From 4da4fbeca01c88ba59d1c90a6b37e7324a6b81a8 Mon Sep 17 00:00:00 2001 From: Davide Beatrici Date: Fri, 10 Aug 2018 22:29:43 +0200 Subject: [PATCH] Encrypt.c: don't use deprecated OpenSSL functions /builds/SoftEther/SoftEtherVPN/src/Mayaqua/Encrypt.c: In function 'RsaCheck': /builds/SoftEther/SoftEtherVPN/src/Mayaqua/Encrypt.c:2307:3: warning: 'RSA_generate_key' is deprecated [-Wdeprecated-declarations] rsa = RSA_generate_key(bit, RSA_F4, NULL, NULL); ^~~ In file included from /usr/include/openssl/rsa.h:13:0, from /usr/include/openssl/x509.h:31, from /usr/include/openssl/ssl.h:50, from /builds/SoftEther/SoftEtherVPN/src/Mayaqua/Encrypt.c:127: /usr/include/openssl/rsa.h:193:1: note: declared here DEPRECATEDIN_0_9_8(RSA *RSA_generate_key(int bits, unsigned long e, void ^ /builds/SoftEther/SoftEtherVPN/src/Mayaqua/Encrypt.c: In function 'RsaGen': /builds/SoftEther/SoftEtherVPN/src/Mayaqua/Encrypt.c:2377:3: warning: 'RSA_generate_key' is deprecated [-Wdeprecated-declarations] rsa = RSA_generate_key(bit, RSA_F4, NULL, NULL); ^~~ In file included from /usr/include/openssl/rsa.h:13:0, from /usr/include/openssl/x509.h:31, from /usr/include/openssl/ssl.h:50, from /builds/SoftEther/SoftEtherVPN/src/Mayaqua/Encrypt.c:127: /usr/include/openssl/rsa.h:193:1: note: declared here DEPRECATEDIN_0_9_8(RSA *RSA_generate_key(int bits, unsigned long e, void ^ /builds/SoftEther/SoftEtherVPN/src/Mayaqua/Encrypt.c: In function 'X509ToX': /builds/SoftEther/SoftEtherVPN/src/Mayaqua/Encrypt.c:3435:7: warning: 'ASN1_STRING_data' is deprecated [-Wdeprecated-declarations] char *uri = (char *)ASN1_STRING_data(ad->location->d.uniformResourceIdentifier); ^~~~ In file included from /usr/include/openssl/bn.h:31:0, from /usr/include/openssl/asn1.h:24, from /usr/include/openssl/objects.h:916, from /usr/include/openssl/evp.h:27, from /usr/include/openssl/x509.h:23, from /usr/include/openssl/ssl.h:50, from /builds/SoftEther/SoftEtherVPN/src/Mayaqua/Encrypt.c:127: /usr/include/openssl/asn1.h:553:1: note: declared here DEPRECATEDIN_1_1_0(unsigned char *ASN1_STRING_data(ASN1_STRING *x)) ^ /builds/SoftEther/SoftEtherVPN/src/Mayaqua/Encrypt.c: In function 'FreeOpenSSLThreadState': /builds/SoftEther/SoftEtherVPN/src/Mayaqua/Encrypt.c:3643:2: warning: 'ERR_remove_state' is deprecated [-Wdeprecated-declarations] ERR_remove_state(0); ^~~~~~~~~~~~~~~~ In file included from /usr/include/openssl/ct.h:13:0, from /usr/include/openssl/ssl.h:61, from /builds/SoftEther/SoftEtherVPN/src/Mayaqua/Encrypt.c:127: /usr/include/openssl/err.h:248:1: note: declared here DEPRECATEDIN_1_0_0(void ERR_remove_state(unsigned long pid)) ^ --- src/Mayaqua/Encrypt.c | 48 +++++++++++++++++++++++++++++++++---------- 1 file changed, 37 insertions(+), 11 deletions(-) diff --git a/src/Mayaqua/Encrypt.c b/src/Mayaqua/Encrypt.c index 8a90e592..14124233 100644 --- a/src/Mayaqua/Encrypt.c +++ b/src/Mayaqua/Encrypt.c @@ -2293,23 +2293,33 @@ bool RsaCheckEx() } bool RsaCheck() { - RSA *rsa; + int ret = 0; + RSA *rsa = NULL; + BIGNUM *e = NULL; K *priv_key, *pub_key; BIO *bio; char errbuf[MAX_SIZE]; UINT size = 0; UINT bit = RSA_KEY_SIZE; - // Validate arguments + + e = BN_new(); + ret = BN_set_word(e, RSA_F4); + if (ret == 0) + { + Debug("BN_set_word: err=%s\n", ERR_error_string(ERR_get_error(), errbuf)); + return false; + } // Key generation Lock(openssl_lock); { - rsa = RSA_generate_key(bit, RSA_F4, NULL, NULL); + rsa = RSA_new(); + ret = RSA_generate_key_ex(rsa, bit, e, NULL); } Unlock(openssl_lock); - if (rsa == NULL) + if (ret == 0) { - Debug("RSA_generate_key: err=%s\n", ERR_error_string(ERR_get_error(), errbuf)); + Debug("RSA_generate_key_ex: err=%s\n", ERR_error_string(ERR_get_error(), errbuf)); return false; } @@ -2356,7 +2366,9 @@ bool RsaCheck() // Generation of RSA key bool RsaGen(K **priv, K **pub, UINT bit) { - RSA *rsa; + int ret = 0; + RSA *rsa = NULL; + BIGNUM *e = NULL; K *priv_key, *pub_key; BIO *bio; char errbuf[MAX_SIZE]; @@ -2371,15 +2383,24 @@ bool RsaGen(K **priv, K **pub, UINT bit) bit = RSA_KEY_SIZE; } + e = BN_new(); + ret = BN_set_word(e, RSA_F4); + if (ret == 0) + { + Debug("BN_set_word: err=%s\n", ERR_error_string(ERR_get_error(), errbuf)); + return false; + } + // Key generation Lock(openssl_lock); { - rsa = RSA_generate_key(bit, RSA_F4, NULL, NULL); + rsa = RSA_new(); + ret = RSA_generate_key_ex(rsa, bit, e, NULL); } Unlock(openssl_lock); - if (rsa == NULL) + if (ret == 0) { - Debug("RSA_generate_key: err=%s\n", ERR_error_string(ERR_get_error(), errbuf)); + Debug("RSA_generate_key_ex: err=%s\n", ERR_error_string(ERR_get_error(), errbuf)); return false; } @@ -3432,8 +3453,11 @@ X *X509ToX(X509 *x509) { if (OBJ_obj2nid(ad->method) == NID_ad_ca_issuers && ad->location->type == GEN_URI) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + char *uri = (char *)ASN1_STRING_get0_data(ad->location->d.uniformResourceIdentifier); +#else char *uri = (char *)ASN1_STRING_data(ad->location->d.uniformResourceIdentifier); - +#endif if (IsEmptyStr(uri) == false) { StrCpy(x->issuer_url, sizeof(x->issuer_url), uri); @@ -3639,8 +3663,10 @@ void Rand(void *buf, UINT size) // Delete a thread-specific information that OpenSSL has holded void FreeOpenSSLThreadState() { +#if OPENSSL_VERSION_NUMBER < 0x10100000L CRYPTO_cleanup_all_ex_data(); - ERR_remove_state(0); + ERR_remove_thread_state(NULL); +#endif } #if OPENSSL_VERSION_NUMBER < 0x10100000L