Support for openssl 1.1.0.

ChangeLog.txt

@@ -6,6 +6,10 @@ Broker:
   #186.
 - Don't disconnect client on HUP before reading the pending data. Closes #7.
 - Fix some $SYS messages being incorrectly persisted. Closes #191.
+- Support OpenSSL 1.1.0.
+
+Client library:
+- Support OpenSSL 1.1.0.
 
 Build:
 - Don't attempt to install docs when WITH_DOCS=no. Closes #184.

src/mosquitto_passwd.c

@@ -90,7 +90,11 @@ int output_new_password(FILE *fptr, const char *username, const char *password)
 	unsigned char hash[EVP_MAX_MD_SIZE];
 	unsigned int hash_len;
 	const EVP_MD *digest;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	EVP_MD_CTX context;
+#else
+	EVP_MD_CTX *context;
+#endif
 
 	rc = RAND_bytes(salt, SALT_LEN);
 	if(!rc){
@@ -113,12 +117,21 @@ int output_new_password(FILE *fptr, const char *username, const char *password)
 		return 1;
 	}
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	EVP_MD_CTX_init(&context);
 	EVP_DigestInit_ex(&context, digest, NULL);
 	EVP_DigestUpdate(&context, password, strlen(password));
 	EVP_DigestUpdate(&context, salt, SALT_LEN);
 	EVP_DigestFinal_ex(&context, hash, &hash_len);
 	EVP_MD_CTX_cleanup(&context);
+#else
+	context = EVP_MD_CTX_new();
+	EVP_DigestInit_ex(context, digest, NULL);
+	EVP_DigestUpdate(context, password, strlen(password));
+	EVP_DigestUpdate(context, salt, SALT_LEN);
+	EVP_DigestFinal_ex(context, hash, &hash_len);
+	EVP_MD_CTX_free(context);
+#endif
 
 	rc = base64_encode(hash, hash_len, &hash64);
 	if(rc){

src/net.c

@@ -302,7 +302,7 @@ static int _mosquitto_tls_server_ctx(struct _mqtt3_listener *listener)
 #endif
 
 #ifdef WITH_EC
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && OPENSSL_VERSION_NUMBER < 0x10100000L
 	SSL_CTX_set_ecdh_auto(listener->ssl_ctx, 1);
 #elif OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10002000L
 	ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);

src/read_handle_server.c

@@ -364,7 +364,7 @@ int mqtt3_handle_connect(struct mosquitto_db *db, struct mosquitto *context)
 				goto handle_connect_error;
 			}
 			name_entry = X509_NAME_get_entry(name, i);
-			context->username = _mosquitto_strdup((char *)ASN1_STRING_data(name_entry->value));
+			context->username = _mosquitto_strdup((char *)ASN1_STRING_data(X509_NAME_ENTRY_get_data(name_entry)));
 			if(!context->username){
 				rc = 1;
 				goto handle_connect_error;

src/security_default.c

@@ -770,6 +770,7 @@ int mosquitto_psk_key_get_default(struct mosquitto_db *db, const char *hint, con
 int _pw_digest(const char *password, const unsigned char *salt, unsigned int salt_len, unsigned char *hash, unsigned int *hash_len)
 {
 	const EVP_MD *digest;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	EVP_MD_CTX context;
 
 	digest = EVP_get_digestbyname("sha512");
@@ -785,6 +786,23 @@ int _pw_digest(const char *password, const unsigned char *salt, unsigned int sal
 	/* hash is assumed to be EVP_MAX_MD_SIZE bytes long. */
 	EVP_DigestFinal_ex(&context, hash, hash_len);
 	EVP_MD_CTX_cleanup(&context);
+#else
+	EVP_MD_CTX *context;
+
+	digest = EVP_get_digestbyname("sha512");
+	if(!digest){
+		// FIXME fprintf(stderr, "Error: Unable to create openssl digest.\n");
+		return 1;
+	}
+
+	context = EVP_MD_CTX_new();
+	EVP_DigestInit_ex(context, digest, NULL);
+	EVP_DigestUpdate(context, password, strlen(password));
+	EVP_DigestUpdate(context, salt, salt_len);
+	/* hash is assumed to be EVP_MAX_MD_SIZE bytes long. */
+	EVP_DigestFinal_ex(context, hash, hash_len);
+	EVP_MD_CTX_free(context);
+#endif
 
 	return MOSQ_ERR_SUCCESS;
 }