From b66a183f0bca81a34208b0c34d08d38c40ac66fd Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Sun, 27 Apr 2025 10:27:05 -0400 Subject: [PATCH] Remove OPENSSL_1_1_API macro We no longer support any version without this API. --- src/lib/crypt_ops/aes_openssl.c | 4 --- src/lib/crypt_ops/compat_openssl.h | 28 ++--------------- src/lib/crypt_ops/crypto_dh_openssl.c | 43 ++------------------------ src/lib/crypt_ops/crypto_openssl_mgt.c | 27 ---------------- src/lib/crypt_ops/crypto_rsa_openssl.c | 39 ----------------------- src/lib/tls/tortls_openssl.c | 22 ++++--------- src/lib/tls/x509_openssl.c | 11 ------- src/test/test_crypto.c | 4 --- src/test/test_crypto_openssl.c | 5 --- src/test/test_tortls_openssl.c | 17 ---------- 10 files changed, 11 insertions(+), 189 deletions(-) diff --git a/src/lib/crypt_ops/aes_openssl.c b/src/lib/crypt_ops/aes_openssl.c index ca8c5aca1a..bc59d9dc3c 100644 --- a/src/lib/crypt_ops/aes_openssl.c +++ b/src/lib/crypt_ops/aes_openssl.c @@ -116,11 +116,7 @@ aes_cipher_free_(aes_cnt_cipher_t *cipher_) if (!cipher_) return; EVP_CIPHER_CTX *cipher = (EVP_CIPHER_CTX *) cipher_; -#ifdef OPENSSL_1_1_API EVP_CIPHER_CTX_reset(cipher); -#else - EVP_CIPHER_CTX_cleanup(cipher); -#endif EVP_CIPHER_CTX_free(cipher); } void diff --git a/src/lib/crypt_ops/compat_openssl.h b/src/lib/crypt_ops/compat_openssl.h index c5eccdb015..0bc249c855 100644 --- a/src/lib/crypt_ops/compat_openssl.h +++ b/src/lib/crypt_ops/compat_openssl.h @@ -20,37 +20,13 @@ * \brief compatibility definitions for working with different openssl forks **/ -#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,0,1) -#error "We require OpenSSL >= 1.0.1" -#endif - -#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) -/* We define this macro if we're trying to build with the majorly refactored - * API in OpenSSL 1.1 */ -#define OPENSSL_1_1_API -#endif /* OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) && ... */ - -/* LibreSSL claims to be OpenSSL 2.0 but lacks these OpenSSL 1.1 APIs */ -#if !defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER) +/* LibreSSL claims to be OpenSSL 2.0 but lacks this OpenSSL 1.1 API. */ +#if defined(LIBRESSL_VERSION_NUMBER) #define RAND_OpenSSL() RAND_SSLeay() -#define STATE_IS_SW_SERVER_HELLO(st) \ - (((st) == SSL3_ST_SW_SRVR_HELLO_A) || \ - ((st) == SSL3_ST_SW_SRVR_HELLO_B)) #define OSSL_HANDSHAKE_STATE int -#define CONST_IF_OPENSSL_1_1_API -#else -#define STATE_IS_SW_SERVER_HELLO(st) \ - ((st) == TLS_ST_SW_SRVR_HELLO) -#define CONST_IF_OPENSSL_1_1_API const #endif -/* OpenSSL 1.1 and LibreSSL both have these APIs */ -#ifndef OPENSSL_1_1_API -#define OpenSSL_version(v) SSLeay_version(v) -#define tor_OpenSSL_version_num() SSLeay() -#else /* defined(OPENSSL_1_1_API) */ #define tor_OpenSSL_version_num() OpenSSL_version_num() -#endif /* !defined(OPENSSL_1_1_API) */ #endif /* defined(ENABLE_OPENSSL) */ diff --git a/src/lib/crypt_ops/crypto_dh_openssl.c b/src/lib/crypt_ops/crypto_dh_openssl.c index b2bebd2655..1578cdf224 100644 --- a/src/lib/crypt_ops/crypto_dh_openssl.c +++ b/src/lib/crypt_ops/crypto_dh_openssl.c @@ -60,7 +60,7 @@ crypto_validate_dh_params(const BIGNUM *p, const BIGNUM *g) /* Copy into a temporary DH object, just so that DH_check() can be called. */ if (!(dh = DH_new())) goto out; -#ifdef OPENSSL_1_1_API + BIGNUM *dh_p, *dh_g; if (!(dh_p = BN_dup(p))) goto out; @@ -68,12 +68,6 @@ crypto_validate_dh_params(const BIGNUM *p, const BIGNUM *g) goto out; if (!DH_set0_pqg(dh, dh_p, NULL, dh_g)) goto out; -#else /* !defined(OPENSSL_1_1_API) */ - if (!(dh->p = BN_dup(p))) - goto out; - if (!(dh->g = BN_dup(g))) - goto out; -#endif /* defined(OPENSSL_1_1_API) */ /* Perform the validation. */ int codes = 0; @@ -223,19 +217,12 @@ new_openssl_dh_from_params(BIGNUM *p, BIGNUM *g) goto err; } -#ifdef OPENSSL_1_1_API - if (!DH_set0_pqg(res_dh, dh_p, NULL, dh_g)) { goto err; } if (!DH_set_length(res_dh, DH_PRIVATE_KEY_BITS)) goto err; -#else /* !defined(OPENSSL_1_1_API) */ - res_dh->p = dh_p; - res_dh->g = dh_g; - res_dh->length = DH_PRIVATE_KEY_BITS; -#endif /* defined(OPENSSL_1_1_API) */ return res_dh; @@ -276,9 +263,6 @@ crypto_dh_get_bytes(crypto_dh_t *dh) int crypto_dh_generate_public(crypto_dh_t *dh) { -#ifndef OPENSSL_1_1_API - again: -#endif if (!DH_generate_key(dh->dh)) { /* LCOV_EXCL_START * To test this we would need some way to tell openssl to break DH. */ @@ -286,7 +270,7 @@ crypto_dh_generate_public(crypto_dh_t *dh) return -1; /* LCOV_EXCL_STOP */ } -#ifdef OPENSSL_1_1_API + /* OpenSSL 1.1.x doesn't appear to let you regenerate a DH key, without * recreating the DH object. I have no idea what sort of aliasing madness * can occur here, so do the check, and just bail on failure. @@ -298,20 +282,7 @@ crypto_dh_generate_public(crypto_dh_t *dh) "the-universe chances really do happen. Treating as a failure."); return -1; } -#else /* !defined(OPENSSL_1_1_API) */ - if (tor_check_dh_key(LOG_WARN, dh->dh->pub_key)<0) { - /* LCOV_EXCL_START - * If this happens, then openssl's DH implementation is busted. */ - log_warn(LD_CRYPTO, "Weird! Our own DH key was invalid. I guess once-in-" - "the-universe chances really do happen. Trying again."); - /* Free and clear the keys, so OpenSSL will actually try again. */ - BN_clear_free(dh->dh->pub_key); - BN_clear_free(dh->dh->priv_key); - dh->dh->pub_key = dh->dh->priv_key = NULL; - goto again; - /* LCOV_EXCL_STOP */ - } -#endif /* defined(OPENSSL_1_1_API) */ + return 0; } @@ -327,22 +298,14 @@ crypto_dh_get_public(crypto_dh_t *dh, char *pubkey, size_t pubkey_len) const BIGNUM *dh_pub; -#ifdef OPENSSL_1_1_API const BIGNUM *dh_priv; DH_get0_key(dh->dh, &dh_pub, &dh_priv); -#else - dh_pub = dh->dh->pub_key; -#endif /* defined(OPENSSL_1_1_API) */ if (!dh_pub) { if (crypto_dh_generate_public(dh)<0) return -1; else { -#ifdef OPENSSL_1_1_API DH_get0_key(dh->dh, &dh_pub, &dh_priv); -#else - dh_pub = dh->dh->pub_key; -#endif } } diff --git a/src/lib/crypt_ops/crypto_openssl_mgt.c b/src/lib/crypt_ops/crypto_openssl_mgt.c index 39d1de9104..ef152258d4 100644 --- a/src/lib/crypt_ops/crypto_openssl_mgt.c +++ b/src/lib/crypt_ops/crypto_openssl_mgt.c @@ -215,19 +215,13 @@ crypto_openssl_free_all(void) void crypto_openssl_early_init(void) { -#ifdef OPENSSL_1_1_API OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); -#else /* !defined(OPENSSL_1_1_API) */ - ERR_load_crypto_strings(); - OpenSSL_add_all_algorithms(); -#endif /* defined(OPENSSL_1_1_API) */ setup_openssl_threading(); -#ifdef OPENSSL_1_1_API unsigned long version_num = tor_OpenSSL_version_num(); const char *version_str = crypto_openssl_get_version_str(); if (version_num == OPENSSL_VERSION_NUMBER && @@ -249,7 +243,6 @@ crypto_openssl_early_init(void) (unsigned long)OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT, version_num, version_str); } -#endif /* defined(OPENSSL_1_1_API) */ crypto_force_rand_ssleay(); } @@ -352,12 +345,7 @@ crypto_openssl_init_engines(const char *accelName, used by Tor and the set of algorithms available in the engine */ log_engine("RSA", ENGINE_get_default_RSA()); log_engine("DH", ENGINE_get_default_DH()); -#ifdef OPENSSL_1_1_API log_engine("EC", ENGINE_get_default_EC()); -#else - log_engine("ECDH", ENGINE_get_default_ECDH()); - log_engine("ECDSA", ENGINE_get_default_ECDSA()); -#endif /* defined(OPENSSL_1_1_API) */ log_engine("RAND", ENGINE_get_default_RAND()); log_engine("RAND (which we will not use)", ENGINE_get_default_RAND()); log_engine("SHA1", ENGINE_get_digest_engine(NID_sha1)); @@ -415,26 +403,11 @@ crypto_openssl_thread_cleanup(void) void crypto_openssl_global_cleanup(void) { -#ifndef OPENSSL_1_1_API - EVP_cleanup(); -#endif #ifndef NEW_THREAD_API ERR_remove_thread_state(NULL); -#endif -#ifndef OPENSSL_1_1_API - ERR_free_strings(); -#endif - -#ifndef DISABLE_ENGINES -#ifndef OPENSSL_1_1_API - ENGINE_cleanup(); -#endif #endif CONF_modules_unload(1); -#ifndef OPENSSL_1_1_API - CRYPTO_cleanup_all_ex_data(); -#endif crypto_openssl_free_all(); } diff --git a/src/lib/crypt_ops/crypto_rsa_openssl.c b/src/lib/crypt_ops/crypto_rsa_openssl.c index 544d72e6ca..382ac1ff74 100644 --- a/src/lib/crypt_ops/crypto_rsa_openssl.c +++ b/src/lib/crypt_ops/crypto_rsa_openssl.c @@ -47,16 +47,12 @@ struct crypto_pk_t int crypto_pk_key_is_private(const crypto_pk_t *k) { -#ifdef OPENSSL_1_1_API if (!k || !k->key) return 0; const BIGNUM *p, *q; RSA_get0_factors(k->key, &p, &q); return p != NULL; /* XXX/yawning: Should we check q? */ -#else /* !defined(OPENSSL_1_1_API) */ - return k && k->key && k->key->p; -#endif /* defined(OPENSSL_1_1_API) */ } /** used by tortls.c: wrap an RSA* in a crypto_pk_t. Takes ownership of @@ -212,12 +208,8 @@ crypto_pk_public_exponent_ok(const crypto_pk_t *env) const BIGNUM *e; -#ifdef OPENSSL_1_1_API const BIGNUM *n, *d; RSA_get0_key(env->key, &n, &e, &d); -#else - e = env->key->e; -#endif /* defined(OPENSSL_1_1_API) */ return BN_is_word(e, TOR_RSA_EXPONENT); } @@ -242,16 +234,9 @@ crypto_pk_cmp_keys(const crypto_pk_t *a, const crypto_pk_t *b) const BIGNUM *a_n, *a_e; const BIGNUM *b_n, *b_e; -#ifdef OPENSSL_1_1_API const BIGNUM *a_d, *b_d; RSA_get0_key(a->key, &a_n, &a_e, &a_d); RSA_get0_key(b->key, &b_n, &b_e, &b_d); -#else - a_n = a->key->n; - a_e = a->key->e; - b_n = b->key->n; - b_e = b->key->e; -#endif /* defined(OPENSSL_1_1_API) */ tor_assert(a_n != NULL && a_e != NULL); tor_assert(b_n != NULL && b_e != NULL); @@ -279,7 +264,6 @@ crypto_pk_num_bits(crypto_pk_t *env) tor_assert(env); tor_assert(env->key); -#ifdef OPENSSL_1_1_API /* It's so stupid that there's no other way to check that n is valid * before calling RSA_bits(). */ @@ -288,10 +272,6 @@ crypto_pk_num_bits(crypto_pk_t *env) tor_assert(n != NULL); return RSA_bits(env->key); -#else /* !defined(OPENSSL_1_1_API) */ - tor_assert(env->key->n); - return BN_num_bits(env->key->n); -#endif /* defined(OPENSSL_1_1_API) */ } /** Increase the reference count of env, and return it. @@ -572,11 +552,7 @@ static bool rsa_private_key_too_long(RSA *rsa, int max_bits) { const BIGNUM *n, *e, *p, *q, *d, *dmp1, *dmq1, *iqmp; -#if defined(OPENSSL_1_1_API) && \ - (!defined(LIBRESSL_VERSION_NUMBER) || \ - LIBRESSL_VERSION_NUMBER >= OPENSSL_V_SERIES(3,5,0)) -#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,1) n = RSA_get0_n(rsa); e = RSA_get0_e(rsa); p = RSA_get0_p(rsa); @@ -585,24 +561,9 @@ rsa_private_key_too_long(RSA *rsa, int max_bits) dmp1 = RSA_get0_dmp1(rsa); dmq1 = RSA_get0_dmq1(rsa); iqmp = RSA_get0_iqmp(rsa); -#else /* !(OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,1)) */ - /* The accessors above did not exist in openssl 1.1.0. */ - p = q = dmp1 = dmq1 = iqmp = NULL; - RSA_get0_key(rsa, &n, &e, &d); -#endif /* OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,1) */ if (RSA_bits(rsa) > max_bits) return true; -#else /* !defined(OPENSSL_1_1_API) && ... */ - n = rsa->n; - e = rsa->e; - p = rsa->p; - q = rsa->q; - d = rsa->d; - dmp1 = rsa->dmp1; - dmq1 = rsa->dmq1; - iqmp = rsa->iqmp; -#endif /* defined(OPENSSL_1_1_API) && ... */ if (n && BN_num_bits(n) > max_bits) return true; diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c index ea5929fd71..aa8948bb28 100644 --- a/src/lib/tls/tortls_openssl.c +++ b/src/lib/tls/tortls_openssl.c @@ -179,9 +179,6 @@ tor_tls_log_one_error(tor_tls_t *tls, unsigned long err, case SSL_R_HTTP_REQUEST: case SSL_R_HTTPS_PROXY_REQUEST: case SSL_R_RECORD_LENGTH_MISMATCH: -#ifndef OPENSSL_1_1_API - case SSL_R_RECORD_TOO_LARGE: -#endif case SSL_R_UNKNOWN_PROTOCOL: case SSL_R_UNSUPPORTED_PROTOCOL: severity = LOG_INFO; @@ -304,21 +301,14 @@ tor_tls_init(void) check_no_tls_errors(); if (!tls_library_is_initialized) { -#ifdef OPENSSL_1_1_API OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); -#else - SSL_library_init(); - SSL_load_error_strings(); -#endif /* defined(OPENSSL_1_1_API) */ - -#if (SIZEOF_VOID_P >= 8 && \ - OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,0,1) && \ - (!defined(LIBRESSL_VERSION_NUMBER) || \ - LIBRESSL_VERSION_NUMBER < 0x3080000fL)) - long version = tor_OpenSSL_version_num(); +#if (SIZEOF_VOID_P >= 8) /* LCOV_EXCL_START : we can't test these lines on the same machine */ - if (version >= OPENSSL_V_SERIES(1,0,1)) { + { + /* TODO: I'm not sure that this test is still necessary on our + * supported openssl/libressl versions. */ + /* Warn if we could *almost* be running with much faster ECDH. If we're built for a 64-bit target, using OpenSSL 1.0.1, but we don't have one of the built-in __uint128-based speedups, we are @@ -345,7 +335,7 @@ tor_tls_init(void) "when configuring it) would make ECDH much faster."); } /* LCOV_EXCL_STOP */ -#endif /* (SIZEOF_VOID_P >= 8 && ... */ +#endif /* (SIZEOF_VOID_P >= 8 */ tor_tls_allocate_tor_tls_object_ex_data_index(); diff --git a/src/lib/tls/x509_openssl.c b/src/lib/tls/x509_openssl.c index 249c9c6688..405b5370bb 100644 --- a/src/lib/tls/x509_openssl.c +++ b/src/lib/tls/x509_openssl.c @@ -46,7 +46,6 @@ ENABLE_GCC_WARNING("-Wredundant-decls") #include #include -#ifdef OPENSSL_1_1_API #define X509_get_notBefore_const(cert) \ X509_get0_notBefore(cert) #define X509_get_notAfter_const(cert) \ @@ -59,12 +58,6 @@ ENABLE_GCC_WARNING("-Wredundant-decls") #define X509_get_notAfter(cert) \ X509_getm_notAfter(cert) #endif -#else /* !defined(OPENSSL_1_1_API) */ -#define X509_get_notBefore_const(cert) \ - ((const ASN1_TIME*) X509_get_notBefore((X509 *)cert)) -#define X509_get_notAfter_const(cert) \ - ((const ASN1_TIME*) X509_get_notAfter((X509 *)cert)) -#endif /* defined(OPENSSL_1_1_API) */ /** Return a newly allocated X509 name with commonName cname. */ static X509_NAME * @@ -329,11 +322,7 @@ tor_tls_cert_is_valid(int severity, cert_key = X509_get_pubkey(cert->cert); if (check_rsa_1024 && cert_key) { RSA *rsa = EVP_PKEY_get1_RSA(cert_key); -#ifdef OPENSSL_1_1_API if (rsa && RSA_bits(rsa) == 1024) { -#else - if (rsa && BN_num_bits(rsa->n) == 1024) { -#endif key_ok = 1; } else { log_fn(severity, LD_CRYPTO, "Invalid certificate: Key is not RSA1024."); diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c index db5a2db650..4e3099bba1 100644 --- a/src/test/test_crypto.c +++ b/src/test/test_crypto.c @@ -187,12 +187,8 @@ test_crypto_dh(void *arg) dh4 = crypto_dh_new_openssl_tls(); tt_assert(DH_generate_key(dh4)); const BIGNUM *pk=NULL; -#ifdef OPENSSL_1_1_API const BIGNUM *sk=NULL; DH_get0_key(dh4, &pk, &sk); -#else - pk = dh4->pub_key; -#endif /* defined(OPENSSL_1_1_API) */ tt_assert(pk); tt_int_op(BN_num_bytes(pk), OP_LE, DH1024_KEY_LEN); tt_int_op(BN_num_bytes(pk), OP_GT, 0); diff --git a/src/test/test_crypto_openssl.c b/src/test/test_crypto_openssl.c index 56428f2e8c..22b5bc28ee 100644 --- a/src/test/test_crypto_openssl.c +++ b/src/test/test_crypto_openssl.c @@ -49,11 +49,6 @@ test_crypto_rng_engine(void *arg) ; } -#ifndef OPENSSL_1_1_API -#define EVP_ENCODE_CTX_new() tor_malloc_zero(sizeof(EVP_ENCODE_CTX)) -#define EVP_ENCODE_CTX_free(ctx) tor_free(ctx) -#endif - /** Encode src into dest with OpenSSL's EVP Encode interface, returning the * length of the encoded data in bytes. */ diff --git a/src/test/test_tortls_openssl.c b/src/test/test_tortls_openssl.c index d33a7568af..57012f611d 100644 --- a/src/test/test_tortls_openssl.c +++ b/src/test/test_tortls_openssl.c @@ -128,12 +128,7 @@ test_tortls_tor_tls_new(void *data) static void library_init(void) { -#ifdef OPENSSL_1_1_API OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); -#else - SSL_library_init(); - SSL_load_error_strings(); -#endif /* defined(OPENSSL_1_1_API) */ } static void @@ -300,13 +295,6 @@ test_tortls_log_one_error(void *ignored) LOG_WARN, 0, NULL); expect_log_severity(LOG_INFO); -#ifndef OPENSSL_1_1_API - mock_clean_saved_logs(); - tor_tls_log_one_error(tls, ERR_PACK(1, 2, SSL_R_RECORD_TOO_LARGE), - LOG_WARN, 0, NULL); - expect_log_severity(LOG_INFO); -#endif /* !defined(OPENSSL_1_1_API) */ - mock_clean_saved_logs(); tor_tls_log_one_error(tls, ERR_PACK(1, 2, SSL_R_UNKNOWN_PROTOCOL), LOG_WARN, 0, NULL); @@ -918,11 +906,6 @@ test_tortls_block_renegotiation(void *ignored) tor_tls_block_renegotiation(tls); -#ifndef OPENSSL_1_1_API - tt_assert(!(tls->ssl->s3->flags & - SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)); -#endif - done: tor_free(tls->ssl->s3); tor_free(tls->ssl); -- 2.47.2