ruby-changes:69398
From: Kazuki <ko1@a...>
Date: Mon, 25 Oct 2021 00:43:58 +0900 (JST)
Subject: [ruby-changes:69398] 16272d9ae9 (master): [ruby/openssl] hmac: use EVP_MD_CTX_get_pkey_ctx() instead of EVP_MD_CTX_pkey_ctx()
https://git.ruby-lang.org/ruby.git/commit/?id=16272d9ae9 From 16272d9ae98dfa8296d477a8e255d35f4a3d29e9 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi <k@r...> Date: Tue, 22 Jun 2021 18:50:17 +0900 Subject: [ruby/openssl] hmac: use EVP_MD_CTX_get_pkey_ctx() instead of EVP_MD_CTX_pkey_ctx() OpenSSL 3.0 renamed EVP_MD_CTX_pkey_ctx() to include "get" in the function name. Adjust compatibility macro so that we can use the new function name for all OpenSSL 1.0.2-3.0. https://github.com/ruby/openssl/commit/c106d888c6 --- ext/openssl/extconf.rb | 1 + ext/openssl/openssl_missing.h | 16 ++++++++++++---- ext/openssl/ossl_hmac.c | 2 +- 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 842b7f5b1a..d9d34b7cfa 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -177,6 +177,7 @@ have_func("TS_VERIFY_CTX_set_certs(NULL, NULL)", "openssl/ts.h") https://github.com/ruby/ruby/blob/trunk/ext/openssl/extconf.rb#L177 have_func("SSL_CTX_load_verify_file") have_func("BN_check_prime") have_func("EVP_MD_CTX_get0_md") +have_func("EVP_MD_CTX_get_pkey_ctx") Logging::message "=== Checking done. ===\n" diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h index 64212349c9..55c4f378f1 100644 --- a/ext/openssl/openssl_missing.h +++ b/ext/openssl/openssl_missing.h @@ -21,10 +21,6 @@ https://github.com/ruby/ruby/blob/trunk/ext/openssl/openssl_missing.h#L21 # define EVP_MD_CTX_free EVP_MD_CTX_destroy #endif -#if !defined(HAVE_EVP_MD_CTX_PKEY_CTX) -# define EVP_MD_CTX_pkey_ctx(x) (x)->pctx -#endif - #if !defined(HAVE_X509_STORE_GET_EX_DATA) # define X509_STORE_get_ex_data(x, idx) \ CRYPTO_get_ex_data(&(x)->ex_data, (idx)) @@ -223,4 +219,16 @@ IMPL_PKEY_GETTER(EC_KEY, ec) https://github.com/ruby/ruby/blob/trunk/ext/openssl/openssl_missing.h#L219 # define EVP_MD_CTX_get0_md(ctx) EVP_MD_CTX_md(ctx) #endif +/* + * OpenSSL 1.1.0 added EVP_MD_CTX_pkey_ctx(), and then it was renamed to + * EVP_MD_CTX_get_pkey_ctx(x) in OpenSSL 3.0. + */ +#ifndef HAVE_EVP_MD_CTX_GET_PKEY_CTX +# ifdef HAVE_EVP_MD_CTX_PKEY_CTX +# define EVP_MD_CTX_get_pkey_ctx(x) EVP_MD_CTX_pkey_ctx(x) +# else +# define EVP_MD_CTX_get_pkey_ctx(x) (x)->pctx +# endif +#endif + #endif /* _OSSL_OPENSSL_MISSING_H_ */ diff --git a/ext/openssl/ossl_hmac.c b/ext/openssl/ossl_hmac.c index 2642728b85..f89ff2f9a1 100644 --- a/ext/openssl/ossl_hmac.c +++ b/ext/openssl/ossl_hmac.c @@ -238,7 +238,7 @@ ossl_hmac_reset(VALUE self) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_hmac.c#L238 EVP_PKEY *pkey; GetHMAC(self, ctx); - pkey = EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_pkey_ctx(ctx)); + pkey = EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_get_pkey_ctx(ctx)); if (EVP_DigestSignInit(ctx, NULL, EVP_MD_CTX_get0_md(ctx), NULL, pkey) != 1) ossl_raise(eHMACError, "EVP_DigestSignInit"); -- cgit v1.2.1 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/