This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
Max gerrit-no-reply at lists.osmocom.orgReview at https://gerrit.osmocom.org/3821 Migrate from OpenSSL to osmo_get_rand_id() This avoids potential licensing incompatibility and makes integration of Debian packaging patches easier. Related: OS#1694 Change-Id: I2b687b7f07ef05bbd861b8479cad5a958a3dde92 --- M configure.ac M debian/control M src/gprs/Makefile.am M src/gprs/gb_proxy.c M src/gprs/gprs_gmm.c M src/gprs/gprs_llc.c M src/gprs/gprs_sgsn.c M tests/gbproxy/Makefile.am M tests/gbproxy/gbproxy_test.c M tests/sgsn/Makefile.am M tests/sgsn/sgsn_test.c M tests/sndcp_xid/Makefile.am M tests/xid/Makefile.am 13 files changed, 32 insertions(+), 58 deletions(-) git pull ssh://gerrit.osmocom.org:29418/osmo-sgsn refs/changes/21/3821/1 diff --git a/configure.ac b/configure.ac index a90a6ca..ff32d91 100644 --- a/configure.ac +++ b/configure.ac @@ -47,7 +47,6 @@ PKG_CHECK_MODULES(LIBOSMOGB, libosmogb >= 0.6.4) PKG_CHECK_MODULES(LIBOSMONETIF, libosmo-netif >= 0.0.1) PKG_CHECK_MODULES(LIBOSMOSIGTRAN, libosmo-sigtran) # TODO version? -PKG_CHECK_MODULES(LIBCRYPTO, libcrypto >= 0.9.5) # Enable/disable 3G aka IuPS + IuCS support? AC_ARG_ENABLE([iu], [AS_HELP_STRING([--enable-iu], [Build 3G support, aka IuPS and IuCS interfaces])], diff --git a/debian/control b/debian/control index 16fd244..2e50a79 100644 --- a/debian/control +++ b/debian/control @@ -9,7 +9,6 @@ automake, libtool, pkg-config, - libssl-dev, libtalloc-dev, libc-ares-dev, libgtp-dev, diff --git a/src/gprs/Makefile.am b/src/gprs/Makefile.am index 654604b..0a88c01 100644 --- a/src/gprs/Makefile.am +++ b/src/gprs/Makefile.am @@ -15,7 +15,6 @@ $(LIBOSMOGB_CFLAGS) \ $(COVERAGE_CFLAGS) \ $(LIBCARES_CFLAGS) \ - $(LIBCRYPTO_CFLAGS) \ $(LIBGTP_CFLAGS) \ $(NULL) if BUILD_IU @@ -63,7 +62,6 @@ $(NULL) osmo_gbproxy_LDADD = \ $(OSMO_LIBS) \ - $(LIBCRYPTO_LIBS) \ -lrt \ $(NULL) @@ -99,7 +97,6 @@ $(OSMO_LIBS) \ $(LIBOSMOABIS_LIBS) \ $(LIBCARES_LIBS) \ - $(LIBCRYPTO_LIBS) \ $(LIBGTP_LIBS) \ -lrt \ -lm \ diff --git a/src/gprs/gb_proxy.c b/src/gprs/gb_proxy.c index d288cb3..10a6f1d 100644 --- a/src/gprs/gb_proxy.c +++ b/src/gprs/gb_proxy.c @@ -50,8 +50,6 @@ #include <osmocom/gsm/protocol/gsm_04_08_gprs.h> #include <openbsc/gprs_utils.h> -#include <openssl/rand.h> - extern void *tall_bsc_ctx; static const struct rate_ctr_desc global_ctr_description[] = { @@ -237,7 +235,7 @@ bss_ptmsi = sgsn_ptmsi; } else { do { - if (RAND_bytes((uint8_t *) &bss_ptmsi, sizeof(bss_ptmsi)) != 1) { + if (osmo_get_rand_id((uint8_t *) &bss_ptmsi, sizeof(bss_ptmsi)) < 0) { bss_ptmsi = GSM_RESERVED_TMSI; break; } @@ -274,7 +272,7 @@ } else { do { /* create random TLLI, 0b01111xxx... */ - if (RAND_bytes((uint8_t *) &sgsn_tlli, sizeof(sgsn_tlli)) != 1) { + if (osmo_get_rand_id((uint8_t *) &sgsn_tlli, sizeof(sgsn_tlli)) < 0) { sgsn_tlli = 0; break; } diff --git a/src/gprs/gprs_gmm.c b/src/gprs/gprs_gmm.c index 7301bf1..4b46125 100644 --- a/src/gprs/gprs_gmm.c +++ b/src/gprs/gprs_gmm.c @@ -31,8 +31,6 @@ #include <arpa/inet.h> #include <netdb.h> -#include <openssl/rand.h> - #include "bscconfig.h" #include <osmocom/core/msgb.h> @@ -608,12 +606,10 @@ /* § 10.5.5.7: */ acreq->force_stby = force_standby; /* 3GPP TS 24.008 § 10.5.5.19: */ - if (RAND_bytes(&rbyte, 1) != 1) { - LOGP(DMM, LOGL_NOTICE, "RAND_bytes failed for A&C ref, falling " - "back to rand()\n"); - acreq->ac_ref_nr = rand(); - } else - acreq->ac_ref_nr = rbyte; + if (osmo_get_rand_id(&rbyte, 1) < 0) + LOGP(DMM, LOGL_ERROR, "osmo_get_rand_id() failed for A&C ref, falling back to insecure random\n"); + + acreq->ac_ref_nr = rbyte; mm->ac_ref_nr_used = acreq->ac_ref_nr; /* Only if authentication is requested we need to set RAND + CKSN */ diff --git a/src/gprs/gprs_llc.c b/src/gprs/gprs_llc.c index 904ec7e..932f223 100644 --- a/src/gprs/gprs_llc.c +++ b/src/gprs/gprs_llc.c @@ -23,8 +23,6 @@ #include <stdint.h> #include <stdbool.h> -#include <openssl/rand.h> - #include <osmocom/core/msgb.h> #include <osmocom/core/linuxlist.h> #include <osmocom/core/timer.h> @@ -1069,11 +1067,8 @@ uint8_t *xid; LOGP(DLLC, LOGL_NOTICE, "LLGM Reset\n"); - if (RAND_bytes((uint8_t *) &llme->iov_ui, 4) != 1) { - LOGP(DLLC, LOGL_NOTICE, "RAND_bytes failed for LLC XID reset, " - "falling back to rand()\n"); - llme->iov_ui = rand(); - } + if (osmo_get_rand_id((uint8_t *) &llme->iov_ui, 4) < 0) + LOGP(DLLC, LOGL_ERROR, "osmo_get_rand_id() failed for LLC XID reset, falling back to insecure random\n"); /* Generate XID message */ xid_bytes_len = gprs_llc_generate_xid_for_gmm_reset(xid_bytes, @@ -1102,11 +1097,9 @@ uint8_t *xid; LOGP(DLLC, LOGL_NOTICE, "LLGM Reset\n"); - if (RAND_bytes((uint8_t *) &llme->iov_ui, 4) != 1) { - LOGP(DLLC, LOGL_NOTICE, "RAND_bytes failed for LLC XID reset, " - "falling back to rand()\n"); - llme->iov_ui = rand(); - } + + if (osmo_get_rand_id((uint8_t *) &llme->iov_ui, 4) < 0) + LOGP(DLLC, LOGL_ERROR, "osmo_get_rand_id() failed for LLC XID reset, falling back to insecure random\n"); /* Generate XID message */ xid_bytes_len = gprs_llc_generate_xid_for_gmm_reset(xid_bytes, diff --git a/src/gprs/gprs_sgsn.c b/src/gprs/gprs_sgsn.c index 560485d..98fb3b0 100644 --- a/src/gprs/gprs_sgsn.c +++ b/src/gprs/gprs_sgsn.c @@ -46,8 +46,6 @@ #include <time.h> -#include <openssl/rand.h> - #include "../../bscconfig.h" #if BUILD_IU @@ -644,7 +642,7 @@ int max_retries = 100; restart: - if (RAND_bytes((uint8_t *) &ptmsi, sizeof(ptmsi)) != 1) + if (osmo_get_rand_id((uint8_t *) &ptmsi, sizeof(ptmsi)) < 0) goto failed; /* Enforce that the 2 MSB are set without loosing the distance between diff --git a/tests/gbproxy/Makefile.am b/tests/gbproxy/Makefile.am index 3291839..ef38fb6 100644 --- a/tests/gbproxy/Makefile.am +++ b/tests/gbproxy/Makefile.am @@ -28,7 +28,7 @@ $(NULL) gbproxy_test_LDFLAGS = \ - -Wl,--wrap=RAND_bytes \ + -Wl,--wrap=osmo_get_rand_id \ $(NULL) gbproxy_test_LDADD = \ @@ -46,6 +46,5 @@ $(LIBOSMOVTY_LIBS) \ $(LIBOSMOABIS_LIBS) \ $(LIBRARY_DL) \ - $(LIBCRYPTO_LIBS) \ -lrt \ $(NULL) diff --git a/tests/gbproxy/gbproxy_test.c b/tests/gbproxy/gbproxy_test.c index 9672dcb..ebf04e6 100644 --- a/tests/gbproxy/gbproxy_test.c +++ b/tests/gbproxy/gbproxy_test.c @@ -37,8 +37,6 @@ #include <openbsc/gprs_gb_parse.h> #include <openbsc/debug.h> -#include <openssl/rand.h> - #define REMOTE_BSS_ADDR 0x01020304 #define REMOTE_SGSN_ADDR 0x05060708 @@ -55,24 +53,24 @@ struct llist_head *received_messages = NULL; -/* override, requires '-Wl,--wrap=RAND_bytes' */ -int __real_RAND_bytes(unsigned char *buf, int num); -int mock_RAND_bytes(unsigned char *buf, int num); -int (*RAND_bytes_cb)(unsigned char *, int) = - &mock_RAND_bytes; +/* override, requires '-Wl,--wrap=osmo_get_rand_id' */ +int __real_osmo_get_rand_id(uint8_t *data, size_t len); +int mock_osmo_get_rand_id(uint8_t *data, size_t len); +int (*osmo_get_rand_id_cb)(uint8_t *, size_t) = + &mock_osmo_get_rand_id; -int __wrap_RAND_bytes(unsigned char *buf, int num) +int __wrap_osmo_get_rand_id(uint8_t *buf, size_t num) { - return (*RAND_bytes_cb)(buf, num); + return (*osmo_get_rand_id_cb)(buf, num); } static int rand_seq_num = 0; -int mock_RAND_bytes(unsigned char *buf, int num) +int mock_osmo_get_rand_id(uint8_t *buf, size_t num) { uint32_t val; OSMO_ASSERT(num == sizeof(val)); - OSMO_ASSERT(__real_RAND_bytes(buf, num) == 1); + OSMO_ASSERT(__real_osmo_get_rand_id(buf, num) == 1); val = 0x00dead00 + rand_seq_num; diff --git a/tests/sgsn/Makefile.am b/tests/sgsn/Makefile.am index 36026dd..802811d 100644 --- a/tests/sgsn/Makefile.am +++ b/tests/sgsn/Makefile.am @@ -32,7 +32,7 @@ $(NULL) sgsn_test_LDFLAGS = \ - -Wl,--wrap=RAND_bytes \ + -Wl,--wrap=osmo_get_rand_id \ -Wl,--wrap=sgsn_update_subscriber_data \ -Wl,--wrap=gprs_subscr_request_update_location \ -Wl,--wrap=gprs_subscr_request_auth_info \ @@ -67,7 +67,6 @@ $(LIBOSMOGSM_LIBS) \ $(LIBOSMOGB_LIBS) \ $(LIBCARES_LIBS) \ - $(LIBCRYPTO_LIBS) \ $(LIBGTP_LIBS) \ -lrt \ -lm \ diff --git a/tests/sgsn/sgsn_test.c b/tests/sgsn/sgsn_test.c index d66c5dd..5bf82ff 100644 --- a/tests/sgsn/sgsn_test.c +++ b/tests/sgsn/sgsn_test.c @@ -100,21 +100,21 @@ return 0; } -/* override, requires '-Wl,--wrap=RAND_bytes' */ -int __real_RAND_bytes(unsigned char *buf, int num); -int mock_RAND_bytes(unsigned char *buf, int num); -int (*RAND_bytes_cb)(unsigned char *, int) = - &mock_RAND_bytes; +/* override, requires '-Wl,--wrap=osmo_get_rand_id' */ +int __real_osmo_get_rand_id(uint8_t *data, size_t len); +int mock_osmo_get_rand_id(uint8_t *data, size_t len); +int (*osmo_get_rand_id_cb)(uint8_t *, size_t) = + &mock_osmo_get_rand_id; -int __wrap_RAND_bytes(unsigned char *buf, int num) +int __wrap_osmo_get_rand_id(uint8_t *buf, size_t num) { - return (*RAND_bytes_cb)(buf, num); + return (*osmo_get_rand_id_cb)(buf, num); } /* make results of A&C ref predictable */ -int mock_RAND_bytes(unsigned char *buf, int num) +int mock_osmo_get_rand_id(uint8_t *buf, size_t num) { if (num > 1) - return __real_RAND_bytes(buf, num); + return __real_osmo_get_rand_id(buf, num); buf[0] = 0; return 1; } diff --git a/tests/sndcp_xid/Makefile.am b/tests/sndcp_xid/Makefile.am index d09c41b..fbcb36c 100644 --- a/tests/sndcp_xid/Makefile.am +++ b/tests/sndcp_xid/Makefile.am @@ -14,7 +14,6 @@ $(LIBOSMOGSM_LIBS) \ $(LIBOSMOGB_LIBS) \ $(LIBCARES_LIBS) \ - $(LIBCRYPTO_LIBS) \ $(LIBGTP_LIBS) \ -lrt -lm diff --git a/tests/xid/Makefile.am b/tests/xid/Makefile.am index 6c3689f..92876ec 100644 --- a/tests/xid/Makefile.am +++ b/tests/xid/Makefile.am @@ -30,7 +30,6 @@ $(LIBOSMOGSM_LIBS) \ $(LIBOSMOGB_LIBS) \ $(LIBCARES_LIBS) \ - $(LIBCRYPTO_LIBS) \ $(LIBGTP_LIBS) \ -lrt \ -lm \ -- To view, visit https://gerrit.osmocom.org/3821 To unsubscribe, visit https://gerrit.osmocom.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I2b687b7f07ef05bbd861b8479cad5a958a3dde92 Gerrit-PatchSet: 1 Gerrit-Project: osmo-sgsn Gerrit-Branch: master Gerrit-Owner: Max <msuraev at sysmocom.de>