mirror of https://git.kore.io/kore.git
Don't let kore build with openssl 3 again.
The whole privilege separation breaks with OpenSSL 3, even if it builds. I guess it is somewhat time to start on donutls.
This commit is contained in:
parent
0337af2067
commit
a54f806978
|
@ -79,11 +79,6 @@ extern int daemon(int, int);
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Ignore deprecation warnings for OpenSSL 3 for now. */
|
|
||||||
#if defined(OPENSSL_VERSION_MAJOR)
|
|
||||||
#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(__OpenBSD__)
|
#if defined(__OpenBSD__)
|
||||||
#define KORE_USE_PLATFORM_PLEDGE 1
|
#define KORE_USE_PLATFORM_PLEDGE 1
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -26,12 +26,6 @@
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
#include <openssl/pem.h>
|
#include <openssl/pem.h>
|
||||||
#include <openssl/x509v3.h>
|
#include <openssl/x509v3.h>
|
||||||
|
|
||||||
/* Ignore deprecation warnings for OpenSSL 3 for now. */
|
|
||||||
#if defined(OPENSSL_VERSION_MAJOR)
|
|
||||||
#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#include <ctype.h>
|
#include <ctype.h>
|
||||||
|
|
10
src/keymgr.c
10
src/keymgr.c
|
@ -689,12 +689,7 @@ keymgr_rsa_encrypt(struct kore_msg *msg, const void *data, struct key *key)
|
||||||
u_int8_t buf[1024];
|
u_int8_t buf[1024];
|
||||||
|
|
||||||
req = (const struct kore_keyreq *)data;
|
req = (const struct kore_keyreq *)data;
|
||||||
|
|
||||||
#if defined(OPENSSL_VERSION_MAJOR)
|
|
||||||
rsa = EVP_PKEY_get0(key->pkey);
|
|
||||||
#else
|
|
||||||
rsa = EVP_PKEY_get0_RSA(key->pkey);
|
rsa = EVP_PKEY_get0_RSA(key->pkey);
|
||||||
#endif
|
|
||||||
|
|
||||||
keylen = RSA_size(rsa);
|
keylen = RSA_size(rsa);
|
||||||
if (req->data_len > keylen || keylen > sizeof(buf))
|
if (req->data_len > keylen || keylen > sizeof(buf))
|
||||||
|
@ -718,12 +713,7 @@ keymgr_ecdsa_sign(struct kore_msg *msg, const void *data, struct key *key)
|
||||||
u_int8_t sig[1024];
|
u_int8_t sig[1024];
|
||||||
|
|
||||||
req = (const struct kore_keyreq *)data;
|
req = (const struct kore_keyreq *)data;
|
||||||
|
|
||||||
#if defined(OPENSSL_VERSION_MAJOR)
|
|
||||||
ec = EVP_PKEY_get0(key->pkey);
|
|
||||||
#else
|
|
||||||
ec = EVP_PKEY_get0_EC_KEY(key->pkey);
|
ec = EVP_PKEY_get0_EC_KEY(key->pkey);
|
||||||
#endif
|
|
||||||
|
|
||||||
len = ECDSA_size(ec);
|
len = ECDSA_size(ec);
|
||||||
if (req->data_len > len || len > sizeof(sig))
|
if (req->data_len > len || len > sizeof(sig))
|
||||||
|
|
Loading…
Reference in New Issue