- (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h}

openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}] Move the OpenSSL header/library version test into its own function and add tests for it. Fix it to allow fix version upgrades (but not downgrades). Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150). ok djm@ chl@
author: Darren Tucker <dtucker@zip.com.au> 2014-06-17 23:06:07 +1000
committer: Darren Tucker <dtucker@zip.com.au> 2014-06-17 23:06:07 +1000
commit: 316fac6f18f87262a315c79bcf68b9f92c9337e4 (patch)
tree: 4ca56b926c75d844cf69b33461be32ae178e62e7
parent: af665bb7b092a59104db1e65577851cf35b86e32 (diff)
7 files changed, 122 insertions, 16 deletions
diff --git a/ChangeLog b/ChangeLog
index b8b3c0158..f7c5b1297 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+20140617
+ - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h}
+   openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}]
+   Move the OpenSSL header/library version test into its own function and add
+   tests for it. Fix it to allow fix version upgrades (but not downgrades).
+   Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150).
+   ok djm@ chl@
 20140616
 - (dtucker) [defines.h] Fix undef of _PATH_MAILDIR.  From rak at debian via
   OpenSMTPD and chl@
diff --git a/entropy.c b/entropy.c
index 2d483b391..e1a8e142b 100644
--- a/entropy.c
+++ b/entropy.c
@@ -209,16 +209,7 @@ seed_rng(void)
 #ifndef OPENSSL_PRNG_ONLY
        unsigned char buf[RANDOM_SEED_SIZE];
 #endif
-        /*
+        if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER, SSLeay()))
-         * OpenSSL version numbers: MNNFFPPS: major minor fix patch status
-         * We match major, minor, fix and status (not patch) for <1.0.0.
-         * After that, we acceptable compatible fix versions (so we
-         * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed
-         * within a patch series.
-         */
-        u_long version_mask = SSLeay() >= 0x1000000f ?  ~0xffff0L : ~0xff0L;
-        if (((SSLeay() ^ OPENSSL_VERSION_NUMBER) & version_mask) ||
-            (SSLeay() >> 12) < (OPENSSL_VERSION_NUMBER >> 12))
                fatal("OpenSSL version mismatch. Built against %lx, you "
                    "have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay());
diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c
index 885c121f2..0e5f2cea5 100644
--- a/openbsd-compat/openssl-compat.c
+++ b/openbsd-compat/openssl-compat.c
@@ -1,4 +1,4 @@
-/* $Id: openssl-compat.c,v 1.17 2014/02/13 05:38:33 dtucker Exp $ */
+/* $Id: openssl-compat.c,v 1.18 2014/06/17 13:06:08 dtucker Exp $ */
 /*
 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -35,6 +35,41 @@
 #define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
 #include "openssl-compat.h"
+/*
+ * OpenSSL version numbers: MNNFFPPS: major minor fix patch status
+ * We match major, minor, fix and status (not patch) for <1.0.0.
+ * After that, we acceptable compatible fix versions (so we
+ * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed
+ * within a patch series.
+ */
+int
+ssh_compatible_openssl(long headerver, long libver)
+{
+        long mask, hfix, lfix;
+        /* exact match is always OK */
+        if (headerver == libver)
+                return 1;
+        /* for versions < 1.0.0, major,minor,fix,status must match */
+        if (headerver < 0x1000000f) {
+                mask = 0xfffff00fL; /* major,minor,fix,status */
+                return (headerver & mask) == (libver & mask);
+        }
+        
+        /*
+         * For versions >= 1.0.0, major,minor,status must match and library
+         * fix version must be equal to or newer than the header.
+         */
+        mask = 0xfff0000fL; /* major,minor,status */
+        hfix = (headerver & 0x000ff000) >> 12;
+        lfix = (libver & 0x000ff000) >> 12;
+        if ( (headerver & mask) == (libver & mask) && lfix >= hfix)
+                return 1;
+        return 0;
+}
 #ifdef SSH_OLD_EVP
 int
 ssh_EVP_CipherInit(EVP_CIPHER_CTX *evp, const EVP_CIPHER *type,
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h
index 276b9706d..199dcc882 100644
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@@ -1,4 +1,4 @@
-/* $Id: openssl-compat.h,v 1.26 2014/02/13 05:38:33 dtucker Exp $ */
+/* $Id: openssl-compat.h,v 1.27 2014/06/17 13:06:08 dtucker Exp $ */
 /*
 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -22,6 +22,8 @@
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
+int ssh_compatible_openssl(long, long);
 /* Only in 0.9.8 */
 #ifndef OPENSSL_DSA_MAX_MODULUS_BITS
 # define OPENSSL_DSA_MAX_MODULUS_BITS        10000
diff --git a/openbsd-compat/regress/.cvsignore b/openbsd-compat/regress/.cvsignore
index afbf7cc3f..33074f4a3 100644
--- a/openbsd-compat/regress/.cvsignore
+++ b/openbsd-compat/regress/.cvsignore
@@ -2,4 +2,5 @@ Makefile
 snprintftest
 strduptest
 strtonumtest
+closefromtest
+opensslvertest
diff --git a/openbsd-compat/regress/Makefile.in b/openbsd-compat/regress/Makefile.in
index bcf214bd0..dabdb0912 100644
--- a/openbsd-compat/regress/Makefile.in
+++ b/openbsd-compat/regress/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.4 2006/08/19 09:12:14 dtucker Exp $
+# $Id: Makefile.in,v 1.5 2014/06/17 13:06:08 dtucker Exp $
 sysconfdir=@sysconfdir@
 piddir=@piddir@
@@ -16,11 +16,11 @@ LIBS=@LIBS@
 LDFLAGS=@LDFLAGS@ $(LIBCOMPAT)
 TESTPROGS=closefromtest$(EXEEXT) snprintftest$(EXEEXT) strduptest$(EXEEXT) \
-        strtonumtest$(EXEEXT)
+        strtonumtest$(EXEEXT) opensslvertest$(EXEEXT)
 all:    t-exec ${OTHERTESTS}
-%$(EXEEXT):     %.c
+%$(EXEEXT):     %.c $(LIBCOMPAT)
        $(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o $@ $< $(LIBCOMPAT) $(LIBS)
 t-exec: $(TESTPROGS)
diff --git a/openbsd-compat/regress/opensslvertest.c b/openbsd-compat/regress/opensslvertest.c
new file mode 100644
index 000000000..5d019b598
--- /dev/null
+++ b/openbsd-compat/regress/opensslvertest.c
@@ -0,0 +1,69 @@
+/*
+ * Copyright (c) 2014 Darren Tucker
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+#include <stdio.h>
+#include <stdlib.h>
+int ssh_compatible_openssl(long, long);
+struct version_test {
+        long headerver;
+        long libver;
+        int result;
+} version_tests[] = {
+        /* built with 0.9.8b release headers */
+        { 0x0090802fL, 0x0090802fL, 1}, /* exact match */
+        { 0x0090802fL, 0x0090804fL, 1}, /* newer library fix version: ok */
+        { 0x0090802fL, 0x0090801fL, 1}, /* older library fix version: ok */
+        { 0x0090802fL, 0x0090702fL, 0}, /* older library minor version: NO */
+        { 0x0090802fL, 0x0090902fL, 0}, /* newer library minor version: NO */
+        { 0x0090802fL, 0x0080802fL, 0}, /* older library major version: NO */
+        { 0x0090802fL, 0x1000100fL, 0}, /* newer library major version: NO */
+        /* built with 1.0.1b release headers */
+        { 0x1000101fL, 0x1000101fL, 1},/* exact match */
+        { 0x1000101fL, 0x1000102fL, 1}, /* newer library patch version: ok */
+        { 0x1000101fL, 0x1000100fL, 1}, /* older library patch version: ok */
+        { 0x1000101fL, 0x1000201fL, 1}, /* newer library fix version: ok */
+        { 0x1000101fL, 0x1000001fL, 0}, /* older library fix version: NO */
+        { 0x1000101fL, 0x1010101fL, 0}, /* newer library minor version: NO */
+        { 0x1000101fL, 0x0000101fL, 0}, /* older library major version: NO */
+        { 0x1000101fL, 0x2000101fL, 0}, /* newer library major version: NO */
+};
+void
+fail(long hver, long lver, int result)
+{
+        fprintf(stderr, "opensslver: header %lx library %lx != %d \n", hver, lver, result);
+        exit(1);
+}
+int
+main(void)
+{
+        unsigned int i;
+        int res;
+        long hver, lver;
+        for (i = 0; i < sizeof(version_tests) / sizeof(version_tests[0]); i++) {
+                hver = version_tests[i].headerver;
+                lver = version_tests[i].libver;
+                res = version_tests[i].result;
+                if (ssh_compatible_openssl(hver, lver) != res)
+                        fail(hver, lver, res);
+        }
+        exit(0);
+}
author	Darren Tucker <dtucker@zip.com.au>	2014-06-17 23:06:07 +1000
committer	Darren Tucker <dtucker@zip.com.au>	2014-06-17 23:06:07 +1000
commit	316fac6f18f87262a315c79bcf68b9f92c9337e4 (patch)
tree	4ca56b926c75d844cf69b33461be32ae178e62e7
parent	af665bb7b092a59104db1e65577851cf35b86e32 (diff)

diff --git a/ChangeLog b/ChangeLog index b8b3c0158..f7c5b1297 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -1,3 +1,11 @@
		1	20140617
		2	- (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h}
		3	openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}]
		4	Move the OpenSSL header/library version test into its own function and add
		5	tests for it. Fix it to allow fix version upgrades (but not downgrades).
		6	Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150).
		7	ok djm@ chl@
		8
1	20140616	9	20140616
2	- (dtucker) [defines.h] Fix undef of _PATH_MAILDIR. From rak at debian via	10	- (dtucker) [defines.h] Fix undef of _PATH_MAILDIR. From rak at debian via
3	OpenSMTPD and chl@	11	OpenSMTPD and chl@


diff --git a/entropy.c b/entropy.c index 2d483b391..e1a8e142b 100644 --- a/entropy.c +++ b/entropy.c
@@ -209,16 +209,7 @@ seed_rng(void)
209	#ifndef OPENSSL_PRNG_ONLY	209	#ifndef OPENSSL_PRNG_ONLY
210	unsigned char buf[RANDOM_SEED_SIZE];	210	unsigned char buf[RANDOM_SEED_SIZE];
211	#endif	211	#endif
212	/*	212	if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER, SSLeay()))
213	* OpenSSL version numbers: MNNFFPPS: major minor fix patch status
214	* We match major, minor, fix and status (not patch) for <1.0.0.
215	* After that, we acceptable compatible fix versions (so we
216	* allow 1.0.1 to work with 1.0.0). Going backwards is only allowed
217	* within a patch series.
218	*/
219	u_long version_mask = SSLeay() >= 0x1000000f ? ~0xffff0L : ~0xff0L;
220	if (((SSLeay() ^ OPENSSL_VERSION_NUMBER) & version_mask) \|\|
221	(SSLeay() >> 12) < (OPENSSL_VERSION_NUMBER >> 12))
222	fatal("OpenSSL version mismatch. Built against %lx, you "	213	fatal("OpenSSL version mismatch. Built against %lx, you "
223	"have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay());	214	"have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay());
224		215


diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c index 885c121f2..0e5f2cea5 100644 --- a/openbsd-compat/openssl-compat.c +++ b/openbsd-compat/openssl-compat.c
@@ -1,4 +1,4 @@
1	/* $Id: openssl-compat.c,v 1.17 2014/02/13 05:38:33 dtucker Exp $ */	1	/* $Id: openssl-compat.c,v 1.18 2014/06/17 13:06:08 dtucker Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>	4	* Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -35,6 +35,41 @@
35	#define SSH_DONT_OVERLOAD_OPENSSL_FUNCS	35	#define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
36	#include "openssl-compat.h"	36	#include "openssl-compat.h"
37		37
		38	/*
		39	* OpenSSL version numbers: MNNFFPPS: major minor fix patch status
		40	* We match major, minor, fix and status (not patch) for <1.0.0.
		41	* After that, we acceptable compatible fix versions (so we
		42	* allow 1.0.1 to work with 1.0.0). Going backwards is only allowed
		43	* within a patch series.
		44	*/
		45
		46	int
		47	ssh_compatible_openssl(long headerver, long libver)
		48	{
		49	long mask, hfix, lfix;
		50
		51	/* exact match is always OK */
		52	if (headerver == libver)
		53	return 1;
		54
		55	/* for versions < 1.0.0, major,minor,fix,status must match */
		56	if (headerver < 0x1000000f) {
		57	mask = 0xfffff00fL; /* major,minor,fix,status */
		58	return (headerver & mask) == (libver & mask);
		59	}
		60
		61	/*
		62	* For versions >= 1.0.0, major,minor,status must match and library
		63	* fix version must be equal to or newer than the header.
		64	*/
		65	mask = 0xfff0000fL; /* major,minor,status */
		66	hfix = (headerver & 0x000ff000) >> 12;
		67	lfix = (libver & 0x000ff000) >> 12;
		68	if ( (headerver & mask) == (libver & mask) && lfix >= hfix)
		69	return 1;
		70	return 0;
		71	}
		72
38	#ifdef SSH_OLD_EVP	73	#ifdef SSH_OLD_EVP
39	int	74	int
40	ssh_EVP_CipherInit(EVP_CIPHER_CTX evp, const EVP_CIPHER type,	75	ssh_EVP_CipherInit(EVP_CIPHER_CTX evp, const EVP_CIPHER type,


diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h index 276b9706d..199dcc882 100644 --- a/openbsd-compat/openssl-compat.h +++ b/openbsd-compat/openssl-compat.h
@@ -1,4 +1,4 @@
1	/* $Id: openssl-compat.h,v 1.26 2014/02/13 05:38:33 dtucker Exp $ */	1	/* $Id: openssl-compat.h,v 1.27 2014/06/17 13:06:08 dtucker Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>	4	* Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -22,6 +22,8 @@
22	#include <openssl/rsa.h>	22	#include <openssl/rsa.h>
23	#include <openssl/dsa.h>	23	#include <openssl/dsa.h>
24		24
		25	int ssh_compatible_openssl(long, long);
		26
25	/* Only in 0.9.8 */	27	/* Only in 0.9.8 */
26	#ifndef OPENSSL_DSA_MAX_MODULUS_BITS	28	#ifndef OPENSSL_DSA_MAX_MODULUS_BITS
27	# define OPENSSL_DSA_MAX_MODULUS_BITS 10000	29	# define OPENSSL_DSA_MAX_MODULUS_BITS 10000


diff --git a/openbsd-compat/regress/.cvsignore b/openbsd-compat/regress/.cvsignore index afbf7cc3f..33074f4a3 100644 --- a/openbsd-compat/regress/.cvsignore +++ b/openbsd-compat/regress/.cvsignore
@@ -2,4 +2,5 @@ Makefile
2	snprintftest	2	snprintftest
3	strduptest	3	strduptest
4	strtonumtest	4	strtonumtest
5		5	closefromtest
		6	opensslvertest


diff --git a/openbsd-compat/regress/Makefile.in b/openbsd-compat/regress/Makefile.in index bcf214bd0..dabdb0912 100644 --- a/openbsd-compat/regress/Makefile.in +++ b/openbsd-compat/regress/Makefile.in
@@ -1,4 +1,4 @@
1	# $Id: Makefile.in,v 1.4 2006/08/19 09:12:14 dtucker Exp $	1	# $Id: Makefile.in,v 1.5 2014/06/17 13:06:08 dtucker Exp $
2		2
3	sysconfdir=@sysconfdir@	3	sysconfdir=@sysconfdir@
4	piddir=@piddir@	4	piddir=@piddir@
@@ -16,11 +16,11 @@ LIBS=@LIBS@
16	LDFLAGS=@LDFLAGS@ $(LIBCOMPAT)	16	LDFLAGS=@LDFLAGS@ $(LIBCOMPAT)
17		17
18	TESTPROGS=closefromtest$(EXEEXT) snprintftest$(EXEEXT) strduptest$(EXEEXT) \	18	TESTPROGS=closefromtest$(EXEEXT) snprintftest$(EXEEXT) strduptest$(EXEEXT) \
19	strtonumtest$(EXEEXT)	19	strtonumtest$(EXEEXT) opensslvertest$(EXEEXT)
20		20
21	all: t-exec ${OTHERTESTS}	21	all: t-exec ${OTHERTESTS}
22		22
23	%$(EXEEXT): %.c	23	%$(EXEEXT): %.c $(LIBCOMPAT)
24	$(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o $@ $< $(LIBCOMPAT) $(LIBS)	24	$(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o $@ $< $(LIBCOMPAT) $(LIBS)
25		25
26	t-exec: $(TESTPROGS)	26	t-exec: $(TESTPROGS)


diff --git a/openbsd-compat/regress/opensslvertest.c b/openbsd-compat/regress/opensslvertest.c new file mode 100644 index 000000000..5d019b598 --- /dev/null +++ b/openbsd-compat/regress/opensslvertest.c
@@ -0,0 +1,69 @@
		1	/*
		2	* Copyright (c) 2014 Darren Tucker
		3	*
		4	* Permission to use, copy, modify, and distribute this software for any
		5	* purpose with or without fee is hereby granted, provided that the above
		6	* copyright notice and this permission notice appear in all copies.
		7	*
		8	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		9	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		10	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		11	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		12	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		13	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		14	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		15	*/
		16
		17	#include <stdio.h>
		18	#include <stdlib.h>
		19
		20	int ssh_compatible_openssl(long, long);
		21
		22	struct version_test {
		23	long headerver;
		24	long libver;
		25	int result;
		26	} version_tests[] = {
		27	/* built with 0.9.8b release headers */
		28	{ 0x0090802fL, 0x0090802fL, 1}, /* exact match */
		29	{ 0x0090802fL, 0x0090804fL, 1}, /* newer library fix version: ok */
		30	{ 0x0090802fL, 0x0090801fL, 1}, /* older library fix version: ok */
		31	{ 0x0090802fL, 0x0090702fL, 0}, /* older library minor version: NO */
		32	{ 0x0090802fL, 0x0090902fL, 0}, /* newer library minor version: NO */
		33	{ 0x0090802fL, 0x0080802fL, 0}, /* older library major version: NO */
		34	{ 0x0090802fL, 0x1000100fL, 0}, /* newer library major version: NO */
		35
		36	/* built with 1.0.1b release headers */
		37	{ 0x1000101fL, 0x1000101fL, 1},/* exact match */
		38	{ 0x1000101fL, 0x1000102fL, 1}, /* newer library patch version: ok */
		39	{ 0x1000101fL, 0x1000100fL, 1}, /* older library patch version: ok */
		40	{ 0x1000101fL, 0x1000201fL, 1}, /* newer library fix version: ok */
		41	{ 0x1000101fL, 0x1000001fL, 0}, /* older library fix version: NO */
		42	{ 0x1000101fL, 0x1010101fL, 0}, /* newer library minor version: NO */
		43	{ 0x1000101fL, 0x0000101fL, 0}, /* older library major version: NO */
		44	{ 0x1000101fL, 0x2000101fL, 0}, /* newer library major version: NO */
		45	};
		46
		47	void
		48	fail(long hver, long lver, int result)
		49	{
		50	fprintf(stderr, "opensslver: header %lx library %lx != %d \n", hver, lver, result);
		51	exit(1);
		52	}
		53
		54	int
		55	main(void)
		56	{
		57	unsigned int i;
		58	int res;
		59	long hver, lver;
		60
		61	for (i = 0; i < sizeof(version_tests) / sizeof(version_tests[0]); i++) {
		62	hver = version_tests[i].headerver;
		63	lver = version_tests[i].libver;
		64	res = version_tests[i].result;
		65	if (ssh_compatible_openssl(hver, lver) != res)
		66	fail(hver, lver, res);
		67	}
		68	exit(0);
		69	}