Fix build with NO_OPENSSL set
authorJohn Marino <draco@marino.st>
Thu, 8 Sep 2016 06:21:59 +0000 (01:21 -0500)
committerJohn Marino <draco@marino.st>
Thu, 8 Sep 2016 06:25:57 +0000 (01:25 -0500)
In addition to several missing CFLAGS to point to the private libressl
headers, various issues related to libressl were fixed.  These were
exposed by setting NO_OPENSSL in make.conf (and they were obscured
when the compiler found the original openssl headers).

18 files changed:
Makefile.inc1
gnu/lib/Makefile
gnu/lib/libcryptsetup/Makefile
gnu/lib/libluks/Makefile
lib/Makefile
lib/libdmsg/Makefile
lib/libldns/Makefile
lib/libtcplay/Makefile
lib/libtelnet/Makefile
lib/libtelnet/enc_des.c
lib/libtelnet/encrypt.h
lib/libtelnet/pk.c
lib/libtelnet/pk.h
libexec/dma/dma-mbox-create/Makefile
sbin/mount_hammer2/Makefile
secure/lib/libressl/Makefile
secure/usr.bin/bdes/Makefile
usr.sbin/802_11/Makefile.crypto

index a5eaa78..4600409 100644 (file)
@@ -1046,11 +1046,11 @@ _generic_libs+= lib
 .if !defined(NO_CRYPT)
 .if !defined(NO_OPENSSL)
 _prebuild_libs+=       secure/lib/libcrypto secure/lib/libssl
-_prebuild_libs+=       secure/lib/libssh
-secure/lib/libssh__L: secure/lib/libcrypto__L lib/libz__L
 .endif
 .if !defined(NO_LIBRESSL)
 _prebuild_libs+=       secure/lib/librecrypto secure/lib/libressl
+_prebuild_libs+=       secure/lib/libssh
+secure/lib/libssh__L: secure/lib/librecrypto__L lib/libz__L
 .endif
 _generic_libs+=        secure/lib
 .endif
index f107780..292f53e 100644 (file)
@@ -7,10 +7,13 @@ SUBDIR= gcc50
 SUBDIR+= gcc47
 .endif
 
+.if !defined(NO_LIBRESSL)
 SUBDIR+= libcryptsetup
+SUBDIR+= libluks
+.endif
+
 SUBDIR+= libdevmapper
 SUBDIR+= libdialog
-SUBDIR+= libluks
 SUBDIR+= liblvm
 
 SUBDIR_ORDERED=
index 730668e..ae9674a 100644 (file)
@@ -9,6 +9,7 @@ SRCS+=          backends.c libdevmapper.c setup.c utils.c \
 INCS+=         libcryptsetup.h
 
 CFLAGS+=       -I${CRYPTSETUP_DIR}/lib
+CFLAGS+=       -I${.CURDIR}/../../../crypto/libressl/include
 
 .PATH: ${CRYPTSETUP_DIR}/lib
 
index cab66e6..7fadc80 100644 (file)
@@ -8,6 +8,7 @@ SRCS+=          af.c hexprint.c keyencryption.c keymanage.c pbkdf.c random.c
 INCS+=         luks.h
 
 CFLAGS+=       -I${CRYPTSETUP_DIR}/luks
+CFLAGS+=       -I${.CURDIR}/../../../crypto/libressl/include
 
 .PATH: ${CRYPTSETUP_DIR}/luks
 
index 0feafba..fa3715c 100644 (file)
@@ -70,7 +70,6 @@ SUBDIR=       ${SUBDIR_ORDERED} \
        libkiconv \
        libkinfo \
        libkvm \
-       libldns \
        libm \
        libmagic \
        libmandoc \
@@ -89,7 +88,6 @@ SUBDIR=       ${SUBDIR_ORDERED} \
        ${_libsmdb} \
        ${_libsmutil} \
        libstand \
-       libtcplay \
        libtelnet \
        libu4bhid \
        libvgl \
@@ -102,8 +100,13 @@ SUBDIR=    ${SUBDIR_ORDERED} \
 SUBDIR:=       libc ${SUBDIR:Nlibc}
 .endif
 
-.if defined(WANT_HAMMER2)
+.if !defined(NO_LIBRESSL)
+.  if defined(WANT_HAMMER2)
 _libdmsg=      libdmsg
+.  endif
+
+SUBDIR+=       libldns \
+               libtcplay
 .endif
 
 .if !defined(NO_LIBC_R)
index 8515fd9..e8b0d48 100644 (file)
@@ -3,7 +3,8 @@
 LIB=   dmsg
 SRCS+= icrc.c debug.c subs.c crypto.c msg.c msg_lnk.c service.c
 
-CFLAGS+= -pthread
+CFLAGS+=       -pthread
+CFLAGS+=       -I${.CURDIR}/../../crypto/libressl/include
 
 INCS=  dmsg.h
 
index d90d1ce..f9cdbcf 100644 (file)
@@ -51,6 +51,7 @@ INCS+=                buffer.h \
 .PATH:         ${LDNS} ${LDNS}/compat ${LDNS}/ldns ${.CURDIR}/ldns
 
 CFLAGS+=       -I${.CURDIR} -I${LDNS}
+CFLAGS+=       -I${.CURDIR}/../../crypto/libressl/include
 
 WARNS?=                2
 
index 1a6bf64..4250f3d 100644 (file)
@@ -20,6 +20,7 @@ MLINKS+=      tcplay.3        tc_api_task_get_error.3
 
 CFLAGS+=       -DMAJ_VER=${MAJ_VER} -DMIN_VER=${MIN_VER}
 CFLAGS+=       -D_FILE_OFFSET_BITS=64
+CFLAGS+=       -I${.CURDIR}/../../crypto/libressl/include
 
 SRCS+=         tcplay.c crc32.c safe_mem.c io.c hdr.c humanize.c
 SRCS+=         crypto.c generic_xts.c
index 7b3feaf..d28c5be 100644 (file)
@@ -12,6 +12,7 @@ WARNS?=               2
 .if !defined(NO_LIBRESSL)
 SRCS+=         encrypt.c auth.c enc_des.c sra.c pk.c
 CFLAGS+=       -DENCRYPTION -DAUTHENTICATION -DSRA
+CFLAGS+=       -I${.CURDIR}/../../crypto/libressl/include
 .endif
 
 .include <bsd.lib.mk>
index 600f844..44c7d07 100644 (file)
@@ -201,9 +201,9 @@ fb64_start(struct fb *fbp, int dir, int server __unused)
                /*
                 * Create a random feed and send it over.
                 */
-               des_random_key((Block *)fbp->temp_feed);
-               des_ecb_encrypt((Block *)fbp->temp_feed, (Block *)fbp->temp_feed,
-                               fbp->krbdes_sched, 1);
+               DES_random_key((Block *)fbp->temp_feed);
+               DES_ecb_encrypt((Block *)fbp->temp_feed, (Block *)fbp->temp_feed,
+                               &fbp->krbdes_sched, 1);
                p = fbp->fb_feed + 3;
                *p++ = ENCRYPT_IS;
                p++;
@@ -387,7 +387,7 @@ fb64_session(Session_Key *key, int server, struct fb *fbp)
        fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_ENCRYPT-1]);
        fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_DECRYPT-1]);
 
-       des_key_sched((Block *)fbp->krbdes_key, fbp->krbdes_sched);
+       DES_key_sched((Block *)fbp->krbdes_key, &fbp->krbdes_sched);
        /*
         * Now look to see if krbdes_start() was was waiting for
         * the key to show up.  If so, go ahead an call it now
@@ -493,7 +493,7 @@ fb64_stream_iv(Block seed, struct stinfo *stp)
        memmove((void *)stp->str_iv, (void *)seed, sizeof(Block));
        memmove((void *)stp->str_output, (void *)seed, sizeof(Block));
 
-       des_key_sched((Block *)stp->str_ikey, stp->str_sched);
+       DES_key_sched((Block *)stp->str_ikey, &stp->str_sched);
 
        stp->str_index = sizeof(Block);
 }
@@ -502,7 +502,7 @@ void
 fb64_stream_key(Block key, struct stinfo *stp)
 {
        memmove((void *)stp->str_ikey, (void *)key, sizeof(Block));
-       des_key_sched((Block *)key, stp->str_sched);
+       DES_key_sched((Block *)key, &stp->str_sched);
 
        memmove((void *)stp->str_output, (void *)stp->str_iv, sizeof(Block));
 
@@ -541,7 +541,7 @@ cfb64_encrypt(unsigned char *s, int c)
        while (c-- > 0) {
                if (idx == sizeof(Block)) {
                        Block b;
-                       des_ecb_encrypt((Block *)stp->str_output, (Block *)b, stp->str_sched, 1);
+                       DES_ecb_encrypt((Block *)stp->str_output, (Block *)b, &stp->str_sched, 1);
                        memmove((void *)stp->str_feed, (void *)b, sizeof(Block));
                        idx = 0;
                }
@@ -574,7 +574,7 @@ cfb64_decrypt(int data)
        idx = stp->str_index++;
        if (idx == sizeof(Block)) {
                Block b;
-               des_ecb_encrypt((Block *)stp->str_output, (Block *)b, stp->str_sched, 1);
+               DES_ecb_encrypt((Block *)stp->str_output, (Block *)b, &stp->str_sched, 1);
                memmove((void *)stp->str_feed, (void *)b, sizeof(Block));
                stp->str_index = 1;     /* Next time will be 1 */
                idx = 0;                /* But now use 0 */
@@ -614,7 +614,7 @@ ofb64_encrypt(unsigned char *s, int c)
        while (c-- > 0) {
                if (idx == sizeof(Block)) {
                        Block b;
-                       des_ecb_encrypt((Block *)stp->str_feed, (Block *)b, stp->str_sched, 1);
+                       DES_ecb_encrypt((Block *)stp->str_feed, (Block *)b, &stp->str_sched, 1);
                        memmove((void *)stp->str_feed, (void *)b, sizeof(Block));
                        idx = 0;
                }
@@ -644,7 +644,7 @@ ofb64_decrypt(int data)
        idx = stp->str_index++;
        if (idx == sizeof(Block)) {
                Block b;
-               des_ecb_encrypt((Block *)stp->str_feed, (Block *)b, stp->str_sched, 1);
+               DES_ecb_encrypt((Block *)stp->str_feed, (Block *)b, &stp->str_sched, 1);
                memmove((void *)stp->str_feed, (void *)b, sizeof(Block));
                stp->str_index = 1;     /* Next time will be 1 */
                idx = 0;                /* But now use 0 */
index b041b98..33a75d5 100644 (file)
@@ -64,7 +64,7 @@ typedef unsigned char *BlockT;
 #if 0
 typedef struct { Block __; } Schedule[16];
 #else
-#define Schedule des_key_schedule
+#define Schedule DES_key_schedule
 #endif
 
 #define        VALIDKEY(key)   ( key[0] | key[1] | key[2] | key[3] | \
index f28ac89..c106e46 100644 (file)
@@ -145,7 +145,7 @@ common_key(char *xsecret, char *xpublic, IdeaData *ideakey, DesData *deskey)
        BN_mod_exp(common, public, secret, modulus, ctx);
         extractdeskey(common, deskey);
         extractideakey(common, ideakey);
-       des_set_odd_parity(deskey);
+       DES_set_odd_parity(deskey);
        BN_free(common);
        BN_free(secret);
        BN_free(public);
@@ -272,14 +272,14 @@ pk_encode(char *in, char *out, DesData *key)
 {
        char buf[256];
        DesData i;
-       des_key_schedule k;
+       DES_key_schedule k;
        int l,op,deslen;
 
        memset(&i,0,sizeof(i));
        memset(buf,0,sizeof(buf));
        deslen = ((strlen(in) + 7)/8)*8;
-       des_key_sched(key, k);
-       des_cbc_encrypt(in,buf,deslen, k,&i,DES_ENCRYPT);
+       DES_key_sched(key, &k);
+       DES_cbc_encrypt(in,buf,deslen, &k,&i,DES_ENCRYPT);
        for (l=0,op=0;l<deslen;l++) {
                out[op++] = hextab[(buf[l] & 0xf0) >> 4];
                out[op++] = hextab[(buf[l] & 0x0f)];
@@ -293,7 +293,7 @@ pk_decode(char *in, char *out, DesData *key)
 {
        char buf[256];
        DesData i;
-       des_key_schedule k;
+       DES_key_schedule k;
        int n1,n2,op;
        size_t l;
 
@@ -310,7 +310,7 @@ pk_decode(char *in, char *out, DesData *key)
                        n2 = in[op+1] - '0';
                buf[l] = n1*16 +n2;
        }
-       des_key_sched(key, k);
-       des_cbc_encrypt(buf,out,strlen(in)/2, k,&i,DES_DECRYPT);
+       DES_key_sched(key, &k);
+       DES_cbc_encrypt(buf,out,strlen(in)/2, &k,&i,DES_DECRYPT);
        out[strlen(in)/2] = '\0';
 }
index b168be0..78e79b5 100644 (file)
@@ -33,7 +33,7 @@
 /* header for the des routines that we will use */
 
 typedef unsigned char byte, DesData[ 8], IdeaData[16];
-#define DesKeys des_key_schedule
+#define DesKeys DES_key_schedule
 
 #define DES_DECRYPT 0
 #define DES_ENCRYPT 1
index daed610..fd7c379 100644 (file)
@@ -4,6 +4,7 @@ CFLAGS+=-I${.CURDIR}/..
 CFLAGS+= -DHAVE_REALLOCF -DHAVE_STRLCPY -DHAVE_GETPROGNAME
 CFLAGS+=-DCONF_PATH='"/etc/dma"'
 CFLAGS+=-DLIBEXEC_PATH='"/usr/libexec"' -DDMA_VERSION='"v0.9+"'
+CFLAGS+=-I${.CURDIR}/../../../crypto/libressl/include
 
 PROG=  dma-mbox-create
 NOMAN=
index 7f43f4d..d69ad3a 100644 (file)
@@ -3,6 +3,7 @@ SRCS=   mount_hammer2.c
 MAN=
 
 CFLAGS+= -I${.CURDIR}/..
+CFLAGS+= -I${.CURDIR}/../../crypto/libressl/include
 LDADD=  -lutil
 DPADD=  ${LIBUTIL}
 
index a620846..4813365 100644 (file)
@@ -20,7 +20,7 @@ libssl_la_SOURCES= \
 
 SRCS=  ${libssl_la_SOURCES}
 
-INCS=  dtls1.h srtp.h ssl.h ssl2.h ssl23.h tls1.h
+INCS=  dtls1.h srtp.h ssl.h ssl2.h ssl23.h ssl3.h tls1.h
 INCSDIR=       ${INCLUDEDIR}/priv/openssl
 
 # We can't use ${LIBRECRYPTO} because of LIBDIR definition, so recreate it
index 3568bd0..a33adfc 100644 (file)
@@ -8,5 +8,6 @@ WARNS?= 2
 DPADD=         ${LIBRECRYPTO}
 LDADD=         -lprivate_crypto
 LDFLAGS+=      -rpath /lib/priv -L ${_SHLIBDIRPREFIX}/usr/lib/priv
+CFLAGS+=       -I${.CURDIR}/../../../crypto/libressl/include
 
 .include <bsd.prog.mk>
index 7c0ce62..32f3066 100644 (file)
@@ -3,7 +3,7 @@
 SRCS+=         crypto_openssl.c random.c sha1-prf.c sha256-prf.c
 DPADD+=                ${LIBRESSL} ${LIBRECRYPTO}
 LDADD+=                -lprivate_ssl -lprivate_crypto
-CFLAGS+=       -DCONFIG_SHA256 -I${.CURDIR}/../../crypto/libressl/include
+CFLAGS+=       -DCONFIG_SHA256 -I${.CURDIR}/../../../crypto/libressl/include
 LDFLAGS+=      -rpath /lib/priv -L ${_SHLIBDIRPREFIX}/usr/lib/priv
 
 .if defined(TLS_FUNCS)