Projects
home:mollekopf:branches:Kolab:Winterfell
cyrus-imapd
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 6
View file
ssl.patch
Deleted
@@ -1,577 +0,0 @@ -diff --git a/backup/lcb_append.c b/backup/lcb_append.c -index e62c790eea..e22bf6dc95 100644 ---- a/backup/lcb_append.c -+++ b/backup/lcb_append.c -@@ -111,7 +111,7 @@ HIDDEN int backup_real_append_start(struct backup *backup, - if (index_only) backup->append_state->mode |= BACKUP_APPEND_INDEXONLY; - - backup->append_state->wrote = 0; -- SHA1_Init(&backup->append_state->sha_ctx); -+ SHA1Init(&backup->append_state->sha_ctx); - - char header80; - snprintf(header, sizeof(header), "# cyrus backup: chunk start\r\n"); -@@ -134,7 +134,7 @@ HIDDEN int backup_real_append_start(struct backup *backup, - if (r) goto error; - } - -- SHA1_Update(&backup->append_state->sha_ctx, header, strlen(header)); -+ SHA1Update(&backup->append_state->sha_ctx, header, strlen(header)); - backup->append_state->wrote += strlen(header); - - struct sqldb_bindval bval = { -@@ -200,7 +200,7 @@ EXPORTED int backup_append(struct backup *backup, - iter = dlist_print_iter_new(dlist, 1); - do { - /* track the sha1sum */ -- SHA1_Update(&backup->append_state->sha_ctx, buf_cstring(&buf), buf_len(&buf)); -+ SHA1Update(&backup->append_state->sha_ctx, buf_cstring(&buf), buf_len(&buf)); - - /* if we're not in index-only mode, write the data out */ - if (!index_only) { -@@ -218,7 +218,7 @@ EXPORTED int backup_append(struct backup *backup, - - /* finally, end with "\r\n" */ - buf_setcstr(&buf, "\r\n"); -- SHA1_Update(&backup->append_state->sha_ctx, buf_cstring(&buf), buf_len(&buf)); -+ SHA1Update(&backup->append_state->sha_ctx, buf_cstring(&buf), buf_len(&buf)); - if (!index_only) { - r = retry_gzwrite(backup->append_state->gzfile, - buf_cstring(&buf), buf_len(&buf), -@@ -268,7 +268,7 @@ HIDDEN int backup_real_append_end(struct backup *backup, time_t ts) - - unsigned char sha1_rawSHA1_DIGEST_LENGTH; - char data_sha12 * SHA1_DIGEST_LENGTH + 1; -- SHA1_Final(sha1_raw, &backup->append_state->sha_ctx); -+ SHA1Final(sha1_raw, &backup->append_state->sha_ctx); - r = bin_to_hex(sha1_raw, SHA1_DIGEST_LENGTH, data_sha1, BH_LOWER); - assert(r == 2 * SHA1_DIGEST_LENGTH); - -diff --git a/backup/lcb_internal.h b/backup/lcb_internal.h -index ca07dca45a..1581daf0cf 100644 ---- a/backup/lcb_internal.h -+++ b/backup/lcb_internal.h -@@ -63,7 +63,7 @@ struct backup_append_state { - gzFile gzfile; - int chunk_id; - size_t wrote; -- SHA_CTX sha_ctx; -+ SHA1_CTX sha_ctx; - }; - - struct backup { -diff --git a/backup/lcb_verify.c b/backup/lcb_verify.c -index fb0477a8bf..a8dac204c9 100644 ---- a/backup/lcb_verify.c -+++ b/backup/lcb_verify.c -@@ -143,13 +143,13 @@ static int verify_chunk_checksums(struct backup *backup, struct backup_chunk *ch - fprintf(out, " checking data length\n"); - char buf8192; /* FIXME whatever */ - size_t len = 0; -- SHA_CTX sha_ctx; -- SHA1_Init(&sha_ctx); -+ SHA1_CTX sha_ctx; -+ SHA1Init(&sha_ctx); - gzuc_member_start_from(gzuc, chunk->offset); - while (!gzuc_member_eof(gzuc)) { - ssize_t n = gzuc_read(gzuc, buf, sizeof(buf)); - if (n >= 0) { -- SHA1_Update(&sha_ctx, buf, n); -+ SHA1Update(&sha_ctx, buf, n); - len += n; - } - } -@@ -172,7 +172,7 @@ static int verify_chunk_checksums(struct backup *backup, struct backup_chunk *ch - fprintf(out, " checking data checksum...\n"); - unsigned char sha1_rawSHA1_DIGEST_LENGTH; - char data_sha12 * SHA1_DIGEST_LENGTH + 1; -- SHA1_Final(sha1_raw, &sha_ctx); -+ SHA1Final(sha1_raw, &sha_ctx); - r = bin_to_hex(sha1_raw, SHA1_DIGEST_LENGTH, data_sha1, BH_LOWER); - assert(r == 2 * SHA1_DIGEST_LENGTH); - r = strncmp(chunk->data_sha1, data_sha1, sizeof(data_sha1)); -diff --git a/imap/jmap_calendar.c b/imap/jmap_calendar.c -index 0b94e81eaf..3322aaa3be 100644 ---- a/imap/jmap_calendar.c -+++ b/imap/jmap_calendar.c -@@ -7885,19 +7885,19 @@ struct principal_get_rock { - struct jmap_get *get; - json_t *jaccounts; - hash_table *wantids; -- SHA_CTX *sha1; -+ SHA1_CTX *sha1; - }; - --static int principal_state_init(jmap_req_t *req, SHA_CTX *sha1) -+static int principal_state_init(jmap_req_t *req, SHA1_CTX *sha1) - { -- SHA1_Init(sha1); -+ SHA1Init(sha1); - char *calhomename = caldav_mboxname(req->userid, NULL); - struct mailbox *mbox = NULL; - int r = jmap_openmbox(req, calhomename, &mbox, 0); - if (!r) { - struct buf buf = BUF_INITIALIZER; - buf_printf(&buf, "%s" MODSEQ_FMT, req->userid, mailbox_foldermodseq(mbox)); -- SHA1_Update(sha1, buf_base(&buf), buf_len(&buf)); -+ SHA1Update(sha1, buf_base(&buf), buf_len(&buf)); - buf_free(&buf); - } - jmap_closembox(req, &mbox); -@@ -7906,16 +7906,16 @@ static int principal_state_init(jmap_req_t *req, SHA_CTX *sha1) - } - - static void principal_state_update(jmap_req_t *req __attribute__((unused)), -- SHA_CTX *sha1, -+ SHA1_CTX *sha1, - const char *accountid) - { -- SHA1_Update(sha1, accountid, strlen(accountid)); -+ SHA1Update(sha1, accountid, strlen(accountid)); - } - --static char *principal_state_string(SHA_CTX *sha1) -+static char *principal_state_string(SHA1_CTX *sha1) - { - uint8_t digestSHA1_DIGEST_LENGTH; -- SHA1_Final(digest, sha1); -+ SHA1Final(digest, sha1); - char hexdigestSHA1_DIGEST_LENGTH*2 + 1; - bin_to_lchex(digest, SHA1_DIGEST_LENGTH, hexdigest); - hexdigestSHA1_DIGEST_LENGTH*2 = '\0'; -@@ -7927,7 +7927,7 @@ static int principal_state_current_cb(jmap_req_t *req, - int rights __attribute__((unused)), - void *rock) - { -- SHA_CTX *sha1 = rock; -+ SHA1_CTX *sha1 = rock; - if (strcmp(req->userid, accountid)) { - principal_state_update(req, sha1, accountid); - } -@@ -7939,7 +7939,7 @@ static int principal_currentstate(jmap_req_t *req, char **state) - /* Principal state is the hash of the authenticated userid, its - * calendar home folder modseq and the account ids of all accounts - * it where at least one calendar or the calendar home is visible */ -- SHA_CTX sha1; -+ SHA1_CTX sha1; - principal_state_init(req, &sha1); - int r = principal_foreach(req, principal_state_current_cb, &sha1); - if (!r) { -@@ -7954,7 +7954,7 @@ static int principal_get_cb(jmap_req_t *req, const char *accountid, - struct principal_get_rock *getrock = rock; - - /* Update state */ -- SHA1_Update(getrock->sha1, accountid, strlen(accountid)); -+ SHA1Update(getrock->sha1, accountid, strlen(accountid)); - - /* Convert princpial */ - if (hash_del(accountid, getrock->wantids)) { -@@ -8004,7 +8004,7 @@ static int jmap_principal_get(struct jmap_req *req) - } - - /* Traverse principals */ -- SHA_CTX sha1; -+ SHA1_CTX sha1; - principal_state_init(req, &sha1); - struct principal_get_rock rock = { &get, jaccounts, &wantids, &sha1 }; - int r = principal_foreach(req, principal_get_cb, &rock); -@@ -8396,15 +8396,15 @@ static int principal_query(jmap_req_t *req, struct jmap_query *query, json_t **e - } - - /* Make query state */ -- SHA_CTX sha1; -- SHA1_Init(&sha1); -+ SHA1_CTX sha1; -+ SHA1Init(&sha1); - size_t i; - for (i = 0; i < (size_t) strarray_size(&matches); i++) { - const char *id = strarray_nth(&matches, i); -- SHA1_Update(&sha1, id, strlen(id)); -+ SHA1Update(&sha1, id, strlen(id)); - } - uint8_t digestSHA1_DIGEST_LENGTH; -- SHA1_Final(digest, &sha1); -+ SHA1Final(digest, &sha1); - char hexdigestSHA1_DIGEST_LENGTH*2 + 1; - bin_to_lchex(digest, SHA1_DIGEST_LENGTH, hexdigest); - hexdigestSHA1_DIGEST_LENGTH*2 = '\0'; -diff --git a/imap/tls.c b/imap/tls.c -index f35ef5e2a0..d4e33a5cbe 100644 ---- a/imap/tls.c -+++ b/imap/tls.c -@@ -149,7 +149,7 @@ static int tls_serverengine = 0; /* server engine initialized? */ - static int tls_clientengine = 0; /* client engine initialized? */ - static int do_dump = 0; /* actively dumping protocol? */ - --#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) -+#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) && (OPENSSL_VERSION_NUMBER < 0x30000000L) - static DH *dh_params = NULL; - #endif - -@@ -240,7 +240,7 @@ static int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) - } - #endif - --#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) -+#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) && (OPENSSL_VERSION_NUMBER < 0x30000000L) - /* Logic copied from OpenSSL apps/s_server.c: give the TLS context - * DH params to work with DHE-* cipher suites. Hardcoded fallback - * in case no DH params in server_key or server_cert. -@@ -739,7 +739,6 @@ EXPORTED int tls_init_serverengine(const char *ident, - const char *client_ca_file; - const char *server_ca_file; - const char *server_cert_file; -- const char *server_dhparam_file; - const char *server_key_file; - const char *crl_file_path; - enum enum_value tls_client_certs; -@@ -883,7 +882,6 @@ EXPORTED int tls_init_serverengine(const char *ident, - - server_ca_file = config_getstring(IMAPOPT_TLS_SERVER_CA_FILE); - server_cert_file = config_getstring(IMAPOPT_TLS_SERVER_CERT); -- server_dhparam_file = config_getstring(IMAPOPT_TLS_SERVER_DHPARAM); - server_key_file = config_getstring(IMAPOPT_TLS_SERVER_KEY); - - if (config_debug) { -@@ -949,8 +947,11 @@ EXPORTED int tls_init_serverengine(const char *ident, - SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb); - #endif - --#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) -+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L) -+ SSL_CTX_set_dh_auto(s_ctx, 1); -+#elif (OPENSSL_VERSION_NUMBER >= 0x0090800fL) - /* Load DH params for DHE-* key exchanges */ -+ const char *server_dhparam_file = config_getstring(IMAPOPT_TLS_SERVER_DHPARAM); - dh_params = load_dh_param(server_dhparam_file, server_key_file, server_cert_file); - SSL_CTX_set_tmp_dh(s_ctx, dh_params); - #endif -@@ -959,12 +960,16 @@ EXPORTED int tls_init_serverengine(const char *ident, - const char *ec = config_getstring(IMAPOPT_TLS_ECCURVE); - int openssl_nid = OBJ_sn2nid(ec); - if (openssl_nid != 0) { -+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L) -+ SSL_CTX_set1_curves(s_ctx, &openssl_nid, 1); -+#else - EC_KEY *ecdh; - ecdh = EC_KEY_new_by_curve_name(openssl_nid); - if (ecdh != NULL) { - SSL_CTX_set_tmp_ecdh(s_ctx, ecdh); - EC_KEY_free(ecdh); - } -+#endif - } - #endif - -@@ -1086,20 +1091,22 @@ EXPORTED int tls_init_serverengine(const char *ident, - - /* taken from OpenSSL apps/s_cb.c */ - --static long bio_dump_cb(BIO * bio, int cmd, const char *argp, int argi, -- long argl __attribute__((unused)), long ret) -+static long bio_dump_cb(BIO * bio, int cmd, const char *argp, -+ size_t len __attribute__((unused)), int argi, -+ long argl __attribute__((unused)), int ret, -+ size_t *processed __attribute__((unused))) - { - if (!do_dump) - return (ret); - - if (cmd == (BIO_CB_READ | BIO_CB_RETURN)) { -- printf("read from %08lX %08lX (%d bytes => %ld (0x%lX))", -+ printf("read from %08lX %08lX (%d bytes => %d (0x%X))", - (unsigned long)bio, (unsigned long)argp, - argi, ret, ret); - tls_dump(argp, (int) ret); - return (ret); - } else if (cmd == (BIO_CB_WRITE | BIO_CB_RETURN)) { -- printf("write to %08lX %08lX (%d bytes => %ld (0x%lX))", -+ printf("write to %08lX %08lX (%d bytes => %d (0x%X))", - (unsigned long) bio, (unsigned long)argp, - argi, ret, ret); - tls_dump(argp, (int) ret); -@@ -1171,7 +1178,7 @@ EXPORTED int tls_start_servertls(int readfd, int writefd, int timeout, - * created for us, so we can use it for debugging purposes. - */ - if (var_imapd_tls_loglevel >= 3) -- BIO_set_callback(SSL_get_rbio(tls_conn), bio_dump_cb); -+ BIO_set_callback_ex(SSL_get_rbio(tls_conn), bio_dump_cb); - - /* Dump the negotiation for loglevels 3 and 4*/ - if (var_imapd_tls_loglevel >= 3) -@@ -1402,7 +1409,7 @@ EXPORTED int tls_shutdown_serverengine(void) - sess_dbopen = 0; - } - --#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) -+#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) && (OPENSSL_VERSION_NUMBER < 0x30000000L) - if (dh_params) DH_free(dh_params); - #endif - } -@@ -1658,7 +1665,7 @@ HIDDEN int tls_start_clienttls(int readfd, int writefd, - * created for us, so we can use it for debugging purposes. - */ - if (var_proxy_tls_loglevel >= 3) -- BIO_set_callback(SSL_get_rbio(tls_conn), bio_dump_cb); -+ BIO_set_callback_ex(SSL_get_rbio(tls_conn), bio_dump_cb); - - /* Dump the negotiation for loglevels 3 and 4*/ - if (var_proxy_tls_loglevel >= 3) -diff --git a/imtest/imtest.c b/imtest/imtest.c -index 469e2fa9cb..e4a4f0f1ae 100644 ---- a/imtest/imtest.c -+++ b/imtest/imtest.c -@@ -630,20 +630,22 @@ static int tls_dump(const char *s, int len) - - /* taken from OpenSSL apps/s_cb.c */ - --static long bio_dump_cb(BIO * bio, int cmd, const char *argp, int argi, -- long argl __attribute__((unused)), long ret) -+static long bio_dump_cb(BIO * bio, int cmd, const char *argp, -+ size_t len __attribute__((unused)), int argi, -+ long argl __attribute__((unused)), int ret, -+ size_t *processed __attribute__((unused))) - { - if (!do_dump) - return (ret); - - if (cmd == (BIO_CB_READ | BIO_CB_RETURN)) { -- printf("read from %08lX %08lX (%d bytes => %ld (0x%lX))\n", -+ printf("read from %08lX %08lX (%d bytes => %d (0x%X))\n", - (unsigned long) bio, (unsigned long) argp, - argi, ret, ret); - tls_dump(argp, (int) ret); - return (ret); - } else if (cmd == (BIO_CB_WRITE | BIO_CB_RETURN)) { -- printf("write to %08lX %08lX (%d bytes => %ld (0x%lX))\n", -+ printf("write to %08lX %08lX (%d bytes => %d (0x%X))\n", - (unsigned long) bio, (unsigned long) argp, - argi, ret, ret); - tls_dump(argp, (int) ret); -@@ -686,7 +688,7 @@ static int tls_start_clienttls(unsigned *layer, char **authid) - * created for us, so we can use it for debugging purposes. - */ - if (verbose==1) -- BIO_set_callback(SSL_get_rbio(tls_conn), bio_dump_cb); -+ BIO_set_callback_ex(SSL_get_rbio(tls_conn), bio_dump_cb); - - /* Dump the negotiation for loglevels 3 and 4 */ - if (verbose==1) -diff --git a/lib/charset.c b/lib/charset.c -index ef7001d803..84505cfcf0 100644 ---- a/lib/charset.c -+++ b/lib/charset.c -@@ -127,7 +127,7 @@ struct search_state { - }; - - struct sha1_state { -- SHA_CTX ctx; -+ SHA1_CTX ctx; - uint8_t buf4096; - size_t len; - size_t *outlen; -@@ -776,7 +776,7 @@ static void byte2sha1(struct convert_rock *rock, uint32_t c) - * at a time (the internal block size) had overhead due to - * to the upfront checks, so this is a good compromise size */ - if (state->len == 4096) { -- SHA1_Update(&state->ctx, state->buf, state->len); -+ SHA1Update(&state->ctx, state->buf, state->len); - if (state->outlen) *state->outlen += state->len; - state->len = 0; - } -@@ -1691,11 +1691,11 @@ static void sha1_cleanup(struct convert_rock *rock, int do_free) - struct sha1_state *state = (struct sha1_state *)rock->state; - - if (state->len) { -- SHA1_Update(&state->ctx, state->buf, state->len); -+ SHA1Update(&state->ctx, state->buf, state->len); - if (state->outlen) *state->outlen += state->len; - } - -- SHA1_Final(state->dest, &state->ctx); -+ SHA1Final(state->dest, &state->ctx); - - if (do_free) basic_free(rock); - } -@@ -1955,7 +1955,7 @@ static struct convert_rock *sha1_init(uint8_t *dest, size_t *outlen) - struct convert_rock *rock = xzmalloc(sizeof(struct convert_rock)); - struct sha1_state *state = xzmalloc(sizeof(struct sha1_state)); - -- SHA1_Init(&state->ctx); -+ SHA1Init(&state->ctx); - state->dest = dest; - state->outlen = outlen; - -diff --git a/lib/md5.h b/lib/md5.h -index b988290480..24c7df8b78 100644 ---- a/lib/md5.h -+++ b/lib/md5.h -@@ -7,6 +7,8 @@ - #include <config.h> - #endif - -+#include "lib/assert.h" -+ - /* - * This is gnarly, sorry :( We might have been configured to build - * with OpenSSL, or we might not. Some older versions of OpenSSL -@@ -38,10 +40,18 @@ - - #ifdef HAVE_SSL - #include <openssl/md5.h> -+#include <openssl/evp.h> -+ -+#define MD5_CTX EVP_MD_CTX* - --#define MD5Init MD5_Init --#define MD5Update MD5_Update --#define MD5Final MD5_Final -+#define MD5Init(c) assert((*c = EVP_MD_CTX_new()) \ -+ && EVP_DigestInit(*c, EVP_md5())) -+#define MD5Update(c,d,l) EVP_DigestUpdate(*c, d, l) -+#define MD5Final(h,c) \ -+ do { \ -+ EVP_DigestFinal(*c, h, NULL); \ -+ EVP_MD_CTX_free(*c); \ -+ } while(0); - - #else - -diff --git a/lib/xsha1.c b/lib/xsha1.c -index 6e41eee7b7..e7f8a74281 100644 ---- a/lib/xsha1.c -+++ b/lib/xsha1.c -@@ -73,13 +73,6 @@ - /* to limit changes to the code below, set up the right types here */ - #include "lib/xsha1.h" /* for the typedefs and such */ - --/* The SHA1 structure: */ --struct _SHA_CTX { -- sha1_quadbyte state5; -- sha1_quadbyte count2; -- sha1_byte bufferSHA1_BLOCK_LENGTH; --}; -- - /* Downloaded from http://www.aarongifford.com/computers/hmac_sha1.tar.gz - * by Bron Gondwana <brong@fastmail.fm> on 2011-09-20 - */ -@@ -160,7 +153,7 @@ static void SHA1_Transform(sha1_quadbyte state5, const sha1_byte buffer64) { - - - /* SHA1_Init - Initialize new context */ --EXPORTED int SHA1_Init(SHA_CTX* context) { -+EXPORTED int SHA1Init(SHA1_CTX* context) { - /* SHA1 initialization constants */ - context->state0 = 0x67452301; - context->state1 = 0xEFCDAB89; -@@ -173,7 +166,8 @@ EXPORTED int SHA1_Init(SHA_CTX* context) { - } - - /* Run your data through this. */ --EXPORTED int SHA1_Update(SHA_CTX *context, const sha1_byte *data, unsigned int len) { -+EXPORTED int SHA1Update(SHA1_CTX *context, const void *vdata, unsigned int len) { -+ const sha1_byte *data = vdata; - unsigned int i, j; - - j = (context->count0 >> 3) & 63; -@@ -195,7 +189,7 @@ EXPORTED int SHA1_Update(SHA_CTX *context, const sha1_byte *data, unsigned int l - - - /* Add padding and return the message digest. */ --EXPORTED int SHA1_Final(sha1_byte digestSHA1_DIGEST_LENGTH, SHA_CTX *context) { -+EXPORTED int SHA1Final(sha1_byte digestSHA1_DIGEST_LENGTH, SHA1_CTX *context) { - sha1_quadbyte i, j; - sha1_byte finalcount8; - -@@ -203,12 +197,12 @@ EXPORTED int SHA1_Final(sha1_byte digestSHA1_DIGEST_LENGTH, SHA_CTX *context) - finalcounti = (sha1_byte)((context->count(i >= 4 ? 0 : 1) - >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */ - } -- SHA1_Update(context, (sha1_byte *)"\200", 1); -+ SHA1Update(context, (sha1_byte *)"\200", 1); - while ((context->count0 & 504) != 448) { -- SHA1_Update(context, (sha1_byte *)"\0", 1); -+ SHA1Update(context, (sha1_byte *)"\0", 1); - } - /* Should cause a SHA1_Transform() */ -- SHA1_Update(context, finalcount, 8); -+ SHA1Update(context, finalcount, 8); - for (i = 0; i < SHA1_DIGEST_LENGTH; i++) { - digesti = (sha1_byte) - ((context->statei>>2 >> ((3-(i & 3)) * 8) ) & 255); -@@ -230,13 +224,13 @@ EXPORTED int SHA1_Final(sha1_byte digestSHA1_DIGEST_LENGTH, SHA_CTX *context) - EXPORTED unsigned char *xsha1(const unsigned char *buf, unsigned long len, - sha1_byte destSHA1_DIGEST_LENGTH) - { -- SHA_CTX ctx; -+ SHA1_CTX ctx; - -- memset(&ctx, 0, sizeof(SHA_CTX)); -+ memset(&ctx, 0, sizeof(SHA1_CTX)); - -- SHA1_Init(&ctx); -- SHA1_Update(&ctx, buf, len); -- SHA1_Final(dest, &ctx); -+ SHA1Init(&ctx); -+ SHA1Update(&ctx, buf, len); -+ SHA1Final(dest, &ctx); - - return dest; - } -diff --git a/lib/xsha1.h b/lib/xsha1.h -index 6b9789b1f6..561212a7b9 100644 ---- a/lib/xsha1.h -+++ b/lib/xsha1.h -@@ -45,15 +45,29 @@ - - #include <config.h> - -+#include "lib/assert.h" -+ - #ifdef HAVE_SSL - - #include <openssl/sha.h> -+#include <openssl/evp.h> - - #ifndef SHA1_DIGEST_LENGTH - #define SHA1_DIGEST_LENGTH (SHA_DIGEST_LENGTH) - #endif - --#define xsha1 SHA1 -+#define xsha1(d,l,h) assert(EVP_Digest(d, l, h, NULL, EVP_sha1(), NULL)) -+ -+#define SHA1_CTX EVP_MD_CTX* -+ -+#define SHA1Init(c) assert((*c = EVP_MD_CTX_new()) \ -+ && EVP_DigestInit(*c, EVP_sha1())) -+#define SHA1Update(c,d,l) EVP_DigestUpdate(*c, d, l) -+#define SHA1Final(h,c) \ -+ do { \ -+ EVP_DigestFinal(*c, h, NULL); \ -+ EVP_MD_CTX_free(*c); \ -+ } while(0); - - #else /* HAVE_SSL */ - -@@ -66,12 +80,16 @@ typedef uint8_t sha1_byte; /* single byte type */ - #define SHA1_DIGEST_LENGTH 20 - #define SHA_DIGEST_LENGTH (SHA1_DIGEST_LENGTH) - --/* opaque type for the SHA1 structure: */ --typedef struct _SHA_CTX SHA_CTX; -+/* The SHA1 structure: */ -+typedef struct _SHA1_CTX { -+ sha1_quadbyte state5; -+ sha1_quadbyte count2; -+ sha1_byte bufferSHA1_BLOCK_LENGTH; -+} SHA1_CTX; - --int SHA1_Init(SHA_CTX* context); --int SHA1_Update(SHA_CTX *context, const sha1_byte *data, unsigned int len); --int SHA1_Final(sha1_byte digestSHA1_DIGEST_LENGTH, SHA_CTX *context); -+int SHA1Init(SHA1_CTX* context); -+int SHA1Update(SHA1_CTX *context, const void *data, unsigned int len); -+int SHA1Final(sha1_byte digestSHA1_DIGEST_LENGTH, SHA1_CTX *context); - - unsigned char *xsha1(const unsigned char *buf, unsigned long len, - sha1_byte destSHA1_DIGEST_LENGTH);
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.