aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKazuki Yamaguchi <k@rhe.jp>2016-04-20 13:13:45 +0900
committerKazuki Yamaguchi <k@rhe.jp>2016-04-27 23:07:41 +0900
commit13b33a2163ed52d4683f3901ed1f90ad93aa8474 (patch)
tree230d27d352d2955c4d1058232ec6f342ccb21159
parent435fe7bdd0980e3fdb5483986a784fa2ba4bc46a (diff)
downloadruby-13b33a2163ed52d4683f3901ed1f90ad93aa8474.tar.gz
ext/openssl: use EVP_CIPHER_CTX_{new,free} to allocate EVP_CIPHER_CTX
EVP_CIPHER_CTX was made opaque in OpenSSL 1.1.0
-rw-r--r--ext/openssl/extconf.rb3
-rw-r--r--ext/openssl/openssl_missing.c23
-rw-r--r--ext/openssl/openssl_missing.h20
-rw-r--r--ext/openssl/ossl_cipher.c27
4 files changed, 51 insertions, 22 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb
index f2222c027f..b9b5ad61fb 100644
--- a/ext/openssl/extconf.rb
+++ b/ext/openssl/extconf.rb
@@ -74,6 +74,9 @@ engines.each { |name|
have_func("ENGINE_load_#{name}", ["openssl/engine.h"])
}
+# added in 0.9.8X
+have_func("EVP_CIPHER_CTX_new")
+have_func("EVP_CIPHER_CTX_free")
have_func("SSL_CTX_clear_options", ["openssl/ssl.h"])
have_func("HMAC_CTX_copy")
diff --git a/ext/openssl/openssl_missing.c b/ext/openssl/openssl_missing.c
index 91797a8d7d..2e1e534854 100644
--- a/ext/openssl/openssl_missing.c
+++ b/ext/openssl/openssl_missing.c
@@ -18,6 +18,29 @@
#include "openssl_missing.h"
+/*** added in 0.9.8X ***/
+#if !defined(HAVE_EVP_CIPHER_CTX_NEW)
+EVP_CIPHER_CTX *
+EVP_CIPHER_CTX_new(void)
+{
+ EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof(EVP_CIPHER_CTX));
+ if (!ctx)
+ return NULL;
+ EVP_CIPHER_CTX_init(ctx);
+ return ctx;
+}
+#endif
+
+#if !defined(HAVE_EVP_CIPHER_CTX_FREE)
+void
+EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
+{
+ EVP_CIPHER_CTX_cleanup(ctx);
+ OPENSSL_free(ctx);
+}
+#endif
+
+/*** added in 1.0.0 ***/
#if !defined(HAVE_HMAC_CTX_COPY)
void
HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in)
diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h
index 025ce06bda..3e2c8159e4 100644
--- a/ext/openssl/openssl_missing.h
+++ b/ext/openssl/openssl_missing.h
@@ -14,6 +14,21 @@
extern "C" {
#endif
+/*** added in 0.9.8X ***/
+#if !defined(HAVE_EVP_CIPHER_CTX_NEW)
+EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+#endif
+
+#if !defined(HAVE_EVP_CIPHER_CTX_FREE)
+void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+#endif
+
+#if !defined(HAVE_SSL_CTX_CLEAR_OPTIONS)
+# define SSL_CTX_clear_options(ctx, op) do \
+ (ctx)->options &= ~(op); while (0)
+#endif
+
+/*** added in 1.0.0 ***/
#if !defined(HAVE_HMAC_CTX_COPY)
void HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in);
#endif
@@ -34,11 +49,6 @@ int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data);
int CRYPTO_memcmp(const volatile void * volatile in_a, const volatile void * volatile in_b, size_t len);
#endif
-#if !defined(HAVE_SSL_CTX_CLEAR_OPTIONS)
-# define SSL_CTX_clear_options(ctx, op) do \
- (ctx)->options &= ~(op); while (0)
-#endif
-
#if !defined(HAVE_X509_REVOKED_DUP)
# define X509_REVOKED_dup(rev) (X509_REVOKED *)ASN1_dup((i2d_of_void *)i2d_X509_REVOKED, \
(d2i_of_void *)d2i_X509_REVOKED, (char *)(rev))
diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c
index a09921a73d..e25871e45c 100644
--- a/ext/openssl/ossl_cipher.c
+++ b/ext/openssl/ossl_cipher.c
@@ -11,10 +11,12 @@
#define NewCipher(klass) \
TypedData_Wrap_Struct((klass), &ossl_cipher_type, 0)
-#define MakeCipher(obj, klass, ctx) \
- (obj) = TypedData_Make_Struct((klass), EVP_CIPHER_CTX, &ossl_cipher_type, (ctx))
-#define AllocCipher(obj, ctx) \
- (DATA_PTR(obj) = (ctx) = ZALLOC(EVP_CIPHER_CTX))
+#define AllocCipher(obj, ctx) do { \
+ (ctx) = EVP_CIPHER_CTX_new(); \
+ if (!(ctx)) \
+ ossl_raise(rb_eRuntimeError, NULL); \
+ RTYPEDDATA_DATA(obj) = (ctx); \
+} while (0)
#define GetCipherInit(obj, ctx) do { \
TypedData_Get_Struct((obj), EVP_CIPHER_CTX, &ossl_cipher_type, (ctx)); \
} while (0)
@@ -37,13 +39,13 @@ VALUE eCipherError;
static VALUE ossl_cipher_alloc(VALUE klass);
static void ossl_cipher_free(void *ptr);
-static size_t ossl_cipher_memsize(const void *ptr);
static const rb_data_type_t ossl_cipher_type = {
"OpenSSL/Cipher",
- {0, ossl_cipher_free, ossl_cipher_memsize,},
- 0, 0,
- RUBY_TYPED_FREE_IMMEDIATELY,
+ {
+ 0, ossl_cipher_free,
+ },
+ 0, 0, RUBY_TYPED_FREE_IMMEDIATELY,
};
/*
@@ -67,7 +69,6 @@ ossl_cipher_new(const EVP_CIPHER *cipher)
ret = ossl_cipher_alloc(cCipher);
AllocCipher(ret, ctx);
- EVP_CIPHER_CTX_init(ctx);
if (EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, -1) != 1)
ossl_raise(eCipherError, NULL);
@@ -87,13 +88,6 @@ ossl_cipher_free(void *ptr)
}
}
-static size_t
-ossl_cipher_memsize(const void *ptr)
-{
- const EVP_CIPHER_CTX *ctx = ptr;
- return sizeof(*ctx);
-}
-
static VALUE
ossl_cipher_alloc(VALUE klass)
{
@@ -122,7 +116,6 @@ ossl_cipher_initialize(VALUE self, VALUE str)
ossl_raise(rb_eRuntimeError, "Cipher already inititalized!");
}
AllocCipher(self, ctx);
- EVP_CIPHER_CTX_init(ctx);
if (!(cipher = EVP_get_cipherbyname(name))) {
ossl_raise(rb_eRuntimeError, "unsupported cipher algorithm (%s)", name);
}