github
/
aria2
mirror of https://github.com/aria2/aria2
1
0
Fork 0
Code Issues Releases Wiki Activity

Build with OpenSSL 3.0.0

pull/1692/merge
Tatsuhiro Tsujikawa 2021-10-28 15:45:35 +09:00
parent 21f476588c
commit 869aae8264
6 changed files with 119 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
src/LibsslARC4Encryptor.cc
View File

@ -34,21 +34,74 @@
/* copyright --> */ /* copyright --> */
#include "LibsslARC4Encryptor.h" #include "LibsslARC4Encryptor.h"
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
# include <cassert>
# include <openssl/core_names.h>
# include "DlAbortEx.h"
#endif // OPENSSL_VERSION_NUMBER >= 0x30000000L
namespace aria2 { namespace aria2 {
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
ARC4Encryptor::ARC4Encryptor() : ctx_{nullptr} {}
ARC4Encryptor::~ARC4Encryptor()
{
if (ctx_) {
EVP_CIPHER_CTX_free(ctx_);
}
}
#else // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
ARC4Encryptor::ARC4Encryptor() {} ARC4Encryptor::ARC4Encryptor() {}
ARC4Encryptor::~ARC4Encryptor() = default; ARC4Encryptor::~ARC4Encryptor() = default;
#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
void ARC4Encryptor::init(const unsigned char* key, size_t keyLength) void ARC4Encryptor::init(const unsigned char* key, size_t keyLength)
{ {
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
if (ctx_) {
EVP_CIPHER_CTX_free(ctx_);
}
ctx_ = EVP_CIPHER_CTX_new();
unsigned int keylen = keyLength;
OSSL_PARAM params[] = {
OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_KEYLEN, &keylen),
OSSL_PARAM_construct_end(),
};
if (EVP_EncryptInit_ex2(ctx_, EVP_rc4(), nullptr, nullptr, params) != 1) {
throw DL_ABORT_EX("Failed to initialize RC4 cipher");
}
if (EVP_EncryptInit_ex2(ctx_, nullptr, key, nullptr, nullptr) != 1) {
throw DL_ABORT_EX("Failed to set key to RC4 cipher");
}
#else // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
RC4_set_key(&key_, keyLength, key); RC4_set_key(&key_, keyLength, key);
#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
} }
void ARC4Encryptor::encrypt(size_t len, unsigned char* out, void ARC4Encryptor::encrypt(size_t len, unsigned char* out,
const unsigned char* in) const unsigned char* in)
{ {
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
int outlen;
if (EVP_EncryptUpdate(ctx_, out, &outlen, in, len) != 1) {
throw DL_ABORT_EX("Failed to encrypt data with RC4 cipher");
}
assert(static_cast<size_t>(outlen) == len);
#else // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
RC4(&key_, len, in, out); RC4(&key_, len, in, out);
#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
} }
} // namespace aria2 } // namespace aria2

11
src/LibsslARC4Encryptor.h
View File

@ -39,13 +39,22 @@
#include <cstdlib> #include <cstdlib>
#include <openssl/rc4.h> #include <openssl/opensslv.h>
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
# include <openssl/evp.h>
#else // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
# include <openssl/rc4.h>
#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
namespace aria2 { namespace aria2 {
class ARC4Encryptor { class ARC4Encryptor {
private: private:
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
EVP_CIPHER_CTX* ctx_;
#else // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
RC4_KEY key_; RC4_KEY key_;
#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
public: public:
ARC4Encryptor(); ARC4Encryptor();

6
src/LibsslTLSContext.cc
View File

@ -151,7 +151,8 @@ OpenSSLTLSContext::OpenSSLTLSContext(TLSSessionSide side, TLSVersion minVer)
ERR_error_string(ERR_get_error(), nullptr))); ERR_error_string(ERR_get_error(), nullptr)));
} }
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL #if OPENSSL_VERSION_NUMBER < 0x30000000L && \
OPENSSL_VERSION_NUMBER >= 0x0090800fL
# ifndef OPENSSL_NO_ECDH # ifndef OPENSSL_NO_ECDH
auto ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); auto ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
if (ecdh == nullptr) { if (ecdh == nullptr) {
@ -163,7 +164,8 @@ OpenSSLTLSContext::OpenSSLTLSContext(TLSSessionSide side, TLSVersion minVer)
EC_KEY_free(ecdh); EC_KEY_free(ecdh);
} }
# endif // OPENSSL_NO_ECDH # endif // OPENSSL_NO_ECDH
#endif // OPENSSL_VERSION_NUMBER >= 0x0090800fL #endif // OPENSSL_VERSION_NUMBER < 0x30000000L && OPENSSL_VERSION_NUMBER >=
// 0x0090800fL
} }
OpenSSLTLSContext::~OpenSSLTLSContext() { SSL_CTX_free(sslCtx_); } OpenSSLTLSContext::~OpenSSLTLSContext() { SSL_CTX_free(sslCtx_); }

6
src/LibsslTLSSession.cc
View File

@ -233,7 +233,11 @@ int OpenSSLTLSSession::tlsConnect(const std::string& hostname,
} }
if (tlsContext_->getSide() == TLS_CLIENT && tlsContext_->getVerifyPeer()) { if (tlsContext_->getSide() == TLS_CLIENT && tlsContext_->getVerifyPeer()) {
// verify peer // verify peer
X509* peerCert = SSL_get_peer_certificate(ssl_); #if OPENSSL_VERSION_NUMBER >= 0x30000000L
auto peerCert = SSL_get1_peer_certificate(ssl_);
#else // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
auto peerCert = SSL_get_peer_certificate(ssl_);
#endif // !(OPENSSL_VERSION_NUMBER >= 0x30000000L)
if (!peerCert) { if (!peerCert) {
handshakeErr = "certificate not found"; handshakeErr = "certificate not found";
return TLS_ERR_ERROR; return TLS_ERR_ERROR;

34
src/Platform.cc
View File

@ -73,6 +73,7 @@
#endif // HAVE_LIBGMP #endif // HAVE_LIBGMP
#include "LogFactory.h" #include "LogFactory.h"
#include "util.h" #include "util.h"
#include "SocketCore.h"
namespace aria2 { namespace aria2 {
@ -91,6 +92,11 @@ void gnutls_log_callback(int level, const char* str)
bool Platform::initialized_ = false; bool Platform::initialized_ = false;
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
OSSL_PROVIDER* Platform::legacy_provider_ = nullptr;
OSSL_PROVIDER* Platform::default_provider_ = nullptr;
#endif // OPENSSL_VERSION_NUMBER >= 0x30000000L
Platform::Platform() { setUp(); } Platform::Platform() { setUp(); }
Platform::~Platform() { tearDown(); } Platform::~Platform() { tearDown(); }
@ -112,7 +118,18 @@ bool Platform::setUp()
#endif // ENABLE_NLS #endif // ENABLE_NLS
#ifdef HAVE_OPENSSL #ifdef HAVE_OPENSSL
# if !OPENSSL_101_API # if OPENSSL_VERSION_NUMBER >= 0x30000000L
// RC4 is in the legacy provider.
legacy_provider_ = OSSL_PROVIDER_load(nullptr, "legacy");
if (!legacy_provider_) {
throw DL_ABORT_EX("OSSL_PROVIDER_load 'legacy' failed.");
}
default_provider_ = OSSL_PROVIDER_load(nullptr, "default");
if (!default_provider_) {
throw DL_ABORT_EX("OSSL_PROVIDER_load 'default' failed.");
}
# elif !OPENSSL_101_API
// for SSL initialization // for SSL initialization
SSL_load_error_strings(); SSL_load_error_strings();
SSL_library_init(); SSL_library_init();
@ -181,6 +198,21 @@ bool Platform::tearDown()
} }
initialized_ = false; initialized_ = false;
SocketCore::setClientTLSContext(nullptr);
SocketCore::setServerTLSContext(nullptr);
#ifdef HAVE_OPENSSL
# if OPENSSL_VERSION_NUMBER >= 0x30000000L
if (default_provider_) {
OSSL_PROVIDER_unload(default_provider_);
}
if (legacy_provider_) {
OSSL_PROVIDER_unload(legacy_provider_);
}
# endif // OPENSSL_VERSION_NUMBER >= 0x30000000L
#endif // HAVE_OPENSSL
#ifdef HAVE_LIBGNUTLS #ifdef HAVE_LIBGNUTLS
gnutls_global_deinit(); gnutls_global_deinit();
#endif // HAVE_LIBGNUTLS #endif // HAVE_LIBGNUTLS

14
src/Platform.h
View File

@ -37,12 +37,26 @@
#include "common.h" #include "common.h"
#ifdef HAVE_OPENSSL
# include <openssl/opensslv.h>
# if OPENSSL_VERSION_NUMBER >= 0x30000000L
# include <openssl/provider.h>
# endif // OPENSSL_VERSION_NUMBER >= 0x30000000L
#endif // HAVE_OPENSSL
namespace aria2 { namespace aria2 {
class Platform { class Platform {
private: private:
static bool initialized_; static bool initialized_;
#ifdef HAVE_OPENSSL
# if OPENSSL_VERSION_NUMBER >= 0x30000000L
static OSSL_PROVIDER* legacy_provider_;
static OSSL_PROVIDER* default_provider_;
# endif // OPENSSL_VERSION_NUMBER >= 0x30000000L
#endif // HAVE_OPENSSL
public: public:
Platform(); Platform();