diff --git a/CMakeLists.txt b/CMakeLists.txt index 1484d7368b33..426cfb539a2c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -68,7 +68,13 @@ if(ENABLE_GAME OR ENABLE_TESTS) find_package(GLEW REQUIRED) find_package(SDL2 2.0.4 REQUIRED) endif(ENABLE_GAME OR ENABLE_TESTS) -find_package(Crypto 1.0 REQUIRED) + +if(NOT APPLE) + find_package(Crypto 1.0 REQUIRED) +else() + set(CRYPTO_LIBRARY "-framework Security") +endif() + find_package(Boost 1.56 REQUIRED COMPONENTS iostreams program_options regex system thread random) # no, gettext executables are not required when NLS is deactivated diff --git a/SConstruct b/SConstruct index f5998c7b4eac..6587c367b077 100755 --- a/SConstruct +++ b/SConstruct @@ -360,7 +360,6 @@ if env["prereqs"]: have_server_prereqs = (\ conf.CheckCPlusPlus(gcc_version = "4.8") & \ - conf.CheckLib("libcrypto") & \ conf.CheckBoost("iostreams", require_version = boost_version) & \ conf.CheckBoostIostreamsGZip() & \ conf.CheckBoostIostreamsBZip2() & \ @@ -379,6 +378,10 @@ if env["prereqs"]: if env['harden']: env["have_fortify"] = conf.CheckFortifySource() + if(env["PLATFORM"] != 'darwin'): + # Otherwise, use Security.framework + have_server_prereqs = have_server_prereqs & conf.CheckLib("libcrypto") + env = conf.Finish() client_env = env.Clone() @@ -618,6 +621,7 @@ for env in [test_env, client_env, env]: if env["PLATFORM"] == 'darwin': # Mac OS X env.Append(FRAMEWORKS = "Cocoa") # Cocoa GUI + env.Append(FRAMEWORKS = "Security") # commonCrypto (after OpenSSL replacement on Mac) if not env['static_test']: test_env.Append(CPPDEFINES = "BOOST_TEST_DYN_LINK") diff --git a/projectfiles/Xcode/Wesnoth.xcodeproj/project.pbxproj b/projectfiles/Xcode/Wesnoth.xcodeproj/project.pbxproj index c46ace099361..2df2ece5e72d 100644 --- a/projectfiles/Xcode/Wesnoth.xcodeproj/project.pbxproj +++ b/projectfiles/Xcode/Wesnoth.xcodeproj/project.pbxproj @@ -57,7 +57,6 @@ 46F57086205FCE79007031BF /* hash.cpp in Sources */ = {isa = PBXBuildFile; fileRef = B52EE8AD121359A600CFBDAB /* hash.cpp */; }; 46F57087205FCF5D007031BF /* filesystem_sdl.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 91FBBAD71CB6BC3F00470BFE /* filesystem_sdl.cpp */; }; 46F57088205FCF7E007031BF /* config_attribute_value.cpp in Sources */ = {isa = PBXBuildFile; fileRef = EC0341DF1ECF46FE000F2E2B /* config_attribute_value.cpp */; }; - 46F57099205FD0BF007031BF /* libcrypto.1.1.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = 90BC845A1EDBD7B600A6630D /* libcrypto.1.1.dylib */; }; 46F5709A205FE48C007031BF /* string_utils.cpp in Sources */ = {isa = PBXBuildFile; fileRef = B55999AF0EC62181008DD061 /* string_utils.cpp */; }; 46F570A6205FF856007031BF /* addon_utils.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 46F5709E205FF856007031BF /* addon_utils.cpp */; }; 46F570A7205FF856007031BF /* blacklist.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 46F570A2205FF856007031BF /* blacklist.cpp */; }; @@ -493,11 +492,7 @@ 8D11072F0486CEB800E47090 /* Cocoa.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 1058C7A1FEA54F0111CA2CBB /* Cocoa.framework */; }; 903F959C1ED5489500F1BDD3 /* credentials.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 903F959B1ED5489500F1BDD3 /* credentials.cpp */; }; 903F959F1ED5496700F1BDD3 /* hash.cpp in Sources */ = {isa = PBXBuildFile; fileRef = B52EE8AD121359A600CFBDAB /* hash.cpp */; }; - 905440871EE46ABC0091D1AE /* libcrypto.1.1.dylib in Copy Frameworks */ = {isa = PBXBuildFile; fileRef = 90BC845A1EDBD7B600A6630D /* libcrypto.1.1.dylib */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; }; 90606A2B1D5599BA00719B40 /* libpcre.1.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = 90606A2A1D5599BA00719B40 /* libpcre.1.dylib */; }; - 90BC845B1EDBD7B600A6630D /* libcrypto.1.1.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = 90BC845A1EDBD7B600A6630D /* libcrypto.1.1.dylib */; }; - 90BC845C1EDBD7B600A6630D /* libcrypto.1.1.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = 90BC845A1EDBD7B600A6630D /* libcrypto.1.1.dylib */; }; - 90BC845D1EDBD7B600A6630D /* libcrypto.1.1.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = 90BC845A1EDBD7B600A6630D /* libcrypto.1.1.dylib */; }; 9107AE181DB32899001927B0 /* lapi.cpp in Sources */ = {isa = PBXBuildFile; fileRef = EC89A1061879D17D00A3B0B1 /* lapi.cpp */; }; 9107AE191DB3289D001927B0 /* lauxlib.cpp in Sources */ = {isa = PBXBuildFile; fileRef = EC89A1071879D17D00A3B0B1 /* lauxlib.cpp */; }; 9107AE1A1DB328A2001927B0 /* lbaselib.cpp in Sources */ = {isa = PBXBuildFile; fileRef = EC89A1081879D17D00A3B0B1 /* lbaselib.cpp */; }; @@ -1401,7 +1396,6 @@ dstPath = ""; dstSubfolderSpec = 10; files = ( - 905440871EE46ABC0091D1AE /* libcrypto.1.1.dylib in Copy Frameworks */, 91B622011B76C0A600B00E0F /* libboost_filesystem-mt.dylib in Copy Frameworks */, 91B622021B76C0A600B00E0F /* libboost_iostreams-mt.dylib in Copy Frameworks */, 91B622031B76C0A600B00E0F /* libboost_locale-mt.dylib in Copy Frameworks */, @@ -1452,6 +1446,7 @@ /* Begin PBXFileReference section */ 1058C7A1FEA54F0111CA2CBB /* Cocoa.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Cocoa.framework; path = System/Library/Frameworks/Cocoa.framework; sourceTree = SDKROOT; }; + 1C58BBDF21822A930078D25A /* Security.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Security.framework; path = System/Library/Frameworks/Security.framework; sourceTree = SDKROOT; }; 4638966F2034180800075E54 /* deprecation.hpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.h; path = deprecation.hpp; sourceTree = ""; }; 463896702034180900075E54 /* deprecation.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = deprecation.cpp; sourceTree = ""; }; 4649B879202886F000827CFB /* test_irdya_date.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = test_irdya_date.cpp; sourceTree = ""; }; @@ -1969,7 +1964,6 @@ 903F959B1ED5489500F1BDD3 /* credentials.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = credentials.cpp; path = preferences/credentials.cpp; sourceTree = ""; }; 903F959D1ED5489D00F1BDD3 /* credentials.hpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.h; name = credentials.hpp; path = preferences/credentials.hpp; sourceTree = ""; }; 90606A2A1D5599BA00719B40 /* libpcre.1.dylib */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.dylib"; name = libpcre.1.dylib; path = lib/libpcre.1.dylib; sourceTree = ""; }; - 90BC845A1EDBD7B600A6630D /* libcrypto.1.1.dylib */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.dylib"; name = libcrypto.1.1.dylib; path = lib/libcrypto.1.1.dylib; sourceTree = ""; }; 9107AE141DB32862001927B0 /* liblua.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = liblua.a; sourceTree = BUILT_PRODUCTS_DIR; }; 9107AE551DB5BD3B001927B0 /* lprefix.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = lprefix.h; sourceTree = ""; }; 9107AE561DB5BD49001927B0 /* lutf8lib.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = lutf8lib.cpp; sourceTree = ""; }; @@ -2800,7 +2794,6 @@ 91B622211B76C0F400B00E0F /* libboost_random-mt.dylib in Frameworks */, 91B622221B76C0F400B00E0F /* libboost_regex-mt.dylib in Frameworks */, 91B622231B76C0F400B00E0F /* libboost_system-mt.dylib in Frameworks */, - 90BC845B1EDBD7B600A6630D /* libcrypto.1.1.dylib in Frameworks */, EC5C243B18EF07B4001FA499 /* libbz2.1.0.dylib in Frameworks */, B513B2290ED36BFB0006E551 /* libcairo.2.dylib in Frameworks */, EC5C243C18EF07B4001FA499 /* libexpat.1.dylib in Frameworks */, @@ -2845,7 +2838,6 @@ files = ( 91C548C31D8866ED00FE6A7B /* CoreFoundation.framework in Frameworks */, 91C548E21D886E9000FE6A7B /* libboost_system-mt.dylib in Frameworks */, - 46F57099205FD0BF007031BF /* libcrypto.1.1.dylib in Frameworks */, 91C548E81D886F1E00FE6A7B /* libboost_locale-mt.dylib in Frameworks */, 91C548ED1D886FC500FE6A7B /* libboost_filesystem-mt.dylib in Frameworks */, 91C548EE1D886FCE00FE6A7B /* libboost_iostreams-mt.dylib in Frameworks */, @@ -2874,7 +2866,6 @@ 46F92F242174FF6700602C1C /* libboost_thread-mt.dylib in Frameworks */, 91A215DF1CAD99E000927AEA /* libboost_iostreams-mt.dylib in Frameworks */, 91A215E01CAD99E000927AEA /* libboost_system-mt.dylib in Frameworks */, - 90BC845D1EDBD7B600A6630D /* libcrypto.1.1.dylib in Frameworks */, 46F92EBA2174F9AF00602C1C /* SDL2.framework in Frameworks */, 91A215E21CAD9B9000927AEA /* libpango-1.0.0.dylib in Frameworks */, 91A215E31CAD9B9000927AEA /* libpangocairo-1.0.0.dylib in Frameworks */, @@ -2892,7 +2883,6 @@ buildActionMask = 2147483647; files = ( 46F92EB92174F9AF00602C1C /* SDL2.framework in Frameworks */, - 90BC845C1EDBD7B600A6630D /* libcrypto.1.1.dylib in Frameworks */, F4D2A9D514DAED4200CAFF31 /* CoreFoundation.framework in Frameworks */, ECF9D44119F4042700E6C9D9 /* libboost_filesystem-mt.dylib in Frameworks */, F4EF0D4D13AD4D53003C701D /* libboost_iostreams-mt.dylib in Frameworks */, @@ -2926,6 +2916,7 @@ 1058C7A0FEA54F0111CA2CBB /* Linked System Frameworks */ = { isa = PBXGroup; children = ( + 1C58BBDF21822A930078D25A /* Security.framework */, 1058C7A1FEA54F0111CA2CBB /* Cocoa.framework */, F4D2A99514DAED0E00CAFF31 /* CoreFoundation.framework */, ); @@ -3277,7 +3268,6 @@ 91E355621CACA1CE00774252 /* libboost_unit_test_framework-mt.dylib */, EC5C242218EF07B4001FA499 /* libbz2.1.0.dylib */, B513B2270ED36BFB0006E551 /* libcairo.2.dylib */, - 90BC845A1EDBD7B600A6630D /* libcrypto.1.1.dylib */, EC5C242318EF07B4001FA499 /* libexpat.1.dylib */, EC5C242418EF07B4001FA499 /* libffi.6.dylib */, EC5C242518EF07B4001FA499 /* libfontconfig.1.dylib */, diff --git a/src/build_info.cpp b/src/build_info.cpp index 953fde583fc7..bd00c3d188cb 100644 --- a/src/build_info.cpp +++ b/src/build_info.cpp @@ -33,8 +33,10 @@ #include +#ifndef __APPLE__ #include #include +#endif #include @@ -73,6 +75,8 @@ std::string format_version(const SDL_version& v) << unsigned(v.patch); } +#ifndef __APPLE__ + std::string format_openssl_patch_level(uint8_t p) { return p <= 26 @@ -159,6 +163,8 @@ std::string format_openssl_version(long v) } +#endif + version_table_manager::version_table_manager() : compiled(LIB_COUNT, "") , linked(LIB_COUNT, "") @@ -234,9 +240,11 @@ version_table_manager::version_table_manager() // OpenSSL/libcrypto // +#ifndef __APPLE__ compiled[LIB_CRYPTO] = format_openssl_version(OPENSSL_VERSION_NUMBER); linked[LIB_CRYPTO] = format_openssl_version(SSLeay()); names[LIB_CRYPTO] = "OpenSSL/libcrypto"; +#endif // // Cairo diff --git a/src/hash.cpp b/src/hash.cpp index 904155e6b124..3d6bdb1ebf42 100644 --- a/src/hash.cpp +++ b/src/hash.cpp @@ -22,16 +22,27 @@ #include #include -#include -#include - extern "C" { #include "crypt_blowfish/crypt_blowfish.h" } +#ifndef __APPLE__ + +#include +#include + static_assert(utils::md5::DIGEST_SIZE == MD5_DIGEST_LENGTH, "Constants mismatch"); static_assert(utils::sha1::DIGEST_SIZE == SHA_DIGEST_LENGTH, "Constants mismatch"); +#else + +#include + +static_assert(utils::md5::DIGEST_SIZE == CC_MD5_DIGEST_LENGTH, "Constants mismatch"); +static_assert(utils::sha1::DIGEST_SIZE == CC_SHA1_DIGEST_LENGTH, "Constants mismatch"); + +#endif + namespace { const std::string hash_prefix = "$H$"; @@ -57,10 +68,16 @@ std::string hexencode_hash(const std::array& input) { namespace utils { md5::md5(const std::string& input) { + +#ifndef __APPLE__ MD5_CTX md5_worker; MD5_Init(&md5_worker); MD5_Update(&md5_worker, input.data(), input.size()); MD5_Final(hash.data(), &md5_worker); +#else + CC_MD5(input.data(), static_cast(input.size()), hash.data()); +#endif + } int md5::get_iteration_count(const std::string& hash) { @@ -108,10 +125,14 @@ std::string md5::base64_digest() const sha1::sha1(const std::string& str) { +#ifndef __APPLE__ SHA_CTX hasher; SHA1_Init(&hasher); SHA1_Update(&hasher, str.data(), str.size()); SHA1_Final(hash.data(), &hasher); +#else + CC_MD5(str.data(), static_cast(str.size()), hash.data()); +#endif } std::string sha1::hex_digest() const diff --git a/src/preferences/credentials.cpp b/src/preferences/credentials.cpp index 685294423d70..58258aec4131 100644 --- a/src/preferences/credentials.cpp +++ b/src/preferences/credentials.cpp @@ -21,7 +21,12 @@ See the COPYING file for more details. #include #include + +#ifndef __APPLE__ #include +#else +#include +#endif #ifdef _WIN32 #include @@ -254,12 +259,13 @@ secure_buffer build_key(const std::string& server, const std::string& login) static secure_buffer rc4_crypt(const secure_buffer& text, const secure_buffer& key) { + secure_buffer result(text.size(), '\0'); +#ifndef __APPLE__ RC4_KEY cipher_key; RC4_set_key(&cipher_key, key.size(), key.data()); const std::size_t block_size = key.size(); const std::size_t blocks = text.size() / block_size; const std::size_t extra = text.size() % block_size; - secure_buffer result(text.size(), '\0'); for(std::size_t i = 0; i < blocks * block_size; i += block_size) { RC4(&cipher_key, block_size, text.data() + i, result.data() + i); } @@ -267,6 +273,23 @@ static secure_buffer rc4_crypt(const secure_buffer& text, const secure_buffer& k std::size_t i = blocks * block_size; RC4(&cipher_key, extra, text.data() + i, result.data() + i); } +#else + size_t outWritten = 0; + CCCryptorStatus ccStatus = CCCrypt(kCCDecrypt, + kCCAlgorithmRC4, + kCCOptionPKCS7Padding, + key.data(), + key.size(), + nullptr, + text.data(), + text.size(), + result.data(), + result.size(), + &outWritten); + + assert(ccStatus == kCCSuccess); + assert(outWritten == text.size()); +#endif return result; } diff --git a/src/server/user_handler.cpp b/src/server/user_handler.cpp index c22cd8f671b7..17433d44ef57 100644 --- a/src/server/user_handler.cpp +++ b/src/server/user_handler.cpp @@ -16,7 +16,12 @@ #include "config.hpp" #include "random.hpp" #include "serialization/base64.hpp" + +#ifndef __APPLE__ #include +#else +#include +#endif #include #include @@ -53,20 +58,26 @@ std::string user_handler::create_unsecure_nonce(int length) { return ss.str(); } +#ifndef __APPLE__ namespace { class RAND_bytes_exception: public std::exception { }; } +#endif std::string user_handler::create_secure_nonce() { // Must be full base64 encodings (3 bytes = 4 chars) else we skew the PRNG results std::array buf; +#ifndef __APPLE__ if(!RAND_bytes(buf.data(), buf.size())) { throw RAND_bytes_exception(); } +#else + arc4random_buf(buf.data(), buf.size()); +#endif return base64::encode({buf.data(), buf.size()}); } diff --git a/utils/travis/steps/install.sh b/utils/travis/steps/install.sh index c632b0b0788f..83b1ed8c5d7f 100755 --- a/utils/travis/steps/install.sh +++ b/utils/travis/steps/install.sh @@ -23,10 +23,7 @@ if [ "$TRAVIS_OS_NAME" = "osx" ]; then brew install ccache travis_wait ./projectfiles/Xcode/Fix_Xcode_Dependencies else - brew install scons cairo pango moreutils sdl2_image sdl2_ttf sdl2_mixer openssl glew ccache - export CXXFLAGS="-I/usr/local/opt/openssl/include $CFLAGS" - export LDFLAGS="-L/usr/local/opt/openssl/lib $LDFLAGS" - export PATH="/usr/local/opt/openssl/include:$PATH" + brew install scons cairo pango moreutils sdl2_image sdl2_ttf sdl2_mixer glew ccache fi else if [ "$NLS" != "true" ]; then