Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 521054 Details for
Bug 648796
sys-auth/yubico-piv-tool-1.4.4 with >=dev-libs/openssl-1.1.0 - yubico-piv-tool.c:237:10: error: dereferencing pointer to incomplete type ‘RSA {aka struct rsa_st}’
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
yubico-piv-tool-1.5.0-openssl-1.1.0-compat.patch
file_648796.txt (text/plain), 4.69 KB, created by
Quentin Minster
on 2018-02-26 01:00:43 UTC
(
hide
)
Description:
yubico-piv-tool-1.5.0-openssl-1.1.0-compat.patch
Filename:
MIME Type:
Creator:
Quentin Minster
Created:
2018-02-26 01:00:43 UTC
Size:
4.69 KB
patch
obsolete
>diff --git a/tool/util.c b/tool/util.c >index de6b071..5b299ca 100644 >--- a/tool/util.c >+++ b/tool/util.c >@@ -38,6 +38,7 @@ > #endif > > #include "openssl-compat.h" >+#include <openssl/bn.h> > #include <openssl/evp.h> > #include <openssl/x509.h> > #include <openssl/rsa.h> >diff --git a/tool/yubico-piv-tool.c b/tool/yubico-piv-tool.c >index 89daa79..9d6c7e1 100644 >--- a/tool/yubico-piv-tool.c >+++ b/tool/yubico-piv-tool.c >@@ -43,10 +43,12 @@ > #endif > > #include "openssl-compat.h" >+#include <openssl/bn.h> > #include <openssl/des.h> > #include <openssl/pem.h> > #include <openssl/pkcs12.h> > #include <openssl/rand.h> >+#include <openssl/rsa.h> > > #include "cmdline.h" > #include "util.h" >@@ -859,11 +861,19 @@ static bool selfsign_certificate(ykpiv_state *state, enum enum_key_format key_fo > fprintf(stderr, "Failed to set certificate serial.\n"); > goto selfsign_out; > } >+#if OPENSSL_VERSION_NUMBER < 0x10100000L > if(!X509_gmtime_adj(X509_get_notBefore(x509), 0)) { >+#else >+ if(!X509_gmtime_adj(X509_getm_notBefore(x509), 0)) { >+#endif > fprintf(stderr, "Failed to set certificate notBefore.\n"); > goto selfsign_out; > } >+#if OPENSSL_VERSION_NUMBER < 0x10100000L > if(!X509_gmtime_adj(X509_get_notAfter(x509), 60L * 60L * 24L * validDays)) { >+#else >+ if(!X509_gmtime_adj(X509_getm_notAfter(x509), 60L * 60L * 24L * validDays)) { >+#endif > fprintf(stderr, "Failed to set certificate notAfter.\n"); > goto selfsign_out; > } >@@ -1232,7 +1242,7 @@ static void print_cert_info(ykpiv_state *state, enum enum_slot slot, const EVP_M > > if(*ptr++ == 0x70) { > unsigned int md_len = sizeof(data); >- ASN1_TIME *not_before, *not_after; >+ const ASN1_TIME *not_before, *not_after; > > ptr += get_length(ptr, &cert_len); > x509 = X509_new(); >@@ -1290,13 +1300,21 @@ static void print_cert_info(ykpiv_state *state, enum enum_slot slot, const EVP_M > dump_data(data, md_len, output, false, format_arg_hex); > > bio = BIO_new_fp(output, BIO_NOCLOSE | BIO_FP_TEXT); >+#if OPENSSL_VERSION_NUMBER < 0x10100000L > not_before = X509_get_notBefore(x509); >+#else >+ not_before = X509_get0_notBefore(x509); >+#endif > if(not_before) { > fprintf(output, "\tNot Before:\t"); > ASN1_TIME_print(bio, not_before); > fprintf(output, "\n"); > } >+#if OPENSSL_VERSION_NUMBER < 0x10100000L > not_after = X509_get_notAfter(x509); >+#else >+ not_after = X509_get0_notAfter(x509); >+#endif > if(not_after) { > fprintf(output, "\tNot After:\t"); > ASN1_TIME_print(bio, not_after); >@@ -1941,7 +1959,9 @@ int main(int argc, char *argv[]) { > > > /* openssl setup.. */ >+#if OPENSSL_VERSION_NUMBER < 0x10100000L > OpenSSL_add_all_algorithms(); >+#endif > > > for(i = 0; i < args_info.action_given; i++) { >@@ -2182,6 +2202,8 @@ int main(int argc, char *argv[]) { > } > > ykpiv_done(state); >+#if OPENSSL_VERSION_NUMBER < 0x10100000L > EVP_cleanup(); >+#endif > return ret; > } >diff --git a/ykcs11/openssl_types.h b/ykcs11/openssl_types.h >index 307f746..08170fc 100644 >--- a/ykcs11/openssl_types.h >+++ b/ykcs11/openssl_types.h >@@ -31,6 +31,7 @@ > #ifndef OPENSSL_TYPES_H > #define OPENSSL_TYPES_H > >+#include <openssl/bn.h> > #include <openssl/x509.h> > #include <openssl/evp.h> > #include <openssl/rsa.h> >diff --git a/ykcs11/openssl_utils.c b/ykcs11/openssl_utils.c >index 68fb29a..172cd79 100644 >--- a/ykcs11/openssl_utils.c >+++ b/ykcs11/openssl_utils.c >@@ -35,6 +35,11 @@ > #include "debug.h" > #include <string.h> > >+#if OPENSSL_VERSION_NUMBER >= 0x10100000L >+# define X509_set_notBefore X509_set1_notBefore >+# define X509_set_notAfter X509_set1_notAfter >+#endif >+ > CK_RV do_store_cert(CK_BYTE_PTR data, CK_ULONG len, X509 **cert) { > > const unsigned char *p = data; // Mandatory temp variable required by OpenSSL >@@ -580,7 +585,9 @@ CK_RV do_pkcs_pss(ykcs11_rsa_key_t *key, CK_BYTE_PTR in, CK_ULONG in_len, > int nid, CK_BYTE_PTR out, CK_ULONG_PTR out_len) { > unsigned char em[RSA_size(key)]; > >+#if OPENSSL_VERSION_NUMBER < 0x10100000L > OpenSSL_add_all_digests(); >+#endif > > DBG("Apply PSS padding to %lu bytes and get %d", in_len, RSA_size(key)); > >@@ -590,14 +597,18 @@ CK_RV do_pkcs_pss(ykcs11_rsa_key_t *key, CK_BYTE_PTR in, CK_ULONG in_len, > > // In case of raw PSS (no hash) this function will fail because OpenSSL requires an MD > if (RSA_padding_add_PKCS1_PSS(key, em, out, EVP_get_digestbynid(nid), -2) == 0) { >+#if OPENSSL_VERSION_NUMBER < 0x10100000L > EVP_cleanup(); >+#endif > return CKR_FUNCTION_FAILED; > } > > memcpy(out, em, sizeof(em)); > *out_len = (CK_ULONG) sizeof(em); > >+#if OPENSSL_VERSION_NUMBER < 0x10100000L > EVP_cleanup(); >+#endif > > return CKR_OK; > }
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 648796
:
521052
| 521054