You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by yl...@apache.org on 2017/10/08 11:22:53 UTC
svn commit: r1811470 - in /apr/apr/trunk: CHANGES crypto/apr_crypto_openssl.c
Author: ylavic
Date: Sun Oct 8 11:22:53 2017
New Revision: 1811470
URL: http://svn.apache.org/viewvc?rev=1811470&view=rev
Log:
apr_crypto: Fix compatibility with LibreSSL. PR 61596.
Proposed by: Bernard Spil <brnrd freebsd.org>
Reviewed by: ylavic
Modified:
apr/apr/trunk/CHANGES
apr/apr/trunk/crypto/apr_crypto_openssl.c
Modified: apr/apr/trunk/CHANGES
URL: http://svn.apache.org/viewvc/apr/apr/trunk/CHANGES?rev=1811470&r1=1811469&r2=1811470&view=diff
==============================================================================
--- apr/apr/trunk/CHANGES [utf-8] (original)
+++ apr/apr/trunk/CHANGES [utf-8] Sun Oct 8 11:22:53 2017
@@ -1,6 +1,9 @@
-*- coding: utf-8 -*-
Changes for APR 2.0.0
+ *) apr_crypto: Fix compatibility with LibreSSL. PR 61596.
+ [Bernard Spil <brnrd freebsd.org>, Yann Ylavic]
+
*) Don't seek to the end when opening files with APR_FOPEN_APPEND on Windows.
[Evgeny Kotkov <evgeny.kotkov visualsvn.com>]
Modified: apr/apr/trunk/crypto/apr_crypto_openssl.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/crypto/apr_crypto_openssl.c?rev=1811470&r1=1811469&r2=1811470&view=diff
==============================================================================
--- apr/apr/trunk/crypto/apr_crypto_openssl.c (original)
+++ apr/apr/trunk/crypto/apr_crypto_openssl.c Sun Oct 8 11:22:53 2017
@@ -32,10 +32,23 @@
#if APU_HAVE_CRYPTO
#include <openssl/evp.h>
+#include <openssl/rand.h>
#include <openssl/engine.h>
#define LOG_PREFIX "apr_crypto_openssl: "
+#ifndef APR_USE_OPENSSL_PRE_1_1_API
+#if defined(LIBRESSL_VERSION_NUMBER)
+/* LibreSSL declares OPENSSL_VERSION_NUMBER == 2.0 but does not include most
+ * changes from OpenSSL >= 1.1 (new functions, macros, deprecations, ...), so
+ * we have to work around this...
+ */
+#define APR_USE_OPENSSL_PRE_1_1_API (1)
+#else
+#define APR_USE_OPENSSL_PRE_1_1_API (OPENSSL_VERSION_NUMBER < 0x10100000L)
+#endif
+#endif
+
struct apr_crypto_t {
apr_pool_t *pool;
const apr_crypto_driver_t *provider;
@@ -118,8 +131,8 @@ static apr_status_t crypto_shutdown_help
static apr_status_t crypto_init(apr_pool_t *pool, const char *params,
const apu_err_t **result)
{
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
- CRYPTO_malloc_init();
+#if APR_USE_OPENSSL_PRE_1_1_API
+ (void)CRYPTO_malloc_init();
#else
OPENSSL_malloc_init();
#endif
@@ -698,7 +711,7 @@ static apr_status_t crypto_block_encrypt
if (!EVP_EncryptUpdate(ctx->cipherCtx, (*out), &outl,
(unsigned char *) in, inlen)) {
#endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if APR_USE_OPENSSL_PRE_1_1_API
EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
#else
EVP_CIPHER_CTX_reset(ctx->cipherCtx);
@@ -741,7 +754,7 @@ static apr_status_t crypto_block_encrypt
else {
*outlen = len;
}
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if APR_USE_OPENSSL_PRE_1_1_API
EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
#else
EVP_CIPHER_CTX_reset(ctx->cipherCtx);
@@ -868,7 +881,7 @@ static apr_status_t crypto_block_decrypt
if (!EVP_DecryptUpdate(ctx->cipherCtx, *out, &outl, (unsigned char *) in,
inlen)) {
#endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if APR_USE_OPENSSL_PRE_1_1_API
EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
#else
EVP_CIPHER_CTX_reset(ctx->cipherCtx);
@@ -911,7 +924,7 @@ static apr_status_t crypto_block_decrypt
else {
*outlen = len;
}
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if APR_USE_OPENSSL_PRE_1_1_API
EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
#else
EVP_CIPHER_CTX_reset(ctx->cipherCtx);