4 files changed, 238 insertions, 0 deletions

diff --git a/mail/libdkim/files/patch-dkimsign.cpp b/mail/libdkim/files/patch-dkimsign.cpp
new file mode 100644
index 000000000000..fceba413f997
--- /dev/null
+++ b/mail/libdkim/files/patch-dkimsign.cpp
@@ -0,0 +1,119 @@
+--- dkimsign.cpp.orig	2020-09-09 02:13:04 UTC
++++ dkimsign.cpp
+@@ -40,21 +40,27 @@ CDKIMSign::CDKIMSign()
+ {
+ 	m_EmptyLineCount = 0;
+ 	m_pfnHdrCallback = NULL;
++
++	m_allman_sha1ctx = EVP_MD_CTX_create();
++	m_Hdr_ietf_sha1ctx = EVP_MD_CTX_create();
++	m_Hdr_ietf_sha256ctx = EVP_MD_CTX_create();
++	m_Bdy_ietf_sha1ctx = EVP_MD_CTX_create();
++	m_Bdy_ietf_sha256ctx = EVP_MD_CTX_create();
+ 
+-	EVP_SignInit( &m_allman_sha1ctx, EVP_sha1() );
+-	EVP_SignInit( &m_Hdr_ietf_sha1ctx, EVP_sha1() );
+-	EVP_SignInit( &m_Hdr_ietf_sha256ctx, EVP_sha256() );
+-	EVP_DigestInit( &m_Bdy_ietf_sha1ctx, EVP_sha1() );
+-	EVP_DigestInit( &m_Bdy_ietf_sha256ctx, EVP_sha256() );
++	EVP_SignInit( m_allman_sha1ctx, EVP_sha1() );
++	EVP_SignInit( m_Hdr_ietf_sha1ctx, EVP_sha1() );
++	EVP_SignInit( m_Hdr_ietf_sha256ctx, EVP_sha256() );
++	EVP_DigestInit( m_Bdy_ietf_sha1ctx, EVP_sha1() );
++	EVP_DigestInit( m_Bdy_ietf_sha256ctx, EVP_sha256() );
+ }
+ 
+ CDKIMSign::~CDKIMSign()
+ {
+-	EVP_MD_CTX_cleanup( &m_allman_sha1ctx );
+-	EVP_MD_CTX_cleanup( &m_Hdr_ietf_sha1ctx );
+-	EVP_MD_CTX_cleanup( &m_Hdr_ietf_sha256ctx );
+-	EVP_MD_CTX_cleanup( &m_Bdy_ietf_sha1ctx );
+-	EVP_MD_CTX_cleanup( &m_Bdy_ietf_sha256ctx );
++	EVP_MD_CTX_destroy( m_allman_sha1ctx );
++	EVP_MD_CTX_destroy( m_Hdr_ietf_sha1ctx );
++	EVP_MD_CTX_destroy( m_Hdr_ietf_sha256ctx );
++	EVP_MD_CTX_destroy( m_Bdy_ietf_sha1ctx );
++	EVP_MD_CTX_destroy( m_Bdy_ietf_sha256ctx );
+ }
+ 
+ ////////////////////////////////////////////////////////////////////////////////
+@@ -150,34 +156,34 @@ void CDKIMSign::Hash( const char* szBuffer, int nBufLe
+ 	{
+ 		if( m_nIncludeBodyHash & DKIM_BODYHASH_ALLMAN_1 )
+ 		{
+-			EVP_SignUpdate( &m_allman_sha1ctx, szBuffer, nBufLength );
++			EVP_SignUpdate( m_allman_sha1ctx, szBuffer, nBufLength );
+ 		}
+ 	}
+ 	else
+ 	{
+ 		if( m_nIncludeBodyHash < DKIM_BODYHASH_IETF_1 )
+ 		{
+-			EVP_SignUpdate( &m_allman_sha1ctx, szBuffer, nBufLength );
++			EVP_SignUpdate( m_allman_sha1ctx, szBuffer, nBufLength );
+ 		}
+ 		else if( m_nIncludeBodyHash & DKIM_BODYHASH_IETF_1 )
+ 		{
+ 			if( m_nIncludeBodyHash & DKIM_BODYHASH_ALLMAN_1 )
+ 			{
+-				EVP_SignUpdate( &m_allman_sha1ctx, szBuffer, nBufLength );
++				EVP_SignUpdate( m_allman_sha1ctx, szBuffer, nBufLength );
+ 			}
+ 			if( m_nHash & DKIM_HASH_SHA256 )
+ 			{
+ 				if( bHdr )
+-					EVP_SignUpdate( &m_Hdr_ietf_sha256ctx, szBuffer, nBufLength );
++					EVP_SignUpdate( m_Hdr_ietf_sha256ctx, szBuffer, nBufLength );
+ 				else
+-					EVP_DigestUpdate( &m_Bdy_ietf_sha256ctx, szBuffer, nBufLength );
++					EVP_DigestUpdate( m_Bdy_ietf_sha256ctx, szBuffer, nBufLength );
+ 			}
+ 			if( m_nHash != DKIM_HASH_SHA256 )
+ 			{
+ 				if( bHdr )
+-					EVP_SignUpdate( &m_Hdr_ietf_sha1ctx, szBuffer, nBufLength );
++					EVP_SignUpdate( m_Hdr_ietf_sha1ctx, szBuffer, nBufLength );
+ 				else
+-					EVP_DigestUpdate( &m_Bdy_ietf_sha1ctx, szBuffer, nBufLength );
++					EVP_DigestUpdate( m_Bdy_ietf_sha1ctx, szBuffer, nBufLength );
+ 			}
+ 		}
+ 	}
+@@ -865,7 +871,7 @@ int CDKIMSign::ConstructSignature( char* szPrivKey, bo
+ 		unsigned char Hash[EVP_MAX_MD_SIZE];
+ 		unsigned int nHashLen = 0;
+ 
+-		EVP_DigestFinal( bUseSha256 ? &m_Bdy_ietf_sha256ctx : &m_Bdy_ietf_sha1ctx, Hash, &nHashLen );
++		EVP_DigestFinal( bUseSha256 ? m_Bdy_ietf_sha256ctx : m_Bdy_ietf_sha1ctx, Hash, &nHashLen );
+ 
+ 		bio = BIO_new(BIO_s_mem());
+ 		if (!bio) {
+@@ -936,11 +942,11 @@ int CDKIMSign::ConstructSignature( char* szPrivKey, bo
+ 
+ 	if( bUseIetfBodyHash )
+ 	{
+-		EVP_SignUpdate( bUseSha256 ? &m_Hdr_ietf_sha256ctx : &m_Hdr_ietf_sha1ctx, sTemp.c_str(), sTemp.size() );
++		EVP_SignUpdate( bUseSha256 ? m_Hdr_ietf_sha256ctx : m_Hdr_ietf_sha1ctx, sTemp.c_str(), sTemp.size() );
+ 	}
+ 	else
+ 	{
+-		EVP_SignUpdate( &m_allman_sha1ctx, sTemp.c_str(), sTemp.size() );
++		EVP_SignUpdate( m_allman_sha1ctx, sTemp.c_str(), sTemp.size() );
+ 	}
+  
+ 	bio = BIO_new_mem_buf(szPrivKey, -1);
+@@ -967,11 +973,11 @@ int CDKIMSign::ConstructSignature( char* szPrivKey, bo
+ 	
+ 	if( bUseIetfBodyHash )
+ 	{
+-		nSignRet = EVP_SignFinal( bUseSha256 ? &m_Hdr_ietf_sha256ctx : &m_Hdr_ietf_sha1ctx, sig, &siglen, pkey);
++		nSignRet = EVP_SignFinal( bUseSha256 ? m_Hdr_ietf_sha256ctx : m_Hdr_ietf_sha1ctx, sig, &siglen, pkey);
+ 	}
+ 	else
+ 	{
+-		nSignRet = EVP_SignFinal( &m_allman_sha1ctx, sig, &siglen, pkey);
++		nSignRet = EVP_SignFinal( m_allman_sha1ctx, sig, &siglen, pkey);
+ 	}
+ 
+     EVP_PKEY_free(pkey);
diff --git a/mail/libdkim/files/patch-dkimsign.h b/mail/libdkim/files/patch-dkimsign.h
new file mode 100644
index 000000000000..81a565ca22d2
--- /dev/null
+++ b/mail/libdkim/files/patch-dkimsign.h
@@ -0,0 +1,21 @@
+--- dkimsign.h.orig	2008-05-12 03:07:58 UTC
++++ dkimsign.h
+@@ -60,13 +60,13 @@ class CDKIMSign : public CDKIMBase (protected)
+ 
+ 	int AssembleReturnedSig( char* szPrivKey );
+ 
+-	EVP_MD_CTX m_Hdr_ietf_sha1ctx;		/* the header hash for ietf sha1  */
+-	EVP_MD_CTX m_Hdr_ietf_sha256ctx;	/* the header hash for ietf sha256 */
++	EVP_MD_CTX *m_Hdr_ietf_sha1ctx;		/* the header hash for ietf sha1  */
++	EVP_MD_CTX *m_Hdr_ietf_sha256ctx;	/* the header hash for ietf sha256 */
+ 
+-	EVP_MD_CTX m_Bdy_ietf_sha1ctx;		/* the body hash for ietf sha1  */
+-	EVP_MD_CTX m_Bdy_ietf_sha256ctx;	/* the body hash for ietf sha256 */
++	EVP_MD_CTX *m_Bdy_ietf_sha1ctx;		/* the body hash for ietf sha1  */
++	EVP_MD_CTX *m_Bdy_ietf_sha256ctx;	/* the body hash for ietf sha256 */
+ 
+-	EVP_MD_CTX m_allman_sha1ctx;		/* the hash for allman sha1  */
++	EVP_MD_CTX *m_allman_sha1ctx;		/* the hash for allman sha1  */
+ 
+ 	int m_Canon;				// canonization method
+ 
diff --git a/mail/libdkim/files/patch-dkimverify.cpp b/mail/libdkim/files/patch-dkimverify.cpp
new file mode 100644
index 000000000000..616e3d29f9c8
--- /dev/null
+++ b/mail/libdkim/files/patch-dkimverify.cpp
@@ -0,0 +1,85 @@
+--- dkimverify.cpp.orig	2020-09-09 02:39:20 UTC
++++ dkimverify.cpp
+@@ -43,8 +43,10 @@ SignatureInfo::SignatureInfo(bool s)
+ {
+ 	VerifiedBodyCount = 0;
+ 	UnverifiedBodyCount = 0;
+-	EVP_MD_CTX_init( &m_Hdr_ctx );
+-	EVP_MD_CTX_init( &m_Bdy_ctx );
++	m_Hdr_ctx = EVP_MD_CTX_create();
++	m_Bdy_ctx = EVP_MD_CTX_create();
++	EVP_MD_CTX_init( m_Hdr_ctx );
++	EVP_MD_CTX_init( m_Bdy_ctx );
+ 	m_pSelector = NULL;
+ 	Status = DKIM_SUCCESS;
+ 	m_nHash = 0;
+@@ -54,8 +56,8 @@ SignatureInfo::SignatureInfo(bool s)
+ 
+ SignatureInfo::~SignatureInfo()
+ {
+-	EVP_MD_CTX_cleanup( &m_Hdr_ctx );
+-	EVP_MD_CTX_cleanup( &m_Bdy_ctx );
++	EVP_MD_CTX_destroy( m_Hdr_ctx );
++	EVP_MD_CTX_destroy( m_Bdy_ctx );
+ }
+ 
+ 
+@@ -459,7 +461,7 @@ int CDKIMVerify::GetResults(void)
+ 				unsigned char md[EVP_MAX_MD_SIZE];
+ 				unsigned len = 0;
+ 
+-				int res = EVP_DigestFinal( &i->m_Bdy_ctx, md, &len);
++				int res = EVP_DigestFinal( i->m_Bdy_ctx, md, &len);
+ 
+ 				if (!res || len != i->BodyHashData.length() || memcmp(i->BodyHashData.data(), md, len) != 0)
+ 				{
+@@ -515,7 +517,7 @@ int CDKIMVerify::GetResults(void)
+ 
+ 			assert( i->m_pSelector != NULL );
+ 
+-			int res = EVP_VerifyFinal( &i->m_Hdr_ctx, (unsigned char *) i->SignatureData.data(), i->SignatureData.length(), i->m_pSelector->PublicKey);
++			int res = EVP_VerifyFinal( i->m_Hdr_ctx, (unsigned char *) i->SignatureData.data(), i->SignatureData.length(), i->m_pSelector->PublicKey);
+ 
+ 			if (res == 1)
+ 			{
+@@ -658,11 +660,11 @@ void SignatureInfo::Hash( const char* szBuffer, unsign
+ 
+ 	if (IsBody && !BodyHashData.empty())
+ 	{
+-		EVP_DigestUpdate( &m_Bdy_ctx, szBuffer, nBufLength );
++		EVP_DigestUpdate( m_Bdy_ctx, szBuffer, nBufLength );
+ 	}
+ 	else
+ 	{
+-		EVP_VerifyUpdate( &m_Hdr_ctx, szBuffer, nBufLength );
++		EVP_VerifyUpdate( m_Hdr_ctx, szBuffer, nBufLength );
+ 	}
+ 
+ 	if (m_SaveCanonicalizedData)
+@@ -741,13 +743,13 @@ int CDKIMVerify::ProcessHeaders(void)
+ 		// initialize the hashes
+ 		if (sig.m_nHash == DKIM_HASH_SHA256)
+ 		{
+-			EVP_VerifyInit( &sig.m_Hdr_ctx, EVP_sha256() );
+-			EVP_DigestInit( &sig.m_Bdy_ctx, EVP_sha256() );
++			EVP_VerifyInit( sig.m_Hdr_ctx, EVP_sha256() );
++			EVP_DigestInit( sig.m_Bdy_ctx, EVP_sha256() );
+ 		}
+ 		else
+ 		{
+-			EVP_VerifyInit( &sig.m_Hdr_ctx, EVP_sha1() );
+-			EVP_DigestInit( &sig.m_Bdy_ctx, EVP_sha1() );
++			EVP_VerifyInit( sig.m_Hdr_ctx, EVP_sha1() );
++			EVP_DigestInit( sig.m_Bdy_ctx, EVP_sha1() );
+ 		}
+ 
+ 		// compute the hash of the header
+@@ -1337,7 +1339,7 @@ int SelectorInfo::Parse( char* Buffer )
+ 			return DKIM_SELECTOR_PUBLIC_KEY_INVALID;
+ 
+ 		// make sure public key is the correct type (we only support rsa)
+-		if (pkey->type == EVP_PKEY_RSA || pkey->type == EVP_PKEY_RSA2)
++		if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA || EVP_PKEY_id(pkey) == EVP_PKEY_RSA2)
+ 		{
+ 			PublicKey = pkey;
+ 		}
diff --git a/mail/libdkim/files/patch-dkimverify.h b/mail/libdkim/files/patch-dkimverify.h
new file mode 100644
index 000000000000..d2ee944c6fc9
--- /dev/null
+++ b/mail/libdkim/files/patch-dkimverify.h
@@ -0,0 +1,13 @@
+--- dkimverify.h.orig	2008-09-15 00:22:00 UTC
++++ dkimverify.h
+@@ -83,8 +83,8 @@ class SignatureInfo (public)
+ 	unsigned VerifiedBodyCount;
+ 	unsigned UnverifiedBodyCount;
+ 
+-	EVP_MD_CTX m_Hdr_ctx;
+-	EVP_MD_CTX m_Bdy_ctx;
++	EVP_MD_CTX *m_Hdr_ctx;
++	EVP_MD_CTX *m_Bdy_ctx;
+ 	SelectorInfo *m_pSelector;
+ 
+ 	int Status;