Codebase list freeradius / 78b8a9e
drop debian/patches/openssl-1.1.diff (merged upstream) Michael Stapelberg 6 years ago
2 changed file(s) with 0 addition(s) and 905 deletion(s). Raw diff Collapse all Expand all
+0
-904
debian/patches/openssl-1.1.diff less more
0 Description: largely backported from FreeRADIUS 4.x, rest forwarded
1 Author: Michael Stapelberg <stapelberg@debian.org>
2 Forwarded: not-needed
3 Last-Update: 2016-11-04
4
5 ---
6
7 Index: freeradius-new/src/main/tls.c
8 ===================================================================
9 --- freeradius-new.orig/src/main/tls.c
10 +++ freeradius-new/src/main/tls.c
11 @@ -1910,7 +1910,9 @@ int cbtls_verify(int ok, X509_STORE_CTX
12 char cn_str[1024];
13 char buf[64];
14 X509 *client_cert;
15 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
16 X509_CINF *client_inf;
17 +#endif
18 STACK_OF(X509_EXTENSION) *ext_list;
19 SSL *ssl;
20 int err, depth, lookup, loc;
21 @@ -2016,7 +2018,7 @@ int cbtls_verify(int ok, X509_STORE_CTX
22 rdebug_pair(L_DBG_LVL_2, request, vp, NULL);
23 }
24
25 - X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), issuer,
26 + X509_NAME_oneline(X509_get_issuer_name(client_cert), issuer,
27 sizeof(issuer));
28 issuer[sizeof(issuer) - 1] = '\0';
29 if (certs && identity && (lookup <= 1) && issuer[0]) {
30 @@ -2109,8 +2111,12 @@ int cbtls_verify(int ok, X509_STORE_CTX
31 }
32
33 if (lookup == 0) {
34 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
35 + ext_list = X509_get0_extensions(client_cert);
36 +#else
37 client_inf = client_cert->cert_info;
38 ext_list = client_inf->extensions;
39 +#endif
40 } else {
41 ext_list = NULL;
42 }
43 @@ -2170,7 +2176,7 @@ int cbtls_verify(int ok, X509_STORE_CTX
44
45 REXDENT();
46
47 - switch (ctx->error) {
48 + switch (X509_STORE_CTX_get_error(ctx)) {
49 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
50 RERROR("issuer=%s", issuer);
51 break;
52 Index: freeradius-new/src/modules/rlm_otp/otp_radstate.c
53 ===================================================================
54 --- freeradius-new.orig/src/modules/rlm_otp/otp_radstate.c
55 +++ freeradius-new/src/modules/rlm_otp/otp_radstate.c
56 @@ -110,7 +110,7 @@ size_t otp_gen_state(char state[OTP_MAX_
57 size_t clen,
58 int32_t flags, int32_t when, uint8_t const key[16])
59 {
60 - HMAC_CTX hmac_ctx;
61 + HMAC_CTX *hmac_ctx;
62 uint8_t hmac[MD5_DIGEST_LENGTH];
63 char *p;
64
65 @@ -120,12 +120,13 @@ size_t otp_gen_state(char state[OTP_MAX_
66 * having to collect the data to be signed into one
67 * contiguous piece.
68 */
69 - HMAC_Init(&hmac_ctx, key, sizeof(key[0]) * 16, EVP_md5());
70 - HMAC_Update(&hmac_ctx, (uint8_t const *) challenge, clen);
71 - HMAC_Update(&hmac_ctx, (uint8_t *) &flags, 4);
72 - HMAC_Update(&hmac_ctx, (uint8_t *) &when, 4);
73 - HMAC_Final(&hmac_ctx, hmac, NULL);
74 - HMAC_cleanup(&hmac_ctx);
75 + hmac_ctx = HMAC_CTX_new();
76 + HMAC_Init_ex(hmac_ctx, key, sizeof(key[0]) * 16, EVP_md5(), NULL);
77 + HMAC_Update(hmac_ctx, (uint8_t const *) challenge, clen);
78 + HMAC_Update(hmac_ctx, (uint8_t *) &flags, 4);
79 + HMAC_Update(hmac_ctx, (uint8_t *) &when, 4);
80 + HMAC_Final(hmac_ctx, hmac, NULL);
81 + HMAC_CTX_free(hmac_ctx);
82
83 /*
84 * Generate the state.
85 Index: freeradius-new/src/modules/rlm_wimax/rlm_wimax.c
86 ===================================================================
87 --- freeradius-new.orig/src/modules/rlm_wimax/rlm_wimax.c
88 +++ freeradius-new/src/modules/rlm_wimax/rlm_wimax.c
89 @@ -122,7 +122,7 @@ static rlm_rcode_t CC_HINT(nonnull) mod_
90 rlm_wimax_t *inst = instance;
91 VALUE_PAIR *msk, *emsk, *vp;
92 VALUE_PAIR *mn_nai, *ip, *fa_rk;
93 - HMAC_CTX hmac;
94 + HMAC_CTX *hmac;
95 unsigned int rk1_len, rk2_len, rk_len;
96 uint32_t mip_spi;
97 uint8_t usage_data[24];
98 @@ -161,20 +161,20 @@ static rlm_rcode_t CC_HINT(nonnull) mod_
99 /*
100 * MIP-RK-1 = HMAC-SSHA256(EMSK, usage-data | 0x01)
101 */
102 - HMAC_CTX_init(&hmac);
103 - HMAC_Init_ex(&hmac, emsk->vp_octets, emsk->vp_length, EVP_sha256(), NULL);
104 + hmac = HMAC_CTX_new();
105 + HMAC_Init_ex(hmac, emsk->vp_octets, emsk->vp_length, EVP_sha256(), NULL);
106
107 - HMAC_Update(&hmac, &usage_data[0], sizeof(usage_data));
108 - HMAC_Final(&hmac, &mip_rk_1[0], &rk1_len);
109 + HMAC_Update(hmac, &usage_data[0], sizeof(usage_data));
110 + HMAC_Final(hmac, &mip_rk_1[0], &rk1_len);
111
112 /*
113 * MIP-RK-2 = HMAC-SSHA256(EMSK, MIP-RK-1 | usage-data | 0x01)
114 */
115 - HMAC_Init_ex(&hmac, emsk->vp_octets, emsk->vp_length, EVP_sha256(), NULL);
116 + HMAC_Init_ex(hmac, emsk->vp_octets, emsk->vp_length, EVP_sha256(), NULL);
117
118 - HMAC_Update(&hmac, (uint8_t const *) &mip_rk_1, rk1_len);
119 - HMAC_Update(&hmac, &usage_data[0], sizeof(usage_data));
120 - HMAC_Final(&hmac, &mip_rk_2[0], &rk2_len);
121 + HMAC_Update(hmac, (uint8_t const *) &mip_rk_1, rk1_len);
122 + HMAC_Update(hmac, &usage_data[0], sizeof(usage_data));
123 + HMAC_Final(hmac, &mip_rk_2[0], &rk2_len);
124
125 memcpy(mip_rk, mip_rk_1, rk1_len);
126 memcpy(mip_rk + rk1_len, mip_rk_2, rk2_len);
127 @@ -183,10 +183,10 @@ static rlm_rcode_t CC_HINT(nonnull) mod_
128 /*
129 * MIP-SPI = HMAC-SSHA256(MIP-RK, "SPI CMIP PMIP");
130 */
131 - HMAC_Init_ex(&hmac, mip_rk, rk_len, EVP_sha256(), NULL);
132 + HMAC_Init_ex(hmac, mip_rk, rk_len, EVP_sha256(), NULL);
133
134 - HMAC_Update(&hmac, (uint8_t const *) "SPI CMIP PMIP", 12);
135 - HMAC_Final(&hmac, &mip_rk_1[0], &rk1_len);
136 + HMAC_Update(hmac, (uint8_t const *) "SPI CMIP PMIP", 12);
137 + HMAC_Final(hmac, &mip_rk_1[0], &rk1_len);
138
139 /*
140 * Take the 4 most significant octets.
141 @@ -246,12 +246,12 @@ static rlm_rcode_t CC_HINT(nonnull) mod_
142 * MN-HA-PMIP4 =
143 * H(MIP-RK, "PMIP4 MN HA" | HA-IPv4 | MN-NAI);
144 */
145 - HMAC_Init_ex(&hmac, mip_rk, rk_len, EVP_sha1(), NULL);
146 + HMAC_Init_ex(hmac, mip_rk, rk_len, EVP_sha1(), NULL);
147
148 - HMAC_Update(&hmac, (uint8_t const *) "PMIP4 MN HA", 11);
149 - HMAC_Update(&hmac, (uint8_t const *) &ip->vp_ipaddr, 4);
150 - HMAC_Update(&hmac, (uint8_t const *) &mn_nai->vp_strvalue, mn_nai->vp_length);
151 - HMAC_Final(&hmac, &mip_rk_1[0], &rk1_len);
152 + HMAC_Update(hmac, (uint8_t const *) "PMIP4 MN HA", 11);
153 + HMAC_Update(hmac, (uint8_t const *) &ip->vp_ipaddr, 4);
154 + HMAC_Update(hmac, (uint8_t const *) &mn_nai->vp_strvalue, mn_nai->vp_length);
155 + HMAC_Final(hmac, &mip_rk_1[0], &rk1_len);
156
157 /*
158 * Put MN-HA-PMIP4 into WiMAX-MN-hHA-MIP4-Key
159 @@ -296,12 +296,12 @@ static rlm_rcode_t CC_HINT(nonnull) mod_
160 * MN-HA-CMIP4 =
161 * H(MIP-RK, "CMIP4 MN HA" | HA-IPv4 | MN-NAI);
162 */
163 - HMAC_Init_ex(&hmac, mip_rk, rk_len, EVP_sha1(), NULL);
164 + HMAC_Init_ex(hmac, mip_rk, rk_len, EVP_sha1(), NULL);
165
166 - HMAC_Update(&hmac, (uint8_t const *) "CMIP4 MN HA", 11);
167 - HMAC_Update(&hmac, (uint8_t const *) &ip->vp_ipaddr, 4);
168 - HMAC_Update(&hmac, (uint8_t const *) &mn_nai->vp_strvalue, mn_nai->vp_length);
169 - HMAC_Final(&hmac, &mip_rk_1[0], &rk1_len);
170 + HMAC_Update(hmac, (uint8_t const *) "CMIP4 MN HA", 11);
171 + HMAC_Update(hmac, (uint8_t const *) &ip->vp_ipaddr, 4);
172 + HMAC_Update(hmac, (uint8_t const *) &mn_nai->vp_strvalue, mn_nai->vp_length);
173 + HMAC_Final(hmac, &mip_rk_1[0], &rk1_len);
174
175 /*
176 * Put MN-HA-CMIP4 into WiMAX-MN-hHA-MIP4-Key
177 @@ -346,12 +346,12 @@ static rlm_rcode_t CC_HINT(nonnull) mod_
178 * MN-HA-CMIP6 =
179 * H(MIP-RK, "CMIP6 MN HA" | HA-IPv6 | MN-NAI);
180 */
181 - HMAC_Init_ex(&hmac, mip_rk, rk_len, EVP_sha1(), NULL);
182 + HMAC_Init_ex(hmac, mip_rk, rk_len, EVP_sha1(), NULL);
183
184 - HMAC_Update(&hmac, (uint8_t const *) "CMIP6 MN HA", 11);
185 - HMAC_Update(&hmac, (uint8_t const *) &ip->vp_ipv6addr, 16);
186 - HMAC_Update(&hmac, (uint8_t const *) &mn_nai->vp_strvalue, mn_nai->vp_length);
187 - HMAC_Final(&hmac, &mip_rk_1[0], &rk1_len);
188 + HMAC_Update(hmac, (uint8_t const *) "CMIP6 MN HA", 11);
189 + HMAC_Update(hmac, (uint8_t const *) &ip->vp_ipv6addr, 16);
190 + HMAC_Update(hmac, (uint8_t const *) &mn_nai->vp_strvalue, mn_nai->vp_length);
191 + HMAC_Final(hmac, &mip_rk_1[0], &rk1_len);
192
193 /*
194 * Put MN-HA-CMIP6 into WiMAX-MN-hHA-MIP6-Key
195 @@ -393,11 +393,11 @@ static rlm_rcode_t CC_HINT(nonnull) mod_
196 */
197 fa_rk = fr_pair_find_by_num(request->reply->vps, 14, VENDORPEC_WIMAX, TAG_ANY);
198 if (fa_rk && (fa_rk->vp_length <= 1)) {
199 - HMAC_Init_ex(&hmac, mip_rk, rk_len, EVP_sha1(), NULL);
200 + HMAC_Init_ex(hmac, mip_rk, rk_len, EVP_sha1(), NULL);
201
202 - HMAC_Update(&hmac, (uint8_t const *) "FA-RK", 5);
203 + HMAC_Update(hmac, (uint8_t const *) "FA-RK", 5);
204
205 - HMAC_Final(&hmac, &mip_rk_1[0], &rk1_len);
206 + HMAC_Final(hmac, &mip_rk_1[0], &rk1_len);
207
208 fr_pair_value_memcpy(fa_rk, &mip_rk_1[0], rk1_len);
209 }
210 @@ -451,7 +451,7 @@ static rlm_rcode_t CC_HINT(nonnull) mod_
211 /*
212 * Wipe the context of all sensitive information.
213 */
214 - HMAC_CTX_cleanup(&hmac);
215 + HMAC_CTX_free(hmac);
216
217 return RLM_MODULE_UPDATED;
218 }
219 Index: freeradius-new/src/modules/rlm_eap/types/rlm_eap_pwd/configure
220 ===================================================================
221 --- freeradius-new.orig/src/modules/rlm_eap/types/rlm_eap_pwd/configure
222 +++ freeradius-new/src/modules/rlm_eap/types/rlm_eap_pwd/configure
223 @@ -1,5 +1,5 @@
224 #! /bin/sh
225 -# From configure.ac Revision.
226 +# From src/modules/rlm_eap/types/rlm_eap_pwd/configure.ac Revision.
227 # Guess values for system-dependent variables and create Makefiles.
228 # Generated by GNU Autoconf 2.69.
229 #
230 @@ -614,6 +614,7 @@ infodir
231 docdir
232 oldincludedir
233 includedir
234 +runstatedir
235 localstatedir
236 sharedstatedir
237 sysconfdir
238 @@ -685,6 +686,7 @@ datadir='${datarootdir}'
239 sysconfdir='${prefix}/etc'
240 sharedstatedir='${prefix}/com'
241 localstatedir='${prefix}/var'
242 +runstatedir='${localstatedir}/run'
243 includedir='${prefix}/include'
244 oldincludedir='/usr/include'
245 docdir='${datarootdir}/doc/${PACKAGE}'
246 @@ -937,6 +939,15 @@ do
247 | -silent | --silent | --silen | --sile | --sil)
248 silent=yes ;;
249
250 + -runstatedir | --runstatedir | --runstatedi | --runstated \
251 + | --runstate | --runstat | --runsta | --runst | --runs \
252 + | --run | --ru | --r)
253 + ac_prev=runstatedir ;;
254 + -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
255 + | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
256 + | --run=* | --ru=* | --r=*)
257 + runstatedir=$ac_optarg ;;
258 +
259 -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
260 ac_prev=sbindir ;;
261 -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
262 @@ -1074,7 +1085,7 @@ fi
263 for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
264 datadir sysconfdir sharedstatedir localstatedir includedir \
265 oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
266 - libdir localedir mandir
267 + libdir localedir mandir runstatedir
268 do
269 eval ac_val=\$$ac_var
270 # Remove trailing slashes.
271 @@ -1227,6 +1238,7 @@ Fine tuning of the installation director
272 --sysconfdir=DIR read-only single-machine data [PREFIX/etc]
273 --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
274 --localstatedir=DIR modifiable single-machine data [PREFIX/var]
275 + --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
276 --libdir=DIR object code libraries [EPREFIX/lib]
277 --includedir=DIR C header files [PREFIX/include]
278 --oldincludedir=DIR C header files for non-gcc [/usr/include]
279 @@ -2917,7 +2929,7 @@ smart_prefix=
280
281
282 sm_lib_safe=`echo "crypto" | sed 'y%./+-%__p_%'`
283 -sm_func_safe=`echo "EVP_cleanup" | sed 'y%./+-%__p_%'`
284 +sm_func_safe=`echo "EVP_PKEY_new" | sed 'y%./+-%__p_%'`
285
286 old_LIBS="$LIBS"
287 old_CPPFLAGS="$CPPFLAGS"
288 @@ -2927,17 +2939,17 @@ smart_lib_dir=
289
290 if test "x$smart_try_dir" != "x"; then
291 for try in $smart_try_dir; do
292 - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_cleanup in -lcrypto in $try" >&5
293 -$as_echo_n "checking for EVP_cleanup in -lcrypto in $try... " >&6; }
294 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_PKEY_new in -lcrypto in $try" >&5
295 +$as_echo_n "checking for EVP_PKEY_new in -lcrypto in $try... " >&6; }
296 LIBS="-lcrypto $old_LIBS"
297 CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
298 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
299 /* end confdefs.h. */
300 -extern char EVP_cleanup();
301 +extern char EVP_PKEY_new();
302 int
303 main ()
304 {
305 -EVP_cleanup()
306 +EVP_PKEY_new()
307 ;
308 return 0;
309 }
310 @@ -2962,16 +2974,16 @@ rm -f core conftest.err conftest.$ac_obj
311 fi
312
313 if test "x$smart_lib" = "x"; then
314 - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_cleanup in -lcrypto" >&5
315 -$as_echo_n "checking for EVP_cleanup in -lcrypto... " >&6; }
316 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_PKEY_new in -lcrypto" >&5
317 +$as_echo_n "checking for EVP_PKEY_new in -lcrypto... " >&6; }
318 LIBS="-lcrypto $old_LIBS"
319 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
320 /* end confdefs.h. */
321 -extern char EVP_cleanup();
322 +extern char EVP_PKEY_new();
323 int
324 main ()
325 {
326 -EVP_cleanup()
327 +EVP_PKEY_new()
328 ;
329 return 0;
330 }
331 @@ -3048,17 +3060,17 @@ eval "smart_lib_dir=\"\$smart_lib_dir $D
332
333
334 for try in $smart_lib_dir /usr/local/lib /opt/lib; do
335 - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_cleanup in -lcrypto in $try" >&5
336 -$as_echo_n "checking for EVP_cleanup in -lcrypto in $try... " >&6; }
337 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_PKEY_new in -lcrypto in $try" >&5
338 +$as_echo_n "checking for EVP_PKEY_new in -lcrypto in $try... " >&6; }
339 LIBS="-lcrypto $old_LIBS"
340 CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
341 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
342 /* end confdefs.h. */
343 -extern char EVP_cleanup();
344 +extern char EVP_PKEY_new();
345 int
346 main ()
347 {
348 -EVP_cleanup()
349 +EVP_PKEY_new()
350 ;
351 return 0;
352 }
353 @@ -3088,7 +3100,7 @@ if test "x$smart_lib" != "x"; then
354 SMART_LIBS="$smart_ldflags $smart_lib $SMART_LIBS"
355 fi
356
357 - if test "x$ac_cv_lib_crypto_EVP_cleanup" != "xyes"; then
358 + if test "x$ac_cv_lib_crypto_EVP_PKEY_new" != "xyes"; then
359 fail="libssl"
360 else
361 for ac_func in EVP_sha256
362 Index: freeradius-new/src/modules/rlm_eap/types/rlm_eap_pwd/configure.ac
363 ===================================================================
364 --- freeradius-new.orig/src/modules/rlm_eap/types/rlm_eap_pwd/configure.ac
365 +++ freeradius-new/src/modules/rlm_eap/types/rlm_eap_pwd/configure.ac
366 @@ -60,8 +60,8 @@ if test x$with_[]modname != xno; then
367 fi
368
369 smart_try_dir=$openssl_lib_dir
370 - FR_SMART_CHECK_LIB(crypto, EVP_cleanup)
371 - if test "x$ac_cv_lib_crypto_EVP_cleanup" != "xyes"; then
372 + FR_SMART_CHECK_LIB(crypto, EVP_PKEY_new)
373 + if test "x$ac_cv_lib_crypto_EVP_PKEY_new" != "xyes"; then
374 fail="libssl"
375 else
376 AC_CHECK_FUNCS(EVP_sha256)
377 Index: freeradius-new/src/modules/rlm_eap/types/rlm_eap_pwd/eap_pwd.c
378 ===================================================================
379 --- freeradius-new.orig/src/modules/rlm_eap/types/rlm_eap_pwd/eap_pwd.c
380 +++ freeradius-new/src/modules/rlm_eap/types/rlm_eap_pwd/eap_pwd.c
381 @@ -45,7 +45,7 @@ static void H_Init(HMAC_CTX *ctx)
382 uint8_t allzero[SHA256_DIGEST_LENGTH];
383
384 memset(allzero, 0, SHA256_DIGEST_LENGTH);
385 - HMAC_Init(ctx, allzero, SHA256_DIGEST_LENGTH, EVP_sha256());
386 + HMAC_Init_ex(ctx, allzero, SHA256_DIGEST_LENGTH, EVP_sha256(), NULL);
387 }
388
389 static void H_Update(HMAC_CTX *ctx, uint8_t const *data, int len)
390 @@ -58,39 +58,49 @@ static void H_Final(HMAC_CTX *ctx, uint8
391 unsigned int mdlen = SHA256_DIGEST_LENGTH;
392
393 HMAC_Final(ctx, digest, &mdlen);
394 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
395 + HMAC_CTX_reset(ctx);
396 +#else
397 HMAC_CTX_cleanup(ctx);
398 +#endif
399 }
400
401 /* a counter-based KDF based on NIST SP800-108 */
402 static void eap_pwd_kdf(uint8_t *key, int keylen, char const *label, int labellen, uint8_t *result, int resultbitlen)
403 {
404 - HMAC_CTX hctx;
405 + HMAC_CTX *hctx;
406 uint8_t digest[SHA256_DIGEST_LENGTH];
407 uint16_t i, ctr, L;
408 int resultbytelen, len = 0;
409 unsigned int mdlen = SHA256_DIGEST_LENGTH;
410 uint8_t mask = 0xff;
411
412 + hctx = HMAC_CTX_new();
413 +
414 resultbytelen = (resultbitlen + 7)/8;
415 ctr = 0;
416 L = htons(resultbitlen);
417 while (len < resultbytelen) {
418 ctr++; i = htons(ctr);
419 - HMAC_Init(&hctx, key, keylen, EVP_sha256());
420 + HMAC_Init_ex(hctx, key, keylen, EVP_sha256(), NULL);
421 if (ctr > 1) {
422 - HMAC_Update(&hctx, digest, mdlen);
423 + HMAC_Update(hctx, digest, mdlen);
424 }
425 - HMAC_Update(&hctx, (uint8_t *) &i, sizeof(uint16_t));
426 - HMAC_Update(&hctx, (uint8_t const *)label, labellen);
427 - HMAC_Update(&hctx, (uint8_t *) &L, sizeof(uint16_t));
428 - HMAC_Final(&hctx, digest, &mdlen);
429 + HMAC_Update(hctx, (uint8_t *) &i, sizeof(uint16_t));
430 + HMAC_Update(hctx, (uint8_t const *)label, labellen);
431 + HMAC_Update(hctx, (uint8_t *) &L, sizeof(uint16_t));
432 + HMAC_Final(hctx, digest, &mdlen);
433 if ((len + (int) mdlen) > resultbytelen) {
434 memcpy(result + len, digest, resultbytelen - len);
435 } else {
436 memcpy(result + len, digest, mdlen);
437 }
438 len += mdlen;
439 - HMAC_CTX_cleanup(&hctx);
440 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
441 + HMAC_CTX_reset(hctx);
442 +#else
443 + HMAC_CTX_cleanup(hctx);
444 +#endif
445 }
446
447 /* since we're expanding to a bit length, mask off the excess */
448 @@ -98,6 +108,8 @@ static void eap_pwd_kdf(uint8_t *key, in
449 mask <<= (8 - (resultbitlen % 8));
450 result[resultbytelen - 1] &= mask;
451 }
452 +
453 + HMAC_CTX_free(hctx);
454 }
455
456 int compute_password_element (pwd_session_t *session, uint16_t grp_num,
457 @@ -107,7 +119,7 @@ int compute_password_element (pwd_sessio
458 uint32_t *token)
459 {
460 BIGNUM *x_candidate = NULL, *rnd = NULL, *cofactor = NULL;
461 - HMAC_CTX ctx;
462 + HMAC_CTX *ctx = NULL;
463 uint8_t pwe_digest[SHA256_DIGEST_LENGTH], *prfbuf = NULL, ctr;
464 int nid, is_odd, primebitlen, primebytelen, ret = 0;
465
466 @@ -177,6 +189,7 @@ int compute_password_element (pwd_sessio
467 DEBUG("unable to alloc space for prf buffer");
468 goto fail;
469 }
470 + ctx = HMAC_CTX_new();
471 ctr = 0;
472 while (1) {
473 if (ctr > 10) {
474 @@ -190,13 +203,13 @@ int compute_password_element (pwd_sessio
475 * pwd-seed = H(token | peer-id | server-id | password |
476 * counter)
477 */
478 - H_Init(&ctx);
479 - H_Update(&ctx, (uint8_t *)token, sizeof(*token));
480 - H_Update(&ctx, (uint8_t const *)id_peer, id_peer_len);
481 - H_Update(&ctx, (uint8_t const *)id_server, id_server_len);
482 - H_Update(&ctx, (uint8_t const *)password, password_len);
483 - H_Update(&ctx, (uint8_t *)&ctr, sizeof(ctr));
484 - H_Final(&ctx, pwe_digest);
485 + H_Init(ctx);
486 + H_Update(ctx, (uint8_t *)token, sizeof(*token));
487 + H_Update(ctx, (uint8_t const *)id_peer, id_peer_len);
488 + H_Update(ctx, (uint8_t const *)id_server, id_server_len);
489 + H_Update(ctx, (uint8_t const *)password, password_len);
490 + H_Update(ctx, (uint8_t *)&ctr, sizeof(ctr));
491 + H_Final(ctx, pwe_digest);
492
493 BN_bin2bn(pwe_digest, SHA256_DIGEST_LENGTH, rnd);
494 eap_pwd_kdf(pwe_digest, SHA256_DIGEST_LENGTH, "EAP-pwd Hunting And Pecking",
495 @@ -262,6 +275,7 @@ int compute_password_element (pwd_sessio
496 }
497
498 /* cleanliness and order.... */
499 + HMAC_CTX_free(ctx);
500 BN_clear_free(cofactor);
501 BN_clear_free(x_candidate);
502 BN_clear_free(rnd);
503 @@ -420,7 +434,7 @@ finish:
504 int compute_server_confirm (pwd_session_t *session, uint8_t *out, BN_CTX *bnctx)
505 {
506 BIGNUM *x = NULL, *y = NULL;
507 - HMAC_CTX ctx;
508 + HMAC_CTX *ctx = NULL;
509 uint8_t *cruft = NULL;
510 int offset, req = -1;
511
512 @@ -437,7 +451,8 @@ int compute_server_confirm (pwd_session_
513 * commit is H(k | server_element | server_scalar | peer_element |
514 * peer_scalar | ciphersuite)
515 */
516 - H_Init(&ctx);
517 + ctx = HMAC_CTX_new();
518 + H_Init(ctx);
519
520 /*
521 * Zero the memory each time because this is mod prime math and some
522 @@ -447,7 +462,7 @@ int compute_server_confirm (pwd_session_
523 */
524 offset = BN_num_bytes(session->prime) - BN_num_bytes(session->k);
525 BN_bn2bin(session->k, cruft + offset);
526 - H_Update(&ctx, cruft, BN_num_bytes(session->prime));
527 + H_Update(ctx, cruft, BN_num_bytes(session->prime));
528
529 /*
530 * next is server element: x, y
531 @@ -459,12 +474,12 @@ int compute_server_confirm (pwd_session_
532 memset(cruft, 0, BN_num_bytes(session->prime));
533 offset = BN_num_bytes(session->prime) - BN_num_bytes(x);
534 BN_bn2bin(x, cruft + offset);
535 - H_Update(&ctx, cruft, BN_num_bytes(session->prime));
536 + H_Update(ctx, cruft, BN_num_bytes(session->prime));
537
538 memset(cruft, 0, BN_num_bytes(session->prime));
539 offset = BN_num_bytes(session->prime) - BN_num_bytes(y);
540 BN_bn2bin(y, cruft + offset);
541 - H_Update(&ctx, cruft, BN_num_bytes(session->prime));
542 + H_Update(ctx, cruft, BN_num_bytes(session->prime));
543
544 /*
545 * and server scalar
546 @@ -472,7 +487,7 @@ int compute_server_confirm (pwd_session_
547 memset(cruft, 0, BN_num_bytes(session->prime));
548 offset = BN_num_bytes(session->order) - BN_num_bytes(session->my_scalar);
549 BN_bn2bin(session->my_scalar, cruft + offset);
550 - H_Update(&ctx, cruft, BN_num_bytes(session->order));
551 + H_Update(ctx, cruft, BN_num_bytes(session->order));
552
553 /*
554 * next is peer element: x, y
555 @@ -485,12 +500,12 @@ int compute_server_confirm (pwd_session_
556 memset(cruft, 0, BN_num_bytes(session->prime));
557 offset = BN_num_bytes(session->prime) - BN_num_bytes(x);
558 BN_bn2bin(x, cruft + offset);
559 - H_Update(&ctx, cruft, BN_num_bytes(session->prime));
560 + H_Update(ctx, cruft, BN_num_bytes(session->prime));
561
562 memset(cruft, 0, BN_num_bytes(session->prime));
563 offset = BN_num_bytes(session->prime) - BN_num_bytes(y);
564 BN_bn2bin(y, cruft + offset);
565 - H_Update(&ctx, cruft, BN_num_bytes(session->prime));
566 + H_Update(ctx, cruft, BN_num_bytes(session->prime));
567
568 /*
569 * and peer scalar
570 @@ -498,17 +513,18 @@ int compute_server_confirm (pwd_session_
571 memset(cruft, 0, BN_num_bytes(session->prime));
572 offset = BN_num_bytes(session->order) - BN_num_bytes(session->peer_scalar);
573 BN_bn2bin(session->peer_scalar, cruft + offset);
574 - H_Update(&ctx, cruft, BN_num_bytes(session->order));
575 + H_Update(ctx, cruft, BN_num_bytes(session->order));
576
577 /*
578 * finally, ciphersuite
579 */
580 - H_Update(&ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite));
581 + H_Update(ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite));
582
583 - H_Final(&ctx, out);
584 + H_Final(ctx, out);
585
586 req = 0;
587 finish:
588 + HMAC_CTX_free(ctx);
589 talloc_free(cruft);
590 BN_free(x);
591 BN_free(y);
592 @@ -519,7 +535,7 @@ finish:
593 int compute_peer_confirm (pwd_session_t *session, uint8_t *out, BN_CTX *bnctx)
594 {
595 BIGNUM *x = NULL, *y = NULL;
596 - HMAC_CTX ctx;
597 + HMAC_CTX *ctx = NULL;
598 uint8_t *cruft = NULL;
599 int offset, req = -1;
600
601 @@ -536,7 +552,8 @@ int compute_peer_confirm (pwd_session_t
602 * commit is H(k | server_element | server_scalar | peer_element |
603 * peer_scalar | ciphersuite)
604 */
605 - H_Init(&ctx);
606 + ctx = HMAC_CTX_new();
607 + H_Init(ctx);
608
609 /*
610 * Zero the memory each time because this is mod prime math and some
611 @@ -546,7 +563,7 @@ int compute_peer_confirm (pwd_session_t
612 */
613 offset = BN_num_bytes(session->prime) - BN_num_bytes(session->k);
614 BN_bn2bin(session->k, cruft + offset);
615 - H_Update(&ctx, cruft, BN_num_bytes(session->prime));
616 + H_Update(ctx, cruft, BN_num_bytes(session->prime));
617
618 /*
619 * then peer element: x, y
620 @@ -559,12 +576,12 @@ int compute_peer_confirm (pwd_session_t
621 memset(cruft, 0, BN_num_bytes(session->prime));
622 offset = BN_num_bytes(session->prime) - BN_num_bytes(x);
623 BN_bn2bin(x, cruft + offset);
624 - H_Update(&ctx, cruft, BN_num_bytes(session->prime));
625 + H_Update(ctx, cruft, BN_num_bytes(session->prime));
626
627 memset(cruft, 0, BN_num_bytes(session->prime));
628 offset = BN_num_bytes(session->prime) - BN_num_bytes(y);
629 BN_bn2bin(y, cruft + offset);
630 - H_Update(&ctx, cruft, BN_num_bytes(session->prime));
631 + H_Update(ctx, cruft, BN_num_bytes(session->prime));
632
633 /*
634 * and peer scalar
635 @@ -572,7 +589,7 @@ int compute_peer_confirm (pwd_session_t
636 memset(cruft, 0, BN_num_bytes(session->prime));
637 offset = BN_num_bytes(session->order) - BN_num_bytes(session->peer_scalar);
638 BN_bn2bin(session->peer_scalar, cruft + offset);
639 - H_Update(&ctx, cruft, BN_num_bytes(session->order));
640 + H_Update(ctx, cruft, BN_num_bytes(session->order));
641
642 /*
643 * then server element: x, y
644 @@ -584,12 +601,12 @@ int compute_peer_confirm (pwd_session_t
645 memset(cruft, 0, BN_num_bytes(session->prime));
646 offset = BN_num_bytes(session->prime) - BN_num_bytes(x);
647 BN_bn2bin(x, cruft + offset);
648 - H_Update(&ctx, cruft, BN_num_bytes(session->prime));
649 + H_Update(ctx, cruft, BN_num_bytes(session->prime));
650
651 memset(cruft, 0, BN_num_bytes(session->prime));
652 offset = BN_num_bytes(session->prime) - BN_num_bytes(y);
653 BN_bn2bin(y, cruft + offset);
654 - H_Update(&ctx, cruft, BN_num_bytes(session->prime));
655 + H_Update(ctx, cruft, BN_num_bytes(session->prime));
656
657 /*
658 * and server scalar
659 @@ -597,17 +614,18 @@ int compute_peer_confirm (pwd_session_t
660 memset(cruft, 0, BN_num_bytes(session->prime));
661 offset = BN_num_bytes(session->order) - BN_num_bytes(session->my_scalar);
662 BN_bn2bin(session->my_scalar, cruft + offset);
663 - H_Update(&ctx, cruft, BN_num_bytes(session->order));
664 + H_Update(ctx, cruft, BN_num_bytes(session->order));
665
666 /*
667 * finally, ciphersuite
668 */
669 - H_Update(&ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite));
670 + H_Update(ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite));
671
672 - H_Final(&ctx, out);
673 + H_Final(ctx, out);
674
675 req = 0;
676 finish:
677 + HMAC_CTX_free(ctx);
678 talloc_free(cruft);
679 BN_free(x);
680 BN_free(y);
681 @@ -617,7 +635,7 @@ finish:
682
683 int compute_keys (pwd_session_t *session, uint8_t *peer_confirm, uint8_t *msk, uint8_t *emsk)
684 {
685 - HMAC_CTX ctx;
686 + HMAC_CTX *ctx;
687 uint8_t mk[SHA256_DIGEST_LENGTH], *cruft;
688 uint8_t session_id[SHA256_DIGEST_LENGTH + 1];
689 uint8_t msk_emsk[128]; /* 64 each */
690 @@ -628,36 +646,38 @@ int compute_keys (pwd_session_t *session
691 return -1;
692 }
693
694 + ctx = HMAC_CTX_new();
695 +
696 /*
697 * first compute the session-id = TypeCode | H(ciphersuite | scal_p |
698 * scal_s)
699 */
700 session_id[0] = PW_EAP_PWD;
701 - H_Init(&ctx);
702 - H_Update(&ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite));
703 + H_Init(ctx);
704 + H_Update(ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite));
705 offset = BN_num_bytes(session->order) - BN_num_bytes(session->peer_scalar);
706 memset(cruft, 0, BN_num_bytes(session->prime));
707 BN_bn2bin(session->peer_scalar, cruft + offset);
708 - H_Update(&ctx, cruft, BN_num_bytes(session->order));
709 + H_Update(ctx, cruft, BN_num_bytes(session->order));
710 offset = BN_num_bytes(session->order) - BN_num_bytes(session->my_scalar);
711 memset(cruft, 0, BN_num_bytes(session->prime));
712 BN_bn2bin(session->my_scalar, cruft + offset);
713 - H_Update(&ctx, cruft, BN_num_bytes(session->order));
714 - H_Final(&ctx, (uint8_t *)&session_id[1]);
715 + H_Update(ctx, cruft, BN_num_bytes(session->order));
716 + H_Final(ctx, (uint8_t *)&session_id[1]);
717
718 /* then compute MK = H(k | commit-peer | commit-server) */
719 - H_Init(&ctx);
720 + H_Init(ctx);
721
722 memset(cruft, 0, BN_num_bytes(session->prime));
723 offset = BN_num_bytes(session->prime) - BN_num_bytes(session->k);
724 BN_bn2bin(session->k, cruft + offset);
725 - H_Update(&ctx, cruft, BN_num_bytes(session->prime));
726 + H_Update(ctx, cruft, BN_num_bytes(session->prime));
727
728 - H_Update(&ctx, peer_confirm, SHA256_DIGEST_LENGTH);
729 + H_Update(ctx, peer_confirm, SHA256_DIGEST_LENGTH);
730
731 - H_Update(&ctx, session->my_confirm, SHA256_DIGEST_LENGTH);
732 + H_Update(ctx, session->my_confirm, SHA256_DIGEST_LENGTH);
733
734 - H_Final(&ctx, mk);
735 + H_Final(ctx, mk);
736
737 /* stretch the mk with the session-id to get MSK | EMSK */
738 eap_pwd_kdf(mk, SHA256_DIGEST_LENGTH, (char const *)session_id,
739 @@ -666,6 +686,7 @@ int compute_keys (pwd_session_t *session
740 memcpy(msk, msk_emsk, 64);
741 memcpy(emsk, msk_emsk + 64, 64);
742
743 + HMAC_CTX_free(ctx);
744 talloc_free(cruft);
745 return 0;
746 }
747 Index: freeradius-new/src/modules/rlm_eap/libeap/mppe_keys.c
748 ===================================================================
749 --- freeradius-new.orig/src/modules/rlm_eap/libeap/mppe_keys.c
750 +++ freeradius-new/src/modules/rlm_eap/libeap/mppe_keys.c
751 @@ -37,51 +37,51 @@ static void P_hash(EVP_MD const *evp_md,
752 unsigned char const *seed, unsigned int seed_len,
753 unsigned char *out, unsigned int out_len)
754 {
755 - HMAC_CTX ctx_a, ctx_out;
756 + HMAC_CTX *ctx_a, *ctx_out;
757 unsigned char a[HMAC_MAX_MD_CBLOCK];
758 unsigned int size;
759
760 - HMAC_CTX_init(&ctx_a);
761 - HMAC_CTX_init(&ctx_out);
762 + ctx_a = HMAC_CTX_new();
763 + ctx_out = HMAC_CTX_new();
764 #ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW
765 - HMAC_CTX_set_flags(&ctx_a, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
766 - HMAC_CTX_set_flags(&ctx_out, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
767 + HMAC_CTX_set_flags(ctx_a, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
768 + HMAC_CTX_set_flags(ctx_out, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
769 #endif
770 - HMAC_Init_ex(&ctx_a, secret, secret_len, evp_md, NULL);
771 - HMAC_Init_ex(&ctx_out, secret, secret_len, evp_md, NULL);
772 + HMAC_Init_ex(ctx_a, secret, secret_len, evp_md, NULL);
773 + HMAC_Init_ex(ctx_out, secret, secret_len, evp_md, NULL);
774
775 - size = HMAC_size(&ctx_out);
776 + size = HMAC_size(ctx_out);
777
778 /* Calculate A(1) */
779 - HMAC_Update(&ctx_a, seed, seed_len);
780 - HMAC_Final(&ctx_a, a, NULL);
781 + HMAC_Update(ctx_a, seed, seed_len);
782 + HMAC_Final(ctx_a, a, NULL);
783
784 while (1) {
785 /* Calculate next part of output */
786 - HMAC_Update(&ctx_out, a, size);
787 - HMAC_Update(&ctx_out, seed, seed_len);
788 + HMAC_Update(ctx_out, a, size);
789 + HMAC_Update(ctx_out, seed, seed_len);
790
791 /* Check if last part */
792 if (out_len < size) {
793 - HMAC_Final(&ctx_out, a, NULL);
794 + HMAC_Final(ctx_out, a, NULL);
795 memcpy(out, a, out_len);
796 break;
797 }
798
799 /* Place digest in output buffer */
800 - HMAC_Final(&ctx_out, out, NULL);
801 - HMAC_Init_ex(&ctx_out, NULL, 0, NULL, NULL);
802 + HMAC_Final(ctx_out, out, NULL);
803 + HMAC_Init_ex(ctx_out, NULL, 0, NULL, NULL);
804 out += size;
805 out_len -= size;
806
807 /* Calculate next A(i) */
808 - HMAC_Init_ex(&ctx_a, NULL, 0, NULL, NULL);
809 - HMAC_Update(&ctx_a, a, size);
810 - HMAC_Final(&ctx_a, a, NULL);
811 + HMAC_Init_ex(ctx_a, NULL, 0, NULL, NULL);
812 + HMAC_Update(ctx_a, a, size);
813 + HMAC_Final(ctx_a, a, NULL);
814 }
815
816 - HMAC_CTX_cleanup(&ctx_a);
817 - HMAC_CTX_cleanup(&ctx_out);
818 + HMAC_CTX_free(ctx_a);
819 + HMAC_CTX_free(ctx_out);
820 memset(a, 0, sizeof(a));
821 }
822
823 @@ -263,19 +263,37 @@ void eap_fast_tls_gen_challenge(SSL *s,
824 uint8_t seed[128 + 2*SSL3_RANDOM_SIZE];
825 uint8_t *p = seed;
826 size_t len;
827 + const SSL_SESSION *session = SSL_get_session(s);
828
829 len = strlen(prf_label);
830 if (len > 128) len = 128;
831
832 memcpy(p, prf_label, len);
833 p += len;
834 +#ifdef HAVE_SSL_GET_CLIENT_RANDOM
835 + SSL_get_server_random(s, p, SSL3_RANDOM_SIZE);
836 +#else
837 memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
838 +#endif
839 p += SSL3_RANDOM_SIZE;
840 +#ifdef HAVE_SSL_GET_CLIENT_RANDOM
841 + SSL_get_client_random(s, p, SSL3_RANDOM_SIZE);
842 +#else
843 memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
844 +#endif
845 p += SSL3_RANDOM_SIZE;
846
847 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
848 + const size_t master_key_len = SSL_SESSION_get_master_key(session, NULL, 0);
849 + uint8_t *master_key = talloc_zero_size(NULL, master_key_len);
850 + SSL_SESSION_get_master_key(session, master_key, master_key_len);
851 + PRF(master_key, master_key_len,
852 + seed, p - seed, buffer, scratch, size);
853 + talloc_free(master_key);
854 +#else
855 PRF(s->session->master_key, s->session->master_key_length,
856 seed, p - seed, buffer, scratch, size);
857 +#endif
858 }
859
860
861 Index: freeradius-new/src/include/tls-h
862 ===================================================================
863 --- freeradius-new.orig/src/include/tls-h
864 +++ freeradius-new/src/include/tls-h
865 @@ -46,6 +46,23 @@ RCSIDH(tls_h, "$Id: 9142b91e2a7d39011331
866 extern "C" {
867 #endif
868
869 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
870 +static inline HMAC_CTX *HMAC_CTX_new(void)
871 +{
872 + HMAC_CTX *ctx;
873 + ctx = talloc(NULL, HMAC_CTX);
874 + HMAC_CTX_init(ctx);
875 + return ctx;
876 +}
877 +# define HMAC_CTX_free(_ctx) \
878 +do {\
879 + if (_ctx) {\
880 + memset(_ctx, 0, sizeof(*_ctx));\
881 + talloc_free(_ctx);\
882 + }\
883 +} while (0)
884 +#endif
885 +
886 typedef struct fr_tls_server_conf_t fr_tls_server_conf_t;
887
888 typedef enum {
889 Index: freeradius-new/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c
890 ===================================================================
891 --- freeradius-new.orig/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c
892 +++ freeradius-new/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c
893 @@ -206,8 +206,8 @@ static int _session_secret(SSL *s, void
894 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
895 eap_fast_session_ticket(tls_session, s->s3->client_random, s->s3->server_random, secret, secret_len);
896 #else
897 - uint8_t const client_random[SSL3_RANDOM_SIZE];
898 - uint8_t const server_random[SSL3_RANDOM_SIZE];
899 + uint8_t client_random[SSL3_RANDOM_SIZE];
900 + uint8_t server_random[SSL3_RANDOM_SIZE];
901
902 SSL_get_client_random(s, client_random, sizeof(client_random));
903 SSL_get_server_random(s, server_random, sizeof(server_random));
+0
-1
debian/patches/series less more
66 spelling-fixes.diff
77 dont-install-tests.diff
88 mkdirp.diff
9 openssl-1.1.diff
109 snakeoil-certs.diff
1110 manpage-fixes.diff