external/ppp: update for BoringSSL.

This change updates the Android specific changes for BoringSSL, which is Google's cleaned up version of OpenSSL. The change also works with the current OpenSSL in Android. Significant changes: * Removal of wrapper functions for the OpenSSL hash functions – these aren't needed. * Use of the OpenSSL DES API. The code currently uses the SSLeay DES functions which are supported by current OpenSSL but were deprecated sometime in the 1990's. The OpenSSL DES API is the supported API for both OpenSSL and the only API in BoringSSL. This change has been proposed upstream in https://github.com/paulusmack/ppp/pull/24. Change-Id: I06c87ae4b5175a268739300eab59d65ddac8a2cc
author: Adam Langley <agl@google.com> 2014-12-11 17:11:37 -0800
committer: Adam Langley <agl@google.com> 2014-12-11 17:11:37 -0800
commit: 9336e70df49c4c156918eaefd47c7c37c5cadf27 (patch)
tree: f552231344bf0f34036c3b87712525a8d01cf874
parent: 041b0f93ff8e799c166093e85b9f001082db4b96 (diff)
download: ppp-9336e70df49c4c156918eaefd47c7c37c5cadf27.tar.gz
7 files changed, 79 insertions, 96 deletions
diff --git a/pppd/Android.mk b/pppd/Android.mk
index 0a564d9..22bc6b1 100644
--- a/pppd/Android.mk
+++ b/pppd/Android.mk
@@ -17,7 +17,6 @@ LOCAL_SRC_FILES:= \
 	lcp.c \
 	magic.c \
 	main.c \
-	openssl-hash.c \
 	options.c \
 	pppcrypt.c \
 	pppox.c \
@@ -33,7 +32,7 @@ LOCAL_SHARED_LIBRARIES := \
 LOCAL_C_INCLUDES := \
 	$(LOCAL_PATH)/include
 
-LOCAL_CFLAGS := -DCHAPMS=1 -DMPPE=1 -DINET6=1 -Iexternal/openssl/include -Wno-unused-parameter -Wno-empty-body -Wno-missing-field-initializers -Wno-attributes -Wno-sign-compare -Wno-pointer-sign -Werror
+LOCAL_CFLAGS := -DCHAPMS=1 -DMPPE=1 -DINET6=1 -DUSE_OPENSSL=1 -Iexternal/openssl/include -Wno-unused-parameter -Wno-empty-body -Wno-missing-field-initializers -Wno-attributes -Wno-sign-compare -Wno-pointer-sign -Werror
 
 LOCAL_MODULE:= pppd
 
diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index a74c914..6194ea5 100644
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -39,6 +39,9 @@ LIBS =
 # MS-CHAP authentication protocol.  Also, edit plugins/radius/Makefile.linux.
 CHAPMS=y
 USE_CRYPT=y
+# Alternatively, if you want to use OpenSSL for DES functions, comment out
+# USE_CRYPT, above, and uncomment this line.
+#USE_OPENSSL=y
 # Don't use MSLANMAN unless you really know what you're doing.
 #MSLANMAN=y
 # Uncomment the next line to include support for MPPE.  CHAPMS (above) must
@@ -122,7 +125,7 @@ endif
 
 ifneq ($(wildcard /usr/include/crypt.h),)
 CFLAGS  += -DHAVE_CRYPT_H=1
-LIBS	+= -lcrypt
+LIBS   += -lcrypt
 endif
 
 ifdef USE_LIBUTIL
@@ -131,10 +134,17 @@ LIBS	+= -lutil
 endif
 
 ifdef NEEDDES
+ifdef USE_OPENSSL
+CFLAGS   += -DUSE_OPENSSL=1
+LIBS     += -lcrypto
+else
 ifndef USE_CRYPT
-LIBS     += -ldes $(LIBS)
+CFLAGS   += -DUSE_LIBDES=1
+LIBS     += -ldes
 else
 CFLAGS   += -DUSE_CRYPT=1
+LIBS     += -lcrypt
+endif
 endif
 PPPDOBJS += pppcrypt.o
 HEADERS += pppcrypt.h
diff --git a/pppd/chap-new.c b/pppd/chap-new.c
index a3b7937..4730ce2 100644
--- a/pppd/chap-new.c
+++ b/pppd/chap-new.c
@@ -146,9 +146,6 @@ chap_init(int unit)
 	memset(&client, 0, sizeof(client));
 	memset(&server, 0, sizeof(server));
 
-#if defined(__ANDROID__)
-	openssl_hash_init();
-#endif
 	chap_md5_init();
 #ifdef CHAPMS
 	chapms_init();
diff --git a/pppd/openssl-hash.c b/pppd/openssl-hash.c
deleted file mode 100644
index 76b2af2..0000000
--- a/pppd/openssl-hash.c
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Copyright (C) 2009 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <openssl/evp.h>
-
-#include "pppd.h"
-
-const EVP_MD *sha1_md;
-const EVP_MD *md4_md;
-const EVP_MD *md5_md;
-
-void    openssl_hash_init() {
-    /* Use the SHA1 functions in openssl to save the flash space.*/
-    OpenSSL_add_all_digests();
-    sha1_md = EVP_get_digestbyname("sha1");
-    if (!sha1_md) {
-        dbglog("Error Unknown message digest SHA1\n");
-        exit(1);
-    }
-    md4_md = EVP_get_digestbyname("md4");
-    if (!md4_md) {
-        dbglog("Error Unknown message digest MD4\n");
-        exit(1);
-    }
-    md5_md = EVP_get_digestbyname("md5");
-    if (!md5_md) {
-        dbglog("Error Unknown message digest MD5\n");
-        exit(1);
-    }
-}
diff --git a/pppd/openssl-hash.h b/pppd/openssl-hash.h
index a2a5abe..a38cc7c 100644
--- a/pppd/openssl-hash.h
+++ b/pppd/openssl-hash.h
@@ -18,38 +18,14 @@
 #define __OPENSSL_HASH__
 
 #include <openssl/evp.h>
+#include <openssl/md4.h>
+#include <openssl/md5.h>
+#include <openssl/sha.h>
 
-extern  const EVP_MD *sha1_md;
 #define SHA1_SIGNATURE_SIZE 20
-#define SHA1_CTX	EVP_MD_CTX
-#define SHA1_Init(ctx)  { \
-    EVP_MD_CTX_init(ctx); \
-    EVP_DigestInit_ex(ctx, sha1_md, NULL); \
-}
-#define SHA1_Update EVP_DigestUpdate
-#define SHA1_Final(digest, ctx)  { \
-    int md_len; \
-    EVP_DigestFinal_ex(ctx, digest, &md_len); \
-}
-
-extern const EVP_MD *md4_md;
-#define MD4_CTX EVP_MD_CTX
-#define MD4Init(ctx)  { \
-    EVP_MD_CTX_init(ctx); \
-    EVP_DigestInit_ex(ctx, md4_md, NULL); \
-}
-#define MD4Update   EVP_DigestUpdate
-#define MD4Final    SHA1_Final
-
-extern const EVP_MD *md5_md;
-#define MD5_CTX EVP_MD_CTX
-#define MD5_Init(ctx)  { \
-    EVP_MD_CTX_init(ctx); \
-    EVP_DigestInit_ex(ctx, md5_md, NULL); \
-}
-#define MD5_Update   EVP_DigestUpdate
-#define MD5_Final    SHA1_Final
-
-extern  void    openssl_hash_init();
+#define SHA1_CTX SHA_CTX
+#define MD4Init MD4_Init
+#define MD4Update MD4_Update
+#define MD4Final MD4_Final
 
 #endif
diff --git a/pppd/pppcrypt.c b/pppd/pppcrypt.c
index 65e7282..0b2a11b 100644
--- a/pppd/pppcrypt.c
+++ b/pppd/pppcrypt.c
@@ -34,6 +34,25 @@
 #include "pppd.h"
 #include "pppcrypt.h"
 
+#if defined(__ANDROID__)
+/* This code can use one of three DES libraries. The first, if USE_LIBDES is
+ * defined, are the libdes functions. This interface is still supported by
+ * OpenSSL as backwards compatibility. If USE_CRYPT is defined then the
+ * libcrypt functions are used. Lastly, if USE_OPENSSL is defined the "modern"
+ * OpenSSL interface is used. */
+
+#if defined(USE_CRYPT)
+#include <crypt.h>
+#elif defined(USE_OPENSSL)
+#include <openssl/des.h>
+#elif defined(USE_LIBDES)
+#include <des.h>
+#else
+#error "Must define one of USE_CRYPT, USE_LIBDES or USE_OPENSSL"
+#endif
+
+#endif
+
 static u_char
 Get7Bits(input, startBit)
 u_char *input;
@@ -63,12 +82,12 @@ u_char *des_key;	/* OUT 64 bit DES key with parity bits added */
 	des_key[6] = Get7Bits(key, 42);
 	des_key[7] = Get7Bits(key, 49);
 
-#ifndef USE_CRYPT
+#if defined(USE_LIBDES)
 	des_set_odd_parity((des_cblock *)des_key);
 #endif
 }
 
-#ifdef USE_CRYPT
+#if defined(USE_CRYPT)
 /*
  * in == 8-byte string (expanded version of the 56-bit key)
  * out == 64-byte string where each byte is either 1 or 0
@@ -157,7 +176,40 @@ u_char *clear;	/* OUT 8 octets */
 	return (1);
 }
 
-#else /* USE_CRYPT */
+#elif defined(USE_OPENSSL)
+static DES_key_schedule key_schedule;
+
+bool
+DesSetkey(key)
+u_char *key;
+{
+	DES_cblock des_key;
+	MakeKey(key, (u_char*) &des_key);
+	DES_set_key(&des_key, &key_schedule);
+	return (1);
+}
+
+bool
+DesEncrypt(clear, cipher)
+u_char *clear;	/* IN  8 octets */
+u_char *cipher;	/* OUT 8 octets */
+{
+	DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher,
+	    &key_schedule, 1 /* encrypt */);
+	return (1);
+}
+
+bool
+DesDecrypt(cipher, clear)
+u_char *cipher;	/* IN  8 octets */
+u_char *clear;	/* OUT 8 octets */
+{
+	DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear,
+	    &key_schedule, 0 /* decrypt */);
+	return (1);
+}
+
+#elif defined(USE_LIBDES)
 static des_key_schedule	key_schedule;
 
 bool
@@ -194,4 +246,8 @@ u_char *clear;	/* OUT 8 octets */
 	return (1);
 }
 
+#else
+
+#error "Must define one of USE_CRYPT, USE_LIBDES or USE_OPENSSL"
+
 #endif /* USE_CRYPT */
diff --git a/pppd/pppcrypt.h b/pppd/pppcrypt.h
index 37968c4..d5deccd 100644
--- a/pppd/pppcrypt.h
+++ b/pppd/pppcrypt.h
@@ -33,18 +33,6 @@
 #ifndef PPPCRYPT_H
 #define	PPPCRYPT_H
 
-#ifdef HAVE_CRYPT_H
-#include <crypt.h>
-#endif
-
-#ifndef USE_CRYPT
-#if defined(__ANDROID__)
-#include <openssl/des.h>
-#else
-#include <des.h>
-#endif
-#endif
-
 extern bool	DesSetkey __P((u_char *));
 extern bool	DesEncrypt __P((u_char *, u_char *));
 extern bool	DesDecrypt __P((u_char *, u_char *));
author	Adam Langley <agl@google.com>	2014-12-11 17:11:37 -0800
committer	Adam Langley <agl@google.com>	2014-12-11 17:11:37 -0800
commit	9336e70df49c4c156918eaefd47c7c37c5cadf27 (patch)
tree	f552231344bf0f34036c3b87712525a8d01cf874
parent	041b0f93ff8e799c166093e85b9f001082db4b96 (diff)
download	ppp-9336e70df49c4c156918eaefd47c7c37c5cadf27.tar.gz