Skip to content

Commit

Permalink
OpenSSL: Drop legacy 1.1.1 support in the source files
Browse files Browse the repository at this point in the history
Following the package base of majority of maintained LTS Linux distros, 1.1.1 is retired
  • Loading branch information
Warlockbugs committed Jul 14, 2024
1 parent 0313b22 commit d61c708
Show file tree
Hide file tree
Showing 5 changed files with 3 additions and 42 deletions.
6 changes: 3 additions & 3 deletions CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -260,10 +260,10 @@ if(UNIX AND (BUILD_GAME_SERVER OR BUILD_LOGIN_SERVER OR BUILD_EXTRACTORS))
find_package(OpenSSL REQUIRED)

message(STATUS "Found OpenSSL libraries: ${OPENSSL_LIBRARIES}")
if(OPENSSL_VERSION VERSION_LESS 1.1)
message(SEND_ERROR "OpenSSL: This project requires OpenSSL version 1.1.0 or higher")
if(OPENSSL_VERSION VERSION_LESS 3.0)
message(SEND_ERROR "OpenSSL: This project requires OpenSSL version 3.0 or higher")
endif()
if(OPENSSL_VERSION VERSION_LESS 1.1.1 OR (OPENSSL_VERSION VERSION_GREATER 3.0 AND OPENSSL_VERSION VERSION_LESS 3.0.7))
if(OPENSSL_VERSION VERSION_GREATER 3.0 AND OPENSSL_VERSION VERSION_LESS 3.0.14)
message(WARNING "OpenSSL: Your OpenSSL version is critically vulnerable or no longer being maintained, consider upgrading")
endif()
endif()
Expand Down
4 changes: 0 additions & 4 deletions src/mangosd/Main.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -32,9 +32,7 @@

#include <openssl/opensslv.h>
#include <openssl/crypto.h>
#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
#include <openssl/provider.h>
#endif

#include <boost/program_options.hpp>
#include <boost/version.hpp>
Expand Down Expand Up @@ -180,7 +178,6 @@ int main(int argc, char* argv[])
sLog.outString("Using configuration file %s.", configFile.c_str());

DETAIL_LOG("%s (Library: %s)", OPENSSL_VERSION_TEXT, OpenSSL_version(OPENSSL_VERSION));
#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
// Load OpenSSL 3.0+ providers
OSSL_PROVIDER* openssl_legacy = OSSL_PROVIDER_load(nullptr, "legacy");
if (!openssl_legacy)
Expand All @@ -195,7 +192,6 @@ int main(int argc, char* argv[])
OSSL_PROVIDER_unload(openssl_legacy);
return 1;
}
#endif

DETAIL_LOG("Using Boost: %s", BOOST_LIB_VERSION);

Expand Down
4 changes: 0 additions & 4 deletions src/realmd/Main.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -35,9 +35,7 @@

#include <openssl/opensslv.h>
#include <openssl/crypto.h>
#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
#include <openssl/provider.h>
#endif

#include <boost/program_options.hpp>
#include <boost/version.hpp>
Expand Down Expand Up @@ -178,7 +176,6 @@ int main(int argc, char* argv[])
}

DETAIL_LOG("%s (Library: %s)", OPENSSL_VERSION_TEXT, OpenSSL_version(OPENSSL_VERSION));
#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
// Load OpenSSL 3.0+ providers
OSSL_PROVIDER* openssl_legacy = OSSL_PROVIDER_load(nullptr, "legacy");
if (!openssl_legacy)
Expand All @@ -193,7 +190,6 @@ int main(int argc, char* argv[])
OSSL_PROVIDER_unload(openssl_legacy);
return 1;
}
#endif

sLog.outString();
sLog.outString("<Ctrl-C> to stop.");
Expand Down
27 changes: 0 additions & 27 deletions src/shared/Auth/HMACSHA1.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@
HMACSHA1::HMACSHA1(uint32 len, uint8 const* seed)
{
memcpy(&m_key, seed, len);
#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
m_mac = EVP_MAC_fetch(nullptr, "HMAC", nullptr);
m_ctx = EVP_MAC_CTX_new(m_mac);

Expand All @@ -31,15 +30,10 @@ HMACSHA1::HMACSHA1(uint32 len, uint8 const* seed)
params[1] = OSSL_PARAM_construct_end();

EVP_MAC_init(m_ctx, m_key, len, params);
#else
m_ctx = HMAC_CTX_new();
HMAC_Init_ex(m_ctx, &m_key, len, EVP_sha1(), nullptr);
#endif
}

HMACSHA1::HMACSHA1(uint32 len, uint8 const* seed, bool) // to get over the default constructor
{
#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
m_mac = EVP_MAC_fetch(nullptr, "HMAC", nullptr);
m_ctx = EVP_MAC_CTX_new(m_mac);

Expand All @@ -48,21 +42,13 @@ HMACSHA1::HMACSHA1(uint32 len, uint8 const* seed, bool) // to get over the defau
params[1] = OSSL_PARAM_construct_end();

EVP_MAC_init(m_ctx, seed, len, params);
#else
m_ctx = HMAC_CTX_new();
HMAC_Init_ex(m_ctx, seed, len, EVP_sha1(), nullptr);
#endif
}

HMACSHA1::~HMACSHA1()
{
memset(&m_key, 0x00, SEED_KEY_SIZE);
#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
EVP_MAC_CTX_free(m_ctx);
EVP_MAC_free(m_mac);
#else
HMAC_CTX_free(m_ctx);
#endif
}

void HMACSHA1::UpdateBigNumber(BigNumber* bn)
Expand All @@ -72,11 +58,7 @@ void HMACSHA1::UpdateBigNumber(BigNumber* bn)

void HMACSHA1::UpdateData(const uint8* data, int length)
{
#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
EVP_MAC_update(m_ctx, data, length);
#else
HMAC_Update(m_ctx, data, length);
#endif
}

void HMACSHA1::UpdateData(const std::string& str)
Expand All @@ -86,26 +68,17 @@ void HMACSHA1::UpdateData(const std::string& str)

void HMACSHA1::Initialize()
{
#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
OSSL_PARAM params[2];
params[0] = OSSL_PARAM_construct_utf8_string("digest", const_cast<char*>("SHA1"), 0);
params[1] = OSSL_PARAM_construct_end();

EVP_MAC_init(m_ctx, m_key, SEED_KEY_SIZE, params);
#else
HMAC_Init_ex(m_ctx, &m_key, SEED_KEY_SIZE, EVP_sha1(), NULL);
#endif
}

void HMACSHA1::Finalize()
{
#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
size_t length = 0;
EVP_MAC_final(m_ctx, m_digest, &length, sizeof(m_digest));
#else
uint32 length = 0;
HMAC_Final(m_ctx, (uint8*)m_digest, &length);
#endif
MANGOS_ASSERT(length == SHA_DIGEST_LENGTH);
}

Expand Down
4 changes: 0 additions & 4 deletions src/shared/Auth/HMACSHA1.h
Original file line number Diff line number Diff line change
Expand Up @@ -42,12 +42,8 @@ class HMACSHA1
uint8* GetDigest() { return m_digest; }
static int GetLength() { return SHA_DIGEST_LENGTH; }
private:
#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
EVP_MAC* m_mac;
EVP_MAC_CTX* m_ctx;
#else
HMAC_CTX* m_ctx;
#endif
uint8 m_key[SEED_KEY_SIZE];
uint8 m_digest[SHA_DIGEST_LENGTH];
};
Expand Down

0 comments on commit d61c708

Please sign in to comment.