created 'X509_get_signature_nid()' shim for OpenSSL < v1.1.0

fixed unit test for sntp/packetProcessing to work with or without AUTOKEY flag

bk: 57ed7f4aEPHp3EQbeJpLKxn7HiXyzA

diff --git a/include/libssl_compat.h b/include/libssl_compat.h
index 65d7501f839090075303a9474708ce0686fa14cb..a8938a1517c8e25fc6e5bffa0236e535e0ab0328 100644 (file)
--- a/include/libssl_compat.h
+++ b/include/libssl_compat.h
@@ -28,6 +28,9 @@
 #if OPENSSL_VERSION_NUMBER < 0x10100000L
 /* ----------------------------------------------------------------- */
 
+# include <openssl/objects.h>
+# include <openssl/x509.h>
+
 /* shim the new-style API on an old-style OpenSSL */
 
 extern BN_GENCB*       sslshimBN_GENCB_new(void);
@@ -62,6 +65,8 @@ extern void   sslshim_DSA_get0_key(const DSA *pdsa, const BIGNUM **ppub_key,
 extern int     sslshim_DSA_set0_key(DSA *pdsa, BIGNUM *pub_key,
                                     BIGNUM *priv_key);
 
+extern int     sslshim_X509_get_signature_nid(const X509 *x);
+
 #define        BN_GENCB_new            sslshimBN_GENCB_new
 #define        BN_GENCB_free           sslshimBN_GENCB_free
 
@@ -86,8 +91,10 @@ extern int   sslshim_DSA_set0_key(DSA *pdsa, BIGNUM *pub_key,
 #define DSA_get0_key           sslshim_DSA_get0_key
 #define DSA_set0_key           sslshim_DSA_set0_key
 
+#define X509_get_signature_nid sslshim_X509_get_signature_nid
+
 /* ----------------------------------------------------------------- */
-#endif /* OPENSSL_VERSION_NUMBER checks */
+#endif /* OPENSSL_VERSION_NUMBER < v1.1.0 */
 /* ----------------------------------------------------------------- */
 
 #endif /* NTP_LIBSSL_COMPAT_H */

diff --git a/libntp/libssl_compat.c b/libntp/libssl_compat.c
index 513d3d8ee6a15f4e8e76e445c1b13571219abbcf..ce6acb7d3c78374874b9d11bbee907d7fd976ac4 100644 (file)
--- a/libntp/libssl_compat.c
+++ b/libntp/libssl_compat.c
@@ -316,8 +316,16 @@ sslshim_DSA_set0_key(
        return 1;
 }
 
+int
+sslshim_X509_get_signature_nid(
+       const X509 *x
+       )
+{
+       return OBJ_obj2nid(x->sig_alg->algorithm);
+}
+
 /* ----------------------------------------------------------------- */
-#else
+#else /* OPENSSL_VERSION_NUMBER >= v1.1.0 */
 /* ----------------------------------------------------------------- */
 
 NONEMPTY_TRANSLATION_UNIT

diff --git a/libntp/ssl_init.c b/libntp/ssl_init.c
index 16438ad7d6ee828857a4ecc24434cda2e7115306..ef0f1c185a881a17bf411f0d924f7b8f6df8c2c6 100644 (file)
--- a/libntp/ssl_init.c
+++ b/libntp/ssl_init.c
@@ -64,17 +64,6 @@ ssl_check_version(void)
        INIT_SSL();
 }
 
-# if OPENSSL_VERSION_NUMBER < 0x10002000L
-# include <openssl/objects.h>
-# include <openssl/x509.h>
-
-int X509_get_signature_nid(const X509 *x);
-
-int X509_get_signature_nid(const X509 *x)
-{
-    return OBJ_obj2nid(x->sig_alg->algorithm);
-}
-# endif
 #endif /* OPENSSL */
 
 

diff --git a/sntp/tests/packetProcessing.c b/sntp/tests/packetProcessing.c
index 40805461619b45d3c9fa3b919acee7e1992c8410..660b5b6e20f15916fbb6a77046d99899a7c609c6 100644 (file)
--- a/sntp/tests/packetProcessing.c
+++ b/sntp/tests/packetProcessing.c
@@ -163,7 +163,6 @@ test_LengthNotMultipleOfFour(void)
 void
 test_TooShortExtensionFieldLength(void)
 {
-XXX BO FRAG 1
        /* [Bug 2998] We have to get around the formal specification of
         * the extension field if AUTOKEY is undefined. (At least CLANG
         * issues a warning in this case. It's just a warning, but
@@ -171,9 +170,6 @@ XXX BO FRAG 1
         */
        uint32_t * pe = testpkt.p.exten + 7;
        
-XXX ELSE
-#ifdef AUTOKEY
-XXX EO FRAG 1
        /* The lower 16-bits are the length of the extension field.
         * This lengths must be multiples of 4 bytes, which gives
         * a minimum of 4 byte extension field length.
@@ -187,17 +183,8 @@ XXX EO FRAG 1
        int pkt_len = LEN_PKT_NOMAC + 4 + 24;
 
        TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
-XXX ORIG FRAG 2
-                         process_pkt(&testpkt, &testsock, pkt_len,
-                                     MODE_SERVER, &testspkt, "UnitTest"));
-XXX BO FRAG 2
                          process_pkt(&testpkt.p, &testsock, pkt_len,
                                      MODE_SERVER, &testspkt.p, "UnitTest"));
-XXX ELSE FRAG 2
-                         process_pkt(&testpkt, &testsock, pkt_len,
-                                     MODE_SERVER, &testspkt, "UnitTest"));
-#endif  /* AUTOKEY */
-XXX EO FRAG 2
 }