Build fix for FreeBSD

diff --git a/lib/base/tlsutility.cpp b/lib/base/tlsutility.cpp
index 6d8262cdbc39bc054c0c723e6a0f828d4fa1dc69..566d43112b95538a41e974fe725fb2ddbc1e6d35 100644 (file)
--- a/lib/base/tlsutility.cpp
+++ b/lib/base/tlsutility.cpp
@@ -400,14 +400,14 @@ String CertificateToString(const shared_ptr<X509>& cert)
        return result;
 }
 
-String PBKDF2_SHA512(const String& password, const String& salt, int iterations)
+String PBKDF2_SHA1(const String& password, const String& salt, int iterations)
 {
-       unsigned char digest[SHA512_DIGEST_LENGTH];
-       PKCS5_PBKDF2_HMAC(password.CStr(), password.GetLength(), reinterpret_cast<const unsigned char *>(salt.CStr()), salt.GetLength(),
-           iterations, EVP_sha512(), sizeof(digest), digest);
+       unsigned char digest[SHA_DIGEST_LENGTH];
+       PKCS5_PBKDF2_HMAC_SHA1(password.CStr(), password.GetLength(), reinterpret_cast<const unsigned char *>(salt.CStr()), salt.GetLength(),
+           iterations, sizeof(digest), digest);
 
-       char output[SHA512_DIGEST_LENGTH*2+1];
-       for (int i = 0; i < 32; i++)
+       char output[SHA_DIGEST_LENGTH*2+1];
+       for (int i = 0; i < SHA_DIGEST_LENGTH; i++)
                sprintf(output + 2 * i, "%02x", digest[i]);
 
        return output;

diff --git a/lib/base/tlsutility.hpp b/lib/base/tlsutility.hpp
index bd272b88fbd6af831f873f6347f5f302eb166c07..823de2b7b56f97ec14405b20eb202004eb76a20f 100644 (file)
--- a/lib/base/tlsutility.hpp
+++ b/lib/base/tlsutility.hpp
@@ -30,6 +30,7 @@
 #include <openssl/comp.h>
 #include <openssl/sha.h>
 #include <openssl/x509v3.h>
+#include <openssl/evp.h>
 
 namespace icinga
 {
@@ -44,7 +45,7 @@ shared_ptr<X509> I2_BASE_API CreateCert(EVP_PKEY *pubkey, X509_NAME *subject, X5
 String I2_BASE_API GetIcingaCADir(void);
 String I2_BASE_API CertificateToString(const shared_ptr<X509>& cert);
 shared_ptr<X509> I2_BASE_API CreateCertIcingaCA(EVP_PKEY *pubkey, X509_NAME *subject);
-String I2_BASE_API PBKDF2_SHA512(const String& password, const String& salt, int iterations);
+String I2_BASE_API PBKDF2_SHA1(const String& password, const String& salt, int iterations);
 String I2_BASE_API SHA256(const String& s);
 
 class I2_BASE_API openssl_error : virtual public std::exception, virtual public boost::exception { };

diff --git a/lib/cli/pkiticketcommand.cpp b/lib/cli/pkiticketcommand.cpp
index e35938691b0eb850c8e5c727fa60b43b221cb8b5..8cb10c01719b6df5c5d412496c671c8258670d03 100644 (file)
--- a/lib/cli/pkiticketcommand.cpp
+++ b/lib/cli/pkiticketcommand.cpp
@@ -68,7 +68,7 @@ int PKITicketCommand::Run(const boost::program_options::variables_map& vm, const
                return 1;
        }
 
-       std::cout << PBKDF2_SHA512(vm["cn"].as<std::string>(), vm["salt"].as<std::string>(), 50000) << std::endl;
+       std::cout << PBKDF2_SHA1(vm["cn"].as<std::string>(), vm["salt"].as<std::string>(), 50000) << std::endl;
 
        return 0;
 }

diff --git a/lib/remote/apiclient.cpp b/lib/remote/apiclient.cpp
index 68dd690eb3a04e0311753030c05bd99c4508c0d2..04f4417f6d4f4046dec23448f49d48a15af4cf9f 100644 (file)
--- a/lib/remote/apiclient.cpp
+++ b/lib/remote/apiclient.cpp
@@ -239,7 +239,7 @@ Value RequestCertificateHandler(const MessageOrigin& origin, const Dictionary::P
        }
 
        String ticket = params->Get("ticket");
-       String realTicket = PBKDF2_SHA512(origin.FromClient->GetIdentity(), salt, 50000);
+       String realTicket = PBKDF2_SHA1(origin.FromClient->GetIdentity(), salt, 50000);
 
        if (ticket != realTicket) {
                result->Set("error", "Invalid ticket.");