Index: security/Makefile =================================================================== --- security/Makefile +++ security/Makefile @@ -449,6 +449,7 @@ SUBDIR += openssh-askpass SUBDIR += openssh-portable SUBDIR += openssl + SUBDIR += openssl-chelsio SUBDIR += openssl-devel SUBDIR += openssl-unsafe SUBDIR += openssl_tpm_engine Index: security/openssl-chelsio/Makefile =================================================================== --- /dev/null +++ security/openssl-chelsio/Makefile @@ -0,0 +1,164 @@ +# Created by: Dirk Froemberg +# $FreeBSD$ + +PORTNAME= openssl +PORTVERSION= 1.0.2n +PKGNAMESUFFIX= -chelsio +CATEGORIES= security devel +MASTER_SITES= http://www.openssl.org/source/ \ + ftp://ftp.cert.dfn.de/pub/tools/net/openssl/source/ +DIST_SUBDIR= ${PORTNAME}-${DISTVERSION:C/[a-z]$//} + +MAINTAINER= jhb@FreeBSD.org +COMMENT= SSL and crypto library supporting Chelsio TLS offload + +LICENSE= OpenSSL +LICENSE_FILE= ${WRKSRC}/LICENSE + +CONFLICTS_INSTALL= libressl-[0-9]* \ + libressl-devel-[0-9]* \ + openssl-devel-[0-9]* + +OPTIONS_DEFINE= PADLOCK RFC3779 THREADS ZLIB +OPTIONS_DEFAULT= ASM MD2 SCTP SSE2 SSL2 SSL3 THREADS +OPTIONS_DEFINE_amd64= EC +OPTIONS_DEFAULT_amd64= EC +TARGET_ARCH?= ${MACHINE_ARCH} +.if ${TARGET_ARCH} == "mips64el" +OPTIONS_DEFINE_mips= EC +OPTIONS_DEFAULT_mips= EC +.endif +OPTIONS_GROUP= CIPHERS HASHES OPTIMIZE PROTOCOLS +OPTIONS_GROUP_CIPHERS= EXPCIPHERS RC5 +OPTIONS_GROUP_HASHES= MD2 +OPTIONS_GROUP_OPTIMIZE= ASM SSE2 +OPTIONS_GROUP_PROTOCOLS= SCTP SSL2 SSL3 +.if ${TARGET_ARCH} == "i386" +OPTIONS_GROUP_OPTIMIZE+= I386 +.endif +OPTIONS_SUB= yes +ASM_DESC= Optimized Assembler code +CIPHERS_DESC= Cipher Suite support +EC_DESC= Optimize NIST elliptic curves +EXPCIPHERS_DESC= Include experimental ciphers +HASHES_DESC= Hash Function Support +I386_DESC= Optimize for i386 (instead of i486+) +MD2_DESC= MD2 hash (obsolete) +OPTIMIZE_DESC= Optimizations +PADLOCK_DESC= VIA Padlock support +PROTOCOLS_DESC= Protocol Support +RC5_DESC= RC5 cipher (patented) +RFC3779_DESC= RFC3779 support (BGP) +SCTP_DESC= SCTP protocol support +SSE2_DESC= Runtime SSE2 detection +SSL2_DESC= SSLv2 protocol support +SSL3_DESC= SSLv3 protocol support +ZLIB_DESC= zlib compression support + +USES= compiler cpe perl5 +USE_PERL5= build +MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=--whole-archive +MAKE_ENV+= LIBRPATH="${PREFIX}/openssl-chelsio/lib" GREP_OPTIONS= +MAKE_ENV+= SHLIBVER=${OPENSSL_SHLIBVER} +SUB_FILES= pkg-message + + +MAKE_JOBS_UNSAFE= yes + +ASM_CONFIGURE_OFF= no-asm +EC_CONFIGURE_ON= enable-ec_nistp_64_gcc_128 +EC_CONFIGURE_OFF= no-ec_nistp_64_gcc_128 +I386_CONFIGURE_ON= 386 +MD2_CONFIGURE_ON= enable-md2 +MD2_CONFIGURE_OFF= no-md2 +PADLOCK_CFLAGS= -Wno-unused-function +PADLOCK_CONFIGURE_OFF= no-padlock +PADLOCK_PATCH_SITES= http://git.alpinelinux.org/cgit/aports/plain/main/openssl/:padlock +PADLOCK_PATCHFILES= 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch:padlock \ + 1002-backport-changes-from-upstream-padlock-module.patch:padlock \ + 1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch:padlock \ + 1004-crypto-engine-autoload-padlock-dynamic-engine.patch:padlock +PADLOCK_VARS= PATCH_DIST_STRIP=-p1 +RC5_CONFIGURE_ON= enable-rc5 +RC5_CONFIGURE_OFF= no-rc5 +RFC3779_CONFIGURE_ON= enable-rfc3779 +RFC3779_CONFIGURE_OFF= no-rfc3779 +SCTP_CONFIGURE_ON= sctp +SCTP_CONFIGURE_OFF= no-sctp +SSE2_CONFIGURE_OFF= no-sse2 +SSL2_CONFIGURE_ON= enable-ssl2 +SSL2_CONFIGURE_OFF= no-ssl2 +SSL3_CONFIGURE_ON= enable-ssl3 +SSL3_CONFIGURE_OFF= no-ssl3 no-ssl3-method +SSL3_EXTRA_PATCHES_OFF= ${PATCHDIR}/extra-patch-test_testssl +THREADS_CONFIGURE_ON= threads +THREADS_CONFIGURE_OFF= no-threads +ZLIB_CONFIGURE_ON= zlib zlib-dynamic +ZLIB_CONFIGURE_OFF= no-zlib no-zlib-dynamic + +.include + +.if ${CHOSEN_COMPILER_TYPE} != gcc && ${COMPILER_VERSION} != 42 +CFLAGS+= -Werror -Qunused-arguments +.endif + +OPENSSLDIR?= /etc/ssl +PLIST_SUB+= SHLIBVER=${OPENSSL_SHLIBVER} + +.if !exists(/usr/src/sys/dev/cxgbe/tom/t4_tls.h) +BROKEN= Requires kernel sources with Chelsio TLS offload driver +.endif + +CFLAGS+= -DCHSSL_OFFLOAD=yes -DCHSSL_TLS_RX=yes -I/usr/src/sys + +.include "version.mk" + +.if ${PORT_OPTIONS:MASM} +BROKEN_sparc64= option ASM generates illegal instructions +.endif + +CONFIGURE_ARGS+= no-gmp shared + +post-patch: + ${REINPLACE_CMD} -e 's|m4 -B 8192|m4|g' \ + ${WRKSRC}/crypto/des/Makefile + ${REINPLACE_CMD} -e 's|SHLIB_VERSION_NUMBER "1.0.0"|SHLIB_VERSION_NUMBER "${OPENSSL_SHLIBVER}"|' \ + ${WRKSRC}/crypto/opensslv.h + ${REINPLACE_CMD} -e 's|ERR_R_MALLOC_ERROR|ERR_R_MALLOC_FAILURE|' \ + ${WRKSRC}/crypto/bio/bss_dgram.c +.if ${PORT_OPTIONS:MEXPCIPHERS} + ${REINPLACE_CMD} -e 's|TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0|TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1|' \ + ${WRKSRC}/ssl/tls1.h +.endif + ${GREP} -L openssl_manual_section ${WRKSRC}/doc/crypto/*.pod | ${XARGS} ${RM} + ${RM} -r ${WRKSRC}/doc/ssl/*.pod + ${REINPLACE_CMD} -e 's|pod doc/ssl/\*\.pod|pod|' ${WRKSRC}/Makefile.org + ${PATCH} -d ${WRKSRC} -p3 -s < ${PATCHDIR}/extra-patch-chssl + +do-configure: + ${REINPLACE_CMD} -e "s|options 386|options|" \ + ${WRKSRC}/config + cd ${WRKSRC} \ + && ${SETENV} CC="${CC}" FREEBSDCC="${CC}" CFLAGS="${CFLAGS}" PERL="${PERL}" \ + ./config --prefix=${PREFIX} --openssldir=${OPENSSLDIR} \ + --install_prefix=${STAGEDIR} \ + -L${PREFIX}/lib ${CONFIGURE_ARGS} + +post-configure: + ${REINPLACE_CMD} \ + -e 's|^MANDIR=.*$$|MANDIR=$$(PREFIX)/man|' \ + -e 's|$$(LIBDIR)/pkgconfig|libdata/pkgconfig|g' \ + -e 's|LIBVERSION=[^ ]* |LIBVERSION=${OPENSSL_SHLIBVER} |' \ + ${WRKSRC}/Makefile + +do-install: + ${MKDIR} ${STAGEDIR}${PREFIX}/openssl-chelsio/lib + ${INSTALL_DATA} ${WRKSRC}/libssl.so.${OPENSSL_SHLIBVER} ${STAGEDIR}${PREFIX}/openssl-chelsio/lib + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/openssl-chelsio/lib/libssl.so.${OPENSSL_SHLIBVER} + +test: build + cd ${WRKSRC} && ${MAKE} test + +regression-test: test + +.include Index: security/openssl-chelsio/distinfo =================================================================== --- /dev/null +++ security/openssl-chelsio/distinfo @@ -0,0 +1,11 @@ +TIMESTAMP = 1512655797 +SHA256 (openssl-1.0.2/openssl-1.0.2n.tar.gz) = 370babb75f278c39e0c50e8c4e7493bc0f18db6867478341a832a982fd15a8fe +SIZE (openssl-1.0.2/openssl-1.0.2n.tar.gz) = 5375802 +SHA256 (openssl-1.0.2/1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 2eddcb7ab342285cb637ce6b6be143cca835f449f35dd9bb8c7b9167ba2117a7 +SIZE (openssl-1.0.2/1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 3717 +SHA256 (openssl-1.0.2/1002-backport-changes-from-upstream-padlock-module.patch) = aee88a24622ce9d71e38deeb874e58435dcf8ff5690f56194f0e4a00fb09b260 +SIZE (openssl-1.0.2/1002-backport-changes-from-upstream-padlock-module.patch) = 5770 +SHA256 (openssl-1.0.2/1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch) = c10b8aaf56a4f4f79ca195fc587e0bb533f643e777d7a3e6fb0350399a6060ea +SIZE (openssl-1.0.2/1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch) = 20935 +SHA256 (openssl-1.0.2/1004-crypto-engine-autoload-padlock-dynamic-engine.patch) = 97eb4411d0fc0890e94bc7c2d682f68b71135da782af769ca73914b37da2b1fd +SIZE (openssl-1.0.2/1004-crypto-engine-autoload-padlock-dynamic-engine.patch) = 832 Index: security/openssl-chelsio/files/extra-patch-chssl =================================================================== --- /dev/null +++ security/openssl-chelsio/files/extra-patch-chssl @@ -0,0 +1,2092 @@ +diff --git a/crypto/openssl/ssl/Makefile b/crypto/openssl/ssl/Makefile +index 7866a3ccd77b..a4ce38b0d6c2 100644 +--- a/crypto/openssl/ssl/Makefile ++++ b/crypto/openssl/ssl/Makefile +@@ -31,7 +31,8 @@ LIBSRC= \ + ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \ + ssl_ciph.c ssl_stat.c ssl_rsa.c \ + ssl_asn1.c ssl_txt.c ssl_algs.c ssl_conf.c \ +- bio_ssl.c ssl_err.c kssl.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c ++ bio_ssl.c ssl_err.c kssl.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c \ ++ ssl_tom.c + LIBOBJ= \ + s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \ + s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s3_cbc.o \ +@@ -42,7 +43,8 @@ LIBOBJ= \ + ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \ + ssl_ciph.o ssl_stat.o ssl_rsa.o \ + ssl_asn1.o ssl_txt.o ssl_algs.o ssl_conf.o \ +- bio_ssl.o ssl_err.o kssl.o t1_reneg.o tls_srp.o t1_trce.o ssl_utst.o ++ bio_ssl.o ssl_err.o kssl.o t1_reneg.o tls_srp.o t1_trce.o ssl_utst.o \ ++ ssl_tom.o + + SRC= $(LIBSRC) + +@@ -1122,3 +1124,4 @@ tls_srp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h + tls_srp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h + tls_srp.o: ../include/openssl/tls1.h ../include/openssl/x509.h + tls_srp.o: ../include/openssl/x509_vfy.h ssl_locl.h tls_srp.c ++ssl_tom.o: ../include/openssl/x509_vfy.h ssl_tom.c +diff --git a/crypto/openssl/ssl/d1_clnt.c b/crypto/openssl/ssl/d1_clnt.c +index 76451a346d86..cd2b6759377e 100644 +--- a/crypto/openssl/ssl/d1_clnt.c ++++ b/crypto/openssl/ssl/d1_clnt.c +@@ -127,6 +127,9 @@ + #ifndef OPENSSL_NO_DH + # include + #endif ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++#include "ssl_tom.h" ++#endif + + static const SSL_METHOD *dtls1_get_client_method(int ver); + static int dtls1_get_hello_verify(SSL *s); +@@ -615,6 +618,10 @@ int dtls1_connect(SSL *s) + + case SSL3_ST_CW_FINISHED_A: + case SSL3_ST_CW_FINISHED_B: ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++ if (SSL_ofld(s)) ++ chssl_program_hwkey_context(s, KEY_WRITE_TX, SSL_ST_CONNECT); ++#endif + if (!s->hit) + dtls1_start_timer(s); + ret = ssl3_send_finished(s, +@@ -700,6 +707,10 @@ int dtls1_connect(SSL *s) + SSL3_ST_CR_FINISHED_B); + if (ret <= 0) + goto end; ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++ if (SSL_ofld_rx(s)) ++ chssl_program_hwkey_context(s, KEY_WRITE_RX,SSL_ST_CONNECT); ++#endif + dtls1_stop_timer(s); + + if (s->hit) +diff --git a/crypto/openssl/ssl/d1_pkt.c b/crypto/openssl/ssl/d1_pkt.c +index 10586fee5408..ee76f6020ca0 100644 +--- a/crypto/openssl/ssl/d1_pkt.c ++++ b/crypto/openssl/ssl/d1_pkt.c +@@ -121,6 +121,9 @@ + #include + #include + #include ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++#include "ssl_tom.h" ++#endif + + /* mod 128 saturating subtract of two 64-bit values in big-endian order */ + static int satsub64be(const unsigned char *v1, const unsigned char *v2) +@@ -503,6 +506,10 @@ static int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap) + /* decrypt in place in 'rr->input' */ + rr->data = rr->input; + ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++ if (!(SSL_enc_offload(s) && SSL_ofld_vers(s) && SSL_ofld_rx(s))) ++ { ++#endif + enc_err = s->method->ssl3_enc->enc(s, 0); + /*- + * enc_err is: +@@ -516,6 +523,9 @@ static int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap) + s->packet_length = 0; + goto err; + } ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++ } ++#endif + #ifdef TLS_DEBUG + printf("dec %d\n", rr->length); + { +@@ -528,7 +538,11 @@ static int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap) + + /* r->length is now the compressed data plus mac */ + if ((sess != NULL) && +- (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL)) { ++ (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL) ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++ && !(SSL_mac_offload(s) && SSL_ofld_vers(s) && SSL_ofld_rx(s)) ++#endif ++ ) { + /* s->read_hash != NULL => mac_size != -1 */ + unsigned char *mac = NULL; + unsigned char mac_tmp[EVP_MAX_MD_SIZE]; +@@ -684,6 +698,13 @@ int dtls1_get_record(SSL *s) + goto again; + } + ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++ #define SSL3_RT_CHERROR 127 ++ if (SSL_ofld_vers(s) && SSL_ofld_rx(s) && (*(p) == SSL3_RT_CHERROR)) { ++ s->rstate = SSL_ST_READ_ERROR; ++ } ++ else ++#endif + s->rstate = SSL_ST_READ_BODY; + + p = s->packet; +@@ -733,11 +754,27 @@ int dtls1_get_record(SSL *s) + /* now s->rstate == SSL_ST_READ_BODY */ + } + ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++ if (SSL_Chelsio_ofld(s) && SSL_ofld_rx(s)) { ++ if (s->rstate == SSL_ST_READ_ERROR) { ++ i = rr->length; ++ n = ssl3_read_n(s, i, i, 1); ++ s->rstate = SSL_ST_READ_HEADER; ++ if (n<=0) return n; ++ chssl_process_cherror(s); ++ printf("%s rstate SSL_ST_READ_ERROR \n",__func__); ++ goto again; ++ } ++ } ++ /* this may not be required len in Hdr = '13bytes + decrypted payload' */ ++#endif ++ + /* s->rstate == SSL_ST_READ_BODY, get and decode the data */ + + if (rr->length > s->packet_length - DTLS1_RT_HEADER_LENGTH) { + /* now s->packet_length == DTLS1_RT_HEADER_LENGTH */ + i = rr->length; ++ printf("%s i:%d rrl:%d pl:%d\n",__func__,i,rr->length,s->packet_length); + n = ssl3_read_n(s, i, i, 1); + /* this packet contained a partial record, dump it */ + if (n != i) { +@@ -1680,7 +1717,11 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, + p += 10; + + /* Explicit IV length, block ciphers appropriate version flag */ +- if (s->enc_write_ctx) { ++ if (s->enc_write_ctx ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++ && !(SSL_enc_offload(s) && SSL_ofld_vers(s) && SSL_Tx_keys(s)) ++#endif ++ ) { + int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx); + if (mode == EVP_CIPH_CBC_MODE) { + eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx); +@@ -1721,7 +1762,11 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, + * wb->buf + */ + +- if (mac_size != 0) { ++ if (mac_size != 0 ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++ && !(SSL_enc_offload(s) && SSL_ofld_vers(s) && SSL_Tx_keys(s)) ++#endif ++ ) { + if (s->method->ssl3_enc->mac(s, &(p[wr->length + eivlen]), 1) < 0) + goto err; + wr->length += mac_size; +@@ -1734,8 +1779,14 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, + if (eivlen) + wr->length += eivlen; + ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++ if (!(SSL_enc_offload(s) && SSL_ofld_vers(s) && SSL_Tx_keys(s))) { ++#endif + if (s->method->ssl3_enc->enc(s, 1) < 1) + goto err; ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++ } ++#endif + + /* record length after mac and block padding */ + /* +diff --git a/crypto/openssl/ssl/d1_srvr.c b/crypto/openssl/ssl/d1_srvr.c +index 8502b242e51c..4f2f8d8b3bfa 100644 +--- a/crypto/openssl/ssl/d1_srvr.c ++++ b/crypto/openssl/ssl/d1_srvr.c +@@ -125,6 +125,9 @@ + #ifndef OPENSSL_NO_DH + # include + #endif ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++#include "ssl_tom.h" ++#endif + + static const SSL_METHOD *dtls1_get_server_method(int ver); + static int dtls1_send_hello_verify_request(SSL *s); +@@ -752,6 +755,10 @@ int dtls1_accept(SSL *s) + SSL3_ST_SR_FINISHED_B); + if (ret <= 0) + goto end; ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++ if (SSL_ofld_rx(s)) ++ chssl_program_hwkey_context(s, KEY_WRITE_RX, SSL_ST_ACCEPT); ++#endif + dtls1_stop_timer(s); + if (s->hit) + s->state = SSL_ST_OK; +@@ -812,8 +819,14 @@ int dtls1_accept(SSL *s) + 0, NULL); + } + #endif +- ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++ if (SSL_ofld(s)) { ++ s->s3->tmp.next_state = SSL3_ST_SW_FINISHED_A; ++ s->state = SSL3_ST_SW_FLUSH; ++ } else { + s->state = SSL3_ST_SW_FINISHED_A; ++ } ++#endif + s->init_num = 0; + + if (!s->method->ssl3_enc->change_cipher_state(s, +@@ -829,6 +842,10 @@ int dtls1_accept(SSL *s) + + case SSL3_ST_SW_FINISHED_A: + case SSL3_ST_SW_FINISHED_B: ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS) ++ if (SSL_ofld(s)) ++ chssl_program_hwkey_context(s, KEY_WRITE_TX, SSL_ST_ACCEPT); ++#endif + ret = ssl3_send_finished(s, + SSL3_ST_SW_FINISHED_A, + SSL3_ST_SW_FINISHED_B, +diff --git a/crypto/openssl/ssl/s23_clnt.c b/crypto/openssl/ssl/s23_clnt.c +index add8c9916c8f..53e13c6fe81d 100644 +--- a/crypto/openssl/ssl/s23_clnt.c ++++ b/crypto/openssl/ssl/s23_clnt.c +@@ -115,6 +115,9 @@ + #include + #include + #include ++#ifdef CHSSL_OFFLOAD ++#include "ssl_tom.h" ++#endif + + static const SSL_METHOD *ssl23_get_client_method(int ver); + static int ssl23_client_hello(SSL *s); +@@ -221,6 +224,10 @@ int ssl23_connect(SSL *s) + ret = ssl23_client_hello(s); + if (ret <= 0) + goto end; ++#ifdef CHSSL_OFFLOAD ++ if (chssl_new(s)) ++ ssl_tls_offload(s); ++#endif + s->state = SSL23_ST_CR_SRVR_HELLO_A; + s->init_num = 0; + +diff --git a/crypto/openssl/ssl/s23_srvr.c b/crypto/openssl/ssl/s23_srvr.c +index d3f6db15ccee..15f4736277c2 100644 +--- a/crypto/openssl/ssl/s23_srvr.c ++++ b/crypto/openssl/ssl/s23_srvr.c +@@ -118,6 +118,9 @@ + #ifdef OPENSSL_FIPS + # include + #endif ++#ifdef CHSSL_OFFLOAD ++#include "ssl_tom.h" ++#endif + + static const SSL_METHOD *ssl23_get_server_method(int ver); + int ssl23_get_client_hello(SSL *s); +@@ -181,6 +184,10 @@ int ssl23_accept(SSL *s) + + /* s->version=SSL3_VERSION; */ + s->type = SSL_ST_ACCEPT; ++#ifdef CHSSL_OFFLOAD ++ if (chssl_new(s)) ++ ssl_tls_offload(s); ++#endif + + if (s->init_buf == NULL) { + if ((buf = BUF_MEM_new()) == NULL) { +diff --git a/crypto/openssl/ssl/s3_both.c b/crypto/openssl/ssl/s3_both.c +index 054ded1c9903..24885ba86db1 100644 +--- a/crypto/openssl/ssl/s3_both.c ++++ b/crypto/openssl/ssl/s3_both.c +@@ -123,6 +123,9 @@ + #include + #include + #include ++#ifdef CHSSL_OFFLOAD ++#include "ssl_tom.h" ++#endif + + /* + * send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or +@@ -131,6 +134,9 @@ + int ssl3_do_write(SSL *s, int type) + { + int ret; ++#ifdef TLS_DEBUG ++ printf("%s type:%d len:%d \n",__func__,type,s->init_num); ++#endif + + ret = ssl3_write_bytes(s, type, &s->init_buf->data[s->init_off], + s->init_num); +@@ -161,6 +167,9 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen) + unsigned char *p; + int i; + unsigned long l; ++#ifdef TLS_DEBUG ++ printf("ssl3_send_finished: state:%x a:%x b%x slen:%d M:%x s:%p\n",s->state,a,b,slen,s->method->version,s); ++#endif + + if (s->state == a) { + p = ssl_handshake_start(s); +@@ -168,6 +177,9 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen) + i = s->method->ssl3_enc->final_finish_mac(s, + sender, slen, + s->s3->tmp.finish_md); ++#ifdef TLS_DEBUG ++ printf("ssl3_send_finished: i:%d slen:%d ver:%x s:%p\n",i,slen,s->method->version,s); ++#endif + if (i <= 0) + return 0; + s->s3->tmp.finish_md_len = i; +@@ -244,10 +256,22 @@ int ssl3_get_finished(SSL *s, int a, int b) + * spec message and is in s->s3->tmp.peer_finish_md + */ + #endif ++#ifdef TLS_DEBUG ++ printf("Enter %s \n",__func__); ++#endif + + /* 64 argument should actually be 36+4 :-) */ ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX) ++ /* XXX: Why a smaller maximum message size? */ ++ if (SSL_ofld_rx(s)) ++ n = s->method->ssl_get_message(s, a, b, SSL3_MT_FINISHED, 16, &ok); ++ else ++#endif + n = s->method->ssl_get_message(s, a, b, SSL3_MT_FINISHED, 64, &ok); + ++#ifdef TLS_DEBUG ++ printf("%s ok:%d n:%d \n",__func__,ok,n); ++#endif + if (!ok) + return ((int)n); + +@@ -346,6 +370,9 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) + unsigned long l; + long n; + int i, al; ++#ifdef TLS_DEBUG ++ printf("ssl3_get_message st1:%d stn:%d mt:%d max:%d\n",st1,stn,mt,max); ++#endif + + if (s->s3->tmp.reuse_message) { + s->s3->tmp.reuse_message = 0; +diff --git a/crypto/openssl/ssl/s3_clnt.c b/crypto/openssl/ssl/s3_clnt.c +index 5b8b2da59f54..e7b319ffe497 100644 +--- a/crypto/openssl/ssl/s3_clnt.c ++++ b/crypto/openssl/ssl/s3_clnt.c +@@ -166,6 +166,9 @@ + #ifndef OPENSSL_NO_ENGINE + # include + #endif ++#ifdef CHSSL_OFFLOAD ++#include "ssl_tom.h" ++#endif + + static int ca_dn_cmp(const X509_NAME *const *a, const X509_NAME *const *b); + #ifndef OPENSSL_NO_TLSEXT +@@ -299,12 +302,22 @@ int ssl3_connect(SSL *s) + ret = ssl3_client_hello(s); + if (ret <= 0) + goto end; ++#ifdef CHSSL_OFFLOAD ++ if (chssl_new(s) || SSL_ofld_vers(s)) ++ ssl_tls_offload(s); ++#endif + s->state = SSL3_ST_CR_SRVR_HELLO_A; + s->init_num = 0; + + /* turn on buffering for the next lot of output */ ++#ifdef CHSSL_OFFLOAD ++ if (!(SSL_ofld(s) && s->renegotiate)) { ++#endif + if (s->bbio != s->wbio) + s->wbio = BIO_push(s->bbio, s->wbio); ++#ifdef CHSSL_OFFLOAD ++ } ++#endif + + break; + +@@ -485,6 +498,14 @@ int ssl3_connect(SSL *s) + else + s->state = SSL3_ST_CW_FINISHED_A; + #endif ++ ++#ifdef CHSSL_OFFLOAD ++ //if (SSL_ofld(s)) { ++ s->s3->tmp.next_state = s->state; ++ s->state = SSL3_ST_CW_FLUSH; ++ //} ++#endif ++ + s->init_num = 0; + + s->session->cipher = s->s3->tmp.new_cipher; +@@ -509,7 +530,6 @@ int ssl3_connect(SSL *s) + s->state = SSL_ST_ERR; + goto end; + } +- + break; + + #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) +@@ -524,6 +544,10 @@ int ssl3_connect(SSL *s) + + case SSL3_ST_CW_FINISHED_A: + case SSL3_ST_CW_FINISHED_B: ++#ifdef CHSSL_OFFLOAD ++ if (SSL_ofld(s)) ++ chssl_program_hwkey_context(s, KEY_WRITE_TX, SSL_ST_CONNECT); ++#endif + ret = ssl3_send_finished(s, + SSL3_ST_CW_FINISHED_A, + SSL3_ST_CW_FINISHED_B, +@@ -553,7 +577,6 @@ int ssl3_connect(SSL *s) + s->s3->tmp.next_state = SSL3_ST_CR_SESSION_TICKET_A; + else + #endif +- + s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A; + } + s->init_num = 0; +diff --git a/crypto/openssl/ssl/s3_pkt.c b/crypto/openssl/ssl/s3_pkt.c +index b91456843041..233f73adca3a 100644 +--- a/crypto/openssl/ssl/s3_pkt.c ++++ b/crypto/openssl/ssl/s3_pkt.c +@@ -112,11 +112,15 @@ + #include + #include + #include ++ #include + #define USE_SOCKETS + #include "ssl_locl.h" + #include + #include + #include ++#ifdef CHSSL_OFFLOAD ++#include "ssl_tom.h" ++#endif + + #ifndef EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK + # define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0 +@@ -152,6 +156,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) + long align = 0; + unsigned char *pkt; + SSL3_BUFFER *rb; ++ //printf("%s n:%d \n",__func__,n); + + if (n <= 0) + return n; +@@ -161,6 +166,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) + if (!ssl3_setup_read_buffer(s)) + return -1; + ++ //printf("%s left:%d \n",__func__,left); + left = rb->left; + #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0 + align = (long)rb->buf + SSL3_RT_HEADER_LENGTH; +@@ -212,6 +218,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) + s->packet_length += n; + rb->left = left - n; + rb->offset += n; ++ //printf("%s n:%d off:%d\n",__func__,n,rb->offset); + return (n); + } + +@@ -228,6 +235,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) + s->packet = pkt; + rb->offset = len + align; + } ++ //printf("%s n:%d rb->len:%d off:%d\n",__func__,n,rb->len,rb->offset); + + if (n > (int)(rb->len - rb->offset)) { /* does not happen */ + SSLerr(SSL_F_SSL3_READ_N, ERR_R_INTERNAL_ERROR); +@@ -244,6 +252,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) + if (max > (int)(rb->len - rb->offset)) + max = rb->len - rb->offset; + } ++ //printf("max:%d \n",max); + + while (left < n) { + /* +@@ -260,6 +269,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) + SSLerr(SSL_F_SSL3_READ_N, SSL_R_READ_BIO_NOT_SET); + i = -1; + } ++ //printf("bio read:%d sf:%d\n",i,s->rbio->num); + + if (i <= 0) { + rb->left = left; +@@ -285,6 +295,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) + rb->left = left - n; + s->packet_length += n; + s->rwstate = SSL_NOTHING; ++ //printf("%s Exit n:%d \n",__func__,n); + return (n); + } + +@@ -309,7 +320,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) + static int ssl3_get_record(SSL *s) + { + int ssl_major, ssl_minor, al; +- int enc_err, n, i, ret = -1; ++ int enc_err = 0, n, i, ret = -1; + SSL3_RECORD *rr; + SSL_SESSION *sess; + unsigned char *p; +@@ -340,12 +351,25 @@ static int ssl3_get_record(SSL *s) + if ((s->rstate != SSL_ST_READ_BODY) || + (s->packet_length < SSL3_RT_HEADER_LENGTH)) { + n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0); +- if (n <= 0) ++ if (n <= 0) { + return (n); /* error or non-blocking */ +- s->rstate = SSL_ST_READ_BODY; +- ++ } + p = s->packet; +- if (s->msg_callback) ++ ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX) ++ #define SSL3_RT_CHERROR 127 ++ if (SSL_ofld_vers(s) && SSL_ofld_rx(s) && (*(p) == SSL3_RT_CHERROR)) { ++ s->rstate = SSL_ST_READ_ERROR; ++ } else ++#endif ++ s->rstate = SSL_ST_READ_BODY; ++ ++ if (s->msg_callback ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX) ++ && (SSL_ofld_vers(s) && SSL_ofld_rx(s) ++ && (s->rstate != SSL_ST_READ_ERROR)) ++#endif ++ ) + s->msg_callback(0, 0, SSL3_RT_HEADER, p, 5, s, + s->msg_callback_arg); + +@@ -399,18 +423,40 @@ static int ssl3_get_record(SSL *s) + /* now s->rstate == SSL_ST_READ_BODY */ + } + ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX) ++ if (SSL_Chelsio_ofld(s) && SSL_ofld_rx(s)) { ++ if (s->rstate == SSL_ST_READ_ERROR) { ++ i = rr->length; ++ n = ssl3_read_n(s, i, i, 1); ++ s->rstate = SSL_ST_READ_HEADER; ++ if (n<=0) ++ return n; ++ al = chssl_process_cherror(s); ++ printf("%s rstate SSL_ST_READ_ERROR \n",__func__); ++ goto f_err; ++ } ++ } ++ ++ /* this may not be required len in Hdr = '5bytes + decrypted payload' */ ++#endif ++ + /* s->rstate == SSL_ST_READ_BODY, get and decode the data */ +- + if (rr->length > s->packet_length - SSL3_RT_HEADER_LENGTH) { + /* now s->packet_length == SSL3_RT_HEADER_LENGTH */ + i = rr->length; + n = ssl3_read_n(s, i, i, 1); +- if (n <= 0) ++ if (n <= 0) { ++ //printf("%s n:%d \n",__func__,n); + return (n); /* error or non-blocking io */ ++ } + /* + * now n == rr->length, and s->packet_length == SSL3_RT_HEADER_LENGTH + * + rr->length + */ ++#if 0 ++ for(i=0;i<16;i++) ++ printf("%x ",s->packet[i]); ++#endif + } + + s->rstate = SSL_ST_READ_HEADER; /* set state for later operations */ +@@ -437,12 +483,17 @@ static int ssl3_get_record(SSL *s) + if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH + extra) { + al = SSL_AD_RECORD_OVERFLOW; + SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_ENCRYPTED_LENGTH_TOO_LONG); ++ printf("%s SSL_R_ENCRYPTED_LENGTH_TOO_LONG \n",__func__); + goto f_err; + } + + /* decrypt in place in 'rr->input' */ + rr->data = rr->input; + ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX) ++ if (!(SSL_enc_offload(s) && SSL_ofld_vers(s) && SSL_ofld_rx(s))) ++#endif ++ { + enc_err = s->method->ssl3_enc->enc(s, 0); + /*- + * enc_err is: +@@ -453,10 +504,17 @@ static int ssl3_get_record(SSL *s) + if (enc_err == 0) { + al = SSL_AD_DECRYPTION_FAILED; + SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); ++ printf("%s SSL_R_BLOCK_CIPHER_PAD_IS_WRONG \n",__func__); + goto f_err; + } ++ } + #ifdef TLS_DEBUG +- printf("dec %d\n", rr->length); ++#ifdef CHSSL_OFFLOAD ++ printf("\n dec %d host enc:%d mac:%d enc_err:%d\n", ++ rr->length,SSL_enc_host(s),SSL_mac_host(s),enc_err); ++#else ++ printf("\n dec %d\n", rr->length); ++#endif + { + unsigned int z; + for (z = 0; z < rr->length; z++) +@@ -467,7 +525,13 @@ static int ssl3_get_record(SSL *s) + + /* r->length is now the compressed data plus mac */ + if ((sess != NULL) && +- (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL)) { ++ (s->enc_read_ctx != NULL) && ++ (EVP_MD_CTX_md(s->read_hash) != NULL) ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX) ++ && ++ !(SSL_mac_offload(s) && SSL_ofld_vers(s) && SSL_ofld_rx(s)) ++#endif ++ ) { + /* s->read_hash != NULL => mac_size != -1 */ + unsigned char *mac = NULL; + unsigned char mac_tmp[EVP_MAX_MD_SIZE]; +@@ -491,6 +555,7 @@ static int ssl3_get_record(SSL *s) + orig_len < mac_size + 1)) { + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_LENGTH_TOO_SHORT); ++ printf("%s SSL_R_LENGTH_TOO_SHORT \n",__func__); + goto f_err; + } + +@@ -533,6 +598,7 @@ static int ssl3_get_record(SSL *s) + al = SSL_AD_BAD_RECORD_MAC; + SSLerr(SSL_F_SSL3_GET_RECORD, + SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC); ++ printf("%s SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC \n",__func__); + goto f_err; + } + +@@ -541,6 +607,7 @@ static int ssl3_get_record(SSL *s) + if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + extra) { + al = SSL_AD_RECORD_OVERFLOW; + SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_COMPRESSED_LENGTH_TOO_LONG); ++ printf("%s SSL_R_COMPRESSED_LENGTH_TOO_LONG \n",__func__); + goto f_err; + } + if (!ssl3_do_uncompress(s)) { +@@ -553,6 +620,7 @@ static int ssl3_get_record(SSL *s) + if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH + extra) { + al = SSL_AD_RECORD_OVERFLOW; + SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_DATA_LENGTH_TOO_LONG); ++ printf("%s rr->length :%d extra:%zu\n",__func__,rr->length,extra); + goto f_err; + } + +@@ -575,11 +643,13 @@ static int ssl3_get_record(SSL *s) + if (empty_record_count > MAX_EMPTY_RECORDS) { + al = SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_RECORD_TOO_SMALL); ++ printf("rr->length == 0 empty_record_count:%d\n",empty_record_count); ++ printf("%s SSL_F_SSL3_GET_RECORD \n",__func__); + goto f_err; + } + goto again; + } +-#if 0 ++#ifdef TLS_DEBUG + fprintf(stderr, "Ultimate Record type=%d, Length=%d\n", rr->type, + rr->length); + #endif +@@ -701,7 +771,11 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) + SSL_USE_EXPLICIT_IV(s) && + s->enc_write_ctx != NULL && + EVP_CIPHER_flags(s->enc_write_ctx->cipher) & +- EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK) { ++ EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK ++#ifdef CHSSL_OFFLOAD ++ && !SSL_ofld(s) ++#endif ++ ) { + unsigned char aad[13]; + EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param; + int packlen; +@@ -986,7 +1060,11 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, + plen = p; + p += 2; + /* Explicit IV length, block ciphers appropriate version flag */ +- if (s->enc_write_ctx && SSL_USE_EXPLICIT_IV(s)) { ++ if (s->enc_write_ctx && SSL_USE_EXPLICIT_IV(s) ++#ifdef CHSSL_OFFLOAD ++ && !(SSL_enc_offload(s) && SSL_ofld_vers(s)) ++#endif ++ ) { + int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx); + if (mode == EVP_CIPH_CBC_MODE) { + eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx); +@@ -1027,7 +1105,11 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, + * wb->buf + */ + +- if (mac_size != 0) { ++ if (mac_size != 0 ++#ifdef CHSSL_OFFLOAD ++ && !(SSL_enc_offload(s) && SSL_ofld_vers(s)) ++#endif ++ ) { + if (s->method->ssl3_enc->mac(s, &(p[wr->length + eivlen]), 1) < 0) + goto err; + wr->length += mac_size; +@@ -1043,8 +1125,14 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, + wr->length += eivlen; + } + ++#ifdef CHSSL_OFFLOAD ++ if (!(SSL_enc_offload(s) && SSL_ofld_vers(s))) { ++#endif + if (s->method->ssl3_enc->enc(s, 1) < 1) + goto err; ++#ifdef CHSSL_OFFLOAD ++ } ++#endif + + /* record length after mac and block padding */ + s2n(wr->length, plen); +@@ -1172,8 +1260,10 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) + void (*cb) (const SSL *ssl, int type2, int val) = NULL; + + if (s->s3->rbuf.buf == NULL) /* Not initialized yet */ +- if (!ssl3_setup_read_buffer(s)) ++ if (!ssl3_setup_read_buffer(s)) { ++ printf("%s ssl3_setup_read_buffer fail \n",__func__); + return (-1); ++ } + + if ((type && (type != SSL3_RT_APPLICATION_DATA) + && (type != SSL3_RT_HANDSHAKE)) || (peek +@@ -1232,9 +1322,10 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) + /* get new packet if necessary */ + if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) { + ret = ssl3_get_record(s); +- if (ret <= 0) ++ if (ret <= 0) { + return (ret); + } ++ } + + /* + * Reset the count of consecutive warning alerts if we've got a non-empty +@@ -1276,8 +1367,10 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) + goto f_err; + } + +- if (len <= 0) ++ if (len <= 0) { ++ printf("%s len:%d \n",__func__,len); + return (len); ++ } + + if ((unsigned int)len > rr->length) + n = rr->length; +@@ -1296,6 +1389,9 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) + ssl3_release_read_buffer(s); + } + } ++#ifdef TLS_DEBUG ++ printf("%s %d n:%d \n",__func__,__LINE__,n); ++#endif + return (n); + } + +@@ -1337,6 +1433,9 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) + s->rwstate = SSL_READING; + BIO_clear_retry_flags(SSL_get_rbio(s)); + BIO_set_retry_read(SSL_get_rbio(s)); ++#ifdef TLS_DEBUG ++ printf("%s TLS1_RT_HEARTBEAT \n",__func__); ++#endif + return (-1); + } + #endif +@@ -1666,7 +1765,6 @@ int ssl3_do_change_cipher_spec(SSL *s) + int i; + const char *sender; + int slen; +- + if (s->state & SSL_ST_ACCEPT) + i = SSL3_CHANGE_CIPHER_SERVER_READ; + else +@@ -1677,25 +1775,39 @@ int ssl3_do_change_cipher_spec(SSL *s) + /* might happen if dtls1_read_bytes() calls this */ + SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, + SSL_R_CCS_RECEIVED_EARLY); +- return (0); ++ goto err; + } + + s->session->cipher = s->s3->tmp.new_cipher; +- if (!s->method->ssl3_enc->setup_key_block(s)) +- return (0); ++ if (!s->method->ssl3_enc->setup_key_block(s)) { ++ goto err; ++ } + } + +- if (!s->method->ssl3_enc->change_cipher_state(s, i)) +- return (0); ++ if (!s->method->ssl3_enc->change_cipher_state(s, i)){ ++ printf("change_cipher_state error \n"); ++ goto err; ++ } + + /* + * we have to record the message digest at this point so we can get it + * before we read the finished message + */ + if (s->state & SSL_ST_CONNECT) { ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX) ++ if (SSL_ofld_rx(s)) { ++ chssl_program_hwkey_context(s, KEY_WRITE_RX, SSL_ST_CONNECT); ++ if (SSL_clr_quiesce(s)) ++ chssl_clear_tom(s); ++ } ++#endif + sender = s->method->ssl3_enc->server_finished_label; + slen = s->method->ssl3_enc->server_finished_label_len; + } else { ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX) ++ if (SSL_ofld_rx(s)) ++ chssl_program_hwkey_context(s, KEY_WRITE_RX, SSL_ST_ACCEPT); ++#endif + sender = s->method->ssl3_enc->client_finished_label; + slen = s->method->ssl3_enc->client_finished_label_len; + } +@@ -1707,9 +1819,16 @@ int ssl3_do_change_cipher_spec(SSL *s) + SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR); + return 0; + } ++ + s->s3->tmp.peer_finish_md_len = i; + + return (1); ++err: ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX) ++ if (SSL_ofld_rx(s)) ++ chssl_clear_quies(s); ++#endif ++ return (0); + } + + int ssl3_send_alert(SSL *s, int level, int desc) +diff --git a/crypto/openssl/ssl/s3_srvr.c b/crypto/openssl/ssl/s3_srvr.c +index 0fb4845d44fa..74afc08f66b8 100644 +--- a/crypto/openssl/ssl/s3_srvr.c ++++ b/crypto/openssl/ssl/s3_srvr.c +@@ -169,6 +169,9 @@ + # include + #endif + #include ++#ifdef CHSSL_OFFLOAD ++#include "ssl_tom.h" ++#endif + + #ifndef OPENSSL_NO_SSL3_METHOD + static const SSL_METHOD *ssl3_get_server_method(int ver); +@@ -250,6 +253,9 @@ int ssl3_accept(SSL *s) + for (;;) { + state = s->state; + ++#ifdef TLS_DEBUG ++ fprintf(stderr, "%s: state %d\n", __func__, state); ++#endif + switch (s->state) { + case SSL_ST_RENEGOTIATE: + s->renegotiate = 1; +@@ -270,6 +276,10 @@ int ssl3_accept(SSL *s) + return -1; + } + s->type = SSL_ST_ACCEPT; ++#ifdef CHSSL_OFFLOAD ++ if (chssl_new(s)) ++ ssl_tls_offload(s); ++#endif + + if (s->init_buf == NULL) { + if ((buf = BUF_MEM_new()) == NULL) { +@@ -423,6 +433,12 @@ int ssl3_accept(SSL *s) + else + s->state = SSL3_ST_SW_CERT_A; + s->init_num = 0; ++#ifdef CHSSL_OFFLOAD ++ if (SSL_ofld(s) && s->new_session) { ++ s->s3->tmp.next_state = s->state; ++ s->state = SSL3_ST_SW_FLUSH; ++ } ++#endif + break; + + case SSL3_ST_SW_CERT_A: +@@ -453,6 +469,12 @@ int ssl3_accept(SSL *s) + s->state = SSL3_ST_SW_KEY_EXCH_A; + #endif + s->init_num = 0; ++#ifdef CHSSL_OFFLOAD ++ if (SSL_ofld(s) && s->new_session) { ++ s->s3->tmp.next_state = s->state; ++ s->state = SSL3_ST_SW_FLUSH; ++ } ++#endif + break; + + case SSL3_ST_SW_KEY_EXCH_A: +@@ -505,6 +527,12 @@ int ssl3_accept(SSL *s) + + s->state = SSL3_ST_SW_CERT_REQ_A; + s->init_num = 0; ++#ifdef CHSSL_OFFLOAD ++ if (SSL_ofld(s) && s->new_session) { ++ s->s3->tmp.next_state = s->state; ++ s->state = SSL3_ST_SW_FLUSH; ++ } ++#endif + break; + + case SSL3_ST_SW_CERT_REQ_A: +@@ -765,6 +793,12 @@ int ssl3_accept(SSL *s) + goto end; + s->state = SSL3_ST_SW_CHANGE_A; + s->init_num = 0; ++#ifdef CHSSL_OFFLOAD ++ if (SSL_ofld(s) && s->new_session) { ++ s->s3->tmp.next_state = s->state; ++ s->state = SSL3_ST_SW_FLUSH; ++ } ++#endif + break; + + case SSL3_ST_SW_CERT_STATUS_A: +@@ -774,6 +808,12 @@ int ssl3_accept(SSL *s) + goto end; + s->state = SSL3_ST_SW_KEY_EXCH_A; + s->init_num = 0; ++#ifdef CHSSL_OFFLOAD ++ if (SSL_ofld(s) && s->new_session) { ++ s->s3->tmp.next_state = s->state; ++ s->state = SSL3_ST_SW_FLUSH; ++ } ++#endif + break; + + #endif +@@ -794,7 +834,17 @@ int ssl3_accept(SSL *s) + + if (ret <= 0) + goto end; ++ ++#ifdef CHSSL_OFFLOAD ++ if (SSL_ofld(s)) { ++ s->s3->tmp.next_state = SSL3_ST_SW_FINISHED_A; ++ s->state = SSL3_ST_SW_FLUSH; ++ } else { + s->state = SSL3_ST_SW_FINISHED_A; ++ } ++#else ++ s->state = SSL3_ST_SW_FINISHED_A; ++#endif + s->init_num = 0; + + if (!s->method->ssl3_enc->change_cipher_state(s, +@@ -804,11 +854,14 @@ int ssl3_accept(SSL *s) + s->state = SSL_ST_ERR; + goto end; + } +- + break; + + case SSL3_ST_SW_FINISHED_A: + case SSL3_ST_SW_FINISHED_B: ++#ifdef CHSSL_OFFLOAD ++ if (SSL_ofld(s)) ++ chssl_program_hwkey_context(s, KEY_WRITE_TX, SSL_ST_ACCEPT); ++#endif + ret = ssl3_send_finished(s, + SSL3_ST_SW_FINISHED_A, + SSL3_ST_SW_FINISHED_B, +@@ -831,6 +884,7 @@ int ssl3_accept(SSL *s) + } else + s->s3->tmp.next_state = SSL_ST_OK; + s->init_num = 0; ++ + break; + + case SSL_ST_OK: +diff --git a/crypto/openssl/ssl/ssl.h b/crypto/openssl/ssl/ssl.h +index 3cf96a239bab..2ae116f78020 100644 +--- a/crypto/openssl/ssl/ssl.h ++++ b/crypto/openssl/ssl/ssl.h +@@ -1408,11 +1408,47 @@ int SSL_extension_supported(unsigned int ext_type); + # define SSL_READING 3 + # define SSL_X509_LOOKUP 4 + ++#ifdef CHSSL_OFFLOAD ++enum { ++ SSL_ENC_HOST = 0, ++ SSL_ENC_OFLD, ++}; ++ ++enum { ++ SSL_MAC_HOST = 0, ++ SSL_MAC_OFLD, ++}; ++ ++enum { ++ KEY_SPACE_AVAIL = 0, ++ KEY_SPACE_NOTAVL, ++}; ++ ++struct ch_ssl_st { ++ int nl_fd; ++ int sock_fd; ++ char ofld_tx_enable; ++ char ofld_rx_enable; ++ char ofld_enc; ++ char ofld_mac; ++ char key_state; ++ char rx_keys_copied; ++ char tx_keys_copied; ++ void *key_context; ++}; ++#endif ++ + /* These will only be used when doing non-blocking IO */ + # define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING) + # define SSL_want_read(s) (SSL_want(s) == SSL_READING) + # define SSL_want_write(s) (SSL_want(s) == SSL_WRITING) + # define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP) ++#ifdef CHSSL_OFFLOAD ++# define SSL_enc_offload(s) (SSL_enc(s) == SSL_ENC_OFLD) ++# define SSL_enc_host(s) (SSL_enc(s) == SSL_ENC_HOST) ++# define SSL_mac_offload(s) (SSL_mac(s) == SSL_MAC_OFLD) ++# define SSL_mac_host(s) (SSL_mac(s) == SSL_MAC_HOST) ++#endif + + # define SSL_MAC_FLAG_READ_MAC_STREAM 1 + # define SSL_MAC_FLAG_WRITE_MAC_STREAM 2 +@@ -1447,6 +1483,7 @@ struct ssl_st { + char *wbio; + char *bbio; + # endif ++ + /* + * This holds a variable that indicates what we were doing when a 0 or -1 + * is returned. This is needed for non-blocking IO so we know what +@@ -1568,6 +1605,9 @@ struct ssl_st { + unsigned int max_psk_len); + # endif + SSL_CTX *ctx; ++#ifdef CHSSL_OFFLOAD ++ struct ch_ssl_st *chssl; ++#endif + /* + * set this flag to 1 and a sleep(1) is put into all SSL_read() and + * SSL_write() calls, good for nbio debuging :-) +@@ -1758,6 +1798,9 @@ extern "C" { + # define SSL_ST_READ_HEADER 0xF0 + # define SSL_ST_READ_BODY 0xF1 + # define SSL_ST_READ_DONE 0xF2 ++#ifdef CHSSL_OFFLOAD ++# define SSL_ST_READ_ERROR 0xF3 ++#endif + + /*- + * Obtain latest Finished message +@@ -2136,6 +2179,23 @@ X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *); + void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *); + int SSL_want(const SSL *s); + int SSL_clear(SSL *s); ++#ifdef CHSSL_OFFLOAD ++int SSL_enc(const SSL *s); ++int SSL_mac(const SSL *s); ++#ifdef CHSSL_TLS_RX ++int SSL_Rx_keys(const SSL *s); ++#endif ++int SSL_Tx_keys(const SSL *s); ++int SSL_ofld(const SSL *s); ++int SSL_compress(const SSL *s); ++int SSL_Chelsio_ofld(const SSL *s); ++#ifdef CHSSL_TLS_RX ++int chssl_clear_quies(const SSL *s); ++#endif ++int chssl_clear_tom(const SSL *s); ++int chssl_process_cherror(SSL *s); ++void chssl_program_hwkey_context(SSL *s, int rw, int state); ++#endif + + void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm); + +diff --git a/crypto/openssl/ssl/ssl_lib.c b/crypto/openssl/ssl/ssl_lib.c +index 3539f4b8d20a..2d0fee71d50d 100644 +--- a/crypto/openssl/ssl/ssl_lib.c ++++ b/crypto/openssl/ssl/ssl_lib.c +@@ -159,6 +159,9 @@ + #ifndef OPENSSL_NO_ENGINE + # include + #endif ++#ifdef CHSSL_OFFLOAD ++#include "ssl_tom.h" ++#endif + + const char *SSL_version_str = OPENSSL_VERSION_TEXT; + +@@ -742,6 +745,7 @@ int SSL_set_fd(SSL *s, int fd) + } + BIO_set_fd(bio, fd, BIO_NOCLOSE); + SSL_set_bio(s, bio, bio); ++ //printf("SSL_set_fd: fd:%d bio_fd:%d BIO:%p:%p:%p\n",fd,bio->num,bio,s->wbio,s->rbio); + ret = 1; + err: + return (ret); +@@ -1068,6 +1072,11 @@ int SSL_shutdown(SSL *s) + SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED); + return -1; + } ++#ifdef CHSSL_OFFLOAD ++ if (s->chssl) { ++ chssl_free(s); ++ } ++#endif + + if (!SSL_in_init(s)) { + return s->method->ssl_shutdown(s); +diff --git a/crypto/openssl/ssl/ssl_tom.c b/crypto/openssl/ssl/ssl_tom.c +new file mode 100644 +index 000000000000..3fd915ac2c56 +--- /dev/null ++++ b/crypto/openssl/ssl/ssl_tom.c +@@ -0,0 +1,724 @@ ++/* ssl/ssl_tom.c */ ++/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) ++ * All rights reserved. ++ * ++ * This package is an SSL implementation written ++ * by Eric Young (eay@cryptsoft.com). ++ * The implementation was written so as to conform with Netscapes SSL. ++ * ++ * This library is free for commercial and non-commercial use as long as ++ * the following conditions are aheared to. The following conditions ++ * apply to all code found in this distribution, be it the RC4, RSA, ++ * lhash, DES, etc., code; not just the SSL code. The SSL documentation ++ * included with this distribution is covered by the same copyright terms ++ * except that the holder is Tim Hudson (tjh@cryptsoft.com). ++ * ++ * Copyright remains Eric Young's, and as such any Copyright notices in ++ * the code are not to be removed. ++ * If this package is used in a product, Eric Young should be given attribution ++ * as the author of the parts of the library used. ++ * This can be in the form of a textual message at program startup or ++ * in documentation (online or textual) provided with the package. ++ * w ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * 1. Redistributions of source code must retain the copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * 3. All advertising materials mentioning features or use of this software ++ * must display the following acknowledgement: ++ * "This product includes cryptographic software written by ++ * Eric Young (eay@cryptsoft.com)" ++ * The word 'cryptographic' can be left out if the rouines from the library ++ * being used are not cryptographic related :-). ++ * 4. If you include any Windows specific code (or a derivative thereof) from ++ * the apps directory (application code) you must include an acknowledgement: ++ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND ++ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ++ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE ++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL ++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS ++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT ++ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY ++ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ++ * SUCH DAMAGE. ++ * ++ * The licence and distribution terms for any publically available version or ++ * derivative of this code cannot be changed. i.e. this code cannot simply be ++ * copied and put under another distribution licence ++ * [including the GNU Public Licence.] ++ */ ++/* ==================================================================== ++ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ * ++ * This product includes cryptographic software written by Eric Young ++ * (eay@cryptsoft.com). This product includes software written by Tim ++ * Hudson (tjh@cryptsoft.com). ++ * Chelsio Software written by Atul Gupta (atul.gupta@chelsio.com) ++ * ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#ifdef __linux__ ++#include ++#include ++#endif ++#ifdef __FreeBSD__ ++#include ++#include ++#endif ++#include "ssl_locl.h" ++#include ++#include ++#include "ssl_tom.h" ++#include ++#include ++ ++#ifdef CHSSL_OFFLOAD ++int ssl_tls_offload(SSL *s) ++{ ++#ifdef __FreeBSD__ ++ socklen_t optlen; ++#endif ++ int ret, mode = 0; ++ ++ if ((s->wbio == NULL) || (s->rbio == NULL)) { ++ SSLerr(SSL_R_BAD_STATE, SSL_R_BIO_NOT_SET); ++ return mode; ++ } ++ s->chssl->sock_fd = s->wbio->num = s->rbio->num; ++ ++#ifdef __linux__ ++ ret = ioctl(s->chssl->sock_fd, IOCTL_TLSOM_GET_TLS_TOM, &mode); ++ if (!ret && mode) ++ s->chssl->ofld_rx_enable = s->chssl->ofld_tx_enable = TLS_OFLD_TRUE; ++ else ++ s->chssl->ofld_rx_enable = s->chssl->ofld_tx_enable = TLS_OFLD_FALSE; ++#else ++ optlen = sizeof(mode); ++ ret = getsockopt(s->chssl->sock_fd, IPPROTO_TCP, TCP_TLSOM_GET_TLS_TOM, ++ &mode, &optlen); ++ s->chssl->ofld_rx_enable = s->chssl->ofld_tx_enable = TLS_OFLD_FALSE; ++ if (ret == 0) { ++ switch (mode) { ++ case TLS_TOM_BOTH: ++ s->chssl->ofld_rx_enable = TLS_OFLD_TRUE; ++ /* FALLTHROUGH */ ++ case TLS_TOM_TXONLY: ++ s->chssl->ofld_tx_enable = TLS_OFLD_TRUE; ++ break; ++ } ++ } ++#endif ++ ++ return mode; ++} ++ ++int SSL_ofld_vers(const SSL *s) ++{ ++ return (s->version == TLS1_1_VERSION || s->version == TLS1_2_VERSION ++ || s->version == DTLS1_2_VERSION); ++} ++ ++int SSL_ofld(const SSL *s) ++{ ++ return(SSL_ofld_vers(s) && s->chssl && s->chssl->ofld_tx_enable); ++} ++ ++#ifdef CHSSL_TLS_RX ++int SSL_ofld_rx(const SSL *s) ++{ ++ return(s->chssl && s->chssl->ofld_rx_enable); ++} ++#endif ++ ++int SSL_compress(const SSL *s) ++{ ++ return(s->compress != NULL); ++} ++ ++#ifdef CHSSL_TLS_RX ++int SSL_Rx_keys(const SSL *s) ++{ ++ return(s->chssl && s->chssl->rx_keys_copied); ++} ++#endif ++ ++int SSL_Tx_keys(const SSL *s) ++{ ++ return(s->chssl && s->chssl->tx_keys_copied); ++} ++ ++int SSL_enc(const SSL *s) ++{ ++ return(s->chssl && s->chssl->ofld_tx_enable && s->chssl->ofld_enc); ++} ++ ++int SSL_mac(const SSL *s) ++{ ++ return(s->chssl && s->chssl->ofld_tx_enable && s->chssl->ofld_mac); ++} ++ ++int SSL_Chelsio_ofld(const SSL *s) ++{ ++ return (SSL_ofld(s) && SSL_ofld_rx(s) && SSL_enc(s) && SSL_mac(s)); ++} ++ ++#ifdef CHSSL_TLS_RX ++int SSL_clr_quiesce(const SSL *s) ++{ ++ return (SSL_ofld_rx(s) && (s->chssl->key_state == KEY_SPACE_NOTAVL)); ++} ++#endif ++ ++int CHSSL_EVP_Digest(const void *data, ++ void *md, const EVP_MD *m) ++{ ++ int ret = 1, i; ++ ++ if (m->type == NID_sha1){ ++ SHA_CTX sha1ctx; ++ unsigned int *temp = md; ++ ++ SHA1_Init(&sha1ctx); ++ SHA1_Update(&sha1ctx, data, SHA_CBLOCK); ++ temp[0] = htonl(sha1ctx.h0); ++ temp[1] = htonl(sha1ctx.h1); ++ temp[2] = htonl(sha1ctx.h2); ++ temp[3] = htonl(sha1ctx.h3); ++ temp[4] = htonl(sha1ctx.h4); ++ } else if (m->type == NID_sha256) { ++ SHA256_CTX sha256ctx; ++ SHA256_Init(&sha256ctx); ++ SHA256_Update(&sha256ctx, data, SHA256_CBLOCK); ++ ++ for (i = 0; i < SHA256_DIGEST_LENGTH / 4; i++) ++ *((unsigned int *)md + i) = htonl(sha256ctx.h[i]); ++ } else if (m->type == NID_sha384) { ++ SHA512_CTX sha384ctx; ++ ++ SHA384_Init(&sha384ctx); ++ SHA384_Update(&sha384ctx, data, SHA512_BLOCK); ++ ++ for (i = 0; i < SHA512_DIGEST_LENGTH / 8; i++) ++ *((unsigned long long *)md + i) = ++ htobe64(sha384ctx.h[i]); ++ ++ } else if (m->type == NID_sha512) { ++ SHA512_CTX sha512ctx; ++ ++ SHA512_Init(&sha512ctx); ++ SHA512_Update(&sha512ctx, data, SHA512_BLOCK); ++ ++ for (i = 0; i < SHA512_DIGEST_LENGTH / 8; i++) ++ *((unsigned long long *)md + i) = ++ htobe64(sha512ctx.h[i]); ++ } ++ ++ return ret; ++} ++ ++/* ++ * Determine HW capability for Digest and Cipher Offload ++ */ ++static int tls_ofld_enc_mac(SSL *s) ++{ ++ const EVP_CIPHER *p; ++ const SSL_CIPHER *c; ++ ++ c = s->s3->tmp.new_cipher; ++ p = s->s3->tmp.new_sym_enc; ++ ++ switch(c->algorithm_enc) { ++ case SSL_AES128GCM: ++ case SSL_AES256GCM: ++ s->chssl->ofld_enc = SSL_ENC_OFLD; ++ s->chssl->ofld_mac = SSL_MAC_OFLD; ++ return TLS_OFLD_TRUE; ++ ++ case SSL_AES128 : ++ case SSL_AES256 : ++ switch(EVP_CIPHER_mode(p)) { ++ case EVP_CIPH_CTR_MODE: ++ case EVP_CIPH_CBC_MODE: ++ s->chssl->ofld_enc = SSL_ENC_OFLD; ++ break; ++ default: ++ chssl_print(cl,"No HW support\n"); ++ return TLS_OFLD_FALSE; ++ } ++ break; ++ ++ case SSL_eNULL: ++ s->chssl->ofld_enc = SSL_ENC_OFLD; ++ break; ++ ++ default: ++ chssl_print(cl,"No HW support for ENC\n"); ++ s->chssl->ofld_enc = SSL_ENC_HOST; ++ return TLS_OFLD_FALSE; ++ } ++ ++ switch(c->algorithm_mac) { ++ case SSL_SHA1: ++ case SSL_SHA256: ++ case SSL_SHA384: ++ s->chssl->ofld_mac= SSL_MAC_OFLD; ++ break; ++ ++ default: ++ s->chssl->ofld_mac= SSL_MAC_HOST; ++ /* Revert enc mode to non-offload */ ++ s->chssl->ofld_enc = SSL_ENC_HOST; ++ chssl_print(cl,"No HW support for MAC\n"); ++ return TLS_OFLD_FALSE; ++ } ++ return TLS_OFLD_TRUE; ++} ++ ++/* ++ * Authentication Mode expected by HW ++ */ ++static unsigned char get_auth_mode(SSL *s) ++{ ++ const SSL_CIPHER *c = s->s3->tmp.new_cipher; ++ ++ if(c==NULL) return CHSSL_SHA_NOP; ++ ++ switch(c->algorithm_mac) { ++ case SSL_SHA1: ++ return CHSSL_SHA1; ++ case SSL_SHA256: ++ return CHSSL_SHA256; ++ case SSL_SHA384: ++ return CHSSL_SHA512_384; ++ case SSL_AEAD: ++ return CHSSL_GHASH; ++ default: ++ return CHSSL_SHA_NOP; ++} ++} ++ ++/* ++ * Cipher Mode expected by HW ++ */ ++static unsigned char get_cipher_mode(SSL *s) ++{ ++ const EVP_CIPHER *c = s->s3->tmp.new_sym_enc; ++ ++ switch(EVP_CIPHER_mode(c)) { ++ case EVP_CIPH_CBC_MODE: ++ return CHSSL_AES_CBC; ++ case EVP_CIPH_GCM_MODE: ++ return CHSSL_AES_GCM; ++ case EVP_CIPH_CTR_MODE: ++ return CHSSL_AES_CTR; ++ case EVP_CIPH_STREAM_CIPHER: ++ return CHSSL_CIPH_NOP; ++ default: ++ chssl_print(cl,"invalid cipher mode\n"); ++ return CHSSL_CIPH_NOP; ++ } ++} ++ ++static void chssl_compute_ipad_opad(unsigned char *key, ++ unsigned char *ipad, ++ unsigned char *opad, ++ int k, const EVP_MD *m) ++{ ++ int i, blksize; ++ char iblock[SHA512_BLOCK] = {0}; ++ char oblock[SHA512_BLOCK] = {0}; ++ ++ blksize = m->block_size; ++ memset (iblock + k, 0x36, blksize - k); ++ memset (oblock + k, 0x5c, blksize - k); ++ for(i = 0; i < k; i++) { ++ iblock[i] = key[i] ^ 0x36; ++ oblock[i] = key[i] ^ 0x5c; ++ } ++ CHSSL_EVP_Digest(iblock, ipad, m); ++ CHSSL_EVP_Digest(oblock, opad, m); ++} ++ ++static void chssl_compute_cipher_key(unsigned char *key, ++ int key_len, ++ unsigned char *ghash) ++{ ++ int len,len1; ++ EVP_CIPHER_CTX ctx; ++ unsigned char plaintext[GHASH_SIZE] = {0}; ++ ++ EVP_CIPHER_CTX_init(&ctx); ++ if(key_len == 16) ++ EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, NULL); ++ else ++ EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key, NULL); ++ EVP_CIPHER_CTX_set_padding(&ctx, 0); ++ EVP_EncryptUpdate(&ctx, ghash, &len, plaintext, 16); ++ EVP_EncryptFinal_ex(&ctx, ghash+len, &len1); ++ EVP_CIPHER_CTX_cleanup(&ctx); ++} ++ ++/* ++ * Create key Context for receive/transmit and program on HW ++ */ ++static int ssl_key_context(SSL *s, int rw, int state) ++{ ++ const EVP_CIPHER *c; ++ const EVP_MD *m; ++ unsigned int mac_key_size = 0, cipher_key_size, iv_size; ++ unsigned char *key; ++ unsigned char s_ipad_hash[MAX_MAC_KSZ]= {0x0}; /* blk sz for hashing */ ++ unsigned char s_opad_hash[MAX_MAC_KSZ]= {0x0}; /* blk sz for hashing */ ++ unsigned char c_ipad_hash[MAX_MAC_KSZ]= {0x0}; /* blk sz for hashing */ ++ unsigned char c_opad_hash[MAX_MAC_KSZ]= {0x0}; /* blk sz for hashing */ ++ ++ unsigned char s_mac_key[MAX_MAC_KSZ] = {0x0}; ++ unsigned char c_mac_key[MAX_MAC_KSZ] = {0x0}; ++ unsigned char s_key[MAX_CIPHER_KSZ] = {0x0}; ++ unsigned char c_key[MAX_CIPHER_KSZ] = {0x0}; ++ unsigned char s_iv[MAX_CIPHER_KSZ] = {0x0}; ++ unsigned char c_iv[MAX_CIPHER_KSZ] = {0x0}; ++ unsigned char ghash[GHASH_SIZE] = {0x0}; ++ int pad = 12; ++ int index = 0; ++ int ret = 0; ++ struct tls_key_context *kctx = s->chssl->key_context; ++ ++ if (!tls_ofld_enc_mac(s)) { ++ return ret; ++ } ++ ++ c = s->s3->tmp.new_sym_enc; ++ m = s->s3->tmp.new_hash; ++ kctx->l_p_key = rw; ++ ++ if (s->new_session) ++ kctx->l_p_key |= F_KEY_CLR_LOC; ++ key = s->s3->tmp.key_block; ++ ++ if (s->version >= TLS1_VERSION) ++ mac_key_size = s->s3->tmp.new_mac_secret_size; ++ else ++ if (m) mac_key_size = m->md_size; ++ kctx->mac_secret_size = mac_key_size; ++ ++ cipher_key_size = EVP_CIPHER_key_length(c); ++ kctx->cipher_secret_size = cipher_key_size; ++ ++ iv_size = (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) ? ++ EVP_GCM_TLS_FIXED_IV_LEN: ++ EVP_CIPHER_iv_length(c); ++ kctx->iv_size = iv_size; ++ kctx->iv_ctrl = 1; ++ kctx->iv_algo = 0; ++ ++ if ((mac_key_size == SHA256_DIGEST_LENGTH) || ++ (mac_key_size == SHA384_DIGEST_LENGTH)) ++ pad = 0; ++ ++ if (mac_key_size) { ++ memcpy(c_mac_key, key, mac_key_size); ++ key += mac_key_size; ++ memcpy(s_mac_key, key, mac_key_size); ++ key += mac_key_size; ++ } ++ memcpy(c_key, key, cipher_key_size); ++ key += cipher_key_size; ++ memcpy(s_key, key, cipher_key_size); ++ key += cipher_key_size; ++ ++ memcpy(c_iv, key, iv_size); ++ key += iv_size; ++ memcpy(s_iv, key, iv_size); ++ ++ if (s->chssl->ofld_mac && (EVP_CIPHER_mode(c) != EVP_CIPH_GCM_MODE)) { ++ /* IPAD/OPAD for SHA384/512 calculated over 128B block */ ++ chssl_compute_ipad_opad(c_mac_key, c_ipad_hash, ++ c_opad_hash, mac_key_size, m); ++ chssl_compute_ipad_opad(s_mac_key, s_ipad_hash, ++ s_opad_hash, mac_key_size, m); ++ } ++ ++ if (state == SSL_ST_ACCEPT) { ++ memcpy(kctx->tx.key, s_key, cipher_key_size); ++ memcpy(kctx->rx.key, c_key, cipher_key_size); ++ } else { ++ memcpy(kctx->tx.key, c_key, cipher_key_size); ++ memcpy(kctx->rx.key, s_key, cipher_key_size); ++ } ++ ++ if (mac_key_size == SHA384_DIGEST_LENGTH) mac_key_size = MAX_MAC_KSZ; ++ index = cipher_key_size; ++ if (s->chssl->ofld_mac) { ++ if (mac_key_size) { ++ if (state == SSL_ST_ACCEPT) ++ memcpy(kctx->tx.key+index, s_ipad_hash, mac_key_size); ++ else ++ memcpy(kctx->tx.key+index, c_ipad_hash, mac_key_size); ++ ++ index += (mac_key_size + pad); ++ if (state == SSL_ST_ACCEPT) ++ memcpy(kctx->tx.key+index, s_opad_hash, mac_key_size); ++ else ++ memcpy(kctx->tx.key+index, c_opad_hash, mac_key_size); ++ ++ index += (mac_key_size + pad); ++ } else { ++ if (state == SSL_ST_ACCEPT) { ++ chssl_compute_cipher_key(s_key, cipher_key_size, ghash); ++ memcpy(kctx->tx.key+index, ghash, GHASH_SIZE); ++ } else { ++ chssl_compute_cipher_key(c_key, cipher_key_size, ghash); ++ memcpy(kctx->tx.key+index, ghash, GHASH_SIZE); ++ } ++ index += GHASH_SIZE; ++ } ++ } ++ kctx->tx_key_info_size = TLS_TX_HDR_SZ + index; ++ ++ index = cipher_key_size; ++ if (s->chssl->ofld_mac) { ++ if (mac_key_size) { ++ if (state == SSL_ST_ACCEPT) ++ memcpy(kctx->rx.key+index, c_ipad_hash, mac_key_size); ++ else ++ memcpy(kctx->rx.key+index, s_ipad_hash, mac_key_size); ++ ++ index += (mac_key_size + pad); ++ if (state == SSL_ST_ACCEPT) ++ memcpy(kctx->rx.key+index, c_opad_hash, mac_key_size); ++ else ++ memcpy(kctx->rx.key+index, s_opad_hash, mac_key_size); ++ ++ index += (mac_key_size + pad); ++ } else { ++ if (state == SSL_ST_ACCEPT) { ++ chssl_compute_cipher_key(c_key, cipher_key_size, ghash); ++ memcpy(kctx->rx.key+index, ghash, GHASH_SIZE); ++ } else { ++ chssl_compute_cipher_key(s_key, cipher_key_size, ghash); ++ memcpy(kctx->rx.key+index, ghash, GHASH_SIZE); ++ } ++ index += GHASH_SIZE; ++ } ++ } ++ ++ kctx->tx_key_info_size = TLS_RX_HDR_SZ + index; ++ ++ if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) { ++ if (state == SSL_ST_ACCEPT) { ++ memcpy(kctx->tx.salt, s_iv, SALT_SIZE); ++ memcpy(kctx->rx.salt, c_iv, SALT_SIZE); ++ } else { ++ memcpy(kctx->tx.salt, c_iv, SALT_SIZE); ++ memcpy(kctx->rx.salt, s_iv, SALT_SIZE); ++ } ++ } ++ ++ kctx->proto_ver = s->version; ++ kctx->state.auth_mode = get_auth_mode(s); ++ kctx->state.enc_mode = get_cipher_mode(s); ++ if (s->version == DTLS1_2_VERSION) ++ kctx->dtls_epoch = s->d1->r_epoch; ++ ++ if (s->max_send_fragment) ++ kctx->frag_size = s->max_send_fragment; ++ else ++ kctx->frag_size = SSL3_RT_MAX_PLAIN_LENGTH; ++ ++ /* handle renegotiation here */ ++ if(!s->chssl->tx_keys_copied) ++ kctx->tx_seq_no = 0; ++ else ++ kctx->tx_seq_no = 1; ++ ++ if(!s->chssl->rx_keys_copied) ++ kctx->rx_seq_no = 0; ++ else ++ kctx->rx_seq_no = 1; ++ ++ if(EVP_CIPHER_mode(c) != EVP_CIPH_GCM_MODE) { ++ if (!SSL_mac(s) && SSL_enc(s)) ++ kctx->hmac_ctrl = 0; ++ else ++ kctx->hmac_ctrl = 1; ++ } ++ kctx->sock_fd = s->chssl->sock_fd; ++ ++ return 1; ++} ++ ++void chssl_program_hwkey_context(SSL *s, int rw, int state) ++{ ++ int ret = 0; ++ ++ if (!s->chssl->key_context) { ++ s->chssl->key_context = (struct tls_key_context *) ++ OPENSSL_malloc(sizeof(struct tls_key_context)); ++ if (s->chssl->key_context == NULL) ++ return; ++ } ++ ++ memset(s->chssl->key_context, 0, sizeof(struct tls_key_context)); ++ if((ret = ssl_key_context(s, rw, state)) <=0) { ++#ifdef CHSSL_TLS_RX ++ /* Clear quiesce after CCS receive */ ++ if (rw == KEY_WRITE_RX) { ++ ret = chssl_clear_tom(s); ++ s->chssl->ofld_rx_enable = TLS_OFLD_FALSE; ++ s->chssl->ofld_tx_enable = TLS_OFLD_FALSE; ++ } ++#endif ++ goto end; ++ } ++ ++#ifdef __linux__ ++ ret = ioctl(s->chssl->sock_fd, IOCTL_TLSOM_SET_TLS_CONTEXT, ++ s->chssl->key_context); ++#else ++ ret = setsockopt(s->chssl->sock_fd, IPPROTO_TCP, TCP_TLSOM_SET_TLS_CONTEXT, ++ s->chssl->key_context, sizeof(struct tls_key_context)); ++#endif ++ if (!ret) { ++ if (rw & KEY_WRITE_TX) ++ s->chssl->tx_keys_copied = 1; ++ else ++ s->chssl->rx_keys_copied = 1; ++ } else { ++ s->chssl->ofld_rx_enable = TLS_OFLD_FALSE; ++ s->chssl->ofld_tx_enable = TLS_OFLD_FALSE; ++ s->chssl->key_state = KEY_SPACE_NOTAVL; ++ } ++ ++end: ++ free(s->chssl->key_context); ++ s->chssl->key_context = NULL; ++ return; ++} ++ ++#ifdef CHSSL_TLS_RX ++int chssl_clear_quies(const SSL *s) ++{ ++#ifdef __linux__ ++ return ioctl(s->chssl->sock_fd, IOCTL_TLSOM_CLR_QUIES); ++#else ++ return setsockopt(s->chssl->sock_fd, IPPROTO_TCP, TCP_TLSOM_CLR_QUIES, ++ NULL, 0); ++#endif ++} ++ ++int chssl_clear_tom(const SSL *s) ++{ ++#ifdef __linux__ ++ return ioctl(s->chssl->sock_fd, IOCTL_TLSOM_CLR_TLS_TOM); ++#else ++ return setsockopt(s->chssl->sock_fd, IPPROTO_TCP, TCP_TLSOM_CLR_TLS_TOM, ++ NULL, 0); ++#endif ++} ++#endif ++ ++int chssl_process_cherror(SSL *s) ++{ ++ const char *buf = (const char *)&(s->s3->rbuf.buf[0]); ++ unsigned int err = atoi(buf); ++ ++ switch (err) { ++ case 0: ++ return SSL_AD_BAD_RECORD_MAC; ++ case 1: ++ case 2: ++ return SSL_AD_ILLEGAL_PARAMETER; ++ case 3: ++ return SSL_AD_RECORD_OVERFLOW; ++ case 4: ++ return SSL_AD_INTERNAL_ERROR; ++ } ++ return 0; ++} ++ ++struct ch_ssl_st *chssl_new(SSL *s) ++{ ++ if (s->chssl) ++ return s->chssl; ++ s->chssl = OPENSSL_malloc(sizeof(struct ch_ssl_st)); ++ if (s->chssl) ++ memset(s->chssl, 0, sizeof(struct ch_ssl_st)); ++ return s->chssl; ++} ++ ++struct ch_ssl_st *chssl_free(SSL *s) ++{ ++ if (!s->chssl) ++ return NULL; ++ ++ free(s->chssl); ++ s->chssl = NULL; ++ return NULL; ++} ++#endif +diff --git a/crypto/openssl/ssl/ssl_tom.h b/crypto/openssl/ssl/ssl_tom.h +new file mode 100644 +index 000000000000..a1ecf7e38ed7 +--- /dev/null ++++ b/crypto/openssl/ssl/ssl_tom.h +@@ -0,0 +1,160 @@ ++/* ++ * Common Header file TLSOM functionalities ++ * ++ * Copyright (C) 2011-2015 Chelsio Communications. All rights reserved. ++ * ++ * Written by Atul Gupta ++ * ++ * This program is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the LICENSE file included in this ++ * release for licensing terms and conditions. ++ */ ++#ifdef __linux__ ++#include ++#endif ++#ifndef __TLSOM_CMN_H ++#define __TLSOM_CMN_H ++ ++#define TLSOM_SUCCESS 0 ++#define TLSOM_FAILURE -1 ++ ++#ifdef CHSSL_DEBUG ++ #define chssl_print(f,c) fprintf(f,c) ++#else ++ #define chssl_print(f,c) ; ++#endif ++ ++#define MAX_MAC_KSZ 64 /*512 bits */ ++#define SHA512_BLOCK 128 /* Block size for 512 */ ++#define MAX_CIPHER_KSZ 32 /* 256 bits */ ++#define CIPHER_BLOCK_SZ 16 ++#define IV_SIZE (4+8) /*reserved 8 bytes */ ++#define SALT_SIZE 4 ++#define TLS_TX_HDR_SZ 16 ++#define TLS_RX_HDR_SZ 16 ++#define GHASH_SIZE 16 ++#define MAX_TLS_KSZ (2*MAX_MAC_KSZ + MAX_CIPHER_KSZ) ++ ++#ifdef __FreeBSD__ ++#include ++#endif ++#ifdef __linux__ ++/* XXX: TCP_TLSKEY is not used */ ++#define TCP_TLSKEY 291 /* Program Key Context on HW */ ++#define IOCTL_TLSOM_SET_TLS_CONTEXT 201 /* Program Key Context on HW */ ++#define IOCTL_TLSOM_GET_TLS_TOM 202 /* Query the TLS offload mode */ ++#define IOCTL_TLSOM_CLR_TLS_TOM 203 /* Clear the Key */ ++#define IOCTL_TLSOM_CLR_QUIES 204 /* Clear the Quiesec */ ++#endif ++ ++enum { ++ TLS_OFLD_FALSE = 0, ++ TLS_OFLD_TRUE, ++}; ++ ++#ifdef __linux__ ++/* Can accomodate 16, 11-15 are reserved */ ++enum { ++ CHSSL_SHA_NOP, ++ CHSSL_SHA1, ++ CHSSL_SHA224, ++ CHSSL_SHA256, ++ CHSSL_GHASH, ++ CHSSL_SHA512_224, ++ CHSSL_SHA512_256, ++ CHSSL_SHA512_384, ++ CHSSL_SHA512_512, ++ CHSSL_CBCMAC, ++ CHSSL_CMAC, ++}; ++ ++/* Can accomodate 16, 8-15 are reserved */ ++enum { ++ CHSSL_CIPH_NOP, ++ CHSSL_AES_CBC, ++ CHSSL_AES_GCM, ++ CHSSL_AES_CTR, ++ CHSSL_AES_GEN, ++ CHSSL_IPSEC_ESP, ++ CHSSL_AES_XTS, ++ CHSSL_AES_CCM, ++}; ++ ++#define KEY_WRITE_RX 0x1 /* Program Receive Key */ ++#define KEY_WRITE_TX 0x2 /* Program Transmit Key */ ++#define KEY_DELETE_RX 0x4 /* Delete Receive Key */ ++#define KEY_DELETE_TX 0x8 /* Delete Transmit Key */ ++ ++#define S_KEY_CLR_LOC 4 ++#define M_KEY_CLR_LOC 0xf ++#define V_KEY_CLR_LOC(x) ((x) << S_KEY_CLR_LOC) ++#define G_FW_WR_EQUIQ(s) (((x) >> S_KEY_CLR_LOC) & M_KEY_CLR_LOC) ++#define F_KEY_CLR_LOC V_KEY_CLR_LOC(1U) ++ ++/* XXX: Not used. */ ++#define S_KEY_GET_LOC 0 ++#define M_KEY_GET_LOC 0xf ++#define V_KEY_GET_LOC(x) ((x) << S_KEY_GET_LOC) ++#define G_KEY_GET_LOC(s) (((x) >> S_KEY_GET_LOC) & M_KEY_GET_LOC) ++ ++struct tls_ofld_state { ++ unsigned char enc_mode; ++ unsigned char mac_mode; ++ unsigned char key_loc; ++ unsigned char ofld_mode; ++ unsigned char auth_mode; ++ unsigned char resv[3]; ++}; ++ ++struct tls_tx_ctxt { ++ unsigned char salt[SALT_SIZE]; ++ unsigned char key[MAX_CIPHER_KSZ]; ++ unsigned char ipad[MAX_MAC_KSZ]; ++ unsigned char opad[MAX_MAC_KSZ]; ++}; ++ ++struct tls_rx_ctxt { ++ unsigned char salt[SALT_SIZE]; ++ unsigned char key[MAX_CIPHER_KSZ]; ++ unsigned char ipad[MAX_MAC_KSZ]; ++ unsigned char opad[MAX_MAC_KSZ]; ++}; ++ ++struct tls_key_context { ++ struct tls_tx_ctxt tx; ++ struct tls_rx_ctxt rx; ++ ++ unsigned char l_p_key; ++ unsigned char hmac_ctrl; ++ unsigned char mac_first; ++ unsigned char iv_size; ++ unsigned char iv_ctrl; ++ unsigned char iv_algo; ++ unsigned char tx_seq_no; ++ unsigned char rx_seq_no; ++ ++ struct tls_ofld_state state; ++ ++ unsigned int tx_key_info_size; ++ unsigned int rx_key_info_size; ++ unsigned int frag_size; ++ unsigned int mac_secret_size; ++ unsigned int cipher_secret_size; ++ int proto_ver; ++ unsigned int sock_fd; ++ unsigned short dtls_epoch; ++ unsigned short rsv; ++}; ++#endif ++ ++struct ch_ssl_st *chssl_new(SSL *s); ++struct ch_ssl_st *chssl_free(SSL *s); ++int ssl_tls_offload(SSL *s); ++int SSL_ofld_vers(const SSL *s); ++#ifdef CHSSL_TLS_RX ++int SSL_ofld_rx(const SSL *s); ++int SSL_clr_quiesce(const SSL *s); ++#endif ++#endif ++ +diff --git a/crypto/openssl/ssl/t1_lib.c b/crypto/openssl/ssl/t1_lib.c +index 1a4387b78eb9..c0dbb8a9cebf 100644 +--- a/crypto/openssl/ssl/t1_lib.c ++++ b/crypto/openssl/ssl/t1_lib.c +@@ -121,6 +121,9 @@ + #include + #include + #include "ssl_locl.h" ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX) ++#include "ssl_tom.h" ++#endif + + const char tls1_version_str[] = "TLSv1" OPENSSL_VERSION_PTEXT; + +@@ -4051,6 +4054,10 @@ int tls1_process_heartbeat(SSL *s) + s->tlsext_hb_pending = 0; + } + } ++#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX) ++ if (SSL_ofld_rx(s)) ++ chssl_clear_quies(s); ++#endif + + return 0; + } Index: security/openssl-chelsio/files/extra-patch-test_testssl =================================================================== --- /dev/null +++ security/openssl-chelsio/files/extra-patch-test_testssl @@ -0,0 +1,15 @@ +Disable SSLv3 test when built without SSL3 option disabled + + - Test for weak DH fails when enabled + +--- test/testssl.orig 2017-04-27 12:23:44 UTC ++++ test/testssl +@@ -160,7 +160,7 @@ test_cipher() { + } + set -x + echo "Testing ciphersuites" +-for protocol in TLSv1.2 SSLv3; do ++for protocol in TLSv1.2; do + echo "Testing ciphersuites for $protocol" + for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do + test_cipher $cipher $protocol Index: security/openssl-chelsio/files/patch-Configure =================================================================== --- /dev/null +++ security/openssl-chelsio/files/patch-Configure @@ -0,0 +1,45 @@ +--- Configure.orig 2015-06-11 15:50:11.000000000 +0200 ++++ Configure 2015-06-12 16:20:39.000000000 +0200 +@@ -467,19 +467,20 @@ + "android-mips","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + + #### *BSD [do see comment about ${BSDthreads} above!] +-"BSD-generic32","gcc:-O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +-"BSD-x86", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +-"BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +-"debug-BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +-"BSD-sparcv8", "gcc:-DB_ENDIAN -O3 -mcpu=v8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"BSD-generic32","$ENV{'FREEBSDCC'}:-O3 -fomit-frame-pointer -Wall $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)", ++"BSD-x86", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIBVER)", ++"BSD-x86-elf", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIBVER)", ++"debug-BSD-x86-elf", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O3 -Wall -g $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIBVER)", ++"BSD-sparcv8", "$ENV{'FREEBSDCC'}:-DB_ENDIAN -O3 -mcpu=v8 -Wall $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)", + +-"BSD-generic64","gcc:-O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"BSD-generic64","$ENV{'FREEBSDCC'}:-O3 -Wall $ENV{'CFLAGS'}::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)", + # -DMD32_REG_T=int doesn't actually belong in sparc64 target, it + # simply *happens* to work around a compiler bug in gcc 3.3.3, + # triggered by RIPEMD160 code. +-"BSD-sparc64", "gcc:-DB_ENDIAN -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +-"BSD-ia64", "gcc:-DL_ENDIAN -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +-"BSD-x86_64", "cc:-DL_ENDIAN -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"BSD-sparc64", "$ENV{'FREEBSDCC'}:-DB_ENDIAN -O3 -DMD32_REG_T=int -Wall $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)", ++"BSD-ia64", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O3 -Wall $ENV{'CFLAGS'}::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)", ++"BSD-x86_64", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O3 -Wall $ENV{'CFLAGS'}::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)", ++"BSD-alpha", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O -Wall $ENV{'CFLAGS'}::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)", + + "bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +@@ -2019,10 +2020,12 @@ + if ( $perl =~ m@^/@) { + &dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";'); + &dofile("apps/CA.pl",$perl,'^#!/', '#!%s'); ++ &dofile("apps/tsget",$perl,'^#!/', '#!%s'); + } else { + # No path for Perl known ... + &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";'); + &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s'); ++ &dofile("apps/tsget",'/usr/local/bin/perl',,'^#!/', '#!%s'); + } + if ($depflags ne $default_depflags && !$make_depend) { + print <s3->tmp.new_cipher->algorithm2, ++ label, label_len, ++ s->s3->client_random,SSL3_RANDOM_SIZE, ++ s->s3->server_random,SSL3_RANDOM_SIZE, ++ context, context_len, NULL, 0, ++ s->session->master_key, s->session->master_key_length, ++ out, tmp, olen); ++ } ++ + int tls1_alert_code(int code) + { + switch (code) { Index: security/openssl-chelsio/files/patch-apps_s__client.c =================================================================== --- /dev/null +++ security/openssl-chelsio/files/patch-apps_s__client.c @@ -0,0 +1,22 @@ +From 4e48c77572a9a96a301e362a3646cd3cc7eca0f9 Mon Sep 17 00:00:00 2001 +From: Carlos Alberto Lopez Perez +Date: Mon, 6 Aug 2012 01:45:51 +0200 +Subject: [PATCH] Fix XMPP code detection on s_client starttls xmpp + + * Some XMPP Servers (OpenFire) use double quotes. + * This makes s_client starttls work with this servers. + * Tested with OpenFire servers from http://xmpp.net/ :: + + openssl s_client -connect coderollers.com:5222 -starttls xmpp +--- apps/s_client.c.orig 2017-05-25 12:54:38 UTC ++++ apps/s_client.c +@@ -1663,7 +1663,8 @@ int MAIN(int argc, char **argv) + seen = BIO_read(sbio, mbuf, BUFSIZZ); + mbuf[seen] = 0; + while (!strstr +- (mbuf, "")) + goto shut; + seen = BIO_read(sbio, mbuf, BUFSIZZ); Index: security/openssl-chelsio/files/patch-config =================================================================== --- /dev/null +++ security/openssl-chelsio/files/patch-config @@ -0,0 +1,19 @@ +--- config.orig 2013-06-16 07:01:13.038797248 -0500 ++++ config 2013-06-16 07:01:18.138794838 -0500 +@@ -734,14 +734,8 @@ + sparc64-*-*bsd*) OUT="BSD-sparc64" ;; + ia64-*-*bsd*) OUT="BSD-ia64" ;; + amd64-*-*bsd*) OUT="BSD-x86_64" ;; +- *86*-*-*bsd*) # mimic ld behaviour when it's looking for libc... +- if [ -L /usr/lib/libc.so ]; then # [Free|Net]BSD +- libc=/usr/lib/libc.so +- else # OpenBSD +- # ld searches for highest libc.so.* and so do we +- libc=`(ls /usr/lib/libc.so.* /lib/libc.so.* | tail -1) 2>/dev/null` +- fi +- case "`(file -L $libc) 2>/dev/null`" in ++ *86*-*-*bsd*) ++ case "`(file -L /bin/sh) 2>/dev/null`" in + *ELF*) OUT="BSD-x86-elf" ;; + *) OUT="BSD-x86"; options="$options no-sse2" ;; + esac ;; Index: security/openssl-chelsio/files/patch-ssl_fatalerrtest.c =================================================================== --- /dev/null +++ security/openssl-chelsio/files/patch-ssl_fatalerrtest.c @@ -0,0 +1,48 @@ +From a4597f079bf2662e06d505538f83b6b610c41c7c Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Thu, 7 Dec 2017 14:40:49 +0000 +Subject: [PATCH] Fix initialisation in fatalerrtest + +--- + ssl/fatalerrtest.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/ssl/fatalerrtest.c b/ssl/fatalerrtest.c +index 0288c33fa2e..749bc3697ea 100644 +--- ssl/fatalerrtest.c.orig ++++ ssl/fatalerrtest.c +@@ -13,8 +13,8 @@ + + int main(int argc, char *argv[]) + { +- SSL_CTX *sctx, *cctx; +- SSL *sssl, *cssl; ++ SSL_CTX *sctx = NULL, *cctx = NULL; ++ SSL *sssl = NULL, *cssl = NULL; + const char *msg = "Dummy"; + BIO *err = NULL, *wbio = NULL; + int ret = 1, len; +From b24e0573c6838e8d726fb16d558c562ce4e8f025 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Thu, 7 Dec 2017 14:41:21 +0000 +Subject: [PATCH] Fix the buffer sizing in the fatalerrtest + +Fixes #4865 +--- + ssl/fatalerrtest.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ssl/fatalerrtest.c b/ssl/fatalerrtest.c +index 749bc3697ea..f9d66e27b30 100644 +--- ssl/fatalerrtest.c.orig ++++ ssl/fatalerrtest.c +@@ -76,7 +76,7 @@ int main(int argc, char *argv[]) + } + + /* SSL_read()/SSL_write should fail because of a previous fatal error */ +- if ((len = SSL_read(sssl, buf, sizeof(buf - 1))) > 0) { ++ if ((len = SSL_read(sssl, buf, sizeof(buf) - 1)) > 0) { + buf[len] = '\0'; + printf("Unexpected success reading data: %s\n", buf); + goto err; + Index: security/openssl-chelsio/pkg-descr =================================================================== --- /dev/null +++ security/openssl-chelsio/pkg-descr @@ -0,0 +1,20 @@ +The OpenSSL Project is a collaborative effort to develop a robust, +commercial-grade, full-featured, and Open Source toolkit implementing +the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security +(TLS v1) protocols with full-strength cryptography world-wide. The +project is managed by a worldwide community of volunteers that use +the Internet to communicate, plan, and develop the OpenSSL tookit +and its related documentation. + +OpenSSL is based on the excellent SSLeay library developed by Eric +A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under +an Apache-style licence, which basically means that you are free +to get and use it for commercial and non-commercial purposes subject +to some simple license conditions. + +This version of OpenSSL includes additional patches to support the +use of TLS offload for offloaded TCP connections on Chelsio T6 +network adapters. + +WWW: http://www.openssl.org/ +WWW: http://sctp.fh-muenster.de/dtls-patches.html Index: security/openssl-chelsio/pkg-plist =================================================================== --- /dev/null +++ security/openssl-chelsio/pkg-plist @@ -0,0 +1,3 @@ +openssl-chelsio/lib/libssl.so.%%SHLIBVER%% +@dir openssl-chelsio/lib +@dir openssl-chelsio Index: security/openssl-chelsio/version.mk =================================================================== --- /dev/null +++ security/openssl-chelsio/version.mk @@ -0,0 +1,2 @@ +# Match FreeBSD 12's base version +OPENSSL_SHLIBVER?= 8