GUACAMOLE-205: Provide OpenSSL 1.1 API shims for missing accessors.
This commit is contained in:
parent
dbfb782dd5
commit
98a5faaa77
@ -24,6 +24,8 @@ noinst_LTLIBRARIES = libguac_common_ssh.la
|
|||||||
|
|
||||||
libguac_common_ssh_la_SOURCES = \
|
libguac_common_ssh_la_SOURCES = \
|
||||||
buffer.c \
|
buffer.c \
|
||||||
|
dsa-compat.c \
|
||||||
|
rsa-compat.c \
|
||||||
sftp.c \
|
sftp.c \
|
||||||
ssh.c \
|
ssh.c \
|
||||||
key.c \
|
key.c \
|
||||||
@ -31,6 +33,8 @@ libguac_common_ssh_la_SOURCES = \
|
|||||||
|
|
||||||
noinst_HEADERS = \
|
noinst_HEADERS = \
|
||||||
common-ssh/buffer.h \
|
common-ssh/buffer.h \
|
||||||
|
common-ssh/dsa-compat.h \
|
||||||
|
common-ssh/rsa-compat.h \
|
||||||
common-ssh/key.h \
|
common-ssh/key.h \
|
||||||
common-ssh/sftp.h \
|
common-ssh/sftp.h \
|
||||||
common-ssh/ssh.h \
|
common-ssh/ssh.h \
|
||||||
|
61
src/common-ssh/common-ssh/dsa-compat.h
Normal file
61
src/common-ssh/common-ssh/dsa-compat.h
Normal file
@ -0,0 +1,61 @@
|
|||||||
|
/*
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef GUAC_COMMON_SSH_DSA_COMPAT_H
|
||||||
|
#define GUAC_COMMON_SSH_DSA_COMPAT_H
|
||||||
|
|
||||||
|
#include "config.h"
|
||||||
|
|
||||||
|
#include <openssl/bn.h>
|
||||||
|
#include <openssl/dsa.h>
|
||||||
|
|
||||||
|
#ifndef HAVE_DSA_GET0_PQG
|
||||||
|
/**
|
||||||
|
* DSA_get0_pqg() implementation for versions of OpenSSL which lack this
|
||||||
|
* function (pre 1.1).
|
||||||
|
*
|
||||||
|
* See: https://www.openssl.org/docs/man1.1.0/crypto/DSA_get0_pqg.html
|
||||||
|
*/
|
||||||
|
void DSA_get0_pqg(const DSA* dsa_key, const BIGNUM** p,
|
||||||
|
const BIGNUM** q, const BIGNUM** g);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef HAVE_DSA_GET0_KEY
|
||||||
|
/**
|
||||||
|
* DSA_get0_key() implementation for versions of OpenSSL which lack this
|
||||||
|
* function (pre 1.1).
|
||||||
|
*
|
||||||
|
* See: https://www.openssl.org/docs/man1.1.0/crypto/DSA_get0_key.html
|
||||||
|
*/
|
||||||
|
void DSA_get0_key(const DSA* dsa_key, const BIGNUM** pub_key,
|
||||||
|
const BIGNUM** priv_key);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef HAVE_DSA_SIG_GET0
|
||||||
|
/**
|
||||||
|
* DSA_SIG_get0() implementation for versions of OpenSSL which lack this
|
||||||
|
* function (pre 1.1).
|
||||||
|
*
|
||||||
|
* See: https://www.openssl.org/docs/man1.1.0/crypto/DSA_SIG_get0.html
|
||||||
|
*/
|
||||||
|
void DSA_SIG_get0(const DSA_SIG* dsa_sig, const BIGNUM** r, const BIGNUM** s);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif
|
||||||
|
|
40
src/common-ssh/common-ssh/rsa-compat.h
Normal file
40
src/common-ssh/common-ssh/rsa-compat.h
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
/*
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef GUAC_COMMON_SSH_RSA_COMPAT_H
|
||||||
|
#define GUAC_COMMON_SSH_RSA_COMPAT_H
|
||||||
|
|
||||||
|
#include "config.h"
|
||||||
|
|
||||||
|
#include <openssl/bn.h>
|
||||||
|
#include <openssl/rsa.h>
|
||||||
|
|
||||||
|
#ifndef HAVE_RSA_GET0_KEY
|
||||||
|
/**
|
||||||
|
* RSA_get0_key() implementation for versions of OpenSSL which lack this
|
||||||
|
* function (pre 1.1).
|
||||||
|
*
|
||||||
|
* See: https://www.openssl.org/docs/man1.1.0/crypto/RSA_get0_key.html
|
||||||
|
*/
|
||||||
|
void RSA_get0_key(const RSA* rsa_key, const BIGNUM** n,
|
||||||
|
const BIGNUM** e, const BIGNUM**d);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif
|
||||||
|
|
59
src/common-ssh/dsa-compat.c
Normal file
59
src/common-ssh/dsa-compat.c
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
/*
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "config.h"
|
||||||
|
|
||||||
|
#include <openssl/bn.h>
|
||||||
|
#include <openssl/dsa.h>
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
|
||||||
|
#ifndef HAVE_DSA_GET0_PQG
|
||||||
|
void DSA_get0_pqg(const DSA* dsa_key, const BIGNUM** p,
|
||||||
|
const BIGNUM** q, const BIGNUM** g) {
|
||||||
|
|
||||||
|
/* Retrieve all requested internal values */
|
||||||
|
if (p != NULL) *p = dsa_key->p;
|
||||||
|
if (q != NULL) *q = dsa_key->q;
|
||||||
|
if (g != NULL) *g = dsa_key->g;
|
||||||
|
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef HAVE_DSA_GET0_KEY
|
||||||
|
void DSA_get0_key(const DSA* dsa_key, const BIGNUM** pub_key,
|
||||||
|
const BIGNUM** priv_key) {
|
||||||
|
|
||||||
|
/* Retrieve all requested internal values */
|
||||||
|
if (pub_key != NULL) *pub_key = dsa_key->pub_key;
|
||||||
|
if (priv_key != NULL) *priv_key = dsa_key->priv_key;
|
||||||
|
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef HAVE_DSA_SIG_GET0
|
||||||
|
void DSA_SIG_get0(const DSA_SIG* dsa_sig, const BIGNUM** r, const BIGNUM** s) {
|
||||||
|
|
||||||
|
/* Retrieve all requested internal values */
|
||||||
|
if (r != NULL) *r = dsa_sig->r;
|
||||||
|
if (s != NULL) *s = dsa_sig->s;
|
||||||
|
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
@ -20,7 +20,9 @@
|
|||||||
#include "config.h"
|
#include "config.h"
|
||||||
|
|
||||||
#include "common-ssh/buffer.h"
|
#include "common-ssh/buffer.h"
|
||||||
|
#include "common-ssh/dsa-compat.h"
|
||||||
#include "common-ssh/key.h"
|
#include "common-ssh/key.h"
|
||||||
|
#include "common-ssh/rsa-compat.h"
|
||||||
|
|
||||||
#include <openssl/bio.h>
|
#include <openssl/bio.h>
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
@ -73,12 +75,7 @@ guac_common_ssh_key* guac_common_ssh_key_alloc(char* data, int length,
|
|||||||
pos = public_key;
|
pos = public_key;
|
||||||
|
|
||||||
/* Retrieve public key */
|
/* Retrieve public key */
|
||||||
#ifdef HAVE_RSA_GET0_KEY
|
|
||||||
RSA_get0_key(rsa_key, &key_n, &key_e, NULL);
|
RSA_get0_key(rsa_key, &key_n, &key_e, NULL);
|
||||||
#else
|
|
||||||
key_n = rsa_key->n;
|
|
||||||
key_e = rsa_key->e;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Send public key formatted for SSH */
|
/* Send public key formatted for SSH */
|
||||||
guac_common_ssh_buffer_write_string(&pos, "ssh-rsa", sizeof("ssh-rsa")-1);
|
guac_common_ssh_buffer_write_string(&pos, "ssh-rsa", sizeof("ssh-rsa")-1);
|
||||||
@ -119,21 +116,9 @@ guac_common_ssh_key* guac_common_ssh_key_alloc(char* data, int length,
|
|||||||
public_key = malloc(4096);
|
public_key = malloc(4096);
|
||||||
pos = public_key;
|
pos = public_key;
|
||||||
|
|
||||||
/* Retrieve public key parameters */
|
|
||||||
#ifdef HAVE_DSA_GET0_PQG
|
|
||||||
DSA_get0_pqg(dsa_key, &key_p, &key_q, &key_g);
|
|
||||||
#else
|
|
||||||
key_p = dsa_key->p;
|
|
||||||
key_q = dsa_key->q;
|
|
||||||
key_g = dsa_key->g;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Retrieve public key */
|
/* Retrieve public key */
|
||||||
#ifdef HAVE_DSA_GET0_KEY
|
DSA_get0_pqg(dsa_key, &key_p, &key_q, &key_g);
|
||||||
DSA_get0_key(dsa_key, &pub_key, NULL);
|
DSA_get0_key(dsa_key, &pub_key, NULL);
|
||||||
#else
|
|
||||||
pub_key = dsa_key->pub_key;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Send public key formatted for SSH */
|
/* Send public key formatted for SSH */
|
||||||
guac_common_ssh_buffer_write_string(&pos, "ssh-dss", sizeof("ssh-dss")-1);
|
guac_common_ssh_buffer_write_string(&pos, "ssh-dss", sizeof("ssh-dss")-1);
|
||||||
@ -226,12 +211,7 @@ int guac_common_ssh_key_sign(guac_common_ssh_key* key, const char* data,
|
|||||||
const BIGNUM* sig_s;
|
const BIGNUM* sig_s;
|
||||||
|
|
||||||
/* Retrieve DSA signature values */
|
/* Retrieve DSA signature values */
|
||||||
#ifdef HAVE_DSA_SIG_GET0
|
|
||||||
DSA_SIG_get0(dsa_sig, &sig_r, &sig_s);
|
DSA_SIG_get0(dsa_sig, &sig_r, &sig_s);
|
||||||
#else
|
|
||||||
sig_r = dsa_sig->r;
|
|
||||||
sig_s = dsa_sig->s;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Compute size of each half of signature */
|
/* Compute size of each half of signature */
|
||||||
int rlen = BN_num_bytes(sig_r);
|
int rlen = BN_num_bytes(sig_r);
|
||||||
|
38
src/common-ssh/rsa-compat.c
Normal file
38
src/common-ssh/rsa-compat.c
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
/*
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "config.h"
|
||||||
|
|
||||||
|
#include <openssl/bn.h>
|
||||||
|
#include <openssl/rsa.h>
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
|
||||||
|
#ifndef HAVE_RSA_GET0_KEY
|
||||||
|
void RSA_get0_key(const RSA* rsa_key, const BIGNUM** n,
|
||||||
|
const BIGNUM** e, const BIGNUM**d) {
|
||||||
|
|
||||||
|
/* Retrieve all requested internal values */
|
||||||
|
if (n != NULL) *n = rsa_key->n;
|
||||||
|
if (e != NULL) *e = rsa_key->e;
|
||||||
|
if (d != NULL) *d = rsa_key->d;
|
||||||
|
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
Loading…
Reference in New Issue
Block a user