Commit eb603cb0 authored by Ondřej Surý's avatar Ondřej Surý

Check for individual OpenSSL functions instead of relying on version number

parent 7e2026a5
Pipeline #5798 passed with stages
in 7 minutes and 38 seconds
......@@ -75,6 +75,9 @@
/* Define to 1 if you have the <cmocka.h> header file. */
#undef HAVE_CMOCKA_H
/* Define to 1 if you have the `CRYPTO_zalloc' function. */
#undef HAVE_CRYPTO_ZALLOC
/* Define to 1 if you have the <devpoll.h> header file. */
#undef HAVE_DEVPOLL_H
......@@ -129,6 +132,21 @@
/* Define to 1 if you have the `EVP_aes_256_ecb' function. */
#undef HAVE_EVP_AES_256_ECB
/* Define to 1 if you have the `EVP_CIPHER_CTX_free' function. */
#undef HAVE_EVP_CIPHER_CTX_FREE
/* Define to 1 if you have the `EVP_CIPHER_CTX_new' function. */
#undef HAVE_EVP_CIPHER_CTX_NEW
/* Define to 1 if you have the `EVP_MD_CTX_free' function. */
#undef HAVE_EVP_MD_CTX_FREE
/* Define to 1 if you have the `EVP_MD_CTX_new' function. */
#undef HAVE_EVP_MD_CTX_NEW
/* Define to 1 if you have the `EVP_MD_CTX_reset' function. */
#undef HAVE_EVP_MD_CTX_RESET
/* Define to 1 if you have the `EVP_sha1' function. */
#undef HAVE_EVP_SHA1
......@@ -183,6 +201,18 @@
/* Define to 1 if you have the <gssapi_krb5.h> header file. */
#undef HAVE_GSSAPI_KRB5_H
/* Define to 1 if you have the `HMAC_CTX_free' function. */
#undef HAVE_HMAC_CTX_FREE
/* Define to 1 if you have the `HMAC_CTX_get_md' function. */
#undef HAVE_HMAC_CTX_GET_MD
/* Define to 1 if you have the `HMAC_CTX_new' function. */
#undef HAVE_HMAC_CTX_NEW
/* Define to 1 if you have the `HMAC_CTX_reset' function. */
#undef HAVE_HMAC_CTX_RESET
/* Define to 1 if you have the <idn2.h> header file. */
#undef HAVE_IDN2_H
......
......@@ -15564,6 +15564,58 @@ See \`config.log' for more details" "$LINENO" 5; }
fi
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
#
# Check for functions added in OpenSSL or LibreSSL
#
for ac_func in CRYPTO_zalloc
do :
ac_fn_c_check_func "$LINENO" "CRYPTO_zalloc" "ac_cv_func_CRYPTO_zalloc"
if test "x$ac_cv_func_CRYPTO_zalloc" = xyes; then :
cat >>confdefs.h <<_ACEOF
#define HAVE_CRYPTO_ZALLOC 1
_ACEOF
fi
done
for ac_func in EVP_CIPHER_CTX_new EVP_CIPHER_CTX_free
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
cat >>confdefs.h <<_ACEOF
#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
_ACEOF
fi
done
for ac_func in EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
cat >>confdefs.h <<_ACEOF
#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
_ACEOF
fi
done
for ac_func in HMAC_CTX_new HMAC_CTX_free HMAC_CTX_reset HMAC_CTX_get_md
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
cat >>confdefs.h <<_ACEOF
#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
_ACEOF
fi
done
#
# Check for algorithm support in OpenSSL
#
......
......@@ -789,6 +789,15 @@ AC_COMPILE_IFELSE(
[AC_MSG_RESULT([yes])],
[AC_MSG_FAILURE([not found])])
#
# Check for functions added in OpenSSL or LibreSSL
#
AC_CHECK_FUNCS([CRYPTO_zalloc])
AC_CHECK_FUNCS([EVP_CIPHER_CTX_new EVP_CIPHER_CTX_free])
AC_CHECK_FUNCS([EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset])
AC_CHECK_FUNCS([HMAC_CTX_new HMAC_CTX_free HMAC_CTX_reset HMAC_CTX_get_md])
#
# Check for algorithm support in OpenSSL
#
......
......@@ -13,17 +13,17 @@
#include <openssl/opensslv.h>
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#include <stdlib.h>
#include <string.h>
#include "openssl_shim.h"
#include <openssl/engine.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/crypto.h>
#if !HAVE_CRYPTO_ZALLOC
void *
OPENSSL_zalloc(size_t size)
CRYPTO_zalloc(size_t size)
{
void *ret = OPENSSL_malloc(size);
if (ret != NULL) {
......@@ -31,15 +31,18 @@ OPENSSL_zalloc(size_t size)
}
return (ret);
}
#endif
#if OPENSSL_VERSION_NUMBER < 0x10001000L || defined(LIBRESSL_VERSION_NUMBER)
#if !HAVE_EVP_CIPHER_CTX_NEW
EVP_CIPHER_CTX *
EVP_CIPHER_CTX_new(void)
{
EVP_CIPHER_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
return (ctx);
}
#endif
#if !HAVE_EVP_CIPHER_CTX_FREE
void
EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
{
......@@ -50,6 +53,7 @@ EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
}
#endif
#if !HAVE_EVP_MD_CTX_NEW
EVP_MD_CTX *
EVP_MD_CTX_new(void)
{
......@@ -59,7 +63,9 @@ EVP_MD_CTX_new(void)
}
return (ctx);
}
#endif
#if !HAVE_EVP_MD_CTX_FREE
void
EVP_MD_CTX_free(EVP_MD_CTX *ctx)
{
......@@ -68,13 +74,17 @@ EVP_MD_CTX_free(EVP_MD_CTX *ctx)
OPENSSL_free(ctx);
}
}
#endif
#if !HAVE_EVP_MD_CTX_RESET
int
EVP_MD_CTX_reset(EVP_MD_CTX *ctx)
{
return (EVP_MD_CTX_cleanup(ctx));
}
#endif
#if !HAVE_HMAC_CTX_NEW
HMAC_CTX *
HMAC_CTX_new(void)
{
......@@ -87,7 +97,9 @@ HMAC_CTX_new(void)
}
return (ctx);
}
#endif
#if !HAVE_HMAC_CTX_FREE
void
HMAC_CTX_free(HMAC_CTX *ctx)
{
......@@ -96,16 +108,18 @@ HMAC_CTX_free(HMAC_CTX *ctx)
OPENSSL_free(ctx);
}
}
#endif
#if !HAVE_HMAC_CTX_RESET
int
HMAC_CTX_reset(HMAC_CTX *ctx) {
HMAC_CTX_cleanup(ctx);
return (1);
}
#endif
#if !HAVE_HMAC_CTX_GET_MD
const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx) {
return ctx->md;
}
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L ||
* defined(LIBRESSL_VERSION_NUMBER) */
#endif
......@@ -14,24 +14,48 @@
#include <config.h>
#include <openssl/opensslv.h>
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#include <openssl/crypto.h>
#include <openssl/engine.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
void *OPENSSL_zalloc(size_t size);
#if OPENSSL_VERSION_NUMBER < 0x10001000L || defined(LIBRESSL_VERSION_NUMBER)
#if !HAVE_CRYPTO_ZALLOC
void *CRYPTO_zalloc(size_t size);
#define OPENSSL_zalloc(num) CRYPTO_zalloc(num)
#endif
#if !HAVE_EVP_CIPHER_CTX_NEW
EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
#endif
#if !HAVE_EVP_CIPHER_CTX_FREE
void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
#endif
#if !HAVE_EVP_MD_CTX_NEW
EVP_MD_CTX *EVP_MD_CTX_new(void);
#endif
#if !HAVE_EVP_MD_CTX_FREE
void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
#endif
#if !HAVE_EVP_MD_CTX_RESET
int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
#endif
#if !HAVE_HMAC_CTX_NEW
HMAC_CTX *HMAC_CTX_new(void);
#endif
#if !HAVE_HMAC_CTX_FREE
void HMAC_CTX_free(HMAC_CTX *ctx);
#endif
#if !HAVE_HMAC_CTX_RESET
int HMAC_CTX_reset(HMAC_CTX *ctx);
const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
#endif
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L ||
* defined(LIBRESSL_VERSION_NUMBER) */
#if !HAVE_HMAC_CTX_GET_MD
const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
#endif
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment