diff mbox series

[OpenWrt-Devel,4/4] ustream-ssl: openssl-1.1 compatibility

Message ID mailman.1092.1526990624.28140.openwrt-devel@lists.openwrt.org
State Not Applicable
Delegated to: John Crispin
Headers show
Series [OpenWrt-Devel,1/4] openssl: Upgrade to 1.1.0h | expand

Commit Message

Thomas Richard via openwrt-devel May 22, 2018, 12:04 p.m. UTC 
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Patch to compile ustream-ssl with openssl-1.1.0.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
---
 ustream-io-openssl.c | 37 +++++++++++++++++++++++++++++++++++++
 ustream-openssl.c    | 12 +++++++++++-
 2 files changed, 48 insertions(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/ustream-io-openssl.c b/ustream-io-openssl.c
index 6711055..73a2ba6 100644
--- a/ustream-io-openssl.c
+++ b/ustream-io-openssl.c
@@ -26,10 +26,16 @@ 
 static int
 s_ustream_new(BIO *b)
 {
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	BIO_set_init(b, 1);
+	BIO_set_data(b, NULL);
+	BIO_set_shutdown(b, 0);
+#else
 	b->init = 1;
 	b->num = 0;
 	b->ptr = NULL;
 	b->flags = 0;
+#endif
 	return 1;
 }
 
@@ -39,9 +45,15 @@  s_ustream_free(BIO *b)
 	if (!b)
 		return 0;
 
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	BIO_set_data(b, NULL);
+	BIO_set_init(b, 0);
+	BIO_set_shutdown(b, 0);
+#else
 	b->ptr = NULL;
 	b->init = 0;
 	b->flags = 0;
+#endif
 	return 1;
 }
 
@@ -55,7 +67,11 @@  s_ustream_read(BIO *b, char *buf, int len)
 	if (!buf || len <= 0)
 		return 0;
 
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	s = (struct ustream *)BIO_get_data(b);
+#else
 	s = (struct ustream *)b->ptr;
+#endif
 	if (!s)
 		return 0;
 
@@ -84,7 +100,11 @@  s_ustream_write(BIO *b, const char *buf, int len)
 	if (!buf || len <= 0)
 		return 0;
 
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	s = (struct ustream *)BIO_get_data(b);
+#else
 	s = (struct ustream *)b->ptr;
+#endif
 	if (!s)
 		return 0;
 
@@ -116,6 +136,7 @@  static long s_ustream_ctrl(BIO *b, int cmd, long num, void *ptr)
 	};
 }
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 static BIO_METHOD methods_ustream = {
 	100 | BIO_TYPE_SOURCE_SINK,
 	"ustream",
@@ -128,13 +149,29 @@  static BIO_METHOD methods_ustream = {
 	s_ustream_free,
 	NULL,
 };
+#endif
 
 static BIO *ustream_bio_new(struct ustream *s)
 {
 	BIO *bio;
 
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	BIO_METHOD *methods_ustream;
+
+	methods_ustream = BIO_meth_new(BIO_get_new_index() | BIO_TYPE_SOURCE_SINK, "ustream");
+	BIO_meth_set_write(methods_ustream, s_ustream_write);
+	BIO_meth_set_read(methods_ustream, s_ustream_read);
+	BIO_meth_set_puts(methods_ustream, s_ustream_puts);
+	BIO_meth_set_gets(methods_ustream, s_ustream_gets);
+	BIO_meth_set_ctrl(methods_ustream, s_ustream_ctrl);
+	BIO_meth_set_create(methods_ustream, s_ustream_new);
+	BIO_meth_set_destroy(methods_ustream, s_ustream_free);
+	bio = BIO_new(methods_ustream);
+	BIO_set_data(bio, s);
+#else
 	bio = BIO_new(&methods_ustream);
 	bio->ptr = s;
+#endif
 	return bio;
 }
 
diff --git a/ustream-openssl.c b/ustream-openssl.c
index eb03dab..52b7c21 100644
--- a/ustream-openssl.c
+++ b/ustream-openssl.c
@@ -38,11 +38,17 @@  __ustream_ssl_context_new(bool server)
 	if (server)
 #ifdef CYASSL_OPENSSL_H_
 		m = SSLv23_server_method();
+#elif OPENSSL_VERSION_NUMBER >= 0x10100000L
+		m = TLS_server_method();
 #else
 		m = TLSv1_2_server_method();
 #endif
 	else
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+		m = TLS_client_method();
+#else
 		m = SSLv23_client_method();
+#endif
 
 	c = SSL_CTX_new((void *) m);
 	if (!c)
@@ -52,8 +58,12 @@  __ustream_ssl_context_new(bool server)
 #ifndef OPENSSL_NO_ECDH
 	SSL_CTX_set_ecdh_auto(c, 1);
 #endif
-	if (server)
+	if (server) {
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+		SSL_CTX_set_min_proto_version(c, TLS1_2_VERSION);
+#endif
 		SSL_CTX_set_cipher_list(c, "DEFAULT:!RC4:@STRENGTH");
+	}
 	SSL_CTX_set_quiet_shutdown(c, 1);
 
 	return (void *) c;