If the C library supports these random functions, use them directly
instead of reading the /dev/urandom file. This makes life easier on
platforms that don't have /dev/urandom (like WASM).
Abseil uses certain compiler extensions intentionally (see abseil/abseil-cpp#157) so it triggers multiple warnings enabled by -pedantic (-Wnullability-extension, -Wgcc-compat, -Wvariadic-macro-arguments-omitted at a minimum) as seen in #1373.
Protobuf versions since 3.6.0 have long had a C++11 dependency; even
more recent versions have picked up an Abseil dependency bumping that
to C++14. Since it is now 2023, defaulting to C++17 is reasonable, so
remove the conditional C++ standards version check that mosh
previously had and replace it with an unconditional C++17 check.
This means that all future commits can use C++17 features. According
to https://en.cppreference.com/w/cpp/compiler_support/17 this means
that minimum effective compiler versions for mosh become:
gcc 7 (May 2017)
clang 5 (September 2017)
This, in turn, implies that future versions of mosh will no longer be
available for RHEL/CentOS 7 (June 2014).
Closes: #1267
This helps to avoid problems when the 1.4.0 release is made and
distributions with version sort order think the rc sorts after
the non-suffixed version
bacc024083 inadvertently stopped
propagating `pkg-config --libs` output into the link line. This didn’t
affect OpenSSL (since configure.ac puts -lcrypto there manually) or
Apple Common Crypto (since it’s not a separate dylib), but it broke
Nettle builds. Fix Nettle builds by ensuring that `pkg-config --libs`
output actually makes it to the linker.
After further discussion, the Mosh maintainers have decided to stick
with the internal OCB implementation for this release. Restore support
for using OpenSSL’s AES but internal OCB. To make this commit easy to
audit, restore the code exactly, including calls to AES functions that
are deprecated in OpenSSL 3; a future commit will update ocb_internal.cc
to use EVP instead of directly calling the AES primitives.
In anticipation of future changes, preserve support for OpenSSL’s
AES-OCB, but don’t compile it in. Add
--with-crypto-library=openssl-with-openssl-ocb and
--with-crypto-library=openssl-with-internal-ocb options to configure so
that developers can easily test Mosh using OpenSSL’s AES-OCB. These
options are intended only for testing, are undocumented, and are not
subject to any API stability guarantees.
Rework configure to look for all possible cryptography libraries first
and then dispatch on --with-crypto-library as appropriate.
Split src/crypto/ocb.cc into two files – one containing the AES-OCB
implementation backed by OpenSSL, and the other containing
implementations backed by Apple Common Crypto and Nettle. This paves the
way for a new OpenSSL implementation that uses OpenSSL 1.1’s OCB support
directly, rather than one that merely uses OpenSSL to provide the
underlying block cipher.
Remove support for rijndael-alg-fst.c and compiler-provided AES
intrinsics, since they’re not in use anymore. (Mosh can still use
hardware-accelerated AES if it’s available; it just now relies
exclusively on the underlying cryptography library to accelerate AES if
possible.)
Update the build system to conditionally compile in either
ocb_openssl.cc or ocb_internal.cc, depending on which cryptography
library you pass to ./configure.
To make this commit easy to audit, ocb_openssl.cc and ocb_internal.cc
are trivially diffable against ocb.cc (now deleted). Expected diffs
consist of a copyright notice update, a preprocessor check to ensure the
appropriate cryptography implementation has been selected, and deletions
to remove code that’s no longer in use. This does mean a substantial
amount of code is duplicated between ocb_openssl.cc and ocb_internal.cc;
however, ocb_openssl.cc should be completely replaced soon, so it won’t
be an issue in the long term.
Bug: https://github.com/mobile-shell/mosh/issues/1174
This commit adds the --enable-fuzzing (and --enable-asan, to make
fuzzing more useful) options and a sample fuzzer for the terminal
parser. At this time only libfuzzer is supported. Future changes to
add AFL to get more fuzzing capability should be possible with the
addition of the afl_driver.cc from Chromium.
This change adds autoconf/automake support for building all of mosh
with gcov, and generates an lcov html report. This allows seeing which
parts ofthe source tree have good test coverage, and which can be
shored up. Eventually, it would be good to hook this up to Github
Actions to be generated automatically.
Fixes#1051, mosh fails to build on case-insensitive filesystems.
XXX This isn't perfect because autoconf/automake drop several extra
files in the directory anyway.
The uninitialized variable warning from T x; broke the test if the
user passed CXXFLAGS='-O2 -Wall -Werror'. (Users shouldn’t do that;
our own --enable-compile-warnings=error option was unaffected.)
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Change the openssl-devel package to libssl-devel. Cygwin still has an
"obsolete" (essentially virtual) package for openssl-devel, but it
doesn't seem to work properly on Appveyor's Cygwin install.
Protobuf >= 3.6.0 requires C++11, which I added support for last year.
But when I did that, I requested strict ANSI C++ compatibility, which
causes Cygwin/newlib's libc feature test macros to be set to disable
(at least) POSIX.1 extensions. Let the Autoconf macro use its default
instead (prefer GNU/extended C++, accept anything).
Statically linking mosh-server with glibc isn’t a great idea for
various reasons (nsswitch modules, locale format incompatibilities).
But we can provide most of the benefits of static linking by allowing
specific library dependencies to be linked statically using -Bstatic
and -Bdynamic. The full set is enabled by
./configure --enable-static-libraries
which is equivalent to
./configure --enable-static-libstdc++ --enable-static-libgcc \
--enable-static-utempter --enable-static-zlib --enable-static-curses \
--enable-static-crypto --enable-static-protobuf
and results in binaries whose only runtime library dependencies are
provided with libc:
$ ldd src/frontend/mosh-server
linux-vdso.so.1 (0x00007ffe0b377000)
libutil.so.1 => /lib/x86_64-linux-gnu/libutil.so.1 (0x00007fa0d9970000)
libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007fa0d97e3000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007fa0d97c2000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fa0d95d8000)
/lib64/ld-linux-x86-64.so.2 (0x00007fa0d9f6a000)
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
This shouldn't require C++11 when not required.
This hack may not always detect when C++11 *is* required,
in which case a little autoconf tweaking may be needed
to get a good compile.
Log connection change events to syslog in the auth log, logging the PID,
username and remote host.
Also log session begin and end.
Co-Authored-By: John Hood <cgull@glup.org>
These should output to stdout and exit with status 0. Passing
std-options to AM_INIT_AUTOMAKE causes ‘make installcheck’ (hence also
‘make distcheck’) to verify this.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Mike Frysinger