101 lines
2.4 KiB
Diff
101 lines
2.4 KiB
Diff
From 29ea07ef66be59c8ab62058b2ce3e92765e2be10 Mon Sep 17 00:00:00 2001
|
|
From: Milan Broz <gmazyland@gmail.com>
|
|
Date: Mon, 13 Sep 2021 14:48:15 +0200
|
|
Subject: [PATCH 02/11] OpenSSL backend: make legacy for OpenSSL3 optional and
|
|
report loaded providers
|
|
|
|
---
|
|
lib/crypto_backend/crypto_openssl.c | 48 +++++++++++++++++++----------
|
|
1 file changed, 32 insertions(+), 16 deletions(-)
|
|
|
|
diff --git a/lib/crypto_backend/crypto_openssl.c b/lib/crypto_backend/crypto_openssl.c
|
|
index a5ec4048..92eeb33c 100644
|
|
--- a/lib/crypto_backend/crypto_openssl.c
|
|
+++ b/lib/crypto_backend/crypto_openssl.c
|
|
@@ -45,6 +45,7 @@
|
|
static OSSL_PROVIDER *ossl_legacy = NULL;
|
|
static OSSL_PROVIDER *ossl_default = NULL;
|
|
static OSSL_LIB_CTX *ossl_ctx = NULL;
|
|
+static char backend_version[256] = "OpenSSL";
|
|
#endif
|
|
|
|
#define CONST_CAST(x) (x)(uintptr_t)
|
|
@@ -133,12 +134,30 @@ static void HMAC_CTX_free(HMAC_CTX *md)
|
|
free(md);
|
|
}
|
|
#else
|
|
+static void openssl_backend_exit(void)
|
|
+{
|
|
+#if OPENSSL_VERSION_MAJOR >= 3
|
|
+ if (ossl_legacy)
|
|
+ OSSL_PROVIDER_unload(ossl_legacy);
|
|
+ if (ossl_default)
|
|
+ OSSL_PROVIDER_unload(ossl_default);
|
|
+ if (ossl_ctx)
|
|
+ OSSL_LIB_CTX_free(ossl_ctx);
|
|
+
|
|
+ ossl_legacy = NULL;
|
|
+ ossl_default = NULL;
|
|
+ ossl_ctx = NULL;
|
|
+#endif
|
|
+}
|
|
+
|
|
static int openssl_backend_init(void)
|
|
{
|
|
/*
|
|
* OpenSSL >= 3.0.0 provides some algorithms in legacy provider
|
|
*/
|
|
#if OPENSSL_VERSION_MAJOR >= 3
|
|
+ int r;
|
|
+
|
|
ossl_ctx = OSSL_LIB_CTX_new();
|
|
if (!ossl_ctx)
|
|
return -EINVAL;
|
|
@@ -151,30 +170,27 @@ static int openssl_backend_init(void)
|
|
|
|
/* Optional */
|
|
ossl_legacy = OSSL_PROVIDER_try_load(ossl_ctx, "legacy", 0);
|
|
+
|
|
+ r = snprintf(backend_version, sizeof(backend_version), "%s %s%s",
|
|
+ OpenSSL_version(OPENSSL_VERSION),
|
|
+ ossl_default ? "[default]" : "",
|
|
+ ossl_legacy ? "[legacy]" : "");
|
|
+ if (r < 0 || (size_t)r >= sizeof(backend_version)) {
|
|
+ openssl_backend_exit();
|
|
+ return -EINVAL;
|
|
+ }
|
|
#endif
|
|
return 0;
|
|
}
|
|
|
|
-static void openssl_backend_exit(void)
|
|
+static const char *openssl_backend_version(void)
|
|
{
|
|
#if OPENSSL_VERSION_MAJOR >= 3
|
|
- if (ossl_legacy)
|
|
- OSSL_PROVIDER_unload(ossl_legacy);
|
|
- if (ossl_default)
|
|
- OSSL_PROVIDER_unload(ossl_default);
|
|
- if (ossl_ctx)
|
|
- OSSL_LIB_CTX_free(ossl_ctx);
|
|
-
|
|
- ossl_legacy = NULL;
|
|
- ossl_default = NULL;
|
|
- ossl_ctx = NULL;
|
|
+ return backend_version;
|
|
+#else
|
|
+ return OpenSSL_version(OPENSSL_VERSION);
|
|
#endif
|
|
}
|
|
-
|
|
-static const char *openssl_backend_version(void)
|
|
-{
|
|
- return OpenSSL_version(OPENSSL_VERSION);
|
|
-}
|
|
#endif
|
|
|
|
int crypt_backend_init(void)
|
|
--
|
|
2.27.0
|
|
|