From d61c708569bef35bf86e5670f639ff26c7717b29 Mon Sep 17 00:00:00 2001 From: Warlockbugs Date: Sun, 14 Jul 2024 23:23:11 +0300 Subject: [PATCH] OpenSSL: Drop legacy 1.1.1 support in the source files Following the package base of majority of maintained LTS Linux distros, 1.1.1 is retired --- CMakeLists.txt | 6 +++--- src/mangosd/Main.cpp | 4 ---- src/realmd/Main.cpp | 4 ---- src/shared/Auth/HMACSHA1.cpp | 27 --------------------------- src/shared/Auth/HMACSHA1.h | 4 ---- 5 files changed, 3 insertions(+), 42 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index dd051f8516..cdb461ce7e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -260,10 +260,10 @@ if(UNIX AND (BUILD_GAME_SERVER OR BUILD_LOGIN_SERVER OR BUILD_EXTRACTORS)) find_package(OpenSSL REQUIRED) message(STATUS "Found OpenSSL libraries: ${OPENSSL_LIBRARIES}") - if(OPENSSL_VERSION VERSION_LESS 1.1) - message(SEND_ERROR "OpenSSL: This project requires OpenSSL version 1.1.0 or higher") + if(OPENSSL_VERSION VERSION_LESS 3.0) + message(SEND_ERROR "OpenSSL: This project requires OpenSSL version 3.0 or higher") endif() - if(OPENSSL_VERSION VERSION_LESS 1.1.1 OR (OPENSSL_VERSION VERSION_GREATER 3.0 AND OPENSSL_VERSION VERSION_LESS 3.0.7)) + if(OPENSSL_VERSION VERSION_GREATER 3.0 AND OPENSSL_VERSION VERSION_LESS 3.0.14) message(WARNING "OpenSSL: Your OpenSSL version is critically vulnerable or no longer being maintained, consider upgrading") endif() endif() diff --git a/src/mangosd/Main.cpp b/src/mangosd/Main.cpp index 135061af74..b929035b77 100644 --- a/src/mangosd/Main.cpp +++ b/src/mangosd/Main.cpp @@ -32,9 +32,7 @@ #include #include -#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3) #include -#endif #include #include @@ -180,7 +178,6 @@ int main(int argc, char* argv[]) sLog.outString("Using configuration file %s.", configFile.c_str()); DETAIL_LOG("%s (Library: %s)", OPENSSL_VERSION_TEXT, OpenSSL_version(OPENSSL_VERSION)); -#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3) // Load OpenSSL 3.0+ providers OSSL_PROVIDER* openssl_legacy = OSSL_PROVIDER_load(nullptr, "legacy"); if (!openssl_legacy) @@ -195,7 +192,6 @@ int main(int argc, char* argv[]) OSSL_PROVIDER_unload(openssl_legacy); return 1; } -#endif DETAIL_LOG("Using Boost: %s", BOOST_LIB_VERSION); diff --git a/src/realmd/Main.cpp b/src/realmd/Main.cpp index 9e3e52d32c..1fe6f30750 100644 --- a/src/realmd/Main.cpp +++ b/src/realmd/Main.cpp @@ -35,9 +35,7 @@ #include #include -#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3) #include -#endif #include #include @@ -178,7 +176,6 @@ int main(int argc, char* argv[]) } DETAIL_LOG("%s (Library: %s)", OPENSSL_VERSION_TEXT, OpenSSL_version(OPENSSL_VERSION)); -#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3) // Load OpenSSL 3.0+ providers OSSL_PROVIDER* openssl_legacy = OSSL_PROVIDER_load(nullptr, "legacy"); if (!openssl_legacy) @@ -193,7 +190,6 @@ int main(int argc, char* argv[]) OSSL_PROVIDER_unload(openssl_legacy); return 1; } -#endif sLog.outString(); sLog.outString(" to stop."); diff --git a/src/shared/Auth/HMACSHA1.cpp b/src/shared/Auth/HMACSHA1.cpp index 99a1b8e083..37adfb6ec7 100644 --- a/src/shared/Auth/HMACSHA1.cpp +++ b/src/shared/Auth/HMACSHA1.cpp @@ -22,7 +22,6 @@ HMACSHA1::HMACSHA1(uint32 len, uint8 const* seed) { memcpy(&m_key, seed, len); -#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3) m_mac = EVP_MAC_fetch(nullptr, "HMAC", nullptr); m_ctx = EVP_MAC_CTX_new(m_mac); @@ -31,15 +30,10 @@ HMACSHA1::HMACSHA1(uint32 len, uint8 const* seed) params[1] = OSSL_PARAM_construct_end(); EVP_MAC_init(m_ctx, m_key, len, params); -#else - m_ctx = HMAC_CTX_new(); - HMAC_Init_ex(m_ctx, &m_key, len, EVP_sha1(), nullptr); -#endif } HMACSHA1::HMACSHA1(uint32 len, uint8 const* seed, bool) // to get over the default constructor { -#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3) m_mac = EVP_MAC_fetch(nullptr, "HMAC", nullptr); m_ctx = EVP_MAC_CTX_new(m_mac); @@ -48,21 +42,13 @@ HMACSHA1::HMACSHA1(uint32 len, uint8 const* seed, bool) // to get over the defau params[1] = OSSL_PARAM_construct_end(); EVP_MAC_init(m_ctx, seed, len, params); -#else - m_ctx = HMAC_CTX_new(); - HMAC_Init_ex(m_ctx, seed, len, EVP_sha1(), nullptr); -#endif } HMACSHA1::~HMACSHA1() { memset(&m_key, 0x00, SEED_KEY_SIZE); -#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3) EVP_MAC_CTX_free(m_ctx); EVP_MAC_free(m_mac); -#else - HMAC_CTX_free(m_ctx); -#endif } void HMACSHA1::UpdateBigNumber(BigNumber* bn) @@ -72,11 +58,7 @@ void HMACSHA1::UpdateBigNumber(BigNumber* bn) void HMACSHA1::UpdateData(const uint8* data, int length) { -#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3) EVP_MAC_update(m_ctx, data, length); -#else - HMAC_Update(m_ctx, data, length); -#endif } void HMACSHA1::UpdateData(const std::string& str) @@ -86,26 +68,17 @@ void HMACSHA1::UpdateData(const std::string& str) void HMACSHA1::Initialize() { -#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3) OSSL_PARAM params[2]; params[0] = OSSL_PARAM_construct_utf8_string("digest", const_cast("SHA1"), 0); params[1] = OSSL_PARAM_construct_end(); EVP_MAC_init(m_ctx, m_key, SEED_KEY_SIZE, params); -#else - HMAC_Init_ex(m_ctx, &m_key, SEED_KEY_SIZE, EVP_sha1(), NULL); -#endif } void HMACSHA1::Finalize() { -#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3) size_t length = 0; EVP_MAC_final(m_ctx, m_digest, &length, sizeof(m_digest)); -#else - uint32 length = 0; - HMAC_Final(m_ctx, (uint8*)m_digest, &length); -#endif MANGOS_ASSERT(length == SHA_DIGEST_LENGTH); } diff --git a/src/shared/Auth/HMACSHA1.h b/src/shared/Auth/HMACSHA1.h index 6f45f96d49..db27038cab 100644 --- a/src/shared/Auth/HMACSHA1.h +++ b/src/shared/Auth/HMACSHA1.h @@ -42,12 +42,8 @@ class HMACSHA1 uint8* GetDigest() { return m_digest; } static int GetLength() { return SHA_DIGEST_LENGTH; } private: -#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3) EVP_MAC* m_mac; EVP_MAC_CTX* m_ctx; -#else - HMAC_CTX* m_ctx; -#endif uint8 m_key[SEED_KEY_SIZE]; uint8 m_digest[SHA_DIGEST_LENGTH]; };