[PATCH 2/3] bcrypt: bump gnutls version to 3.5.0
Emil Velikov
emil.l.velikov at gmail.com
Sun Oct 10 15:05:12 CDT 2021
GnuTLS 3.5.0 was released over 5 years ago and all supported
distributions have it. For example:
Debian 10 (Buster) oldstable - 3.6.7
Ubuntu 18.04 (Bionic) - 3.5.18
If it wasn't for Bionic, we could have used 3.6 and removed the final
optional function - gnutls_decode_rs_value()
Signed-off-by: Emil Velikov <emil.l.velikov at gmail.com>
---
dlls/bcrypt/gnutls.c | 189 ++++++++-----------------------------------
1 file changed, 34 insertions(+), 155 deletions(-)
diff --git a/dlls/bcrypt/gnutls.c b/dlls/bcrypt/gnutls.c
index a015d85f85d..d7242eee7da 100644
--- a/dlls/bcrypt/gnutls.c
+++ b/dlls/bcrypt/gnutls.c
@@ -50,24 +50,6 @@
WINE_DEFAULT_DEBUG_CHANNEL(bcrypt);
WINE_DECLARE_DEBUG_CHANNEL(winediag);
-#if GNUTLS_VERSION_MAJOR < 3
-#define GNUTLS_CIPHER_AES_192_CBC 92
-#define GNUTLS_CIPHER_AES_128_GCM 93
-#define GNUTLS_CIPHER_AES_256_GCM 94
-#define GNUTLS_PK_ECC 4
-
-#define GNUTLS_CURVE_TO_BITS(curve) (unsigned int)(((unsigned int)1<<31)|((unsigned int)(curve)))
-
-typedef enum
-{
- GNUTLS_ECC_CURVE_INVALID,
- GNUTLS_ECC_CURVE_SECP224R1,
- GNUTLS_ECC_CURVE_SECP256R1,
- GNUTLS_ECC_CURVE_SECP384R1,
- GNUTLS_ECC_CURVE_SECP521R1,
-} gnutls_ecc_curve_t;
-#endif
-
union key_data
{
gnutls_cipher_hd_t cipher;
@@ -80,150 +62,47 @@ static union key_data *key_data( struct key *key )
return (union key_data *)key->private;
}
-/* Not present in gnutls version < 3.0 */
-static int (*pgnutls_cipher_tag)(gnutls_cipher_hd_t, void *, size_t);
-static int (*pgnutls_cipher_add_auth)(gnutls_cipher_hd_t, const void *, size_t);
-static gnutls_sign_algorithm_t (*pgnutls_pk_to_sign)(gnutls_pk_algorithm_t, gnutls_digest_algorithm_t);
-static int (*pgnutls_pubkey_import_ecc_raw)(gnutls_pubkey_t, gnutls_ecc_curve_t,
- const gnutls_datum_t *, const gnutls_datum_t *);
-static int (*pgnutls_privkey_import_ecc_raw)(gnutls_privkey_t, gnutls_ecc_curve_t, const gnutls_datum_t *,
- const gnutls_datum_t *, const gnutls_datum_t *);
-static int (*pgnutls_pubkey_verify_hash2)(gnutls_pubkey_t, gnutls_sign_algorithm_t, unsigned int,
- const gnutls_datum_t *, const gnutls_datum_t *);
-
-/* Not present in gnutls version < 2.11.0 */
-static int (*pgnutls_pubkey_import_rsa_raw)(gnutls_pubkey_t, const gnutls_datum_t *, const gnutls_datum_t *);
-
-/* Not present in gnutls version < 2.12.0 */
-static int (*pgnutls_pubkey_import_dsa_raw)(gnutls_pubkey_t, const gnutls_datum_t *, const gnutls_datum_t *,
- const gnutls_datum_t *, const gnutls_datum_t *);
-
-/* Not present in gnutls version < 3.3.0 */
-static int (*pgnutls_privkey_export_ecc_raw)(gnutls_privkey_t, gnutls_ecc_curve_t *,
- gnutls_datum_t *, gnutls_datum_t *, gnutls_datum_t *);
-static int (*pgnutls_privkey_export_rsa_raw)(gnutls_privkey_t, gnutls_datum_t *, gnutls_datum_t *, gnutls_datum_t *,
- gnutls_datum_t *, gnutls_datum_t *, gnutls_datum_t *, gnutls_datum_t *,
- gnutls_datum_t *);
-static int (*pgnutls_privkey_export_dsa_raw)(gnutls_privkey_t, gnutls_datum_t *, gnutls_datum_t *, gnutls_datum_t *,
- gnutls_datum_t *, gnutls_datum_t *);
-static int (*pgnutls_privkey_generate)(gnutls_privkey_t, gnutls_pk_algorithm_t, unsigned int, unsigned int);
-static int (*pgnutls_privkey_import_rsa_raw)(gnutls_privkey_t, const gnutls_datum_t *, const gnutls_datum_t *,
- const gnutls_datum_t *, const gnutls_datum_t *, const gnutls_datum_t *,
- const gnutls_datum_t *, const gnutls_datum_t *, const gnutls_datum_t *);
-static int (*pgnutls_privkey_decrypt_data)(gnutls_privkey_t, unsigned int flags, const gnutls_datum_t *, gnutls_datum_t *);
-
/* Not present in gnutls version < 3.6.0 */
static int (*pgnutls_decode_rs_value)(const gnutls_datum_t *, gnutls_datum_t *, gnutls_datum_t *);
static void *libgnutls_handle;
#define MAKE_FUNCPTR(f) static typeof(f) * p##f
+MAKE_FUNCPTR(gnutls_cipher_add_auth); /* since 3.0.0 */
MAKE_FUNCPTR(gnutls_cipher_decrypt2);
MAKE_FUNCPTR(gnutls_cipher_deinit);
MAKE_FUNCPTR(gnutls_cipher_encrypt2);
MAKE_FUNCPTR(gnutls_cipher_init);
+MAKE_FUNCPTR(gnutls_cipher_tag); /* since 3.0.0 */
MAKE_FUNCPTR(gnutls_global_deinit);
MAKE_FUNCPTR(gnutls_global_init);
MAKE_FUNCPTR(gnutls_global_set_log_function);
MAKE_FUNCPTR(gnutls_global_set_log_level);
MAKE_FUNCPTR(gnutls_perror);
-MAKE_FUNCPTR(gnutls_privkey_decrypt_data);
+MAKE_FUNCPTR(gnutls_pk_to_sign); /* since 3.0.0 */
+MAKE_FUNCPTR(gnutls_privkey_decrypt_data); /* since 3.3.0 */
MAKE_FUNCPTR(gnutls_privkey_deinit);
+MAKE_FUNCPTR(gnutls_privkey_export_ecc_raw); /* since 3.3.0 */
+MAKE_FUNCPTR(gnutls_privkey_export_dsa_raw); /* since 3.3.0 */
+MAKE_FUNCPTR(gnutls_privkey_export_rsa_raw); /* since 3.3.0 */
+MAKE_FUNCPTR(gnutls_privkey_import_ecc_raw); /* since 3.0.0 */
+MAKE_FUNCPTR(gnutls_privkey_generate); /* since 3.3.0 */
MAKE_FUNCPTR(gnutls_privkey_import_dsa_raw);
+MAKE_FUNCPTR(gnutls_privkey_import_rsa_raw); /* since 3.3.0 */
MAKE_FUNCPTR(gnutls_privkey_init);
MAKE_FUNCPTR(gnutls_privkey_sign_hash);
MAKE_FUNCPTR(gnutls_pubkey_deinit);
+MAKE_FUNCPTR(gnutls_pubkey_import_ecc_raw); /* since 3.0.0 */
+MAKE_FUNCPTR(gnutls_pubkey_import_dsa_raw); /* since 2.12.0 */
+MAKE_FUNCPTR(gnutls_pubkey_import_rsa_raw); /* since 2.11.0 */
MAKE_FUNCPTR(gnutls_pubkey_init);
+MAKE_FUNCPTR(gnutls_pubkey_verify_hash2); /* since 3.0.0 */
#undef MAKE_FUNCPTR
-static int compat_gnutls_cipher_tag(gnutls_cipher_hd_t handle, void *tag, size_t tag_size)
-{
- return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
-}
-
-static int compat_gnutls_cipher_add_auth(gnutls_cipher_hd_t handle, const void *ptext, size_t ptext_size)
-{
- return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
-}
-
-static int compat_gnutls_pubkey_import_ecc_raw(gnutls_pubkey_t key, gnutls_ecc_curve_t curve,
- const gnutls_datum_t *x, const gnutls_datum_t *y)
-{
- return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
-}
-
-static int compat_gnutls_privkey_export_rsa_raw(gnutls_privkey_t key, gnutls_datum_t *m, gnutls_datum_t *e,
- gnutls_datum_t *d, gnutls_datum_t *p, gnutls_datum_t *q,
- gnutls_datum_t *u, gnutls_datum_t *e1, gnutls_datum_t *e2)
-{
- return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
-}
-
-static int compat_gnutls_privkey_export_ecc_raw(gnutls_privkey_t key, gnutls_ecc_curve_t *curve,
- gnutls_datum_t *x, gnutls_datum_t *y, gnutls_datum_t *k)
-{
- return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
-}
-
-static int compat_gnutls_privkey_import_ecc_raw(gnutls_privkey_t key, gnutls_ecc_curve_t curve,
- const gnutls_datum_t *x, const gnutls_datum_t *y,
- const gnutls_datum_t *k)
-{
- return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
-}
-
-static int compat_gnutls_privkey_export_dsa_raw(gnutls_privkey_t key, gnutls_datum_t *p, gnutls_datum_t *q,
- gnutls_datum_t *g, gnutls_datum_t *y, gnutls_datum_t *x)
-{
- return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
-}
-
-static gnutls_sign_algorithm_t compat_gnutls_pk_to_sign(gnutls_pk_algorithm_t pk, gnutls_digest_algorithm_t hash)
-{
- return GNUTLS_SIGN_UNKNOWN;
-}
-
-static int compat_gnutls_pubkey_verify_hash2(gnutls_pubkey_t key, gnutls_sign_algorithm_t algo,
- unsigned int flags, const gnutls_datum_t *hash,
- const gnutls_datum_t *signature)
-{
- return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
-}
-
-static int compat_gnutls_pubkey_import_rsa_raw(gnutls_pubkey_t key, const gnutls_datum_t *m, const gnutls_datum_t *e)
-{
- return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
-}
-
-static int compat_gnutls_pubkey_import_dsa_raw(gnutls_pubkey_t key, const gnutls_datum_t *p, const gnutls_datum_t *q,
- const gnutls_datum_t *g, const gnutls_datum_t *y)
-{
- return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
-}
-
-static int compat_gnutls_privkey_generate(gnutls_privkey_t key, gnutls_pk_algorithm_t algo, unsigned int bits,
- unsigned int flags)
-{
- return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
-}
-
static int compat_gnutls_decode_rs_value(const gnutls_datum_t * sig_value, gnutls_datum_t * r, gnutls_datum_t * s)
{
return GNUTLS_E_INTERNAL_ERROR;
}
-static int compat_gnutls_privkey_import_rsa_raw(gnutls_privkey_t key, const gnutls_datum_t *m, const gnutls_datum_t *e,
- const gnutls_datum_t *d, const gnutls_datum_t *p, const gnutls_datum_t *q,
- const gnutls_datum_t *u, const gnutls_datum_t *e1, const gnutls_datum_t *e2)
-{
- return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
-}
-
-static int compat_gnutls_privkey_decrypt_data(gnutls_privkey_t key, unsigned int flags, const gnutls_datum_t *cipher_text,
- gnutls_datum_t *plain_text)
-{
- return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
-}
-
static void gnutls_log( int level, const char *msg )
{
TRACE( "<%d> %s", level, msg );
@@ -257,21 +136,35 @@ static NTSTATUS gnutls_process_attach( void *args )
goto fail; \
}
+ LOAD_FUNCPTR(gnutls_cipher_add_auth) /* since 3.0.0 */
LOAD_FUNCPTR(gnutls_cipher_decrypt2)
LOAD_FUNCPTR(gnutls_cipher_deinit)
LOAD_FUNCPTR(gnutls_cipher_encrypt2)
LOAD_FUNCPTR(gnutls_cipher_init)
+ LOAD_FUNCPTR(gnutls_cipher_tag) /* since 3.0.0 */
LOAD_FUNCPTR(gnutls_global_deinit)
LOAD_FUNCPTR(gnutls_global_init)
LOAD_FUNCPTR(gnutls_global_set_log_function)
LOAD_FUNCPTR(gnutls_global_set_log_level)
LOAD_FUNCPTR(gnutls_perror)
- LOAD_FUNCPTR(gnutls_privkey_deinit);
- LOAD_FUNCPTR(gnutls_privkey_import_dsa_raw);
- LOAD_FUNCPTR(gnutls_privkey_init);
- LOAD_FUNCPTR(gnutls_privkey_sign_hash);
- LOAD_FUNCPTR(gnutls_pubkey_deinit);
- LOAD_FUNCPTR(gnutls_pubkey_init);
+ LOAD_FUNCPTR(gnutls_pk_to_sign) /* since 3.0.0 */
+ LOAD_FUNCPTR(gnutls_privkey_decrypt_data) /* since 3.3.0 */
+ LOAD_FUNCPTR(gnutls_privkey_deinit)
+ LOAD_FUNCPTR(gnutls_privkey_export_ecc_raw) /* since 3.3.0 */
+ LOAD_FUNCPTR(gnutls_privkey_export_dsa_raw) /* since 3.3.0 */
+ LOAD_FUNCPTR(gnutls_privkey_export_rsa_raw) /* since 3.3.0 */
+ LOAD_FUNCPTR(gnutls_privkey_import_ecc_raw) /* since 3.0.0 */
+ LOAD_FUNCPTR(gnutls_privkey_generate) /* since 3.3.0 */
+ LOAD_FUNCPTR(gnutls_privkey_import_dsa_raw)
+ LOAD_FUNCPTR(gnutls_privkey_import_rsa_raw) /* since 3.3.0 */
+ LOAD_FUNCPTR(gnutls_privkey_init)
+ LOAD_FUNCPTR(gnutls_privkey_sign_hash)
+ LOAD_FUNCPTR(gnutls_pubkey_deinit)
+ LOAD_FUNCPTR(gnutls_pubkey_import_ecc_raw) /* since 3.0.0 */
+ LOAD_FUNCPTR(gnutls_pubkey_import_dsa_raw) /* since 2.12.0 */
+ LOAD_FUNCPTR(gnutls_pubkey_import_rsa_raw) /* since 2.11.0 */
+ LOAD_FUNCPTR(gnutls_pubkey_init)
+ LOAD_FUNCPTR(gnutls_pubkey_verify_hash2) /* since 3.0.0 */
#undef LOAD_FUNCPTR
#define LOAD_FUNCPTR_OPT(f) \
@@ -281,21 +174,7 @@ static NTSTATUS gnutls_process_attach( void *args )
p##f = compat_##f; \
}
- LOAD_FUNCPTR_OPT(gnutls_cipher_tag)
- LOAD_FUNCPTR_OPT(gnutls_cipher_add_auth)
- LOAD_FUNCPTR_OPT(gnutls_pubkey_import_ecc_raw)
- LOAD_FUNCPTR_OPT(gnutls_privkey_export_rsa_raw)
- LOAD_FUNCPTR_OPT(gnutls_privkey_export_ecc_raw)
- LOAD_FUNCPTR_OPT(gnutls_privkey_import_ecc_raw)
- LOAD_FUNCPTR_OPT(gnutls_privkey_export_dsa_raw)
- LOAD_FUNCPTR_OPT(gnutls_pk_to_sign)
- LOAD_FUNCPTR_OPT(gnutls_pubkey_verify_hash2)
- LOAD_FUNCPTR_OPT(gnutls_pubkey_import_rsa_raw)
- LOAD_FUNCPTR_OPT(gnutls_pubkey_import_dsa_raw)
- LOAD_FUNCPTR_OPT(gnutls_privkey_generate)
LOAD_FUNCPTR_OPT(gnutls_decode_rs_value)
- LOAD_FUNCPTR_OPT(gnutls_privkey_import_rsa_raw)
- LOAD_FUNCPTR_OPT(gnutls_privkey_decrypt_data)
#undef LOAD_FUNCPTR_OPT
if ((ret = pgnutls_global_init()) != GNUTLS_E_SUCCESS)
--
2.33.0
More information about the wine-devel
mailing list