engines/http: support openssl < 1.1.0

openssl versions prior to 1.1.0 do not use an opaque pointer for
HMAC_CTX.

Signed-off-by: David Disseldorp <ddiss@suse.de>

diff --git a/configure b/configure
index 97bc35e9ca7039bd7d81822709bee9145c7910f0..0637b105fb2a36ef0f0c296fb15d2ec5aa884eb4 100755 (executable)
--- a/configure
+++ b/configure
@@ -1574,11 +1574,11 @@ if test "$http" != "yes" ; then
   http="no"
 fi
 if test "$disable_http" != "yes"  && $(pkg-config --exists libcurl openssl); then
-  # http engine currently requires opaque HMAC_CTX present in openssl >= 1.1
   if $(pkg-config --atleast-version=1.1.0 openssl); then
-    LIBS="$(pkg-config --libs libcurl openssl) $LIBS"
-    http="yes"
+    output_sym "CONFIG_HAVE_OPAQUE_HMAC_CTX"
   fi
+  LIBS="$(pkg-config --libs libcurl openssl) $LIBS"
+  http="yes"
 fi
 print_config "http engine" "$http"
 

diff --git a/engines/http.c b/engines/http.c
index d3fdba82a93160c5f3c13cc19ac9c1ecd6cfe652..979573a858bea8551d9053997574e55e1d9e055a 100644 (file)
--- a/engines/http.c
+++ b/engines/http.c
@@ -205,14 +205,25 @@ static char *_gen_hex_sha256(const char *p, size_t len)
 }
 
 static void _hmac(unsigned char *md, void *key, int key_len, char *data) {
+#ifndef CONFIG_HAVE_OPAQUE_HMAC_CTX
+       HMAC_CTX _ctx;
+#endif
        HMAC_CTX *ctx;
        unsigned int hmac_len;
 
+#ifdef CONFIG_HAVE_OPAQUE_HMAC_CTX
        ctx = HMAC_CTX_new();
+#else
+       ctx = &_ctx;
+#endif
        HMAC_Init_ex(ctx, key, key_len, EVP_sha256(), NULL);
        HMAC_Update(ctx, (unsigned char*)data, strlen(data));
        HMAC_Final(ctx, md, &hmac_len);
+#ifdef CONFIG_HAVE_OPAQUE_HMAC_CTX
        HMAC_CTX_free(ctx);
+#else
+       HMAC_CTX_cleanup(ctx);
+#endif
 }
 
 static int _curl_trace(CURL *handle, curl_infotype type,