GUACAMOLE-205: Provide OpenSSL 1.1 API shims for missing accessors.

src/common-ssh/Makefile.am

@@ -24,6 +24,8 @@ noinst_LTLIBRARIES = libguac_common_ssh.la
 
 libguac_common_ssh_la_SOURCES = \
     buffer.c                    \
+    dsa-compat.c                \
+    rsa-compat.c                \
     sftp.c                      \
     ssh.c                       \
     key.c                       \
@@ -31,6 +33,8 @@ libguac_common_ssh_la_SOURCES = \
 
 noinst_HEADERS =            \
     common-ssh/buffer.h     \
+    common-ssh/dsa-compat.h \
+    common-ssh/rsa-compat.h \
     common-ssh/key.h        \
     common-ssh/sftp.h       \
     common-ssh/ssh.h        \

src/common-ssh/common-ssh/dsa-compat.h

@@ -0,0 +1,61 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#ifndef GUAC_COMMON_SSH_DSA_COMPAT_H
+#define GUAC_COMMON_SSH_DSA_COMPAT_H
+
+#include "config.h"
+
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+
+#ifndef HAVE_DSA_GET0_PQG
+/**
+ * DSA_get0_pqg() implementation for versions of OpenSSL which lack this
+ * function (pre 1.1).
+ *
+ * See: https://www.openssl.org/docs/man1.1.0/crypto/DSA_get0_pqg.html
+ */
+void DSA_get0_pqg(const DSA* dsa_key, const BIGNUM** p,
+        const BIGNUM** q, const BIGNUM** g);
+#endif
+
+#ifndef HAVE_DSA_GET0_KEY
+/**
+ * DSA_get0_key() implementation for versions of OpenSSL which lack this
+ * function (pre 1.1).
+ *
+ * See: https://www.openssl.org/docs/man1.1.0/crypto/DSA_get0_key.html
+ */
+void DSA_get0_key(const DSA* dsa_key, const BIGNUM** pub_key,
+        const BIGNUM** priv_key);
+#endif
+
+#ifndef HAVE_DSA_SIG_GET0
+/**
+ * DSA_SIG_get0() implementation for versions of OpenSSL which lack this
+ * function (pre 1.1).
+ *
+ * See: https://www.openssl.org/docs/man1.1.0/crypto/DSA_SIG_get0.html
+ */
+void DSA_SIG_get0(const DSA_SIG* dsa_sig, const BIGNUM** r, const BIGNUM** s);
+#endif
+
+#endif
+

src/common-ssh/common-ssh/rsa-compat.h

@@ -0,0 +1,40 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#ifndef GUAC_COMMON_SSH_RSA_COMPAT_H
+#define GUAC_COMMON_SSH_RSA_COMPAT_H
+
+#include "config.h"
+
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+
+#ifndef HAVE_RSA_GET0_KEY
+/**
+ * RSA_get0_key() implementation for versions of OpenSSL which lack this
+ * function (pre 1.1).
+ *
+ * See: https://www.openssl.org/docs/man1.1.0/crypto/RSA_get0_key.html
+ */
+void RSA_get0_key(const RSA* rsa_key, const BIGNUM** n,
+        const BIGNUM** e, const BIGNUM**d);
+#endif
+
+#endif
+

src/common-ssh/dsa-compat.c

@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#include "config.h"
+
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+
+#include <stdlib.h>
+
+#ifndef HAVE_DSA_GET0_PQG
+void DSA_get0_pqg(const DSA* dsa_key, const BIGNUM** p,
+        const BIGNUM** q, const BIGNUM** g) {
+
+    /* Retrieve all requested internal values */
+    if (p != NULL) *p = dsa_key->p;
+    if (q != NULL) *q = dsa_key->q;
+    if (g != NULL) *g = dsa_key->g;
+
+}
+#endif
+
+#ifndef HAVE_DSA_GET0_KEY
+void DSA_get0_key(const DSA* dsa_key, const BIGNUM** pub_key,
+        const BIGNUM** priv_key) {
+
+    /* Retrieve all requested internal values */
+    if (pub_key  != NULL) *pub_key  = dsa_key->pub_key;
+    if (priv_key != NULL) *priv_key = dsa_key->priv_key;
+
+}
+#endif
+
+#ifndef HAVE_DSA_SIG_GET0
+void DSA_SIG_get0(const DSA_SIG* dsa_sig, const BIGNUM** r, const BIGNUM** s) {
+
+    /* Retrieve all requested internal values */
+    if (r != NULL) *r = dsa_sig->r;
+    if (s != NULL) *s = dsa_sig->s;
+
+}
+#endif
+

src/common-ssh/key.c

@@ -20,7 +20,9 @@
 #include "config.h"
 
 #include "common-ssh/buffer.h"
+#include "common-ssh/dsa-compat.h"
 #include "common-ssh/key.h"
+#include "common-ssh/rsa-compat.h"
 
 #include <openssl/bio.h>
 #include <openssl/bn.h>
@@ -73,12 +75,7 @@ guac_common_ssh_key* guac_common_ssh_key_alloc(char* data, int length,
         pos = public_key;
 
         /* Retrieve public key */
-#ifdef HAVE_RSA_GET0_KEY
         RSA_get0_key(rsa_key, &key_n, &key_e, NULL);
-#else
-        key_n = rsa_key->n;
-        key_e = rsa_key->e;
-#endif
 
         /* Send public key formatted for SSH */
         guac_common_ssh_buffer_write_string(&pos, "ssh-rsa", sizeof("ssh-rsa")-1);
@@ -119,21 +116,9 @@ guac_common_ssh_key* guac_common_ssh_key_alloc(char* data, int length,
         public_key = malloc(4096);
         pos = public_key;
 
-        /* Retrieve public key parameters */
-#ifdef HAVE_DSA_GET0_PQG
-        DSA_get0_pqg(dsa_key, &key_p, &key_q, &key_g);
-#else
-        key_p = dsa_key->p;
-        key_q = dsa_key->q;
-        key_g = dsa_key->g;
-#endif
-
         /* Retrieve public key */
-#ifdef HAVE_DSA_GET0_KEY
+        DSA_get0_pqg(dsa_key, &key_p, &key_q, &key_g);
         DSA_get0_key(dsa_key, &pub_key, NULL);
-#else
-        pub_key = dsa_key->pub_key;
-#endif
 
         /* Send public key formatted for SSH */
         guac_common_ssh_buffer_write_string(&pos, "ssh-dss", sizeof("ssh-dss")-1);
@@ -226,12 +211,7 @@ int guac_common_ssh_key_sign(guac_common_ssh_key* key, const char* data,
                 const BIGNUM* sig_s;
 
                 /* Retrieve DSA signature values */
-#ifdef HAVE_DSA_SIG_GET0
                 DSA_SIG_get0(dsa_sig, &sig_r, &sig_s);
-#else
-                sig_r = dsa_sig->r;
-                sig_s = dsa_sig->s;
-#endif
 
                 /* Compute size of each half of signature */
                 int rlen = BN_num_bytes(sig_r);

src/common-ssh/rsa-compat.c

@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#include "config.h"
+
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+
+#include <stdlib.h>
+
+#ifndef HAVE_RSA_GET0_KEY
+void RSA_get0_key(const RSA* rsa_key, const BIGNUM** n,
+        const BIGNUM** e, const BIGNUM**d) {
+
+    /* Retrieve all requested internal values */
+    if (n != NULL) *n = rsa_key->n;
+    if (e != NULL) *e = rsa_key->e;
+    if (d != NULL) *d = rsa_key->d;
+
+}
+#endif
+