- Portable grep usage for reuseport configure test.

- Check return type of HMAC_Init_ex for openssl 0.9.8.

diff --git a/config.h.in b/config.h.in
index d8ec50a6d7669cd5a275b95f9642278e9ec967d6..3bec6c4fac751f826a50478275f281695585c63a 100644 (file)
--- a/config.h.in
+++ b/config.h.in
@@ -620,6 +620,9 @@
 /* Define to 1 if you have the `_beginthreadex' function. */
 #undef HAVE__BEGINTHREADEX
 
+/* If HMAC_Init_ex() returns void */
+#undef HMAC_INIT_EX_RETURNS_VOID
+
 /* if lex has yylex_destroy */
 #undef LEX_HAS_YYLEX_DESTROY
 

diff --git a/configure b/configure
index ae025fdb7037e2b892d461ad4fd12ad5dd8c4862..60127ca3362bb061ca2f0f77381eec727e09fd77 100755 (executable)
--- a/configure
+++ b/configure
@@ -16116,7 +16116,7 @@ done
 
 
 # check if we can use SO_REUSEPORT
-if echo "$host" | grep -i -e linux -e dragonfly >/dev/null; then
+if echo "$host" | $GREP -i -e linux -e dragonfly >/dev/null; then
 
 $as_echo "#define REUSEPORT_DEFAULT 1" >>confdefs.h
 
@@ -18341,6 +18341,63 @@ cat >>confdefs.h <<_ACEOF
 #define HAVE_DECL_SSL_CTX_SET_ECDH_AUTO $ac_have_decl
 _ACEOF
 
+
+if test "$ac_cv_func_HMAC_Init_ex" = "yes"; then
+# check function return type.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking the return type of HMAC_Init_ex" >&5
+$as_echo_n "checking the return type of HMAC_Init_ex... " >&6; }
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#ifdef HAVE_OPENSSL_ERR_H
+#include <openssl/err.h>
+#endif
+
+#ifdef HAVE_OPENSSL_RAND_H
+#include <openssl/rand.h>
+#endif
+
+#ifdef HAVE_OPENSSL_CONF_H
+#include <openssl/conf.h>
+#endif
+
+#ifdef HAVE_OPENSSL_ENGINE_H
+#include <openssl/engine.h>
+#endif
+#include <openssl/ssl.h>
+#include <openssl/evp.h>
+
+int
+main ()
+{
+
+       HMAC_CTX* hmac_ctx = NULL;
+       void* hmac_key = NULL;
+       const EVP_MD* digest = NULL;
+       int x = HMAC_Init_ex(hmac_ctx, hmac_key, 32, digest, NULL);
+       (void)x;
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+       { $as_echo "$as_me:${as_lineno-$LINENO}: result: int" >&5
+$as_echo "int" >&6; }
+
+else
+
+       { $as_echo "$as_me:${as_lineno-$LINENO}: result: void" >&5
+$as_echo "void" >&6; }
+
+$as_echo "#define HMAC_INIT_EX_RETURNS_VOID 1" >>confdefs.h
+
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+
 fi
 
 

diff --git a/configure.ac b/configure.ac
index d8a1ac95bc16e40e3613bcb84f8029fbde936146..e30b16f9fcd0dd72c2fab1f035c4f78a76d475a1 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -476,7 +476,7 @@ ACX_MKDIR_ONE_ARG
 AC_CHECK_FUNCS([strptime],[AC_CHECK_STRPTIME_WORKS],[AC_LIBOBJ([strptime])])
 
 # check if we can use SO_REUSEPORT
-if echo "$host" | grep -i -e linux -e dragonfly >/dev/null; then
+if echo "$host" | $GREP -i -e linux -e dragonfly >/dev/null; then
        AC_DEFINE(REUSEPORT_DEFAULT, 1, [if REUSEPORT is enabled by default])
 else
        AC_DEFINE(REUSEPORT_DEFAULT, 0, [if REUSEPORT is enabled by default])
@@ -835,6 +835,42 @@ AC_INCLUDES_DEFAULT
 #include <openssl/ssl.h>
 #include <openssl/evp.h>
 ])
+
+if test "$ac_cv_func_HMAC_Init_ex" = "yes"; then
+# check function return type.
+AC_MSG_CHECKING(the return type of HMAC_Init_ex)
+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([
+#ifdef HAVE_OPENSSL_ERR_H
+#include <openssl/err.h>
+#endif
+
+#ifdef HAVE_OPENSSL_RAND_H
+#include <openssl/rand.h>
+#endif
+
+#ifdef HAVE_OPENSSL_CONF_H
+#include <openssl/conf.h>
+#endif
+
+#ifdef HAVE_OPENSSL_ENGINE_H
+#include <openssl/engine.h>
+#endif
+#include <openssl/ssl.h>
+#include <openssl/evp.h>
+], [
+       HMAC_CTX* hmac_ctx = NULL;
+       void* hmac_key = NULL;
+       const EVP_MD* digest = NULL;
+       int x = HMAC_Init_ex(hmac_ctx, hmac_key, 32, digest, NULL);
+       (void)x;
+])], [
+       AC_MSG_RESULT(int)
+], [
+       AC_MSG_RESULT(void)
+       AC_DEFINE([HMAC_INIT_EX_RETURNS_VOID], 1, [If HMAC_Init_ex() returns void])
+])
+fi
+
 fi
 AC_SUBST(SSLLIB)
 

diff --git a/doc/Changelog b/doc/Changelog
index baef547ca420e9a0491f7922d414de3cd2d81f85..0d28dc31e172df00e07ae0886ac851ea0c2f6194 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -3,6 +3,8 @@
          code checkers.
        - update to bison output of 3.4.1 in code repository.
        - Provide a prototype for compat malloc to remove compile warning.
+       - Portable grep usage for reuseport configure test.
+       - Check return type of HMAC_Init_ex for openssl 0.9.8.
 
 13 November 2019: Wouter
        - iana portlist updated.

diff --git a/util/net_help.c b/util/net_help.c
index f2fe6a6ddf66e6659a10605a34392f2a9d92a006..9747b5d55a781d06c99a45e5c2bd961547a2f19b 100644 (file)
--- a/util/net_help.c
+++ b/util/net_help.c
@@ -1223,10 +1223,14 @@ int tls_session_ticket_key_cb(void *ATTR_UNUSED(sslctx), unsigned char* key_name
                        verbose(VERB_CLIENT, "EVP_EncryptInit_ex failed");
                        return -1;
                }
+#ifndef HMAC_INIT_EX_RETURNS_VOID
                if (HMAC_Init_ex(hmac_ctx, ticket_keys->hmac_key, 32, digest, NULL) != 1) {
                        verbose(VERB_CLIENT, "HMAC_Init_ex failed");
                        return -1;
                }
+#else
+               HMAC_Init_ex(hmac_ctx, ticket_keys->hmac_key, 32, digest, NULL);
+#endif
                return 1;
        } else if (enc == 0) {
                /* decrypt */
@@ -1243,10 +1247,14 @@ int tls_session_ticket_key_cb(void *ATTR_UNUSED(sslctx), unsigned char* key_name
                        return 0;
                }
 
+#ifndef HMAC_INIT_EX_RETURNS_VOID
                if (HMAC_Init_ex(hmac_ctx, key->hmac_key, 32, digest, NULL) != 1) {
                        verbose(VERB_CLIENT, "HMAC_Init_ex failed");
                        return -1;
                }
+#else
+               HMAC_Init_ex(hmac_ctx, key->hmac_key, 32, digest, NULL);
+#endif
                if (EVP_DecryptInit_ex(evp_sctx, cipher, NULL, key->aes_key, iv) != 1) {
                        log_err("EVP_DecryptInit_ex failed");
                        return -1;