Migrate to openssl 1.1

Change-Id: Ied1db6cd18d336fa8a6b9aebd402b1f4eead30d3

diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec
index a6ec886ed1c069bdbbef1825fb94f8043c15cb22..590c107dbea0d6b55585ce6cbc832e8d8d9f676e 100644 (file)
--- a/packaging/security-manager.spec
+++ b/packaging/security-manager.spec
@@ -32,7 +32,7 @@ BuildRequires: pkgconfig(sqlite3)
 BuildRequires: pkgconfig(cynara-admin)
 BuildRequires: pkgconfig(cynara-client-async)
 BuildRequires: pkgconfig(security-privilege-manager)
-BuildRequires: pkgconfig(openssl)
+BuildRequires: pkgconfig(openssl1.1)
 BuildRequires: pkgconfig(mount)
 BuildRequires: boost-devel
 %{?systemd_requires}

diff --git a/src/license-manager/agent/CMakeLists.txt b/src/license-manager/agent/CMakeLists.txt
index a0cda303f15893634bf3a7887d528e859d90dacb..42a31dc25a47739c7faf86df4a02247b4be1ec59 100644 (file)
--- a/src/license-manager/agent/CMakeLists.txt
+++ b/src/license-manager/agent/CMakeLists.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+# Copyright (c) 2017-2019 Samsung Electronics Co., Ltd. All rights reserved
 #
 #    Licensed under the Apache License, Version 2.0 (the "License");
 #    you may not use this file except in compliance with the License.
@@ -23,7 +23,7 @@ PKG_CHECK_MODULES(AGENT_DEP
     REQUIRED
     cynara-agent
     libsystemd
-    openssl
+    openssl1.1
     )
 
 SET(AGENT_SOURCES

diff --git a/src/license-manager/agent/agent_logic.cpp b/src/license-manager/agent/agent_logic.cpp
index 26a8355110f44e9e0e95a214328f05661d8b946c..93b8c41dede6ebeb7b8bd2b4a94897fc2adf52e8 100644 (file)
--- a/src/license-manager/agent/agent_logic.cpp
+++ b/src/license-manager/agent/agent_logic.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *  Copyright (c) 2017-2019 Samsung Electronics Co., Ltd. All rights reserved
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
@@ -63,7 +63,7 @@ int verifyCommonName(const CertPtr &cert, const char *pkgId) {
     int cn_pos = -1;
     X509_NAME_ENTRY *cn_entry = nullptr;
     ASN1_STRING *cn_asn1 = nullptr;
-    char *cn_str = nullptr;
+    const char *cn_str = nullptr;
 
     // Find the position of the CN field in the Subject field of the certificate
     cn_pos = X509_NAME_get_index_by_NID(X509_get_subject_name((X509 *) cert.get()), NID_commonName, -1);
@@ -82,7 +82,7 @@ int verifyCommonName(const CertPtr &cert, const char *pkgId) {
     if (!cn_asn1) {
         return -1;
     }
-    cn_str = (char *) ASN1_STRING_data(cn_asn1);
+    cn_str = (const char *) ASN1_STRING_get0_data(cn_asn1);
 
     // Make sure there isn't an embedded NULL character in the CN
     if ((size_t)ASN1_STRING_length(cn_asn1) != strlen(cn_str)) {
@@ -176,7 +176,7 @@ int verify(const std::string &smack, int uid, const std::string &privilege) {
     } else if (0 == X509_STORE_CTX_init(storeCtx.get(), store.get(), clientCert.get(), nullptr)) { // check this nullptr
         ALOGD("X509_STORE_CTX_init failed");
     } else {
-        X509_VERIFY_PARAM_set_flags(storeCtx->param, X509_V_FLAG_X509_STRICT);
+        X509_VERIFY_PARAM_set_flags(X509_STORE_CTX_get0_param(storeCtx.get()), X509_V_FLAG_X509_STRICT);
         status = X509_verify_cert(storeCtx.get()); // 1 == ok; 0 == fail; -1 == error
     }
 

diff --git a/src/license-manager/agent/main.cpp b/src/license-manager/agent/main.cpp
index e5035d9555da9337c2d07cf35cf77d2c2a4c84b3..ba70a4d2f3d05eb83605fb761347ac5d223daa72 100644 (file)
--- a/src/license-manager/agent/main.cpp
+++ b/src/license-manager/agent/main.cpp
@@ -64,11 +64,6 @@ int main(int, char **) {
         return EXIT_FAILURE;
     }
 
-    OpenSSL_add_all_algorithms();
-    SSL_library_init();
-    OPENSSL_config(NULL);
-    SSL_load_error_strings();
-
     try {
 
         LicenseManager::AgentLogic *logic = new LicenseManager::AgentLogic;