Aaron Jones [Sun, 9 Feb 2020 12:46:26 +0000 (12:46 +0000)]
m4/: tidy up NLS logic
We shouldn't do all the NLS checks before parsing --enable-nls; it should
be the other way around: only do the checks if --enable-nls=yes was given.
Since all but one of our translations are currently broken, also change
the default from yes to no. This can be revisited after our translations
are brought up to scratch.
Aaron Jones [Thu, 6 Feb 2020 05:29:50 +0000 (05:29 +0000)]
m4/atheme-print-configuration: make even nicer output
Group lines by category, indent them some more, indicate which SASL
mechanisms are going to be built (some are always built, so this output
won't change, but they're just there for consistency's sake...).
Good news for all of those stuck in 1995: Aside from the build variables
(CC/CFLAGS/CPPFLAGS/LDFLAGS/LIBS), it all still fits into 80 columns, so
your VGA console can render it just fine.
Aaron Jones [Thu, 6 Feb 2020 05:16:54 +0000 (05:16 +0000)]
m4/atheme-libtest-rt.m4: rename to clock-gettime
This file tests whether we can use the clock_gettime(3) function, and
whether we need to link against -lrt to do so (as on older GNU libc...)
However, the functionality we're actually looking for is clock_gettime(3),
not whether we need -lrt or not, so don't name it after the library we
might need, but rather after the function we do need.
Aaron Jones [Sun, 2 Feb 2020 22:19:54 +0000 (22:19 +0000)]
Use #elif more to avoid pointless preprocessor soup
This looks *MUCH* better, and is also much more maintainable.
Also document, in libathemecore/memory_frontend.c, where various memory
comparison and wiping functions originated, and clean up some other
miscellaneous things.
Aaron Jones [Sun, 2 Feb 2020 11:24:28 +0000 (11:24 +0000)]
libathemecore/memory: support consttime_memequal & explicit_memset
These C library functions are present in NetBSD v7.0+ and possibly other
C libraries. On NetBSD they both require only <string.h>, which we
already include (by way of <atheme/stdheaders.h>).
Also move the preprocessor warning directive down to where it is actually
needed.
Aaron Jones [Sun, 2 Feb 2020 05:34:28 +0000 (05:34 +0000)]
doc/SASL-SCRAM: clarify setup instructions
- Explain the ./configure argument to force GNU libidn to be available
and what to look for when it prints its configuration.
- Reorder mechanisms in order of strength when asking to decide.
- Clarify that regular PBKDF2 credentials definitely allow impersonation,
and that this is why the SCRAM module does nothing if this style of
credentials is being used.
- Move loadmodule advice to next to eachother.
- Space everything out a bit more for readability.
- Directly discourage uncommenting the SCRAM loadmodule line in the
example configuration file without having read the documentation.
Aaron Jones [Sat, 1 Feb 2020 20:22:16 +0000 (20:22 +0000)]
libathemecore/digest_testsuite: a few style and ordering cleanups
- When performing an HKDF test, check the PRK matches before going on
to compute and verify the OKM. If the PRK was incorrectly generated,
the OKM is also going to be incorrect, and this saves some pointless
computation.
- Now that there's only one vector for each of the PBKDF2 tests, un-
indent the vector and remove it from its now-unnecessary containing
block.
- Perform all modes of operation on a message digest algorithm (plain,
HMAC, HKDF, PBKDF2), before moving on to the next algorithm. This
illuminates a misbehaving mode sooner.
Aaron Jones [Sat, 1 Feb 2020 19:26:38 +0000 (19:26 +0000)]
Digest API: Add GNU libgcrypt binding
This makes up for the recent removal of the GNU Nettle binding, which
was necessary for the compiler sanitizers feature (-fsanitize=function).
See the commit message in ed8a3fce8f196d139732 for more information.
This library does not tolerate PBKDF2 with a no-password and/or no-salt
situation, which is why the previous commit was necessary.
Some cryptographic libraries don't tolerate being told to perform a
PBKDF2 computation with no password and/or no salt. It is well-defined
behaviour to do so, but it's probably just an anti-footgun measure on
the part of the library authors.
However, nothing in this codebase performs such a PBKDF2 calculation.
So just remove the test vectors and prohibit such behaviour in our
Digest API.
Aaron Jones [Mon, 27 Jan 2020 09:50:51 +0000 (09:50 +0000)]
Digest API: Make low-level direct digest routines always available
Rework the Internal Digest API frontend to use the renamed direct
low-level routines and unify their interface. Declare said interface
in a separate header so that modules which need access to the low-
level primitives directly (like Anope's enc_sha256 crypto module)
can always use them regardless of which Digest API frontend we're
building with and without awful header/preprocessor hacks.
While I'm doing this, simplify the endianness reversal logic in that
crypto module too, and add some test vectors, generated by Anope
v2.0.7, for both 32-character and 288-character passwords (the
default Anope password length, and the maximum Atheme length,
respectively).
Aaron Jones [Mon, 27 Jan 2020 07:46:03 +0000 (07:46 +0000)]
Digest API: Remove Nettle frontend
This will never work with '-fsanitize=cfi' or '-fsanitize=function' due
to the necessary function pointer casts to incompatible prototypes.
(nettle_md5_init takes different arguments than nettle_sha1_init etc.)
While we're at it, add some missing error/sanity checking to the digest
API, and denote in the ifdef soup and './configure --help' output the
order in which frontends are searched for.
This file includes the ISC license permissions text, so add an ISC
license header tag to it, which was overlooked by commit 507f49117bea9a3f70bf.
Also document authorship and modifications properly, and update the
original author's e-mail address and current repository location to
match the present reality.
Aaron Jones [Sun, 26 Jan 2020 04:14:25 +0000 (04:14 +0000)]
Entire codebase: Clean up Makefiles and assorted build system stuff
- Add a license header to Makefiles (and the files they include)
where missing, and indicate who has modified each Makefile based on
the Git history. This was overlooked by commit 507f49117bea9a3f.
- Add myself to the copyright headers in Makefiles that I have heavily
modified; mostly during my work over the last 2 years on refactoring
and cleaning up the entire build system.
- Relicense Makefiles I have entirely (re)written to CC0-1.0, i.e. now
Public Domain.
- Always include extra.mk first, then define any non-additive variables
that buildsys.mk depends on for dependency tracking, then include
buildsys.mk and, if needed, buildsys.module.mk, before adding to any
variables those would have defined.
- Add missing test for the preprocessor to configure.ac
buildsys.mk.in was relying on this being set
- Don't use ${PACKAGE} in includesubdir because the header files
themselves have a hardcoded "atheme/" inclusion of other headers.
- Don't add '-I.' to CPPFLAGS; the compiler always looks in the current
directory first for #include "foo.h" style directives.
- Use ${foo} instead of $(foo) in Makefiles; make allows either form,
and treats them identically, except when you mix () and {} in some
expressions, so settle on a single set of braces now.
- Break long lists of sources / libraries / flags into a list of one per
line, indent and align with spaces instead of tabs so that it still
renders the same for people who change the tab width in their editor,
and align the line-continuation marker to a column not a multiple of 8
to immediately discourage most future additions that use tabs.
- Alphabetise some erroneously-overlooked source file lists in Makefiles,
particularly modules/nickserv/Makefile.
- Use $@ in Makefiles where possible to avoid using redundant filenames
- Test for -Wno-format-zero-length to hide a harmless diagnostic
introduced during the addition of translation support to the crypto
benchmarking utility
- Library test M4 files that don't use pkg-config now unconditionally
set FOO_CFLAGS as well as FOO_LIBS. Normally the _CFLAGS variable is
provided by pkg-config, but we should start using it unconditionally
in extra.mk.in and Makefiles so that if those libraries gain pkg-config
compatibility in the future we can start making use of it immediately.
- Put all conditional build variables/targets first in their respective
variables in Makefiles.
- Move the "Remember to edit your config file" notice to the Makefile in
src/services/ so that it is displayed close to the bottom of the install
target, where it is more likely to be read.
- Remove obsolete rm calls from src/services/Makefile for installing into
a directory containing an extremely old Atheme installation.
- Move installation of NEWS.md -> RELEASE outside of the bottom of a
subshell in src/services/Makefile -- its presence there was only
confusing.
- Add missing subdirectory to SUBDIRS in tools/Makefile.
- Make both tools/*/Makefiles not install their respective programs.
These are not expected to be used by users, and in fact are not even
installed at all anyway because tools itself is not in the SUBDIRS
variable in the root Makefile, nor does this commit add it.
The 2 message digest buffers are already erased at the end of
the function, but the buffer holding the base64-encoded digest
wasn't. Fix that; the data it contains is just as sensitive.
These were only to assist in debugging; they make the output of
gdb's print command easier to parse. The sscanf(3) function
already writes null-terminating bytes for strings (%s and %[]),
so we don't need to pre-fill the array with zeroes to avoid our
base64 decoder over-running it.
Aaron Jones [Tue, 21 Jan 2020 22:49:12 +0000 (22:49 +0000)]
src/crypto-benchmark/optimal: run CI builds in SCRAM mode
This saves having a preprocessor definition to limit the CPU
impact of build jobs, since the PBKDF2 code now starts at the
Cyrus iteration count limit in SCRAM mode, which is much lower.
Aaron Jones [Tue, 21 Jan 2020 22:36:18 +0000 (22:36 +0000)]
src/crypto-benchmark/optimal: a few final PBKDF2 fixups
- When running in SCRAM mode, start at the Cyrus iteration count cap
This avoids wasting time when we're going to cap it to this later
anyway (for maximum IRC client compatibility)
- Run a SHA-1 test (but do not consider its performance)
Even if SCRAM-SHA-1 were more widely implemented than SCRAM-SHA-256,
the IRCv3 working group is pushing the latter
- Always recommend SCRAM-SHA-256 even if SCRAM-SHA-512 is faster
This is further to the point above
- Print which iteration count and digest algorithm we choose
- Run benchmarks in digest output length order
- Start slightly above (+10%) our projected optimal iteration count
after having selected a digest algorithm
- If the iteration count we chose is the iteration count we started
with (e.g. SCRAM mode and the Cyrus maximum being fast enough),
don't run another benchmark with the same iteration count again
- Don't print whether it was capped in the configuration section
Only GroupServ (to be addressed shortly) and NickServ LIST (ditto)
are the major remaining violators of using non-static symbols without
a previous extern declaration for them. Re-enable this warning so that
future changes that introduce more of this behaviour are caught.
Aaron Jones [Sat, 18 Jan 2020 17:52:37 +0000 (17:52 +0000)]
modules/botserv/: improve symbol imports
Annotate which symbols are exported to other modules, import
a structure containing all symbols instead of importing one
symbol at a time, avoid casting function pointers to (void *)
and back.
Aaron Jones [Sat, 18 Jan 2020 15:41:53 +0000 (15:41 +0000)]
modules/saslserv/scram-sha: rename to scram
It's conceivable in the future that SCRAM would be updated to
include other kinds of password hashing algorithms, such as
scrypt and/or Argon2. The name of the mechanism is itself also
just "SCRAM", so name the module that instead, while we can
rename it now to avoid breaking configuration compatibility.
While we're at it, make the module register all supported
mechanisms. This is because changing the digest algorithm
should not break logins that would have continued to succeed
before doing so. Clients can try each mechanism in turn until
one succeeds, or cache the configuration and credentials that
succeeded last time and continue to re-use them without even
noticing.
Aaron Jones [Thu, 16 Jan 2020 18:47:02 +0000 (18:47 +0000)]
configure: replace --enable-debugging with --enable-compiler-sanitizers
This enables ASan, UBSan, et al. and supports both GCC and Clang.
Clang support requires an LLVM-bitcode-parsing-capable linker (because
Clang requires LTO for these sanitizers, and Clang in LTO mode outputs
LLVM bitcode, instead of machine code, leaving it to the linker to
translate it after performing its link-time optimisations).
If you need to, pass LDFLAGS="-fuse-ld=lld" to override the LD variable
set by `./configure` (which isn't used anyway) and use the LLVM linker.
Alternatively, use the Gold linker with the LLVM plugin.
Or just use GCC, but that doesn't support as many sanitizers ...
This commit removes the `--enable-debugging` flag added by commit 447cda49a9549c2e1631. It wasn't particularly useful anyway. The build
system still checks for CFLAGS="-g", with or without this new option, &
with or without any explicit CFLAGS being passed to `./configure`, so
that the occasionally-submitted backtraces are at least still somewhat
useful.
This commit also makes the CI build script pass the following options
to `./configure`:
The former is so that the sanitizers can catch any memory issues. The
shared heap allocator(s) hide use-after-free problems, because they
don't taint the memory, or release it back to the OS, after Atheme
"frees" it.
Aaron Jones [Thu, 16 Jan 2020 09:33:13 +0000 (09:33 +0000)]
libathemecore/memory_fe_sodium: several small improvements
- Correct opening header comment block.
- Document why a list of allocations is needed.
- Use C99-style comments for single-line comments.
- When performing a new memory allocation, and freeing an existing
allocation, don't iterate the entire list of allocations and change
the memory protection permissions on everything; only change what
is necessary.
- When performing a new memory allocation, add the new allocation to
the head of the allocations list. Statistically speaking, the most
recently-allocated memory is the memory that is most likely to be
freed soon. This makes freeing it faster, because it's closer to
the start of the list that you need to iterate over.
- When freeing the information about an allocation, also free the
allocation itself. This avoids needing to do so in the 3 places
that free allocation information, which removes some duplication.
Aaron Jones [Wed, 15 Jan 2020 08:39:53 +0000 (08:39 +0000)]
libathemecore: ARM mbedTLS RNG: remove CTR-DRBG support
HMAC-DRBG has a security proof of correctness [1]; CTR-DRBG on the other
hand does not, and additionally suffers catastrophically if you sample
too much output from it.
Aaron Jones [Wed, 15 Jan 2020 08:14:19 +0000 (08:14 +0000)]
configure: prioritise OpenSSL RNG above ARM mbedTLS RNG
This is likely to be faster, with more access to hardware
primitives. The user can still override with the
--with-rng-api-frontend= argument to `configure`.
Aaron Jones [Fri, 10 Jan 2020 03:36:13 +0000 (03:36 +0000)]
src/crypto-benchmark/optimal.c: cap iterations to starting value
In the extremely unlikely event that the initial iteration count
is faster than the target time, cap the derived iteration count
to the initial one, to prevent it from being exceeded. This
currently only happens on CI (with a reduced initial count) which
has no consequences, but if in some magical pixie dust future
world CPUs become fast enough to do the maximum iteration count
within an acceptable timeframe, don't arrive at a value higher
than the maximum.
Aaron Jones [Fri, 10 Jan 2020 01:54:34 +0000 (01:54 +0000)]
Build System: Replace 'dnl' autoconf comments with '#' shell comments
Ask me how I discovered that a 'dnl' in the middle of AC_LANG_PROGRAM()
renders all 'dnl' comments a syntax error; resulting in autoreconf(1)
aborting on the very first one.
Oh, and it prints that *first* occurence as the source of the problem!
A most-excellent diagnostic.
Aaron Jones [Thu, 9 Jan 2020 20:10:16 +0000 (20:10 +0000)]
Build System: Use CFLAGS instead of CPPFLAGS for pkg-config things
It only ever ends up setting a CPPFLAG in practice anyway (-Ifoo),
but it is named FOO_CFLAGS, so modify CFLAGS with it instead. The
practical consequence of this is nothing, but it is consistent,
especially since we're also modifying LIBS instead of LDFLAGS.
Basically, it's an autotools-ism.
Aaron Jones [Thu, 9 Jan 2020 19:48:38 +0000 (19:48 +0000)]
Build System: Improve library tests
For libraries that use pkg-config to detect their presence, make
pkg-config optional. This allows the user to set LIBFOO_CFLAGS and
LIBFOO_LIBS and still have it work, whether they have pkg-config
installed or not.
Also make it possible to specify the (full) path to the library
installation directory as an argument to the --with-foo= option.
This assumes that there are "include" and "lib" directories under
it, so use this as a last resort; override pkg-config (as described
above) instead if at all possible.