From f5f22d0a84e77162fd5e5afd8e912cef6d8ad320 Mon Sep 17 00:00:00 2001
From: "Kaleb S. KEITHLEY" <kkeithle@redhat.com>
Date: Wed, 12 Oct 2016 12:25:11 -0400
Subject: crypt: changes needed for openssl-1.1 (coming in Fedora 26)

Fedora is poised to update openssl-1.1.0b in/for Fedora 26
in the next day or so.

But already Fedora koji scratch builds are built against
openssl-1.1.0b because of the way scratch builds work.
N.B. that the latest Fedora rawhide (11 October) still ships
with openssl-1.0.2j.

HMAC_CTX is now an opaque type and instances of it must be
created and released by calling HMAC_CTX_new() and
HMAC_CTX_free().

Change-Id: I3a09751d7b0d9fc25fe18aac6527e5431e9ab19a
BUG: 1384142
Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com>
Reviewed-on: http://review.gluster.org/15629
Smoke: Gluster Build System <jenkins@build.gluster.org>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
---
 xlators/encryption/crypt/src/keys.c | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

(limited to 'xlators/encryption')

diff --git a/xlators/encryption/crypt/src/keys.c b/xlators/encryption/crypt/src/keys.c
index 0b243d3e827..e9da55960c8 100644
--- a/xlators/encryption/crypt/src/keys.c
+++ b/xlators/encryption/crypt/src/keys.c
@@ -113,29 +113,42 @@ static int32_t kderive_init(struct kderive_context *ctx,
 static void kderive_update(struct kderive_context *ctx)
 {
 	uint32_t i;
+#if (OPENSSL_VERSION_NUMBER < 0x1010002f)
 	HMAC_CTX hctx;
+#endif
+        HMAC_CTX *phctx = NULL;
 	unsigned char *pos = ctx->out;
 	uint32_t *p_iter = (uint32_t *)ctx->fid;
 	uint32_t num_iters = ctx->out_len / PRF_OUTPUT_SIZE;
 
 	check_prf_iters(num_iters);
 
+#if (OPENSSL_VERSION_NUMBER < 0x1010002f)
 	HMAC_CTX_init(&hctx);
+        phctx = &hctx;
+#else
+        phctx = HMAC_CTX_new();
+        /* I guess we presume it was successful? */
+#endif
 	for (i = 0; i < num_iters; i++) {
 		/*
 		 * update the iteration number in the fid
 		 */
 		*p_iter = htobe32(i);
-		HMAC_Init_ex(&hctx,
+		HMAC_Init_ex(phctx,
 			     ctx->pkey, ctx->pkey_len >> 3,
 			     EVP_sha256(),
 			     NULL);
-		HMAC_Update(&hctx, ctx->fid, ctx->fid_len);
-		HMAC_Final(&hctx, pos, NULL);
+		HMAC_Update(phctx, ctx->fid, ctx->fid_len);
+		HMAC_Final(phctx, pos, NULL);
 
 		pos += PRF_OUTPUT_SIZE;
 	}
-	HMAC_CTX_cleanup(&hctx);
+#if (OPENSSL_VERSION_NUMBER < 0x1010002f)
+	HMAC_CTX_cleanup(phctx);
+#else
+        HMAC_CTX_free(phctx);
+#endif
 }
 
 static void kderive_final(struct kderive_context *ctx, unsigned char *child)
-- 
cgit