From 9f26f397a952afc612d89f5b0fb75ed24059d936 Mon Sep 17 00:00:00 2001 From: "W.C.A. Wijngaards" Date: Tue, 21 Sep 2021 13:51:34 +0200 Subject: [PATCH] - Fix crosscompile windows to use libssp when it exists. - For the windows compile script disable gost. - Fix that on windows, use BIO_set_callback_ex instead of deprecated --- config.h.in | 3 +++ configure | 2 +- configure.ac | 2 +- doc/Changelog | 4 ++++ makedist.sh | 18 +++++++----------- util/netevent.c | 19 ++++++++++++++++++- 6 files changed, 34 insertions(+), 14 deletions(-) diff --git a/config.h.in b/config.h.in index ea6afa480..da25a2928 100644 --- a/config.h.in +++ b/config.h.in @@ -72,6 +72,9 @@ /* If we have be64toh */ #undef HAVE_BE64TOH +/* Define to 1 if you have the `BIO_set_callback_ex' function. */ +#undef HAVE_BIO_SET_CALLBACK_EX + /* Define to 1 if you have the header file. */ #undef HAVE_BSD_STDLIB_H diff --git a/configure b/configure index 03e8fb5fd..ec8a25499 100755 --- a/configure +++ b/configure @@ -18455,7 +18455,7 @@ fi done -for ac_func in OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode EVP_MD_CTX_new OpenSSL_add_all_digests OPENSSL_init_crypto EVP_cleanup ENGINE_cleanup ERR_load_crypto_strings CRYPTO_cleanup_all_ex_data ERR_free_strings RAND_cleanup DSA_SIG_set0 EVP_dss1 EVP_DigestVerify EVP_aes_256_cbc EVP_EncryptInit_ex HMAC_Init_ex CRYPTO_THREADID_set_callback EVP_MAC_CTX_set_params OSSL_PARAM_BLD_new +for ac_func in OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode EVP_MD_CTX_new OpenSSL_add_all_digests OPENSSL_init_crypto EVP_cleanup ENGINE_cleanup ERR_load_crypto_strings CRYPTO_cleanup_all_ex_data ERR_free_strings RAND_cleanup DSA_SIG_set0 EVP_dss1 EVP_DigestVerify EVP_aes_256_cbc EVP_EncryptInit_ex HMAC_Init_ex CRYPTO_THREADID_set_callback EVP_MAC_CTX_set_params OSSL_PARAM_BLD_new BIO_set_callback_ex do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" diff --git a/configure.ac b/configure.ac index b9b177584..99d57c412 100644 --- a/configure.ac +++ b/configure.ac @@ -867,7 +867,7 @@ else AC_MSG_RESULT([no]) fi AC_CHECK_HEADERS([openssl/conf.h openssl/engine.h openssl/bn.h openssl/dh.h openssl/dsa.h openssl/rsa.h openssl/core_names.h openssl/param_build.h],,, [AC_INCLUDES_DEFAULT]) -AC_CHECK_FUNCS([OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode EVP_MD_CTX_new OpenSSL_add_all_digests OPENSSL_init_crypto EVP_cleanup ENGINE_cleanup ERR_load_crypto_strings CRYPTO_cleanup_all_ex_data ERR_free_strings RAND_cleanup DSA_SIG_set0 EVP_dss1 EVP_DigestVerify EVP_aes_256_cbc EVP_EncryptInit_ex HMAC_Init_ex CRYPTO_THREADID_set_callback EVP_MAC_CTX_set_params OSSL_PARAM_BLD_new]) +AC_CHECK_FUNCS([OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode EVP_MD_CTX_new OpenSSL_add_all_digests OPENSSL_init_crypto EVP_cleanup ENGINE_cleanup ERR_load_crypto_strings CRYPTO_cleanup_all_ex_data ERR_free_strings RAND_cleanup DSA_SIG_set0 EVP_dss1 EVP_DigestVerify EVP_aes_256_cbc EVP_EncryptInit_ex HMAC_Init_ex CRYPTO_THREADID_set_callback EVP_MAC_CTX_set_params OSSL_PARAM_BLD_new BIO_set_callback_ex]) # these check_funcs need -lssl BAKLIBS="$LIBS" diff --git a/doc/Changelog b/doc/Changelog index f24cd7274..c6667ff3e 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,6 +1,10 @@ 21 September 2021: Wouter - For crosscompile on windows, detect 64bit stackprotector library. - Fix crosscompile shell syntax. + - Fix crosscompile windows to use libssp when it exists. + - For the windows compile script disable gost. + - Fix that on windows, use BIO_set_callback_ex instead of deprecated + BIO_set_callback. 20 September 2021: Wouter - Fix crosscompile on windows to work with openssl 3.0.0 the diff --git a/makedist.sh b/makedist.sh index f288383fa..1aafb8467 100755 --- a/makedist.sh +++ b/makedist.sh @@ -271,12 +271,12 @@ if [ "$DOWIN" = "yes" ]; then else sslflags="no-asm -DOPENSSL_NO_CAPIENG mingw" fi - if test "$W64" = "yes" -a -f /usr/x86_64-w64-mingw32/sys-root/mingw/bin/libssp-0.dll; then + if test -f /usr/x86_64-w64-mingw32/sys-root/mingw/bin/libssp-0.dll; then # stack protector lib needs to link in to make # -lws2_32 work in openssl link stage SSPLIB="-l:libssp.a" else - # disable SSPLIB for 32bit or if no such file + # disable SSPLIB if no such file SSPLIB="" fi info "winssl: Configure no-shared $sslflags" @@ -376,12 +376,12 @@ if [ "$DOWIN" = "yes" ]; then fi if test "$W64" = "no"; then # Disable stack-protector for 32-bit windows builds. - echo "$configure"' --enable-debug --enable-static-exe --disable-flto '"$* $cross_flag" "$file_flag" "$file2_flag" "$file3_flag" CFLAGS='-O2 -g -fno-stack-protector' - $configure --enable-debug --enable-static-exe --disable-flto $* $cross_flag "$file_flag" "$file2_flag" "$file3_flag" CFLAGS='-O2 -g -fno-stack-protector'\ + echo "$configure"' --enable-debug --enable-static-exe --disable-flto --disable-gost '"$* $cross_flag" "$file_flag" "$file2_flag" "$file3_flag" CFLAGS='-O2 -g -fno-stack-protector' + $configure --enable-debug --enable-static-exe --disable-flto --disable-gost $* $cross_flag "$file_flag" "$file2_flag" "$file3_flag" CFLAGS='-O2 -g -fno-stack-protector'\ || error_cleanup "Could not configure" else - echo "$configure"' --enable-debug --enable-static-exe --disable-flto '"$* $cross_flag" - $configure --enable-debug --enable-static-exe --disable-flto $* $cross_flag \ + echo "$configure"' --enable-debug --enable-static-exe --disable-flto --disable-gost '"$* $cross_flag" + $configure --enable-debug --enable-static-exe --disable-flto --disable-gost $* $cross_flag \ || error_cleanup "Could not configure" fi info "Calling make" @@ -439,11 +439,7 @@ if [ "$DOWIN" = "yes" ]; then cp ../../sslsharedinstall/lib64/libssl.dll.a libunbound/. fi cp ../../unbound_shared/unbound.h ../../unbound_shared/.libs/libunbound*.dll ../../unbound_shared/.libs/libunbound.dll.a ../../unbound_shared/.libs/libunbound.a ../../unbound_shared/.libs/libunbound*.def ../../sslsharedinstall/bin/libcrypto*.dll ../../sslsharedinstall/bin/libssl*.dll ../../wxpinstall/bin/libexpat*.dll ../../wxpinstall/lib/libexpat.dll.a libunbound/. - if test "$W64" = "no"; then - # Disable stack-protector for 32-bit windows builds. - # cp /usr/i686-w64-mingw32/sys-root/mingw/bin/libssp-0.dll libunbound/. - : - else + if test -f /usr/x86_64-w64-mingw32/sys-root/mingw/bin/libssp-0.dll; then cp /usr/x86_64-w64-mingw32/sys-root/mingw/bin/libssp-0.dll libunbound/. fi # zipfile diff --git a/util/netevent.c b/util/netevent.c index 9a3b210b2..19ac2c837 100644 --- a/util/netevent.c +++ b/util/netevent.c @@ -943,7 +943,16 @@ int comm_point_perform_accept(struct comm_point* c, #ifdef USE_WINSOCK static long win_bio_cb(BIO *b, int oper, const char* ATTR_UNUSED(argp), - int ATTR_UNUSED(argi), long argl, long retvalue) +#ifdef HAVE_BIO_SET_CALLBACK_EX + size_t ATTR_UNUSED(len), +#endif + int ATTR_UNUSED(argi), long argl, +#ifndef HAVE_BIO_SET_CALLBACK_EX + long retvalue +#else + int retvalue, size_t* ATTR_UNUSED(processed) +#endif + ) { int wsa_err = WSAGetLastError(); /* store errcode before it is gone */ verbose(VERB_ALGO, "bio_cb %d, %s %s %s", oper, @@ -973,9 +982,17 @@ comm_point_tcp_win_bio_cb(struct comm_point* c, void* thessl) { SSL* ssl = (SSL*)thessl; /* set them both just in case, but usually they are the same BIO */ +#ifdef HAVE_BIO_SET_CALLBACK_EX + BIO_set_callback_ex(SSL_get_rbio(ssl), &win_bio_cb); +#else BIO_set_callback(SSL_get_rbio(ssl), &win_bio_cb); +#endif BIO_set_callback_arg(SSL_get_rbio(ssl), (char*)c->ev->ev); +#ifdef HAVE_BIO_SET_CALLBACK_EX + BIO_set_callback_ex(SSL_get_wbio(ssl), &win_bio_cb); +#else BIO_set_callback(SSL_get_wbio(ssl), &win_bio_cb); +#endif BIO_set_callback_arg(SSL_get_wbio(ssl), (char*)c->ev->ev); } #endif -- 2.47.3