gcrypt: initialize secure memory on startup

Otherwise libgcrypt does it automatically, but only after we drop
privileges. This requires calling mlock(), which kills the sandboxed
process on OpenBSD.

If this is not enough, libgcrypt will resize the pool without calling
mlock().

diff --git a/src/crypto.c b/src/crypto.c
deleted file mode 100644 (file)
index 20d917d..0000000
--- a/src/crypto.c
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
-    crypto.c -- Cryptographic miscellaneous functions and initialisation
-    Copyright (C) 2007-2022 Guus Sliepen <guus@tinc-vpn.org>
-
-    This program is free software; you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation; either version 2 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License along
-    with this program; if not, write to the Free Software Foundation, Inc.,
-    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-*/
-
-#include "crypto.h"
-
-// No-op for those cryptographic libraries that
-// do not require any additional initialization.
-void crypto_init(void) {}

diff --git a/src/gcrypt/crypto.c b/src/gcrypt/crypto.c
new file mode 100644 (file)
index 0000000..815bedf
--- /dev/null
+++ b/src/gcrypt/crypto.c
@@ -0,0 +1,10 @@
+#include "../system.h"
+
+#include <gcrypt.h>
+
+#include "../crypto.h"
+
+void crypto_init(void) {
+       gcry_control(GCRYCTL_INIT_SECMEM, 32 * 1024, 0);
+       gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
+}

diff --git a/src/gcrypt/meson.build b/src/gcrypt/meson.build
index 9cfe466e4c5a266010fc0c12251f8adba795f4ad..ac93c809b4b57b9bd0943d6b51898988b883dbc2 100644 (file)
--- a/src/gcrypt/meson.build
+++ b/src/gcrypt/meson.build
@@ -1,5 +1,6 @@
 src_lib_crypto = files(
   'cipher.c',
+  'crypto.c',
   'digest.c',
   'pem.c',
   'prf.c',

diff --git a/src/meson.build b/src/meson.build
index 564ef6fc9b69606c117660a0ba28ba572090b44b..d9f7b14bd6c6458e46574a10c332261c7b0f0392 100644 (file)
--- a/src/meson.build
+++ b/src/meson.build
@@ -358,10 +358,6 @@ endif
 
 subdir(opt_crypto)
 
-if opt_crypto != 'openssl'
-  src_lib_crypto += 'crypto.c'
-endif
-
 if opt_crypto != 'nolegacy'
   src_lib_crypto += ['cipher.c', 'digest.c']
 endif

diff --git a/src/nolegacy/crypto.c b/src/nolegacy/crypto.c
new file mode 100644 (file)
index 0000000..4e6f427
--- /dev/null
+++ b/src/nolegacy/crypto.c
@@ -0,0 +1,24 @@
+/*
+    crypto.c -- Cryptographic miscellaneous functions and initialisation
+    Copyright (C) 2007-2022 Guus Sliepen <guus@tinc-vpn.org>
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License along
+    with this program; if not, write to the Free Software Foundation, Inc.,
+    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+
+#include "../crypto.h"
+
+// No-op for those cryptographic libraries that
+// do not require any additional initialization.
+void crypto_init(void) {}

diff --git a/src/nolegacy/meson.build b/src/nolegacy/meson.build
index c9ea62f45a06365a4bed80d99782d960a3d6521e..323a8314d8b9b6fed057da288cf7b502fce36efe 100644 (file)
--- a/src/nolegacy/meson.build
+++ b/src/nolegacy/meson.build
@@ -1,4 +1,7 @@
-src_lib_crypto = files('prf.c')
+src_lib_crypto = files(
+  'crypto.c',
+  'prf.c',
+)
 
 dep_crypto = dependency('', required: false)