From a7714ef30f159ef074b40a7da4a1960da58f5c2b Mon Sep 17 00:00:00 2001 From: Justin W Smith <103147162+justsmth@users.noreply.github.com> Date: Thu, 7 Dec 2023 17:10:27 -0500 Subject: [PATCH] tcpdump support --- crypto/cipher_extra/cipher_extra.c | 6 +++++ .../ci/integration/run_tcpdump_integration.sh | 5 +++- .../tcpdump_patch/aws-lc-tcpdump.patch | 27 +++++++++++++++++++ 3 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 tests/ci/integration/tcpdump_patch/aws-lc-tcpdump.patch diff --git a/crypto/cipher_extra/cipher_extra.c b/crypto/cipher_extra/cipher_extra.c index 03711f9fea7..93374df2d3b 100644 --- a/crypto/cipher_extra/cipher_extra.c +++ b/crypto/cipher_extra/cipher_extra.c @@ -117,6 +117,12 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name) { if (OPENSSL_strcasecmp(name, "3des") == 0) { name = "des-ede3-cbc"; } + if (OPENSSL_strcasecmp(name, "aes256") == 0) { + name = "aes-256-cbc"; + } + if (OPENSSL_strcasecmp(name, "aes128") == 0) { + name = "aes-128-cbc"; + } for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kCiphers); i++) { if (OPENSSL_strcasecmp(kCiphers[i].name, name) == 0) { diff --git a/tests/ci/integration/run_tcpdump_integration.sh b/tests/ci/integration/run_tcpdump_integration.sh index f3a9b265b2a..46ae5961fba 100755 --- a/tests/ci/integration/run_tcpdump_integration.sh +++ b/tests/ci/integration/run_tcpdump_integration.sh @@ -3,6 +3,7 @@ # Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. # SPDX-License-Identifier: Apache-2.0 OR ISC # +set -ex source tests/ci/common_posix_setup.sh @@ -20,6 +21,7 @@ source tests/ci/common_posix_setup.sh # - AWS_LC_INSTALL_FOLDER # Assumes script is executed from the root of aws-lc directory +SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" SCRATCH_FOLDER=${SYS_ROOT}/"TCPDUMP_SCRATCH" TCPDUMP_SRC_FOLDER="${SCRATCH_FOLDER}/tcpdump" TCPDUMP_INSTALL_FOLDER="${SCRATCH_FOLDER}/tcpdump-install" @@ -32,6 +34,7 @@ rm -rf "${SCRATCH_FOLDER:?}"/* pushd "${SCRATCH_FOLDER}" function tcpdump_build() { + git apply "${SCRIPT_DIR}/tcpdump_patch/aws-lc-tcpdump.patch" autoreconf -fi ./configure --prefix="${TCPDUMP_INSTALL_FOLDER}" --with-crypto="${AWS_LC_INSTALL_FOLDER}" make -j "${NUM_CPU_THREADS}" @@ -49,6 +52,7 @@ mkdir -p "${AWS_LC_BUILD_FOLDER}" "${AWS_LC_INSTALL_FOLDER}" "${TCPDUMP_INSTALL_ ls aws_lc_build "${SRC_ROOT}" "${AWS_LC_BUILD_FOLDER}" "${AWS_LC_INSTALL_FOLDER}" -DBUILD_TESTING=OFF -DBUILD_SHARED_LIBS=1 +export LD_LIBRARY_PATH="${LD_LIBRARY_PATH:-}:${AWS_LC_INSTALL_FOLDER}/lib/" pushd "${TCPDUMP_SRC_FOLDER}" tcpdump_build @@ -58,4 +62,3 @@ popd popd ldd "${TCPDUMP_INSTALL_FOLDER}/bin/tcpdump" | grep "${AWS_LC_INSTALL_FOLDER}/lib/libcrypto.so" || exit 1 -ldd "${TCPDUMP_INSTALL_FOLDER}/bin/tcpdump" | grep "${AWS_LC_INSTALL_FOLDER}/lib/libssl.so" || exit 1 diff --git a/tests/ci/integration/tcpdump_patch/aws-lc-tcpdump.patch b/tests/ci/integration/tcpdump_patch/aws-lc-tcpdump.patch new file mode 100644 index 00000000000..cb63f1c26ab --- /dev/null +++ b/tests/ci/integration/tcpdump_patch/aws-lc-tcpdump.patch @@ -0,0 +1,27 @@ +From b4cb0cb3e12575240a1cb6a081e9ec4376d64f42 Mon Sep 17 00:00:00 2001 +From: Justin W Smith <103147162+justsmth@users.noreply.github.com> +Date: Fri, 8 Dec 2023 09:42:38 -0500 +Subject: [PATCH] Configure check for AES_cbc_encrypt + +--- + configure.ac | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 4e0dc2de..b215daf3 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -868,8 +868,8 @@ if test "$want_libcrypto" != "no"; then + # + AC_CHECK_HEADER(openssl/crypto.h, + [ +- AC_CHECK_LIB(crypto, DES_cbc_encrypt) +- if test "$ac_cv_lib_crypto_DES_cbc_encrypt" = "yes"; then ++ AC_CHECK_LIB(crypto, AES_cbc_encrypt) ++ if test "$ac_cv_lib_crypto_AES_cbc_encrypt" = "yes"; then + AC_CHECK_HEADERS(openssl/evp.h) + # + # OK, then: +-- +2.39.2 (Apple Git-143) +