HADOOP-14597. Native compilation broken with OpenSSL-1.1.0. Contributed by Ravi Prakash.

This commit is contained in:
Ravi Prakash 2017-07-24 16:01:45 -07:00
parent 10583625c1
commit 94ca52ae9e
2 changed files with 53 additions and 5 deletions

View File

@ -30,6 +30,11 @@ static void (*dlsym_EVP_CIPHER_CTX_free)(EVP_CIPHER_CTX *);
static int (*dlsym_EVP_CIPHER_CTX_cleanup)(EVP_CIPHER_CTX *); static int (*dlsym_EVP_CIPHER_CTX_cleanup)(EVP_CIPHER_CTX *);
static void (*dlsym_EVP_CIPHER_CTX_init)(EVP_CIPHER_CTX *); static void (*dlsym_EVP_CIPHER_CTX_init)(EVP_CIPHER_CTX *);
static int (*dlsym_EVP_CIPHER_CTX_set_padding)(EVP_CIPHER_CTX *, int); static int (*dlsym_EVP_CIPHER_CTX_set_padding)(EVP_CIPHER_CTX *, int);
static int (*dlsym_EVP_CIPHER_CTX_test_flags)(const EVP_CIPHER_CTX *, int);
static int (*dlsym_EVP_CIPHER_CTX_block_size)(const EVP_CIPHER_CTX *);
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
static int (*dlsym_EVP_CIPHER_CTX_encrypting)(const EVP_CIPHER_CTX *);
#endif
static int (*dlsym_EVP_CipherInit_ex)(EVP_CIPHER_CTX *, const EVP_CIPHER *, \ static int (*dlsym_EVP_CipherInit_ex)(EVP_CIPHER_CTX *, const EVP_CIPHER *, \
ENGINE *, const unsigned char *, const unsigned char *, int); ENGINE *, const unsigned char *, const unsigned char *, int);
static int (*dlsym_EVP_CipherUpdate)(EVP_CIPHER_CTX *, unsigned char *, \ static int (*dlsym_EVP_CipherUpdate)(EVP_CIPHER_CTX *, unsigned char *, \
@ -46,6 +51,11 @@ typedef void (__cdecl *__dlsym_EVP_CIPHER_CTX_free)(EVP_CIPHER_CTX *);
typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_cleanup)(EVP_CIPHER_CTX *); typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_cleanup)(EVP_CIPHER_CTX *);
typedef void (__cdecl *__dlsym_EVP_CIPHER_CTX_init)(EVP_CIPHER_CTX *); typedef void (__cdecl *__dlsym_EVP_CIPHER_CTX_init)(EVP_CIPHER_CTX *);
typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_set_padding)(EVP_CIPHER_CTX *, int); typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_set_padding)(EVP_CIPHER_CTX *, int);
typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_test_flags)(const EVP_CIPHER_CTX *, int);
typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_block_size)(const EVP_CIPHER_CTX *);
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_encrypting)(const EVP_CIPHER_CTX *);
#endif
typedef int (__cdecl *__dlsym_EVP_CipherInit_ex)(EVP_CIPHER_CTX *, \ typedef int (__cdecl *__dlsym_EVP_CipherInit_ex)(EVP_CIPHER_CTX *, \
const EVP_CIPHER *, ENGINE *, const unsigned char *, \ const EVP_CIPHER *, ENGINE *, const unsigned char *, \
const unsigned char *, int); const unsigned char *, int);
@ -60,6 +70,11 @@ static __dlsym_EVP_CIPHER_CTX_free dlsym_EVP_CIPHER_CTX_free;
static __dlsym_EVP_CIPHER_CTX_cleanup dlsym_EVP_CIPHER_CTX_cleanup; static __dlsym_EVP_CIPHER_CTX_cleanup dlsym_EVP_CIPHER_CTX_cleanup;
static __dlsym_EVP_CIPHER_CTX_init dlsym_EVP_CIPHER_CTX_init; static __dlsym_EVP_CIPHER_CTX_init dlsym_EVP_CIPHER_CTX_init;
static __dlsym_EVP_CIPHER_CTX_set_padding dlsym_EVP_CIPHER_CTX_set_padding; static __dlsym_EVP_CIPHER_CTX_set_padding dlsym_EVP_CIPHER_CTX_set_padding;
static __dlsym_EVP_CIPHER_CTX_test_flags dlsym_EVP_CIPHER_CTX_test_flags;
static __dlsym_EVP_CIPHER_CTX_block_size dlsym_EVP_CIPHER_CTX_block_size;
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
static __dlsym_EVP_CIPHER_CTX_encrypting dlsym_EVP_CIPHER_CTX_encrypting;
#endif
static __dlsym_EVP_CipherInit_ex dlsym_EVP_CipherInit_ex; static __dlsym_EVP_CipherInit_ex dlsym_EVP_CipherInit_ex;
static __dlsym_EVP_CipherUpdate dlsym_EVP_CipherUpdate; static __dlsym_EVP_CipherUpdate dlsym_EVP_CipherUpdate;
static __dlsym_EVP_CipherFinal_ex dlsym_EVP_CipherFinal_ex; static __dlsym_EVP_CipherFinal_ex dlsym_EVP_CipherFinal_ex;
@ -114,6 +129,14 @@ JNIEXPORT void JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_initIDs
"EVP_CIPHER_CTX_init"); "EVP_CIPHER_CTX_init");
LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_set_padding, env, openssl, \ LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_set_padding, env, openssl, \
"EVP_CIPHER_CTX_set_padding"); "EVP_CIPHER_CTX_set_padding");
LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_test_flags, env, openssl, \
"EVP_CIPHER_CTX_test_flags");
LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_block_size, env, openssl, \
"EVP_CIPHER_CTX_block_size");
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_encrypting, env, openssl, \
"EVP_CIPHER_CTX_encrypting");
#endif
LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CipherInit_ex, env, openssl, \ LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CipherInit_ex, env, openssl, \
"EVP_CipherInit_ex"); "EVP_CipherInit_ex");
LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CipherUpdate, env, openssl, \ LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CipherUpdate, env, openssl, \
@ -135,6 +158,17 @@ JNIEXPORT void JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_initIDs
LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_set_padding, \ LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_set_padding, \
dlsym_EVP_CIPHER_CTX_set_padding, env, \ dlsym_EVP_CIPHER_CTX_set_padding, env, \
openssl, "EVP_CIPHER_CTX_set_padding"); openssl, "EVP_CIPHER_CTX_set_padding");
LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_test_flags, \
dlsym_EVP_CIPHER_CTX_test_flags, env, \
openssl, "EVP_CIPHER_CTX_test_flags");
LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_block_size, \
dlsym_EVP_CIPHER_CTX_block_size, env, \
openssl, "EVP_CIPHER_CTX_block_size");
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_encrypting, \
dlsym_EVP_CIPHER_CTX_encrypting, env, \
openssl, "EVP_CIPHER_CTX_encrypting");
#endif
LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CipherInit_ex, dlsym_EVP_CipherInit_ex, \ LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CipherInit_ex, dlsym_EVP_CipherInit_ex, \
env, openssl, "EVP_CipherInit_ex"); env, openssl, "EVP_CipherInit_ex");
LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CipherUpdate, dlsym_EVP_CipherUpdate, \ LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CipherUpdate, dlsym_EVP_CipherUpdate, \
@ -253,14 +287,18 @@ JNIEXPORT jlong JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_init
static int check_update_max_output_len(EVP_CIPHER_CTX *context, int input_len, static int check_update_max_output_len(EVP_CIPHER_CTX *context, int input_len,
int max_output_len) int max_output_len)
{ {
if (context->flags & EVP_CIPH_NO_PADDING) { if ( dlsym_EVP_CIPHER_CTX_test_flags(context, EVP_CIPH_NO_PADDING) ) {
if (max_output_len >= input_len) { if (max_output_len >= input_len) {
return 1; return 1;
} }
return 0; return 0;
} else { } else {
int b = context->cipher->block_size; int b = dlsym_EVP_CIPHER_CTX_block_size(context);
#if OPENSSL_VERSION_NUMBER < 0x10100000L
if (context->encrypt) { if (context->encrypt) {
#else
if (dlsym_EVP_CIPHER_CTX_encrypting(context)) {
#endif
if (max_output_len >= input_len + b - 1) { if (max_output_len >= input_len + b - 1) {
return 1; return 1;
} }
@ -307,10 +345,10 @@ JNIEXPORT jint JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_update
static int check_doFinal_max_output_len(EVP_CIPHER_CTX *context, static int check_doFinal_max_output_len(EVP_CIPHER_CTX *context,
int max_output_len) int max_output_len)
{ {
if (context->flags & EVP_CIPH_NO_PADDING) { if ( dlsym_EVP_CIPHER_CTX_test_flags(context, EVP_CIPH_NO_PADDING) ) {
return 1; return 1;
} else { } else {
int b = context->cipher->block_size; int b = dlsym_EVP_CIPHER_CTX_block_size(context);
if (max_output_len >= b) { if (max_output_len >= b) {
return 1; return 1;
} }

View File

@ -420,6 +420,7 @@ namespace HadoopPipes {
} }
string createDigest(string &password, string& msg) { string createDigest(string &password, string& msg) {
#if OPENSSL_VERSION_NUMBER < 0x10100000L
HMAC_CTX ctx; HMAC_CTX ctx;
unsigned char digest[EVP_MAX_MD_SIZE]; unsigned char digest[EVP_MAX_MD_SIZE];
HMAC_Init(&ctx, (const unsigned char *)password.c_str(), HMAC_Init(&ctx, (const unsigned char *)password.c_str(),
@ -428,7 +429,16 @@ namespace HadoopPipes {
unsigned int digestLen; unsigned int digestLen;
HMAC_Final(&ctx, digest, &digestLen); HMAC_Final(&ctx, digest, &digestLen);
HMAC_cleanup(&ctx); HMAC_cleanup(&ctx);
#else
HMAC_CTX *ctx = HMAC_CTX_new();
unsigned char digest[EVP_MAX_MD_SIZE];
HMAC_Init_ex(ctx, (const unsigned char *)password.c_str(),
password.length(), EVP_sha1(), NULL);
HMAC_Update(ctx, (const unsigned char *)msg.c_str(), msg.length());
unsigned int digestLen;
HMAC_Final(ctx, digest, &digestLen);
HMAC_CTX_free(ctx);
#endif
//now apply base64 encoding //now apply base64 encoding
BIO *bmem, *b64; BIO *bmem, *b64;
BUF_MEM *bptr; BUF_MEM *bptr;