2 files changed, 87 insertions, 28 deletions
diff --git a/include/libbb.h b/include/libbb.h
index bc1453e12..4cacdacba 100644
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -281,6 +281,12 @@ PUSH_AND_SET_FUNCTION_VISIBILITY_TO_HIDDEN
 # endif
 #endif
+#if ENABLE_FEATURE_TLS_SCHANNEL
+# define SECURITY_WIN32
+# include <windows.h>
+# include <security.h>
+#endif
 /* Tested to work correctly with all int types (IIRC :]) */
 #define MAXINT(T) (T)( \
        ((T)-1) > 0 \
@@ -899,7 +905,36 @@ struct hostent *xgethostbyname(const char *name) FAST_FUNC;
 // Also mount.c and inetd.c are using gethostbyname(),
 // + inet_common.c has additional IPv4-only stuff
+#if defined CONFIG_FEATURE_TLS_SCHANNEL
+typedef struct tls_state {
+        int ofd;
+        int ifd;
+    // handles
+    CredHandle cred_handle;
+    CtxtHandle ctx_handle;
+    // buffers
+    char in_buffer[16384 + 256]; // input buffer (to read from server)
+    unsigned long in_buffer_size; // amount of data currently in input buffer
+    char *out_buffer; // output buffer (for decrypted data), this is essentially the same as input buffer as data is decrypted in place
+    unsigned long out_buffer_size; // amount of data currently in output buffer
+    unsigned long out_buffer_used; // amount of extra data currently in output buffer
+    // data
+    char *hostname;
+    SecPkgContext_StreamSizes stream_sizes;
+        // booleans
+        // context initialized
+    int initialized;
+        // closed by remote peer
+        int closed;
+} tls_state_t;
+#else
 struct tls_aes {
        uint32_t key[60];
        unsigned rounds;
@@ -956,12 +991,14 @@ typedef struct tls_state {
        struct tls_aes aes_decrypt;
        uint8_t H[16]; //used by AES_GCM
 } tls_state_t;
+#endif
 static inline tls_state_t *new_tls_state(void)
 {
        tls_state_t *tls = xzalloc(sizeof(*tls));
        return tls;
 }
 void tls_handshake(tls_state_t *tls, const char *sni) FAST_FUNC;
 #define TLSLOOP_EXIT_ON_LOCAL_EOF (1 << 0)
 void tls_run_copy_loop(tls_state_t *tls, unsigned flags) FAST_FUNC;
@@ -1071,13 +1108,13 @@ unsigned bb_clk_tck(void) FAST_FUNC;
 #if SEAMLESS_COMPRESSION
 /* Autodetects gzip/bzip2 formats. fd may be in the middle of the file! */
-int setup_unzip_on_fd(int fd, int fail_if_not_compressed) FAST_FUNC;
+int setup_unzip_on_fd(int fd, int die_if_not_compressed) FAST_FUNC;
 /* Autodetects .gz etc */
-extern int open_zipped(const char *fname, int fail_if_not_compressed) FAST_FUNC;
+extern int open_zipped(const char *fname, int die_if_not_compressed) FAST_FUNC;
 extern void *xmalloc_open_zipped_read_close(const char *fname, size_t *maxsz_p) FAST_FUNC RETURNS_MALLOC;
 #else
 # define setup_unzip_on_fd(...) (0)
-# define open_zipped(fname, fail_if_not_compressed)  open((fname), O_RDONLY);
+# define open_zipped(fname, die_if_not_compressed)  open((fname), O_RDONLY);
 # define xmalloc_open_zipped_read_close(fname, maxsz_p) xmalloc_open_read_close((fname), (maxsz_p))
 #endif
 /* lzma has no signature, need a little helper. NB: exist only for ENABLE_FEATURE_SEAMLESS_LZMA=y */
@@ -2041,6 +2078,10 @@ int64_t windows_read_key(int fd, char *buffer, int timeout) FAST_FUNC;
 int64_t safe_read_key(int fd, char *buffer, int timeout) FAST_FUNC;
 void read_key_ungets(char *buffer, const char *str, unsigned len) FAST_FUNC;
+int check_got_signal_and_poll(struct pollfd pfd[1], int timeout) FAST_FUNC;
+#if ENABLE_PLATFORM_MINGW32
+# define check_got_signal_and_poll(p, t) poll(p, 1, t)
+#endif
 #if ENABLE_FEATURE_EDITING
 /* It's NOT just ENABLEd or disabled. It's a number: */
@@ -2087,7 +2128,7 @@ typedef struct line_input_t {
 # if MAX_HISTORY
        int cnt_history;
        int cur_history;
-        int max_history; /* must never be <= 0 */
+        int max_history; /* must never be < 0 */
 #  if ENABLE_FEATURE_EDITING_SAVEHISTORY
        /* meaning of this field depends on FEATURE_EDITING_SAVE_ON_EXIT:
         * if !FEATURE_EDITING_SAVE_ON_EXIT: "how many lines are
@@ -2294,6 +2335,36 @@ char *decode_base64(char *dst, const char **pp_src) FAST_FUNC;
 char *decode_base32(char *dst, const char **pp_src) FAST_FUNC;
 void read_base64(FILE *src_stream, FILE *dst_stream, int flags) FAST_FUNC;
+#if defined CONFIG_FEATURE_USE_CNG_API
+struct bcrypt_hash_ctx_t {
+        void *handle;
+        void *hash_obj;
+        unsigned int output_size;
+};
+typedef struct bcrypt_hash_ctx_t md5_ctx_t;
+typedef struct bcrypt_hash_ctx_t sha1_ctx_t;
+typedef struct bcrypt_hash_ctx_t sha256_ctx_t;
+typedef struct bcrypt_hash_ctx_t sha512_ctx_t;
+typedef struct sha3_ctx_t {
+        uint64_t state[25];
+        unsigned bytes_queued;
+        unsigned input_block_bytes;
+} sha3_ctx_t;
+void md5_begin(struct bcrypt_hash_ctx_t *ctx) FAST_FUNC;
+void sha1_begin(struct bcrypt_hash_ctx_t *ctx) FAST_FUNC;
+void sha256_begin(struct bcrypt_hash_ctx_t *ctx) FAST_FUNC;
+void sha512_begin(struct bcrypt_hash_ctx_t *ctx) FAST_FUNC;
+void generic_hash(struct bcrypt_hash_ctx_t *ctx, const void *buffer, size_t len) FAST_FUNC;
+unsigned generic_end(struct bcrypt_hash_ctx_t *ctx, void *resbuf) FAST_FUNC;
+# define md5_hash generic_hash
+# define sha1_hash generic_hash
+# define sha256_hash generic_hash
+# define sha512_hash generic_hash
+# define md5_end generic_end
+# define sha1_end generic_end
+# define sha256_end generic_end
+# define sha512_end generic_end
+#else
 typedef struct md5_ctx_t {
        uint8_t wbuffer[64]; /* always correctly aligned for uint64_t */
        void (*process_block)(struct md5_ctx_t*) FAST_FUNC;
@@ -2324,13 +2395,20 @@ void sha256_begin(sha256_ctx_t *ctx) FAST_FUNC;
 void sha512_begin(sha512_ctx_t *ctx) FAST_FUNC;
 void sha512_hash(sha512_ctx_t *ctx, const void *buffer, size_t len) FAST_FUNC;
 unsigned sha512_end(sha512_ctx_t *ctx, void *resbuf) FAST_FUNC;
+#endif
 void sha3_begin(sha3_ctx_t *ctx) FAST_FUNC;
 void sha3_hash(sha3_ctx_t *ctx, const void *buffer, size_t len) FAST_FUNC;
 unsigned sha3_end(sha3_ctx_t *ctx, void *resbuf) FAST_FUNC;
 /* TLS benefits from knowing that sha1 and sha256 share these. Give them "agnostic" names too */
+#if defined CONFIG_FEATURE_USE_CNG_API
+typedef struct bcrypt_hash_ctx_t md5sha_ctx_t;
+#define md5sha_hash generic_hash
+#define sha_end generic_end
+#else
 typedef struct md5_ctx_t md5sha_ctx_t;
 #define md5sha_hash md5_hash
 #define sha_end sha1_end
+#endif
 enum {
        MD5_OUTSIZE    = 16,
        SHA1_OUTSIZE   = 20,
@@ -2473,31 +2551,10 @@ extern struct globals *BB_GLOBAL_CONST ptr_to_globals;
 #define barrier() asm volatile ("":::"memory")
 #if defined(__clang_major__) && __clang_major__ >= 9
-/* Clang/llvm drops assignment to "constant" storage. Silently.
+/* {ASSIGN,XZALLOC}_CONST_PTR() are out-of-line functions
- * Needs serious convincing to not eliminate the store.
+ * to prevent clang from reading pointer before it is assigned.
- */
-static ALWAYS_INLINE void* not_const_pp(const void *p)
-{
-        void *pp;
-        asm volatile (
-                "# forget that p points to const"
-                : /*outputs*/ "=r" (pp)
-                : /*inputs*/ "0" (p)
-        );
-        return pp;
-}
-# if !ENABLE_PLATFORM_MINGW32
-# define ASSIGN_CONST_PTR(pptr, v) do { \
-        *(void**)not_const_pp(pptr) = (void*)(v); \
-        barrier(); \
-} while (0)
-#else
-/* On Windows it seems necessary for this to be a function too. */
-void ASSIGN_CONST_PTR(const void *pptr, const void *ptr) FAST_FUNC;
-#endif
-/* XZALLOC_CONST_PTR() is an out-of-line function to prevent
- * clang from reading pointer before it is assigned.
 */
+void ASSIGN_CONST_PTR(const void *pptr, void *v) FAST_FUNC;
 void XZALLOC_CONST_PTR(const void *pptr, size_t size) FAST_FUNC;
 #else
 # define ASSIGN_CONST_PTR(pptr, v) do { \
diff --git a/include/mingw.h b/include/mingw.h
index 3ee1cc46f..276e40659 100644
--- a/include/mingw.h
+++ b/include/mingw.h
@@ -259,6 +259,7 @@ int ffs(int i);
 */
 #define TIOCGWINSZ 0x5413
+#define TIOCSWINSZ 0x5414
 int ioctl(int fd, int code, ...);
@@ -670,3 +671,4 @@ enum {
 int elevation_state(void);
 void set_interp(int i) FAST_FUNC;
 int mingw_shell_execute(SHELLEXECUTEINFO *info);
+void mingw_die_if_error(NTSTATUS status, const char *function_name);