From 6ac1cd10ba8a1d92d3858e53a7aea2cf444adf26 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Wed, 2 Sep 2020 16:15:06 +0100 Subject: [PATCH] Fix safestack issues in ssl.h We fix 3 problems with safestack: - Including an openssl header file without linking against libcrypto can cause compilation failures (even if the app does not otherwise need to link against libcrypto). See issue #8102 - Recent changes means that applications in no-deprecated builds will need to include additional macro calls in the source code for all stacks that they need to use - which is an API break. This changes avoids that necessity. - It is not possible to write code using stacks that works in both a no-deprecated and a normal build of OpenSSL. See issue #12707. Fixes #12707 Contains a partial fix for #8102. A similar PR will be needed for hash to fully fix. Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12781) --- .gitignore | 1 + apps/ciphers.c | 2 - apps/s_server.c | 1 - build.info | 2 + fuzz/client.c | 2 - fuzz/server.c | 2 - include/openssl/{ssl.h => ssl.h.in} | 16 ++++- ssl/d1_srtp.c | 2 - ssl/s3_lib.c | 1 - ssl/ssl_ciph.c | 3 - ssl/ssl_lib.c | 2 - ssl/statem/extensions_clnt.c | 2 - ssl/statem/extensions_srvr.c | 1 - ssl/statem/statem_clnt.c | 2 - ssl/statem/statem_lib.c | 1 - ssl/statem/statem_srvr.c | 2 - ssl/t1_lib.c | 1 - test/cipherbytes_test.c | 2 - test/cipherlist_test.c | 2 - test/ciphername_test.c | 2 - test/dtls_mtu_test.c | 2 - test/sslcorrupttest.c | 2 - test/ssltest_old.c | 1 - util/perl/OpenSSL/stackhash.pm | 92 +++++++++++++++++++++++++++++ 24 files changed, 108 insertions(+), 38 deletions(-) rename include/openssl/{ssl.h => ssl.h.in} (99%) create mode 100644 util/perl/OpenSSL/stackhash.pm diff --git a/.gitignore b/.gitignore index ecbc524829..498d3aeffa 100644 --- a/.gitignore +++ b/.gitignore @@ -25,6 +25,7 @@ /include/openssl/configuration.h /include/openssl/opensslv.h /include/openssl/fipskey.h +/include/openssl/ssl.h # Auto generated doc files doc/man1/openssl-*.pod diff --git a/apps/ciphers.c b/apps/ciphers.c index 380091f16f..500b416046 100644 --- a/apps/ciphers.c +++ b/apps/ciphers.c @@ -15,8 +15,6 @@ #include #include -DEFINE_STACK_OF_CONST(SSL_CIPHER) - typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_STDNAME, diff --git a/apps/s_server.c b/apps/s_server.c index 4c2e5b27f7..f1ea550fed 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -63,7 +63,6 @@ typedef unsigned int u_int; DEFINE_STACK_OF(X509_EXTENSION) DEFINE_STACK_OF(X509_CRL) DEFINE_STACK_OF(X509) -DEFINE_STACK_OF(SSL_CIPHER) DEFINE_STACK_OF_STRING() static int not_resumable_sess_cb(SSL *s, int is_forward_secure); diff --git a/build.info b/build.info index 1c6787c800..c1933bf73c 100644 --- a/build.info +++ b/build.info @@ -15,12 +15,14 @@ DEPEND[libssl]=libcrypto # unconditionally before anything else. DEPEND[]=include/openssl/configuration.h include/openssl/opensslv.h \ include/openssl/fipskey.h \ + include/openssl/ssl.h \ include/crypto/bn_conf.h include/crypto/dso_conf.h \ doc/man7/openssl_user_macros.pod GENERATE[include/openssl/configuration.h]=include/openssl/configuration.h.in GENERATE[include/openssl/opensslv.h]=include/openssl/opensslv.h.in GENERATE[include/openssl/fipskey.h]=include/openssl/fipskey.h.in +GENERATE[include/openssl/ssl.h]=include/openssl/ssl.h.in GENERATE[include/crypto/bn_conf.h]=include/crypto/bn_conf.h.in GENERATE[include/crypto/dso_conf.h]=include/crypto/dso_conf.h.in GENERATE[doc/man7/openssl_user_macros.pod]=doc/man7/openssl_user_macros.pod.in diff --git a/fuzz/client.c b/fuzz/client.c index 01bd70a49f..2c2cd90fb8 100644 --- a/fuzz/client.c +++ b/fuzz/client.c @@ -20,8 +20,6 @@ #include "rand.inc" -DEFINE_STACK_OF(SSL_COMP) - /* unused, to avoid warning. */ static int idx; diff --git a/fuzz/server.c b/fuzz/server.c index f00029b0a9..8123c90994 100644 --- a/fuzz/server.c +++ b/fuzz/server.c @@ -24,8 +24,6 @@ #include "rand.inc" -DEFINE_STACK_OF(SSL_COMP) - static const uint8_t kCertificateDER[] = { 0x30, 0x82, 0x02, 0xff, 0x30, 0x82, 0x01, 0xe7, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x11, 0x00, 0xb1, 0x84, 0xee, 0x34, 0x99, 0x98, 0x76, 0xfb, diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h.in similarity index 99% rename from include/openssl/ssl.h rename to include/openssl/ssl.h.in index 0b17f22193..264b7eddb7 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h.in @@ -1,4 +1,6 @@ /* + * {- join("\n * ", @autowarntext) -} + * * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * Copyright 2005 Nokia. All rights reserved. @@ -9,6 +11,10 @@ * https://www.openssl.org/source/license.html */ +{- +use OpenSSL::stackhash qw(generate_stack_macros generate_const_stack_macros); +-} + #ifndef OPENSSL_SSL_H # define OPENSSL_SSL_H # pragma once @@ -240,7 +246,9 @@ typedef struct srtp_protection_profile_st { const char *name; unsigned long id; } SRTP_PROTECTION_PROFILE; -DEFINE_OR_DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE) +{- + generate_stack_macros("SRTP_PROTECTION_PROFILE"); +-} typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data, @@ -980,8 +988,10 @@ extern "C" { * These need to be after the above set of includes due to a compiler bug * in VisualStudio 2015 */ -DEFINE_OR_DECLARE_STACK_OF(SSL_CIPHER) -DEFINE_OR_DECLARE_STACK_OF(SSL_COMP) +{- + generate_const_stack_macros("SSL_CIPHER") + .generate_stack_macros("SSL_COMP"); +-} /* compatibility */ # define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)(arg))) diff --git a/ssl/d1_srtp.c b/ssl/d1_srtp.c index 66c1b54eeb..87fb4a243d 100644 --- a/ssl/d1_srtp.c +++ b/ssl/d1_srtp.c @@ -19,8 +19,6 @@ #ifndef OPENSSL_NO_SRTP -DEFINE_STACK_OF(SRTP_PROTECTION_PROFILE) - static SRTP_PROTECTION_PROFILE srtp_known_profiles[] = { { "SRTP_AES128_CM_SHA1_80", diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 8f5aaaf942..c49f2118ca 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -22,7 +22,6 @@ DEFINE_STACK_OF(X509_NAME) DEFINE_STACK_OF(X509) -DEFINE_STACK_OF_CONST(SSL_CIPHER) #define TLS13_NUM_CIPHERS OSSL_NELEM(tls13_ciphers) #define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers) diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 64d773acbd..05add36d47 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -25,9 +25,6 @@ #include "internal/thread_once.h" #include "internal/cryptlib.h" -DEFINE_STACK_OF(SSL_COMP) -DEFINE_STACK_OF_CONST(SSL_CIPHER) - /* NB: make sure indices in these tables match values above */ typedef struct { diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index a036ac29e9..139fd628af 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -30,10 +30,8 @@ DEFINE_STACK_OF(X509) DEFINE_STACK_OF(X509_NAME) -DEFINE_STACK_OF_CONST(SSL_CIPHER) DEFINE_STACK_OF(X509_EXTENSION) DEFINE_STACK_OF(OCSP_RESPID) -DEFINE_STACK_OF(SRTP_PROTECTION_PROFILE) DEFINE_STACK_OF(SCT) static int ssl_undefined_function_1(SSL *ssl, SSL3_RECORD *r, size_t s, int t, diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index abff069ec9..f8ae0612e3 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -12,8 +12,6 @@ #include "internal/cryptlib.h" #include "statem_local.h" -DEFINE_STACK_OF(SRTP_PROTECTION_PROFILE) -DEFINE_STACK_OF_CONST(SSL_CIPHER) DEFINE_STACK_OF(OCSP_RESPID) EXT_RETURN tls_construct_ctos_renegotiate(SSL *s, WPACKET *pkt, diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index b5cd34b646..c686d00f0e 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -12,7 +12,6 @@ #include "statem_local.h" #include "internal/cryptlib.h" -DEFINE_STACK_OF(SRTP_PROTECTION_PROFILE) DEFINE_STACK_OF(OCSP_RESPID) DEFINE_STACK_OF(X509_EXTENSION) diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 0780e5fc9a..f8a3d25c08 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -29,8 +29,6 @@ #include DEFINE_STACK_OF(X509) -DEFINE_STACK_OF(SSL_COMP) -DEFINE_STACK_OF_CONST(SSL_CIPHER) static MSG_PROCESS_RETURN tls_process_as_hello_retry_request(SSL *s, PACKET *pkt); static MSG_PROCESS_RETURN tls_process_encrypted_extensions(SSL *s, PACKET *pkt); diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index e0ff00d1b8..79195b2aa2 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -23,7 +23,6 @@ DEFINE_STACK_OF(X509) DEFINE_STACK_OF(X509_NAME) -DEFINE_STACK_OF_CONST(SSL_CIPHER) /* * Map error codes to TLS/SSL alart types. diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index c46254c858..f42e7865eb 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -27,8 +27,6 @@ #include DEFINE_STACK_OF(X509) -DEFINE_STACK_OF(SSL_COMP) -DEFINE_STACK_OF_CONST(SSL_CIPHER) #define TICKET_NONCE_SIZE 8 diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index bf955bf3ec..702622487f 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -28,7 +28,6 @@ #include "ssl_local.h" #include -DEFINE_STACK_OF_CONST(SSL_CIPHER) DEFINE_STACK_OF(X509) DEFINE_STACK_OF(X509_NAME) diff --git a/test/cipherbytes_test.c b/test/cipherbytes_test.c index cbbfff2a41..ed4eacbdf3 100644 --- a/test/cipherbytes_test.c +++ b/test/cipherbytes_test.c @@ -21,8 +21,6 @@ #include "internal/nelem.h" #include "testutil.h" -DEFINE_STACK_OF(SSL_CIPHER) - static SSL_CTX *ctx; static SSL *s; diff --git a/test/cipherlist_test.c b/test/cipherlist_test.c index 0f337b4054..380f0727fc 100644 --- a/test/cipherlist_test.c +++ b/test/cipherlist_test.c @@ -21,8 +21,6 @@ #include "internal/nelem.h" #include "testutil.h" -DEFINE_STACK_OF_CONST(SSL_CIPHER) - typedef struct cipherlist_test_fixture { const char *test_case_name; SSL_CTX *server; diff --git a/test/ciphername_test.c b/test/ciphername_test.c index c82a164827..c4ec6cadd7 100644 --- a/test/ciphername_test.c +++ b/test/ciphername_test.c @@ -22,8 +22,6 @@ #include "internal/nelem.h" #include "testutil.h" -DEFINE_STACK_OF(SSL_CIPHER) - typedef struct cipher_id_name { int id; const char *name; diff --git a/test/dtls_mtu_test.c b/test/dtls_mtu_test.c index b0730077b7..588ca32c79 100644 --- a/test/dtls_mtu_test.c +++ b/test/dtls_mtu_test.c @@ -20,8 +20,6 @@ /* for SSL_READ_ETM() */ #include "../ssl/ssl_local.h" -DEFINE_STACK_OF(SSL_CIPHER) - static int debug = 0; static unsigned int clnt_psk_callback(SSL *ssl, const char *hint, diff --git a/test/sslcorrupttest.c b/test/sslcorrupttest.c index 641ecf331d..ca9e8bfd73 100644 --- a/test/sslcorrupttest.c +++ b/test/sslcorrupttest.c @@ -11,8 +11,6 @@ #include "ssltestlib.h" #include "testutil.h" -DEFINE_STACK_OF(SSL_CIPHER) - static int docorrupt = 0; static void copy_flags(BIO *bio) diff --git a/test/ssltest_old.c b/test/ssltest_old.c index 4f340fc2e0..88aef5e896 100644 --- a/test/ssltest_old.c +++ b/test/ssltest_old.c @@ -81,7 +81,6 @@ # include #endif -DEFINE_STACK_OF(SSL_COMP) DEFINE_STACK_OF_STRING() static SSL_CTX *s_ctx = NULL; diff --git a/util/perl/OpenSSL/stackhash.pm b/util/perl/OpenSSL/stackhash.pm new file mode 100644 index 0000000000..d8ca76aa91 --- /dev/null +++ b/util/perl/OpenSSL/stackhash.pm @@ -0,0 +1,92 @@ +#! /usr/bin/env perl +# Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the Apache License 2.0 (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +package OpenSSL::stackhash; + +use strict; +use warnings; + +require Exporter; +our @ISA = qw(Exporter); +our @EXPORT_OK = qw(generate_stack_macros generate_const_stack_macros); + +sub generate_stack_macros_int { + my $nametype = shift; + my $realtype = shift; + my $plaintype = shift; + + my $macros = <