static int
efl_net_socket_bio_create(BIO *b)
{
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ BIO_set_init(b, 1);
+ BIO_set_data(b, NULL);
+ BIO_set_flags(b, 0);
+#else
b->init = 1;
b->num = 0;
b->ptr = NULL;
b->flags = 0;
+#endif
return 1;
}
efl_net_socket_bio_destroy(BIO *b)
{
if (!b) return 0;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ BIO_set_init(b, 0);
+ BIO_set_data(b, NULL);
+ BIO_set_flags(b, 0);
+#else
b->init = 0;
b->ptr = NULL;
b->flags = 0;
+#endif
return 1;
}
.mem = buf,
.len = len
};
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ Eo *sock = BIO_get_data(b);
+#else
Eo *sock = b->ptr;
+#endif
Eina_Error err;
if ((!buf) || (len <= 0)) return 0;
.mem = buf,
.len = len
};
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ Eo *sock = BIO_get_data(b);
+#else
Eo *sock = b->ptr;
+#endif
Eina_Error err;
if ((!buf) || (len <= 0)) return 0;
return efl_net_socket_bio_write(b, str, strlen(str));
}
-static BIO_METHOD efl_net_socket_bio = {
- 0x400, /* 0x400 means source & sink */
- "efl_net_socket wrapper",
- efl_net_socket_bio_write,
- efl_net_socket_bio_read,
- efl_net_socket_bio_puts,
- NULL, /* no gets */
- efl_net_socket_bio_ctrl,
- efl_net_socket_bio_create,
- efl_net_socket_bio_destroy
-};
+static BIO_METHOD *
+__efl_net_socket_bio_get(void)
+{
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ static BIO_METHOD *efl_net_socket_bio = NULL;
+
+ if (efl_net_socket_bio) return efl_net_socket_bio;
+ efl_net_socket_bio = BIO_meth_new(0x400 /* 0x400 means source & sink */,
+ "efl_net_socket wrapper");
+ BIO_meth_set_write(efl_net_socket_bio, efl_net_socket_bio_write);
+ BIO_meth_set_read(efl_net_socket_bio, efl_net_socket_bio_read);
+ BIO_meth_set_puts(efl_net_socket_bio, efl_net_socket_bio_puts);
+ BIO_meth_set_ctrl(efl_net_socket_bio, efl_net_socket_bio_ctrl);
+ BIO_meth_set_create(efl_net_socket_bio, efl_net_socket_bio_create);
+ BIO_meth_set_destroy(efl_net_socket_bio, efl_net_socket_bio_destroy);
+ // FIXME: some day we need to clean up, but for now a singleton alloc is ok
+ // BIO_meth_free(efl_net_socket_bio);
+ return efl_net_socket_bio;
+#else
+ static BIO_METHOD efl_net_socket_bio = {
+ 0x400, /* 0x400 means source & sink */
+ "efl_net_socket wrapper",
+ efl_net_socket_bio_write,
+ efl_net_socket_bio_read,
+ efl_net_socket_bio_puts,
+ NULL, /* no gets */
+ efl_net_socket_bio_ctrl,
+ efl_net_socket_bio_create,
+ efl_net_socket_bio_destroy
+ };
+ return &efl_net_socket_bio;
+#endif
+}
struct _Efl_Net_Ssl_Conn
{
conn->ssl = efl_net_ssl_context_connection_new(context);
EINA_SAFETY_ON_NULL_RETURN_VAL(conn->ssl, ENOSYS);
- conn->bio = BIO_new(&efl_net_socket_bio);
+ conn->bio = BIO_new(__efl_net_socket_bio_get());
EINA_SAFETY_ON_NULL_GOTO(conn->bio, error_bio);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ BIO_set_data(conn->bio, sock);
+#else
conn->bio->ptr = sock;
+#endif
SSL_set_bio(conn->ssl, conn->bio, conn->bio);
if (is_dialer)
ERR("ssl_ctx=%p SSLv3 is disabled in your OpenSSL build", ctx);
#endif
break;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
case EFL_NET_SSL_CIPHER_TLSV1:
ctx->ssl_ctx = SSL_CTX_new(TLSv1_client_method());
break;
case EFL_NET_SSL_CIPHER_TLSV1_2:
ctx->ssl_ctx = SSL_CTX_new(TLSv1_2_client_method());
break;
+#endif
default:
ERR("ssl_ctx=%p unsupported cipher %d", ctx, cfg.cipher);
return EINVAL;
ERR("ssl_ctx=%p SSLv3 is disabled in your OpenSSL build", ctx);
#endif
break;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
case EFL_NET_SSL_CIPHER_TLSV1:
ctx->ssl_ctx = SSL_CTX_new(TLSv1_server_method());
break;
case EFL_NET_SSL_CIPHER_TLSV1_2:
ctx->ssl_ctx = SSL_CTX_new(TLSv1_2_server_method());
break;
+#endif
default:
ERR("ssl_ctx=%p unsupported cipher %d", ctx, cfg.cipher);
return EINVAL;
gnutls_datum_t signum = { NULL, 0 };
gnutls_privkey_t privkey;
# else /* ifdef HAVE_GNUTLS */
+# if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ EVP_MD_CTX *md_ctx;
+# else
EVP_MD_CTX md_ctx;
+# endif
unsigned int sign_len = 0;
int cert_len = 0;
# endif /* ifdef HAVE_GNUTLS */
}
/* Do the signature. */
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ md_ctx = EVP_MD_CTX_new();
+ EVP_SignInit(md_ctx, EVP_sha1());
+ EVP_SignUpdate(md_ctx, data, st_buf.st_size);
+ err = EVP_SignFinal(md_ctx,
+ sign,
+ (unsigned int *)&sign_len,
+ key->private_key);
+ EVP_MD_CTX_free(md_ctx);
+#else
EVP_SignInit(&md_ctx, EVP_sha1());
EVP_SignUpdate(&md_ctx, data, st_buf.st_size);
err = EVP_SignFinal(&md_ctx,
sign,
(unsigned int *)&sign_len,
key->private_key);
+ EVP_MD_CTX_cleanup(&md_ctx);
+#endif
if (err != 1)
{
ERR_print_errors_fp(stdout);
const unsigned char *tmp;
EVP_PKEY *pkey;
X509 *x509;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ EVP_MD_CTX *md_ctx;
+#else
EVP_MD_CTX md_ctx;
+#endif
int err;
/* Strange but d2i_X509 seems to put 0 all over the place. */
}
/* Verify the signature */
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ md_ctx = EVP_MD_CTX_new();
+ EVP_VerifyInit(md_ctx, EVP_sha1());
+ EVP_VerifyUpdate(md_ctx, data_base, data_length);
+ err = EVP_VerifyFinal(md_ctx, sign, sign_len, pkey);
+ EVP_MD_CTX_free(md_ctx);
+#else
EVP_VerifyInit(&md_ctx, EVP_sha1());
EVP_VerifyUpdate(&md_ctx, data_base, data_length);
err = EVP_VerifyFinal(&md_ctx, sign, sign_len, pkey);
+ EVP_MD_CTX_cleanup(&md_ctx);
+#endif
X509_free(x509);
EVP_PKEY_free(pkey);
{
const EVP_MD *md = EVP_sha1();
Eina_Slice slice = eina_binbuf_slice_get(data);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ EVP_MD_CTX *ctx = EVP_MD_CTX_new();
+
+ EVP_DigestInit_ex(ctx, md, NULL);
+
+ EVP_DigestUpdate(ctx, slice.mem, slice.len);
+ EVP_DigestFinal_ex(ctx, digest, NULL);
+
+ EVP_MD_CTX_free(ctx);
+#else
EVP_MD_CTX ctx;
EVP_MD_CTX_init(&ctx);
EVP_DigestFinal_ex(&ctx, digest, NULL);
EVP_MD_CTX_cleanup(&ctx);
+#endif
return EINA_TRUE;
}
SSL_CTX_set_options(r->ssl_ctx,
options | SSL_OP_NO_SSLv2 | SSL_OP_SINGLE_DH_USE);
break;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
case EMILE_TLSv1:
r->ssl_ctx = SSL_CTX_new(TLSv1_server_method());
break;
+#endif
default:
free(r);
return NULL;
options | SSL_OP_NO_SSLv2 | SSL_OP_SINGLE_DH_USE);
break;
case EMILE_TLSv1:
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
r->ssl_ctx = SSL_CTX_new(TLSv1_client_method());
break;
+#endif
default:
free(r);
return NULL;
projects / platform / upstream / efl.git / commitdiff