[PATCH] openbsc[master]: Migrate from OpenSSL to GnuTLS

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.

Neels Hofmeyr gerrit-no-reply at lists.osmocom.org
Fri Dec 23 14:17:35 UTC 2016


Hello Jenkins Builder,

I'd like you to reexamine a change.  Please visit

    https://gerrit.osmocom.org/1464

to look at the new patch set (#4).

Migrate from OpenSSL to GnuTLS

This avoids potential licensing incompatibility and makes integration of
Debian packaging patches easier.

Change-Id: I270c33912bf107b3c7c217d199262cc74d56ffdb
Related: OS#1694
---
M debian/control
M openbsc/configure.ac
M openbsc/src/gprs/Makefile.am
M openbsc/src/gprs/gb_proxy.c
M openbsc/src/gprs/gprs_gmm.c
M openbsc/src/gprs/gprs_llc.c
M openbsc/src/gprs/gprs_sgsn.c
M openbsc/src/libiu/Makefile.am
M openbsc/src/libmsc/Makefile.am
M openbsc/src/libmsc/auth.c
M openbsc/src/libmsc/db.c
M openbsc/src/osmo-bsc_nat/Makefile.am
M openbsc/src/osmo-bsc_nat/bsc_nat.c
M openbsc/src/osmo-nitb/Makefile.am
M openbsc/tests/channel/Makefile.am
M openbsc/tests/db/Makefile.am
M openbsc/tests/gbproxy/Makefile.am
M openbsc/tests/gbproxy/gbproxy_test.c
M openbsc/tests/mm_auth/Makefile.am
M openbsc/tests/mm_auth/mm_auth_test.c
M openbsc/tests/sgsn/Makefile.am
M openbsc/tests/sgsn/sgsn_test.c
M openbsc/tests/sndcp_xid/Makefile.am
M openbsc/tests/xid/Makefile.am
24 files changed, 92 insertions(+), 68 deletions(-)


  git pull ssh://gerrit.osmocom.org:29418/openbsc refs/changes/64/1464/4

diff --git a/debian/control b/debian/control
index 79f18df..d4ee0c2 100644
--- a/debian/control
+++ b/debian/control
@@ -14,7 +14,7 @@
                libosmo-netif-dev,
                libdbd-sqlite3,
                libpcap-dev,
-               libssl-dev,
+               libgnutls28-dev,
                libc-ares-dev,
                libsmpp34-dev
 Standards-Version: 3.9.8
diff --git a/openbsc/configure.ac b/openbsc/configure.ac
index 0753834..3bf497d 100644
--- a/openbsc/configure.ac
+++ b/openbsc/configure.ac
@@ -37,7 +37,10 @@
 PKG_CHECK_MODULES(LIBOSMOABIS, libosmoabis >= 0.2.0)
 PKG_CHECK_MODULES(LIBOSMOGB, libosmogb >= 0.6.4)
 PKG_CHECK_MODULES(LIBOSMONETIF, libosmo-netif >= 0.0.1)
-PKG_CHECK_MODULES(LIBCRYPTO, libcrypto >= 0.9.5)
+PKG_CHECK_MODULES(LIBGNUTLS, gnutls >= 3.3.0)
+
+AC_SUBST(LIBGNUTLS_CFLAGS)
+AC_SUBST(LIBGNUTLS_LIBS)
 
 # Enabke/disable the NAT?
 AC_ARG_ENABLE([nat], [AS_HELP_STRING([--enable-nat], [Build the BSC NAT. Requires SCCP])],
diff --git a/openbsc/src/gprs/Makefile.am b/openbsc/src/gprs/Makefile.am
index cff17dd..40e7feb 100644
--- a/openbsc/src/gprs/Makefile.am
+++ b/openbsc/src/gprs/Makefile.am
@@ -15,7 +15,7 @@
 	$(LIBOSMOGB_CFLAGS) \
 	$(COVERAGE_CFLAGS) \
 	$(LIBCARES_CFLAGS) \
-	$(LIBCRYPTO_CFLAGS) \
+	$(LIBGNUTLS_CFLAGS) \
 	$(LIBGTP_CFLAGS) \
 	$(NULL)
 if BUILD_IU
@@ -63,7 +63,7 @@
 osmo_gbproxy_LDADD = \
 	$(top_builddir)/src/libcommon/libcommon.a \
 	$(OSMO_LIBS) \
-	$(LIBCRYPTO_LIBS) \
+	$(LIBGNUTLS_LIBS) \
 	-lrt \
 	$(NULL)
 
@@ -98,7 +98,7 @@
 	$(OSMO_LIBS) \
 	$(LIBOSMOABIS_LIBS) \
 	$(LIBCARES_LIBS) \
-	$(LIBCRYPTO_LIBS) \
+	$(LIBGNUTLS_LIBS) \
 	-lrt \
 	-lgtp \
 	-lm \
diff --git a/openbsc/src/gprs/gb_proxy.c b/openbsc/src/gprs/gb_proxy.c
index d95139f..c16124a 100644
--- a/openbsc/src/gprs/gb_proxy.c
+++ b/openbsc/src/gprs/gb_proxy.c
@@ -51,7 +51,8 @@
 #include <osmocom/gsm/protocol/gsm_04_08_gprs.h>
 #include <openbsc/gprs_utils.h>
 
-#include <openssl/rand.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
 
 static const struct rate_ctr_desc global_ctr_description[] = {
 	{ "inv-bvci",	    "Invalid BVC Identifier          " },
@@ -236,7 +237,8 @@
 		bss_ptmsi = sgsn_ptmsi;
 	} else {
 		do {
-			if (RAND_bytes((uint8_t *) &bss_ptmsi, sizeof(bss_ptmsi)) != 1) {
+			if (gnutls_rnd(GNUTLS_RND_NONCE, (uint8_t *) &bss_ptmsi,
+				       sizeof(bss_ptmsi)) < 0) {
 				bss_ptmsi = GSM_RESERVED_TMSI;
 				break;
 			}
@@ -273,7 +275,8 @@
 	} else {
 		do {
 			/* create random TLLI, 0b01111xxx... */
-			if (RAND_bytes((uint8_t *) &sgsn_tlli, sizeof(sgsn_tlli)) != 1) {
+			if (gnutls_rnd(GNUTLS_RND_NONCE, (uint8_t *) &sgsn_tlli,
+				       sizeof(sgsn_tlli)) < 0) {
 				sgsn_tlli = 0;
 				break;
 			}
diff --git a/openbsc/src/gprs/gprs_gmm.c b/openbsc/src/gprs/gprs_gmm.c
index 363b457..1a1338a 100644
--- a/openbsc/src/gprs/gprs_gmm.c
+++ b/openbsc/src/gprs/gprs_gmm.c
@@ -31,7 +31,8 @@
 #include <arpa/inet.h>
 #include <netdb.h>
 
-#include <openssl/rand.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
 
 #include "bscconfig.h"
 
@@ -551,9 +552,9 @@
 	/* § 10.5.5.7: */
 	acreq->force_stby = force_standby;
 	/* 3GPP TS 24.008 § 10.5.5.19: */
-	if (RAND_bytes(&rbyte, 1) != 1) {
-		LOGP(DMM, LOGL_NOTICE, "RAND_bytes failed for A&C ref, falling "
-		     "back to rand()\n");
+	if (gnutls_rnd(GNUTLS_RND_NONCE, &rbyte, 1) < 0) {
+		LOGP(DMM, LOGL_NOTICE, "gnutls_rnd() failed for A&C ref, falling"
+		     " back to rand()\n");
 		acreq->ac_ref_nr = rand();
 	} else
 		acreq->ac_ref_nr = rbyte;
@@ -1195,8 +1196,8 @@
 		};
 		/* XXX: Hack to make 3G auth work with special SIM card */
 		ctx->auth_state = SGSN_AUTH_AUTHENTICATE;
-
-		RAND_bytes(tmp_rand, 16);
+		/* FIXME: check return value and propagate error */
+		gnutls_rnd(GNUTLS_RND_NONCE, tmp_rand, 16);
 
 		memset(&ctx->auth_triplet.vec, 0, sizeof(ctx->auth_triplet.vec));
 		osmo_auth_gen_vec(&ctx->auth_triplet.vec, &auth, tmp_rand);
diff --git a/openbsc/src/gprs/gprs_llc.c b/openbsc/src/gprs/gprs_llc.c
index c2c3900..47f3996 100644
--- a/openbsc/src/gprs/gprs_llc.c
+++ b/openbsc/src/gprs/gprs_llc.c
@@ -23,7 +23,8 @@
 #include <stdint.h>
 #include <stdbool.h>
 
-#include <openssl/rand.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
 
 #include <osmocom/core/msgb.h>
 #include <osmocom/core/linuxlist.h>
@@ -1070,8 +1071,8 @@
 	uint8_t *xid;
 
 	LOGP(DLLC, LOGL_NOTICE, "LLGM Reset\n");
-	if (RAND_bytes((uint8_t *) &llme->iov_ui, 4) != 1) {
-		LOGP(DLLC, LOGL_NOTICE, "RAND_bytes failed for LLC XID reset, "
+	if (gnutls_rnd(GNUTLS_RND_NONCE, (uint8_t *) &llme->iov_ui, 4) < 0) {
+		LOGP(DLLC, LOGL_NOTICE, "gnutls_rnd() failed for LLC XID reset, "
 		     "falling back to rand()\n");
 		llme->iov_ui = rand();
 	}
@@ -1103,8 +1104,8 @@
 	uint8_t *xid;
 
 	LOGP(DLLC, LOGL_NOTICE, "LLGM Reset\n");
-	if (RAND_bytes((uint8_t *) &llme->iov_ui, 4) != 1) {
-		LOGP(DLLC, LOGL_NOTICE, "RAND_bytes failed for LLC XID reset, "
+	if (gnutls_rnd(GNUTLS_RND_NONCE, (uint8_t *) &llme->iov_ui, 4) < 0) {
+		LOGP(DLLC, LOGL_NOTICE, "gnutls_rnd() failed for LLC XID reset, "
 		     "falling back to rand()\n");
 		llme->iov_ui = rand();
 	}
diff --git a/openbsc/src/gprs/gprs_sgsn.c b/openbsc/src/gprs/gprs_sgsn.c
index e85e1a9..a8f5e39 100644
--- a/openbsc/src/gprs/gprs_sgsn.c
+++ b/openbsc/src/gprs/gprs_sgsn.c
@@ -45,7 +45,8 @@
 
 #include <time.h>
 
-#include <openssl/rand.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
 
 #define GPRS_LLME_CHECK_TICK 30
 
@@ -614,7 +615,7 @@
 	int max_retries = 100;
 
 restart:
-	if (RAND_bytes((uint8_t *) &ptmsi, sizeof(ptmsi)) != 1)
+	if (gnutls_rnd(GNUTLS_RND_NONCE, (uint8_t *) &ptmsi, sizeof(ptmsi)) < 0)
 		goto failed;
 
 	/* Enforce that the 2 MSB are set without loosing the distance between
diff --git a/openbsc/src/libiu/Makefile.am b/openbsc/src/libiu/Makefile.am
index e5f9e27..0070679 100644
--- a/openbsc/src/libiu/Makefile.am
+++ b/openbsc/src/libiu/Makefile.am
@@ -7,7 +7,7 @@
 AM_CFLAGS = \
 	-Wall \
 	$(COVERAGE_CFLAGS) \
-	$(LIBCRYPTO_CFLAGS) \
+	$(LIBGNUTLS_CFLAGS) \
 	$(LIBASN1C_CFLAGS) \
 	$(LIBOSMOCORE_CFLAGS) \
 	$(LIBOSMOVTY_CFLAGS) \
diff --git a/openbsc/src/libmsc/Makefile.am b/openbsc/src/libmsc/Makefile.am
index 9d966db..20a0876 100644
--- a/openbsc/src/libmsc/Makefile.am
+++ b/openbsc/src/libmsc/Makefile.am
@@ -10,7 +10,7 @@
 	$(LIBOSMOVTY_CFLAGS) \
 	$(LIBOSMOABIS_CFLAGS) \
 	$(COVERAGE_CFLAGS) \
-	$(LIBCRYPTO_CFLAGS) \
+	$(LIBGNUTLS_CFLAGS) \
 	$(LIBSMPP34_CFLAGS) \
 	$(NULL)
 
diff --git a/openbsc/src/libmsc/auth.c b/openbsc/src/libmsc/auth.c
index 3b1fd73..f1f468f 100644
--- a/openbsc/src/libmsc/auth.c
+++ b/openbsc/src/libmsc/auth.c
@@ -27,7 +27,8 @@
 
 #include <osmocom/gsm/comp128.h>
 
-#include <openssl/rand.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
 
 #include <stdlib.h>
 
@@ -123,8 +124,10 @@
 	}
 	atuple->use_count = 1;
 
-	if (RAND_bytes(atuple->vec.rand, sizeof(atuple->vec.rand)) != 1) {
-		LOGP(DMM, LOGL_NOTICE, "RAND_bytes failed, can't generate new auth tuple\n");
+	if (gnutls_rnd(GNUTLS_RND_NONCE, atuple->vec.rand,
+		       sizeof(atuple->vec.rand)) < 0) {
+		LOGP(DMM, LOGL_NOTICE, "gnutls_rnd() failed, can't generate new"
+		     " auth tuple\n");
 		return AUTH_ERROR;
 	}
 
diff --git a/openbsc/src/libmsc/db.c b/openbsc/src/libmsc/db.c
index 5cccb32..ccd4762 100644
--- a/openbsc/src/libmsc/db.c
+++ b/openbsc/src/libmsc/db.c
@@ -40,7 +40,8 @@
 #include <osmocom/core/statistics.h>
 #include <osmocom/core/rate_ctr.h>
 
-#include <openssl/rand.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
 
 /* Semi-Private-Interface (SPI) for the subscriber code */
 void subscr_direct_free(struct gsm_subscriber *subscr);
@@ -1223,8 +1224,9 @@
 	char *tmsi_quoted;
 
 	for (;;) {
-		if (RAND_bytes((uint8_t *) &subscriber->tmsi, sizeof(subscriber->tmsi)) != 1) {
-			LOGP(DDB, LOGL_ERROR, "RAND_bytes failed\n");
+		if (gnutls_rnd(GNUTLS_RND_NONCE, (uint8_t *) &subscriber->tmsi,
+			       sizeof(subscriber->tmsi)) < 0) {
+			LOGP(DDB, LOGL_ERROR, "gnutls_rnd() failed\n");
 			return 1;
 		}
 		if (subscriber->tmsi == GSM_RESERVED_TMSI)
@@ -1303,8 +1305,9 @@
 	uint32_t try;
 
 	for (;;) {
-		if (RAND_bytes((uint8_t *) &try, sizeof(try)) != 1) {
-			LOGP(DDB, LOGL_ERROR, "RAND_bytes failed\n");
+		if (gnutls_rnd(GNUTLS_RND_NONCE, (uint8_t *) &try,
+			       sizeof(try)) < 0) {
+			LOGP(DDB, LOGL_ERROR, "gnutls_rnd() failed\n");
 			return 1;
 		}
 		if (!try) /* 0 is an invalid token */
diff --git a/openbsc/src/osmo-bsc_nat/Makefile.am b/openbsc/src/osmo-bsc_nat/Makefile.am
index be33d28..af99d11 100644
--- a/openbsc/src/osmo-bsc_nat/Makefile.am
+++ b/openbsc/src/osmo-bsc_nat/Makefile.am
@@ -13,7 +13,7 @@
 	$(LIBOSMOSCCP_CFLAGS) \
 	$(LIBOSMOABIS_CFLAGS) \
 	$(LIBOSMONETIF_CFLAGS) \
-	$(LIBCRYPTO_CFLAGS) \
+	$(LIBGNUTLS_CFLAGS) \
 	$(COVERAGE_CFLAGS) \
 	$(NULL)
 
@@ -53,6 +53,6 @@
 	$(LIBOSMOCTRL_LIBS) \
 	$(LIBOSMOABIS_LIBS) \
 	$(LIBOSMONETIF_LIBS) \
-	$(LIBCRYPTO_LIBS) \
+	$(LIBGNUTLS_LIBS) \
 	-lrt \
 	$(NULL)
diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat.c b/openbsc/src/osmo-bsc_nat/bsc_nat.c
index a4dd679..2acd292 100644
--- a/openbsc/src/osmo-bsc_nat/bsc_nat.c
+++ b/openbsc/src/osmo-bsc_nat/bsc_nat.c
@@ -74,7 +74,8 @@
 
 #include <osmocom/abis/ipa.h>
 
-#include <openssl/rand.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
 
 #include "../../bscconfig.h"
 
@@ -223,7 +224,7 @@
 	buf = v_put(buf, 0x23);
 	mrand = bsc->last_rand;
 
-	if (RAND_bytes(mrand, 16) != 1)
+	if (gnutls_rnd(GNUTLS_RND_NONCE, mrand, 16) != 1)
 		goto failed_random;
 
 	memcpy(buf, mrand, 16);
diff --git a/openbsc/src/osmo-nitb/Makefile.am b/openbsc/src/osmo-nitb/Makefile.am
index f4ef487..6474b27 100644
--- a/openbsc/src/osmo-nitb/Makefile.am
+++ b/openbsc/src/osmo-nitb/Makefile.am
@@ -40,6 +40,6 @@
 	$(LIBOSMOCTRL_LIBS) \
 	$(LIBOSMOABIS_LIBS) \
 	$(LIBSMPP34_LIBS) \
-	$(LIBCRYPTO_LIBS) \
+	$(LIBGNUTLS_LIBS) \
 	-ldbi \
 	$(NULL)
diff --git a/openbsc/tests/channel/Makefile.am b/openbsc/tests/channel/Makefile.am
index 5e9583f..0663b64 100644
--- a/openbsc/tests/channel/Makefile.am
+++ b/openbsc/tests/channel/Makefile.am
@@ -30,6 +30,6 @@
 	$(top_builddir)/src/libcommon/libcommon.a \
 	$(LIBOSMOCORE_LIBS) \
 	$(LIBOSMOGSM_LIBS) \
-	$(LIBCRYPTO_LIBS) \
+	$(LIBGNUTLS_LIBS) \
 	-ldbi \
 	$(NULL)
diff --git a/openbsc/tests/db/Makefile.am b/openbsc/tests/db/Makefile.am
index 0eed5cd..332bf09 100644
--- a/openbsc/tests/db/Makefile.am
+++ b/openbsc/tests/db/Makefile.am
@@ -43,6 +43,6 @@
 	$(LIBOSMOGSM_LIBS) \
 	$(LIBSMPP34_LIBS) \
 	$(LIBOSMOVTY_LIBS) \
-	$(LIBCRYPTO_LIBS) \
+	$(LIBGNUTLS_LIBS) \
 	-ldbi \
 	$(NULL)
diff --git a/openbsc/tests/gbproxy/Makefile.am b/openbsc/tests/gbproxy/Makefile.am
index 2dd66df..8fdefb5 100644
--- a/openbsc/tests/gbproxy/Makefile.am
+++ b/openbsc/tests/gbproxy/Makefile.am
@@ -28,7 +28,7 @@
 	$(NULL)
 
 gbproxy_test_LDFLAGS = \
-	-Wl,--wrap=RAND_bytes \
+	-Wl,--wrap=gnutls_rnd \
 	$(NULL)
 
 gbproxy_test_LDADD = \
@@ -49,6 +49,6 @@
 	$(LIBOSMOVTY_LIBS) \
 	$(LIBOSMOABIS_LIBS) \
 	$(LIBRARY_DL) \
-	$(LIBCRYPTO_LIBS) \
+	$(LIBGNUTLS_LIBS) \
 	-lrt \
 	$(NULL)
diff --git a/openbsc/tests/gbproxy/gbproxy_test.c b/openbsc/tests/gbproxy/gbproxy_test.c
index 577daa9..97a0ba9 100644
--- a/openbsc/tests/gbproxy/gbproxy_test.c
+++ b/openbsc/tests/gbproxy/gbproxy_test.c
@@ -37,7 +37,8 @@
 #include <openbsc/gprs_gb_parse.h>
 #include <openbsc/debug.h>
 
-#include <openssl/rand.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
 
 #define REMOTE_BSS_ADDR 0x01020304
 #define REMOTE_SGSN_ADDR 0x05060708
@@ -53,30 +54,30 @@
 
 struct llist_head *received_messages = NULL;
 
-/* override, requires '-Wl,--wrap=RAND_bytes' */
-int __real_RAND_bytes(unsigned char *buf, int num);
-int mock_RAND_bytes(unsigned char *buf, int num);
-int (*RAND_bytes_cb)(unsigned char *, int) =
-  &mock_RAND_bytes;
+/* override, requires '-Wl,--wrap=gnutls_rnd' */
+int __real_gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len);
+int mock_gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len);
+int (*gnutls_rnd_cb)(gnutls_rnd_level_t, void *, size_t) =
+  &mock_gnutls_rnd;
 
-int __wrap_RAND_bytes(unsigned char *buf, int num)
+int __wrap_gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len)
 {
-	return (*RAND_bytes_cb)(buf, num);
+	return (*gnutls_rnd_cb)(level, data, len);
 }
 
 static int rand_seq_num = 0;
-int mock_RAND_bytes(unsigned char *buf, int num)
+int mock_gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len)
 {
 	uint32_t val;
 
-	OSMO_ASSERT(num == sizeof(val));
-	OSMO_ASSERT(__real_RAND_bytes(buf, num) == 1);
+	OSMO_ASSERT(len == sizeof(val));
+	OSMO_ASSERT(__real_gnutls_rnd(level, data, len) == 0);
 
 	val = 0x00dead00 + rand_seq_num;
 
 	rand_seq_num++;
 
-	memcpy(buf, &val, num);
+	memcpy(data, &val, len);
 
 	return 1;
 }
diff --git a/openbsc/tests/mm_auth/Makefile.am b/openbsc/tests/mm_auth/Makefile.am
index cb35198..ea6f516 100644
--- a/openbsc/tests/mm_auth/Makefile.am
+++ b/openbsc/tests/mm_auth/Makefile.am
@@ -8,7 +8,7 @@
 	$(LIBOSMOCORE_CFLAGS) \
 	$(LIBOSMOABIS_CFLAGS) \
 	$(LIBOSMOGSM_CFLAGS) \
-	$(LIBCRYPTO_CFLAGS) \
+	$(LIBGNUTLS_CFLAGS) \
 	$(NULL)
 
 noinst_PROGRAMS = \
diff --git a/openbsc/tests/mm_auth/mm_auth_test.c b/openbsc/tests/mm_auth/mm_auth_test.c
index b8777a8..0e3817b 100644
--- a/openbsc/tests/mm_auth/mm_auth_test.c
+++ b/openbsc/tests/mm_auth/mm_auth_test.c
@@ -8,6 +8,9 @@
 #include <openbsc/gsm_subscriber.h>
 #include <openbsc/auth.h>
 
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
+
 #define min(A,B) ((A)>(B)? (B) : (A))
 
 static char *auth_tuple_str(struct gsm_auth_tuple *atuple)
@@ -120,8 +123,8 @@
 	return auth_action;
 }
 
-/* override libssl RAND_bytes() to get testable crypto results */
-int RAND_bytes(uint8_t *rand, int len)
+/* override GnuTLS' gnutls_rnd() to get testable crypto results */
+int gnutls_rnd(gnutls_rnd_level_t level, void *rand, size_t len)
 {
 	memset(rand, 23, len);
 	return 1;
diff --git a/openbsc/tests/sgsn/Makefile.am b/openbsc/tests/sgsn/Makefile.am
index f1606cb..0925995 100644
--- a/openbsc/tests/sgsn/Makefile.am
+++ b/openbsc/tests/sgsn/Makefile.am
@@ -32,7 +32,7 @@
 	$(NULL)
 
 sgsn_test_LDFLAGS = \
-	-Wl,--wrap=RAND_bytes \
+	-Wl,--wrap=gnutls_rnd \
 	-Wl,--wrap=sgsn_update_subscriber_data \
 	-Wl,--wrap=gprs_subscr_request_update_location \
 	-Wl,--wrap=gprs_subscr_request_auth_info \
@@ -66,7 +66,7 @@
 	$(LIBOSMOGSM_LIBS) \
 	$(LIBOSMOGB_LIBS) \
 	$(LIBCARES_LIBS) \
-	$(LIBCRYPTO_LIBS) \
+	$(LIBGNUTLS_LIBS) \
 	$(LIBGTP_LIBS) \
 	-lrt \
 	-lm \
diff --git a/openbsc/tests/sgsn/sgsn_test.c b/openbsc/tests/sgsn/sgsn_test.c
index b4bcaf6..843a924 100644
--- a/openbsc/tests/sgsn/sgsn_test.c
+++ b/openbsc/tests/sgsn/sgsn_test.c
@@ -37,6 +37,9 @@
 #include <osmocom/core/msgb.h>
 #include <osmocom/core/rate_ctr.h>
 
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
+
 #include <stdio.h>
 
 void *tall_bsc_ctx;
@@ -99,21 +102,22 @@
 	return 0;
 }
 
-/* override, requires '-Wl,--wrap=RAND_bytes' */
-int __real_RAND_bytes(unsigned char *buf, int num);
-int mock_RAND_bytes(unsigned char *buf, int num);
-int (*RAND_bytes_cb)(unsigned char *, int) =
-  &mock_RAND_bytes;
+/* override, requires '-Wl,--wrap=gnutls_rnd' */
+int __real_gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len);
+int mock_gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len);
+int (*gnutls_rnd_cb)(gnutls_rnd_level_t, void *, size_t) =
+  &mock_gnutls_rnd;
 
-int __wrap_RAND_bytes(unsigned char *buf, int num)
+int __wrap_gnutls_rnd(gnutls_rnd_level_t level, void *buf, size_t num)
 {
-	return (*RAND_bytes_cb)(buf, num);
+	return (*gnutls_rnd_cb)(level, buf, num);
 }
 /* make results of A&C ref predictable */
-int mock_RAND_bytes(unsigned char *buf, int num)
+int mock_gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t num)
 {
+	uint8_t *buf = (uint8_t *)data;
 	if (num > 1)
-		return __real_RAND_bytes(buf, num);
+		return __real_gnutls_rnd(level, data, num);
 	buf[0] = 0;
 	return 1;
 }
diff --git a/openbsc/tests/sndcp_xid/Makefile.am b/openbsc/tests/sndcp_xid/Makefile.am
index 99b9d1a..e9e5d6f 100644
--- a/openbsc/tests/sndcp_xid/Makefile.am
+++ b/openbsc/tests/sndcp_xid/Makefile.am
@@ -14,7 +14,7 @@
 	$(LIBOSMOGSM_LIBS) \
 	$(LIBOSMOGB_LIBS) \
 	$(LIBCARES_LIBS) \
-	$(LIBCRYPTO_LIBS) \
+	$(LIBGNUTLS_LIBS) \
 	-lgtp -lrt -lm
 
 
diff --git a/openbsc/tests/xid/Makefile.am b/openbsc/tests/xid/Makefile.am
index aaf17ed..512dade 100644
--- a/openbsc/tests/xid/Makefile.am
+++ b/openbsc/tests/xid/Makefile.am
@@ -31,7 +31,7 @@
 	$(LIBOSMOGSM_LIBS) \
 	$(LIBOSMOGB_LIBS) \
 	$(LIBCARES_LIBS) \
-	$(LIBCRYPTO_LIBS) \
+	$(LIBGNUTLS_LIBS) \
 	$(LIBGTP_LIBS) \
 	-lrt \
 	-lm \

-- 
To view, visit https://gerrit.osmocom.org/1464
To unsubscribe, visit https://gerrit.osmocom.org/settings

Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I270c33912bf107b3c7c217d199262cc74d56ffdb
Gerrit-PatchSet: 4
Gerrit-Project: openbsc
Gerrit-Branch: master
Gerrit-Owner: Max <msuraev at sysmocom.de>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: Max <msuraev at sysmocom.de>
Gerrit-Reviewer: Neels Hofmeyr <nhofmeyr at sysmocom.de>



More information about the gerrit-log mailing list