From b12b66cdd75835c6fb92bf25c2f68272f55d21cd Mon Sep 17 00:00:00 2001 From: Amos Jeffries Date: Sat, 17 Sep 2022 11:01:26 +0000 Subject: [PATCH] Cleanup libnettle detection (#1144) ... to use pkg-config compatible variable naming and break out the code test to a dedicated macro per the style used by other libraries. Also, add support for pkg-config library auto-detection. Also, our libcompat provides local replacement for Base64 on builds with older libnettle. Fix the library link order to ensure our functions get linked properly. --- acinclude/nettle.m4 | 36 +++++++++++++++++++ configure.ac | 46 +++++++++---------------- src/Makefile.am | 18 +++++----- src/auth/basic/NCSA/Makefile.am | 2 +- src/auth/basic/RADIUS/Makefile.am | 2 +- src/auth/digest/LDAP/Makefile.am | 2 +- src/auth/digest/eDirectory/Makefile.am | 2 +- src/auth/digest/file/Makefile.am | 2 +- src/auth/negotiate/kerberos/Makefile.am | 4 +-- src/auth/negotiate/wrapper/Makefile.am | 2 +- src/auth/ntlm/SMB_LM/Makefile.am | 2 +- src/auth/ntlm/fake/Makefile.am | 2 +- tools/Makefile.am | 2 +- tools/squidclient/Makefile.am | 2 +- 14 files changed, 74 insertions(+), 50 deletions(-) create mode 100644 acinclude/nettle.m4 diff --git a/acinclude/nettle.m4 b/acinclude/nettle.m4 new file mode 100644 index 0000000000..1ca4844cbd --- /dev/null +++ b/acinclude/nettle.m4 @@ -0,0 +1,36 @@ +## Copyright (C) 1996-2022 The Squid Software Foundation and contributors +## +## Squid software is distributed under GPLv2+ license and includes +## contributions from numerous individuals and organizations. +## Please see the COPYING and CONTRIBUTORS files for details. +## + +dnl check whether libnettle Base64 uses the nettle 3.4 API +dnl which matters on 64-bit systems +dnl Defines HAVE_NETTLE34_BASE64 based on the result +dnl +AC_DEFUN([SQUID_CHECK_NETTLE_BASE64],[ + AC_CHECK_HEADERS(nettle/base64.h) + AC_MSG_CHECKING([for Nettle 3.4 API compatibility]) + AH_TEMPLATE(HAVE_NETTLE34_BASE64,[set to 1 if Nettle 3.4 API will link]) + SQUID_STATE_SAVE(squid_nettle_base64_state) + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ +# include +# include +# include + ]],[[ + char inData[10]; inData[0] = '\0'; + size_t srcLen = 0; + struct base64_decode_ctx ctx; + base64_decode_init(&ctx); + uint8_t outData[10]; + size_t dstLen = 0; + if (!base64_decode_update(&ctx, &dstLen, outData, srcLen, inData) || + !base64_decode_final(&ctx)) { + return 1; + } + ]])],[AC_MSG_RESULT(yes) + AC_DEFINE(HAVE_NETTLE34_BASE64,1,[set to 1 if Nettle 3.4 API will link]) + ],[AC_MSG_RESULT(no)]) + SQUID_STATE_ROLLBACK(squid_nettle_base64_state) +]) diff --git a/configure.ac b/configure.ac index 75b4a51a37..e418014ee4 100644 --- a/configure.ac +++ b/configure.ac @@ -21,6 +21,7 @@ m4_include([acinclude/squid-util.m4]) m4_include([acinclude/compiler-flags.m4]) m4_include([acinclude/os-deps.m4]) m4_include([acinclude/krb5.m4]) +m4_include([acinclude/nettle.m4]) m4_include([acinclude/pam.m4]) m4_include([acinclude/pkg.m4]) m4_include([acinclude/tdb.m4]) @@ -1081,38 +1082,25 @@ AC_MSG_NOTICE([HTCP support enabled: $enable_htcp]) # Cryptograhic libraries SQUID_AUTO_LIB(nettle,[Nettle crypto],[LIBNETTLE]) AS_IF(test "x$with_nettle" != "xno"],[ - CPPFLAGS="$LIBNETTLE_CFLAGS $CPPFLAGS" - AC_CHECK_LIB(nettle, nettle_md5_init,[ - NETTLELIB="$LIBNETTLE_PATH -lnettle" - AC_CHECK_HEADERS(nettle/md5.h) - ],[with_nettle=no]) - AS_IF([test "x$with_nettle" != "xno"],[ - # Base64 uses the nettle 3.4 API - # which matters on 64-bit systems - AC_CHECK_HEADERS(nettle/base64.h) - AC_MSG_CHECKING([for Nettle 3.4 API compatibility]) - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ -# include -# include -# include - ]],[[ - char inData[10]; inData[0] = '\0'; - size_t srcLen = 0; - struct base64_decode_ctx ctx; - base64_decode_init(&ctx); - uint8_t outData[10]; - size_t dstLen = 0; - if (!base64_decode_update(&ctx, &dstLen, outData, srcLen, inData) || - !base64_decode_final(&ctx)) { - return 1; - } - ]])],[AC_MSG_RESULT(yes) - AC_DEFINE(HAVE_NETTLE34_BASE64,1,[set to 1 if Nettle 3.4 API will link]) - ],[AC_MSG_RESULT(no)]) + SQUID_STATE_SAVE(squid_nettle_state) + PKG_CHECK_MODULES([LIBNETTLE],[nettle >= 3.4],[],[ + CPPFLAGS="$LIBNETTLE_CFLAGS $CPPFLAGS" + AC_CHECK_LIB(nettle,[nettle_md5_init],[LIBNETTLE_LIBS="-lnettle"]) + ]) + AC_CHECK_HEADERS(nettle/base64.h nettle/md5.h) + SQUID_CHECK_NETTLE_BASE64 + SQUID_STATE_ROLLBACK(squid_nettle_state) + AS_IF([test "x$LIBNETTLE_LIBS" != "x"],[ + CXXFLAGS="$LIBNETTLE_CFLAGS $CXXFLAGS" + LIBNETTLE_LIBS="$LIBNETTLE_PATH $LIBNETTLE_LIBS" + ],[test "x$with_nettle" = "xyes"],[ + AC_MSG_ERROR([Required library nettle not found]) + ],[ + AC_MSG_NOTICE([Library nettle not found.]) ]) ]) AC_MSG_NOTICE([Using Nettle cryptographic library: ${with_nettle:=yes}]) -AC_SUBST(NETTLELIB) +AC_SUBST(LIBNETTLE_LIBS) dnl Check for libcrypt CRYPTLIB= diff --git a/src/Makefile.am b/src/Makefile.am index 2a4912fb0e..5df3b13398 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -514,7 +514,6 @@ squid_LDADD = \ debug/libdebug.la \ $(XTRA_OBJS) \ $(REPL_OBJS) \ - $(NETTLELIB) \ $(CRYPTLIB) \ $(REGEXLIB) \ $(ADAPTATION_LIBS) \ @@ -532,6 +531,7 @@ squid_LDADD = \ $(KRB5LIBS) \ $(SYSTEMD_LIBS) \ $(COMPAT_LIB) \ + $(LIBNETTLE_LIBS) \ $(XTRA_LIBS) if ENABLE_LOADABLE_MODULES @@ -1151,11 +1151,11 @@ tests_testRock_LDADD = \ $(top_builddir)/lib/libmisccontainers.la \ $(top_builddir)/lib/libmiscencoding.la \ $(top_builddir)/lib/libmiscutil.la \ - $(NETTLELIB) \ $(REGEXLIB) \ $(SSLLIB) \ $(LIBCPPUNIT_LIBS) \ $(COMPAT_LIB) \ + $(LIBNETTLE_LIBS) \ $(XTRA_LIBS) tests_testRock_LDFLAGS = $(AM_CPPFLAGS) $(LIBADD_DL) else @@ -1331,11 +1331,11 @@ tests_testUfs_LDADD = \ $(top_builddir)/lib/libmisccontainers.la \ $(top_builddir)/lib/libmiscencoding.la \ $(top_builddir)/lib/libmiscutil.la \ - $(NETTLELIB) \ $(REGEXLIB) \ $(SSLLIB) \ $(LIBCPPUNIT_LIBS) \ $(COMPAT_LIB) \ + $(LIBNETTLE_LIBS) \ $(XTRA_LIBS) tests_testUfs_LDFLAGS = $(LIBADD_DL) else @@ -1496,12 +1496,12 @@ tests_testStore_LDADD= \ $(top_builddir)/lib/libmisccontainers.la \ $(top_builddir)/lib/libmiscencoding.la \ $(top_builddir)/lib/libmiscutil.la \ - $(NETTLELIB) \ $(REGEXLIB) \ $(SSLLIB) \ CommCalls.o \ $(LIBCPPUNIT_LIBS) \ $(COMPAT_LIB) \ + $(LIBNETTLE_LIBS) \ $(XTRA_LIBS) tests_testStore_LDFLAGS = $(LIBADD_DL) @@ -1674,11 +1674,11 @@ tests_testDiskIO_LDADD = \ $(top_builddir)/lib/libmisccontainers.la \ $(top_builddir)/lib/libmiscencoding.la \ $(top_builddir)/lib/libmiscutil.la \ - $(NETTLELIB) \ $(REGEXLIB) \ $(SSLLIB) \ $(LIBCPPUNIT_LIBS) \ $(COMPAT_LIB) \ + $(LIBNETTLE_LIBS) \ $(XTRA_LIBS) tests_testDiskIO_LDFLAGS = $(LIBADD_DL) @@ -1957,13 +1957,13 @@ tests_test_http_range_LDADD = \ $(top_builddir)/lib/libmisccontainers.la \ $(top_builddir)/lib/libmiscencoding.la \ $(top_builddir)/lib/libmiscutil.la \ - $(NETTLELIB) \ $(REGEXLIB) \ $(SSLLIB) \ $(KRB5LIBS) \ $(LIBCPPUNIT_LIBS) \ $(SYSTEMD_LIBS) \ $(COMPAT_LIB) \ + $(LIBNETTLE_LIBS) \ $(XTRA_LIBS) tests_test_http_range_LDFLAGS = $(LIBADD_DL) @@ -2109,10 +2109,10 @@ tests_testHttpReply_LDADD=\ $(top_builddir)/lib/libmisccontainers.la \ $(top_builddir)/lib/libmiscencoding.la \ $(top_builddir)/lib/libmiscutil.la \ - $(NETTLELIB) \ $(SSLLIB) \ $(LIBCPPUNIT_LIBS) \ $(COMPAT_LIB) \ + $(LIBNETTLE_LIBS) \ $(XTRA_LIBS) tests_testHttpReply_LDFLAGS = $(LIBADD_DL) @@ -2341,13 +2341,13 @@ tests_testHttpRequest_LDADD = \ $(top_builddir)/lib/libmisccontainers.la \ $(top_builddir)/lib/libmiscencoding.la \ $(top_builddir)/lib/libmiscutil.la \ - $(NETTLELIB) \ $(REGEXLIB) \ $(SSLLIB) \ $(KRB5LIBS) \ $(LIBCPPUNIT_LIBS) \ $(SYSTEMD_LIBS) \ $(COMPAT_LIB) \ + $(LIBNETTLE_LIBS) \ $(XTRA_LIBS) tests_testHttpRequest_LDFLAGS = $(LIBADD_DL) @@ -2639,13 +2639,13 @@ tests_testCacheManager_LDADD = \ $(top_builddir)/lib/libmisccontainers.la \ $(top_builddir)/lib/libmiscencoding.la \ $(top_builddir)/lib/libmiscutil.la \ - $(NETTLELIB) \ $(REGEXLIB) \ $(SSLLIB) \ $(KRB5LIBS) \ $(LIBCPPUNIT_LIBS) \ $(SYSTEMD_LIBS) \ $(COMPAT_LIB) \ + $(LIBNETTLE_LIBS) \ $(XTRA_LIBS) tests_testCacheManager_LDFLAGS = $(LIBADD_DL) diff --git a/src/auth/basic/NCSA/Makefile.am b/src/auth/basic/NCSA/Makefile.am index 7963aa5189..e39e9b5010 100644 --- a/src/auth/basic/NCSA/Makefile.am +++ b/src/auth/basic/NCSA/Makefile.am @@ -19,7 +19,7 @@ basic_ncsa_auth_LDADD= \ $(top_builddir)/lib/libmisccontainers.la \ $(top_builddir)/lib/libmiscencoding.la \ $(COMPAT_LIB) \ - $(NETTLELIB) \ + $(LIBNETTLE_LIB) \ $(CRYPTLIB) \ $(SSLLIB) \ $(XTRA_LIBS) diff --git a/src/auth/basic/RADIUS/Makefile.am b/src/auth/basic/RADIUS/Makefile.am index c548a1f170..8201ceefef 100644 --- a/src/auth/basic/RADIUS/Makefile.am +++ b/src/auth/basic/RADIUS/Makefile.am @@ -21,6 +21,6 @@ basic_radius_auth_LDADD= \ $(top_builddir)/lib/libmiscencoding.la \ $(top_builddir)/src/base/libbase.la \ $(COMPAT_LIB) \ - $(NETTLELIB) \ + $(LIBNETTLE_LIBS) \ $(SSLLIB) \ $(XTRA_LIBS) diff --git a/src/auth/digest/LDAP/Makefile.am b/src/auth/digest/LDAP/Makefile.am index c4afa43897..d2e95be3aa 100644 --- a/src/auth/digest/LDAP/Makefile.am +++ b/src/auth/digest/LDAP/Makefile.am @@ -20,7 +20,7 @@ digest_ldap_auth_LDADD= \ $(COMPAT_LIB) \ $(LDAPLIB) \ $(LBERLIB) \ - $(NETTLELIB) \ + $(LIBNETTLE_LIBS) \ $(CRYPTLIB) \ $(SSLLIB) \ $(XTRA_LIBS) diff --git a/src/auth/digest/eDirectory/Makefile.am b/src/auth/digest/eDirectory/Makefile.am index baba329ac6..89a84127f5 100644 --- a/src/auth/digest/eDirectory/Makefile.am +++ b/src/auth/digest/eDirectory/Makefile.am @@ -22,7 +22,7 @@ digest_edirectory_auth_LDADD = \ $(COMPAT_LIB) \ $(LDAPLIB) \ $(LBERLIB) \ - $(NETTLELIB) \ + $(LIBNETTLE_LIBS) \ $(CRYPTLIB) \ $(SSLLIB) \ $(XTRA_LIBS) diff --git a/src/auth/digest/file/Makefile.am b/src/auth/digest/file/Makefile.am index 235d3293e4..4bb5d42c10 100644 --- a/src/auth/digest/file/Makefile.am +++ b/src/auth/digest/file/Makefile.am @@ -20,7 +20,7 @@ digest_file_auth_LDADD = \ $(top_builddir)/lib/libmisccontainers.la \ $(top_builddir)/lib/libmiscencoding.la \ $(COMPAT_LIB) \ - $(NETTLELIB) \ + $(LIBNETTLE_LIBS) \ $(CRYPTLIB) \ $(SSLLIB) \ $(XTRA_LIBS) diff --git a/src/auth/negotiate/kerberos/Makefile.am b/src/auth/negotiate/kerberos/Makefile.am index bab99bc635..72eb6d8416 100644 --- a/src/auth/negotiate/kerberos/Makefile.am +++ b/src/auth/negotiate/kerberos/Makefile.am @@ -26,7 +26,7 @@ negotiate_kerberos_auth_LDFLAGS= negotiate_kerberos_auth_LDADD= \ $(top_builddir)/lib/libmiscencoding.la \ $(COMPAT_LIB) \ - $(NETTLELIB) \ + $(LIBNETTLE_LIBS) \ $(KRB5LIBS) \ $(XTRA_LIBS) @@ -36,7 +36,7 @@ negotiate_kerberos_auth_test_LDFLAGS= negotiate_kerberos_auth_test_LDADD= \ $(top_builddir)/lib/libmiscencoding.la \ $(COMPAT_LIB) \ - $(NETTLELIB) \ + $(LIBNETTLE_LIBS) \ $(KRB5LIBS) \ $(XTRA_LIBS) diff --git a/src/auth/negotiate/wrapper/Makefile.am b/src/auth/negotiate/wrapper/Makefile.am index c158ad007a..bd34142860 100644 --- a/src/auth/negotiate/wrapper/Makefile.am +++ b/src/auth/negotiate/wrapper/Makefile.am @@ -16,5 +16,5 @@ negotiate_wrapper_auth_SOURCES = \ negotiate_wrapper_auth_LDADD= \ $(top_builddir)/lib/libmiscencoding.la \ $(COMPAT_LIB) \ - $(NETTLELIB) \ + $(LIBNETTLE_LIBS) \ $(XTRA_LIBS) diff --git a/src/auth/ntlm/SMB_LM/Makefile.am b/src/auth/ntlm/SMB_LM/Makefile.am index a122a6113d..595678f36e 100644 --- a/src/auth/ntlm/SMB_LM/Makefile.am +++ b/src/auth/ntlm/SMB_LM/Makefile.am @@ -16,7 +16,7 @@ ntlm_smb_lm_auth_LDADD = \ $(top_builddir)/lib/ntlmauth/libntlmauth.la \ $(top_builddir)/lib/libmiscencoding.la \ $(COMPAT_LIB) \ - $(NETTLELIB) \ + $(LIBNETTLE_LIBS) \ $(CRYPTLIB) \ $(XTRA_LIBS) diff --git a/src/auth/ntlm/fake/Makefile.am b/src/auth/ntlm/fake/Makefile.am index 6d7230aa64..9040515006 100644 --- a/src/auth/ntlm/fake/Makefile.am +++ b/src/auth/ntlm/fake/Makefile.am @@ -14,7 +14,7 @@ ntlm_fake_auth_LDADD= \ $(top_builddir)/lib/ntlmauth/libntlmauth.la \ $(top_builddir)/lib/libmiscencoding.la \ $(COMPAT_LIB) \ - $(NETTLELIB) \ + $(LIBNETTLE_LIBS) \ $(CRYPTLIB) \ $(XTRA_LIBS) diff --git a/tools/Makefile.am b/tools/Makefile.am index d0950c4160..43c327de56 100644 --- a/tools/Makefile.am +++ b/tools/Makefile.am @@ -22,7 +22,7 @@ LDADD= \ $(top_builddir)/lib/libmiscencoding.la \ $(top_builddir)/lib/libmiscutil.la \ $(COMPAT_LIB) \ - $(NETTLELIB) \ + $(LIBNETTLE_LIBS) \ $(KRB5LIBS) \ $(XTRA_LIBS) diff --git a/tools/squidclient/Makefile.am b/tools/squidclient/Makefile.am index 2c745b0276..4da06191b0 100644 --- a/tools/squidclient/Makefile.am +++ b/tools/squidclient/Makefile.am @@ -21,7 +21,7 @@ LDADD = \ $(top_builddir)/lib/libmiscutil.la \ $(COMPAT_LIB) \ $(LIBGNUTLS_LIBS) \ - $(NETTLELIB) \ + $(LIBNETTLE_LIBS) \ $(KRB5LIBS) \ $(XTRA_LIBS) -- 2.47.2