From: Konrad Lipinski Date: Tue, 28 May 2019 13:20:14 +0000 (+0200) Subject: Migrate to openssl 1.1 X-Git-Tag: submit/tizen/20190715.152548~5 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=fe514f096ff6661a55150e79fd5a8cd2ae60bcd6;p=platform%2Fcore%2Fsecurity%2Fsecurity-manager.git Migrate to openssl 1.1 Change-Id: Ied1db6cd18d336fa8a6b9aebd402b1f4eead30d3 --- diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec index a6ec886e..590c107d 100644 --- a/packaging/security-manager.spec +++ b/packaging/security-manager.spec @@ -32,7 +32,7 @@ BuildRequires: pkgconfig(sqlite3) BuildRequires: pkgconfig(cynara-admin) BuildRequires: pkgconfig(cynara-client-async) BuildRequires: pkgconfig(security-privilege-manager) -BuildRequires: pkgconfig(openssl) +BuildRequires: pkgconfig(openssl1.1) BuildRequires: pkgconfig(mount) BuildRequires: boost-devel %{?systemd_requires} diff --git a/src/license-manager/agent/CMakeLists.txt b/src/license-manager/agent/CMakeLists.txt index a0cda303..42a31dc2 100644 --- a/src/license-manager/agent/CMakeLists.txt +++ b/src/license-manager/agent/CMakeLists.txt @@ -1,4 +1,4 @@ -# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved +# Copyright (c) 2017-2019 Samsung Electronics Co., Ltd. All rights reserved # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,7 +23,7 @@ PKG_CHECK_MODULES(AGENT_DEP REQUIRED cynara-agent libsystemd - openssl + openssl1.1 ) SET(AGENT_SOURCES diff --git a/src/license-manager/agent/agent_logic.cpp b/src/license-manager/agent/agent_logic.cpp index 26a83551..93b8c41d 100644 --- a/src/license-manager/agent/agent_logic.cpp +++ b/src/license-manager/agent/agent_logic.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2017-2019 Samsung Electronics Co., Ltd. All rights reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -63,7 +63,7 @@ int verifyCommonName(const CertPtr &cert, const char *pkgId) { int cn_pos = -1; X509_NAME_ENTRY *cn_entry = nullptr; ASN1_STRING *cn_asn1 = nullptr; - char *cn_str = nullptr; + const char *cn_str = nullptr; // Find the position of the CN field in the Subject field of the certificate cn_pos = X509_NAME_get_index_by_NID(X509_get_subject_name((X509 *) cert.get()), NID_commonName, -1); @@ -82,7 +82,7 @@ int verifyCommonName(const CertPtr &cert, const char *pkgId) { if (!cn_asn1) { return -1; } - cn_str = (char *) ASN1_STRING_data(cn_asn1); + cn_str = (const char *) ASN1_STRING_get0_data(cn_asn1); // Make sure there isn't an embedded NULL character in the CN if ((size_t)ASN1_STRING_length(cn_asn1) != strlen(cn_str)) { @@ -176,7 +176,7 @@ int verify(const std::string &smack, int uid, const std::string &privilege) { } else if (0 == X509_STORE_CTX_init(storeCtx.get(), store.get(), clientCert.get(), nullptr)) { // check this nullptr ALOGD("X509_STORE_CTX_init failed"); } else { - X509_VERIFY_PARAM_set_flags(storeCtx->param, X509_V_FLAG_X509_STRICT); + X509_VERIFY_PARAM_set_flags(X509_STORE_CTX_get0_param(storeCtx.get()), X509_V_FLAG_X509_STRICT); status = X509_verify_cert(storeCtx.get()); // 1 == ok; 0 == fail; -1 == error } diff --git a/src/license-manager/agent/main.cpp b/src/license-manager/agent/main.cpp index e5035d95..ba70a4d2 100644 --- a/src/license-manager/agent/main.cpp +++ b/src/license-manager/agent/main.cpp @@ -64,11 +64,6 @@ int main(int, char **) { return EXIT_FAILURE; } - OpenSSL_add_all_algorithms(); - SSL_library_init(); - OPENSSL_config(NULL); - SSL_load_error_strings(); - try { LicenseManager::AgentLogic *logic = new LicenseManager::AgentLogic;