init 9.6p1

Makefile.in

@@ -734,6 +734,7 @@ interop-tests t-exec file-tests extra-tests: regress-prep regress-binaries $(TAR
 		.CURDIR="$(abs_top_srcdir)/regress" \
 		.OBJDIR="$(BUILDDIR)/regress" \
 		BUILDDIR="$(BUILDDIR)" \
+		ENABLE_WOLFSSL="@ENABLE_WOLFSSL@" \
 		OBJ="$(BUILDDIR)/regress" \
 		PATH="$(BUILDDIR):$${PATH}" \
 		TEST_ENV=MALLOC_OPTIONS="@TEST_MALLOC_OPTIONS@" \

configure.ac

@@ -612,6 +612,8 @@ SPP_MSG="no"
 SOLARIS_PRIVS="no"
 
 # Check for some target-specific stuff
+APPLE_SANDBOX_MSG="no"
+WOLFSSL_ADD_LIBPTHREAD_SSHD=0
 case "$host" in
 *-*-aix*)
 	# Some versions of VAC won't allow macro redefinitions at
@@ -738,6 +740,12 @@ case "$host" in
 	AC_DEFINE([BROKEN_SETREGID])
 	;;
 *-*-darwin*)
+	case $host in
+	*-apple-darwin*)
+		CPPFLAGS="$CPPFLAGS -DAPPLE_SANDBOX_NAMED_EXTERNAL"
+        APPLE_SANDBOX_MSG="yes"
+		;;
+	esac
 	use_pie=auto
 	AC_MSG_CHECKING([if we have working getaddrinfo])
 	AC_RUN_IFELSE([AC_LANG_SOURCE([[
@@ -891,6 +899,7 @@ int main(void) { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
 	no_dev_ptmx=1
 	use_pie=auto
 	check_for_openpty_ctty_bug=1
+	WOLFSSL_ADD_LIBPTHREAD_SSHD=1
 	dnl Target SUSv3/POSIX.1-2001 plus BSD specifics.
 	dnl _DEFAULT_SOURCE is the new name for _BSD_SOURCE
 	dnl _GNU_SOURCE is needed for setres*id prototypes.
@@ -1874,6 +1883,10 @@ AC_CHECK_FUNCS([ \
 	Blowfish_expandstate \
 	Blowfish_expand0state \
 	Blowfish_stream2word \
+	arc4random \
+	arc4random_buf \
+	arc4random_stir \
+	arc4random_uniform \
 	SHA256Update \
 	SHA384Update \
 	SHA512Update \
@@ -2690,7 +2703,147 @@ AC_CHECK_FUNCS([getpgrp],[
 	)
 ])
 
+WOLFSSL_URL="https://www.wolfssl.com/download/"
+ENABLE_WOLFSSL="no"
+AC_ARG_WITH(wolfssl,
+	[  --with-wolfssl=PATH      PATH to wolfssl install (default /usr/local) ],
+	[
+	wolfssl_install_dir=/usr/local
+	
+	if test "x${withval}" != "xyes" ; then
+		wolfssl_install_dir=${withval}
+	fi
+	
+	if test -d "${wolfssl_install_dir}/lib"; then
+		if test -n "${rpath_opt}"; then
+			LDFLAGS="-L${wolfssl_install_dir}/lib ${rpath_opt}${wolfssl_install_dir}/lib ${LDFLAGS}"
+		else
+			LDFLAGS="-L${wolfssl_install_dir}/lib ${LDFLAGS}"
+		fi
+	else
+		AC_MSG_ERROR([wolfSSL: lib directory not found at ${wolfssl_install_dir}])
+	fi
+	if test -d "${wolfssl_install_dir}/include"; then
+		if test -d "${wolfssl_install_dir}/include/wolfssl"; then
+			CPPFLAGS="$CPPFLAGS -I${wolfssl_install_dir}/include -I${wolfssl_install_dir}/include/wolfssl"
+		else
+			AC_MSG_ERROR([wolfSSL: include/wolfssl directory not found at ${wolfssl_install_dir}])
+		fi
+	else
+		AC_MSG_ERROR([wolfSSL: include directory not found at ${wolfssl_install_dir}])
+	fi
+
+	AC_MSG_CHECKING([for wolfSSL])
+	LIBS="$LIBS -lwolfssl"
+
+	AC_TRY_LINK_FUNC([wolfSSL_Init], ,
+		[
+			AC_MSG_ERROR([wolfSSL isn't found.  You can get it from $WOLFSSL_URL
+	
+		If it's already installed, specify its path using --with-wolfssl=/dir/])
+		]
+	)
+
+	AC_MSG_RESULT([yes])
+	ENABLE_WOLFSSL="yes"
+	DIGEST_SSL="digest-wolfssl.o"
+	SSL_COMPAT="wolfssl-compat.o"
+	RAND_MSG="WolfSSL Internal"
+	AC_DEFINE([USING_WOLFSSL], [1], [Defined if using WolfSSL])
+	AC_DEFINE([WITH_OPENSSL], [1], [Defined if using WolfSSL])
+	AC_DEFINE([UNSUPPORTED_POSIX_THREADS_HACK], [1], [Defined if using WolfSSL])
+	# OpenSSL tests for these. Just assume these are present for wolfSSL.
+	AC_DEFINE([HAVE_BN_IS_PRIME_EX], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_SHA256_UPDATE], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_CRYPT], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_DES_CRYPT], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_DSA_GENERATE_PARAMETERS_EX], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_EVP_DIGESTFINAL_EX], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_EVP_DIGESTINIT_EX], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_EVP_MD_CTX_CLEANUP], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_EVP_MD_CTX_INIT], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_EVP_SHA256], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_HMAC_CTX_INIT], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_RSA_GENERATE_KEY_EX], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_RSA_GET_DEFAULT_METHOD], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_OPENSSL_VERSION], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_EVP_CIPHER_CTX_CTRL], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_EVP_CIPHER_CTX_SET_IV], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_EVP_RIPEMD160], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_EVP_SHA384], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_EVP_SHA512], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_OPENSSL_VERSION_NUM], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_EVP_CIPHER_CTX_GET_IV], [1], [Defined if using WolfSSL])
+
+	# Dummy RSA method functions
+	AC_DEFINE([HAVE_RSA_METH_SET_PRIV_ENC], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_RSA_METH_SET_PRIV_DEC], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_RSA_METH_SET_PUB_ENC], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_RSA_METH_SET_PUB_DEC], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_RSA_METH_SET_FINISH], [1], [Defined if using WolfSSL])
+	AC_DEFINE([HAVE_EVP_PKEY_GET0_RSA], [1], [Defined if using WolfSSL])
+
+	AC_DEFINE([OPENSSL_HAS_NISTP256], [1], [Defined if using WolfSSL])
+	AC_DEFINE([OPENSSL_HAS_NISTP384], [1], [Defined if using WolfSSL])
+	AC_DEFINE([OPENSSL_HAS_NISTP521], [1], [Defined if using WolfSSL])
+	AC_DEFINE([OPENSSL_HAVE_EVPCTR], [1], [Defined if using WolfSSL])
+
+
+	AC_MSG_CHECKING([is wolfSSL FIPS])
+	AC_COMPILE_IFELSE([AC_LANG_SOURCE([[
+	#include <wolfssl/options.h>
+	#ifndef HAVE_FIPS
+	# error macro not defined
+	#endif
+	]])], [ wolfssl_fips=yes ], [ wolfssl_fips=no ])
+	if test "x$wolfssl_fips" == "xyes" ; then
+		AC_MSG_RESULT([yes])
+		AC_DEFINE([USING_WOLFSSL_FIPS], [1], [Defined if using wolfSSL FIPS])
+	else
+		AC_MSG_RESULT([no])
+		AC_DEFINE([OPENSSL_HAS_ECC], [], [Defined if using wolfSSL (non-FIPS)])
+	fi
+
+	# Leave in place in case we use this in the future, AC_COMPILE_IFELSE works
+	# for now.
+	#AC_CHECK_LIB([wolfssl], [wc_wolfHasAesni], [ wolf_has_aesni=yes ], [ wolf_has_aesni=no ])
+	AC_MSG_CHECKING([is wolfssl configured with aesni])
+	AC_COMPILE_IFELSE([AC_LANG_SOURCE([[
+	#include <wolfssl/options.h>
+	#ifndef WOLFSSL_AESNI
+	# error macro not defined
+	#endif
+	]])], [ wolf_has_aesni=yes ], [ wolf_has_aesni=no ])
+
+	if test "x$wolf_has_aesni" == "xyes" ; then
+		AC_MSG_RESULT([yes])
+		AC_MSG_CHECKING([is gcc compiler detected])
+		if test "$GCC" = "yes"
+		then
+			AC_MSG_RESULT([yes])
+			AC_MSG_CHECKING([is compiler set to icc])
+			if test "$CC" != "icc"
+			then
+				AC_MSG_RESULT([not icc, add flags -maes and -msse4])
+				CFLAGS="$CFLAGS -maes -msse4"
+			else
+				AC_MSG_RESULT([using icc compiler. Do not add -maes and -msse4])
+			fi
+		else
+		    AC_MSG_RESULT([no gcc])
+		fi
+	else
+		AC_MSG_RESULT([no])
+	fi
+])
+
+AC_SUBST([ENABLE_WOLFSSL])
+
+if test "x$ENABLE_WOLFSSL" = "xno"; then
+
 # Search for OpenSSL
+DIGEST_SSL="digest-openssl.o"
+SSL_COMPAT="openssl-compat.o"
 saved_CPPFLAGS="$CPPFLAGS"
 saved_LDFLAGS="$LDFLAGS"
 openssl_bin_PATH="$PATH"
@@ -3169,11 +3322,21 @@ if test "x$openssl" = "xyes" ; then
 		]
 	)
 fi
+LIBS="$nocrypto_saved_LIBS"
+
+else
+    AC_CHECK_LIB([crypt], [crypt], [LIBS="$LIBS -lcrypt"])
+    AC_CHECK_FUNCS([crypt])
+fi # ENABLE_WOLFSSL endif
+
 
 # PKCS11/U2F depend on OpenSSL and dlopen().
 enable_pkcs11=yes
 enable_sk=yes
-if test "x$openssl" != "xyes" ; then
+if test "x$ENABLE_WOLFSSL" = "xyes" && test "x$wolfssl_fips" = "xyes" ; then
+       enable_sk="disabled; wolfSSL FIPS doesn't support all needed OpenSSL functions"
+fi
+if test "x$openssl" != "xyes" && test "x$ENABLE_WOLFSSL" != "xyes" ; then
 	enable_pkcs11="disabled; missing libcrypto"
 fi
 if test "x$ac_cv_func_dlopen" != "xyes" ; then
@@ -3384,12 +3547,13 @@ elif test ! -z "$OPENSSL_SEEDS_ITSELF" ; then
 	AC_DEFINE([OPENSSL_PRNG_ONLY], [1],
 		[Define if you want the OpenSSL internally seeded PRNG only])
 	RAND_MSG="OpenSSL internal ONLY"
-elif test "x$openssl" = "xno" ; then
+elif test "x$ENABLE_WOLFSSL" = "xyes"; then
+    AC_MSG_WARN([OpenSSH will use /dev/urandom or /dev/random as a source of random numbers. It will fail if both devices are not supported or accessible])
+elif test "x$openssl" = "xno"; then
 	AC_MSG_WARN([OpenSSH will use /dev/urandom as a source of random numbers. It will fail if this device is not supported or accessible])
 else
 	AC_MSG_ERROR([OpenSSH has no source of random numbers. Please configure OpenSSL with an entropy source or re-run configure using one of the --with-prngd-port or --with-prngd-socket options])
 fi
-LIBS="$nocrypto_saved_LIBS"
 
 saved_LIBS="$LIBS"
 AC_CHECK_LIB([iaf], [ia_openinfo], [
@@ -3431,6 +3595,9 @@ AC_ARG_WITH([pam],
 			PAM_MSG="yes"
 
 			SSHDLIBS="$SSHDLIBS -lpam"
+			if test "x$WOLFSSL_ADD_LIBPTHREAD_SSHD" = "x1" ; then
+				SSHDLIBS="$SSHDLIBS -lpthread"
+			fi
 			AC_DEFINE([USE_PAM], [1],
 				[Define if you want to enable PAM support])
 
@@ -5579,6 +5746,8 @@ AC_SUBST([TEST_SSH_UTF8], [$TEST_SSH_UTF8])
 AC_SUBST([TEST_MALLOC_OPTIONS], [$TEST_MALLOC_OPTIONS])
 AC_SUBST([UNSUPPORTED_ALGORITHMS], [$unsupported_algorithms])
 AC_SUBST([DEPEND], [$(cat $srcdir/.depend)])
+AC_SUBST([SSL_COMPAT])
+AC_SUBST([DIGEST_SSL])
 
 # Binaries for interop tests.
 AC_PATH_PROG([PLINK], [plink])
@@ -5653,6 +5822,7 @@ echo "         Solaris privilege support: $SPP_MSG"
 echo "       IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
 echo "           Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
 echo "                  BSD Auth support: $BSD_AUTH_MSG"
+echo "                   WolfSSL support: $ENABLE_WOLFSSL"
 echo "              Random number source: $RAND_MSG"
 echo "             Privsep sandbox style: $SANDBOX_STYLE"
 echo "                   PKCS#11 support: $enable_pkcs11"
@@ -5705,3 +5875,20 @@ if test "$AUDIT_MODULE" = "bsm" ; then
 	echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
 	echo "See the Solaris section in README.platform for details."
 fi
+
+if test "x$ENABLE_WOLFSSL" = "xyes" && test "x$APPLE_SANDBOX_MSG" = "xyes"
+then
+    echo ""
+    echo "---"
+    echo "WARNING : The OS X sandbox for renderer processes does not allow "
+    echo "/dev/urandom to be opened. wolfSSL relies on /dev/urandom for entropy"
+    echo ", including the generation of keys used for the peer-to-peer SSH "
+    echo "negotiation/session establishment. If you would use the sandboxing "
+    echo "mechanism, you must enable the access on /dev/urandom by adding "
+    echo "the two lines below at the end of the OS X system file "
+    echo "/System/Library/Sandbox/Profiles/org.openssh.sshd.sb :"
+    echo "(allow file-read* (literal \"/dev/random\")"
+    echo "                  (literal \"/dev/urandom\"))"
+    echo "---"
+    echo ""
+fi

includes.h

@@ -163,6 +163,12 @@
 # endif
 #endif
 
+#ifdef USING_WOLFSSL
+#include <wolfssl/options.h>
+#include <wolfssl/openssl/ssl.h>
+#include <wolfssl/openssl/evp.h>
+#endif
+
 #ifdef WITH_OPENSSL
 #include <openssl/opensslv.h> /* For OPENSSL_VERSION_NUMBER */
 #endif

log.c

@@ -186,6 +186,10 @@ log_verbose_reset(void)
 	nlog_verbose = 0;
 }
 
+static void Logging_cb(const int logLevel, const char *const logMessage) {
+    debug("wolfSSL: %s", logMessage);
+}
+
 /*
  * Initialize the log.
  */
@@ -200,6 +204,11 @@ log_init(const char *av0, LogLevel level, SyslogFacility facility,
 
 	argv0 = av0;
 
+#ifdef USING_WOLFSSL
+    wolfSSL_Debugging_ON();
+    wolfSSL_SetLoggingCb(Logging_cb);
+#endif
+
 	if (log_change_level(level) != 0) {
 		fprintf(stderr, "Unrecognized internal syslog level code %d\n",
 		    (int) level);

regress/unittests/test_helper/test_helper.c

@@ -37,6 +37,7 @@
 #ifdef WITH_OPENSSL
 #include <openssl/bn.h>
 #include <openssl/err.h>
+#include <openssl/ssl.h>
 #endif
 
 #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS)
@@ -129,6 +130,10 @@ main(int argc, char **argv)
 {
 	int ch;
 
+#ifdef USING_WOLFSSL
+    wolfSSL_Debugging_ON();
+#endif
+
 	seed_rng();
 #ifdef WITH_OPENSSL
 	ERR_load_crypto_strings();

ssh-rsa.c

@@ -633,6 +633,7 @@ static int
 openssh_RSA_verify(int hash_alg, u_char *hash, size_t hashlen,
     u_char *sigbuf, size_t siglen, RSA *rsa)
 {
+#ifndef USING_WOLFSSL_FIPS
 	size_t rsasize = 0, oidlen = 0, hlen = 0;
 	int ret, len, oidmatch, hashmatch;
 	const u_char *oid = NULL;
@@ -675,6 +676,16 @@ openssh_RSA_verify(int hash_alg, u_char *hash, size_t hashlen,
 done:
 	freezero(decrypted, rsasize);
 	return ret;
+#else
+	int nid = rsa_hash_alg_nid(hash_alg);
+	if (nid == -1) {
+		return SSH_ERR_INVALID_ARGUMENT;
+	}
+	if (RSA_verify(nid, hash, hashlen, sigbuf, siglen, rsa) != 1) {
+		return SSH_ERR_SIGNATURE_INVALID;
+	}
+	return 0;
+#endif
 }
 
 static const struct sshkey_impl_funcs sshkey_rsa_funcs = {