diff options
-rw-r--r-- | appveyor.yml | 2 | ||||
-rw-r--r-- | debian/changelog | 7 | ||||
-rw-r--r-- | debian/control | 2 | ||||
-rw-r--r-- | debian/patches/01-revert_to_openssl_1.0.diff | 604 | ||||
-rw-r--r-- | debian/patches/series | 1 | ||||
-rw-r--r-- | infrastructure/cmake/CMakeLists.txt | 21 | ||||
-rw-r--r-- | infrastructure/cmake/windows/CMakeLists.txt | 18 | ||||
-rwxr-xr-x | infrastructure/travis-build.sh | 19 | ||||
-rw-r--r-- | lib/common/Guards.h | 5 | ||||
-rw-r--r-- | lib/crypto/CipherBlowfish.h | 2 | ||||
-rw-r--r-- | lib/crypto/CipherContext.cpp | 126 | ||||
-rw-r--r-- | lib/crypto/CipherContext.h | 22 | ||||
-rw-r--r-- | lib/crypto/CipherException.txt | 1 | ||||
-rw-r--r-- | lib/server/TLSContext.cpp | 13 | ||||
-rw-r--r-- | test/backupstore/testbackupstore.cpp | 152 | ||||
-rw-r--r-- | test/backupstore/testfiles/encrypted.dir | bin | 0 -> 160 bytes | |||
-rw-r--r-- | test/crypto/testcrypto.cpp | 76 | ||||
-rw-r--r-- | test/crypto/testfiles/bbackupd.keys | bin | 0 -> 1024 bytes | |||
-rwxr-xr-x | test/crypto/testfiles/bfdlink.h | 555 | ||||
-rw-r--r-- | test/crypto/testfiles/bfdlink.h.enc | bin | 0 -> 22592 bytes |
20 files changed, 866 insertions, 760 deletions
diff --git a/appveyor.yml b/appveyor.yml index 093113f7..d75eff77 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -18,7 +18,7 @@ configuration: environment: VisualStudioVersion: 11.0 Generator_Base: Visual Studio 11 2012 - OPENSSL_VERSION: 1.0.2f + OPENSSL_VERSION: 1.1.0f PCRE_VERSION: 8.38 CMAKE_UNIBUILD_DIR: '%APPVEYOR_BUILD_FOLDER%\..\cmake' BOXBACKUP_VERSION_BASE: 0.12 diff --git a/debian/changelog b/debian/changelog index 821428d5..a181428e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +boxbackup (0.13~~git20180303.g6178fd34-1) unstable; urgency=medium + + * New upstream pre-release (requested by upstream) + * Compile against libssl 1.1 (again) (Closes: #870775) + + -- Reinhard Tartler <siretart@tauware.de> Sat, 03 Mar 2018 14:08:09 -0500 + boxbackup (0.13~~git20180102.g6d7e9562-2) unstable; urgency=medium * Revert to libssl 1.1 on upstream's request. This will be reverted as diff --git a/debian/control b/debian/control index 66bc198e..59f211a7 100644 --- a/debian/control +++ b/debian/control @@ -11,7 +11,7 @@ Build-Depends: docbook-xsl, libdb-dev (>= 4.7), libedit-dev, - libssl1.0-dev, + libssl-dev, libtest-lwp-useragent-perl, xsltproc, zlib1g-dev diff --git a/debian/patches/01-revert_to_openssl_1.0.diff b/debian/patches/01-revert_to_openssl_1.0.diff deleted file mode 100644 index ff90ba0a..00000000 --- a/debian/patches/01-revert_to_openssl_1.0.diff +++ /dev/null @@ -1,604 +0,0 @@ -commit bc48bec97b65534966da74a07ed3edb3f13f6263 (github/revert_openssl_1_1) -Author: Chris Wilson <chris+github@qwirx.com> -Date: Sun Feb 25 08:18:34 2018 +0000 - - Revert "Add support for OpenSSL 1.1 and replace deprecated function calls" - - Until shown to be safe. See message from Johann Glaser to the mailing list. - - This reverts commit 85e7efc3fa0477f60318d2cd2144503a9ea8feb9. - -diff --git a/appveyor.yml b/appveyor.yml -index d75eff77..093113f7 100644 ---- a/appveyor.yml -+++ b/appveyor.yml -@@ -18,7 +18,7 @@ configuration: - environment: - VisualStudioVersion: 11.0 - Generator_Base: Visual Studio 11 2012 -- OPENSSL_VERSION: 1.1.0f -+ OPENSSL_VERSION: 1.0.2f - PCRE_VERSION: 8.38 - CMAKE_UNIBUILD_DIR: '%APPVEYOR_BUILD_FOLDER%\..\cmake' - BOXBACKUP_VERSION_BASE: 0.12 -diff --git a/infrastructure/cmake/CMakeLists.txt b/infrastructure/cmake/CMakeLists.txt -index 65f59eb8..25015452 100644 ---- a/infrastructure/cmake/CMakeLists.txt -+++ b/infrastructure/cmake/CMakeLists.txt -@@ -407,26 +407,7 @@ else() - endif() - - # Link to OpenSSL --# Workaround for incorrect library suffixes searched by FindOpenSSL: --# https://gitlab.kitware.com/cmake/cmake/issues/17604 --if(WIN32 AND MSVC) -- find_package(OpenSSL) -- set(OPENSSL_SSL_LIBRARY ${SSL_EAY_RELEASE}) -- set(OPENSSL_CRYPTO_LIBRARY ${LIB_EAY_RELEASE}) -- set(OPENSSL_LIBRARIES ${OPENSSL_SSL_LIBRARY} ${OPENSSL_CRYPTO_LIBRARY} crypt32) -- find_package_handle_standard_args(OpenSSL -- REQUIRED_VARS -- OPENSSL_SSL_LIBRARY -- OPENSSL_CRYPTO_LIBRARY -- OPENSSL_INCLUDE_DIR -- VERSION_VAR -- OPENSSL_VERSION -- FAIL_MESSAGE -- "Could NOT find OpenSSL, try to set the path to OpenSSL root folder in the system variable OPENSSL_ROOT_DIR" -- ) --else() -- find_package(OpenSSL REQUIRED) --endif() -+find_package(OpenSSL REQUIRED) - include_directories(${OPENSSL_INCLUDE_DIR}) - target_link_libraries(lib_crypto PUBLIC ${OPENSSL_LIBRARIES}) - -diff --git a/infrastructure/cmake/windows/CMakeLists.txt b/infrastructure/cmake/windows/CMakeLists.txt -index 49a1ea4d..0fbe35e3 100644 ---- a/infrastructure/cmake/windows/CMakeLists.txt -+++ b/infrastructure/cmake/windows/CMakeLists.txt -@@ -15,9 +15,9 @@ set(ZLIB_VERSION 1.2.11) - set(ZLIB_HASH SHA256=c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1) - - # Version of OpenSSL to download, build, and compile Box Backup against: --set(OPENSSL_VERSION 1.1.0g) -+set(OPENSSL_VERSION 1.0.2j) - # Hash of openssl-${OPENSSL_VERSION}.tar.gz, to be verified after download: --set(OPENSSL_HASH SHA256=de4d501267da39310905cb6dc8c6121f7a2cad45a7707f76df828fe1b85073af) -+set(OPENSSL_HASH SHA256=e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431) - - # Version of PCRE to download, build, and compile Box Backup against: - set(PCRE_VERSION 8.39) -@@ -49,21 +49,15 @@ if(WIN32) - URL "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz" - URL_HASH ${OPENSSL_HASH} - DOWNLOAD_NO_PROGRESS 1 -- CONFIGURE_COMMAND perl Configure debug-VC-WIN32 no-asm no-shared -- --prefix=${install_dir} -- --openssldir=etc -- # Run tests before install, but don't make the main target depend on them, so that -- # we don't have to run them whenever we build manually on Windows. -- TEST_BEFORE_INSTALL 1 -- TEST_EXCLUDE_FROM_MAIN 1 -+ CONFIGURE_COMMAND perl Configure debug-VC-WIN32 no-asm --prefix=${install_dir} -+ COMMAND cmd /c ms\\do_ms.bat - # You would expect us to use nt.mak to compile a static library here, but mk1mf.pl uses the /MT[d] - # CRT in that case, which is incompatible with our dynamic runtime, /MD[d]. It seems that the libs - # built by ntdll.mak, which are compiled with /MD[d], are full libraries and not import libs, - # so we can link statically against them and still get a dynamic runtime. - BUILD_IN_SOURCE 1 -- BUILD_COMMAND nmake /s -- TEST_COMMAND nmake /s test -- INSTALL_COMMAND nmake /s install -+ BUILD_COMMAND nmake /s /f ms\\nt.mak -+ INSTALL_COMMAND nmake /s /f ms\\nt.mak install - ) - elseif(${CMAKE_SYSTEM_NAME} MATCHES "Darwin") - ExternalProject_Add(openssl -diff --git a/lib/crypto/CipherBlowfish.cpp b/lib/crypto/CipherBlowfish.cpp -index 4c75b1de..e16cc6ed 100644 ---- a/lib/crypto/CipherBlowfish.cpp -+++ b/lib/crypto/CipherBlowfish.cpp -@@ -206,7 +206,7 @@ void CipherBlowfish::SetupParameters(EVP_CIPHER_CTX *pCipherContext) const - } - // Set key - #ifndef HAVE_OLD_SSL -- if(EVP_CipherInit_ex(pCipherContext, GetCipher(), NULL, (unsigned char*)mpKey, (unsigned char*)mpInitialisationVector, -1) != 1) -+ if(EVP_CipherInit_ex(pCipherContext, NULL, NULL, (unsigned char*)mpKey, (unsigned char*)mpInitialisationVector, -1) != 1) - #else - if(EVP_CipherInit(pCipherContext, NULL, (unsigned char*)mKey.c_str(), (unsigned char*)mInitialisationVector, -1) != 1) - #endif -diff --git a/lib/crypto/CipherContext.cpp b/lib/crypto/CipherContext.cpp -index 3de88c64..fd149395 100644 ---- a/lib/crypto/CipherContext.cpp -+++ b/lib/crypto/CipherContext.cpp -@@ -2,7 +2,7 @@ - // - // File - // Name: CipherContext.cpp --// Purpose: Context for symmetric encryption / decryption -+// Purpose: Context for symmetric encryption / descryption - // Created: 1/12/03 - // - // -------------------------------------------------------------------------- -@@ -50,7 +50,7 @@ CipherContext::~CipherContext() - if(mInitialised) - { - // Clean up -- BOX_OPENSSL_CLEANUP_CTX(ctx); -+ EVP_CIPHER_CTX_cleanup(&ctx); - mInitialised = false; - } - #ifdef HAVE_OLD_SSL -@@ -98,7 +98,7 @@ void CipherContext::Init(CipherContext::CipherFunction Function, const CipherDes - // Check for bad usage - if(mInitialised) - { -- THROW_EXCEPTION(CipherException, AlreadyInitialised); -+ THROW_EXCEPTION(CipherException, AlreadyInitialised) - } - if(Function != Decrypt && Function != Encrypt) - { -@@ -109,45 +109,43 @@ void CipherContext::Init(CipherContext::CipherFunction Function, const CipherDes - mFunction = Function; - - // Initialise the cipher --#ifdef HAVE_OLD_SSL -- // Use old version of init call -- if(EVP_CipherInit(&ctx, rDescription.GetCipher(), NULL, NULL, -+#ifndef HAVE_OLD_SSL -+ EVP_CIPHER_CTX_init(&ctx); // no error return code, even though the docs says it does -+ -+ if(EVP_CipherInit_ex(&ctx, rDescription.GetCipher(), NULL, NULL, NULL, - (mFunction == Encrypt) ? 1 : 0) != 1) - #else -- BOX_OPENSSL_INIT_CTX(ctx); -- -- // Don't set key or IV yet, because we will modify the parameters: -- if(EVP_CipherInit_ex(BOX_OPENSSL_CTX(ctx), rDescription.GetCipher(), NULL, NULL, NULL, -+ // Use old version of init call -+ if(EVP_CipherInit(&ctx, rDescription.GetCipher(), NULL, NULL, - (mFunction == Encrypt) ? 1 : 0) != 1) - #endif - { - THROW_EXCEPTION_MESSAGE(CipherException, EVPInitFailure, - "Failed to initialise " << rDescription.GetFullName() -- << ": " << LogError("initialising cipher")); -+ << "cipher: " << LogError("initialising cipher")); - } -- UsePadding(mPaddingOn); - - try - { - mCipherName = rDescription.GetFullName(); - #ifndef HAVE_OLD_SSL - // Let the description set up everything else -- mpDescription = &rDescription; -+ rDescription.SetupParameters(&ctx); - #else - // With the old version, a copy needs to be taken first. - mpDescription = rDescription.Clone(); - // Mark it as not a leak, otherwise static cipher contexts - // cause spurious memory leaks to be reported - MEMLEAKFINDER_NOT_A_LEAK(mpDescription); -+ mpDescription->SetupParameters(&ctx); - #endif -- mpDescription->SetupParameters(BOX_OPENSSL_CTX(ctx)); - } - catch(...) - { - THROW_EXCEPTION_MESSAGE(CipherException, EVPInitFailure, -- "Failed to configure " << mCipherName << ": " << -+ "Failed to configure " << mCipherName << " cipher: " << - LogError("configuring cipher")); -- BOX_OPENSSL_CLEANUP_CTX(ctx); -+ EVP_CIPHER_CTX_cleanup(&ctx); - throw; - } - -@@ -168,7 +166,7 @@ void CipherContext::Reset() - if(mInitialised) - { - // Clean up -- EVP_CIPHER_CTX_cleanup(BOX_OPENSSL_CTX(ctx)); -+ EVP_CIPHER_CTX_cleanup(&ctx); - mInitialised = false; - } - #ifdef HAVE_OLD_SSL -@@ -179,7 +177,6 @@ void CipherContext::Reset() - } - #endif - mWithinTransform = false; -- mIV.clear(); - } - - -@@ -195,22 +192,24 @@ void CipherContext::Begin() - { - if(!mInitialised) - { -- THROW_EXCEPTION(CipherException, NotInitialised); -+ THROW_EXCEPTION(CipherException, NotInitialised) - } - -+ // Warn if in a transformation (not an error, because a context might not have been finalised if an exception occured) - if(mWithinTransform) - { -- THROW_EXCEPTION(CipherException, AlreadyInTransform); -+ BOX_WARNING("CipherContext::Begin called when context " -+ "flagged as within a transform"); - } - -- if(EVP_CipherInit_ex(BOX_OPENSSL_CTX(ctx), NULL, NULL, NULL, -- (const unsigned char *)(mIV.size() > 0 ? mIV.c_str() : NULL), -- -1) != 1) -+ // Initialise the cipher context again -+ if(EVP_CipherInit(&ctx, NULL, NULL, NULL, -1) != 1) - { - THROW_EXCEPTION_MESSAGE(CipherException, EVPInitFailure, -- "Failed to set IV for " << mCipherName << ": " << LogError(GetFunction())); -+ "Failed to reset " << mCipherName << " cipher: " << -+ LogError("resetting cipher")); - } -- -+ - // Mark as being within a transform - mWithinTransform = true; - } -@@ -252,18 +251,18 @@ int CipherContext::Transform(void *pOutBuffer, int OutLength, const void *pInBuf - } - - // Check output buffer size -- if(OutLength < (InLength + EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx)))) -+ if(OutLength < (InLength + EVP_CIPHER_CTX_block_size(&ctx))) - { - THROW_EXCEPTION(CipherException, OutputBufferTooSmall); - } - - // Do the transform - int outLength = OutLength; -- if(EVP_CipherUpdate(BOX_OPENSSL_CTX(ctx), (unsigned char*)pOutBuffer, &outLength, -- (unsigned char*)pInBuffer, InLength) != 1) -+ if(EVP_CipherUpdate(&ctx, (unsigned char*)pOutBuffer, &outLength, (unsigned char*)pInBuffer, InLength) != 1) - { - THROW_EXCEPTION_MESSAGE(CipherException, EVPUpdateFailure, -- "Failed to update " << mCipherName << ": " << LogError(GetFunction())); -+ "Failed to " << GetFunction() << " (update) " << -+ mCipherName << " cipher: " << LogError(GetFunction())); - } - - return outLength; -@@ -301,7 +300,7 @@ int CipherContext::Final(void *pOutBuffer, int OutLength) - } - - // Check output buffer size -- if(OutLength < (2 * EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx)))) -+ if(OutLength < (2 * EVP_CIPHER_CTX_block_size(&ctx))) - { - THROW_EXCEPTION(CipherException, OutputBufferTooSmall); - } -@@ -309,11 +308,12 @@ int CipherContext::Final(void *pOutBuffer, int OutLength) - // Do the transform - int outLength = OutLength; - #ifndef HAVE_OLD_SSL -- if(EVP_CipherFinal(BOX_OPENSSL_CTX(ctx), (unsigned char*)pOutBuffer, &outLength) != 1) -+ if(EVP_CipherFinal(&ctx, (unsigned char*)pOutBuffer, &outLength) != 1) - { - mWithinTransform = false; - THROW_EXCEPTION_MESSAGE(CipherException, EVPFinalFailure, -- "Failed to finalise " << mCipherName << ": " << LogError(GetFunction())); -+ "Failed to " << GetFunction() << " (final) " << -+ mCipherName << " cipher: " << LogError(GetFunction())); - } - #else - OldOpenSSLFinal((unsigned char*)pOutBuffer, outLength); -@@ -340,11 +340,11 @@ void CipherContext::OldOpenSSLFinal(unsigned char *Buffer, int &rOutLengthOut) - // Old version needs to use a different form, and then set up the cipher again for next time around - int outLength = rOutLengthOut; - // Have to emulate padding off... -- int blockSize = EVP_CIPHER_CTX_block_size(ctx); -+ int blockSize = EVP_CIPHER_CTX_block_size(&ctx); - if(mPaddingOn) - { - // Just use normal final call -- if(EVP_CipherFinal(ctx, Buffer, &outLength) != 1) -+ if(EVP_CipherFinal(&ctx, Buffer, &outLength) != 1) - { - THROW_EXCEPTION(CipherException, EVPFinalFailure) - } -@@ -357,13 +357,13 @@ void CipherContext::OldOpenSSLFinal(unsigned char *Buffer, int &rOutLengthOut) - { - // NASTY -- fiddling around with internals like this is bad. - // But only way to get this working on old versions of OpenSSL. -- if(!EVP_EncryptUpdate(ctx,Buffer,&outLength,ctx.buf,0) -+ if(!EVP_EncryptUpdate(&ctx,Buffer,&outLength,ctx.buf,0) - || outLength != blockSize) - { - THROW_EXCEPTION(CipherException, EVPFinalFailure) - } - // Clean up -- EVP_CIPHER_CTX_free(ctx); -+ EVP_CIPHER_CTX_cleanup(&ctx); - } - else - { -@@ -391,14 +391,12 @@ void CipherContext::OldOpenSSLFinal(unsigned char *Buffer, int &rOutLengthOut) - } - } - // Reinitialise the cipher for the next time around -- if(EVP_CipherInit_ex(&ctx, mpDescription->GetCipher(), NULL, NULL, -- (const unsigned char *)(mIV.size() > 0 ? mIV.c_str() : NULL), -+ if(EVP_CipherInit(&ctx, mpDescription->GetCipher(), NULL, NULL, - (mFunction == Encrypt) ? 1 : 0) != 1) - { - THROW_EXCEPTION(CipherException, EVPInitFailure) - } - mpDescription->SetupParameters(&ctx); -- UsePadding(mPaddingOn); - - // Update length for caller - rOutLengthOut = outLength; -@@ -423,7 +421,7 @@ int CipherContext::InSizeForOutBufferSize(int OutLength) - - // Strictly speaking, the *2 is unnecessary. However... - // Final() is paranoid, and requires two input blocks of space to work. -- return OutLength - (EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx)) * 2); -+ return OutLength - (EVP_CIPHER_CTX_block_size(&ctx) * 2); - } - - // -------------------------------------------------------------------------- -@@ -444,7 +442,7 @@ int CipherContext::MaxOutSizeForInBufferSize(int InLength) - - // Final() is paranoid, and requires two input blocks of space to work, and so we need to add - // three blocks on to be absolutely sure. -- return InLength + (EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx)) * 3); -+ return InLength + (EVP_CIPHER_CTX_block_size(&ctx) * 3); - } - - -@@ -458,8 +456,20 @@ int CipherContext::MaxOutSizeForInBufferSize(int InLength) - // -------------------------------------------------------------------------- - int CipherContext::TransformBlock(void *pOutBuffer, int OutLength, const void *pInBuffer, int InLength) - { -+ if(!mInitialised) -+ { -+ THROW_EXCEPTION(CipherException, NotInitialised) -+ } -+ -+ // Warn if in a transformation -+ if(mWithinTransform) -+ { -+ BOX_WARNING("CipherContext::TransformBlock called when " -+ "context flagged as within a transform"); -+ } -+ - // Check output buffer size -- if(OutLength < (InLength + EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx)))) -+ if(OutLength < (InLength + EVP_CIPHER_CTX_block_size(&ctx))) - { - // Check if padding is off, in which case the buffer can be smaller - if(!mPaddingOn && OutLength <= InLength) -@@ -471,36 +481,40 @@ int CipherContext::TransformBlock(void *pOutBuffer, int OutLength, const void *p - THROW_EXCEPTION(CipherException, OutputBufferTooSmall); - } - } -- -- Begin(); -+ -+ // Initialise the cipher context again -+ if(EVP_CipherInit(&ctx, NULL, NULL, NULL, -1) != 1) -+ { -+ THROW_EXCEPTION(CipherException, EVPInitFailure) -+ } - - // Do the entire block -- int output_space_used = OutLength; -+ int outLength = 0; - - // Update -- if(EVP_CipherUpdate(BOX_OPENSSL_CTX(ctx), (unsigned char*)pOutBuffer, &output_space_used, -- (unsigned char*)pInBuffer, InLength) != 1) -+ outLength = OutLength; -+ if(EVP_CipherUpdate(&ctx, (unsigned char*)pOutBuffer, &outLength, (unsigned char*)pInBuffer, InLength) != 1) - { - THROW_EXCEPTION_MESSAGE(CipherException, EVPUpdateFailure, -- "Failed to update " << mCipherName << ": " << LogError(GetFunction())); -+ "Failed to " << GetFunction() << " (update) " << -+ mCipherName << " cipher: " << LogError(GetFunction())); - } - - // Finalise -- int output_space_remain = OutLength - output_space_used; -- --#ifdef HAVE_OLD_SSL -- OldOpenSSLFinal(((unsigned char*)pOutBuffer) + output_space_used, output_space_remain); --#else -- if(EVP_CipherFinal(BOX_OPENSSL_CTX(ctx), ((unsigned char*)pOutBuffer) + output_space_used, -- &output_space_remain) != 1) -+ int outLength2 = OutLength - outLength; -+#ifndef HAVE_OLD_SSL -+ if(EVP_CipherFinal(&ctx, ((unsigned char*)pOutBuffer) + outLength, &outLength2) != 1) - { - THROW_EXCEPTION_MESSAGE(CipherException, EVPFinalFailure, -- "Failed to finalise " << mCipherName << ": " << LogError(GetFunction())); -+ "Failed to " << GetFunction() << " (final) " << -+ mCipherName << " cipher: " << LogError(GetFunction())); - } -+#else -+ OldOpenSSLFinal(((unsigned char*)pOutBuffer) + outLength, outLength2); - #endif -+ outLength += outLength2; - -- mWithinTransform = false; -- return output_space_used + output_space_remain; -+ return outLength; - } - - -@@ -519,7 +533,7 @@ int CipherContext::GetIVLength() - THROW_EXCEPTION(CipherException, NotInitialised) - } - -- return EVP_CIPHER_CTX_iv_length(BOX_OPENSSL_CTX(ctx)); -+ return EVP_CIPHER_CTX_iv_length(&ctx); - } - - -@@ -545,14 +559,12 @@ void CipherContext::SetIV(const void *pIV) - "flagged as within a transform"); - } - -- mIV = std::string((const char *)pIV, GetIVLength()); -- - // Set IV -- if(EVP_CipherInit_ex(BOX_OPENSSL_CTX(ctx), NULL, NULL, NULL, -- (const unsigned char *)mIV.c_str(), -1) != 1) -+ if(EVP_CipherInit(&ctx, NULL, NULL, (unsigned char *)pIV, -1) != 1) - { - THROW_EXCEPTION_MESSAGE(CipherException, EVPInitFailure, -- "Failed to set IV for " << mCipherName << ": " << LogError(GetFunction())); -+ "Failed to " << GetFunction() << " (set IV) " << -+ mCipherName << " cipher: " << LogError(GetFunction())); - } - - #ifdef HAVE_OLD_SSL -@@ -589,20 +601,19 @@ const void *CipherContext::SetRandomIV(int &rLengthOut) - } - - // Get length of IV -- uint8_t generated_iv[CIPHERCONTEXT_MAX_GENERATED_IV_LENGTH]; -- unsigned int ivLen = EVP_CIPHER_CTX_iv_length(BOX_OPENSSL_CTX(ctx)); -- if(ivLen > sizeof(generated_iv)) -+ unsigned int ivLen = EVP_CIPHER_CTX_iv_length(&ctx); -+ if(ivLen > sizeof(mGeneratedIV)) - { - THROW_EXCEPTION(CipherException, IVSizeImplementationLimitExceeded) - } - - // Generate some random data -- Random::Generate(generated_iv, ivLen); -- SetIV(generated_iv); -+ Random::Generate(mGeneratedIV, ivLen); -+ SetIV(mGeneratedIV); - - // Return the IV and it's length - rLengthOut = ivLen; -- return mIV.c_str(); -+ return mGeneratedIV; - } - - -@@ -617,11 +628,9 @@ const void *CipherContext::SetRandomIV(int &rLengthOut) - void CipherContext::UsePadding(bool Padding) - { - #ifndef HAVE_OLD_SSL -- if(EVP_CIPHER_CTX_set_padding(BOX_OPENSSL_CTX(ctx), Padding) != 1) -+ if(EVP_CIPHER_CTX_set_padding(&ctx, Padding) != 1) - { -- THROW_EXCEPTION_MESSAGE(CipherException, EVPSetPaddingFailure, -- "Failed to set padding for " << mCipherName << ": " << -- LogError(GetFunction())); -+ THROW_EXCEPTION(CipherException, EVPSetPaddingFailure) - } - #endif - mPaddingOn = Padding; -diff --git a/lib/crypto/CipherContext.h b/lib/crypto/CipherContext.h -index b6e97b4e..93c889d6 100644 ---- a/lib/crypto/CipherContext.h -+++ b/lib/crypto/CipherContext.h -@@ -19,22 +19,6 @@ class CipherDescription; - - #define CIPHERCONTEXT_MAX_GENERATED_IV_LENGTH 32 - --// Macros to allow compatibility with OpenSSL 1.0 and 1.1 APIs. See --// https://github.com/charybdis-ircd/charybdis/blob/release/3.5/libratbox/src/openssl_ratbox.h --// for the gory details. --#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER >= 0x10100000L) // OpenSSL >= 1.1 --# define BOX_OPENSSL_INIT_CTX(ctx) ctx = EVP_CIPHER_CTX_new(); --# define BOX_OPENSSL_CTX(ctx) ctx --# define BOX_OPENSSL_CLEANUP_CTX(ctx) EVP_CIPHER_CTX_free(ctx) --typedef EVP_CIPHER_CTX* BOX_EVP_CIPHER_CTX; --#else // OpenSSL < 1.1 --# define BOX_OPENSSL_INIT_CTX(ctx) EVP_CIPHER_CTX_init(&ctx); // no error return code, even though the docs says it does --# define BOX_OPENSSL_CTX(ctx) &ctx --# define BOX_OPENSSL_CLEANUP_CTX(ctx) EVP_CIPHER_CTX_cleanup(&ctx) --typedef EVP_CIPHER_CTX BOX_EVP_CIPHER_CTX; --#endif -- -- - // -------------------------------------------------------------------------- - // - // Class -@@ -90,14 +74,16 @@ public: - #endif - - private: -- BOX_EVP_CIPHER_CTX ctx; -+ EVP_CIPHER_CTX ctx; - bool mInitialised; - bool mWithinTransform; - bool mPaddingOn; -+ uint8_t mGeneratedIV[CIPHERCONTEXT_MAX_GENERATED_IV_LENGTH]; - CipherFunction mFunction; - std::string mCipherName; -- const CipherDescription *mpDescription; -- std::string mIV; -+#ifdef HAVE_OLD_SSL -+ CipherDescription *mpDescription; -+#endif - }; - - -diff --git a/lib/crypto/CipherException.txt b/lib/crypto/CipherException.txt -index 494ed3cc..abdbac87 100644 ---- a/lib/crypto/CipherException.txt -+++ b/lib/crypto/CipherException.txt -@@ -16,4 +16,3 @@ PseudoRandNotAvailable 12 - EVPSetPaddingFailure 13 - RandomInitFailed 14 Failed to read from random device - LengthRequestedTooLongForRandomHex 15 --AlreadyInTransform 16 Tried to initialise crypto when already in a transform -diff --git a/lib/server/TLSContext.cpp b/lib/server/TLSContext.cpp -index 1a6d4a53..35e254fd 100644 ---- a/lib/server/TLSContext.cpp -+++ b/lib/server/TLSContext.cpp -@@ -23,17 +23,6 @@ - #define MAX_VERIFICATION_DEPTH 2 - #define CIPHER_LIST "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH" - --// Macros to allow compatibility with OpenSSL 1.0 and 1.1 APIs. See --// https://github.com/charybdis-ircd/charybdis/blob/release/3.5/libratbox/src/openssl_ratbox.h --// for the gory details. --#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER >= 0x10100000L) // OpenSSL >= 1.1 --# define BOX_TLS_SERVER_METHOD TLS_server_method --# define BOX_TLS_CLIENT_METHOD TLS_client_method --#else // OpenSSL < 1.1 --# define BOX_TLS_SERVER_METHOD TLSv1_server_method --# define BOX_TLS_CLIENT_METHOD TLSv1_client_method --#endif -- - // -------------------------------------------------------------------------- - // - // Function -@@ -78,7 +67,7 @@ void TLSContext::Initialise(bool AsServer, const char *CertificatesFile, const c - ::SSL_CTX_free(mpContext); - } - -- mpContext = ::SSL_CTX_new(AsServer ? BOX_TLS_SERVER_METHOD() : BOX_TLS_CLIENT_METHOD()); -+ mpContext = ::SSL_CTX_new(AsServer?TLSv1_server_method():TLSv1_client_method()); - if(mpContext == NULL) - { - THROW_EXCEPTION(ServerException, TLSAllocationFailed) -diff --git a/test/crypto/testcrypto.cpp b/test/crypto/testcrypto.cpp -index 32d2efb8..4e623cc2 100644 ---- a/test/crypto/testcrypto.cpp -+++ b/test/crypto/testcrypto.cpp -@@ -266,7 +266,7 @@ int test(int argc, const char *argv[]) - // Check rolling checksums - uint8_t *checkdata_blk = (uint8_t *)malloc(CHECKSUM_DATA_SIZE); - uint8_t *checkdata = checkdata_blk; -- RAND_bytes(checkdata, CHECKSUM_DATA_SIZE); -+ RAND_pseudo_bytes(checkdata, CHECKSUM_DATA_SIZE); - for(int size = CHECKSUM_BLOCK_SIZE_BASE; size <= CHECKSUM_BLOCK_SIZE_LAST; ++size) - { - // Test skip-roll code diff --git a/debian/patches/series b/debian/patches/series index dd9b249c..f52e7b08 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,3 +1,2 @@ -01-revert_to_openssl_1.0.diff 03-adjust-syslog-facility.diff 05-dont_use_net_for_docs.diff diff --git a/infrastructure/cmake/CMakeLists.txt b/infrastructure/cmake/CMakeLists.txt index 25015452..65f59eb8 100644 --- a/infrastructure/cmake/CMakeLists.txt +++ b/infrastructure/cmake/CMakeLists.txt @@ -407,7 +407,26 @@ else() endif() # Link to OpenSSL -find_package(OpenSSL REQUIRED) +# Workaround for incorrect library suffixes searched by FindOpenSSL: +# https://gitlab.kitware.com/cmake/cmake/issues/17604 +if(WIN32 AND MSVC) + find_package(OpenSSL) + set(OPENSSL_SSL_LIBRARY ${SSL_EAY_RELEASE}) + set(OPENSSL_CRYPTO_LIBRARY ${LIB_EAY_RELEASE}) + set(OPENSSL_LIBRARIES ${OPENSSL_SSL_LIBRARY} ${OPENSSL_CRYPTO_LIBRARY} crypt32) + find_package_handle_standard_args(OpenSSL + REQUIRED_VARS + OPENSSL_SSL_LIBRARY + OPENSSL_CRYPTO_LIBRARY + OPENSSL_INCLUDE_DIR + VERSION_VAR + OPENSSL_VERSION + FAIL_MESSAGE + "Could NOT find OpenSSL, try to set the path to OpenSSL root folder in the system variable OPENSSL_ROOT_DIR" + ) +else() + find_package(OpenSSL REQUIRED) +endif() include_directories(${OPENSSL_INCLUDE_DIR}) target_link_libraries(lib_crypto PUBLIC ${OPENSSL_LIBRARIES}) diff --git a/infrastructure/cmake/windows/CMakeLists.txt b/infrastructure/cmake/windows/CMakeLists.txt index 0fbe35e3..49a1ea4d 100644 --- a/infrastructure/cmake/windows/CMakeLists.txt +++ b/infrastructure/cmake/windows/CMakeLists.txt @@ -15,9 +15,9 @@ set(ZLIB_VERSION 1.2.11) set(ZLIB_HASH SHA256=c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1) # Version of OpenSSL to download, build, and compile Box Backup against: -set(OPENSSL_VERSION 1.0.2j) +set(OPENSSL_VERSION 1.1.0g) # Hash of openssl-${OPENSSL_VERSION}.tar.gz, to be verified after download: -set(OPENSSL_HASH SHA256=e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431) +set(OPENSSL_HASH SHA256=de4d501267da39310905cb6dc8c6121f7a2cad45a7707f76df828fe1b85073af) # Version of PCRE to download, build, and compile Box Backup against: set(PCRE_VERSION 8.39) @@ -49,15 +49,21 @@ if(WIN32) URL "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz" URL_HASH ${OPENSSL_HASH} DOWNLOAD_NO_PROGRESS 1 - CONFIGURE_COMMAND perl Configure debug-VC-WIN32 no-asm --prefix=${install_dir} - COMMAND cmd /c ms\\do_ms.bat + CONFIGURE_COMMAND perl Configure debug-VC-WIN32 no-asm no-shared + --prefix=${install_dir} + --openssldir=etc + # Run tests before install, but don't make the main target depend on them, so that + # we don't have to run them whenever we build manually on Windows. + TEST_BEFORE_INSTALL 1 + TEST_EXCLUDE_FROM_MAIN 1 # You would expect us to use nt.mak to compile a static library here, but mk1mf.pl uses the /MT[d] # CRT in that case, which is incompatible with our dynamic runtime, /MD[d]. It seems that the libs # built by ntdll.mak, which are compiled with /MD[d], are full libraries and not import libs, # so we can link statically against them and still get a dynamic runtime. BUILD_IN_SOURCE 1 - BUILD_COMMAND nmake /s /f ms\\nt.mak - INSTALL_COMMAND nmake /s /f ms\\nt.mak install + BUILD_COMMAND nmake /s + TEST_COMMAND nmake /s test + INSTALL_COMMAND nmake /s install ) elseif(${CMAKE_SYSTEM_NAME} MATCHES "Darwin") ExternalProject_Add(openssl diff --git a/infrastructure/travis-build.sh b/infrastructure/travis-build.sh index 74b58a3d..9ee3569e 100755 --- a/infrastructure/travis-build.sh +++ b/infrastructure/travis-build.sh @@ -4,11 +4,15 @@ set -e set -x if [ "$TRAVIS_OS_NAME" = "osx" ]; then - brew update + # No need to "brew update" first: https://docs.travis-ci.com/user/reference/osx/#Homebrew + # brew update + # Travis appears to have Boost and OpenSSL installed already: # brew install boost ccache openssl - ls /usr/local /usr/local/opt /usr/local/opt/openssl - brew install ccache + ls /usr/local /usr/local/opt /usr/local/opt/openssl /usr/local/opt/openssl@1.1 + + # Use OSX builds to test OpenSSL 1.1 compatibility as well: + brew install ccache openssl@1.1 fi ccache -s @@ -20,7 +24,9 @@ if [ "$BUILD" = 'cmake' ]; then fi if [ "$TRAVIS_OS_NAME" = "osx" ]; then - EXTRA_ARGS="-DOPENSSL_ROOT_DIR=/usr/local/opt/openssl -DBOOST_ROOT=/usr/local/opt/boost" + EXTRA_ARGS=" + -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl@1.1 + -DBOOST_ROOT=/usr/local/opt/boost" fi cd `dirname $0` @@ -33,7 +39,10 @@ if [ "$BUILD" = 'cmake' ]; then [ "$TEST" = "n" ] || ctest -C $TEST_TARGET -V else if [ "$TRAVIS_OS_NAME" = "osx" ]; then - EXTRA_ARGS="--with-ssl-lib=/usr/local/opt/openssl/lib --with-ssl-headers=/usr/local/opt/openssl/include --with-boost=/usr/local/opt/boost" + EXTRA_ARGS=" + --with-ssl-lib=/usr/local/opt/openssl@1.1/lib + --with-ssl-headers=/usr/local/opt/openssl@1.1/include + --with-boost=/usr/local/opt/boost" fi cd `dirname $0`/.. diff --git a/lib/common/Guards.h b/lib/common/Guards.h index 46b6d2bd..3637b261 100644 --- a/lib/common/Guards.h +++ b/lib/common/Guards.h @@ -110,6 +110,11 @@ public: return (type)mpBlock; } + int GetSize() const + { + return mBlockSize; + } + void Resize(int NewSize) { void *ptrn = ::realloc(mpBlock, NewSize); diff --git a/lib/crypto/CipherBlowfish.h b/lib/crypto/CipherBlowfish.h index 152a265c..1894e2ac 100644 --- a/lib/crypto/CipherBlowfish.h +++ b/lib/crypto/CipherBlowfish.h @@ -41,7 +41,7 @@ public: virtual std::string GetCipherName() const { std::ostringstream out; - out << "AES"; + out << "Blowfish"; out << mKeyLength; return out.str(); } diff --git a/lib/crypto/CipherContext.cpp b/lib/crypto/CipherContext.cpp index fd149395..3f9a08b7 100644 --- a/lib/crypto/CipherContext.cpp +++ b/lib/crypto/CipherContext.cpp @@ -2,7 +2,7 @@ // // File // Name: CipherContext.cpp -// Purpose: Context for symmetric encryption / descryption +// Purpose: Context for symmetric encryption / decryption // Created: 1/12/03 // // -------------------------------------------------------------------------- @@ -50,7 +50,7 @@ CipherContext::~CipherContext() if(mInitialised) { // Clean up - EVP_CIPHER_CTX_cleanup(&ctx); + BOX_OPENSSL_CLEANUP_CTX(ctx); mInitialised = false; } #ifdef HAVE_OLD_SSL @@ -98,7 +98,7 @@ void CipherContext::Init(CipherContext::CipherFunction Function, const CipherDes // Check for bad usage if(mInitialised) { - THROW_EXCEPTION(CipherException, AlreadyInitialised) + THROW_EXCEPTION(CipherException, AlreadyInitialised); } if(Function != Decrypt && Function != Encrypt) { @@ -109,20 +109,21 @@ void CipherContext::Init(CipherContext::CipherFunction Function, const CipherDes mFunction = Function; // Initialise the cipher -#ifndef HAVE_OLD_SSL - EVP_CIPHER_CTX_init(&ctx); // no error return code, even though the docs says it does - - if(EVP_CipherInit_ex(&ctx, rDescription.GetCipher(), NULL, NULL, NULL, - (mFunction == Encrypt) ? 1 : 0) != 1) -#else +#ifdef HAVE_OLD_SSL // Use old version of init call if(EVP_CipherInit(&ctx, rDescription.GetCipher(), NULL, NULL, (mFunction == Encrypt) ? 1 : 0) != 1) +#else + BOX_OPENSSL_INIT_CTX(ctx); + + // Don't set key or IV yet, because we will modify the parameters: + if(EVP_CipherInit_ex(BOX_OPENSSL_CTX(ctx), rDescription.GetCipher(), NULL, NULL, NULL, + (mFunction == Encrypt) ? 1 : 0) != 1) #endif { THROW_EXCEPTION_MESSAGE(CipherException, EVPInitFailure, "Failed to initialise " << rDescription.GetFullName() - << "cipher: " << LogError("initialising cipher")); + << ": " << LogError("initialising cipher")); } try @@ -130,22 +131,22 @@ void CipherContext::Init(CipherContext::CipherFunction Function, const CipherDes mCipherName = rDescription.GetFullName(); #ifndef HAVE_OLD_SSL // Let the description set up everything else - rDescription.SetupParameters(&ctx); + mpDescription = &rDescription; #else // With the old version, a copy needs to be taken first. mpDescription = rDescription.Clone(); // Mark it as not a leak, otherwise static cipher contexts // cause spurious memory leaks to be reported MEMLEAKFINDER_NOT_A_LEAK(mpDescription); - mpDescription->SetupParameters(&ctx); #endif + mpDescription->SetupParameters(BOX_OPENSSL_CTX(ctx)); } catch(...) { THROW_EXCEPTION_MESSAGE(CipherException, EVPInitFailure, - "Failed to configure " << mCipherName << " cipher: " << + "Failed to configure " << mCipherName << ": " << LogError("configuring cipher")); - EVP_CIPHER_CTX_cleanup(&ctx); + BOX_OPENSSL_CLEANUP_CTX(ctx); throw; } @@ -166,7 +167,7 @@ void CipherContext::Reset() if(mInitialised) { // Clean up - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_cleanup(BOX_OPENSSL_CTX(ctx)); mInitialised = false; } #ifdef HAVE_OLD_SSL @@ -192,24 +193,21 @@ void CipherContext::Begin() { if(!mInitialised) { - THROW_EXCEPTION(CipherException, NotInitialised) + THROW_EXCEPTION(CipherException, NotInitialised); } - // Warn if in a transformation (not an error, because a context might not have been finalised if an exception occured) if(mWithinTransform) { - BOX_WARNING("CipherContext::Begin called when context " - "flagged as within a transform"); + THROW_EXCEPTION(CipherException, AlreadyInTransform); } - // Initialise the cipher context again - if(EVP_CipherInit(&ctx, NULL, NULL, NULL, -1) != 1) + if(EVP_CipherInit_ex(BOX_OPENSSL_CTX(ctx), NULL, NULL, NULL, NULL, + -1) != 1) { THROW_EXCEPTION_MESSAGE(CipherException, EVPInitFailure, - "Failed to reset " << mCipherName << " cipher: " << - LogError("resetting cipher")); + "Failed to set IV for " << mCipherName << ": " << LogError(GetFunction())); } - + // Mark as being within a transform mWithinTransform = true; } @@ -251,18 +249,18 @@ int CipherContext::Transform(void *pOutBuffer, int OutLength, const void *pInBuf } // Check output buffer size - if(OutLength < (InLength + EVP_CIPHER_CTX_block_size(&ctx))) + if(OutLength < (InLength + EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx)))) { THROW_EXCEPTION(CipherException, OutputBufferTooSmall); } // Do the transform int outLength = OutLength; - if(EVP_CipherUpdate(&ctx, (unsigned char*)pOutBuffer, &outLength, (unsigned char*)pInBuffer, InLength) != 1) + if(EVP_CipherUpdate(BOX_OPENSSL_CTX(ctx), (unsigned char*)pOutBuffer, &outLength, + (unsigned char*)pInBuffer, InLength) != 1) { THROW_EXCEPTION_MESSAGE(CipherException, EVPUpdateFailure, - "Failed to " << GetFunction() << " (update) " << - mCipherName << " cipher: " << LogError(GetFunction())); + "Failed to update " << mCipherName << ": " << LogError(GetFunction())); } return outLength; @@ -300,7 +298,7 @@ int CipherContext::Final(void *pOutBuffer, int OutLength) } // Check output buffer size - if(OutLength < (2 * EVP_CIPHER_CTX_block_size(&ctx))) + if(OutLength < (2 * EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx)))) { THROW_EXCEPTION(CipherException, OutputBufferTooSmall); } @@ -308,12 +306,11 @@ int CipherContext::Final(void *pOutBuffer, int OutLength) // Do the transform int outLength = OutLength; #ifndef HAVE_OLD_SSL - if(EVP_CipherFinal(&ctx, (unsigned char*)pOutBuffer, &outLength) != 1) + if(EVP_CipherFinal(BOX_OPENSSL_CTX(ctx), (unsigned char*)pOutBuffer, &outLength) != 1) { mWithinTransform = false; THROW_EXCEPTION_MESSAGE(CipherException, EVPFinalFailure, - "Failed to " << GetFunction() << " (final) " << - mCipherName << " cipher: " << LogError(GetFunction())); + "Failed to finalise " << mCipherName << ": " << LogError(GetFunction())); } #else OldOpenSSLFinal((unsigned char*)pOutBuffer, outLength); @@ -340,11 +337,11 @@ void CipherContext::OldOpenSSLFinal(unsigned char *Buffer, int &rOutLengthOut) // Old version needs to use a different form, and then set up the cipher again for next time around int outLength = rOutLengthOut; // Have to emulate padding off... - int blockSize = EVP_CIPHER_CTX_block_size(&ctx); + int blockSize = EVP_CIPHER_CTX_block_size(ctx); if(mPaddingOn) { // Just use normal final call - if(EVP_CipherFinal(&ctx, Buffer, &outLength) != 1) + if(EVP_CipherFinal(ctx, Buffer, &outLength) != 1) { THROW_EXCEPTION(CipherException, EVPFinalFailure) } @@ -357,13 +354,13 @@ void CipherContext::OldOpenSSLFinal(unsigned char *Buffer, int &rOutLengthOut) { // NASTY -- fiddling around with internals like this is bad. // But only way to get this working on old versions of OpenSSL. - if(!EVP_EncryptUpdate(&ctx,Buffer,&outLength,ctx.buf,0) + if(!EVP_EncryptUpdate(ctx,Buffer,&outLength,ctx.buf,0) || outLength != blockSize) { THROW_EXCEPTION(CipherException, EVPFinalFailure) } // Clean up - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); } else { @@ -391,7 +388,7 @@ void CipherContext::OldOpenSSLFinal(unsigned char *Buffer, int &rOutLengthOut) } } // Reinitialise the cipher for the next time around - if(EVP_CipherInit(&ctx, mpDescription->GetCipher(), NULL, NULL, + if(EVP_CipherInit_ex(&ctx, mpDescription->GetCipher(), NULL, NULL, NULL, (mFunction == Encrypt) ? 1 : 0) != 1) { THROW_EXCEPTION(CipherException, EVPInitFailure) @@ -421,7 +418,7 @@ int CipherContext::InSizeForOutBufferSize(int OutLength) // Strictly speaking, the *2 is unnecessary. However... // Final() is paranoid, and requires two input blocks of space to work. - return OutLength - (EVP_CIPHER_CTX_block_size(&ctx) * 2); + return OutLength - (EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx)) * 2); } // -------------------------------------------------------------------------- @@ -442,7 +439,7 @@ int CipherContext::MaxOutSizeForInBufferSize(int InLength) // Final() is paranoid, and requires two input blocks of space to work, and so we need to add // three blocks on to be absolutely sure. - return InLength + (EVP_CIPHER_CTX_block_size(&ctx) * 3); + return InLength + (EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx)) * 3); } @@ -460,7 +457,7 @@ int CipherContext::TransformBlock(void *pOutBuffer, int OutLength, const void *p { THROW_EXCEPTION(CipherException, NotInitialised) } - + // Warn if in a transformation if(mWithinTransform) { @@ -469,7 +466,7 @@ int CipherContext::TransformBlock(void *pOutBuffer, int OutLength, const void *p } // Check output buffer size - if(OutLength < (InLength + EVP_CIPHER_CTX_block_size(&ctx))) + if(OutLength < (InLength + EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx)))) { // Check if padding is off, in which case the buffer can be smaller if(!mPaddingOn && OutLength <= InLength) @@ -481,40 +478,40 @@ int CipherContext::TransformBlock(void *pOutBuffer, int OutLength, const void *p THROW_EXCEPTION(CipherException, OutputBufferTooSmall); } } - + // Initialise the cipher context again - if(EVP_CipherInit(&ctx, NULL, NULL, NULL, -1) != 1) + if(EVP_CipherInit_ex(BOX_OPENSSL_CTX(ctx), NULL, NULL, NULL, NULL, -1) != 1) { THROW_EXCEPTION(CipherException, EVPInitFailure) } // Do the entire block - int outLength = 0; + int output_space_used = OutLength; // Update - outLength = OutLength; - if(EVP_CipherUpdate(&ctx, (unsigned char*)pOutBuffer, &outLength, (unsigned char*)pInBuffer, InLength) != 1) + if(EVP_CipherUpdate(BOX_OPENSSL_CTX(ctx), (unsigned char*)pOutBuffer, &output_space_used, + (unsigned char*)pInBuffer, InLength) != 1) { THROW_EXCEPTION_MESSAGE(CipherException, EVPUpdateFailure, - "Failed to " << GetFunction() << " (update) " << - mCipherName << " cipher: " << LogError(GetFunction())); + "Failed to update " << mCipherName << ": " << LogError(GetFunction())); } // Finalise - int outLength2 = OutLength - outLength; -#ifndef HAVE_OLD_SSL - if(EVP_CipherFinal(&ctx, ((unsigned char*)pOutBuffer) + outLength, &outLength2) != 1) + int output_space_remain = OutLength - output_space_used; + +#ifdef HAVE_OLD_SSL + OldOpenSSLFinal(((unsigned char*)pOutBuffer) + output_space_used, output_space_remain); +#else + if(EVP_CipherFinal(BOX_OPENSSL_CTX(ctx), ((unsigned char*)pOutBuffer) + output_space_used, + &output_space_remain) != 1) { THROW_EXCEPTION_MESSAGE(CipherException, EVPFinalFailure, - "Failed to " << GetFunction() << " (final) " << - mCipherName << " cipher: " << LogError(GetFunction())); + "Failed to finalise " << mCipherName << ": " << LogError(GetFunction())); } -#else - OldOpenSSLFinal(((unsigned char*)pOutBuffer) + outLength, outLength2); #endif - outLength += outLength2; - return outLength; + mWithinTransform = false; + return output_space_used + output_space_remain; } @@ -533,7 +530,7 @@ int CipherContext::GetIVLength() THROW_EXCEPTION(CipherException, NotInitialised) } - return EVP_CIPHER_CTX_iv_length(&ctx); + return EVP_CIPHER_CTX_iv_length(BOX_OPENSSL_CTX(ctx)); } @@ -560,11 +557,10 @@ void CipherContext::SetIV(const void *pIV) } // Set IV - if(EVP_CipherInit(&ctx, NULL, NULL, (unsigned char *)pIV, -1) != 1) + if(EVP_CipherInit_ex(BOX_OPENSSL_CTX(ctx), NULL, NULL, NULL, (unsigned char *)pIV, -1) != 1) { THROW_EXCEPTION_MESSAGE(CipherException, EVPInitFailure, - "Failed to " << GetFunction() << " (set IV) " << - mCipherName << " cipher: " << LogError(GetFunction())); + "Failed to set IV for " << mCipherName << ": " << LogError(GetFunction())); } #ifdef HAVE_OLD_SSL @@ -601,7 +597,7 @@ const void *CipherContext::SetRandomIV(int &rLengthOut) } // Get length of IV - unsigned int ivLen = EVP_CIPHER_CTX_iv_length(&ctx); + unsigned int ivLen = EVP_CIPHER_CTX_iv_length(BOX_OPENSSL_CTX(ctx)); if(ivLen > sizeof(mGeneratedIV)) { THROW_EXCEPTION(CipherException, IVSizeImplementationLimitExceeded) @@ -628,9 +624,11 @@ const void *CipherContext::SetRandomIV(int &rLengthOut) void CipherContext::UsePadding(bool Padding) { #ifndef HAVE_OLD_SSL - if(EVP_CIPHER_CTX_set_padding(&ctx, Padding) != 1) + if(EVP_CIPHER_CTX_set_padding(BOX_OPENSSL_CTX(ctx), Padding) != 1) { - THROW_EXCEPTION(CipherException, EVPSetPaddingFailure) + THROW_EXCEPTION_MESSAGE(CipherException, EVPSetPaddingFailure, + "Failed to set padding for " << mCipherName << ": " << + LogError(GetFunction())); } #endif mPaddingOn = Padding; diff --git a/lib/crypto/CipherContext.h b/lib/crypto/CipherContext.h index 93c889d6..a0e45266 100644 --- a/lib/crypto/CipherContext.h +++ b/lib/crypto/CipherContext.h @@ -19,6 +19,22 @@ class CipherDescription; #define CIPHERCONTEXT_MAX_GENERATED_IV_LENGTH 32 +// Macros to allow compatibility with OpenSSL 1.0 and 1.1 APIs. See +// https://github.com/charybdis-ircd/charybdis/blob/release/3.5/libratbox/src/openssl_ratbox.h +// for the gory details. +#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER >= 0x10100000L) // OpenSSL >= 1.1 +# define BOX_OPENSSL_INIT_CTX(ctx) ctx = EVP_CIPHER_CTX_new(); +# define BOX_OPENSSL_CTX(ctx) ctx +# define BOX_OPENSSL_CLEANUP_CTX(ctx) EVP_CIPHER_CTX_free(ctx) +typedef EVP_CIPHER_CTX* BOX_EVP_CIPHER_CTX; +#else // OpenSSL < 1.1 +# define BOX_OPENSSL_INIT_CTX(ctx) EVP_CIPHER_CTX_init(&ctx); // no error return code, even though the docs says it does +# define BOX_OPENSSL_CTX(ctx) &ctx +# define BOX_OPENSSL_CLEANUP_CTX(ctx) EVP_CIPHER_CTX_cleanup(&ctx) +typedef EVP_CIPHER_CTX BOX_EVP_CIPHER_CTX; +#endif + + // -------------------------------------------------------------------------- // // Class @@ -74,16 +90,14 @@ public: #endif private: - EVP_CIPHER_CTX ctx; + BOX_EVP_CIPHER_CTX ctx; bool mInitialised; bool mWithinTransform; bool mPaddingOn; uint8_t mGeneratedIV[CIPHERCONTEXT_MAX_GENERATED_IV_LENGTH]; CipherFunction mFunction; std::string mCipherName; -#ifdef HAVE_OLD_SSL - CipherDescription *mpDescription; -#endif + const CipherDescription *mpDescription; }; diff --git a/lib/crypto/CipherException.txt b/lib/crypto/CipherException.txt index abdbac87..494ed3cc 100644 --- a/lib/crypto/CipherException.txt +++ b/lib/crypto/CipherException.txt @@ -16,3 +16,4 @@ PseudoRandNotAvailable 12 EVPSetPaddingFailure 13 RandomInitFailed 14 Failed to read from random device LengthRequestedTooLongForRandomHex 15 +AlreadyInTransform 16 Tried to initialise crypto when already in a transform diff --git a/lib/server/TLSContext.cpp b/lib/server/TLSContext.cpp index 35e254fd..1a6d4a53 100644 --- a/lib/server/TLSContext.cpp +++ b/lib/server/TLSContext.cpp @@ -23,6 +23,17 @@ #define MAX_VERIFICATION_DEPTH 2 #define CIPHER_LIST "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH" +// Macros to allow compatibility with OpenSSL 1.0 and 1.1 APIs. See +// https://github.com/charybdis-ircd/charybdis/blob/release/3.5/libratbox/src/openssl_ratbox.h +// for the gory details. +#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER >= 0x10100000L) // OpenSSL >= 1.1 +# define BOX_TLS_SERVER_METHOD TLS_server_method +# define BOX_TLS_CLIENT_METHOD TLS_client_method +#else // OpenSSL < 1.1 +# define BOX_TLS_SERVER_METHOD TLSv1_server_method +# define BOX_TLS_CLIENT_METHOD TLSv1_client_method +#endif + // -------------------------------------------------------------------------- // // Function @@ -67,7 +78,7 @@ void TLSContext::Initialise(bool AsServer, const char *CertificatesFile, const c ::SSL_CTX_free(mpContext); } - mpContext = ::SSL_CTX_new(AsServer?TLSv1_server_method():TLSv1_client_method()); + mpContext = ::SSL_CTX_new(AsServer ? BOX_TLS_SERVER_METHOD() : BOX_TLS_CLIENT_METHOD()); if(mpContext == NULL) { THROW_EXCEPTION(ServerException, TLSAllocationFailed) diff --git a/test/backupstore/testbackupstore.cpp b/test/backupstore/testbackupstore.cpp index 6441d66c..891d1461 100644 --- a/test/backupstore/testbackupstore.cpp +++ b/test/backupstore/testbackupstore.cpp @@ -274,81 +274,95 @@ bool test_filename_encoding() SETUP_TEST_BACKUPSTORE(); // test some basics -- encoding and decoding filenames + + // Make some filenames in various ways + BackupStoreFilenameClear fn1; + fn1.SetClearFilename(std::string("filenameXYZ")); + BackupStoreFilenameClear fn2(std::string("filenameXYZ")); + BackupStoreFilenameClear fn3(fn1); + TEST_THAT(fn1 == fn2); + TEST_THAT(fn1 == fn3); + + // Check that it's been encrypted + std::string name(fn2.GetEncodedFilename()); + TEST_THAT(name.find("name") == name.npos); + + // Bung it in a stream, get it out in a Clear filename { - // Make some filenames in various ways - BackupStoreFilenameClear fn1; - fn1.SetClearFilename(std::string("filenameXYZ")); - BackupStoreFilenameClear fn2(std::string("filenameXYZ")); - BackupStoreFilenameClear fn3(fn1); - TEST_THAT(fn1 == fn2); - TEST_THAT(fn1 == fn3); + CollectInBufferStream stream; + fn1.WriteToStream(stream); + stream.SetForReading(); + BackupStoreFilenameClear fn4; + fn4.ReadFromStream(stream, IOStream::TimeOutInfinite); + TEST_THAT(fn4.GetClearFilename() == "filenameXYZ"); + TEST_THAT(fn4 == fn1); + } - // Check that it's been encrypted - std::string name(fn2.GetEncodedFilename()); - TEST_THAT(name.find("name") == name.npos); + // Bung it in a stream, get it out in a server non-Clear filename (two of them into the same var) + { + BackupStoreFilenameClear fno("pinglet dksfnsf jksjdf "); + CollectInBufferStream stream; + fn1.WriteToStream(stream); + fno.WriteToStream(stream); + stream.SetForReading(); + BackupStoreFilename fn5; + fn5.ReadFromStream(stream, IOStream::TimeOutInfinite); + TEST_THAT(fn5 == fn1); + fn5.ReadFromStream(stream, IOStream::TimeOutInfinite); + TEST_THAT(fn5 == fno); + } - // Bung it in a stream, get it out in a Clear filename - { - CollectInBufferStream stream; - fn1.WriteToStream(stream); - stream.SetForReading(); - BackupStoreFilenameClear fn4; - fn4.ReadFromStream(stream, IOStream::TimeOutInfinite); - TEST_THAT(fn4.GetClearFilename() == "filenameXYZ"); - TEST_THAT(fn4 == fn1); - } + // Same again with clear strings + { + BackupStoreFilenameClear fno("pinglet dksfnsf jksjdf "); + CollectInBufferStream stream; + fn1.WriteToStream(stream); + fno.WriteToStream(stream); + stream.SetForReading(); + BackupStoreFilenameClear fn5; + fn5.ReadFromStream(stream, IOStream::TimeOutInfinite); + TEST_THAT(fn5.GetClearFilename() == "filenameXYZ"); + fn5.ReadFromStream(stream, IOStream::TimeOutInfinite); + TEST_THAT(fn5.GetClearFilename() == "pinglet dksfnsf jksjdf "); + } - // Bung it in a stream, get it out in a server non-Clear filename (two of them into the same var) - { - BackupStoreFilenameClear fno("pinglet dksfnsf jksjdf "); - CollectInBufferStream stream; - fn1.WriteToStream(stream); - fno.WriteToStream(stream); - stream.SetForReading(); - BackupStoreFilename fn5; - fn5.ReadFromStream(stream, IOStream::TimeOutInfinite); - TEST_THAT(fn5 == fn1); - fn5.ReadFromStream(stream, IOStream::TimeOutInfinite); - TEST_THAT(fn5 == fno); - } + // Test a very big filename + { + const char *fnr = "01234567890123456789012345678901234567890123456789" + "01234567890123456789012345678901234567890123456789" + "01234567890123456789012345678901234567890123456789" + "01234567890123456789012345678901234567890123456789" + "01234567890123456789012345678901234567890123456789" + "01234567890123456789012345678901234567890123456789" + "01234567890123456789012345678901234567890123456789" + "01234567890123456789012345678901234567890123456789"; + BackupStoreFilenameClear fnLong(fnr); + CollectInBufferStream stream; + fnLong.WriteToStream(stream); + stream.SetForReading(); + BackupStoreFilenameClear fn9; + fn9.ReadFromStream(stream, IOStream::TimeOutInfinite); + TEST_THAT(fn9.GetClearFilename() == fnr); + TEST_THAT(fn9 == fnLong); + } - // Same again with clear strings - { - BackupStoreFilenameClear fno("pinglet dksfnsf jksjdf "); - CollectInBufferStream stream; - fn1.WriteToStream(stream); - fno.WriteToStream(stream); - stream.SetForReading(); - BackupStoreFilenameClear fn5; - fn5.ReadFromStream(stream, IOStream::TimeOutInfinite); - TEST_THAT(fn5.GetClearFilename() == "filenameXYZ"); - fn5.ReadFromStream(stream, IOStream::TimeOutInfinite); - TEST_THAT(fn5.GetClearFilename() == "pinglet dksfnsf jksjdf "); - } - - // Test a very big filename - { - const char *fnr = "01234567890123456789012345678901234567890123456789" - "01234567890123456789012345678901234567890123456789" - "01234567890123456789012345678901234567890123456789" - "01234567890123456789012345678901234567890123456789" - "01234567890123456789012345678901234567890123456789" - "01234567890123456789012345678901234567890123456789" - "01234567890123456789012345678901234567890123456789" - "01234567890123456789012345678901234567890123456789"; - BackupStoreFilenameClear fnLong(fnr); - CollectInBufferStream stream; - fnLong.WriteToStream(stream); - stream.SetForReading(); - BackupStoreFilenameClear fn9; - fn9.ReadFromStream(stream, IOStream::TimeOutInfinite); - TEST_THAT(fn9.GetClearFilename() == fnr); - TEST_THAT(fn9 == fnLong); - } + // Test a filename which went wrong once + { + BackupStoreFilenameClear dodgy("content-negotiation.html"); + } - // Test a filename which went wrong once - { - BackupStoreFilenameClear dodgy("content-negotiation.html"); + // Test that we can decrypt filenames in a previously-encrypted directory, to detect + // regressions of the encryption setup: + { + FileStream dir_file("testfiles/encrypted.dir"); + BackupStoreDirectory dir(dir_file); + TEST_EQUAL(2, dir.GetNumberOfEntries()); + BackupStoreDirectory::Entry* en = dir.FindEntryByID(0x2); + TEST_THAT(en != NULL); + if(en) + { + BackupStoreFilenameClear clear(en->GetName()); + TEST_EQUAL("lovely_directory", clear.GetClearFilename()); } } diff --git a/test/backupstore/testfiles/encrypted.dir b/test/backupstore/testfiles/encrypted.dir Binary files differnew file mode 100644 index 00000000..db46feca --- /dev/null +++ b/test/backupstore/testfiles/encrypted.dir diff --git a/test/crypto/testcrypto.cpp b/test/crypto/testcrypto.cpp index 4e623cc2..200bdd0f 100644 --- a/test/crypto/testcrypto.cpp +++ b/test/crypto/testcrypto.cpp @@ -12,13 +12,15 @@ #include <string.h> #include <openssl/rand.h> -#include "Test.h" #include "CipherContext.h" #include "CipherBlowfish.h" #include "CipherAES.h" #include "CipherException.h" +#include "CollectInBufferStream.h" +#include "Guards.h" #include "RollingChecksum.h" #include "Random.h" +#include "Test.h" #include "MemLeakFindOn.h" @@ -33,6 +35,12 @@ #define CHECKSUM_BLOCK_SIZE_LAST (CHECKSUM_BLOCK_SIZE_BASE + 64) #define CHECKSUM_ROLLS 16 +// Copied from BackupClientCryptoKeys.h +#define BACKUPCRYPTOKEYS_FILENAME_KEY_START 0 +#define BACKUPCRYPTOKEYS_FILENAME_KEY_LENGTH 56 +#define BACKUPCRYPTOKEYS_FILENAME_IV_START (0 + BACKUPCRYPTOKEYS_FILENAME_KEY_LENGTH) +#define BACKUPCRYPTOKEYS_FILENAME_IV_LENGTH 8 + void check_random_int(uint32_t max) { for(int c = 0; c < 1024; ++c) @@ -262,11 +270,75 @@ int test(int argc, const char *argv[]) ::printf("Skipping AES -- not supported by version of OpenSSL in use.\n"); #endif + // Test with known plaintext and ciphertext (correct algorithm used, etc) + { + FileStream keyfile("testfiles/bbackupd.keys"); + // Ideally we would use a 448 bit (56 byte) key here, since that's what we do in + // real life, but unfortunately the OpenSSL command-line tool only supports 128-bit + // Blowfish keys, so it's hard to generate a reference ciphertext unless we restrict + // ourselves to what OpenSSL can support too. + // https://security.stackexchange.com/questions/25393/openssl-blowfish-key-limited-to-256-bits + char key[16], iv[BACKUPCRYPTOKEYS_FILENAME_IV_LENGTH]; + + if(!keyfile.ReadFullBuffer(key, sizeof(key), 0)) + { + TEST_FAIL_WITH_MESSAGE("Failed to read full key length from file"); + } + + keyfile.Seek(BACKUPCRYPTOKEYS_FILENAME_KEY_LENGTH, IOStream::SeekType_Absolute); + if(!keyfile.ReadFullBuffer(iv, sizeof(iv), 0)) + { + TEST_FAIL_WITH_MESSAGE("Failed to read full IV length from file"); + } + + CipherContext encryptor; + CipherContext decryptor; + + encryptor.Reset(); + encryptor.Init(CipherContext::Encrypt, CipherBlowfish(CipherDescription::Mode_CBC, key, sizeof(key))); + ASSERT(encryptor.GetIVLength() == sizeof(iv)); + encryptor.SetIV(iv); + + decryptor.Reset(); + decryptor.Init(CipherContext::Decrypt, CipherBlowfish(CipherDescription::Mode_CBC, key, sizeof(key))); + ASSERT(decryptor.GetIVLength() == sizeof(iv)); + decryptor.SetIV(iv); + + // The encrypted file bfdlink.h.enc was generated with the following command: + // key=`dd if=bbackupd.keys bs=1 count=16 | hexdump -e '/1 "%02x"'` + // iv=`dd if=bbackupd.keys bs=1 skip=56 count=8 | hexdump -e '/1 "%02x"'` + // openssl enc -bf -in bfdlink.h -K $key -iv $iv + // And has MD5 checksum 586b65fdd07474bc139c0795d344d8ad + FileStream plaintext_file("testfiles/bfdlink.h", O_RDONLY); + FileStream ciphertext_file("testfiles/bfdlink.h.enc", O_RDONLY); + + CollectInBufferStream plaintext, ciphertext; + plaintext_file.CopyStreamTo(plaintext); + ciphertext_file.CopyStreamTo(ciphertext); + plaintext.SetForReading(); + ciphertext.SetForReading(); + + MemoryBlockGuard<void *> encrypted( + encryptor.MaxOutSizeForInBufferSize(ciphertext.GetSize())); + + int encrypted_size = encryptor.TransformBlock(encrypted.GetPtr(), + encrypted.GetSize(), plaintext.GetBuffer(), plaintext.GetSize()); + TEST_EQUAL(ciphertext.GetSize(), encrypted_size); + TEST_EQUAL(0, memcmp(encrypted.GetPtr(), ciphertext.GetBuffer(), encrypted_size)); + + MemoryBlockGuard<void *> decrypted(ciphertext.GetSize() + 16); + + int decrypted_size = decryptor.TransformBlock(decrypted.GetPtr(), + decrypted.GetSize(), encrypted.GetPtr(), encrypted_size); + TEST_EQUAL(plaintext.GetSize(), decrypted_size); + TEST_EQUAL(0, memcmp(decrypted.GetPtr(), plaintext.GetBuffer(), decrypted_size)); + } + ::printf("Misc...\n"); // Check rolling checksums uint8_t *checkdata_blk = (uint8_t *)malloc(CHECKSUM_DATA_SIZE); uint8_t *checkdata = checkdata_blk; - RAND_pseudo_bytes(checkdata, CHECKSUM_DATA_SIZE); + RAND_bytes(checkdata, CHECKSUM_DATA_SIZE); for(int size = CHECKSUM_BLOCK_SIZE_BASE; size <= CHECKSUM_BLOCK_SIZE_LAST; ++size) { // Test skip-roll code diff --git a/test/crypto/testfiles/bbackupd.keys b/test/crypto/testfiles/bbackupd.keys Binary files differnew file mode 100644 index 00000000..4c58fc22 --- /dev/null +++ b/test/crypto/testfiles/bbackupd.keys diff --git a/test/crypto/testfiles/bfdlink.h b/test/crypto/testfiles/bfdlink.h new file mode 100755 index 00000000..29eeb661 --- /dev/null +++ b/test/crypto/testfiles/bfdlink.h @@ -0,0 +1,555 @@ +/* bfdlink.h -- header file for BFD link routines + Copyright 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000 + Free Software Foundation, Inc. + Written by Steve Chamberlain and Ian Lance Taylor, Cygnus Support. + +This file is part of BFD, the Binary File Descriptor library. + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ + +#ifndef BFDLINK_H +#define BFDLINK_H + +/* Which symbols to strip during a link. */ +enum bfd_link_strip +{ + strip_none, /* Don't strip any symbols. */ + strip_debugger, /* Strip debugging symbols. */ + strip_some, /* keep_hash is the list of symbols to keep. */ + strip_all /* Strip all symbols. */ +}; + +/* Which local symbols to discard during a link. This is irrelevant + if strip_all is used. */ +enum bfd_link_discard +{ + discard_none, /* Don't discard any locals. */ + discard_l, /* Discard local temporary symbols. */ + discard_all /* Discard all locals. */ +}; + +/* These are the possible types of an entry in the BFD link hash + table. */ + +enum bfd_link_hash_type +{ + bfd_link_hash_new, /* Symbol is new. */ + bfd_link_hash_undefined, /* Symbol seen before, but undefined. */ + bfd_link_hash_undefweak, /* Symbol is weak and undefined. */ + bfd_link_hash_defined, /* Symbol is defined. */ + bfd_link_hash_defweak, /* Symbol is weak and defined. */ + bfd_link_hash_common, /* Symbol is common. */ + bfd_link_hash_indirect, /* Symbol is an indirect link. */ + bfd_link_hash_warning /* Like indirect, but warn if referenced. */ +}; + +/* The linking routines use a hash table which uses this structure for + its elements. */ + +struct bfd_link_hash_entry +{ + /* Base hash table entry structure. */ + struct bfd_hash_entry root; + /* Type of this entry. */ + enum bfd_link_hash_type type; + + /* Undefined and common symbols are kept in a linked list through + this field. This field is not in the union because that would + force us to remove entries from the list when we changed their + type, which would force the list to be doubly linked, which would + waste more memory. When an undefined or common symbol is + created, it should be added to this list, the head of which is in + the link hash table itself. As symbols are defined, they need + not be removed from the list; anything which reads the list must + doublecheck the symbol type. + + Weak symbols are not kept on this list. + + Defined and defweak symbols use this field as a reference marker. + If the field is not NULL, or this structure is the tail of the + undefined symbol list, the symbol has been referenced. If the + symbol is undefined and becomes defined, this field will + automatically be non-NULL since the symbol will have been on the + undefined symbol list. */ + struct bfd_link_hash_entry *next; + /* A union of information depending upon the type. */ + union + { + /* Nothing is kept for bfd_hash_new. */ + /* bfd_link_hash_undefined, bfd_link_hash_undefweak. */ + struct + { + bfd *abfd; /* BFD symbol was found in. */ + } undef; + /* bfd_link_hash_defined, bfd_link_hash_defweak. */ + struct + { + bfd_vma value; /* Symbol value. */ + asection *section; /* Symbol section. */ + } def; + /* bfd_link_hash_indirect, bfd_link_hash_warning. */ + struct + { + struct bfd_link_hash_entry *link; /* Real symbol. */ + const char *warning; /* Warning (bfd_link_hash_warning only). */ + } i; + /* bfd_link_hash_common. */ + struct + { + /* The linker needs to know three things about common + symbols: the size, the alignment, and the section in + which the symbol should be placed. We store the size + here, and we allocate a small structure to hold the + section and the alignment. The alignment is stored as a + power of two. We don't store all the information + directly because we don't want to increase the size of + the union; this structure is a major space user in the + linker. */ + bfd_size_type size; /* Common symbol size. */ + struct bfd_link_hash_common_entry + { + unsigned int alignment_power; /* Alignment. */ + asection *section; /* Symbol section. */ + } *p; + } c; + } u; +}; + +/* This is the link hash table. It is a derived class of + bfd_hash_table. */ + +struct bfd_link_hash_table +{ + /* The hash table itself. */ + struct bfd_hash_table table; + /* The back end which created this hash table. This indicates the + type of the entries in the hash table, which is sometimes + important information when linking object files of different + types together. */ + const bfd_target *creator; + /* A linked list of undefined and common symbols, linked through the + next field in the bfd_link_hash_entry structure. */ + struct bfd_link_hash_entry *undefs; + /* Entries are added to the tail of the undefs list. */ + struct bfd_link_hash_entry *undefs_tail; +}; + +/* Look up an entry in a link hash table. If FOLLOW is true, this + follows bfd_link_hash_indirect and bfd_link_hash_warning links to + the real symbol. */ +extern struct bfd_link_hash_entry *bfd_link_hash_lookup + PARAMS ((struct bfd_link_hash_table *, const char *, boolean create, + boolean copy, boolean follow)); + +/* Look up an entry in the main linker hash table if the symbol might + be wrapped. This should only be used for references to an + undefined symbol, not for definitions of a symbol. */ + +extern struct bfd_link_hash_entry *bfd_wrapped_link_hash_lookup + PARAMS ((bfd *, struct bfd_link_info *, const char *, boolean, boolean, + boolean)); + +/* Traverse a link hash table. */ +extern void bfd_link_hash_traverse + PARAMS ((struct bfd_link_hash_table *, + boolean (*) (struct bfd_link_hash_entry *, PTR), + PTR)); + +/* Add an entry to the undefs list. */ +extern void bfd_link_add_undef + PARAMS ((struct bfd_link_hash_table *, struct bfd_link_hash_entry *)); + +/* This structure holds all the information needed to communicate + between BFD and the linker when doing a link. */ + +struct bfd_link_info +{ + /* Function callbacks. */ + const struct bfd_link_callbacks *callbacks; + /* true if BFD should generate a relocateable object file. */ + boolean relocateable; + /* true if BFD should generate relocation information in the final executable. */ + boolean emitrelocations; + /* true if BFD should generate a "task linked" object file, + similar to relocatable but also with globals converted to statics. */ + boolean task_link; + /* true if BFD should generate a shared object. */ + boolean shared; + /* true if BFD should pre-bind symbols in a shared object. */ + boolean symbolic; + /* true if shared objects should be linked directly, not shared. */ + boolean static_link; + /* true if the output file should be in a traditional format. This + is equivalent to the setting of the BFD_TRADITIONAL_FORMAT flag + on the output file, but may be checked when reading the input + files. */ + boolean traditional_format; + /* true if we want to produced optimized output files. This might + need much more time and therefore must be explicitly selected. */ + boolean optimize; + /* true if BFD should generate errors for undefined symbols + even if generating a shared object. */ + boolean no_undefined; + /* true if BFD should allow undefined symbols in shared objects even + when no_undefined is set to disallow undefined symbols. The net + result will be that undefined symbols in regular objects will + still trigger an error, but undefined symbols in shared objects + will be ignored. The implementation of no_undefined makes the + assumption that the runtime linker will choke on undefined + symbols. However there is at least one system (BeOS) where + undefined symbols in shared libraries is normal since the kernel + patches them at load time to select which function is most + appropriate for the current architecture. I.E. dynamically + select an appropriate memset function. Apparently it is also + normal for HPPA shared libraries to have undefined symbols. */ + boolean allow_shlib_undefined; + /* Which symbols to strip. */ + enum bfd_link_strip strip; + /* Which local symbols to discard. */ + enum bfd_link_discard discard; + /* true if symbols should be retained in memory, false if they + should be freed and reread. */ + boolean keep_memory; + /* The list of input BFD's involved in the link. These are chained + together via the link_next field. */ + bfd *input_bfds; + /* If a symbol should be created for each input BFD, this is section + where those symbols should be placed. It must be a section in + the output BFD. It may be NULL, in which case no such symbols + will be created. This is to support CREATE_OBJECT_SYMBOLS in the + linker command language. */ + asection *create_object_symbols_section; + /* Hash table handled by BFD. */ + struct bfd_link_hash_table *hash; + /* Hash table of symbols to keep. This is NULL unless strip is + strip_some. */ + struct bfd_hash_table *keep_hash; + /* true if every symbol should be reported back via the notice + callback. */ + boolean notice_all; + /* Hash table of symbols to report back via the notice callback. If + this is NULL, and notice_all is false, then no symbols are + reported back. */ + struct bfd_hash_table *notice_hash; + /* Hash table of symbols which are being wrapped (the --wrap linker + option). If this is NULL, no symbols are being wrapped. */ + struct bfd_hash_table *wrap_hash; + /* If a base output file is wanted, then this points to it */ + PTR base_file; + + /* If non-zero, specifies that branches which are problematic for the + MPC860 C0 (or earlier) should be checked for and modified. It gives the + number of bytes that should be checked at the end of each text page. */ + int mpc860c0; + + /* The function to call when the executable or shared object is + loaded. */ + const char *init_function; + /* The function to call when the executable or shared object is + unloaded. */ + const char *fini_function; + + /* true if the new ELF dynamic tags are enabled. */ + boolean new_dtags; + + /* May be used to set DT_FLAGS for ELF. */ + bfd_vma flags; + + /* May be used to set DT_FLAGS_1 for ELF. */ + bfd_vma flags_1; +}; + +/* This structures holds a set of callback functions. These are + called by the BFD linker routines. The first argument to each + callback function is the bfd_link_info structure being used. Each + function returns a boolean value. If the function returns false, + then the BFD function which called it will return with a failure + indication. */ + +struct bfd_link_callbacks +{ + /* A function which is called when an object is added from an + archive. ABFD is the archive element being added. NAME is the + name of the symbol which caused the archive element to be pulled + in. */ + boolean (*add_archive_element) PARAMS ((struct bfd_link_info *, + bfd *abfd, + const char *name)); + /* A function which is called when a symbol is found with multiple + definitions. NAME is the symbol which is defined multiple times. + OBFD is the old BFD, OSEC is the old section, OVAL is the old + value, NBFD is the new BFD, NSEC is the new section, and NVAL is + the new value. OBFD may be NULL. OSEC and NSEC may be + bfd_com_section or bfd_ind_section. */ + boolean (*multiple_definition) PARAMS ((struct bfd_link_info *, + const char *name, + bfd *obfd, + asection *osec, + bfd_vma oval, + bfd *nbfd, + asection *nsec, + bfd_vma nval)); + /* A function which is called when a common symbol is defined + multiple times. NAME is the symbol appearing multiple times. + OBFD is the BFD of the existing symbol; it may be NULL if this is + not known. OTYPE is the type of the existing symbol, which may + be bfd_link_hash_defined, bfd_link_hash_defweak, + bfd_link_hash_common, or bfd_link_hash_indirect. If OTYPE is + bfd_link_hash_common, OSIZE is the size of the existing symbol. + NBFD is the BFD of the new symbol. NTYPE is the type of the new + symbol, one of bfd_link_hash_defined, bfd_link_hash_common, or + bfd_link_hash_indirect. If NTYPE is bfd_link_hash_common, NSIZE + is the size of the new symbol. */ + boolean (*multiple_common) PARAMS ((struct bfd_link_info *, + const char *name, + bfd *obfd, + enum bfd_link_hash_type otype, + bfd_vma osize, + bfd *nbfd, + enum bfd_link_hash_type ntype, + bfd_vma nsize)); + /* A function which is called to add a symbol to a set. ENTRY is + the link hash table entry for the set itself (e.g., + __CTOR_LIST__). RELOC is the relocation to use for an entry in + the set when generating a relocateable file, and is also used to + get the size of the entry when generating an executable file. + ABFD, SEC and VALUE identify the value to add to the set. */ + boolean (*add_to_set) PARAMS ((struct bfd_link_info *, + struct bfd_link_hash_entry *entry, + bfd_reloc_code_real_type reloc, + bfd *abfd, asection *sec, bfd_vma value)); + /* A function which is called when the name of a g++ constructor or + destructor is found. This is only called by some object file + formats. CONSTRUCTOR is true for a constructor, false for a + destructor. This will use BFD_RELOC_CTOR when generating a + relocateable file. NAME is the name of the symbol found. ABFD, + SECTION and VALUE are the value of the symbol. */ + boolean (*constructor) PARAMS ((struct bfd_link_info *, + boolean constructor, + const char *name, bfd *abfd, asection *sec, + bfd_vma value)); + /* A function which is called to issue a linker warning. For + example, this is called when there is a reference to a warning + symbol. WARNING is the warning to be issued. SYMBOL is the name + of the symbol which triggered the warning; it may be NULL if + there is none. ABFD, SECTION and ADDRESS identify the location + which trigerred the warning; either ABFD or SECTION or both may + be NULL if the location is not known. */ + boolean (*warning) PARAMS ((struct bfd_link_info *, + const char *warning, const char *symbol, + bfd *abfd, asection *section, + bfd_vma address)); + /* A function which is called when a relocation is attempted against + an undefined symbol. NAME is the symbol which is undefined. + ABFD, SECTION and ADDRESS identify the location from which the + reference is made. FATAL indicates whether an undefined symbol is + a fatal error or not. In some cases SECTION may be NULL. */ + boolean (*undefined_symbol) PARAMS ((struct bfd_link_info *, + const char *name, bfd *abfd, + asection *section, + bfd_vma address, + boolean fatal)); + /* A function which is called when a reloc overflow occurs. NAME is + the name of the symbol or section the reloc is against, + RELOC_NAME is the name of the relocation, and ADDEND is any + addend that is used. ABFD, SECTION and ADDRESS identify the + location at which the overflow occurs; if this is the result of a + bfd_section_reloc_link_order or bfd_symbol_reloc_link_order, then + ABFD will be NULL. */ + boolean (*reloc_overflow) PARAMS ((struct bfd_link_info *, + const char *name, + const char *reloc_name, bfd_vma addend, + bfd *abfd, asection *section, + bfd_vma address)); + /* A function which is called when a dangerous reloc is performed. + The canonical example is an a29k IHCONST reloc which does not + follow an IHIHALF reloc. MESSAGE is an appropriate message. + ABFD, SECTION and ADDRESS identify the location at which the + problem occurred; if this is the result of a + bfd_section_reloc_link_order or bfd_symbol_reloc_link_order, then + ABFD will be NULL. */ + boolean (*reloc_dangerous) PARAMS ((struct bfd_link_info *, + const char *message, + bfd *abfd, asection *section, + bfd_vma address)); + /* A function which is called when a reloc is found to be attached + to a symbol which is not being written out. NAME is the name of + the symbol. ABFD, SECTION and ADDRESS identify the location of + the reloc; if this is the result of a + bfd_section_reloc_link_order or bfd_symbol_reloc_link_order, then + ABFD will be NULL. */ + boolean (*unattached_reloc) PARAMS ((struct bfd_link_info *, + const char *name, + bfd *abfd, asection *section, + bfd_vma address)); + /* A function which is called when a symbol in notice_hash is + defined or referenced. NAME is the symbol. ABFD, SECTION and + ADDRESS are the value of the symbol. If SECTION is + bfd_und_section, this is a reference. */ + boolean (*notice) PARAMS ((struct bfd_link_info *, const char *name, + bfd *abfd, asection *section, bfd_vma address)); +}; + +/* The linker builds link_order structures which tell the code how to + include input data in the output file. */ + +/* These are the types of link_order structures. */ + +enum bfd_link_order_type +{ + bfd_undefined_link_order, /* Undefined. */ + bfd_indirect_link_order, /* Built from a section. */ + bfd_fill_link_order, /* Fill with a 16 bit constant. */ + bfd_data_link_order, /* Set to explicit data. */ + bfd_section_reloc_link_order, /* Relocate against a section. */ + bfd_symbol_reloc_link_order /* Relocate against a symbol. */ +}; + +/* This is the link_order structure itself. These form a chain + attached to the section whose contents they are describing. */ + +struct bfd_link_order +{ + /* Next link_order in chain. */ + struct bfd_link_order *next; + /* Type of link_order. */ + enum bfd_link_order_type type; + /* Offset within output section. */ + bfd_vma offset; + /* Size within output section. */ + bfd_size_type size; + /* Type specific information. */ + union + { + struct + { + /* Section to include. If this is used, then + section->output_section must be the section the + link_order is attached to, section->output_offset must + equal the link_order offset field, and section->_raw_size + must equal the link_order size field. Maybe these + restrictions should be relaxed someday. */ + asection *section; + } indirect; + struct + { + /* Value to fill with. */ + unsigned int value; + } fill; + struct + { + /* Data to put into file. The size field gives the number + of bytes which this field points to. */ + bfd_byte *contents; + } data; + struct + { + /* Description of reloc to generate. Used for + bfd_section_reloc_link_order and + bfd_symbol_reloc_link_order. */ + struct bfd_link_order_reloc *p; + } reloc; + } u; +}; + +/* A linker order of type bfd_section_reloc_link_order or + bfd_symbol_reloc_link_order means to create a reloc against a + section or symbol, respectively. This is used to implement -Ur to + generate relocs for the constructor tables. The + bfd_link_order_reloc structure describes the reloc that BFD should + create. It is similar to a arelent, but I didn't use arelent + because the linker does not know anything about most symbols, and + any asymbol structure it creates will be partially meaningless. + This information could logically be in the bfd_link_order struct, + but I didn't want to waste the space since these types of relocs + are relatively rare. */ + +struct bfd_link_order_reloc +{ + /* Reloc type. */ + bfd_reloc_code_real_type reloc; + + union + { + /* For type bfd_section_reloc_link_order, this is the section + the reloc should be against. This must be a section in the + output BFD, not any of the input BFDs. */ + asection *section; + /* For type bfd_symbol_reloc_link_order, this is the name of the + symbol the reloc should be against. */ + const char *name; + } u; + + /* Addend to use. The object file should contain zero. The BFD + backend is responsible for filling in the contents of the object + file correctly. For some object file formats (e.g., COFF) the + addend must be stored into in the object file, and for some + (e.g., SPARC a.out) it is kept in the reloc. */ + bfd_vma addend; +}; + +/* Allocate a new link_order for a section. */ +extern struct bfd_link_order *bfd_new_link_order PARAMS ((bfd *, asection *)); + +/* These structures are used to describe version information for the + ELF linker. These structures could be manipulated entirely inside + BFD, but it would be a pain. Instead, the regular linker sets up + these structures, and then passes them into BFD. */ + +/* Regular expressions for a version. */ + +struct bfd_elf_version_expr +{ + /* Next regular expression for this version. */ + struct bfd_elf_version_expr *next; + /* Regular expression. */ + const char *pattern; + /* Matching function. */ + int (*match) PARAMS((struct bfd_elf_version_expr *, const char *)); +}; + +/* Version dependencies. */ + +struct bfd_elf_version_deps +{ + /* Next dependency for this version. */ + struct bfd_elf_version_deps *next; + /* The version which this version depends upon. */ + struct bfd_elf_version_tree *version_needed; +}; + +/* A node in the version tree. */ + +struct bfd_elf_version_tree +{ + /* Next version. */ + struct bfd_elf_version_tree *next; + /* Name of this version. */ + const char *name; + /* Version number. */ + unsigned int vernum; + /* Regular expressions for global symbols in this version. */ + struct bfd_elf_version_expr *globals; + /* Regular expressions for local symbols in this version. */ + struct bfd_elf_version_expr *locals; + /* List of versions which this version depends upon. */ + struct bfd_elf_version_deps *deps; + /* Index of the version name. This is used within BFD. */ + unsigned int name_indx; + /* Whether this version tree was used. This is used within BFD. */ + int used; +}; + +#endif diff --git a/test/crypto/testfiles/bfdlink.h.enc b/test/crypto/testfiles/bfdlink.h.enc Binary files differnew file mode 100644 index 00000000..ddc7b01e --- /dev/null +++ b/test/crypto/testfiles/bfdlink.h.enc |