search for: evp_md_ctx_free

On Mon, 5 Nov 2018, Darren Tucker wrote: > On 5 November 2018 at 16:41, Michael Forney <mforney at mforney.org> wrote: > > > This causes EVP_CIPHER_CTX_set_iv to get replaced unnecessarily (or > > a duplicate symbol error if linking statically). > > > > Applied, thanks. should this go on the V_7_9 branch too? > >

...ently officially supported one. Aki On 02.11.2016 12:34, Ruga wrote: > dovecot 2.2.26.0 uses the following functions, which are not available on libressl 2.4.3: > > HMAC_CTX_new > HMAC_CTX_free > EVP_PKEY_get0_EC_KEY > EVP_PKEY_get0_RSA > OBJ_length > EVP_MD_CTX_new > EVP_MD_CTX_free > > The result of calling a non-existent function is a runtime error, > and we do not want that on production servers. > > > > > > > > There are additional problems. I recommend compiling with clang-llvm 3.9.0 > to see them all. > > > > > > >...

...dovecot 2.2.26.0 uses the following functions, which are not >>> available on libressl 2.4.3: >>> >>> HMAC_CTX_new >>> HMAC_CTX_free >>> EVP_PKEY_get0_EC_KEY >>> EVP_PKEY_get0_RSA >>> OBJ_length >>> EVP_MD_CTX_new >>> EVP_MD_CTX_free >>> >>> The result of calling a non-existent function is a runtime error, >>> and we do not want that on production servers. >>> >>> >>> >>> >>> >>> >>> >>> There are additional problems. I recommend...

...t;>> available on libressl 2.4.3: >>>>> >>>>> HMAC_CTX_new >>>>> HMAC_CTX_free >>>>> EVP_PKEY_get0_EC_KEY >>>>> EVP_PKEY_get0_RSA >>>>> OBJ_length >>>>> EVP_MD_CTX_new >>>>> EVP_MD_CTX_free >>>>> >>>>> The result of calling a non-existent function is a runtime error, >>>>> and we do not want that on production servers. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>&g...

OpenSSL v1.0.1 is enough. Aki > On November 1, 2016 at 7:46 PM Ruga <ruga at protonmail.com> wrote: > > > Hello, > > We cannot upgrade from 2.2.24, because we use libressl and the newer > dovecot versions demand openssl v1.1. > > Please add the new library requirement to the INSTALL file. > > All the best. > > > > > > > >

...2.4.3: >>>>>> >>>>>> HMAC_CTX_new >>>>>> HMAC_CTX_free >>>>>> EVP_PKEY_get0_EC_KEY >>>>>> EVP_PKEY_get0_RSA >>>>>> OBJ_length >>>>>> EVP_MD_CTX_new >>>>>> EVP_MD_CTX_free >>>>>> >>>>>> The result of calling a non-existent function is a runtime error, >>>>>> and we do not want that on production servers. >>>>>> >>>>>> >>>>>> >>>>>> >>&gt...

dovecot 2.2.26.0 uses the following functions, which are not available on libressl 2.4.3: HMAC_CTX_new HMAC_CTX_free EVP_PKEY_get0_EC_KEY EVP_PKEY_get0_RSA OBJ_length EVP_MD_CTX_new EVP_MD_CTX_free The result of calling a non-existent function is a runtime error, and we do not want that on production servers. There are additional problems. I recommend compiling with clang-llvm 3.9.0 to see them all. -------- Original Message -------- Subject: Re: v2.2.26.0 released Local Time:...

...11.2016 12:34, Ruga wrote: >> dovecot 2.2.26.0 uses the following functions, which are not >> available on libressl 2.4.3: >> >> HMAC_CTX_new >> HMAC_CTX_free >> EVP_PKEY_get0_EC_KEY >> EVP_PKEY_get0_RSA >> OBJ_length >> EVP_MD_CTX_new >> EVP_MD_CTX_free >> >> The result of calling a non-existent function is a runtime error, >> and we do not want that on production servers. >> >> >> >> >> >> >> >> There are additional problems. I recommend compiling with clang-llvm >> 3.9.0 &g...

...;>> HMAC_CTX_new >>>>>>>> HMAC_CTX_free >>>>>>>> EVP_PKEY_get0_EC_KEY >>>>>>>> EVP_PKEY_get0_RSA >>>>>>>> OBJ_length >>>>>>>> EVP_MD_CTX_new >>>>>>>> EVP_MD_CTX_free >>>>>>>> >>>>>>>> The result of calling a non-existent function is a runtime error, >>>>>>>> and we do not want that on production servers. >>>>>>>> >>>>>>>> >>>>>&...

...functions, which are not >>>> available on libressl 2.4.3: >>>> >>>> HMAC_CTX_new >>>> HMAC_CTX_free >>>> EVP_PKEY_get0_EC_KEY >>>> EVP_PKEY_get0_RSA >>>> OBJ_length >>>> EVP_MD_CTX_new >>>> EVP_MD_CTX_free >>>> >>>> The result of calling a non-existent function is a runtime error, >>>> and we do not want that on production servers. >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>>...

...2.4.3: >>>>>> >>>>>> HMAC_CTX_new >>>>>> HMAC_CTX_free >>>>>> EVP_PKEY_get0_EC_KEY >>>>>> EVP_PKEY_get0_RSA >>>>>> OBJ_length >>>>>> EVP_MD_CTX_new >>>>>> EVP_MD_CTX_free >>>>>> >>>>>> The result of calling a non-existent function is a runtime error, >>>>>> and we do not want that on production servers. >>>>>> >>>>>> >>>>>> >>>>>> >>&gt...

...> >>>>>>> HMAC_CTX_new >>>>>>> HMAC_CTX_free >>>>>>> EVP_PKEY_get0_EC_KEY >>>>>>> EVP_PKEY_get0_RSA >>>>>>> OBJ_length >>>>>>> EVP_MD_CTX_new >>>>>>> EVP_MD_CTX_free >>>>>>> >>>>>>> The result of calling a non-existent function is a runtime error, >>>>>>> and we do not want that on production servers. >>>>>>> >>>>>>> >>>>>>> >>>...

...*ctx = EVP_MD_CTX_create(); @@ -2147,7 +2147,7 @@ bool dcrypt_openssl_public_key_id_evp(EVP_PKEY *key, c buffer_append(result, buf, hlen); res = TRUE; } -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) EVP_MD_CTX_free(ctx); #else EVP_MD_CTX_destroy(ctx); --- src/lib-ssl-iostream/dovecot-openssl-common.c.orig Wed Nov 2 12:11:31 2016 +++ src/lib-ssl-iostream/dovecot-openssl-common.c Wed Nov 2 12:21:04 2016 @@ -10,7 +10,7 @@ static int openssl_init_refcount = 0; static ENGINE *dovecot_openssl_engine; -#if...

...ength); +#ifdef HAVE_OPENSSL +#include <openssl/crypto.h> +#include <openssl/evp.h> + +#define MDLIB_MD_CTX EVP_MD_CTX + +#define mdlib_initialize() OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); + +#define mdlib_new_ctx() EVP_MD_CTX_new() +#define mdlib_free_ctx(_ctx) EVP_MD_CTX_free(_ctx) + +#define mdlib_init_md5(_ctx) EVP_DigestInit_ex(_ctx, EVP_md5(), NULL) +#define mdlib_init_sha1(_ctx) EVP_DigestInit_ex(_ctx, EVP_sha1(), NULL) + +#define mdlib_update(_ctx, _buf, _len) EVP_DigestUpdate(_ctx, _buf, _len) +#define mdlib_finalize(_ctx, _out) EVP_DigestFinal_ex(_ctx, _out, N...