1 diff -up cyrus-sasl-2.1.26/plugins/ntlm.c.openssl110 cyrus-sasl-2.1.26/plugins/ntlm.c
2 --- cyrus-sasl-2.1.26/plugins/ntlm.c.openssl110 2012-01-28 00:31:36.000000000 +0100
3 +++ cyrus-sasl-2.1.26/plugins/ntlm.c 2016-11-07 16:15:57.498259304 +0100
4 @@ -417,6 +417,29 @@ static unsigned char *P24(unsigned char
8 +static HMAC_CTX *_plug_HMAC_CTX_new(const sasl_utils_t *utils)
10 + utils->log(NULL, SASL_LOG_DEBUG, "_plug_HMAC_CTX_new()");
12 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
13 + return HMAC_CTX_new();
15 + return utils->malloc(sizeof(HMAC_CTX));
19 +static void _plug_HMAC_CTX_free(HMAC_CTX *ctx, const sasl_utils_t *utils)
21 + utils->log(NULL, SASL_LOG_DEBUG, "_plug_HMAC_CTX_free()");
23 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
31 static unsigned char *V2(unsigned char *V2, sasl_secret_t *passwd,
32 const char *authid, const char *target,
33 const unsigned char *challenge,
34 @@ -424,7 +447,7 @@ static unsigned char *V2(unsigned char *
35 const sasl_utils_t *utils,
36 char **buf, unsigned *buflen, int *result)
39 + HMAC_CTX *ctx = NULL;
40 unsigned char hash[EVP_MAX_MD_SIZE];
43 @@ -435,6 +458,10 @@ static unsigned char *V2(unsigned char *
44 SETERROR(utils, "cannot allocate NTLMv2 hash");
47 + else if ((ctx = _plug_HMAC_CTX_new(utils)) == NULL) {
48 + SETERROR(utils, "cannot allocate HMAC CTX");
49 + *result = SASL_NOMEM;
52 /* NTLMv2hash = HMAC-MD5(NTLMhash, unicode(ucase(authid + domain))) */
53 P16_nt(hash, passwd, utils, buf, buflen, result);
54 @@ -449,17 +476,18 @@ static unsigned char *V2(unsigned char *
55 HMAC(EVP_md5(), hash, MD4_DIGEST_LENGTH, *buf, 2 * len, hash, &len);
57 /* V2 = HMAC-MD5(NTLMv2hash, challenge + blob) + blob */
58 - HMAC_Init(&ctx, hash, len, EVP_md5());
59 - HMAC_Update(&ctx, challenge, NTLM_NONCE_LENGTH);
60 - HMAC_Update(&ctx, blob, bloblen);
61 - HMAC_Final(&ctx, V2, &len);
63 + HMAC_Init_ex(ctx, hash, len, EVP_md5(), NULL);
64 + HMAC_Update(ctx, challenge, NTLM_NONCE_LENGTH);
65 + HMAC_Update(ctx, blob, bloblen);
66 + HMAC_Final(ctx, V2, &len);
68 /* the blob is concatenated outside of this function */
73 + if (ctx) _plug_HMAC_CTX_free(ctx, utils);
78 diff -up cyrus-sasl-2.1.26/plugins/otp.c.openssl110 cyrus-sasl-2.1.26/plugins/otp.c
79 --- cyrus-sasl-2.1.26/plugins/otp.c.openssl110 2012-10-12 16:05:48.000000000 +0200
80 +++ cyrus-sasl-2.1.26/plugins/otp.c 2016-11-07 16:13:54.374327601 +0100
81 @@ -96,6 +96,28 @@ static algorithm_option_t algorithm_opti
85 +static EVP_MD_CTX *_plug_EVP_MD_CTX_new(const sasl_utils_t *utils)
87 + utils->log(NULL, SASL_LOG_DEBUG, "_plug_EVP_MD_CTX_new()");
89 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
90 + return EVP_MD_CTX_new();
92 + return utils->malloc(sizeof(EVP_MD_CTX));
96 +static void _plug_EVP_MD_CTX_free(EVP_MD_CTX *ctx, const sasl_utils_t *utils)
98 + utils->log(NULL, SASL_LOG_DEBUG, "_plug_EVP_MD_CTX_free()");
100 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
101 + EVP_MD_CTX_free(ctx);
107 /* Convert the binary data into ASCII hex */
108 void bin2hex(unsigned char *bin, int binlen, char *hex)
110 @@ -116,17 +138,16 @@ void bin2hex(unsigned char *bin, int bin
111 * swabbing bytes if necessary.
113 static void otp_hash(const EVP_MD *md, char *in, size_t inlen,
114 - unsigned char *out, int swab)
115 + unsigned char *out, int swab, EVP_MD_CTX *mdctx)
118 - char hash[EVP_MAX_MD_SIZE];
119 + unsigned char hash[EVP_MAX_MD_SIZE];
124 - EVP_DigestInit(&mdctx, md);
125 - EVP_DigestUpdate(&mdctx, in, inlen);
126 - EVP_DigestFinal(&mdctx, hash, &hashlen);
127 + EVP_DigestInit(mdctx, md);
128 + EVP_DigestUpdate(mdctx, in, inlen);
129 + EVP_DigestFinal(mdctx, hash, &hashlen);
131 /* Fold the result into 64 bits */
132 for (i = OTP_HASH_SIZE; i < hashlen; i++) {
133 @@ -149,7 +170,9 @@ static int generate_otp(const sasl_utils
134 char *secret, char *otp)
138 + EVP_MD_CTX *mdctx = NULL;
142 if (!(md = EVP_get_digestbyname(alg->evp_name))) {
143 utils->seterror(utils->conn, 0,
144 @@ -157,23 +180,32 @@ static int generate_otp(const sasl_utils
148 + if ((mdctx = _plug_EVP_MD_CTX_new(utils)) == NULL) {
149 + SETERROR(utils, "cannot allocate MD CTX");
154 if ((key = utils->malloc(strlen(seed) + strlen(secret) + 1)) == NULL) {
155 SETERROR(utils, "cannot allocate OTP key");
164 - otp_hash(md, key, strlen(key), otp, alg->swab);
165 + otp_hash(md, key, strlen(key), otp, alg->swab, mdctx);
167 /* computation step */
169 - otp_hash(md, otp, OTP_HASH_SIZE, otp, alg->swab);
172 + otp_hash(md, otp, OTP_HASH_SIZE, otp, alg->swab, mdctx);
175 + if (key) utils->free(key);
176 + if (mdctx) _plug_EVP_MD_CTX_free(mdctx, utils);
182 static int parse_challenge(const sasl_utils_t *utils,
183 @@ -693,7 +725,8 @@ static int strptrcasecmp(const void *arg
185 /* Convert the 6 words into binary data */
186 static int word2bin(const sasl_utils_t *utils,
187 - char *words, unsigned char *bin, const EVP_MD *md)
188 + char *words, unsigned char *bin, const EVP_MD *md,
192 char *c, *word, buf[OTP_RESPONSE_MAX+1];
193 @@ -752,13 +785,12 @@ static int word2bin(const sasl_utils_t *
195 /* alternate dictionary */
198 - char hash[EVP_MAX_MD_SIZE];
200 + unsigned char hash[EVP_MAX_MD_SIZE];
203 - EVP_DigestInit(&mdctx, md);
204 - EVP_DigestUpdate(&mdctx, word, strlen(word));
205 - EVP_DigestFinal(&mdctx, hash, &hashlen);
206 + EVP_DigestInit(mdctx, md);
207 + EVP_DigestUpdate(mdctx, word, strlen(word));
208 + EVP_DigestFinal(mdctx, hash, &hashlen);
210 /* use lowest 11 bits */
211 x = ((hash[hashlen-2] & 0x7) << 8) | hash[hashlen-1];
212 @@ -802,6 +834,7 @@ static int verify_response(server_contex
216 + EVP_MD_CTX *mdctx = NULL;
219 unsigned char cur_otp[OTP_HASH_SIZE], prev_otp[OTP_HASH_SIZE];
220 @@ -815,6 +848,11 @@ static int verify_response(server_contex
224 + if ((mdctx = _plug_EVP_MD_CTX_new(utils)) == NULL) {
225 + SETERROR(utils, "cannot allocate MD CTX");
229 /* eat leading whitespace */
231 while (isspace((int) *c)) c++;
232 @@ -824,7 +862,7 @@ static int verify_response(server_contex
233 r = hex2bin(c+strlen(OTP_HEX_TYPE), cur_otp, OTP_HASH_SIZE);
235 else if (!strncasecmp(c, OTP_WORD_TYPE, strlen(OTP_WORD_TYPE))) {
236 - r = word2bin(utils, c+strlen(OTP_WORD_TYPE), cur_otp, md);
237 + r = word2bin(utils, c+strlen(OTP_WORD_TYPE), cur_otp, md, mdctx);
239 else if (!strncasecmp(c, OTP_INIT_HEX_TYPE,
240 strlen(OTP_INIT_HEX_TYPE))) {
241 @@ -834,7 +872,7 @@ static int verify_response(server_contex
242 else if (!strncasecmp(c, OTP_INIT_WORD_TYPE,
243 strlen(OTP_INIT_WORD_TYPE))) {
245 - r = word2bin(utils, c+strlen(OTP_INIT_WORD_TYPE), cur_otp, md);
246 + r = word2bin(utils, c+strlen(OTP_INIT_WORD_TYPE), cur_otp, md, mdctx);
249 SETERROR(utils, "unknown OTP extended response type");
250 @@ -843,14 +881,15 @@ static int verify_response(server_contex
253 /* standard response, try word first, and then hex */
254 - r = word2bin(utils, c, cur_otp, md);
255 + r = word2bin(utils, c, cur_otp, md, mdctx);
257 r = hex2bin(c, cur_otp, OTP_HASH_SIZE);
261 /* do one more hash (previous otp) and compare to stored otp */
262 - otp_hash(md, cur_otp, OTP_HASH_SIZE, prev_otp, text->alg->swab);
263 + otp_hash(md, (char *) cur_otp, OTP_HASH_SIZE,
264 + prev_otp, text->alg->swab, mdctx);
266 if (!memcmp(prev_otp, text->otp, OTP_HASH_SIZE)) {
267 /* update the secret with this seq/otp */
268 @@ -879,23 +918,28 @@ static int verify_response(server_contex
272 - if (!(new_chal && new_resp))
273 - return SASL_BADAUTH;
274 + if (!(new_chal && new_resp)) {
279 if ((r = parse_challenge(utils, new_chal, &alg, &seq, seed, 1))
285 - if (seq < 1 || !strcasecmp(seed, text->seed))
286 - return SASL_BADAUTH;
287 + if (seq < 1 || !strcasecmp(seed, text->seed)) {
293 if (!(md = EVP_get_digestbyname(alg->evp_name))) {
294 utils->seterror(utils->conn, 0,
295 "OTP algorithm %s is not available",
297 - return SASL_BADAUTH;
302 if (!strncasecmp(c, OTP_INIT_HEX_TYPE, strlen(OTP_INIT_HEX_TYPE))) {
303 @@ -903,7 +947,7 @@ static int verify_response(server_contex
305 else if (!strncasecmp(c, OTP_INIT_WORD_TYPE,
306 strlen(OTP_INIT_WORD_TYPE))) {
307 - r = word2bin(utils, new_resp, new_otp, md);
308 + r = word2bin(utils, new_resp, new_otp, md, mdctx);
312 @@ -914,7 +958,10 @@ static int verify_response(server_contex
313 memcpy(text->otp, new_otp, OTP_HASH_SIZE);
319 + if (mdctx) _plug_EVP_MD_CTX_free(mdctx, utils);
324 diff -up cyrus-sasl-2.1.26/saslauthd/lak.c.openssl110 cyrus-sasl-2.1.26/saslauthd/lak.c
325 --- cyrus-sasl-2.1.26/saslauthd/lak.c.openssl110 2016-11-07 16:13:54.347327616 +0100
326 +++ cyrus-sasl-2.1.26/saslauthd/lak.c 2016-11-07 16:18:42.283167898 +0100
331 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
332 +static EVP_MD_CTX *EVP_MD_CTX_new(void)
334 + return EVP_MD_CTX_create();
336 +static void EVP_MD_CTX_free(EVP_MD_CTX *ctx)
341 + EVP_MD_CTX_destroy(ctx);
344 +static EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void)
346 + EVP_ENCODE_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
349 + memset(ctx, 0, sizeof(*ctx));
353 +static void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx)
360 typedef struct lak_auth_method {
362 int (*check) (LAK *lak, const char *user, const char *service, const char *realm, const char *password) ;
363 @@ -1720,20 +1749,28 @@ static int lak_base64_decode(
367 - EVP_ENCODE_CTX EVP_ctx;
368 + EVP_ENCODE_CTX *enc_ctx = EVP_ENCODE_CTX_new();
370 - text = (char *)malloc(((strlen(src)+3)/4 * 3) + 1);
374 - EVP_DecodeInit(&EVP_ctx);
375 - rc = EVP_DecodeUpdate(&EVP_ctx, text, &i, (char *)src, strlen(src));
376 + text = (char *)malloc(((strlen(src)+3)/4 * 3) + 1);
377 + if (text == NULL) {
378 + EVP_ENCODE_CTX_free(enc_ctx);
382 + EVP_DecodeInit(enc_ctx);
383 + rc = EVP_DecodeUpdate(enc_ctx, (unsigned char *) text, &i, (const unsigned char *)src, strlen(src));
385 + EVP_ENCODE_CTX_free(enc_ctx);
390 - EVP_DecodeFinal(&EVP_ctx, text, &i);
391 + EVP_DecodeFinal(enc_ctx, (unsigned char *) text, &i);
393 + EVP_ENCODE_CTX_free(enc_ctx);
397 @@ -1749,7 +1786,7 @@ static int lak_check_hashed(
400 LAK_HASH_ROCK *hrock = (LAK_HASH_ROCK *) rock;
404 unsigned char digest[EVP_MAX_MD_SIZE];
406 @@ -1758,17 +1795,24 @@ static int lak_check_hashed(
410 + mdctx = EVP_MD_CTX_new();
414 rc = lak_base64_decode(hash, &cred, &clen);
416 + if (rc != LAK_OK) {
417 + EVP_MD_CTX_free(mdctx);
421 - EVP_DigestInit(&mdctx, md);
422 - EVP_DigestUpdate(&mdctx, passwd, strlen(passwd));
423 + EVP_DigestInit(mdctx, md);
424 + EVP_DigestUpdate(mdctx, passwd, strlen(passwd));
426 - EVP_DigestUpdate(&mdctx, &cred[EVP_MD_size(md)],
427 + EVP_DigestUpdate(mdctx, &cred[EVP_MD_size(md)],
428 clen - EVP_MD_size(md));
430 - EVP_DigestFinal(&mdctx, digest, NULL);
431 + EVP_DigestFinal(mdctx, digest, NULL);
432 + EVP_MD_CTX_free(mdctx);
434 rc = memcmp((char *)cred, (char *)digest, EVP_MD_size(md));
436 diff --git a/plugins/passdss.c b/plugins/passdss.c
437 index a55ed60d..2f81d44e 100644
438 --- a/plugins/passdss.c
439 +++ b/plugins/passdss.c
440 @@ -108,23 +111,23 @@ typedef struct context {
441 const sasl_utils_t *utils;
443 /* per-step mem management */
445 + unsigned char *out_buf;
446 unsigned out_buf_len;
448 /* security layer foo */
449 unsigned char secmask; /* bitmask of enabled security layers */
450 unsigned char padding[EVP_MAX_BLOCK_LENGTH]; /* block of NULs */
452 - HMAC_CTX hmac_send_ctx;
453 - HMAC_CTX hmac_recv_ctx;
454 + HMAC_CTX *hmac_send_ctx;
455 + HMAC_CTX *hmac_recv_ctx;
457 unsigned char send_integrity_key[4 + EVP_MAX_MD_SIZE]; /* +4 for pktnum */
458 unsigned char recv_integrity_key[4 + EVP_MAX_MD_SIZE]; /* +4 for pktnum */
459 unsigned char *cs_integrity_key; /* ptr to bare key in send/recv key */
460 unsigned char *sc_integrity_key; /* ptr to bare key in send/recv key */
462 - EVP_CIPHER_CTX cipher_enc_ctx;
463 - EVP_CIPHER_CTX cipher_dec_ctx;
464 + EVP_CIPHER_CTX *cipher_enc_ctx;
465 + EVP_CIPHER_CTX *cipher_dec_ctx;
468 unsigned char cs_encryption_iv[EVP_MAX_MD_SIZE];
469 @@ -137,7 +140,7 @@ typedef struct context {
472 /* for encoding/decoding mem management */
473 - char *encode_buf, *decode_buf, *decode_pkt_buf;
474 + unsigned char *encode_buf, *decode_buf, *decode_pkt_buf;
475 unsigned encode_buf_len, decode_buf_len, decode_pkt_buf_len;
477 /* layers buffering */
478 @@ -169,7 +172,7 @@ static int passdss_encode(void *context,
479 inputlen += invec[i].iov_len;
481 /* allocate a buffer for the output */
482 - ret = _plug_buf_alloc(text->utils, &text->encode_buf,
483 + ret = _plug_buf_alloc(text->utils, (char **) &text->encode_buf,
484 &text->encode_buf_len,
486 inputlen + /* content */
487 @@ -184,19 +187,19 @@ static int passdss_encode(void *context,
488 memcpy(text->send_integrity_key, &tmpnum, 4);
491 - HMAC_Init_ex(&text->hmac_send_ctx, text->send_integrity_key,
492 + HMAC_Init_ex(text->hmac_send_ctx, text->send_integrity_key,
493 4+SHA_DIGEST_LENGTH, EVP_sha1(), NULL);
495 /* operate on each iovec */
496 for (i = 0; i < numiov; i++) {
497 /* hash the content */
498 - HMAC_Update(&text->hmac_send_ctx, invec[i].iov_base, invec[i].iov_len);
499 + HMAC_Update(text->hmac_send_ctx, invec[i].iov_base, invec[i].iov_len);
501 if (text->secmask & PRIVACY_LAYER_FLAG) {
505 /* encrypt the data into the output buffer */
506 - EVP_EncryptUpdate(&text->cipher_enc_ctx,
507 + EVP_EncryptUpdate(text->cipher_enc_ctx,
508 text->encode_buf + *outputlen, &enclen,
509 invec[i].iov_base, invec[i].iov_len);
510 *outputlen += enclen;
511 @@ -210,14 +213,14 @@ static int passdss_encode(void *context,
514 /* calculate the HMAC */
515 - HMAC_Final(&text->hmac_send_ctx, hmac, &hmaclen);
516 + HMAC_Final(text->hmac_send_ctx, hmac, &hmaclen);
518 if (text->secmask & PRIVACY_LAYER_FLAG) {
521 unsigned char padlen;
523 /* encrypt the HMAC into the output buffer */
524 - EVP_EncryptUpdate(&text->cipher_enc_ctx,
525 + EVP_EncryptUpdate(text->cipher_enc_ctx,
526 text->encode_buf + *outputlen, &enclen,
528 *outputlen += enclen;
529 @@ -225,17 +228,17 @@ static int passdss_encode(void *context,
530 /* pad output buffer to multiple of blk_siz
531 with padlen-1 as last octet */
532 padlen = text->blk_siz - ((inputlen + hmaclen) % text->blk_siz) - 1;
533 - EVP_EncryptUpdate(&text->cipher_enc_ctx,
534 + EVP_EncryptUpdate(text->cipher_enc_ctx,
535 text->encode_buf + *outputlen, &enclen,
536 text->padding, padlen);
537 *outputlen += enclen;
538 - EVP_EncryptUpdate(&text->cipher_enc_ctx,
539 + EVP_EncryptUpdate(text->cipher_enc_ctx,
540 text->encode_buf + *outputlen, &enclen,
542 *outputlen += enclen;
544 /* encrypt the last block of data into the output buffer */
545 - EVP_EncryptFinal_ex(&text->cipher_enc_ctx,
546 + EVP_EncryptFinal_ex(text->cipher_enc_ctx,
547 text->encode_buf + *outputlen, &enclen);
548 *outputlen += enclen;
550 @@ -250,7 +253,7 @@ static int passdss_encode(void *context,
551 tmpnum = htonl(tmpnum);
552 memcpy(text->encode_buf, &tmpnum, 4);
554 - *output = text->encode_buf;
555 + *output = (char *) text->encode_buf;
559 @@ -269,25 +272,25 @@ static int passdss_decode_packet(void *context,
562 if (text->secmask & PRIVACY_LAYER_FLAG) {
563 - unsigned declen, padlen;
564 + int declen, padlen;
566 /* allocate a buffer for the output */
567 - ret = _plug_buf_alloc(text->utils, &(text->decode_pkt_buf),
568 + ret = _plug_buf_alloc(text->utils, (char **) &(text->decode_pkt_buf),
569 &(text->decode_pkt_buf_len), inputlen);
570 if (ret != SASL_OK) return ret;
572 /* decrypt the data into the output buffer */
573 - ret = EVP_DecryptUpdate(&text->cipher_dec_ctx,
574 + ret = EVP_DecryptUpdate(text->cipher_dec_ctx,
575 text->decode_pkt_buf, &declen,
576 - (char *) input, inputlen);
577 + (unsigned char *) input, inputlen);
579 - EVP_DecryptFinal_ex(&text->cipher_dec_ctx, /* should be no output */
580 + EVP_DecryptFinal_ex(text->cipher_dec_ctx, /* should be no output */
581 text->decode_pkt_buf + declen, &declen);
583 SETERROR(text->utils, "Error decrypting input");
586 - input = text->decode_pkt_buf;
587 + input = (char *) text->decode_pkt_buf;
590 padlen = text->decode_pkt_buf[inputlen - 1] + 1;
591 @@ -303,7 +306,7 @@ static int passdss_decode_packet(void *context,
593 /* calculate the HMAC */
594 HMAC(EVP_sha1(), text->recv_integrity_key, 4+SHA_DIGEST_LENGTH,
595 - input, inputlen, hmac, &hmaclen);
596 + (unsigned char *) input, inputlen, hmac, &hmaclen);
599 if (memcmp(hmac, input+inputlen, hmaclen)) {
600 @@ -324,12 +327,12 @@ static int passdss_decode(void *context,
602 context_t *text = (context_t *) context;
606 ret = _plug_decode(&text->decode_context, input, inputlen,
607 - &text->decode_buf, &text->decode_buf_len, outputlen,
608 - passdss_decode_packet, text);
609 + (char **) &text->decode_buf, &text->decode_buf_len,
610 + outputlen, passdss_decode_packet, text);
612 - *output = text->decode_buf;
613 + *output = (const char *) text->decode_buf;
617 @@ -340,7 +343,8 @@ static int passdss_decode(void *context,
619 * Create/append to a PASSDSS buffer from the data specified by the fmt string.
621 -static int MakeBuffer(const sasl_utils_t *utils, char **buf, unsigned offset,
622 +static int MakeBuffer(const sasl_utils_t *utils,
623 + unsigned char **buf, unsigned offset,
624 unsigned *buflen, unsigned *outlen, const char *fmt, ...)
627 @@ -423,10 +427,10 @@ static int MakeBuffer(const sasl_utils_t *utils, char **buf, unsigned offset,
631 - r = _plug_buf_alloc(utils, buf, buflen, alloclen);
632 + r = _plug_buf_alloc(utils, (char **) buf, buflen, alloclen);
633 if (r != SASL_OK) return r;
635 - out = *buf + offset;
636 + out = (char *) *buf + offset;
638 /* second pass to fill buffer */
640 @@ -461,7 +465,7 @@ static int MakeBuffer(const sasl_utils_t *utils, char **buf, unsigned offset,
643 mpi = va_arg(ap, BIGNUM *);
644 - len = BN_bn2bin(mpi, out+4);
645 + len = BN_bn2bin(mpi, (unsigned char *) out+4);
647 memcpy(out, &nl, 4); /* add 4 byte len (network order) */
649 @@ -513,7 +517,7 @@ static int MakeBuffer(const sasl_utils_t *utils, char **buf, unsigned offset,
653 - *outlen = out - *buf;
654 + *outlen = out - (char *) *buf;
658 @@ -598,8 +602,8 @@ static int UnBuffer(const sasl_utils_t *utils, const char *buf,
661 if (!*mpi) *mpi = BN_new();
663 - BN_bin2bn(buf, len, *mpi);
665 + BN_bin2bn((unsigned char *) buf, len, *mpi);
669 @@ -714,16 +718,16 @@ static int UnBuffer(const sasl_utils_t *utils, const char *buf,
672 #define DOHASH(out, in1, len1, in2, len2, in3, len3) \
673 - EVP_DigestInit(&mdctx, EVP_sha1()); \
674 - EVP_DigestUpdate(&mdctx, in1, len1); \
675 - EVP_DigestUpdate(&mdctx, in2, len2); \
676 - EVP_DigestUpdate(&mdctx, in3, len3); \
677 - EVP_DigestFinal(&mdctx, out, NULL)
679 -void CalcLayerParams(context_t *text, char *K, unsigned Klen,
680 - char *hash, unsigned hashlen)
681 + EVP_DigestInit(mdctx, EVP_sha1()); \
682 + EVP_DigestUpdate(mdctx, in1, len1); \
683 + EVP_DigestUpdate(mdctx, in2, len2); \
684 + EVP_DigestUpdate(mdctx, in3, len3); \
685 + EVP_DigestFinal(mdctx, out, NULL)
687 +void CalcLayerParams(context_t *text, unsigned char *K, unsigned Klen,
688 + unsigned char *hash, unsigned hashlen)
691 + EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
693 DOHASH(text->cs_encryption_iv, K, Klen, "A", 1, hash, hashlen);
694 DOHASH(text->sc_encryption_iv, K, Klen, "B", 1, hash, hashlen);
695 @@ -735,6 +739,8 @@ void CalcLayerParams(context_t *text, char *K, unsigned Klen,
696 text->sc_encryption_key, hashlen);
697 DOHASH(text->cs_integrity_key, K, Klen, "E", 1, hash, hashlen);
698 DOHASH(text->sc_integrity_key, K, Klen, "F", 1, hash, hashlen);
700 + EVP_MD_CTX_free(mdctx);
704 @@ -753,11 +759,11 @@ static void passdss_common_mech_dispose(void *conn_context,
706 if (text->dh) DH_free(text->dh);
708 - HMAC_CTX_cleanup(&text->hmac_send_ctx);
709 - HMAC_CTX_cleanup(&text->hmac_recv_ctx);
710 + HMAC_CTX_free(text->hmac_send_ctx);
711 + HMAC_CTX_free(text->hmac_recv_ctx);
713 - EVP_CIPHER_CTX_cleanup(&text->cipher_enc_ctx);
714 - EVP_CIPHER_CTX_cleanup(&text->cipher_dec_ctx);
715 + EVP_CIPHER_CTX_free(text->cipher_enc_ctx);
716 + EVP_CIPHER_CTX_free(text->cipher_dec_ctx);
718 _plug_decode_free(&text->decode_context);
720 @@ -807,15 +813,17 @@ passdss_server_mech_step1(context_t *text,
721 unsigned *serveroutlen,
722 sasl_out_params_t *oparams __attribute__((unused)))
725 + BIGNUM *X = NULL, *dh_p = NULL, *dh_g = NULL;
727 + const BIGNUM *dsa_p, *dsa_q, *dsa_g, *dsa_pub_key, *dh_pub_key;
728 unsigned char *K = NULL;
729 unsigned Klen, hashlen;
733 unsigned char hash[EVP_MAX_MD_SIZE];
736 + const BIGNUM *sig_r, *sig_s;
741 @@ -833,8 +841,18 @@ passdss_server_mech_step1(context_t *text,
744 /* Fetch DSA (XXX create one for now) */
745 - dsa = DSA_generate_parameters(1024, NULL, 0, NULL, NULL, NULL, NULL);
748 + params->utils->log(NULL,
749 + SASL_LOG_ERR, "Error creating DSA\n");
750 + result = SASL_FAIL;
754 + r = DSA_generate_parameters_ex(dsa, 1024, NULL, 0, NULL, NULL, NULL);
756 + params->utils->log(NULL,
757 + SASL_LOG_ERR, "Error generating DSA parameters\n");
761 @@ -842,8 +860,9 @@ passdss_server_mech_step1(context_t *text,
763 /* Create Diffie-Hellman parameters */
765 - BN_hex2bn(&text->dh->p, N);
766 - BN_hex2bn(&text->dh->g, g);
767 + BN_hex2bn(&dh_p, N);
768 + BN_hex2bn(&dh_g, g);
769 + DH_set0_pqg(text->dh, dh_p, NULL, dh_g);
770 DH_generate_key(text->dh);
772 /* Alloc space for shared secret K as mpint */
773 @@ -895,10 +914,13 @@ passdss_server_mech_step1(context_t *text,
776 /* Items (4) - (7) */
777 + DSA_get0_pqg(dsa, &dsa_p, &dsa_q, &dsa_g);
778 + DSA_get0_key(dsa, &dsa_pub_key, NULL);
779 + DH_get0_key(text->dh, &dh_pub_key, NULL);
780 result = MakeBuffer(text->utils, &text->out_buf, 0, &text->out_buf_len,
781 serveroutlen, "%5a%s%m%m%m%m%m%1o%3u",
782 - "ssh-dss", dsa->p, dsa->q, dsa->g, dsa->pub_key,
783 - text->dh->pub_key, &text->secmask,
784 + "ssh-dss", dsa_p, dsa_q, dsa_g, dsa_pub_key,
785 + dh_pub_key, &text->secmask,
786 (params->props.maxbufsize > 0xFFFFFF) ? 0xFFFFFF :
787 params->props.maxbufsize);
789 @@ -907,26 +929,29 @@ passdss_server_mech_step1(context_t *text,
792 /* Hash (1) - (7) and K */
793 - EVP_DigestInit(&mdctx, EVP_sha1());
794 + mdctx = EVP_MD_CTX_new();
795 + EVP_DigestInit(mdctx, EVP_sha1());
797 - EVP_DigestUpdate(&mdctx, clientin, clientinlen);
798 + EVP_DigestUpdate(mdctx, clientin, clientinlen);
800 - EVP_DigestUpdate(&mdctx, text->out_buf, *serveroutlen);
801 + EVP_DigestUpdate(mdctx, text->out_buf, *serveroutlen);
803 - EVP_DigestUpdate(&mdctx, K, Klen);
804 - EVP_DigestFinal(&mdctx, hash, &hashlen);
805 + EVP_DigestUpdate(mdctx, K, Klen);
806 + EVP_DigestFinal(mdctx, hash, &hashlen);
807 + EVP_MD_CTX_free(mdctx);
809 /* Calculate security layer params */
810 CalcLayerParams(text, K, Klen, hash, hashlen);
813 - HMAC_CTX_init(&text->hmac_recv_ctx);
814 - HMAC_Init_ex(&text->hmac_recv_ctx, text->cs_integrity_key,
815 + text->hmac_recv_ctx = HMAC_CTX_new();
816 + HMAC_CTX_reset(text->hmac_recv_ctx);
817 + HMAC_Init_ex(text->hmac_recv_ctx, text->cs_integrity_key,
818 SHA_DIGEST_LENGTH, EVP_sha1(), NULL);
820 - HMAC_Update(&text->hmac_recv_ctx, clientin, clientinlen);
821 + HMAC_Update(text->hmac_recv_ctx, (unsigned char *) clientin, clientinlen);
823 - HMAC_Update(&text->hmac_recv_ctx, text->out_buf, *serveroutlen);
824 + HMAC_Update(text->hmac_recv_ctx, text->out_buf, *serveroutlen);
827 sig = DSA_do_sign(hash, hashlen, dsa);
828 @@ -938,14 +963,15 @@ passdss_server_mech_step1(context_t *text,
832 + DSA_SIG_get0(sig, &sig_r, &sig_s);
833 result = MakeBuffer(text->utils, &text->out_buf, *serveroutlen,
834 &text->out_buf_len, serveroutlen,
835 - "%3a%s%m%m", "ssh-dss", sig->r, sig->s);
836 + "%3a%s%m%m", "ssh-dss", sig_r, sig_s);
838 params->utils->log(NULL, SASL_LOG_ERR, "Error making output buffer\n");
841 - *serverout = text->out_buf;
842 + *serverout = (char *) text->out_buf;
845 result = SASL_CONTINUE;
846 @@ -969,10 +995,10 @@ passdss_server_mech_step2(context_t *text,
847 sasl_out_params_t *oparams)
849 char *password = NULL;
850 - unsigned declen, hmaclen;
852 unsigned char *csecmask, *cli_hmac, hmac[EVP_MAX_MD_SIZE];
854 - int r, result = SASL_OK;
855 + int declen, r, result = SASL_OK;
857 /* Expect (3DES encrypted):
859 @@ -983,7 +1009,7 @@ passdss_server_mech_step2(context_t *text,
862 /* Alloc space for the decrypted input */
863 - result = _plug_buf_alloc(text->utils, &text->decode_pkt_buf,
864 + result = _plug_buf_alloc(text->utils, (char **) &text->decode_pkt_buf,
865 &text->decode_pkt_buf_len, clientinlen);
867 params->utils->log(NULL, SASL_LOG_ERR,
868 @@ -992,25 +1018,28 @@ passdss_server_mech_step2(context_t *text,
871 /* Initialize decrypt cipher */
872 - EVP_CIPHER_CTX_init(&text->cipher_dec_ctx);
873 - EVP_DecryptInit_ex(&text->cipher_dec_ctx, EVP_des_ede3_cbc(), NULL,
874 + text->cipher_dec_ctx = EVP_CIPHER_CTX_new();
875 + EVP_CIPHER_CTX_init(text->cipher_dec_ctx);
876 + EVP_DecryptInit_ex(text->cipher_dec_ctx, EVP_des_ede3_cbc(), NULL,
877 text->cs_encryption_key, text->cs_encryption_iv);
878 - EVP_CIPHER_CTX_set_padding(&text->cipher_dec_ctx, 0);
879 - text->blk_siz = EVP_CIPHER_CTX_block_size(&text->cipher_dec_ctx);
880 + EVP_CIPHER_CTX_set_padding(text->cipher_dec_ctx, 0);
881 + text->blk_siz = EVP_CIPHER_CTX_block_size(text->cipher_dec_ctx);
883 /* Decrypt the blob */
884 - r = EVP_DecryptUpdate(&text->cipher_dec_ctx, text->decode_pkt_buf, &declen,
885 - clientin, clientinlen);
886 + r = EVP_DecryptUpdate(text->cipher_dec_ctx,
887 + text->decode_pkt_buf, &declen,
888 + (unsigned char *) clientin, clientinlen);
890 - r = EVP_DecryptFinal_ex(&text->cipher_dec_ctx, /* should be no output */
891 - text->decode_pkt_buf + declen, &declen);
892 + r = EVP_DecryptFinal_ex(text->cipher_dec_ctx, /* should be no output */
893 + text->decode_pkt_buf + declen,
896 params->utils->seterror(params->utils->conn, 0,
897 "Error decrypting input in step 2");
898 result = SASL_BADPROT;
901 - clientin = text->decode_pkt_buf;
902 + clientin = (char *) text->decode_pkt_buf;
904 result = UnBuffer(params->utils, clientin, clientinlen,
905 "%-1o%3u%s%-*o%*p", &csecmask, &cbufsiz, &password,
906 @@ -1024,8 +1053,8 @@ passdss_server_mech_step2(context_t *text,
907 /* Finish cli-hmac */
908 /* (1) - (7) hashed in step 1 */
909 /* 1st 4 bytes of (9) */
910 - HMAC_Update(&text->hmac_recv_ctx, clientin, 4);
911 - HMAC_Final(&text->hmac_recv_ctx, hmac, &hmaclen);
912 + HMAC_Update(text->hmac_recv_ctx, (unsigned char *) clientin, 4);
913 + HMAC_Final(text->hmac_recv_ctx, hmac, &hmaclen);
915 /* Verify cli-hmac */
916 if (memcmp(cli_hmac, hmac, hmaclen)) {
917 @@ -1087,16 +1116,18 @@ passdss_server_mech_step2(context_t *text,
918 oparams->decode = &passdss_decode;
919 oparams->maxoutbuf = cbufsiz - 4 - SHA_DIGEST_LENGTH; /* -len -HMAC */
921 - HMAC_CTX_init(&text->hmac_send_ctx);
922 + text->hmac_send_ctx = HMAC_CTX_new();
923 + HMAC_CTX_reset(text->hmac_send_ctx);
925 if (oparams->mech_ssf > 1) {
926 oparams->maxoutbuf -= text->blk_siz-1; /* padding */
928 /* Initialize encrypt cipher */
929 - EVP_CIPHER_CTX_init(&text->cipher_enc_ctx);
930 - EVP_EncryptInit_ex(&text->cipher_enc_ctx, EVP_des_ede3_cbc(), NULL,
931 + text->cipher_enc_ctx = EVP_CIPHER_CTX_new();
932 + EVP_CIPHER_CTX_init(text->cipher_enc_ctx);
933 + EVP_EncryptInit_ex(text->cipher_enc_ctx, EVP_des_ede3_cbc(), NULL,
934 text->sc_encryption_key, text->sc_encryption_iv);
935 - EVP_CIPHER_CTX_set_padding(&text->cipher_enc_ctx, 0);
936 + EVP_CIPHER_CTX_set_padding(text->cipher_enc_ctx, 0);
939 _plug_decode_init(&text->decode_context, text->utils,
940 @@ -1245,6 +1276,8 @@ passdss_client_mech_step1(context_t *text,
941 int auth_result = SASL_OK;
942 int pass_result = SASL_OK;
944 + BIGNUM *dh_p = NULL, *dh_g = NULL;
945 + const BIGNUM *dh_pub_key;
947 /* Expect: absolutely nothing */
948 if (serverinlen > 0) {
949 @@ -1332,8 +1365,9 @@ passdss_client_mech_step1(context_t *text,
951 /* create Diffie-Hellman parameters */
953 - BN_hex2bn(&text->dh->p, N);
954 - BN_hex2bn(&text->dh->g, g);
955 + BN_hex2bn(&dh_p, N);
956 + BN_hex2bn(&dh_g, g);
957 + DH_set0_pqg(text->dh, dh_p, NULL, dh_g);
958 DH_generate_key(text->dh);
961 @@ -1344,15 +1378,16 @@ passdss_client_mech_step1(context_t *text,
962 * (3) mpint X ; Diffie-Hellman parameter X
965 + DH_get0_key(text->dh, &dh_pub_key, NULL);
966 result = MakeBuffer(text->utils, &text->out_buf, 0, &text->out_buf_len,
967 clientoutlen, "%s%s%m",
968 (user && *user) ? (char *) oparams->user : "",
969 - (char *) oparams->authid, text->dh->pub_key);
970 + (char *) oparams->authid, dh_pub_key);
972 params->utils->log(NULL, SASL_LOG_ERR, "Error making output buffer\n");
975 - *clientout = text->out_buf;
976 + *clientout = (char *) text->out_buf;
979 result = SASL_CONTINUE;
980 @@ -1374,15 +1409,16 @@ passdss_client_mech_step2(context_t *text,
982 DSA *dsa = DSA_new();
983 DSA_SIG *sig = DSA_SIG_new();
985 + BIGNUM *dsa_p = NULL, *dsa_q = NULL, *dsa_g = NULL, *dsa_pub_key = NULL;
986 + BIGNUM *Y = NULL, *sig_r = NULL, *sig_s = NULL;
988 unsigned char *K = NULL;
989 - unsigned Klen, hashlen, enclen;
990 + unsigned Klen, hashlen;
991 unsigned char *ssecmask;
995 unsigned char hash[EVP_MAX_MD_SIZE];
996 - int need, musthave;
997 + int enclen, need, musthave;
1001 @@ -1404,14 +1440,18 @@ passdss_client_mech_step2(context_t *text,
1003 result = UnBuffer(params->utils, serverin, serverinlen,
1004 "%u%3p\7ssh-dss%m%m%m%m%m%-1o%3u%u%3p\7ssh-dss%m%m",
1005 - NULL, &dsa->p, &dsa->q, &dsa->g, &dsa->pub_key,
1006 - &Y, &ssecmask, &sbufsiz, &siglen, &sig->r, &sig->s);
1007 + NULL, &dsa_p, &dsa_q, &dsa_g, &dsa_pub_key,
1008 + &Y, &ssecmask, &sbufsiz, &siglen, &sig_r, &sig_s);
1010 params->utils->seterror(params->utils->conn, 0,
1011 "Error UnBuffering input in step 2");
1015 + DSA_set0_pqg(dsa, dsa_p, dsa_q, dsa_g);
1016 + DSA_set0_key(dsa, dsa_pub_key, NULL);
1017 + DSA_SIG_set0(sig, sig_r, sig_s);
1019 /* XXX Validate server DSA public key */
1021 /* Alloc space for shared secret K as mpint */
1022 @@ -1430,14 +1470,16 @@ passdss_client_mech_step2(context_t *text,
1025 /* Hash (1) - (7) and K */
1026 - EVP_DigestInit(&mdctx, EVP_sha1());
1027 + mdctx = EVP_MD_CTX_new();
1028 + EVP_DigestInit(mdctx, EVP_sha1());
1029 /* (1) - (3) (output from step 1 still in buffer) */
1030 - EVP_DigestUpdate(&mdctx, text->out_buf, text->out_buf_len);
1031 + EVP_DigestUpdate(mdctx, text->out_buf, text->out_buf_len);
1033 - EVP_DigestUpdate(&mdctx, serverin, serverinlen - siglen - 4);
1034 + EVP_DigestUpdate(mdctx, serverin, serverinlen - siglen - 4);
1036 - EVP_DigestUpdate(&mdctx, K, Klen);
1037 - EVP_DigestFinal(&mdctx, hash, &hashlen);
1038 + EVP_DigestUpdate(mdctx, K, Klen);
1039 + EVP_DigestFinal(mdctx, hash, &hashlen);
1040 + EVP_MD_CTX_free(mdctx);
1042 /* Verify signature on the hash */
1043 result = DSA_do_verify(hash, hashlen, sig, dsa);
1044 @@ -1453,11 +1495,12 @@ passdss_client_mech_step2(context_t *text,
1045 CalcLayerParams(text, K, Klen, hash, hashlen);
1047 /* Initialize encrypt cipher */
1048 - EVP_CIPHER_CTX_init(&text->cipher_enc_ctx);
1049 - EVP_EncryptInit_ex(&text->cipher_enc_ctx, EVP_des_ede3_cbc(), NULL,
1050 + text->cipher_enc_ctx = EVP_CIPHER_CTX_new();
1051 + EVP_CIPHER_CTX_init(text->cipher_enc_ctx);
1052 + EVP_EncryptInit_ex(text->cipher_enc_ctx, EVP_des_ede3_cbc(), NULL,
1053 text->cs_encryption_key, text->cs_encryption_iv);
1054 - EVP_CIPHER_CTX_set_padding(&text->cipher_enc_ctx, 0);
1055 - text->blk_siz = EVP_CIPHER_CTX_block_size(&text->cipher_enc_ctx);
1056 + EVP_CIPHER_CTX_set_padding(text->cipher_enc_ctx, 0);
1057 + text->blk_siz = EVP_CIPHER_CTX_block_size(text->cipher_enc_ctx);
1060 if (params->props.maxbufsize < 32) {
1061 @@ -1488,13 +1531,15 @@ passdss_client_mech_step2(context_t *text,
1064 /* Start cli-hmac */
1065 - HMAC_CTX_init(&text->hmac_send_ctx);
1066 - HMAC_Init_ex(&text->hmac_send_ctx, text->cs_integrity_key,
1067 + text->hmac_send_ctx = HMAC_CTX_new();
1068 + HMAC_CTX_reset(text->hmac_send_ctx);
1069 + HMAC_Init_ex(text->hmac_send_ctx, text->cs_integrity_key,
1070 SHA_DIGEST_LENGTH, EVP_sha1(), NULL);
1071 /* (1) - (3) (output from step 1 still in buffer) */
1072 - HMAC_Update(&text->hmac_send_ctx, text->out_buf, text->out_buf_len);
1073 + HMAC_Update(text->hmac_send_ctx, text->out_buf, text->out_buf_len);
1075 - HMAC_Update(&text->hmac_send_ctx, serverin, serverinlen - siglen - 4);
1076 + HMAC_Update(text->hmac_send_ctx,
1077 + (unsigned char *) serverin, serverinlen - siglen - 4);
1080 /* Send out (3DES encrypted):
1081 @@ -1518,8 +1563,8 @@ passdss_client_mech_step2(context_t *text,
1083 /* Finish cli-hmac */
1084 /* 1st 4 bytes of (9) */
1085 - HMAC_Update(&text->hmac_send_ctx, text->out_buf, 4);
1086 - HMAC_Final(&text->hmac_send_ctx, hash, &hashlen);
1087 + HMAC_Update(text->hmac_send_ctx, text->out_buf, 4);
1088 + HMAC_Final(text->hmac_send_ctx, hash, &hashlen);
1090 /* Add HMAC and pad to fill no more than current block */
1091 result = MakeBuffer(text->utils, &text->out_buf, *clientoutlen,
1092 @@ -1531,7 +1576,7 @@ passdss_client_mech_step2(context_t *text,
1095 /* Alloc space for the encrypted output */
1096 - result = _plug_buf_alloc(text->utils, &text->encode_buf,
1097 + result = _plug_buf_alloc(text->utils, (char **) &text->encode_buf,
1098 &text->encode_buf_len, *clientoutlen);
1100 params->utils->log(NULL, SASL_LOG_ERR,
1101 @@ -1540,19 +1585,20 @@ passdss_client_mech_step2(context_t *text,
1104 /* Encrypt (9) (here we calculate the exact number of full blocks) */
1105 - r = EVP_EncryptUpdate(&text->cipher_enc_ctx, text->encode_buf,
1106 - clientoutlen, text->out_buf,
1107 + r = EVP_EncryptUpdate(text->cipher_enc_ctx,
1108 + text->encode_buf, (int *) clientoutlen, text->out_buf,
1109 text->blk_siz * (*clientoutlen / text->blk_siz));
1111 - r = EVP_EncryptFinal_ex(&text->cipher_enc_ctx, /* should be no output */
1112 - text->encode_buf + *clientoutlen, &enclen);
1113 + r = EVP_EncryptFinal_ex(text->cipher_enc_ctx, /* should be no output */
1114 + text->encode_buf + *clientoutlen,
1117 params->utils->seterror(params->utils->conn, 0,
1118 "Error encrypting output in step 2");
1122 - *clientout = text->encode_buf;
1123 + *clientout = (char *) text->encode_buf;
1126 oparams->doneflag = 1;
1127 @@ -1563,16 +1609,18 @@ passdss_client_mech_step2(context_t *text,
1128 oparams->decode = &passdss_decode;
1129 oparams->maxoutbuf = sbufsiz - 4 - SHA_DIGEST_LENGTH; /* -len -HMAC */
1131 - HMAC_CTX_init(&text->hmac_recv_ctx);
1132 + text->hmac_recv_ctx = HMAC_CTX_new();
1133 + HMAC_CTX_reset(text->hmac_recv_ctx);
1135 if (oparams->mech_ssf > 1) {
1136 oparams->maxoutbuf -= text->blk_siz-1; /* padding */
1138 /* Initialize decrypt cipher */
1139 - EVP_CIPHER_CTX_init(&text->cipher_dec_ctx);
1140 - EVP_DecryptInit_ex(&text->cipher_dec_ctx, EVP_des_ede3_cbc(), NULL,
1141 + text->cipher_dec_ctx = EVP_CIPHER_CTX_new();
1142 + EVP_CIPHER_CTX_init(text->cipher_dec_ctx);
1143 + EVP_DecryptInit_ex(text->cipher_dec_ctx, EVP_des_ede3_cbc(), NULL,
1144 text->sc_encryption_key, text->sc_encryption_iv);
1145 - EVP_CIPHER_CTX_set_padding(&text->cipher_dec_ctx, 0);
1146 + EVP_CIPHER_CTX_set_padding(text->cipher_dec_ctx, 0);
1149 _plug_decode_init(&text->decode_context, text->utils,