drop debian/patches/openssl-1.1.diff (merged upstream)
Michael Stapelberg
6 years ago
0 | Description: largely backported from FreeRADIUS 4.x, rest forwarded | |
1 | Author: Michael Stapelberg <stapelberg@debian.org> | |
2 | Forwarded: not-needed | |
3 | Last-Update: 2016-11-04 | |
4 | ||
5 | --- | |
6 | ||
7 | Index: freeradius-new/src/main/tls.c | |
8 | =================================================================== | |
9 | --- freeradius-new.orig/src/main/tls.c | |
10 | +++ freeradius-new/src/main/tls.c | |
11 | @@ -1910,7 +1910,9 @@ int cbtls_verify(int ok, X509_STORE_CTX | |
12 | char cn_str[1024]; | |
13 | char buf[64]; | |
14 | X509 *client_cert; | |
15 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
16 | X509_CINF *client_inf; | |
17 | +#endif | |
18 | STACK_OF(X509_EXTENSION) *ext_list; | |
19 | SSL *ssl; | |
20 | int err, depth, lookup, loc; | |
21 | @@ -2016,7 +2018,7 @@ int cbtls_verify(int ok, X509_STORE_CTX | |
22 | rdebug_pair(L_DBG_LVL_2, request, vp, NULL); | |
23 | } | |
24 | ||
25 | - X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), issuer, | |
26 | + X509_NAME_oneline(X509_get_issuer_name(client_cert), issuer, | |
27 | sizeof(issuer)); | |
28 | issuer[sizeof(issuer) - 1] = '\0'; | |
29 | if (certs && identity && (lookup <= 1) && issuer[0]) { | |
30 | @@ -2109,8 +2111,12 @@ int cbtls_verify(int ok, X509_STORE_CTX | |
31 | } | |
32 | ||
33 | if (lookup == 0) { | |
34 | +#if OPENSSL_VERSION_NUMBER >= 0x10100000L | |
35 | + ext_list = X509_get0_extensions(client_cert); | |
36 | +#else | |
37 | client_inf = client_cert->cert_info; | |
38 | ext_list = client_inf->extensions; | |
39 | +#endif | |
40 | } else { | |
41 | ext_list = NULL; | |
42 | } | |
43 | @@ -2170,7 +2176,7 @@ int cbtls_verify(int ok, X509_STORE_CTX | |
44 | ||
45 | REXDENT(); | |
46 | ||
47 | - switch (ctx->error) { | |
48 | + switch (X509_STORE_CTX_get_error(ctx)) { | |
49 | case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: | |
50 | RERROR("issuer=%s", issuer); | |
51 | break; | |
52 | Index: freeradius-new/src/modules/rlm_otp/otp_radstate.c | |
53 | =================================================================== | |
54 | --- freeradius-new.orig/src/modules/rlm_otp/otp_radstate.c | |
55 | +++ freeradius-new/src/modules/rlm_otp/otp_radstate.c | |
56 | @@ -110,7 +110,7 @@ size_t otp_gen_state(char state[OTP_MAX_ | |
57 | size_t clen, | |
58 | int32_t flags, int32_t when, uint8_t const key[16]) | |
59 | { | |
60 | - HMAC_CTX hmac_ctx; | |
61 | + HMAC_CTX *hmac_ctx; | |
62 | uint8_t hmac[MD5_DIGEST_LENGTH]; | |
63 | char *p; | |
64 | ||
65 | @@ -120,12 +120,13 @@ size_t otp_gen_state(char state[OTP_MAX_ | |
66 | * having to collect the data to be signed into one | |
67 | * contiguous piece. | |
68 | */ | |
69 | - HMAC_Init(&hmac_ctx, key, sizeof(key[0]) * 16, EVP_md5()); | |
70 | - HMAC_Update(&hmac_ctx, (uint8_t const *) challenge, clen); | |
71 | - HMAC_Update(&hmac_ctx, (uint8_t *) &flags, 4); | |
72 | - HMAC_Update(&hmac_ctx, (uint8_t *) &when, 4); | |
73 | - HMAC_Final(&hmac_ctx, hmac, NULL); | |
74 | - HMAC_cleanup(&hmac_ctx); | |
75 | + hmac_ctx = HMAC_CTX_new(); | |
76 | + HMAC_Init_ex(hmac_ctx, key, sizeof(key[0]) * 16, EVP_md5(), NULL); | |
77 | + HMAC_Update(hmac_ctx, (uint8_t const *) challenge, clen); | |
78 | + HMAC_Update(hmac_ctx, (uint8_t *) &flags, 4); | |
79 | + HMAC_Update(hmac_ctx, (uint8_t *) &when, 4); | |
80 | + HMAC_Final(hmac_ctx, hmac, NULL); | |
81 | + HMAC_CTX_free(hmac_ctx); | |
82 | ||
83 | /* | |
84 | * Generate the state. | |
85 | Index: freeradius-new/src/modules/rlm_wimax/rlm_wimax.c | |
86 | =================================================================== | |
87 | --- freeradius-new.orig/src/modules/rlm_wimax/rlm_wimax.c | |
88 | +++ freeradius-new/src/modules/rlm_wimax/rlm_wimax.c | |
89 | @@ -122,7 +122,7 @@ static rlm_rcode_t CC_HINT(nonnull) mod_ | |
90 | rlm_wimax_t *inst = instance; | |
91 | VALUE_PAIR *msk, *emsk, *vp; | |
92 | VALUE_PAIR *mn_nai, *ip, *fa_rk; | |
93 | - HMAC_CTX hmac; | |
94 | + HMAC_CTX *hmac; | |
95 | unsigned int rk1_len, rk2_len, rk_len; | |
96 | uint32_t mip_spi; | |
97 | uint8_t usage_data[24]; | |
98 | @@ -161,20 +161,20 @@ static rlm_rcode_t CC_HINT(nonnull) mod_ | |
99 | /* | |
100 | * MIP-RK-1 = HMAC-SSHA256(EMSK, usage-data | 0x01) | |
101 | */ | |
102 | - HMAC_CTX_init(&hmac); | |
103 | - HMAC_Init_ex(&hmac, emsk->vp_octets, emsk->vp_length, EVP_sha256(), NULL); | |
104 | + hmac = HMAC_CTX_new(); | |
105 | + HMAC_Init_ex(hmac, emsk->vp_octets, emsk->vp_length, EVP_sha256(), NULL); | |
106 | ||
107 | - HMAC_Update(&hmac, &usage_data[0], sizeof(usage_data)); | |
108 | - HMAC_Final(&hmac, &mip_rk_1[0], &rk1_len); | |
109 | + HMAC_Update(hmac, &usage_data[0], sizeof(usage_data)); | |
110 | + HMAC_Final(hmac, &mip_rk_1[0], &rk1_len); | |
111 | ||
112 | /* | |
113 | * MIP-RK-2 = HMAC-SSHA256(EMSK, MIP-RK-1 | usage-data | 0x01) | |
114 | */ | |
115 | - HMAC_Init_ex(&hmac, emsk->vp_octets, emsk->vp_length, EVP_sha256(), NULL); | |
116 | + HMAC_Init_ex(hmac, emsk->vp_octets, emsk->vp_length, EVP_sha256(), NULL); | |
117 | ||
118 | - HMAC_Update(&hmac, (uint8_t const *) &mip_rk_1, rk1_len); | |
119 | - HMAC_Update(&hmac, &usage_data[0], sizeof(usage_data)); | |
120 | - HMAC_Final(&hmac, &mip_rk_2[0], &rk2_len); | |
121 | + HMAC_Update(hmac, (uint8_t const *) &mip_rk_1, rk1_len); | |
122 | + HMAC_Update(hmac, &usage_data[0], sizeof(usage_data)); | |
123 | + HMAC_Final(hmac, &mip_rk_2[0], &rk2_len); | |
124 | ||
125 | memcpy(mip_rk, mip_rk_1, rk1_len); | |
126 | memcpy(mip_rk + rk1_len, mip_rk_2, rk2_len); | |
127 | @@ -183,10 +183,10 @@ static rlm_rcode_t CC_HINT(nonnull) mod_ | |
128 | /* | |
129 | * MIP-SPI = HMAC-SSHA256(MIP-RK, "SPI CMIP PMIP"); | |
130 | */ | |
131 | - HMAC_Init_ex(&hmac, mip_rk, rk_len, EVP_sha256(), NULL); | |
132 | + HMAC_Init_ex(hmac, mip_rk, rk_len, EVP_sha256(), NULL); | |
133 | ||
134 | - HMAC_Update(&hmac, (uint8_t const *) "SPI CMIP PMIP", 12); | |
135 | - HMAC_Final(&hmac, &mip_rk_1[0], &rk1_len); | |
136 | + HMAC_Update(hmac, (uint8_t const *) "SPI CMIP PMIP", 12); | |
137 | + HMAC_Final(hmac, &mip_rk_1[0], &rk1_len); | |
138 | ||
139 | /* | |
140 | * Take the 4 most significant octets. | |
141 | @@ -246,12 +246,12 @@ static rlm_rcode_t CC_HINT(nonnull) mod_ | |
142 | * MN-HA-PMIP4 = | |
143 | * H(MIP-RK, "PMIP4 MN HA" | HA-IPv4 | MN-NAI); | |
144 | */ | |
145 | - HMAC_Init_ex(&hmac, mip_rk, rk_len, EVP_sha1(), NULL); | |
146 | + HMAC_Init_ex(hmac, mip_rk, rk_len, EVP_sha1(), NULL); | |
147 | ||
148 | - HMAC_Update(&hmac, (uint8_t const *) "PMIP4 MN HA", 11); | |
149 | - HMAC_Update(&hmac, (uint8_t const *) &ip->vp_ipaddr, 4); | |
150 | - HMAC_Update(&hmac, (uint8_t const *) &mn_nai->vp_strvalue, mn_nai->vp_length); | |
151 | - HMAC_Final(&hmac, &mip_rk_1[0], &rk1_len); | |
152 | + HMAC_Update(hmac, (uint8_t const *) "PMIP4 MN HA", 11); | |
153 | + HMAC_Update(hmac, (uint8_t const *) &ip->vp_ipaddr, 4); | |
154 | + HMAC_Update(hmac, (uint8_t const *) &mn_nai->vp_strvalue, mn_nai->vp_length); | |
155 | + HMAC_Final(hmac, &mip_rk_1[0], &rk1_len); | |
156 | ||
157 | /* | |
158 | * Put MN-HA-PMIP4 into WiMAX-MN-hHA-MIP4-Key | |
159 | @@ -296,12 +296,12 @@ static rlm_rcode_t CC_HINT(nonnull) mod_ | |
160 | * MN-HA-CMIP4 = | |
161 | * H(MIP-RK, "CMIP4 MN HA" | HA-IPv4 | MN-NAI); | |
162 | */ | |
163 | - HMAC_Init_ex(&hmac, mip_rk, rk_len, EVP_sha1(), NULL); | |
164 | + HMAC_Init_ex(hmac, mip_rk, rk_len, EVP_sha1(), NULL); | |
165 | ||
166 | - HMAC_Update(&hmac, (uint8_t const *) "CMIP4 MN HA", 11); | |
167 | - HMAC_Update(&hmac, (uint8_t const *) &ip->vp_ipaddr, 4); | |
168 | - HMAC_Update(&hmac, (uint8_t const *) &mn_nai->vp_strvalue, mn_nai->vp_length); | |
169 | - HMAC_Final(&hmac, &mip_rk_1[0], &rk1_len); | |
170 | + HMAC_Update(hmac, (uint8_t const *) "CMIP4 MN HA", 11); | |
171 | + HMAC_Update(hmac, (uint8_t const *) &ip->vp_ipaddr, 4); | |
172 | + HMAC_Update(hmac, (uint8_t const *) &mn_nai->vp_strvalue, mn_nai->vp_length); | |
173 | + HMAC_Final(hmac, &mip_rk_1[0], &rk1_len); | |
174 | ||
175 | /* | |
176 | * Put MN-HA-CMIP4 into WiMAX-MN-hHA-MIP4-Key | |
177 | @@ -346,12 +346,12 @@ static rlm_rcode_t CC_HINT(nonnull) mod_ | |
178 | * MN-HA-CMIP6 = | |
179 | * H(MIP-RK, "CMIP6 MN HA" | HA-IPv6 | MN-NAI); | |
180 | */ | |
181 | - HMAC_Init_ex(&hmac, mip_rk, rk_len, EVP_sha1(), NULL); | |
182 | + HMAC_Init_ex(hmac, mip_rk, rk_len, EVP_sha1(), NULL); | |
183 | ||
184 | - HMAC_Update(&hmac, (uint8_t const *) "CMIP6 MN HA", 11); | |
185 | - HMAC_Update(&hmac, (uint8_t const *) &ip->vp_ipv6addr, 16); | |
186 | - HMAC_Update(&hmac, (uint8_t const *) &mn_nai->vp_strvalue, mn_nai->vp_length); | |
187 | - HMAC_Final(&hmac, &mip_rk_1[0], &rk1_len); | |
188 | + HMAC_Update(hmac, (uint8_t const *) "CMIP6 MN HA", 11); | |
189 | + HMAC_Update(hmac, (uint8_t const *) &ip->vp_ipv6addr, 16); | |
190 | + HMAC_Update(hmac, (uint8_t const *) &mn_nai->vp_strvalue, mn_nai->vp_length); | |
191 | + HMAC_Final(hmac, &mip_rk_1[0], &rk1_len); | |
192 | ||
193 | /* | |
194 | * Put MN-HA-CMIP6 into WiMAX-MN-hHA-MIP6-Key | |
195 | @@ -393,11 +393,11 @@ static rlm_rcode_t CC_HINT(nonnull) mod_ | |
196 | */ | |
197 | fa_rk = fr_pair_find_by_num(request->reply->vps, 14, VENDORPEC_WIMAX, TAG_ANY); | |
198 | if (fa_rk && (fa_rk->vp_length <= 1)) { | |
199 | - HMAC_Init_ex(&hmac, mip_rk, rk_len, EVP_sha1(), NULL); | |
200 | + HMAC_Init_ex(hmac, mip_rk, rk_len, EVP_sha1(), NULL); | |
201 | ||
202 | - HMAC_Update(&hmac, (uint8_t const *) "FA-RK", 5); | |
203 | + HMAC_Update(hmac, (uint8_t const *) "FA-RK", 5); | |
204 | ||
205 | - HMAC_Final(&hmac, &mip_rk_1[0], &rk1_len); | |
206 | + HMAC_Final(hmac, &mip_rk_1[0], &rk1_len); | |
207 | ||
208 | fr_pair_value_memcpy(fa_rk, &mip_rk_1[0], rk1_len); | |
209 | } | |
210 | @@ -451,7 +451,7 @@ static rlm_rcode_t CC_HINT(nonnull) mod_ | |
211 | /* | |
212 | * Wipe the context of all sensitive information. | |
213 | */ | |
214 | - HMAC_CTX_cleanup(&hmac); | |
215 | + HMAC_CTX_free(hmac); | |
216 | ||
217 | return RLM_MODULE_UPDATED; | |
218 | } | |
219 | Index: freeradius-new/src/modules/rlm_eap/types/rlm_eap_pwd/configure | |
220 | =================================================================== | |
221 | --- freeradius-new.orig/src/modules/rlm_eap/types/rlm_eap_pwd/configure | |
222 | +++ freeradius-new/src/modules/rlm_eap/types/rlm_eap_pwd/configure | |
223 | @@ -1,5 +1,5 @@ | |
224 | #! /bin/sh | |
225 | -# From configure.ac Revision. | |
226 | +# From src/modules/rlm_eap/types/rlm_eap_pwd/configure.ac Revision. | |
227 | # Guess values for system-dependent variables and create Makefiles. | |
228 | # Generated by GNU Autoconf 2.69. | |
229 | # | |
230 | @@ -614,6 +614,7 @@ infodir | |
231 | docdir | |
232 | oldincludedir | |
233 | includedir | |
234 | +runstatedir | |
235 | localstatedir | |
236 | sharedstatedir | |
237 | sysconfdir | |
238 | @@ -685,6 +686,7 @@ datadir='${datarootdir}' | |
239 | sysconfdir='${prefix}/etc' | |
240 | sharedstatedir='${prefix}/com' | |
241 | localstatedir='${prefix}/var' | |
242 | +runstatedir='${localstatedir}/run' | |
243 | includedir='${prefix}/include' | |
244 | oldincludedir='/usr/include' | |
245 | docdir='${datarootdir}/doc/${PACKAGE}' | |
246 | @@ -937,6 +939,15 @@ do | |
247 | | -silent | --silent | --silen | --sile | --sil) | |
248 | silent=yes ;; | |
249 | ||
250 | + -runstatedir | --runstatedir | --runstatedi | --runstated \ | |
251 | + | --runstate | --runstat | --runsta | --runst | --runs \ | |
252 | + | --run | --ru | --r) | |
253 | + ac_prev=runstatedir ;; | |
254 | + -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ | |
255 | + | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ | |
256 | + | --run=* | --ru=* | --r=*) | |
257 | + runstatedir=$ac_optarg ;; | |
258 | + | |
259 | -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) | |
260 | ac_prev=sbindir ;; | |
261 | -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ | |
262 | @@ -1074,7 +1085,7 @@ fi | |
263 | for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ | |
264 | datadir sysconfdir sharedstatedir localstatedir includedir \ | |
265 | oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ | |
266 | - libdir localedir mandir | |
267 | + libdir localedir mandir runstatedir | |
268 | do | |
269 | eval ac_val=\$$ac_var | |
270 | # Remove trailing slashes. | |
271 | @@ -1227,6 +1238,7 @@ Fine tuning of the installation director | |
272 | --sysconfdir=DIR read-only single-machine data [PREFIX/etc] | |
273 | --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] | |
274 | --localstatedir=DIR modifiable single-machine data [PREFIX/var] | |
275 | + --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] | |
276 | --libdir=DIR object code libraries [EPREFIX/lib] | |
277 | --includedir=DIR C header files [PREFIX/include] | |
278 | --oldincludedir=DIR C header files for non-gcc [/usr/include] | |
279 | @@ -2917,7 +2929,7 @@ smart_prefix= | |
280 | ||
281 | ||
282 | sm_lib_safe=`echo "crypto" | sed 'y%./+-%__p_%'` | |
283 | -sm_func_safe=`echo "EVP_cleanup" | sed 'y%./+-%__p_%'` | |
284 | +sm_func_safe=`echo "EVP_PKEY_new" | sed 'y%./+-%__p_%'` | |
285 | ||
286 | old_LIBS="$LIBS" | |
287 | old_CPPFLAGS="$CPPFLAGS" | |
288 | @@ -2927,17 +2939,17 @@ smart_lib_dir= | |
289 | ||
290 | if test "x$smart_try_dir" != "x"; then | |
291 | for try in $smart_try_dir; do | |
292 | - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_cleanup in -lcrypto in $try" >&5 | |
293 | -$as_echo_n "checking for EVP_cleanup in -lcrypto in $try... " >&6; } | |
294 | + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_PKEY_new in -lcrypto in $try" >&5 | |
295 | +$as_echo_n "checking for EVP_PKEY_new in -lcrypto in $try... " >&6; } | |
296 | LIBS="-lcrypto $old_LIBS" | |
297 | CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS" | |
298 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | |
299 | /* end confdefs.h. */ | |
300 | -extern char EVP_cleanup(); | |
301 | +extern char EVP_PKEY_new(); | |
302 | int | |
303 | main () | |
304 | { | |
305 | -EVP_cleanup() | |
306 | +EVP_PKEY_new() | |
307 | ; | |
308 | return 0; | |
309 | } | |
310 | @@ -2962,16 +2974,16 @@ rm -f core conftest.err conftest.$ac_obj | |
311 | fi | |
312 | ||
313 | if test "x$smart_lib" = "x"; then | |
314 | - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_cleanup in -lcrypto" >&5 | |
315 | -$as_echo_n "checking for EVP_cleanup in -lcrypto... " >&6; } | |
316 | + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_PKEY_new in -lcrypto" >&5 | |
317 | +$as_echo_n "checking for EVP_PKEY_new in -lcrypto... " >&6; } | |
318 | LIBS="-lcrypto $old_LIBS" | |
319 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | |
320 | /* end confdefs.h. */ | |
321 | -extern char EVP_cleanup(); | |
322 | +extern char EVP_PKEY_new(); | |
323 | int | |
324 | main () | |
325 | { | |
326 | -EVP_cleanup() | |
327 | +EVP_PKEY_new() | |
328 | ; | |
329 | return 0; | |
330 | } | |
331 | @@ -3048,17 +3060,17 @@ eval "smart_lib_dir=\"\$smart_lib_dir $D | |
332 | ||
333 | ||
334 | for try in $smart_lib_dir /usr/local/lib /opt/lib; do | |
335 | - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_cleanup in -lcrypto in $try" >&5 | |
336 | -$as_echo_n "checking for EVP_cleanup in -lcrypto in $try... " >&6; } | |
337 | + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_PKEY_new in -lcrypto in $try" >&5 | |
338 | +$as_echo_n "checking for EVP_PKEY_new in -lcrypto in $try... " >&6; } | |
339 | LIBS="-lcrypto $old_LIBS" | |
340 | CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS" | |
341 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | |
342 | /* end confdefs.h. */ | |
343 | -extern char EVP_cleanup(); | |
344 | +extern char EVP_PKEY_new(); | |
345 | int | |
346 | main () | |
347 | { | |
348 | -EVP_cleanup() | |
349 | +EVP_PKEY_new() | |
350 | ; | |
351 | return 0; | |
352 | } | |
353 | @@ -3088,7 +3100,7 @@ if test "x$smart_lib" != "x"; then | |
354 | SMART_LIBS="$smart_ldflags $smart_lib $SMART_LIBS" | |
355 | fi | |
356 | ||
357 | - if test "x$ac_cv_lib_crypto_EVP_cleanup" != "xyes"; then | |
358 | + if test "x$ac_cv_lib_crypto_EVP_PKEY_new" != "xyes"; then | |
359 | fail="libssl" | |
360 | else | |
361 | for ac_func in EVP_sha256 | |
362 | Index: freeradius-new/src/modules/rlm_eap/types/rlm_eap_pwd/configure.ac | |
363 | =================================================================== | |
364 | --- freeradius-new.orig/src/modules/rlm_eap/types/rlm_eap_pwd/configure.ac | |
365 | +++ freeradius-new/src/modules/rlm_eap/types/rlm_eap_pwd/configure.ac | |
366 | @@ -60,8 +60,8 @@ if test x$with_[]modname != xno; then | |
367 | fi | |
368 | ||
369 | smart_try_dir=$openssl_lib_dir | |
370 | - FR_SMART_CHECK_LIB(crypto, EVP_cleanup) | |
371 | - if test "x$ac_cv_lib_crypto_EVP_cleanup" != "xyes"; then | |
372 | + FR_SMART_CHECK_LIB(crypto, EVP_PKEY_new) | |
373 | + if test "x$ac_cv_lib_crypto_EVP_PKEY_new" != "xyes"; then | |
374 | fail="libssl" | |
375 | else | |
376 | AC_CHECK_FUNCS(EVP_sha256) | |
377 | Index: freeradius-new/src/modules/rlm_eap/types/rlm_eap_pwd/eap_pwd.c | |
378 | =================================================================== | |
379 | --- freeradius-new.orig/src/modules/rlm_eap/types/rlm_eap_pwd/eap_pwd.c | |
380 | +++ freeradius-new/src/modules/rlm_eap/types/rlm_eap_pwd/eap_pwd.c | |
381 | @@ -45,7 +45,7 @@ static void H_Init(HMAC_CTX *ctx) | |
382 | uint8_t allzero[SHA256_DIGEST_LENGTH]; | |
383 | ||
384 | memset(allzero, 0, SHA256_DIGEST_LENGTH); | |
385 | - HMAC_Init(ctx, allzero, SHA256_DIGEST_LENGTH, EVP_sha256()); | |
386 | + HMAC_Init_ex(ctx, allzero, SHA256_DIGEST_LENGTH, EVP_sha256(), NULL); | |
387 | } | |
388 | ||
389 | static void H_Update(HMAC_CTX *ctx, uint8_t const *data, int len) | |
390 | @@ -58,39 +58,49 @@ static void H_Final(HMAC_CTX *ctx, uint8 | |
391 | unsigned int mdlen = SHA256_DIGEST_LENGTH; | |
392 | ||
393 | HMAC_Final(ctx, digest, &mdlen); | |
394 | +#if OPENSSL_VERSION_NUMBER >= 0x10100000L | |
395 | + HMAC_CTX_reset(ctx); | |
396 | +#else | |
397 | HMAC_CTX_cleanup(ctx); | |
398 | +#endif | |
399 | } | |
400 | ||
401 | /* a counter-based KDF based on NIST SP800-108 */ | |
402 | static void eap_pwd_kdf(uint8_t *key, int keylen, char const *label, int labellen, uint8_t *result, int resultbitlen) | |
403 | { | |
404 | - HMAC_CTX hctx; | |
405 | + HMAC_CTX *hctx; | |
406 | uint8_t digest[SHA256_DIGEST_LENGTH]; | |
407 | uint16_t i, ctr, L; | |
408 | int resultbytelen, len = 0; | |
409 | unsigned int mdlen = SHA256_DIGEST_LENGTH; | |
410 | uint8_t mask = 0xff; | |
411 | ||
412 | + hctx = HMAC_CTX_new(); | |
413 | + | |
414 | resultbytelen = (resultbitlen + 7)/8; | |
415 | ctr = 0; | |
416 | L = htons(resultbitlen); | |
417 | while (len < resultbytelen) { | |
418 | ctr++; i = htons(ctr); | |
419 | - HMAC_Init(&hctx, key, keylen, EVP_sha256()); | |
420 | + HMAC_Init_ex(hctx, key, keylen, EVP_sha256(), NULL); | |
421 | if (ctr > 1) { | |
422 | - HMAC_Update(&hctx, digest, mdlen); | |
423 | + HMAC_Update(hctx, digest, mdlen); | |
424 | } | |
425 | - HMAC_Update(&hctx, (uint8_t *) &i, sizeof(uint16_t)); | |
426 | - HMAC_Update(&hctx, (uint8_t const *)label, labellen); | |
427 | - HMAC_Update(&hctx, (uint8_t *) &L, sizeof(uint16_t)); | |
428 | - HMAC_Final(&hctx, digest, &mdlen); | |
429 | + HMAC_Update(hctx, (uint8_t *) &i, sizeof(uint16_t)); | |
430 | + HMAC_Update(hctx, (uint8_t const *)label, labellen); | |
431 | + HMAC_Update(hctx, (uint8_t *) &L, sizeof(uint16_t)); | |
432 | + HMAC_Final(hctx, digest, &mdlen); | |
433 | if ((len + (int) mdlen) > resultbytelen) { | |
434 | memcpy(result + len, digest, resultbytelen - len); | |
435 | } else { | |
436 | memcpy(result + len, digest, mdlen); | |
437 | } | |
438 | len += mdlen; | |
439 | - HMAC_CTX_cleanup(&hctx); | |
440 | +#if OPENSSL_VERSION_NUMBER >= 0x10100000L | |
441 | + HMAC_CTX_reset(hctx); | |
442 | +#else | |
443 | + HMAC_CTX_cleanup(hctx); | |
444 | +#endif | |
445 | } | |
446 | ||
447 | /* since we're expanding to a bit length, mask off the excess */ | |
448 | @@ -98,6 +108,8 @@ static void eap_pwd_kdf(uint8_t *key, in | |
449 | mask <<= (8 - (resultbitlen % 8)); | |
450 | result[resultbytelen - 1] &= mask; | |
451 | } | |
452 | + | |
453 | + HMAC_CTX_free(hctx); | |
454 | } | |
455 | ||
456 | int compute_password_element (pwd_session_t *session, uint16_t grp_num, | |
457 | @@ -107,7 +119,7 @@ int compute_password_element (pwd_sessio | |
458 | uint32_t *token) | |
459 | { | |
460 | BIGNUM *x_candidate = NULL, *rnd = NULL, *cofactor = NULL; | |
461 | - HMAC_CTX ctx; | |
462 | + HMAC_CTX *ctx = NULL; | |
463 | uint8_t pwe_digest[SHA256_DIGEST_LENGTH], *prfbuf = NULL, ctr; | |
464 | int nid, is_odd, primebitlen, primebytelen, ret = 0; | |
465 | ||
466 | @@ -177,6 +189,7 @@ int compute_password_element (pwd_sessio | |
467 | DEBUG("unable to alloc space for prf buffer"); | |
468 | goto fail; | |
469 | } | |
470 | + ctx = HMAC_CTX_new(); | |
471 | ctr = 0; | |
472 | while (1) { | |
473 | if (ctr > 10) { | |
474 | @@ -190,13 +203,13 @@ int compute_password_element (pwd_sessio | |
475 | * pwd-seed = H(token | peer-id | server-id | password | | |
476 | * counter) | |
477 | */ | |
478 | - H_Init(&ctx); | |
479 | - H_Update(&ctx, (uint8_t *)token, sizeof(*token)); | |
480 | - H_Update(&ctx, (uint8_t const *)id_peer, id_peer_len); | |
481 | - H_Update(&ctx, (uint8_t const *)id_server, id_server_len); | |
482 | - H_Update(&ctx, (uint8_t const *)password, password_len); | |
483 | - H_Update(&ctx, (uint8_t *)&ctr, sizeof(ctr)); | |
484 | - H_Final(&ctx, pwe_digest); | |
485 | + H_Init(ctx); | |
486 | + H_Update(ctx, (uint8_t *)token, sizeof(*token)); | |
487 | + H_Update(ctx, (uint8_t const *)id_peer, id_peer_len); | |
488 | + H_Update(ctx, (uint8_t const *)id_server, id_server_len); | |
489 | + H_Update(ctx, (uint8_t const *)password, password_len); | |
490 | + H_Update(ctx, (uint8_t *)&ctr, sizeof(ctr)); | |
491 | + H_Final(ctx, pwe_digest); | |
492 | ||
493 | BN_bin2bn(pwe_digest, SHA256_DIGEST_LENGTH, rnd); | |
494 | eap_pwd_kdf(pwe_digest, SHA256_DIGEST_LENGTH, "EAP-pwd Hunting And Pecking", | |
495 | @@ -262,6 +275,7 @@ int compute_password_element (pwd_sessio | |
496 | } | |
497 | ||
498 | /* cleanliness and order.... */ | |
499 | + HMAC_CTX_free(ctx); | |
500 | BN_clear_free(cofactor); | |
501 | BN_clear_free(x_candidate); | |
502 | BN_clear_free(rnd); | |
503 | @@ -420,7 +434,7 @@ finish: | |
504 | int compute_server_confirm (pwd_session_t *session, uint8_t *out, BN_CTX *bnctx) | |
505 | { | |
506 | BIGNUM *x = NULL, *y = NULL; | |
507 | - HMAC_CTX ctx; | |
508 | + HMAC_CTX *ctx = NULL; | |
509 | uint8_t *cruft = NULL; | |
510 | int offset, req = -1; | |
511 | ||
512 | @@ -437,7 +451,8 @@ int compute_server_confirm (pwd_session_ | |
513 | * commit is H(k | server_element | server_scalar | peer_element | | |
514 | * peer_scalar | ciphersuite) | |
515 | */ | |
516 | - H_Init(&ctx); | |
517 | + ctx = HMAC_CTX_new(); | |
518 | + H_Init(ctx); | |
519 | ||
520 | /* | |
521 | * Zero the memory each time because this is mod prime math and some | |
522 | @@ -447,7 +462,7 @@ int compute_server_confirm (pwd_session_ | |
523 | */ | |
524 | offset = BN_num_bytes(session->prime) - BN_num_bytes(session->k); | |
525 | BN_bn2bin(session->k, cruft + offset); | |
526 | - H_Update(&ctx, cruft, BN_num_bytes(session->prime)); | |
527 | + H_Update(ctx, cruft, BN_num_bytes(session->prime)); | |
528 | ||
529 | /* | |
530 | * next is server element: x, y | |
531 | @@ -459,12 +474,12 @@ int compute_server_confirm (pwd_session_ | |
532 | memset(cruft, 0, BN_num_bytes(session->prime)); | |
533 | offset = BN_num_bytes(session->prime) - BN_num_bytes(x); | |
534 | BN_bn2bin(x, cruft + offset); | |
535 | - H_Update(&ctx, cruft, BN_num_bytes(session->prime)); | |
536 | + H_Update(ctx, cruft, BN_num_bytes(session->prime)); | |
537 | ||
538 | memset(cruft, 0, BN_num_bytes(session->prime)); | |
539 | offset = BN_num_bytes(session->prime) - BN_num_bytes(y); | |
540 | BN_bn2bin(y, cruft + offset); | |
541 | - H_Update(&ctx, cruft, BN_num_bytes(session->prime)); | |
542 | + H_Update(ctx, cruft, BN_num_bytes(session->prime)); | |
543 | ||
544 | /* | |
545 | * and server scalar | |
546 | @@ -472,7 +487,7 @@ int compute_server_confirm (pwd_session_ | |
547 | memset(cruft, 0, BN_num_bytes(session->prime)); | |
548 | offset = BN_num_bytes(session->order) - BN_num_bytes(session->my_scalar); | |
549 | BN_bn2bin(session->my_scalar, cruft + offset); | |
550 | - H_Update(&ctx, cruft, BN_num_bytes(session->order)); | |
551 | + H_Update(ctx, cruft, BN_num_bytes(session->order)); | |
552 | ||
553 | /* | |
554 | * next is peer element: x, y | |
555 | @@ -485,12 +500,12 @@ int compute_server_confirm (pwd_session_ | |
556 | memset(cruft, 0, BN_num_bytes(session->prime)); | |
557 | offset = BN_num_bytes(session->prime) - BN_num_bytes(x); | |
558 | BN_bn2bin(x, cruft + offset); | |
559 | - H_Update(&ctx, cruft, BN_num_bytes(session->prime)); | |
560 | + H_Update(ctx, cruft, BN_num_bytes(session->prime)); | |
561 | ||
562 | memset(cruft, 0, BN_num_bytes(session->prime)); | |
563 | offset = BN_num_bytes(session->prime) - BN_num_bytes(y); | |
564 | BN_bn2bin(y, cruft + offset); | |
565 | - H_Update(&ctx, cruft, BN_num_bytes(session->prime)); | |
566 | + H_Update(ctx, cruft, BN_num_bytes(session->prime)); | |
567 | ||
568 | /* | |
569 | * and peer scalar | |
570 | @@ -498,17 +513,18 @@ int compute_server_confirm (pwd_session_ | |
571 | memset(cruft, 0, BN_num_bytes(session->prime)); | |
572 | offset = BN_num_bytes(session->order) - BN_num_bytes(session->peer_scalar); | |
573 | BN_bn2bin(session->peer_scalar, cruft + offset); | |
574 | - H_Update(&ctx, cruft, BN_num_bytes(session->order)); | |
575 | + H_Update(ctx, cruft, BN_num_bytes(session->order)); | |
576 | ||
577 | /* | |
578 | * finally, ciphersuite | |
579 | */ | |
580 | - H_Update(&ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite)); | |
581 | + H_Update(ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite)); | |
582 | ||
583 | - H_Final(&ctx, out); | |
584 | + H_Final(ctx, out); | |
585 | ||
586 | req = 0; | |
587 | finish: | |
588 | + HMAC_CTX_free(ctx); | |
589 | talloc_free(cruft); | |
590 | BN_free(x); | |
591 | BN_free(y); | |
592 | @@ -519,7 +535,7 @@ finish: | |
593 | int compute_peer_confirm (pwd_session_t *session, uint8_t *out, BN_CTX *bnctx) | |
594 | { | |
595 | BIGNUM *x = NULL, *y = NULL; | |
596 | - HMAC_CTX ctx; | |
597 | + HMAC_CTX *ctx = NULL; | |
598 | uint8_t *cruft = NULL; | |
599 | int offset, req = -1; | |
600 | ||
601 | @@ -536,7 +552,8 @@ int compute_peer_confirm (pwd_session_t | |
602 | * commit is H(k | server_element | server_scalar | peer_element | | |
603 | * peer_scalar | ciphersuite) | |
604 | */ | |
605 | - H_Init(&ctx); | |
606 | + ctx = HMAC_CTX_new(); | |
607 | + H_Init(ctx); | |
608 | ||
609 | /* | |
610 | * Zero the memory each time because this is mod prime math and some | |
611 | @@ -546,7 +563,7 @@ int compute_peer_confirm (pwd_session_t | |
612 | */ | |
613 | offset = BN_num_bytes(session->prime) - BN_num_bytes(session->k); | |
614 | BN_bn2bin(session->k, cruft + offset); | |
615 | - H_Update(&ctx, cruft, BN_num_bytes(session->prime)); | |
616 | + H_Update(ctx, cruft, BN_num_bytes(session->prime)); | |
617 | ||
618 | /* | |
619 | * then peer element: x, y | |
620 | @@ -559,12 +576,12 @@ int compute_peer_confirm (pwd_session_t | |
621 | memset(cruft, 0, BN_num_bytes(session->prime)); | |
622 | offset = BN_num_bytes(session->prime) - BN_num_bytes(x); | |
623 | BN_bn2bin(x, cruft + offset); | |
624 | - H_Update(&ctx, cruft, BN_num_bytes(session->prime)); | |
625 | + H_Update(ctx, cruft, BN_num_bytes(session->prime)); | |
626 | ||
627 | memset(cruft, 0, BN_num_bytes(session->prime)); | |
628 | offset = BN_num_bytes(session->prime) - BN_num_bytes(y); | |
629 | BN_bn2bin(y, cruft + offset); | |
630 | - H_Update(&ctx, cruft, BN_num_bytes(session->prime)); | |
631 | + H_Update(ctx, cruft, BN_num_bytes(session->prime)); | |
632 | ||
633 | /* | |
634 | * and peer scalar | |
635 | @@ -572,7 +589,7 @@ int compute_peer_confirm (pwd_session_t | |
636 | memset(cruft, 0, BN_num_bytes(session->prime)); | |
637 | offset = BN_num_bytes(session->order) - BN_num_bytes(session->peer_scalar); | |
638 | BN_bn2bin(session->peer_scalar, cruft + offset); | |
639 | - H_Update(&ctx, cruft, BN_num_bytes(session->order)); | |
640 | + H_Update(ctx, cruft, BN_num_bytes(session->order)); | |
641 | ||
642 | /* | |
643 | * then server element: x, y | |
644 | @@ -584,12 +601,12 @@ int compute_peer_confirm (pwd_session_t | |
645 | memset(cruft, 0, BN_num_bytes(session->prime)); | |
646 | offset = BN_num_bytes(session->prime) - BN_num_bytes(x); | |
647 | BN_bn2bin(x, cruft + offset); | |
648 | - H_Update(&ctx, cruft, BN_num_bytes(session->prime)); | |
649 | + H_Update(ctx, cruft, BN_num_bytes(session->prime)); | |
650 | ||
651 | memset(cruft, 0, BN_num_bytes(session->prime)); | |
652 | offset = BN_num_bytes(session->prime) - BN_num_bytes(y); | |
653 | BN_bn2bin(y, cruft + offset); | |
654 | - H_Update(&ctx, cruft, BN_num_bytes(session->prime)); | |
655 | + H_Update(ctx, cruft, BN_num_bytes(session->prime)); | |
656 | ||
657 | /* | |
658 | * and server scalar | |
659 | @@ -597,17 +614,18 @@ int compute_peer_confirm (pwd_session_t | |
660 | memset(cruft, 0, BN_num_bytes(session->prime)); | |
661 | offset = BN_num_bytes(session->order) - BN_num_bytes(session->my_scalar); | |
662 | BN_bn2bin(session->my_scalar, cruft + offset); | |
663 | - H_Update(&ctx, cruft, BN_num_bytes(session->order)); | |
664 | + H_Update(ctx, cruft, BN_num_bytes(session->order)); | |
665 | ||
666 | /* | |
667 | * finally, ciphersuite | |
668 | */ | |
669 | - H_Update(&ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite)); | |
670 | + H_Update(ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite)); | |
671 | ||
672 | - H_Final(&ctx, out); | |
673 | + H_Final(ctx, out); | |
674 | ||
675 | req = 0; | |
676 | finish: | |
677 | + HMAC_CTX_free(ctx); | |
678 | talloc_free(cruft); | |
679 | BN_free(x); | |
680 | BN_free(y); | |
681 | @@ -617,7 +635,7 @@ finish: | |
682 | ||
683 | int compute_keys (pwd_session_t *session, uint8_t *peer_confirm, uint8_t *msk, uint8_t *emsk) | |
684 | { | |
685 | - HMAC_CTX ctx; | |
686 | + HMAC_CTX *ctx; | |
687 | uint8_t mk[SHA256_DIGEST_LENGTH], *cruft; | |
688 | uint8_t session_id[SHA256_DIGEST_LENGTH + 1]; | |
689 | uint8_t msk_emsk[128]; /* 64 each */ | |
690 | @@ -628,36 +646,38 @@ int compute_keys (pwd_session_t *session | |
691 | return -1; | |
692 | } | |
693 | ||
694 | + ctx = HMAC_CTX_new(); | |
695 | + | |
696 | /* | |
697 | * first compute the session-id = TypeCode | H(ciphersuite | scal_p | | |
698 | * scal_s) | |
699 | */ | |
700 | session_id[0] = PW_EAP_PWD; | |
701 | - H_Init(&ctx); | |
702 | - H_Update(&ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite)); | |
703 | + H_Init(ctx); | |
704 | + H_Update(ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite)); | |
705 | offset = BN_num_bytes(session->order) - BN_num_bytes(session->peer_scalar); | |
706 | memset(cruft, 0, BN_num_bytes(session->prime)); | |
707 | BN_bn2bin(session->peer_scalar, cruft + offset); | |
708 | - H_Update(&ctx, cruft, BN_num_bytes(session->order)); | |
709 | + H_Update(ctx, cruft, BN_num_bytes(session->order)); | |
710 | offset = BN_num_bytes(session->order) - BN_num_bytes(session->my_scalar); | |
711 | memset(cruft, 0, BN_num_bytes(session->prime)); | |
712 | BN_bn2bin(session->my_scalar, cruft + offset); | |
713 | - H_Update(&ctx, cruft, BN_num_bytes(session->order)); | |
714 | - H_Final(&ctx, (uint8_t *)&session_id[1]); | |
715 | + H_Update(ctx, cruft, BN_num_bytes(session->order)); | |
716 | + H_Final(ctx, (uint8_t *)&session_id[1]); | |
717 | ||
718 | /* then compute MK = H(k | commit-peer | commit-server) */ | |
719 | - H_Init(&ctx); | |
720 | + H_Init(ctx); | |
721 | ||
722 | memset(cruft, 0, BN_num_bytes(session->prime)); | |
723 | offset = BN_num_bytes(session->prime) - BN_num_bytes(session->k); | |
724 | BN_bn2bin(session->k, cruft + offset); | |
725 | - H_Update(&ctx, cruft, BN_num_bytes(session->prime)); | |
726 | + H_Update(ctx, cruft, BN_num_bytes(session->prime)); | |
727 | ||
728 | - H_Update(&ctx, peer_confirm, SHA256_DIGEST_LENGTH); | |
729 | + H_Update(ctx, peer_confirm, SHA256_DIGEST_LENGTH); | |
730 | ||
731 | - H_Update(&ctx, session->my_confirm, SHA256_DIGEST_LENGTH); | |
732 | + H_Update(ctx, session->my_confirm, SHA256_DIGEST_LENGTH); | |
733 | ||
734 | - H_Final(&ctx, mk); | |
735 | + H_Final(ctx, mk); | |
736 | ||
737 | /* stretch the mk with the session-id to get MSK | EMSK */ | |
738 | eap_pwd_kdf(mk, SHA256_DIGEST_LENGTH, (char const *)session_id, | |
739 | @@ -666,6 +686,7 @@ int compute_keys (pwd_session_t *session | |
740 | memcpy(msk, msk_emsk, 64); | |
741 | memcpy(emsk, msk_emsk + 64, 64); | |
742 | ||
743 | + HMAC_CTX_free(ctx); | |
744 | talloc_free(cruft); | |
745 | return 0; | |
746 | } | |
747 | Index: freeradius-new/src/modules/rlm_eap/libeap/mppe_keys.c | |
748 | =================================================================== | |
749 | --- freeradius-new.orig/src/modules/rlm_eap/libeap/mppe_keys.c | |
750 | +++ freeradius-new/src/modules/rlm_eap/libeap/mppe_keys.c | |
751 | @@ -37,51 +37,51 @@ static void P_hash(EVP_MD const *evp_md, | |
752 | unsigned char const *seed, unsigned int seed_len, | |
753 | unsigned char *out, unsigned int out_len) | |
754 | { | |
755 | - HMAC_CTX ctx_a, ctx_out; | |
756 | + HMAC_CTX *ctx_a, *ctx_out; | |
757 | unsigned char a[HMAC_MAX_MD_CBLOCK]; | |
758 | unsigned int size; | |
759 | ||
760 | - HMAC_CTX_init(&ctx_a); | |
761 | - HMAC_CTX_init(&ctx_out); | |
762 | + ctx_a = HMAC_CTX_new(); | |
763 | + ctx_out = HMAC_CTX_new(); | |
764 | #ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW | |
765 | - HMAC_CTX_set_flags(&ctx_a, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | |
766 | - HMAC_CTX_set_flags(&ctx_out, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | |
767 | + HMAC_CTX_set_flags(ctx_a, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | |
768 | + HMAC_CTX_set_flags(ctx_out, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | |
769 | #endif | |
770 | - HMAC_Init_ex(&ctx_a, secret, secret_len, evp_md, NULL); | |
771 | - HMAC_Init_ex(&ctx_out, secret, secret_len, evp_md, NULL); | |
772 | + HMAC_Init_ex(ctx_a, secret, secret_len, evp_md, NULL); | |
773 | + HMAC_Init_ex(ctx_out, secret, secret_len, evp_md, NULL); | |
774 | ||
775 | - size = HMAC_size(&ctx_out); | |
776 | + size = HMAC_size(ctx_out); | |
777 | ||
778 | /* Calculate A(1) */ | |
779 | - HMAC_Update(&ctx_a, seed, seed_len); | |
780 | - HMAC_Final(&ctx_a, a, NULL); | |
781 | + HMAC_Update(ctx_a, seed, seed_len); | |
782 | + HMAC_Final(ctx_a, a, NULL); | |
783 | ||
784 | while (1) { | |
785 | /* Calculate next part of output */ | |
786 | - HMAC_Update(&ctx_out, a, size); | |
787 | - HMAC_Update(&ctx_out, seed, seed_len); | |
788 | + HMAC_Update(ctx_out, a, size); | |
789 | + HMAC_Update(ctx_out, seed, seed_len); | |
790 | ||
791 | /* Check if last part */ | |
792 | if (out_len < size) { | |
793 | - HMAC_Final(&ctx_out, a, NULL); | |
794 | + HMAC_Final(ctx_out, a, NULL); | |
795 | memcpy(out, a, out_len); | |
796 | break; | |
797 | } | |
798 | ||
799 | /* Place digest in output buffer */ | |
800 | - HMAC_Final(&ctx_out, out, NULL); | |
801 | - HMAC_Init_ex(&ctx_out, NULL, 0, NULL, NULL); | |
802 | + HMAC_Final(ctx_out, out, NULL); | |
803 | + HMAC_Init_ex(ctx_out, NULL, 0, NULL, NULL); | |
804 | out += size; | |
805 | out_len -= size; | |
806 | ||
807 | /* Calculate next A(i) */ | |
808 | - HMAC_Init_ex(&ctx_a, NULL, 0, NULL, NULL); | |
809 | - HMAC_Update(&ctx_a, a, size); | |
810 | - HMAC_Final(&ctx_a, a, NULL); | |
811 | + HMAC_Init_ex(ctx_a, NULL, 0, NULL, NULL); | |
812 | + HMAC_Update(ctx_a, a, size); | |
813 | + HMAC_Final(ctx_a, a, NULL); | |
814 | } | |
815 | ||
816 | - HMAC_CTX_cleanup(&ctx_a); | |
817 | - HMAC_CTX_cleanup(&ctx_out); | |
818 | + HMAC_CTX_free(ctx_a); | |
819 | + HMAC_CTX_free(ctx_out); | |
820 | memset(a, 0, sizeof(a)); | |
821 | } | |
822 | ||
823 | @@ -263,19 +263,37 @@ void eap_fast_tls_gen_challenge(SSL *s, | |
824 | uint8_t seed[128 + 2*SSL3_RANDOM_SIZE]; | |
825 | uint8_t *p = seed; | |
826 | size_t len; | |
827 | + const SSL_SESSION *session = SSL_get_session(s); | |
828 | ||
829 | len = strlen(prf_label); | |
830 | if (len > 128) len = 128; | |
831 | ||
832 | memcpy(p, prf_label, len); | |
833 | p += len; | |
834 | +#ifdef HAVE_SSL_GET_CLIENT_RANDOM | |
835 | + SSL_get_server_random(s, p, SSL3_RANDOM_SIZE); | |
836 | +#else | |
837 | memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE); | |
838 | +#endif | |
839 | p += SSL3_RANDOM_SIZE; | |
840 | +#ifdef HAVE_SSL_GET_CLIENT_RANDOM | |
841 | + SSL_get_client_random(s, p, SSL3_RANDOM_SIZE); | |
842 | +#else | |
843 | memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE); | |
844 | +#endif | |
845 | p += SSL3_RANDOM_SIZE; | |
846 | ||
847 | +#if OPENSSL_VERSION_NUMBER >= 0x10100000L | |
848 | + const size_t master_key_len = SSL_SESSION_get_master_key(session, NULL, 0); | |
849 | + uint8_t *master_key = talloc_zero_size(NULL, master_key_len); | |
850 | + SSL_SESSION_get_master_key(session, master_key, master_key_len); | |
851 | + PRF(master_key, master_key_len, | |
852 | + seed, p - seed, buffer, scratch, size); | |
853 | + talloc_free(master_key); | |
854 | +#else | |
855 | PRF(s->session->master_key, s->session->master_key_length, | |
856 | seed, p - seed, buffer, scratch, size); | |
857 | +#endif | |
858 | } | |
859 | ||
860 | ||
861 | Index: freeradius-new/src/include/tls-h | |
862 | =================================================================== | |
863 | --- freeradius-new.orig/src/include/tls-h | |
864 | +++ freeradius-new/src/include/tls-h | |
865 | @@ -46,6 +46,23 @@ RCSIDH(tls_h, "$Id: 9142b91e2a7d39011331 | |
866 | extern "C" { | |
867 | #endif | |
868 | ||
869 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
870 | +static inline HMAC_CTX *HMAC_CTX_new(void) | |
871 | +{ | |
872 | + HMAC_CTX *ctx; | |
873 | + ctx = talloc(NULL, HMAC_CTX); | |
874 | + HMAC_CTX_init(ctx); | |
875 | + return ctx; | |
876 | +} | |
877 | +# define HMAC_CTX_free(_ctx) \ | |
878 | +do {\ | |
879 | + if (_ctx) {\ | |
880 | + memset(_ctx, 0, sizeof(*_ctx));\ | |
881 | + talloc_free(_ctx);\ | |
882 | + }\ | |
883 | +} while (0) | |
884 | +#endif | |
885 | + | |
886 | typedef struct fr_tls_server_conf_t fr_tls_server_conf_t; | |
887 | ||
888 | typedef enum { | |
889 | Index: freeradius-new/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c | |
890 | =================================================================== | |
891 | --- freeradius-new.orig/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c | |
892 | +++ freeradius-new/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c | |
893 | @@ -206,8 +206,8 @@ static int _session_secret(SSL *s, void | |
894 | #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) | |
895 | eap_fast_session_ticket(tls_session, s->s3->client_random, s->s3->server_random, secret, secret_len); | |
896 | #else | |
897 | - uint8_t const client_random[SSL3_RANDOM_SIZE]; | |
898 | - uint8_t const server_random[SSL3_RANDOM_SIZE]; | |
899 | + uint8_t client_random[SSL3_RANDOM_SIZE]; | |
900 | + uint8_t server_random[SSL3_RANDOM_SIZE]; | |
901 | ||
902 | SSL_get_client_random(s, client_random, sizeof(client_random)); | |
903 | SSL_get_server_random(s, server_random, sizeof(server_random)); |