hack for el7/x86 where openssl 1.0.2 and 1.1.1 are both installed

zandbelt · zandbelt · commit 61b04a1b8f6b · 2023-01-22T21:15:32.000+01:00
for respectively Apache and NGINX 1.20.1; bump to 1.4.5.5rc0

Signed-off-by: Hans Zandbelt &lt;hans.zandbelt@openidc.com&gt;
diff --git a/ChangeLog b/ChangeLog
@@ -1,3 +1,7 @@
+01/22/2024
+- hack for el7/x86 where openssl 1.0.2 and openssl 1.1.1 are installed for respectively Apache and NGINX 1.20.1
+- bump to 1.4.5.5rc0
+
 01/21/2023
 - revert header_add/header_set change
 - release 1.4.5.4
diff --git a/configure.ac b/configure.ac
@@ -1,4 +1,4 @@
-AC_INIT([liboauth2],[1.4.5.4],[hans.zandbelt@openidc.com])
+AC_INIT([liboauth2],[1.4.5.5rc0],[hans.zandbelt@openidc.com])
 
 AM_INIT_AUTOMAKE([foreign no-define subdir-objects])
 AC_CONFIG_MACRO_DIR([m4])
diff --git a/src/jose.c b/src/jose.c
@@ -138,11 +138,19 @@ bool oauth2_jose_hash_bytes(oauth2_log_t *log, const char *digest,
 	EVP_MD_CTX_init(ctx);
 
 	if ((evp_digest = EVP_get_digestbyname(digest)) == NULL) {
-		oauth2_error(
-		    log,
-		    "no OpenSSL digest algorithm found for algorithm \"%s\"",
-		    digest);
-		goto end;
+		// hack away for el7/x86 where Apache is compiled against
+		// OpenSSL 1.0.2 but NGINX 1.20.1 against OpenSSL 1.1.0
+		if (strcmp(digest, "sha256") == 0) {
+			oauth2_debug(log, "try to directly set EVP_sha256");
+			evp_digest = EVP_sha256();
+		}
+		if (evp_digest == NULL) {
+			oauth2_error(log,
+				     "no OpenSSL digest algorithm found for "
+				     "algorithm \"%s\"",
+				     digest);
+			goto end;
+		}
 	}
 
 	if (!EVP_DigestInit_ex(ctx, evp_digest, NULL))

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-AC_INIT([liboauth2],[1.4.5.4],[[email protected]])`
	`1`	`+AC_INIT([liboauth2],[1.4.5.5rc0],[[email protected]])`
`2`	`2`
`3`	`3`	`AM_INIT_AUTOMAKE([foreign no-define subdir-objects])`
`4`	`4`	`AC_CONFIG_MACRO_DIR([m4])`