Inicio Explorar Axuda
Rexistro Iniciar sesión
hebinlong
/
aria2
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Explorar o código

Build with OpenSSL 3.0.0

Tatsuhiro Tsujikawa %!s(int64=4) %!d(string=hai) anos
pai
21f476588c
achega
869aae8264
Modificáronse 6 ficheiros con 119 adicións e 5 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 53 0
      src/LibsslARC4Encryptor.cc
  2. 10 1
      src/LibsslARC4Encryptor.h
  3. 4 2
      src/LibsslTLSContext.cc
  4. 5 1
      src/LibsslTLSSession.cc
  5. 33 1
      src/Platform.cc
  6. 14 0
      src/Platform.h

+ 53 - 0
src/LibsslARC4Encryptor.cc
Ver ficheiro 

@@ -34,21 +34,74 @@
 
 /* copyright --> */
 
 #include "LibsslARC4Encryptor.h"
 
 
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+#  include <cassert>
 
+
 
+#  include <openssl/core_names.h>
 
+
 
+#  include "DlAbortEx.h"
 
+#endif // OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+
 
 namespace aria2 {
 
 
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+ARC4Encryptor::ARC4Encryptor() : ctx_{nullptr} {}
 
+
 
+ARC4Encryptor::~ARC4Encryptor()
 
+{
 
+  if (ctx_) {
 
+    EVP_CIPHER_CTX_free(ctx_);
 
+  }
 
+}
 
+
 
+#else  // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
 
 ARC4Encryptor::ARC4Encryptor() {}
 
 
 ARC4Encryptor::~ARC4Encryptor() = default;
 
+#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
 
 
 void ARC4Encryptor::init(const unsigned char* key, size_t keyLength)
 
 {
 
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+  if (ctx_) {
 
+    EVP_CIPHER_CTX_free(ctx_);
 
+  }
 
+
 
+  ctx_ = EVP_CIPHER_CTX_new();
 
+
 
+  unsigned int keylen = keyLength;
 
+
 
+  OSSL_PARAM params[] = {
 
+      OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_KEYLEN, &keylen),
 
+      OSSL_PARAM_construct_end(),
 
+  };
 
+
 
+  if (EVP_EncryptInit_ex2(ctx_, EVP_rc4(), nullptr, nullptr, params) != 1) {
 
+    throw DL_ABORT_EX("Failed to initialize RC4 cipher");
 
+  }
 
+
 
+  if (EVP_EncryptInit_ex2(ctx_, nullptr, key, nullptr, nullptr) != 1) {
 
+    throw DL_ABORT_EX("Failed to set key to RC4 cipher");
 
+  }
 
+#else  // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
 
   RC4_set_key(&key_, keyLength, key);
 
+#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
 
 }
 
 
 void ARC4Encryptor::encrypt(size_t len, unsigned char* out,
 
                             const unsigned char* in)
 
 {
 
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+  int outlen;
 
+
 
+  if (EVP_EncryptUpdate(ctx_, out, &outlen, in, len) != 1) {
 
+    throw DL_ABORT_EX("Failed to encrypt data with RC4 cipher");
 
+  }
 
+
 
+  assert(static_cast<size_t>(outlen) == len);
 
+#else  // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
 
   RC4(&key_, len, in, out);
 
+#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
 
 }
 
 
 } // namespace aria2

+ 10 - 1
src/LibsslARC4Encryptor.h
Ver ficheiro 

@@ -39,13 +39,22 @@
 
 
 #include <cstdlib>
 
 
-#include <openssl/rc4.h>
 
+#include <openssl/opensslv.h>
 
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+#  include <openssl/evp.h>
 
+#else // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
 
+#  include <openssl/rc4.h>
 
+#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
 
 
 namespace aria2 {
 
 
 class ARC4Encryptor {
 
 private:
 
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+  EVP_CIPHER_CTX* ctx_;
 
+#else  // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
 
   RC4_KEY key_;
 
+#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
 
 
 public:
 
   ARC4Encryptor();

+ 4 - 2
src/LibsslTLSContext.cc
Ver ficheiro 

@@ -151,7 +151,8 @@ OpenSSLTLSContext::OpenSSLTLSContext(TLSSessionSide side, TLSVersion minVer)
 
                      ERR_error_string(ERR_get_error(), nullptr)));
 
   }
 
 
-#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
 
+#if OPENSSL_VERSION_NUMBER < 0x30000000L &&                                    \
 
+    OPENSSL_VERSION_NUMBER >= 0x0090800fL
 
 #  ifndef OPENSSL_NO_ECDH
 
   auto ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
 
   if (ecdh == nullptr) {
 
@@ -163,7 +164,8 @@ OpenSSLTLSContext::OpenSSLTLSContext(TLSSessionSide side, TLSVersion minVer)
 
     EC_KEY_free(ecdh);
 
   }
 
 #  endif // OPENSSL_NO_ECDH
 
-#endif   // OPENSSL_VERSION_NUMBER >= 0x0090800fL
 
+#endif   // OPENSSL_VERSION_NUMBER < 0x30000000L && OPENSSL_VERSION_NUMBER >=
 
+         // 0x0090800fL
 
 }
 
 
 OpenSSLTLSContext::~OpenSSLTLSContext() { SSL_CTX_free(sslCtx_); }

+ 5 - 1
src/LibsslTLSSession.cc
Ver ficheiro 

@@ -233,7 +233,11 @@ int OpenSSLTLSSession::tlsConnect(const std::string& hostname,
 
   }
 
   if (tlsContext_->getSide() == TLS_CLIENT && tlsContext_->getVerifyPeer()) {
 
     // verify peer
 
-    X509* peerCert = SSL_get_peer_certificate(ssl_);
 
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+    auto peerCert = SSL_get1_peer_certificate(ssl_);
 
+#else  // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
 
+    auto peerCert = SSL_get_peer_certificate(ssl_);
 
+#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
 
     if (!peerCert) {
 
       handshakeErr = "certificate not found";
 
       return TLS_ERR_ERROR;

+ 33 - 1
src/Platform.cc
Ver ficheiro 

@@ -73,6 +73,7 @@
 
 #endif // HAVE_LIBGMP
 
 #include "LogFactory.h"
 
 #include "util.h"
 
+#include "SocketCore.h"
 
 
 namespace aria2 {
 
 
@@ -91,6 +92,11 @@ void gnutls_log_callback(int level, const char* str)
 
 
 bool Platform::initialized_ = false;
 
 
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+OSSL_PROVIDER* Platform::legacy_provider_ = nullptr;
 
+OSSL_PROVIDER* Platform::default_provider_ = nullptr;
 
+#endif // OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+
 
 Platform::Platform() { setUp(); }
 
 
 Platform::~Platform() { tearDown(); }
 
@@ -112,7 +118,18 @@ bool Platform::setUp()
 
 #endif // ENABLE_NLS
 
 
 #ifdef HAVE_OPENSSL
 
-#  if !OPENSSL_101_API
 
+#  if OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+  // RC4 is in the legacy provider.
 
+  legacy_provider_ = OSSL_PROVIDER_load(nullptr, "legacy");
 
+  if (!legacy_provider_) {
 
+    throw DL_ABORT_EX("OSSL_PROVIDER_load 'legacy' failed.");
 
+  }
 
+
 
+  default_provider_ = OSSL_PROVIDER_load(nullptr, "default");
 
+  if (!default_provider_) {
 
+    throw DL_ABORT_EX("OSSL_PROVIDER_load 'default' failed.");
 
+  }
 
+#  elif !OPENSSL_101_API
 
   // for SSL initialization
 
   SSL_load_error_strings();
 
   SSL_library_init();
 
@@ -181,6 +198,21 @@ bool Platform::tearDown()
 
   }
 
   initialized_ = false;
 
 
+  SocketCore::setClientTLSContext(nullptr);
 
+  SocketCore::setServerTLSContext(nullptr);
 
+
 
+#ifdef HAVE_OPENSSL
 
+#  if OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+  if (default_provider_) {
 
+    OSSL_PROVIDER_unload(default_provider_);
 
+  }
 
+
 
+  if (legacy_provider_) {
 
+    OSSL_PROVIDER_unload(legacy_provider_);
 
+  }
 
+#  endif // OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+#endif   // HAVE_OPENSSL
 
+
 
 #ifdef HAVE_LIBGNUTLS
 
   gnutls_global_deinit();
 
 #endif // HAVE_LIBGNUTLS

+ 14 - 0
src/Platform.h
Ver ficheiro 

@@ -37,12 +37,26 @@
 
 
 #include "common.h"
 
 
+#ifdef HAVE_OPENSSL
 
+#  include <openssl/opensslv.h>
 
+#  if OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+#    include <openssl/provider.h>
 
+#  endif // OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+#endif   // HAVE_OPENSSL
 
+
 
 namespace aria2 {
 
 
 class Platform {
 
 private:
 
   static bool initialized_;
 
 
+#ifdef HAVE_OPENSSL
 
+#  if OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+  static OSSL_PROVIDER* legacy_provider_;
 
+  static OSSL_PROVIDER* default_provider_;
 
+#  endif // OPENSSL_VERSION_NUMBER >= 0x30000000L
 
+#endif   // HAVE_OPENSSL
 
+
 
 public:
 
   Platform();