From dfd6fccd7f8950601e32602b47f205f0a4a9ff7e Mon Sep 17 00:00:00 2001 From: Teutates <103068388+Teutates@users.noreply.github.com> Date: Thu, 7 Jul 2022 13:12:19 -0400 Subject: [PATCH] OpenSSL 3 fixes (#15) * Remove deprecated openssl functions as of openssl 3.0.5 * Re-add openssl to actions with (should be) proper static providers --- .github/workflows/build.yml | 14 ++++++----- Makefile | 3 +-- ldid.cpp | 50 ++++++++++++++++--------------------- 3 files changed, 30 insertions(+), 37 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6315017..0144433 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -19,7 +19,7 @@ on: env: LIBPLIST_VERSION: 2.2.0 - OPENSSL_VERSION: 1.1.1n + OPENSSL_VERSION: 3.0.5 SCCACHE_VERSION: 0.2.15 jobs: @@ -77,6 +77,7 @@ jobs: echo "NM=${TRIPLE}-gcc-nm" >> $GITHUB_ENV echo "RANLIB=${TRIPLE}-gcc-ranlib" >> $GITHUB_ENV echo "CFLAGS=-Os -fPIC -fno-pie -no-pie -static -flto -ffunction-sections -fdata-sections" >> $GITHUB_ENV + echo "CXXFLAGS=-Os -fPIC -fno-pie -no-pie -static -flto -ffunction-sections -fdata-sections" >> $GITHUB_ENV echo "LDFLAGS=-Wl,--gc-sections -Wl,-strip-all -flto" >> $GITHUB_ENV - name: build libplist @@ -97,7 +98,7 @@ jobs: wget -q -nc -P ${DOWNLOAD_PATH} https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz tar xf ${DOWNLOAD_PATH}/openssl-${OPENSSL_VERSION}.tar.gz -C ${DEP_PATH} cd ${DEP_PATH}/openssl-${OPENSSL_VERSION} - ./Configure --prefix=/usr --static -static ${PLATFORM} + ./config --prefix=/usr --static -static no-module ${PLATFORM} make -j$(nproc) build_generated libcrypto.a echo "CPPFLAGS=${CPPFLAGS} -I${DEP_PATH}/openssl-${OPENSSL_VERSION}/include" >> $GITHUB_ENV @@ -178,6 +179,7 @@ jobs: echo "${HOME}/sccache-v${SCCACHE_VERSION}-x86_64-apple-darwin" >> $GITHUB_PATH echo "CC=sccache clang -arch ${ARCH} -mmacosx-version-min=10.13" >> $GITHUB_ENV echo "CXX=sccache clang++ -arch ${ARCH} -mmacosx-version-min=10.13" >> $GITHUB_ENV + echo "CXXFLAGS=-Os" >> $GITHUB_ENV echo "CFLAGS=-Os" >> $GITHUB_ENV - name: build libplist @@ -188,7 +190,7 @@ jobs: ./configure --host=${HOST_ARCH}-apple-darwin --without-cython --enable-static --disable-shared make -j$(sysctl -n hw.ncpu) - echo "CFLAGS=${CFLAGS} -I${DEP_PATH}/libplist-${LIBPLIST_VERSION}/include" >> $GITHUB_ENV + echo "CXXFLAGS=${CXXFLAGS} -I${DEP_PATH}/libplist-${LIBPLIST_VERSION}/include" >> $GITHUB_ENV echo "LIBPLIST_LIB=${DEP_PATH}/libplist-${LIBPLIST_VERSION}/src/.libs/libplist-2.0.a" >> $GITHUB_ENV - name: build openssl @@ -196,17 +198,17 @@ jobs: wget -q -nc -P ${DOWNLOAD_PATH} https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz tar xf ${DOWNLOAD_PATH}/openssl-${OPENSSL_VERSION}.tar.gz -C ${DEP_PATH} cd ${DEP_PATH}/openssl-${OPENSSL_VERSION} - ./Configure --prefix=/usr no-shared darwin64-${ARCH}-cc + ./config --prefix=/usr no-shared no-module darwin64-${ARCH}-cc make -j$(sysctl -n hw.ncpu) build_generated libcrypto.a - echo "CFLAGS=${CFLAGS} -I${DEP_PATH}/openssl-${OPENSSL_VERSION}/include" >> $GITHUB_ENV + echo "CXXFLAGS=${CXXFLAGS} -I${DEP_PATH}/openssl-${OPENSSL_VERSION}/include" >> $GITHUB_ENV echo "LIBCRYPTO_LIB=${DEP_PATH}/openssl-${OPENSSL_VERSION}/libcrypto.a" >> $GITHUB_ENV - name: build run: | export LDID_VERSION=$(echo "$(git describe --tags --abbrev=0)") make -j$(sysctl -n hw.ncpu) \ - CFLAGS="${CFLAGS} -flto=thin" \ + CXXFLAGS="-std=c++11 ${CXXFLAGS} -flto=thin" \ VERSION="${LDID_VERSION}" \ LIBS="${LIBPLIST_LIB} ${LIBCRYPTO_LIB}" strip ldid diff --git a/Makefile b/Makefile index 55a9c7a..d0419b1 100644 --- a/Makefile +++ b/Makefile @@ -5,8 +5,7 @@ CXX ?= c++ INSTALL ?= install LN ?= ln -CFLAGS ?= -O2 -pipe -CXXFLAGS ?= $(CFLAGS) -std=c++11 +CXXFLAGS ?= -std=c++11 -O2 -pipe LDFLAGS ?= PREFIX ?= /usr/local diff --git a/ldid.cpp b/ldid.cpp index d188458..ac4d17a 100644 --- a/ldid.cpp +++ b/ldid.cpp @@ -54,21 +54,7 @@ #include #include -#include - -#define LDID_SHA1_DIGEST_LENGTH SHA_DIGEST_LENGTH -#define LDID_SHA1 SHA1 -#define LDID_SHA1_CTX SHA_CTX -#define LDID_SHA1_Init SHA1_Init -#define LDID_SHA1_Update SHA1_Update -#define LDID_SHA1_Final SHA1_Final - -#define LDID_SHA256_DIGEST_LENGTH SHA256_DIGEST_LENGTH -#define LDID_SHA256 SHA256 -#define LDID_SHA256_CTX SHA256_CTX -#define LDID_SHA256_Init SHA256_Init -#define LDID_SHA256_Update SHA256_Update -#define LDID_SHA256_Final SHA256_Final +#include #include @@ -1145,7 +1131,7 @@ struct AlgorithmSHA1 : Algorithm { AlgorithmSHA1() : - Algorithm(LDID_SHA1_DIGEST_LENGTH, CS_HASHTYPE_SHA160_160) + Algorithm(SHA_DIGEST_LENGTH, CS_HASHTYPE_SHA160_160) { } @@ -1154,7 +1140,7 @@ struct AlgorithmSHA1 : } void operator ()(uint8_t *hash, const void *data, size_t size) const { - LDID_SHA1(static_cast(data), size, hash); + SHA1(static_cast(data), size, hash); } void operator ()(ldid::Hash &hash, const void *data, size_t size) const { @@ -1162,7 +1148,7 @@ struct AlgorithmSHA1 : } void operator ()(std::vector &hash, const void *data, size_t size) const { - hash.resize(LDID_SHA1_DIGEST_LENGTH); + hash.resize(SHA_DIGEST_LENGTH); return operator ()(reinterpret_cast(hash.data()), data, size); } @@ -1175,7 +1161,7 @@ struct AlgorithmSHA256 : Algorithm { AlgorithmSHA256() : - Algorithm(LDID_SHA256_DIGEST_LENGTH, CS_HASHTYPE_SHA256_256) + Algorithm(SHA256_DIGEST_LENGTH, CS_HASHTYPE_SHA256_256) { } @@ -1184,7 +1170,7 @@ struct AlgorithmSHA256 : } void operator ()(uint8_t *hash, const void *data, size_t size) const { - LDID_SHA256(static_cast(data), size, hash); + SHA256(static_cast(data), size, hash); } void operator ()(ldid::Hash &hash, const void *data, size_t size) const { @@ -1192,7 +1178,7 @@ struct AlgorithmSHA256 : } void operator ()(std::vector &hash, const void *data, size_t size) const { - hash.resize(LDID_SHA256_DIGEST_LENGTH); + hash.resize(SHA256_DIGEST_LENGTH); return operator ()(reinterpret_cast(hash.data()), data, size); } @@ -1942,25 +1928,31 @@ class HashBuffer : private: ldid::Hash &hash_; - LDID_SHA1_CTX sha1_; - LDID_SHA256_CTX sha256_; + EVP_MD_CTX *sha1_; + EVP_MD_CTX *sha256_; public: HashBuffer(ldid::Hash &hash) : hash_(hash) { - LDID_SHA1_Init(&sha1_); - LDID_SHA256_Init(&sha256_); + sha1_ = EVP_MD_CTX_new(); + sha256_ = EVP_MD_CTX_new(); + + EVP_DigestInit_ex2(sha1_, EVP_get_digestbyname("sha1"), nullptr); + EVP_DigestInit_ex2(sha256_, EVP_get_digestbyname("sha256"), nullptr); } ~HashBuffer() { - LDID_SHA1_Final(reinterpret_cast(hash_.sha1_), &sha1_); - LDID_SHA256_Final(reinterpret_cast(hash_.sha256_), &sha256_); + EVP_DigestFinal_ex(sha1_, reinterpret_cast(hash_.sha1_), nullptr); + EVP_DigestFinal_ex(sha256_, reinterpret_cast(hash_.sha256_), nullptr); + + EVP_MD_CTX_free(sha1_); + EVP_MD_CTX_free(sha256_); } virtual std::streamsize xsputn(const char_type *data, std::streamsize size) { - LDID_SHA1_Update(&sha1_, data, size); - LDID_SHA256_Update(&sha256_, data, size); + EVP_DigestUpdate(sha1_, data, size); + EVP_DigestUpdate(sha256_, data, size); return size; } -- 2.47.1