security-and-privacy/uts-server
security-and-privacy/uts-server
1
0
Fork 0
mirror of https://github.com/kakwa/uts-server synced 2025-01-09 13:14:31 +01:00
Code Issues Releases Wiki Activity

adding a few #define to handle multiple openssl API version

Browse Source
This commit is contained in:
kakwa 2016-12-04 13:38:09 +01:00
parent 4bdd9f0272
commit 9391f6348a
2 changed files with 31 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
inc/rfc3161.h
View File

@ -11,6 +11,17 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <sys/syslog.h> #include <sys/syslog.h>
#include <openssl/opensslv.h>
#if OPENSSL_VERSION_NUMBER < 0x10000000L
#error OpenSSL version too old
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000L && OPENSSL_VERSION_NUMBER >= 0x10000000L
#define OPENSSL_API_1_0
#endif
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
#define OPENSSL_API_1_1
#endif
/* Name of config entry that defines the OID file. */ /* Name of config entry that defines the OID file. */
#define OID_SECTION "oids" #define OID_SECTION "oids"

20
src/lib/rfc3161.c
View File

@ -260,6 +260,8 @@ end:
char *serial_hex = NULL; char *serial_hex = NULL;
*serial_id = calloc(SERIAL_ID_SIZE + 1, sizeof(char)); *serial_id = calloc(SERIAL_ID_SIZE + 1, sizeof(char));
#ifdef OPENSSL_API_1_1
// if we have a proper response, we recover the serial to identify the logs // if we have a proper response, we recover the serial to identify the logs
if (TS_RESP_get_tst_info(ts_response) != NULL && if (TS_RESP_get_tst_info(ts_response) != NULL &&
TS_TST_INFO_get_serial(TS_RESP_get_tst_info(ts_response)) != NULL) { TS_TST_INFO_get_serial(TS_RESP_get_tst_info(ts_response)) != NULL) {
@ -272,6 +274,19 @@ end:
serial_hex = calloc(SERIAL_ID_SIZE, sizeof(char)); serial_hex = calloc(SERIAL_ID_SIZE, sizeof(char));
strncpy(serial_hex, " NO ID ", SERIAL_ID_SIZE + 2); strncpy(serial_hex, " NO ID ", SERIAL_ID_SIZE + 2);
} }
#endif
#ifdef OPENSSL_API_1_0
if (ts_response->tst_info != NULL &&
ts_response->tst_info->serial != NULL) {
ASN1_INTEGER *serial = ts_response->tst_info->serial;
BIGNUM *serial_bn = ASN1_INTEGER_to_BN(serial, NULL);
serial_hex = BN_bn2hex(serial_bn);
BN_free(serial_bn);
} else {
serial_hex = calloc(SERIAL_ID_SIZE, sizeof(char));
strncpy(serial_hex, " NO ID ", SERIAL_ID_SIZE + 2);
}
#endif
// get a short version of the serial (150 bits in hexa is a bit long) // get a short version of the serial (150 bits in hexa is a bit long)
strncpy(*serial_id, serial_hex, SERIAL_ID_SIZE); strncpy(*serial_id, serial_hex, SERIAL_ID_SIZE);
@ -293,8 +308,13 @@ end:
// emit logs according the return value // emit logs according the return value
// and set the return code // and set the return code
#ifdef OPENSSL_API_1_1
long status = ASN1_INTEGER_get( long status = ASN1_INTEGER_get(
TS_STATUS_INFO_get0_status(TS_RESP_get_status_info(ts_response))); TS_STATUS_INFO_get0_status(TS_RESP_get_status_info(ts_response)));
#endif
#ifdef OPENSSL_API_1_0
long status = ASN1_INTEGER_get(ts_response->status_info->status);
#endif
switch (status) { switch (status) {
case TS_STATUS_GRANTED: case TS_STATUS_GRANTED:
uts_logger(ct, LOG_DEBUG, "Request[%s], timestamp request granted", uts_logger(ct, LOG_DEBUG, "Request[%s], timestamp request granted",