mirror of
https://github.com/aria2/aria2.git
synced 2024-12-02 10:56:32 +00:00
Build with OpenSSL 3.0.0
This commit is contained in:
Tatsuhiro Tsujikawa
parent
21f476588c
commit
869aae8264
@ -34,21 +34,74 @@
|
||||
/* copyright --> */
|
||||
#include "LibsslARC4Encryptor.h"
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
# include <cassert>
|
||||
|
||||
# include <openssl/core_names.h>
|
||||
|
||||
# include "DlAbortEx.h"
|
||||
#endif // OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
|
||||
namespace aria2 {
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
ARC4Encryptor::ARC4Encryptor() : ctx_{nullptr} {}
|
||||
|
||||
ARC4Encryptor::~ARC4Encryptor()
|
||||
{
|
||||
if (ctx_) {
|
||||
EVP_CIPHER_CTX_free(ctx_);
|
||||
}
|
||||
}
|
||||
|
||||
#else // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
|
||||
ARC4Encryptor::ARC4Encryptor() {}
|
||||
|
||||
ARC4Encryptor::~ARC4Encryptor() = default;
|
||||
#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
|
||||
|
||||
void ARC4Encryptor::init(const unsigned char* key, size_t keyLength)
|
||||
{
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
if (ctx_) {
|
||||
EVP_CIPHER_CTX_free(ctx_);
|
||||
}
|
||||
|
||||
ctx_ = EVP_CIPHER_CTX_new();
|
||||
|
||||
unsigned int keylen = keyLength;
|
||||
|
||||
OSSL_PARAM params[] = {
|
||||
OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_KEYLEN, &keylen),
|
||||
OSSL_PARAM_construct_end(),
|
||||
};
|
||||
|
||||
if (EVP_EncryptInit_ex2(ctx_, EVP_rc4(), nullptr, nullptr, params) != 1) {
|
||||
throw DL_ABORT_EX("Failed to initialize RC4 cipher");
|
||||
}
|
||||
|
||||
if (EVP_EncryptInit_ex2(ctx_, nullptr, key, nullptr, nullptr) != 1) {
|
||||
throw DL_ABORT_EX("Failed to set key to RC4 cipher");
|
||||
}
|
||||
#else // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
|
||||
RC4_set_key(&key_, keyLength, key);
|
||||
#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
|
||||
}
|
||||
|
||||
void ARC4Encryptor::encrypt(size_t len, unsigned char* out,
|
||||
const unsigned char* in)
|
||||
{
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
int outlen;
|
||||
|
||||
if (EVP_EncryptUpdate(ctx_, out, &outlen, in, len) != 1) {
|
||||
throw DL_ABORT_EX("Failed to encrypt data with RC4 cipher");
|
||||
}
|
||||
|
||||
assert(static_cast<size_t>(outlen) == len);
|
||||
#else // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
|
||||
RC4(&key_, len, in, out);
|
||||
#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
|
||||
}
|
||||
|
||||
} // namespace aria2
|
||||
|
||||
@ -39,13 +39,22 @@
|
||||
|
||||
#include <cstdlib>
|
||||
|
||||
#include <openssl/rc4.h>
|
||||
#include <openssl/opensslv.h>
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
# include <openssl/evp.h>
|
||||
#else // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
|
||||
# include <openssl/rc4.h>
|
||||
#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
|
||||
|
||||
namespace aria2 {
|
||||
|
||||
class ARC4Encryptor {
|
||||
private:
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
EVP_CIPHER_CTX* ctx_;
|
||||
#else // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
|
||||
RC4_KEY key_;
|
||||
#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
|
||||
|
||||
public:
|
||||
ARC4Encryptor();
|
||||
|
||||
@ -151,7 +151,8 @@ OpenSSLTLSContext::OpenSSLTLSContext(TLSSessionSide side, TLSVersion minVer)
|
||||
ERR_error_string(ERR_get_error(), nullptr)));
|
||||
}
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
|
||||
#if OPENSSL_VERSION_NUMBER < 0x30000000L && \
|
||||
OPENSSL_VERSION_NUMBER >= 0x0090800fL
|
||||
# ifndef OPENSSL_NO_ECDH
|
||||
auto ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
|
||||
if (ecdh == nullptr) {
|
||||
@ -163,7 +164,8 @@ OpenSSLTLSContext::OpenSSLTLSContext(TLSSessionSide side, TLSVersion minVer)
|
||||
EC_KEY_free(ecdh);
|
||||
}
|
||||
# endif // OPENSSL_NO_ECDH
|
||||
#endif // OPENSSL_VERSION_NUMBER >= 0x0090800fL
|
||||
#endif // OPENSSL_VERSION_NUMBER < 0x30000000L && OPENSSL_VERSION_NUMBER >=
|
||||
// 0x0090800fL
|
||||
}
|
||||
|
||||
OpenSSLTLSContext::~OpenSSLTLSContext() { SSL_CTX_free(sslCtx_); }
|
||||
|
||||
@ -233,7 +233,11 @@ int OpenSSLTLSSession::tlsConnect(const std::string& hostname,
|
||||
}
|
||||
if (tlsContext_->getSide() == TLS_CLIENT && tlsContext_->getVerifyPeer()) {
|
||||
// verify peer
|
||||
X509* peerCert = SSL_get_peer_certificate(ssl_);
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
auto peerCert = SSL_get1_peer_certificate(ssl_);
|
||||
#else // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
|
||||
auto peerCert = SSL_get_peer_certificate(ssl_);
|
||||
#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
|
||||
if (!peerCert) {
|
||||
handshakeErr = "certificate not found";
|
||||
return TLS_ERR_ERROR;
|
||||
|
||||
@ -73,6 +73,7 @@
|
||||
#endif // HAVE_LIBGMP
|
||||
#include "LogFactory.h"
|
||||
#include "util.h"
|
||||
#include "SocketCore.h"
|
||||
|
||||
namespace aria2 {
|
||||
|
||||
@ -91,6 +92,11 @@ void gnutls_log_callback(int level, const char* str)
|
||||
|
||||
bool Platform::initialized_ = false;
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
OSSL_PROVIDER* Platform::legacy_provider_ = nullptr;
|
||||
OSSL_PROVIDER* Platform::default_provider_ = nullptr;
|
||||
#endif // OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
|
||||
Platform::Platform() { setUp(); }
|
||||
|
||||
Platform::~Platform() { tearDown(); }
|
||||
@ -112,7 +118,18 @@ bool Platform::setUp()
|
||||
#endif // ENABLE_NLS
|
||||
|
||||
#ifdef HAVE_OPENSSL
|
||||
# if !OPENSSL_101_API
|
||||
# if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
// RC4 is in the legacy provider.
|
||||
legacy_provider_ = OSSL_PROVIDER_load(nullptr, "legacy");
|
||||
if (!legacy_provider_) {
|
||||
throw DL_ABORT_EX("OSSL_PROVIDER_load 'legacy' failed.");
|
||||
}
|
||||
|
||||
default_provider_ = OSSL_PROVIDER_load(nullptr, "default");
|
||||
if (!default_provider_) {
|
||||
throw DL_ABORT_EX("OSSL_PROVIDER_load 'default' failed.");
|
||||
}
|
||||
# elif !OPENSSL_101_API
|
||||
// for SSL initialization
|
||||
SSL_load_error_strings();
|
||||
SSL_library_init();
|
||||
@ -181,6 +198,21 @@ bool Platform::tearDown()
|
||||
}
|
||||
initialized_ = false;
|
||||
|
||||
SocketCore::setClientTLSContext(nullptr);
|
||||
SocketCore::setServerTLSContext(nullptr);
|
||||
|
||||
#ifdef HAVE_OPENSSL
|
||||
# if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
if (default_provider_) {
|
||||
OSSL_PROVIDER_unload(default_provider_);
|
||||
}
|
||||
|
||||
if (legacy_provider_) {
|
||||
OSSL_PROVIDER_unload(legacy_provider_);
|
||||
}
|
||||
# endif // OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
#endif // HAVE_OPENSSL
|
||||
|
||||
#ifdef HAVE_LIBGNUTLS
|
||||
gnutls_global_deinit();
|
||||
#endif // HAVE_LIBGNUTLS
|
||||
|
||||
@ -37,12 +37,26 @@
|
||||
|
||||
#include "common.h"
|
||||
|
||||
#ifdef HAVE_OPENSSL
|
||||
# include <openssl/opensslv.h>
|
||||
# if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
# include <openssl/provider.h>
|
||||
# endif // OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
#endif // HAVE_OPENSSL
|
||||
|
||||
namespace aria2 {
|
||||
|
||||
class Platform {
|
||||
private:
|
||||
static bool initialized_;
|
||||
|
||||
#ifdef HAVE_OPENSSL
|
||||
# if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
static OSSL_PROVIDER* legacy_provider_;
|
||||
static OSSL_PROVIDER* default_provider_;
|
||||
# endif // OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
#endif // HAVE_OPENSSL
|
||||
|
||||
public:
|
||||
Platform();
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user