From 1b5ccc8a0c27273d2f944f9914bcbdda3ad803f7 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi Date: Mon, 17 May 2021 16:18:45 +0900 Subject: [ruby/openssl] pkey, ssl: use EVP_PKEY_eq() instead of EVP_PKEY_cmp() OpenSSL 3.0 renamed EVP_PKEY_cmp() to EVP_PKEY_eq() because that was a confusing name. https://github.com/ruby/openssl/commit/d42bd7fcdb --- ext/openssl/extconf.rb | 1 + ext/openssl/openssl_missing.h | 4 ++++ ext/openssl/ossl_pkey.c | 4 ++-- ext/openssl/ossl_ssl.c | 2 +- 4 files changed, 8 insertions(+), 3 deletions(-) (limited to 'ext') diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index d9d34b7cfa..1d38b56990 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -178,6 +178,7 @@ have_func("SSL_CTX_load_verify_file") have_func("BN_check_prime") have_func("EVP_MD_CTX_get0_md") have_func("EVP_MD_CTX_get_pkey_ctx") +have_func("EVP_PKEY_eq") Logging::message "=== Checking done. ===\n" diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h index 55c4f378f1..8629bfe505 100644 --- a/ext/openssl/openssl_missing.h +++ b/ext/openssl/openssl_missing.h @@ -231,4 +231,8 @@ IMPL_PKEY_GETTER(EC_KEY, ec) # endif #endif +#ifndef HAVE_EVP_PKEY_EQ +# define EVP_PKEY_eq(a, b) EVP_PKEY_cmp(a, b) +#endif + #endif /* _OSSL_OPENSSL_MISSING_H_ */ diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c index 95a2ea1ed9..f9f5162e41 100644 --- a/ext/openssl/ossl_pkey.c +++ b/ext/openssl/ossl_pkey.c @@ -769,14 +769,14 @@ ossl_pkey_compare(VALUE self, VALUE other) if (EVP_PKEY_id(selfPKey) != EVP_PKEY_id(otherPKey)) ossl_raise(rb_eTypeError, "cannot match different PKey types"); - ret = EVP_PKEY_cmp(selfPKey, otherPKey); + ret = EVP_PKEY_eq(selfPKey, otherPKey); if (ret == 0) return Qfalse; else if (ret == 1) return Qtrue; else - ossl_raise(ePKeyError, "EVP_PKEY_cmp"); + ossl_raise(ePKeyError, "EVP_PKEY_eq"); } /* diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index a0f18d5388..2828657457 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -1229,7 +1229,7 @@ ossl_sslctx_add_certificate(int argc, VALUE *argv, VALUE self) EVP_PKEY_free(pub_pkey); if (!pub_pkey) rb_raise(rb_eArgError, "certificate does not contain public key"); - if (EVP_PKEY_cmp(pub_pkey, pkey) != 1) + if (EVP_PKEY_eq(pub_pkey, pkey) != 1) rb_raise(rb_eArgError, "public key mismatch"); if (argc >= 3) -- cgit v1.2.3