Commit be3875cd authored by Nick Mathewson's avatar Nick Mathewson 🦀
Browse files

Make sure that libscrypt_scrypt actually exists before using it. 

Previously, if the header was present, we'd proceed even if the
function wasn't there.

Easy fix for bug 19161.  A better fix would involve trying harder to
find libscrypt_scrypt.
parent 87134db5

changes/bug19161

0 → 100644
+3 −0
Original line number Diff line number Diff line 
  o Minor bugfixes (compilation):

    - When libscrypt.h is found, but no libscrypt library can be linked,

      treat libscrypt as absent. Fixes bug 19161; bugfix on 0.2.6.1-alpha.

configure.ac

+1 −0
Original line number Diff line number Diff line
@@ -833,6 +833,7 @@ dnl Check for libscrypt 
if test "x$enable_libscrypt" != "xno"; then

  AC_CHECK_HEADERS([libscrypt.h])

  AC_SEARCH_LIBS(libscrypt_scrypt, [scrypt])

  AC_CHECK_FUNCS([libscrypt_scrypt])

fi



dnl ============================================================

src/common/crypto_s2k.c

+1 −1
Original line number Diff line number Diff line
@@ -19,7 +19,7 @@ 


#include <openssl/evp.h>



#ifdef HAVE_LIBSCRYPT_H

#if defined(HAVE_LIBSCRYPT_H) && defined(HAVE_LIBSCRYPT_SCRYPT)

#define HAVE_SCRYPT

#include <libscrypt.h>

#endif

src/test/test_crypto_slow.c

+8 −7
Original line number Diff line number Diff line
@@ -10,7 +10,8 @@ 
#include "crypto_s2k.h"

#include "crypto_pwbox.h"



#if defined(HAVE_LIBSCRYPT_H)

#if defined(HAVE_LIBSCRYPT_H) && defined(HAVE_LIBSCRYPT_SCRYPT)

#define HAVE_LIBSCRYPT

#include <libscrypt.h>

#endif
@@ -129,7 +130,7 @@ test_crypto_s2k_general(void *arg) 
  }

}



#if defined(HAVE_LIBSCRYPT_H) && defined(HAVE_EVP_PBE_SCRYPT)

#if defined(HAVE_LIBSCRYPT) && defined(HAVE_EVP_PBE_SCRYPT)

static void

test_libscrypt_eq_openssl(void *arg)

{
@@ -276,7 +277,7 @@ test_crypto_s2k_errors(void *arg) 
                                    buf, sizeof(buf), "ABC", 3));



  /* Truncated output */

#ifdef HAVE_LIBSCRYPT_H

#ifdef HAVE_LIBSCRYPT

  tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_new(buf, 50, &sz,

                                                 "ABC", 3, 0));

  tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_new(buf, 50, &sz,
@@ -287,7 +288,7 @@ test_crypto_s2k_errors(void *arg) 
  tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_new(buf, 29, &sz,

                                              "ABC", 3, S2K_FLAG_NO_SCRYPT));



#ifdef HAVE_LIBSCRYPT_H

#ifdef HAVE_LIBSCRYPT

  tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_make_specifier(buf, 18, 0));

  tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_make_specifier(buf, 18,

                                                 S2K_FLAG_LOW_MEM));
@@ -308,7 +309,7 @@ test_crypto_s2k_errors(void *arg) 
            secret_to_key_derivekey(buf2, sizeof(buf2),

                                    buf, 18, "ABC", 3));



#ifdef HAVE_LIBSCRYPT_H

#ifdef HAVE_LIBSCRYPT

  /* It's a bad scrypt buffer if N would overflow uint64 */

  memset(buf, 0, sizeof(buf));

  buf[0] = 2; /* scrypt */
@@ -329,7 +330,7 @@ test_crypto_scrypt_vectors(void *arg) 
  uint8_t spec[64], out[64];



  (void)arg;

#ifndef HAVE_LIBSCRYPT_H

#ifndef HAVE_LIBSCRYPT

  if (1)

    tt_skip();

#endif
@@ -507,7 +508,7 @@ test_crypto_pwbox(void *arg) 


struct testcase_t slow_crypto_tests[] = {

  CRYPTO_LEGACY(s2k_rfc2440),

#ifdef HAVE_LIBSCRYPT_H

#ifdef HAVE_LIBSCRYPT

  { "s2k_scrypt", test_crypto_s2k_general, 0, &passthrough_setup,

    (void*)"scrypt" },

  { "s2k_scrypt_low", test_crypto_s2k_general, 0, &passthrough_setup,