[31525] in CVS-changelog-for-Kerberos-V5


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

krb5 commit [krb5-1.22]: Fix missed renames in PKINIT OpenSSL 3

daemon@ATHENA.MIT.EDU (ghudson@mit.edu)
Thu Apr 23 18:26:01 2026

From: ghudson@mit.edu
To: cvs-krb5@mit.edu
Message-Id: <20260423222557.4B98D105057@krbdev.mit.edu>
Date: Thu, 23 Apr 2026 18:25:57 -0400 (EDT)
MIME-Version: 1.0
Reply-To: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu

https://github.com/krb5/krb5/commit/2b09864fbc56bb4d243b6b56e542ba9547aa88f9
commit 2b09864fbc56bb4d243b6b56e542ba9547aa88f9
Author: Greg Hudson <ghudson@mit.edu>
Date:   Sat Jul 19 01:43:52 2025 -0400

    Fix missed renames in PKINIT OpenSSL 3 changes
    
    Commit 4963edfac2ef111f3d9e6f39e589d9075a185b51 changed calls to four
    OpenSSL functions to use the new preferred names, but missed two call
    sites.  Reported by David Morash.
    
    (cherry picked from commit 3d1a48d2635a87aa2c99656d66164c3957ac4c82)
    
    ticket: 9180

 src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index f222dbdf9..bd25bae47 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@ -505,7 +505,7 @@ encode_spki(EVP_PKEY *pkey, krb5_data *spki_out)
     ASN1_TYPE parameter;
     ASN1_STRING param_str, pubkey_str;
 
-    if (EVP_PKEY_base_id(pkey) != EVP_PKEY_DH) {
+    if (EVP_PKEY_get_base_id(pkey) != EVP_PKEY_DH) {
         /* Only DH keys require special encoding. */
         len = i2d_PUBKEY(pkey, NULL);
         ret = alloc_data(spki_out, len);
@@ -4011,7 +4011,7 @@ create_signature(unsigned char **sig, unsigned int *sig_len,
         return ENOMEM;
     EVP_SignInit(ctx, EVP_sha256());
     EVP_SignUpdate(ctx, data, data_len);
-    *sig_len = EVP_PKEY_size(pkey);
+    *sig_len = EVP_PKEY_get_size(pkey);
     if ((*sig = malloc(*sig_len)) == NULL)
         goto cleanup;
     EVP_SignFinal(ctx, *sig, sig_len, pkey);
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[31525] in CVS-changelog-for-Kerberos-V5

krb5 commit [krb5-1.22]: Fix missed renames in PKINIT OpenSSL 3

daemon@ATHENA.MIT.EDU (ghudson@mit.edu)Thu Apr 23 18:26:01 2026

daemon@ATHENA.MIT.EDU (ghudson@mit.edu)
Thu Apr 23 18:26:01 2026