diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2021-04-22 13:57:47 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2021-10-25 00:40:45 +0900 |
commit | 040387d265e405c769867dbedd47c723185bc944 (patch) | |
tree | 1b3ca31419ad548040d7afce17559404d792196c /ext | |
parent | cfa4fa636efefddd70df82f1b0bf0d1c96bf1cf7 (diff) |
[ruby/openssl] digest: use EVP_MD_CTX_get0_md() instead of EVP_MD_CTX_md() if exists
The function was renamed in OpenSSL 3.0 due to the change of the
lifetime of EVP_MD objects. They are no longer necessarily statically
allocated and can be reference-counted -- when an EVP_MD_CTX is free'd,
the associated EVP_MD can also become inaccessible.
Currently Ruby/OpenSSL only handles builtin algorithms, so no special
handling is needed except for adapting to the rename.
https://github.com/ruby/openssl/commit/0a253027e6
Diffstat (limited to 'ext')
-rw-r--r-- | ext/openssl/extconf.rb | 1 | ||||
-rw-r--r-- | ext/openssl/openssl_missing.h | 4 | ||||
-rw-r--r-- | ext/openssl/ossl_digest.c | 6 | ||||
-rw-r--r-- | ext/openssl/ossl_hmac.c | 2 |
4 files changed, 9 insertions, 4 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 98f96afe77..842b7f5b1a 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -176,6 +176,7 @@ have_func("ERR_get_error_all") have_func("TS_VERIFY_CTX_set_certs(NULL, NULL)", "openssl/ts.h") have_func("SSL_CTX_load_verify_file") have_func("BN_check_prime") +have_func("EVP_MD_CTX_get0_md") Logging::message "=== Checking done. ===\n" diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h index 1b1a54a824..64212349c9 100644 --- a/ext/openssl/openssl_missing.h +++ b/ext/openssl/openssl_missing.h @@ -219,4 +219,8 @@ IMPL_PKEY_GETTER(EC_KEY, ec) # define TS_VERIFY_CTX_set_certs(ctx, crts) TS_VERIFY_CTS_set_certs(ctx, crts) #endif +#ifndef HAVE_EVP_MD_CTX_GET0_MD +# define EVP_MD_CTX_get0_md(ctx) EVP_MD_CTX_md(ctx) +#endif + #endif /* _OSSL_OPENSSL_MISSING_H_ */ diff --git a/ext/openssl/ossl_digest.c b/ext/openssl/ossl_digest.c index b2506de7f7..fc326ec14a 100644 --- a/ext/openssl/ossl_digest.c +++ b/ext/openssl/ossl_digest.c @@ -63,7 +63,7 @@ ossl_evp_get_digestbyname(VALUE obj) GetDigest(obj, ctx); - md = EVP_MD_CTX_md(ctx); + md = EVP_MD_CTX_get0_md(ctx); } return md; @@ -176,7 +176,7 @@ ossl_digest_reset(VALUE self) EVP_MD_CTX *ctx; GetDigest(self, ctx); - if (EVP_DigestInit_ex(ctx, EVP_MD_CTX_md(ctx), NULL) != 1) { + if (EVP_DigestInit_ex(ctx, EVP_MD_CTX_get0_md(ctx), NULL) != 1) { ossl_raise(eDigestError, "Digest initialization failed."); } @@ -259,7 +259,7 @@ ossl_digest_name(VALUE self) GetDigest(self, ctx); - return rb_str_new2(EVP_MD_name(EVP_MD_CTX_md(ctx))); + return rb_str_new_cstr(EVP_MD_name(EVP_MD_CTX_get0_md(ctx))); } /* diff --git a/ext/openssl/ossl_hmac.c b/ext/openssl/ossl_hmac.c index a21db6c481..2642728b85 100644 --- a/ext/openssl/ossl_hmac.c +++ b/ext/openssl/ossl_hmac.c @@ -239,7 +239,7 @@ ossl_hmac_reset(VALUE self) GetHMAC(self, ctx); pkey = EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_pkey_ctx(ctx)); - if (EVP_DigestSignInit(ctx, NULL, EVP_MD_CTX_md(ctx), NULL, pkey) != 1) + if (EVP_DigestSignInit(ctx, NULL, EVP_MD_CTX_get0_md(ctx), NULL, pkey) != 1) ossl_raise(eHMACError, "EVP_DigestSignInit"); return self; |