From 073c30f4fda112dfde5c42658afc421de3986305 Mon Sep 17 00:00:00 2001 From: "W.C.A. Wijngaards" Date: Mon, 29 Jan 2024 16:19:34 +0100 Subject: [PATCH] Fix to compile with OpenSSL 3.2. Update acx_nlnetlabs.m4 to 48. --- Changelog | 1 + acx_nlnetlabs.m4 | 128 ++++++++++++++++++++++++++++++++++------------- makewin.sh | 25 ++++++--- 3 files changed, 112 insertions(+), 42 deletions(-) diff --git a/Changelog b/Changelog index d77990a0..306d540f 100644 --- a/Changelog +++ b/Changelog @@ -8,6 +8,7 @@ signedness, add -u repo option to makewin.sh, fix quoting in makewin.sh and check return value of bind and connect in net.c for failure instead of a socket type. And fix to install .exe files. + Fix to compile with OpenSSL 3.2. Update acx_nlnetlabs.m4 to 48. 1.8.3 2022-08-15 * bugfix #183: Assertion failure with OPT record without rdata. diff --git a/acx_nlnetlabs.m4 b/acx_nlnetlabs.m4 index 3d745727..6a01dc5a 100644 --- a/acx_nlnetlabs.m4 +++ b/acx_nlnetlabs.m4 @@ -2,7 +2,11 @@ # Copyright 2009, Wouter Wijngaards, NLnet Labs. # BSD licensed. # -# Version 45 +# Version 48 +# 2024-01-16 fix to add -l:libssp.a to -lcrypto link check. +# and check for getaddrinfo with only header. +# 2024-01-15 fix to add crypt32 to -lcrypto link check when checking for gdi32. +# 2023-05-04 fix to remove unused whitespace. # 2023-01-26 fix -Wstrict-prototypes. # 2022-09-01 fix checking if nonblocking sockets work on OpenBSD. # 2021-08-17 fix sed script in ssldir split handling. @@ -476,7 +480,7 @@ fi dnl Setup ATTR_FORMAT config.h parts. dnl make sure you call ACX_CHECK_FORMAT_ATTRIBUTE also. AC_DEFUN([AHX_CONFIG_FORMAT_ATTRIBUTE], -[ +[ #ifdef HAVE_ATTR_FORMAT # define ATTR_FORMAT(archetype, string_index, first_to_check) \ __attribute__ ((format (archetype, string_index, first_to_check))) @@ -706,7 +710,7 @@ AC_DEFUN([ACX_SSL_CHECKS], [ LIBSSL_LDFLAGS="$LIBSSL_LDFLAGS -L$ssldir_lib" ACX_RUNTIME_PATH_ADD([$ssldir_lib]) fi - + AC_MSG_CHECKING([for EVP_sha256 in -lcrypto]) LIBS="$LIBS -lcrypto" LIBSSL_LIBS="$LIBSSL_LIBS -lcrypto" @@ -731,40 +735,73 @@ AC_DEFUN([ACX_SSL_CHECKS], [ ]])],[ AC_DEFINE([HAVE_EVP_SHA256], 1, [If you have EVP_sha256]) - AC_MSG_RESULT(yes) + AC_MSG_RESULT(yes) ],[ AC_MSG_RESULT(no) LIBS="$BAKLIBS" LIBSSL_LIBS="$BAKSSLLIBS" - LIBS="$LIBS -ldl" - LIBSSL_LIBS="$LIBSSL_LIBS -ldl" - AC_MSG_CHECKING([if -lcrypto needs -ldl]) - AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ - int EVP_sha256(void); - (void)EVP_sha256(); - ]])],[ - AC_DEFINE([HAVE_EVP_SHA256], 1, - [If you have EVP_sha256]) - AC_MSG_RESULT(yes) - ],[ - AC_MSG_RESULT(no) - LIBS="$BAKLIBS" - LIBSSL_LIBS="$BAKSSLLIBS" - LIBS="$LIBS -ldl -pthread" - LIBSSL_LIBS="$LIBSSL_LIBS -ldl -pthread" - AC_MSG_CHECKING([if -lcrypto needs -ldl -pthread]) - AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ - int EVP_sha256(void); - (void)EVP_sha256(); - ]])],[ - AC_DEFINE([HAVE_EVP_SHA256], 1, - [If you have EVP_sha256]) - AC_MSG_RESULT(yes) - ],[ - AC_MSG_RESULT(no) - AC_MSG_ERROR([OpenSSL found in $ssldir, but version 0.9.7 or higher is required]) + + LIBS="$LIBS -lgdi32 -lws2_32 -lcrypt32" + LIBSSL_LIBS="$LIBSSL_LIBS -lgdi32 -lws2_32 -lcrypt32" + AC_MSG_CHECKING([if -lcrypto needs -lgdi32 -lws2_32 -lcrypt32]) + AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ + int EVP_sha256(void); + (void)EVP_sha256(); + ]])],[ + AC_DEFINE([HAVE_EVP_SHA256], 1, + [If you have EVP_sha256]) + AC_MSG_RESULT(yes) + ],[ + AC_MSG_RESULT(no) + LIBS="$BAKLIBS" + LIBSSL_LIBS="$BAKSSLLIBS" + + LIBS="$LIBS -lgdi32 -lws2_32 -lcrypt32 -l:libssp.a" + LIBSSL_LIBS="$LIBSSL_LIBS -lgdi32 -lws2_32 -lcrypt32 -l:libssp.a" + AC_MSG_CHECKING([if -lcrypto needs -lgdi32 -lws2_32 -lcrypt32 -l:libssp.a]) + AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ + int EVP_sha256(void); + (void)EVP_sha256(); + ]])],[ + AC_DEFINE([HAVE_EVP_SHA256], 1, + [If you have EVP_sha256]) + AC_MSG_RESULT(yes) + ],[ + AC_MSG_RESULT(no) + LIBS="$BAKLIBS" + LIBSSL_LIBS="$BAKSSLLIBS" + + LIBS="$LIBS -ldl" + LIBSSL_LIBS="$LIBSSL_LIBS -ldl" + AC_MSG_CHECKING([if -lcrypto needs -ldl]) + AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ + int EVP_sha256(void); + (void)EVP_sha256(); + ]])],[ + AC_DEFINE([HAVE_EVP_SHA256], 1, + [If you have EVP_sha256]) + AC_MSG_RESULT(yes) + ],[ + AC_MSG_RESULT(no) + LIBS="$BAKLIBS" + LIBSSL_LIBS="$BAKSSLLIBS" + LIBS="$LIBS -ldl -pthread" + LIBSSL_LIBS="$LIBSSL_LIBS -ldl -pthread" + AC_MSG_CHECKING([if -lcrypto needs -ldl -pthread]) + AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ + int EVP_sha256(void); + (void)EVP_sha256(); + ]])],[ + AC_DEFINE([HAVE_EVP_SHA256], 1, + [If you have EVP_sha256]) + AC_MSG_RESULT(yes) + ],[ + AC_MSG_RESULT(no) + AC_MSG_ERROR([OpenSSL found in $ssldir, but version 0.9.7 or higher is required]) + ]) + ]) ]) - ]) + ]) ]) ]) fi @@ -778,7 +815,7 @@ AC_CHECK_HEADERS([openssl/rand.h],,, [AC_INCLUDES_DEFAULT]) dnl Check for SSL, where SSL is mandatory dnl Adds --with-ssl option, searches for openssl and defines HAVE_SSL if found -dnl Setup of CPPFLAGS, CFLAGS. Adds -lcrypto to LIBS. +dnl Setup of CPPFLAGS, CFLAGS. Adds -lcrypto to LIBS. dnl Checks main header files of SSL. dnl AC_DEFUN([ACX_WITH_SSL], @@ -871,7 +908,7 @@ dnl see if on windows if test "$ac_cv_header_windows_h" = "yes"; then AC_DEFINE(USE_WINSOCK, 1, [Whether the windows socket API is used]) USE_WINSOCK="1" - if echo $LIBS | grep 'lws2_32' >/dev/null; then + if echo "$LIBS" | grep 'lws2_32' >/dev/null; then : else LIBS="$LIBS -lws2_32" @@ -879,6 +916,24 @@ if test "$ac_cv_header_windows_h" = "yes"; then fi ], dnl no quick getaddrinfo, try mingw32 and winsock2 library. +dnl perhaps getaddrinfo needs only the include +AC_LINK_IFELSE( +[AC_LANG_PROGRAM( +[ +#ifdef HAVE_WS2TCPIP_H +#include +#endif +], +[ + (void)getaddrinfo(NULL, NULL, NULL, NULL); +] +)], +[ +ac_cv_func_getaddrinfo="yes" +AC_DEFINE(USE_WINSOCK, 1, [Whether the windows socket API is used]) +USE_WINSOCK="1" +], + ORIGLIBS="$LIBS" LIBS="$LIBS -lws2_32" AC_LINK_IFELSE( @@ -903,6 +958,7 @@ ac_cv_func_getaddrinfo="no" LIBS="$ORIGLIBS" ]) ) +) AC_MSG_RESULT($ac_cv_func_getaddrinfo) if test $ac_cv_func_getaddrinfo = yes; then @@ -1318,7 +1374,7 @@ AC_DEFUN([AHX_CONFIG_W32_FD_SET_T], #ifdef HAVE_WINSOCK2_H #define FD_SET_T (u_int) #else -#define FD_SET_T +#define FD_SET_T #endif ]) @@ -1356,7 +1412,7 @@ dnl $3: define value, 1 AC_DEFUN([AHX_CONFIG_FLAG_OMITTED], [#if defined($1) && !defined($2) #define $2 $3 -[#]endif ]) +[#]endif]) dnl Wrapper for AHX_CONFIG_FLAG_OMITTED for -D style flags dnl $1: the -DNAME or -DNAME=value string. diff --git a/makewin.sh b/makewin.sh index cadecd16..78ce7478 100755 --- a/makewin.sh +++ b/makewin.sh @@ -50,7 +50,7 @@ while [ "$1" ]; do echo " -s snapshot, current date appended to version" echo " -rc release candidate, the number is added to version" echo " ldns-rc." - echo " -u git_url Retrieve the source from the specified repository url." + echo " -u git_url Retrieve the source from the specified repository url." echo " Detected from the working copy if not specified." echo " -c Checkout this tag or branch, (defaults to current" echo " branch)." @@ -150,6 +150,9 @@ else sslflags="no-shared no-asm -DOPENSSL_NO_CAPIENG mingw" fi info "winssl: Configure $sslflags" +if test -f "/usr/${warch}-w64-mingw32/sys-root/mingw/bin/libssp-0.dll" ; then + export __CNF_LDLIBS="-l:libssp.a" +fi CC="${warch}-w64-mingw32-gcc" AR="${warch}-w64-mingw32-ar" RANLIB="${warch}-w64-mingw32-ranlib" WINDRES="${warch}-w64-mingw32-windres" ./Configure --prefix="$sslinstall" $sslflags || error_cleanup "OpenSSL Configure failed" info "winssl: make" make || error_cleanup "make failed for $WINSSL" @@ -167,8 +170,13 @@ if test ! -f install-sh -a -f ../../install-sh; then cp ../../install-sh . ; fi libtoolize -ci autoreconf -fi ldns_flag="--with-examples --with-drill" -info "ldns: Configure $cross_flag $ldns_flag" -$configure $cross_flag $ldns_flag || error_cleanup "ldns configure failed" +if test -f "/usr/${warch}-w64-mingw32/sys-root/mingw/bin/libssp-0.dll" ; then + info "ldns: Configure $cross_flag $ldns_flag LDFLAGS=\"-fstack-protector\" LIBS=\"-l:libssp.a\"" + $configure $cross_flag $ldns_flag LDFLAGS="-fstack-protector" LIBS="-l:libssp.a" || error_cleanup "ldns configure failed" +else + info "ldns: Configure $cross_flag $ldns_flag" + $configure $cross_flag $ldns_flag || error_cleanup "ldns configure failed" +fi info "ldns: make" make || error_cleanup "ldns make failed" # do not strip debug symbols, could be useful for stack traces @@ -189,7 +197,7 @@ else sslflags_nonstatic="shared no-asm -DOPENSSL_NO_CAPIENG mingw" fi info "winsslnonstatic: Configure $sslflags_nonstatic" -CC="${warch}-w64-mingw32-gcc" AR="${warch}-w64-mingw32-ar" RANLIB="${warch}-w64-mingw32-ranlib" WINDRES="${warch}-w64-mingw32-windres" ./Configure --prefix="$sslinstallnonstatic" "$sslflags_nonstatic" || error_cleanup "OpenSSL Configure failed" +CC="${warch}-w64-mingw32-gcc" AR="${warch}-w64-mingw32-ar" RANLIB="${warch}-w64-mingw32-ranlib" WINDRES="${warch}-w64-mingw32-windres" ./Configure --prefix="$sslinstallnonstatic" $sslflags_nonstatic || error_cleanup "OpenSSL Configure failed" info "winsslnonstatic: make" make || error_cleanup "make failed for $WINSSL" info "winsslnonstatic: make install_sw" @@ -206,8 +214,13 @@ if test ! -f install-sh -a -f ../../install-sh; then cp ../../install-sh . ; fi libtoolize -ci autoreconf -fi ldns_flag_nonstatic="--with-examples --with-drill" -info "ldnsnonstatic: Configure $cross_flag_nonstatic $ldns_flag_nonstatic" -$configure $cross_flag_nonstatic $ldns_flag_nonstatic || error_cleanup "ldns configure failed" +if test -f "/usr/${warch}-w64-mingw32/sys-root/mingw/bin/libssp-0.dll" ; then + info "ldnsnonstatic: Configure $cross_flag_nonstatic $ldns_flag_nonstatic LDFLAGS=\"-fstack-protector\" LIBS=\"-l:libssp.a\"" + $configure $cross_flag_nonstatic $ldns_flag_nonstatic LDFLAGS="-fstack-protector" LIBS="-l:libssp.a" || error_cleanup "ldns configure failed" +else + info "ldnsnonstatic: Configure $cross_flag_nonstatic $ldns_flag_nonstatic" + $configure $cross_flag_nonstatic $ldns_flag_nonstatic || error_cleanup "ldns configure failed" +fi info "ldnsnonstatic: make" make || error_cleanup "ldns make failed" # do not strip debug symbols, could be useful for stack traces