mirror of
https://github.com/openssl/openssl.git
synced 2024-11-21 01:15:20 +08:00
08073700cc
HPE NonStop Port Changes for 3.0.0 Includes unthreaded, PUT, and SPT for OSS. The port changes include wrapping where necessary for FLOSS and appropriate configuration changes to support that. Two tests are excluded as being inappropriate for the platform. The changes are: * Added /usr/local/include to nonstop-nsx_spt_floss to load floss.h * Added SPT Floss variant for NonStop * Wrapped FLOSS definitions in OPENSSL_TANDEM_FLOSS to allow selective enablement. * SPT build configuration for NonStop * Skip tests not relevant for NonStop * PUT configuration changes required for NonStop platforms * Configurations/50-nonstop.conf: updates for TNS/X platform. * FLOSS instrumentation for HPE NonStop TNS/X and TNS/E platforms. * Configurations/50-nonstop.conf: modifications for non-PUT TNS/E platform b * Fix use of DELAY in ssltestlib.c for HPNS. * Fixed commit merge issues and added floss to http_server.c CLA: Permission is granted by the author to the OpenSSL team to use these modifications. Fixes #5087. Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12800)
486 lines
13 KiB
C
486 lines
13 KiB
C
/*
|
|
* Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.
|
|
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
|
|
*
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
* in the file LICENSE in the source distribution or at
|
|
* https://www.openssl.org/source/license.html
|
|
*/
|
|
|
|
#include "e_os.h"
|
|
#include "crypto/cryptlib.h"
|
|
#include <openssl/safestack.h>
|
|
|
|
#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
|
|
defined(__x86_64) || defined(__x86_64__) || \
|
|
defined(_M_AMD64) || defined(_M_X64)
|
|
|
|
extern unsigned int OPENSSL_ia32cap_P[4];
|
|
|
|
# if defined(OPENSSL_CPUID_OBJ)
|
|
|
|
/*
|
|
* Purpose of these minimalistic and character-type-agnostic subroutines
|
|
* is to break dependency on MSVCRT (on Windows) and locale. This makes
|
|
* OPENSSL_cpuid_setup safe to use as "constructor". "Character-type-
|
|
* agnostic" means that they work with either wide or 8-bit characters,
|
|
* exploiting the fact that first 127 characters can be simply casted
|
|
* between the sets, while the rest would be simply rejected by ossl_is*
|
|
* subroutines.
|
|
*/
|
|
# ifdef _WIN32
|
|
typedef WCHAR variant_char;
|
|
|
|
static variant_char *ossl_getenv(const char *name)
|
|
{
|
|
/*
|
|
* Since we pull only one environment variable, it's simpler to
|
|
* to just ignore |name| and use equivalent wide-char L-literal.
|
|
* As well as to ignore excessively long values...
|
|
*/
|
|
static WCHAR value[48];
|
|
DWORD len = GetEnvironmentVariableW(L"OPENSSL_ia32cap", value, 48);
|
|
|
|
return (len > 0 && len < 48) ? value : NULL;
|
|
}
|
|
# else
|
|
typedef char variant_char;
|
|
# define ossl_getenv getenv
|
|
# endif
|
|
|
|
# include "crypto/ctype.h"
|
|
|
|
static int todigit(variant_char c)
|
|
{
|
|
if (ossl_isdigit(c))
|
|
return c - '0';
|
|
else if (ossl_isxdigit(c))
|
|
return ossl_tolower(c) - 'a' + 10;
|
|
|
|
/* return largest base value to make caller terminate the loop */
|
|
return 16;
|
|
}
|
|
|
|
static uint64_t ossl_strtouint64(const variant_char *str)
|
|
{
|
|
uint64_t ret = 0;
|
|
unsigned int digit, base = 10;
|
|
|
|
if (*str == '0') {
|
|
base = 8, str++;
|
|
if (ossl_tolower(*str) == 'x')
|
|
base = 16, str++;
|
|
}
|
|
|
|
while((digit = todigit(*str++)) < base)
|
|
ret = ret * base + digit;
|
|
|
|
return ret;
|
|
}
|
|
|
|
static variant_char *ossl_strchr(const variant_char *str, char srch)
|
|
{ variant_char c;
|
|
|
|
while((c = *str)) {
|
|
if (c == srch)
|
|
return (variant_char *)str;
|
|
str++;
|
|
}
|
|
|
|
return NULL;
|
|
}
|
|
|
|
# define OPENSSL_CPUID_SETUP
|
|
typedef uint64_t IA32CAP;
|
|
|
|
void OPENSSL_cpuid_setup(void)
|
|
{
|
|
static int trigger = 0;
|
|
IA32CAP OPENSSL_ia32_cpuid(unsigned int *);
|
|
IA32CAP vec;
|
|
const variant_char *env;
|
|
|
|
if (trigger)
|
|
return;
|
|
|
|
trigger = 1;
|
|
if ((env = ossl_getenv("OPENSSL_ia32cap")) != NULL) {
|
|
int off = (env[0] == '~') ? 1 : 0;
|
|
|
|
vec = ossl_strtouint64(env + off);
|
|
|
|
if (off) {
|
|
IA32CAP mask = vec;
|
|
vec = OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P) & ~mask;
|
|
if (mask & (1<<24)) {
|
|
/*
|
|
* User disables FXSR bit, mask even other capabilities
|
|
* that operate exclusively on XMM, so we don't have to
|
|
* double-check all the time. We mask PCLMULQDQ, AMD XOP,
|
|
* AES-NI and AVX. Formally speaking we don't have to
|
|
* do it in x86_64 case, but we can safely assume that
|
|
* x86_64 users won't actually flip this flag.
|
|
*/
|
|
vec &= ~((IA32CAP)(1<<1|1<<11|1<<25|1<<28) << 32);
|
|
}
|
|
} else if (env[0] == ':') {
|
|
vec = OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P);
|
|
}
|
|
|
|
if ((env = ossl_strchr(env, ':')) != NULL) {
|
|
IA32CAP vecx;
|
|
|
|
env++;
|
|
off = (env[0] == '~') ? 1 : 0;
|
|
vecx = ossl_strtouint64(env + off);
|
|
if (off) {
|
|
OPENSSL_ia32cap_P[2] &= ~(unsigned int)vecx;
|
|
OPENSSL_ia32cap_P[3] &= ~(unsigned int)(vecx >> 32);
|
|
} else {
|
|
OPENSSL_ia32cap_P[2] = (unsigned int)vecx;
|
|
OPENSSL_ia32cap_P[3] = (unsigned int)(vecx >> 32);
|
|
}
|
|
} else {
|
|
OPENSSL_ia32cap_P[2] = 0;
|
|
OPENSSL_ia32cap_P[3] = 0;
|
|
}
|
|
} else {
|
|
vec = OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P);
|
|
}
|
|
|
|
/*
|
|
* |(1<<10) sets a reserved bit to signal that variable
|
|
* was initialized already... This is to avoid interference
|
|
* with cpuid snippets in ELF .init segment.
|
|
*/
|
|
OPENSSL_ia32cap_P[0] = (unsigned int)vec | (1 << 10);
|
|
OPENSSL_ia32cap_P[1] = (unsigned int)(vec >> 32);
|
|
}
|
|
# else
|
|
unsigned int OPENSSL_ia32cap_P[4];
|
|
# endif
|
|
#endif
|
|
#if !defined(OPENSSL_CPUID_SETUP) && !defined(OPENSSL_CPUID_OBJ)
|
|
void OPENSSL_cpuid_setup(void)
|
|
{
|
|
}
|
|
#endif
|
|
|
|
#if defined(_WIN32)
|
|
# include <tchar.h>
|
|
# include <signal.h>
|
|
# ifdef __WATCOMC__
|
|
# if defined(_UNICODE) || defined(__UNICODE__)
|
|
# define _vsntprintf _vsnwprintf
|
|
# else
|
|
# define _vsntprintf _vsnprintf
|
|
# endif
|
|
# endif
|
|
# ifdef _MSC_VER
|
|
# define alloca _alloca
|
|
# endif
|
|
|
|
# if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
|
|
# ifdef OPENSSL_SYS_WIN_CORE
|
|
|
|
int OPENSSL_isservice(void)
|
|
{
|
|
/* OneCore API cannot interact with GUI */
|
|
return 1;
|
|
}
|
|
# else
|
|
int OPENSSL_isservice(void)
|
|
{
|
|
HWINSTA h;
|
|
DWORD len;
|
|
WCHAR *name;
|
|
static union {
|
|
void *p;
|
|
FARPROC f;
|
|
} _OPENSSL_isservice = {
|
|
NULL
|
|
};
|
|
|
|
if (_OPENSSL_isservice.p == NULL) {
|
|
HANDLE mod = GetModuleHandle(NULL);
|
|
FARPROC f = NULL;
|
|
|
|
if (mod != NULL)
|
|
f = GetProcAddress(mod, "_OPENSSL_isservice");
|
|
if (f == NULL)
|
|
_OPENSSL_isservice.p = (void *)-1;
|
|
else
|
|
_OPENSSL_isservice.f = f;
|
|
}
|
|
|
|
if (_OPENSSL_isservice.p != (void *)-1)
|
|
return (*_OPENSSL_isservice.f) ();
|
|
|
|
h = GetProcessWindowStation();
|
|
if (h == NULL)
|
|
return -1;
|
|
|
|
if (GetUserObjectInformationW(h, UOI_NAME, NULL, 0, &len) ||
|
|
GetLastError() != ERROR_INSUFFICIENT_BUFFER)
|
|
return -1;
|
|
|
|
if (len > 512)
|
|
return -1; /* paranoia */
|
|
len++, len &= ~1; /* paranoia */
|
|
name = (WCHAR *)alloca(len + sizeof(WCHAR));
|
|
if (!GetUserObjectInformationW(h, UOI_NAME, name, len, &len))
|
|
return -1;
|
|
|
|
len++, len &= ~1; /* paranoia */
|
|
name[len / sizeof(WCHAR)] = L'\0'; /* paranoia */
|
|
# if 1
|
|
/*
|
|
* This doesn't cover "interactive" services [working with real
|
|
* WinSta0's] nor programs started non-interactively by Task Scheduler
|
|
* [those are working with SAWinSta].
|
|
*/
|
|
if (wcsstr(name, L"Service-0x"))
|
|
return 1;
|
|
# else
|
|
/* This covers all non-interactive programs such as services. */
|
|
if (!wcsstr(name, L"WinSta0"))
|
|
return 1;
|
|
# endif
|
|
else
|
|
return 0;
|
|
}
|
|
# endif
|
|
# else
|
|
int OPENSSL_isservice(void)
|
|
{
|
|
return 0;
|
|
}
|
|
# endif
|
|
|
|
void OPENSSL_showfatal(const char *fmta, ...)
|
|
{
|
|
va_list ap;
|
|
TCHAR buf[256];
|
|
const TCHAR *fmt;
|
|
/*
|
|
* First check if it's a console application, in which case the
|
|
* error message would be printed to standard error.
|
|
* Windows CE does not have a concept of a console application,
|
|
* so we need to guard the check.
|
|
*/
|
|
# ifdef STD_ERROR_HANDLE
|
|
HANDLE h;
|
|
|
|
if ((h = GetStdHandle(STD_ERROR_HANDLE)) != NULL &&
|
|
GetFileType(h) != FILE_TYPE_UNKNOWN) {
|
|
/* must be console application */
|
|
int len;
|
|
DWORD out;
|
|
|
|
va_start(ap, fmta);
|
|
len = _vsnprintf((char *)buf, sizeof(buf), fmta, ap);
|
|
WriteFile(h, buf, len < 0 ? sizeof(buf) : (DWORD) len, &out, NULL);
|
|
va_end(ap);
|
|
return;
|
|
}
|
|
# endif
|
|
|
|
if (sizeof(TCHAR) == sizeof(char))
|
|
fmt = (const TCHAR *)fmta;
|
|
else
|
|
do {
|
|
int keepgoing;
|
|
size_t len_0 = strlen(fmta) + 1, i;
|
|
WCHAR *fmtw;
|
|
|
|
fmtw = (WCHAR *)alloca(len_0 * sizeof(WCHAR));
|
|
if (fmtw == NULL) {
|
|
fmt = (const TCHAR *)L"no stack?";
|
|
break;
|
|
}
|
|
if (!MultiByteToWideChar(CP_ACP, 0, fmta, len_0, fmtw, len_0))
|
|
for (i = 0; i < len_0; i++)
|
|
fmtw[i] = (WCHAR)fmta[i];
|
|
for (i = 0; i < len_0; i++) {
|
|
if (fmtw[i] == L'%')
|
|
do {
|
|
keepgoing = 0;
|
|
switch (fmtw[i + 1]) {
|
|
case L'0':
|
|
case L'1':
|
|
case L'2':
|
|
case L'3':
|
|
case L'4':
|
|
case L'5':
|
|
case L'6':
|
|
case L'7':
|
|
case L'8':
|
|
case L'9':
|
|
case L'.':
|
|
case L'*':
|
|
case L'-':
|
|
i++;
|
|
keepgoing = 1;
|
|
break;
|
|
case L's':
|
|
fmtw[i + 1] = L'S';
|
|
break;
|
|
case L'S':
|
|
fmtw[i + 1] = L's';
|
|
break;
|
|
case L'c':
|
|
fmtw[i + 1] = L'C';
|
|
break;
|
|
case L'C':
|
|
fmtw[i + 1] = L'c';
|
|
break;
|
|
}
|
|
} while (keepgoing);
|
|
}
|
|
fmt = (const TCHAR *)fmtw;
|
|
} while (0);
|
|
|
|
va_start(ap, fmta);
|
|
_vsntprintf(buf, OSSL_NELEM(buf) - 1, fmt, ap);
|
|
buf[OSSL_NELEM(buf) - 1] = _T('\0');
|
|
va_end(ap);
|
|
|
|
# if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
|
|
# ifdef OPENSSL_SYS_WIN_CORE
|
|
/* ONECORE is always NONGUI and NT >= 0x0601 */
|
|
|
|
/*
|
|
* TODO: (For non GUI and no std error cases)
|
|
* Add event logging feature here.
|
|
*/
|
|
|
|
# if !defined(NDEBUG)
|
|
/*
|
|
* We are in a situation where we tried to report a critical
|
|
* error and this failed for some reason. As a last resort,
|
|
* in debug builds, send output to the debugger or any other
|
|
* tool like DebugView which can monitor the output.
|
|
*/
|
|
OutputDebugString(buf);
|
|
# endif
|
|
# else
|
|
/* this -------------v--- guards NT-specific calls */
|
|
if (check_winnt() && OPENSSL_isservice() > 0) {
|
|
HANDLE hEventLog = RegisterEventSource(NULL, _T("OpenSSL"));
|
|
|
|
if (hEventLog != NULL) {
|
|
const TCHAR *pmsg = buf;
|
|
|
|
if (!ReportEvent(hEventLog, EVENTLOG_ERROR_TYPE, 0, 0, NULL,
|
|
1, 0, &pmsg, NULL)) {
|
|
# if !defined(NDEBUG)
|
|
/*
|
|
* We are in a situation where we tried to report a critical
|
|
* error and this failed for some reason. As a last resort,
|
|
* in debug builds, send output to the debugger or any other
|
|
* tool like DebugView which can monitor the output.
|
|
*/
|
|
OutputDebugString(pmsg);
|
|
# endif
|
|
}
|
|
|
|
(void)DeregisterEventSource(hEventLog);
|
|
}
|
|
} else {
|
|
MessageBox(NULL, buf, _T("OpenSSL: FATAL"), MB_OK | MB_ICONERROR);
|
|
}
|
|
# endif
|
|
# else
|
|
MessageBox(NULL, buf, _T("OpenSSL: FATAL"), MB_OK | MB_ICONERROR);
|
|
# endif
|
|
}
|
|
#else
|
|
void OPENSSL_showfatal(const char *fmta, ...)
|
|
{
|
|
#ifndef OPENSSL_NO_STDIO
|
|
va_list ap;
|
|
|
|
va_start(ap, fmta);
|
|
vfprintf(stderr, fmta, ap);
|
|
va_end(ap);
|
|
#endif
|
|
}
|
|
|
|
int OPENSSL_isservice(void)
|
|
{
|
|
return 0;
|
|
}
|
|
#endif
|
|
|
|
void OPENSSL_die(const char *message, const char *file, int line)
|
|
{
|
|
OPENSSL_showfatal("%s:%d: OpenSSL internal error: %s\n",
|
|
file, line, message);
|
|
#if !defined(_WIN32)
|
|
abort();
|
|
#else
|
|
/*
|
|
* Win32 abort() customarily shows a dialog, but we just did that...
|
|
*/
|
|
# if !defined(_WIN32_WCE)
|
|
raise(SIGABRT);
|
|
# endif
|
|
_exit(3);
|
|
#endif
|
|
}
|
|
|
|
#if !defined(OPENSSL_CPUID_OBJ)
|
|
/*
|
|
* The volatile is used to to ensure that the compiler generates code that reads
|
|
* all values from the array and doesn't try to optimize this away. The standard
|
|
* doesn't actually require this behavior if the original data pointed to is
|
|
* not volatile, but compilers do this in practice anyway.
|
|
*
|
|
* There are also assembler versions of this function.
|
|
*/
|
|
# undef CRYPTO_memcmp
|
|
int CRYPTO_memcmp(const void * in_a, const void * in_b, size_t len)
|
|
{
|
|
size_t i;
|
|
const volatile unsigned char *a = in_a;
|
|
const volatile unsigned char *b = in_b;
|
|
unsigned char x = 0;
|
|
|
|
for (i = 0; i < len; i++)
|
|
x |= a[i] ^ b[i];
|
|
|
|
return x;
|
|
}
|
|
|
|
/*
|
|
* For systems that don't provide an instruction counter register or equivalent.
|
|
*/
|
|
uint32_t OPENSSL_rdtsc(void)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
size_t OPENSSL_instrument_bus(unsigned int *out, size_t cnt)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
size_t OPENSSL_instrument_bus2(unsigned int *out, size_t cnt, size_t max)
|
|
{
|
|
return 0;
|
|
}
|
|
#endif
|
|
|
|
#if defined(__TANDEM) && defined(OPENSSL_VPROC)
|
|
/*
|
|
* Define a VPROC function for HP NonStop build crypto library.
|
|
* This is used by platform version identification tools.
|
|
* Do not inline this procedure or make it static.
|
|
*/
|
|
# define OPENSSL_VPROC_STRING_(x) x##_CRYPTO
|
|
# define OPENSSL_VPROC_STRING(x) OPENSSL_VPROC_STRING_(x)
|
|
# define OPENSSL_VPROC_FUNC OPENSSL_VPROC_STRING(OPENSSL_VPROC)
|
|
void OPENSSL_VPROC_FUNC(void) {}
|
|
#endif /* __TANDEM */
|