You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by rj...@apache.org on 2016/02/23 20:09:34 UTC
svn commit: r1731930 - in /apr/apr-util/branches/1.4.x: ./ CHANGES
build/crypto.m4 crypto/apr_crypto_openssl.c
Author: rjung
Date: Tue Feb 23 19:09:34 2016
New Revision: 1731930
URL: http://svn.apache.org/viewvc?rev=1731930&view=rev
Log:
Revert r1728973 and r1728970
(support for OpenSSL 1.1.0).
Consensus seems to be to no longer maintain
the 1.4.x branch.
Modified:
apr/apr-util/branches/1.4.x/ (props changed)
apr/apr-util/branches/1.4.x/CHANGES
apr/apr-util/branches/1.4.x/build/crypto.m4
apr/apr-util/branches/1.4.x/crypto/apr_crypto_openssl.c
Propchange: apr/apr-util/branches/1.4.x/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue Feb 23 19:09:34 2016
@@ -1,4 +1,4 @@
-/apr/apr/trunk:779396,781403,781409,784519,784592,789965,794508,917837-917838,982408-982409,1127648-1127649,1187984,1207704,1210524,1211987,1214516,1308087,1308131,1308318,1346865,1361811,1362241,1369681,1370626,1390461,1390477,1402870,1402897,1648830,1722547,1728958,1728963
+/apr/apr/trunk:779396,781403,781409,784519,784592,789965,794508,917837-917838,982408-982409,1127648-1127649,1187984,1207704,1210524,1211987,1214516,1308087,1308131,1308318,1346865,1361811,1362241,1369681,1370626,1390461,1390477,1402870,1402897,1648830,1722547
/apr/apr-util/branches/1.3.x:896410,979221-979222,979232,1001059,1002632,1002648,1002733,1003214,1003255,1003358,1003370,1003376,1003602,1005956,1005962,1006017,1006137,1154885
-/apr/apr-util/branches/1.5.x:1002504,1002584-1002585,1002620,1002622-1002623,1002628,1207683,1207690,1207707,1209594,1210530,1212347,1361814,1362243,1370503,1575514-1575515,1648834,1722552,1722561,1728969,1728971
+/apr/apr-util/branches/1.5.x:1002504,1002584-1002585,1002620,1002622-1002623,1002628,1207683,1207690,1207707,1209594,1210530,1212347,1361814,1362243,1370503,1575514-1575515,1648834,1722552,1722561
/apr/apr-util/trunk:731033-731034,731225,731236,731291,731293,731379,743986,744009,745771,747612,747623,747630
Modified: apr/apr-util/branches/1.4.x/CHANGES
URL: http://svn.apache.org/viewvc/apr/apr-util/branches/1.4.x/CHANGES?rev=1731930&r1=1731929&r2=1731930&view=diff
==============================================================================
--- apr/apr-util/branches/1.4.x/CHANGES [utf-8] (original)
+++ apr/apr-util/branches/1.4.x/CHANGES [utf-8] Tue Feb 23 19:09:34 2016
@@ -1,9 +1,6 @@
-*- coding: utf-8 -*-
Changes with APR-util 1.4.3
- *) apr_crypto_openssl: Add support for OpenSSL 1.1.0.
- [Rainer Jung]
-
*) Fix potential data corruption in apr_brigade_write() and friends if
the last bucket of the brigade is a heap bucket that has been split,
and there are still references to the next part of the original bucket
Modified: apr/apr-util/branches/1.4.x/build/crypto.m4
URL: http://svn.apache.org/viewvc/apr/apr-util/branches/1.4.x/build/crypto.m4?rev=1731930&r1=1731929&r2=1731930&view=diff
==============================================================================
--- apr/apr-util/branches/1.4.x/build/crypto.m4 (original)
+++ apr/apr-util/branches/1.4.x/build/crypto.m4 Tue Feb 23 19:09:34 2016
@@ -62,7 +62,7 @@ AC_DEFUN([APU_CHECK_CRYPTO_OPENSSL], [
[
if test "$withval" = "yes"; then
AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1])
- AC_CHECK_LIB(crypto, BN_new, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
+ AC_CHECK_LIB(crypto, BN_init, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then
apu_have_openssl=1
fi
@@ -78,7 +78,7 @@ AC_DEFUN([APU_CHECK_CRYPTO_OPENSSL], [
AC_MSG_NOTICE(checking for openssl in $withval)
AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1])
- AC_CHECK_LIB(crypto, BN_new, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
+ AC_CHECK_LIB(crypto, BN_init, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then
apu_have_openssl=1
APR_ADDTO(APRUTIL_LDFLAGS, [-L$withval/lib])
@@ -87,7 +87,7 @@ AC_DEFUN([APU_CHECK_CRYPTO_OPENSSL], [
if test "$apu_have_openssl" != "1"; then
AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1])
- AC_CHECK_LIB(crypto, BN_new, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
+ AC_CHECK_LIB(crypto, BN_init, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then
apu_have_openssl=1
APR_ADDTO(APRUTIL_LDFLAGS, [-L$withval/lib])
Modified: apr/apr-util/branches/1.4.x/crypto/apr_crypto_openssl.c
URL: http://svn.apache.org/viewvc/apr/apr-util/branches/1.4.x/crypto/apr_crypto_openssl.c?rev=1731930&r1=1731929&r2=1731930&view=diff
==============================================================================
--- apr/apr-util/branches/1.4.x/crypto/apr_crypto_openssl.c (original)
+++ apr/apr-util/branches/1.4.x/crypto/apr_crypto_openssl.c Tue Feb 23 19:09:34 2016
@@ -64,7 +64,7 @@ struct apr_crypto_block_t {
apr_pool_t *pool;
const apr_crypto_driver_t *provider;
const apr_crypto_t *f;
- EVP_CIPHER_CTX *cipherCtx;
+ EVP_CIPHER_CTX cipherCtx;
int initialised;
int ivSize;
int blockSize;
@@ -111,11 +111,7 @@ static apr_status_t crypto_shutdown_help
static apr_status_t crypto_init(apr_pool_t *pool, const char *params,
const apu_err_t **result)
{
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
CRYPTO_malloc_init();
-#else
- OPENSSL_malloc_init();
-#endif
ERR_load_crypto_strings();
/* SSL_load_error_strings(); */
OpenSSL_add_all_algorithms();
@@ -138,7 +134,7 @@ static apr_status_t crypto_block_cleanup
{
if (ctx->initialised) {
- EVP_CIPHER_CTX_free(ctx->cipherCtx);
+ EVP_CIPHER_CTX_cleanup(&ctx->cipherCtx);
ctx->initialised = 0;
}
@@ -495,10 +491,8 @@ static apr_status_t crypto_block_encrypt
apr_pool_cleanup_null);
/* create a new context for encryption */
- if (!block->initialised) {
- block->cipherCtx = EVP_CIPHER_CTX_new();
- block->initialised = 1;
- }
+ EVP_CIPHER_CTX_init(&block->cipherCtx);
+ block->initialised = 1;
/* generate an IV, if necessary */
usedIv = NULL;
@@ -525,16 +519,16 @@ static apr_status_t crypto_block_encrypt
/* set up our encryption context */
#if CRYPTO_OPENSSL_CONST_BUFFERS
- if (!EVP_EncryptInit_ex(block->cipherCtx, key->cipher, config->engine,
+ if (!EVP_EncryptInit_ex(&block->cipherCtx, key->cipher, config->engine,
key->key, usedIv)) {
#else
- if (!EVP_EncryptInit_ex(block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) usedIv)) {
+ if (!EVP_EncryptInit_ex(&block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) usedIv)) {
#endif
return APR_EINIT;
}
/* Clear up any read padding */
- if (!EVP_CIPHER_CTX_set_padding(block->cipherCtx, key->doPad)) {
+ if (!EVP_CIPHER_CTX_set_padding(&block->cipherCtx, key->doPad)) {
return APR_EPADDING;
}
@@ -588,16 +582,11 @@ static apr_status_t crypto_block_encrypt
}
#if CRYPT_OPENSSL_CONST_BUFFERS
- if (!EVP_EncryptUpdate(ctx->cipherCtx, (*out), &outl, in, inlen)) {
+ if (!EVP_EncryptUpdate(&ctx->cipherCtx, (*out), &outl, in, inlen)) {
#else
- if (!EVP_EncryptUpdate(ctx->cipherCtx, (*out), &outl,
+ if (!EVP_EncryptUpdate(&ctx->cipherCtx, (*out), &outl,
(unsigned char *) in, inlen)) {
#endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
- EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
-#else
- EVP_CIPHER_CTX_reset(ctx->cipherCtx);
-#endif
return APR_ECRYPT;
}
*outlen = outl;
@@ -627,22 +616,14 @@ static apr_status_t crypto_block_encrypt
static apr_status_t crypto_block_encrypt_finish(unsigned char *out,
apr_size_t *outlen, apr_crypto_block_t *ctx)
{
- apr_status_t rc = APR_SUCCESS;
int len = *outlen;
- if (EVP_EncryptFinal_ex(ctx->cipherCtx, out, &len) == 0) {
- rc = APR_EPADDING;
- }
- else {
- *outlen = len;
+ if (EVP_EncryptFinal_ex(&ctx->cipherCtx, out, &len) == 0) {
+ return APR_EPADDING;
}
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
- EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
-#else
- EVP_CIPHER_CTX_reset(ctx->cipherCtx);
-#endif
+ *outlen = len;
- return rc;
+ return APR_SUCCESS;
}
@@ -681,10 +662,8 @@ static apr_status_t crypto_block_decrypt
apr_pool_cleanup_null);
/* create a new context for encryption */
- if (!block->initialised) {
- block->cipherCtx = EVP_CIPHER_CTX_new();
- block->initialised = 1;
- }
+ EVP_CIPHER_CTX_init(&block->cipherCtx);
+ block->initialised = 1;
/* generate an IV, if necessary */
if (key->ivSize) {
@@ -695,16 +674,16 @@ static apr_status_t crypto_block_decrypt
/* set up our encryption context */
#if CRYPTO_OPENSSL_CONST_BUFFERS
- if (!EVP_DecryptInit_ex(block->cipherCtx, key->cipher, config->engine,
+ if (!EVP_DecryptInit_ex(&block->cipherCtx, key->cipher, config->engine,
key->key, iv)) {
#else
- if (!EVP_DecryptInit_ex(block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) iv)) {
+ if (!EVP_DecryptInit_ex(&block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) iv)) {
#endif
return APR_EINIT;
}
/* Clear up any read padding */
- if (!EVP_CIPHER_CTX_set_padding(block->cipherCtx, key->doPad)) {
+ if (!EVP_CIPHER_CTX_set_padding(&block->cipherCtx, key->doPad)) {
return APR_EPADDING;
}
@@ -758,16 +737,11 @@ static apr_status_t crypto_block_decrypt
}
#if CRYPT_OPENSSL_CONST_BUFFERS
- if (!EVP_DecryptUpdate(ctx->cipherCtx, *out, &outl, in, inlen)) {
+ if (!EVP_DecryptUpdate(&ctx->cipherCtx, *out, &outl, in, inlen)) {
#else
- if (!EVP_DecryptUpdate(ctx->cipherCtx, *out, &outl, (unsigned char *) in,
+ if (!EVP_DecryptUpdate(&ctx->cipherCtx, *out, &outl, (unsigned char *) in,
inlen)) {
#endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
- EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
-#else
- EVP_CIPHER_CTX_reset(ctx->cipherCtx);
-#endif
return APR_ECRYPT;
}
*outlen = outl;
@@ -797,22 +771,15 @@ static apr_status_t crypto_block_decrypt
static apr_status_t crypto_block_decrypt_finish(unsigned char *out,
apr_size_t *outlen, apr_crypto_block_t *ctx)
{
- apr_status_t rc = APR_SUCCESS;
+
int len = *outlen;
- if (EVP_DecryptFinal_ex(ctx->cipherCtx, out, &len) == 0) {
- rc = APR_EPADDING;
- }
- else {
- *outlen = len;
+ if (EVP_DecryptFinal_ex(&ctx->cipherCtx, out, &len) == 0) {
+ return APR_EPADDING;
}
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
- EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
-#else
- EVP_CIPHER_CTX_reset(ctx->cipherCtx);
-#endif
+ *outlen = len;
- return rc;
+ return APR_SUCCESS;
}