diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2018-10-27 12:48:57 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2018-10-27 12:48:57 +0100 |
| commit | 70b82ae359a5538711e103b0e8dfb92654296644 (patch) | |
| tree | 8412b84ff9ce02a22be5251052b00feefe1d5b70 /sys-auth/pam_p11/files | |
| parent | 64e107b9b6058580ff0432107eb37cefb0b2a7d8 (diff) | |
gentoo resync : 27.10.2018
Diffstat (limited to 'sys-auth/pam_p11/files')
| -rw-r--r-- | sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch b/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch new file mode 100644 index 000000000000..8c41e29bed1f --- /dev/null +++ b/sys-auth/pam_p11/files/pam_p11-0.2.0-openssl11.patch @@ -0,0 +1,76 @@ +From 46a6079817c67a09e5ac493af3381c655bd91c26 Mon Sep 17 00:00:00 2001 +From: Peter Popovec <popovec.peter@gmail.com> +Date: Tue, 21 Aug 2018 10:24:36 +0200 +Subject: [PATCH] Replacing deprecated OpenSSL API functions (#12) + +fixes https://github.com/OpenSC/pam_p11/issues/10 +--- + configure.ac | 5 +++++ + src/pam_p11.c | 17 ++++++++++++++--- + 2 files changed, 19 insertions(+), 3 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 5bcbdd6..2854a99 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -85,6 +85,11 @@ PKG_CHECK_MODULES( + )] + ) + ++saved_LIBS="$LIBS" ++LIBS="$OPENSSL_LIBS $LIBS" ++AC_CHECK_FUNCS(EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset) ++LIBS="$saved_LIBS" ++ + if test -z "${PAM_LIBS}"; then + AC_ARG_VAR([PAM_CFLAGS], [C compiler flags for pam]) + AC_ARG_VAR([PAM_LIBS], [linker flags for pam]) +diff --git a/src/pam_p11.c b/src/pam_p11.c +index 2b4bfbe..60380e5 100644 +--- a/src/pam_p11.c ++++ b/src/pam_p11.c +@@ -31,6 +31,17 @@ + #include <openssl/crypto.h> + #include <libp11.h> + ++/* openssl deprecated API emulation */ ++#ifndef HAVE_EVP_MD_CTX_NEW ++#define EVP_MD_CTX_new() EVP_MD_CTX_create() ++#endif ++#ifndef HAVE_EVP_MD_CTX_FREE ++#define EVP_MD_CTX_free(ctx) EVP_MD_CTX_destroy((ctx)) ++#endif ++#ifndef HAVE_EVP_MD_CTX_RESET ++#define EVP_MD_CTX_reset(ctx) EVP_MD_CTX_cleanup((ctx)) ++#endif ++ + #ifdef ENABLE_NLS + #include <libintl.h> + #include <locale.h> +@@ -578,7 +589,7 @@ static int key_verify(pam_handle_t *pamh, int flags, PKCS11_KEY *authkey) + unsigned char signature[256]; + unsigned int siglen = sizeof signature; + const EVP_MD *md = EVP_sha1(); +- EVP_MD_CTX *md_ctx = EVP_MD_CTX_create(); ++ EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); + EVP_PKEY *privkey = PKCS11_get_private_key(authkey); + EVP_PKEY *pubkey = PKCS11_get_public_key(authkey); + +@@ -596,7 +607,7 @@ static int key_verify(pam_handle_t *pamh, int flags, PKCS11_KEY *authkey) + || !EVP_SignInit(md_ctx, md) + || !EVP_SignUpdate(md_ctx, challenge, sizeof challenge) + || !EVP_SignFinal(md_ctx, signature, &siglen, privkey) +- || !EVP_MD_CTX_cleanup(md_ctx) ++ || !EVP_MD_CTX_reset(md_ctx) + || !EVP_VerifyInit(md_ctx, md) + || !EVP_VerifyUpdate(md_ctx, challenge, sizeof challenge) + || 1 != EVP_VerifyFinal(md_ctx, signature, siglen, pubkey)) { +@@ -613,7 +624,7 @@ static int key_verify(pam_handle_t *pamh, int flags, PKCS11_KEY *authkey) + if (NULL != privkey) + EVP_PKEY_free(privkey); + if (NULL != md_ctx) { +- EVP_MD_CTX_destroy(md_ctx); ++ EVP_MD_CTX_free(md_ctx); + } + return ok; + } |