From bc48bec97b65534966da74a07ed3edb3f13f6263 Mon Sep 17 00:00:00 2001 From: Chris Wilson Date: Sun, 25 Feb 2018 08:18:34 +0000 Subject: Revert "Add support for OpenSSL 1.1 and replace deprecated function calls" Until shown to be safe. See message from Johann Glaser to the mailing list. This reverts commit 85e7efc3fa0477f60318d2cd2144503a9ea8feb9. --- lib/crypto/CipherContext.h | 24 +++++------------------- 1 file changed, 5 insertions(+), 19 deletions(-) (limited to 'lib/crypto/CipherContext.h') diff --git a/lib/crypto/CipherContext.h b/lib/crypto/CipherContext.h index b6e97b4e..93c889d6 100644 --- a/lib/crypto/CipherContext.h +++ b/lib/crypto/CipherContext.h @@ -19,22 +19,6 @@ class CipherDescription; #define CIPHERCONTEXT_MAX_GENERATED_IV_LENGTH 32 -// Macros to allow compatibility with OpenSSL 1.0 and 1.1 APIs. See -// https://github.com/charybdis-ircd/charybdis/blob/release/3.5/libratbox/src/openssl_ratbox.h -// for the gory details. -#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER >= 0x10100000L) // OpenSSL >= 1.1 -# define BOX_OPENSSL_INIT_CTX(ctx) ctx = EVP_CIPHER_CTX_new(); -# define BOX_OPENSSL_CTX(ctx) ctx -# define BOX_OPENSSL_CLEANUP_CTX(ctx) EVP_CIPHER_CTX_free(ctx) -typedef EVP_CIPHER_CTX* BOX_EVP_CIPHER_CTX; -#else // OpenSSL < 1.1 -# define BOX_OPENSSL_INIT_CTX(ctx) EVP_CIPHER_CTX_init(&ctx); // no error return code, even though the docs says it does -# define BOX_OPENSSL_CTX(ctx) &ctx -# define BOX_OPENSSL_CLEANUP_CTX(ctx) EVP_CIPHER_CTX_cleanup(&ctx) -typedef EVP_CIPHER_CTX BOX_EVP_CIPHER_CTX; -#endif - - // -------------------------------------------------------------------------- // // Class @@ -90,14 +74,16 @@ public: #endif private: - BOX_EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX ctx; bool mInitialised; bool mWithinTransform; bool mPaddingOn; + uint8_t mGeneratedIV[CIPHERCONTEXT_MAX_GENERATED_IV_LENGTH]; CipherFunction mFunction; std::string mCipherName; - const CipherDescription *mpDescription; - std::string mIV; +#ifdef HAVE_OLD_SSL + CipherDescription *mpDescription; +#endif }; -- cgit v1.2.3