Revert r1728973 and r17289701.4.x

(support for OpenSSL 1.1.0). Consensus seems to be to no longer maintain the 1.4.x branch. git-svn-id: http://svn.apache.org/repos/asf/apr/apr-util/branches/1.4.x@1731930 13f79535-47bb-0310-9956-ffa450edef68
author: rjung <rjung@13f79535-47bb-0310-9956-ffa450edef68> 2016-02-23 19:09:34 +0000
committer: rjung <rjung@13f79535-47bb-0310-9956-ffa450edef68> 2016-02-23 19:09:34 +0000
commit: 9a3238f9576e6125cf98b07503d49e98f1743b03 (patch)
tree: 1819aa2b0f5218b0287be0a645e83eaa1c0a05e2
parent: 7c91f8033272842754f01364351b9b60eb503ae5 (diff)
download: libapr-util-1.4.x.tar.gz
3 files changed, 28 insertions, 64 deletions
diff --git a/CHANGES b/CHANGES
index 9ae2b2d5..976949f5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,9 +1,6 @@
                                                      -*- coding: utf-8 -*-
 Changes with APR-util 1.4.3
 
-  *) apr_crypto_openssl: Add support for OpenSSL 1.1.0.
-     [Rainer Jung]
-
   *) Fix potential data corruption in apr_brigade_write() and friends if
      the last bucket of the brigade is a heap bucket that has been split,
      and there are still references to the next part of the original bucket
diff --git a/build/crypto.m4 b/build/crypto.m4
index 97dbb34b..ef1a95db 100644
--- a/build/crypto.m4
+++ b/build/crypto.m4
@@ -62,7 +62,7 @@ AC_DEFUN([APU_CHECK_CRYPTO_OPENSSL], [
   [
     if test "$withval" = "yes"; then
       AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1])
-      AC_CHECK_LIB(crypto, BN_new, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
+      AC_CHECK_LIB(crypto, BN_init, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
       if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then
         apu_have_openssl=1
       fi
@@ -78,7 +78,7 @@ AC_DEFUN([APU_CHECK_CRYPTO_OPENSSL], [
 
       AC_MSG_NOTICE(checking for openssl in $withval)
       AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1])
-      AC_CHECK_LIB(crypto, BN_new, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
+      AC_CHECK_LIB(crypto, BN_init, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
       if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then
         apu_have_openssl=1
         APR_ADDTO(APRUTIL_LDFLAGS, [-L$withval/lib])
@@ -87,7 +87,7 @@ AC_DEFUN([APU_CHECK_CRYPTO_OPENSSL], [
 
       if test "$apu_have_openssl" != "1"; then
         AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1])
-        AC_CHECK_LIB(crypto, BN_new, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
+        AC_CHECK_LIB(crypto, BN_init, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
         if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then
           apu_have_openssl=1
           APR_ADDTO(APRUTIL_LDFLAGS, [-L$withval/lib])
diff --git a/crypto/apr_crypto_openssl.c b/crypto/apr_crypto_openssl.c
index 7d61fca4..0740f93f 100644
--- a/crypto/apr_crypto_openssl.c
+++ b/crypto/apr_crypto_openssl.c
@@ -64,7 +64,7 @@ struct apr_crypto_block_t {
     apr_pool_t *pool;
     const apr_crypto_driver_t *provider;
     const apr_crypto_t *f;
-    EVP_CIPHER_CTX *cipherCtx;
+    EVP_CIPHER_CTX cipherCtx;
     int initialised;
     int ivSize;
     int blockSize;
@@ -111,11 +111,7 @@ static apr_status_t crypto_shutdown_helper(void *data)
 static apr_status_t crypto_init(apr_pool_t *pool, const char *params,
         const apu_err_t **result)
 {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
     CRYPTO_malloc_init();
-#else
-    OPENSSL_malloc_init();
-#endif
     ERR_load_crypto_strings();
     /* SSL_load_error_strings(); */
     OpenSSL_add_all_algorithms();
@@ -138,7 +134,7 @@ static apr_status_t crypto_block_cleanup(apr_crypto_block_t *ctx)
 {
 
     if (ctx->initialised) {
-        EVP_CIPHER_CTX_free(ctx->cipherCtx);
+        EVP_CIPHER_CTX_cleanup(&ctx->cipherCtx);
         ctx->initialised = 0;
     }
 
@@ -495,10 +491,8 @@ static apr_status_t crypto_block_encrypt_init(apr_crypto_block_t **ctx,
             apr_pool_cleanup_null);
 
     /* create a new context for encryption */
-    if (!block->initialised) {
-        block->cipherCtx = EVP_CIPHER_CTX_new();
-        block->initialised = 1;
-    }
+    EVP_CIPHER_CTX_init(&block->cipherCtx);
+    block->initialised = 1;
 
     /* generate an IV, if necessary */
     usedIv = NULL;
@@ -525,16 +519,16 @@ static apr_status_t crypto_block_encrypt_init(apr_crypto_block_t **ctx,
 
     /* set up our encryption context */
 #if CRYPTO_OPENSSL_CONST_BUFFERS
-    if (!EVP_EncryptInit_ex(block->cipherCtx, key->cipher, config->engine,
+    if (!EVP_EncryptInit_ex(&block->cipherCtx, key->cipher, config->engine,
             key->key, usedIv)) {
 #else
-        if (!EVP_EncryptInit_ex(block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) usedIv)) {
+        if (!EVP_EncryptInit_ex(&block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) usedIv)) {
 #endif
         return APR_EINIT;
     }
 
     /* Clear up any read padding */
-    if (!EVP_CIPHER_CTX_set_padding(block->cipherCtx, key->doPad)) {
+    if (!EVP_CIPHER_CTX_set_padding(&block->cipherCtx, key->doPad)) {
         return APR_EPADDING;
     }
 
@@ -588,16 +582,11 @@ static apr_status_t crypto_block_encrypt(unsigned char **out,
     }
 
 #if CRYPT_OPENSSL_CONST_BUFFERS
-    if (!EVP_EncryptUpdate(ctx->cipherCtx, (*out), &outl, in, inlen)) {
+    if (!EVP_EncryptUpdate(&ctx->cipherCtx, (*out), &outl, in, inlen)) {
 #else
-    if (!EVP_EncryptUpdate(ctx->cipherCtx, (*out), &outl,
+    if (!EVP_EncryptUpdate(&ctx->cipherCtx, (*out), &outl,
             (unsigned char *) in, inlen)) {
 #endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-        EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
-#else
-        EVP_CIPHER_CTX_reset(ctx->cipherCtx);
-#endif
         return APR_ECRYPT;
     }
     *outlen = outl;
@@ -627,22 +616,14 @@ static apr_status_t crypto_block_encrypt(unsigned char **out,
 static apr_status_t crypto_block_encrypt_finish(unsigned char *out,
         apr_size_t *outlen, apr_crypto_block_t *ctx)
 {
-    apr_status_t rc = APR_SUCCESS;
     int len = *outlen;
 
-    if (EVP_EncryptFinal_ex(ctx->cipherCtx, out, &len) == 0) {
-        rc = APR_EPADDING;
-    }
-    else {
-        *outlen = len;
+    if (EVP_EncryptFinal_ex(&ctx->cipherCtx, out, &len) == 0) {
+        return APR_EPADDING;
     }
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-    EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
-#else
-    EVP_CIPHER_CTX_reset(ctx->cipherCtx);
-#endif
+    *outlen = len;
 
-    return rc;
+    return APR_SUCCESS;
 
 }
 
@@ -681,10 +662,8 @@ static apr_status_t crypto_block_decrypt_init(apr_crypto_block_t **ctx,
             apr_pool_cleanup_null);
 
     /* create a new context for encryption */
-    if (!block->initialised) {
-        block->cipherCtx = EVP_CIPHER_CTX_new();
-        block->initialised = 1;
-    }
+    EVP_CIPHER_CTX_init(&block->cipherCtx);
+    block->initialised = 1;
 
     /* generate an IV, if necessary */
     if (key->ivSize) {
@@ -695,16 +674,16 @@ static apr_status_t crypto_block_decrypt_init(apr_crypto_block_t **ctx,
 
     /* set up our encryption context */
 #if CRYPTO_OPENSSL_CONST_BUFFERS
-    if (!EVP_DecryptInit_ex(block->cipherCtx, key->cipher, config->engine,
+    if (!EVP_DecryptInit_ex(&block->cipherCtx, key->cipher, config->engine,
             key->key, iv)) {
 #else
-        if (!EVP_DecryptInit_ex(block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) iv)) {
+        if (!EVP_DecryptInit_ex(&block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) iv)) {
 #endif
         return APR_EINIT;
     }
 
     /* Clear up any read padding */
-    if (!EVP_CIPHER_CTX_set_padding(block->cipherCtx, key->doPad)) {
+    if (!EVP_CIPHER_CTX_set_padding(&block->cipherCtx, key->doPad)) {
         return APR_EPADDING;
     }
 
@@ -758,16 +737,11 @@ static apr_status_t crypto_block_decrypt(unsigned char **out,
     }
 
 #if CRYPT_OPENSSL_CONST_BUFFERS
-    if (!EVP_DecryptUpdate(ctx->cipherCtx, *out, &outl, in, inlen)) {
+    if (!EVP_DecryptUpdate(&ctx->cipherCtx, *out, &outl, in, inlen)) {
 #else
-    if (!EVP_DecryptUpdate(ctx->cipherCtx, *out, &outl, (unsigned char *) in,
+    if (!EVP_DecryptUpdate(&ctx->cipherCtx, *out, &outl, (unsigned char *) in,
             inlen)) {
 #endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-        EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
-#else
-        EVP_CIPHER_CTX_reset(ctx->cipherCtx);
-#endif
         return APR_ECRYPT;
     }
     *outlen = outl;
@@ -797,22 +771,15 @@ static apr_status_t crypto_block_decrypt(unsigned char **out,
 static apr_status_t crypto_block_decrypt_finish(unsigned char *out,
         apr_size_t *outlen, apr_crypto_block_t *ctx)
 {
-    apr_status_t rc = APR_SUCCESS;
+
     int len = *outlen;
 
-    if (EVP_DecryptFinal_ex(ctx->cipherCtx, out, &len) == 0) {
-        rc = APR_EPADDING;
-    }
-    else {
-        *outlen = len;
+    if (EVP_DecryptFinal_ex(&ctx->cipherCtx, out, &len) == 0) {
+        return APR_EPADDING;
     }
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-    EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
-#else
-    EVP_CIPHER_CTX_reset(ctx->cipherCtx);
-#endif
+    *outlen = len;
 
-    return rc;
+    return APR_SUCCESS;
 
 }
author	rjung <rjung@13f79535-47bb-0310-9956-ffa450edef68>	2016-02-23 19:09:34 +0000
committer	rjung <rjung@13f79535-47bb-0310-9956-ffa450edef68>	2016-02-23 19:09:34 +0000
commit	9a3238f9576e6125cf98b07503d49e98f1743b03 (patch)
tree	1819aa2b0f5218b0287be0a645e83eaa1c0a05e2
parent	7c91f8033272842754f01364351b9b60eb503ae5 (diff)
download	libapr-util-1.4.x.tar.gz