Support for openssl 1.1.0.

eclipse · Jun 26, 2016 · fff7416 · fff7416
1 parent 2c54104
commit fff7416
Show file tree

Hide file tree

Showing 5 changed files with 37 additions and 2 deletions.
diff --git a/ChangeLog.txt b/ChangeLog.txt
@@ -6,6 +6,10 @@ Broker:
  #186.
 - Don't disconnect client on HUP before reading the pending data. Closes #7.
 - Fix some $SYS messages being incorrectly persisted. Closes #191.
+- Support OpenSSL 1.1.0.
+
+Client library:
+- Support OpenSSL 1.1.0.
 
 Build:
 - Don't attempt to install docs when WITH_DOCS=no. Closes #184.

diff --git a/src/mosquitto_passwd.c b/src/mosquitto_passwd.c
@@ -90,7 +90,11 @@ int output_new_password(FILE *fptr, const char *username, const char *password)
  unsigned char hash[EVP_MAX_MD_SIZE];
  unsigned int hash_len;
  const EVP_MD *digest;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
  EVP_MD_CTX context;
+#else
+ EVP_MD_CTX *context;
+#endif
 
  rc = RAND_bytes(salt, SALT_LEN);
  if(!rc){
@@ -113,12 +117,21 @@ int output_new_password(FILE *fptr, const char *username, const char *password)
  return 1;
  }
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
  EVP_MD_CTX_init(&context);
  EVP_DigestInit_ex(&context, digest, NULL);
  EVP_DigestUpdate(&context, password, strlen(password));
  EVP_DigestUpdate(&context, salt, SALT_LEN);
  EVP_DigestFinal_ex(&context, hash, &hash_len);
  EVP_MD_CTX_cleanup(&context);
+#else
+ context = EVP_MD_CTX_new();
+ EVP_DigestInit_ex(context, digest, NULL);
+ EVP_DigestUpdate(context, password, strlen(password));
+ EVP_DigestUpdate(context, salt, SALT_LEN);
+ EVP_DigestFinal_ex(context, hash, &hash_len);
+ EVP_MD_CTX_free(context);
+#endif
 
  rc = base64_encode(hash, hash_len, &hash64);
  if(rc){

diff --git a/src/net.c b/src/net.c
@@ -302,7 +302,7 @@ static int _mosquitto_tls_server_ctx(struct _mqtt3_listener *listener)
 #endif
 
 #ifdef WITH_EC
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && OPENSSL_VERSION_NUMBER < 0x10100000L
  SSL_CTX_set_ecdh_auto(listener->ssl_ctx, 1);
 #elif OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10002000L
  ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);

diff --git a/src/read_handle_server.c b/src/read_handle_server.c
@@ -364,7 +364,7 @@ int mqtt3_handle_connect(struct mosquitto_db *db, struct mosquitto *context)
  goto handle_connect_error;
  }
  name_entry = X509_NAME_get_entry(name, i);
- context->username = _mosquitto_strdup((char *)ASN1_STRING_data(name_entry->value));
+ context->username = _mosquitto_strdup((char *)ASN1_STRING_data(X509_NAME_ENTRY_get_data(name_entry)));
  if(!context->username){
  rc = 1;
  goto handle_connect_error;

diff --git a/src/security_default.c b/src/security_default.c
@@ -770,6 +770,7 @@ int mosquitto_psk_key_get_default(struct mosquitto_db *db, const char *hint, con
 int _pw_digest(const char *password, const unsigned char *salt, unsigned int salt_len, unsigned char *hash, unsigned int *hash_len)
 {
  const EVP_MD *digest;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
  EVP_MD_CTX context;
 
  digest = EVP_get_digestbyname("sha512");
@@ -785,6 +786,23 @@ int _pw_digest(const char *password, const unsigned char *salt, unsigned int sal
  /* hash is assumed to be EVP_MAX_MD_SIZE bytes long. */
  EVP_DigestFinal_ex(&context, hash, hash_len);
  EVP_MD_CTX_cleanup(&context);
+#else
+ EVP_MD_CTX *context;
+
+ digest = EVP_get_digestbyname("sha512");
+ if(!digest){
+ // FIXME fprintf(stderr, "Error: Unable to create openssl digest.\n");
+ return 1;
+ }
+
+ context = EVP_MD_CTX_new();
+ EVP_DigestInit_ex(context, digest, NULL);
+ EVP_DigestUpdate(context, password, strlen(password));
+ EVP_DigestUpdate(context, salt, salt_len);
+ /* hash is assumed to be EVP_MAX_MD_SIZE bytes long. */
+ EVP_DigestFinal_ex(context, hash, hash_len);
+ EVP_MD_CTX_free(context);
+#endif
 
  return MOSQ_ERR_SUCCESS;
 }