[PATCH 1/4] imap-send: use HMAC() function provided by OpenSSL

Kazuki Yamaguchi <k@xxxxxx> · Sat, 9 Apr 2016 01:22:13 +0900

Fix compile errors with OpenSSL 1.1.0.

HMAC_CTX is made opaque and HMAC_CTX_cleanup is removed in OpenSSL
1.1.0. But since we just want to calculate one HMAC, we can use HMAC()
here, which exists since OpenSSL 0.9.6 at least.

Signed-off-by: Kazuki Yamaguchi <k@xxxxxx>
---
Since I don't have OS X machines, changes in
compat/apple-common-crypto.h is untested, just confirmed it compiles on
Travis CI.

 compat/apple-common-crypto.h | 16 +++++++++++-----
 imap-send.c                  |  7 ++-----
 2 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/compat/apple-common-crypto.h b/compat/apple-common-crypto.h
index d3fb26418134..11727f3e1ed7 100644
--- a/compat/apple-common-crypto.h
+++ b/compat/apple-common-crypto.h
@@ -3,12 +3,18 @@
 #define HEADER_HMAC_H
 #define HEADER_SHA_H
 #include <CommonCrypto/CommonHMAC.h>
-#define HMAC_CTX CCHmacContext
-#define HMAC_Init(hmac, key, len, algo) CCHmacInit(hmac, algo, key, len)
-#define HMAC_Update CCHmacUpdate
-#define HMAC_Final(hmac, hash, ptr) CCHmacFinal(hmac, hash)
-#define HMAC_CTX_cleanup(ignore)
 #define EVP_md5(...) kCCHmacAlgMD5
+/* CCHmac doesn't take md_len and the return type is void */
+#define HMAC git_CC_HMAC
+static inline unsigned char *git_CC_HMAC(CCHmacAlgorithm alg,
+		const void *key, int key_len,
+		const unsigned char *data, size_t data_len,
+		unsigned char *md, unsigned int *md_len)
+{
+	CCHmac(alg, key, key_len, data, data_len, md);
+	return md;
+}
+
 #if __MAC_OS_X_VERSION_MIN_REQUIRED >= 1070
 #define APPLE_LION_OR_NEWER
 #include <Security/Security.h>
diff --git a/imap-send.c b/imap-send.c
index 2c52027c8445..0364b326e109 100644
--- a/imap-send.c
+++ b/imap-send.c
@@ -862,7 +862,6 @@ static char hexchar(unsigned int b)
 static char *cram(const char *challenge_64, const char *user, const char *pass)
 {
 	int i, resp_len, encoded_len, decoded_len;
-	HMAC_CTX hmac;
 	unsigned char hash[16];
 	char hex[33];
 	char *response, *response_64, *challenge;
@@ -877,10 +876,8 @@ static char *cram(const char *challenge_64, const char *user, const char *pass)
 				      (unsigned char *)challenge_64, encoded_len);
 	if (decoded_len < 0)
 		die("invalid challenge %s", challenge_64);
-	HMAC_Init(&hmac, (unsigned char *)pass, strlen(pass), EVP_md5());
-	HMAC_Update(&hmac, (unsigned char *)challenge, decoded_len);
-	HMAC_Final(&hmac, hash, NULL);
-	HMAC_CTX_cleanup(&hmac);
+	if (!HMAC(EVP_md5(), pass, strlen(pass), (unsigned char *)challenge, decoded_len, hash, NULL))
+		die("HMAC error");
 
 	hex[32] = 0;
 	for (i = 0; i < 16; i++) {
-- 
2.8.1.104.g0d1aca6

--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html






