From e05c271a760a1b82eb61c94d9a1a38ca51e6c690c80b4275cb1d7ecce3fc8acb Mon Sep 17 00:00:00 2001 From: Kurt Garloff Date: Mon, 4 Dec 2017 08:13:50 +0000 Subject: [PATCH] Accepting request 547923 from home:garloff:branches:Base:System - Update to 1.99.8: * Support openssl-1.1 (patch from Marcus Meissner) * cryptalgo->recycle to reuse crypto context (neeeded for openssl) * Fix memleak in test_aes * Use test_aes in check target to ensure all algorithms work * Use std probe mech in test_aes, so we don't fail with SIGILL * Fix build without openssl OBS-URL: https://build.opensuse.org/request/show/547923 OBS-URL: https://build.opensuse.org/package/show/Base:System/dd_rescue?expand=0&rev=39 --- dd_rescue-1.99.7.tar.bz2 | 3 - dd_rescue-1.99.7.tar.bz2.asc | 17 -- dd_rescue-1.99.8.tar.bz2 | 3 + dd_rescue-1.99.8.tar.bz2.asc | 17 ++ dd_rescue-openssl11.patch | 440 ----------------------------------- dd_rescue.changes | 11 + dd_rescue.spec | 11 +- 7 files changed, 36 insertions(+), 466 deletions(-) delete mode 100644 dd_rescue-1.99.7.tar.bz2 delete mode 100644 dd_rescue-1.99.7.tar.bz2.asc create mode 100644 dd_rescue-1.99.8.tar.bz2 create mode 100644 dd_rescue-1.99.8.tar.bz2.asc delete mode 100644 dd_rescue-openssl11.patch diff --git a/dd_rescue-1.99.7.tar.bz2 b/dd_rescue-1.99.7.tar.bz2 deleted file mode 100644 index 1f29939..0000000 --- a/dd_rescue-1.99.7.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:24c7ef2d3195b1e2e42f705e773613a474129eea63556e805cf0b41243446134 -size 172414 diff --git a/dd_rescue-1.99.7.tar.bz2.asc b/dd_rescue-1.99.7.tar.bz2.asc deleted file mode 100644 index 079a45d..0000000 --- a/dd_rescue-1.99.7.tar.bz2.asc +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.22 (GNU/Linux) - -iQIVAwUAWgWkI95PGzor/8W/AQjV2Q/7BzIFxNqmiCxBCuLuSZhnG6hfiWMUNIY3 -moKs3DphPDj+OU4sLtMwRz2at4LGIH4pBVyWHAS4FPh/LRI2Jl6przzgP9oQeFiS -rWKUAhXhzc5S3wZKJNILI7HcAC7W99PDTqyjKSES5WujwPIgCxncBW2Fv9WAur/6 -M/8FvzAOwZMXf+JLbyI+QJggyRLgedBz1DhFyb5k21SryeUkHufqkpS0FEbdkSvm -RJbXaa+UIX3K4Z70LRcNuAmvpbpo+p3L3GROQcrcrehoOcLkH7vtsadJi97H0pvk -5qFLPiT2rs6JIxRUCpHRmV3z2+7rIiD7TH/bt+vmqWyDKWctAoZP+aLfP478yGk1 -Y1m7MBVmpUxZWjBWkrQD9vwHTtQdgHgjSg4Fxh7slBMVBJdgSJhpAzSjkVnlp8Ax -R+/b06FAjNAdN9HWiXiRcSHaGuIFXYgfjd1SgLyT4nn6junOsepQFK5652i3Cb2b -XOyr7BCd/RtRapqjn3gqWidkDKjAyfr/Va3RqmZyVhLvMS+2mCcMmruQ92+lVr4D -Cwe0yGEONagveA7oyuJK86rXBChUdJs2maoU92nwe0WJeo/qFv6NGWnRg/bCGVeg -D8uHzyp75lTTpfqJ3GPpbJCsOHa1z8mZ1tHOXrJ/1LPpiuTz0s+9T4PZ43NmW45M -v3S49wOzPTQ= -=I9NO ------END PGP SIGNATURE----- diff --git a/dd_rescue-1.99.8.tar.bz2 b/dd_rescue-1.99.8.tar.bz2 new file mode 100644 index 0000000..7fd264f --- /dev/null +++ b/dd_rescue-1.99.8.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:90db76716af6a6a2370d9726804ff26cc63e61109af9967078a5eb941faa7dbd +size 174594 diff --git a/dd_rescue-1.99.8.tar.bz2.asc b/dd_rescue-1.99.8.tar.bz2.asc new file mode 100644 index 0000000..beac9a4 --- /dev/null +++ b/dd_rescue-1.99.8.tar.bz2.asc @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQIVAwUAWiR0qt5PGzor/8W/AQhhLg//WUrDjN/VeduumCk+CIO5uA0V0ld1BZqs +caCa4kJW1tOeDtuIsHmgicumTlKYebhPvgo695sumDr+3yOd/5uF/7YyQjsbLhL+ +xukhPD4g6KUEk3lbT91rEvPp0aulY8ZLkYd1IY0O5eJWE0d9laYOvs2F5/ZBftvd +9CD7lc1Df+KLnKvbywif9AfJkugP4Twypgo8WEyXAuQGZw4Nx+av3E2yYWLrW4g6 +nVSzTAr5DMqBQgoJvK8LfXyybCsa6/gqJEgU+fsfZ2ucQrFn29CY5iqCuRRcxH19 +vq2fsduJ/0w1cTCM6nVTm5EaSBcCAER0B/g0OU9cFZ3sqLUkYgiB/qwWAKg5yKv9 +BQys6/HGytbxYXi75vp9XL2k+FAkgeTCmrfIs9grPXHXZULltomeVEl7bHr2YD8T ++0/2CMoyusQmMN87n1DvCX9KGa4AzAfgPvUEvimWK2nwjd4u4vIvh3TMBu3qeaa3 +a2Tc0GeXcjLHmSER98y7gRlOaz/rnNvH+8wOX6gPy8pGPnr5/+vGeWrw1h+Vxau2 +w90G4/gGW7FAog7WpDxZNPG8YLiH3hBgISXo1OXertkTXOKl8ytmn21zbMKYBanW +CJ7QMsBGrYXSQrnBtCFqzSwKsEcOSOkASQh9A0YWceTrF2MpoSFsEBqXHxcheoeQ +DbdAjCIjHcU= +=ZkW1 +-----END PGP SIGNATURE----- diff --git a/dd_rescue-openssl11.patch b/dd_rescue-openssl11.patch deleted file mode 100644 index f74d50f..0000000 --- a/dd_rescue-openssl11.patch +++ /dev/null @@ -1,440 +0,0 @@ -Index: dd_rescue-1.99.7/aes_ossl.c -=================================================================== ---- dd_rescue-1.99.7.orig/aes_ossl.c -+++ dd_rescue-1.99.7/aes_ossl.c -@@ -17,15 +17,17 @@ - - void AES_OSSL_Bits_EKey_Expand(const EVP_CIPHER *cipher, const unsigned char* userkey, unsigned char *ctx) - { -- EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx; -- EVP_CIPHER_CTX_init(evpctx); -- EVP_EncryptInit_ex(evpctx, cipher, NULL, userkey, NULL); -+ EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx; -+ evpctx[0] = EVP_CIPHER_CTX_new(); \ -+ EVP_CIPHER_CTX_init(evpctx[0]); -+ EVP_EncryptInit_ex(evpctx[0], cipher, NULL, userkey, NULL); - } - void AES_OSSL_Bits_DKey_Expand(const EVP_CIPHER *cipher, const unsigned char* userkey, unsigned char *ctx) - { -- EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx; -- EVP_CIPHER_CTX_init(evpctx); -- EVP_DecryptInit_ex(evpctx, cipher, NULL, userkey, NULL); -+ EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx; -+ evpctx[0] = EVP_CIPHER_CTX_new(); \ -+ EVP_CIPHER_CTX_init(evpctx[0]); -+ EVP_DecryptInit_ex(evpctx[0], cipher, NULL, userkey, NULL); - } - - -@@ -48,28 +50,27 @@ int AES_OSSL_##BITCHAIN##_Encrypt(const - ssize_t len, ssize_t *flen) \ - { \ - int olen, elen, ores; \ -- EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx; \ -- EVP_EncryptInit(evpctx, NULL, NULL, NULL); \ -- EVP_CIPHER_CTX_set_padding(evpctx, DOPAD? pad: 0); \ -+ EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx; \ -+ EVP_CIPHER_CTX_set_padding(evpctx[0], DOPAD? pad: 0); \ - if (IV) { \ -- memcpy(evpctx->oiv, iv, 16); memcpy(evpctx->iv, iv, 16); \ -+ memcpy(EVP_CIPHER_CTX_original_iv(evpctx[0]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[0]), iv, 16); \ - } \ - if (DOPAD && !pad && (len&15)) { \ -- ores = EVP_EncryptUpdate(evpctx, out, &olen, in, len-(len&15)); \ -+ ores = EVP_EncryptUpdate(evpctx[0], out, &olen, in, len-(len&15)); \ - assert(ores); \ - uchar ibf[16]; \ - memcpy(ibf, in+olen, len&15); \ - memset(ibf+(len&15), 0, 16-(len&15)); \ -- ores = EVP_EncryptUpdate(evpctx, out+olen, &elen, ibf, 16); \ -+ ores = EVP_EncryptUpdate(evpctx[0], out+olen, &elen, ibf, 16); \ - memset(ibf, 0, len&15); \ - asm("":::"memory"); \ - assert(ores); \ - } else { \ - if (DOPAD && !(len%15) && pad == PAD_ASNEEDED) \ -- EVP_CIPHER_CTX_set_padding(evpctx, 0); \ -- ores = EVP_EncryptUpdate(evpctx, out, &olen, in, len); \ -+ EVP_CIPHER_CTX_set_padding(evpctx[0], 0); \ -+ ores = EVP_EncryptUpdate(evpctx[0], out, &olen, in, len); \ - assert(ores); \ -- ores = EVP_EncryptFinal(evpctx, out+olen, &elen);\ -+ ores = EVP_EncryptFinal(evpctx[0], out+olen, &elen);\ - assert(ores); \ - if (0 && elen && (len&15)) olen -= 16; \ - } \ -@@ -80,7 +81,7 @@ int AES_OSSL_##BITCHAIN##_Encrypt(const - fprintf(stderr, "Encryption length mismatch %i+%i != %zi\n", \ - olen, elen, len); \ - if (IV) \ -- memcpy(iv, evpctx->iv, 16); \ -+ memcpy(iv, EVP_CIPHER_CTX_iv(evpctx[0]), 16); \ - return (DOPAD && (pad == PAD_ALWAYS || (len&15)))? 16-(len&15): 0; \ - }; \ - int AES_OSSL_##BITCHAIN##_Decrypt(const unsigned char* ctx, unsigned int rounds,\ -@@ -90,49 +91,48 @@ int AES_OSSL_##BITCHAIN##_Decrypt(const - { \ - int olen, elen = 0, ores; \ - int ilen = (len&15)? len+15-(len&15): len; \ -- EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx; \ -- EVP_DecryptInit(evpctx, NULL, NULL, NULL); \ -- EVP_CIPHER_CTX_set_padding(evpctx, DOPAD && pad != PAD_ASNEEDED?pad:0); \ -+ EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx; \ -+ EVP_CIPHER_CTX_set_padding(evpctx[0], DOPAD && pad != PAD_ASNEEDED?pad:0); \ - if (IV) { \ -- memcpy(evpctx->oiv, iv, 16); memcpy(evpctx->iv, iv, 16); \ -+ memcpy(EVP_CIPHER_CTX_original_iv(evpctx[0]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[0]), iv, 16); \ - } \ - if (DOPAD && pad == PAD_ASNEEDED) { \ - int olen1; \ - uchar buf[16]; \ -- ores = EVP_DecryptUpdate(evpctx, out, &olen, in, ilen-16); \ -+ ores = EVP_DecryptUpdate(evpctx[0], out, &olen, in, ilen-16); \ - assert(ores); \ -- EVP_CIPHER_CTX ctx2; \ -- memcpy(&ctx2, evpctx, sizeof(ctx2)); \ -+ EVP_CIPHER_CTX *ctx2 = EVP_CIPHER_CTX_new(); \ -+ EVP_CIPHER_CTX_copy(ctx2, evpctx[0]); \ - /* Save piece that gets overwritten */ \ - if (in == out) \ - memcpy(buf, out+olen, 16); \ -- EVP_CIPHER_CTX_set_padding(evpctx, 1); \ -- ores = EVP_DecryptUpdate(evpctx, out+olen, &olen1, in+ilen-16, 16); \ -+ EVP_CIPHER_CTX_set_padding(evpctx[0], 1); \ -+ ores = EVP_DecryptUpdate(evpctx[0], out+olen, &olen1, in+ilen-16, 16); \ - assert(ores); assert(!olen1); \ -- ores = EVP_DecryptFinal(evpctx, out+olen, &elen); \ -+ ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen); \ - if (!ores) { \ -- memcpy(evpctx, &ctx2, sizeof(ctx2)); \ -+ EVP_CIPHER_CTX_copy(evpctx[0], ctx2); \ - if (in == out) \ - memcpy(out+olen, buf, 16); \ -- ores = EVP_DecryptUpdate(evpctx, out+olen, &olen1, in+ilen-16, 16); \ -+ ores = EVP_DecryptUpdate(evpctx[0], out+olen, &olen1, in+ilen-16, 16); \ - assert(ores); assert(olen1 == 16); \ - olen += olen1; \ -- ores = EVP_DecryptFinal(evpctx, out+olen, &elen); \ -+ ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen); \ - assert(ores); \ - } \ -- memset(&ctx2, 0, sizeof(ctx2)); \ -+ EVP_CIPHER_CTX_free(ctx2); \ - asm("":::"memory"); \ - } else { \ -- ores = EVP_DecryptUpdate(evpctx, out, &olen, in, ilen); \ -+ ores = EVP_DecryptUpdate(evpctx[0], out, &olen, in, ilen); \ - assert(ores); \ -- ores = EVP_DecryptFinal(evpctx, out+olen, &elen); \ -+ ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen); \ - } \ - if (DOPAD && pad) { \ - *flen = olen + elen; \ - } else \ - *flen = len; \ - if (IV) \ -- memcpy(iv, evpctx->iv, 16); \ -+ memcpy(iv, EVP_CIPHER_CTX_iv(evpctx[0]), 16); \ - if (DOPAD && pad == PAD_ASNEEDED) \ - return (elen? 16-elen: 1); \ - return ores - 1; \ -@@ -140,8 +140,8 @@ int AES_OSSL_##BITCHAIN##_Decrypt(const - - void AES_OSSL_Release(unsigned char *ctx, unsigned int rounds) - { -- EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx; -- EVP_CIPHER_CTX_cleanup(evpctx); -+ EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx; -+ EVP_CIPHER_CTX_cleanup(evpctx[0]); - } - - AES_OSSL_KEY_EX(128, AES_128_ROUNDS, ecb); -@@ -180,37 +180,41 @@ AES_OSSL_CRYPT(256_CTR, 1, 0); - - void AES_OSSL_Bits_EKey_ExpandX2(const EVP_CIPHER *cipher, const unsigned char* userkey, unsigned char *ctx, unsigned int bits) - { -- EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx; -- EVP_CIPHER_CTX_init(evpctx); -- EVP_EncryptInit_ex(evpctx, cipher, NULL, userkey, NULL); -- //EVP_CIPHER_CTX_set_padding(evpctx, 0); -+ EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx; -+ evpctx[0] = EVP_CIPHER_CTX_new(); \ -+ evpctx[1] = EVP_CIPHER_CTX_new(); \ -+ EVP_CIPHER_CTX_init(evpctx[0]); -+ EVP_EncryptInit_ex(evpctx[0], cipher, NULL, userkey, NULL); -+ //EVP_CIPHER_CTX_set_padding(evpctx[0], 0); - hash_t hv; - sha256_init(&hv); - sha256_calc(userkey, bits/8, bits/8, &hv); - uchar usrkey2[32]; - sha256_beout(usrkey2, &hv); - sha256_init(&hv); -- EVP_CIPHER_CTX_init(evpctx+1); -- EVP_EncryptInit_ex(evpctx+1, cipher, NULL, usrkey2, NULL); -+ EVP_CIPHER_CTX_init(evpctx[1]); -+ EVP_EncryptInit_ex(evpctx[1], cipher, NULL, usrkey2, NULL); - //EVP_CIPHER_CTX_set_padding(evpctx+1, 0); - memset(usrkey2, 0, 32); - asm("":::"memory"); - } - void AES_OSSL_Bits_DKey_ExpandX2(const EVP_CIPHER *cipher, const unsigned char* userkey, unsigned char *ctx, unsigned int bits) - { -- EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx; -- EVP_CIPHER_CTX_init(evpctx); -- EVP_DecryptInit_ex(evpctx, cipher, NULL, userkey, NULL); -- //EVP_CIPHER_CTX_set_padding(evpctx, 0); -+ EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx; -+ evpctx[0] = EVP_CIPHER_CTX_new(); \ -+ evpctx[1] = EVP_CIPHER_CTX_new(); \ -+ EVP_CIPHER_CTX_init(evpctx[0]); -+ EVP_DecryptInit_ex(evpctx[0], cipher, NULL, userkey, NULL); -+ //EVP_CIPHER_CTX_set_padding(evpctx[0], 0); - hash_t hv; - sha256_init(&hv); - sha256_calc(userkey, bits/8, bits/8, &hv); - uchar usrkey2[32]; - sha256_beout(usrkey2, &hv); - sha256_init(&hv); -- EVP_CIPHER_CTX_init(evpctx+1); -- EVP_DecryptInit_ex(evpctx+1, cipher, NULL, usrkey2, NULL); -- //EVP_CIPHER_CTX_set_padding(evpctx+1, 0); -+ EVP_CIPHER_CTX_init(evpctx[1]); -+ EVP_DecryptInit_ex(evpctx[1], cipher, NULL, usrkey2, NULL); -+ //EVP_CIPHER_CTX_set_padding(evpctx[1], 0); - memset(usrkey2, 0, 32); - asm("":::"memory"); - } -@@ -235,40 +239,40 @@ int AES_OSSL_##BITCHAIN##_EncryptX2(con - ssize_t len, ssize_t *flen) \ - { \ - int olen, elen, ores; \ -- EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx; \ -- EVP_EncryptInit(evpctx, NULL, NULL, NULL); \ -- EVP_EncryptInit(evpctx+1, NULL, NULL, NULL); \ -- EVP_CIPHER_CTX_set_padding(evpctx, pad); \ -- EVP_CIPHER_CTX_set_padding(evpctx+1, 0); \ -+ EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx; \ -+ EVP_EncryptInit(evpctx[0], NULL, NULL, NULL); \ -+ EVP_EncryptInit(evpctx[1], NULL, NULL, NULL); \ -+ EVP_CIPHER_CTX_set_padding(evpctx[0], pad); \ -+ EVP_CIPHER_CTX_set_padding(evpctx[1], 0); \ - if (IV) { \ -- memcpy(evpctx->oiv, iv, 16); memcpy(evpctx->iv, iv, 16); \ -- memcpy((evpctx+1)->oiv, iv, 16); memcpy((evpctx+1)->iv, iv, 16); \ -+ memcpy(EVP_CIPHER_CTX_original_iv(evpctx[0]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[0]), iv, 16); \ -+ memcpy(EVP_CIPHER_CTX_original_iv(evpctx[1]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[1]), iv, 16); \ - } \ - if (!pad && (len&15)) { \ -- ores = EVP_EncryptUpdate(evpctx, out, &olen, in, len-(len&15)); \ -+ ores = EVP_EncryptUpdate(evpctx[0], out, &olen, in, len-(len&15)); \ - assert(ores); \ - uchar ibf[16]; \ - memcpy(ibf, in+olen, len&15); \ - memset(ibf+(len&15), 0, 16-(len&15)); \ -- ores = EVP_EncryptUpdate(evpctx, out+olen, &elen, ibf, 16); \ -+ ores = EVP_EncryptUpdate(evpctx[0], out+olen, &elen, ibf, 16); \ - memset(ibf, 0, len&15); \ - asm("":::"memory"); \ - assert(ores); \ - } else { \ -- ores = EVP_EncryptUpdate(evpctx, out, &olen, in, len); \ -+ ores = EVP_EncryptUpdate(evpctx[0], out, &olen, in, len); \ - assert(ores); \ -- ores = EVP_EncryptFinal(evpctx, out+olen, &elen); \ -+ ores = EVP_EncryptFinal(evpctx[0], out+olen, &elen); \ - assert(ores); \ - } \ -- ores = EVP_EncryptUpdate(evpctx+1, out, &olen, out, olen+elen); \ -+ ores = EVP_EncryptUpdate(evpctx[1], out, &olen, out, olen+elen); \ - assert(ores); \ -- ores = EVP_EncryptFinal(evpctx+1, out+olen, &elen); \ -+ ores = EVP_EncryptFinal(evpctx[1], out+olen, &elen); \ - assert(ores); \ - *flen = olen+elen; \ - if (pad == PAD_ASNEEDED && !(len&15)) \ - *flen -= 16; \ - if (IV) \ -- memcpy(iv, evpctx->iv, 16); \ -+ memcpy(iv, EVP_CIPHER_CTX_iv(evpctx[0]), 16); \ - return (pad == PAD_ALWAYS || (len&15))? 16-(len&15): 0; \ - }; \ - int AES_OSSL_##BITCHAIN##_DecryptX2(const unsigned char* ctx, unsigned int rounds, \ -@@ -278,54 +282,52 @@ int AES_OSSL_##BITCHAIN##_DecryptX2(con - { \ - int olen, elen, ores; \ - int rlen = (len&15)? len+16-(len&15): len; \ -- EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx; \ -- EVP_DecryptInit(evpctx+1, NULL, NULL, NULL); \ -- EVP_DecryptInit(evpctx, NULL, NULL, NULL); \ -- EVP_CIPHER_CTX_set_padding(evpctx+1, 0); \ -- EVP_CIPHER_CTX_set_padding(evpctx, pad==PAD_ASNEEDED? 0: pad); \ -+ EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx; \ -+ EVP_CIPHER_CTX_set_padding(evpctx[1], 0); \ -+ EVP_CIPHER_CTX_set_padding(evpctx[0], pad==PAD_ASNEEDED? 0: pad); \ - if (IV) { \ -- memcpy((evpctx+1)->oiv, iv, 16); memcpy((evpctx+1)->iv, iv, 16); \ -- memcpy(evpctx->oiv, iv, 16); memcpy(evpctx->iv, iv, 16); \ -+ memcpy(EVP_CIPHER_CTX_original_iv(evpctx[1]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[1]), iv, 16); \ -+ memcpy(EVP_CIPHER_CTX_original_iv(evpctx[0]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[0]), iv, 16); \ - } \ -- ores = EVP_DecryptUpdate(evpctx+1, out, &olen, in, rlen); \ -+ ores = EVP_DecryptUpdate(evpctx[1], out, &olen, in, rlen); \ - assert(ores); \ -- ores = EVP_DecryptFinal(evpctx+1, out+olen, &elen); \ -+ ores = EVP_DecryptFinal(evpctx[1], out+olen, &elen); \ - assert(ores); \ - if (pad == PAD_ASNEEDED) { \ - int ilen = olen, olen1; \ - uchar buf[16]; \ -- ores = EVP_DecryptUpdate(evpctx, out, &olen, out, ilen-16); \ -+ ores = EVP_DecryptUpdate(evpctx[0], out, &olen, out, ilen-16); \ - assert(ores); assert(olen == ilen-16); \ - /* Save piece that gets overwritten */ \ - memcpy(buf, out+olen, 16); \ -- EVP_CIPHER_CTX ctx2; \ -- memcpy(&ctx2, evpctx, sizeof(ctx2)); \ -- EVP_CIPHER_CTX_set_padding(evpctx, 1); \ -- ores = EVP_DecryptUpdate(evpctx, out+olen, &olen1, out+ilen-16, 16); \ -+ EVP_CIPHER_CTX *ctx2 = EVP_CIPHER_CTX_new(); \ -+ EVP_CIPHER_CTX_copy(ctx2, evpctx[0]); \ -+ EVP_CIPHER_CTX_set_padding(evpctx[0], 1); \ -+ ores = EVP_DecryptUpdate(evpctx[0], out+olen, &olen1, out+ilen-16, 16); \ - assert(ores); assert(!olen1); \ -- ores = EVP_DecryptFinal(evpctx, out+olen, &elen); \ -+ ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen); \ - if (!ores) { \ -- memcpy(evpctx, &ctx2, sizeof(ctx2)); \ -+ EVP_CIPHER_CTX_copy(evpctx[0], ctx2); \ - memcpy(out+olen, buf, 16); \ -- ores = EVP_DecryptUpdate(evpctx, out+olen, &olen1, out+ilen-16, 16); \ -+ ores = EVP_DecryptUpdate(evpctx[0], out+olen, &olen1, out+ilen-16, 16); \ - assert(ores); assert(olen1 == 16); \ - olen += olen1; \ -- ores = EVP_DecryptFinal(evpctx, out+olen, &elen); \ -+ ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen); \ - assert(ores); \ - } \ -- memset(&ctx2, 0, sizeof(ctx2)); \ -+ EVP_CIPHER_CTX_free(ctx2); \ - asm("":::"memory"); \ - } else { \ -- ores = EVP_DecryptUpdate(evpctx, out, &olen, out, olen+elen); \ -- assert(ores); \ -- ores = EVP_DecryptFinal(evpctx, out+olen, &elen); \ -+ ores = EVP_DecryptUpdate(evpctx[0], out, &olen, out, olen+elen); \ -+ assert(ores); \ -+ ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen); \ - } \ - if (pad) \ - *flen = olen+elen; \ - else \ - *flen = len; \ - if (IV) \ -- memcpy(iv, evpctx->iv, 16); \ -+ memcpy(iv, EVP_CIPHER_CTX_iv(evpctx[0]), 16); \ - if (pad == PAD_ASNEEDED) \ - return (elen? 16-elen: 1); \ - return ores - 1; \ -@@ -333,9 +335,10 @@ int AES_OSSL_##BITCHAIN##_DecryptX2(con - - void AES_OSSL_ReleaseX2(unsigned char *ctx, unsigned int rounds) - { -- EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx; -- EVP_CIPHER_CTX_cleanup(evpctx); -- EVP_CIPHER_CTX_cleanup(evpctx+1); -+ EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx; -+ EVP_CIPHER_CTX_cleanup(evpctx[0]); -+ EVP_CIPHER_CTX_cleanup(evpctx[1]); -+ /* FIXME: free ? */ - } - - AES_OSSL_KEY_EX2(128, AES_128_ROUNDS, ecb); -@@ -365,22 +368,22 @@ AES_OSSL_CRYPT2(256_ECB, 0); - void AES_OSSL_Blk_EncryptX2(const unsigned char *ctx, unsigned int rounds, - const unsigned char *in, unsigned char *out) - { -- EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx; -+ EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx; - int olen; - uchar blk[16]; -- EVP_EncryptUpdate(evpctx, blk, &olen, in, 16); -- EVP_EncryptUpdate(evpctx+1, out, &olen, blk, olen); -+ EVP_EncryptUpdate(evpctx[0], blk, &olen, in, 16); -+ EVP_EncryptUpdate(evpctx[1], out, &olen, blk, olen); - memset(blk, 0, 16); - asm("":::"memory"); - } - void AES_OSSL_Blk_DecryptX2(const unsigned char *ctx, unsigned int rounds, - const unsigned char *in, unsigned char *out) - { -- EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx; -+ EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx; - int olen; - uchar blk[16]; -- EVP_DecryptUpdate(evpctx+1, blk, &olen, in, 16); -- EVP_DecryptUpdate(evpctx, out, &olen, blk, olen); -+ EVP_DecryptUpdate(evpctx[1], blk, &olen, in, 16); -+ EVP_DecryptUpdate(evpctx[0], out, &olen, blk, olen); - memset(blk, 0, 16); - asm("":::"memory"); - } -@@ -392,11 +395,11 @@ int AES_OSSL_##BITS##_CBC_EncryptX2(con - const unsigned char* in, unsigned char *out, \ - ssize_t len, ssize_t *olen) \ - { \ -- EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx; \ -- EVP_EncryptInit(evpctx, NULL, NULL, NULL); \ -- EVP_EncryptInit(evpctx+1, NULL, NULL, NULL); \ -- EVP_CIPHER_CTX_set_padding(evpctx, 0); \ -- EVP_CIPHER_CTX_set_padding(evpctx+1, 0); \ -+ EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx; \ -+ EVP_EncryptInit(evpctx[0], NULL, NULL, NULL); \ -+ EVP_EncryptInit(evpctx[1], NULL, NULL, NULL); \ -+ EVP_CIPHER_CTX_set_padding(evpctx[0], 0); \ -+ EVP_CIPHER_CTX_set_padding(evpctx[1], 0); \ - return AES_Gen_CBC_Enc(AES_OSSL_Blk_EncryptX2, ctx, rounds, iv, pad, in, out, len, olen); \ - }; \ - int AES_OSSL_##BITS##_CBC_DecryptX2(const unsigned char *ctx, unsigned int rounds, \ -@@ -404,11 +407,9 @@ int AES_OSSL_##BITS##_CBC_DecryptX2(con - const unsigned char* in, unsigned char *out, \ - ssize_t len, ssize_t *olen) \ - { \ -- EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx; \ -- EVP_DecryptInit(evpctx+1, NULL, NULL, NULL); \ -- EVP_DecryptInit(evpctx, NULL, NULL, NULL); \ -- EVP_CIPHER_CTX_set_padding(evpctx+1, 0); \ -- EVP_CIPHER_CTX_set_padding(evpctx, 0); \ -+ EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx; \ -+ EVP_CIPHER_CTX_set_padding(evpctx[1], 0); \ -+ EVP_CIPHER_CTX_set_padding(evpctx[0], 0); \ - return AES_Gen_CBC_Dec(AES_OSSL_Blk_DecryptX2, ctx, rounds, iv, pad, in, out, len, olen); \ - } - -@@ -424,11 +425,11 @@ int AES_OSSL_##BITS##_CTR_CryptX2(const - ssize_t len, ssize_t *olen) \ - { \ - *olen = len; \ -- EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx; \ -- EVP_EncryptInit(evpctx, NULL, NULL, NULL); \ -- EVP_EncryptInit(evpctx+1, NULL, NULL, NULL); \ -- EVP_CIPHER_CTX_set_padding(evpctx, 0); \ -- EVP_CIPHER_CTX_set_padding(evpctx+1, 0); \ -+ EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx; \ -+ EVP_EncryptInit(evpctx[0], NULL, NULL, NULL); \ -+ EVP_EncryptInit(evpctx[1], NULL, NULL, NULL); \ -+ EVP_CIPHER_CTX_set_padding(evpctx[0], 0); \ -+ EVP_CIPHER_CTX_set_padding(evpctx[1], 0); \ - return AES_Gen_CTR_Crypt(AES_OSSL_Blk_EncryptX2, ctx, rounds, iv, in, out, len);\ - } - -@@ -437,8 +438,8 @@ AES_OSSL_DECL_CTR_X2(192); - AES_OSSL_DECL_CTR_X2(256); - - --#define EVP_CTX_SZ sizeof(EVP_CIPHER_CTX) --#define EVP_CTX_SZX2 2*sizeof(EVP_CIPHER_CTX) -+#define EVP_CTX_SZ sizeof(EVP_CIPHER_CTX*) -+#define EVP_CTX_SZX2 2*sizeof(EVP_CIPHER_CTX*) - - ciph_desc_t AES_OSSL_Methods[] = { - {"AES128-ECB" , 128, 10, 16, EVP_CTX_SZ, &aes_stream_ecb, diff --git a/dd_rescue.changes b/dd_rescue.changes index dd78a82..8b90deb 100644 --- a/dd_rescue.changes +++ b/dd_rescue.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Sun Dec 3 22:11:29 CET 2017 - kurt@garloff.de + +- Update to 1.99.8: + * Support openssl-1.1 (patch from Marcus Meissner) + * cryptalgo->recycle to reuse crypto context (neeeded for openssl) + * Fix memleak in test_aes + * Use test_aes in check target to ensure all algorithms work + * Use std probe mech in test_aes, so we don't fail with SIGILL + * Fix build without openssl + ------------------------------------------------------------------- Wed Nov 29 17:25:01 UTC 2017 - meissner@suse.com diff --git a/dd_rescue.spec b/dd_rescue.spec index b5a13bb..859e1f9 100644 --- a/dd_rescue.spec +++ b/dd_rescue.spec @@ -17,7 +17,7 @@ Name: dd_rescue -Version: 1.99.7 +Version: 1.99.8 Release: 0 Summary: Data copying in the presence of I/O Errors License: GPL-2.0 or GPL-3.0 @@ -27,14 +27,15 @@ Source0: http://garloff.de/kurt/linux/ddrescue/%{name}-%{version}.tar.bz2 Source1: http://garloff.de/kurt/linux/ddrescue/%{name}-%{version}.tar.bz2.asc Source2: %{name}.keyring Source99: %{name}.changes -Patch0: dd_rescue-openssl11.patch BuildRequires: autoconf BuildRequires: libattr-devel %if 0%{?is_opensuse} BuildRequires: libfallocate-devel %endif BuildRequires: lzo-devel +%if 0%{?suse_version} >= 1200 BuildRequires: lzop +%endif BuildRequires: pkgconfig BuildRequires: python Requires: bc @@ -46,7 +47,8 @@ Recommends: libfallocate0 Provides: ddrescue = %{version} Obsoletes: ddrescue < %{version} BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: pkgconfig(libcrypto) +#BuildRequires: pkgconfig(libcrypto) +BuildRequires: libopenssl-devel %description dd_rescue helps when nothing else can: your disk has crashed and you @@ -111,9 +113,6 @@ data to the decompressor; the plugin is still young and might expose bugs. %prep %setup -q -if pkg-config --atleast-version=1.1.0 libssl; then -%patch0 -p1 -fi # Remove build time references so build-compare can do its work FAKE_BUILDTIME=$(LC_ALL=C date -u -r %{SOURCE99} '+%%H:%%M')