From a3274e676a94a7de7f90c2c3a9802b61572c200c Mon Sep 17 00:00:00 2001 From: Michael Ortmann <41313082+michaelortmann@users.noreply.github.com> Date: Tue, 11 Apr 2023 15:29:27 +0000 Subject: [PATCH] Fix more openssl3 deprecation (#1385) Found by: michaelortmann Patch by: michaelortmann --- aclocal.m4 | 3 ++- src/dcc.c | 36 ++++++++++++++++++++++++++++-------- src/tcl.c | 1 - src/tclmisc.c | 37 ++++++++++++++++++------------------- 4 files changed, 48 insertions(+), 29 deletions(-) diff --git a/aclocal.m4 b/aclocal.m4 index f0df8ce91..2d798e249 100644 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -1610,11 +1610,12 @@ AC_DEFUN([EGG_TLS_DETECT], if test -z "$SSL_LIBS"; then AC_CHECK_LIB(crypto, X509_digest, , [havessllib="no"], [-lssl]) AC_CHECK_LIB(ssl, SSL_accept, , [havessllib="no"], [-lcrypto]) - AC_CHECK_FUNCS([EVP_md5 EVP_sha1 a2i_IPADDRESS], , [[ + AC_CHECK_FUNCS([EVP_sha1 a2i_IPADDRESS], , [[ havessllib="no" break ]]) fi + AC_CHECK_FUNCS([EVP_md5]) AC_CHECK_FUNC(OPENSSL_buf2hexstr, , AC_CHECK_FUNC(hex_to_string, AC_DEFINE([OPENSSL_buf2hexstr], [hex_to_string], [Define this to hex_to_string when using OpenSSL < 1.1.0]) diff --git a/src/dcc.c b/src/dcc.c index 395eea817..77cdb7e29 100644 --- a/src/dcc.c +++ b/src/dcc.c @@ -325,15 +325,26 @@ static void cont_link(int idx, char *buf, int i) */ static void dcc_bot_digest(int idx, char *challenge, char *password) { - MD5_CTX md5context; char digest_string[33]; /* 32 for digest in hex + null */ unsigned char digest[16]; int i; +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && defined(HAVE_EVP_MD5) + EVP_MD_CTX *mdctx = EVP_MD_CTX_new(); + const EVP_MD *md = EVP_md5(); + unsigned int md_len; + EVP_DigestInit_ex(mdctx, md, NULL); + EVP_DigestUpdate(mdctx, challenge, strlen(challenge)); + EVP_DigestUpdate(mdctx, password, strlen(password)); + EVP_DigestFinal_ex(mdctx, digest, &md_len); + EVP_MD_CTX_free(mdctx); +#else + MD5_CTX md5context; MD5_Init(&md5context); MD5_Update(&md5context, (unsigned char *) challenge, strlen(challenge)); MD5_Update(&md5context, (unsigned char *) password, strlen(password)); MD5_Final(digest, &md5context); +#endif for (i = 0; i < 16; i++) sprintf(digest_string + (i * 2), "%.2x", digest[i]); @@ -582,7 +593,6 @@ struct dcc_table DCC_FORK_BOT = { */ static int dcc_bot_check_digest(int idx, char *remote_digest) { - MD5_CTX md5context; char digest_string[33]; /* 32 for digest in hex + null */ unsigned char digest[16]; int i, ret; @@ -590,22 +600,32 @@ static int dcc_bot_check_digest(int idx, char *remote_digest) if (!password) return 1; - + snprintf(digest_string, 33, "<%lx%lx@", (long) getpid(), + (unsigned long) dcc[idx].timeval); +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && defined(HAVE_EVP_MD5) + EVP_MD_CTX *mdctx = EVP_MD_CTX_new(); + const EVP_MD *md = EVP_md5(); + unsigned int md_len; + EVP_DigestInit_ex(mdctx, md, NULL); + EVP_DigestUpdate(mdctx, digest_string, strlen(digest_string)); + EVP_DigestUpdate(mdctx, botnetnick, strlen(botnetnick)); + EVP_DigestUpdate(mdctx, ">", 1); + EVP_DigestUpdate(mdctx, password, strlen(password)); + EVP_DigestFinal_ex(mdctx, digest, &md_len); + EVP_MD_CTX_free(mdctx); +#else + MD5_CTX md5context; MD5_Init(&md5context); - - egg_snprintf(digest_string, 33, "<%lx%lx@", (long) getpid(), - (unsigned long) dcc[idx].timeval); MD5_Update(&md5context, (unsigned char *) digest_string, strlen(digest_string)); MD5_Update(&md5context, (unsigned char *) botnetnick, strlen(botnetnick)); MD5_Update(&md5context, (unsigned char *) ">", 1); MD5_Update(&md5context, (unsigned char *) password, strlen(password)); - MD5_Final(digest, &md5context); +#endif for (i = 0; i < 16; i++) sprintf(digest_string + (i * 2), "%.2x", digest[i]); - ret = strcmp(digest_string, remote_digest); explicit_bzero(digest_string, sizeof digest_string); explicit_bzero(digest, sizeof digest); diff --git a/src/tcl.c b/src/tcl.c index 431c394c7..bbd12fcbc 100644 --- a/src/tcl.c +++ b/src/tcl.c @@ -1043,7 +1043,6 @@ void init_tcl(int argc, char **argv) add_tcl_commands(tcluser_cmds); add_tcl_commands(tcldcc_cmds); add_tcl_commands(tclmisc_cmds); - add_tcl_objcommands(tclmisc_objcmds); add_tcl_commands(tcldns_cmds); #ifdef TLS add_tcl_commands(tcltls_cmds); diff --git a/src/tclmisc.c b/src/tclmisc.c index d05bb6119..d5a9dd5ed 100644 --- a/src/tclmisc.c +++ b/src/tclmisc.c @@ -705,26 +705,29 @@ static int tcl_stripcodes STDVAR return TCL_OK; } -static int tcl_md5(cd, irp, objc, objv) -ClientData cd; -Tcl_Interp *irp; -int objc; -Tcl_Obj *CONST objv[]; +static int tcl_md5 STDVAR { - MD5_CTX md5context; - char digest_string[33], *string; + char digest_string[33]; unsigned char digest[16]; - int i, len; + int i; - if (objc != 2) { - Tcl_WrongNumArgs(irp, 1, objv, "string"); - return TCL_ERROR; - } - string = Tcl_GetStringFromObj(objv[1], &len); + BADARGS(2, 2, " string"); +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && defined(HAVE_EVP_MD5) + EVP_MD_CTX *mdctx = EVP_MD_CTX_new(); + const EVP_MD *md = EVP_md5(); + unsigned int md_len; + EVP_DigestInit_ex(mdctx, md, NULL); + EVP_DigestUpdate(mdctx, argv[1], strlen(argv[1])); + EVP_DigestFinal_ex(mdctx, digest, &md_len); + EVP_MD_CTX_free(mdctx); +#else + MD5_CTX md5context; MD5_Init(&md5context); - MD5_Update(&md5context, (unsigned char *) string, len); + MD5_Update(&md5context, (unsigned char *) argv[1], strlen(argv[1])); MD5_Final(digest, &md5context); +#endif + for (i = 0; i < 16; i++) sprintf(digest_string + (i * 2), "%.2x", digest[i]); Tcl_AppendResult(irp, digest_string, NULL); @@ -764,11 +767,6 @@ static int tcl_matchstr STDVAR return TCL_OK; } -tcl_cmds tclmisc_objcmds[] = { - {"md5", tcl_md5}, - {NULL, NULL} -}; - static int tcl_status STDVAR { char s[15]; @@ -860,5 +858,6 @@ tcl_cmds tclmisc_cmds[] = { {"matchstr", tcl_matchstr}, {"status", tcl_status}, {"rfcequal", tcl_rfcequal}, + {"md5", tcl_md5}, {NULL, NULL} };