]> git.tuebingen.mpg.de Git - paraslash.git/commitdiff
projects / paraslash.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: 505d513 7b65bdc)
Merge topic branch t/openssl-3 into next
authorAndre Noll <maan@tuebingen.mpg.de>
Sat, 18 May 2024 20:13:20 +0000 (22:13 +0200)
committerAndre Noll <maan@tuebingen.mpg.de>
Sat, 18 May 2024 20:13:20 +0000 (22:13 +0200)
Started on 2023-04-29, Cooking since 2024-05-18.

The series starts with a few cleanups and crypto-backend tweaks to
beat the openssl specific code into shape for the main objective:
the switch of the RSA encryption and decryption routines to the
high-level EVP API. This has become necessary because the old RSA
API functions have been deprecated in openssl-3.

<!--

- The openssl RSA code has been converted to EVP and no longer uses
  any deprecated openssl API functions.

-->

* refs/heads/t/openssl-3:
  openssl: Reactivate openssl warnings.
  openssl: Use the EVP library for RSA private decryption.
  openssl: Use the EVP library for RSA public encryption.
  apc_priv_decrypt: Let the callee allocate the buffer.
  apc_pub_encrypt: Let the callee allocate the buffer.
  openssl: Assume that openssl allocation functions functions succeed.
  openssl: Introduce openssl_perror().
  openssl: Don't pass pointers to RSA structures around.
  openssl: Kill rsa coefficient computations.
  client: Check buffer size returned by apc_priv_decrypt().

# Conflicts:
# configure.ac

1  2 
Makefile.real patch | diff1 | diff2 | blob | history
configure.ac patch | diff1 | diff2 | blob | history
openssl.c patch | diff1 | diff2 | blob | history

diff --cc Makefile.real
Simple merge
diff --cc configure.ac
index 63b06316137c0a67d6b2142bda481e55aab934ed,d6796e5641aeea757b84db65d6e6f50f4a489240..9e90ae5d6745d335f93b9eb3f7c8f8e44630964e
--- 1/configure.ac
--- 2/configure.ac
+++ b/configure.ac
@@@ -109,6 -110,20 +109,10 @@@ if test $HAVE_OPENSSL = yes; the
        will be removed in the next major paraslash release. Please upgrade
        your openssl installation.])
        fi
 -
+       AC_CHECK_LIB([crypto], [OSSL_PARAM_construct_BN], [HAVE_OSSL_PARAM=yes],
+               [HAVE_OSSL_PARAM=no])
+       test $HAVE_OSSL_PARAM = yes &&
+               AC_DEFINE([HAVE_OSSL_PARAM], [1], [openssl >= 3.0])
 -      HAVE_CRYPTO_CLEANUP_ALL_EX_DATA=yes
 -      AC_CHECK_DECL([CRYPTO_cleanup_all_ex_data], [],
 -              [HAVE_CRYPTO_CLEANUP_ALL_EX_DATA=no],
 -              [#include <openssl/rsa.h>])
 -      AC_CHECK_LIB([crypto], [CRYPTO_cleanup_all_ex_data], [],
 -              [HAVE_CRYPTO_CLEANUP_ALL_EX_DATA=no])
 -      test $HAVE_CRYPTO_CLEANUP_ALL_EX_DATA = yes &&
 -              AC_DEFINE([HAVE_CRYPTO_CLEANUP_ALL_EX_DATA], [1],
 -                      [not available on FreeBSD 12])
        HAVE_OPENSSL_THREAD_STOP=yes
        AC_CHECK_DECL([OPENSSL_thread_stop], [],
                [HAVE_OPENSSL_THREAD_STOP=no],
diff --cc openssl.c
Simple merge
paraslash - network audio streaming tools