This is an automated email from the ASF dual-hosted git repository.
jvanderzee pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 77d633c252 Remove HAVE_HMAC_CTX_NEW (#11474)
77d633c252 is described below
commit 77d633c2527491532add42c2c6f2448c5f83989a
Author: JosiahWI <[email protected]>
AuthorDate: Tue Jun 25 09:52:16 2024 -0500
Remove HAVE_HMAC_CTX_NEW (#11474)
We should always have it until it gets removed now that OpenSSL 1.1.1 is our
minimum version:
https://www.openssl.org/docs/man1.1.1/man3/HMAC_CTX_new.html.
---
CMakeLists.txt | 1 -
include/tscore/ink_config.h.cmake.in | 1 -
plugins/s3_auth/s3_auth.cc | 16 ++--------------
3 files changed, 2 insertions(+), 16 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index bb0c1e5089..576d1e5316 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -454,7 +454,6 @@ check_symbol_exists(BIO_get_shutdown "openssl/bio.h"
HAVE_BIO_GET_SHUTDOWN)
check_symbol_exists(BIO_meth_get_ctrl "openssl/bio.h" HAVE_BIO_METH_GET_CTRL)
check_symbol_exists(BIO_meth_get_create "openssl/bio.h"
HAVE_BIO_METH_GET_CREATE)
check_symbol_exists(BIO_meth_get_destroy "openssl/bio.h"
HAVE_BIO_METH_GET_DESTROY)
-check_symbol_exists(HMAC_CTX_new "openssl/hmac.h" HAVE_HMAC_CTX_NEW)
check_symbol_exists(DH_get_2048_256 "openssl/dh.h" TS_USE_GET_DH_2048_256)
check_symbol_exists(OPENSSL_NO_TLS_3 "openssl/ssl.h" TS_NO_USE_TLS12)
check_symbol_exists(SSL_CTX_set_client_hello_cb "openssl/ssl.h"
TS_USE_HELLO_CB)
diff --git a/include/tscore/ink_config.h.cmake.in
b/include/tscore/ink_config.h.cmake.in
index b8f036457f..260ea7a244 100644
--- a/include/tscore/ink_config.h.cmake.in
+++ b/include/tscore/ink_config.h.cmake.in
@@ -83,7 +83,6 @@
#cmakedefine HAVE_BIO_METH_GET_CTRL 1
#cmakedefine HAVE_BIO_METH_GET_CREATE 1
#cmakedefine HAVE_BIO_METH_GET_DESTROY 1
-#cmakedefine HAVE_HMAC_CTX_NEW 1
#cmakedefine HAVE_MD5_INIT 1
#cmakedefine HAVE_STRUCT_TCP_INFO 1
diff --git a/plugins/s3_auth/s3_auth.cc b/plugins/s3_auth/s3_auth.cc
index 7f20d72524..4bd2eb7a76 100644
--- a/plugins/s3_auth/s3_auth.cc
+++ b/plugins/s3_auth/s3_auth.cc
@@ -930,22 +930,14 @@ S3Request::authorizeV2(S3Config *s3)
Dbg(dbg_ctl, "%s", left);
}
-// Produce the SHA1 MAC digest
-#ifndef HAVE_HMAC_CTX_NEW
- HMAC_CTX ctx[1];
-#else
- HMAC_CTX *ctx;
-#endif
+ // Produce the SHA1 MAC digest
+ HMAC_CTX *ctx;
unsigned int hmac_len;
size_t hmac_b64_len;
unsigned char hmac[SHA_DIGEST_LENGTH];
char hmac_b64[SHA_DIGEST_LENGTH * 2];
-#ifndef HAVE_HMAC_CTX_NEW
- HMAC_CTX_init(ctx);
-#else
ctx = HMAC_CTX_new();
-#endif
HMAC_Init_ex(ctx, s3->secret(), s3->secret_len(), EVP_sha1(), nullptr);
HMAC_Update(ctx, (unsigned char *)method, method_len);
HMAC_Update(ctx, reinterpret_cast<const unsigned char *>("\n"), 1);
@@ -968,11 +960,7 @@ S3Request::authorizeV2(S3Config *s3)
}
HMAC_Final(ctx, hmac, &hmac_len);
-#ifndef HAVE_HMAC_CTX_NEW
- HMAC_CTX_cleanup(ctx);
-#else
HMAC_CTX_free(ctx);
-#endif
// Do the Base64 encoding and set the Authorization header.
if (TS_SUCCESS == TSBase64Encode(reinterpret_cast<const char *>(hmac),
hmac_len, hmac_b64, sizeof(hmac_b64) - 1, &hmac_b64_len)) {
