ssl_init.c (330106) | ssl_init.c (338530) |
---|---|
1/* 2 * ssl_init.c Common OpenSSL initialization code for the various 3 * programs which use it. 4 * 5 * Moved from ntpd/ntp_crypto.c crypto_setup() 6 */ 7#ifdef HAVE_CONFIG_H 8# include <config.h> 9#endif 10#include <ctype.h> 11#include <ntp.h> 12#include <ntp_debug.h> 13#include <lib_strbuf.h> 14 15#ifdef OPENSSL | 1/* 2 * ssl_init.c Common OpenSSL initialization code for the various 3 * programs which use it. 4 * 5 * Moved from ntpd/ntp_crypto.c crypto_setup() 6 */ 7#ifdef HAVE_CONFIG_H 8# include <config.h> 9#endif 10#include <ctype.h> 11#include <ntp.h> 12#include <ntp_debug.h> 13#include <lib_strbuf.h> 14 15#ifdef OPENSSL |
16# include "openssl/cmac.h" 17# include "openssl/crypto.h" 18# include "openssl/err.h" 19# include "openssl/evp.h" 20# include "openssl/opensslv.h" | 16# include <openssl/crypto.h> 17# include <openssl/err.h> 18# include <openssl/evp.h> 19# include <openssl/opensslv.h> |
21# include "libssl_compat.h" | 20# include "libssl_compat.h" |
22 23# define CMAC_LENGTH 16 24# define CMAC "AES128CMAC" 25 | 21# ifdef HAVE_OPENSSL_CMAC_H 22# include <openssl/cmac.h> 23# define CMAC_LENGTH 16 24# define CMAC "AES128CMAC" 25# endif /*HAVE_OPENSSL_CMAC_H*/ |
26int ssl_init_done; 27 28#if OPENSSL_VERSION_NUMBER < 0x10100000L 29 30static void 31atexit_ssl_cleanup(void) 32{ 33 if (!ssl_init_done) { --- 87 unchanged lines hidden (view full) --- 121 strlcpy(upcased, text, LIB_BUFLENGTH); 122 123 for (pch = upcased; '\0' != *pch; pch++) { 124 *pch = (char)toupper((unsigned char)*pch); 125 } 126 127 key_type = OBJ_sn2nid(upcased); 128 | 26int ssl_init_done; 27 28#if OPENSSL_VERSION_NUMBER < 0x10100000L 29 30static void 31atexit_ssl_cleanup(void) 32{ 33 if (!ssl_init_done) { --- 87 unchanged lines hidden (view full) --- 121 strlcpy(upcased, text, LIB_BUFLENGTH); 122 123 for (pch = upcased; '\0' != *pch; pch++) { 124 *pch = (char)toupper((unsigned char)*pch); 125 } 126 127 key_type = OBJ_sn2nid(upcased); 128 |
129# ifdef ENABLE_CMAC |
|
129 if (!key_type && !strncmp(CMAC, upcased, strlen(CMAC) + 1)) { 130 key_type = NID_cmac; 131 132 if (debug) { 133 fprintf(stderr, "%s:%d:%s():%s:key\n", 134 __FILE__, __LINE__, __func__, CMAC); 135 } 136 } | 130 if (!key_type && !strncmp(CMAC, upcased, strlen(CMAC) + 1)) { 131 key_type = NID_cmac; 132 133 if (debug) { 134 fprintf(stderr, "%s:%d:%s():%s:key\n", 135 __FILE__, __LINE__, __func__, CMAC); 136 } 137 } |
138# endif /*ENABLE_CMAC*/ |
|
137#else 138 139 key_type = 0; 140#endif 141 142 if (!key_type && 'm' == tolower((unsigned char)text[0])) { 143 key_type = NID_md5; 144 } 145 146 if (!key_type) { 147 return 0; 148 } 149 150 if (NULL != pdigest_len) { 151#ifdef OPENSSL 152 md = EVP_get_digestbynid(key_type); 153 digest_len = (md) ? EVP_MD_size(md) : 0; 154 155 if (!md || digest_len <= 0) { | 139#else 140 141 key_type = 0; 142#endif 143 144 if (!key_type && 'm' == tolower((unsigned char)text[0])) { 145 key_type = NID_md5; 146 } 147 148 if (!key_type) { 149 return 0; 150 } 151 152 if (NULL != pdigest_len) { 153#ifdef OPENSSL 154 md = EVP_get_digestbynid(key_type); 155 digest_len = (md) ? EVP_MD_size(md) : 0; 156 157 if (!md || digest_len <= 0) { |
158# ifdef ENABLE_CMAC |
|
156 if (key_type == NID_cmac) { 157 digest_len = CMAC_LENGTH; 158 159 if (debug) { 160 fprintf(stderr, "%s:%d:%s():%s:len\n", 161 __FILE__, __LINE__, __func__, CMAC); 162 } | 159 if (key_type == NID_cmac) { 160 digest_len = CMAC_LENGTH; 161 162 if (debug) { 163 fprintf(stderr, "%s:%d:%s():%s:len\n", 164 __FILE__, __LINE__, __func__, CMAC); 165 } |
163 } else { | 166 } else 167# endif /*ENABLE_CMAC*/ 168 { |
164 fprintf(stderr, 165 "key type %s is not supported by OpenSSL\n", 166 keytype_name(key_type)); 167 msyslog(LOG_ERR, 168 "key type %s is not supported by OpenSSL\n", 169 keytype_name(key_type)); 170 return 0; 171 } --- 32 unchanged lines hidden (view full) --- 204{ 205 static const char unknown_type[] = "(unknown key type)"; 206 const char *name; 207 208#ifdef OPENSSL 209 INIT_SSL(); 210 name = OBJ_nid2sn(nid); 211 | 169 fprintf(stderr, 170 "key type %s is not supported by OpenSSL\n", 171 keytype_name(key_type)); 172 msyslog(LOG_ERR, 173 "key type %s is not supported by OpenSSL\n", 174 keytype_name(key_type)); 175 return 0; 176 } --- 32 unchanged lines hidden (view full) --- 209{ 210 static const char unknown_type[] = "(unknown key type)"; 211 const char *name; 212 213#ifdef OPENSSL 214 INIT_SSL(); 215 name = OBJ_nid2sn(nid); 216 |
217# ifdef ENABLE_CMAC |
|
212 if (NID_cmac == nid) { 213 name = CMAC; 214 215 if (debug) { 216 fprintf(stderr, "%s:%d:%s():%s:nid\n", 217 __FILE__, __LINE__, __func__, CMAC); 218 } 219 } else | 218 if (NID_cmac == nid) { 219 name = CMAC; 220 221 if (debug) { 222 fprintf(stderr, "%s:%d:%s():%s:nid\n", 223 __FILE__, __LINE__, __func__, CMAC); 224 } 225 } else |
226# endif /*ENABLE_CMAC*/ |
|
220 if (NULL == name) { 221 name = unknown_type; 222 } 223#else /* !OPENSSL follows */ 224 if (NID_md5 == nid) 225 name = "MD5"; 226 else 227 name = unknown_type; --- 30 unchanged lines hidden --- | 227 if (NULL == name) { 228 name = unknown_type; 229 } 230#else /* !OPENSSL follows */ 231 if (NID_md5 == nid) 232 name = "MD5"; 233 else 234 name = unknown_type; --- 30 unchanged lines hidden --- |