From 773e06e5ddf377b1a97ece4a05e61a650e305d32 Mon Sep 17 00:00:00 2001 From: Chris Hanson Date: Thu, 1 Mar 2001 04:25:57 +0000 Subject: [PATCH] Add support for OpenSSL. --- v7/src/microcode/acconfig.h | 10 +++- v7/src/microcode/configure.in | 87 ++++++++++++++++++++++++++++------- v7/src/microcode/prbfish.c | 13 ++++-- v7/src/microcode/prmd5.c | 68 +++++++++++++++++++++------ 4 files changed, 141 insertions(+), 37 deletions(-) diff --git a/v7/src/microcode/acconfig.h b/v7/src/microcode/acconfig.h index 3598d112a..4102f5cb0 100644 --- a/v7/src/microcode/acconfig.h +++ b/v7/src/microcode/acconfig.h @@ -1,8 +1,8 @@ /* -*-C-*- -$Id: acconfig.h,v 11.1 2000/12/05 21:23:42 cph Exp $ +$Id: acconfig.h,v 11.2 2001/03/01 04:25:48 cph Exp $ -Copyright (c) 2000 Massachusetts Institute of Technology +Copyright (c) 2000-2001 Massachusetts Institute of Technology This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -68,6 +68,9 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. /* Define if blowfish library is present. */ #undef HAVE_LIBBLOWFISH +/* Define if OpenSSL crypto library is present. */ +#undef HAVE_LIBCRYPTO + /* Define if curses library is present. */ #undef HAVE_LIBCURSES @@ -80,6 +83,9 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. /* Define if md5 library is present. */ #undef HAVE_LIBMD5 +/* Define if mcrypt library is present. */ +#undef HAVE_LIBMCRYPT + /* Define if mhash library is present. */ #undef HAVE_LIBMHASH diff --git a/v7/src/microcode/configure.in b/v7/src/microcode/configure.in index 608b51e21..d2a1823ab 100644 --- a/v7/src/microcode/configure.in +++ b/v7/src/microcode/configure.in @@ -16,13 +16,15 @@ dnl You should have received a copy of the GNU General Public License dnl along with this program; if not, write to the Free Software dnl Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -AC_REVISION([$Id: configure.in,v 11.4 2001/02/28 21:41:58 cph Exp $]) +AC_REVISION([$Id: configure.in,v 11.5 2001/03/01 04:25:51 cph Exp $]) AC_INIT(boot.c) AC_CONFIG_HEADER(config.h) dnl Feature options. AC_ARG_ENABLE(static-libs, [ --enable-static-libs Link some libraries statically [no]]) +AC_ARG_WITH(openssl, +[ --with-openssl Use the OpenSSL crypto library if available [yes]]) AC_ARG_WITH(mhash, [ --with-mhash Use the mhash library if available [yes]]) AC_ARG_WITH(mcrypt, @@ -54,16 +56,19 @@ fi dnl Checks for libraries. AC_CHECK_LIB(dl, dlopen) AC_CHECK_LIB(m, exp) +AC_CHECK_LIB(crypto, BF_set_key, + [scheme_cv_lib_crypto=yes], + [scheme_cv_lib_crypto=no]) AC_CHECK_LIB(mhash, mhash_count, [scheme_cv_lib_mhash=yes], [scheme_cv_lib_mhash=no]) -AC_CHECK_LIB(md5, MD5Init, - [scheme_cv_lib_md5=yes], - [scheme_cv_lib_md5=no]) AC_CHECK_LIB(mcrypt, mcrypt_generic_init, [scheme_cv_lib_mcrypt=yes], [scheme_cv_lib_mcrypt=no], [-lltdl]) +AC_CHECK_LIB(md5, MD5Init, + [scheme_cv_lib_md5=yes], + [scheme_cv_lib_md5=no]) AC_CHECK_LIB(blowfish, BF_set_key, [scheme_cv_lib_blowfish=yes], [scheme_cv_lib_blowfish=no]) @@ -88,29 +93,74 @@ AC_CHECK_LIB(termcap, tparam, if test "${ac_cv_lib_dl_dlopen}" = "yes"; then OPTIONAL_BASES="${OPTIONAL_BASES} pruxdld" fi -if test "${scheme_cv_lib_mhash}" = "yes" && test "${with_mhash}" != "no"; then + +dnl OK, now some complex logic to handle the crypto stuff. + +dnl First, handle options to enable/disable use of some libraries. +test "${with_openssl:-yes}" = "no" && scheme_cv_lib_crypto=no +test "${with_mhash:-yes}" = "no" && scheme_cv_lib_mhash=no +test "${with_mcrypt:-yes}" = "no" && scheme_cv_lib_mcrypt=no + +dnl Next, we decide which libraries to use. We mostly want support +dnl for Blowfish and MD5, each of which can come from multiple libraries. +have_blowfish=no +have_md5=no + +dnl The OpenSSL crypto library provides support for both, and is preferred. +if test "${scheme_cv_lib_crypto}" = "yes"; then + AC_DEFINE(HAVE_LIBCRYPTO) + QUASI_STATIC_LIBS="${QUASI_STATIC_LIBS} -lcrypto" + OPTIONAL_BASES="${OPTIONAL_BASES} prbfish prmd5" + have_blowfish=yes + have_md5=yes +fi + +dnl The mhash library provides md5 support. It can be loaded in addition +dnl to other MD5 libraries and provides a rich set of hashes. +if test "${scheme_cv_lib_mhash}" = "yes"; then AC_DEFINE(HAVE_LIBMHASH) QUASI_STATIC_LIBS="${QUASI_STATIC_LIBS} -lmhash" OPTIONAL_BASES="${OPTIONAL_BASES} prmhash" -elif test "${scheme_cv_lib_md5}" = "yes"; then - AC_DEFINE(HAVE_LIBMD5) - STATIC_LIBS="${STATIC_LIBS} -lmd5" - OPTIONAL_BASES="${OPTIONAL_BASES} prmd5" + have_md5=yes fi -if test "${scheme_cv_lib_mcrypt}" = "yes" && test "${with_mcrypt}" != "no"; then + +dnl The mcrypt library provides blowfish, but its CFB mode is 8 bit. +dnl We have been using 64-bit CFB, so this isn't really compatible. +dnl But mcrypt provides many ciphers and can be loaded in addition. +if test "${scheme_cv_lib_mcrypt}" = "yes"; then AC_DEFINE(HAVE_LIBMCRYPT) QUASI_STATIC_LIBS="${QUASI_STATIC_LIBS} -lmcrypt -lltdl" OPTIONAL_BASES="${OPTIONAL_BASES} prmcrypt" -elif test "${scheme_cv_lib_blowfish}" = "yes"; then - AC_DEFINE(HAVE_LIBBLOWFISH) - STATIC_LIBS="${STATIC_LIBS} -lblowfish" - OPTIONAL_BASES="${OPTIONAL_BASES} prbfish" fi + +dnl This is a stripped-down library that provides just Blowfish. It +dnl seems to be code that was extracted from OpenSSL long ago. We +dnl used this for a long time but no longer do. +if test "${have_blowfish}" = "no"; then + if test "${scheme_cv_lib_blowfish}" = "yes"; then + AC_DEFINE(HAVE_LIBBLOWFISH) + STATIC_LIBS="${STATIC_LIBS} -lblowfish" + OPTIONAL_BASES="${OPTIONAL_BASES} prbfish" + fi +fi + +dnl This is Phil Karn's MD5 implementation, which seems to have nearly +dnl the same interface as that of OpenSSL. +if test "${have_md5}" = "no"; then + if test "${scheme_cv_lib_md5}" = "yes"; then + AC_DEFINE(HAVE_LIBMD5) + STATIC_LIBS="${STATIC_LIBS} -lmd5" + OPTIONAL_BASES="${OPTIONAL_BASES} prmd5" + fi +fi + if test "${scheme_cv_lib_gdbm}" = "yes"; then AC_DEFINE(HAVE_LIBGDBM) QUASI_STATIC_LIBS="${QUASI_STATIC_LIBS} -lgdbm" OPTIONAL_BASES="${OPTIONAL_BASES} prgdbm" fi + + if test "${scheme_cv_lib_ncurses}" = "yes"; then AC_DEFINE(HAVE_LIBNCURSES) QUASI_STATIC_LIBS="${QUASI_STATIC_LIBS} -lncurses" @@ -129,7 +179,7 @@ else OPTIONAL_BASES="${OPTIONAL_BASES} termcap tparam" fi -if test "${enable_static_libs}" = "no"; then +if test "${enable_static_libs:-no}" = "no"; then LIBS="${LIBS}${QUASI_STATIC_LIBS}" else STATIC_LIBS="${STATIC_LIBS}${QUASI_STATIC_LIBS}" @@ -144,6 +194,7 @@ AC_CHECK_HEADERS(bsdtty.h fcntl.h limits.h malloc.h sgtty.h stropts.h time.h) AC_CHECK_HEADERS(sys/file.h sys/ioctl.h sys/mount.h sys/param.h sys/poll.h) AC_CHECK_HEADERS(sys/ptyio.h sys/socket.h sys/time.h sys/un.h sys/vfs.h) AC_CHECK_HEADERS(termcap.h termio.h termios.h unistd.h utime.h) +AC_CHECK_HEADERS(openssl/blowfish.h openssl/md5.h blowfish.h md5.h) dnl Checks for typedefs AC_TYPE_MODE_T @@ -384,8 +435,10 @@ fi dnl Add OS-dependent customizations. case "$host_os" in linux-gnu) - STATIC_PREFIX="-Xlinker -Bstatic" - STATIC_SUFFIX="-Xlinker -Bdynamic" + if test "${STATIC_LIBS}" != ""; then + STATIC_PREFIX="-Xlinker -Bstatic" + STATIC_SUFFIX="-Xlinker -Bdynamic" + fi AC_MSG_CHECKING([for ELF binaries]) AC_TRY_RUN( [int diff --git a/v7/src/microcode/prbfish.c b/v7/src/microcode/prbfish.c index 871018431..1e179abb8 100644 --- a/v7/src/microcode/prbfish.c +++ b/v7/src/microcode/prbfish.c @@ -1,8 +1,8 @@ /* -*-C-*- -$Id: prbfish.c,v 1.9 2000/12/05 21:23:47 cph Exp $ +$Id: prbfish.c,v 1.10 2001/03/01 04:25:54 cph Exp $ -Copyright (c) 1997, 1999, 2000 Massachusetts Institute of Technology +Copyright (c) 1997-2001 Massachusetts Institute of Technology This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -23,7 +23,14 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. #include "scheme.h" #include "prims.h" -#include + +#if defined(HAVE_LIBCRYPTO) && defined(HAVE_OPENSSL_BLOWFISH_H) +# include +#else +# ifdef HAVE_BLOWFISH_H +# include +# endif +#endif /* This interface uses the Blowfish library from SSLeay. */ diff --git a/v7/src/microcode/prmd5.c b/v7/src/microcode/prmd5.c index beb20dc05..6830d1448 100644 --- a/v7/src/microcode/prmd5.c +++ b/v7/src/microcode/prmd5.c @@ -1,8 +1,8 @@ /* -*-C-*- -$Id: prmd5.c,v 1.4 1999/01/02 06:11:34 cph Exp $ +$Id: prmd5.c,v 1.5 2001/03/01 04:25:57 cph Exp $ -Copyright (c) 1997, 1999 Massachusetts Institute of Technology +Copyright (c) 1997-2001 Massachusetts Institute of Technology This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -23,7 +23,25 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. #include "scheme.h" #include "prims.h" -#include + +#if defined(HAVE_LIBCRYPTO) && defined(HAVE_OPENSSL_MD5_H) +# include +#else +# ifdef HAVE_MD5_H +# include +# endif +#endif + +#ifdef HAVE_LIBCRYPTO +# define MD5_INIT MD5_Init +# define MD5_UPDATE MD5_Update +# define MD5_FINAL MD5_Final +#else +# define MD5_INIT MD5Init +# define MD5_UPDATE MD5Update +# define MD5_FINAL MD5Final +# define MD5_DIGEST_LENGTH 16 +#endif DEFINE_PRIMITIVE ("MD5", Prim_md5, 1, 1, "(STRING)\n\ @@ -37,11 +55,22 @@ The digest is returned as a 16-byte string.") SCHEME_OBJECT result = (allocate_string (16)); unsigned char * scan_result = (STRING_LOC (result, 0)); MD5_CTX context; - unsigned char * scan_digest = (context . digest); - unsigned char * end_digest = (scan_digest + 16); - MD5Init (&context); - MD5Update ((&context), (STRING_LOC (string, 0)), (STRING_LENGTH (string))); - MD5Final (&context); +#ifdef HAVE_LIBCRYPTO + unsigned char digest [MD5_DIGEST_LENGTH]; +#endif + unsigned char * scan_digest; + unsigned char * end_digest; + + MD5_INIT (&context); + MD5_UPDATE ((&context), (STRING_LOC (string, 0)), (STRING_LENGTH (string))); +#ifdef HAVE_LIBCRYPTO + MD5_FINAL (digest, (&context)); + scan_digest = digest; +#else + MD5_FINAL (&context); + scan_digest = (context . digest); +#endif + end_digest = (scan_digest + MD5_DIGEST_LENGTH); while (scan_digest < end_digest) (*scan_result++) = (*scan_digest++); PRIMITIVE_RETURN (result); @@ -55,7 +84,7 @@ Create and return an MD5 digest context.") PRIMITIVE_HEADER (0); { SCHEME_OBJECT context = (allocate_string (sizeof (MD5_CTX))); - MD5Init ((MD5_CTX *) (STRING_LOC (context, 0))); + MD5_INIT ((MD5_CTX *) (STRING_LOC (context, 0))); PRIMITIVE_RETURN (context); } } @@ -80,9 +109,9 @@ Update CONTEXT with the contents of the substring (STRING,START,END).") unsigned long l = (STRING_LENGTH (string)); unsigned long start = (arg_ulong_index_integer (3, l)); unsigned long end = (arg_integer_in_range (4, start, (l + 1))); - MD5Update ((md5_context_arg (1)), - (STRING_LOC (string, start)), - (end - start)); + MD5_UPDATE ((md5_context_arg (1)), + (STRING_LOC (string, start)), + (end - start)); PRIMITIVE_RETURN (UNSPECIFIC); } } @@ -94,12 +123,21 @@ Finalize CONTEXT and return the digest as a 16-byte string.") PRIMITIVE_HEADER (1); { MD5_CTX * context = (md5_context_arg (1)); - MD5Final (context); +#ifdef HAVE_LIBCRYPTO + unsigned char digest [MD5_DIGEST_LENGTH]; + MD5_FINAL (digest, context); +#else + MD5_FINAL (context); +#endif { - SCHEME_OBJECT result = (allocate_string (16)); + SCHEME_OBJECT result = (allocate_string (MD5_DIGEST_LENGTH)); unsigned char * scan_result = (STRING_LOC (result, 0)); +#ifdef HAVE_LIBCRYPTO + unsigned char * scan_digest = digest; +#else unsigned char * scan_digest = (context -> digest); - unsigned char * end_digest = (scan_digest + 16); +#endif + unsigned char * end_digest = (scan_digest + MD5_DIGEST_LENGTH); while (scan_digest < end_digest) (*scan_result++) = (*scan_digest++); PRIMITIVE_RETURN (result); -- 2.25.1