Home Explore Help
Register Sign In
Apq
/
SoftEtherVPN
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Merge branch 'SoftEtherVPN:master' into nt-fix

siddharth-narayan 1 year ago
parent
128fefc63e 31fed5a28f
commit
27d233a522
8 changed files with 60 additions and 2 deletions
Split View Show Diff Stats
  1. 6 0
      .gitmodules
  2. 1 1
      CMakeLists.txt
  3. 2 0
      src/Mayaqua/3rdparty/Findliboqs.cmake
  4. 1 0
      src/Mayaqua/3rdparty/liboqs
  5. 1 0
      src/Mayaqua/3rdparty/oqs-provider
  6. 16 0
      src/Mayaqua/CMakeLists.txt
  7. 21 1
      src/Mayaqua/Encrypt.c
  8. 12 0
      src/Mayaqua/Network.c

+ 6 - 0
.gitmodules
View File 

@@ -10,3 +10,9 @@
 
 [submodule "src/libhamcore"]
 
 	path = src/libhamcore
 
 	url = https://github.com/SoftEtherVPN/libhamcore.git
 
+[submodule "src/Mayaqua/3rdparty/oqs-provider"]
 
+	path = src/Mayaqua/3rdparty/oqs-provider
 
+	url = https://github.com/open-quantum-safe/oqs-provider.git
 
+[submodule "src/Mayaqua/3rdparty/liboqs"]
 
+	path = src/Mayaqua/3rdparty/liboqs
 
+	url = https://github.com/open-quantum-safe/liboqs.git

+ 1 - 1
CMakeLists.txt
View File 

@@ -1,4 +1,4 @@
 
-cmake_minimum_required(VERSION 3.10)
 
+cmake_minimum_required(VERSION 3.15)
 
 
 set(BUILD_NUMBER CACHE STRING "The number of the current build.")

+ 2 - 0
src/Mayaqua/3rdparty/Findliboqs.cmake
View File 

@@ -0,0 +1,2 @@
 
+set(oqs_FOUND TRUE)
 
+add_library(OQS::oqs ALIAS oqs)

+ 1 - 0
src/Mayaqua/3rdparty/liboqs 

@@ -0,0 +1 @@
 
+Subproject commit 51ddd33cc04d12bd47c8639c1254714879f4cdf3

+ 1 - 0
src/Mayaqua/3rdparty/oqs-provider 

@@ -0,0 +1 @@
 
+Subproject commit 8f37521d5e27ab4d1e0d69a4b4a5bd17927b24b9

+ 16 - 0
src/Mayaqua/CMakeLists.txt
View File 

@@ -18,6 +18,22 @@ set_target_properties(mayaqua
 
 
 find_package(OpenSSL REQUIRED)
 
 
+if(OPENSSL_VERSION VERSION_LESS "3") # Disable oqsprovider when OpenSSL version < 3
 
+  add_definitions(-DSKIP_OQS_PROVIDER)
 
+else()
 
+  set(OQS_BUILD_ONLY_LIB ON CACHE BOOL "Set liboqs to build only the library (no tests)")
 
+  set(BUILD_TESTING OFF CACHE BOOL "By setting this to OFF, no tests or examples will be compiled.")
 
+  set(OQS_PROVIDER_BUILD_STATIC ON CACHE BOOL "Build a static library instead of a shared library") # Build oqsprovider as a static library (defaults to shared)
 
+  list(PREPEND CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/src/Mayaqua/3rdparty/")
 
+
 
+  add_subdirectory(3rdparty/liboqs)
 
+  add_subdirectory(3rdparty/oqs-provider)
 
+
 
+  target_include_directories(oqsprovider PUBLIC ${CMAKE_CURRENT_BINARY_DIR}/3rdparty/liboqs/include)
 
+  set_property(TARGET oqsprovider PROPERTY POSITION_INDEPENDENT_CODE ON)
 
+  target_link_libraries(mayaqua PRIVATE oqsprovider)
 
+endif()
 
+
 
 include(CheckSymbolExists)
 
 
 set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})

+ 21 - 1
src/Mayaqua/Encrypt.c
View File 

@@ -42,6 +42,10 @@
 
 #include <openssl/x509v3.h>

 #if OPENSSL_VERSION_NUMBER >= 0x30000000L

 #include <openssl/provider.h>

+// Static oqsprovider initialization function

+#ifndef SKIP_OQS_PROVIDER

+	extern OSSL_provider_init_fn oqs_provider_init;

+#endif

 #endif

 

 #ifdef _MSC_VER

@@ -347,6 +351,11 @@ MD *NewMdEx(char *name, bool hmac)
 
 #else

 		m->Ctx = EVP_MD_CTX_create();

 #endif

+		if (m->Ctx == NULL)

+		{

+			return NULL;

+		}

+

 		if (EVP_DigestInit_ex(m->Ctx, m->Md, NULL) == false)

 		{

 			Debug("NewMdEx(): EVP_DigestInit_ex() failed with error: %s\n", OpenSSL_Error());

@@ -4005,7 +4014,13 @@ void InitCryptLibrary()
 
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L

 	ossl_provider_default = OSSL_PROVIDER_load(NULL, "legacy");

 	ossl_provider_legacy = OSSL_PROVIDER_load(NULL, "default");

-	ossl_provider_oqsprovider = OSSL_PROVIDER_load(NULL, "oqsprovider");

+

+	char *oqs_provider_name = "oqsprovider";

+	#ifndef SKIP_OQS_PROVIDER

+		// Registers "oqsprovider" as a provider -- necessary because oqsprovider is built in now.

+		OSSL_PROVIDER_add_builtin(NULL, oqs_provider_name, oqs_provider_init); 

+	#endif

+	ossl_provider_oqsprovider = OSSL_PROVIDER_load(NULL, oqs_provider_name);

 #endif

 

 	ssl_clientcert_index = SSL_get_ex_new_index(0, "struct SslClientCertInfo *", NULL, NULL, NULL);

@@ -4594,6 +4609,11 @@ DH_CTX *DhNew(char *prime, UINT g)
 
 	dh = ZeroMalloc(sizeof(DH_CTX));

 

 	dh->dh = DH_new();

+	if (dh->dh == NULL)

+	{

+		return NULL;

+	}

+	

 #if OPENSSL_VERSION_NUMBER >= 0x10100000L

 	dhp = BinToBigNum(buf->Buf, buf->Size);

 	dhg = BN_new();

+ 12 - 0
src/Mayaqua/Network.c
View File 

@@ -11860,6 +11860,12 @@ bool StartSSLEx3(SOCK *sock, X *x, K *priv, LIST *chain, UINT ssl_timeout, char
 
 #endif

 

 		sock->ssl = SSL_new(ssl_ctx);

+

+		if (sock->ssl == NULL)

+		{

+			return false;

+		}

+

 		SSL_set_fd(sock->ssl, (int)sock->socket);

 

 #ifdef	SSL_CTRL_SET_TLSEXT_HOSTNAME

@@ -16250,6 +16256,12 @@ UINT GetOSSecurityLevel()
 
 	UINT security_level_new = 0, security_level_set_ssl_version = 0;

 	struct ssl_ctx_st *ctx = SSL_CTX_new(SSLv23_method());

 

+	if (ctx == NULL)

+	{

+		return security_level_new;

+	}

+

+

 #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

 	security_level_new = SSL_CTX_get_security_level(ctx);

 #endif