mirror of
https://github.com/dashpay/dash.git
synced 2024-12-24 03:22:47 +01:00
merge bitcoin#17265: Remove OpenSSL
This commit is contained in:
parent
946858204f
commit
2314ba4c99
@ -16,7 +16,7 @@ task:
|
||||
ccache_cache:
|
||||
folder: "/tmp/ccache_dir"
|
||||
install_script:
|
||||
- pkg install -y autoconf automake boost-libs git gmake libevent libtool openssl pkgconf python3 ccache
|
||||
- pkg install -y autoconf automake boost-libs git gmake libevent libtool pkgconf python3 ccache
|
||||
- ./contrib/install_db4.sh $(pwd)
|
||||
- ccache --max-size=${CCACHE_SIZE}
|
||||
configure_script:
|
||||
|
@ -682,13 +682,8 @@ case $host in
|
||||
dnl It's safe to add these paths even if the functionality is disabled by
|
||||
dnl the user (--without-wallet or --without-gui for example).
|
||||
|
||||
openssl_prefix=`$BREW --prefix openssl 2>/dev/null`
|
||||
bdb_prefix=`$BREW --prefix berkeley-db4 2>/dev/null`
|
||||
qt5_prefix=`$BREW --prefix qt5 2>/dev/null`
|
||||
if test x$openssl_prefix != x; then
|
||||
PKG_CONFIG_PATH="$openssl_prefix/lib/pkgconfig:$PKG_CONFIG_PATH"
|
||||
export PKG_CONFIG_PATH
|
||||
fi
|
||||
if test x$bdb_prefix != x; then
|
||||
CPPFLAGS="$CPPFLAGS -I$bdb_prefix/include"
|
||||
LIBS="$LIBS -L$bdb_prefix/lib"
|
||||
@ -1441,7 +1436,6 @@ if test x$use_pkgconfig = xyes; then
|
||||
m4_ifdef(
|
||||
[PKG_CHECK_MODULES],
|
||||
[
|
||||
PKG_CHECK_MODULES([CRYPTO], [libcrypto],,[AC_MSG_ERROR(libcrypto not found.)])
|
||||
if test x$use_qr != xno; then
|
||||
BITCOIN_QT_CHECK([PKG_CHECK_MODULES([QR], [libqrencode], [have_qrencode=yes], [have_qrencode=no])])
|
||||
fi
|
||||
@ -1464,8 +1458,6 @@ if test x$use_pkgconfig = xyes; then
|
||||
]
|
||||
)
|
||||
else
|
||||
AC_CHECK_HEADER([openssl/crypto.h],,AC_MSG_ERROR(libcrypto headers missing))
|
||||
AC_CHECK_LIB([crypto], [main],CRYPTO_LIBS=-lcrypto, AC_MSG_ERROR(libcrypto missing))
|
||||
|
||||
if test x$build_bitcoin_cli$build_bitcoind$bitcoin_enable_qt$use_tests != xnononono; then
|
||||
AC_CHECK_HEADER([event2/event.h],, AC_MSG_ERROR(libevent headers missing),)
|
||||
@ -1818,7 +1810,6 @@ AC_SUBST(BOOST_LIBS)
|
||||
AC_SUBST(TESTDEFS)
|
||||
AC_SUBST(MINIUPNPC_CPPFLAGS)
|
||||
AC_SUBST(MINIUPNPC_LIBS)
|
||||
AC_SUBST(CRYPTO_LIBS)
|
||||
AC_SUBST(GMP_LIBS)
|
||||
AC_SUBST(NATPMP_CPPFLAGS)
|
||||
AC_SUBST(NATPMP_LIBS)
|
||||
|
@ -1,88 +0,0 @@
|
||||
package=openssl
|
||||
$(package)_version=1.0.1k
|
||||
$(package)_download_path=https://www.openssl.org/source
|
||||
$(package)_file_name=$(package)-$($(package)_version).tar.gz
|
||||
$(package)_sha256_hash=8f9faeaebad088e772f4ef5e38252d472be4d878c6b3a2718c10a4fcebe7a41c
|
||||
$(package)_patches=0001-Add-OpenSSL-termios-fix-for-musl-libc.patch
|
||||
|
||||
define $(package)_set_vars
|
||||
$(package)_config_env=AR="$($(package)_ar)" RANLIB="$($(package)_ranlib)" CC="$($(package)_cc)"
|
||||
$(package)_config_opts=--prefix=$(host_prefix) --openssldir=$(host_prefix)/etc/openssl
|
||||
$(package)_config_opts+=no-camellia
|
||||
$(package)_config_opts+=no-capieng
|
||||
$(package)_config_opts+=no-cast
|
||||
$(package)_config_opts+=no-comp
|
||||
$(package)_config_opts+=no-dso
|
||||
$(package)_config_opts+=no-dtls1
|
||||
$(package)_config_opts+=no-ec_nistp_64_gcc_128
|
||||
$(package)_config_opts+=no-gost
|
||||
$(package)_config_opts+=no-gmp
|
||||
$(package)_config_opts+=no-heartbeats
|
||||
$(package)_config_opts+=no-idea
|
||||
$(package)_config_opts+=no-jpake
|
||||
$(package)_config_opts+=no-krb5
|
||||
$(package)_config_opts+=no-libunbound
|
||||
$(package)_config_opts+=no-md2
|
||||
$(package)_config_opts+=no-mdc2
|
||||
$(package)_config_opts+=no-rc4
|
||||
$(package)_config_opts+=no-rc5
|
||||
$(package)_config_opts+=no-rdrand
|
||||
$(package)_config_opts+=no-rfc3779
|
||||
$(package)_config_opts+=no-rsax
|
||||
$(package)_config_opts+=no-sctp
|
||||
$(package)_config_opts+=no-seed
|
||||
$(package)_config_opts+=no-sha0
|
||||
$(package)_config_opts+=no-shared
|
||||
$(package)_config_opts+=no-ssl-trace
|
||||
$(package)_config_opts+=no-ssl2
|
||||
$(package)_config_opts+=no-ssl3
|
||||
$(package)_config_opts+=no-static_engine
|
||||
$(package)_config_opts+=no-store
|
||||
$(package)_config_opts+=no-unit-test
|
||||
$(package)_config_opts+=no-weak-ssl-ciphers
|
||||
$(package)_config_opts+=no-whirlpool
|
||||
$(package)_config_opts+=no-zlib
|
||||
$(package)_config_opts+=no-zlib-dynamic
|
||||
$(package)_config_opts+=$($(package)_cflags) $($(package)_cppflags)
|
||||
$(package)_config_opts_linux=-fPIC -Wa,--noexecstack
|
||||
$(package)_config_opts_x86_64_linux=linux-x86_64
|
||||
$(package)_config_opts_i686_linux=linux-generic32
|
||||
$(package)_config_opts_arm_linux=linux-generic32
|
||||
$(package)_config_opts_armv7l_linux=linux-generic32
|
||||
$(package)_config_opts_aarch64_linux=linux-generic64
|
||||
$(package)_config_opts_mipsel_linux=linux-generic32
|
||||
$(package)_config_opts_mips_linux=linux-generic32
|
||||
$(package)_config_opts_powerpc_linux=linux-generic32
|
||||
$(package)_config_opts_riscv32_linux=linux-generic32
|
||||
$(package)_config_opts_riscv64_linux=linux-generic64
|
||||
$(package)_config_opts_x86_64_darwin=darwin64-x86_64-cc
|
||||
$(package)_config_opts_x86_64_mingw32=mingw64
|
||||
$(package)_config_opts_i686_mingw32=mingw
|
||||
$(package)_config_opts_android=-fPIC
|
||||
$(package)_config_opts_aarch64_android=linux-generic64
|
||||
$(package)_config_opts_x86_64_android=linux-generic64
|
||||
$(package)_config_opts_armv7a_android=linux-generic32
|
||||
$(package)_config_opts_i686_android=linux-generic32
|
||||
endef
|
||||
|
||||
define $(package)_preprocess_cmds
|
||||
patch -p1 < $($(package)_patch_dir)/0001-Add-OpenSSL-termios-fix-for-musl-libc.patch && \
|
||||
sed -i.old "/define DATE/d" util/mkbuildinf.pl && \
|
||||
sed -i.old "s|engines apps test|engines|" Makefile.org
|
||||
endef
|
||||
|
||||
define $(package)_config_cmds
|
||||
./Configure $($(package)_config_opts)
|
||||
endef
|
||||
|
||||
define $(package)_build_cmds
|
||||
$(MAKE) -j1 build_crypto libcrypto.pc libssl.pc openssl.pc
|
||||
endef
|
||||
|
||||
define $(package)_stage_cmds
|
||||
$(MAKE) INSTALL_PREFIX=$($(package)_staging_dir) -j1 install_sw
|
||||
endef
|
||||
|
||||
define $(package)_postprocess_cmds
|
||||
rm -rf share bin etc
|
||||
endef
|
@ -1,4 +1,4 @@
|
||||
packages:=boost openssl libevent gmp bls-dash backtrace cmake immer
|
||||
packages:=boost libevent gmp bls-dash backtrace cmake immer
|
||||
|
||||
qt_packages = qrencode zlib
|
||||
|
||||
|
@ -1,17 +0,0 @@
|
||||
diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c
|
||||
index a38c758..d99edc2 100644
|
||||
--- a/crypto/ui/ui_openssl.c
|
||||
+++ b/crypto/ui/ui_openssl.c
|
||||
@@ -190,9 +190,9 @@
|
||||
# undef SGTTY
|
||||
#endif
|
||||
|
||||
-#if defined(linux) && !defined(TERMIO)
|
||||
-# undef TERMIOS
|
||||
-# define TERMIO
|
||||
+#if defined(linux)
|
||||
+# define TERMIOS
|
||||
+# undef TERMIO
|
||||
# undef SGTTY
|
||||
#endif
|
||||
|
@ -81,5 +81,3 @@ The Dash Core repo's [root README](/README.md) contains relevant information on
|
||||
License
|
||||
---------------------
|
||||
Distributed under the [MIT software license](/COPYING).
|
||||
This product includes software developed by the OpenSSL Project for use in the [OpenSSL Toolkit](https://www.openssl.org/). This product includes
|
||||
cryptographic software written by Eric Young ([eay@cryptsoft.com](mailto:eay@cryptsoft.com)), and UPnP software written by Thomas Bernard.
|
||||
|
@ -104,7 +104,3 @@ The source code is available from <https://github.com/dashpay/dash>.
|
||||
This is experimental software.
|
||||
Distributed under the MIT software license, see the accompanying file COPYING
|
||||
or <https://opensource.org/licenses/MIT>
|
||||
|
||||
This product includes software developed by the OpenSSL Project for use in the
|
||||
OpenSSL Toolkit <https://www.openssl.org> and cryptographic software written by
|
||||
Eric Young and UPnP software written by Thomas Bernard.
|
||||
|
@ -875,7 +875,3 @@ The source code is available from <https://github.com/dashpay/dash>.
|
||||
This is experimental software.
|
||||
Distributed under the MIT software license, see the accompanying file COPYING
|
||||
or <https://opensource.org/licenses/MIT>
|
||||
|
||||
This product includes software developed by the OpenSSL Project for use in the
|
||||
OpenSSL Toolkit <https://www.openssl.org> and cryptographic software written by
|
||||
Eric Young and UPnP software written by Thomas Bernard.
|
||||
|
@ -112,7 +112,3 @@ The source code is available from <https://github.com/dashpay/dash>.
|
||||
This is experimental software.
|
||||
Distributed under the MIT software license, see the accompanying file COPYING
|
||||
or <https://opensource.org/licenses/MIT>
|
||||
|
||||
This product includes software developed by the OpenSSL Project for use in the
|
||||
OpenSSL Toolkit <https://www.openssl.org> and cryptographic software written by
|
||||
Eric Young and UPnP software written by Thomas Bernard.
|
||||
|
@ -62,7 +62,3 @@ The source code is available from <https://github.com/bitcoin/bitcoin>.
|
||||
This is experimental software.
|
||||
Distributed under the MIT software license, see the accompanying file COPYING
|
||||
or <https://opensource.org/licenses/MIT>
|
||||
|
||||
This product includes software developed by the OpenSSL Project for use in the
|
||||
OpenSSL Toolkit <https://www.openssl.org> and cryptographic software written by
|
||||
Eric Young and UPnP software written by Thomas Bernard.
|
||||
|
@ -827,7 +827,3 @@ The source code is available from <https://github.com/dashpay/dash>.
|
||||
This is experimental software.
|
||||
Distributed under the MIT software license, see the accompanying file COPYING
|
||||
or <https://opensource.org/licenses/MIT>
|
||||
|
||||
This product includes software developed by the OpenSSL Project for use in the
|
||||
OpenSSL Toolkit <https://www.openssl.org> and cryptographic software written by
|
||||
Eric Young and UPnP software written by Thomas Bernard.
|
||||
|
@ -40,7 +40,7 @@ else
|
||||
LIBUNIVALUE = $(UNIVALUE_LIBS)
|
||||
endif
|
||||
|
||||
BITCOIN_INCLUDES=-I$(builddir) $(BDB_CPPFLAGS) $(BOOST_CPPFLAGS) $(LEVELDB_CPPFLAGS) $(CRYPTO_CFLAGS)
|
||||
BITCOIN_INCLUDES=-I$(builddir) $(BDB_CPPFLAGS) $(BOOST_CPPFLAGS) $(LEVELDB_CPPFLAGS)
|
||||
|
||||
BITCOIN_INCLUDES += -I$(srcdir)/secp256k1/include
|
||||
BITCOIN_INCLUDES += $(UNIVALUE_CFLAGS)
|
||||
@ -767,7 +767,7 @@ dashd_LDADD = \
|
||||
$(LIBMEMENV) \
|
||||
$(LIBSECP256K1)
|
||||
|
||||
dashd_LDADD += $(BACKTRACE_LIB) $(BOOST_LIBS) $(BDB_LIBS) $(CRYPTO_LIBS) $(MINIUPNPC_LIBS) $(NATPMP_LIBS) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) $(ZMQ_LIBS) $(BLS_LIBS) $(GMP_LIBS)
|
||||
dashd_LDADD += $(BACKTRACE_LIB) $(BOOST_LIBS) $(BDB_LIBS) $(MINIUPNPC_LIBS) $(NATPMP_LIBS) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) $(ZMQ_LIBS) $(BLS_LIBS) $(GMP_LIBS)
|
||||
|
||||
# dash-cli binary #
|
||||
dash_cli_SOURCES = dash-cli.cpp
|
||||
@ -784,7 +784,7 @@ dash_cli_LDADD = \
|
||||
$(LIBUNIVALUE) \
|
||||
$(LIBBITCOIN_UTIL) \
|
||||
$(LIBBITCOIN_CRYPTO)
|
||||
dash_cli_LDADD += $(BACKTRACE_LIB) $(BOOST_LIBS) $(CRYPTO_LIBS) $(EVENT_LIBS) $(BLS_LIBS) $(GMP_LIBS)
|
||||
dash_cli_LDADD += $(BACKTRACE_LIB) $(BOOST_LIBS) $(EVENT_LIBS) $(BLS_LIBS) $(GMP_LIBS)
|
||||
#
|
||||
|
||||
# dash-tx binary #
|
||||
@ -805,7 +805,7 @@ dash_tx_LDADD = \
|
||||
$(LIBBITCOIN_CRYPTO) \
|
||||
$(LIBSECP256K1)
|
||||
|
||||
dash_tx_LDADD += $(BACKTRACE_LIB) $(BOOST_LIBS) $(CRYPTO_LIBS) $(BLS_LIBS) $(GMP_LIBS)
|
||||
dash_tx_LDADD += $(BACKTRACE_LIB) $(BOOST_LIBS) $(BLS_LIBS) $(GMP_LIBS)
|
||||
#
|
||||
|
||||
# dash-wallet binary #
|
||||
@ -836,7 +836,7 @@ dash_wallet_LDADD = \
|
||||
$(LIBSECP256K1) \
|
||||
$(LIBUNIVALUE)
|
||||
|
||||
dash_wallet_LDADD += $(BACKTRACE_LIB) $(BOOST_LIBS) $(BDB_LIBS) $(CRYPTO_LIBS) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) $(MINIUPNPC_LIBS) $(NATPMP_LIBS) $(ZMQ_LIBS) $(BLS_LIBS) $(GMP_LIBS)
|
||||
dash_wallet_LDADD += $(BACKTRACE_LIB) $(BOOST_LIBS) $(BDB_LIBS) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) $(MINIUPNPC_LIBS) $(NATPMP_LIBS) $(ZMQ_LIBS) $(BLS_LIBS) $(GMP_LIBS)
|
||||
#
|
||||
|
||||
# dashconsensus library #
|
||||
|
@ -78,7 +78,7 @@ bench_bench_dash_SOURCES += bench/coin_selection.cpp
|
||||
bench_bench_dash_SOURCES += bench/wallet_balance.cpp
|
||||
endif
|
||||
|
||||
bench_bench_dash_LDADD += $(BACKTRACE_LIB) $(BOOST_LIBS) $(BDB_LIBS) $(CRYPTO_LIBS) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) $(MINIUPNPC_LIBS) $(NATPMP_LIBS) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) $(BLS_LIBS) $(GMP_LIBS)
|
||||
bench_bench_dash_LDADD += $(BACKTRACE_LIB) $(BOOST_LIBS) $(BDB_LIBS) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) $(MINIUPNPC_LIBS) $(NATPMP_LIBS) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) $(BLS_LIBS) $(GMP_LIBS)
|
||||
bench_bench_dash_LDFLAGS = $(LDFLAGS_WRAP_EXCEPTIONS) $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
|
||||
|
||||
CLEAN_BITCOIN_BENCH = bench/*.gcda bench/*.gcno $(GENERATED_BENCH_FILES)
|
||||
|
@ -391,7 +391,6 @@ endif
|
||||
qt_dash_qt_LDADD += $(LIBBITCOIN_CLI) $(LIBBITCOIN_COMMON) $(LIBBITCOIN_UTIL) $(LIBBITCOIN_CONSENSUS) $(LIBBITCOIN_CRYPTO) $(LIBUNIVALUE) $(LIBLEVELDB) $(LIBLEVELDB_SSE42) $(LIBMEMENV) \
|
||||
$(BACKTRACE_LIB) $(BOOST_LIBS) $(QT_LIBS) $(QT_DBUS_LIBS) $(QR_LIBS) $(BDB_LIBS) $(MINIUPNPC_LIBS) $(NATPMP_LIBS) $(LIBSECP256K1) \
|
||||
$(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) $(BLS_LIBS) $(GMP_LIBS)
|
||||
qt_dash_qt_LDADD += $(CRYPTO_LIBS)
|
||||
qt_dash_qt_LDFLAGS = $(LDFLAGS_WRAP_EXCEPTIONS) $(RELDFLAGS) $(AM_LDFLAGS) $(QT_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
|
||||
qt_dash_qt_LIBTOOLFLAGS = $(AM_LIBTOOLFLAGS) --tag CXX
|
||||
|
||||
|
@ -59,7 +59,7 @@ qt_test_test_dash_qt_LDADD += $(LIBBITCOIN_ZMQ) $(ZMQ_LIBS)
|
||||
endif
|
||||
qt_test_test_dash_qt_LDADD += $(LIBBITCOIN_CLI) $(LIBBITCOIN_COMMON) $(LIBBITCOIN_UTIL) $(LIBBITCOIN_CONSENSUS) $(LIBBITCOIN_CRYPTO) $(LIBUNIVALUE) $(LIBLEVELDB) \
|
||||
$(LIBLEVELDB_SSE42) $(LIBMEMENV) $(BACKTRACE_LIB) $(BOOST_LIBS) $(QT_DBUS_LIBS) $(QT_TEST_LIBS) $(QT_LIBS) \
|
||||
$(QR_LIBS) $(BDB_LIBS) $(CRYPTO_LIBS) $(MINIUPNPC_LIBS) $(NATPMP_LIBS) $(LIBSECP256K1) \
|
||||
$(QR_LIBS) $(BDB_LIBS) $(MINIUPNPC_LIBS) $(NATPMP_LIBS) $(LIBSECP256K1) \
|
||||
$(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) $(BLS_LIBS) $(GMP_LIBS)
|
||||
qt_test_test_dash_qt_LDFLAGS = $(LDFLAGS_WRAP_EXCEPTIONS) $(RELDFLAGS) $(AM_LDFLAGS) $(QT_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
|
||||
qt_test_test_dash_qt_CXXFLAGS = $(AM_CXXFLAGS) $(QT_PIE_FLAGS)
|
||||
|
@ -130,7 +130,6 @@ FUZZ_SUITE_LD_COMMON = \
|
||||
$(LIBMEMENV) \
|
||||
$(LIBSECP256K1) \
|
||||
$(EVENT_LIBS) \
|
||||
$(CRYPTO_LIBS) \
|
||||
$(EVENT_PTHREADS_LIBS) \
|
||||
$(BLS_LIBS) \
|
||||
$(GMP_LIBS) \
|
||||
@ -260,7 +259,7 @@ test_test_dash_LDADD += $(LIBBITCOIN_SERVER) $(LIBBITCOIN_CLI) $(LIBBITCOIN_COMM
|
||||
$(LIBLEVELDB) $(LIBLEVELDB_SSE42) $(LIBMEMENV) $(BACKTRACE_LIB) $(BOOST_LIBS) $(BOOST_UNIT_TEST_FRAMEWORK_LIB) $(LIBSECP256K1) $(EVENT_LIBS) $(EVENT_PTHREADS_LIBS)
|
||||
test_test_dash_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
|
||||
|
||||
test_test_dash_LDADD += $(BDB_LIBS) $(CRYPTO_LIBS) $(MINIUPNPC_LIBS) $(NATPMP_LIBS) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) $(BLS_LIBS) $(GMP_LIBS)
|
||||
test_test_dash_LDADD += $(BDB_LIBS) $(MINIUPNPC_LIBS) $(NATPMP_LIBS) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) $(BLS_LIBS) $(GMP_LIBS)
|
||||
test_test_dash_LDFLAGS = $(LDFLAGS_WRAP_EXCEPTIONS) $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) -static
|
||||
|
||||
if ENABLE_ZMQ
|
||||
|
@ -777,9 +777,7 @@ std::string LicenseInfo()
|
||||
"\n" +
|
||||
"\n" +
|
||||
_("This is experimental software.").translated + "\n" +
|
||||
strprintf(_("Distributed under the MIT software license, see the accompanying file %s or %s").translated, "COPYING", "<https://opensource.org/licenses/MIT>") + "\n" +
|
||||
"\n" +
|
||||
strprintf(_("This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit %s and cryptographic software written by Eric Young and UPnP software written by Thomas Bernard.").translated, "<https://www.openssl.org>") +
|
||||
strprintf(_("Distributed under the MIT software license, see the accompanying file %s or %s").translated, "COPYING", "<https://opensource.org/licenses/MIT>") +
|
||||
"\n";
|
||||
}
|
||||
|
||||
|
@ -25,8 +25,6 @@
|
||||
#include <QObject>
|
||||
#include <QTest>
|
||||
|
||||
#include <openssl/ssl.h>
|
||||
|
||||
#if defined(QT_STATICPLUGIN)
|
||||
#include <QtPlugin>
|
||||
#if defined(QT_QPA_PLATFORM_MINIMAL)
|
||||
|
@ -42,9 +42,6 @@
|
||||
#include <sys/sysctl.h>
|
||||
#endif
|
||||
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/conf.h>
|
||||
|
||||
[[noreturn]] static void RandFailure()
|
||||
{
|
||||
LogPrintf("Failed to read randomness, aborting\n");
|
||||
@ -351,8 +348,6 @@ void GetOSRand(unsigned char *ent32)
|
||||
#endif
|
||||
}
|
||||
|
||||
void LockingCallbackOpenSSL(int mode, int i, const char* file, int line);
|
||||
|
||||
namespace {
|
||||
|
||||
class RNGState {
|
||||
@ -368,31 +363,15 @@ class RNGState {
|
||||
unsigned char m_state[32] GUARDED_BY(m_mutex) = {0};
|
||||
uint64_t m_counter GUARDED_BY(m_mutex) = 0;
|
||||
bool m_strongly_seeded GUARDED_BY(m_mutex) = false;
|
||||
std::unique_ptr<Mutex[]> m_mutex_openssl;
|
||||
|
||||
public:
|
||||
RNGState() noexcept
|
||||
{
|
||||
InitHardwareRand();
|
||||
|
||||
// Init OpenSSL library multithreading support
|
||||
m_mutex_openssl.reset(new Mutex[CRYPTO_num_locks()]);
|
||||
CRYPTO_set_locking_callback(LockingCallbackOpenSSL);
|
||||
|
||||
// OpenSSL can optionally load a config file which lists optional loadable modules and engines.
|
||||
// We don't use them so we don't require the config. However some of our libs may call functions
|
||||
// which attempt to load the config file, possibly resulting in an exit() or crash if it is missing
|
||||
// or corrupt. Explicitly tell OpenSSL not to try to load the file. The result for our libs will be
|
||||
// that the config appears to have been loaded and there are no modules/engines available.
|
||||
OPENSSL_no_config();
|
||||
}
|
||||
|
||||
~RNGState()
|
||||
{
|
||||
// Securely erase the memory used by the OpenSSL PRNG
|
||||
RAND_cleanup();
|
||||
// Shutdown OpenSSL library multithreading support
|
||||
CRYPTO_set_locking_callback(nullptr);
|
||||
}
|
||||
|
||||
/** Extract up to 32 bytes of entropy from the RNG state, mixing in new entropy from hasher.
|
||||
@ -428,8 +407,6 @@ public:
|
||||
memory_cleanse(buf, 64);
|
||||
return ret;
|
||||
}
|
||||
|
||||
Mutex& GetOpenSSLMutex(int i) { return m_mutex_openssl[i]; }
|
||||
};
|
||||
|
||||
RNGState& GetRNGState() noexcept
|
||||
@ -441,17 +418,6 @@ RNGState& GetRNGState() noexcept
|
||||
}
|
||||
}
|
||||
|
||||
void LockingCallbackOpenSSL(int mode, int i, const char* file, int line) NO_THREAD_SAFETY_ANALYSIS
|
||||
{
|
||||
RNGState& rng = GetRNGState();
|
||||
|
||||
if (mode & CRYPTO_LOCK) {
|
||||
rng.GetOpenSSLMutex(i).lock();
|
||||
} else {
|
||||
rng.GetOpenSSLMutex(i).unlock();
|
||||
}
|
||||
}
|
||||
|
||||
/* A note on the use of noexcept in the seeding functions below:
|
||||
*
|
||||
* None of the RNG code should ever throw any exception.
|
||||
@ -489,10 +455,6 @@ static void SeedSlow(CSHA512& hasher) noexcept
|
||||
GetOSRand(buffer);
|
||||
hasher.Write(buffer, sizeof(buffer));
|
||||
|
||||
// OpenSSL RNG (for now)
|
||||
RAND_bytes(buffer, sizeof(buffer));
|
||||
hasher.Write(buffer, sizeof(buffer));
|
||||
|
||||
// High-precision timestamp.
|
||||
//
|
||||
// Note that we also commit to a timestamp in the Fast seeder, so we indirectly commit to a
|
||||
@ -580,14 +542,6 @@ static void ProcRand(unsigned char* out, int num, RNGLevel level)
|
||||
SeedStartup(startup_hasher, rng);
|
||||
rng.MixExtract(out, num, std::move(startup_hasher), true);
|
||||
}
|
||||
|
||||
// For anything but the 'fast' level, feed the resulting RNG output (after an additional hashing step) back into OpenSSL.
|
||||
if (level != RNGLevel::FAST) {
|
||||
unsigned char buf[64];
|
||||
CSHA512().Write(out, num).Finalize(buf);
|
||||
RAND_add(buf, sizeof(buf), num);
|
||||
memory_cleanse(buf, 64);
|
||||
}
|
||||
}
|
||||
|
||||
std::chrono::microseconds GetRandMicros(std::chrono::microseconds duration_max) noexcept
|
||||
|
@ -35,7 +35,6 @@
|
||||
* that fast seeding includes, but additionally:
|
||||
* - OS entropy (/dev/urandom, getrandom(), ...). The application will terminate if
|
||||
* this entropy source fails.
|
||||
* - Bytes from OpenSSL's RNG (which itself may be seeded from various sources)
|
||||
* - Another high-precision timestamp (indirectly committing to a benchmark of all the
|
||||
* previous sources).
|
||||
* These entropy sources are slower, but designed to make sure the RNG state contains
|
||||
|
@ -70,7 +70,6 @@ namespace {
|
||||
void RandAddSeedPerfmon(CSHA512& hasher)
|
||||
{
|
||||
#ifdef WIN32
|
||||
// Don't need this on Linux, OpenSSL automatically uses /dev/urandom
|
||||
// Seed with the entire set of perfmon data
|
||||
|
||||
// This can take up to 2 seconds, so only do it every 10 minutes
|
||||
|
Loading…
Reference in New Issue
Block a user