A potential fix [was Re: openssl in -current]

Sun, 20 Feb 2000 19:47:58 -0800 

OK, I've dinked around with this some more and I think I might have at
least a partial solution to this whole mess (it still doesn't make
openssl actually useful to us, it just makes it less annoying :).

First, apply the following patch:

Index: Makefile
===================================================================
RCS file: /home/ncvs/src/secure/lib/librsaglue/Makefile,v
retrieving revision 1.1
diff -u -u -r1.1 Makefile
--- Makefile    2000/01/20 07:24:40     1.1
+++ Makefile    2000/02/21 03:01:09
@@ -11,7 +11,7 @@
 CFLAGS+=       -I${.OBJDIR}
 
 # rsaref
-SRCS+= rsar_err.c rsaref.c
+SRCS+= rsar_err.c rsaref.c rsaref_stubs.c
 
 HDRS=  asn1/asn1.h asn1/asn1_mac.h bio/bio.h bf/blowfish.h bn/bn.h \
        buffer/buffer.h cast/cast.h comp/comp.h conf/conf.h crypto.h \

Then stick the code below in /usr/src/crypto/openssl/rsaref/rsaref_stubs.c
and rebuild/install from /usr/src/secure/lib/librsaglue.  If you
then proceed to /usr/ports/security/openssh and make this change:

Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/security/openssh/Makefile,v
retrieving revision 1.45
diff -u -u -r1.45 Makefile
--- Makefile    2000/02/16 04:52:59     1.45
+++ Makefile    2000/02/21 03:30:44
@@ -31,7 +31,7 @@
                :pserver:[EMAIL PROTECTED]:/cvs
 CRYPTOLIBS=    -L${OPENSSLLIB} -lcrypto
 .if defined(OPENSSL_RSAREF)
-CRYPTOLIBS+=   -lRSAglue -L${LOCALBASE}/lib -lrsaref
+CRYPTOLIBS+=   -lRSAglue
 .endif
 # Here, MANDIR is concetenated to DESTDIR which all forms the man install dir...
 MAKE_ENV+=     DESTDIR=${PREFIX} MANDIR=/man/man CRYPTOLIBS="${CRYPTOLIBS}"

You'll create an ssh which either whines at you for having no librsaref.so
or, if you do have one, will load and use it seamlessly.

- Jordan


/*
 * $FreeBSD$
 *
 * Copyright (c) 2000
 *      Jordan Hubbard.  All rights reserved.
 *
 * Stub functions for RSA code.  If you link with this code, you will
 * get a full set of weak symbol references to the rsaref library
 * functions which are required by openssl.  These can then be occluded
 * by the real rsaref library by implicitly linking with it or, failing
 * that, these stub functions will attempt to dlopen() the appropriate
 * rsaref library if it can be found in the library search path.
 *
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer,
 *    verbatim and that no modifications are made prior to this
 *    point in the file.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY JORDAN HUBBARD ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL JORDAN HUBBARD OR HIS PETS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, LIFE OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 */

#ifndef NO_RSA
#include <dlfcn.h>
#include <stdio.h>

#define RSA_SHLIB       "librsaref.so"  /* be more exact if you need to */
#define VERBOSE_STUBS   /* undef if you don't want missing rsaref reported */

static void *
getsym(const char *sym)
{
    static void *rsalib;
    static int whined;
    void *ret = NULL;

    if (!rsalib)
        rsalib = dlopen(RSA_SHLIB, RTLD_LAZY);
    if (rsalib)
        ret = dlsym(rsalib, sym);
#ifdef VERBOSE_STUBS
     if (!ret && !whined) {
        fprintf(stderr, "** %s: Unable to find an rsaref shared library (%s).\n", sym, 
RSA_SHLIB);
        fprintf(stderr, "** Install an RSA package on your system and run this program 
again\n", RSA_SHLIB);
        whined = 1;
     }
#endif
     return ret;
}

#pragma weak RSAPrivateDecrypt=RSAPrivateDecrypt_stub
int
RSAPrivateDecrypt_stub(unsigned char *output, unsigned int *outlen,
    unsigned char *input, int inputlen, void *RSAkey)
{
    static int (*sym)(unsigned char *, unsigned int *, unsigned char *, int, void *);

    if (sym || (sym = getsym("RSAPrivateDecrypt")))
        return sym(output, outlen, input, inputlen, RSAkey);
    return 0;
}

#pragma weak RSAPrivateEncrypt=RSAPrivateEncrypt_stub
int
RSAPrivateEncrypt_stub(unsigned char *output, unsigned int *outlen,
    unsigned char *input, int inputlen, void *RSAkey)
{
    static int (*sym)(unsigned char *, unsigned int *, unsigned char *, int, void *);

    if (sym || (sym = getsym("RSAPrivateEncrypt")))
        return sym(output, outlen, input, inputlen, RSAkey);
    return 0;
}

#pragma weak RSAPublicDecrypt=RSAPublicDecrypt_stub
int
RSAPublicDecrypt_stub(unsigned char *output, unsigned int *outlen,
    unsigned char *input, int inputlen, void *RSAkey)
{
    static int (*sym)(unsigned char *, unsigned int *, unsigned char *, int, void *);

    if (sym || (sym = getsym("RSAPublicDecrypt")))
        return sym(output, outlen, input, inputlen, RSAkey);
    return 0;
}

#pragma weak RSAPublicEncrypt=RSAPublicEncrypt_stub
int
RSAPublicEncrypt_stub(unsigned char *output, unsigned int *outlen,
    unsigned char *input, int inputlen, void *RSAkey, void *randomStruct)
{
    static int (*sym)(unsigned char *, unsigned int *, unsigned char *, int,
        void *, void *);

    if (sym || (sym = getsym("RSAPublicEncrypt")))
        return sym(output, outlen, input, inputlen, RSAkey, randomStruct);
    return 0;
}

#pragma weak R_GetRandomBytesNeeded=R_GetRandomBytesNeeded_stub
int
R_GetRandomBytesNeeded_stub(unsigned int *bytesNeeded, void *randomStruct) 
{
    static int (*sym)(unsigned int *, void *);

    if (sym || (sym = getsym("R_GetRandomBytesNeeded")))
        return sym(bytesNeeded, randomStruct);
    return 0;
}

#pragma weak R_RandomFinal=R_RandomFinal_stub
void
R_RandomFinal_stub(void *randomStruct)
{
    static void (*sym)(void *);

    if (sym || (sym = getsym("R_RandomFinal")))
        sym(randomStruct);
}

#pragma weak R_RandomInit=R_RandomInit_stub
int
R_RandomInit_stub(void *randomStruct)
{
    static int (*sym)(void *);

    if (sym || (sym = getsym("R_RandomInit")))
        sym(randomStruct);
}

#pragma weak R_RandomUpdate=R_RandomUpdate_stub
int
R_RandomUpdate_stub(void *randomStruct,
    unsigned char *block, unsigned int blockLen) 
{
    static int (*sym)(void *, unsigned char *, unsigned int);

    if (sym || (sym = getsym("R_RandomUpdate")))
        sym(randomStruct, block, blockLen);
}

#endif  /* NO_RSA */


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to