Enable building with older openssl (at least 0.9.8e). Add variants of missing functions in older openssl versions. Allow proper linking with libraries in alternate locations and setting RUNPATH. Increase hash rounds for nonce generation.
This commit is contained in:
parent
16b1d9e7a3
commit
a8fd60fb06
5 changed files with 157 additions and 9 deletions
|
@ -147,12 +147,12 @@ COMMON_CPPFLAGS = -I. -I./lzma -I./lzfx -I./lz4 -I./rabin -I./bsdiff -DNODEFAULT
|
|||
-DFILE_OFFSET_BITS=64 -D_REENTRANT -D__USE_SSE_INTRIN__ -D_LZMA_PROB32 \
|
||||
-I./lzp @LIBBSCCPPFLAGS@ -I./crypto/skein -I./utils -I./crypto/sha2 \
|
||||
-I./crypto/scrypt -I./crypto/aes -I./crypto @KEYLEN@ \
|
||||
-I./crypto/keccak -I./transpose $(EXTRA_CPPFLAGS) -pedantic -Wall -Werror -std=gnu99 \
|
||||
-I./crypto/keccak -I./transpose $(EXTRA_CPPFLAGS) -pedantic -Wall -std=gnu99 \
|
||||
-fno-strict-aliasing -Wno-unused-but-set-variable -Wno-enum-compare
|
||||
COMMON_VEC_FLAGS = -ftree-vectorize
|
||||
COMMON_LOOP_OPTFLAGS = $(VEC_FLAGS) -floop-interchange -floop-block
|
||||
LDLIBS = -ldl -L@LIBBZ2_DIR@ -lbz2 -L@LIBZ_DIR@ -lz -lm @LIBBSCLFLAGS@ \
|
||||
-L@OPENSSL_LIBDIR@ -lcrypto -lrt $(EXTRA_LDFLAGS)
|
||||
LDLIBS = -ldl -L./buildtmp -Wl,-R@LIBBZ2_DIR@ -lbz2 -L./buildtmp -Wl,-R@LIBZ_DIR@ -lz -lm @LIBBSCLFLAGS@ \
|
||||
-L./buildtmp -Wl,-R@OPENSSL_LIBDIR@ -lcrypto -lrt $(EXTRA_LDFLAGS)
|
||||
OBJS = $(MAINOBJS) $(LZMAOBJS) $(PPMDOBJS) $(LZFXOBJS) $(LZ4OBJS) $(CRCOBJS) \
|
||||
$(RABINOBJS) $(BSDIFFOBJS) $(LZPOBJS) $(DELTA2OBJS) @LIBBSCWRAPOBJ@ $(SKEINOBJS) \
|
||||
$(SKEIN_BLOCK_OBJ) @SHA256ASM_OBJS@ @SHA256_OBJS@ $(KECCAK_OBJS) $(KECCAK_OBJS_ASM) \
|
||||
|
@ -270,6 +270,7 @@ clean:
|
|||
$(RM) $(PROG) $(OBJS) $(BAKFILES)
|
||||
$(RM) test.log
|
||||
$(RM_RF) test/datafiles
|
||||
$(RM_RF) buildtmp
|
||||
|
||||
distclean: clean
|
||||
$(RM) Makefile
|
||||
|
|
74
config
74
config
|
@ -54,6 +54,9 @@ m64_flag=
|
|||
zlib_prefix=
|
||||
bzlib_prefix=
|
||||
|
||||
rm -rf ./buildtmp
|
||||
mkdir ./buildtmp
|
||||
|
||||
# Try a simple compilation
|
||||
cat << _EOF > tst.c
|
||||
#include <stdio.h>
|
||||
|
@ -236,12 +239,14 @@ do
|
|||
then
|
||||
if [ -f "${lib}/libcrypto.so" -o -h "${lib}/libcrypto.so" ]
|
||||
then
|
||||
openssl_libdir=${lib}
|
||||
openssl_libdir="${lib}"
|
||||
(cd ./buildtmp; ln -s ${openssl_libdir}/libcrypto.so)
|
||||
break
|
||||
else
|
||||
if [ -f "${lib}/libcrypto.a" ]
|
||||
then
|
||||
openssl_libdir=${lib}
|
||||
openssl_libdir="${lib}"
|
||||
(cd ./buildtmp; ln -s ${openssl_libdir}/libcrypto.a)
|
||||
break
|
||||
fi
|
||||
fi
|
||||
|
@ -280,6 +285,65 @@ then
|
|||
fi
|
||||
|
||||
|
||||
# Check for OpenSSL version
|
||||
cat << __EOF > tst.c
|
||||
#include <stdlib.h>
|
||||
#include <openssl/opensslv.h>
|
||||
|
||||
int
|
||||
main(void)
|
||||
{
|
||||
if (OPENSSL_VERSION_NUMBER < 0x0090805fL)
|
||||
exit (1);
|
||||
return (0);
|
||||
}
|
||||
__EOF
|
||||
|
||||
gcc ${m64_flag} -I${openssl_incdir} -L${openssl_libdir} tst.c -o tst
|
||||
if [ $? -ne 0 ]
|
||||
then
|
||||
echo "Unable to compile OpenSSL test program please check OpenSSL installation."
|
||||
exit 1
|
||||
fi
|
||||
./tst
|
||||
if [ $? -ne 0 ]
|
||||
then
|
||||
echo "OpenSSL version too old. At least version 0.9.8e is required.\n"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check for HMAC_CTX_copy function
|
||||
cat << __EOF > tst.c
|
||||
#include <stdlib.h>
|
||||
#include <openssl/sha.h>
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/hmac.h>
|
||||
|
||||
int
|
||||
main(void)
|
||||
{
|
||||
unsigned char key[16];
|
||||
HMAC_CTX *ctx = (HMAC_CTX *)malloc(sizeof (HMAC_CTX));
|
||||
HMAC_CTX *ctx1 = (HMAC_CTX *)malloc(sizeof (HMAC_CTX));
|
||||
|
||||
HMAC_CTX_init(ctx);
|
||||
HMAC_Init_ex(ctx, key, 16, EVP_sha256(), NULL);
|
||||
HMAC_CTX_copy(ctx1, ctx);
|
||||
|
||||
return (0);
|
||||
}
|
||||
__EOF
|
||||
|
||||
gcc ${m64_flag} -I${openssl_incdir} -L${openssl_libdir} -O0 -g tst.c -o tst -lcrypto >/dev/null 2>&1
|
||||
if [ $? -ne 0 ]
|
||||
then
|
||||
openssl_incdir="${openssl_incdir} -D__OSSL_OLD__"
|
||||
fi
|
||||
|
||||
rm -f tst*
|
||||
openssl_libdir="${openssl_libdir},--enable-new-dtags"
|
||||
|
||||
# Detect other library packages
|
||||
for libspec in "libbz2:${bzlib_prefix}" "libz:${zlib_prefix}"
|
||||
do
|
||||
|
@ -306,12 +370,14 @@ do
|
|||
then
|
||||
if [ -f "${lib}/${libname}.so" -o -h "${lib}/${libname}.so" ]
|
||||
then
|
||||
eval "${libname}_libdir=${lib}"
|
||||
eval "${libname}_libdir=${lib},--enable-new-dtags"
|
||||
(cd ./buildtmp; ln -s ${lib}/${libname}.so)
|
||||
break
|
||||
else
|
||||
if [ -f "${lib}/${libname}.a" ]
|
||||
then
|
||||
eval "${libname}_libdir=${lib}"
|
||||
eval "${libname}_libdir=${lib},--enable-new-dtags"
|
||||
(cd ./buildtmp; ln -s ${lib}/${libname}.a)
|
||||
break
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -38,7 +38,7 @@ extern "C" {
|
|||
#ifndef KEYLEN
|
||||
#define KEYLEN 16
|
||||
#endif
|
||||
#define PBE_ROUNDS 100
|
||||
#define PBE_ROUNDS 1000
|
||||
|
||||
typedef struct {
|
||||
uint64_t nonce;
|
||||
|
|
|
@ -73,6 +73,79 @@ extern uint64_t lzma_crc64(const uint8_t *buf, uint64_t size, uint64_t crc);
|
|||
extern uint64_t lzma_crc64_8bchk(const uint8_t *buf, uint64_t size,
|
||||
uint64_t crc, uint64_t *cnt);
|
||||
|
||||
#ifdef __OSSL_OLD__
|
||||
int
|
||||
HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
|
||||
{
|
||||
if (!EVP_MD_CTX_copy(&dctx->i_ctx, &sctx->i_ctx))
|
||||
return (0);
|
||||
if (!EVP_MD_CTX_copy(&dctx->o_ctx, &sctx->o_ctx))
|
||||
return (0);
|
||||
if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx))
|
||||
return (0);
|
||||
|
||||
memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK);
|
||||
dctx->key_length = sctx->key_length;
|
||||
dctx->md = sctx->md;
|
||||
return (1);
|
||||
}
|
||||
|
||||
int
|
||||
PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
|
||||
const unsigned char *salt, int saltlen, int iter,
|
||||
const EVP_MD *digest,
|
||||
int keylen, unsigned char *out)
|
||||
{
|
||||
unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
|
||||
int cplen, j, k, tkeylen, mdlen;
|
||||
unsigned long i = 1;
|
||||
HMAC_CTX hctx;
|
||||
|
||||
mdlen = EVP_MD_size(digest);
|
||||
if (mdlen < 0)
|
||||
return 0;
|
||||
|
||||
HMAC_CTX_init(&hctx);
|
||||
p = out;
|
||||
tkeylen = keylen;
|
||||
if(!pass)
|
||||
passlen = 0;
|
||||
else if(passlen == -1)
|
||||
passlen = strlen(pass);
|
||||
while(tkeylen)
|
||||
{
|
||||
if(tkeylen > mdlen)
|
||||
cplen = mdlen;
|
||||
else
|
||||
cplen = tkeylen;
|
||||
/* We are unlikely to ever use more than 256 blocks (5120 bits!)
|
||||
* but just in case...
|
||||
*/
|
||||
itmp[0] = (unsigned char)((i >> 24) & 0xff);
|
||||
itmp[1] = (unsigned char)((i >> 16) & 0xff);
|
||||
itmp[2] = (unsigned char)((i >> 8) & 0xff);
|
||||
itmp[3] = (unsigned char)(i & 0xff);
|
||||
HMAC_Init_ex(&hctx, pass, passlen, digest, NULL);
|
||||
HMAC_Update(&hctx, salt, saltlen);
|
||||
HMAC_Update(&hctx, itmp, 4);
|
||||
HMAC_Final(&hctx, digtmp, NULL);
|
||||
memcpy(p, digtmp, cplen);
|
||||
for(j = 1; j < iter; j++)
|
||||
{
|
||||
HMAC(digest, pass, passlen,
|
||||
digtmp, mdlen, digtmp, NULL);
|
||||
for(k = 0; k < cplen; k++)
|
||||
p[k] ^= digtmp[k];
|
||||
}
|
||||
tkeylen-= cplen;
|
||||
i++;
|
||||
p+= cplen;
|
||||
}
|
||||
HMAC_CTX_cleanup(&hctx);
|
||||
return (1);
|
||||
}
|
||||
#endif
|
||||
|
||||
int
|
||||
compute_checksum(uchar_t *cksum_buf, int cksum, uchar_t *buf, uint64_t bytes)
|
||||
{
|
||||
|
@ -360,14 +433,22 @@ hmac_update(mac_ctx_t *mctx, uchar_t *data, uint64_t len)
|
|||
|
||||
} else if (cksum == CKSUM_SHA256 || cksum == CKSUM_CRC64) {
|
||||
if (cksum_provider == PROVIDER_OPENSSL) {
|
||||
#ifndef __OSSL_OLD__
|
||||
if (HMAC_Update((HMAC_CTX *)(mctx->mac_ctx), data, len) == 0)
|
||||
return (-1);
|
||||
#else
|
||||
HMAC_Update((HMAC_CTX *)(mctx->mac_ctx), data, len);
|
||||
#endif
|
||||
} else {
|
||||
opt_HMAC_SHA256_Update((HMAC_SHA256_Context *)(mctx->mac_ctx), data, len);
|
||||
}
|
||||
} else if (cksum == CKSUM_SHA512) {
|
||||
#ifndef __OSSL_OLD__
|
||||
if (HMAC_Update((HMAC_CTX *)(mctx->mac_ctx), data, len) == 0)
|
||||
return (-1);
|
||||
#else
|
||||
HMAC_Update((HMAC_CTX *)(mctx->mac_ctx), data, len);
|
||||
#endif
|
||||
|
||||
} else if (cksum == CKSUM_KECCAK256 || cksum == CKSUM_KECCAK512) {
|
||||
// Keccak takes data length in bits so we have to scale
|
||||
|
|
2
main.c
2
main.c
|
@ -620,7 +620,7 @@ start_decompress(const char *filename, const char *to_filename)
|
|||
struct wdata w;
|
||||
int compfd = -1, i, p;
|
||||
int uncompfd = -1, err, np, bail;
|
||||
int nprocs, thread = 0, level;
|
||||
int nprocs = 1, thread = 0, level;
|
||||
short version, flags;
|
||||
int64_t chunksize, compressed_chunksize;
|
||||
struct cmp_data **dary, *tdat;
|
||||
|
|
Loading…
Reference in a new issue