commit be3875cda2c45d8cd057c00e0bcc16bef9067d90 Author: Nick Mathewson nickm@torproject.org Date: Tue May 24 10:28:31 2016 -0400
Make sure that libscrypt_scrypt actually exists before using it.
Previously, if the header was present, we'd proceed even if the function wasn't there.
Easy fix for bug 19161. A better fix would involve trying harder to find libscrypt_scrypt. --- changes/bug19161 | 3 +++ configure.ac | 1 + src/common/crypto_s2k.c | 2 +- src/test/test_crypto_slow.c | 15 ++++++++------- 4 files changed, 13 insertions(+), 8 deletions(-)
diff --git a/changes/bug19161 b/changes/bug19161 new file mode 100644 index 0000000..78c2165 --- /dev/null +++ b/changes/bug19161 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation): + - When libscrypt.h is found, but no libscrypt library can be linked, + treat libscrypt as absent. Fixes bug 19161; bugfix on 0.2.6.1-alpha. diff --git a/configure.ac b/configure.ac index a487948..59433c2 100644 --- a/configure.ac +++ b/configure.ac @@ -833,6 +833,7 @@ dnl Check for libscrypt if test "x$enable_libscrypt" != "xno"; then AC_CHECK_HEADERS([libscrypt.h]) AC_SEARCH_LIBS(libscrypt_scrypt, [scrypt]) + AC_CHECK_FUNCS([libscrypt_scrypt]) fi
dnl ============================================================ diff --git a/src/common/crypto_s2k.c b/src/common/crypto_s2k.c index a9140c7..3bc05f1 100644 --- a/src/common/crypto_s2k.c +++ b/src/common/crypto_s2k.c @@ -19,7 +19,7 @@
#include <openssl/evp.h>
-#ifdef HAVE_LIBSCRYPT_H +#if defined(HAVE_LIBSCRYPT_H) && defined(HAVE_LIBSCRYPT_SCRYPT) #define HAVE_SCRYPT #include <libscrypt.h> #endif diff --git a/src/test/test_crypto_slow.c b/src/test/test_crypto_slow.c index 9b39199..6f3e40e 100644 --- a/src/test/test_crypto_slow.c +++ b/src/test/test_crypto_slow.c @@ -10,7 +10,8 @@ #include "crypto_s2k.h" #include "crypto_pwbox.h"
-#if defined(HAVE_LIBSCRYPT_H) +#if defined(HAVE_LIBSCRYPT_H) && defined(HAVE_LIBSCRYPT_SCRYPT) +#define HAVE_LIBSCRYPT #include <libscrypt.h> #endif
@@ -129,7 +130,7 @@ test_crypto_s2k_general(void *arg) } }
-#if defined(HAVE_LIBSCRYPT_H) && defined(HAVE_EVP_PBE_SCRYPT) +#if defined(HAVE_LIBSCRYPT) && defined(HAVE_EVP_PBE_SCRYPT) static void test_libscrypt_eq_openssl(void *arg) { @@ -276,7 +277,7 @@ test_crypto_s2k_errors(void *arg) buf, sizeof(buf), "ABC", 3));
/* Truncated output */ -#ifdef HAVE_LIBSCRYPT_H +#ifdef HAVE_LIBSCRYPT tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_new(buf, 50, &sz, "ABC", 3, 0)); tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_new(buf, 50, &sz, @@ -287,7 +288,7 @@ test_crypto_s2k_errors(void *arg) tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_new(buf, 29, &sz, "ABC", 3, S2K_FLAG_NO_SCRYPT));
-#ifdef HAVE_LIBSCRYPT_H +#ifdef HAVE_LIBSCRYPT tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_make_specifier(buf, 18, 0)); tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_make_specifier(buf, 18, S2K_FLAG_LOW_MEM)); @@ -308,7 +309,7 @@ test_crypto_s2k_errors(void *arg) secret_to_key_derivekey(buf2, sizeof(buf2), buf, 18, "ABC", 3));
-#ifdef HAVE_LIBSCRYPT_H +#ifdef HAVE_LIBSCRYPT /* It's a bad scrypt buffer if N would overflow uint64 */ memset(buf, 0, sizeof(buf)); buf[0] = 2; /* scrypt */ @@ -329,7 +330,7 @@ test_crypto_scrypt_vectors(void *arg) uint8_t spec[64], out[64];
(void)arg; -#ifndef HAVE_LIBSCRYPT_H +#ifndef HAVE_LIBSCRYPT if (1) tt_skip(); #endif @@ -507,7 +508,7 @@ test_crypto_pwbox(void *arg)
struct testcase_t slow_crypto_tests[] = { CRYPTO_LEGACY(s2k_rfc2440), -#ifdef HAVE_LIBSCRYPT_H +#ifdef HAVE_LIBSCRYPT { "s2k_scrypt", test_crypto_s2k_general, 0, &passthrough_setup, (void*)"scrypt" }, { "s2k_scrypt_low", test_crypto_s2k_general, 0, &passthrough_setup,