|
Line 0
Link Here
|
|
|
1 |
--- hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/crypto/OpensslCipher.c |
| 2 |
+++ hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/crypto/OpensslCipher.c |
| 3 |
@@ -30,6 +30,11 @@ static void (*dlsym_EVP_CIPHER_CTX_free)(EVP_CIPHER_CTX *); |
| 4 |
static int (*dlsym_EVP_CIPHER_CTX_cleanup)(EVP_CIPHER_CTX *); |
| 5 |
static void (*dlsym_EVP_CIPHER_CTX_init)(EVP_CIPHER_CTX *); |
| 6 |
static int (*dlsym_EVP_CIPHER_CTX_set_padding)(EVP_CIPHER_CTX *, int); |
| 7 |
+static int (*dlsym_EVP_CIPHER_CTX_test_flags)(const EVP_CIPHER_CTX *, int); |
| 8 |
+static int (*dlsym_EVP_CIPHER_CTX_block_size)(const EVP_CIPHER_CTX *); |
| 9 |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
| 10 |
+static int (*dlsym_EVP_CIPHER_CTX_encrypting)(const EVP_CIPHER_CTX *); |
| 11 |
+#endif |
| 12 |
static int (*dlsym_EVP_CipherInit_ex)(EVP_CIPHER_CTX *, const EVP_CIPHER *, \ |
| 13 |
ENGINE *, const unsigned char *, const unsigned char *, int); |
| 14 |
static int (*dlsym_EVP_CipherUpdate)(EVP_CIPHER_CTX *, unsigned char *, \ |
| 15 |
@@ -46,6 +51,11 @@ typedef void (__cdecl *__dlsym_EVP_CIPHER_CTX_free)(EVP_CIPHER_CTX *); |
| 16 |
typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_cleanup)(EVP_CIPHER_CTX *); |
| 17 |
typedef void (__cdecl *__dlsym_EVP_CIPHER_CTX_init)(EVP_CIPHER_CTX *); |
| 18 |
typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_set_padding)(EVP_CIPHER_CTX *, int); |
| 19 |
+typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_test_flags)(const EVP_CIPHER_CTX *, int); |
| 20 |
+typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_block_size)(const EVP_CIPHER_CTX *); |
| 21 |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
| 22 |
+typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_encrypting)(const EVP_CIPHER_CTX *); |
| 23 |
+#endif |
| 24 |
typedef int (__cdecl *__dlsym_EVP_CipherInit_ex)(EVP_CIPHER_CTX *, \ |
| 25 |
const EVP_CIPHER *, ENGINE *, const unsigned char *, \ |
| 26 |
const unsigned char *, int); |
| 27 |
@@ -60,6 +70,11 @@ static __dlsym_EVP_CIPHER_CTX_free dlsym_EVP_CIPHER_CTX_free; |
| 28 |
static __dlsym_EVP_CIPHER_CTX_cleanup dlsym_EVP_CIPHER_CTX_cleanup; |
| 29 |
static __dlsym_EVP_CIPHER_CTX_init dlsym_EVP_CIPHER_CTX_init; |
| 30 |
static __dlsym_EVP_CIPHER_CTX_set_padding dlsym_EVP_CIPHER_CTX_set_padding; |
| 31 |
+static __dlsym_EVP_CIPHER_CTX_test_flags dlsym_EVP_CIPHER_CTX_test_flags; |
| 32 |
+static __dlsym_EVP_CIPHER_CTX_block_size dlsym_EVP_CIPHER_CTX_block_size; |
| 33 |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
| 34 |
+static __dlsym_EVP_CIPHER_CTX_encrypting dlsym_EVP_CIPHER_CTX_encrypting; |
| 35 |
+#endif |
| 36 |
static __dlsym_EVP_CipherInit_ex dlsym_EVP_CipherInit_ex; |
| 37 |
static __dlsym_EVP_CipherUpdate dlsym_EVP_CipherUpdate; |
| 38 |
static __dlsym_EVP_CipherFinal_ex dlsym_EVP_CipherFinal_ex; |
| 39 |
@@ -114,6 +129,14 @@ JNIEXPORT void JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_initIDs |
| 40 |
"EVP_CIPHER_CTX_init"); |
| 41 |
LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_set_padding, env, openssl, \ |
| 42 |
"EVP_CIPHER_CTX_set_padding"); |
| 43 |
+ LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_test_flags, env, openssl, \ |
| 44 |
+ "EVP_CIPHER_CTX_test_flags"); |
| 45 |
+ LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_block_size, env, openssl, \ |
| 46 |
+ "EVP_CIPHER_CTX_block_size"); |
| 47 |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
| 48 |
+ LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_encrypting, env, openssl, \ |
| 49 |
+ "EVP_CIPHER_CTX_encrypting"); |
| 50 |
+#endif |
| 51 |
LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CipherInit_ex, env, openssl, \ |
| 52 |
"EVP_CipherInit_ex"); |
| 53 |
LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CipherUpdate, env, openssl, \ |
| 54 |
@@ -135,6 +158,17 @@ JNIEXPORT void JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_initIDs |
| 55 |
LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_set_padding, \ |
| 56 |
dlsym_EVP_CIPHER_CTX_set_padding, env, \ |
| 57 |
openssl, "EVP_CIPHER_CTX_set_padding"); |
| 58 |
+ LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_test_flags, \ |
| 59 |
+ dlsym_EVP_CIPHER_CTX_test_flags, env, \ |
| 60 |
+ openssl, "EVP_CIPHER_CTX_test_flags"); |
| 61 |
+ LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_block_size, \ |
| 62 |
+ dlsym_EVP_CIPHER_CTX_block_size, env, \ |
| 63 |
+ openssl, "EVP_CIPHER_CTX_block_size"); |
| 64 |
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
| 65 |
+ LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_encrypting, \ |
| 66 |
+ dlsym_EVP_CIPHER_CTX_encrypting, env, \ |
| 67 |
+ openssl, "EVP_CIPHER_CTX_encrypting"); |
| 68 |
+#endif |
| 69 |
LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CipherInit_ex, dlsym_EVP_CipherInit_ex, \ |
| 70 |
env, openssl, "EVP_CipherInit_ex"); |
| 71 |
LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CipherUpdate, dlsym_EVP_CipherUpdate, \ |
| 72 |
@@ -253,14 +287,18 @@ JNIEXPORT jlong JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_init |
| 73 |
static int check_update_max_output_len(EVP_CIPHER_CTX *context, int input_len, |
| 74 |
int max_output_len) |
| 75 |
{ |
| 76 |
- if (context->flags & EVP_CIPH_NO_PADDING) { |
| 77 |
+ if ( dlsym_EVP_CIPHER_CTX_test_flags(context, EVP_CIPH_NO_PADDING) ) { |
| 78 |
if (max_output_len >= input_len) { |
| 79 |
return 1; |
| 80 |
} |
| 81 |
return 0; |
| 82 |
} else { |
| 83 |
- int b = context->cipher->block_size; |
| 84 |
+ int b = dlsym_EVP_CIPHER_CTX_block_size(context); |
| 85 |
+#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 86 |
if (context->encrypt) { |
| 87 |
+#else |
| 88 |
+ if (dlsym_EVP_CIPHER_CTX_encrypting(context)) { |
| 89 |
+#endif |
| 90 |
if (max_output_len >= input_len + b - 1) { |
| 91 |
return 1; |
| 92 |
} |
| 93 |
@@ -307,10 +345,10 @@ JNIEXPORT jint JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_update |
| 94 |
static int check_doFinal_max_output_len(EVP_CIPHER_CTX *context, |
| 95 |
int max_output_len) |
| 96 |
{ |
| 97 |
- if (context->flags & EVP_CIPH_NO_PADDING) { |
| 98 |
+ if ( dlsym_EVP_CIPHER_CTX_test_flags(context, EVP_CIPH_NO_PADDING) ) { |
| 99 |
return 1; |
| 100 |
} else { |
| 101 |
- int b = context->cipher->block_size; |
| 102 |
+ int b = dlsym_EVP_CIPHER_CTX_block_size(context); |
| 103 |
if (max_output_len >= b) { |
| 104 |
return 1; |
| 105 |
} |
| 106 |
--- hadoop-tools/hadoop-pipes/src/main/native/pipes/impl/HadoopPipes.cc |
| 107 |
+++ hadoop-tools/hadoop-pipes/src/main/native/pipes/impl/HadoopPipes.cc |
| 108 |
@@ -420,6 +420,7 @@ namespace HadoopPipes { |
| 109 |
} |
| 110 |
|
| 111 |
string createDigest(string &password, string& msg) { |
| 112 |
+#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 113 |
HMAC_CTX ctx; |
| 114 |
unsigned char digest[EVP_MAX_MD_SIZE]; |
| 115 |
HMAC_Init(&ctx, (const unsigned char *)password.c_str(), |
| 116 |
@@ -428,7 +429,16 @@ namespace HadoopPipes { |
| 117 |
unsigned int digestLen; |
| 118 |
HMAC_Final(&ctx, digest, &digestLen); |
| 119 |
HMAC_cleanup(&ctx); |
| 120 |
- |
| 121 |
+#else |
| 122 |
+ HMAC_CTX *ctx = HMAC_CTX_new(); |
| 123 |
+ unsigned char digest[EVP_MAX_MD_SIZE]; |
| 124 |
+ HMAC_Init_ex(ctx, (const unsigned char *)password.c_str(), |
| 125 |
+ password.length(), EVP_sha1(), NULL); |
| 126 |
+ HMAC_Update(ctx, (const unsigned char *)msg.c_str(), msg.length()); |
| 127 |
+ unsigned int digestLen; |
| 128 |
+ HMAC_Final(ctx, digest, &digestLen); |
| 129 |
+ HMAC_CTX_free(ctx); |
| 130 |
+#endif |
| 131 |
//now apply base64 encoding |
| 132 |
BIO *bmem, *b64; |
| 133 |
BUF_MEM *bptr; |
| 134 |
|