From 13b33a2163ed52d4683f3901ed1f90ad93aa8474 Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@rhe.jp>
Date: Wed, 20 Apr 2016 13:13:45 +0900
Subject: ext/openssl: use EVP_CIPHER_CTX_{new,free} to allocate EVP_CIPHER_CTX

EVP_CIPHER_CTX was made opaque in OpenSSL 1.1.0
---
 ext/openssl/extconf.rb        |  3 +++
 ext/openssl/openssl_missing.c | 23 +++++++++++++++++++++++
 ext/openssl/openssl_missing.h | 20 +++++++++++++++-----
 ext/openssl/ossl_cipher.c     | 27 ++++++++++-----------------
 4 files changed, 51 insertions(+), 22 deletions(-)

diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb
index f2222c027f..b9b5ad61fb 100644
--- a/ext/openssl/extconf.rb
+++ b/ext/openssl/extconf.rb
@@ -74,6 +74,9 @@ engines.each { |name|
   have_func("ENGINE_load_#{name}", ["openssl/engine.h"])
 }
 
+# added in 0.9.8X
+have_func("EVP_CIPHER_CTX_new")
+have_func("EVP_CIPHER_CTX_free")
 have_func("SSL_CTX_clear_options", ["openssl/ssl.h"])
 have_func("HMAC_CTX_copy")
 
diff --git a/ext/openssl/openssl_missing.c b/ext/openssl/openssl_missing.c
index 91797a8d7d..2e1e534854 100644
--- a/ext/openssl/openssl_missing.c
+++ b/ext/openssl/openssl_missing.c
@@ -18,6 +18,29 @@
 
 #include "openssl_missing.h"
 
+/*** added in 0.9.8X ***/
+#if !defined(HAVE_EVP_CIPHER_CTX_NEW)
+EVP_CIPHER_CTX *
+EVP_CIPHER_CTX_new(void)
+{
+    EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof(EVP_CIPHER_CTX));
+    if (!ctx)
+	return NULL;
+    EVP_CIPHER_CTX_init(ctx);
+    return ctx;
+}
+#endif
+
+#if !defined(HAVE_EVP_CIPHER_CTX_FREE)
+void
+EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
+{
+    EVP_CIPHER_CTX_cleanup(ctx);
+    OPENSSL_free(ctx);
+}
+#endif
+
+/*** added in 1.0.0 ***/
 #if !defined(HAVE_HMAC_CTX_COPY)
 void
 HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in)
diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h
index 025ce06bda..3e2c8159e4 100644
--- a/ext/openssl/openssl_missing.h
+++ b/ext/openssl/openssl_missing.h
@@ -14,6 +14,21 @@
 extern "C" {
 #endif
 
+/*** added in 0.9.8X ***/
+#if !defined(HAVE_EVP_CIPHER_CTX_NEW)
+EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+#endif
+
+#if !defined(HAVE_EVP_CIPHER_CTX_FREE)
+void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+#endif
+
+#if !defined(HAVE_SSL_CTX_CLEAR_OPTIONS)
+# define SSL_CTX_clear_options(ctx, op) do \
+	(ctx)->options &= ~(op); while (0)
+#endif
+
+/*** added in 1.0.0 ***/
 #if !defined(HAVE_HMAC_CTX_COPY)
 void HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in);
 #endif
@@ -34,11 +49,6 @@ int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data);
 int CRYPTO_memcmp(const volatile void * volatile in_a, const volatile void * volatile in_b, size_t len);
 #endif
 
-#if !defined(HAVE_SSL_CTX_CLEAR_OPTIONS)
-# define SSL_CTX_clear_options(ctx, op) do \
-	(ctx)->options &= ~(op); while (0)
-#endif
-
 #if !defined(HAVE_X509_REVOKED_DUP)
 # define X509_REVOKED_dup(rev) (X509_REVOKED *)ASN1_dup((i2d_of_void *)i2d_X509_REVOKED, \
 	(d2i_of_void *)d2i_X509_REVOKED, (char *)(rev))
diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c
index a09921a73d..e25871e45c 100644
--- a/ext/openssl/ossl_cipher.c
+++ b/ext/openssl/ossl_cipher.c
@@ -11,10 +11,12 @@
 
 #define NewCipher(klass) \
     TypedData_Wrap_Struct((klass), &ossl_cipher_type, 0)
-#define MakeCipher(obj, klass, ctx) \
-    (obj) = TypedData_Make_Struct((klass), EVP_CIPHER_CTX, &ossl_cipher_type, (ctx))
-#define AllocCipher(obj, ctx) \
-    (DATA_PTR(obj) = (ctx) = ZALLOC(EVP_CIPHER_CTX))
+#define AllocCipher(obj, ctx) do { \
+    (ctx) = EVP_CIPHER_CTX_new(); \
+    if (!(ctx)) \
+	ossl_raise(rb_eRuntimeError, NULL); \
+    RTYPEDDATA_DATA(obj) = (ctx); \
+} while (0)
 #define GetCipherInit(obj, ctx) do { \
     TypedData_Get_Struct((obj), EVP_CIPHER_CTX, &ossl_cipher_type, (ctx)); \
 } while (0)
@@ -37,13 +39,13 @@ VALUE eCipherError;
 
 static VALUE ossl_cipher_alloc(VALUE klass);
 static void ossl_cipher_free(void *ptr);
-static size_t ossl_cipher_memsize(const void *ptr);
 
 static const rb_data_type_t ossl_cipher_type = {
     "OpenSSL/Cipher",
-    {0, ossl_cipher_free, ossl_cipher_memsize,},
-    0, 0,
-    RUBY_TYPED_FREE_IMMEDIATELY,
+    {
+	0, ossl_cipher_free,
+    },
+    0, 0, RUBY_TYPED_FREE_IMMEDIATELY,
 };
 
 /*
@@ -67,7 +69,6 @@ ossl_cipher_new(const EVP_CIPHER *cipher)
 
     ret = ossl_cipher_alloc(cCipher);
     AllocCipher(ret, ctx);
-    EVP_CIPHER_CTX_init(ctx);
     if (EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, -1) != 1)
 	ossl_raise(eCipherError, NULL);
 
@@ -87,13 +88,6 @@ ossl_cipher_free(void *ptr)
     }
 }
 
-static size_t
-ossl_cipher_memsize(const void *ptr)
-{
-    const EVP_CIPHER_CTX *ctx = ptr;
-    return sizeof(*ctx);
-}
-
 static VALUE
 ossl_cipher_alloc(VALUE klass)
 {
@@ -122,7 +116,6 @@ ossl_cipher_initialize(VALUE self, VALUE str)
 	ossl_raise(rb_eRuntimeError, "Cipher already inititalized!");
     }
     AllocCipher(self, ctx);
-    EVP_CIPHER_CTX_init(ctx);
     if (!(cipher = EVP_get_cipherbyname(name))) {
 	ossl_raise(rb_eRuntimeError, "unsupported cipher algorithm (%s)", name);
     }
-- 
cgit v1.2.3