[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 10/150: openssl: fix pinned public key build error
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 10/150: openssl: fix pinned public key build error in FIPS mode |
Date: |
Fri, 30 Mar 2018 16:47:44 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit 1433e4645b51a4ccb0b5e23a889ac9bd6093e3e2
Author: McDonough, Tim <address@hidden>
AuthorDate: Tue Jan 23 02:24:59 2018 +0100
openssl: fix pinned public key build error in FIPS mode
Here is a version that should work with all versions of openssl 0.9.7
through 1.1.0.
Links to the docs:
https://www.openssl.org/docs/man1.0.2/crypto/EVP_DigestInit.html
https://www.openssl.org/docs/man1.1.0/crypto/EVP_DigestInit.html
At the very bottom of the 1.1.0 documentation there is a history section
that states, " stack allocated EVP_MD_CTXs are no longer supported."
If EVP_MD_CTX_create and EVP_MD_CTX_destroy are not defined, then a
simple mapping can be used as described here:
https://wiki.openssl.org/index.php/Talk:OpenSSL_1.1.0_Changes
Closes #2258
---
lib/vtls/openssl.c | 28 ++++++++++++++++++----------
1 file changed, 18 insertions(+), 10 deletions(-)
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 93faa6fa8..0d7baca8b 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -3580,11 +3580,15 @@ static CURLcode Curl_ossl_md5sum(unsigned char *tmp, /*
input */
unsigned char *md5sum /* output */,
size_t unused)
{
- MD5_CTX MD5pw;
- (void)unused;
- MD5_Init(&MD5pw);
- MD5_Update(&MD5pw, tmp, tmplen);
- MD5_Final(md5sum, &MD5pw);
+ EVP_MD_CTX *mdctx;
+ unsigned int len = 0;
+ (void) unused;
+
+ mdctx = EVP_MD_CTX_create();
+ EVP_DigestInit_ex(mdctx, EVP_md5(), NULL);
+ EVP_DigestUpdate(mdctx, tmp, tmplen);
+ EVP_DigestFinal_ex(mdctx, md5sum, &len);
+ EVP_MD_CTX_destroy(mdctx);
return CURLE_OK;
}
@@ -3594,11 +3598,15 @@ static void Curl_ossl_sha256sum(const unsigned char
*tmp, /* input */
unsigned char *sha256sum /* output */,
size_t unused)
{
- SHA256_CTX SHA256pw;
- (void)unused;
- SHA256_Init(&SHA256pw);
- SHA256_Update(&SHA256pw, tmp, tmplen);
- SHA256_Final(sha256sum, &SHA256pw);
+ EVP_MD_CTX *mdctx;
+ unsigned int len = 0;
+ (void) unused;
+
+ mdctx = EVP_MD_CTX_create();
+ EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL);
+ EVP_DigestUpdate(mdctx, tmp, tmplen);
+ EVP_DigestFinal_ex(mdctx, sha256sum, &len);
+ EVP_MD_CTX_destroy(mdctx);
}
#endif
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 08/150: SChannel/WinSSL: Implement public key pinning, (continued)
- [GNUnet-SVN] [gnurl] 08/150: SChannel/WinSSL: Implement public key pinning, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 12/150: configure: fix the check for unsigned time_t, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 15/150: lib544: sync ascii code data with textual data, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 27/150: curl_easy_reset: clear digest auth state, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 13/150: darwinssl: Don't import client certificates into Keychain on macOS, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 14/150: GSKit: restore pinnedpubkey functionality, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 07/150: bump: towards 7.58.1, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 16/150: lib517: make variable static to avoid compiler warning, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 17/150: lib555: drop text conversion and encode data as ascii codes, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 29/150: curl/curl.h: fix comment typo for CURLOPT_DNS_LOCAL_IP6, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 10/150: openssl: fix pinned public key build error in FIPS mode,
gnunet <=
- [GNUnet-SVN] [gnurl] 38/150: fnmatch: do not match the empty string with a character set, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 18/150: docs: fix typos in man pages, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 19/150: KNOWN_BUGS: DICT responses show the underlying protocol, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 20/150: TODO: UTF-8 filenames in Content-Disposition, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 22/150: build: open VC15 projects with VS 2017, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 24/150: configure: set PATH_SEPARATOR to colon for PATH w/o separator, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 26/150: winbuild: make linker generate proper PDB, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 21/150: RELEASE-NOTES: synced with 094647fca, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 45/150: getdate: return -1 for out of range, gnunet, 2018/03/30
- [GNUnet-SVN] [gnurl] 30/150: curlver: next release will be 7.59.0, gnunet, 2018/03/30