Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
ISC Open Source Projects
BIND
Commits
eb603cb0
Commit
eb603cb0
authored
Oct 26, 2018
by
Ondřej Surý
Browse files
Check for individual OpenSSL functions instead of relying on version number
parent
7e2026a5
Pipeline
#5798
passed with stages
in 7 minutes and 38 seconds
Changes
5
Pipelines
2
Hide whitespace changes
Inline
Side-by-side
config.h.in
View file @
eb603cb0
...
...
@@ -75,6 +75,9 @@
/* Define to 1 if you have the <cmocka.h> header file. */
#undef HAVE_CMOCKA_H
/* Define to 1 if you have the `CRYPTO_zalloc' function. */
#undef HAVE_CRYPTO_ZALLOC
/* Define to 1 if you have the <devpoll.h> header file. */
#undef HAVE_DEVPOLL_H
...
...
@@ -129,6 +132,21 @@
/* Define to 1 if you have the `EVP_aes_256_ecb' function. */
#undef HAVE_EVP_AES_256_ECB
/* Define to 1 if you have the `EVP_CIPHER_CTX_free' function. */
#undef HAVE_EVP_CIPHER_CTX_FREE
/* Define to 1 if you have the `EVP_CIPHER_CTX_new' function. */
#undef HAVE_EVP_CIPHER_CTX_NEW
/* Define to 1 if you have the `EVP_MD_CTX_free' function. */
#undef HAVE_EVP_MD_CTX_FREE
/* Define to 1 if you have the `EVP_MD_CTX_new' function. */
#undef HAVE_EVP_MD_CTX_NEW
/* Define to 1 if you have the `EVP_MD_CTX_reset' function. */
#undef HAVE_EVP_MD_CTX_RESET
/* Define to 1 if you have the `EVP_sha1' function. */
#undef HAVE_EVP_SHA1
...
...
@@ -183,6 +201,18 @@
/* Define to 1 if you have the <gssapi_krb5.h> header file. */
#undef HAVE_GSSAPI_KRB5_H
/* Define to 1 if you have the `HMAC_CTX_free' function. */
#undef HAVE_HMAC_CTX_FREE
/* Define to 1 if you have the `HMAC_CTX_get_md' function. */
#undef HAVE_HMAC_CTX_GET_MD
/* Define to 1 if you have the `HMAC_CTX_new' function. */
#undef HAVE_HMAC_CTX_NEW
/* Define to 1 if you have the `HMAC_CTX_reset' function. */
#undef HAVE_HMAC_CTX_RESET
/* Define to 1 if you have the <idn2.h> header file. */
#undef HAVE_IDN2_H
...
...
configure
View file @
eb603cb0
...
...
@@ -15564,6 +15564,58 @@ See \`config.log' for more details" "$LINENO" 5; }
fi
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
#
# Check for functions added in OpenSSL or LibreSSL
#
for ac_func in CRYPTO_zalloc
do :
ac_fn_c_check_func "$LINENO" "CRYPTO_zalloc" "ac_cv_func_CRYPTO_zalloc"
if test "x$ac_cv_func_CRYPTO_zalloc" = xyes; then :
cat >>confdefs.h <<_ACEOF
#define HAVE_CRYPTO_ZALLOC 1
_ACEOF
fi
done
for ac_func in EVP_CIPHER_CTX_new EVP_CIPHER_CTX_free
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
cat >>confdefs.h <<_ACEOF
#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
_ACEOF
fi
done
for ac_func in EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
cat >>confdefs.h <<_ACEOF
#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
_ACEOF
fi
done
for ac_func in HMAC_CTX_new HMAC_CTX_free HMAC_CTX_reset HMAC_CTX_get_md
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
cat >>confdefs.h <<_ACEOF
#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
_ACEOF
fi
done
#
# Check for algorithm support in OpenSSL
#
...
...
configure.ac
View file @
eb603cb0
...
...
@@ -789,6 +789,15 @@ AC_COMPILE_IFELSE(
[AC_MSG_RESULT([yes])],
[AC_MSG_FAILURE([not found])])
#
# Check for functions added in OpenSSL or LibreSSL
#
AC_CHECK_FUNCS([CRYPTO_zalloc])
AC_CHECK_FUNCS([EVP_CIPHER_CTX_new EVP_CIPHER_CTX_free])
AC_CHECK_FUNCS([EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset])
AC_CHECK_FUNCS([HMAC_CTX_new HMAC_CTX_free HMAC_CTX_reset HMAC_CTX_get_md])
#
# Check for algorithm support in OpenSSL
#
...
...
lib/isc/openssl_shim.c
View file @
eb603cb0
...
...
@@ -13,17 +13,17 @@
#include <openssl/opensslv.h>
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#include <stdlib.h>
#include <string.h>
#include "openssl_shim.h"
#include <openssl/engine.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/crypto.h>
#if !HAVE_CRYPTO_ZALLOC
void
*
OPENSSL
_zalloc
(
size_t
size
)
CRYPTO
_zalloc
(
size_t
size
)
{
void
*
ret
=
OPENSSL_malloc
(
size
);
if
(
ret
!=
NULL
)
{
...
...
@@ -31,15 +31,18 @@ OPENSSL_zalloc(size_t size)
}
return
(
ret
);
}
#endif
#if
OPENSSL_VERSION_NUMBER < 0x10001000L || defined(LIBRESSL_VERSION_NUMBER)
#if
!HAVE_EVP_CIPHER_CTX_NEW
EVP_CIPHER_CTX
*
EVP_CIPHER_CTX_new
(
void
)
{
EVP_CIPHER_CTX
*
ctx
=
OPENSSL_zalloc
(
sizeof
(
*
ctx
));
return
(
ctx
);
}
#endif
#if !HAVE_EVP_CIPHER_CTX_FREE
void
EVP_CIPHER_CTX_free
(
EVP_CIPHER_CTX
*
ctx
)
{
...
...
@@ -50,6 +53,7 @@ EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
}
#endif
#if !HAVE_EVP_MD_CTX_NEW
EVP_MD_CTX
*
EVP_MD_CTX_new
(
void
)
{
...
...
@@ -59,7 +63,9 @@ EVP_MD_CTX_new(void)
}
return
(
ctx
);
}
#endif
#if !HAVE_EVP_MD_CTX_FREE
void
EVP_MD_CTX_free
(
EVP_MD_CTX
*
ctx
)
{
...
...
@@ -68,13 +74,17 @@ EVP_MD_CTX_free(EVP_MD_CTX *ctx)
OPENSSL_free
(
ctx
);
}
}
#endif
#if !HAVE_EVP_MD_CTX_RESET
int
EVP_MD_CTX_reset
(
EVP_MD_CTX
*
ctx
)
{
return
(
EVP_MD_CTX_cleanup
(
ctx
));
}
#endif
#if !HAVE_HMAC_CTX_NEW
HMAC_CTX
*
HMAC_CTX_new
(
void
)
{
...
...
@@ -87,7 +97,9 @@ HMAC_CTX_new(void)
}
return
(
ctx
);
}
#endif
#if !HAVE_HMAC_CTX_FREE
void
HMAC_CTX_free
(
HMAC_CTX
*
ctx
)
{
...
...
@@ -96,16 +108,18 @@ HMAC_CTX_free(HMAC_CTX *ctx)
OPENSSL_free
(
ctx
);
}
}
#endif
#if !HAVE_HMAC_CTX_RESET
int
HMAC_CTX_reset
(
HMAC_CTX
*
ctx
)
{
HMAC_CTX_cleanup
(
ctx
);
return
(
1
);
}
#endif
#if !HAVE_HMAC_CTX_GET_MD
const
EVP_MD
*
HMAC_CTX_get_md
(
const
HMAC_CTX
*
ctx
)
{
return
ctx
->
md
;
}
#endif
/* OPENSSL_VERSION_NUMBER < 0x10100000L ||
* defined(LIBRESSL_VERSION_NUMBER) */
#endif
lib/isc/openssl_shim.h
View file @
eb603cb0
...
...
@@ -14,24 +14,48 @@
#include <config.h>
#include <openssl/opensslv.h>
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#include <openssl/crypto.h>
#include <openssl/engine.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
void
*
OPENSSL_zalloc
(
size_t
size
);
#if OPENSSL_VERSION_NUMBER < 0x10001000L || defined(LIBRESSL_VERSION_NUMBER)
#if !HAVE_CRYPTO_ZALLOC
void
*
CRYPTO_zalloc
(
size_t
size
);
#define OPENSSL_zalloc(num) CRYPTO_zalloc(num)
#endif
#if !HAVE_EVP_CIPHER_CTX_NEW
EVP_CIPHER_CTX
*
EVP_CIPHER_CTX_new
(
void
);
#endif
#if !HAVE_EVP_CIPHER_CTX_FREE
void
EVP_CIPHER_CTX_free
(
EVP_CIPHER_CTX
*
ctx
);
#endif
#if !HAVE_EVP_MD_CTX_NEW
EVP_MD_CTX
*
EVP_MD_CTX_new
(
void
);
#endif
#if !HAVE_EVP_MD_CTX_FREE
void
EVP_MD_CTX_free
(
EVP_MD_CTX
*
ctx
);
#endif
#if !HAVE_EVP_MD_CTX_RESET
int
EVP_MD_CTX_reset
(
EVP_MD_CTX
*
ctx
);
#endif
#if !HAVE_HMAC_CTX_NEW
HMAC_CTX
*
HMAC_CTX_new
(
void
);
#endif
#if !HAVE_HMAC_CTX_FREE
void
HMAC_CTX_free
(
HMAC_CTX
*
ctx
);
#endif
#if !HAVE_HMAC_CTX_RESET
int
HMAC_CTX_reset
(
HMAC_CTX
*
ctx
);
const
EVP_MD
*
HMAC_CTX_get_md
(
const
HMAC_CTX
*
ctx
);
#endif
#endif
/* OPENSSL_VERSION_NUMBER < 0x10100000L ||
* defined(LIBRESSL_VERSION_NUMBER) */
#if !HAVE_HMAC_CTX_GET_MD
const
EVP_MD
*
HMAC_CTX_get_md
(
const
HMAC_CTX
*
ctx
);
#endif
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment