From 597199d3a21ba979101a7afe99e9f29e1b4d8fdc Mon Sep 17 00:00:00 2001 From: zhaozg Date: Fri, 2 Feb 2024 22:12:31 +0800 Subject: [PATCH] chore: fix ci for libressl v3.8.2 --- src/engine.c | 8 ++------ src/openssl.c | 4 ++++ src/rsa.c | 4 ++++ test/0.engine.lua | 3 +++ test/2.kdf.lua | 1 - test/4.pkey.lua | 8 +++++--- test/8.ssl.lua | 10 +++++++--- test/dsa.lua | 4 +++- test/ec.lua | 4 +++- test/rsa.lua | 7 ++++++- 10 files changed, 37 insertions(+), 16 deletions(-) diff --git a/src/engine.c b/src/engine.c index e5d99e0d..52eed311 100644 --- a/src/engine.c +++ b/src/engine.c @@ -10,6 +10,7 @@ #include "private.h" #include +#ifndef OPENSSL_NO_ENGINE enum { TYPE_RSA, @@ -60,7 +61,6 @@ static const char* const list[] = int openssl_engine(lua_State *L) { -#ifndef OPENSSL_NO_ENGINE const ENGINE* eng = NULL; if (lua_isstring(L, 1)) { @@ -89,11 +89,9 @@ int openssl_engine(lua_State *L) } else lua_pushnil(L); -#endif return 1; } -#ifndef OPENSSL_NO_ENGINE static int openssl_engine_next(lua_State*L) { ENGINE* eng = CHECK_OBJECT(1, ENGINE, "openssl.engine"); @@ -513,12 +511,10 @@ static luaL_Reg eng_funcs[] = {NULL, NULL}, }; -#endif int openssl_register_engine(lua_State* L) { -#ifndef OPENSSL_NO_ENGINE auxiliar_newclass(L, "openssl.engine", eng_funcs); -#endif return 0; } +#endif diff --git a/src/openssl.c b/src/openssl.c index fe92e589..208f0c45 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -401,7 +401,9 @@ static const luaL_Reg eay_functions[] = {"clear_error", openssl_clear_error}, {"error", openssl_error_string}, {"errors", openssl_errors}, +#ifndef OPENSSL_NO_ENGINE {"engine", openssl_engine}, +#endif {"FIPS_mode", openssl_fips_mode}, {NULL, NULL} @@ -555,7 +557,9 @@ LUALIB_API int luaopen_openssl(lua_State*L) luaL_setfuncs(L, eay_functions, 0); openssl_register_lhash(L); +#ifndef OPENSSL_NO_ENGINE openssl_register_engine(L); +#endif luaopen_bio(L); lua_setfield(L, -2, "bio"); diff --git a/src/rsa.c b/src/rsa.c index c90866c2..bb5ff2d4 100644 --- a/src/rsa.c +++ b/src/rsa.c @@ -313,9 +313,11 @@ static int openssl_padding_add(lua_State *L) } break; } +#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x30800000L case RSA_X931_PADDING: ret = RSA_padding_add_X931(to, sz, from, l); break; +#endif #if OPENSSL_VERSION_NUMBER > 0x10000000L case RSA_PKCS1_PSS_PADDING: { @@ -409,9 +411,11 @@ static int openssl_padding_check(lua_State *L) case RSA_NO_PADDING: ret = RSA_padding_check_none(to, sz, from, l, sz); break; +#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x30800000L case RSA_X931_PADDING: ret = RSA_padding_check_X931(to, sz, from, l, sz); break; +#endif #if OPENSSL_VERSION_NUMBER > 0x10000000L case RSA_PKCS1_PSS_PADDING: { diff --git a/test/0.engine.lua b/test/0.engine.lua index 3c69d9ae..63866097 100644 --- a/test/0.engine.lua +++ b/test/0.engine.lua @@ -1,5 +1,8 @@ local openssl = require 'openssl' local helper = require'helper' +if not openssl.engine then + return +end TestEngine = {} function TestEngine:testAll() diff --git a/test/2.kdf.lua b/test/2.kdf.lua index 69b9c870..8dbbce38 100644 --- a/test/2.kdf.lua +++ b/test/2.kdf.lua @@ -14,7 +14,6 @@ function TestKDF:testDerive() local keylen = 32 local key = assert(kdf.derive(pwd, salt, md, iter, keylen)) - print('key', key) assert(key) assert(#key == 32) end diff --git a/test/4.pkey.lua b/test/4.pkey.lua index 01b53e33..6c99ebd8 100644 --- a/test/4.pkey.lua +++ b/test/4.pkey.lua @@ -28,12 +28,14 @@ function TestPKEYMY:setUp() end function TestPKEYMY:testBasic() - local eng = openssl.engine('openssl') - assert(eng) + local eng + if openssl.engine then + eng = assert(openssl.engine('openssl')) + end for _, v in ipairs(self.genalg) do local k = mk_key(v) assert(k:is_private()) - if v[1]~='dh' and k.set_engine then + if v[1]~='dh' and eng then k:set_engine(eng) end assert(not k:missing_paramaters()) diff --git a/test/8.ssl.lua b/test/8.ssl.lua index b58ea36c..eddbe1ef 100644 --- a/test/8.ssl.lua +++ b/test/8.ssl.lua @@ -355,7 +355,9 @@ function TestSSL:testSNI() local srv = assert(srv_ctx:ssl(bs, bs, true)) local cli = assert(cli_ctx:ssl(bc, bc, false)) srv_ctx:add(ca.cacert, certs) - srv_ctx:set_engine(openssl.engine('openssl')) + if openssl.engine then + srv_ctx:set_engine(openssl.engine('openssl')) + end srv_ctx:timeout(500) assert(srv_ctx:timeout() == 500) local t = assert(srv_ctx:session_cache_mode()) @@ -573,8 +575,10 @@ function TestSSL:testSNI() srv_ctx:session_cache_mode(unpack(old)) lu.assertEquals(old, srv_ctx:session_cache_mode()) - local eng = openssl.engine('openssl') - eng:load_ssl_client_cert(cli) + if openssl.engine then + local eng = openssl.engine('openssl') + eng:load_ssl_client_cert(cli) + end cli:clear() cli:shutdown() diff --git a/test/dsa.lua b/test/dsa.lua index 952084a8..0a7808c4 100644 --- a/test/dsa.lua +++ b/test/dsa.lua @@ -9,5 +9,7 @@ function TestDSA:Testdsa() local t = k:parse() assert(t.bits == 1024) - k:set_engine(openssl.engine('openssl')) + if openssl.engine then + k:set_engine(openssl.engine('openssl')) + end end diff --git a/test/ec.lua b/test/ec.lua index 819867d7..db14de11 100644 --- a/test/ec.lua +++ b/test/ec.lua @@ -159,7 +159,9 @@ if openssl.ec then der = ec:export() assert(type(der)=='string') local ec1 = openssl.ec.read(der) - assert(ec1:set_method(openssl.engine('openssl'))) + if openssl.engine then + assert(ec1:set_method(openssl.engine('openssl'))) + end assert(ec1:conv_form('hybrid')) assert(ec1:conv_form()=='hybrid') assert(ec1:enc_flags('explicit')) diff --git a/test/rsa.lua b/test/rsa.lua index 471e88d7..bfebeb51 100644 --- a/test/rsa.lua +++ b/test/rsa.lua @@ -48,7 +48,9 @@ function TestRSA:TestRSA() "no" } - k:set_engine(openssl.engine('openssl')) + if openssl.engine then + k:set_engine(openssl.engine('openssl')) + end for _=1, #padding+1 do local pad = padding[_] @@ -95,6 +97,9 @@ function TestRSA:TestPad_pkcs1() end function TestRSA:TestPad_x931() + if helper.libressl and helper._opensslv > 0x30800000 then + return + end local msg = openssl.random(128) local padded = rsa.padding_add(msg,'x931', 256) local raw = rsa.padding_check(padded, 'x931', 256)