This list is closed, nobody may subscribe to it.
2003 |
Jan
|
Feb
|
Mar
(3) |
Apr
(6) |
May
|
Jun
(14) |
Jul
(4) |
Aug
(19) |
Sep
(27) |
Oct
(7) |
Nov
(4) |
Dec
(3) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2004 |
Jan
(58) |
Feb
(20) |
Mar
(70) |
Apr
(93) |
May
(102) |
Jun
(130) |
Jul
(47) |
Aug
(61) |
Sep
(149) |
Oct
(160) |
Nov
(243) |
Dec
(94) |
2005 |
Jan
(199) |
Feb
(166) |
Mar
(276) |
Apr
(422) |
May
(289) |
Jun
(222) |
Jul
(306) |
Aug
(154) |
Sep
(72) |
Oct
(163) |
Nov
(113) |
Dec
(195) |
2006 |
Jan
(174) |
Feb
(94) |
Mar
(130) |
Apr
(45) |
May
(85) |
Jun
(115) |
Jul
(120) |
Aug
(111) |
Sep
(210) |
Oct
(56) |
Nov
(72) |
Dec
(30) |
2007 |
Jan
(56) |
Feb
(49) |
Mar
(35) |
Apr
(58) |
May
(83) |
Jun
(101) |
Jul
(46) |
Aug
(58) |
Sep
(47) |
Oct
(58) |
Nov
(55) |
Dec
(54) |
2008 |
Jan
(52) |
Feb
(21) |
Mar
(20) |
Apr
(49) |
May
(20) |
Jun
(37) |
Jul
(101) |
Aug
(49) |
Sep
(75) |
Oct
(152) |
Nov
(34) |
Dec
(63) |
2009 |
Jan
(90) |
Feb
(12) |
Mar
(88) |
Apr
(49) |
May
(36) |
Jun
(36) |
Jul
(52) |
Aug
(54) |
Sep
(19) |
Oct
(45) |
Nov
(18) |
Dec
(34) |
2010 |
Jan
(12) |
Feb
(28) |
Mar
(18) |
Apr
(19) |
May
(14) |
Jun
(15) |
Jul
(24) |
Aug
(45) |
Sep
(6) |
Oct
(4) |
Nov
(21) |
Dec
(23) |
2011 |
Jan
(24) |
Feb
(45) |
Mar
(56) |
Apr
(18) |
May
(4) |
Jun
(10) |
Jul
(15) |
Aug
(38) |
Sep
(11) |
Oct
(48) |
Nov
(55) |
Dec
(29) |
2012 |
Jan
(41) |
Feb
(15) |
Mar
(24) |
Apr
(17) |
May
(12) |
Jun
(17) |
Jul
(18) |
Aug
(17) |
Sep
(17) |
Oct
(4) |
Nov
(8) |
Dec
(13) |
2013 |
Jan
(9) |
Feb
(1) |
Mar
(10) |
Apr
(18) |
May
(18) |
Jun
(14) |
Jul
(34) |
Aug
(6) |
Sep
(7) |
Oct
|
Nov
(8) |
Dec
(4) |
2014 |
Jan
(12) |
Feb
(6) |
Mar
(1) |
Apr
(12) |
May
|
Jun
(2) |
Jul
(20) |
Aug
(1) |
Sep
|
Oct
(3) |
Nov
(2) |
Dec
|
2015 |
Jan
(16) |
Feb
(2) |
Mar
(9) |
Apr
|
May
(56) |
Jun
(6) |
Jul
(7) |
Aug
(1) |
Sep
(17) |
Oct
(13) |
Nov
(23) |
Dec
(3) |
2016 |
Jan
(10) |
Feb
(8) |
Mar
(34) |
Apr
(19) |
May
(26) |
Jun
(3) |
Jul
|
Aug
(1) |
Sep
(2) |
Oct
(6) |
Nov
(5) |
Dec
(2) |
2017 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(1) |
Jun
|
Jul
(1) |
Aug
(1) |
Sep
(1) |
Oct
(2) |
Nov
|
Dec
|
2018 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(3) |
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
(1) |
2019 |
Jan
|
Feb
(1) |
Mar
(2) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(2) |
Dec
|
From: Reinoud K. <rei...@gm...> - 2019-11-06 17:41:05
|
Hi Guyue, Purely looking from a port standpoint, no. It can be any other port you're listening on as long as the connecting site can be configured to connect on a different port as well. Thanks, Reinoud. On Wed, Nov 6, 2019, 7:56 AM guyue huang <hhh...@gm...> wrote: > Dear experts, > > I really need some help from you guys since I met an issue when set up a > VPN with an Android phone, log showed that some other application use the > port[500] and [4500] which prevent racoon from setting up turnel. > > Here is my question: should racoon use prot [500] and [4500] exclusively > for any security concern so that it can share the ports with any other > applications? > > Thanks, > Frank > _______________________________________________ > Ipsec-tools-devel mailing list > Ips...@li... > https://lists.sourceforge.net/lists/listinfo/ipsec-tools-devel > |
From: guyue h. <hhh...@gm...> - 2019-11-06 03:02:59
|
Dear experts, I really need some help from you guys since I met an issue when set up a VPN with an Android phone, log showed that some other application use the port[500] and [4500] which prevent racoon from setting up turnel. Here is my question: should racoon use prot [500] and [4500] exclusively for any security concern so that it can share the ports with any other applications? Thanks, Frank |
From: Reinoud K. <rei...@gm...> - 2019-03-14 20:17:31
|
I did post a patch for this in 2015. It requires changes in Racoon , but also in your kernel. The patch never went in ipsec-tools. Racoon isn't really maintained anymore. Thanks, Reinoud. On Thu, Mar 14, 2019, 3:19 AM Bartłomiej Krawczyk <ba...@kr...> wrote: > I have a similar issue as described in bug report #75 with Debian stable > (using racoon) and Mikrotik. StrongSwan works fine with HMAC SHA256 but > racoon fails to pass traffic properly. > See Debian bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877721 > > Was this patch included? > -- > Bartłomiej Krawczyk > > > _______________________________________________ > Ipsec-tools-devel mailing list > Ips...@li... > https://lists.sourceforge.net/lists/listinfo/ipsec-tools-devel > |
From: Bartłomiej K. <ba...@kr...> - 2019-03-14 10:19:30
|
I have a similar issue as described in bug report #75 with Debian stable (using racoon) and Mikrotik. StrongSwan works fine with HMAC SHA256 but racoon fails to pass traffic properly. See Debian bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877721 Was this patch included? -- Bartłomiej Krawczyk |
From: Kanniganti K. <kan...@tc...> - 2019-02-22 14:10:09
|
Hi, We are using ipsec-tools-0.8.0-19.3.1.x86_64 version in SLES 12 SP4 OS. We are unable to find racoon service in /etc/init.d after the installation of ipsec rpm. Unable to find libipsec library as well.May i know the issue is with ipsectools and the rpm is unable to create the racoon service in SLES12SP4. Thanks and Regards, Kalyani.k =====-----=====-----===== Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you |
From: Cai, X. (X.) <xc...@yf...> - 2018-12-03 14:18:04
|
Dear All, Excuse me. I am porting the ipsec-tools on Android 8.1 system. Because Android only support racoon utility, not support setkey utility. But, unfortunately, I always meet issues when adding esp SAD (add ah SAD is ok). The error message is below . I am reading source code, but still cannot understand what is the root cause. Could you please give me any guide? Thank you very much ! The result of line 22: (null). The result of line 23: (null). Thanks & Best Regards ---------------------------------------------------------------------- Cai Xiaodong (蔡小冬) Tel: (86-21) 33323361 Email: xc...@yf...<mailto:xc...@yf...> |
From: Han L. <heh...@gm...> - 2018-10-02 20:35:41
|
May I ask for the android-file-dialog for building the ipsec tool by any chance? Sorry maybe I shouldn't ask for that. Thank you for your time, Best regards, Lin Han Lin <heh...@gm...> 于2018年9月28日周五 下午5:12写道: > Hi, > > I'm having troubles to build this IPSec-android on my Android Studio. I > didn't see gradle file. I'm wondering would you be able to help me to set > it up? Sending me more detailed instructions about this project? > > > I appreciate for your help > Best regards, > Lin > |
From: Eneas U. de Q. <cot...@ya...> - 2018-06-28 11:37:17
|
Any news regarding this patch? I'd love to get some feedback. Cheers, Eneas Em quarta-feira, 30 de maio de 2018 16:28:02 BRT, Eneas U de Queiroz <cot...@ya...> escreveu: This patch updates the calls to openssl 1.1 API, and adds a compatibility layer so it compiles with (at least) openssl 1.0.2, I haven't tested it with lower versions, but all that's needed is to edit the openssl_compat.* files and add the missing functions there--they're usually trivial. Signed-off-by: Eneas U de Queiroz <cot...@ya...> --- src/racoon/Makefile.am | 10 +-- src/racoon/algorithm.c | 6 +- src/racoon/cfparse.y | 2 +- src/racoon/crypto_openssl.c | 197 +++++++++++++++++++++------------------- src/racoon/crypto_openssl.h | 2 +- src/racoon/eaytest.c | 7 +- src/racoon/ipsec_doi.c | 2 +- src/racoon/openssl_compat.c | 213 ++++++++++++++++++++++++++++++++++++++++++++ src/racoon/openssl_compat.h | 45 ++++++++++ src/racoon/plainrsa-gen.c | 41 +++++---- src/racoon/prsa_par.y | 28 ++++-- src/racoon/rsalist.c | 5 +- 12 files changed, 431 insertions(+), 127 deletions(-) create mode 100644 src/racoon/openssl_compat.c create mode 100644 src/racoon/openssl_compat.h diff --git a/src/racoon/Makefile.am b/src/racoon/Makefile.am index dbaded9..4c585f3 100644 --- a/src/racoon/Makefile.am +++ b/src/racoon/Makefile.am @@ -4,7 +4,7 @@ sbin_PROGRAMS = racoon racoonctl plainrsa-gen noinst_PROGRAMS = eaytest include_racoon_HEADERS = racoonctl.h var.h vmbuf.h misc.h gcmalloc.h admin.h \ schedule.h sockmisc.h isakmp_var.h isakmp.h isakmp_xauth.h \ - isakmp_cfg.h isakmp_unity.h ipsec_doi.h evt.h + isakmp_cfg.h isakmp_unity.h ipsec_doi.h evt.h openssl_compat.h lib_LTLIBRARIES = libracoon.la adminsockdir=${localstatedir}/racoon @@ -32,7 +32,7 @@ racoon_SOURCES = \ gssapi.c dnssec.c getcertsbyname.c privsep.c \ pfkey.c admin.c evt.c ipsec_doi.c oakley.c grabmyaddr.c vendorid.c \ policy.c localconf.c remoteconf.c crypto_openssl.c algorithm.c \ - proposal.c sainfo.c strnames.c \ + openssl_compat.c proposal.c sainfo.c strnames.c \ plog.c logger.c schedule.c str2val.c \ safefile.c backupsa.c genlist.c rsalist.c \ cftoken.l cfparse.y prsa_tok.l prsa_par.y @@ -51,12 +51,12 @@ libracoon_la_SOURCES = kmpstat.c vmbuf.c sockmisc.c misc.c libracoon_la_CFLAGS = -DNOUSE_PRIVSEP $(AM_CFLAGS) plainrsa_gen_SOURCES = plainrsa-gen.c plog.c \ - crypto_openssl.c logger.c + crypto_openssl.c logger.c openssl_compat.c EXTRA_plainrsa_gen_SOURCES = $(MISSING_ALGOS) plainrsa_gen_LDADD = $(CRYPTOBJS) vmbuf.o misc.o plainrsa_gen_DEPENDENCIES = $(CRYPTOBJS) vmbuf.o misc.o -eaytest_SOURCES = eaytest.c plog.c logger.c +eaytest_SOURCES = eaytest.c plog.c logger.c openssl_compat.c EXTRA_eaytest_SOURCES = missing/crypto/sha2/sha2.c eaytest_LDADD = crypto_openssl_test.o vmbuf.o str2val.o misc_noplog.o \ $(CRYPTOBJS) @@ -75,7 +75,7 @@ noinst_HEADERS = \ debugrm.h isakmp.h misc.h sainfo.h \ dhgroup.h isakmp_agg.h netdb_dnssec.h schedule.h \ isakmp_cfg.h isakmp_xauth.h isakmp_unity.h isakmp_frag.h \ - throttle.h privsep.h \ + throttle.h privsep.h openssl_compat.h \ cfparse_proto.h cftoken_proto.h genlist.h rsalist.h \ missing/crypto/sha2/sha2.h missing/crypto/rijndael/rijndael_local.h \ missing/crypto/rijndael/rijndael-api-fst.h \ diff --git a/src/racoon/algorithm.c b/src/racoon/algorithm.c index 3fd50f6..66c874b 100644 --- a/src/racoon/algorithm.c +++ b/src/racoon/algorithm.c @@ -128,7 +128,7 @@ static struct enc_algorithm oakley_encdef[] = { { "aes", algtype_aes, OAKLEY_ATTR_ENC_ALG_AES, 16, eay_aes_encrypt, eay_aes_decrypt, eay_aes_weakkey, eay_aes_keylen, }, -#ifdef HAVE_OPENSSL_CAMELLIA_H +#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) { "camellia", algtype_camellia, OAKLEY_ATTR_ENC_ALG_CAMELLIA, 16, eay_camellia_encrypt, eay_camellia_decrypt, eay_camellia_weakkey, eay_camellia_keylen, }, @@ -168,7 +168,7 @@ static struct enc_algorithm ipsec_encdef[] = { { "twofish", algtype_twofish, IPSECDOI_ESP_TWOFISH, 16, NULL, NULL, NULL, eay_twofish_keylen, }, -#ifdef HAVE_OPENSSL_IDEA_H +#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) { "3idea", algtype_3idea, IPSECDOI_ESP_3IDEA, 8, NULL, NULL, NULL, NULL, }, @@ -179,7 +179,7 @@ static struct enc_algorithm ipsec_encdef[] = { { "rc4", algtype_rc4, IPSECDOI_ESP_RC4, 8, NULL, NULL, NULL, NULL, }, -#ifdef HAVE_OPENSSL_CAMELLIA_H +#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) { "camellia", algtype_camellia, IPSECDOI_ESP_CAMELLIA, 16, NULL, NULL, NULL, eay_camellia_keylen, }, diff --git a/src/racoon/cfparse.y b/src/racoon/cfparse.y index 0d9bd67..8415752 100644 --- a/src/racoon/cfparse.y +++ b/src/racoon/cfparse.y @@ -2564,7 +2564,7 @@ set_isakmp_proposal(rmconf) plog(LLV_DEBUG2, LOCATION, NULL, "encklen=%d\n", s->encklen); - memset(types, 0, ARRAYLEN(types)); + memset(types, 0, sizeof types); types[algclass_isakmp_enc] = s->algclass[algclass_isakmp_enc]; types[algclass_isakmp_hash] = s->algclass[algclass_isakmp_hash]; types[algclass_isakmp_dh] = s->algclass[algclass_isakmp_dh]; diff --git a/src/racoon/crypto_openssl.c b/src/racoon/crypto_openssl.c index 55b076a..8fb358f 100644 --- a/src/racoon/crypto_openssl.c +++ b/src/racoon/crypto_openssl.c @@ -90,6 +90,7 @@ #endif #endif #include "plog.h" +#include "openssl_compat.h" #define USE_NEW_DES_API @@ -316,9 +317,12 @@ eay_cmp_asn1dn(n1, n2) i = idx+1; goto end; } - if ((ea->value->length == 1 && ea->value->data[0] == '*') || - (eb->value->length == 1 && eb->value->data[0] == '*')) { - if (OBJ_cmp(ea->object,eb->object)) { + ASN1_STRING *sa = X509_NAME_ENTRY_get_data(ea); + ASN1_STRING *sb = X509_NAME_ENTRY_get_data(eb); + if ((ASN1_STRING_length(sa) == 1 && ASN1_STRING_get0_data(sa)[0] == '*') || + (ASN1_STRING_length(sb) == 1 && ASN1_STRING_get0_data(sb)[0] == '*')) { + if (OBJ_cmp(X509_NAME_ENTRY_get_object(ea), + X509_NAME_ENTRY_get_object(eb))) { i = idx+1; goto end; } @@ -430,7 +434,7 @@ cb_check_cert_local(ok, ctx) if (!ok) { X509_NAME_oneline( - X509_get_subject_name(ctx->current_cert), + X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)), buf, 256); /* @@ -438,7 +442,8 @@ cb_check_cert_local(ok, ctx) * ok if they are self signed. But we should still warn * the user. */ - switch (ctx->error) { + int ctx_error = X509_STORE_CTX_get_error(ctx); + switch (ctx_error) { case X509_V_ERR_CERT_HAS_EXPIRED: case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: case X509_V_ERR_INVALID_CA: @@ -453,9 +458,9 @@ cb_check_cert_local(ok, ctx) } plog(log_tag, LOCATION, NULL, "%s(%d) at depth:%d SubjectName:%s\n", - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, + X509_verify_cert_error_string(ctx_error), + ctx_error, + X509_STORE_CTX_get_error_depth(ctx), buf); } ERR_clear_error(); @@ -477,10 +482,11 @@ cb_check_cert_remote(ok, ctx) if (!ok) { X509_NAME_oneline( - X509_get_subject_name(ctx->current_cert), + X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)), buf, 256); - switch (ctx->error) { + int ctx_error=X509_STORE_CTX_get_error(ctx); + switch (ctx_error) { case X509_V_ERR_UNABLE_TO_GET_CRL: ok = 1; log_tag = LLV_WARNING; @@ -490,9 +496,9 @@ cb_check_cert_remote(ok, ctx) } plog(log_tag, LOCATION, NULL, "%s(%d) at depth:%d SubjectName:%s\n", - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, + X509_verify_cert_error_string(ctx_error), + ctx_error, + X509_STORE_CTX_get_error_depth(ctx), buf); } ERR_clear_error(); @@ -516,14 +522,15 @@ eay_get_x509asn1subjectname(cert) if (x509 == NULL) goto error; + X509_NAME *subject_name = X509_get_subject_name(x509); /* get the length of the name */ - len = i2d_X509_NAME(x509->cert_info->subject, NULL); + len = i2d_X509_NAME(subject_name, NULL); name = vmalloc(len); if (!name) goto error; /* get the name */ bp = (unsigned char *) name->v; - len = i2d_X509_NAME(x509->cert_info->subject, &bp); + len = i2d_X509_NAME(subject_name, &bp); X509_free(x509); @@ -661,15 +668,16 @@ eay_get_x509asn1issuername(cert) if (x509 == NULL) goto error; + X509_NAME *issuer_name = X509_get_issuer_name(x509); /* get the length of the name */ - len = i2d_X509_NAME(x509->cert_info->issuer, NULL); + len = i2d_X509_NAME(issuer_name, NULL); name = vmalloc(len); if (name == NULL) goto error; /* get the name */ bp = (unsigned char *) name->v; - len = i2d_X509_NAME(x509->cert_info->issuer, &bp); + len = i2d_X509_NAME(issuer_name, &bp); X509_free(x509); @@ -850,7 +858,7 @@ eay_check_x509sign(source, sig, cert) return -1; } - res = eay_rsa_verify(source, sig, evp->pkey.rsa); + res = eay_rsa_verify(source, sig, EVP_PKEY_get0_RSA(evp)); EVP_PKEY_free(evp); X509_free(x509); @@ -992,7 +1000,7 @@ eay_get_x509sign(src, privkey) if (evp == NULL) return NULL; - sig = eay_rsa_sign(src, evp->pkey.rsa); + sig = eay_rsa_sign(src, EVP_PKEY_get0_RSA(evp)); EVP_PKEY_free(evp); @@ -1079,7 +1087,11 @@ eay_strerror() int line, flags; unsigned long es; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + es = 0; /* even when allowed by OPENSSL_API_COMPAT, it is defined as 0 */ +#else es = CRYPTO_thread_id(); +#endif while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0){ n = snprintf(ebuf + len, sizeof(ebuf) - len, @@ -1100,7 +1112,7 @@ vchar_t * evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc) { vchar_t *res; - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX *ctx; if (!e) return NULL; @@ -1111,7 +1123,7 @@ evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc if ((res = vmalloc(data->l)) == NULL) return NULL; - EVP_CIPHER_CTX_init(&ctx); + ctx = EVP_CIPHER_CTX_new(); switch(EVP_CIPHER_nid(e)){ case NID_bf_cbc: @@ -1125,54 +1137,41 @@ evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc /* XXX: can we do that also for algos with a fixed key size ? */ /* init context without key/iv - */ - if (!EVP_CipherInit(&ctx, e, NULL, NULL, enc)) - { - OpenSSL_BUG(); - vfree(res); - return NULL; - } + */ + if (!EVP_CipherInit(ctx, e, NULL, NULL, enc)) + goto out; - /* update key size - */ - if (!EVP_CIPHER_CTX_set_key_length(&ctx, key->l)) - { - OpenSSL_BUG(); - vfree(res); - return NULL; - } - - /* finalize context init with desired key size - */ - if (!EVP_CipherInit(&ctx, NULL, (u_char *) key->v, + /* update key size + */ + if (!EVP_CIPHER_CTX_set_key_length(ctx, key->l)) + goto out; + + /* finalize context init with desired key size + */ + if (!EVP_CipherInit(ctx, NULL, (u_char *) key->v, (u_char *) iv->v, enc)) - { - OpenSSL_BUG(); - vfree(res); - return NULL; - } + goto out; break; default: - if (!EVP_CipherInit(&ctx, e, (u_char *) key->v, - (u_char *) iv->v, enc)) { - OpenSSL_BUG(); - vfree(res); - return NULL; - } + if (!EVP_CipherInit(ctx, e, (u_char *) key->v, + (u_char *) iv->v, enc)) + goto out; } /* disable openssl padding */ - EVP_CIPHER_CTX_set_padding(&ctx, 0); + EVP_CIPHER_CTX_set_padding(ctx, 0); - if (!EVP_Cipher(&ctx, (u_char *) res->v, (u_char *) data->v, data->l)) { - OpenSSL_BUG(); - vfree(res); - return NULL; - } + if (!EVP_Cipher(ctx, (u_char *) res->v, (u_char *) data->v, data->l)) + goto out; - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); return res; +out: + EVP_CIPHER_CTX_free(ctx); + OpenSSL_BUG(); + vfree(res); + return NULL; } int @@ -1230,7 +1229,7 @@ eay_des_keylen(len) return evp_keylen(len, EVP_des_cbc()); } -#ifdef HAVE_OPENSSL_IDEA_H +#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) /* * IDEA-CBC */ @@ -1587,7 +1586,7 @@ eay_aes_keylen(len) return len; } -#if defined(HAVE_OPENSSL_CAMELLIA_H) +#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) /* * CAMELLIA-CBC */ @@ -1680,9 +1679,9 @@ eay_hmac_init(key, md) vchar_t *key; const EVP_MD *md; { - HMAC_CTX *c = racoon_malloc(sizeof(*c)); + HMAC_CTX *c = HMAC_CTX_new(); - HMAC_Init(c, key->v, key->l, md); + HMAC_Init_ex(c, key->v, key->l, md, NULL); return (caddr_t)c; } @@ -1761,8 +1760,7 @@ eay_hmacsha2_512_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (SHA512_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -1811,8 +1809,7 @@ eay_hmacsha2_384_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (SHA384_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -1861,8 +1858,7 @@ eay_hmacsha2_256_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (SHA256_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -1912,8 +1908,7 @@ eay_hmacsha1_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (SHA_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -1962,8 +1957,7 @@ eay_hmacmd5_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (MD5_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -2266,6 +2260,7 @@ eay_dh_generate(prime, g, publen, pub, priv) u_int32_t g; { BIGNUM *p = NULL; + BIGNUM *BNg = NULL; DH *dh = NULL; int error = -1; @@ -2276,25 +2271,28 @@ eay_dh_generate(prime, g, publen, pub, priv) if ((dh = DH_new()) == NULL) goto end; - dh->p = p; - p = NULL; /* p is now part of dh structure */ - dh->g = NULL; - if ((dh->g = BN_new()) == NULL) + if ((BNg = BN_new()) == NULL) goto end; - if (!BN_set_word(dh->g, g)) + if (!BN_set_word(BNg, g)) goto end; + if (! DH_set0_pqg(dh, p, NULL, BNg)) + goto end; + BNg = NULL; + p = NULL; /* p is now part of dh structure */ if (publen != 0) - dh->length = publen; + DH_set_length(dh, publen); /* generate public and private number */ if (!DH_generate_key(dh)) goto end; /* copy results to buffers */ - if (eay_bn2v(pub, dh->pub_key) < 0) + BIGNUM *pub_key, *priv_key; + DH_get0_key(dh, (const BIGNUM**) &pub_key, (const BIGNUM**) &priv_key); + if (eay_bn2v(pub, pub_key) < 0) goto end; - if (eay_bn2v(priv, dh->priv_key) < 0) { + if (eay_bn2v(priv, priv_key) < 0) { vfree(*pub); goto end; } @@ -2306,6 +2304,8 @@ end: DH_free(dh); if (p != 0) BN_free(p); + if (BNg != 0) + BN_free(BNg); return(error); } @@ -2319,6 +2319,10 @@ eay_dh_compute(prime, g, pub, priv, pub2, key) int l; unsigned char *v = NULL; int error = -1; + BIGNUM *p = BN_new(); + BIGNUM *BNg = BN_new(); + BIGNUM *pub_key = BN_new(); + BIGNUM *priv_key = BN_new(); /* make public number to compute */ if (eay_v2bn(&dh_pub, pub2) < 0) @@ -2327,19 +2331,21 @@ eay_dh_compute(prime, g, pub, priv, pub2, key) /* make DH structure */ if ((dh = DH_new()) == NULL) goto end; - if (eay_v2bn(&dh->p, prime) < 0) + if (p == NULL || BNg == NULL || pub_key == NULL || priv_key == NULL) goto end; - if (eay_v2bn(&dh->pub_key, pub) < 0) + + if (eay_v2bn(&p, prime) < 0) goto end; - if (eay_v2bn(&dh->priv_key, priv) < 0) + if (eay_v2bn(&pub_key, pub) < 0) goto end; - dh->length = pub2->l * 8; - - dh->g = NULL; - if ((dh->g = BN_new()) == NULL) + if (eay_v2bn(&priv_key, priv) < 0) goto end; - if (!BN_set_word(dh->g, g)) + if (!BN_set_word(BNg, g)) goto end; + DH_set0_key(dh, pub_key, priv_key); + DH_set_length(dh, pub2->l * 8); + DH_set0_pqg(dh, p, NULL, BNg); + pub_key = priv_key = p = BNg = NULL; if ((v = racoon_calloc(prime->l, sizeof(u_char))) == NULL) goto end; @@ -2350,6 +2356,14 @@ eay_dh_compute(prime, g, pub, priv, pub2, key) error = 0; end: + if (p != NULL) + BN_free(p); + if (BNg != NULL) + BN_free(BNg); + if (pub_key != NULL) + BN_free(pub_key); + if (priv_key != NULL) + BN_free(priv_key); if (dh_pub != NULL) BN_free(dh_pub); if (dh != NULL) @@ -2400,12 +2414,14 @@ eay_bn2v(var, bn) void eay_init() { +#if OPENSSL_VERSION_NUMBER < 0x10100000L OpenSSL_add_all_algorithms(); ERR_load_crypto_strings(); #ifdef HAVE_OPENSSL_ENGINE_H ENGINE_load_builtin_engines(); ENGINE_register_all_complete(); #endif +#endif } vchar_t * @@ -2504,8 +2520,7 @@ binbuf_pubkey2rsa(vchar_t *binbuf) goto out; } - rsa_pub->n = mod; - rsa_pub->e = exp; + RSA_set0_key(rsa_pub, mod, exp, NULL); out: return rsa_pub; @@ -2582,5 +2597,5 @@ eay_random() const char * eay_version() { - return SSLeay_version(SSLEAY_VERSION); + return OpenSSL_version(OPENSSL_VERSION); } diff --git a/src/racoon/crypto_openssl.h b/src/racoon/crypto_openssl.h index 66fac73..ee5b765 100644 --- a/src/racoon/crypto_openssl.h +++ b/src/racoon/crypto_openssl.h @@ -124,7 +124,7 @@ extern vchar_t *eay_aes_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); extern int eay_aes_weakkey __P((vchar_t *)); extern int eay_aes_keylen __P((int)); -#if defined(HAVE_OPENSSL_CAMELLIA_H) +#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) /* Camellia */ extern vchar_t *eay_camellia_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); extern vchar_t *eay_camellia_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); diff --git a/src/racoon/eaytest.c b/src/racoon/eaytest.c index 1474bdc..ae09db3 100644 --- a/src/racoon/eaytest.c +++ b/src/racoon/eaytest.c @@ -62,6 +62,7 @@ #include "dhgroup.h" #include "crypto_openssl.h" #include "gnuc.h" +#include "openssl_compat.h" #include "package_version.h" @@ -103,7 +104,7 @@ rsa_verify_with_pubkey(src, sig, pubkey_txt) printf ("PEM_read_PUBKEY(): %s\n", eay_strerror()); return -1; } - error = eay_check_rsasign(src, sig, evp->pkey.rsa); + error = eay_check_rsasign(src, sig, EVP_PKEY_get0_RSA(evp)); return error; } @@ -698,7 +699,7 @@ ciphertest(ac, av) eay_cast_encrypt, eay_cast_decrypt) < 0) return -1; -#ifdef HAVE_OPENSSL_IDEA_H +#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) if (ciphertest_1 ("IDEA", &data, 8, &key, key.l, @@ -715,7 +716,7 @@ ciphertest(ac, av) eay_rc5_encrypt, eay_rc5_decrypt) < 0) return -1; #endif -#if defined(HAVE_OPENSSL_CAMELLIA_H) +#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) if (ciphertest_1 ("CAMELLIA", &data, 16, &key, key.l, diff --git a/src/racoon/ipsec_doi.c b/src/racoon/ipsec_doi.c index 84a4c71..b52469f 100644 --- a/src/racoon/ipsec_doi.c +++ b/src/racoon/ipsec_doi.c @@ -715,7 +715,7 @@ out: /* key length must not be specified on some algorithms */ if (keylen) { if (sa->enctype == OAKLEY_ATTR_ENC_ALG_DES -#ifdef HAVE_OPENSSL_IDEA_H +#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) || sa->enctype == OAKLEY_ATTR_ENC_ALG_IDEA #endif || sa->enctype == OAKLEY_ATTR_ENC_ALG_3DES) { diff --git a/src/racoon/openssl_compat.c b/src/racoon/openssl_compat.c new file mode 100644 index 0000000..864b5fb --- /dev/null +++ b/src/racoon/openssl_compat.c @@ -0,0 +1,213 @@ +/* + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "openssl_compat.h" + +#if OPENSSL_VERSION_NUMBER < 0x10100000L + +#include <string.h> + +static void *OPENSSL_zalloc(size_t num) +{ + void *ret = OPENSSL_malloc(num); + + if (ret != NULL) + memset(ret, 0, num); + return ret; +} + +int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) +{ + /* If the fields n and e in r are NULL, the corresponding input + * parameters MUST be non-NULL for n and e. d may be + * left NULL (in case only the public key is used). + */ + if ((r->n == NULL && n == NULL) + || (r->e == NULL && e == NULL)) + return 0; + + if (n != NULL) { + BN_free(r->n); + r->n = n; + } + if (e != NULL) { + BN_free(r->e); + r->e = e; + } + if (d != NULL) { + BN_free(r->d); + r->d = d; + } + + return 1; +} + +int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q) +{ + /* If the fields p and q in r are NULL, the corresponding input + * parameters MUST be non-NULL. + */ + if ((r->p == NULL && p == NULL) + || (r->q == NULL && q == NULL)) + return 0; + + if (p != NULL) { + BN_free(r->p); + r->p = p; + } + if (q != NULL) { + BN_free(r->q); + r->q = q; + } + + return 1; +} + +int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp) +{ + /* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input + * parameters MUST be non-NULL. + */ + if ((r->dmp1 == NULL && dmp1 == NULL) + || (r->dmq1 == NULL && dmq1 == NULL) + || (r->iqmp == NULL && iqmp == NULL)) + return 0; + + if (dmp1 != NULL) { + BN_free(r->dmp1); + r->dmp1 = dmp1; + } + if (dmq1 != NULL) { + BN_free(r->dmq1); + r->dmq1 = dmq1; + } + if (iqmp != NULL) { + BN_free(r->iqmp); + r->iqmp = iqmp; + } + + return 1; +} + +void RSA_get0_key(const RSA *r, + const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) +{ + if (n != NULL) + *n = r->n; + if (e != NULL) + *e = r->e; + if (d != NULL) + *d = r->d; +} + +void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) +{ + if (p != NULL) + *p = r->p; + if (q != NULL) + *q = r->q; +} + +void RSA_get0_crt_params(const RSA *r, + const BIGNUM **dmp1, const BIGNUM **dmq1, + const BIGNUM **iqmp) +{ + if (dmp1 != NULL) + *dmp1 = r->dmp1; + if (dmq1 != NULL) + *dmq1 = r->dmq1; + if (iqmp != NULL) + *iqmp = r->iqmp; +} + +int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) +{ + /* If the fields p and g in d are NULL, the corresponding input + * parameters MUST be non-NULL. q may remain NULL. + */ + if ((dh->p == NULL && p == NULL) + || (dh->g == NULL && g == NULL)) + return 0; + + if (p != NULL) { + BN_free(dh->p); + dh->p = p; + } + if (q != NULL) { + BN_free(dh->q); + dh->q = q; + } + if (g != NULL) { + BN_free(dh->g); + dh->g = g; + } + + if (q != NULL) { + dh->length = BN_num_bits(q); + } + + return 1; +} + +void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) +{ + if (pub_key != NULL) + *pub_key = dh->pub_key; + if (priv_key != NULL) + *priv_key = dh->priv_key; +} + +int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) +{ + /* If the field pub_key in dh is NULL, the corresponding input + * parameters MUST be non-NULL. The priv_key field may + * be left NULL. + */ + if (dh->pub_key == NULL && pub_key == NULL) + return 0; + + if (pub_key != NULL) { + BN_free(dh->pub_key); + dh->pub_key = pub_key; + } + if (priv_key != NULL) { + BN_free(dh->priv_key); + dh->priv_key = priv_key; + } + + return 1; +} + +int DH_set_length(DH *dh, long length) +{ + dh->length = length; + return 1; +} + +HMAC_CTX *HMAC_CTX_new(void) +{ + return OPENSSL_zalloc(sizeof(HMAC_CTX)); +} + +void HMAC_CTX_free(HMAC_CTX *ctx) +{ + HMAC_CTX_cleanup(ctx); + OPENSSL_free(ctx); +} + +RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey) +{ + if (pkey->type != EVP_PKEY_RSA) { + return NULL; + } + return pkey->pkey.rsa; +} + + +#endif /* OPENSSL_VERSION_NUMBER */ diff --git a/src/racoon/openssl_compat.h b/src/racoon/openssl_compat.h new file mode 100644 index 0000000..9e152c2 --- /dev/null +++ b/src/racoon/openssl_compat.h @@ -0,0 +1,45 @@ +#ifndef OPENSSL_COMPAT_H +#define OPENSSL_COMPAT_H + +#include <openssl/opensslv.h> +#if OPENSSL_VERSION_NUMBER < 0x10100000L + +#include <openssl/rsa.h> +#include <openssl/dh.h> +#include <openssl/evp.h> +#include <openssl/hmac.h> + +int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); +int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q); +int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp); +void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d); +void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q); +void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp); + +int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); +void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key); +int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key); +int DH_set_length(DH *dh, long length); + +HMAC_CTX *HMAC_CTX_new(void); +void HMAC_CTX_free(HMAC_CTX* ctx); + +RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); + +#define ASN1_STRING_length(s) s->length +#define ASN1_STRING_get0_data(s) s->data + +#define X509_get_subject_name(x) x->cert_info->subject +#define X509_get_issuer_name(x) x->cert_info->issuer +#define X509_NAME_ENTRY_get_data(n) n->value +#define X509_NAME_ENTRY_get_object(n) n->object +#define X509_STORE_CTX_get_current_cert(ctx) ctx->current_cert +#define X509_STORE_CTX_get_error(ctx) ctx->error +#define X509_STORE_CTX_get_error_depth(ctx) ctx->error_depth + +#define OPENSSL_VERSION SSLEAY_VERSION +#define OpenSSL_version SSLeay_version + +#endif /* OPENSSL_VERSION_NUMBER */ + +#endif /* OPENSSL_COMPAT_H */ diff --git a/src/racoon/plainrsa-gen.c b/src/racoon/plainrsa-gen.c index cad1861..b949b08 100644 --- a/src/racoon/plainrsa-gen.c +++ b/src/racoon/plainrsa-gen.c @@ -60,6 +60,7 @@ #include "vmbuf.h" #include "plog.h" #include "crypto_openssl.h" +#include "openssl_compat.h" #include "package_version.h" @@ -90,12 +91,14 @@ mix_b64_pubkey(const RSA *key) char *binbuf; long binlen, ret; vchar_t *res; - - binlen = 1 + BN_num_bytes(key->e) + BN_num_bytes(key->n); + const BIGNUM *e, *n; + + RSA_get0_key(key, &n, &e, NULL); + binlen = 1 + BN_num_bytes(e) + BN_num_bytes(n); binbuf = malloc(binlen); memset(binbuf, 0, binlen); - binbuf[0] = BN_bn2bin(key->e, (unsigned char *) &binbuf[1]); - ret = BN_bn2bin(key->n, (unsigned char *) (&binbuf[binbuf[0] + 1])); + binbuf[0] = BN_bn2bin(e, (unsigned char *) &binbuf[1]); + ret = BN_bn2bin(n, (unsigned char *) (&binbuf[binbuf[0] + 1])); if (1 + binbuf[0] + ret != binlen) { plog(LLV_ERROR, LOCATION, NULL, "Pubkey generation failed. This is really strange...\n"); @@ -131,16 +134,20 @@ print_rsa_key(FILE *fp, const RSA *key) fprintf(fp, "# : PUB 0s%s\n", pubkey64->v); fprintf(fp, ": RSA\t{\n"); - fprintf(fp, "\t# RSA %d bits\n", BN_num_bits(key->n)); + const BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp; + RSA_get0_key(key, &n, &e, &d); + RSA_get0_factors(key, &p, &q); + RSA_get0_crt_params(key, &dmp1, &dmq1, &iqmp); + fprintf(fp, "\t# RSA %d bits\n", BN_num_bits(n)); fprintf(fp, "\t# pubkey=0s%s\n", pubkey64->v); - fprintf(fp, "\tModulus: 0x%s\n", lowercase(BN_bn2hex(key->n))); - fprintf(fp, "\tPublicExponent: 0x%s\n", lowercase(BN_bn2hex(key->e))); - fprintf(fp, "\tPrivateExponent: 0x%s\n", lowercase(BN_bn2hex(key->d))); - fprintf(fp, "\tPrime1: 0x%s\n", lowercase(BN_bn2hex(key->p))); - fprintf(fp, "\tPrime2: 0x%s\n", lowercase(BN_bn2hex(key->q))); - fprintf(fp, "\tExponent1: 0x%s\n", lowercase(BN_bn2hex(key->dmp1))); - fprintf(fp, "\tExponent2: 0x%s\n", lowercase(BN_bn2hex(key->dmq1))); - fprintf(fp, "\tCoefficient: 0x%s\n", lowercase(BN_bn2hex(key->iqmp))); + fprintf(fp, "\tModulus: 0x%s\n", lowercase(BN_bn2hex(n))); + fprintf(fp, "\tPublicExponent: 0x%s\n", lowercase(BN_bn2hex(e))); + fprintf(fp, "\tPrivateExponent: 0x%s\n", lowercase(BN_bn2hex(d))); + fprintf(fp, "\tPrime1: 0x%s\n", lowercase(BN_bn2hex(p))); + fprintf(fp, "\tPrime2: 0x%s\n", lowercase(BN_bn2hex(q))); + fprintf(fp, "\tExponent1: 0x%s\n", lowercase(BN_bn2hex(dmp1))); + fprintf(fp, "\tExponent2: 0x%s\n", lowercase(BN_bn2hex(dmq1))); + fprintf(fp, "\tCoefficient: 0x%s\n", lowercase(BN_bn2hex(iqmp))); fprintf(fp, " }\n"); vfree(pubkey64); @@ -203,11 +210,13 @@ int gen_rsa_key(FILE *fp, size_t bits, unsigned long exp) { int ret; - RSA *key; + RSA *key = RSA_new(); + BIGNUM *e = BN_new(); - key = RSA_generate_key(bits, exp, NULL, NULL); - if (!key) { + BN_set_word(e, exp); + if (! RSA_generate_key_ex(key, bits, e, NULL)) { fprintf(stderr, "RSA_generate_key(): %s\n", eay_strerror()); + RSA_free(key); return -1; } diff --git a/src/racoon/prsa_par.y b/src/racoon/prsa_par.y index 1987e4d..27ce4c6 100644 --- a/src/racoon/prsa_par.y +++ b/src/racoon/prsa_par.y @@ -68,6 +68,7 @@ #include "isakmp_var.h" #include "handler.h" #include "crypto_openssl.h" +#include "openssl_compat.h" #include "sockmisc.h" #include "rsalist.h" @@ -85,7 +86,18 @@ char *prsa_cur_fname = NULL; struct genlist *prsa_cur_list = NULL; enum rsa_key_type prsa_cur_type = RSA_TYPE_ANY; -static RSA *rsa_cur; +struct my_rsa_st { + BIGNUM *n; + BIGNUM *e; + BIGNUM *d; + BIGNUM *p; + BIGNUM *q; + BIGNUM *dmp1; + BIGNUM *dmq1; + BIGNUM *iqmp; +}; + +static struct my_rsa_st *rsa_cur; void prsaerror(const char *s, ...) @@ -201,8 +213,12 @@ rsa_statement: rsa_cur->iqmp = NULL; } } - $$ = rsa_cur; - rsa_cur = RSA_new(); + RSA * rsa_tmp = RSA_new(); + RSA_set0_key(rsa_tmp, rsa_cur->n, rsa_cur->e, rsa_cur->d); + RSA_set0_factors(rsa_tmp, rsa_cur->p, rsa_cur->q); + RSA_set0_crt_params(rsa_tmp, rsa_cur->dmp1, rsa_cur->dmq1, rsa_cur->iqmp); + $$ = rsa_tmp; + memset(rsa_cur, 0, sizeof(struct my_rsa_st)); } | TAG_PUB BASE64 { @@ -351,10 +367,12 @@ prsa_parse_file(struct genlist *list, char *fname, enum rsa_key_type type) prsa_cur_fname = fname; prsa_cur_list = list; prsa_cur_type = type; - rsa_cur = RSA_new(); + rsa_cur = malloc(sizeof(struct my_rsa_st)); + memset(rsa_cur, 0, sizeof(struct my_rsa_st)); ret = prsaparse(); if (rsa_cur) { - RSA_free(rsa_cur); + memset(rsa_cur, 0, sizeof(struct my_rsa_st)); + free(rsa_cur); rsa_cur = NULL; } fclose (fp); diff --git a/src/racoon/rsalist.c b/src/racoon/rsalist.c index f152c82..96e8363 100644 --- a/src/racoon/rsalist.c +++ b/src/racoon/rsalist.c @@ -52,6 +52,7 @@ #include "genlist.h" #include "remoteconf.h" #include "crypto_openssl.h" +#include "openssl_compat.h" #ifndef LIST_FIRST #define LIST_FIRST(head) ((head)->lh_first) @@ -98,7 +99,9 @@ rsa_key_dup(struct rsa_key *key) return NULL; if (key->rsa) { - new->rsa = key->rsa->d != NULL ? RSAPrivateKey_dup(key->rsa) : RSAPublicKey_dup(key->rsa); + const BIGNUM *d; + RSA_get0_key(key->rsa, NULL, NULL, &d); + new->rsa = (d != NULL ? RSAPrivateKey_dup(key->rsa) : RSAPublicKey_dup(key->rsa)); if (new->rsa == NULL) goto dup_error; } -- 2.16.1 |
From: Eneas U de Q. <cot...@ya...> - 2018-05-30 19:28:09
|
This patch updates the calls to openssl 1.1 API, and adds a compatibility layer so it compiles with (at least) openssl 1.0.2, I haven't tested it with lower versions, but all that's needed is to edit the openssl_compat.* files and add the missing functions there--they're usually trivial. Signed-off-by: Eneas U de Queiroz <cot...@ya...> --- src/racoon/Makefile.am | 10 +-- src/racoon/algorithm.c | 6 +- src/racoon/cfparse.y | 2 +- src/racoon/crypto_openssl.c | 197 +++++++++++++++++++++------------------- src/racoon/crypto_openssl.h | 2 +- src/racoon/eaytest.c | 7 +- src/racoon/ipsec_doi.c | 2 +- src/racoon/openssl_compat.c | 213 ++++++++++++++++++++++++++++++++++++++++++++ src/racoon/openssl_compat.h | 45 ++++++++++ src/racoon/plainrsa-gen.c | 41 +++++---- src/racoon/prsa_par.y | 28 ++++-- src/racoon/rsalist.c | 5 +- 12 files changed, 431 insertions(+), 127 deletions(-) create mode 100644 src/racoon/openssl_compat.c create mode 100644 src/racoon/openssl_compat.h diff --git a/src/racoon/Makefile.am b/src/racoon/Makefile.am index dbaded9..4c585f3 100644 --- a/src/racoon/Makefile.am +++ b/src/racoon/Makefile.am @@ -4,7 +4,7 @@ sbin_PROGRAMS = racoon racoonctl plainrsa-gen noinst_PROGRAMS = eaytest include_racoon_HEADERS = racoonctl.h var.h vmbuf.h misc.h gcmalloc.h admin.h \ schedule.h sockmisc.h isakmp_var.h isakmp.h isakmp_xauth.h \ - isakmp_cfg.h isakmp_unity.h ipsec_doi.h evt.h + isakmp_cfg.h isakmp_unity.h ipsec_doi.h evt.h openssl_compat.h lib_LTLIBRARIES = libracoon.la adminsockdir=${localstatedir}/racoon @@ -32,7 +32,7 @@ racoon_SOURCES = \ gssapi.c dnssec.c getcertsbyname.c privsep.c \ pfkey.c admin.c evt.c ipsec_doi.c oakley.c grabmyaddr.c vendorid.c \ policy.c localconf.c remoteconf.c crypto_openssl.c algorithm.c \ - proposal.c sainfo.c strnames.c \ + openssl_compat.c proposal.c sainfo.c strnames.c \ plog.c logger.c schedule.c str2val.c \ safefile.c backupsa.c genlist.c rsalist.c \ cftoken.l cfparse.y prsa_tok.l prsa_par.y @@ -51,12 +51,12 @@ libracoon_la_SOURCES = kmpstat.c vmbuf.c sockmisc.c misc.c libracoon_la_CFLAGS = -DNOUSE_PRIVSEP $(AM_CFLAGS) plainrsa_gen_SOURCES = plainrsa-gen.c plog.c \ - crypto_openssl.c logger.c + crypto_openssl.c logger.c openssl_compat.c EXTRA_plainrsa_gen_SOURCES = $(MISSING_ALGOS) plainrsa_gen_LDADD = $(CRYPTOBJS) vmbuf.o misc.o plainrsa_gen_DEPENDENCIES = $(CRYPTOBJS) vmbuf.o misc.o -eaytest_SOURCES = eaytest.c plog.c logger.c +eaytest_SOURCES = eaytest.c plog.c logger.c openssl_compat.c EXTRA_eaytest_SOURCES = missing/crypto/sha2/sha2.c eaytest_LDADD = crypto_openssl_test.o vmbuf.o str2val.o misc_noplog.o \ $(CRYPTOBJS) @@ -75,7 +75,7 @@ noinst_HEADERS = \ debugrm.h isakmp.h misc.h sainfo.h \ dhgroup.h isakmp_agg.h netdb_dnssec.h schedule.h \ isakmp_cfg.h isakmp_xauth.h isakmp_unity.h isakmp_frag.h \ - throttle.h privsep.h \ + throttle.h privsep.h openssl_compat.h \ cfparse_proto.h cftoken_proto.h genlist.h rsalist.h \ missing/crypto/sha2/sha2.h missing/crypto/rijndael/rijndael_local.h \ missing/crypto/rijndael/rijndael-api-fst.h \ diff --git a/src/racoon/algorithm.c b/src/racoon/algorithm.c index 3fd50f6..66c874b 100644 --- a/src/racoon/algorithm.c +++ b/src/racoon/algorithm.c @@ -128,7 +128,7 @@ static struct enc_algorithm oakley_encdef[] = { { "aes", algtype_aes, OAKLEY_ATTR_ENC_ALG_AES, 16, eay_aes_encrypt, eay_aes_decrypt, eay_aes_weakkey, eay_aes_keylen, }, -#ifdef HAVE_OPENSSL_CAMELLIA_H +#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) { "camellia", algtype_camellia, OAKLEY_ATTR_ENC_ALG_CAMELLIA, 16, eay_camellia_encrypt, eay_camellia_decrypt, eay_camellia_weakkey, eay_camellia_keylen, }, @@ -168,7 +168,7 @@ static struct enc_algorithm ipsec_encdef[] = { { "twofish", algtype_twofish, IPSECDOI_ESP_TWOFISH, 16, NULL, NULL, NULL, eay_twofish_keylen, }, -#ifdef HAVE_OPENSSL_IDEA_H +#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) { "3idea", algtype_3idea, IPSECDOI_ESP_3IDEA, 8, NULL, NULL, NULL, NULL, }, @@ -179,7 +179,7 @@ static struct enc_algorithm ipsec_encdef[] = { { "rc4", algtype_rc4, IPSECDOI_ESP_RC4, 8, NULL, NULL, NULL, NULL, }, -#ifdef HAVE_OPENSSL_CAMELLIA_H +#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) { "camellia", algtype_camellia, IPSECDOI_ESP_CAMELLIA, 16, NULL, NULL, NULL, eay_camellia_keylen, }, diff --git a/src/racoon/cfparse.y b/src/racoon/cfparse.y index 0d9bd67..8415752 100644 --- a/src/racoon/cfparse.y +++ b/src/racoon/cfparse.y @@ -2564,7 +2564,7 @@ set_isakmp_proposal(rmconf) plog(LLV_DEBUG2, LOCATION, NULL, "encklen=%d\n", s->encklen); - memset(types, 0, ARRAYLEN(types)); + memset(types, 0, sizeof types); types[algclass_isakmp_enc] = s->algclass[algclass_isakmp_enc]; types[algclass_isakmp_hash] = s->algclass[algclass_isakmp_hash]; types[algclass_isakmp_dh] = s->algclass[algclass_isakmp_dh]; diff --git a/src/racoon/crypto_openssl.c b/src/racoon/crypto_openssl.c index 55b076a..8fb358f 100644 --- a/src/racoon/crypto_openssl.c +++ b/src/racoon/crypto_openssl.c @@ -90,6 +90,7 @@ #endif #endif #include "plog.h" +#include "openssl_compat.h" #define USE_NEW_DES_API @@ -316,9 +317,12 @@ eay_cmp_asn1dn(n1, n2) i = idx+1; goto end; } - if ((ea->value->length == 1 && ea->value->data[0] == '*') || - (eb->value->length == 1 && eb->value->data[0] == '*')) { - if (OBJ_cmp(ea->object,eb->object)) { + ASN1_STRING *sa = X509_NAME_ENTRY_get_data(ea); + ASN1_STRING *sb = X509_NAME_ENTRY_get_data(eb); + if ((ASN1_STRING_length(sa) == 1 && ASN1_STRING_get0_data(sa)[0] == '*') || + (ASN1_STRING_length(sb) == 1 && ASN1_STRING_get0_data(sb)[0] == '*')) { + if (OBJ_cmp(X509_NAME_ENTRY_get_object(ea), + X509_NAME_ENTRY_get_object(eb))) { i = idx+1; goto end; } @@ -430,7 +434,7 @@ cb_check_cert_local(ok, ctx) if (!ok) { X509_NAME_oneline( - X509_get_subject_name(ctx->current_cert), + X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)), buf, 256); /* @@ -438,7 +442,8 @@ cb_check_cert_local(ok, ctx) * ok if they are self signed. But we should still warn * the user. */ - switch (ctx->error) { + int ctx_error = X509_STORE_CTX_get_error(ctx); + switch (ctx_error) { case X509_V_ERR_CERT_HAS_EXPIRED: case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: case X509_V_ERR_INVALID_CA: @@ -453,9 +458,9 @@ cb_check_cert_local(ok, ctx) } plog(log_tag, LOCATION, NULL, "%s(%d) at depth:%d SubjectName:%s\n", - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, + X509_verify_cert_error_string(ctx_error), + ctx_error, + X509_STORE_CTX_get_error_depth(ctx), buf); } ERR_clear_error(); @@ -477,10 +482,11 @@ cb_check_cert_remote(ok, ctx) if (!ok) { X509_NAME_oneline( - X509_get_subject_name(ctx->current_cert), + X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)), buf, 256); - switch (ctx->error) { + int ctx_error=X509_STORE_CTX_get_error(ctx); + switch (ctx_error) { case X509_V_ERR_UNABLE_TO_GET_CRL: ok = 1; log_tag = LLV_WARNING; @@ -490,9 +496,9 @@ cb_check_cert_remote(ok, ctx) } plog(log_tag, LOCATION, NULL, "%s(%d) at depth:%d SubjectName:%s\n", - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, + X509_verify_cert_error_string(ctx_error), + ctx_error, + X509_STORE_CTX_get_error_depth(ctx), buf); } ERR_clear_error(); @@ -516,14 +522,15 @@ eay_get_x509asn1subjectname(cert) if (x509 == NULL) goto error; + X509_NAME *subject_name = X509_get_subject_name(x509); /* get the length of the name */ - len = i2d_X509_NAME(x509->cert_info->subject, NULL); + len = i2d_X509_NAME(subject_name, NULL); name = vmalloc(len); if (!name) goto error; /* get the name */ bp = (unsigned char *) name->v; - len = i2d_X509_NAME(x509->cert_info->subject, &bp); + len = i2d_X509_NAME(subject_name, &bp); X509_free(x509); @@ -661,15 +668,16 @@ eay_get_x509asn1issuername(cert) if (x509 == NULL) goto error; + X509_NAME *issuer_name = X509_get_issuer_name(x509); /* get the length of the name */ - len = i2d_X509_NAME(x509->cert_info->issuer, NULL); + len = i2d_X509_NAME(issuer_name, NULL); name = vmalloc(len); if (name == NULL) goto error; /* get the name */ bp = (unsigned char *) name->v; - len = i2d_X509_NAME(x509->cert_info->issuer, &bp); + len = i2d_X509_NAME(issuer_name, &bp); X509_free(x509); @@ -850,7 +858,7 @@ eay_check_x509sign(source, sig, cert) return -1; } - res = eay_rsa_verify(source, sig, evp->pkey.rsa); + res = eay_rsa_verify(source, sig, EVP_PKEY_get0_RSA(evp)); EVP_PKEY_free(evp); X509_free(x509); @@ -992,7 +1000,7 @@ eay_get_x509sign(src, privkey) if (evp == NULL) return NULL; - sig = eay_rsa_sign(src, evp->pkey.rsa); + sig = eay_rsa_sign(src, EVP_PKEY_get0_RSA(evp)); EVP_PKEY_free(evp); @@ -1079,7 +1087,11 @@ eay_strerror() int line, flags; unsigned long es; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + es = 0; /* even when allowed by OPENSSL_API_COMPAT, it is defined as 0 */ +#else es = CRYPTO_thread_id(); +#endif while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0){ n = snprintf(ebuf + len, sizeof(ebuf) - len, @@ -1100,7 +1112,7 @@ vchar_t * evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc) { vchar_t *res; - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX *ctx; if (!e) return NULL; @@ -1111,7 +1123,7 @@ evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc if ((res = vmalloc(data->l)) == NULL) return NULL; - EVP_CIPHER_CTX_init(&ctx); + ctx = EVP_CIPHER_CTX_new(); switch(EVP_CIPHER_nid(e)){ case NID_bf_cbc: @@ -1125,54 +1137,41 @@ evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc /* XXX: can we do that also for algos with a fixed key size ? */ /* init context without key/iv - */ - if (!EVP_CipherInit(&ctx, e, NULL, NULL, enc)) - { - OpenSSL_BUG(); - vfree(res); - return NULL; - } + */ + if (!EVP_CipherInit(ctx, e, NULL, NULL, enc)) + goto out; - /* update key size - */ - if (!EVP_CIPHER_CTX_set_key_length(&ctx, key->l)) - { - OpenSSL_BUG(); - vfree(res); - return NULL; - } - - /* finalize context init with desired key size - */ - if (!EVP_CipherInit(&ctx, NULL, (u_char *) key->v, + /* update key size + */ + if (!EVP_CIPHER_CTX_set_key_length(ctx, key->l)) + goto out; + + /* finalize context init with desired key size + */ + if (!EVP_CipherInit(ctx, NULL, (u_char *) key->v, (u_char *) iv->v, enc)) - { - OpenSSL_BUG(); - vfree(res); - return NULL; - } + goto out; break; default: - if (!EVP_CipherInit(&ctx, e, (u_char *) key->v, - (u_char *) iv->v, enc)) { - OpenSSL_BUG(); - vfree(res); - return NULL; - } + if (!EVP_CipherInit(ctx, e, (u_char *) key->v, + (u_char *) iv->v, enc)) + goto out; } /* disable openssl padding */ - EVP_CIPHER_CTX_set_padding(&ctx, 0); + EVP_CIPHER_CTX_set_padding(ctx, 0); - if (!EVP_Cipher(&ctx, (u_char *) res->v, (u_char *) data->v, data->l)) { - OpenSSL_BUG(); - vfree(res); - return NULL; - } + if (!EVP_Cipher(ctx, (u_char *) res->v, (u_char *) data->v, data->l)) + goto out; - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); return res; +out: + EVP_CIPHER_CTX_free(ctx); + OpenSSL_BUG(); + vfree(res); + return NULL; } int @@ -1230,7 +1229,7 @@ eay_des_keylen(len) return evp_keylen(len, EVP_des_cbc()); } -#ifdef HAVE_OPENSSL_IDEA_H +#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) /* * IDEA-CBC */ @@ -1587,7 +1586,7 @@ eay_aes_keylen(len) return len; } -#if defined(HAVE_OPENSSL_CAMELLIA_H) +#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) /* * CAMELLIA-CBC */ @@ -1680,9 +1679,9 @@ eay_hmac_init(key, md) vchar_t *key; const EVP_MD *md; { - HMAC_CTX *c = racoon_malloc(sizeof(*c)); + HMAC_CTX *c = HMAC_CTX_new(); - HMAC_Init(c, key->v, key->l, md); + HMAC_Init_ex(c, key->v, key->l, md, NULL); return (caddr_t)c; } @@ -1761,8 +1760,7 @@ eay_hmacsha2_512_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (SHA512_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -1811,8 +1809,7 @@ eay_hmacsha2_384_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (SHA384_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -1861,8 +1858,7 @@ eay_hmacsha2_256_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (SHA256_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -1912,8 +1908,7 @@ eay_hmacsha1_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (SHA_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -1962,8 +1957,7 @@ eay_hmacmd5_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (MD5_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -2266,6 +2260,7 @@ eay_dh_generate(prime, g, publen, pub, priv) u_int32_t g; { BIGNUM *p = NULL; + BIGNUM *BNg = NULL; DH *dh = NULL; int error = -1; @@ -2276,25 +2271,28 @@ eay_dh_generate(prime, g, publen, pub, priv) if ((dh = DH_new()) == NULL) goto end; - dh->p = p; - p = NULL; /* p is now part of dh structure */ - dh->g = NULL; - if ((dh->g = BN_new()) == NULL) + if ((BNg = BN_new()) == NULL) goto end; - if (!BN_set_word(dh->g, g)) + if (!BN_set_word(BNg, g)) goto end; + if (! DH_set0_pqg(dh, p, NULL, BNg)) + goto end; + BNg = NULL; + p = NULL; /* p is now part of dh structure */ if (publen != 0) - dh->length = publen; + DH_set_length(dh, publen); /* generate public and private number */ if (!DH_generate_key(dh)) goto end; /* copy results to buffers */ - if (eay_bn2v(pub, dh->pub_key) < 0) + BIGNUM *pub_key, *priv_key; + DH_get0_key(dh, (const BIGNUM**) &pub_key, (const BIGNUM**) &priv_key); + if (eay_bn2v(pub, pub_key) < 0) goto end; - if (eay_bn2v(priv, dh->priv_key) < 0) { + if (eay_bn2v(priv, priv_key) < 0) { vfree(*pub); goto end; } @@ -2306,6 +2304,8 @@ end: DH_free(dh); if (p != 0) BN_free(p); + if (BNg != 0) + BN_free(BNg); return(error); } @@ -2319,6 +2319,10 @@ eay_dh_compute(prime, g, pub, priv, pub2, key) int l; unsigned char *v = NULL; int error = -1; + BIGNUM *p = BN_new(); + BIGNUM *BNg = BN_new(); + BIGNUM *pub_key = BN_new(); + BIGNUM *priv_key = BN_new(); /* make public number to compute */ if (eay_v2bn(&dh_pub, pub2) < 0) @@ -2327,19 +2331,21 @@ eay_dh_compute(prime, g, pub, priv, pub2, key) /* make DH structure */ if ((dh = DH_new()) == NULL) goto end; - if (eay_v2bn(&dh->p, prime) < 0) + if (p == NULL || BNg == NULL || pub_key == NULL || priv_key == NULL) goto end; - if (eay_v2bn(&dh->pub_key, pub) < 0) + + if (eay_v2bn(&p, prime) < 0) goto end; - if (eay_v2bn(&dh->priv_key, priv) < 0) + if (eay_v2bn(&pub_key, pub) < 0) goto end; - dh->length = pub2->l * 8; - - dh->g = NULL; - if ((dh->g = BN_new()) == NULL) + if (eay_v2bn(&priv_key, priv) < 0) goto end; - if (!BN_set_word(dh->g, g)) + if (!BN_set_word(BNg, g)) goto end; + DH_set0_key(dh, pub_key, priv_key); + DH_set_length(dh, pub2->l * 8); + DH_set0_pqg(dh, p, NULL, BNg); + pub_key = priv_key = p = BNg = NULL; if ((v = racoon_calloc(prime->l, sizeof(u_char))) == NULL) goto end; @@ -2350,6 +2356,14 @@ eay_dh_compute(prime, g, pub, priv, pub2, key) error = 0; end: + if (p != NULL) + BN_free(p); + if (BNg != NULL) + BN_free(BNg); + if (pub_key != NULL) + BN_free(pub_key); + if (priv_key != NULL) + BN_free(priv_key); if (dh_pub != NULL) BN_free(dh_pub); if (dh != NULL) @@ -2400,12 +2414,14 @@ eay_bn2v(var, bn) void eay_init() { +#if OPENSSL_VERSION_NUMBER < 0x10100000L OpenSSL_add_all_algorithms(); ERR_load_crypto_strings(); #ifdef HAVE_OPENSSL_ENGINE_H ENGINE_load_builtin_engines(); ENGINE_register_all_complete(); #endif +#endif } vchar_t * @@ -2504,8 +2520,7 @@ binbuf_pubkey2rsa(vchar_t *binbuf) goto out; } - rsa_pub->n = mod; - rsa_pub->e = exp; + RSA_set0_key(rsa_pub, mod, exp, NULL); out: return rsa_pub; @@ -2582,5 +2597,5 @@ eay_random() const char * eay_version() { - return SSLeay_version(SSLEAY_VERSION); + return OpenSSL_version(OPENSSL_VERSION); } diff --git a/src/racoon/crypto_openssl.h b/src/racoon/crypto_openssl.h index 66fac73..ee5b765 100644 --- a/src/racoon/crypto_openssl.h +++ b/src/racoon/crypto_openssl.h @@ -124,7 +124,7 @@ extern vchar_t *eay_aes_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); extern int eay_aes_weakkey __P((vchar_t *)); extern int eay_aes_keylen __P((int)); -#if defined(HAVE_OPENSSL_CAMELLIA_H) +#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) /* Camellia */ extern vchar_t *eay_camellia_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); extern vchar_t *eay_camellia_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); diff --git a/src/racoon/eaytest.c b/src/racoon/eaytest.c index 1474bdc..ae09db3 100644 --- a/src/racoon/eaytest.c +++ b/src/racoon/eaytest.c @@ -62,6 +62,7 @@ #include "dhgroup.h" #include "crypto_openssl.h" #include "gnuc.h" +#include "openssl_compat.h" #include "package_version.h" @@ -103,7 +104,7 @@ rsa_verify_with_pubkey(src, sig, pubkey_txt) printf ("PEM_read_PUBKEY(): %s\n", eay_strerror()); return -1; } - error = eay_check_rsasign(src, sig, evp->pkey.rsa); + error = eay_check_rsasign(src, sig, EVP_PKEY_get0_RSA(evp)); return error; } @@ -698,7 +699,7 @@ ciphertest(ac, av) eay_cast_encrypt, eay_cast_decrypt) < 0) return -1; -#ifdef HAVE_OPENSSL_IDEA_H +#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) if (ciphertest_1 ("IDEA", &data, 8, &key, key.l, @@ -715,7 +716,7 @@ ciphertest(ac, av) eay_rc5_encrypt, eay_rc5_decrypt) < 0) return -1; #endif -#if defined(HAVE_OPENSSL_CAMELLIA_H) +#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) if (ciphertest_1 ("CAMELLIA", &data, 16, &key, key.l, diff --git a/src/racoon/ipsec_doi.c b/src/racoon/ipsec_doi.c index 84a4c71..b52469f 100644 --- a/src/racoon/ipsec_doi.c +++ b/src/racoon/ipsec_doi.c @@ -715,7 +715,7 @@ out: /* key length must not be specified on some algorithms */ if (keylen) { if (sa->enctype == OAKLEY_ATTR_ENC_ALG_DES -#ifdef HAVE_OPENSSL_IDEA_H +#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) || sa->enctype == OAKLEY_ATTR_ENC_ALG_IDEA #endif || sa->enctype == OAKLEY_ATTR_ENC_ALG_3DES) { diff --git a/src/racoon/openssl_compat.c b/src/racoon/openssl_compat.c new file mode 100644 index 0000000..864b5fb --- /dev/null +++ b/src/racoon/openssl_compat.c @@ -0,0 +1,213 @@ +/* + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "openssl_compat.h" + +#if OPENSSL_VERSION_NUMBER < 0x10100000L + +#include <string.h> + +static void *OPENSSL_zalloc(size_t num) +{ + void *ret = OPENSSL_malloc(num); + + if (ret != NULL) + memset(ret, 0, num); + return ret; +} + +int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) +{ + /* If the fields n and e in r are NULL, the corresponding input + * parameters MUST be non-NULL for n and e. d may be + * left NULL (in case only the public key is used). + */ + if ((r->n == NULL && n == NULL) + || (r->e == NULL && e == NULL)) + return 0; + + if (n != NULL) { + BN_free(r->n); + r->n = n; + } + if (e != NULL) { + BN_free(r->e); + r->e = e; + } + if (d != NULL) { + BN_free(r->d); + r->d = d; + } + + return 1; +} + +int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q) +{ + /* If the fields p and q in r are NULL, the corresponding input + * parameters MUST be non-NULL. + */ + if ((r->p == NULL && p == NULL) + || (r->q == NULL && q == NULL)) + return 0; + + if (p != NULL) { + BN_free(r->p); + r->p = p; + } + if (q != NULL) { + BN_free(r->q); + r->q = q; + } + + return 1; +} + +int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp) +{ + /* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input + * parameters MUST be non-NULL. + */ + if ((r->dmp1 == NULL && dmp1 == NULL) + || (r->dmq1 == NULL && dmq1 == NULL) + || (r->iqmp == NULL && iqmp == NULL)) + return 0; + + if (dmp1 != NULL) { + BN_free(r->dmp1); + r->dmp1 = dmp1; + } + if (dmq1 != NULL) { + BN_free(r->dmq1); + r->dmq1 = dmq1; + } + if (iqmp != NULL) { + BN_free(r->iqmp); + r->iqmp = iqmp; + } + + return 1; +} + +void RSA_get0_key(const RSA *r, + const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) +{ + if (n != NULL) + *n = r->n; + if (e != NULL) + *e = r->e; + if (d != NULL) + *d = r->d; +} + +void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) +{ + if (p != NULL) + *p = r->p; + if (q != NULL) + *q = r->q; +} + +void RSA_get0_crt_params(const RSA *r, + const BIGNUM **dmp1, const BIGNUM **dmq1, + const BIGNUM **iqmp) +{ + if (dmp1 != NULL) + *dmp1 = r->dmp1; + if (dmq1 != NULL) + *dmq1 = r->dmq1; + if (iqmp != NULL) + *iqmp = r->iqmp; +} + +int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) +{ + /* If the fields p and g in d are NULL, the corresponding input + * parameters MUST be non-NULL. q may remain NULL. + */ + if ((dh->p == NULL && p == NULL) + || (dh->g == NULL && g == NULL)) + return 0; + + if (p != NULL) { + BN_free(dh->p); + dh->p = p; + } + if (q != NULL) { + BN_free(dh->q); + dh->q = q; + } + if (g != NULL) { + BN_free(dh->g); + dh->g = g; + } + + if (q != NULL) { + dh->length = BN_num_bits(q); + } + + return 1; +} + +void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) +{ + if (pub_key != NULL) + *pub_key = dh->pub_key; + if (priv_key != NULL) + *priv_key = dh->priv_key; +} + +int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) +{ + /* If the field pub_key in dh is NULL, the corresponding input + * parameters MUST be non-NULL. The priv_key field may + * be left NULL. + */ + if (dh->pub_key == NULL && pub_key == NULL) + return 0; + + if (pub_key != NULL) { + BN_free(dh->pub_key); + dh->pub_key = pub_key; + } + if (priv_key != NULL) { + BN_free(dh->priv_key); + dh->priv_key = priv_key; + } + + return 1; +} + +int DH_set_length(DH *dh, long length) +{ + dh->length = length; + return 1; +} + +HMAC_CTX *HMAC_CTX_new(void) +{ + return OPENSSL_zalloc(sizeof(HMAC_CTX)); +} + +void HMAC_CTX_free(HMAC_CTX *ctx) +{ + HMAC_CTX_cleanup(ctx); + OPENSSL_free(ctx); +} + +RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey) +{ + if (pkey->type != EVP_PKEY_RSA) { + return NULL; + } + return pkey->pkey.rsa; +} + + +#endif /* OPENSSL_VERSION_NUMBER */ diff --git a/src/racoon/openssl_compat.h b/src/racoon/openssl_compat.h new file mode 100644 index 0000000..9e152c2 --- /dev/null +++ b/src/racoon/openssl_compat.h @@ -0,0 +1,45 @@ +#ifndef OPENSSL_COMPAT_H +#define OPENSSL_COMPAT_H + +#include <openssl/opensslv.h> +#if OPENSSL_VERSION_NUMBER < 0x10100000L + +#include <openssl/rsa.h> +#include <openssl/dh.h> +#include <openssl/evp.h> +#include <openssl/hmac.h> + +int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); +int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q); +int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp); +void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d); +void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q); +void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp); + +int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); +void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key); +int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key); +int DH_set_length(DH *dh, long length); + +HMAC_CTX *HMAC_CTX_new(void); +void HMAC_CTX_free(HMAC_CTX* ctx); + +RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); + +#define ASN1_STRING_length(s) s->length +#define ASN1_STRING_get0_data(s) s->data + +#define X509_get_subject_name(x) x->cert_info->subject +#define X509_get_issuer_name(x) x->cert_info->issuer +#define X509_NAME_ENTRY_get_data(n) n->value +#define X509_NAME_ENTRY_get_object(n) n->object +#define X509_STORE_CTX_get_current_cert(ctx) ctx->current_cert +#define X509_STORE_CTX_get_error(ctx) ctx->error +#define X509_STORE_CTX_get_error_depth(ctx) ctx->error_depth + +#define OPENSSL_VERSION SSLEAY_VERSION +#define OpenSSL_version SSLeay_version + +#endif /* OPENSSL_VERSION_NUMBER */ + +#endif /* OPENSSL_COMPAT_H */ diff --git a/src/racoon/plainrsa-gen.c b/src/racoon/plainrsa-gen.c index cad1861..b949b08 100644 --- a/src/racoon/plainrsa-gen.c +++ b/src/racoon/plainrsa-gen.c @@ -60,6 +60,7 @@ #include "vmbuf.h" #include "plog.h" #include "crypto_openssl.h" +#include "openssl_compat.h" #include "package_version.h" @@ -90,12 +91,14 @@ mix_b64_pubkey(const RSA *key) char *binbuf; long binlen, ret; vchar_t *res; - - binlen = 1 + BN_num_bytes(key->e) + BN_num_bytes(key->n); + const BIGNUM *e, *n; + + RSA_get0_key(key, &n, &e, NULL); + binlen = 1 + BN_num_bytes(e) + BN_num_bytes(n); binbuf = malloc(binlen); memset(binbuf, 0, binlen); - binbuf[0] = BN_bn2bin(key->e, (unsigned char *) &binbuf[1]); - ret = BN_bn2bin(key->n, (unsigned char *) (&binbuf[binbuf[0] + 1])); + binbuf[0] = BN_bn2bin(e, (unsigned char *) &binbuf[1]); + ret = BN_bn2bin(n, (unsigned char *) (&binbuf[binbuf[0] + 1])); if (1 + binbuf[0] + ret != binlen) { plog(LLV_ERROR, LOCATION, NULL, "Pubkey generation failed. This is really strange...\n"); @@ -131,16 +134,20 @@ print_rsa_key(FILE *fp, const RSA *key) fprintf(fp, "# : PUB 0s%s\n", pubkey64->v); fprintf(fp, ": RSA\t{\n"); - fprintf(fp, "\t# RSA %d bits\n", BN_num_bits(key->n)); + const BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp; + RSA_get0_key(key, &n, &e, &d); + RSA_get0_factors(key, &p, &q); + RSA_get0_crt_params(key, &dmp1, &dmq1, &iqmp); + fprintf(fp, "\t# RSA %d bits\n", BN_num_bits(n)); fprintf(fp, "\t# pubkey=0s%s\n", pubkey64->v); - fprintf(fp, "\tModulus: 0x%s\n", lowercase(BN_bn2hex(key->n))); - fprintf(fp, "\tPublicExponent: 0x%s\n", lowercase(BN_bn2hex(key->e))); - fprintf(fp, "\tPrivateExponent: 0x%s\n", lowercase(BN_bn2hex(key->d))); - fprintf(fp, "\tPrime1: 0x%s\n", lowercase(BN_bn2hex(key->p))); - fprintf(fp, "\tPrime2: 0x%s\n", lowercase(BN_bn2hex(key->q))); - fprintf(fp, "\tExponent1: 0x%s\n", lowercase(BN_bn2hex(key->dmp1))); - fprintf(fp, "\tExponent2: 0x%s\n", lowercase(BN_bn2hex(key->dmq1))); - fprintf(fp, "\tCoefficient: 0x%s\n", lowercase(BN_bn2hex(key->iqmp))); + fprintf(fp, "\tModulus: 0x%s\n", lowercase(BN_bn2hex(n))); + fprintf(fp, "\tPublicExponent: 0x%s\n", lowercase(BN_bn2hex(e))); + fprintf(fp, "\tPrivateExponent: 0x%s\n", lowercase(BN_bn2hex(d))); + fprintf(fp, "\tPrime1: 0x%s\n", lowercase(BN_bn2hex(p))); + fprintf(fp, "\tPrime2: 0x%s\n", lowercase(BN_bn2hex(q))); + fprintf(fp, "\tExponent1: 0x%s\n", lowercase(BN_bn2hex(dmp1))); + fprintf(fp, "\tExponent2: 0x%s\n", lowercase(BN_bn2hex(dmq1))); + fprintf(fp, "\tCoefficient: 0x%s\n", lowercase(BN_bn2hex(iqmp))); fprintf(fp, " }\n"); vfree(pubkey64); @@ -203,11 +210,13 @@ int gen_rsa_key(FILE *fp, size_t bits, unsigned long exp) { int ret; - RSA *key; + RSA *key = RSA_new(); + BIGNUM *e = BN_new(); - key = RSA_generate_key(bits, exp, NULL, NULL); - if (!key) { + BN_set_word(e, exp); + if (! RSA_generate_key_ex(key, bits, e, NULL)) { fprintf(stderr, "RSA_generate_key(): %s\n", eay_strerror()); + RSA_free(key); return -1; } diff --git a/src/racoon/prsa_par.y b/src/racoon/prsa_par.y index 1987e4d..27ce4c6 100644 --- a/src/racoon/prsa_par.y +++ b/src/racoon/prsa_par.y @@ -68,6 +68,7 @@ #include "isakmp_var.h" #include "handler.h" #include "crypto_openssl.h" +#include "openssl_compat.h" #include "sockmisc.h" #include "rsalist.h" @@ -85,7 +86,18 @@ char *prsa_cur_fname = NULL; struct genlist *prsa_cur_list = NULL; enum rsa_key_type prsa_cur_type = RSA_TYPE_ANY; -static RSA *rsa_cur; +struct my_rsa_st { + BIGNUM *n; + BIGNUM *e; + BIGNUM *d; + BIGNUM *p; + BIGNUM *q; + BIGNUM *dmp1; + BIGNUM *dmq1; + BIGNUM *iqmp; +}; + +static struct my_rsa_st *rsa_cur; void prsaerror(const char *s, ...) @@ -201,8 +213,12 @@ rsa_statement: rsa_cur->iqmp = NULL; } } - $$ = rsa_cur; - rsa_cur = RSA_new(); + RSA * rsa_tmp = RSA_new(); + RSA_set0_key(rsa_tmp, rsa_cur->n, rsa_cur->e, rsa_cur->d); + RSA_set0_factors(rsa_tmp, rsa_cur->p, rsa_cur->q); + RSA_set0_crt_params(rsa_tmp, rsa_cur->dmp1, rsa_cur->dmq1, rsa_cur->iqmp); + $$ = rsa_tmp; + memset(rsa_cur, 0, sizeof(struct my_rsa_st)); } | TAG_PUB BASE64 { @@ -351,10 +367,12 @@ prsa_parse_file(struct genlist *list, char *fname, enum rsa_key_type type) prsa_cur_fname = fname; prsa_cur_list = list; prsa_cur_type = type; - rsa_cur = RSA_new(); + rsa_cur = malloc(sizeof(struct my_rsa_st)); + memset(rsa_cur, 0, sizeof(struct my_rsa_st)); ret = prsaparse(); if (rsa_cur) { - RSA_free(rsa_cur); + memset(rsa_cur, 0, sizeof(struct my_rsa_st)); + free(rsa_cur); rsa_cur = NULL; } fclose (fp); diff --git a/src/racoon/rsalist.c b/src/racoon/rsalist.c index f152c82..96e8363 100644 --- a/src/racoon/rsalist.c +++ b/src/racoon/rsalist.c @@ -52,6 +52,7 @@ #include "genlist.h" #include "remoteconf.h" #include "crypto_openssl.h" +#include "openssl_compat.h" #ifndef LIST_FIRST #define LIST_FIRST(head) ((head)->lh_first) @@ -98,7 +99,9 @@ rsa_key_dup(struct rsa_key *key) return NULL; if (key->rsa) { - new->rsa = key->rsa->d != NULL ? RSAPrivateKey_dup(key->rsa) : RSAPublicKey_dup(key->rsa); + const BIGNUM *d; + RSA_get0_key(key->rsa, NULL, NULL, &d); + new->rsa = (d != NULL ? RSAPrivateKey_dup(key->rsa) : RSAPublicKey_dup(key->rsa)); if (new->rsa == NULL) goto dup_error; } -- 2.16.1 |
From: Eneas U de Q. <cot...@ya...> - 2018-05-30 19:28:06
|
After feedback from Noah Meyerhans, I've revised the patch to avoid freeing uninitilized BNs. Cheers Eneas U de Queiroz (1): ipsec-tools: add openssl 1.1 support src/racoon/Makefile.am | 10 +-- src/racoon/algorithm.c | 6 +- src/racoon/cfparse.y | 2 +- src/racoon/crypto_openssl.c | 197 +++++++++++++++++++++------------------- src/racoon/crypto_openssl.h | 2 +- src/racoon/eaytest.c | 7 +- src/racoon/ipsec_doi.c | 2 +- src/racoon/openssl_compat.c | 213 ++++++++++++++++++++++++++++++++++++++++++++ src/racoon/openssl_compat.h | 45 ++++++++++ src/racoon/plainrsa-gen.c | 41 +++++---- src/racoon/prsa_par.y | 28 ++++-- src/racoon/rsalist.c | 5 +- 12 files changed, 431 insertions(+), 127 deletions(-) create mode 100644 src/racoon/openssl_compat.c create mode 100644 src/racoon/openssl_compat.h -- 2.16.1 |
From: Eneas U de Q. <cot...@ya...> - 2018-05-28 12:06:04
|
This patch updates the calls to openssl 1.1 API, and adds a compatibility layer so it compiles with (at least) openssl 1.0.2, I haven't tested it with lower versions, but all that's needed is to edit the openssl_compat.* files and add the missing functions there--they're usually trivial. Signed-off-by: Eneas U de Queiroz <cot...@ya...> --- src/racoon/Makefile.am | 10 +-- src/racoon/algorithm.c | 6 +- src/racoon/cfparse.y | 2 +- src/racoon/crypto_openssl.c | 198 +++++++++++++++++++++------------------- src/racoon/crypto_openssl.h | 2 +- src/racoon/eaytest.c | 7 +- src/racoon/ipsec_doi.c | 2 +- src/racoon/openssl_compat.c | 213 ++++++++++++++++++++++++++++++++++++++++++++ src/racoon/openssl_compat.h | 45 ++++++++++ src/racoon/plainrsa-gen.c | 41 +++++---- src/racoon/prsa_par.y | 28 ++++-- src/racoon/rsalist.c | 5 +- 12 files changed, 432 insertions(+), 127 deletions(-) create mode 100644 src/racoon/openssl_compat.c create mode 100644 src/racoon/openssl_compat.h diff --git a/src/racoon/Makefile.am b/src/racoon/Makefile.am index dbaded9..4c585f3 100644 --- a/src/racoon/Makefile.am +++ b/src/racoon/Makefile.am @@ -4,7 +4,7 @@ sbin_PROGRAMS = racoon racoonctl plainrsa-gen noinst_PROGRAMS = eaytest include_racoon_HEADERS = racoonctl.h var.h vmbuf.h misc.h gcmalloc.h admin.h \ schedule.h sockmisc.h isakmp_var.h isakmp.h isakmp_xauth.h \ - isakmp_cfg.h isakmp_unity.h ipsec_doi.h evt.h + isakmp_cfg.h isakmp_unity.h ipsec_doi.h evt.h openssl_compat.h lib_LTLIBRARIES = libracoon.la adminsockdir=${localstatedir}/racoon @@ -32,7 +32,7 @@ racoon_SOURCES = \ gssapi.c dnssec.c getcertsbyname.c privsep.c \ pfkey.c admin.c evt.c ipsec_doi.c oakley.c grabmyaddr.c vendorid.c \ policy.c localconf.c remoteconf.c crypto_openssl.c algorithm.c \ - proposal.c sainfo.c strnames.c \ + openssl_compat.c proposal.c sainfo.c strnames.c \ plog.c logger.c schedule.c str2val.c \ safefile.c backupsa.c genlist.c rsalist.c \ cftoken.l cfparse.y prsa_tok.l prsa_par.y @@ -51,12 +51,12 @@ libracoon_la_SOURCES = kmpstat.c vmbuf.c sockmisc.c misc.c libracoon_la_CFLAGS = -DNOUSE_PRIVSEP $(AM_CFLAGS) plainrsa_gen_SOURCES = plainrsa-gen.c plog.c \ - crypto_openssl.c logger.c + crypto_openssl.c logger.c openssl_compat.c EXTRA_plainrsa_gen_SOURCES = $(MISSING_ALGOS) plainrsa_gen_LDADD = $(CRYPTOBJS) vmbuf.o misc.o plainrsa_gen_DEPENDENCIES = $(CRYPTOBJS) vmbuf.o misc.o -eaytest_SOURCES = eaytest.c plog.c logger.c +eaytest_SOURCES = eaytest.c plog.c logger.c openssl_compat.c EXTRA_eaytest_SOURCES = missing/crypto/sha2/sha2.c eaytest_LDADD = crypto_openssl_test.o vmbuf.o str2val.o misc_noplog.o \ $(CRYPTOBJS) @@ -75,7 +75,7 @@ noinst_HEADERS = \ debugrm.h isakmp.h misc.h sainfo.h \ dhgroup.h isakmp_agg.h netdb_dnssec.h schedule.h \ isakmp_cfg.h isakmp_xauth.h isakmp_unity.h isakmp_frag.h \ - throttle.h privsep.h \ + throttle.h privsep.h openssl_compat.h \ cfparse_proto.h cftoken_proto.h genlist.h rsalist.h \ missing/crypto/sha2/sha2.h missing/crypto/rijndael/rijndael_local.h \ missing/crypto/rijndael/rijndael-api-fst.h \ diff --git a/src/racoon/algorithm.c b/src/racoon/algorithm.c index 3fd50f6..66c874b 100644 --- a/src/racoon/algorithm.c +++ b/src/racoon/algorithm.c @@ -128,7 +128,7 @@ static struct enc_algorithm oakley_encdef[] = { { "aes", algtype_aes, OAKLEY_ATTR_ENC_ALG_AES, 16, eay_aes_encrypt, eay_aes_decrypt, eay_aes_weakkey, eay_aes_keylen, }, -#ifdef HAVE_OPENSSL_CAMELLIA_H +#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) { "camellia", algtype_camellia, OAKLEY_ATTR_ENC_ALG_CAMELLIA, 16, eay_camellia_encrypt, eay_camellia_decrypt, eay_camellia_weakkey, eay_camellia_keylen, }, @@ -168,7 +168,7 @@ static struct enc_algorithm ipsec_encdef[] = { { "twofish", algtype_twofish, IPSECDOI_ESP_TWOFISH, 16, NULL, NULL, NULL, eay_twofish_keylen, }, -#ifdef HAVE_OPENSSL_IDEA_H +#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) { "3idea", algtype_3idea, IPSECDOI_ESP_3IDEA, 8, NULL, NULL, NULL, NULL, }, @@ -179,7 +179,7 @@ static struct enc_algorithm ipsec_encdef[] = { { "rc4", algtype_rc4, IPSECDOI_ESP_RC4, 8, NULL, NULL, NULL, NULL, }, -#ifdef HAVE_OPENSSL_CAMELLIA_H +#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) { "camellia", algtype_camellia, IPSECDOI_ESP_CAMELLIA, 16, NULL, NULL, NULL, eay_camellia_keylen, }, diff --git a/src/racoon/cfparse.y b/src/racoon/cfparse.y index 0d9bd67..8415752 100644 --- a/src/racoon/cfparse.y +++ b/src/racoon/cfparse.y @@ -2564,7 +2564,7 @@ set_isakmp_proposal(rmconf) plog(LLV_DEBUG2, LOCATION, NULL, "encklen=%d\n", s->encklen); - memset(types, 0, ARRAYLEN(types)); + memset(types, 0, sizeof types); types[algclass_isakmp_enc] = s->algclass[algclass_isakmp_enc]; types[algclass_isakmp_hash] = s->algclass[algclass_isakmp_hash]; types[algclass_isakmp_dh] = s->algclass[algclass_isakmp_dh]; diff --git a/src/racoon/crypto_openssl.c b/src/racoon/crypto_openssl.c index 55b076a..292fb1a 100644 --- a/src/racoon/crypto_openssl.c +++ b/src/racoon/crypto_openssl.c @@ -90,6 +90,7 @@ #endif #endif #include "plog.h" +#include "openssl_compat.h" #define USE_NEW_DES_API @@ -316,9 +317,12 @@ eay_cmp_asn1dn(n1, n2) i = idx+1; goto end; } - if ((ea->value->length == 1 && ea->value->data[0] == '*') || - (eb->value->length == 1 && eb->value->data[0] == '*')) { - if (OBJ_cmp(ea->object,eb->object)) { + ASN1_STRING *sa = X509_NAME_ENTRY_get_data(ea); + ASN1_STRING *sb = X509_NAME_ENTRY_get_data(eb); + if ((ASN1_STRING_length(sa) == 1 && ASN1_STRING_get0_data(sa)[0] == '*') || + (ASN1_STRING_length(sb) == 1 && ASN1_STRING_get0_data(sb)[0] == '*')) { + if (OBJ_cmp(X509_NAME_ENTRY_get_object(ea), + X509_NAME_ENTRY_get_object(eb))) { i = idx+1; goto end; } @@ -430,7 +434,7 @@ cb_check_cert_local(ok, ctx) if (!ok) { X509_NAME_oneline( - X509_get_subject_name(ctx->current_cert), + X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)), buf, 256); /* @@ -438,7 +442,8 @@ cb_check_cert_local(ok, ctx) * ok if they are self signed. But we should still warn * the user. */ - switch (ctx->error) { + int ctx_error = X509_STORE_CTX_get_error(ctx); + switch (ctx_error) { case X509_V_ERR_CERT_HAS_EXPIRED: case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: case X509_V_ERR_INVALID_CA: @@ -453,9 +458,9 @@ cb_check_cert_local(ok, ctx) } plog(log_tag, LOCATION, NULL, "%s(%d) at depth:%d SubjectName:%s\n", - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, + X509_verify_cert_error_string(ctx_error), + ctx_error, + X509_STORE_CTX_get_error_depth(ctx), buf); } ERR_clear_error(); @@ -477,10 +482,11 @@ cb_check_cert_remote(ok, ctx) if (!ok) { X509_NAME_oneline( - X509_get_subject_name(ctx->current_cert), + X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)), buf, 256); - switch (ctx->error) { + int ctx_error=X509_STORE_CTX_get_error(ctx); + switch (ctx_error) { case X509_V_ERR_UNABLE_TO_GET_CRL: ok = 1; log_tag = LLV_WARNING; @@ -490,9 +496,9 @@ cb_check_cert_remote(ok, ctx) } plog(log_tag, LOCATION, NULL, "%s(%d) at depth:%d SubjectName:%s\n", - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, + X509_verify_cert_error_string(ctx_error), + ctx_error, + X509_STORE_CTX_get_error_depth(ctx), buf); } ERR_clear_error(); @@ -516,14 +522,15 @@ eay_get_x509asn1subjectname(cert) if (x509 == NULL) goto error; + X509_NAME *subject_name = X509_get_subject_name(x509); /* get the length of the name */ - len = i2d_X509_NAME(x509->cert_info->subject, NULL); + len = i2d_X509_NAME(subject_name, NULL); name = vmalloc(len); if (!name) goto error; /* get the name */ bp = (unsigned char *) name->v; - len = i2d_X509_NAME(x509->cert_info->subject, &bp); + len = i2d_X509_NAME(subject_name, &bp); X509_free(x509); @@ -661,15 +668,16 @@ eay_get_x509asn1issuername(cert) if (x509 == NULL) goto error; + X509_NAME *issuer_name = X509_get_issuer_name(x509); /* get the length of the name */ - len = i2d_X509_NAME(x509->cert_info->issuer, NULL); + len = i2d_X509_NAME(issuer_name, NULL); name = vmalloc(len); if (name == NULL) goto error; /* get the name */ bp = (unsigned char *) name->v; - len = i2d_X509_NAME(x509->cert_info->issuer, &bp); + len = i2d_X509_NAME(issuer_name, &bp); X509_free(x509); @@ -850,7 +858,7 @@ eay_check_x509sign(source, sig, cert) return -1; } - res = eay_rsa_verify(source, sig, evp->pkey.rsa); + res = eay_rsa_verify(source, sig, EVP_PKEY_get0_RSA(evp)); EVP_PKEY_free(evp); X509_free(x509); @@ -992,7 +1000,7 @@ eay_get_x509sign(src, privkey) if (evp == NULL) return NULL; - sig = eay_rsa_sign(src, evp->pkey.rsa); + sig = eay_rsa_sign(src, EVP_PKEY_get0_RSA(evp)); EVP_PKEY_free(evp); @@ -1079,7 +1087,11 @@ eay_strerror() int line, flags; unsigned long es; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + es = 0; /* even when allowed by OPENSSL_API_COMPAT, it is defined as 0 */ +#else es = CRYPTO_thread_id(); +#endif while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0){ n = snprintf(ebuf + len, sizeof(ebuf) - len, @@ -1100,7 +1112,7 @@ vchar_t * evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc) { vchar_t *res; - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX *ctx; if (!e) return NULL; @@ -1111,7 +1123,7 @@ evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc if ((res = vmalloc(data->l)) == NULL) return NULL; - EVP_CIPHER_CTX_init(&ctx); + ctx = EVP_CIPHER_CTX_new(); switch(EVP_CIPHER_nid(e)){ case NID_bf_cbc: @@ -1125,54 +1137,41 @@ evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc /* XXX: can we do that also for algos with a fixed key size ? */ /* init context without key/iv - */ - if (!EVP_CipherInit(&ctx, e, NULL, NULL, enc)) - { - OpenSSL_BUG(); - vfree(res); - return NULL; - } + */ + if (!EVP_CipherInit(ctx, e, NULL, NULL, enc)) + goto out; - /* update key size - */ - if (!EVP_CIPHER_CTX_set_key_length(&ctx, key->l)) - { - OpenSSL_BUG(); - vfree(res); - return NULL; - } - - /* finalize context init with desired key size - */ - if (!EVP_CipherInit(&ctx, NULL, (u_char *) key->v, + /* update key size + */ + if (!EVP_CIPHER_CTX_set_key_length(ctx, key->l)) + goto out; + + /* finalize context init with desired key size + */ + if (!EVP_CipherInit(ctx, NULL, (u_char *) key->v, (u_char *) iv->v, enc)) - { - OpenSSL_BUG(); - vfree(res); - return NULL; - } + goto out; break; default: - if (!EVP_CipherInit(&ctx, e, (u_char *) key->v, - (u_char *) iv->v, enc)) { - OpenSSL_BUG(); - vfree(res); - return NULL; - } + if (!EVP_CipherInit(ctx, e, (u_char *) key->v, + (u_char *) iv->v, enc)) + goto out; } /* disable openssl padding */ - EVP_CIPHER_CTX_set_padding(&ctx, 0); + EVP_CIPHER_CTX_set_padding(ctx, 0); - if (!EVP_Cipher(&ctx, (u_char *) res->v, (u_char *) data->v, data->l)) { - OpenSSL_BUG(); - vfree(res); - return NULL; - } + if (!EVP_Cipher(ctx, (u_char *) res->v, (u_char *) data->v, data->l)) + goto out; - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); return res; +out: + EVP_CIPHER_CTX_free(ctx); + OpenSSL_BUG(); + vfree(res); + return NULL; } int @@ -1230,7 +1229,7 @@ eay_des_keylen(len) return evp_keylen(len, EVP_des_cbc()); } -#ifdef HAVE_OPENSSL_IDEA_H +#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) /* * IDEA-CBC */ @@ -1587,7 +1586,7 @@ eay_aes_keylen(len) return len; } -#if defined(HAVE_OPENSSL_CAMELLIA_H) +#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) /* * CAMELLIA-CBC */ @@ -1680,9 +1679,9 @@ eay_hmac_init(key, md) vchar_t *key; const EVP_MD *md; { - HMAC_CTX *c = racoon_malloc(sizeof(*c)); + HMAC_CTX *c = HMAC_CTX_new(); - HMAC_Init(c, key->v, key->l, md); + HMAC_Init_ex(c, key->v, key->l, md, NULL); return (caddr_t)c; } @@ -1761,8 +1760,7 @@ eay_hmacsha2_512_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (SHA512_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -1811,8 +1809,7 @@ eay_hmacsha2_384_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (SHA384_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -1861,8 +1858,7 @@ eay_hmacsha2_256_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (SHA256_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -1912,8 +1908,7 @@ eay_hmacsha1_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (SHA_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -1962,8 +1957,7 @@ eay_hmacmd5_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (MD5_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -2266,6 +2260,7 @@ eay_dh_generate(prime, g, publen, pub, priv) u_int32_t g; { BIGNUM *p = NULL; + BIGNUM *BNg = NULL; DH *dh = NULL; int error = -1; @@ -2276,25 +2271,28 @@ eay_dh_generate(prime, g, publen, pub, priv) if ((dh = DH_new()) == NULL) goto end; - dh->p = p; - p = NULL; /* p is now part of dh structure */ - dh->g = NULL; - if ((dh->g = BN_new()) == NULL) + if ((BNg = BN_new()) == NULL) + goto end; + if (!BN_set_word(BNg, g)) goto end; - if (!BN_set_word(dh->g, g)) + if (! DH_set0_pqg(dh, p, NULL, BNg)) goto end; + BNg = NULL; + p = NULL; /* p is now part of dh structure */ if (publen != 0) - dh->length = publen; + DH_set_length(dh, publen); /* generate public and private number */ if (!DH_generate_key(dh)) goto end; /* copy results to buffers */ - if (eay_bn2v(pub, dh->pub_key) < 0) + BIGNUM *pub_key, *priv_key; + DH_get0_key(dh, (const BIGNUM**) &pub_key, (const BIGNUM**) &priv_key); + if (eay_bn2v(pub, pub_key) < 0) goto end; - if (eay_bn2v(priv, dh->priv_key) < 0) { + if (eay_bn2v(priv, priv_key) < 0) { vfree(*pub); goto end; } @@ -2306,6 +2304,8 @@ end: DH_free(dh); if (p != 0) BN_free(p); + if (BNg != 0) + BN_free(BNg); return(error); } @@ -2327,19 +2327,26 @@ eay_dh_compute(prime, g, pub, priv, pub2, key) /* make DH structure */ if ((dh = DH_new()) == NULL) goto end; - if (eay_v2bn(&dh->p, prime) < 0) + BIGNUM *p = BN_new(); + BIGNUM *BNg = BN_new(); + BIGNUM *pub_key = BN_new(); + BIGNUM *priv_key = BN_new(); + + if (p == NULL || BNg == NULL || pub_key == NULL || priv_key == NULL) goto end; - if (eay_v2bn(&dh->pub_key, pub) < 0) + + if (eay_v2bn(&p, prime) < 0) goto end; - if (eay_v2bn(&dh->priv_key, priv) < 0) + if (eay_v2bn(&pub_key, pub) < 0) goto end; - dh->length = pub2->l * 8; - - dh->g = NULL; - if ((dh->g = BN_new()) == NULL) + if (eay_v2bn(&priv_key, priv) < 0) goto end; - if (!BN_set_word(dh->g, g)) + if (!BN_set_word(BNg, g)) goto end; + DH_set0_key(dh, pub_key, priv_key); + DH_set_length(dh, pub2->l * 8); + DH_set0_pqg(dh, p, NULL, BNg); + pub_key = priv_key = p = BNg = NULL; if ((v = racoon_calloc(prime->l, sizeof(u_char))) == NULL) goto end; @@ -2350,6 +2357,14 @@ eay_dh_compute(prime, g, pub, priv, pub2, key) error = 0; end: + if (p != NULL) + BN_free(p); + if (BNg != NULL) + BN_free(BNg); + if (pub_key != NULL) + BN_free(pub_key); + if (priv_key != NULL) + BN_free(priv_key); if (dh_pub != NULL) BN_free(dh_pub); if (dh != NULL) @@ -2400,12 +2415,14 @@ eay_bn2v(var, bn) void eay_init() { +#if OPENSSL_VERSION_NUMBER < 0x10100000L OpenSSL_add_all_algorithms(); ERR_load_crypto_strings(); #ifdef HAVE_OPENSSL_ENGINE_H ENGINE_load_builtin_engines(); ENGINE_register_all_complete(); #endif +#endif } vchar_t * @@ -2504,8 +2521,7 @@ binbuf_pubkey2rsa(vchar_t *binbuf) goto out; } - rsa_pub->n = mod; - rsa_pub->e = exp; + RSA_set0_key(rsa_pub, mod, exp, NULL); out: return rsa_pub; @@ -2582,5 +2598,5 @@ eay_random() const char * eay_version() { - return SSLeay_version(SSLEAY_VERSION); + return OpenSSL_version(OPENSSL_VERSION); } diff --git a/src/racoon/crypto_openssl.h b/src/racoon/crypto_openssl.h index 66fac73..ee5b765 100644 --- a/src/racoon/crypto_openssl.h +++ b/src/racoon/crypto_openssl.h @@ -124,7 +124,7 @@ extern vchar_t *eay_aes_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); extern int eay_aes_weakkey __P((vchar_t *)); extern int eay_aes_keylen __P((int)); -#if defined(HAVE_OPENSSL_CAMELLIA_H) +#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) /* Camellia */ extern vchar_t *eay_camellia_encrypt __P((vchar_t *, vchar_t *, vchar_t *)); extern vchar_t *eay_camellia_decrypt __P((vchar_t *, vchar_t *, vchar_t *)); diff --git a/src/racoon/eaytest.c b/src/racoon/eaytest.c index 1474bdc..ae09db3 100644 --- a/src/racoon/eaytest.c +++ b/src/racoon/eaytest.c @@ -62,6 +62,7 @@ #include "dhgroup.h" #include "crypto_openssl.h" #include "gnuc.h" +#include "openssl_compat.h" #include "package_version.h" @@ -103,7 +104,7 @@ rsa_verify_with_pubkey(src, sig, pubkey_txt) printf ("PEM_read_PUBKEY(): %s\n", eay_strerror()); return -1; } - error = eay_check_rsasign(src, sig, evp->pkey.rsa); + error = eay_check_rsasign(src, sig, EVP_PKEY_get0_RSA(evp)); return error; } @@ -698,7 +699,7 @@ ciphertest(ac, av) eay_cast_encrypt, eay_cast_decrypt) < 0) return -1; -#ifdef HAVE_OPENSSL_IDEA_H +#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) if (ciphertest_1 ("IDEA", &data, 8, &key, key.l, @@ -715,7 +716,7 @@ ciphertest(ac, av) eay_rc5_encrypt, eay_rc5_decrypt) < 0) return -1; #endif -#if defined(HAVE_OPENSSL_CAMELLIA_H) +#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA) if (ciphertest_1 ("CAMELLIA", &data, 16, &key, key.l, diff --git a/src/racoon/ipsec_doi.c b/src/racoon/ipsec_doi.c index 84a4c71..b52469f 100644 --- a/src/racoon/ipsec_doi.c +++ b/src/racoon/ipsec_doi.c @@ -715,7 +715,7 @@ out: /* key length must not be specified on some algorithms */ if (keylen) { if (sa->enctype == OAKLEY_ATTR_ENC_ALG_DES -#ifdef HAVE_OPENSSL_IDEA_H +#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA) || sa->enctype == OAKLEY_ATTR_ENC_ALG_IDEA #endif || sa->enctype == OAKLEY_ATTR_ENC_ALG_3DES) { diff --git a/src/racoon/openssl_compat.c b/src/racoon/openssl_compat.c new file mode 100644 index 0000000..864b5fb --- /dev/null +++ b/src/racoon/openssl_compat.c @@ -0,0 +1,213 @@ +/* + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "openssl_compat.h" + +#if OPENSSL_VERSION_NUMBER < 0x10100000L + +#include <string.h> + +static void *OPENSSL_zalloc(size_t num) +{ + void *ret = OPENSSL_malloc(num); + + if (ret != NULL) + memset(ret, 0, num); + return ret; +} + +int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) +{ + /* If the fields n and e in r are NULL, the corresponding input + * parameters MUST be non-NULL for n and e. d may be + * left NULL (in case only the public key is used). + */ + if ((r->n == NULL && n == NULL) + || (r->e == NULL && e == NULL)) + return 0; + + if (n != NULL) { + BN_free(r->n); + r->n = n; + } + if (e != NULL) { + BN_free(r->e); + r->e = e; + } + if (d != NULL) { + BN_free(r->d); + r->d = d; + } + + return 1; +} + +int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q) +{ + /* If the fields p and q in r are NULL, the corresponding input + * parameters MUST be non-NULL. + */ + if ((r->p == NULL && p == NULL) + || (r->q == NULL && q == NULL)) + return 0; + + if (p != NULL) { + BN_free(r->p); + r->p = p; + } + if (q != NULL) { + BN_free(r->q); + r->q = q; + } + + return 1; +} + +int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp) +{ + /* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input + * parameters MUST be non-NULL. + */ + if ((r->dmp1 == NULL && dmp1 == NULL) + || (r->dmq1 == NULL && dmq1 == NULL) + || (r->iqmp == NULL && iqmp == NULL)) + return 0; + + if (dmp1 != NULL) { + BN_free(r->dmp1); + r->dmp1 = dmp1; + } + if (dmq1 != NULL) { + BN_free(r->dmq1); + r->dmq1 = dmq1; + } + if (iqmp != NULL) { + BN_free(r->iqmp); + r->iqmp = iqmp; + } + + return 1; +} + +void RSA_get0_key(const RSA *r, + const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) +{ + if (n != NULL) + *n = r->n; + if (e != NULL) + *e = r->e; + if (d != NULL) + *d = r->d; +} + +void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) +{ + if (p != NULL) + *p = r->p; + if (q != NULL) + *q = r->q; +} + +void RSA_get0_crt_params(const RSA *r, + const BIGNUM **dmp1, const BIGNUM **dmq1, + const BIGNUM **iqmp) +{ + if (dmp1 != NULL) + *dmp1 = r->dmp1; + if (dmq1 != NULL) + *dmq1 = r->dmq1; + if (iqmp != NULL) + *iqmp = r->iqmp; +} + +int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) +{ + /* If the fields p and g in d are NULL, the corresponding input + * parameters MUST be non-NULL. q may remain NULL. + */ + if ((dh->p == NULL && p == NULL) + || (dh->g == NULL && g == NULL)) + return 0; + + if (p != NULL) { + BN_free(dh->p); + dh->p = p; + } + if (q != NULL) { + BN_free(dh->q); + dh->q = q; + } + if (g != NULL) { + BN_free(dh->g); + dh->g = g; + } + + if (q != NULL) { + dh->length = BN_num_bits(q); + } + + return 1; +} + +void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) +{ + if (pub_key != NULL) + *pub_key = dh->pub_key; + if (priv_key != NULL) + *priv_key = dh->priv_key; +} + +int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) +{ + /* If the field pub_key in dh is NULL, the corresponding input + * parameters MUST be non-NULL. The priv_key field may + * be left NULL. + */ + if (dh->pub_key == NULL && pub_key == NULL) + return 0; + + if (pub_key != NULL) { + BN_free(dh->pub_key); + dh->pub_key = pub_key; + } + if (priv_key != NULL) { + BN_free(dh->priv_key); + dh->priv_key = priv_key; + } + + return 1; +} + +int DH_set_length(DH *dh, long length) +{ + dh->length = length; + return 1; +} + +HMAC_CTX *HMAC_CTX_new(void) +{ + return OPENSSL_zalloc(sizeof(HMAC_CTX)); +} + +void HMAC_CTX_free(HMAC_CTX *ctx) +{ + HMAC_CTX_cleanup(ctx); + OPENSSL_free(ctx); +} + +RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey) +{ + if (pkey->type != EVP_PKEY_RSA) { + return NULL; + } + return pkey->pkey.rsa; +} + + +#endif /* OPENSSL_VERSION_NUMBER */ diff --git a/src/racoon/openssl_compat.h b/src/racoon/openssl_compat.h new file mode 100644 index 0000000..9e152c2 --- /dev/null +++ b/src/racoon/openssl_compat.h @@ -0,0 +1,45 @@ +#ifndef OPENSSL_COMPAT_H +#define OPENSSL_COMPAT_H + +#include <openssl/opensslv.h> +#if OPENSSL_VERSION_NUMBER < 0x10100000L + +#include <openssl/rsa.h> +#include <openssl/dh.h> +#include <openssl/evp.h> +#include <openssl/hmac.h> + +int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); +int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q); +int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp); +void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d); +void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q); +void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp); + +int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); +void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key); +int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key); +int DH_set_length(DH *dh, long length); + +HMAC_CTX *HMAC_CTX_new(void); +void HMAC_CTX_free(HMAC_CTX* ctx); + +RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); + +#define ASN1_STRING_length(s) s->length +#define ASN1_STRING_get0_data(s) s->data + +#define X509_get_subject_name(x) x->cert_info->subject +#define X509_get_issuer_name(x) x->cert_info->issuer +#define X509_NAME_ENTRY_get_data(n) n->value +#define X509_NAME_ENTRY_get_object(n) n->object +#define X509_STORE_CTX_get_current_cert(ctx) ctx->current_cert +#define X509_STORE_CTX_get_error(ctx) ctx->error +#define X509_STORE_CTX_get_error_depth(ctx) ctx->error_depth + +#define OPENSSL_VERSION SSLEAY_VERSION +#define OpenSSL_version SSLeay_version + +#endif /* OPENSSL_VERSION_NUMBER */ + +#endif /* OPENSSL_COMPAT_H */ diff --git a/src/racoon/plainrsa-gen.c b/src/racoon/plainrsa-gen.c index cad1861..b949b08 100644 --- a/src/racoon/plainrsa-gen.c +++ b/src/racoon/plainrsa-gen.c @@ -60,6 +60,7 @@ #include "vmbuf.h" #include "plog.h" #include "crypto_openssl.h" +#include "openssl_compat.h" #include "package_version.h" @@ -90,12 +91,14 @@ mix_b64_pubkey(const RSA *key) char *binbuf; long binlen, ret; vchar_t *res; - - binlen = 1 + BN_num_bytes(key->e) + BN_num_bytes(key->n); + const BIGNUM *e, *n; + + RSA_get0_key(key, &n, &e, NULL); + binlen = 1 + BN_num_bytes(e) + BN_num_bytes(n); binbuf = malloc(binlen); memset(binbuf, 0, binlen); - binbuf[0] = BN_bn2bin(key->e, (unsigned char *) &binbuf[1]); - ret = BN_bn2bin(key->n, (unsigned char *) (&binbuf[binbuf[0] + 1])); + binbuf[0] = BN_bn2bin(e, (unsigned char *) &binbuf[1]); + ret = BN_bn2bin(n, (unsigned char *) (&binbuf[binbuf[0] + 1])); if (1 + binbuf[0] + ret != binlen) { plog(LLV_ERROR, LOCATION, NULL, "Pubkey generation failed. This is really strange...\n"); @@ -131,16 +134,20 @@ print_rsa_key(FILE *fp, const RSA *key) fprintf(fp, "# : PUB 0s%s\n", pubkey64->v); fprintf(fp, ": RSA\t{\n"); - fprintf(fp, "\t# RSA %d bits\n", BN_num_bits(key->n)); + const BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp; + RSA_get0_key(key, &n, &e, &d); + RSA_get0_factors(key, &p, &q); + RSA_get0_crt_params(key, &dmp1, &dmq1, &iqmp); + fprintf(fp, "\t# RSA %d bits\n", BN_num_bits(n)); fprintf(fp, "\t# pubkey=0s%s\n", pubkey64->v); - fprintf(fp, "\tModulus: 0x%s\n", lowercase(BN_bn2hex(key->n))); - fprintf(fp, "\tPublicExponent: 0x%s\n", lowercase(BN_bn2hex(key->e))); - fprintf(fp, "\tPrivateExponent: 0x%s\n", lowercase(BN_bn2hex(key->d))); - fprintf(fp, "\tPrime1: 0x%s\n", lowercase(BN_bn2hex(key->p))); - fprintf(fp, "\tPrime2: 0x%s\n", lowercase(BN_bn2hex(key->q))); - fprintf(fp, "\tExponent1: 0x%s\n", lowercase(BN_bn2hex(key->dmp1))); - fprintf(fp, "\tExponent2: 0x%s\n", lowercase(BN_bn2hex(key->dmq1))); - fprintf(fp, "\tCoefficient: 0x%s\n", lowercase(BN_bn2hex(key->iqmp))); + fprintf(fp, "\tModulus: 0x%s\n", lowercase(BN_bn2hex(n))); + fprintf(fp, "\tPublicExponent: 0x%s\n", lowercase(BN_bn2hex(e))); + fprintf(fp, "\tPrivateExponent: 0x%s\n", lowercase(BN_bn2hex(d))); + fprintf(fp, "\tPrime1: 0x%s\n", lowercase(BN_bn2hex(p))); + fprintf(fp, "\tPrime2: 0x%s\n", lowercase(BN_bn2hex(q))); + fprintf(fp, "\tExponent1: 0x%s\n", lowercase(BN_bn2hex(dmp1))); + fprintf(fp, "\tExponent2: 0x%s\n", lowercase(BN_bn2hex(dmq1))); + fprintf(fp, "\tCoefficient: 0x%s\n", lowercase(BN_bn2hex(iqmp))); fprintf(fp, " }\n"); vfree(pubkey64); @@ -203,11 +210,13 @@ int gen_rsa_key(FILE *fp, size_t bits, unsigned long exp) { int ret; - RSA *key; + RSA *key = RSA_new(); + BIGNUM *e = BN_new(); - key = RSA_generate_key(bits, exp, NULL, NULL); - if (!key) { + BN_set_word(e, exp); + if (! RSA_generate_key_ex(key, bits, e, NULL)) { fprintf(stderr, "RSA_generate_key(): %s\n", eay_strerror()); + RSA_free(key); return -1; } diff --git a/src/racoon/prsa_par.y b/src/racoon/prsa_par.y index 1987e4d..27ce4c6 100644 --- a/src/racoon/prsa_par.y +++ b/src/racoon/prsa_par.y @@ -68,6 +68,7 @@ #include "isakmp_var.h" #include "handler.h" #include "crypto_openssl.h" +#include "openssl_compat.h" #include "sockmisc.h" #include "rsalist.h" @@ -85,7 +86,18 @@ char *prsa_cur_fname = NULL; struct genlist *prsa_cur_list = NULL; enum rsa_key_type prsa_cur_type = RSA_TYPE_ANY; -static RSA *rsa_cur; +struct my_rsa_st { + BIGNUM *n; + BIGNUM *e; + BIGNUM *d; + BIGNUM *p; + BIGNUM *q; + BIGNUM *dmp1; + BIGNUM *dmq1; + BIGNUM *iqmp; +}; + +static struct my_rsa_st *rsa_cur; void prsaerror(const char *s, ...) @@ -201,8 +213,12 @@ rsa_statement: rsa_cur->iqmp = NULL; } } - $$ = rsa_cur; - rsa_cur = RSA_new(); + RSA * rsa_tmp = RSA_new(); + RSA_set0_key(rsa_tmp, rsa_cur->n, rsa_cur->e, rsa_cur->d); + RSA_set0_factors(rsa_tmp, rsa_cur->p, rsa_cur->q); + RSA_set0_crt_params(rsa_tmp, rsa_cur->dmp1, rsa_cur->dmq1, rsa_cur->iqmp); + $$ = rsa_tmp; + memset(rsa_cur, 0, sizeof(struct my_rsa_st)); } | TAG_PUB BASE64 { @@ -351,10 +367,12 @@ prsa_parse_file(struct genlist *list, char *fname, enum rsa_key_type type) prsa_cur_fname = fname; prsa_cur_list = list; prsa_cur_type = type; - rsa_cur = RSA_new(); + rsa_cur = malloc(sizeof(struct my_rsa_st)); + memset(rsa_cur, 0, sizeof(struct my_rsa_st)); ret = prsaparse(); if (rsa_cur) { - RSA_free(rsa_cur); + memset(rsa_cur, 0, sizeof(struct my_rsa_st)); + free(rsa_cur); rsa_cur = NULL; } fclose (fp); diff --git a/src/racoon/rsalist.c b/src/racoon/rsalist.c index f152c82..96e8363 100644 --- a/src/racoon/rsalist.c +++ b/src/racoon/rsalist.c @@ -52,6 +52,7 @@ #include "genlist.h" #include "remoteconf.h" #include "crypto_openssl.h" +#include "openssl_compat.h" #ifndef LIST_FIRST #define LIST_FIRST(head) ((head)->lh_first) @@ -98,7 +99,9 @@ rsa_key_dup(struct rsa_key *key) return NULL; if (key->rsa) { - new->rsa = key->rsa->d != NULL ? RSAPrivateKey_dup(key->rsa) : RSAPublicKey_dup(key->rsa); + const BIGNUM *d; + RSA_get0_key(key->rsa, NULL, NULL, &d); + new->rsa = (d != NULL ? RSAPrivateKey_dup(key->rsa) : RSAPublicKey_dup(key->rsa)); if (new->rsa == NULL) goto dup_error; } -- 2.16.1 |
From: Reinoud K. <rei...@gm...> - 2017-10-16 06:42:22
|
Hi Noah, I don't think so. It would be interesting to do so I think. It's sad this project hasn't gained more interest. Thanks, Reinoud. On Oct 14, 2017 8:27 AM, "Noah Meyerhans via Ipsec-tools-devel" < ips...@li...> wrote: > Has anybody done any work toward supporting OpenSSL 1.1 in ipsec-tools? > As documented at [1], the work is non-trivial, and before I dive too > deep into it I'd like to see if it's something that can be coordinated > with others. > > Debian is currently planning on removing Openssl 1.0 in the next major > release, meaning that ipsec-tools will also be dropped if it can't be > used with 1.1. [2] > > noah > > 1. https://www.mail-archive.com/te...@op.../msg36437.html > 2. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858930 > > ------------------------------------------------------------ > ------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Ipsec-tools-devel mailing list > Ips...@li... > https://lists.sourceforge.net/lists/listinfo/ipsec-tools-devel > > |
From: Noah M. <fr...@mo...> - 2017-10-14 15:27:15
|
Has anybody done any work toward supporting OpenSSL 1.1 in ipsec-tools? As documented at [1], the work is non-trivial, and before I dive too deep into it I'd like to see if it's something that can be coordinated with others. Debian is currently planning on removing Openssl 1.0 in the next major release, meaning that ipsec-tools will also be dropped if it can't be used with 1.1. [2] noah 1. https://www.mail-archive.com/te...@op.../msg36437.html 2. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858930 |
From: Leon B. <le...@pa...> - 2017-09-01 08:49:40
|
For anybody interested... There are two calls making use of hardcoded strings "SHA1" which it seems is not allowed for signing (by default) anymore in OpenSSL 1.0.2l I changed this to SHA256 and it all worked again. When I have time I'll make then configurable and upload a patch. Regards, LJB |
From: Leon B. <le...@pa...> - 2017-08-25 14:02:24
|
Hi all, I hope somebody can help me (in some way). I have to linux boxes that setup an IPsec tunnel using racoon2. We have a HSM and an OpenSSL engine to generate keypair and encrypt and decrypt with the private key. In crypto_openssl.c we've added code to get the privatekey via the engine e.g.: bp = (unsigned char *)pubkey->v; #ifdef SNP evp = ENGINE_load_private_key(customEngine, "name", NULL, NULL); #else evp = d2i_PUBKEY(NULL, &bp, pubkey->l); #endif if (evp == NULL) : : All of this worked fine for OpenSSL v0.9.8z. However I had to update the OpenSSL to v1.0.2 and now I get the error: [INTERNAL_ERR]: crypto_openssl.c:1223:eay_rsassa_pkcs1_v1_5_sign(): RSA_sign failed: 4359:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong public key type:p_sign.c:123: So it seems OpenSSL is not diverting the call to the engine's private key sign function. It is there and I know it works since I am able to make TLS connections using the same engine. A normal app, with the new OpenSSL and the engine works fine, but not iked. Is there some "build" thing I am not doing correct? Thanks for your time Regards, LJB |
From: Rainer W. <rwe...@mo...> - 2017-07-17 21:49:40
|
That's a function used to delete a ph1andle structure in handler.c. It contains the following code (in 0.8.0 and since at least 2010 as it's in the oldest import into my repository): ------------- void delph1(iph1) struct ph1handle *iph1; { if (iph1 == NULL) return; [...] if (iph1->approval) { delisakmpsa(iph1->approval); iph1->approval = NULL; } VPTRINIT(iph1->authstr); VPTRINIT(iph1->sendbuf); VPTRINIT(iph1->dhpriv); VPTRINIT(iph1->dhpub); VPTRINIT(iph1->dhpub_p); VPTRINIT(iph1->dhgxy); VPTRINIT(iph1->nonce); VPTRINIT(iph1->nonce_p); VPTRINIT(iph1->skeyid); VPTRINIT(iph1->skeyid_d); VPTRINIT(iph1->skeyid_a); [...] if(iph1->approval != NULL) delisakmpsa(iph1->approval); --------------- IOW, this deletes iph1->approval if its not a null pointer and then sets it to NULL. After a block of VPTRINITS, iph1->approval is again checked for not being a NULL pointer and in case it isn't, it will be freed again. This caused some very strange effects in the racoon I'm working with because I replaced the initial if (iph1->approval) { delisakmpsa(iph1->approval); iph1->approval = NULL; } with if (iph1->approval) delisakmpsa(iph1->approval); on the grounds that clearing pointers which won't be used anymore is pointless. Hence, the lurking double-free came to live ... |
From: Richard H. <ric...@bt...> - 2017-05-10 12:25:28
|
avc_init(3) is deprecated, therefore replace the SELinux avc_* calls with selinux_check_access(3) that combines all those services, plus: Checks if SELinux enabled. Supports reordering of classes/permissions at runtime. Handles unknown classes/permissions. Requires libselinux 2.1.9 or greater. The patch builds on top of ipsec-tools-0.8.2 and was tested on Fedora 25. |
From: Andrey V. E. <bu...@ya...> - 2016-12-13 15:58:17
|
Hi All, I made a small patch, that adds support for SADB_X_EXT_NAT_T_OAI and SADB_X_EXT_NAT_T_OAR extension headers to libipsec and racoon. The only questionable chunk I think is src/racoon/isakmp_quick.c. I used for tests configuration with rsasig certificates and "generate_policy on". Without this change racoon has created SAs with private addresses. -- WBR, Andrey V. Elsukov |
From: Andrey V. E. <bu...@ya...> - 2016-12-13 15:41:12
|
Hi All, Recently I did some refactoring in the FreeBSD IPsec code. The changes also include a prototype of virtual tunneling interface for IPsec. The main idea is that configured tunneling interface has own private security policies like these: 0.0.0.0/0[any] 0.0.0.0/0[any] any in ipsec esp/tunnel/RemoteIP-LocalIP/unique:REQID spid=33 seq=3 pid=52261 refcnt=1 ::/0[any] ::/0[any] any in ipsec esp/tunnel/RemoteIP-LocalIP/unique:REQID spid=35 seq=2 pid=52261 refcnt=1 0.0.0.0/0[any] 0.0.0.0/0[any] any out ipsec esp/tunnel/LocalIP-RemoteIP/unique:REQID spid=34 seq=1 pid=52261 refcnt=1 ::/0[any] ::/0[any] any out ipsec esp/tunnel/LocalIP-RemoteIP/unique:REQID spid=36 seq=0 pid=52261 refcnt=1 The LocalIP, RemoteIP, and REQID are specific for each ipsecN interface and should be configured by administrator. # ifconfig ipsec0 ipsec0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1400 tunnel inet LocalIP --> RemoteIP nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL> reqid: REQID groups: ipsec When first packet goes through this interface, the kernel sends SADB_ACQUIRE message to the racoon and it creates corresponding SAs. It uses SP id and information from ipsec request to create SAs. This works without any changes in racoon, but I have to use anonymous sainfo. Is there a way to use several different sainfo for different interfaces? -- WBR, Andrey V. Elsukov |
From: Rainer W. <rwe...@mo...> - 2016-11-21 17:32:14
|
Mario Ciccarelli <mar...@mo...> writes: > sorry to bother but i didn't found any significant results with this > question: we're trying to concentrate many ipsec site-to-site vpn on same > box and i'm thinking if it's possibile to have racoon listen (on same box) > on different ip, loaded as aliases on eth interface. Btw we're dealing with > FreeBSD10.1 I haven't tested this on FreeBSD but by default, racoon is supposed to create sockets for all available addresses and ports 500 and 4500. Eg, (example log output) Nov 21 18:23:43 marsh racoon[3303]: 10.11.12.13[500] used as isakmp port (fd=10) Nov 21 18:23:43 marsh racoon[3303]: 10.11.12.13[500] used for NAT-T Nov 21 18:23:43 marsh racoon[3303]: 10.11.12.13[4500] used as isakmp port (fd=11) Nov 21 18:23:43 marsh racoon[3303]: 10.11.12.13[4500] used for NAT-T Nov 21 18:23:43 marsh racoon[3303]: 10.1.4.254[500] used as isakmp port (fd=12) Nov 21 18:23:43 marsh racoon[3303]: 10.1.4.254[500] used for NAT-T Nov 21 18:23:43 marsh racoon[3303]: 10.1.4.254[4500] used as isakmp port (fd=13) Nov 21 18:23:43 marsh racoon[3303]: 10.1.4.254[4500] used for NAT-T Nov 21 18:23:43 marsh racoon[3303]: 127.0.0.1[500] used as isakmp port (fd=14) Nov 21 18:23:43 marsh racoon[3303]: 127.0.0.1[500] used for NAT-T Nov 21 18:23:43 marsh racoon[3303]: 127.0.0.1[4500] used as isakmp port (fd=15) Nov 21 18:23:43 marsh racoon[3303]: 127.0.0.1[4500] used for NAT-T > Second chance: is it possibile to have several running racoon (renamed like > racoon1 - racoon2 - racoon3 ) each one listening on different ip address > with different conf file ? It should be. |
From: Mario C. <mar...@mo...> - 2016-11-21 12:36:28
|
Hi Reinoud, thanks for helping. The main reason is we need to create many ipsec tunnels with some partner companies that have some of our ip addresses whitelisted. They do not change them easily. So now the situation is : some boxes (freebsd), with different ip, running each one a racoon. This is and old, spof architecture and my idea is to consolidate them. I'm trying to consolidate, in first step, within a single box with all ip address on a public interface with aliases , a fail over strategy (CARP) waiting to migrate them to an enterprise class appliance. It would be useful to know what do you think about that. Thanks ! Cheers, Mario. -- ing. Mario Ciccarelli Sysadmin at Mobyt S.p.A. Via Aldighieri, 10 - 44121 Ferrara - Italy ------------------------------------------ Phone : +39 02 83508000 - +39 331 6465889 E-mail: mar...@mo... - Web: http://www.mobyt.it Mobyt® - messaging services 2016-11-21 12:17 GMT+01:00 Reinoud Koornstra <rei...@gm...>: > Hi Mario, > > The best way is to simply try it. > I don't quickly see global vars that'll prevent it from running multiple > instances. There will be one upset table maintained in the kernel and > hopefully it'll give the appropriate response to the correct requestor. I'd > try it with two raccoon daemons running on different ports have rules for > different sites. The question would be why you would want this? What > benefit would it bring? > Thanks, > > Reinoud. > > On Nov 18, 2016 2:58 AM, "Mario Ciccarelli" <mar...@mo...> > wrote: > >> Hi guys, >> >> sorry to bother but i didn't found any significant results with this >> question: we're trying to concentrate many ipsec site-to-site vpn on same >> box and i'm thinking if it's possibile to have racoon listen (on same box) >> on different ip, loaded as aliases on eth interface. Btw we're dealing with >> FreeBSD10.1 >> >> Second chance: is it possibile to have several running racoon (renamed >> like racoon1 - racoon2 - racoon3 ) each one listening on different ip >> address with different conf file ? >> >> Thanks for help. >> >> Mario. >> >> ------------------------------------------------------------ >> ------------------ >> >> _______________________________________________ >> Ipsec-tools-devel mailing list >> Ips...@li... >> https://lists.sourceforge.net/lists/listinfo/ipsec-tools-devel >> >> |
From: Reinoud K. <rei...@gm...> - 2016-11-21 11:17:37
|
Hi Mario, The best way is to simply try it. I don't quickly see global vars that'll prevent it from running multiple instances. There will be one upset table maintained in the kernel and hopefully it'll give the appropriate response to the correct requestor. I'd try it with two raccoon daemons running on different ports have rules for different sites. The question would be why you would want this? What benefit would it bring? Thanks, Reinoud. On Nov 18, 2016 2:58 AM, "Mario Ciccarelli" <mar...@mo...> wrote: > Hi guys, > > sorry to bother but i didn't found any significant results with this > question: we're trying to concentrate many ipsec site-to-site vpn on same > box and i'm thinking if it's possibile to have racoon listen (on same box) > on different ip, loaded as aliases on eth interface. Btw we're dealing with > FreeBSD10.1 > > Second chance: is it possibile to have several running racoon (renamed > like racoon1 - racoon2 - racoon3 ) each one listening on different ip > address with different conf file ? > > Thanks for help. > > Mario. > > ------------------------------------------------------------ > ------------------ > > _______________________________________________ > Ipsec-tools-devel mailing list > Ips...@li... > https://lists.sourceforge.net/lists/listinfo/ipsec-tools-devel > > |
From: Mario C. <mar...@mo...> - 2016-11-18 10:54:33
|
Hi guys, sorry to bother but i didn't found any significant results with this question: we're trying to concentrate many ipsec site-to-site vpn on same box and i'm thinking if it's possibile to have racoon listen (on same box) on different ip, loaded as aliases on eth interface. Btw we're dealing with FreeBSD10.1 Second chance: is it possibile to have several running racoon (renamed like racoon1 - racoon2 - racoon3 ) each one listening on different ip address with different conf file ? Thanks for help. Mario. |
From: Robert F. <RF...@tr...> - 2016-11-07 18:56:54
|
Hi Rainer, Thanks for the feedback. Just checking if there are any news on this. Thanks! Best regards, Robert Foggia Security Researcher, Intelligence Team, SpiderLabs t: +1 312.873.7696 Trustwave | SMART SECURITY ON DEMAND www.trustwave.com <http://www.trustwave.com/> On 10/18/16, 11:33 AM, "Rainer Weikusat" <rwe...@mo...> wrote: >Reinoud Koornstra <rei...@gm...> writes: >> Thanks for the patch and discovering this. Adding Rainer to this thread as >> he'll know quickly if this patch is good or needs a small adjustment. >> Thanks, > >The underlying problem is really that racoon just puts all fragments it >receives on a list without checking for duplicate fragment indices. This >means an unauthenticated attacker can just keep sending a fragment with >the same index and the list will keep growing until the machine runs out >of memory. It's also possible to make the daemon additionally consume a >lot of CPU time by triggering 'did we receive all fragements' scans >after each fragment was received. The algorithm used for detecting this >is roughly: > > >for (i = 1; i <= last_frag_index; ++i) > /* walk complete list to look for fragment with index i */ > >The proposed patch addresses this partially by checking that no >duplicate fragments are received and by keeping the fragment list sorted >(insertion sort) so that the scan for 'all fragments received' becomes >linear. But there's another quadratic scan in the reassembly function and >for at most 255 fragments, the complexity doesn't matter that much. > >As bandaid, I suggest to leave the scan algorithm alone and just reject >duplicated and/or obviously nonsensical fragment numbers. > >It's possible to do a O(1) implementation here (I'm using a partial O(1) >implementation in the commercial fork I'm maintaining) and I'm planning >to replace this with a complete one. I'll ask for permission to publish >it once it's done. > >Getting in touch with NetBSD might also a good idea as they are (AFAIK) >maintaining there own fork as part of the NetBSD tree. > >NB: A known issue with this (and also the other patch) is that the >daemon will accept fragments whose index is larger than that of the one >marked as last fragment. But this should be harmless. > >--- >diff -rNu ipsec-tools-0.8.0/src/racoon/isakmp_frag.c patched/src/racoon/isakmp_frag.c >--- ipsec-tools-0.8.0/src/racoon/isakmp_frag.c 2009-04-22 12:24:20.000000000 +0100 >+++ patched/src/racoon/isakmp_frag.c 2016-10-18 17:28:57.289513357 +0100 >@@ -231,14 +231,31 @@ > if (iph1->frag_chain == NULL) { > iph1->frag_chain = item; > } else { >- struct isakmp_frag_item *current; >+ struct isakmp_frag_item *current, *next; > >- current = iph1->frag_chain; >- while (current->frag_next) { >- if (current->frag_last) >- last_frag = item->frag_num; >- current = current->frag_next; >- } >+ next = iph1->frag_chain; >+ do { >+ current = next; >+ if (current->frag_num == item->frag_num) { >+ plog(LLV_DEBUG, LOCATION, NULL, "duplicate fragment %d\n", >+ item->frag_num); >+ >+ free(item); >+ return 0; >+ } >+ >+ if (current->last_frag) { >+ if (item->last_frag) { >+ plog(LLV_WARNING, LOCATION, NULL, "multiple last fragments received\n"); >+ >+ free(item); >+ return -1; >+ } >+ >+ last_frag = current->frag_num; >+ } >+ } while ((next = next->next)); >+ > current->frag_next = item; > } > ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. |
From: Rainer W. <rwe...@mo...> - 2016-10-18 20:45:52
|
Rainer Weikusat <rwe...@mo...> writes: [...] > + current = next; > + if (current->frag_num == item->frag_num) { > + plog(LLV_DEBUG, LOCATION, NULL, "duplicate fragment %d\n", > + item->frag_num); > + > + free(item); > + return 0; > + } This leaks memory in both early exits as the data is in a dynamically allocated buffer[*]. [*] It also calls free instead of racoon_free. This doesn't really matter because the only difference is that the code could be compiled with the Boehm-GC and I doubt anyone uses that (plain malloc is also used in other places). --- diff -rNu ipsec-tools-0.8.0/src/racoon/isakmp_frag.c patched/src/racoon/isakmp_frag.c --- ipsec-tools-0.8.0/src/racoon/isakmp_frag.c 2009-04-22 12:24:20.000000000 +0100 +++ patched/src/racoon/isakmp_frag.c 2016-10-18 21:37:12.033038458 +0100 @@ -231,14 +231,35 @@ if (iph1->frag_chain == NULL) { iph1->frag_chain = item; } else { - struct isakmp_frag_item *current; + struct isakmp_frag_item *current, *next; - current = iph1->frag_chain; - while (current->frag_next) { - if (current->frag_last) - last_frag = item->frag_num; - current = current->frag_next; - } + next = iph1->frag_chain; + do { + current = next; + if (current->frag_num == item->frag_num) { + plog(LLV_DEBUG, LOCATION, NULL, "duplicate fragment %d\n", + item->frag_num); + + racoon_free(item); + vfree(buf); + + return 0; + } + + if (current->last_frag) { + if (item->last_frag) { + plog(LLV_WARNING, LOCATION, NULL, "multiple last fragments received\n"); + + racoon_free(item); + vfree(buf); + + return -1; + } + + last_frag = current->frag_num; + } + } while ((next = next->next)); + current->frag_next = item; } |