search

cloudflare / sslconfig

Cloudflare's Internet facing SSL configuration
BSD 3-Clause "New" or "Revised" License
1.3k stars 132 forks source link

Compile and test errors on Mac/clang (without CHAPOLY_X86_64_ASM) #26

Closed anirudhvr closed 7 years ago

anirudhvr commented 8 years ago

Thanks for updating the patch for the new construction!

There's a bunch of errors like this because poly1305_state poly_state is included only within the #ifdef CHAPOLY_x86_64_ASM block in e_chacha20poly1305.c:76, so compiling without ASM won't find the member.

` _chacha20poly1305.c:228:9: error: no member named 'poly_state' in 'EVP_CHACHA20_POLY1305_CTX' poly_update(aead_ctx, in, inl); ^ ~~~~ e_chacha20poly1305.c:82:59: note: expanded from macro 'poly_update'

define poly_update(c,i,l) CRYPTO_poly1305_update(&c->poly_state,i,l)

                                                      ^

e_chacha20poly1305.c:261:9: error: no member named 'poly_state' in 'EVP_CHACHA20_POLY1305_CTX' poly_update(aead_ctx, out, inl); ^ ~~~~ e_chacha20poly1305.c:82:59: note: expanded from macro 'poly_update'

define poly_update(c,i,l) CRYPTO_poly1305_update(&c->poly_state,i,l)

                                                      ^

`

After moving poly_state outside the ifdef, make test fails like so: Testing DHE-RSA-CHACHA20-POLY1305 Available compression methods: NONE ERROR in SERVER 2747899972:error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac:s3_pkt.c:532: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-CHACHA20-POLY1305, 2048 bit RSA 1 handshakes of 256 bytes done Failed DHE-RSA-CHACHA20-POLY1305 make[1]: *** [test_ssl] Error 1 make: *** [tests] Error 2

I believe these errors weren't there when I tested on x86_64 with gcc 4.9 with CHAPOLY_x86_64_ASM turned on, and probably also with ASM off after making the fix above.

I'm on OS X 10.11.3 building with Configured with clang: Apple LLVM version 6.1.0 (clang-602.0.53) (based on LLVM 3.6.0svn)

vkrasnov commented 8 years ago

Thank you.

Celti commented 8 years ago

This (or a very similar) problem also occurs building openssl 1.0.2h with gcc 6.1.1 on Linux i686 (Arch Linux).

e_chacha20poly1305.c: In function 'EVP_chacha20_poly1305_cipher':
e_chacha20poly1305.c:82:57: error: 'EVP_CHACHA20_POLY1305_CTX {aka struct <anonymous>}' has no member named 'poly_state'; did you mean 'poly_buffer'?
     #define poly_update(c,i,l) CRYPTO_poly1305_update(&c->poly_state,i,l)
                                                         ^
e_chacha20poly1305.c:228:9: note: in expansion of macro 'poly_update'
         poly_update(aead_ctx, in, inl);
         ^~~~~~~~~~~
e_chacha20poly1305.c:82:57: error: 'EVP_CHACHA20_POLY1305_CTX {aka struct <anonymous>}' has no member named 'poly_state'; did you mean 'poly_buffer'?
     #define poly_update(c,i,l) CRYPTO_poly1305_update(&c->poly_state,i,l)
                                                         ^
e_chacha20poly1305.c:261:9: note: in expansion of macro 'poly_update'
         poly_update(aead_ctx, out, inl);
         ^~~~~~~~~~~
e_chacha20poly1305.c:82:57: error: 'EVP_CHACHA20_POLY1305_CTX {aka struct <anonymous>}' has no member named 'poly_state'; did you mean 'poly_buffer'?
     #define poly_update(c,i,l) CRYPTO_poly1305_update(&c->poly_state,i,l)
                                                         ^
e_chacha20poly1305.c:273:13: note: in expansion of macro 'poly_update'
             poly_update(aead_ctx, zero, todo);
             ^~~~~~~~~~~
e_chacha20poly1305.c:82:57: error: 'EVP_CHACHA20_POLY1305_CTX {aka struct <anonymous>}' has no member named 'poly_state'; did you mean 'poly_buffer'?
     #define poly_update(c,i,l) CRYPTO_poly1305_update(&c->poly_state,i,l)
                                                         ^
e_chacha20poly1305.c:276:9: note: in expansion of macro 'poly_update'
         poly_update(aead_ctx, (uint8_t*)&aead_ctx->aad_l, sizeof(uint64_t));
         ^~~~~~~~~~~
e_chacha20poly1305.c:82:57: error: 'EVP_CHACHA20_POLY1305_CTX {aka struct <anonymous>}' has no member named 'poly_state'; did you mean 'poly_buffer'?
     #define poly_update(c,i,l) CRYPTO_poly1305_update(&c->poly_state,i,l)
                                                         ^
e_chacha20poly1305.c:277:9: note: in expansion of macro 'poly_update'
         poly_update(aead_ctx, (uint8_t*)&aead_ctx->ct_l, sizeof(uint64_t));
         ^~~~~~~~~~~
e_chacha20poly1305.c:82:57: error: 'EVP_CHACHA20_POLY1305_CTX {aka struct <anonymous>}' has no member named 'poly_state'; did you mean 'poly_buffer'?
     #define poly_update(c,i,l) CRYPTO_poly1305_update(&c->poly_state,i,l)
                                                         ^
e_chacha20poly1305.c:281:9: note: in expansion of macro 'poly_update'
         poly_update(aead_ctx, (uint8_t*)&aead_ctx->ct_l, sizeof(uint64_t));
         ^~~~~~~~~~~
e_chacha20poly1305.c:83:55: error: 'EVP_CHACHA20_POLY1305_CTX {aka struct <anonymous>}' has no member named 'poly_state'; did you mean 'poly_buffer'?
     #define poly_finish(c,m) CRYPTO_poly1305_finish(&c->poly_state,m)
                                                       ^
e_chacha20poly1305.c:286:9: note: in expansion of macro 'poly_finish'
         poly_finish(aead_ctx, &out[inl]);
         ^~~~~~~~~~~
e_chacha20poly1305.c:83:55: error: 'EVP_CHACHA20_POLY1305_CTX {aka struct <anonymous>}' has no member named 'poly_state'; did you mean 'poly_buffer'?
     #define poly_finish(c,m) CRYPTO_poly1305_finish(&c->poly_state,m)
                                                       ^
e_chacha20poly1305.c:290:9: note: in expansion of macro 'poly_finish'
         poly_finish(aead_ctx, poly_mac);
         ^~~~~~~~~~~
e_chacha20poly1305.c:292:9: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
         cmp = (*(uint64_t *)(poly_mac)) ^ (*(uint64_t *)(in + inl));
         ^~~
e_chacha20poly1305.c: In function 'EVP_chacha20_poly1305_ctrl':
e_chacha20poly1305.c:346:32: error: 'EVP_CHACHA20_POLY1305_CTX {aka struct <anonymous>}' has no member named 'poly_state'; did you mean 'poly_buffer'?
             poly_init(&aead_ctx->poly_state, aead_ctx->chacha_buffer);
                                ^~
e_chacha20poly1305.c:82:57: error: 'EVP_CHACHA20_POLY1305_CTX {aka struct <anonymous>}' has no member named 'poly_state'; did you mean 'poly_buffer'?
     #define poly_update(c,i,l) CRYPTO_poly1305_update(&c->poly_state,i,l)
                                                         ^
e_chacha20poly1305.c:367:17: note: in expansion of macro 'poly_update'
                 poly_update(aead_ctx, aad, POLY1305_PAD_LEN);
                 ^~~~~~~~~~~
e_chacha20poly1305.c:82:57: error: 'EVP_CHACHA20_POLY1305_CTX {aka struct <anonymous>}' has no member named 'poly_state'; did you mean 'poly_buffer'?
     #define poly_update(c,i,l) CRYPTO_poly1305_update(&c->poly_state,i,l)
                                                         ^
e_chacha20poly1305.c:372:17: note: in expansion of macro 'poly_update'
                 poly_update(aead_ctx, aad, arg + sizeof(thirteen));
                 ^~~~~~~~~~~
<builtin>: recipe for target 'e_chacha20poly1305.o' failed
make[2]: *** [e_chacha20poly1305.o] Error 1
make[2]: Leaving directory '/build/openssl/src/openssl-1.0.2h/crypto/evp'
Makefile:88: recipe for target 'subdirs' failed
make[1]: *** [subdirs] Error 1
make[1]: Leaving directory '/build/openssl/src/openssl-1.0.2h/crypto'
Makefile:286: recipe for target 'build_crypto' failed
make: *** [build_crypto] Error 1
anirudhvr commented 8 years ago

As I mentioned in the original comment, the fix is to move 'poly_state' outside the ifdef, but there seem to be an with the non-ASM implementation interoperating with the ASM one. I think it used to work before the update to use the newer construction. @vkrasnov any ideas?