hack for el7/x86 where openssl 1.0.2 and 1.1.1 are both installed

for respectively Apache and NGINX 1.20.1; bump to 1.4.5.5rc0 Signed-off-by: Hans Zandbelt <[email protected]>
OpenIDC · Jan 22, 2023 · 61b04a1 · 61b04a1
1 parent 7b37ac9
commit 61b04a1
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 6 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -1,3 +1,7 @@
+01/22/2024
+- hack for el7/x86 where openssl 1.0.2 and openssl 1.1.1 are installed for respectively Apache and NGINX 1.20.1
+- bump to 1.4.5.5rc0
+
 01/21/2023
 - revert header_add/header_set change
 - release 1.4.5.4

diff --git a/configure.ac b/configure.ac
@@ -1,4 +1,4 @@
-AC_INIT([liboauth2],[1.4.5.4],[[email protected]])
+AC_INIT([liboauth2],[1.4.5.5rc0],[[email protected]])
 
 AM_INIT_AUTOMAKE([foreign no-define subdir-objects])
 AC_CONFIG_MACRO_DIR([m4])

diff --git a/src/jose.c b/src/jose.c
@@ -138,11 +138,19 @@ bool oauth2_jose_hash_bytes(oauth2_log_t *log, const char *digest,
 	EVP_MD_CTX_init(ctx);
 
 	if ((evp_digest = EVP_get_digestbyname(digest)) == NULL) {
-		oauth2_error(
-		    log,
-		    "no OpenSSL digest algorithm found for algorithm \"%s\"",
-		    digest);
-		goto end;
+		// hack away for el7/x86 where Apache is compiled against
+		// OpenSSL 1.0.2 but NGINX 1.20.1 against OpenSSL 1.1.0
+		if (strcmp(digest, "sha256") == 0) {
+			oauth2_debug(log, "try to directly set EVP_sha256");
+			evp_digest = EVP_sha256();
+		}
+		if (evp_digest == NULL) {
+			oauth2_error(log,
+				     "no OpenSSL digest algorithm found for "
+				     "algorithm \"%s\"",
+				     digest);
+			goto end;
+		}
 	}
 
 	if (!EVP_DigestInit_ex(ctx, evp_digest, NULL))