From e1f63dba5c63302b8a5e9d33c9ffe5580105de72 Mon Sep 17 00:00:00 2001

From: Ondrej Holy <oholy@redhat.com>

Date: Tue, 3 Aug 2021 08:47:13 +0200

Subject: [PATCH] winpr/crypto: Load legacy provider to fix rc4 with OpenSSL

 3.0

Currently, the `EVP_EncryptInit_ex` function fails for rc4 with OpenSSL 3.0.

This is becuase rc4 is provided by the legacy provider which is not loaded

by default. Let's explicitly load the legacy provider to make FreeRDP work

with OpenSSL 3.0.

Relates: https://github.com/openssl/openssl/issues/14392

Fixes: https://github.com/FreeRDP/FreeRDP/issues/6604

---

 winpr/libwinpr/crypto/cipher.c | 9 +++++++++

 1 file changed, 9 insertions(+)

diff --git a/winpr/libwinpr/crypto/cipher.c b/winpr/libwinpr/crypto/cipher.c

index bd52cfeed..75d25a1c7 100644

--- a/winpr/libwinpr/crypto/cipher.c

+++ b/winpr/libwinpr/crypto/cipher.c

@@ -29,6 +29,9 @@

 #include <openssl/rc4.h>

 #include <openssl/des.h>

 #include <openssl/evp.h>

+#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)

+#include <openssl/provider.h>

+#endif

 #endif

 #ifdef WITH_MBEDTLS

@@ -58,6 +60,11 @@ static WINPR_RC4_CTX* winpr_RC4_New_Internal(const BYTE* key, size_t keylen, BOO

 #if defined(WITH_OPENSSL)

+#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)

+	if (OSSL_PROVIDER_load(NULL, "legacy") == NULL)

+		return NULL;

+#endif

+

 	if (!(ctx = (WINPR_RC4_CTX*)EVP_CIPHER_CTX_new()))

 		return NULL;

-- 

2.31.1