diff options
author | Alexander M Pickering <alex@cogarr.net> | 2024-11-07 14:35:57 -0600 |
---|---|---|
committer | Alexander M Pickering <alex@cogarr.net> | 2024-11-07 14:35:57 -0600 |
commit | fda0531cd8a75f9983b709ac828a491c61747f7e (patch) | |
tree | 49cecab363b2c0af8eb6487d21234ea07b2dfdfa | |
parent | 7a30abb846cd2ca6e9043c8f6b0ef8b9bd85fc1b (diff) | |
download | busybox-w32-packaging-fda0531cd8a75f9983b709ac828a491c61747f7e.tar.gz busybox-w32-packaging-fda0531cd8a75f9983b709ac828a491c61747f7e.tar.bz2 busybox-w32-packaging-fda0531cd8a75f9983b709ac828a491c61747f7e.zip |
more work
-rwxr-xr-x | init | 9 | ||||
-rw-r--r-- | meta.lua | 4 | ||||
-rw-r--r-- | test.patch | 136 |
3 files changed, 149 insertions, 0 deletions
@@ -4,8 +4,17 @@ rc-service networking start | |||
4 | apk update | 4 | apk update |
5 | apk add build-base xz mingw-w64-gcc | 5 | apk add build-base xz mingw-w64-gcc |
6 | 6 | ||
7 | tar -xvzf include.tar.gz | ||
8 | mv include/openssl /usr/x86_64-w64-mignw32/include | ||
9 | mv include/tls.h /usr/x86_64-w64-mignw32/include | ||
10 | mv libtls.a /usr/x86_64-w64-mingw32/lib | ||
11 | mv libssl.a /usr/x86_64-w64-mingw32/lib | ||
12 | mv libcrypto.a /usr/x86_64-w64-mingw32/lib | ||
13 | |||
7 | cd busybox-w32 | 14 | cd busybox-w32 |
8 | cp /root/busybox-w32-packaging/config .config | 15 | cp /root/busybox-w32-packaging/config .config |
16 | git apply /root/busybox-w32-packaging/test.patch | ||
9 | sed -i "s/CONFIG_EXTRA_CFLAGS=\"\"/CONFIG_EXTRA_CFLAGS=\"$CFLAGS\"/g" .config | 17 | sed -i "s/CONFIG_EXTRA_CFLAGS=\"\"/CONFIG_EXTRA_CFLAGS=\"$CFLAGS\"/g" .config |
18 | sed -i "s/CONFIG_EXTRA_LDLIBS=\"\"/CONFIG_EXTRA_LDLIBS=\"-ltls -lssl -lcrypto\"/g" .config | ||
10 | make | 19 | make |
11 | cp busybox.exe .. | 20 | cp busybox.exe .. |
@@ -21,6 +21,10 @@ for opti_k, opti_v, rel_k, rel_v, _, comp_v in cartesian(optimizations, debug, c | |||
21 | image="image-" .. comp_v, | 21 | image="image-" .. comp_v, |
22 | requires = { | 22 | requires = { |
23 | {"git","busybox-w32"}, | 23 | {"git","busybox-w32"}, |
24 | {"cicd","libressl-" .. opti_k .. "-" .. rel_k .. "-" .. comp_v .. ":include.tar.gz"}, | ||
25 | {"cicd","libressl-" .. opti_k .. "-" .. rel_k .. "-" .. comp_v .. ":libtls.a"}, | ||
26 | {"cicd","libressl-" .. opti_k .. "-" .. rel_k .. "-" .. comp_v .. ":libssl.a"}, | ||
27 | {"cicd","libressl-" .. opti_k .. "-" .. rel_k .. "-" .. comp_v .. ":libcrypto.a"}, | ||
24 | }, | 28 | }, |
25 | produces = { | 29 | produces = { |
26 | ["busybox.exe"] = true | 30 | ["busybox.exe"] = true |
diff --git a/test.patch b/test.patch new file mode 100644 index 0000000..0f89645 --- /dev/null +++ b/test.patch | |||
@@ -0,0 +1,136 @@ | |||
1 | diff --git a/include/libbb.h b/include/libbb.h | ||
2 | index bc1453e12..69f76cbb3 100644 | ||
3 | --- a/include/libbb.h | ||
4 | +++ b/include/libbb.h | ||
5 | @@ -962,7 +962,7 @@ static inline tls_state_t *new_tls_state(void) | ||
6 | tls_state_t *tls = xzalloc(sizeof(*tls)); | ||
7 | return tls; | ||
8 | } | ||
9 | -void tls_handshake(tls_state_t *tls, const char *sni) FAST_FUNC; | ||
10 | +//void tls_handshake(tls_state_t *tls, const char *sni) FAST_FUNC; | ||
11 | #define TLSLOOP_EXIT_ON_LOCAL_EOF (1 << 0) | ||
12 | void tls_run_copy_loop(tls_state_t *tls, unsigned flags) FAST_FUNC; | ||
13 | |||
14 | diff --git a/networking/tls.c b/networking/tls.c | ||
15 | index 9f1dd67ec..7e8da6df2 100644 | ||
16 | --- a/networking/tls.c | ||
17 | +++ b/networking/tls.c | ||
18 | @@ -2221,6 +2221,7 @@ static void send_client_finished(tls_state_t *tls) | ||
19 | xwrite_encrypted(tls, sizeof(*record), RECORD_TYPE_HANDSHAKE); | ||
20 | } | ||
21 | |||
22 | +/* | ||
23 | void FAST_FUNC tls_handshake(tls_state_t *tls, const char *sni) | ||
24 | { | ||
25 | // Client RFC 5246 Server | ||
26 | @@ -2291,8 +2292,8 @@ void FAST_FUNC tls_handshake(tls_state_t *tls, const char *sni) | ||
27 | // defined in Section 7.4.2." | ||
28 | // (i.e. the same format as server certs) | ||
29 | |||
30 | - /*send_empty_client_cert(tls); - WRONG (breaks handshake hash calc) */ | ||
31 | - /* need to hash _all_ server replies first, up to ServerHelloDone */ | ||
32 | + //send_empty_client_cert(tls); - WRONG (breaks handshake hash calc) | ||
33 | + //need to hash _all_ server replies first, up to ServerHelloDone | ||
34 | len = tls_xread_handshake_block(tls, 4); | ||
35 | } | ||
36 | |||
37 | @@ -2308,13 +2309,13 @@ void FAST_FUNC tls_handshake(tls_state_t *tls, const char *sni) | ||
38 | send_client_key_exchange(tls); | ||
39 | |||
40 | send_change_cipher_spec(tls); | ||
41 | - /* from now on we should send encrypted */ | ||
42 | - /* tls->write_seq64_be = 0; - already is */ | ||
43 | + // from now on we should send encrypted | ||
44 | + // tls->write_seq64_be = 0; - already is | ||
45 | tls->flags |= ENCRYPT_ON_WRITE; | ||
46 | |||
47 | send_client_finished(tls); | ||
48 | |||
49 | - /* Get CHANGE_CIPHER_SPEC */ | ||
50 | + // Get CHANGE_CIPHER_SPEC | ||
51 | len = tls_xread_record(tls, "switch to encrypted traffic"); | ||
52 | if (len != 1 || memcmp(tls->inbuf, rec_CHANGE_CIPHER_SPEC, 6) != 0) | ||
53 | bad_record_die(tls, "switch to encrypted traffic", len); | ||
54 | @@ -2327,29 +2328,29 @@ void FAST_FUNC tls_handshake(tls_state_t *tls, const char *sni) | ||
55 | } else | ||
56 | if (!(tls->flags & ENCRYPTION_AESGCM)) { | ||
57 | unsigned mac_blocks = (unsigned)(TLS_MAC_SIZE(tls) + AES_BLOCK_SIZE-1) / AES_BLOCK_SIZE; | ||
58 | - /* all incoming packets now should be encrypted and have | ||
59 | - * at least IV + (MAC padded to blocksize): | ||
60 | - */ | ||
61 | + // all incoming packets now should be encrypted and have | ||
62 | + // at least IV + (MAC padded to blocksize): | ||
63 | tls->min_encrypted_len_on_read = AES_BLOCK_SIZE + (mac_blocks * AES_BLOCK_SIZE); | ||
64 | } else { | ||
65 | tls->min_encrypted_len_on_read = 8 + AES_BLOCK_SIZE; | ||
66 | } | ||
67 | dbg("min_encrypted_len_on_read: %u\n", tls->min_encrypted_len_on_read); | ||
68 | |||
69 | - /* Get (encrypted) FINISHED from the server */ | ||
70 | + // Get (encrypted) FINISHED from the server | ||
71 | len = tls_xread_record(tls, "'server finished'"); | ||
72 | if (len < 4 || tls->inbuf[RECHDR_LEN] != HANDSHAKE_FINISHED) | ||
73 | bad_record_die(tls, "'server finished'", len); | ||
74 | dbg("<< FINISHED\n"); | ||
75 | - /* application data can be sent/received */ | ||
76 | + // application data can be sent/received | ||
77 | |||
78 | - /* free handshake data */ | ||
79 | + // free handshake data | ||
80 | psRsaKey_clear(&tls->hsd->server_rsa_pub_key); | ||
81 | // if (PARANOIA) | ||
82 | // memset(tls->hsd, 0, tls->hsd->hsd_size); | ||
83 | free(tls->hsd); | ||
84 | tls->hsd = NULL; | ||
85 | } | ||
86 | +*/ | ||
87 | |||
88 | static void tls_xwrite(tls_state_t *tls, int len) | ||
89 | { | ||
90 | diff --git a/networking/wget.c b/networking/wget.c | ||
91 | index 6a64836fb..b92f22d3e 100644 | ||
92 | --- a/networking/wget.c | ||
93 | +++ b/networking/wget.c | ||
94 | @@ -689,6 +689,7 @@ static void reset_beg_range_to_zero(void) | ||
95 | } | ||
96 | |||
97 | #if ENABLE_FEATURE_WGET_OPENSSL | ||
98 | +# if !ENABLE_PLATFORM_MINGW32 | ||
99 | static int spawn_https_helper_openssl(const char *host, unsigned port) | ||
100 | { | ||
101 | char *allocated = NULL; | ||
102 | @@ -777,6 +778,34 @@ static int spawn_https_helper_openssl(const char *host, unsigned port) | ||
103 | # endif | ||
104 | return sp[0]; | ||
105 | } | ||
106 | +# else | ||
107 | +#include <tls.h> | ||
108 | +static int spawn_https_helper_openssl(const char *host, unsigned port) | ||
109 | +{ | ||
110 | + char* allocated = NULL; | ||
111 | + int fd1; | ||
112 | + char *servername, *p, *cmd; | ||
113 | + int sp[2]; | ||
114 | + if(!strchr(host,":")) | ||
115 | + host = allocated = xasprintf("%s:%u",host,port); | ||
116 | + servername = xstrdup(host); | ||
117 | + fflush_all(); | ||
118 | + | ||
119 | + struct tls *ctx = tls_client(); | ||
120 | + if(tls == NULL) | ||
121 | + bb_error_msg_and_die("Out of memory"); | ||
122 | + struct tls_config *config = tls_config_new(); | ||
123 | + if(config == NULL) | ||
124 | + bb_error_msg_and_die("Out of memory"); | ||
125 | + if(tls_configure(ctx,config) != 0) | ||
126 | + bb_error_msg_and_die("Failed to configure client"); | ||
127 | + tls_connect_fds(ctx,sp[0],sp[1],servername); | ||
128 | + close(sp[1]); | ||
129 | + free(allocated); | ||
130 | + free(servername); | ||
131 | + return sp[0]; | ||
132 | +} | ||
133 | +# endif | ||
134 | #endif | ||
135 | |||
136 | #if ENABLE_FEATURE_WGET_HTTPS | ||