-
Type:
Bug
-
Resolution: Done
-
Priority:
Minor - P4
-
Affects Version/s: 1.1.8
-
Component/s: tls
-
Fully Compatible
Recently, OpenSSL posted a couple 1.1.0-alpha releases and asked users to see if there were any interoperability problems.
One of the biggest changes coming in 1.1 is that many objects (such as EVP_MD_CTX) now are only visible as opaque pointers. i.e. their exact size and layout are considered private to OpenSSL. Of course, this means that they can't be put on the stack.
With this small patch, I was able to compile 1.1.8 of the C driver against OpenSSL 1.1.0-pre2. I haven't tested it, but it seems sane enough:
--- mongo-c-driver-1.1.8/src/mongoc/mongoc-scram.c.ORIG 2016-01-20 10:42:42.378692732 -0800
+++ mongo-c-driver-1.1.8/src/mongoc/mongoc-scram.c 2016-01-20 10:46:15.365245075 -0800
@@ -308,8 +308,9 @@
const size_t input_len,
unsigned char *output)
{
- EVP_MD_CTX digest_ctx;
bool rval = false;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ EVP_MD_CTX digest_ctx;
EVP_MD_CTX_init (&digest_ctx);
@@ -325,6 +326,22 @@
cleanup:
EVP_MD_CTX_cleanup (&digest_ctx);
+#else /* OpenSSL >= 1.1.0 */
+ EVP_MD_CTX *digest_ctxp = EVP_MD_CTX_new();
+
+ if (1 != EVP_DigestInit_ex (digest_ctxp, EVP_sha1 (), NULL)) {
+ goto cleanup;
+ }
+
+ if (1 != EVP_DigestUpdate (digest_ctxp, input, input_len)) {
+ goto cleanup;
+ }
+
+ rval = (1 == EVP_DigestFinal_ex (digest_ctxp, output, NULL));
+
+cleanup:
+ EVP_MD_CTX_free(digest_ctxp);
+#endif
return rval;
}
There are also a couple deprecated warnings that pop up, which you may be interested in:
src/mongoc/mongoc-rand.c:33:5: warning: ‘RAND_pseudo_bytes’ is deprecated src/mongoc/mongoc-ssl.c:540:7: warning: ‘CRYPTO_set_id_callback’ is deprecated src/mongoc/mongoc-ssl.c:551:7: warning: ‘CRYPTO_set_id_callback’ is deprecated
- is duplicated by
-
-
- Closed
-
- links to