diff options
| author | Theo Schlossnagle <jesus@omniti.com> | 2012-04-24 22:00:12 -0400 |
|---|---|---|
| committer | Theo Schlossnagle <jesus@omniti.com> | 2012-04-24 22:00:12 -0400 |
| commit | 70f9559bd0c02885d84a425eaafc8c280df10efb (patch) | |
| tree | 8e941ecc2999c6850276e61ac528dabfa5ff920f /usr/src/lib | |
| parent | d0bf2cb9f5d040c9eb24954ea34580b402377300 (diff) | |
| download | illumos-joyent-70f9559bd0c02885d84a425eaafc8c280df10efb.tar.gz | |
1665 Illumos wont build against openssl 1.0.0
Reviewed by: Robert Mustacchi <rm@joyent.com>
Reviewed by: Keith Wesolowski <keith.wesolowski@joyent.com>
Reviewed by: Joshua M. Clulow <josh@sysmgr.org>
Approved by: Albert Lee <trisk@nexenta.com>
Diffstat (limited to 'usr/src/lib')
| -rw-r--r-- | usr/src/lib/krb5/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 13 | ||||
| -rw-r--r-- | usr/src/lib/libkmf/plugins/kmf_openssl/common/openssl_spi.c | 18 | ||||
| -rw-r--r-- | usr/src/lib/libpkg/common/p12lib.c | 12 |
3 files changed, 39 insertions, 4 deletions
diff --git a/usr/src/lib/krb5/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/usr/src/lib/krb5/plugins/preauth/pkinit/pkinit_crypto_openssl.c index 8a98a333f3..fa903130e9 100644 --- a/usr/src/lib/krb5/plugins/preauth/pkinit/pkinit_crypto_openssl.c +++ b/usr/src/lib/krb5/plugins/preauth/pkinit/pkinit_crypto_openssl.c @@ -30,6 +30,7 @@ /* * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2012, OmniTI Computer Consulting, Inc. All rights reserved. */ #include <errno.h> @@ -1278,7 +1279,7 @@ cms_signeddata_verify(krb5_context context, revoked = sk_X509_CRL_new_null(); for (i = 0; i < size; i++) sk_X509_CRL_push(revoked, sk_X509_CRL_value(idctx->revoked, i)); - size = sk_X509_num(p7->d.sign->crl); + size = sk_X509_CRL_num(p7->d.sign->crl); for (i = 0; i < size; i++) sk_X509_CRL_push(revoked, sk_X509_CRL_value(p7->d.sign->crl, i)); } @@ -1419,7 +1420,7 @@ cms_signeddata_verify(krb5_context context, pkiDebug("PKCS7 Verification successful\n"); else { pkiDebug("wrong oid in eContentType\n"); - print_buffer(p7->d.sign->contents->type->data, + print_buffer((unsigned char *)p7->d.sign->contents->type->data, (unsigned int)p7->d.sign->contents->type->length); retval = KRB5KDC_ERR_PREAUTH_FAILED; krb5_set_error_message(context, retval, "wrong oid\n"); @@ -4773,7 +4774,11 @@ decode_data(unsigned char **out_data, unsigned int *out_data_len, if (buf == NULL) return ENOMEM; +#if OPENSSL_VERSION_NUMBER < 0x10000000L len = EVP_PKEY_decrypt(buf, data, (int)data_len, pkey); +#else + len = EVP_PKEY_decrypt_old(buf, data, (int)data_len, pkey); +#endif if (len <= 0) { pkiDebug("unable to decrypt received data (len=%d)\n", data_len); /* Solaris Kerberos */ @@ -5908,7 +5913,7 @@ load_cas_and_crls(krb5_context context, continue; } if (flag != 0) { - sk_X509_push(ca_crls, X509_CRL_dup(xi->crl)); + sk_X509_CRL_push(ca_crls, X509_CRL_dup(xi->crl)); } } } @@ -5938,7 +5943,7 @@ load_cas_and_crls(krb5_context context, } break; case CATYPE_CRLS: - if (sk_X509_num(ca_crls) == 0) { + if (sk_X509_CRL_num(ca_crls) == 0) { pkiDebug("no crls in file, %s\n", filename); if (id_cryptoctx->revoked == NULL) sk_X509_CRL_free(ca_crls); diff --git a/usr/src/lib/libkmf/plugins/kmf_openssl/common/openssl_spi.c b/usr/src/lib/libkmf/plugins/kmf_openssl/common/openssl_spi.c index 548a047245..fc3da4b7e8 100644 --- a/usr/src/lib/libkmf/plugins/kmf_openssl/common/openssl_spi.c +++ b/usr/src/lib/libkmf/plugins/kmf_openssl/common/openssl_spi.c @@ -4,6 +4,9 @@ * Use is subject to license terms. */ /* + * Copyright (c) 2012, OmniTI Computer Consulting, Inc. All rights reserved. + */ +/* * Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL * project 2000. */ @@ -2027,7 +2030,11 @@ OpenSSL_CertGetPrintable(KMF_HANDLE_T handle, const KMF_DATA *pcert, int j; int ext_index, nid, len; BIO *mem = NULL; +#if OPENSSL_VERSION_NUMBER < 0x10000000L STACK *emlst = NULL; +#else + STACK_OF(OPENSSL_STRING) *emlst = NULL; +#endif X509_EXTENSION *ex; X509_CINF *ci; @@ -2140,8 +2147,14 @@ OpenSSL_CertGetPrintable(KMF_HANDLE_T handle, const KMF_DATA *pcert, case KMF_CERT_EMAIL: emlst = X509_get1_email(xcert); +#if OPENSSL_VERSION_NUMBER < 0x10000000L for (j = 0; j < sk_num(emlst); j++) (void) BIO_printf(mem, "%s\n", sk_value(emlst, j)); +#else + for (j = 0; j < sk_OPENSSL_STRING_num(emlst); j++) + (void) BIO_printf(mem, "%s\n", + sk_OPENSSL_STRING_value(emlst, j)); +#endif len = BIO_gets(mem, resultStr, KMF_CERT_PRINTABLE_LEN); X509_email_free(emlst); @@ -4265,8 +4278,13 @@ convertToRawKey(EVP_PKEY *pkey, KMF_RAW_KEY_DATA *key) ty = sk_ASN1_TYPE_value(attr->value.set, 0); } if (ty != NULL) { +#if OPENSSL_VERSION_NUMBER < 0x10000000L key->label = uni2asc(ty->value.bmpstring->data, ty->value.bmpstring->length); +#else + key->label = OPENSSL_uni2asc(ty->value.bmpstring->data, + ty->value.bmpstring->length); +#endif } } else { key->label = NULL; diff --git a/usr/src/lib/libpkg/common/p12lib.c b/usr/src/lib/libpkg/common/p12lib.c index 3ae72a4b50..238aa57d54 100644 --- a/usr/src/lib/libpkg/common/p12lib.c +++ b/usr/src/lib/libpkg/common/p12lib.c @@ -58,6 +58,10 @@ * Use is subject to license terms. */ +/* + * Copyright (c) 2012, OmniTI Computer Consulting, Inc. All rights reserved. + */ + #include <strings.h> #include <stdlib.h> @@ -1137,7 +1141,11 @@ sunw_get_pkey_fname(getdo_actions_t dowhat, EVP_PKEY *pkey, char **fname) } str = ty->value.bmpstring; +#if OPENSSL_VERSION_NUMBER < 0x10000000L *fname = uni2asc(str->data, str->length); +#else + *fname = OPENSSL_uni2asc(str->data, str->length); +#endif if (*fname == NULL) { SUNWerr(SUNW_F_GET_PKEY_FNAME, SUNW_R_MEMORY_FAILURE); return (-1); @@ -2295,7 +2303,11 @@ asc2bmpstring(const char *str, int len) int unilen; /* Convert the character to the bmp format. */ +#if OPENSSL_VERSION_NUMBER < 0x10000000L if (asc2uni(str, len, &uni, &unilen) == 0) { +#else + if (OPENSSL_asc2uni(str, len, &uni, &unilen) == 0) { +#endif SUNWerr(SUNW_F_ASC2BMPSTRING, SUNW_R_MEMORY_FAILURE); return (NULL); } |