Added support for OpenSSL 1.1

Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
8 years ago · 08fa491fea
parent c170347975
commit 08fa491fea
2 changed files with 41 additions and 13 deletions
--- a/src/kvilib/net/kvi_ssl.cpp
+++ b/src/kvilib/net/kvi_ssl.cpp
@ -207,9 +207,15 @@ static DH * my_get_dh(int keylength)
 	if(dh)return dh;
 	dh = DH_new();
 	if(!dh)return 0;
-	dh->p=BN_bin2bn(p,sp,0);
-	dh->g=BN_bin2bn(g,sg,0);
-	if((dh->p == 0) || (dh->g == 0))
+	BIGNUM *bn_p = BN_bin2bn(p,sp,0);
+	BIGNUM *bn_g = BN_bin2bn(g,sg,0);
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+	dh->p= bn_p;
+	dh->g= bn_g;
+#else
+	DH_set0_pqg(dh, bn_p, NULL, bn_g);
+#endif
+	if((bn_p == 0) || (bn_g == 0))
 	{
 		DH_free(dh);
 		return 0;
@ -608,7 +614,11 @@ void KviSSLCertificate::extractPubKeyInfo()
 	if(p)
 	{
 		m_iPubKeyBits = EVP_PKEY_bits(p);
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
 		m_szPubKeyType = (p->type == NID_undef) ? __tr("Unknown") : OBJ_nid2ln(p->type);
+#else
+		m_szPubKeyType = (EVP_PKEY_base_id(p) == NID_undef) ? __tr("Unknown") : OBJ_nid2ln(EVP_PKEY_base_id(p));
+#endif
 //		getPKeyType(p->type,m_szPubKeyType);
 	} else {
 		m_iPubKeyBits = 0;
@ -630,16 +640,24 @@ void KviSSLCertificate::extractSignature()

 	//getPKeyType(X509_get_signature_type(m_pX509),m_szSignatureType);

-	int i = OBJ_obj2nid(m_pX509->sig_alg->algorithm);
+	const ASN1_BIT_STRING *signature = 0L;
+	const X509_ALGOR *sig_alg = 0L;
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+	signature = m_pX509->signature;
+	sig_alg = m_pX509->sig_alg;
+#else
+	X509_get0_signature(&signature, &sig_alg, m_pX509);
+#endif
+	int i = OBJ_obj2nid(sig_alg->algorithm);
 	m_szSignatureType = (i == NID_undef) ? __tr("Unknown") : OBJ_nid2ln(i);

 	m_szSignatureContents = "";

-	for(i = 0;i < m_pX509->signature->length;i++)
+	for(i = 0;i < signature->length;i++)
 	{
 		if(m_szSignatureContents.hasData())m_szSignatureContents.append(":");
-		m_szSignatureContents.append(hexdigits[(m_pX509->signature->data[i] & 0xf0) >> 4]);
-		m_szSignatureContents.append(hexdigits[(m_pX509->signature->data[i] & 0x0f)]);
+		m_szSignatureContents.append(hexdigits[(signature->data[i] & 0xf0) >> 4]);
+		m_szSignatureContents.append(hexdigits[(signature->data[i] & 0x0f)]);
 	}
 }

--- a/src/modules/str/libkvistr.cpp
+++ b/src/modules/str/libkvistr.cpp
@ -1532,7 +1532,7 @@ static bool str_kvs_fnc_digest(KviKvsModuleFunctionCall * c)

 	if(szType.isEmpty()) szType="md5";

-	EVP_MD_CTX mdctx;
+	EVP_MD_CTX *mdctx;
 	const EVP_MD *md;
 	unsigned char md_value[EVP_MAX_MD_SIZE];
 	unsigned int md_len, i;
@ -1545,11 +1545,21 @@ static bool str_kvs_fnc_digest(KviKvsModuleFunctionCall * c)
 		return true;
 	}

-	EVP_MD_CTX_init(&mdctx);
-	EVP_DigestInit_ex(&mdctx, md, NULL);
-	EVP_DigestUpdate(&mdctx, szString.utf8().data(), szString.utf8().length());
-	EVP_DigestFinal_ex(&mdctx, md_value, &md_len);
-	EVP_MD_CTX_cleanup(&mdctx);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+	mdctx = (EVP_MD_CTX*)OPENSSL_malloc(sizeof(EVP_MD_CTX));
+	EVP_MD_CTX_init(mdctx);
+#else
+	mdctx = EVP_MD_CTX_new();
+#endif
+	EVP_DigestInit_ex(mdctx, md, NULL);
+	EVP_DigestUpdate(mdctx, szString.utf8().data(), szString.utf8().length());
+	EVP_DigestFinal_ex(mdctx, md_value, &md_len);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+	EVP_MD_CTX_cleanup(mdctx);
+	OPENSSL_free(mdctx);
+#else
+	EVP_MD_CTX_free(mdctx);
+#endif

 	for(i = 0; i < md_len; i++)
 	{