dns_random: Use CRYPTO_ctr128_encrypt when available

author Christian Hofstaedtler <zeha@debian.org>

Mon, 27 Jun 2016 13:50:05 +0000 (13:50 +0000)

committer Christian Hofstaedtler <christian.hofstaedtler@deduktiva.com>

Fri, 29 Jul 2016 12:42:30 +0000 (14:42 +0200)
author Christian Hofstaedtler <zeha@debian.org>
Mon, 27 Jun 2016 13:50:05 +0000 (13:50 +0000)
committer Christian Hofstaedtler <christian.hofstaedtler@deduktiva.com>
Fri, 29 Jul 2016 12:42:30 +0000 (14:42 +0200)
diff --git a/pdns/dns_random.cc b/pdns/dns_random.cc

index 415542b3b0453cd8474c65bac74fa94e6dc19481..623e3aa54dd4df3de3647d204e6b369542eca537 100644 (file)
--- a/pdns/dns_random.cc
+++ b/pdns/dns_random.cc
@@ -2,6 +2,12 @@
  #include "config.h"
  #endif
  #include <openssl/aes.h>
+#if OPENSSL_VERSION_NUMBER > 0x1000100fL
+// Older OpenSSL does not have CRYPTO_ctr128_encrypt. Before 1.1.0 the header
+// file did not have the necessary extern "C" wrapper. In 1.1.0, AES_ctr128_encrypt
+// was removed.
+#include <openssl/modes.h>
+#endif
  #include <iostream>
  #include <cstdlib>
  #include <cstring>
@@ -47,7 +53,11 @@ unsigned int dns_random(unsigned int n)
    if(!g_initialized)
      abort();
    uint32_t out;
+#if OPENSSL_VERSION_NUMBER > 0x1000100fL
+  CRYPTO_ctr128_encrypt((const unsigned char*)&g_in, (unsigned char*) &out, sizeof(g_in), &aes_key, g_counter, g_stream, &g_offset, (block128_f) AES_encrypt);
+#else
    AES_ctr128_encrypt((const unsigned char*)&g_in, (unsigned char*) &out, sizeof(g_in), &aes_key, g_counter, g_stream, &g_offset);
+#endif
    return out % n;
  }
author	Christian Hofstaedtler <zeha@debian.org>
	Mon, 27 Jun 2016 13:50:05 +0000 (13:50 +0000)
committer	Christian Hofstaedtler <christian.hofstaedtler@deduktiva.com>
	Fri, 29 Jul 2016 12:42:30 +0000 (14:42 +0200)