aboutsummaryrefslogblamecommitdiffstats
path: root/community/rethinkdb/libressl-all.patch
blob: 6f273a0258d8a363f7ba03e3de5d9695430abad5 (plain) (tree)





























































































































































                                                                                    
From d52a694a806c1a8b6dd4d7d17d0671a96240449a Mon Sep 17 00:00:00 2001
From: Natanael Copa <ncopa@alpinelinux.org>
Date: Wed, 4 Jan 2017 15:31:40 +0100
Subject: [PATCH] Improve OpenSSL compatibility

Refactor the conditionals for openssl 1.1 support so we avoid multiple
if/else and add a check for LibreSSL as well.
---
 src/crypto/hash.cc                 | 13 +++++--------
 src/crypto/hmac.cc                 | 34 ++++++++++++++++++----------------
 src/crypto/initialization_guard.cc | 15 ++++++---------
 3 files changed, 29 insertions(+), 33 deletions(-)

diff --git a/src/crypto/hash.cc b/src/crypto/hash.cc
index 4427dfddeb..e035f695fc 100644
--- a/src/crypto/hash.cc
+++ b/src/crypto/hash.cc
@@ -8,27 +8,24 @@
 
 #include "crypto/error.hpp"
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#define EVP_MD_CTX_new     EVP_MD_CTX_create
+#define EVP_MD_CTX_free    EVP_MD_CTX_destroy
+#endif
+
 namespace crypto {
 
 class evp_md_ctx_wrapper_t {
 public:
     evp_md_ctx_wrapper_t() {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-        m_evp_md_ctx = EVP_MD_CTX_create();
-#else
         m_evp_md_ctx = EVP_MD_CTX_new();
-#endif
         if (m_evp_md_ctx == nullptr) {
             throw openssl_error_t(ERR_get_error());
         }
     }
 
     ~evp_md_ctx_wrapper_t() {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-        EVP_MD_CTX_destroy(m_evp_md_ctx);
-#else
         EVP_MD_CTX_free(m_evp_md_ctx);
-#endif
     }
 
     EVP_MD_CTX *get() {
diff --git a/src/crypto/hmac.cc b/src/crypto/hmac.cc
index 2ac4314e24..0e3f91a0c1 100644
--- a/src/crypto/hmac.cc
+++ b/src/crypto/hmac.cc
@@ -7,43 +7,45 @@
 
 #include "crypto/error.hpp"
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+
+inline HMAC_CTX *HMAC_CTX_new() {
+    HMAC_CTX *tmp = (HMAC_CTX *)OPENSSL_malloc(sizeof(HMAC_CTX));
+    if (tmp)
+        HMAC_CTX_init(tmp);
+    return tmp;
+}
+
+inline void HMAC_CTX_free(HMAC_CTX *ctx) {
+    if (ctx) {
+        HMAC_CTX_cleanup(ctx);
+        OPENSSL_free(ctx);
+    }
+}
+
+#endif
+
 namespace crypto {
 
 class hmac_ctx_wrapper_t {
 public:
     hmac_ctx_wrapper_t() {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-        HMAC_CTX_init(&m_hmac_ctx);
-#else
         m_hmac_ctx = HMAC_CTX_new();
         if (m_hmac_ctx == nullptr) {
             throw openssl_error_t(ERR_get_error());
         }
-#endif
     }
 
     ~hmac_ctx_wrapper_t() {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-        HMAC_CTX_cleanup(&m_hmac_ctx);
-#else
         HMAC_CTX_free(m_hmac_ctx);
-#endif
     }
 
     HMAC_CTX *get() {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-        return &m_hmac_ctx;
-#else
         return m_hmac_ctx;
-#endif
     }
 
 private:
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-    HMAC_CTX m_hmac_ctx;
-#else
     HMAC_CTX *m_hmac_ctx;
-#endif
 };
 
 std::array<unsigned char, SHA256_DIGEST_LENGTH> detail::hmac_sha256(
diff --git a/src/crypto/initialization_guard.cc b/src/crypto/initialization_guard.cc
index ba0503efc6..f76ffd96da 100644
--- a/src/crypto/initialization_guard.cc
+++ b/src/crypto/initialization_guard.cc
@@ -14,16 +14,17 @@
 #include "arch/io/concurrency.hpp"
 #include "arch/runtime/runtime.hpp"
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#define OPENSSL_init_ssl(x, y)     SSL_library_init()
+#define OPENSSL_init_crypto(x, y)  SSL_load_error_strings()
+#define OPENSSL_cleanup            ERR_free_strings
+#endif
+
 namespace crypto {
 
 initialization_guard_t::initialization_guard_t() {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-    SSL_library_init();
-    SSL_load_error_strings();
-#else
     OPENSSL_init_ssl(0, nullptr);
     OPENSSL_init_crypto(0, nullptr);
-#endif
 
     // Make OpenSSL thread-safe by registering the required callbacks
     CRYPTO_THREADID_set_callback([](CRYPTO_THREADID *thread_out) {
@@ -49,11 +50,7 @@ initialization_guard_t::initialization_guard_t() {
 }
 
 initialization_guard_t::~initialization_guard_t() {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-    ERR_free_strings();
-#else
     OPENSSL_cleanup();
-#endif
 }
 
 }  // namespace crypto
-- 
2.11.0