From: Andre Noll <maan@tuebingen.mpg.de>
Date: Thu, 1 Dec 2022 17:08:44 +0000 (+0100)
Subject: Merge topic branch t/openssl-3 into master
X-Git-Tag: v0.7.2~11
X-Git-Url: http://git.tuebingen.mpg.de/?a=commitdiff_plain;h=fca08641935a5bdf6570a14e0b7aeed536745060;hp=a5a6446fd1af4a0ad03ef06a3c194d37d6a46acd;p=paraslash.git

Merge topic branch t/openssl-3 into master

Two patches. The first suppresses warnings when compiling against
openssl-3, the second switches the two hash functions over to the
EVP API. More work is needed but it does not hurt to merge this first
step now.

* refs/heads/t/openssl-3:
  openssl: Switch to evp API for sha1 and sha256.
  openssl: Deactivate openssl-3 warnings for now.
---

diff --git a/Makefile.real b/Makefile.real
index bf3cb6e0..dc658fe1 100644
--- a/Makefile.real
+++ b/Makefile.real
@@ -221,7 +221,9 @@ $(call OD, afs aft attribute blob mood playlist score server vss command \
 	CPPFLAGS += $(osl_cppflags)
 
 $(call OD, compress_filter): CFLAGS += -O3
+$(call OD, openssl): CFLAGS += -Wno-deprecated-declarations
 
+$(object_dir)/%.o: %.c | $(object_dir) $(dep_dir) $(lsg_h) $(yy_h)
 define CC_CMD
 	$(call SAY, CC $<)
 	$(CC) -c -o $(object_dir)/$(*F).o -MMD -MF \
diff --git a/NEWS.md b/NEWS.md
index 009982a3..fff7a242 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -12,6 +12,8 @@ NEWS
   the startup mood and the time period before fade-out starts. A bunch
   of further improvements for this subcommand went in as well.
 - Minor cleanup of the net subsystem.
+- The openssl specific code now employs the EVP API to compute hashes.
+  It should compile without warnings against openssl-3.
 
 Downloads:
 [tarball](./releases/paraslash-git.tar.xz)
diff --git a/openssl.c b/openssl.c
index 9d3ad577..71849876 100644
--- a/openssl.c
+++ b/openssl.c
@@ -11,6 +11,7 @@
 #include <openssl/sha.h>
 #include <openssl/bn.h>
 #include <openssl/aes.h>
+#include <openssl/evp.h>
 
 #include "para.h"
 #include "error.h"
@@ -409,16 +410,24 @@ void sc_crypt(struct stream_cipher *sc, struct iovec *src, struct iovec *dst)
 
 void hash_function(const char *data, unsigned long len, unsigned char *hash)
 {
-	SHA_CTX c;
-	SHA1_Init(&c);
-	SHA1_Update(&c, data, len);
-	SHA1_Final(hash, &c);
+	EVP_MD_CTX *c = EVP_MD_CTX_new();
+	int ret = EVP_DigestInit_ex(c, EVP_sha1(), NULL);
+	assert(ret != 0);
+	ret = EVP_DigestUpdate(c, data, len);
+	assert(ret != 0);
+	ret = EVP_DigestFinal_ex(c, hash, NULL);
+	assert(ret != 0);
+	EVP_MD_CTX_free(c);
 }
 
 void hash2_function(const char *data, unsigned long len, unsigned char *hash)
 {
-	SHA256_CTX c;
-	SHA256_Init(&c);
-	SHA256_Update(&c, data, len);
-	SHA256_Final(hash, &c);
+	EVP_MD_CTX *c = EVP_MD_CTX_new();
+	int ret = EVP_DigestInit_ex(c, EVP_sha256(), NULL);
+	assert(ret != 0);
+	ret = EVP_DigestUpdate(c, data, len);
+	assert(ret != 0);
+	ret = EVP_DigestFinal_ex(c, hash, NULL);
+	assert(ret != 0);
+	EVP_MD_CTX_free(c);
 }