Fix stdio regression

This change fixes a nasty regression caused by 80b211e314 which deadlocked. This change also causes MbedTLS to prefer the ChaCha ciphersuite on older CPUs that don't have AES hardware instructions.
2025-05-24 22:32:28 +00:00 · 2022-05-19 00:34:15 -07:00 · 2022-05-19 00:34:15 -07:00 · 6e52cba37a
commit 6e52cba37a
parent 9208c83f7a
14 changed files with 232 additions and 51 deletions
--- a/third_party/mbedtls/ssl_ciphersuites.c
+++ b/third_party/mbedtls/ssl_ciphersuites.c
@ -15,6 +15,7 @@
 │ See the License for the specific language governing permissions and          │
 │ limitations under the License.                                               │
 ╚─────────────────────────────────────────────────────────────────────────────*/
+#include "libc/nexgen32e/x86feature.h"
 #include "third_party/mbedtls/cipher.h"
 #include "third_party/mbedtls/common.h"
 #include "third_party/mbedtls/platform.h"
@ -44,10 +45,6 @@ asm(".include \"libc/disclaimer.inc\"");
 #if defined(MBEDTLS_SSL_TLS_C)
 const uint16_t ciphersuite_preference[] =
 {
-#if defined(MBEDTLS_SSL_CIPHERSUITES)
-    MBEDTLS_SSL_CIPHERSUITES,
-#else
-
 #ifdef MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
@ -175,7 +172,141 @@ const uint16_t ciphersuite_preference[] =
    MBEDTLS_TLS_PSK_WITH_NULL_SHA,
 #endif

-#endif /* MBEDTLS_SSL_CIPHERSUITES */
+    0
+};
+
+// if we don't have aes-ni then chacha will do a
+// better job guarding against timing attacks
+const uint16_t ciphersuite_preference_nehalem[] =
+{
+
+#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+#endif
+
+#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
+    MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256,
+#endif
+
+#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED
+    MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
+#endif
+
+#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
+    MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
+    MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
+    MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
+#endif
+
+#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+#endif
+
+#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
+    MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
+    MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
+#endif
+
+#ifdef MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
+    MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
+    MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
+    MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
+#endif
+
+#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
+    MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
+    MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
+    MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
+    MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
+    MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
+    MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
+#endif
+
+#ifdef MBEDTLS_DES_C
+    MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
+    MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
+    MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
+    MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, // e.g. IE 8 XP
+    MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
+    MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
+    MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
+#endif
+
+#ifdef MBEDTLS_ENABLE_WEAK_CIPHERSUITES
+    MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA,
+    MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA,
+#endif
+
+#ifdef MBEDTLS_CIPHER_NULL_CIPHER
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
+    MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
+    MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
+    MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
+    MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
+    MBEDTLS_TLS_RSA_WITH_NULL_SHA,
+    MBEDTLS_TLS_RSA_WITH_NULL_MD5,
+    MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
+    MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
+    MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
+    MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
+    MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
+    MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
+    MBEDTLS_TLS_PSK_WITH_NULL_SHA,
+#endif
+
    0
 };

@ -1338,12 +1469,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
      0, 0, 0, 0, 0 }
 };

-#if defined(MBEDTLS_SSL_CIPHERSUITES)
-const uint16_t *mbedtls_ssl_list_ciphersuites( void )
-{
-    return( ciphersuite_preference );
-}
-#else
 #define MAX_CIPHERSUITES    sizeof( ciphersuite_definitions     ) /         \
                            sizeof( ciphersuite_definitions[0]  )
 static uint16_t supported_ciphersuites[MAX_CIPHERSUITES];
@ -1375,7 +1500,12 @@ const uint16_t *mbedtls_ssl_list_ciphersuites( void )
        const uint16_t *p;
        uint16_t *q;

-        for( p = ciphersuite_preference, q = supported_ciphersuites;
+        if( X86_HAVE( AES ) )
+            p = ciphersuite_preference;
+        else
+            p = ciphersuite_preference_nehalem;
+
+        for( q = supported_ciphersuites;
             *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
             p++ )
        {
@ -1393,7 +1523,6 @@ const uint16_t *mbedtls_ssl_list_ciphersuites( void )

    return( supported_ciphersuites );
 }
-#endif /* MBEDTLS_SSL_CIPHERSUITES */

 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
                                                const char *ciphersuite_name )