[erlang-bugs] Crypto app and Solaris Openssl libraries

John Peacock <>
Fri Sep 28 15:02:05 CEST 2012


On 09/27/2012 01:12 PM, John Peacock wrote:
> 2) Would you accept a patch for crypt.c to stub out the unsupported
> 0.9.7[x] methods with atom_notsup (much like the HAVE_SHA### stuff is
> currently handled)?

It turns out that the only OpenSSL functionality newer than 0.9.7d that 
the crypto app requires is DES_ede3_cfb_encrypt (introduced in 0.9.7e), 
so the patch is quite simple (attached).  That is still preliminary 
because I haven't tested it across all of our platforms.  And I still 
cannot build Riak because at least one of the plugins (eleveldb) assumes 
GNU tar without probing, and so the build breaks.  I'll send that patch 
to the Riak list directly... :-(

John
-------------- next part --------------
--- lib/crypto/c_src/crypto.c.orig	2012-04-01 14:15:00.000000000 -0400
+++ lib/crypto/c_src/crypto.c	2012-09-27 15:51:56.537208283 -0400
@@ -63,6 +63,9 @@
 #if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_SHA512) && defined(NID_sha512)
 # define HAVE_SHA512
 #endif
+#if OPENSSL_VERSION_NUMBER >= 0x0090705FL
+# define HAVE_DES_ede3_cfb_encrypt
+#endif
 
 #ifdef VALGRIND
     #  include <valgrind/memcheck.h>
@@ -921,6 +924,7 @@ static ERL_NIF_TERM des_ede3_cbc_crypt(E
 
 static ERL_NIF_TERM des_ede3_cfb_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
 {/* (Key1, Key2, Key3, IVec, Text/Cipher, IsEncrypt) */
+#ifdef HAVE_DES_ede3_cfb_encrypt
     ErlNifBinary key1, key2, key3, ivec, text;
     DES_key_schedule schedule1, schedule2, schedule3;
     DES_cblock ivec_clone; /* writable copy */
@@ -942,6 +946,9 @@ static ERL_NIF_TERM des_ede3_cfb_crypt(E
 			 8, text.size, &schedule1, &schedule2, &schedule3,
 			 &ivec_clone, (argv[5] == atom_true));
     return ret;
+#else
+    return atom_notsup;
+#endif
 }
 
 static ERL_NIF_TERM aes_cfb_128_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])


More information about the erlang-bugs mailing list