You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@guacamole.apache.org by jm...@apache.org on 2017/03/01 02:50:38 UTC
[2/4] incubator-guacamole-server git commit: GUACAMOLE-205: Provide
OpenSSL 1.1 API shims for missing accessors.
GUACAMOLE-205: Provide OpenSSL 1.1 API shims for missing accessors.
Project: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-server/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-server/commit/98a5faaa
Tree: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-server/tree/98a5faaa
Diff: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-server/diff/98a5faaa
Branch: refs/heads/master
Commit: 98a5faaa7762c4298308148138bb0195ac93fd8f
Parents: dbfb782
Author: Michael Jumper <mj...@apache.org>
Authored: Mon Feb 27 12:44:52 2017 -0800
Committer: Michael Jumper <mj...@apache.org>
Committed: Tue Feb 28 13:01:30 2017 -0800
----------------------------------------------------------------------
src/common-ssh/Makefile.am | 14 ++++---
src/common-ssh/common-ssh/dsa-compat.h | 61 +++++++++++++++++++++++++++++
src/common-ssh/common-ssh/rsa-compat.h | 40 +++++++++++++++++++
src/common-ssh/dsa-compat.c | 59 ++++++++++++++++++++++++++++
src/common-ssh/key.c | 26 ++----------
src/common-ssh/rsa-compat.c | 38 ++++++++++++++++++
6 files changed, 210 insertions(+), 28 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-server/blob/98a5faaa/src/common-ssh/Makefile.am
----------------------------------------------------------------------
diff --git a/src/common-ssh/Makefile.am b/src/common-ssh/Makefile.am
index c05f264..b839ab0 100644
--- a/src/common-ssh/Makefile.am
+++ b/src/common-ssh/Makefile.am
@@ -24,16 +24,20 @@ noinst_LTLIBRARIES = libguac_common_ssh.la
libguac_common_ssh_la_SOURCES = \
buffer.c \
+ dsa-compat.c \
+ rsa-compat.c \
sftp.c \
ssh.c \
key.c \
user.c
-noinst_HEADERS = \
- common-ssh/buffer.h \
- common-ssh/key.h \
- common-ssh/sftp.h \
- common-ssh/ssh.h \
+noinst_HEADERS = \
+ common-ssh/buffer.h \
+ common-ssh/dsa-compat.h \
+ common-ssh/rsa-compat.h \
+ common-ssh/key.h \
+ common-ssh/sftp.h \
+ common-ssh/ssh.h \
common-ssh/user.h
libguac_common_ssh_la_CFLAGS = \
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-server/blob/98a5faaa/src/common-ssh/common-ssh/dsa-compat.h
----------------------------------------------------------------------
diff --git a/src/common-ssh/common-ssh/dsa-compat.h b/src/common-ssh/common-ssh/dsa-compat.h
new file mode 100644
index 0000000..9bc4f8a
--- /dev/null
+++ b/src/common-ssh/common-ssh/dsa-compat.h
@@ -0,0 +1,61 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#ifndef GUAC_COMMON_SSH_DSA_COMPAT_H
+#define GUAC_COMMON_SSH_DSA_COMPAT_H
+
+#include "config.h"
+
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+
+#ifndef HAVE_DSA_GET0_PQG
+/**
+ * DSA_get0_pqg() implementation for versions of OpenSSL which lack this
+ * function (pre 1.1).
+ *
+ * See: https://www.openssl.org/docs/man1.1.0/crypto/DSA_get0_pqg.html
+ */
+void DSA_get0_pqg(const DSA* dsa_key, const BIGNUM** p,
+ const BIGNUM** q, const BIGNUM** g);
+#endif
+
+#ifndef HAVE_DSA_GET0_KEY
+/**
+ * DSA_get0_key() implementation for versions of OpenSSL which lack this
+ * function (pre 1.1).
+ *
+ * See: https://www.openssl.org/docs/man1.1.0/crypto/DSA_get0_key.html
+ */
+void DSA_get0_key(const DSA* dsa_key, const BIGNUM** pub_key,
+ const BIGNUM** priv_key);
+#endif
+
+#ifndef HAVE_DSA_SIG_GET0
+/**
+ * DSA_SIG_get0() implementation for versions of OpenSSL which lack this
+ * function (pre 1.1).
+ *
+ * See: https://www.openssl.org/docs/man1.1.0/crypto/DSA_SIG_get0.html
+ */
+void DSA_SIG_get0(const DSA_SIG* dsa_sig, const BIGNUM** r, const BIGNUM** s);
+#endif
+
+#endif
+
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-server/blob/98a5faaa/src/common-ssh/common-ssh/rsa-compat.h
----------------------------------------------------------------------
diff --git a/src/common-ssh/common-ssh/rsa-compat.h b/src/common-ssh/common-ssh/rsa-compat.h
new file mode 100644
index 0000000..5c6763b
--- /dev/null
+++ b/src/common-ssh/common-ssh/rsa-compat.h
@@ -0,0 +1,40 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#ifndef GUAC_COMMON_SSH_RSA_COMPAT_H
+#define GUAC_COMMON_SSH_RSA_COMPAT_H
+
+#include "config.h"
+
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+
+#ifndef HAVE_RSA_GET0_KEY
+/**
+ * RSA_get0_key() implementation for versions of OpenSSL which lack this
+ * function (pre 1.1).
+ *
+ * See: https://www.openssl.org/docs/man1.1.0/crypto/RSA_get0_key.html
+ */
+void RSA_get0_key(const RSA* rsa_key, const BIGNUM** n,
+ const BIGNUM** e, const BIGNUM**d);
+#endif
+
+#endif
+
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-server/blob/98a5faaa/src/common-ssh/dsa-compat.c
----------------------------------------------------------------------
diff --git a/src/common-ssh/dsa-compat.c b/src/common-ssh/dsa-compat.c
new file mode 100644
index 0000000..82ec3d0
--- /dev/null
+++ b/src/common-ssh/dsa-compat.c
@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#include "config.h"
+
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+
+#include <stdlib.h>
+
+#ifndef HAVE_DSA_GET0_PQG
+void DSA_get0_pqg(const DSA* dsa_key, const BIGNUM** p,
+ const BIGNUM** q, const BIGNUM** g) {
+
+ /* Retrieve all requested internal values */
+ if (p != NULL) *p = dsa_key->p;
+ if (q != NULL) *q = dsa_key->q;
+ if (g != NULL) *g = dsa_key->g;
+
+}
+#endif
+
+#ifndef HAVE_DSA_GET0_KEY
+void DSA_get0_key(const DSA* dsa_key, const BIGNUM** pub_key,
+ const BIGNUM** priv_key) {
+
+ /* Retrieve all requested internal values */
+ if (pub_key != NULL) *pub_key = dsa_key->pub_key;
+ if (priv_key != NULL) *priv_key = dsa_key->priv_key;
+
+}
+#endif
+
+#ifndef HAVE_DSA_SIG_GET0
+void DSA_SIG_get0(const DSA_SIG* dsa_sig, const BIGNUM** r, const BIGNUM** s) {
+
+ /* Retrieve all requested internal values */
+ if (r != NULL) *r = dsa_sig->r;
+ if (s != NULL) *s = dsa_sig->s;
+
+}
+#endif
+
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-server/blob/98a5faaa/src/common-ssh/key.c
----------------------------------------------------------------------
diff --git a/src/common-ssh/key.c b/src/common-ssh/key.c
index 4a3f30b..a05d696 100644
--- a/src/common-ssh/key.c
+++ b/src/common-ssh/key.c
@@ -20,7 +20,9 @@
#include "config.h"
#include "common-ssh/buffer.h"
+#include "common-ssh/dsa-compat.h"
#include "common-ssh/key.h"
+#include "common-ssh/rsa-compat.h"
#include <openssl/bio.h>
#include <openssl/bn.h>
@@ -73,12 +75,7 @@ guac_common_ssh_key* guac_common_ssh_key_alloc(char* data, int length,
pos = public_key;
/* Retrieve public key */
-#ifdef HAVE_RSA_GET0_KEY
RSA_get0_key(rsa_key, &key_n, &key_e, NULL);
-#else
- key_n = rsa_key->n;
- key_e = rsa_key->e;
-#endif
/* Send public key formatted for SSH */
guac_common_ssh_buffer_write_string(&pos, "ssh-rsa", sizeof("ssh-rsa")-1);
@@ -119,21 +116,9 @@ guac_common_ssh_key* guac_common_ssh_key_alloc(char* data, int length,
public_key = malloc(4096);
pos = public_key;
- /* Retrieve public key parameters */
-#ifdef HAVE_DSA_GET0_PQG
- DSA_get0_pqg(dsa_key, &key_p, &key_q, &key_g);
-#else
- key_p = dsa_key->p;
- key_q = dsa_key->q;
- key_g = dsa_key->g;
-#endif
-
/* Retrieve public key */
-#ifdef HAVE_DSA_GET0_KEY
+ DSA_get0_pqg(dsa_key, &key_p, &key_q, &key_g);
DSA_get0_key(dsa_key, &pub_key, NULL);
-#else
- pub_key = dsa_key->pub_key;
-#endif
/* Send public key formatted for SSH */
guac_common_ssh_buffer_write_string(&pos, "ssh-dss", sizeof("ssh-dss")-1);
@@ -226,12 +211,7 @@ int guac_common_ssh_key_sign(guac_common_ssh_key* key, const char* data,
const BIGNUM* sig_s;
/* Retrieve DSA signature values */
-#ifdef HAVE_DSA_SIG_GET0
DSA_SIG_get0(dsa_sig, &sig_r, &sig_s);
-#else
- sig_r = dsa_sig->r;
- sig_s = dsa_sig->s;
-#endif
/* Compute size of each half of signature */
int rlen = BN_num_bytes(sig_r);
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-server/blob/98a5faaa/src/common-ssh/rsa-compat.c
----------------------------------------------------------------------
diff --git a/src/common-ssh/rsa-compat.c b/src/common-ssh/rsa-compat.c
new file mode 100644
index 0000000..915536a
--- /dev/null
+++ b/src/common-ssh/rsa-compat.c
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#include "config.h"
+
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+
+#include <stdlib.h>
+
+#ifndef HAVE_RSA_GET0_KEY
+void RSA_get0_key(const RSA* rsa_key, const BIGNUM** n,
+ const BIGNUM** e, const BIGNUM**d) {
+
+ /* Retrieve all requested internal values */
+ if (n != NULL) *n = rsa_key->n;
+ if (e != NULL) *e = rsa_key->e;
+ if (d != NULL) *d = rsa_key->d;
+
+}
+#endif
+