mirror of
https://github.com/Ysurac/openmptcprouter-feeds.git
synced 2025-02-12 10:31:51 +00:00
Fix Shadowsocks-libev compilation with mbedtls3
This commit is contained in:
Ycarus (Yannick Chabanois)
parent
f270889d32
commit
5eef469120
1 changed files with 196 additions and 0 deletions
196
shadowsocks-libev/patches/900-fix-build-with-mbedtls3.patch
Normal file
196
shadowsocks-libev/patches/900-fix-build-with-mbedtls3.patch
Normal file
|
|
@ -0,0 +1,196 @@
|
|||
From 228f8226c41a8fbd5ce48c2e201de41d59fec674 Mon Sep 17 00:00:00 2001
|
||||
From: Lu jicong <jiconglu58@gmail.com>
|
||||
Date: Wed, 10 Jul 2024 21:29:07 +0800
|
||||
Subject: [PATCH] Fix build with mbedtls3.6
|
||||
|
||||
---
|
||||
m4/mbedtls.m4 | 20 ++++++++++++++++++++
|
||||
src/aead.c | 27 +++++++++++++++++++++++++++
|
||||
src/crypto.c | 2 +-
|
||||
src/stream.c | 25 +++++++++++++++++++++++++
|
||||
4 files changed, 73 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/m4/mbedtls.m4 b/m4/mbedtls.m4
|
||||
index 2c478b960..a795790ca 100644
|
||||
--- a/m4/mbedtls.m4
|
||||
+++ b/m4/mbedtls.m4
|
||||
@@ -31,7 +31,12 @@ AC_DEFUN([ss_MBEDTLS],
|
||||
AC_COMPILE_IFELSE(
|
||||
[AC_LANG_PROGRAM(
|
||||
[[
|
||||
+#include <mbedtls/version.h>
|
||||
+#if MBEDTLS_VERSION_NUMBER >= 0x03000000
|
||||
+#include <mbedtls/mbedtls_config.h>
|
||||
+#else
|
||||
#include <mbedtls/config.h>
|
||||
+#endif
|
||||
]],
|
||||
[[
|
||||
#ifndef MBEDTLS_CIPHER_MODE_CFB
|
||||
@@ -48,7 +53,12 @@ AC_DEFUN([ss_MBEDTLS],
|
||||
AC_COMPILE_IFELSE(
|
||||
[AC_LANG_PROGRAM(
|
||||
[[
|
||||
+#include <mbedtls/version.h>
|
||||
+#if MBEDTLS_VERSION_NUMBER >= 0x03000000
|
||||
+#include <mbedtls/mbedtls_config.h>
|
||||
+#else
|
||||
#include <mbedtls/config.h>
|
||||
+#endif
|
||||
]],
|
||||
[[
|
||||
#ifndef MBEDTLS_ARC4_C
|
||||
@@ -64,7 +74,12 @@ AC_DEFUN([ss_MBEDTLS],
|
||||
AC_COMPILE_IFELSE(
|
||||
[AC_LANG_PROGRAM(
|
||||
[[
|
||||
+#include <mbedtls/version.h>
|
||||
+#if MBEDTLS_VERSION_NUMBER >= 0x03000000
|
||||
+#include <mbedtls/mbedtls_config.h>
|
||||
+#else
|
||||
#include <mbedtls/config.h>
|
||||
+#endif
|
||||
]],
|
||||
[[
|
||||
#ifndef MBEDTLS_BLOWFISH_C
|
||||
@@ -80,7 +95,12 @@ AC_DEFUN([ss_MBEDTLS],
|
||||
AC_COMPILE_IFELSE(
|
||||
[AC_LANG_PROGRAM(
|
||||
[[
|
||||
+#include <mbedtls/version.h>
|
||||
+#if MBEDTLS_VERSION_NUMBER >= 0x03000000
|
||||
+#include <mbedtls/mbedtls_config.h>
|
||||
+#else
|
||||
#include <mbedtls/config.h>
|
||||
+#endif
|
||||
]],
|
||||
[[
|
||||
#ifndef MBEDTLS_CAMELLIA_C
|
||||
diff --git a/src/aead.c b/src/aead.c
|
||||
index 358ec9381..3388a5465 100644
|
||||
--- a/src/aead.c
|
||||
+++ b/src/aead.c
|
||||
@@ -178,9 +178,14 @@ aead_cipher_encrypt(cipher_ctx_t *cipher_ctx,
|
||||
case AES192GCM:
|
||||
case AES128GCM:
|
||||
|
||||
+#if MBEDTLS_VERSION_NUMBER < 0x03000000
|
||||
err = mbedtls_cipher_auth_encrypt(cipher_ctx->evp, n, nlen, ad, adlen,
|
||||
m, mlen, c, clen, c + mlen, tlen);
|
||||
*clen += tlen;
|
||||
+#else
|
||||
+ err = mbedtls_cipher_auth_encrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen,
|
||||
+ m, mlen, c, mlen + tlen, clen, tlen);
|
||||
+#endif
|
||||
break;
|
||||
case CHACHA20POLY1305IETF:
|
||||
err = crypto_aead_chacha20poly1305_ietf_encrypt(c, &long_clen, m, mlen,
|
||||
@@ -226,8 +231,13 @@ aead_cipher_decrypt(cipher_ctx_t *cipher_ctx,
|
||||
// Otherwise, just use the mbedTLS one with crappy AES-NI.
|
||||
case AES192GCM:
|
||||
case AES128GCM:
|
||||
+#if MBEDTLS_VERSION_NUMBER < 0x03000000
|
||||
err = mbedtls_cipher_auth_decrypt(cipher_ctx->evp, n, nlen, ad, adlen,
|
||||
m, mlen - tlen, p, plen, m + mlen - tlen, tlen);
|
||||
+#else
|
||||
+ err = mbedtls_cipher_auth_decrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen,
|
||||
+ m, mlen, p, mlen - tlen, plen, tlen);
|
||||
+#endif
|
||||
break;
|
||||
case CHACHA20POLY1305IETF:
|
||||
err = crypto_aead_chacha20poly1305_ietf_decrypt(p, &long_plen, NULL, m, mlen,
|
||||
@@ -724,9 +734,26 @@ aead_key_init(int method, const char *pass, const char *key)
|
||||
if (method >= CHACHA20POLY1305IETF) {
|
||||
cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t));
|
||||
cipher->info = cipher_info;
|
||||
+#if MBEDTLS_VERSION_NUMBER < 0x03000000
|
||||
cipher->info->base = NULL;
|
||||
cipher->info->key_bitlen = supported_aead_ciphers_key_size[method] * 8;
|
||||
cipher->info->iv_size = supported_aead_ciphers_nonce_size[method];
|
||||
+#else
|
||||
+ cipher->info->private_base_idx = 0;
|
||||
+
|
||||
+#ifdef MBEDTLS_KEY_BITLEN_SHIFT
|
||||
+ cipher->info->private_key_bitlen = supported_aead_ciphers_key_size[method] * 8 >> MBEDTLS_KEY_BITLEN_SHIFT;
|
||||
+#else
|
||||
+ cipher->info->private_key_bitlen = supported_aead_ciphers_key_size[method] * 8;
|
||||
+#endif
|
||||
+
|
||||
+#ifdef MBEDTLS_IV_SIZE_SHIFT
|
||||
+ cipher->info->private_iv_size = supported_aead_ciphers_nonce_size[method] >> MBEDTLS_IV_SIZE_SHIFT;
|
||||
+#else
|
||||
+ cipher->info->private_iv_size = supported_aead_ciphers_nonce_size[method];
|
||||
+#endif
|
||||
+
|
||||
+#endif
|
||||
} else {
|
||||
cipher->info = (cipher_kt_t *)aead_get_cipher_type(method);
|
||||
}
|
||||
diff --git a/src/crypto.c b/src/crypto.c
|
||||
index b44d8674c..76c426b53 100644
|
||||
--- a/src/crypto.c
|
||||
+++ b/src/crypto.c
|
||||
@@ -103,7 +103,7 @@ crypto_md5(const unsigned char *d, size_t n, unsigned char *md)
|
||||
if (md == NULL) {
|
||||
md = m;
|
||||
}
|
||||
-#if MBEDTLS_VERSION_NUMBER >= 0x02070000
|
||||
+#if MBEDTLS_VERSION_NUMBER < 0x03000000 && MBEDTLS_VERSION_NUMBER >= 0x02070000
|
||||
if (mbedtls_md5_ret(d, n, md) != 0)
|
||||
FATAL("Failed to calculate MD5");
|
||||
#else
|
||||
diff --git a/src/stream.c b/src/stream.c
|
||||
index 35d9050b3..4bb95981b 100644
|
||||
--- a/src/stream.c
|
||||
+++ b/src/stream.c
|
||||
@@ -174,7 +174,11 @@ cipher_nonce_size(const cipher_t *cipher)
|
||||
if (cipher == NULL) {
|
||||
return 0;
|
||||
}
|
||||
+#if MBEDTLS_VERSION_NUMBER < 0x03000000
|
||||
return cipher->info->iv_size;
|
||||
+#else
|
||||
+ return (int)mbedtls_cipher_info_get_iv_size(cipher->info);
|
||||
+#endif
|
||||
}
|
||||
|
||||
int
|
||||
@@ -192,7 +196,11 @@ cipher_key_size(const cipher_t *cipher)
|
||||
return 0;
|
||||
}
|
||||
/* From Version 1.2.7 released 2013-04-13 Default Blowfish keysize is now 128-bits */
|
||||
+#if MBEDTLS_VERSION_NUMBER < 0x03000000
|
||||
return cipher->info->key_bitlen / 8;
|
||||
+#else
|
||||
+ return (int)mbedtls_cipher_info_get_key_bitlen(cipher->info) / 8;
|
||||
+#endif
|
||||
}
|
||||
|
||||
const cipher_kt_t *
|
||||
@@ -645,9 +653,26 @@ stream_key_init(int method, const char *pass, const char *key)
|
||||
if (method == SALSA20 || method == CHACHA20 || method == CHACHA20IETF) {
|
||||
cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t));
|
||||
cipher->info = cipher_info;
|
||||
+#if MBEDTLS_VERSION_NUMBER < 0x03000000
|
||||
cipher->info->base = NULL;
|
||||
cipher->info->key_bitlen = supported_stream_ciphers_key_size[method] * 8;
|
||||
cipher->info->iv_size = supported_stream_ciphers_nonce_size[method];
|
||||
+#else
|
||||
+ cipher->info->private_base_idx = 0;
|
||||
+
|
||||
+#ifdef MBEDTLS_KEY_BITLEN_SHIFT
|
||||
+ cipher->info->private_key_bitlen = supported_stream_ciphers_key_size[method] * 8 >> MBEDTLS_KEY_BITLEN_SHIFT;
|
||||
+#else
|
||||
+ cipher->info->private_key_bitlen = supported_stream_ciphers_key_size[method] * 8;
|
||||
+#endif
|
||||
+
|
||||
+#ifdef MBEDTLS_IV_SIZE_SHIFT
|
||||
+ cipher->info->private_iv_size = supported_stream_ciphers_nonce_size[method] >> MBEDTLS_IV_SIZE_SHIFT;
|
||||
+#else
|
||||
+ cipher->info->private_iv_size = supported_stream_ciphers_nonce_size[method];
|
||||
+#endif
|
||||
+
|
||||
+#endif
|
||||
} else {
|
||||
cipher->info = (cipher_kt_t *)stream_get_cipher_type(method);
|
||||
}
|
||||
Loading…
Reference in a new issue