Makefile | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---

cipher.c | 36 21 + 15 - 0 !
config.c | 33 19 + 14 - 0 !
2 files changed, 40 insertions(+), 29 deletions(-)

 [patch 1/3] cipher: support opaque evp_cipher_ctx

In OpenSSL 1.1+, EVP_CIPHER_CTX can no longer be declared on
the stack; instead you have to declare a pointer and then
use _new()/_free() to allocate or free it.  These functions
continue to work on older OpenSSL, so switch to the new
method.

Signed-off-by: Bob Copeland <copeland@lastpass.com>

cipher.c | 2 0 + 2 - 0 !
1 file changed, 2 deletions(-)

 [patch 2/3] cipher: drop p8inf->broken flag check
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

struct pkcs8_priv_key_info_st is now opaque as of OpenSSL 1.1
so we cannot look directly at its flags going forward.

./cipher.c: In function cipher_rsa_decrypt: ./cipher.c:73:11: error: dereferencing pointer to incomplete type PKCS8_PRIV_KEY_INFO {aka struct
pkcs8_priv_key_info_st}
  if (p8inf->broken)
           ^

Signed-off-by: Bob Copeland <copeland@lastpass.com>

pbkdf2.c | 36 25 + 11 - 0 !
1 file changed, 25 insertions(+), 11 deletions(-)

 [patch 3/3] pbkdf2: support openssl 1.1+

In OpenSSL 1.1, HMAC_CTX is now opaque and _init/_cleanup functions
are history.  Change the pbkdf2 implementation to conditionally
use HMAX_CTX_new()/_free() and use context pointers throughout.

Signed-off-by: Bob Copeland <copeland@lastpass.com>

pins.h | 4 4 + 0 - 0 !
1 file changed, 4 insertions(+)

 backport hardcoded certificate pins from lastpass 1.3.1 to reflect
 changes in the hosted LastPass.com service. (Closes: #898940)