[tor-commits] [tor/release-0.2.8] Make sure that libscrypt_scrypt actually exists before using it.

nickm at torproject.org nickm at torproject.org
Wed May 25 14:21:24 UTC 2016


commit be3875cda2c45d8cd057c00e0bcc16bef9067d90
Author: Nick Mathewson <nickm at torproject.org>
Date:   Tue May 24 10:28:31 2016 -0400

    Make sure that libscrypt_scrypt actually exists before using it.
    
    Previously, if the header was present, we'd proceed even if the
    function wasn't there.
    
    Easy fix for bug 19161.  A better fix would involve trying harder to
    find libscrypt_scrypt.
---
 changes/bug19161            |  3 +++
 configure.ac                |  1 +
 src/common/crypto_s2k.c     |  2 +-
 src/test/test_crypto_slow.c | 15 ++++++++-------
 4 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/changes/bug19161 b/changes/bug19161
new file mode 100644
index 0000000..78c2165
--- /dev/null
+++ b/changes/bug19161
@@ -0,0 +1,3 @@
+  o Minor bugfixes (compilation):
+    - When libscrypt.h is found, but no libscrypt library can be linked,
+      treat libscrypt as absent. Fixes bug 19161; bugfix on 0.2.6.1-alpha.
diff --git a/configure.ac b/configure.ac
index a487948..59433c2 100644
--- a/configure.ac
+++ b/configure.ac
@@ -833,6 +833,7 @@ dnl Check for libscrypt
 if test "x$enable_libscrypt" != "xno"; then
   AC_CHECK_HEADERS([libscrypt.h])
   AC_SEARCH_LIBS(libscrypt_scrypt, [scrypt])
+  AC_CHECK_FUNCS([libscrypt_scrypt])
 fi
 
 dnl ============================================================
diff --git a/src/common/crypto_s2k.c b/src/common/crypto_s2k.c
index a9140c7..3bc05f1 100644
--- a/src/common/crypto_s2k.c
+++ b/src/common/crypto_s2k.c
@@ -19,7 +19,7 @@
 
 #include <openssl/evp.h>
 
-#ifdef HAVE_LIBSCRYPT_H
+#if defined(HAVE_LIBSCRYPT_H) && defined(HAVE_LIBSCRYPT_SCRYPT)
 #define HAVE_SCRYPT
 #include <libscrypt.h>
 #endif
diff --git a/src/test/test_crypto_slow.c b/src/test/test_crypto_slow.c
index 9b39199..6f3e40e 100644
--- a/src/test/test_crypto_slow.c
+++ b/src/test/test_crypto_slow.c
@@ -10,7 +10,8 @@
 #include "crypto_s2k.h"
 #include "crypto_pwbox.h"
 
-#if defined(HAVE_LIBSCRYPT_H)
+#if defined(HAVE_LIBSCRYPT_H) && defined(HAVE_LIBSCRYPT_SCRYPT)
+#define HAVE_LIBSCRYPT
 #include <libscrypt.h>
 #endif
 
@@ -129,7 +130,7 @@ test_crypto_s2k_general(void *arg)
   }
 }
 
-#if defined(HAVE_LIBSCRYPT_H) && defined(HAVE_EVP_PBE_SCRYPT)
+#if defined(HAVE_LIBSCRYPT) && defined(HAVE_EVP_PBE_SCRYPT)
 static void
 test_libscrypt_eq_openssl(void *arg)
 {
@@ -276,7 +277,7 @@ test_crypto_s2k_errors(void *arg)
                                     buf, sizeof(buf), "ABC", 3));
 
   /* Truncated output */
-#ifdef HAVE_LIBSCRYPT_H
+#ifdef HAVE_LIBSCRYPT
   tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_new(buf, 50, &sz,
                                                  "ABC", 3, 0));
   tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_new(buf, 50, &sz,
@@ -287,7 +288,7 @@ test_crypto_s2k_errors(void *arg)
   tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_new(buf, 29, &sz,
                                               "ABC", 3, S2K_FLAG_NO_SCRYPT));
 
-#ifdef HAVE_LIBSCRYPT_H
+#ifdef HAVE_LIBSCRYPT
   tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_make_specifier(buf, 18, 0));
   tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_make_specifier(buf, 18,
                                                  S2K_FLAG_LOW_MEM));
@@ -308,7 +309,7 @@ test_crypto_s2k_errors(void *arg)
             secret_to_key_derivekey(buf2, sizeof(buf2),
                                     buf, 18, "ABC", 3));
 
-#ifdef HAVE_LIBSCRYPT_H
+#ifdef HAVE_LIBSCRYPT
   /* It's a bad scrypt buffer if N would overflow uint64 */
   memset(buf, 0, sizeof(buf));
   buf[0] = 2; /* scrypt */
@@ -329,7 +330,7 @@ test_crypto_scrypt_vectors(void *arg)
   uint8_t spec[64], out[64];
 
   (void)arg;
-#ifndef HAVE_LIBSCRYPT_H
+#ifndef HAVE_LIBSCRYPT
   if (1)
     tt_skip();
 #endif
@@ -507,7 +508,7 @@ test_crypto_pwbox(void *arg)
 
 struct testcase_t slow_crypto_tests[] = {
   CRYPTO_LEGACY(s2k_rfc2440),
-#ifdef HAVE_LIBSCRYPT_H
+#ifdef HAVE_LIBSCRYPT
   { "s2k_scrypt", test_crypto_s2k_general, 0, &passthrough_setup,
     (void*)"scrypt" },
   { "s2k_scrypt_low", test_crypto_s2k_general, 0, &passthrough_setup,





More information about the tor-commits mailing list