Openssl 1.1 support #7
Conversation
|
As @cwyyprog mentioned in bitshares/bitshares-core#575, zaphoyd/websocketpp#599 would be useful for this ticket. |
|
To fix this issue, I have placed a patched websocketpp into the bitshares project on github. //Edited by @abitmore: fixed typo in above commands. |
xeroc
force-pushed
the
openssl-1.1-support
branch
from
025edb8
to
438db84
Compare
|
@xeroc: the websocketpp fix is included in |
|
@abitmore I didn't want to move to the develop branch and instead used tag 0.7.0 + cherry-picked LocutusOfBorg/websocketpp@1dd0711 |
|
@xeroc: we've updated the websocketpp sub module with another PR, please rebase and/or fix conflicts. (Update: actually anyone who have write permission can do this, if have time) |
xeroc
force-pushed
the
openssl-1.1-support
branch
from
438db84
to
2485a05
Compare
|
Rebased .. compiles here |
These changes should add support for openssl 1.1.0 while maintaining compatibility with 1.0.2
xeroc
force-pushed
the
openssl-1.1-support
branch
from
a63fbfb
to
cc26580
Compare
|
One of the unit tests fails ... |
|
When I run blinding_test, I get
Is that what you get? I also tested with OpenSSL 1.0.1m, with the same results. So it is not an OpenSSL 1.1 issue. It seems to be the way we are initializing the diffie hellman object within this test. The actual underlying openssl dh object is null. I am trying to find out how and when it should be initialized. After further testing, it looks like bitshares-fc/src/crypto/dh.cpp Line 18 in cc26580 ssl_dh dh(DH_new());
|
xeroc
force-pushed
the
openssl-1.1-support
branch
from
225a8cc
to
c0db16b
Compare
|
Thanks, unit tests no longer fail! //edit: they don't fail with openssl-1.0, but do fail with openssl-1.1 :-( |
|
I think we should rip out the blinding stuff. The core uses it only insofar as it provides access through the crypto_api. The implementation (and tests) has been broken since this commit: cryptonomex@2b2dfc6 , so I'm pretty sure nobody's using it. |
Fixed DH memory handling with openssl-1.1
@abitmore what do you think? |
|
I agree.. I don't know much about crypto though. |
|
kenCode was using some sort of blinding for his STEALTH coin. Should we ask him what he's relying on? |
|
Like I said, the current implementation has been broken for >2 years. I'd be surprised if he's relying on that (and if he is he could as well maintain it himself...). |
|
@pmconrad that implementation is partially relied upon and blind transfers do work using it so why rip out something that can benefit everyone? |
|
@xethyrion blind transfer in BitShares does not rely on that, but on another module. By the way, linking the UI repository here doesn't make sense, since UI doesn't use fc library. Even if it does, please link the actually code block that uses it but not the main url of the repository. |
|
@abitmore worried about witnesses which do need to validate blind tx's... chris should comment here on that. |
|
@xethyrion we need proofs. Why do you think it's needed? |
|
@abitmore pinged chris, he's the expert on this, he says he'll look over here in an hour or two. |
|
I'll look over in a bit whether we are relying on the blind code in question for our Blind/Stealth stuff. (Could someone provide a link to the specific code? @pmconrad?)
@abitmore - Interesting. I was unaware of a separate selection of blind code. What we are talking about here is distinct from what is used to validate Blind transactions on the network? If I may ask, what was the original purpose of the blind code that we are now proposing to remove? (If indeed it has been broken since 2015... then yeah presumably we are not relying on it. But just to emphasize: we HAVE conducted Blind transactions on the Main Net and we ARE developing features on top of it. And there is a non-zero amount of assets that are held in blinded balances. So, retaining the ability of witness nodes to validate blinded transactions is certainly critical.) |
|
Of course I do not propose to remove the existing STEALTH feature from the blockchain backend. This is a different kind of blinding. I implemented it myself in response to a bounty offered by BM, see https://bitsharestalk.org/index.php?topic=17315.0 . |
|
Ah, cool. Thanks for the clarification @pmconrad! |
|
@pmconrad so we need to remove the 2 API calls if this got removed from FC? |
|
yes |
@pmconrad — Interesting! I've read that whole thread before, a while back, and I was confused because I didn't see how Oleg's blind sig scheme quite fit in with the blind transfers. Now I see that it was meant for a different purpose! Anyway, yeah, we're not using the Oleg Andreev scheme at all (blind_sign, etc.). We are only using the Pedersen commitment stuff (blind_sum, range_proof_sign, etc.), which of course needs to stay in order to validate blinded transfers. |
|
@christophersanborn thanks for confirming! |
| @@ -1,6 +1,9 @@ | |||
| #include <fc/crypto/dh.hpp> | |||
| #include <openssl/dh.h> | |||
|
|
|||
| #if OPENSSL_VERSION_NUMBER >= 0x10100000L | |||
| #endif | |||
There was a problem hiding this comment.
No, that's probably a leftover C&P template or sth like that.
Ripped out unused blinding stuff
There was a problem hiding this comment.
Tested with
- gcc-5, boost-1.60, openssl-1.0.2
- gcc-6, boost-1.65.1, openssl-1.0.2
- gcc-6, boost-1.65.1, openssl-1.1.0
With boost-1.65.1 the stacktrace unit tests fail, but I think that's unrelated.
All other known-working tests continue to work, replayed successfully + connected to mainnet.
|
How about gcc-5, boost-1.58, openssl-1.0.2 (Ubuntu 16.04 LTS default packages)? |
|
gcc-5, boost-1.58, openssl-1.0.2 tested successfully too. |
This is an initial commit to include @nathanhourt's commit to support openssl-1.1.
However, it disables the blinding checks because they fail to compile. This needs to be fixed before merging.