CertError, "X509_set_notAfter");
485485
}

ext/openssl/ossl_x509crl.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -226,7 +226,7 @@ ossl_x509crl_set_last_update(VALUE self, VALUE time)
226226

227227
GetX509CRL(self, crl);
228228
asn1time = ossl_x509_time_adjust(NULL, time);
229-
if (!X509_CRL_set_lastUpdate(crl, asn1time)) {
229+
if (!X509_CRL_set1_lastUpdate(crl, asn1time)) {
230230
ASN1_TIME_free(asn1time);
231231
ossl_raise(eX509CRLError, "X509_CRL_set_lastUpdate");
232232
}
@@ -257,7 +257,7 @@ ossl_x509crl_set_next_update(VALUE self, VALUE time)
257257

258258
GetX509CRL(self, crl);
259259
asn1time = ossl_x509_time_adjust(NULL, time);
260-
if (!X509_CRL_set_nextUpdate(crl, asn1time)) {
260+
if (!X509_CRL_set1_nextUpdate(crl, asn1time)) {
261261
ASN1_TIME_free(asn1time);
262262
ossl_raise(eX509CRLError, "X509_CRL_set_nextUpdate");
263263
}

0 commit comments

Comments
 (0)