Add cryptlib version check to do_cryptInit()

Interestingly, when they fail, Synchronet appears to crash. This is fine.

Add cryptlib version check to do_cryptInit()
a94df9ea · Deucе · 63e2c1f4 · a94df9ea · a94df9ea · a94df9ea
Commit a94df9ea authored 1 year ago by Deucе
--- a/3rdp/build/GNUmakefile
+++ b/3rdp/build/GNUmakefile
@@ -88,7 +88,7 @@ $(CRYPT_SRC): | $(3RDPSRCDIR)
 $(CRYPT_IDIR): | $(3RDPODIR)
 	$(QUIET)$(IFNOTEXIST) mkdir $(CRYPT_IDIR)
-$(CRYPTLIB_BUILD): $(3RDP_ROOT)/dist/cryptlib.zip $(3RDP_ROOT)/build/cl-fix-test-select.patch $(3RDP_ROOT)/build/cl-terminal-params.patch $(3RDP_ROOT)/build/cl-mingw32-static.patch $(3RDP_ROOT)/build/cl-ranlib.patch $(3RDP_ROOT)/build/cl-win32-noasm.patch $(3RDP_ROOT)/build/cl-zz-country.patch $(3RDP_ROOT)/build/cl-algorithms.patch $(3RDP_ROOT)/build/cl-allow-duplicate-ext.patch $(3RDP_ROOT)/build/cl-macosx-minver.patch $(3RDP_ROOT)/build/cl-posix-me-gently.patch $(3RDP_ROOT)/build/cl-PAM-noprompts.patch $(3RDP_ROOT)/build/cl-zlib.patch $(3RDP_ROOT)/build/cl-Dynamic-linked-static-lib.patch $(3RDP_ROOT)/build/cl-SSL-fix.patch $(3RDP_ROOT)/build/cl-bigger-maxattribute.patch $(3RDP_ROOT)/build/cl-endian.patch $(3RDP_ROOT)/build/cl-vcxproj.patch $(3RDP_ROOT)/build/cl-mingw-vcver.patch $(3RDP_ROOT)/build/cl-win32-build-fix.patch $(3RDP_ROOT)/build/cl-no-odbc.patch $(3RDP_ROOT)/build/cl-noasm-defines.patch $(3RDP_ROOT)/build/cl-bn-noasm64-fix.patch $(3RDP_ROOT)/build/cl-prefer-ECC.patch $(3RDP_ROOT)/build/cl-prefer-ECC-harder.patch $(3RDP_ROOT)/build/cl-clear-GCM-flag.patch $(3RDP_ROOT)/build/cl-use-ssh-ctr.patch $(3RDP_ROOT)/build/cl-ssl-suite-blocksizes.patch $(3RDP_ROOT)/build/cl-no-tpm.patch $(3RDP_ROOT)/build/cl-no-via-aes.patch $(3RDP_ROOT)/build/cl-fix-ssh-ecc-ephemeral.patch $(3RDP_ROOT)/build/cl-just-use-cc.patch $(3RDP_ROOT)/build/cl-no-safe-stack.patch $(3RDP_ROOT)/build/cl-allow-pkcs12.patch $(3RDP_ROOT)/build/cl-openbsd-threads.patch $(3RDP_ROOT)/build/cl-allow-none-auth.patch $(3RDP_ROOT)/build/cl-mingw-add-m32.patch $(3RDP_ROOT)/build/cl-poll-not-select.patch $(3RDP_ROOT)/build/cl-good-sockets.patch $(3RDP_ROOT)/build/cl-moar-objects.patch $(3RDP_ROOT)/build/cl-server-term-support.patch $(3RDP_ROOT)/build/cl-add-pubkey-attribute.patch $(3RDP_ROOT)/build/cl-allow-ssh-auth-retries.patch $(3RDP_ROOT)/build/cl-fix-ssh-channel-close.patch $(3RDP_ROOT)/build/cl-vt-lt-2005-always-defined.patch $(3RDP_ROOT)/build/cl-no-pie.patch $(3RDP_ROOT)/build/cl-no-testobjs.patch $(3RDP_ROOT)/build/cl-win32-lean-and-mean.patch $(3RDP_ROOT)/build/cl-thats-not-asm.patch $(3RDP_ROOT)/build/cl-make-channels-work.patch $(3RDP_ROOT)/build/cl-allow-ssh-2.0-go.patch $(3RDP_ROOT)/build/cl-read-timeout-every-time.patch $(3RDP_ROOT)/build/cl-allow-servercheck-pubkeys.patch $(3RDP_ROOT)/build/cl-pass-after-pubkey.patch $(3RDP_ROOT)/build/cl-ssh-list-ctr-modes.patch $(3RDP_ROOT)/build/cl-double-delete-fine-on-close.patch $(3RDP_ROOT)/build/cl-handle-unsupported-pubkey.patch | $(CRYPT_SRC) $(CRYPT_IDIR) $(3RDP_ROOT)/build/cl-remove-march.patch
+$(CRYPTLIB_BUILD): $(3RDP_ROOT)/dist/cryptlib.zip $(3RDP_ROOT)/build/cl-fix-test-select.patch $(3RDP_ROOT)/build/cl-terminal-params.patch $(3RDP_ROOT)/build/cl-mingw32-static.patch $(3RDP_ROOT)/build/cl-ranlib.patch $(3RDP_ROOT)/build/cl-win32-noasm.patch $(3RDP_ROOT)/build/cl-zz-country.patch $(3RDP_ROOT)/build/cl-algorithms.patch $(3RDP_ROOT)/build/cl-allow-duplicate-ext.patch $(3RDP_ROOT)/build/cl-macosx-minver.patch $(3RDP_ROOT)/build/cl-posix-me-gently.patch $(3RDP_ROOT)/build/cl-PAM-noprompts.patch $(3RDP_ROOT)/build/cl-zlib.patch $(3RDP_ROOT)/build/cl-Dynamic-linked-static-lib.patch $(3RDP_ROOT)/build/cl-SSL-fix.patch $(3RDP_ROOT)/build/cl-bigger-maxattribute.patch $(3RDP_ROOT)/build/cl-endian.patch $(3RDP_ROOT)/build/cl-vcxproj.patch $(3RDP_ROOT)/build/cl-mingw-vcver.patch $(3RDP_ROOT)/build/cl-win32-build-fix.patch $(3RDP_ROOT)/build/cl-no-odbc.patch $(3RDP_ROOT)/build/cl-noasm-defines.patch $(3RDP_ROOT)/build/cl-bn-noasm64-fix.patch $(3RDP_ROOT)/build/cl-prefer-ECC.patch $(3RDP_ROOT)/build/cl-prefer-ECC-harder.patch $(3RDP_ROOT)/build/cl-clear-GCM-flag.patch $(3RDP_ROOT)/build/cl-use-ssh-ctr.patch $(3RDP_ROOT)/build/cl-ssl-suite-blocksizes.patch $(3RDP_ROOT)/build/cl-no-tpm.patch $(3RDP_ROOT)/build/cl-no-via-aes.patch $(3RDP_ROOT)/build/cl-fix-ssh-ecc-ephemeral.patch $(3RDP_ROOT)/build/cl-just-use-cc.patch $(3RDP_ROOT)/build/cl-no-safe-stack.patch $(3RDP_ROOT)/build/cl-allow-pkcs12.patch $(3RDP_ROOT)/build/cl-openbsd-threads.patch $(3RDP_ROOT)/build/cl-allow-none-auth.patch $(3RDP_ROOT)/build/cl-mingw-add-m32.patch $(3RDP_ROOT)/build/cl-poll-not-select.patch $(3RDP_ROOT)/build/cl-good-sockets.patch $(3RDP_ROOT)/build/cl-moar-objects.patch $(3RDP_ROOT)/build/cl-server-term-support.patch $(3RDP_ROOT)/build/cl-add-pubkey-attribute.patch $(3RDP_ROOT)/build/cl-allow-ssh-auth-retries.patch $(3RDP_ROOT)/build/cl-fix-ssh-channel-close.patch $(3RDP_ROOT)/build/cl-vt-lt-2005-always-defined.patch $(3RDP_ROOT)/build/cl-no-pie.patch $(3RDP_ROOT)/build/cl-no-testobjs.patch $(3RDP_ROOT)/build/cl-win32-lean-and-mean.patch $(3RDP_ROOT)/build/cl-thats-not-asm.patch $(3RDP_ROOT)/build/cl-make-channels-work.patch $(3RDP_ROOT)/build/cl-allow-ssh-2.0-go.patch $(3RDP_ROOT)/build/cl-read-timeout-every-time.patch $(3RDP_ROOT)/build/cl-allow-servercheck-pubkeys.patch $(3RDP_ROOT)/build/cl-pass-after-pubkey.patch $(3RDP_ROOT)/build/cl-ssh-list-ctr-modes.patch $(3RDP_ROOT)/build/cl-double-delete-fine-on-close.patch $(3RDP_ROOT)/build/cl-handle-unsupported-pubkey.patch $(3RDP_ROOT)/build/cl-add-patches-info.patch | $(CRYPT_SRC) $(CRYPT_IDIR) $(3RDP_ROOT)/build/cl-remove-march.patch
 	@echo Creating $@ ...
 	$(QUIET)-rm -rf $(CRYPT_SRC)/*
 	$(QUIET)unzip -oa $(3RDPDISTDIR)/cryptlib.zip -d $(CRYPT_SRC)
@@ -150,6 +150,8 @@ $(CRYPTLIB_BUILD): $(3RDP_ROOT)/dist/cryptlib.zip $(3RDP_ROOT)/build/cl-fix-test
 	$(QUIET)patch -b -p0 -d $(CRYPT_SRC) < cl-allow-servercheck-pubkeys.patch
 	$(QUIET)patch -b -p0 -d $(CRYPT_SRC) < cl-double-delete-fine-on-close.patch
 	$(QUIET)patch -b -p0 -d $(CRYPT_SRC) < cl-handle-unsupported-pubkey.patch
+	$(QUIET)patch -b -p0 -d $(CRYPT_SRC) < cl-add-patches-info.patch
+	$(QUIET)perl -pi.bak -e 's/^(#define CRYPTLIB_VERSION.*)$$/"$$1\n#define CRYPTLIB_PATCHES \"" . (chomp($$val = `cat cl-*.patch | md5sum`) ? $$val : $$val) . "\""/e' $(CRYPT_SRC)/cryptlib.h
 ifeq ($(os),win32)
 	$(QUIET)cd $(CRYPT_SRC) && env - PATH="$(PATH)" CC="$(CC)" AR="$(AR)" RANLIB="$(RANLIB)" make directories
 	$(QUIET)cd $(CRYPT_SRC) && env - PATH="$(PATH)" CC="$(CC)" AR="$(AR)" RANLIB="$(RANLIB)" make toolscripts

--- a/3rdp/build/cl-add-patches-info.patch
+++ b/3rdp/build/cl-add-patches-info.patch
+--- ./kernel/attr_acl.c.orig	2024-01-22 17:04:32.412926000 -0500
+++ ./kernel/attr_acl.c	2024-01-22 17:08:33.630148000 -0500
+@@ -339,6 +339,12 @@
+ 		MKPERM( Rxx_Rxx ),
+ 		ROUTE( OBJECT_TYPE_USER ),
+ 		RANGE( 1, 50 ) ),
+	MKACL_S(	/* Major release version */
+		CRYPT_OPTION_INFO_PATCHES,
+		ST_NONE, ST_NONE, ST_USER_ANY, 
+		MKPERM( Rxx_Rxx ),
+		ROUTE( OBJECT_TYPE_USER ),
+		RANGE( 32, 32 ) ),
+ 	MKACL_SS(	/* Encryption algorithm */
+ 		/* We restrict the subrange to disallow the selection of the
+--- ./misc/user_config.c.orig	2024-01-22 17:08:01.812451000 -0500
+++ ./misc/user_config.c	2024-01-22 17:06:08.338812000 -0500
+@@ -78,6 +78,7 @@
+ 	MK_OPTION( CRYPT_OPTION_INFO_MAJORVERSION, 3, CRYPT_UNUSED ),
+ 	MK_OPTION( CRYPT_OPTION_INFO_MINORVERSION, 4, CRYPT_UNUSED ),
+ 	MK_OPTION( CRYPT_OPTION_INFO_STEPPING, 7, CRYPT_UNUSED ),
+	MK_OPTION_S( CRYPT_OPTION_INFO_PATCHES, CRYPTLIB_PATCHES, 32, CRYPT_UNUSED ),
+ 	/* Context options, base = 0 */
+ 	/* Algorithm = Conventional encryption/hash/MAC options */
+--- cryptlib.h.orig	2024-01-22 17:03:52.690137000 -0500
+++ cryptlib.h	2024-01-22 17:09:36.542496000 -0500
+@@ -502,6 +502,7 @@
+ 	CRYPT_OPTION_INFO_MAJORVERSION,	/* Major release version */
+ 	CRYPT_OPTION_INFO_MINORVERSION,	/* Minor release version */
+ 	CRYPT_OPTION_INFO_STEPPING,		/* Release stepping */
+	CRYPT_OPTION_INFO_PATCHES,		/* MD5Sum of patches applied */
+ 	/* Encryption options */
+ 	CRYPT_OPTION_ENCR_ALGO,			/* Conventional encryption algorithm */
--- a/3rdp/build/cl-do-debug.patch
+++ b/3rdp/build/cl-do-debug.patch
@@ -139,3 +139,13 @@
 	deleteSessionInfo( sessionInfoPtr, attributeListPtr );
 	/* If we've deleted the current channel, select a null channel until a
+--- random/unix.c.orig	2024-01-22 14:18:12.671954000 -0500
+++ random/unix.c	2024-01-22 14:18:49.574744000 -0500
+@@ -602,6 +602,7 @@
+ 	for( i = 0; sysctlInfo[ i ].mibCount != 0; i++ )
+ 		{
+ 		size_t size = SYSCTL_BUFFER_SIZE;
+		memset(sysctlBuffer, 0, size);
+ 		/* Since we only care about the information that's returned as an 
+ 		   entropy source, we treat a buffer-not-large-enough error (errno
--- a/src/sbbs3/ssl.c
+++ b/src/sbbs3/ssl.c
@@ -270,11 +270,18 @@ static void do_cryptEnd(void)
 	cryptEnd();
 }
+static char *cryptfail = NULL;
 static void internal_do_cryptInit(void)
 {
 	int ret;
+	int maj;
+	int min;
+	int stp;
+	int tmp;
+	char patches[32];
 	cryptInit_error = CRYPT_ERROR_NOTINITED;
 	if (!rwlock_init(&cert_epoch_lock))
 		return;
 	if (!rwlock_init(&tls_cert_file_date_lock)) {
@@ -309,6 +316,43 @@ static void internal_do_cryptInit(void)
 	else {
 		cryptInit_error = ret; 
 	}
+	ret = cryptGetAttribute(CRYPT_UNUSED, CRYPT_OPTION_INFO_MAJORVERSION, &maj);
+	if (cryptStatusError(ret)) {
+		cryptInit_error = ret;
+		cryptlib_initialized = false;
+		cryptEnd();
+		return;
+	}
+	ret = cryptGetAttribute(CRYPT_UNUSED, CRYPT_OPTION_INFO_MINORVERSION, &min);
+	if (cryptStatusError(ret)) {
+		cryptInit_error = ret;
+		cryptlib_initialized = false;
+		cryptEnd();
+		return;
+	}
+	ret = cryptGetAttribute(CRYPT_UNUSED, CRYPT_OPTION_INFO_STEPPING, &stp);
+	if (cryptStatusError(ret)) {
+		cryptInit_error = ret;
+		cryptlib_initialized = false;
+		cryptEnd();
+		return;
+	}
+	tmp = (maj * 100) + (min * 10) + stp;
+	if (tmp != CRYPTLIB_VERSION) {
+		cryptInit_error = CRYPT_ERROR_INVALID;
+		cryptlib_initialized = false;
+		cryptEnd();
+		asprintf(&cryptfail, "Incorrect cryptlib version %d (expected %d)", tmp, CRYPTLIB_VERSION);
+		return;
+	}
+	ret = cryptGetAttributeString(CRYPT_UNUSED, CRYPT_OPTION_INFO_PATCHES, patches, &stp);
+	if (cryptStatusError(ret) || stp != 32 || memcmp(patches, CRYPTLIB_PATCHES, 32) != 0) {
+		cryptInit_error = ret;
+		cryptlib_initialized = false;
+		cryptEnd();
+		asprintf(&cryptfail, "Incorrect cryptlib patch set %.32s (expected %s)", patches, CRYPTLIB_PATCHES);
+		return;
+	}
 	return;
 }
@@ -319,8 +363,15 @@ bool do_cryptInit(int (*lprintf)(int level, const char* fmt, ...))
 		lprintf(LOG_ERR, "%s call to pthread_once failed with error %d", __FUNCTION__, ret);
 		return false;
 	}
-	if (!cryptlib_initialized)
+	if (!cryptlib_initialized) {
+		if (cryptfail) {
+			lprintf(LOG_ERR,"cryptInit() returned %d: %s", cryptInit_error, cryptfail);
+			free(cryptfail);
+			cryptfail = NULL;
+		}
+		else
 			lprintf(LOG_ERR,"cryptInit() returned %d", cryptInit_error);
+	}
 	return cryptlib_initialized;
 }