1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
|
Patch modified to apply to VirtualGL 2.5.2, before
1b82bceb3723b24ea5dc32edffbe019a8a37ab39 reformatted whitespace
From a974c22141d0ded9ff60a0b903f81e6b484d6ba4 Mon Sep 17 00:00:00 2001
From: DRC <information@virtualgl.org>
Date: Mon, 16 Apr 2018 15:06:07 -0500
Subject: [PATCH] OpenSSL improvements
- Fix build issues with OpenSSL 1.1 (OpenSSL 1.1 and later no longer
provides CRYPTO_set_locking_callback(), since locking is now performed
internally.)
- Detect whether the platform has /dev/urandom at compile time, rather
than assuming that all Sun and SGI machines don't have it (Solaris 10
and later supports /dev/urandom.)
---
ChangeLog.md | 2 ++
include/Socket.h | 8 ++++++--
util/CMakeLists.txt | 5 +++++
util/Socket.cpp | 25 ++++++++++++++++---------
4 files changed, 29 insertions(+), 11 deletions(-)
diff --git a/ChangeLog.md b/ChangeLog.md
index 3632c1d8..5c9bff84 100644
--- a/ChangeLog.md
+++ b/ChangeLog.md
@@ -52,6 +52,8 @@ a subsequent segfault when VTK tried to call `glBlendFuncSeparate()`.
VirtualGL's implementation of `glXGetVisualFromFBConfig()` now returns NULL
unless the FB config has a corresponding visual on the 3D X server.
+6. VirtualGL can now be built and run with OpenSSL 1.1.
+
2.5.2
=====
diff --git a/include/Socket.h b/include/Socket.h
index dfe45e3a..f7409956 100644
--- a/include/Socket.h
+++ b/include/Socket.h
@@ -1,6 +1,6 @@
/* Copyright (C)2004 Landmark Graphics Corporation
* Copyright (C)2005 Sun Microsystems, Inc.
- * Copyright (C)2014, 2016 D. R. Commander
+ * Copyright (C)2014, 2016, 2018 D. R. Commander
*
* This library is free software and may be redistributed and/or modified under
* the terms of the wxWindows Library License, Version 3.1 or (at your option)
@@ -23,7 +23,7 @@
#endif
#include <openssl/ssl.h>
#include <openssl/err.h>
-#if defined(sun) || defined(sgi)
+#if !defined(HAVE_DEVURANDOM) && !defined(_WIN32)
#include <openssl/rand.h>
#endif
#endif
@@ -161,15 +161,19 @@ namespace vglutil
#ifdef USESSL
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L
static void lockingCallback(int mode, int type, const char *file,
int line)
{
if(mode&CRYPTO_LOCK) cryptoLock[type].lock();
else cryptoLock[type].unlock();
}
+ #endif
static bool sslInit;
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L
static CriticalSection cryptoLock[CRYPTO_NUM_LOCKS];
+ #endif
bool doSSL; SSL_CTX *sslctx; SSL *ssl;
#endif
diff --git a/util/CMakeLists.txt b/util/CMakeLists.txt
index 65ef59e7..ed1dfb39 100644
--- a/util/CMakeLists.txt
+++ b/util/CMakeLists.txt
@@ -13,6 +13,11 @@ target_link_libraries(bmptest vglutil)
add_executable(pftest pftest.c)
target_link_libraries(pftest vglutil)
+if(EXISTS /dev/urandom)
+ message(STATUS "Using /dev/urandom for random number generation")
+ add_definitions(-DHAVE_DEVURANDOM)
+endif()
+
add_library(vglsocket STATIC Socket.cpp)
target_link_libraries(vglsocket vglutil)
if(WIN32)
diff --git a/util/Socket.cpp b/util/Socket.cpp
index 0d230841..b41c25e9 100644
--- a/util/Socket.cpp
+++ b/util/Socket.cpp
@@ -1,6 +1,6 @@
/* Copyright (C)2004 Landmark Graphics Corporation
* Copyright (C)2005 Sun Microsystems, Inc.
- * Copyright (C)2014, 2016 D. R. Commander
+ * Copyright (C)2014, 2016, 2018 D. R. Commander
*
* This library is free software and may be redistributed and/or modified under
* the terms of the wxWindows Library License, Version 3.1 or (at your option)
@@ -43,32 +43,37 @@ typedef socklen_t SOCKLEN_T;
#ifdef USESSL
bool Socket::sslInit=false;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
CriticalSection Socket::cryptoLock[CRYPTO_NUM_LOCKS];
#endif
+#endif
CriticalSection Socket::mutex;
int Socket::instanceCount=0;
#ifdef USESSL
-static void progressCallback(int p, int n, void *arg)
-{
-}
-
-
static EVP_PKEY *newPrivateKey(int bits)
{
+ BIGNUM *bn = NULL;
+ RSA *rsa = NULL;
EVP_PKEY *pk=NULL;
try
{
+ if(!(bn = BN_new())) _throwssl();
+ if(!BN_set_word(bn, RSA_F4)) _throwssl();
+ if(!(rsa = RSA_new())) _throwssl();
+ if(!RSA_generate_key_ex(rsa, bits, bn, NULL)) _throwssl();
if(!(pk=EVP_PKEY_new())) _throwssl();
- if(!EVP_PKEY_assign_RSA(pk, RSA_generate_key(bits, 0x10001,
- progressCallback, NULL))) _throwssl();
+ if(!EVP_PKEY_assign_RSA(pk, rsa)) _throwssl();
+ BN_free(bn);
return pk;
}
catch (...)
{
+ if(bn) BN_free(bn);
+ if(rsa) RSA_free(rsa);
if(pk) EVP_PKEY_free(pk);
throw;
}
@@ -147,7 +152,7 @@ Socket::Socket(bool doSSL_)
#ifdef USESSL
if(!sslInit && doSSL)
{
- #if defined(sun) || defined(sgi)
+ #if !defined(HAVE_DEVURANDOM) && !defined(_WIN32)
char buf[128]; int i;
srandom(getpid());
for(i = 0; i < 128; i++)
@@ -158,7 +163,9 @@ Socket::Socket(bool doSSL_)
SSL_load_error_strings();
ERR_load_crypto_strings();
CRYPTO_set_id_callback(Thread::threadID);
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L
CRYPTO_set_locking_callback(lockingCallback);
+ #endif
SSL_library_init();
sslInit = true;
char *env = NULL;
|