git: 3091cdb11fb0 - main - Revert "kerberos: Fix numerous segfaults when using weak crypto"

From: Cy Schubert <cy_at_FreeBSD.org>
Date: Fri, 12 Jan 2024 07:43:34 UTC
The branch main has been updated by cy:

URL: https://cgit.FreeBSD.org/src/commit/?id=3091cdb11fb05e554a54710116be87ee1f55c287

commit 3091cdb11fb05e554a54710116be87ee1f55c287
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2024-01-12 07:39:02 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2024-01-12 07:42:33 +0000

    Revert "kerberos: Fix numerous segfaults when using weak crypto"
    
    This revision breaks Linux and MacOS cross builds because
    TARGET_ENDIANNESS is not define during bootstrapping on these
    platforms.
    
    I think the correct approach would be to separate the new
    fbsd_ossl_provider_load() and unload functions into their own
    library (instead of libroken). This avoids the less desirable
    option of including bsd.cpu.mk in secure/lib/Makefile.common,
    which does build but could complicate future work.
    
    Reported by:    jrtc27
    
    This reverts commit cb350ba7bf7ca7c4cb97ed2c20ab45af60382cfb.
---
 Makefile.inc1                                    |  7 ++--
 crypto/heimdal/lib/kadm5/create_s.c              |  4 ---
 crypto/heimdal/lib/kadm5/kadm5_locl.h            |  1 -
 crypto/heimdal/lib/krb5/context.c                |  4 ---
 crypto/heimdal/lib/krb5/crypto.c                 |  3 --
 crypto/heimdal/lib/krb5/salt.c                   |  5 ---
 crypto/heimdal/lib/roken/version-script.map      |  1 -
 kerberos5/include/crypto-headers.h               |  4 ---
 kerberos5/include/fbsd_ossl_provider.h           |  4 ---
 kerberos5/lib/libroken/Makefile                  | 11 ++-----
 kerberos5/lib/libroken/fbsd_ossl_provider_load.c | 41 ------------------------
 kerberos5/libexec/kdc/Makefile                   |  2 +-
 share/mk/src.libnames.mk                         |  2 +-
 13 files changed, 8 insertions(+), 81 deletions(-)

diff --git a/Makefile.inc1 b/Makefile.inc1
index 864b5151692f..34b49ee319ec 100644
--- a/Makefile.inc1
+++ b/Makefile.inc1
@@ -2635,10 +2635,9 @@ ${_bt}-usr.bin/grep: ${_bt}-lib/libbz2
 _other_bootstrap_tools+=lib/libz
 ${_bt}-lib/libdwarf: ${_bt}-lib/libz
 
-# libroken depends on libcrypt and libcrypto
+# libroken depends on libcrypt
 _other_bootstrap_tools+=lib/libcrypt
-_other_bootstrap_tools+=secure/lib/libcrypto
-${_bt}-lib/libroken: ${_bt}-lib/libcrypt ${_bt}-lib/libcrypto
+${_bt}-lib/libroken: ${_bt}-lib/libcrypt
 .else
 # All tools in _basic_bootstrap_tools have the same name as the subdirectory
 # so we can use :T to get the name of the symlinks that we need to create.
@@ -3284,7 +3283,7 @@ kerberos5/lib/libkrb5__L: kerberos5/lib/libasn1__L lib/libcom_err__L \
     lib/libcrypt__L secure/lib/libcrypto__L kerberos5/lib/libhx509__L \
     kerberos5/lib/libroken__L kerberos5/lib/libwind__L \
     kerberos5/lib/libheimbase__L kerberos5/lib/libheimipcc__L
-kerberos5/lib/libroken__L: lib/libcrypt__L secure/lib/libcrypto__L
+kerberos5/lib/libroken__L: lib/libcrypt__L
 kerberos5/lib/libwind__L: kerberos5/lib/libroken__L lib/libcom_err__L
 kerberos5/lib/libheimbase__L: lib/libthr__L
 kerberos5/lib/libheimipcc__L: kerberos5/lib/libroken__L kerberos5/lib/libheimbase__L lib/libthr__L
diff --git a/crypto/heimdal/lib/kadm5/create_s.c b/crypto/heimdal/lib/kadm5/create_s.c
index 267e9bbda2a0..1033ca103239 100644
--- a/crypto/heimdal/lib/kadm5/create_s.c
+++ b/crypto/heimdal/lib/kadm5/create_s.c
@@ -169,10 +169,6 @@ kadm5_s_create_principal(void *server_handle,
     ent.entry.keys.len = 0;
     ent.entry.keys.val = NULL;
 
-    ret = fbsd_ossl_provider_load();
-    if (ret)
-	goto out;
-
     ret = _kadm5_set_keys(context, &ent.entry, password);
     if (ret)
 	goto out;
diff --git a/crypto/heimdal/lib/kadm5/kadm5_locl.h b/crypto/heimdal/lib/kadm5/kadm5_locl.h
index 63b367ab7e21..68b6a5ebf024 100644
--- a/crypto/heimdal/lib/kadm5/kadm5_locl.h
+++ b/crypto/heimdal/lib/kadm5/kadm5_locl.h
@@ -79,6 +79,5 @@
 #include <der.h>
 #include <parse_units.h>
 #include "private.h"
-#include "fbsd_ossl_provider.h"
 
 #endif /* __KADM5_LOCL_H__ */
diff --git a/crypto/heimdal/lib/krb5/context.c b/crypto/heimdal/lib/krb5/context.c
index 681bc9a0982f..86bfe539b974 100644
--- a/crypto/heimdal/lib/krb5/context.c
+++ b/crypto/heimdal/lib/krb5/context.c
@@ -392,10 +392,6 @@ krb5_init_context(krb5_context *context)
     }
     HEIMDAL_MUTEX_init(p->mutex);
 
-    ret = fbsd_ossl_provider_load();
-    if(ret)
-	goto out;
-
     p->flags |= KRB5_CTX_F_HOMEDIR_ACCESS;
 
     ret = krb5_get_default_config_files(&files);
diff --git a/crypto/heimdal/lib/krb5/crypto.c b/crypto/heimdal/lib/krb5/crypto.c
index 6ee22609a4d5..67ecef62e875 100644
--- a/crypto/heimdal/lib/krb5/crypto.c
+++ b/crypto/heimdal/lib/krb5/crypto.c
@@ -2054,9 +2054,6 @@ krb5_crypto_init(krb5_context context,
 	*crypto = NULL;
 	return ret;
     }
-    ret = fbsd_ossl_provider_load();
-    if (ret)
-	return ret;
     (*crypto)->key.schedule = NULL;
     (*crypto)->num_key_usage = 0;
     (*crypto)->key_usage = NULL;
diff --git a/crypto/heimdal/lib/krb5/salt.c b/crypto/heimdal/lib/krb5/salt.c
index 2b1fbee80ab6..5e4c8a1c8572 100644
--- a/crypto/heimdal/lib/krb5/salt.c
+++ b/crypto/heimdal/lib/krb5/salt.c
@@ -43,8 +43,6 @@ krb5_salttype_to_string (krb5_context context,
     struct _krb5_encryption_type *e;
     struct salt_type *st;
 
-    (void) fbsd_ossl_provider_load();
-
     e = _krb5_find_enctype (etype);
     if (e == NULL) {
 	krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
@@ -77,8 +75,6 @@ krb5_string_to_salttype (krb5_context context,
     struct _krb5_encryption_type *e;
     struct salt_type *st;
 
-    (void) fbsd_ossl_provider_load();
-
     e = _krb5_find_enctype (etype);
     if (e == NULL) {
 	krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,
@@ -200,7 +196,6 @@ krb5_string_to_key_data_salt_opaque (krb5_context context,
 			       enctype);
 	return KRB5_PROG_ETYPE_NOSUPP;
     }
-    (void) fbsd_ossl_provider_load();
     for(st = et->keytype->string_to_key; st && st->type; st++)
 	if(st->type == salt.salttype)
 	    return (*st->string_to_key)(context, enctype, password,
diff --git a/crypto/heimdal/lib/roken/version-script.map b/crypto/heimdal/lib/roken/version-script.map
index bb2139ed74cc..72d2ea7e4f7c 100644
--- a/crypto/heimdal/lib/roken/version-script.map
+++ b/crypto/heimdal/lib/roken/version-script.map
@@ -13,7 +13,6 @@ HEIMDAL_ROKEN_1.0 {
 		ct_memcmp;
 		err;
 		errx;
-		fbsd_ossl_provider_load;
 		free_getarg_strings;
 		get_default_username;
 		get_window_size;
diff --git a/kerberos5/include/crypto-headers.h b/kerberos5/include/crypto-headers.h
index 2cc870642964..3ae0d9624ffd 100644
--- a/kerberos5/include/crypto-headers.h
+++ b/kerberos5/include/crypto-headers.h
@@ -17,9 +17,5 @@
 #include <openssl/ec.h>
 #include <openssl/ecdsa.h>
 #include <openssl/ecdh.h>
-#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
-#include <openssl/provider.h>
-#include "fbsd_ossl_provider.h"
-#endif
 
 #endif /* __crypto_headers_h__ */
diff --git a/kerberos5/include/fbsd_ossl_provider.h b/kerberos5/include/fbsd_ossl_provider.h
deleted file mode 100644
index 013983ca9f83..000000000000
--- a/kerberos5/include/fbsd_ossl_provider.h
+++ /dev/null
@@ -1,4 +0,0 @@
-#ifndef __fbsd_ossl_provider_h
-#define __fbsd_ossl_provider_h
-int  fbsd_ossl_provider_load(void);
-#endif
diff --git a/kerberos5/lib/libroken/Makefile b/kerberos5/lib/libroken/Makefile
index 24dc3a5b2c45..0c46ba6c4cb5 100644
--- a/kerberos5/lib/libroken/Makefile
+++ b/kerberos5/lib/libroken/Makefile
@@ -2,7 +2,7 @@
 PACKAGE=	kerberos-lib
 
 LIB=	roken
-LIBADD=	crypt crypto
+LIBADD=	crypt
 VERSION_MAP=	${KRB5DIR}/lib/roken/version-script.map
 INCS=	roken.h \
 	roken-common.h \
@@ -74,20 +74,15 @@ SRCS=	base64.c \
 	vis.c \
 	warnerr.c \
 	write_pid.c \
-	xfree.c \
-	fbsd_ossl_provider_load.c
+	xfree.c
 
-CFLAGS+=-I${KRB5DIR}/lib/roken \
-	-I${SRCTOP}/kerberos5/include \
-	-I${KRB5DIR}/lib/krb5 \
-	-I${SRCTOP}/crypto/openssl/include -I.
+CFLAGS+=-I${KRB5DIR}/lib/roken -I.
 
 CLEANFILES= roken.h
 
 roken.h:
 	${MAKE_ROKEN} > ${.TARGET}
 
-
 .include <bsd.lib.mk>
 
 .PATH: ${KRB5DIR}/lib/roken
diff --git a/kerberos5/lib/libroken/fbsd_ossl_provider_load.c b/kerberos5/lib/libroken/fbsd_ossl_provider_load.c
deleted file mode 100644
index f49c8746c9e4..000000000000
--- a/kerberos5/lib/libroken/fbsd_ossl_provider_load.c
+++ /dev/null
@@ -1,41 +0,0 @@
-#include <errno.h>
-#include <krb5_locl.h>
-
-static void fbsd_ossl_provider_unload(void);
-
-static OSSL_PROVIDER *legacy;
-static OSSL_PROVIDER *deflt;
-static int providers_loaded = 0;
-
-int
-fbsd_ossl_provider_load(void)
-{
-#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
-	if (providers_loaded == 0) {
-		if ((legacy = OSSL_PROVIDER_load(NULL, "legacy")) == NULL)
-			return (EINVAL);
-		if ((deflt = OSSL_PROVIDER_load(NULL, "default")) == NULL) {
-			OSSL_PROVIDER_unload(legacy);
-			return (EINVAL);
-		}
-		if (atexit(fbsd_ossl_provider_unload)) {
-			fbsd_ossl_provider_unload();
-			return (errno);
-		}
-		providers_loaded = 1;
-	}
-#endif
-	return (0);
-}
-
-static void
-fbsd_ossl_provider_unload(void)
-{
-#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
-	if (providers_loaded == 1) {
-		OSSL_PROVIDER_unload(legacy);
-		OSSL_PROVIDER_unload(deflt);
-		providers_loaded = 0;
-	}
-#endif
-}
diff --git a/kerberos5/libexec/kdc/Makefile b/kerberos5/libexec/kdc/Makefile
index 211f4f379054..41fde9115c00 100644
--- a/kerberos5/libexec/kdc/Makefile
+++ b/kerberos5/libexec/kdc/Makefile
@@ -11,7 +11,7 @@ SRCS=	config.c \
 
 CFLAGS+=-I${KRB5DIR}/lib/krb5 -I${KRB5DIR}/lib/asn1 -I${KRB5DIR}/lib/roken \
 	-I${KRB5DIR}/kdc -I${SRCTOP}/contrib/com_err ${LDAPCFLAGS}
-LIBADD=	kdc hdb krb5 roken crypt vers crypto
+LIBADD=	kdc hdb krb5 roken crypt vers
 LDFLAGS=${LDAPLDFLAGS}
 
 .include <bsd.prog.mk>
diff --git a/share/mk/src.libnames.mk b/share/mk/src.libnames.mk
index e4fd3270a3d3..33b8507a9eb9 100644
--- a/share/mk/src.libnames.mk
+++ b/share/mk/src.libnames.mk
@@ -367,7 +367,7 @@ _DP_pam+=	ssh
 .if ${MK_NIS} != "no"
 _DP_pam+=	ypclnt
 .endif
-_DP_roken=	crypt crypto
+_DP_roken=	crypt
 _DP_kadm5clnt=	com_err krb5 roken
 _DP_kadm5srv=	com_err hdb krb5 roken
 _DP_heimntlm=	crypto com_err krb5 roken