mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-20 12:02:28 +02:00
Replace EVP_get_cipherbyname with EVP_CIPHER_fetch
In OpenSSL 3.0 EVP_get_cipherbyname return a non NULL algorithm even if the algorithm is not available with the currently available provider. Luckily EVP_get_cipherbyname can be used here as drop in replacement and returns only non NULL if the algorithm is actually currently supported. Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Max Fillinger <maximilian.fillinger@foxcrypto.com> Message-Id: <20211019183127.614175-11-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23005.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
This commit is contained in:
parent
4b3c1e76d7
commit
f40edaa5ab
@ -576,7 +576,7 @@ cipher_kt_get(const char *ciphername)
|
||||
ASSERT(ciphername);
|
||||
|
||||
ciphername = translate_cipher_name_from_openvpn(ciphername);
|
||||
cipher = EVP_get_cipherbyname(ciphername);
|
||||
cipher = EVP_CIPHER_fetch(NULL, ciphername, NULL);
|
||||
|
||||
if (NULL == cipher)
|
||||
{
|
||||
@ -662,7 +662,7 @@ cipher_kt_block_size(const EVP_CIPHER *cipher)
|
||||
|
||||
strcpy(mode_str, "-CBC");
|
||||
|
||||
cbc_cipher = EVP_get_cipherbyname(translate_cipher_name_from_openvpn(name));
|
||||
cbc_cipher = EVP_CIPHER_fetch(NULL,translate_cipher_name_from_openvpn(name), NULL);
|
||||
if (cbc_cipher)
|
||||
{
|
||||
block_size = EVP_CIPHER_block_size(cbc_cipher);
|
||||
@ -885,7 +885,7 @@ md_kt_get(const char *digest)
|
||||
{
|
||||
const EVP_MD *md = NULL;
|
||||
ASSERT(digest);
|
||||
md = EVP_get_digestbyname(digest);
|
||||
md = EVP_MD_fetch(NULL, digest, NULL);
|
||||
if (!md)
|
||||
{
|
||||
crypto_msg(M_FATAL, "Message hash algorithm '%s' not found", digest);
|
||||
|
@ -754,4 +754,25 @@ int EVP_PKEY_get_group_name(EVP_PKEY *pkey, char *gname, size_t gname_sz,
|
||||
return 1;
|
||||
}
|
||||
#endif
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER < 0x30000000L
|
||||
/* Mimics the functions but only when the default context without
|
||||
* options is chosen */
|
||||
static inline const EVP_CIPHER *
|
||||
EVP_CIPHER_fetch(void *ctx, const char *algorithm, const char *properties)
|
||||
{
|
||||
ASSERT(!ctx);
|
||||
ASSERT(!properties);
|
||||
return EVP_get_cipherbyname(algorithm);
|
||||
}
|
||||
|
||||
static inline const EVP_MD*
|
||||
EVP_MD_fetch(void *ctx, const char *algorithm, const char *properties)
|
||||
{
|
||||
ASSERT(!ctx);
|
||||
ASSERT(!properties);
|
||||
return EVP_get_digestbyname(algorithm);
|
||||
}
|
||||
#endif /* OPENSSL_VERSION_NUMBER < 0x30000000L */
|
||||
|
||||
#endif /* OPENSSL_COMPAT_H_ */
|
||||
|
Loading…
Reference in New Issue
Block a user