From 0d3d4c4f2810aea66e64c85ee23efb27eb4e3803 Mon Sep 17 00:00:00 2001 From: Fabrizio Furano Date: Mon, 9 Apr 2018 11:00:08 +0200 Subject: [PATCH 1/4] Workarounds for openssl 1.1 --- src/XrdHttp/XrdHttpProtocol.cc | 63 +++++++++++++++++++++++++++++----- 1 file changed, 55 insertions(+), 8 deletions(-) diff --git a/src/XrdHttp/XrdHttpProtocol.cc b/src/XrdHttp/XrdHttpProtocol.cc index 30fb996192a..c249cc186c2 100644 --- a/src/XrdHttp/XrdHttpProtocol.cc +++ b/src/XrdHttp/XrdHttpProtocol.cc @@ -173,6 +173,41 @@ extern "C" { } } + + + +/******************************************************************************/ +/* U g l y O p e n S S L w o r k a r o u n d s */ +/******************************************************************************/ +#if OPENSSL_VERSION_NUMBER < 0x1010008fL +void *BIO_get_data(BIO *bio) { + return bio->ptr; +} +void BIO_set_data(BIO *bio, void *ptr) { + bio->ptr = ptr; +} +#if OPENSSL_VERSION_NUMBER < 0x1000207fL +int BIO_get_flags(BIO *bio) { + return bio->flags; +} +#endif +void BIO_set_flags(BIO *bio, int flags) { + bio->flags = flags; +} +int BIO_get_init(BIO *bio) { + return bio->init; +} +void BIO_set_init(BIO *bio, int init) { + bio->init = init; +} +void BIO_set_shutdown(BIO *bio, int shut) { + bio->shutdown = shut; +} +int BIO_get_shutdown(BIO *bio) { + return bio->shutdown; +} + +#endif /******************************************************************************/ /* X r d H T T P P r o t o c o l C l a s s */ /******************************************************************************/ @@ -417,7 +452,9 @@ int BIO_XrdLink_write(BIO *bio, const char *data, size_t datal, size_t *written) *written = 0; return 0; } - XrdLink *lp = static_cast(bio->ptr); + + XrdLink *lp=static_castBIO_get_data(bio); + errno = 0; int ret = lp->Send(data, datal); BIO_clear_retry_flags(bio); @@ -460,7 +497,8 @@ static int BIO_XrdLink_read(BIO *bio, char *data, size_t datal, size_t *read) } errno = 0; - XrdLink *lp = static_cast(bio->ptr); + + XrdLink *lp = static_cast(BIO_get_data(bio)); int ret = lp->Recv(data, datal); BIO_clear_retry_flags(bio); if (ret <= 0) { @@ -494,10 +532,19 @@ static int BIO_XrdLink_read(BIO *bio, char *data, int datal) static int BIO_XrdLink_create(BIO *bio) { - bio->init = 0; + + + BIO_set_init(bio, 0); + //BIO_set_next(bio, 0); + BIO_set_data(bio, NULL); + BIO_set_flags(bio, 0); + +#if OPENSSL_VERSION_NUMBER < 0x1010008fL + bio->num = 0; - bio->ptr = NULL; - bio->flags = 0; + +#endif + return 1; } @@ -509,7 +556,7 @@ static int BIO_XrdLink_destroy(BIO *bio) if (bio->ptr) { static_cast(bio->ptr)->Close(); } - bio->init = 0; + BIO_set_init(bio, 0); bio->flags = 0; } return 1; @@ -521,10 +568,10 @@ static long BIO_XrdLink_ctrl(BIO *bio, int cmd, long num, void * ptr) long ret = 1; switch (cmd) { case BIO_CTRL_GET_CLOSE: - ret = bio->shutdown; + ret = BIO_get_shutdown(bio); break; case BIO_CTRL_SET_CLOSE: - bio->shutdown = (int)num; + BIO_set_shutdown(bio, (int)num); break; case BIO_CTRL_DUP: case BIO_CTRL_FLUSH: From 7a87e60a861fd3c8d35a1f69c38b8256ce4475a9 Mon Sep 17 00:00:00 2001 From: Fabrizio Furano Date: Mon, 9 Apr 2018 13:59:45 +0200 Subject: [PATCH 2/4] Backward and forward openssl fixes --- src/XrdHttp/XrdHttpProtocol.cc | 73 +++++++++++++++++++++------------- 1 file changed, 45 insertions(+), 28 deletions(-) diff --git a/src/XrdHttp/XrdHttpProtocol.cc b/src/XrdHttp/XrdHttpProtocol.cc index c249cc186c2..dea456ec59e 100644 --- a/src/XrdHttp/XrdHttpProtocol.cc +++ b/src/XrdHttp/XrdHttpProtocol.cc @@ -179,7 +179,7 @@ extern "C" { /******************************************************************************/ /* U g l y O p e n S S L w o r k a r o u n d s */ /******************************************************************************/ -#if OPENSSL_VERSION_NUMBER < 0x1010008fL +#if OPENSSL_VERSION_NUMBER < 0x10100000L void *BIO_get_data(BIO *bio) { return bio->ptr; } @@ -445,7 +445,7 @@ char *XrdHttpProtocol::GetClientIPStr() { // Various routines for handling XrdLink as BIO objects within OpenSSL. -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x1000207fL int BIO_XrdLink_write(BIO *bio, const char *data, size_t datal, size_t *written) { if (!data || !bio) { @@ -453,7 +453,7 @@ int BIO_XrdLink_write(BIO *bio, const char *data, size_t datal, size_t *written) return 0; } - XrdLink *lp=static_castBIO_get_data(bio); + XrdLink *lp=static_cast(BIO_get_data(bio)); errno = 0; int ret = lp->Send(data, datal); @@ -476,7 +476,7 @@ int BIO_XrdLink_write(BIO *bio, const char *data, int datal) } errno = 0; - XrdLink *lp = static_cast(bio->ptr); + XrdLink *lp = static_cast(BIO_get_data(bio)); int ret = lp->Send(data, datal); BIO_clear_retry_flags(bio); if (ret <= 0) { @@ -488,7 +488,7 @@ int BIO_XrdLink_write(BIO *bio, const char *data, int datal) #endif -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x1000207fL static int BIO_XrdLink_read(BIO *bio, char *data, size_t datal, size_t *read) { if (!data || !bio) { @@ -518,7 +518,7 @@ static int BIO_XrdLink_read(BIO *bio, char *data, int datal) } errno = 0; - XrdLink *lp = static_cast(bio->ptr); + XrdLink *lp = static_cast(BIO_get_data(bio)); int ret = lp->Recv(data, datal); BIO_clear_retry_flags(bio); if (ret <= 0) { @@ -539,7 +539,7 @@ static int BIO_XrdLink_create(BIO *bio) BIO_set_data(bio, NULL); BIO_set_flags(bio, 0); -#if OPENSSL_VERSION_NUMBER < 0x1010008fL +#if OPENSSL_VERSION_NUMBER < 0x10100000L bio->num = 0; @@ -552,12 +552,12 @@ static int BIO_XrdLink_create(BIO *bio) static int BIO_XrdLink_destroy(BIO *bio) { if (bio == NULL) return 0; - if (bio->shutdown) { - if (bio->ptr) { - static_cast(bio->ptr)->Close(); + if (BIO_get_shutdown(bio)) { + if (BIO_get_data(bio)) { + static_cast(BIO_get_data(bio))->Close(); } BIO_set_init(bio, 0); - bio->flags = 0; + BIO_set_flags(bio, 0); } return 1; } @@ -592,9 +592,9 @@ BIO *XrdHttpProtocol::CreateBIO(XrdLink *lp) BIO *ret = BIO_new(m_bio_method); - ret->shutdown = 0; - ret->ptr = lp; - ret->init = 1; + BIO_set_shutdown(ret, 0); + BIO_set_data(ret, lp); + BIO_set_init(ret, 1); return ret; } @@ -1031,20 +1031,37 @@ int XrdHttpProtocol::Config(const char *ConfigFN, XrdOucEnv *myEnv) { // Initialize our custom BIO type. if (!m_bio_type) { - // OpenSSL 1.1 has an internal counter for generating unique types. - // We'll switch to that when widely available. - //m_bio_type = BIO_get_new_index(); - m_bio_type = (26|0x0400|0x0100); - m_bio_method = static_cast(OPENSSL_malloc(sizeof(BIO_METHOD))); - if (m_bio_method) { - memset(m_bio_method, '\0', sizeof(BIO_METHOD)); - m_bio_method->type = m_bio_type; - m_bio_method->bwrite = BIO_XrdLink_write; - m_bio_method->bread = BIO_XrdLink_read; - m_bio_method->create = BIO_XrdLink_create; - m_bio_method->destroy = BIO_XrdLink_destroy; - m_bio_method->ctrl = BIO_XrdLink_ctrl; - } + + #if OPENSSL_VERSION_NUMBER < 0x10100000L + m_bio_type = (26|0x0400|0x0100); + m_bio_method = static_cast(OPENSSL_malloc(sizeof(BIO_METHOD))); + + if (m_bio_method) { + memset(m_bio_method, '\0', sizeof(BIO_METHOD)); + m_bio_method->type = m_bio_type; + m_bio_method->bwrite = BIO_XrdLink_write; + m_bio_method->bread = BIO_XrdLink_read; + m_bio_method->create = BIO_XrdLink_create; + m_bio_method->destroy = BIO_XrdLink_destroy; + m_bio_method->ctrl = BIO_XrdLink_ctrl; + } + #else + // OpenSSL 1.1 has an internal counter for generating unique types. + // We'll switch to that when widely available. + m_bio_type = BIO_get_new_index(); + m_bio_method = BIO_meth_new(m_bio_type, "xrdhttp-bio-method"); + + if (m_bio_method) { + BIO_meth_set_write(m_bio_method, BIO_XrdLink_write); + BIO_meth_set_read(m_bio_method, BIO_XrdLink_read); + BIO_meth_set_create(m_bio_method, BIO_XrdLink_create); + BIO_meth_set_destroy(m_bio_method, BIO_XrdLink_destroy); + BIO_meth_set_ctrl(m_bio_method, BIO_XrdLink_ctrl); + } + + #endif + + } // Open and attach the config file From 8e4244459eeedcdee35b24d64c0364039ee4cd19 Mon Sep 17 00:00:00 2001 From: Fabrizio Furano Date: Mon, 9 Apr 2018 14:49:00 +0200 Subject: [PATCH 3/4] Fix for el6 --- src/XrdHttp/XrdHttpProtocol.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/XrdHttp/XrdHttpProtocol.cc b/src/XrdHttp/XrdHttpProtocol.cc index dea456ec59e..1a7330c5a8f 100644 --- a/src/XrdHttp/XrdHttpProtocol.cc +++ b/src/XrdHttp/XrdHttpProtocol.cc @@ -186,7 +186,7 @@ void *BIO_get_data(BIO *bio) { void BIO_set_data(BIO *bio, void *ptr) { bio->ptr = ptr; } -#if OPENSSL_VERSION_NUMBER < 0x1000207fL +#if OPENSSL_VERSION_NUMBER < 0x1000105fL int BIO_get_flags(BIO *bio) { return bio->flags; } From 820514201fc57007645329ae3e5014049eb7041a Mon Sep 17 00:00:00 2001 From: Fabrizio Furano Date: Mon, 9 Apr 2018 15:23:26 +0200 Subject: [PATCH 4/4] Fix for sl6 --- src/XrdHttp/XrdHttpProtocol.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/XrdHttp/XrdHttpProtocol.cc b/src/XrdHttp/XrdHttpProtocol.cc index 1a7330c5a8f..785a7a4476a 100644 --- a/src/XrdHttp/XrdHttpProtocol.cc +++ b/src/XrdHttp/XrdHttpProtocol.cc @@ -445,7 +445,7 @@ char *XrdHttpProtocol::GetClientIPStr() { // Various routines for handling XrdLink as BIO objects within OpenSSL. -#if OPENSSL_VERSION_NUMBER < 0x1000207fL +#if OPENSSL_VERSION_NUMBER < 0x1000105fL int BIO_XrdLink_write(BIO *bio, const char *data, size_t datal, size_t *written) { if (!data || !bio) { @@ -488,7 +488,7 @@ int BIO_XrdLink_write(BIO *bio, const char *data, int datal) #endif -#if OPENSSL_VERSION_NUMBER < 0x1000207fL +#if OPENSSL_VERSION_NUMBER < 0x1000105fL static int BIO_XrdLink_read(BIO *bio, char *data, size_t datal, size_t *read) { if (!data || !bio) {