Statically link the legacy provider to endecode_test

We already statically link libcrypto to endecode_test even in a "shared"
build. This can cause problems on some platforms with tests that load the
legacy provider which is dynamically linked to libcrypto. Two versions of
libcrypto are then linked to the same executable which can lead to crashes.

Fixes #17059

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17345)

(cherry picked from commit 7ee992a5d931ab5ad9df00d2d8e47e1b7a72d7ac)
Reviewed-by: Hugo Landau <hlandau@openssl.org>

diff --git a/crypto/build.info b/crypto/build.info
index c04db5591120df945972de3e801aaa32bcbf3241..a45bf8deefd5fe5b3f1398372fe844196668b3b7 100644 (file)
--- a/crypto/build.info
+++ b/crypto/build.info
@@ -74,8 +74,8 @@ DEFINE[../providers/libfips.a]=$CPUIDDEF
 # already gets everything that the static libcrypto.a has, and doesn't need it
 # added again.
 IF[{- !$disabled{module} && !$disabled{shared} -}]
-  SOURCE[../providers/liblegacy.a]=$CPUID_COMMON
-  DEFINE[../providers/liblegacy.a]=$CPUIDDEF
+  SOURCE[../providers/legacy]=$CPUID_COMMON
+  DEFINE[../providers/legacy]=$CPUIDDEF
 ENDIF
 
 # Implementations are now spread across several libraries, so the CPUID define

diff --git a/test/build.info b/test/build.info
index 4b3b5efe673efecf26fdff0b0b466de9c50cf05b..3d7e2aac8bebb48d0c6afdf16f7ae50b62f35aa6 100644 (file)
--- a/test/build.info
+++ b/test/build.info
@@ -881,6 +881,14 @@ IF[{- !$disabled{tests} -}]
   SOURCE[endecode_test]=endecode_test.c helpers/predefined_dhparams.c
   INCLUDE[endecode_test]=.. ../include ../apps/include
   DEPEND[endecode_test]=../libcrypto.a libtestutil.a
+  IF[{- !$disabled{module} && !$disabled{legacy} -}]
+    DEFINE[endecode_test]=STATIC_LEGACY
+    SOURCE[endecode_test]=../providers/legacyprov.c
+    INCLUDE[endecode_test]=../providers/common/include \
+                           ../providers/implementations/include
+    DEPEND[endecode_test]=../providers/liblegacy.a \
+                          ../providers/libcommon.a
+  ENDIF
 
   IF[{- !$disabled{'deprecated-3.0'} -}]
     PROGRAMS{noinst}=endecoder_legacy_test

diff --git a/test/endecode_test.c b/test/endecode_test.c
index e3f7b81f6930777cc86a3b4ef184fa0744c7eb56..14648287eb2d85d2a32b4a794af7607facc77d8b 100644 (file)
--- a/test/endecode_test.c
+++ b/test/endecode_test.c
@@ -26,6 +26,10 @@
 #include "helpers/predefined_dhparams.h"
 #include "testutil.h"
 
+#ifdef STATIC_LEGACY
+OSSL_provider_init_fn ossl_legacy_provider_init;
+#endif
+
 /* Extended test macros to allow passing file & line number */
 #define TEST_FL_ptr(a)               test_ptr(file, line, #a, a)
 #define TEST_FL_mem_eq(a, m, b, n)   test_mem_eq(file, line, #a, #b, a, m, b, n)
@@ -1325,6 +1329,16 @@ int setup_tests(void)
     if (is_fips_3_0_0 < 0)
         return 0;
 
+#ifdef STATIC_LEGACY
+    /*
+     * This test is always statically linked against libcrypto. We must not
+     * attempt to load legacy.so that might be dynamically linked against
+     * libcrypto. Instead we use a built-in version of the legacy provider.
+     */
+    if (!OSSL_PROVIDER_add_builtin(testctx, "legacy", ossl_legacy_provider_init))
+        return 0;
+#endif
+
     /* Separate provider/ctx for generating the test data */
     if (!TEST_ptr(keyctx = OSSL_LIB_CTX_new()))
         return 0;