From 83e73dadd90af52585df1bcce4e5b84da25fe19e Mon Sep 17 00:00:00 2001 From: beck <> Date: Fri, 11 Nov 2022 11:25:18 +0000 Subject: Add support for symbol hiding disabled by default. Fully explained in libcrypto/README. TL;DR make sure libcrypto and libssl's function calls internally and to each other are via symbol names that won't get overridden by linking other libraries. Mostly work by guenther@, which will currently be gated behind a build setting NAMESPACE=yes. once we convert all the symbols to this method we will do a major bump and pick up the changes. ok tb@ jsing@ --- src/lib/libssl/hidden/openssl/ssl.h | 31 +++++++++++++++++++++++++++++ src/lib/libssl/hidden/ssl_namespace.h | 37 +++++++++++++++++++++++++++++++++++ 2 files changed, 68 insertions(+) create mode 100644 src/lib/libssl/hidden/openssl/ssl.h create mode 100644 src/lib/libssl/hidden/ssl_namespace.h (limited to 'src/lib/libssl/hidden') diff --git a/src/lib/libssl/hidden/openssl/ssl.h b/src/lib/libssl/hidden/openssl/ssl.h new file mode 100644 index 0000000000..540c6e7652 --- /dev/null +++ b/src/lib/libssl/hidden/openssl/ssl.h @@ -0,0 +1,31 @@ +/* $OpenBSD: ssl.h,v 1.1 2022/11/11 11:25:18 beck Exp $ */ +/* + * Copyright (c) 2022 Philip Guenther + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef _LIBSSL_SSL_H_ +#define _LIBSSL_SSL_H_ + +#include_next +#include "ssl_namespace.h" + +LSSL_USED(BIO_f_ssl); +LSSL_USED(BIO_new_ssl); +LSSL_USED(BIO_new_ssl_connect); +LSSL_UNUSED(BIO_new_buffer_ssl_connect); +LSSL_UNUSED(BIO_ssl_copy_session_id); +LSSL_UNUSED(BIO_ssl_shutdown); + +#endif /* _LIBSSL_SSL_H_ */ diff --git a/src/lib/libssl/hidden/ssl_namespace.h b/src/lib/libssl/hidden/ssl_namespace.h new file mode 100644 index 0000000000..803f3e66be --- /dev/null +++ b/src/lib/libssl/hidden/ssl_namespace.h @@ -0,0 +1,37 @@ +/* $OpenBSD: ssl_namespace.h,v 1.1 2022/11/11 11:25:18 beck Exp $ */ +/* + * Copyright (c) 2016 Philip Guenther + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef _LIBSSL_SSL_NAMESPACE_H_ +#define _LIBSSL_SSL_NAMESPACE_H_ + +/* + * If marked as 'used', then internal calls use the name with prefix "_lssl_" + * and we alias that to the normal name. + */ + +#ifdef LIBRESSL_NAMESPACE +#define LSSL_UNUSED(x) typeof(x) x __attribute__((deprecated)) +#define LSSL_USED(x) __attribute__((visibility("hidden"))) \ + typeof(x) x asm("_lssl_"#x) +#define LSSL_ALIAS(x) asm(".global "#x"; "#x" = _lssl_"#x); +#else +#define LSSL_UNUSED(x) +#define LSSL_USED(x) +#define LSSL_ALIAS(x) +#endif + +#endif /* _LIBSSL_SSL_NAMESPACE_H_ */ -- cgit v1.2.3-55-g6feb