aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorDavid Timber <mieabby@gmail.com>2020-08-10 19:25:43 +0930
committerDavid Timber <mieabby@gmail.com>2020-08-11 11:01:49 +0930
commitd7cc11191dfd3fead5e596fcbc24f40d1317819e (patch)
tree4f52b450bf499fe6721a944f2e9cd41cb1e17828 /src
parent195946d11f8a7870b435e0eba32f2299aa1b96a1 (diff)
Build system change, bugfix ...
* Workaround for a bug where getrandom() call block within mbedtls * Remove use of undocumented autoconf feature: pkg-config * Remove proone-arch-test
Diffstat (limited to 'src')
-rw-r--r--src/Makefile.am38
-rw-r--r--src/mbedtls.c59
-rw-r--r--src/mbedtls.h3
-rw-r--r--src/proone-arch-test.c30
-rw-r--r--src/proone-resolv.c3
-rw-r--r--src/proone-stress.c3
-rw-r--r--src/proone.c2
7 files changed, 81 insertions, 57 deletions
diff --git a/src/Makefile.am b/src/Makefile.am
index 1bb594d..cbd1fd1 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1,16 +1,11 @@
-TARGET_FLAGS =
-DEV_FLAGS =
+# TODO: Use -D_POSIX_C_SOURCE=200112L or -D_POSIX_C_SOURCE=2
+AM_CFLAGS = -std=c11 -pedantic -Wall -Wextra -Wno-switch -D_GNU_SOURCE -Wno-unused-parameter
if DEBUG
-TARGET_FLAGS += -g -O0
-DEV_FLAGS += -g -O0 -DPRNE_DEBUG
+AM_CFLAGS += -g -O0 -DPRNE_DEBUG
else
-TARGET_FLAGS += -Os -g
-DEV_FLAGS += -Os -g
+AM_CFLAGS += -g -Os
endif
-# TODO: Use -D_POSIX_C_SOURCE=200112L or -D_POSIX_C_SOURCE=2
-AM_CFLAGS = -std=c11 -pedantic -Wall -Wextra -Wno-switch -D_GNU_SOURCE -Wno-unused-parameter $(DEV_FLAGS)
-
noinst_LIBRARIES = libproone.a
bin_PROGRAMS =\
proone\
@@ -20,7 +15,6 @@ bin_PROGRAMS =\
proone-mask\
proone-print-all-data\
proone-resolv\
- proone-arch-test\
proone-stress
libproone_a_SOURCES =\
@@ -38,39 +32,35 @@ libproone_a_SOURCES =\
resolv_worker.c
proone_LDFLAGS = -static
-proone_LDADD = libproone.a $(LIBS) $(DEP_PKGCFG_LIBS) -lrt -lpthread
+proone_LDADD = libproone.a
proone_SOURCES =\
proone.c
proone_pack_LDADD = libproone.a
-proone_pack_LDFLAGS = $(LIBS) $(DEP_PKGCFG_LIBS)
+proone_pack_LDFLAGS =
proone_pack_SOURCES = proone-pack.c
proone_unpack_LDADD = libproone.a
-proone_unpack_LDFLAGS = $(LIBS) $(DEP_PKGCFG_LIBS)
+proone_unpack_LDFLAGS =
proone_unpack_SOURCES = proone-unpack.c
proone_list_arch_LDADD = libproone.a
-proone_list_arch_LDFLAGS = $(LIBS) $(DEP_PKGCFG_LIBS)
+proone_list_arch_LDFLAGS =
proone_list_arch_SOURCES = proone-list-arch.c
proone_mask_LDADD = libproone.a
-proone_mask_LDFLAGS = $(LIBS) $(DEP_PKGCFG_LIBS)
+proone_mask_LDFLAGS =
proone_mask_SOURCES = proone-mask.c
proone_print_all_data_LDADD = libproone.a
-proone_print_all_data_LDFLAGS = $(LIBS) $(DEP_PKGCFG_LIBS)
+proone_print_all_data_LDFLAGS =
proone_print_all_data_SOURCES = proone-print-all-data.c
proone_resolv_LDADD = libproone.a
-proone_resolv_LDFLAGS = $(LIBS) $(DEP_PKGCFG_LIBS)
+proone_resolv_LDFLAGS =
proone_resolv_SOURCES = proone-resolv.c
-proone_arch_test_LDADD = libproone.a -lrt -lpthread $(LIBS) $(DEP_PKGCFG_LIBS)
-proone_arch_test_SOURCES = proone-arch-test.c
-proone_arch_test_LDFLAGS = -static
-
-proone_stress_LDADD = libproone.a -lrt -lpthread $(LIBS) $(DEP_PKGCFG_LIBS)
+proone_stress_LDADD = libproone.a
proone_stress_LDFLAGS = -static
proone_stress_SOURCES = proone-stress.c
@@ -78,10 +68,10 @@ if TESTS
bin_PROGRAMS += proone-test_proto proone-test_util
proone_test_proto_LDADD = libproone.a
-proone_test_proto_LDFLAGS = $(LIBS) $(DEP_PKGCFG_LIBS)
+proone_test_proto_LDFLAGS =
proone_test_proto_SOURCES = proone-test_proto.c
proone_test_util_LDADD = libproone.a
-proone_test_util_LDFLAGS = $(LIBS) $(DEP_PKGCFG_LIBS)
+proone_test_util_LDFLAGS =
proone_test_util_SOURCES = proone-test_util.c
endif
diff --git a/src/mbedtls.c b/src/mbedtls.c
index 518da1f..333cf1d 100644
--- a/src/mbedtls.c
+++ b/src/mbedtls.c
@@ -1,9 +1,14 @@
#include "mbedtls.h"
+#include "util_ct.h"
#include <unistd.h>
#include <errno.h>
+#include <string.h>
+#include <fcntl.h>
+#include <time.h>
#include <mbedtls/ssl.h>
+#include <mbedtls/entropy_poll.h>
int prne_mbedtls_x509_crt_verify_cb (void *param, mbedtls_x509_crt *crt, int crt_depth, uint32_t *flags) {
@@ -50,3 +55,57 @@ int prne_mbedtls_ssl_recv_cb (void *ctx, unsigned char *buf, size_t len) {
return ret;
}
+
+static int prne_mbedtls_entropy_urand_src_f (void *data, unsigned char *output, size_t len, size_t *olen) {
+ const int fd = open("/dev/urandom", O_RDONLY);
+ int func_ret = 0;
+
+ if (fd < 0 || read(fd, output, len) != (ssize_t)len) {
+ func_ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+ }
+ *olen = len;
+
+ if (fd >= 0) {
+ close(fd);
+ }
+
+ return func_ret;
+}
+
+typedef struct {
+ pid_t pid;
+ pid_t ppid;
+ clock_t clock;
+ struct timespec now;
+} ent_buf_t;
+
+static int prne_mbedtls_entropy_proc_src_f (void *data, unsigned char *output, size_t len, size_t *olen) {
+ ent_buf_t buf;
+
+ memzero(&buf, sizeof(buf));
+ buf.pid = getpid();
+ buf.ppid = getppid();
+ buf.clock = clock();
+ clock_gettime(CLOCK_MONOTONIC, &buf.now);
+
+ *olen = prne_op_min(len, sizeof(buf));
+ memcpy(output, &buf, sizeof(*olen));
+
+ return 0;
+}
+
+void prne_mbedtls_entropy_init (mbedtls_entropy_context *ctx) {
+ mbedtls_entropy_init(ctx);
+
+ // Remove platform source, which could call getrandom()
+ for (int i = 0; i < ctx->source_count; i += 1) {
+ if (ctx->source[i].f_source == mbedtls_platform_entropy_poll) {
+ memmove(ctx->source + i, ctx->source + i + 1, sizeof(mbedtls_entropy_source_state) * (ctx->source_count - i - 1));
+ ctx->source_count -= 1;
+ // Add our own implementation as the one just got removed could be the only source.
+ mbedtls_entropy_add_source(ctx, prne_mbedtls_entropy_urand_src_f, NULL, MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_SOURCE_STRONG);
+ mbedtls_entropy_add_source(ctx, prne_mbedtls_entropy_proc_src_f, NULL, sizeof(ent_buf_t), MBEDTLS_ENTROPY_SOURCE_STRONG);
+ break;
+ }
+ }
+}
diff --git a/src/mbedtls.h b/src/mbedtls.h
index 02c50c2..e1339bb 100644
--- a/src/mbedtls.h
+++ b/src/mbedtls.h
@@ -4,9 +4,12 @@
#include <stddef.h>
#include <mbedtls/x509_crt.h>
+#include <mbedtls/entropy.h>
// Callback that masks `MBEDTLS_X509_BADCERT_EXPIRED`
int prne_mbedtls_x509_crt_verify_cb (void *param, mbedtls_x509_crt *crt, int crt_depth, uint32_t *flags);
int prne_mbedtls_ssl_send_cb (void *ctx, const unsigned char *buf, size_t len);
int prne_mbedtls_ssl_recv_cb (void *ctx, unsigned char *buf, size_t len);
+// Workaround for a bug - getrandom() blocks
+void prne_mbedtls_entropy_init (mbedtls_entropy_context *ctx);
diff --git a/src/proone-arch-test.c b/src/proone-arch-test.c
deleted file mode 100644
index 8390ca8..0000000
--- a/src/proone-arch-test.c
+++ /dev/null
@@ -1,30 +0,0 @@
-#include <stdio.h>
-#include <math.h>
-
-#include "protocol.h"
-#include "config.h"
-
-
-int main (void) {
- int exit_code;
- volatile double mat[9] = {
- 1, 0, 0,
- 0, 1, 0,
- 0, 0, 1
- };
- volatile double arr[3] = {
- 1, 2, 3
- };
- volatile double d;
-
- arr[0] = arr[0] * mat[0] + arr[1] * mat[1] + arr[2] * mat[2];
- arr[1] = arr[0] * mat[3] + arr[1] * mat[4] + arr[2] * mat[5];
- arr[2] = arr[0] * mat[6] + arr[1] * mat[7] + arr[2] * mat[8];
- d = arr[0] + arr[1] + arr[2];
-
- exit_code = isnan(d) ? 1 : 0;
-
- printf("%s\n", prne_arch_tostr(prne_host_arch));
-
- return exit_code;
-}
diff --git a/src/proone-resolv.c b/src/proone-resolv.c
index f103c78..44389b4 100644
--- a/src/proone-resolv.c
+++ b/src/proone-resolv.c
@@ -20,6 +20,7 @@
#include "util_ct.h"
#include "llist.h"
#include "resolv_worker.h"
+#include "mbedtls.h"
static int caught_signal = 0;
@@ -324,7 +325,7 @@ int main (void) {
assert(regcomp(&prmpt_regex, "(A|AAAA|TXT)\\s+([a-z0-9\\-\\.]+)", REG_ICASE | REG_EXTENDED) == 0);
/* org regex: ^\s+$ */
assert(regcomp(&empty_line_regex, "^\\s+$", REG_NOSUB | REG_EXTENDED) == 0);
- mbedtls_entropy_init(&entropy);
+ prne_mbedtls_entropy_init(&entropy);
mbedtls_ctr_drbg_init(&rnd);
assert(mbedtls_ctr_drbg_seed(&rnd, mbedtls_entropy_func, &entropy, (const uint8_t*)PRNE_BUILD_ENTROPY, sizeof(PRNE_BUILD_ENTROPY) - 1) == 0);
prne_init_wkr_sched_req(&wsr);
diff --git a/src/proone-stress.c b/src/proone-stress.c
index 31ab1b8..8487a71 100644
--- a/src/proone-stress.c
+++ b/src/proone-stress.c
@@ -23,6 +23,7 @@
#include "util_ct.h"
#include "util_rt.h"
#include "llist.h"
+#include "mbedtls.h"
typedef struct {
@@ -306,7 +307,7 @@ static void do_cycle (priv_ctx_t *priv_ctx, shared_ctx_t *ctx) {
static void child_main (shared_ctx_t *ctx) {
priv_ctx_t priv_ctx;
- mbedtls_entropy_init(&priv_ctx.ent);
+ prne_mbedtls_entropy_init(&priv_ctx.ent);
mbedtls_ctr_drbg_init(&priv_ctx.ctx);
assert(mbedtls_ctr_drbg_seed(&priv_ctx.ctx, mbedtls_entropy_func, &priv_ctx.ent, NULL, 0) == 0);
diff --git a/src/proone.c b/src/proone.c
index 4fd9a63..4fdae85 100644
--- a/src/proone.c
+++ b/src/proone.c
@@ -459,7 +459,7 @@ int main (const int argc, char **args) {
prne_g.is_child = false;
prne_init_bin_archive(&prne_g.bin_archive);
mbedtls_x509_crt_init(&prne_g.ssl.ca);
- mbedtls_entropy_init(&prne_g.ssl.entpy);
+ prne_mbedtls_entropy_init(&prne_g.ssl.entpy);
mbedtls_ctr_drbg_init(&prne_g.ssl.rnd);
mbedtls_ssl_config_init(&prne_g.s_ssl.conf);
mbedtls_x509_crt_init(&prne_g.s_ssl.crt);
generated by cgit (git 2.34.1) at 2025-02-24 01:24:37 +0000