From a85ed18d45b322b34af64dbf4eabb714eb2e06ea Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 15:04:11 +0100 Subject: [PATCH 01/24] include what we use --- folly/ssl/detail/OpenSSLThreading.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/folly/ssl/detail/OpenSSLThreading.cpp b/folly/ssl/detail/OpenSSLThreading.cpp index abe2bb11165..b4033ed9599 100644 --- a/folly/ssl/detail/OpenSSLThreading.cpp +++ b/folly/ssl/detail/OpenSSLThreading.cpp @@ -23,6 +23,7 @@ #include #include +#include // We cannot directly use portability/openssl because it also depends on us. // Therefore we directly use openssl includes. Order of includes is important From 7b5edfff6cc36e1eacbbb6f37de005cd435cb3a8 Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 15:07:59 +0100 Subject: [PATCH 02/24] Dont ignore folly config --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 5d948f008d4..0cfb9f1111c 100644 --- a/.gitignore +++ b/.gitignore @@ -14,7 +14,7 @@ autom4te.cache build-aux libtool folly/test/gtest -folly/folly-config.h +# folly/folly-config.h folly/**/test/*_benchmark folly/**/test/*.log folly/**/test/*_test From c49a5a230d9e704b07b9f74cb55eed9733ed0aac Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 15:08:41 +0100 Subject: [PATCH 03/24] dont ignore folly config and add it --- .gitignore | 2 +- folly/folly-config.h | 76 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 77 insertions(+), 1 deletion(-) create mode 100644 folly/folly-config.h diff --git a/.gitignore b/.gitignore index 0cfb9f1111c..608d825835c 100644 --- a/.gitignore +++ b/.gitignore @@ -7,7 +7,7 @@ Makefile.in .libs .deps stamp-h1 -folly-config.h +# folly-config.h _configs.sed aclocal.m4 autom4te.cache diff --git a/folly/folly-config.h b/folly/folly-config.h new file mode 100644 index 00000000000..cfe2abf35e3 --- /dev/null +++ b/folly/folly-config.h @@ -0,0 +1,76 @@ +#pragma once + +#ifdef __APPLE__ +#include // @manual +#endif + +#if !defined(FOLLY_MOBILE) +#if defined(__ANDROID__) || \ + (defined(__APPLE__) && \ + (TARGET_IPHONE_SIMULATOR || TARGET_OS_SIMULATOR || TARGET_OS_IPHONE)) +#define FOLLY_MOBILE 1 +#else +#define FOLLY_MOBILE 0 +#endif +#endif // FOLLY_MOBILE + +#define FOLLY_HAVE_PTHREAD 1 +#define FOLLY_HAVE_PTHREAD_ATFORK 1 + +#define FOLLY_HAVE_LIBGFLAGS 1 +/* #undef FOLLY_UNUSUAL_GFLAGS_NAMESPACE */ +#define FOLLY_GFLAGS_NAMESPACE gflags + +#define FOLLY_HAVE_LIBGLOG 1 + +/* #undef FOLLY_USE_JEMALLOC */ + +#if __has_include() +#include +#endif + +#define FOLLY_HAVE_ACCEPT4 1 +#define FOLLY_HAVE_GETRANDOM 1 +#define FOLLY_HAVE_PREADV 1 +#define FOLLY_HAVE_PWRITEV 1 +#define FOLLY_HAVE_CLOCK_GETTIME 1 +#define FOLLY_HAVE_PIPE2 1 +#define FOLLY_HAVE_SENDMMSG 1 +#define FOLLY_HAVE_RECVMMSG 1 +#define FOLLY_HAVE_OPENSSL_ASN1_TIME_DIFF 1 + +#define FOLLY_HAVE_IFUNC 1 +#define FOLLY_HAVE_STD__IS_TRIVIALLY_COPYABLE 1 +#define FOLLY_HAVE_UNALIGNED_ACCESS 1 +#define FOLLY_HAVE_VLA 1 +#define FOLLY_HAVE_WEAK_SYMBOLS 1 +#define FOLLY_HAVE_LINUX_VDSO 1 +#define FOLLY_HAVE_MALLOC_USABLE_SIZE 1 +/* #undef FOLLY_HAVE_INT128_T */ +#define FOLLY_HAVE_WCHAR_SUPPORT 1 +#define FOLLY_HAVE_EXTRANDOM_SFMT19937 1 +#define HAVE_VSNPRINTF_ERRORS 1 + +#define FOLLY_HAVE_LIBUNWIND 1 +#define FOLLY_HAVE_DWARF 1 +#define FOLLY_HAVE_ELF 1 +#define FOLLY_HAVE_SWAPCONTEXT 1 +#define FOLLY_HAVE_BACKTRACE 1 +#define FOLLY_USE_SYMBOLIZER 1 +#define FOLLY_DEMANGLE_MAX_SYMBOL_SIZE 1024 + +#define FOLLY_HAVE_SHADOW_LOCAL_WARNINGS 1 + +#define FOLLY_HAVE_LIBLZ4 0 +#define FOLLY_HAVE_LIBLZMA 1 +#define FOLLY_HAVE_LIBSNAPPY 0 +#define FOLLY_HAVE_LIBZ 1 +#define FOLLY_HAVE_LIBZSTD 1 +#define FOLLY_HAVE_LIBBZ2 0 + +#define FOLLY_LIBRARY_SANITIZE_ADDRESS 0 + +#define FOLLY_SUPPORT_SHARED_LIBRARY 0 + +#define FOLLY_HAVE_LIBRT 0 + From 3855e0f5fd82c669822ad1f7d1aa267119838d37 Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 15:17:09 +0100 Subject: [PATCH 04/24] defines methods for isBoringSsl --- folly/portability/OpenSSL.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index 5394471be82..b1ec44a6cb0 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -87,6 +87,10 @@ (((major << 28) | ((minor << 20) | (fix << 12)))) #define FOLLY_OPENSSL_PREREQ(major, minor, fix) \ (OPENSSL_VERSION_NUMBER >= FOLLY_OPENSSL_CALCULATE_VERSION(major, minor, fix)) + +#else + #define FOLLY_OPENSSL_PREREQ(major, minor, fix) \ + 0 #endif #if !defined(OPENSSL_IS_BORINGSSL) && !FOLLY_OPENSSL_IS_100 && \ From dce2b1f2f69429200dd49d7856aca85794768cdd Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 15:39:09 +0100 Subject: [PATCH 05/24] Conflicting functions --- folly/portability/OpenSSL.cpp | 4 ++-- folly/portability/OpenSSL.h | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/folly/portability/OpenSSL.cpp b/folly/portability/OpenSSL.cpp index c3161c4c60d..20cb375b198 100644 --- a/folly/portability/OpenSSL.cpp +++ b/folly/portability/OpenSSL.cpp @@ -325,7 +325,7 @@ STACK_OF(X509) * X509_STORE_CTX_get0_untrusted(X509_STORE_CTX* ctx) { return ctx->untrusted; } -EVP_MD_CTX* EVP_MD_CTX_new() { +/* EVP_MD_CTX* EVP_MD_CTX_new() { EVP_MD_CTX* ctx = (EVP_MD_CTX*)OPENSSL_malloc(sizeof(EVP_MD_CTX)); if (!ctx) { throw std::runtime_error("Cannot allocate EVP_MD_CTX"); @@ -339,7 +339,7 @@ void EVP_MD_CTX_free(EVP_MD_CTX* ctx) { EVP_MD_CTX_cleanup(ctx); OPENSSL_free(ctx); } -} +} */ HMAC_CTX* HMAC_CTX_new() { HMAC_CTX* ctx = (HMAC_CTX*)OPENSSL_malloc(sizeof(HMAC_CTX)); diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index b1ec44a6cb0..5fa736b6b6d 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -215,8 +215,8 @@ const SSL_METHOD* TLS_client_method(void); const char* SSL_SESSION_get0_hostname(const SSL_SESSION* s); unsigned char* ASN1_STRING_get0_data(const ASN1_STRING* x); -EVP_MD_CTX* EVP_MD_CTX_new(); -void EVP_MD_CTX_free(EVP_MD_CTX* ctx); +// EVP_MD_CTX* EVP_MD_CTX_new(); +// void EVP_MD_CTX_free(EVP_MD_CTX* ctx); HMAC_CTX* HMAC_CTX_new(); void HMAC_CTX_free(HMAC_CTX* ctx); From 8452a9e3f551b04af3f8d987e06aacc57aa5cd10 Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 15:41:26 +0100 Subject: [PATCH 06/24] Hides methods --- folly/portability/OpenSSL.cpp | 3 ++- folly/portability/OpenSSL.h | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/folly/portability/OpenSSL.cpp b/folly/portability/OpenSSL.cpp index 20cb375b198..122b04b964b 100644 --- a/folly/portability/OpenSSL.cpp +++ b/folly/portability/OpenSSL.cpp @@ -339,7 +339,7 @@ void EVP_MD_CTX_free(EVP_MD_CTX* ctx) { EVP_MD_CTX_cleanup(ctx); OPENSSL_free(ctx); } -} */ +} HMAC_CTX* HMAC_CTX_new() { HMAC_CTX* ctx = (HMAC_CTX*)OPENSSL_malloc(sizeof(HMAC_CTX)); @@ -356,6 +356,7 @@ void HMAC_CTX_free(HMAC_CTX* ctx) { OPENSSL_free(ctx); } } +*/ bool RSA_set0_key(RSA* r, BIGNUM* n, BIGNUM* e, BIGNUM* d) { // Based off of https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index 5fa736b6b6d..08bf5bd87a2 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -218,8 +218,8 @@ unsigned char* ASN1_STRING_get0_data(const ASN1_STRING* x); // EVP_MD_CTX* EVP_MD_CTX_new(); // void EVP_MD_CTX_free(EVP_MD_CTX* ctx); -HMAC_CTX* HMAC_CTX_new(); -void HMAC_CTX_free(HMAC_CTX* ctx); +// HMAC_CTX* HMAC_CTX_new(); +// void HMAC_CTX_free(HMAC_CTX* ctx); unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION* s); int SSL_SESSION_has_ticket(const SSL_SESSION* s); From 3ff0d717aa6bc4821c54dbda73d8533921c11598 Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 15:45:19 +0100 Subject: [PATCH 07/24] OpenSSL --- folly/portability/OpenSSL.cpp | 4 ++-- folly/portability/OpenSSL.h | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/folly/portability/OpenSSL.cpp b/folly/portability/OpenSSL.cpp index 122b04b964b..90a8372448a 100644 --- a/folly/portability/OpenSSL.cpp +++ b/folly/portability/OpenSSL.cpp @@ -122,7 +122,7 @@ EC_KEY* EVP_PKEY_get0_EC_KEY(EVP_PKEY* pkey) { #endif #if !FOLLY_OPENSSL_IS_110 -BIO_METHOD* BIO_meth_new(int type, const char* name) { +/* BIO_METHOD* BIO_meth_new(int type, const char* name) { BIO_METHOD* method = (BIO_METHOD*)OPENSSL_malloc(sizeof(BIO_METHOD)); if (method == nullptr) { return nullptr; @@ -135,7 +135,7 @@ BIO_METHOD* BIO_meth_new(int type, const char* name) { void BIO_meth_free(BIO_METHOD* biom) { OPENSSL_free((void*)biom); -} +} */ int BIO_meth_set_read(BIO_METHOD* biom, int (*read)(BIO*, char*, int)) { biom->bread = read; diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index 08bf5bd87a2..ccbfcc76746 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -194,8 +194,8 @@ EC_KEY* EVP_PKEY_get0_EC_KEY(EVP_PKEY* pkey); #endif #if !FOLLY_OPENSSL_IS_110 -BIO_METHOD* BIO_meth_new(int type, const char* name); -void BIO_meth_free(BIO_METHOD* biom); +// BIO_METHOD* BIO_meth_new(int type, const char* name); +// void BIO_meth_free(BIO_METHOD* biom); int BIO_meth_set_read(BIO_METHOD* biom, int (*read)(BIO*, char*, int)); int BIO_meth_set_write(BIO_METHOD* biom, int (*write)(BIO*, const char*, int)); int BIO_meth_set_puts(BIO_METHOD* biom, int (*bputs)(BIO*, const char*)); From ad93d7549dfa0324a87da24d7ab73a33ccc2d1d8 Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 15:47:25 +0100 Subject: [PATCH 08/24] Methods --- folly/portability/OpenSSL.cpp | 6 +++--- folly/portability/OpenSSL.h | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/folly/portability/OpenSSL.cpp b/folly/portability/OpenSSL.cpp index 90a8372448a..1eca8ee9166 100644 --- a/folly/portability/OpenSSL.cpp +++ b/folly/portability/OpenSSL.cpp @@ -200,9 +200,9 @@ const char* SSL_SESSION_get0_hostname(const SSL_SESSION* s) { return s->tlsext_hostname; } -unsigned char* ASN1_STRING_get0_data(const ASN1_STRING* x) { - return ASN1_STRING_data((ASN1_STRING*)x); -} +// unsigned char* ASN1_STRING_get0_data(const ASN1_STRING* x) { +// return ASN1_STRING_data((ASN1_STRING*)x); +// } int SSL_SESSION_has_ticket(const SSL_SESSION* s) { return (s->tlsext_ticklen > 0) ? 1 : 0; diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index ccbfcc76746..76cf99fdd4b 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -213,7 +213,7 @@ const SSL_METHOD* TLS_server_method(void); const SSL_METHOD* TLS_client_method(void); const char* SSL_SESSION_get0_hostname(const SSL_SESSION* s); -unsigned char* ASN1_STRING_get0_data(const ASN1_STRING* x); +// unsigned char* ASN1_STRING_get0_data(const ASN1_STRING* x); // EVP_MD_CTX* EVP_MD_CTX_new(); // void EVP_MD_CTX_free(EVP_MD_CTX* ctx); From 91fba850f17106653e75f670e87a49f81c8e0015 Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 15:50:00 +0100 Subject: [PATCH 09/24] openSSL --- folly/portability/OpenSSL.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index 76cf99fdd4b..2f6595a2cc6 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -251,8 +251,8 @@ int ECDSA_SIG_set0(ECDSA_SIG* sig, BIGNUM* r, BIGNUM* s); void ECDSA_SIG_get0(const ECDSA_SIG* sig, const BIGNUM** pr, const BIGNUM** ps); using OPENSSL_INIT_SETTINGS = void; -int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS* settings); -void OPENSSL_cleanup(); +// int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS* settings); +// void OPENSSL_cleanup(); const ASN1_INTEGER* X509_REVOKED_get0_serialNumber(const X509_REVOKED* r); const ASN1_TIME* X509_REVOKED_get0_revocationDate(const X509_REVOKED* r); From 245295f9111103b65d35d8db6f721bf58bc67ed8 Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 15:52:28 +0100 Subject: [PATCH 10/24] Logs --- folly/portability/OpenSSL.cpp | 6 +++--- folly/portability/OpenSSL.h | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/folly/portability/OpenSSL.cpp b/folly/portability/OpenSSL.cpp index 1eca8ee9166..ab89afc3df5 100644 --- a/folly/portability/OpenSSL.cpp +++ b/folly/portability/OpenSSL.cpp @@ -512,9 +512,9 @@ const ASN1_TIME* X509_CRL_get0_nextUpdate(const X509_CRL* crl) { return X509_CRL_get_nextUpdate(crl); } -const X509_ALGOR* X509_get0_tbs_sigalg(const X509* x) { - return x->cert_info->signature; -} +// const X509_ALGOR* X509_get0_tbs_sigalg(const X509* x) { +// return x->cert_info->signature; +// } #endif // !FOLLY_OPENSSL_IS_110 } // namespace ssl diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index 2f6595a2cc6..6443b1c7143 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -267,7 +267,7 @@ X509* X509_OBJECT_get0_X509(const X509_OBJECT* obj); const ASN1_TIME* X509_CRL_get0_lastUpdate(const X509_CRL* crl); const ASN1_TIME* X509_CRL_get0_nextUpdate(const X509_CRL* crl); -const X509_ALGOR* X509_get0_tbs_sigalg(const X509* x); +// const X509_ALGOR* X509_get0_tbs_sigalg(const X509* x); #endif From c0cd0866d7d3c332ab9b497c6fc647621b8faeed Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 15:54:37 +0100 Subject: [PATCH 11/24] Hides more methods --- folly/portability/OpenSSL.cpp | 12 ++++++------ folly/portability/OpenSSL.h | 4 ++-- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/folly/portability/OpenSSL.cpp b/folly/portability/OpenSSL.cpp index ab89afc3df5..f4ea668f21e 100644 --- a/folly/portability/OpenSSL.cpp +++ b/folly/portability/OpenSSL.cpp @@ -504,13 +504,13 @@ X509* X509_OBJECT_get0_X509(const X509_OBJECT* obj) { return obj->data.x509; } -const ASN1_TIME* X509_CRL_get0_lastUpdate(const X509_CRL* crl) { - return X509_CRL_get_lastUpdate(crl); -} +// const ASN1_TIME* X509_CRL_get0_lastUpdate(const X509_CRL* crl) { +// return X509_CRL_get_lastUpdate(crl); +// } -const ASN1_TIME* X509_CRL_get0_nextUpdate(const X509_CRL* crl) { - return X509_CRL_get_nextUpdate(crl); -} +// const ASN1_TIME* X509_CRL_get0_nextUpdate(const X509_CRL* crl) { +// return X509_CRL_get_nextUpdate(crl); +// } // const X509_ALGOR* X509_get0_tbs_sigalg(const X509* x) { // return x->cert_info->signature; diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index 6443b1c7143..5161937f5d4 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -264,8 +264,8 @@ uint32_t X509_get_extended_key_usage(X509* x); int X509_OBJECT_get_type(const X509_OBJECT* obj); X509* X509_OBJECT_get0_X509(const X509_OBJECT* obj); -const ASN1_TIME* X509_CRL_get0_lastUpdate(const X509_CRL* crl); -const ASN1_TIME* X509_CRL_get0_nextUpdate(const X509_CRL* crl); +// const ASN1_TIME* X509_CRL_get0_lastUpdate(const X509_CRL* crl); +// const ASN1_TIME* X509_CRL_get0_nextUpdate(const X509_CRL* crl); // const X509_ALGOR* X509_get0_tbs_sigalg(const X509* x); From 8116a8e97aef891fbc56bcb9d6d81e9caeda152d Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 15:58:29 +0100 Subject: [PATCH 12/24] Logs --- folly/portability/OpenSSL.cpp | 18 +++++++++--------- folly/portability/OpenSSL.h | 4 ++-- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/folly/portability/OpenSSL.cpp b/folly/portability/OpenSSL.cpp index f4ea668f21e..f2e1076df9a 100644 --- a/folly/portability/OpenSSL.cpp +++ b/folly/portability/OpenSSL.cpp @@ -493,16 +493,16 @@ uint32_t X509_get_extended_key_usage(X509* x) { return x->ex_xkusage; } -int X509_OBJECT_get_type(const X509_OBJECT* obj) { - return obj->type; -} +// int X509_OBJECT_get_type(const X509_OBJECT* obj) { +// return obj->type; +// } -X509* X509_OBJECT_get0_X509(const X509_OBJECT* obj) { - if (obj == nullptr || obj->type != X509_LU_X509) { - return nullptr; - } - return obj->data.x509; -} +// X509* X509_OBJECT_get0_X509(const X509_OBJECT* obj) { +// if (obj == nullptr || obj->type != X509_LU_X509) { +// return nullptr; +// } +// return obj->data.x509; +// } // const ASN1_TIME* X509_CRL_get0_lastUpdate(const X509_CRL* crl) { // return X509_CRL_get_lastUpdate(crl); diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index 5161937f5d4..1aa3edb990a 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -261,8 +261,8 @@ uint32_t X509_get_extension_flags(X509* x); uint32_t X509_get_key_usage(X509* x); uint32_t X509_get_extended_key_usage(X509* x); -int X509_OBJECT_get_type(const X509_OBJECT* obj); -X509* X509_OBJECT_get0_X509(const X509_OBJECT* obj); +// int X509_OBJECT_get_type(const X509_OBJECT* obj); +// X509* X509_OBJECT_get0_X509(const X509_OBJECT* obj); // const ASN1_TIME* X509_CRL_get0_lastUpdate(const X509_CRL* crl); // const ASN1_TIME* X509_CRL_get0_nextUpdate(const X509_CRL* crl); From c5fbbc0a95e62e834c219623f406d763b083888b Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 16:08:48 +0100 Subject: [PATCH 13/24] Hides openSSL --- folly/portability/OpenSSL.cpp | 6 +++--- folly/portability/OpenSSL.h | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/folly/portability/OpenSSL.cpp b/folly/portability/OpenSSL.cpp index f2e1076df9a..aa374080a51 100644 --- a/folly/portability/OpenSSL.cpp +++ b/folly/portability/OpenSSL.cpp @@ -24,9 +24,9 @@ namespace portability { namespace ssl { #ifdef OPENSSL_IS_BORINGSSL -int SSL_CTX_set1_sigalgs_list(SSL_CTX*, const char*) { - return 1; // 0 implies error -} +// int SSL_CTX_set1_sigalgs_list(SSL_CTX*, const char*) { +// return 1; // 0 implies error +// } int TLS1_get_client_version(SSL* s) { // Note that this isn't the client version, and the API to diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index 1aa3edb990a..848964c0c8f 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -164,7 +164,7 @@ namespace portability { namespace ssl { #ifdef OPENSSL_IS_BORINGSSL -int SSL_CTX_set1_sigalgs_list(SSL_CTX* ctx, const char* sigalgs_list); +// int SSL_CTX_set1_sigalgs_list(SSL_CTX* ctx, const char* sigalgs_list); int TLS1_get_client_version(SSL* s); #endif From 4cda945a351517b1fe6e134653308a7081c77c7c Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 16:10:37 +0100 Subject: [PATCH 14/24] OpenSSL --- folly/portability/OpenSSL.cpp | 6 +++--- folly/portability/OpenSSL.h | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/folly/portability/OpenSSL.cpp b/folly/portability/OpenSSL.cpp index aa374080a51..fecd1f78ba0 100644 --- a/folly/portability/OpenSSL.cpp +++ b/folly/portability/OpenSSL.cpp @@ -212,11 +212,10 @@ unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION* s) { return s->tlsext_tick_lifetime_hint; } +/* // This is taken from OpenSSL 1.1.0 int DH_set0_pqg(DH* dh, BIGNUM* p, BIGNUM* q, BIGNUM* g) { - /* If the fields p and g in d are nullptr, the corresponding input - * parameters MUST not be nullptr. q may remain nullptr. - */ + if (dh == nullptr || (dh->p == nullptr && p == nullptr) || (dh->g == nullptr && g == nullptr)) { return 0; @@ -245,6 +244,7 @@ int DH_set0_pqg(DH* dh, BIGNUM* p, BIGNUM* q, BIGNUM* g) { return 1; } +*/ void DH_get0_pqg( const DH* dh, const BIGNUM** p, const BIGNUM** q, const BIGNUM** g) { diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index 848964c0c8f..d62ce0423b5 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -223,7 +223,7 @@ const char* SSL_SESSION_get0_hostname(const SSL_SESSION* s); unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION* s); int SSL_SESSION_has_ticket(const SSL_SESSION* s); -int DH_set0_pqg(DH* dh, BIGNUM* p, BIGNUM* q, BIGNUM* g); +// int DH_set0_pqg(DH* dh, BIGNUM* p, BIGNUM* q, BIGNUM* g); void DH_get0_pqg( const DH* dh, const BIGNUM** p, const BIGNUM** q, const BIGNUM** g); void DH_get0_key(const DH* dh, const BIGNUM** pub_key, const BIGNUM** priv_key); From f6ce0569fafdabd00136fd6412c45433f8f67b22 Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 16:13:41 +0100 Subject: [PATCH 15/24] adds salt length --- folly/portability/OpenSSL.h | 1 + 1 file changed, 1 insertion(+) diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index d62ce0423b5..7f26e3e5d9e 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -166,6 +166,7 @@ namespace ssl { #ifdef OPENSSL_IS_BORINGSSL // int SSL_CTX_set1_sigalgs_list(SSL_CTX* ctx, const char* sigalgs_list); int TLS1_get_client_version(SSL* s); +#define PKCS5_SALT_LEN 8 #endif #if FOLLY_OPENSSL_IS_100 From d0de8b65fe2385a8197cb83c7f63e6e0a0a03461 Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 16:15:50 +0100 Subject: [PATCH 16/24] Broing SSL --- folly/portability/OpenSSL.cpp | 2 ++ folly/portability/OpenSSL.h | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/folly/portability/OpenSSL.cpp b/folly/portability/OpenSSL.cpp index fecd1f78ba0..7452491b691 100644 --- a/folly/portability/OpenSSL.cpp +++ b/folly/portability/OpenSSL.cpp @@ -474,6 +474,7 @@ const ASN1_TIME* X509_REVOKED_get0_revocationDate(const X509_REVOKED* r) { return r->revocationDate; } +/* uint32_t X509_get_extension_flags(X509* x) { // Tells OpenSSL to load flags X509_check_purpose(x, -1, -1); @@ -492,6 +493,7 @@ uint32_t X509_get_key_usage(X509* x) { uint32_t X509_get_extended_key_usage(X509* x) { return x->ex_xkusage; } +*/ // int X509_OBJECT_get_type(const X509_OBJECT* obj) { // return obj->type; diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index 7f26e3e5d9e..cf08c0d2d9c 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -258,9 +258,9 @@ using OPENSSL_INIT_SETTINGS = void; const ASN1_INTEGER* X509_REVOKED_get0_serialNumber(const X509_REVOKED* r); const ASN1_TIME* X509_REVOKED_get0_revocationDate(const X509_REVOKED* r); -uint32_t X509_get_extension_flags(X509* x); -uint32_t X509_get_key_usage(X509* x); -uint32_t X509_get_extended_key_usage(X509* x); +// uint32_t X509_get_extension_flags(X509* x); +// uint32_t X509_get_key_usage(X509* x); +// uint32_t X509_get_extended_key_usage(X509* x); // int X509_OBJECT_get_type(const X509_OBJECT* obj); // X509* X509_OBJECT_get0_X509(const X509_OBJECT* obj); From ba283a5a34e84045ade2d543d5a01ee34442d1ee Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 16:17:34 +0100 Subject: [PATCH 17/24] FIX --- folly/portability/OpenSSL.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index cf08c0d2d9c..5f611d3c9ee 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -238,6 +238,7 @@ void DSA_get0_key( STACK_OF(X509_OBJECT) * X509_STORE_get0_objects(X509_STORE* store); +/* X509* X509_STORE_CTX_get0_cert(X509_STORE_CTX* ctx); STACK_OF(X509) * X509_STORE_CTX_get0_chain(X509_STORE_CTX* ctx); STACK_OF(X509) * X509_STORE_CTX_get0_untrusted(X509_STORE_CTX* ctx); @@ -250,6 +251,7 @@ void RSA_get0_crt_params( const BIGNUM** iqmp); int ECDSA_SIG_set0(ECDSA_SIG* sig, BIGNUM* r, BIGNUM* s); void ECDSA_SIG_get0(const ECDSA_SIG* sig, const BIGNUM** pr, const BIGNUM** ps); +*/ using OPENSSL_INIT_SETTINGS = void; // int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS* settings); From f7a2f5c07d734db185bde17d217f0de300fbeb22 Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 16:19:12 +0100 Subject: [PATCH 18/24] clmments --- folly/portability/OpenSSL.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index 5f611d3c9ee..4af9eda20f9 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -257,8 +257,8 @@ using OPENSSL_INIT_SETTINGS = void; // int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS* settings); // void OPENSSL_cleanup(); -const ASN1_INTEGER* X509_REVOKED_get0_serialNumber(const X509_REVOKED* r); -const ASN1_TIME* X509_REVOKED_get0_revocationDate(const X509_REVOKED* r); +// const ASN1_INTEGER* X509_REVOKED_get0_serialNumber(const X509_REVOKED* r); +// const ASN1_TIME* X509_REVOKED_get0_revocationDate(const X509_REVOKED* r); // uint32_t X509_get_extension_flags(X509* x); // uint32_t X509_get_key_usage(X509* x); From 07fbb4ec1edfccf8f735bc37d5f50cf0cd6ad9ff Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 16:21:32 +0100 Subject: [PATCH 19/24] set write --- folly/portability/OpenSSL.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index 4af9eda20f9..a4b6b34ff2f 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -198,7 +198,7 @@ EC_KEY* EVP_PKEY_get0_EC_KEY(EVP_PKEY* pkey); // BIO_METHOD* BIO_meth_new(int type, const char* name); // void BIO_meth_free(BIO_METHOD* biom); int BIO_meth_set_read(BIO_METHOD* biom, int (*read)(BIO*, char*, int)); -int BIO_meth_set_write(BIO_METHOD* biom, int (*write)(BIO*, const char*, int)); +// int BIO_meth_set_write(BIO_METHOD* biom, int (*write)(BIO*, const char*, int)); int BIO_meth_set_puts(BIO_METHOD* biom, int (*bputs)(BIO*, const char*)); int BIO_meth_set_gets(BIO_METHOD* biom, int (*bgets)(BIO*, char*, int)); int BIO_meth_set_ctrl(BIO_METHOD* biom, long (*ctrl)(BIO*, int, long, void*)); From 4713445f8fd4ff51da8ab04b24876bd00ea1630d Mon Sep 17 00:00:00 2001 From: christian Date: Sat, 3 Feb 2024 18:11:06 +0100 Subject: [PATCH 20/24] comment --- folly/portability/OpenSSL.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/folly/portability/OpenSSL.cpp b/folly/portability/OpenSSL.cpp index 7452491b691..5788664f632 100644 --- a/folly/portability/OpenSSL.cpp +++ b/folly/portability/OpenSSL.cpp @@ -458,6 +458,7 @@ int OPENSSL_init_ssl(uint64_t, const OPENSSL_INIT_SETTINGS*) { return 1; } +/* void OPENSSL_cleanup() { folly::ssl::detail::cleanupThreadingLocks(); CRYPTO_cleanup_all_ex_data(); @@ -473,6 +474,7 @@ const ASN1_INTEGER* X509_REVOKED_get0_serialNumber(const X509_REVOKED* r) { const ASN1_TIME* X509_REVOKED_get0_revocationDate(const X509_REVOKED* r) { return r->revocationDate; } +*/ /* uint32_t X509_get_extension_flags(X509* x) { From ee49cb272f3d3f6bc80c6db37912f9441bd4de73 Mon Sep 17 00:00:00 2001 From: christian Date: Sun, 4 Feb 2024 13:21:24 +0100 Subject: [PATCH 21/24] Braiser FIX --- folly/io/async/ssl/OpenSSLUtils.cpp | 10 +- folly/portability/OpenSSL.cpp | 160 +--------------------------- folly/portability/OpenSSL.h | 34 +----- 3 files changed, 7 insertions(+), 197 deletions(-) diff --git a/folly/io/async/ssl/OpenSSLUtils.cpp b/folly/io/async/ssl/OpenSSLUtils.cpp index 138d17a3428..f2f12a596c8 100644 --- a/folly/io/async/ssl/OpenSSLUtils.cpp +++ b/folly/io/async/ssl/OpenSSLUtils.cpp @@ -27,6 +27,8 @@ #include #include +#include + namespace { #ifdef OPENSSL_IS_BORINGSSL // BoringSSL doesn't (as of May 2016) export the equivalent @@ -275,19 +277,11 @@ int OpenSSLUtils::getBioShouldRetryWrite(int r) { } void OpenSSLUtils::setBioAppData(BIO* b, void* ptr) { -#ifdef OPENSSL_IS_BORINGSSL - BIO_set_callback_arg(b, static_cast(ptr)); -#else BIO_set_app_data(b, ptr); -#endif } void* OpenSSLUtils::getBioAppData(BIO* b) { -#ifdef OPENSSL_IS_BORINGSSL - return BIO_get_callback_arg(b); -#else return BIO_get_app_data(b); -#endif } NetworkSocket OpenSSLUtils::getBioFd(BIO* b) { diff --git a/folly/portability/OpenSSL.cpp b/folly/portability/OpenSSL.cpp index 5788664f632..c19c012f65d 100644 --- a/folly/portability/OpenSSL.cpp +++ b/folly/portability/OpenSSL.cpp @@ -28,12 +28,7 @@ namespace ssl { // return 1; // 0 implies error // } -int TLS1_get_client_version(SSL* s) { - // Note that this isn't the client version, and the API to - // get this has been hidden. It may be found by parsing the - // ClientHello (there is a callback via the SSL_HANDSHAKE struct) - return s->version; -} + #endif #if FOLLY_OPENSSL_IS_100 @@ -137,9 +132,8 @@ void BIO_meth_free(BIO_METHOD* biom) { OPENSSL_free((void*)biom); } */ -int BIO_meth_set_read(BIO_METHOD* biom, int (*read)(BIO*, char*, int)) { - biom->bread = read; - return 1; +const char* SSL_SESSION_get0_hostname(const SSL_SESSION* s) { + return nullptr; } int BIO_meth_set_write(BIO_METHOD* biom, int (*write)(BIO*, const char*, int)) { @@ -188,29 +182,12 @@ void BIO_set_shutdown(BIO* bio, int shutdown) { bio->shutdown = shutdown; } -const SSL_METHOD* TLS_server_method(void) { - return TLSv1_2_server_method(); -} - -const SSL_METHOD* TLS_client_method(void) { - return TLSv1_2_client_method(); -} - -const char* SSL_SESSION_get0_hostname(const SSL_SESSION* s) { - return s->tlsext_hostname; -} // unsigned char* ASN1_STRING_get0_data(const ASN1_STRING* x) { // return ASN1_STRING_data((ASN1_STRING*)x); // } -int SSL_SESSION_has_ticket(const SSL_SESSION* s) { - return (s->tlsext_ticklen > 0) ? 1 : 0; -} -unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION* s) { - return s->tlsext_tick_lifetime_hint; -} /* // This is taken from OpenSSL 1.1.0 @@ -246,85 +223,6 @@ int DH_set0_pqg(DH* dh, BIGNUM* p, BIGNUM* q, BIGNUM* g) { } */ -void DH_get0_pqg( - const DH* dh, const BIGNUM** p, const BIGNUM** q, const BIGNUM** g) { - // Based off of https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes - if (p != nullptr) { - *p = dh->p; - } - if (q != nullptr) { - *q = dh->q; - } - if (g != nullptr) { - *g = dh->g; - } -} - -void DH_get0_key( - const DH* dh, const BIGNUM** pub_key, const BIGNUM** priv_key) { - // Based off of https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes - if (pub_key != nullptr) { - *pub_key = dh->pub_key; - } - if (priv_key != nullptr) { - *priv_key = dh->priv_key; - } -} - -long DH_get_length(const DH* dh) { - return dh->length; -} - -int DH_set_length(DH* dh, long length) { - if (dh != nullptr) { - dh->length = length; - return 1; - } else { - return 0; - } -} - -void DSA_get0_pqg( - const DSA* dsa, const BIGNUM** p, const BIGNUM** q, const BIGNUM** g) { - // Based off of https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes - if (p != nullptr) { - *p = dsa->p; - } - if (q != nullptr) { - *q = dsa->q; - } - if (g != nullptr) { - *g = dsa->g; - } -} - -void DSA_get0_key( - const DSA* dsa, const BIGNUM** pub_key, const BIGNUM** priv_key) { - // Based off of https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes - if (pub_key != nullptr) { - *pub_key = dsa->pub_key; - } - if (priv_key != nullptr) { - *priv_key = dsa->priv_key; - } -} - -STACK_OF(X509_OBJECT) * X509_STORE_get0_objects(X509_STORE* store) { - return store->objs; -} - -X509* X509_STORE_CTX_get0_cert(X509_STORE_CTX* ctx) { - return ctx->cert; -} - -STACK_OF(X509) * X509_STORE_CTX_get0_chain(X509_STORE_CTX* ctx) { - return X509_STORE_CTX_get_chain(ctx); -} - -STACK_OF(X509) * X509_STORE_CTX_get0_untrusted(X509_STORE_CTX* ctx) { - return ctx->untrusted; -} - /* EVP_MD_CTX* EVP_MD_CTX_new() { EVP_MD_CTX* ctx = (EVP_MD_CTX*)OPENSSL_malloc(sizeof(EVP_MD_CTX)); if (!ctx) { @@ -358,58 +256,6 @@ void HMAC_CTX_free(HMAC_CTX* ctx) { } */ -bool RSA_set0_key(RSA* r, BIGNUM* n, BIGNUM* e, BIGNUM* d) { - // Based off of https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes - /** - * If the fields n and e in r are nullptr, the corresponding input parameters - * MUST be non-nullptr for n and e. d may be left NULL (in case only the - * public key is used). - */ - if ((r->n == nullptr && n == nullptr) || (r->e == nullptr && e == nullptr)) { - return false; - } - if (n != nullptr) { - BN_free(r->n); - r->n = n; - } - if (e != nullptr) { - BN_free(r->e); - r->e = e; - } - if (d != nullptr) { - BN_free(r->d); - r->d = d; - } - return true; -} - -void RSA_get0_factors(const RSA* r, const BIGNUM** p, const BIGNUM** q) { - // Based off of https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes - if (p != nullptr) { - *p = r->p; - } - if (q != nullptr) { - *q = r->q; - } -} - -void RSA_get0_crt_params( - const RSA* r, - const BIGNUM** dmp1, - const BIGNUM** dmq1, - const BIGNUM** iqmp) { - // Based off of https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes - if (dmp1 != nullptr) { - *dmp1 = r->dmp1; - } - if (dmq1 != nullptr) { - *dmq1 = r->dmq1; - } - if (iqmp != nullptr) { - *iqmp = r->iqmp; - } -} - int ECDSA_SIG_set0(ECDSA_SIG* sig, BIGNUM* r, BIGNUM* s) { // Based off of https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes if (r == nullptr || s == nullptr) { diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index a4b6b34ff2f..9893014429f 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -165,8 +165,8 @@ namespace ssl { #ifdef OPENSSL_IS_BORINGSSL // int SSL_CTX_set1_sigalgs_list(SSL_CTX* ctx, const char* sigalgs_list); -int TLS1_get_client_version(SSL* s); #define PKCS5_SALT_LEN 8 +#define ub_common_name 64 #endif #if FOLLY_OPENSSL_IS_100 @@ -197,7 +197,7 @@ EC_KEY* EVP_PKEY_get0_EC_KEY(EVP_PKEY* pkey); #if !FOLLY_OPENSSL_IS_110 // BIO_METHOD* BIO_meth_new(int type, const char* name); // void BIO_meth_free(BIO_METHOD* biom); -int BIO_meth_set_read(BIO_METHOD* biom, int (*read)(BIO*, char*, int)); +// int BIO_meth_set_read(BIO_METHOD* biom, int (*read)(BIO*, char*, int)); // int BIO_meth_set_write(BIO_METHOD* biom, int (*write)(BIO*, const char*, int)); int BIO_meth_set_puts(BIO_METHOD* biom, int (*bputs)(BIO*, const char*)); int BIO_meth_set_gets(BIO_METHOD* biom, int (*bgets)(BIO*, char*, int)); @@ -210,9 +210,6 @@ void* BIO_get_data(BIO* bio); void BIO_set_init(BIO* bio, int init); void BIO_set_shutdown(BIO* bio, int shutdown); -const SSL_METHOD* TLS_server_method(void); -const SSL_METHOD* TLS_client_method(void); - const char* SSL_SESSION_get0_hostname(const SSL_SESSION* s); // unsigned char* ASN1_STRING_get0_data(const ASN1_STRING* x); @@ -222,37 +219,10 @@ const char* SSL_SESSION_get0_hostname(const SSL_SESSION* s); // HMAC_CTX* HMAC_CTX_new(); // void HMAC_CTX_free(HMAC_CTX* ctx); -unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION* s); -int SSL_SESSION_has_ticket(const SSL_SESSION* s); // int DH_set0_pqg(DH* dh, BIGNUM* p, BIGNUM* q, BIGNUM* g); -void DH_get0_pqg( - const DH* dh, const BIGNUM** p, const BIGNUM** q, const BIGNUM** g); -void DH_get0_key(const DH* dh, const BIGNUM** pub_key, const BIGNUM** priv_key); -long DH_get_length(const DH* dh); -int DH_set_length(DH* dh, long length); - -void DSA_get0_pqg( - const DSA* dsa, const BIGNUM** p, const BIGNUM** q, const BIGNUM** g); -void DSA_get0_key( - const DSA* dsa, const BIGNUM** pub_key, const BIGNUM** priv_key); STACK_OF(X509_OBJECT) * X509_STORE_get0_objects(X509_STORE* store); -/* -X509* X509_STORE_CTX_get0_cert(X509_STORE_CTX* ctx); -STACK_OF(X509) * X509_STORE_CTX_get0_chain(X509_STORE_CTX* ctx); -STACK_OF(X509) * X509_STORE_CTX_get0_untrusted(X509_STORE_CTX* ctx); -bool RSA_set0_key(RSA* r, BIGNUM* n, BIGNUM* e, BIGNUM* d); -void RSA_get0_factors(const RSA* r, const BIGNUM** p, const BIGNUM** q); -void RSA_get0_crt_params( - const RSA* r, - const BIGNUM** dmp1, - const BIGNUM** dmq1, - const BIGNUM** iqmp); -int ECDSA_SIG_set0(ECDSA_SIG* sig, BIGNUM* r, BIGNUM* s); -void ECDSA_SIG_get0(const ECDSA_SIG* sig, const BIGNUM** pr, const BIGNUM** ps); -*/ - using OPENSSL_INIT_SETTINGS = void; // int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS* settings); // void OPENSSL_cleanup(); From 8d89c35f88879a35f321d13067ee134e0a0ea8a5 Mon Sep 17 00:00:00 2001 From: christian Date: Sun, 4 Feb 2024 13:30:15 +0100 Subject: [PATCH 22/24] openSSL compatibility --- .gitignore | 2 ++ folly/io/async/ssl/OpenSSLUtils.cpp | 3 +-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 608d825835c..ea396ec4490 100644 --- a/.gitignore +++ b/.gitignore @@ -7,6 +7,8 @@ Makefile.in .libs .deps stamp-h1 +# This is bazel oriented so we are actually checking in an appropriate +# folly-config file. # folly-config.h _configs.sed aclocal.m4 diff --git a/folly/io/async/ssl/OpenSSLUtils.cpp b/folly/io/async/ssl/OpenSSLUtils.cpp index f2f12a596c8..175282730c5 100644 --- a/folly/io/async/ssl/OpenSSLUtils.cpp +++ b/folly/io/async/ssl/OpenSSLUtils.cpp @@ -27,8 +27,6 @@ #include #include -#include - namespace { #ifdef OPENSSL_IS_BORINGSSL // BoringSSL doesn't (as of May 2016) export the equivalent @@ -277,6 +275,7 @@ int OpenSSLUtils::getBioShouldRetryWrite(int r) { } void OpenSSLUtils::setBioAppData(BIO* b, void* ptr) { + // Note(BRAISER) This method and the one below have been added to BORINGSSL very recently. BIO_set_app_data(b, ptr); } From 7ad0b658a33598f95f446ba891141c8aaa35e493 Mon Sep 17 00:00:00 2001 From: christian Date: Sun, 4 Feb 2024 13:33:51 +0100 Subject: [PATCH 23/24] removes commented code --- folly/portability/OpenSSL.cpp | 161 +--------------------------------- folly/portability/OpenSSL.h | 34 +------ 2 files changed, 3 insertions(+), 192 deletions(-) diff --git a/folly/portability/OpenSSL.cpp b/folly/portability/OpenSSL.cpp index c19c012f65d..dc950efa81e 100644 --- a/folly/portability/OpenSSL.cpp +++ b/folly/portability/OpenSSL.cpp @@ -22,15 +22,6 @@ namespace folly { namespace portability { namespace ssl { - -#ifdef OPENSSL_IS_BORINGSSL -// int SSL_CTX_set1_sigalgs_list(SSL_CTX*, const char*) { -// return 1; // 0 implies error -// } - - -#endif - #if FOLLY_OPENSSL_IS_100 uint32_t SSL_CIPHER_get_id(const SSL_CIPHER* c) { return c->id; @@ -117,22 +108,8 @@ EC_KEY* EVP_PKEY_get0_EC_KEY(EVP_PKEY* pkey) { #endif #if !FOLLY_OPENSSL_IS_110 -/* BIO_METHOD* BIO_meth_new(int type, const char* name) { - BIO_METHOD* method = (BIO_METHOD*)OPENSSL_malloc(sizeof(BIO_METHOD)); - if (method == nullptr) { - return nullptr; - } - memset(method, 0, sizeof(BIO_METHOD)); - method->type = type; - method->name = name; - return method; -} - -void BIO_meth_free(BIO_METHOD* biom) { - OPENSSL_free((void*)biom); -} */ - const char* SSL_SESSION_get0_hostname(const SSL_SESSION* s) { + // Note(BRAISER) Seems like this is no way to do this anymore in boringssl. return nullptr; } @@ -182,80 +159,6 @@ void BIO_set_shutdown(BIO* bio, int shutdown) { bio->shutdown = shutdown; } - -// unsigned char* ASN1_STRING_get0_data(const ASN1_STRING* x) { -// return ASN1_STRING_data((ASN1_STRING*)x); -// } - - - -/* -// This is taken from OpenSSL 1.1.0 -int DH_set0_pqg(DH* dh, BIGNUM* p, BIGNUM* q, BIGNUM* g) { - - if (dh == nullptr || (dh->p == nullptr && p == nullptr) || - (dh->g == nullptr && g == nullptr)) { - return 0; - } - - if (p != nullptr) { - BN_free(dh->p); - dh->p = p; - } - if (q != nullptr) { - BN_free(dh->q); - dh->q = q; - } - if (g != nullptr) { - BN_free(dh->g); - dh->g = g; - } - - // In OpenSSL 1.1.0, DH_set0_pqg also sets - // dh->length = BN_num_bits(q) - // With OpenSSL 1.0.2, the output of openssl dhparam -C 2048 doesn't set - // the length field. So as far as the compat lib is concerned, this wrapper - // mimics the functionality of OpenSSL 1.0.2 - // Note: BoringSSL doesn't even have a length field anymore, just something - // called 'priv_length'. Let's not mess with that for now. - - return 1; -} -*/ - -/* EVP_MD_CTX* EVP_MD_CTX_new() { - EVP_MD_CTX* ctx = (EVP_MD_CTX*)OPENSSL_malloc(sizeof(EVP_MD_CTX)); - if (!ctx) { - throw std::runtime_error("Cannot allocate EVP_MD_CTX"); - } - EVP_MD_CTX_init(ctx); - return ctx; -} - -void EVP_MD_CTX_free(EVP_MD_CTX* ctx) { - if (ctx) { - EVP_MD_CTX_cleanup(ctx); - OPENSSL_free(ctx); - } -} - -HMAC_CTX* HMAC_CTX_new() { - HMAC_CTX* ctx = (HMAC_CTX*)OPENSSL_malloc(sizeof(HMAC_CTX)); - if (!ctx) { - throw std::runtime_error("Cannot allocate HMAC_CTX"); - } - HMAC_CTX_init(ctx); - return ctx; -} - -void HMAC_CTX_free(HMAC_CTX* ctx) { - if (ctx) { - HMAC_CTX_cleanup(ctx); - OPENSSL_free(ctx); - } -} -*/ - int ECDSA_SIG_set0(ECDSA_SIG* sig, BIGNUM* r, BIGNUM* s) { // Based off of https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes if (r == nullptr || s == nullptr) { @@ -304,68 +207,6 @@ int OPENSSL_init_ssl(uint64_t, const OPENSSL_INIT_SETTINGS*) { return 1; } -/* -void OPENSSL_cleanup() { - folly::ssl::detail::cleanupThreadingLocks(); - CRYPTO_cleanup_all_ex_data(); - ERR_free_strings(); - EVP_cleanup(); - ERR_clear_error(); -} - -const ASN1_INTEGER* X509_REVOKED_get0_serialNumber(const X509_REVOKED* r) { - return r->serialNumber; -} - -const ASN1_TIME* X509_REVOKED_get0_revocationDate(const X509_REVOKED* r) { - return r->revocationDate; -} -*/ - -/* -uint32_t X509_get_extension_flags(X509* x) { - // Tells OpenSSL to load flags - X509_check_purpose(x, -1, -1); - return x->ex_flags; -} - -uint32_t X509_get_key_usage(X509* x) { - // Call get_extension_flags rather than accessing directly to force loading - // of flags - if ((X509_get_extension_flags(x) & EXFLAG_KUSAGE) == EXFLAG_KUSAGE) { - return x->ex_kusage; - } - return UINT32_MAX; -} - -uint32_t X509_get_extended_key_usage(X509* x) { - return x->ex_xkusage; -} -*/ - -// int X509_OBJECT_get_type(const X509_OBJECT* obj) { -// return obj->type; -// } - -// X509* X509_OBJECT_get0_X509(const X509_OBJECT* obj) { -// if (obj == nullptr || obj->type != X509_LU_X509) { -// return nullptr; -// } -// return obj->data.x509; -// } - -// const ASN1_TIME* X509_CRL_get0_lastUpdate(const X509_CRL* crl) { -// return X509_CRL_get_lastUpdate(crl); -// } - -// const ASN1_TIME* X509_CRL_get0_nextUpdate(const X509_CRL* crl) { -// return X509_CRL_get_nextUpdate(crl); -// } - -// const X509_ALGOR* X509_get0_tbs_sigalg(const X509* x) { -// return x->cert_info->signature; -// } - #endif // !FOLLY_OPENSSL_IS_110 } // namespace ssl } // namespace portability diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index 9893014429f..8b4dbd205bf 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -164,9 +164,8 @@ namespace portability { namespace ssl { #ifdef OPENSSL_IS_BORINGSSL -// int SSL_CTX_set1_sigalgs_list(SSL_CTX* ctx, const char* sigalgs_list); #define PKCS5_SALT_LEN 8 -#define ub_common_name 64 +#define ub_common_name 64 #endif #if FOLLY_OPENSSL_IS_100 @@ -195,10 +194,7 @@ EC_KEY* EVP_PKEY_get0_EC_KEY(EVP_PKEY* pkey); #endif #if !FOLLY_OPENSSL_IS_110 -// BIO_METHOD* BIO_meth_new(int type, const char* name); -// void BIO_meth_free(BIO_METHOD* biom); -// int BIO_meth_set_read(BIO_METHOD* biom, int (*read)(BIO*, char*, int)); -// int BIO_meth_set_write(BIO_METHOD* biom, int (*write)(BIO*, const char*, int)); + int BIO_meth_set_puts(BIO_METHOD* biom, int (*bputs)(BIO*, const char*)); int BIO_meth_set_gets(BIO_METHOD* biom, int (*bgets)(BIO*, char*, int)); int BIO_meth_set_ctrl(BIO_METHOD* biom, long (*ctrl)(BIO*, int, long, void*)); @@ -211,36 +207,10 @@ void BIO_set_init(BIO* bio, int init); void BIO_set_shutdown(BIO* bio, int shutdown); const char* SSL_SESSION_get0_hostname(const SSL_SESSION* s); -// unsigned char* ASN1_STRING_get0_data(const ASN1_STRING* x); - -// EVP_MD_CTX* EVP_MD_CTX_new(); -// void EVP_MD_CTX_free(EVP_MD_CTX* ctx); - -// HMAC_CTX* HMAC_CTX_new(); -// void HMAC_CTX_free(HMAC_CTX* ctx); - -// int DH_set0_pqg(DH* dh, BIGNUM* p, BIGNUM* q, BIGNUM* g); STACK_OF(X509_OBJECT) * X509_STORE_get0_objects(X509_STORE* store); using OPENSSL_INIT_SETTINGS = void; -// int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS* settings); -// void OPENSSL_cleanup(); - -// const ASN1_INTEGER* X509_REVOKED_get0_serialNumber(const X509_REVOKED* r); -// const ASN1_TIME* X509_REVOKED_get0_revocationDate(const X509_REVOKED* r); - -// uint32_t X509_get_extension_flags(X509* x); -// uint32_t X509_get_key_usage(X509* x); -// uint32_t X509_get_extended_key_usage(X509* x); - -// int X509_OBJECT_get_type(const X509_OBJECT* obj); -// X509* X509_OBJECT_get0_X509(const X509_OBJECT* obj); - -// const ASN1_TIME* X509_CRL_get0_lastUpdate(const X509_CRL* crl); -// const ASN1_TIME* X509_CRL_get0_nextUpdate(const X509_CRL* crl); - -// const X509_ALGOR* X509_get0_tbs_sigalg(const X509* x); #endif From 8403dbc74e7d8a6867e4eda8a3a44f0f1b53984c Mon Sep 17 00:00:00 2001 From: Christian Date: Tue, 6 Feb 2024 15:18:44 +0100 Subject: [PATCH 24/24] Comment overloaded method --- folly/portability/OpenSSL.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/folly/portability/OpenSSL.h b/folly/portability/OpenSSL.h index 8b4dbd205bf..62019a4a66c 100644 --- a/folly/portability/OpenSSL.h +++ b/folly/portability/OpenSSL.h @@ -208,8 +208,6 @@ void BIO_set_shutdown(BIO* bio, int shutdown); const char* SSL_SESSION_get0_hostname(const SSL_SESSION* s); -STACK_OF(X509_OBJECT) * X509_STORE_get0_objects(X509_STORE* store); - using OPENSSL_INIT_SETTINGS = void; #endif