Line 0
Link Here
|
|
|
1 |
--- hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/crypto/OpensslCipher.c |
2 |
+++ hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/crypto/OpensslCipher.c |
3 |
@@ -30,6 +30,11 @@ static void (*dlsym_EVP_CIPHER_CTX_free)(EVP_CIPHER_CTX *); |
4 |
static int (*dlsym_EVP_CIPHER_CTX_cleanup)(EVP_CIPHER_CTX *); |
5 |
static void (*dlsym_EVP_CIPHER_CTX_init)(EVP_CIPHER_CTX *); |
6 |
static int (*dlsym_EVP_CIPHER_CTX_set_padding)(EVP_CIPHER_CTX *, int); |
7 |
+static int (*dlsym_EVP_CIPHER_CTX_test_flags)(const EVP_CIPHER_CTX *, int); |
8 |
+static int (*dlsym_EVP_CIPHER_CTX_block_size)(const EVP_CIPHER_CTX *); |
9 |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
10 |
+static int (*dlsym_EVP_CIPHER_CTX_encrypting)(const EVP_CIPHER_CTX *); |
11 |
+#endif |
12 |
static int (*dlsym_EVP_CipherInit_ex)(EVP_CIPHER_CTX *, const EVP_CIPHER *, \ |
13 |
ENGINE *, const unsigned char *, const unsigned char *, int); |
14 |
static int (*dlsym_EVP_CipherUpdate)(EVP_CIPHER_CTX *, unsigned char *, \ |
15 |
@@ -46,6 +51,11 @@ typedef void (__cdecl *__dlsym_EVP_CIPHER_CTX_free)(EVP_CIPHER_CTX *); |
16 |
typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_cleanup)(EVP_CIPHER_CTX *); |
17 |
typedef void (__cdecl *__dlsym_EVP_CIPHER_CTX_init)(EVP_CIPHER_CTX *); |
18 |
typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_set_padding)(EVP_CIPHER_CTX *, int); |
19 |
+typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_test_flags)(const EVP_CIPHER_CTX *, int); |
20 |
+typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_block_size)(const EVP_CIPHER_CTX *); |
21 |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
22 |
+typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_encrypting)(const EVP_CIPHER_CTX *); |
23 |
+#endif |
24 |
typedef int (__cdecl *__dlsym_EVP_CipherInit_ex)(EVP_CIPHER_CTX *, \ |
25 |
const EVP_CIPHER *, ENGINE *, const unsigned char *, \ |
26 |
const unsigned char *, int); |
27 |
@@ -60,6 +70,11 @@ static __dlsym_EVP_CIPHER_CTX_free dlsym_EVP_CIPHER_CTX_free; |
28 |
static __dlsym_EVP_CIPHER_CTX_cleanup dlsym_EVP_CIPHER_CTX_cleanup; |
29 |
static __dlsym_EVP_CIPHER_CTX_init dlsym_EVP_CIPHER_CTX_init; |
30 |
static __dlsym_EVP_CIPHER_CTX_set_padding dlsym_EVP_CIPHER_CTX_set_padding; |
31 |
+static __dlsym_EVP_CIPHER_CTX_test_flags dlsym_EVP_CIPHER_CTX_test_flags; |
32 |
+static __dlsym_EVP_CIPHER_CTX_block_size dlsym_EVP_CIPHER_CTX_block_size; |
33 |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
34 |
+static __dlsym_EVP_CIPHER_CTX_encrypting dlsym_EVP_CIPHER_CTX_encrypting; |
35 |
+#endif |
36 |
static __dlsym_EVP_CipherInit_ex dlsym_EVP_CipherInit_ex; |
37 |
static __dlsym_EVP_CipherUpdate dlsym_EVP_CipherUpdate; |
38 |
static __dlsym_EVP_CipherFinal_ex dlsym_EVP_CipherFinal_ex; |
39 |
@@ -114,6 +129,14 @@ JNIEXPORT void JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_initIDs |
40 |
"EVP_CIPHER_CTX_init"); |
41 |
LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_set_padding, env, openssl, \ |
42 |
"EVP_CIPHER_CTX_set_padding"); |
43 |
+ LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_test_flags, env, openssl, \ |
44 |
+ "EVP_CIPHER_CTX_test_flags"); |
45 |
+ LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_block_size, env, openssl, \ |
46 |
+ "EVP_CIPHER_CTX_block_size"); |
47 |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
48 |
+ LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_encrypting, env, openssl, \ |
49 |
+ "EVP_CIPHER_CTX_encrypting"); |
50 |
+#endif |
51 |
LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CipherInit_ex, env, openssl, \ |
52 |
"EVP_CipherInit_ex"); |
53 |
LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CipherUpdate, env, openssl, \ |
54 |
@@ -135,6 +158,17 @@ JNIEXPORT void JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_initIDs |
55 |
LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_set_padding, \ |
56 |
dlsym_EVP_CIPHER_CTX_set_padding, env, \ |
57 |
openssl, "EVP_CIPHER_CTX_set_padding"); |
58 |
+ LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_test_flags, \ |
59 |
+ dlsym_EVP_CIPHER_CTX_test_flags, env, \ |
60 |
+ openssl, "EVP_CIPHER_CTX_test_flags"); |
61 |
+ LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_block_size, \ |
62 |
+ dlsym_EVP_CIPHER_CTX_block_size, env, \ |
63 |
+ openssl, "EVP_CIPHER_CTX_block_size"); |
64 |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
65 |
+ LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_encrypting, \ |
66 |
+ dlsym_EVP_CIPHER_CTX_encrypting, env, \ |
67 |
+ openssl, "EVP_CIPHER_CTX_encrypting"); |
68 |
+#endif |
69 |
LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CipherInit_ex, dlsym_EVP_CipherInit_ex, \ |
70 |
env, openssl, "EVP_CipherInit_ex"); |
71 |
LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CipherUpdate, dlsym_EVP_CipherUpdate, \ |
72 |
@@ -253,14 +287,18 @@ JNIEXPORT jlong JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_init |
73 |
static int check_update_max_output_len(EVP_CIPHER_CTX *context, int input_len, |
74 |
int max_output_len) |
75 |
{ |
76 |
- if (context->flags & EVP_CIPH_NO_PADDING) { |
77 |
+ if ( dlsym_EVP_CIPHER_CTX_test_flags(context, EVP_CIPH_NO_PADDING) ) { |
78 |
if (max_output_len >= input_len) { |
79 |
return 1; |
80 |
} |
81 |
return 0; |
82 |
} else { |
83 |
- int b = context->cipher->block_size; |
84 |
+ int b = dlsym_EVP_CIPHER_CTX_block_size(context); |
85 |
+#if OPENSSL_VERSION_NUMBER < 0x10100000L |
86 |
if (context->encrypt) { |
87 |
+#else |
88 |
+ if (dlsym_EVP_CIPHER_CTX_encrypting(context)) { |
89 |
+#endif |
90 |
if (max_output_len >= input_len + b - 1) { |
91 |
return 1; |
92 |
} |
93 |
@@ -307,10 +345,10 @@ JNIEXPORT jint JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_update |
94 |
static int check_doFinal_max_output_len(EVP_CIPHER_CTX *context, |
95 |
int max_output_len) |
96 |
{ |
97 |
- if (context->flags & EVP_CIPH_NO_PADDING) { |
98 |
+ if ( dlsym_EVP_CIPHER_CTX_test_flags(context, EVP_CIPH_NO_PADDING) ) { |
99 |
return 1; |
100 |
} else { |
101 |
- int b = context->cipher->block_size; |
102 |
+ int b = dlsym_EVP_CIPHER_CTX_block_size(context); |
103 |
if (max_output_len >= b) { |
104 |
return 1; |
105 |
} |
106 |
--- hadoop-tools/hadoop-pipes/src/main/native/pipes/impl/HadoopPipes.cc |
107 |
+++ hadoop-tools/hadoop-pipes/src/main/native/pipes/impl/HadoopPipes.cc |
108 |
@@ -420,6 +420,7 @@ namespace HadoopPipes { |
109 |
} |
110 |
|
111 |
string createDigest(string &password, string& msg) { |
112 |
+#if OPENSSL_VERSION_NUMBER < 0x10100000L |
113 |
HMAC_CTX ctx; |
114 |
unsigned char digest[EVP_MAX_MD_SIZE]; |
115 |
HMAC_Init(&ctx, (const unsigned char *)password.c_str(), |
116 |
@@ -428,7 +429,16 @@ namespace HadoopPipes { |
117 |
unsigned int digestLen; |
118 |
HMAC_Final(&ctx, digest, &digestLen); |
119 |
HMAC_cleanup(&ctx); |
120 |
- |
121 |
+#else |
122 |
+ HMAC_CTX *ctx = HMAC_CTX_new(); |
123 |
+ unsigned char digest[EVP_MAX_MD_SIZE]; |
124 |
+ HMAC_Init_ex(ctx, (const unsigned char *)password.c_str(), |
125 |
+ password.length(), EVP_sha1(), NULL); |
126 |
+ HMAC_Update(ctx, (const unsigned char *)msg.c_str(), msg.length()); |
127 |
+ unsigned int digestLen; |
128 |
+ HMAC_Final(ctx, digest, &digestLen); |
129 |
+ HMAC_CTX_free(ctx); |
130 |
+#endif |
131 |
//now apply base64 encoding |
132 |
BIO *bmem, *b64; |
133 |
BUF_MEM *bptr; |
134 |
|