From 85e7efc3fa0477f60318d2cd2144503a9ea8feb9 Mon Sep 17 00:00:00 2001
From: Chris Wilson <chris+github@qwirx.com>
Date: Sat, 3 Jun 2017 12:13:42 +0100
Subject: Add support for OpenSSL 1.1 and replace deprecated function calls

See https://github.com/boxbackup/boxbackup/issues/16 for details. Thanks to
Chris West @FauxFaux for the initial patch!

Use OpenSSL 1.1.0g for Windows superbuild.

Fix Windows build by removing calls to obsolete do_ms.bat
<https://stackoverflow.com/questions/39076244/why-there-is-no-ms-do-ms-bat-after-perl-configure-vc-win64a/39247560#39247560>.

Workaround for incorrect library suffixes searched by FindOpenSSL
<https://gitlab.kitware.com/cmake/cmake/issues/17604>.

Link OpenSSL statically and fix missing dependency on crypt32.lib.

(cherry picked from commit edd3687f067c68b131822e0064cdeff5bf7a3835)
(cherry picked from commit b003e009d1fccadf55a0f59a01c66f7b80f9b3e5)
(cherry picked from commit cc6e20466b857f7e20d816a2c20cb36f112398ab)
(cherry picked from commit 303c6405e3bc1e673dbc691792e0633742c01f4e)
(cherry picked from commit 4e24006f75142a254f1a7db76cf9da1e752d9283)
(cherry picked from commit 448ac48a89538f67f508f8d21931c5e6e90472c0)
(cherry picked from commit 00b3bb0697219ef8c742698dd43d53b538e362b1)
---
 lib/crypto/CipherContext.h | 24 +++++++++++++++++++-----
 1 file changed, 19 insertions(+), 5 deletions(-)

(limited to 'lib/crypto/CipherContext.h')

diff --git a/lib/crypto/CipherContext.h b/lib/crypto/CipherContext.h
index 93c889d6..b6e97b4e 100644
--- a/lib/crypto/CipherContext.h
+++ b/lib/crypto/CipherContext.h
@@ -19,6 +19,22 @@ class CipherDescription;
 
 #define CIPHERCONTEXT_MAX_GENERATED_IV_LENGTH		32
 
+// Macros to allow compatibility with OpenSSL 1.0 and 1.1 APIs. See
+// https://github.com/charybdis-ircd/charybdis/blob/release/3.5/libratbox/src/openssl_ratbox.h
+// for the gory details.
+#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER >= 0x10100000L) // OpenSSL >= 1.1
+#	define BOX_OPENSSL_INIT_CTX(ctx) ctx = EVP_CIPHER_CTX_new();
+#	define BOX_OPENSSL_CTX(ctx) ctx
+#	define BOX_OPENSSL_CLEANUP_CTX(ctx) EVP_CIPHER_CTX_free(ctx)
+typedef EVP_CIPHER_CTX* BOX_EVP_CIPHER_CTX;
+#else // OpenSSL < 1.1
+#	define BOX_OPENSSL_INIT_CTX(ctx) EVP_CIPHER_CTX_init(&ctx); // no error return code, even though the docs says it does
+#	define BOX_OPENSSL_CTX(ctx) &ctx
+#	define BOX_OPENSSL_CLEANUP_CTX(ctx) EVP_CIPHER_CTX_cleanup(&ctx)
+typedef EVP_CIPHER_CTX BOX_EVP_CIPHER_CTX;
+#endif
+
+
 // --------------------------------------------------------------------------
 //
 // Class
@@ -74,16 +90,14 @@ public:
 #endif
 	
 private:
-	EVP_CIPHER_CTX ctx;
+	BOX_EVP_CIPHER_CTX ctx;
 	bool mInitialised;
 	bool mWithinTransform;
 	bool mPaddingOn;
-	uint8_t mGeneratedIV[CIPHERCONTEXT_MAX_GENERATED_IV_LENGTH];
 	CipherFunction mFunction;
 	std::string mCipherName;
-#ifdef HAVE_OLD_SSL
-	CipherDescription *mpDescription;
-#endif
+	const CipherDescription *mpDescription;
+	std::string mIV;
 };
 
 
-- 
cgit v1.2.3