From 98208cbc4483594eb6bb86ac5a838d1a7559b519 Mon Sep 17 00:00:00 2001 From: deepend Date: Thu, 19 Feb 2026 11:27:30 -0700 Subject: [PATCH] Updated the DH parameter initialization path to use legacy direct DH field assignment only on OpenSSL versions older than 1.1.0 (and non-LibreSSL), and otherwise always use DH_set0_pqg, which avoids opaque-struct access errors on OpenSSL 3.x. Updated DH key extraction in dh1080_generate_key to use legacy direct member reads only for truly old OpenSSL, and DH_get0_key for modern OpenSSL, preventing dh->pub_key/dh->priv_key compile failures. Updated private-key injection in dh1080_compute_key to use DH_set0_key(dh, NULL, priv_key_num) on modern OpenSSL, removing the prior unnecessary temporary public-key allocation and avoiding direct dh->priv_key access. --- plugins/fishlim/dh1080.c | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/plugins/fishlim/dh1080.c b/plugins/fishlim/dh1080.c index e5cb03a8..b8174ed9 100644 --- a/plugins/fishlim/dh1080.c +++ b/plugins/fishlim/dh1080.c @@ -75,7 +75,7 @@ dh1080_init (void) BN_set_word (g, 2); -#ifndef HAVE_DH_SET0_PQG +#if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) g_dh->p = p; g_dh->g = g; #else @@ -163,7 +163,7 @@ dh1080_generate_key (char **priv_key, char **pub_key) return 0; } -#ifndef HAVE_DH_GET0_KEY +#if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) dh_pub_key = dh->pub_key; dh_priv_key = dh->priv_key; #else @@ -190,9 +190,6 @@ dh1080_compute_key (const char *priv_key, const char *pub_key, char **secret_key gsize pub_key_len; BIGNUM *pk; DH *dh; -#ifdef HAVE_DH_SET0_KEY - BIGNUM *temp_pub_key = BN_new(); -#endif g_assert (secret_key != NULL); @@ -217,10 +214,10 @@ dh1080_compute_key (const char *priv_key, const char *pub_key, char **secret_key priv_key_data = dh1080_decode_b64 (priv_key, &priv_key_len); priv_key_num = BN_bin2bn(priv_key_data, priv_key_len, NULL); -#ifndef HAVE_DH_SET0_KEY + #if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) dh->priv_key = priv_key_num; #else - DH_set0_key (dh, temp_pub_key, priv_key_num); + DH_set0_key (dh, NULL, priv_key_num); #endif shared_len = DH_compute_key (shared_key, pk, dh);