Просмотр исходного кода

Merge branch 'openssl1.1' into next

* openssl1.1:
  Update docs
  Add forward-compat for OpenSSL 1.1.
  OpenSSL 1.1 uses SOVERSION 1.1 not 1.1.0 like expected
  DLSYM: Only add to my_symbols if it loads successfully
  Don't clear global b_prime/b_generator (see 7e7beb95660)
  Support OpenSSL 1.1.
  Add 4096 dhparam
  Update dhparam for OpenSSL 1.1.
  Update FiSH support from ZNC's fish.cpp [1]

Conflicts:
	doc/UPDATES.md
Bryan Drewery 8 лет назад
Родитель
Сommit
a3ccf265fb
12 измененных файлов с 285 добавлено и 27 удалено
  1. 1 0
      doc/UPDATES.md
  2. 1 0
      src/Makefile.in
  3. 49 0
      src/compat/openssl.cc
  4. 27 4
      src/crypto/dh_util.cc
  5. 143 6
      src/dhparam.cc
  6. 1 0
      src/dl.cc
  7. 26 1
      src/dl.h
  8. 1 1
      src/generate_defs.sh
  9. 12 7
      src/libcrypto.cc
  10. 19 6
      src/libssl.cc
  11. 0 2
      src/libtcl.cc
  12. 5 0
      src/openssl.cc

+ 1 - 0
doc/UPDATES.md

@@ -8,6 +8,7 @@
     will properly assign roles out to bots to not cause overlap. Only leaf
     will properly assign roles out to bots to not cause overlap. Only leaf
     bots know which bots have which roles. (#39)
     bots know which bots have which roles. (#39)
   * Add cmd_roles (leaf only) to display roles for a channel. (#39)
   * Add cmd_roles (leaf only) to display roles for a channel. (#39)
+  * Fix OpenSSL 1.1 build (API) and forward-runtime (ABI) compatibility.
 
 
 # master
 # master
   * Require C++11 compiler support (G++ 4.7+, clang32+)
   * Require C++11 compiler support (G++ 4.7+, clang32+)

+ 1 - 0
src/Makefile.in

@@ -75,6 +75,7 @@ OBJS = auth.So \
 	compat/snprintf.o \
 	compat/snprintf.o \
 	compat/memmem.o \
 	compat/memmem.o \
 	compat/memutil.o \
 	compat/memutil.o \
+	compat/openssl.o \
 	compat/strlcpy.o \
 	compat/strlcpy.o \
 	compat/strsep.o \
 	compat/strsep.o \
 	crypto/aes_util.o \
 	crypto/aes_util.o \

+ 49 - 0
src/compat/openssl.cc

@@ -0,0 +1,49 @@
+#include <openssl/opensslv.h>
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#include <stdlib.h>
+#include <stdint.h>
+#include "dl.h"
+
+extern "C" {
+typedef int (*OPENSSL_init_ssl_t)(uint64_t a1, const void *a2);
+int _OPENSSL_init_ssl(uint64_t a1 __unused, const void *a2 __unused) {
+  if (DLSYM_VAR(OPENSSL_init_ssl) == NULL)
+    if (DLSYM_GLOBAL_SIMPLE(RTLD_NEXT, OPENSSL_init_ssl) == NULL)
+      return 0;
+  return DLSYM_VAR(OPENSSL_init_ssl)(a1, a2);
+}
+
+void _ERR_free_strings(void) {
+}
+
+void _EVP_cleanup(void) {
+}
+
+void _CRYPTO_cleanup_all_ex_data(void) {
+}
+
+int _SSL_library_init(void) {
+  return _OPENSSL_init_ssl(0, NULL);
+}
+
+#define OPENSSL_INIT_LOAD_CRYPTO_STRINGS    0x00000002L
+#define OPENSSL_INIT_LOAD_SSL_STRINGS       0x00200000L
+void _SSL_load_error_strings(void) {
+    _OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS \
+                     | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
+}
+
+typedef void *(*TLS_client_method_t)(void);
+const void *_TLS_client_method(void) {
+  if (DLSYM_VAR(TLS_client_method) == NULL)
+    if (DLSYM_GLOBAL_SIMPLE(RTLD_NEXT, TLS_client_method) == NULL)
+      return NULL;
+  return DLSYM_VAR(TLS_client_method)();
+}
+
+const void *_SSLv23_client_method(void) {
+  return _TLS_client_method();
+}
+
+} /* extern "C" */
+#endif	/* OPENSSL_VERSION_NUMBER < 0x10100000L */

+ 27 - 4
src/crypto/dh_util.cc

@@ -81,10 +81,17 @@ bd::String fishBase64Decode(const bd::String& str) {
 
 
 void DH1080_gen(bd::String& privateKey, bd::String& publicKeyB64) {
 void DH1080_gen(bd::String& privateKey, bd::String& publicKeyB64) {
   DH *dh = NULL;
   DH *dh = NULL;
+  const BIGNUM *priv_key, *pub_key;
 
 
   dh = DH_new();
   dh = DH_new();
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  if (b_prime == NULL || b_generator == NULL ||
+      !DH_set0_pqg(dh, BN_dup(b_prime), NULL, BN_dup(b_generator)))
+    return;
+#else
   dh->p = BN_dup(b_prime);
   dh->p = BN_dup(b_prime);
   dh->g = BN_dup(b_generator);
   dh->g = BN_dup(b_generator);
+#endif
 
 
   if (!DH_generate_key(dh)) {
   if (!DH_generate_key(dh)) {
     DH_free(dh);
     DH_free(dh);
@@ -92,14 +99,20 @@ void DH1080_gen(bd::String& privateKey, bd::String& publicKeyB64) {
   }
   }
 
 
   // Get private key
   // Get private key
-  privateKey.resize(BN_num_bytes(dh->priv_key), 0);
-  BN_bn2bin(dh->priv_key, reinterpret_cast<unsigned char*>(privateKey.mdata()));
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  DH_get0_key(dh, &pub_key, &priv_key);
+#else
+  priv_key = dh->priv_key;
+  pub_key = dh->pub_key;
+#endif
+  privateKey.resize(BN_num_bytes(priv_key), 0);
+  BN_bn2bin(priv_key, reinterpret_cast<unsigned char*>(privateKey.mdata()));
 
 
   // Get public key
   // Get public key
   bd::String publicKey;
   bd::String publicKey;
   // Resize as the mdata() modification won't update the internal length, but resize() will
   // Resize as the mdata() modification won't update the internal length, but resize() will
-  publicKey.resize(static_cast<size_t>(BN_num_bytes(dh->pub_key)));
-  BN_bn2bin(dh->pub_key, reinterpret_cast<unsigned char*>(publicKey.mdata()));;
+  publicKey.resize(static_cast<size_t>(BN_num_bytes(pub_key)));
+  BN_bn2bin(pub_key, reinterpret_cast<unsigned char*>(publicKey.mdata()));;
 
 
   // base64 encode
   // base64 encode
   publicKeyB64 = fishBase64Encode(publicKey);
   publicKeyB64 = fishBase64Encode(publicKey);
@@ -113,12 +126,22 @@ bool DH1080_comp(const bd::String privateKey, const bd::String theirPublicKeyB64
 
 
 
 
   dh = DH_new();
   dh = DH_new();
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  if (b_prime == NULL || b_generator == NULL ||
+      !DH_set0_pqg(dh, BN_dup(b_prime), NULL, BN_dup(b_generator)))
+    return false;
+#else
   dh->p = BN_dup(b_prime);
   dh->p = BN_dup(b_prime);
   dh->g = BN_dup(b_generator);
   dh->g = BN_dup(b_generator);
+#endif
 
 
   // Setup my private key
   // Setup my private key
   b_myPrivkey = BN_bin2bn(reinterpret_cast<const unsigned char*>(privateKey.data()), privateKey.length(), NULL);
   b_myPrivkey = BN_bin2bn(reinterpret_cast<const unsigned char*>(privateKey.data()), privateKey.length(), NULL);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  DH_set0_key(dh, NULL, b_myPrivkey);
+#else
   dh->priv_key = b_myPrivkey;
   dh->priv_key = b_myPrivkey;
+#endif
 
 
   // Prep their public key
   // Prep their public key
   bd::String theirPublicKey(fishBase64Decode(theirPublicKeyB64));
   bd::String theirPublicKey(fishBase64Decode(theirPublicKeyB64));

+ 143 - 6
src/dhparam.cc

@@ -27,12 +27,25 @@ DH *get_dh2048() {
     0x02,
     0x02,
   };
   };
   DH *dh;
   DH *dh;
+  BIGNUM *dhp_bn, *dhg_bn;
 
 
   if ((dh=DH_new()) == NULL) return(NULL);
   if ((dh=DH_new()) == NULL) return(NULL);
-  dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
-  dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
+  dhp_bn = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
+  dhg_bn = BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  if (dhp_bn == NULL || dhg_bn == NULL
+      || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
+    DH_free(dh);
+    BN_free(dhp_bn);
+    BN_free(dhg_bn);
+    return NULL;
+  }
+#else
+  dh->p = dhp_bn;
+  dh->g = dhg_bn;
   if ((dh->p == NULL) || (dh->g == NULL))
   if ((dh->p == NULL) || (dh->g == NULL))
   { DH_free(dh); return(NULL); }
   { DH_free(dh); return(NULL); }
+#endif
   return(dh);
   return(dh);
 }
 }
 /*
 /*
@@ -64,12 +77,25 @@ DH *get_dh1024() {
     0x02,
     0x02,
   };
   };
   DH *dh;
   DH *dh;
+  BIGNUM *dhp_bn, *dhg_bn;
 
 
   if ((dh=DH_new()) == NULL) return(NULL);
   if ((dh=DH_new()) == NULL) return(NULL);
-  dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
-  dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
+  dhp_bn = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
+  dhg_bn = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  if (dhp_bn == NULL || dhg_bn == NULL
+      || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
+    DH_free(dh);
+    BN_free(dhp_bn);
+    BN_free(dhg_bn);
+    return NULL;
+  }
+#else
+  dh->p = dhp_bn;
+  dh->g = dhg_bn;
   if ((dh->p == NULL) || (dh->g == NULL))
   if ((dh->p == NULL) || (dh->g == NULL))
   { DH_free(dh); return(NULL); }
   { DH_free(dh); return(NULL); }
+#endif
   return(dh);
   return(dh);
 }
 }
 /*
 /*
@@ -92,12 +118,25 @@ DH *get_dh512() {
     0x02,
     0x02,
   };
   };
   DH *dh;
   DH *dh;
+  BIGNUM *dhp_bn, *dhg_bn;
 
 
   if ((dh=DH_new()) == NULL) return(NULL);
   if ((dh=DH_new()) == NULL) return(NULL);
-  dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
-  dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
+  dhp_bn = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
+  dhg_bn = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  if (dhp_bn == NULL || dhg_bn == NULL
+      || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
+    DH_free(dh);
+    BN_free(dhp_bn);
+    BN_free(dhg_bn);
+    return NULL;
+  }
+#else
+  dh->p = dhp_bn;
+  dh->g = dhg_bn;
   if ((dh->p == NULL) || (dh->g == NULL))
   if ((dh->p == NULL) || (dh->g == NULL))
   { DH_free(dh); return(NULL); }
   { DH_free(dh); return(NULL); }
+#endif
   return(dh);
   return(dh);
 }
 }
 /*
 /*
@@ -106,4 +145,102 @@ DH *get_dh512() {
    iDezzV0CAwY1RzzZRJm7m0wkssATAgEC
    iDezzV0CAwY1RzzZRJm7m0wkssATAgEC
    -----END DH PARAMETERS-----
    -----END DH PARAMETERS-----
    */
    */
+
+DH *get_dh4096()
+{
+    static unsigned char dhp_4096[] = {
+	0xDB, 0xEA, 0x68, 0x34, 0x68, 0xC4, 0xB8, 0xB0, 0xDA, 0x5C, 
+	0xFF, 0x8E, 0x4D, 0xA0, 0xD2, 0x50, 0x60, 0xCC, 0x5E, 0x48, 
+	0xDD, 0x38, 0xC8, 0x72, 0x71, 0xA6, 0xFE, 0x73, 0x91, 0x32, 
+	0xB5, 0x41, 0xB4, 0x2C, 0x19, 0xB6, 0x86, 0x66, 0xC2, 0x01, 
+	0x96, 0xF9, 0xB5, 0x9C, 0x5D, 0xC9, 0xA1, 0x15, 0xEC, 0x59, 
+	0x8A, 0xDB, 0xE6, 0xEB, 0x99, 0xB0, 0xDA, 0x04, 0x7C, 0x65, 
+	0x58, 0x89, 0xEA, 0x89, 0x4B, 0x53, 0x9C, 0x43, 0x60, 0xC7, 
+	0x42, 0x1D, 0xB5, 0x29, 0x35, 0xD3, 0x29, 0x94, 0x3C, 0x44, 
+	0x82, 0x63, 0x4A, 0xF2, 0xA1, 0xE0, 0x09, 0x81, 0x53, 0x8F, 
+	0xB3, 0xCD, 0x0D, 0x3F, 0x06, 0x4D, 0x56, 0x9F, 0x98, 0x0F, 
+	0x5F, 0x98, 0x95, 0x07, 0x09, 0xC4, 0xFE, 0x5B, 0x32, 0xBA, 
+	0x16, 0xDA, 0xB9, 0x58, 0xF3, 0x99, 0x73, 0x82, 0xC8, 0x06, 
+	0x9D, 0x06, 0x94, 0x89, 0x0B, 0x0E, 0xB7, 0xE7, 0x18, 0x90, 
+	0x6F, 0x91, 0xAB, 0xEA, 0x5F, 0xD0, 0xC0, 0xBE, 0xD4, 0x9E, 
+	0x05, 0x4E, 0xC7, 0x5A, 0x13, 0x6D, 0x64, 0x5F, 0x87, 0xC6, 
+	0x0A, 0x01, 0x74, 0x6A, 0x43, 0x05, 0x0A, 0xD6, 0xAA, 0x57, 
+	0x00, 0xC0, 0x26, 0x58, 0xEF, 0x8E, 0xF2, 0x20, 0x57, 0x79, 
+	0xBF, 0x50, 0x9D, 0x3D, 0x05, 0xFB, 0xBA, 0xB4, 0x98, 0x72, 
+	0xBE, 0x93, 0x2A, 0x45, 0x39, 0xA7, 0x6D, 0x97, 0x4A, 0x5A, 
+	0x50, 0x8F, 0x8A, 0xC9, 0x02, 0x34, 0x4A, 0x94, 0x52, 0xC1, 
+	0x9A, 0xDB, 0x07, 0x88, 0x2B, 0xED, 0x00, 0x84, 0x58, 0x95, 
+	0x2F, 0x04, 0xE1, 0x76, 0x03, 0x88, 0x1A, 0x1B, 0xBB, 0x21, 
+	0x00, 0x19, 0x90, 0xE5, 0xD6, 0x11, 0xA6, 0x47, 0x17, 0xFF, 
+	0x31, 0xD5, 0xE1, 0xA3, 0x3F, 0xE4, 0x9A, 0xFB, 0xE5, 0x0D, 
+	0xC6, 0xA2, 0x21, 0x1B, 0xBE, 0xA5, 0x39, 0xD2, 0x2D, 0xB0, 
+	0x68, 0xF5, 0xDB, 0x2B, 0x3C, 0x3C, 0xE6, 0x07, 0xC3, 0x59, 
+	0xFC, 0x06, 0xA1, 0x20, 0x73, 0xAB, 0x59, 0xEA, 0xD8, 0x52, 
+	0x73, 0xA7, 0x27, 0x47, 0x7A, 0xBB, 0x76, 0xB9, 0x0E, 0x82, 
+	0x4A, 0xB2, 0x70, 0x7B, 0xA8, 0xF5, 0x34, 0x41, 0xF0, 0x55, 
+	0x15, 0x83, 0x73, 0xDC, 0xDE, 0x28, 0x24, 0x78, 0x34, 0x0F, 
+	0x4F, 0xCB, 0x5A, 0x21, 0xE8, 0x25, 0x22, 0xAB, 0xD8, 0xFF, 
+	0x5F, 0x79, 0xAE, 0xF5, 0x15, 0x54, 0xB3, 0xDC, 0xA1, 0x3D, 
+	0x84, 0x14, 0x08, 0xEF, 0xFC, 0xC0, 0x72, 0xB4, 0x3F, 0xF6, 
+	0x9C, 0x19, 0xBF, 0x03, 0x58, 0xDD, 0xA0, 0xF5, 0x2C, 0xD4, 
+	0x10, 0xC6, 0x7E, 0xD6, 0x00, 0x6A, 0xC8, 0xA3, 0x21, 0x49, 
+	0xF3, 0x00, 0xAF, 0x74, 0x53, 0xD6, 0x4D, 0xC1, 0xA6, 0x38, 
+	0xFA, 0x7D, 0xEC, 0x29, 0xFE, 0x05, 0xC4, 0xDE, 0xF3, 0x44, 
+	0xD4, 0x6D, 0xD4, 0x28, 0xB1, 0x69, 0x76, 0x16, 0x98, 0x57, 
+	0x95, 0xAB, 0x1A, 0x48, 0xD4, 0x4D, 0x54, 0xF2, 0x25, 0xCA, 
+	0x0F, 0xDE, 0x1C, 0x8A, 0x37, 0xA3, 0xD2, 0xFD, 0x3D, 0x25, 
+	0x68, 0xF7, 0x3C, 0xD0, 0x00, 0xF5, 0xD4, 0xC5, 0x3B, 0xB0, 
+	0x4B, 0xFE, 0xE5, 0x65, 0x65, 0xA6, 0x49, 0x7C, 0x6C, 0x8C, 
+	0x05, 0x2D, 0x37, 0x05, 0xFA, 0xEC, 0x5B, 0x8B, 0xB0, 0xAA, 
+	0x0A, 0x7F, 0x8E, 0x97, 0x7A, 0x2A, 0x04, 0x75, 0x3E, 0x60, 
+	0xE3, 0xBD, 0xDC, 0xC7, 0x08, 0x21, 0xFA, 0x46, 0x89, 0x12, 
+	0x02, 0x02, 0xDE, 0x2D, 0x47, 0xFD, 0x3D, 0xC3, 0x4C, 0x9E, 
+	0x3F, 0x0C, 0xF3, 0x05, 0x74, 0xD2, 0x00, 0x8F, 0x09, 0xA2, 
+	0x9E, 0x8E, 0x64, 0x63, 0x91, 0xA0, 0xA0, 0x54, 0xCD, 0x70, 
+	0xB3, 0x81, 0x07, 0x94, 0xE7, 0x81, 0x69, 0x97, 0xFD, 0x41, 
+	0x58, 0xB6, 0x00, 0x37, 0x25, 0x28, 0xC3, 0x55, 0x92, 0xC0, 
+	0x12, 0x0A, 0x4E, 0x86, 0x75, 0xF5, 0x7D, 0x15, 0x36, 0xC9, 
+	0x52, 0x33
+    };
+    static unsigned char dhg_4096[] = {
+	0x02
+    };
+    DH *dh = DH_new();
+    BIGNUM *dhp_bn, *dhg_bn;
+
+    if (dh == NULL)
+        return NULL;
+    dhp_bn = BN_bin2bn(dhp_4096, sizeof(dhp_4096), NULL);
+    dhg_bn = BN_bin2bn(dhg_4096, sizeof(dhg_4096), NULL);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  if (dhp_bn == NULL || dhg_bn == NULL
+      || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
+    DH_free(dh);
+    BN_free(dhp_bn);
+    BN_free(dhg_bn);
+    return NULL;
+  }
+#else
+  dh->p = dhp_bn;
+  dh->g = dhg_bn;
+  if ((dh->p == NULL) || (dh->g == NULL))
+  { DH_free(dh); return(NULL); }
+#endif
+    return dh;
+}
+/*
+-----BEGIN DH PARAMETERS-----
+MIICCAKCAgEA2+poNGjEuLDaXP+OTaDSUGDMXkjdOMhycab+c5EytUG0LBm2hmbC
+AZb5tZxdyaEV7FmK2+brmbDaBHxlWInqiUtTnENgx0IdtSk10ymUPESCY0ryoeAJ
+gVOPs80NPwZNVp+YD1+YlQcJxP5bMroW2rlY85lzgsgGnQaUiQsOt+cYkG+Rq+pf
+0MC+1J4FTsdaE21kX4fGCgF0akMFCtaqVwDAJljvjvIgV3m/UJ09Bfu6tJhyvpMq
+RTmnbZdKWlCPiskCNEqUUsGa2weIK+0AhFiVLwThdgOIGhu7IQAZkOXWEaZHF/8x
+1eGjP+Sa++UNxqIhG76lOdItsGj12ys8POYHw1n8BqEgc6tZ6thSc6cnR3q7drkO
+gkqycHuo9TRB8FUVg3Pc3igkeDQPT8taIeglIqvY/195rvUVVLPcoT2EFAjv/MBy
+tD/2nBm/A1jdoPUs1BDGftYAasijIUnzAK90U9ZNwaY4+n3sKf4FxN7zRNRt1Cix
+aXYWmFeVqxpI1E1U8iXKD94cijej0v09JWj3PNAA9dTFO7BL/uVlZaZJfGyMBS03
+BfrsW4uwqgp/jpd6KgR1PmDjvdzHCCH6RokSAgLeLUf9PcNMnj8M8wV00gCPCaKe
+jmRjkaCgVM1ws4EHlOeBaZf9QVi2ADclKMNVksASCk6GdfV9FTbJUjMCAQI=
+-----END DH PARAMETERS-----
+*/
 /* vim: set sts=2 sw=2 ts=8 et: */
 /* vim: set sts=2 sw=2 ts=8 et: */

+ 1 - 0
src/dl.cc

@@ -32,5 +32,6 @@
 #include <bdlib/src/Array.h>
 #include <bdlib/src/Array.h>
 #include <bdlib/src/HashTable.h>
 #include <bdlib/src/HashTable.h>
 
 
+const char *dlsym_error;
 bd::HashTable<bd::String, FunctionPtr> dl_symbol_table;
 bd::HashTable<bd::String, FunctionPtr> dl_symbol_table;
 /* vim: set sts=2 sw=2 ts=8 et: */
 /* vim: set sts=2 sw=2 ts=8 et: */

+ 26 - 1
src/dl.h

@@ -7,6 +7,8 @@
 #include <bdlib/src/String.h>
 #include <bdlib/src/String.h>
 #include <bdlib/src/HashTable.h>
 #include <bdlib/src/HashTable.h>
 
 
+extern const char *dlsym_error;
+
 #define DLSYM(_handle, x) \
 #define DLSYM(_handle, x) \
   dlerror(); \
   dlerror(); \
   x##_t x; \
   x##_t x; \
@@ -17,23 +19,46 @@
     return(1); \
     return(1); \
   }
   }
 
 
+#define DLSYM_GLOBAL_FWDCOMPAT(_handle, x) do { \
+  dlerror(); \
+  if ((dl_symbol_table[#x] = (FunctionPtr) ((x##_t) dlsym(_handle, #x))) == \
+    NULL) { \
+    if ((dl_symbol_table[#x] = \
+      (FunctionPtr) ((x##_t) dlsym(RTLD_SELF, "_" #x))) == NULL) { \
+      dlsym_error = dlerror(); \
+      if (dlsym_error) { \
+        fprintf(stderr, "%s", dlsym_error); \
+        return(1); \
+      } \
+    } \
+  } else { \
+    my_symbols << #x; \
+  } \
+} while (0)
+
 #define DLSYM_GLOBAL(_handle, x) do { \
 #define DLSYM_GLOBAL(_handle, x) do { \
   dlerror(); \
   dlerror(); \
   dl_symbol_table[#x] = (FunctionPtr) ((x##_t) dlsym(_handle, #x)); \
   dl_symbol_table[#x] = (FunctionPtr) ((x##_t) dlsym(_handle, #x)); \
-  my_symbols << #x; \
   dlsym_error = dlerror(); \
   dlsym_error = dlerror(); \
   if (dlsym_error) { \
   if (dlsym_error) { \
     fprintf(stderr, "%s", dlsym_error); \
     fprintf(stderr, "%s", dlsym_error); \
     return(1); \
     return(1); \
   } \
   } \
+  my_symbols << #x; \
 } while (0)
 } while (0)
 
 
+#define DLSYM_GLOBAL_SIMPLE(_handle, x) ( \
+  dl_symbol_table[#x] = (FunctionPtr) ((x##_t) dlsym(_handle, #x)), \
+  dl_symbol_table[#x] \
+)
+
 #define DLSYM_VAR(x) ((x##_t)dl_symbol_table[#x])
 #define DLSYM_VAR(x) ((x##_t)dl_symbol_table[#x])
 
 
 extern bd::HashTable<bd::String, FunctionPtr> dl_symbol_table;
 extern bd::HashTable<bd::String, FunctionPtr> dl_symbol_table;
 
 
 #ifdef GENERATE_DEFS
 #ifdef GENERATE_DEFS
 #undef DLSYM_GLOBAL
 #undef DLSYM_GLOBAL
+#undef DLSYM_GLOBAL_FWDCOMPAT
 #endif
 #endif
 
 
 #endif /* !_DL_H_ */
 #endif /* !_DL_H_ */

+ 1 - 1
src/generate_defs.sh

@@ -51,7 +51,7 @@ for file in ${files}; do
   mv $TMPFILE.sed $TMPFILE
   mv $TMPFILE.sed $TMPFILE
   cd ..
   cd ..
 
 
-  for symbol in $($SED -n -e 's/.*DLSYM_GLOBAL(.*, \([^)]*\).*/\1/p' $TMPFILE|sort -u); do
+  for symbol in $($SED -n -e 's/.*DLSYM_GLOBAL[^ (]*(.*, \([^)]*\).*/\1/p' $TMPFILE|sort -u); do
     # Check if the typedef is already defined ...
     # Check if the typedef is already defined ...
     typedef=$(grep "^typedef .*(\*${symbol}_t)" ${dirname}/${basename}.h)
     typedef=$(grep "^typedef .*(\*${symbol}_t)" ${dirname}/${basename}.h)
     # ... if not, generate it
     # ... if not, generate it

+ 12 - 7
src/libcrypto.cc

@@ -38,8 +38,6 @@ void *libcrypto_handle = NULL;
 static bd::Array<bd::String> my_symbols;
 static bd::Array<bd::String> my_symbols;
 
 
 static int load_symbols(void *handle) {
 static int load_symbols(void *handle) {
-  const char *dlsym_error = NULL;
-
   DLSYM_GLOBAL(handle, AES_cbc_encrypt);
   DLSYM_GLOBAL(handle, AES_cbc_encrypt);
   DLSYM_GLOBAL(handle, AES_decrypt);
   DLSYM_GLOBAL(handle, AES_decrypt);
   DLSYM_GLOBAL(handle, AES_encrypt);
   DLSYM_GLOBAL(handle, AES_encrypt);
@@ -49,7 +47,6 @@ static int load_symbols(void *handle) {
   DLSYM_GLOBAL(handle, BF_encrypt);
   DLSYM_GLOBAL(handle, BF_encrypt);
   DLSYM_GLOBAL(handle, BF_set_key);
   DLSYM_GLOBAL(handle, BF_set_key);
   DLSYM_GLOBAL(handle, ERR_error_string);
   DLSYM_GLOBAL(handle, ERR_error_string);
-  DLSYM_GLOBAL(handle, ERR_free_strings);
   DLSYM_GLOBAL(handle, ERR_get_error);
   DLSYM_GLOBAL(handle, ERR_get_error);
   DLSYM_GLOBAL(handle, OPENSSL_cleanse);
   DLSYM_GLOBAL(handle, OPENSSL_cleanse);
   DLSYM_GLOBAL(handle, RAND_file_name);
   DLSYM_GLOBAL(handle, RAND_file_name);
@@ -81,9 +78,17 @@ static int load_symbols(void *handle) {
   DLSYM_GLOBAL(handle, DH_new);
   DLSYM_GLOBAL(handle, DH_new);
   DLSYM_GLOBAL(handle, DH_size);
   DLSYM_GLOBAL(handle, DH_size);
 
 
-  DLSYM_GLOBAL(handle, EVP_cleanup);
-  DLSYM_GLOBAL(handle, CRYPTO_cleanup_all_ex_data);
-
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  /* For dh_util.cc */
+  DLSYM_GLOBAL(handle, DH_get0_key);
+  DLSYM_GLOBAL(handle, DH_set0_key);
+  DLSYM_GLOBAL(handle, DH_set0_pqg);
+  DLSYM_GLOBAL(handle, BN_free);
+#else
+  DLSYM_GLOBAL_FWDCOMPAT(handle, ERR_free_strings);
+  DLSYM_GLOBAL_FWDCOMPAT(handle, EVP_cleanup);
+  DLSYM_GLOBAL_FWDCOMPAT(handle, CRYPTO_cleanup_all_ex_data);
+#endif
 
 
   return 0;
   return 0;
 }
 }
@@ -96,7 +101,7 @@ int load_libcrypto() {
 
 
   sdprintf("Loading libcrypto");
   sdprintf("Loading libcrypto");
 
 
-  bd::Array<bd::String> libs_list(bd::String("libcrypto.so." SHLIB_VERSION_NUMBER " libcrypto.so libcrypto.so.1.0.0 libcrypto.so.0.9.8 libcrypto.so.8 libcrypto.so.7 libcrypto.so.6").split(' '));
+  bd::Array<bd::String> libs_list(bd::String("libcrypto.so." SHLIB_VERSION_NUMBER " libcrypto.so libcrypto.so.1.1 libcrypto.so.1.0.0 libcrypto.so.0.9.8 libcrypto.so.10 libcrypto.so.9 libcrypto.so.8 libcrypto.so.7 libcrypto.so.6").split(' '));
 
 
   for (size_t i = 0; i < libs_list.length(); ++i) {
   for (size_t i = 0; i < libs_list.length(); ++i) {
     dlerror(); // Clear Errors
     dlerror(); // Clear Errors

+ 19 - 6
src/libssl.cc

@@ -38,25 +38,38 @@ void *libssl_handle = NULL;
 static bd::Array<bd::String> my_symbols;
 static bd::Array<bd::String> my_symbols;
 
 
 static int load_symbols(void *handle) {
 static int load_symbols(void *handle) {
-  const char *dlsym_error = NULL;
-
   DLSYM_GLOBAL(handle, SSL_get_error);
   DLSYM_GLOBAL(handle, SSL_get_error);
   DLSYM_GLOBAL(handle, SSL_connect);
   DLSYM_GLOBAL(handle, SSL_connect);
   DLSYM_GLOBAL(handle, SSL_CTX_free);
   DLSYM_GLOBAL(handle, SSL_CTX_free);
   DLSYM_GLOBAL(handle, SSL_CTX_new);
   DLSYM_GLOBAL(handle, SSL_CTX_new);
   DLSYM_GLOBAL(handle, SSL_free);
   DLSYM_GLOBAL(handle, SSL_free);
-  DLSYM_GLOBAL(handle, SSL_library_init);
-  DLSYM_GLOBAL(handle, SSL_load_error_strings);
   DLSYM_GLOBAL(handle, SSL_new);
   DLSYM_GLOBAL(handle, SSL_new);
   DLSYM_GLOBAL(handle, SSL_pending);
   DLSYM_GLOBAL(handle, SSL_pending);
   DLSYM_GLOBAL(handle, SSL_read);
   DLSYM_GLOBAL(handle, SSL_read);
   DLSYM_GLOBAL(handle, SSL_set_fd);
   DLSYM_GLOBAL(handle, SSL_set_fd);
   DLSYM_GLOBAL(handle, SSL_shutdown);
   DLSYM_GLOBAL(handle, SSL_shutdown);
-  DLSYM_GLOBAL(handle, SSLv23_client_method);
   DLSYM_GLOBAL(handle, SSL_write);
   DLSYM_GLOBAL(handle, SSL_write);
   DLSYM_GLOBAL(handle, SSL_CTX_ctrl);
   DLSYM_GLOBAL(handle, SSL_CTX_ctrl);
   DLSYM_GLOBAL(handle, SSL_CTX_set_cipher_list);
   DLSYM_GLOBAL(handle, SSL_CTX_set_cipher_list);
   DLSYM_GLOBAL(handle, SSL_CTX_set_tmp_dh_callback);
   DLSYM_GLOBAL(handle, SSL_CTX_set_tmp_dh_callback);
+#if defined(OPENSSL_API_COMPAT) && OPENSSL_API_COMPAT < 0x10100000L
+  /* For SSL_library_init and SSL_load_error_strings. */
+  DLSYM_GLOBAL(handle, OPENSSL_init_ssl);
+#else
+  DLSYM_GLOBAL_FWDCOMPAT(handle, SSL_library_init);
+  DLSYM_GLOBAL_FWDCOMPAT(handle, SSL_load_error_strings);
+  /* Some forward-compat is handled in src/compat/openssl.cc. */
+#endif
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  /* For SSLv23_client_method */
+  DLSYM_GLOBAL(handle, TLS_client_method);
+  /* For SSLv23_method */
+  DLSYM_GLOBAL(handle, TLS_method);
+  DLSYM_GLOBAL(handle, SSL_CTX_set_options);
+#else
+  DLSYM_GLOBAL_FWDCOMPAT(handle, SSLv23_client_method);
+  /* Some forward-compat is handled in src/compat/openssl.cc. */
+#endif
 
 
   return 0;
   return 0;
 }
 }
@@ -69,7 +82,7 @@ int load_libssl() {
 
 
   sdprintf("Loading libssl");
   sdprintf("Loading libssl");
 
 
-  bd::Array<bd::String> libs_list(bd::String("libssl.so." SHLIB_VERSION_NUMBER " libssl.so libssl.so.1.0.0 libssl.so.0.9.8 libssl.so.8 libssl.so.7 libssl.so.6").split(' '));
+  bd::Array<bd::String> libs_list(bd::String("libssl.so." SHLIB_VERSION_NUMBER " libssl.so libssl.so.1.1 libssl.so.1.0.0 libssl.so.0.9.8 libssl.so.10 libssl.so.9 libssl.so.8 libssl.so.7 libssl.so.6").split(' '));
 
 
   for (size_t i = 0; i < libs_list.length(); ++i) {
   for (size_t i = 0; i < libs_list.length(); ++i) {
     dlerror(); // Clear Errors
     dlerror(); // Clear Errors

+ 0 - 2
src/libtcl.cc

@@ -45,8 +45,6 @@ void initialize_binds_tcl();
 
 
 static int load_symbols(void *handle) {
 static int load_symbols(void *handle) {
 #ifdef USE_SCRIPT_TCL
 #ifdef USE_SCRIPT_TCL
-  const char *dlsym_error = NULL;
-
   DLSYM_GLOBAL(handle, Tcl_Eval);
   DLSYM_GLOBAL(handle, Tcl_Eval);
   DLSYM_GLOBAL(handle, Tcl_GetStringResult);
   DLSYM_GLOBAL(handle, Tcl_GetStringResult);
   DLSYM_GLOBAL(handle, Tcl_DeleteInterp);
   DLSYM_GLOBAL(handle, Tcl_DeleteInterp);

+ 5 - 0
src/openssl.cc

@@ -49,6 +49,9 @@ static DH* tmp_dh_callback(SSL* ssl, int is_export, int keylength) {
   DH *ret = NULL;
   DH *ret = NULL;
 
 
   switch (keylength) {
   switch (keylength) {
+    case 4096:
+      ret = get_dh4096();
+      break;
     case 2048:
     case 2048:
       ret = get_dh2048();
       ret = get_dh2048();
       break;
       break;
@@ -118,9 +121,11 @@ int uninit_openssl () {
     RAND_write_file(tls_rand_file);
     RAND_write_file(tls_rand_file);
 #endif
 #endif
 
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
   ERR_free_strings();
   ERR_free_strings();
   EVP_cleanup();
   EVP_cleanup();
   CRYPTO_cleanup_all_ex_data();
   CRYPTO_cleanup_all_ex_data();
+#endif
 
 
   unload_libssl();
   unload_libssl();
   unload_libcrypto();
   unload_libcrypto();