From: Dmitry Volyntsev Date: Tue, 12 Oct 2021 17:24:31 +0000 (+0000) Subject: SSL: fixed compatibility with OpenSSL 3.0. X-Git-Tag: 0.7.0~5 X-Git-Url: http://www.kaiwu.me/postgresql/commit/?a=commitdiff_plain;h=222978f4e134b6a64fc4bb0222c5087993790766;p=njs.git SSL: fixed compatibility with OpenSSL 3.0. --- diff --git a/auto/openssl b/auto/openssl index 1140c6ff..8409f75f 100644 --- a/auto/openssl +++ b/auto/openssl @@ -25,31 +25,7 @@ njs_feature_test="#include if [ $njs_found = yes ]; then - njs_feature="OpenSSL HKDF" - njs_feature_name=NJS_HAVE_OPENSSL_HKDF - njs_feature_test="#include - #include - - int main(void) { - EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); - - EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()); - EVP_PKEY_CTX_free(pctx); - - return 0; - }" - . auto/feature - - njs_feature="OpenSSL EVP_MD_CTX_new()" - njs_feature_name=NJS_HAVE_OPENSSL_EVP_MD_CTX_NEW - njs_feature_test="#include - - int main(void) { - EVP_MD_CTX *ctx = EVP_MD_CTX_new(); - EVP_MD_CTX_free(ctx); - return 0; - }" - . auto/feature + echo " + OpenSSL version: `openssl version`" NJS_HAVE_OPENSSL=YES NJS_OPENSSL_LIB="$njs_feature_libs" diff --git a/external/njs_openssl.h b/external/njs_openssl.h new file mode 100644 index 00000000..dd2f34c6 --- /dev/null +++ b/external/njs_openssl.h @@ -0,0 +1,53 @@ + +/* + * Copyright (C) Dmitry Volyntsev + * Copyright (C) NGINX, Inc. + */ + + +#ifndef _NJS_EXTERNAL_OPENSSL_H_INCLUDED_ +#define _NJS_EXTERNAL_OPENSSL_H_INCLUDED_ + + +#define OPENSSL_SUPPRESS_DEPRECATED + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#if EVP_PKEY_HKDF +#include +#endif + + +#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L) +#undef OPENSSL_VERSION_NUMBER +#if (LIBRESSL_VERSION_NUMBER >= 0x2080000fL) +#define OPENSSL_VERSION_NUMBER 0x1010000fL +#else +#define OPENSSL_VERSION_NUMBER 0x1000107fL +#endif +#endif + + +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) +#define njs_evp_md_ctx_new() EVP_MD_CTX_new() +#define njs_evp_md_ctx_free(_ctx) EVP_MD_CTX_free(_ctx) +#else +#define njs_evp_md_ctx_new() EVP_MD_CTX_create() +#define njs_evp_md_ctx_free(_ctx) EVP_MD_CTX_destroy(_ctx) +#endif + + +#if (OPENSSL_VERSION_NUMBER < 0x30000000L && !defined ERR_peek_error_data) +#define ERR_peek_error_data(d, f) ERR_peek_error_line_data(NULL, NULL, d, f) +#endif + + +#endif /* _NJS_EXTERNAL_OPENSSL_H_INCLUDED_ */ diff --git a/external/njs_webcrypto.c b/external/njs_webcrypto.c index 00f9e63f..bed7cef3 100644 --- a/external/njs_webcrypto.c +++ b/external/njs_webcrypto.c @@ -7,29 +7,7 @@ #include #include "njs_webcrypto.h" - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#if NJS_HAVE_OPENSSL_HKDF -#include -#endif - -#if NJS_HAVE_OPENSSL_EVP_MD_CTX_NEW -#define njs_evp_md_ctx_new() EVP_MD_CTX_new(); -#define njs_evp_md_ctx_free(_ctx) EVP_MD_CTX_free(_ctx); -#else -#define njs_evp_md_ctx_new() EVP_MD_CTX_create(); -#define njs_evp_md_ctx_free(_ctx) EVP_MD_CTX_destroy(_ctx); -#endif - +#include "njs_openssl.h" typedef enum { NJS_KEY_FORMAT_RAW = 1 << 1, @@ -1449,7 +1427,7 @@ njs_ext_derive(njs_vm_t *vm, njs_value_t *args, njs_uint_t nargs, break; case NJS_ALGORITHM_HKDF: -#ifdef NJS_HAVE_OPENSSL_HKDF +#ifdef EVP_PKEY_HKDF ret = njs_algorithm_hash(vm, aobject, &hash); if (njs_slow_path(ret == NJS_ERROR)) { goto fail; @@ -2588,7 +2566,7 @@ njs_webcrypto_error(njs_vm_t *vm, const char *fmt, ...) for ( ;; ) { - n = ERR_peek_error_line_data(NULL, NULL, &data, &flags); + n = ERR_peek_error_data(&data, &flags); if (n == 0) { break;