Uploaded image for project: 'C Driver'
  1. C Driver
  2. CDRIVER-1066

Allow compiling against OpenSSL 1.1.X

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Minor - P4 Minor - P4
    • 1.4.0
    • Affects Version/s: 1.1.8
    • Component/s: tls
    • Fully Compatible

      Recently, OpenSSL posted a couple 1.1.0-alpha releases and asked users to see if there were any interoperability problems.

      One of the biggest changes coming in 1.1 is that many objects (such as EVP_MD_CTX) now are only visible as opaque pointers. i.e. their exact size and layout are considered private to OpenSSL. Of course, this means that they can't be put on the stack.

      With this small patch, I was able to compile 1.1.8 of the C driver against OpenSSL 1.1.0-pre2. I haven't tested it, but it seems sane enough:

      --- mongo-c-driver-1.1.8/src/mongoc/mongoc-scram.c.ORIG	2016-01-20 10:42:42.378692732 -0800
      +++ mongo-c-driver-1.1.8/src/mongoc/mongoc-scram.c	2016-01-20 10:46:15.365245075 -0800
      @@ -308,8 +308,9 @@
                           const size_t         input_len,
                           unsigned char       *output)
       {
      -   EVP_MD_CTX digest_ctx;
          bool rval = false;
      +#if OPENSSL_VERSION_NUMBER < 0x10100000L
      +   EVP_MD_CTX digest_ctx;
      
          EVP_MD_CTX_init (&digest_ctx);
      
      @@ -325,6 +326,22 @@
      
       cleanup:
          EVP_MD_CTX_cleanup (&digest_ctx);
      +#else /* OpenSSL >= 1.1.0 */
      +   EVP_MD_CTX *digest_ctxp = EVP_MD_CTX_new();
      +
      +   if (1 != EVP_DigestInit_ex (digest_ctxp, EVP_sha1 (), NULL)) {
      +      goto cleanup;
      +   }
      +
      +   if (1 != EVP_DigestUpdate (digest_ctxp, input, input_len)) {
      +      goto cleanup;
      +   }
      +
      +   rval = (1 == EVP_DigestFinal_ex (digest_ctxp, output, NULL));
      +
      +cleanup:
      +   EVP_MD_CTX_free(digest_ctxp);
      +#endif
      
          return rval;
       }
      

      There are also a couple deprecated warnings that pop up, which you may be interested in:

      src/mongoc/mongoc-rand.c:33:5: warning: ‘RAND_pseudo_bytes’ is deprecated
      src/mongoc/mongoc-ssl.c:540:7: warning: ‘CRYPTO_set_id_callback’ is deprecated
      src/mongoc/mongoc-ssl.c:551:7: warning: ‘CRYPTO_set_id_callback’ is deprecated
      

            Assignee:
            bjori Hannes Magnusson
            Reporter:
            mitchblank Mitchell Blank
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: