mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2024-12-26 01:59:53 +03:00
Merge branch 'SoftEtherVPN:master' into nt-fix
This commit is contained in:
commit
27d233a522
6
.gitmodules
vendored
6
.gitmodules
vendored
@ -10,3 +10,9 @@
|
|||||||
[submodule "src/libhamcore"]
|
[submodule "src/libhamcore"]
|
||||||
path = src/libhamcore
|
path = src/libhamcore
|
||||||
url = https://github.com/SoftEtherVPN/libhamcore.git
|
url = https://github.com/SoftEtherVPN/libhamcore.git
|
||||||
|
[submodule "src/Mayaqua/3rdparty/oqs-provider"]
|
||||||
|
path = src/Mayaqua/3rdparty/oqs-provider
|
||||||
|
url = https://github.com/open-quantum-safe/oqs-provider.git
|
||||||
|
[submodule "src/Mayaqua/3rdparty/liboqs"]
|
||||||
|
path = src/Mayaqua/3rdparty/liboqs
|
||||||
|
url = https://github.com/open-quantum-safe/liboqs.git
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
cmake_minimum_required(VERSION 3.10)
|
cmake_minimum_required(VERSION 3.15)
|
||||||
|
|
||||||
set(BUILD_NUMBER CACHE STRING "The number of the current build.")
|
set(BUILD_NUMBER CACHE STRING "The number of the current build.")
|
||||||
|
|
||||||
|
2
src/Mayaqua/3rdparty/Findliboqs.cmake
vendored
Normal file
2
src/Mayaqua/3rdparty/Findliboqs.cmake
vendored
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
set(oqs_FOUND TRUE)
|
||||||
|
add_library(OQS::oqs ALIAS oqs)
|
1
src/Mayaqua/3rdparty/liboqs
vendored
Submodule
1
src/Mayaqua/3rdparty/liboqs
vendored
Submodule
@ -0,0 +1 @@
|
|||||||
|
Subproject commit 51ddd33cc04d12bd47c8639c1254714879f4cdf3
|
1
src/Mayaqua/3rdparty/oqs-provider
vendored
Submodule
1
src/Mayaqua/3rdparty/oqs-provider
vendored
Submodule
@ -0,0 +1 @@
|
|||||||
|
Subproject commit 8f37521d5e27ab4d1e0d69a4b4a5bd17927b24b9
|
@ -18,6 +18,22 @@ set_target_properties(mayaqua
|
|||||||
|
|
||||||
find_package(OpenSSL REQUIRED)
|
find_package(OpenSSL REQUIRED)
|
||||||
|
|
||||||
|
if(OPENSSL_VERSION VERSION_LESS "3") # Disable oqsprovider when OpenSSL version < 3
|
||||||
|
add_definitions(-DSKIP_OQS_PROVIDER)
|
||||||
|
else()
|
||||||
|
set(OQS_BUILD_ONLY_LIB ON CACHE BOOL "Set liboqs to build only the library (no tests)")
|
||||||
|
set(BUILD_TESTING OFF CACHE BOOL "By setting this to OFF, no tests or examples will be compiled.")
|
||||||
|
set(OQS_PROVIDER_BUILD_STATIC ON CACHE BOOL "Build a static library instead of a shared library") # Build oqsprovider as a static library (defaults to shared)
|
||||||
|
list(PREPEND CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/src/Mayaqua/3rdparty/")
|
||||||
|
|
||||||
|
add_subdirectory(3rdparty/liboqs)
|
||||||
|
add_subdirectory(3rdparty/oqs-provider)
|
||||||
|
|
||||||
|
target_include_directories(oqsprovider PUBLIC ${CMAKE_CURRENT_BINARY_DIR}/3rdparty/liboqs/include)
|
||||||
|
set_property(TARGET oqsprovider PROPERTY POSITION_INDEPENDENT_CODE ON)
|
||||||
|
target_link_libraries(mayaqua PRIVATE oqsprovider)
|
||||||
|
endif()
|
||||||
|
|
||||||
include(CheckSymbolExists)
|
include(CheckSymbolExists)
|
||||||
|
|
||||||
set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
|
set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
|
||||||
|
@ -42,6 +42,10 @@
|
|||||||
#include <openssl/x509v3.h>
|
#include <openssl/x509v3.h>
|
||||||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||||
#include <openssl/provider.h>
|
#include <openssl/provider.h>
|
||||||
|
// Static oqsprovider initialization function
|
||||||
|
#ifndef SKIP_OQS_PROVIDER
|
||||||
|
extern OSSL_provider_init_fn oqs_provider_init;
|
||||||
|
#endif
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef _MSC_VER
|
#ifdef _MSC_VER
|
||||||
@ -347,6 +351,11 @@ MD *NewMdEx(char *name, bool hmac)
|
|||||||
#else
|
#else
|
||||||
m->Ctx = EVP_MD_CTX_create();
|
m->Ctx = EVP_MD_CTX_create();
|
||||||
#endif
|
#endif
|
||||||
|
if (m->Ctx == NULL)
|
||||||
|
{
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
if (EVP_DigestInit_ex(m->Ctx, m->Md, NULL) == false)
|
if (EVP_DigestInit_ex(m->Ctx, m->Md, NULL) == false)
|
||||||
{
|
{
|
||||||
Debug("NewMdEx(): EVP_DigestInit_ex() failed with error: %s\n", OpenSSL_Error());
|
Debug("NewMdEx(): EVP_DigestInit_ex() failed with error: %s\n", OpenSSL_Error());
|
||||||
@ -4005,7 +4014,13 @@ void InitCryptLibrary()
|
|||||||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||||
ossl_provider_default = OSSL_PROVIDER_load(NULL, "legacy");
|
ossl_provider_default = OSSL_PROVIDER_load(NULL, "legacy");
|
||||||
ossl_provider_legacy = OSSL_PROVIDER_load(NULL, "default");
|
ossl_provider_legacy = OSSL_PROVIDER_load(NULL, "default");
|
||||||
ossl_provider_oqsprovider = OSSL_PROVIDER_load(NULL, "oqsprovider");
|
|
||||||
|
char *oqs_provider_name = "oqsprovider";
|
||||||
|
#ifndef SKIP_OQS_PROVIDER
|
||||||
|
// Registers "oqsprovider" as a provider -- necessary because oqsprovider is built in now.
|
||||||
|
OSSL_PROVIDER_add_builtin(NULL, oqs_provider_name, oqs_provider_init);
|
||||||
|
#endif
|
||||||
|
ossl_provider_oqsprovider = OSSL_PROVIDER_load(NULL, oqs_provider_name);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
ssl_clientcert_index = SSL_get_ex_new_index(0, "struct SslClientCertInfo *", NULL, NULL, NULL);
|
ssl_clientcert_index = SSL_get_ex_new_index(0, "struct SslClientCertInfo *", NULL, NULL, NULL);
|
||||||
@ -4594,6 +4609,11 @@ DH_CTX *DhNew(char *prime, UINT g)
|
|||||||
dh = ZeroMalloc(sizeof(DH_CTX));
|
dh = ZeroMalloc(sizeof(DH_CTX));
|
||||||
|
|
||||||
dh->dh = DH_new();
|
dh->dh = DH_new();
|
||||||
|
if (dh->dh == NULL)
|
||||||
|
{
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
||||||
dhp = BinToBigNum(buf->Buf, buf->Size);
|
dhp = BinToBigNum(buf->Buf, buf->Size);
|
||||||
dhg = BN_new();
|
dhg = BN_new();
|
||||||
|
@ -11860,6 +11860,12 @@ bool StartSSLEx3(SOCK *sock, X *x, K *priv, LIST *chain, UINT ssl_timeout, char
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
sock->ssl = SSL_new(ssl_ctx);
|
sock->ssl = SSL_new(ssl_ctx);
|
||||||
|
|
||||||
|
if (sock->ssl == NULL)
|
||||||
|
{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
SSL_set_fd(sock->ssl, (int)sock->socket);
|
SSL_set_fd(sock->ssl, (int)sock->socket);
|
||||||
|
|
||||||
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
|
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
|
||||||
@ -16250,6 +16256,12 @@ UINT GetOSSecurityLevel()
|
|||||||
UINT security_level_new = 0, security_level_set_ssl_version = 0;
|
UINT security_level_new = 0, security_level_set_ssl_version = 0;
|
||||||
struct ssl_ctx_st *ctx = SSL_CTX_new(SSLv23_method());
|
struct ssl_ctx_st *ctx = SSL_CTX_new(SSLv23_method());
|
||||||
|
|
||||||
|
if (ctx == NULL)
|
||||||
|
{
|
||||||
|
return security_level_new;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||||
security_level_new = SSL_CTX_get_security_level(ctx);
|
security_level_new = SSL_CTX_get_security_level(ctx);
|
||||||
#endif
|
#endif
|
||||||
|
Loading…
Reference in New Issue
Block a user