Support for openssl 1.1.0.
This commit is contained in:
parent
2c54104ce3
commit
fff741613e
@ -6,6 +6,10 @@ Broker:
|
|||||||
#186.
|
#186.
|
||||||
- Don't disconnect client on HUP before reading the pending data. Closes #7.
|
- Don't disconnect client on HUP before reading the pending data. Closes #7.
|
||||||
- Fix some $SYS messages being incorrectly persisted. Closes #191.
|
- Fix some $SYS messages being incorrectly persisted. Closes #191.
|
||||||
|
- Support OpenSSL 1.1.0.
|
||||||
|
|
||||||
|
Client library:
|
||||||
|
- Support OpenSSL 1.1.0.
|
||||||
|
|
||||||
Build:
|
Build:
|
||||||
- Don't attempt to install docs when WITH_DOCS=no. Closes #184.
|
- Don't attempt to install docs when WITH_DOCS=no. Closes #184.
|
||||||
|
@ -90,7 +90,11 @@ int output_new_password(FILE *fptr, const char *username, const char *password)
|
|||||||
unsigned char hash[EVP_MAX_MD_SIZE];
|
unsigned char hash[EVP_MAX_MD_SIZE];
|
||||||
unsigned int hash_len;
|
unsigned int hash_len;
|
||||||
const EVP_MD *digest;
|
const EVP_MD *digest;
|
||||||
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||||
EVP_MD_CTX context;
|
EVP_MD_CTX context;
|
||||||
|
#else
|
||||||
|
EVP_MD_CTX *context;
|
||||||
|
#endif
|
||||||
|
|
||||||
rc = RAND_bytes(salt, SALT_LEN);
|
rc = RAND_bytes(salt, SALT_LEN);
|
||||||
if(!rc){
|
if(!rc){
|
||||||
@ -113,12 +117,21 @@ int output_new_password(FILE *fptr, const char *username, const char *password)
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||||
EVP_MD_CTX_init(&context);
|
EVP_MD_CTX_init(&context);
|
||||||
EVP_DigestInit_ex(&context, digest, NULL);
|
EVP_DigestInit_ex(&context, digest, NULL);
|
||||||
EVP_DigestUpdate(&context, password, strlen(password));
|
EVP_DigestUpdate(&context, password, strlen(password));
|
||||||
EVP_DigestUpdate(&context, salt, SALT_LEN);
|
EVP_DigestUpdate(&context, salt, SALT_LEN);
|
||||||
EVP_DigestFinal_ex(&context, hash, &hash_len);
|
EVP_DigestFinal_ex(&context, hash, &hash_len);
|
||||||
EVP_MD_CTX_cleanup(&context);
|
EVP_MD_CTX_cleanup(&context);
|
||||||
|
#else
|
||||||
|
context = EVP_MD_CTX_new();
|
||||||
|
EVP_DigestInit_ex(context, digest, NULL);
|
||||||
|
EVP_DigestUpdate(context, password, strlen(password));
|
||||||
|
EVP_DigestUpdate(context, salt, SALT_LEN);
|
||||||
|
EVP_DigestFinal_ex(context, hash, &hash_len);
|
||||||
|
EVP_MD_CTX_free(context);
|
||||||
|
#endif
|
||||||
|
|
||||||
rc = base64_encode(hash, hash_len, &hash64);
|
rc = base64_encode(hash, hash_len, &hash64);
|
||||||
if(rc){
|
if(rc){
|
||||||
|
@ -302,7 +302,7 @@ static int _mosquitto_tls_server_ctx(struct _mqtt3_listener *listener)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef WITH_EC
|
#ifdef WITH_EC
|
||||||
#if OPENSSL_VERSION_NUMBER >= 0x10002000L
|
#if OPENSSL_VERSION_NUMBER >= 0x10002000L && OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||||
SSL_CTX_set_ecdh_auto(listener->ssl_ctx, 1);
|
SSL_CTX_set_ecdh_auto(listener->ssl_ctx, 1);
|
||||||
#elif OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10002000L
|
#elif OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10002000L
|
||||||
ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
|
ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
|
||||||
|
@ -364,7 +364,7 @@ int mqtt3_handle_connect(struct mosquitto_db *db, struct mosquitto *context)
|
|||||||
goto handle_connect_error;
|
goto handle_connect_error;
|
||||||
}
|
}
|
||||||
name_entry = X509_NAME_get_entry(name, i);
|
name_entry = X509_NAME_get_entry(name, i);
|
||||||
context->username = _mosquitto_strdup((char *)ASN1_STRING_data(name_entry->value));
|
context->username = _mosquitto_strdup((char *)ASN1_STRING_data(X509_NAME_ENTRY_get_data(name_entry)));
|
||||||
if(!context->username){
|
if(!context->username){
|
||||||
rc = 1;
|
rc = 1;
|
||||||
goto handle_connect_error;
|
goto handle_connect_error;
|
||||||
|
@ -770,6 +770,7 @@ int mosquitto_psk_key_get_default(struct mosquitto_db *db, const char *hint, con
|
|||||||
int _pw_digest(const char *password, const unsigned char *salt, unsigned int salt_len, unsigned char *hash, unsigned int *hash_len)
|
int _pw_digest(const char *password, const unsigned char *salt, unsigned int salt_len, unsigned char *hash, unsigned int *hash_len)
|
||||||
{
|
{
|
||||||
const EVP_MD *digest;
|
const EVP_MD *digest;
|
||||||
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||||
EVP_MD_CTX context;
|
EVP_MD_CTX context;
|
||||||
|
|
||||||
digest = EVP_get_digestbyname("sha512");
|
digest = EVP_get_digestbyname("sha512");
|
||||||
@ -785,6 +786,23 @@ int _pw_digest(const char *password, const unsigned char *salt, unsigned int sal
|
|||||||
/* hash is assumed to be EVP_MAX_MD_SIZE bytes long. */
|
/* hash is assumed to be EVP_MAX_MD_SIZE bytes long. */
|
||||||
EVP_DigestFinal_ex(&context, hash, hash_len);
|
EVP_DigestFinal_ex(&context, hash, hash_len);
|
||||||
EVP_MD_CTX_cleanup(&context);
|
EVP_MD_CTX_cleanup(&context);
|
||||||
|
#else
|
||||||
|
EVP_MD_CTX *context;
|
||||||
|
|
||||||
|
digest = EVP_get_digestbyname("sha512");
|
||||||
|
if(!digest){
|
||||||
|
// FIXME fprintf(stderr, "Error: Unable to create openssl digest.\n");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
context = EVP_MD_CTX_new();
|
||||||
|
EVP_DigestInit_ex(context, digest, NULL);
|
||||||
|
EVP_DigestUpdate(context, password, strlen(password));
|
||||||
|
EVP_DigestUpdate(context, salt, salt_len);
|
||||||
|
/* hash is assumed to be EVP_MAX_MD_SIZE bytes long. */
|
||||||
|
EVP_DigestFinal_ex(context, hash, hash_len);
|
||||||
|
EVP_MD_CTX_free(context);
|
||||||
|
#endif
|
||||||
|
|
||||||
return MOSQ_ERR_SUCCESS;
|
return MOSQ_ERR_SUCCESS;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user