From c45d853f440f8eba45ec8348a8b5b3908b178394 Mon Sep 17 00:00:00 2001 From: Aram Sargsyan Date: Wed, 1 Sep 2021 18:50:46 +0000 Subject: [PATCH] Use EVP_MD_CTX_get0_md() instead of deprecated EVP_MD_CTX_md() OpenSSL 3.0.0 deprecates the EVP_MD_CTX_md() function. Use EVP_MD_CTX_md() instead of EVP_MD_CTX_get0_md() and create a shim to use the old variant for the older OpenSSL versions which don't have the newer EVP_MD_CTX_get0_md(). --- configure.ac | 2 +- lib/isc/md.c | 2 +- lib/isc/openssl_shim.h | 4 ++++ 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/configure.ac b/configure.ac index 0542042098..0a09220195 100644 --- a/configure.ac +++ b/configure.ac @@ -627,7 +627,7 @@ AC_COMPILE_IFELSE( AC_CHECK_FUNCS([OPENSSL_init_ssl OPENSSL_init_crypto]) AC_CHECK_FUNCS([CRYPTO_zalloc]) AC_CHECK_FUNCS([EVP_CIPHER_CTX_new EVP_CIPHER_CTX_free]) -AC_CHECK_FUNCS([EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset]) +AC_CHECK_FUNCS([EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset EVP_MD_CTX_get0_md]) AC_CHECK_FUNCS([HMAC_CTX_new HMAC_CTX_free HMAC_CTX_reset HMAC_CTX_get_md]) AC_CHECK_FUNCS([SSL_read_ex SSL_peek_ex SSL_write_ex]) AC_CHECK_FUNCS([BIO_read_ex BIO_write_ex]) diff --git a/lib/isc/md.c b/lib/isc/md.c index 10e4b04bcc..c5537e20ab 100644 --- a/lib/isc/md.c +++ b/lib/isc/md.c @@ -93,7 +93,7 @@ const isc_md_type_t * isc_md_get_md_type(isc_md_t *md) { REQUIRE(md != NULL); - return (EVP_MD_CTX_md(md)); + return (EVP_MD_CTX_get0_md(md)); } size_t diff --git a/lib/isc/openssl_shim.h b/lib/isc/openssl_shim.h index bd5a137e34..87fcf29bc8 100644 --- a/lib/isc/openssl_shim.h +++ b/lib/isc/openssl_shim.h @@ -52,6 +52,10 @@ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx); #endif /* if !HAVE_EVP_MD_CTX_RESET */ +#if !HAVE_EVP_MD_CTX_GET0_MD +#define EVP_MD_CTX_get0_md EVP_MD_CTX_md +#endif /* if !HAVE_EVP_MD_CTX_GET0_MD */ + #if !HAVE_HMAC_CTX_NEW HMAC_CTX * HMAC_CTX_new(void);