From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Date: Fri, 1 Oct 2021 17:18:30 +0000 (-0500)
Subject: FIPS_mode() has been removed in OpenSSL 3.0
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=86aca6c5053d320dc2fea1ae22a4b44d08c73285;p=thirdparty%2Ffreeradius-server.git

FIPS_mode() has been removed in OpenSSL 3.0

 Load "legacy" provider for MD4
---

diff --git a/src/bin/radiusd.c b/src/bin/radiusd.c
index e5603e07d2..6b3f1a869d 100644
--- a/src/bin/radiusd.c
+++ b/src/bin/radiusd.c
@@ -457,7 +457,6 @@ int main(int argc, char *argv[])
 
 	if (rad_check_lib_magic(RADIUSD_MAGIC_NUMBER) < 0) EXIT_WITH_FAILURE;
 
-
 #ifdef HAVE_OPENSSL_CRYPTO_H
 	/*
 	 *  Mismatch between build time OpenSSL and linked SSL, better to die
@@ -607,15 +606,10 @@ int main(int argc, char *argv[])
 
 #ifdef HAVE_OPENSSL_CRYPTO_H
 	/*
-	 *  Toggle OpenSSL FIPS mode
+	 *  Toggle FIPS mode
 	 */
-	if (config->openssl_fips_mode_is_set) {
-		if (FIPS_mode_set(config->openssl_fips_mode ? 1 : 0) == 0) {
-			fr_tls_log_error(NULL, "Failed %s OpenSSL FIPS mode",
-				      config->openssl_fips_mode ? "enabling" : "disabling");
-			EXIT_WITH_FAILURE;
-		}
-	}
+	if (config->openssl_fips_mode_is_set &&
+	    (fr_openssl_fips_mode(config->openssl_fips_mode) < 0)) EXIT_WITH_FAILURE;
 #endif
 
 	/*
diff --git a/src/bin/unit_test_attribute.c b/src/bin/unit_test_attribute.c
index b7d3ab448b..eb473df39f 100644
--- a/src/bin/unit_test_attribute.c
+++ b/src/bin/unit_test_attribute.c
@@ -3181,7 +3181,7 @@ int main(int argc, char *argv[])
 		fr_perror("unit_test_attribute");
 		EXIT_WITH_FAILURE;
 	}
-	
+
 	unlang_thread_instantiate(autofree);
 
 	if (!xlat_register(NULL, "test", xlat_test, false)) {
diff --git a/src/lib/tls/base-h b/src/lib/tls/base-h
index e14053ad39..41394fc68b 100644
--- a/src/lib/tls/base-h
+++ b/src/lib/tls/base-h
@@ -178,6 +178,8 @@ int		fr_openssl_thread_init(size_t async_pool_size_init, size_t async_pool_size_
 
 int		fr_openssl_init(void);
 
+int		fr_openssl_fips_mode(bool enabled);
+
 void		fr_openssl_free(void);
 
 int		fr_tls_dict_init(void);
diff --git a/src/lib/tls/base.c b/src/lib/tls/base.c
index 94c01dd241..0d8d7b1ec7 100644
--- a/src/lib/tls/base.c
+++ b/src/lib/tls/base.c
@@ -31,6 +31,9 @@ USES_APPLE_DEPRECATED_API	/* OpenSSL API has been deprecated by Apple */
 #define LOG_PREFIX "tls - "
 
 #include <openssl/conf.h>
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+#  include <openssl/provider.h>
+#endif
 
 #include <freeradius-devel/server/base.h>
 #include <freeradius-devel/tls/attrs.h>
@@ -422,6 +425,28 @@ int fr_openssl_init(void)
 		return -1;
 	}
 
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+	/*
+	 *	Load the default provider for most algorithms
+	 */
+	if (!OSSL_PROVIDER_load(NULL, "default")) {
+		fr_tls_log_error(NULL, "Failed loading default provider");
+		return -1;
+	}
+
+	/*
+	 *	Needed for MD4
+	 *
+	 *	https://www.openssl.org/docs/man3.0/man7/migration_guide.html#Legacy-Algorithms
+	 */
+	if (!OSSL_PROVIDER_load(NULL, "legacy")) {
+		fr_tls_log_error(NULL, "Failed loading legacy provider");
+		return -1;
+	}
+#endif
+
+	OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
+
 	/*
 	 *	SHA256 is in all versions of OpenSSL, but isn't
 	 *	initialized by default.  It's needed for WiMAX
@@ -429,8 +454,6 @@ int fr_openssl_init(void)
 	 */
 	EVP_add_digest(EVP_sha256());
 
-	OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
-
 	/*
 	 *	FIXME - This should be done _after_
 	 *	running any engine controls.
@@ -446,6 +469,30 @@ int fr_openssl_init(void)
 	return 0;
 }
 
+/** Enable or disable fips mode
+ *
+ * @param[in] enabled		If true enable fips mode if false disable fips mode.
+ * @return
+ *	- 0 on success.
+ *      - -1 on failure
+ */
+int fr_openssl_fips_mode(bool enabled)
+{
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+	if (!EVP_set_default_properties(NULL, enabled ? "fips=yes" : "fips=no")) {
+		fr_tls_log_error(NULL, "Failed %s OpenSSL FIPS mode", enabled ? "enabling" : "disabling");
+		return -1;
+	}
+#else
+	if (!FIPS_mode_set(enabled ? 1 : 0)) {
+		fr_tls_log_error(NULL, "Failed %s OpenSSL FIPS mode", enabled ? "enabling" : "disabling");
+		return -1;
+	}
+#endif
+
+	return 0;
+}
+
 /** Load dictionary attributes
  *
  * This is a separate function because of ordering issues.
diff --git a/src/lib/tls/ctx.c b/src/lib/tls/ctx.c
index 92a922e3b3..dd70219b12 100644
--- a/src/lib/tls/ctx.c
+++ b/src/lib/tls/ctx.c
@@ -38,6 +38,9 @@ USES_APPLE_DEPRECATED_API	/* OpenSSL API has been deprecated by Apple */
 
 #include <openssl/rand.h>
 #include <openssl/dh.h>
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+#  include <openssl/provider.h>
+#endif
 
 #include "base.h"
 #include "utils.h"
@@ -89,7 +92,11 @@ static int ctx_dh_params_load(SSL_CTX *ctx, char *file)
 	 * Change suggested by @t8m
 	 */
 #if OPENSSL_VERSION_NUMBER >= 0x10101000L
+#  if OPENSSL_VERSION_NUMBER >= 0x30000000L
+	if (EVP_default_properties_is_fips_enabled(NULL)) {
+#  else
 	if (FIPS_mode() > 0) {
+#endif
 		WARN(LOG_PREFIX ": Ignoring user-selected DH parameters in FIPS mode. Using defaults.");
 		return 0;
 	}
diff --git a/src/lib/util/md4.c b/src/lib/util/md4.c
index 7ae2c81f8d..5589504d3a 100644
--- a/src/lib/util/md4.c
+++ b/src/lib/util/md4.c
@@ -26,8 +26,14 @@ static _Thread_local fr_md4_ctx_t *md4_ctx;
  *	be operating in FIPS mode where MD4 digest functions are unavailable.
  */
 #ifdef HAVE_OPENSSL_EVP_H
+
 #  include <openssl/evp.h>
 #  include <openssl/crypto.h>
+#  include <openssl/err.h>
+
+#  if OPENSSL_VERSION_NUMBER >= 0x30000000L
+#    include <openssl/provider.h>
+#  endif
 
 static int have_openssl_md4 = -1;
 
@@ -74,7 +80,18 @@ static fr_md4_ctx_t *fr_md4_openssl_ctx_alloc(bool thread_local)
 				return NULL;
 			}
 			fr_atexit_thread_local(md4_ctx, _md4_ctx_openssl_free_on_exit, md_ctx);
-			EVP_DigestInit_ex(md_ctx, EVP_md4(), NULL);
+			if (unlikely(EVP_DigestInit_ex(md_ctx, EVP_md4(), NULL) != 1)) {
+				char buffer[256];
+			error:
+
+				ERR_error_string_n(ERR_get_error(), buffer, sizeof(buffer));
+
+				fr_strerror_printf("Failed initialising MD4 ctx: %s", buffer);
+				EVP_MD_CTX_free(md_ctx);
+				md_ctx = NULL;
+
+				return NULL;
+			}
 		} else {
 			md_ctx = md4_ctx;
 		}
@@ -86,7 +103,7 @@ static fr_md4_ctx_t *fr_md4_openssl_ctx_alloc(bool thread_local)
 	} else {
 		md_ctx = EVP_MD_CTX_new();
 		if (unlikely(!md_ctx)) goto oom;
-		EVP_DigestInit_ex(md_ctx, EVP_md4(), NULL);
+		if (EVP_DigestInit_ex(md_ctx, EVP_md4(), NULL) != 1) goto error;
 	}
 
 	return md_ctx;
@@ -339,7 +356,11 @@ static fr_md4_ctx_t *fr_md4_local_ctx_alloc(bool thread_local)
 		 *	md4 functions, and call the OpenSSL init
 		 *	function.
 		 */
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+		if (!EVP_default_properties_is_fips_enabled(NULL)) {
+#else
 		if (FIPS_mode() == 0) {
+#endif
 			have_openssl_md4 = 1;
 
 			/*
diff --git a/src/lib/util/md5.c b/src/lib/util/md5.c
index e73ea84b60..ac9f4b6f97 100644
--- a/src/lib/util/md5.c
+++ b/src/lib/util/md5.c
@@ -35,10 +35,15 @@ typedef struct {
 	bool		used;
 	fr_md5_ctx_t	*md_ctx;
 } fr_md5_free_list_t;
-static _Thread_local fr_md5_free_list_t * md5_array;
+static _Thread_local fr_md5_free_list_t *md5_array;
 
 #  include <openssl/evp.h>
 #  include <openssl/crypto.h>
+#  include <openssl/err.h>
+
+#  if OPENSSL_VERSION_NUMBER >= 0x30000000L
+#    include <openssl/provider.h>
+#  endif
 
 static int have_openssl_md5 = -1;
 
@@ -96,7 +101,18 @@ static fr_md5_ctx_t *fr_md5_openssl_ctx_alloc(bool thread_local)
 			fr_strerror_const("Out of memory");
 			return NULL;
 		}
-		EVP_DigestInit_ex(md_ctx, EVP_md5(), NULL);
+		if (unlikely(EVP_DigestInit_ex(md_ctx, EVP_md5(), NULL) != 1)) {
+			char buffer[256];
+		error:
+
+			ERR_error_string_n(ERR_get_error(), buffer, sizeof(buffer));
+
+			fr_strerror_printf("Failed initialising MD5 ctx: %s", buffer);
+			EVP_MD_CTX_free(md_ctx);
+			md_ctx = NULL;
+
+			return NULL;
+		}
 		return md_ctx;
 	}
 
@@ -110,9 +126,11 @@ static fr_md5_ctx_t *fr_md5_openssl_ctx_alloc(bool thread_local)
 		 *	Initialize all MD5 contexts
 		 */
 		for (i = 0; i < ARRAY_SIZE; i++) {
-			free_list[i].md_ctx = EVP_MD_CTX_new();
-			if (!free_list[i].md_ctx ) goto oom;
-			EVP_DigestInit_ex(free_list[i].md_ctx, EVP_md5(), NULL);
+			md_ctx = EVP_MD_CTX_new();
+			if (unlikely(md_ctx == NULL)) goto oom;
+
+			if (unlikely(EVP_DigestInit_ex(md_ctx, EVP_md5(), NULL) != 1)) goto error;
+			free_list[i].md_ctx = md_ctx;
 		}
 	} else {
 		free_list = md5_array;
@@ -378,7 +396,11 @@ static fr_md5_ctx_t *fr_md5_local_ctx_alloc(bool thread_local)
 		 *	md5 functions, and call the OpenSSL init
 		 *	function.
 		 */
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+		if (!EVP_default_properties_is_fips_enabled(NULL)) {
+#else
 		if (FIPS_mode() == 0) {
+#endif
 			have_openssl_md5 = 1;
 
 			/*
diff --git a/src/lib/util/md5.h b/src/lib/util/md5.h
index 46bdfeee85..6da77ec546 100644
--- a/src/lib/util/md5.h
+++ b/src/lib/util/md5.h
@@ -85,7 +85,7 @@ extern		fr_md5_final_t		fr_md5_final;
 void		fr_md5_calc(uint8_t out[static MD5_DIGEST_LENGTH], uint8_t const *in, size_t inlen);
 
 /* hmac.c */
-void		fr_hmac_md5(uint8_t digest[static MD5_DIGEST_LENGTH], uint8_t const *in, size_t inlen,
+int		fr_hmac_md5(uint8_t digest[static MD5_DIGEST_LENGTH], uint8_t const *in, size_t inlen,
 			    uint8_t const *key, size_t key_len);
 #ifdef __cplusplus
 }
diff --git a/src/lib/util/sha1.h b/src/lib/util/sha1.h
index a58879b3cb..8906e1f68b 100644
--- a/src/lib/util/sha1.h
+++ b/src/lib/util/sha1.h
@@ -57,8 +57,8 @@ USES_APPLE_DEPRECATED_API
 
 /* hmacsha1.c */
 
-void fr_hmac_sha1(uint8_t digest[static SHA1_DIGEST_LENGTH], uint8_t const *in, size_t inlen,
-		  uint8_t const *key, size_t key_len);
+int fr_hmac_sha1(uint8_t digest[static SHA1_DIGEST_LENGTH], uint8_t const *in, size_t inlen,
+		 uint8_t const *key, size_t key_len);
 
 #ifdef __cplusplus
 }