GUACAMOLE-205: Provide OpenSSL 1.1 API shims for missing accessors.
This commit is contained in:
parent
dbfb782dd5
commit
98a5faaa77
@ -24,6 +24,8 @@ noinst_LTLIBRARIES = libguac_common_ssh.la
|
||||
|
||||
libguac_common_ssh_la_SOURCES = \
|
||||
buffer.c \
|
||||
dsa-compat.c \
|
||||
rsa-compat.c \
|
||||
sftp.c \
|
||||
ssh.c \
|
||||
key.c \
|
||||
@ -31,6 +33,8 @@ libguac_common_ssh_la_SOURCES = \
|
||||
|
||||
noinst_HEADERS = \
|
||||
common-ssh/buffer.h \
|
||||
common-ssh/dsa-compat.h \
|
||||
common-ssh/rsa-compat.h \
|
||||
common-ssh/key.h \
|
||||
common-ssh/sftp.h \
|
||||
common-ssh/ssh.h \
|
||||
|
61
src/common-ssh/common-ssh/dsa-compat.h
Normal file
61
src/common-ssh/common-ssh/dsa-compat.h
Normal file
@ -0,0 +1,61 @@
|
||||
/*
|
||||
* Licensed to the Apache Software Foundation (ASF) under one
|
||||
* or more contributor license agreements. See the NOTICE file
|
||||
* distributed with this work for additional information
|
||||
* regarding copyright ownership. The ASF licenses this file
|
||||
* to you under the Apache License, Version 2.0 (the
|
||||
* "License"); you may not use this file except in compliance
|
||||
* with the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
#ifndef GUAC_COMMON_SSH_DSA_COMPAT_H
|
||||
#define GUAC_COMMON_SSH_DSA_COMPAT_H
|
||||
|
||||
#include "config.h"
|
||||
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/dsa.h>
|
||||
|
||||
#ifndef HAVE_DSA_GET0_PQG
|
||||
/**
|
||||
* DSA_get0_pqg() implementation for versions of OpenSSL which lack this
|
||||
* function (pre 1.1).
|
||||
*
|
||||
* See: https://www.openssl.org/docs/man1.1.0/crypto/DSA_get0_pqg.html
|
||||
*/
|
||||
void DSA_get0_pqg(const DSA* dsa_key, const BIGNUM** p,
|
||||
const BIGNUM** q, const BIGNUM** g);
|
||||
#endif
|
||||
|
||||
#ifndef HAVE_DSA_GET0_KEY
|
||||
/**
|
||||
* DSA_get0_key() implementation for versions of OpenSSL which lack this
|
||||
* function (pre 1.1).
|
||||
*
|
||||
* See: https://www.openssl.org/docs/man1.1.0/crypto/DSA_get0_key.html
|
||||
*/
|
||||
void DSA_get0_key(const DSA* dsa_key, const BIGNUM** pub_key,
|
||||
const BIGNUM** priv_key);
|
||||
#endif
|
||||
|
||||
#ifndef HAVE_DSA_SIG_GET0
|
||||
/**
|
||||
* DSA_SIG_get0() implementation for versions of OpenSSL which lack this
|
||||
* function (pre 1.1).
|
||||
*
|
||||
* See: https://www.openssl.org/docs/man1.1.0/crypto/DSA_SIG_get0.html
|
||||
*/
|
||||
void DSA_SIG_get0(const DSA_SIG* dsa_sig, const BIGNUM** r, const BIGNUM** s);
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
40
src/common-ssh/common-ssh/rsa-compat.h
Normal file
40
src/common-ssh/common-ssh/rsa-compat.h
Normal file
@ -0,0 +1,40 @@
|
||||
/*
|
||||
* Licensed to the Apache Software Foundation (ASF) under one
|
||||
* or more contributor license agreements. See the NOTICE file
|
||||
* distributed with this work for additional information
|
||||
* regarding copyright ownership. The ASF licenses this file
|
||||
* to you under the Apache License, Version 2.0 (the
|
||||
* "License"); you may not use this file except in compliance
|
||||
* with the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
#ifndef GUAC_COMMON_SSH_RSA_COMPAT_H
|
||||
#define GUAC_COMMON_SSH_RSA_COMPAT_H
|
||||
|
||||
#include "config.h"
|
||||
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/rsa.h>
|
||||
|
||||
#ifndef HAVE_RSA_GET0_KEY
|
||||
/**
|
||||
* RSA_get0_key() implementation for versions of OpenSSL which lack this
|
||||
* function (pre 1.1).
|
||||
*
|
||||
* See: https://www.openssl.org/docs/man1.1.0/crypto/RSA_get0_key.html
|
||||
*/
|
||||
void RSA_get0_key(const RSA* rsa_key, const BIGNUM** n,
|
||||
const BIGNUM** e, const BIGNUM**d);
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
59
src/common-ssh/dsa-compat.c
Normal file
59
src/common-ssh/dsa-compat.c
Normal file
@ -0,0 +1,59 @@
|
||||
/*
|
||||
* Licensed to the Apache Software Foundation (ASF) under one
|
||||
* or more contributor license agreements. See the NOTICE file
|
||||
* distributed with this work for additional information
|
||||
* regarding copyright ownership. The ASF licenses this file
|
||||
* to you under the Apache License, Version 2.0 (the
|
||||
* "License"); you may not use this file except in compliance
|
||||
* with the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
#include "config.h"
|
||||
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/dsa.h>
|
||||
|
||||
#include <stdlib.h>
|
||||
|
||||
#ifndef HAVE_DSA_GET0_PQG
|
||||
void DSA_get0_pqg(const DSA* dsa_key, const BIGNUM** p,
|
||||
const BIGNUM** q, const BIGNUM** g) {
|
||||
|
||||
/* Retrieve all requested internal values */
|
||||
if (p != NULL) *p = dsa_key->p;
|
||||
if (q != NULL) *q = dsa_key->q;
|
||||
if (g != NULL) *g = dsa_key->g;
|
||||
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef HAVE_DSA_GET0_KEY
|
||||
void DSA_get0_key(const DSA* dsa_key, const BIGNUM** pub_key,
|
||||
const BIGNUM** priv_key) {
|
||||
|
||||
/* Retrieve all requested internal values */
|
||||
if (pub_key != NULL) *pub_key = dsa_key->pub_key;
|
||||
if (priv_key != NULL) *priv_key = dsa_key->priv_key;
|
||||
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef HAVE_DSA_SIG_GET0
|
||||
void DSA_SIG_get0(const DSA_SIG* dsa_sig, const BIGNUM** r, const BIGNUM** s) {
|
||||
|
||||
/* Retrieve all requested internal values */
|
||||
if (r != NULL) *r = dsa_sig->r;
|
||||
if (s != NULL) *s = dsa_sig->s;
|
||||
|
||||
}
|
||||
#endif
|
||||
|
@ -20,7 +20,9 @@
|
||||
#include "config.h"
|
||||
|
||||
#include "common-ssh/buffer.h"
|
||||
#include "common-ssh/dsa-compat.h"
|
||||
#include "common-ssh/key.h"
|
||||
#include "common-ssh/rsa-compat.h"
|
||||
|
||||
#include <openssl/bio.h>
|
||||
#include <openssl/bn.h>
|
||||
@ -73,12 +75,7 @@ guac_common_ssh_key* guac_common_ssh_key_alloc(char* data, int length,
|
||||
pos = public_key;
|
||||
|
||||
/* Retrieve public key */
|
||||
#ifdef HAVE_RSA_GET0_KEY
|
||||
RSA_get0_key(rsa_key, &key_n, &key_e, NULL);
|
||||
#else
|
||||
key_n = rsa_key->n;
|
||||
key_e = rsa_key->e;
|
||||
#endif
|
||||
|
||||
/* Send public key formatted for SSH */
|
||||
guac_common_ssh_buffer_write_string(&pos, "ssh-rsa", sizeof("ssh-rsa")-1);
|
||||
@ -119,21 +116,9 @@ guac_common_ssh_key* guac_common_ssh_key_alloc(char* data, int length,
|
||||
public_key = malloc(4096);
|
||||
pos = public_key;
|
||||
|
||||
/* Retrieve public key parameters */
|
||||
#ifdef HAVE_DSA_GET0_PQG
|
||||
DSA_get0_pqg(dsa_key, &key_p, &key_q, &key_g);
|
||||
#else
|
||||
key_p = dsa_key->p;
|
||||
key_q = dsa_key->q;
|
||||
key_g = dsa_key->g;
|
||||
#endif
|
||||
|
||||
/* Retrieve public key */
|
||||
#ifdef HAVE_DSA_GET0_KEY
|
||||
DSA_get0_pqg(dsa_key, &key_p, &key_q, &key_g);
|
||||
DSA_get0_key(dsa_key, &pub_key, NULL);
|
||||
#else
|
||||
pub_key = dsa_key->pub_key;
|
||||
#endif
|
||||
|
||||
/* Send public key formatted for SSH */
|
||||
guac_common_ssh_buffer_write_string(&pos, "ssh-dss", sizeof("ssh-dss")-1);
|
||||
@ -226,12 +211,7 @@ int guac_common_ssh_key_sign(guac_common_ssh_key* key, const char* data,
|
||||
const BIGNUM* sig_s;
|
||||
|
||||
/* Retrieve DSA signature values */
|
||||
#ifdef HAVE_DSA_SIG_GET0
|
||||
DSA_SIG_get0(dsa_sig, &sig_r, &sig_s);
|
||||
#else
|
||||
sig_r = dsa_sig->r;
|
||||
sig_s = dsa_sig->s;
|
||||
#endif
|
||||
|
||||
/* Compute size of each half of signature */
|
||||
int rlen = BN_num_bytes(sig_r);
|
||||
|
38
src/common-ssh/rsa-compat.c
Normal file
38
src/common-ssh/rsa-compat.c
Normal file
@ -0,0 +1,38 @@
|
||||
/*
|
||||
* Licensed to the Apache Software Foundation (ASF) under one
|
||||
* or more contributor license agreements. See the NOTICE file
|
||||
* distributed with this work for additional information
|
||||
* regarding copyright ownership. The ASF licenses this file
|
||||
* to you under the Apache License, Version 2.0 (the
|
||||
* "License"); you may not use this file except in compliance
|
||||
* with the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
#include "config.h"
|
||||
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/rsa.h>
|
||||
|
||||
#include <stdlib.h>
|
||||
|
||||
#ifndef HAVE_RSA_GET0_KEY
|
||||
void RSA_get0_key(const RSA* rsa_key, const BIGNUM** n,
|
||||
const BIGNUM** e, const BIGNUM**d) {
|
||||
|
||||
/* Retrieve all requested internal values */
|
||||
if (n != NULL) *n = rsa_key->n;
|
||||
if (e != NULL) *e = rsa_key->e;
|
||||
if (d != NULL) *d = rsa_key->d;
|
||||
|
||||
}
|
||||
#endif
|
||||
|
Loading…
Reference in New Issue
Block a user