Port to OpenSSL 3

Backport of upstream commit (ee1dfedb)
This commit is contained in:
Sergio Correia 2021-05-07 09:14:44 -03:00
parent 22efa77106
commit 7df4966cc9
2 changed files with 54 additions and 1 deletions

View File

@ -0,0 +1,47 @@
From 95f25c355fc13727410ccacaa618caf6af5d5eba Mon Sep 17 00:00:00 2001
From: Sergio Correia <scorreia@redhat.com>
Date: Mon, 3 May 2021 22:36:36 -0300
Subject: [PATCH] sss: use BN_set_word(x, 0) instead of BN_zero()
Different OpenSSL versions define BN_zero() differently -- sometimes
returning an integer, sometimes as void --, so let's use instead
BN_set_word() instead, not to have issues when building with these
different versions.
---
src/pins/sss/sss.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/pins/sss/sss.c b/src/pins/sss/sss.c
index a37215d..7486d6c 100644
--- a/src/pins/sss/sss.c
+++ b/src/pins/sss/sss.c
@@ -214,7 +214,7 @@ sss_point(const json_t *sss, size_t *len)
if (BN_rand_range(xx, pp) <= 0)
return NULL;
- if (BN_zero(yy) <= 0)
+ if (BN_set_word(yy, 0) <= 0)
return NULL;
for (size_t i = 0; i < json_array_size(e); i++) {
@@ -272,7 +272,7 @@ sss_recover(const json_t *p, size_t npnts, const uint8_t *pnts[])
if (!ctx || !pp || !acc || !tmp || !k)
return NULL;
- if (BN_zero(k) <= 0)
+ if (BN_set_word(k, 0) <= 0)
return NULL;
len = jose_b64_dec(p, NULL, 0);
@@ -303,7 +303,7 @@ sss_recover(const json_t *p, size_t npnts, const uint8_t *pnts[])
/* acc *= (0 - xi) / (xo - xi) */
- if (BN_zero(tmp) <= 0)
+ if (BN_set_word(tmp, 0) <= 0)
return NULL;
if (BN_mod_sub(tmp, tmp, xi, pp, ctx) <= 0)
--
2.31.1

View File

@ -1,6 +1,6 @@
Name: clevis
Version: 18
Release: 1%{?dist}
Release: 2%{?dist}
Summary: Automated decryption framework
License: GPLv3+
@ -8,6 +8,8 @@ URL: https://github.com/latchset/%{name}
Source0: https://github.com/latchset/%{name}/releases/download/v%{version}/%{name}-%{version}.tar.xz
Source1: clevis.sysusers
Patch0001: 0001-sss-use-BN_set_word-x-0-instead-of-BN_zero.patch
BuildRequires: git-core
BuildRequires: gcc
BuildRequires: meson
@ -192,6 +194,10 @@ exit 0
%attr(4755, root, root) %{_libexecdir}/%{name}-luks-udisks2
%changelog
* Fri May 07 2021 Sergio Correia <scorreia@redhat.com> - 18-2
- Port to OpenSSL 3
Backport of upstream commit (ee1dfedb)
* Thu Apr 15 2021 Sergio Correia <scorreia@redhat.com> - 18-1
- Update to new clevis upstream release, v18.