From: Ondřej Surý <ondrej@sury.org>
Date: Thu, 19 Jul 2018 17:47:41 +0000 (-0400)
Subject: Fix the Windows build
X-Git-Tag: v9.13.3~99^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=08974f39f12171976b6390cd53d6f76d039fa1db;p=thirdparty%2Fbind9.git

Fix the Windows build
---

diff --git a/config.h.win32 b/config.h.win32
index c4809ec948b..40e7262ed24 100644
--- a/config.h.win32
+++ b/config.h.win32
@@ -336,9 +336,6 @@ typedef __int64 off_t;
 /* Define if native PKCS#11 is used as cryptographic library provider */
 @USE_PKCS11@
 
-/* Define if your PKCS11 provider supports ECDSA. */
-@HAVE_PKCS11_ECDSA@
-
 /* Define if your PKCS11 provider supports Ed25519. */
 @HAVE_PKCS11_ED25519@
 
diff --git a/lib/isc/win32/include/isc/platform.h.in b/lib/isc/win32/include/isc/platform.h.in
index c4999482840..283fc4f7e26 100644
--- a/lib/isc/win32/include/isc/platform.h.in
+++ b/lib/isc/win32/include/isc/platform.h.in
@@ -84,11 +84,6 @@
 #define ISC_PLATFORM_NORETURN_PRE __declspec(noreturn)
 #define ISC_PLATFORM_NORETURN_POST
 
-/*
- * Define if the hash functions must be provided by OpenSSL.
- */
-@ISC_PLATFORM_OPENSSLHASH@
-
 /*
  * If the "xadd" operation is available on this architecture,
  * ISC_PLATFORM_HAVEXADD will be defined.
diff --git a/win32utils/Configure b/win32utils/Configure
index 675e931f654..0c1bfc255ba 100644
--- a/win32utils/Configure
+++ b/win32utils/Configure
@@ -208,7 +208,6 @@ my @substdefh = ("AES_CC",
 		 "HAVE_ECDSA_SIG_GET0",
 		 "HAVE_RSA_SET0_KEY",
 		 "USE_PKCS11",
-                 "HAVE_PKCS11_ECDSA",
                  "HAVE_PKCS11_ED25519",
                  "HAVE_PKCS11_ED448",
                  "HAVE_READLINE",
@@ -460,7 +459,6 @@ my $enable_intrinsics = "yes";
 my $cryptolib = "";
 my $enable_native_pkcs11 = "no";
 my $enable_crypto_rand = "yes";
-my $enable_openssl_hash = "auto";
 my $enable_isc_spnego = "yes";
 my $enable_fixed_rrset = "no";
 my $enable_developer = "no";
@@ -475,7 +473,6 @@ my $use_openssl = "auto";
 my $openssl_path = "..\\..\\";
 my $use_pkcs11 = "no";
 my $pkcs11_path = "unknown";
-my $use_ecdsa = "auto";
 my $use_eddsa = "auto";
 my $use_ed448 = "auto";
 my $use_aes = "auto";
@@ -668,12 +665,6 @@ sub myenable {
         if ($val =~ /^yes$/i) {
             $enable_native_pkcs11 = "yes";
         }
-    } elsif ($key =~ /^openssl-hash$/i) {
-        if ($val =~ /^yes$/i) {
-            $enable_openssl_hash = "yes";
-        } elsif ($val =~ /^no$/i) {
-            $enable_openssl_hash = "no";
-        }
     } elsif ($key =~ /^isc-spnego$/i) {
         if ($val =~ /^no$/i) {
             $enable_isc_spnego = "no";
@@ -752,7 +743,7 @@ sub mywith {
         }
     } elsif ($key =~ /^openssl$/i) {
         if ($val =~ /^no$/i) {
-            $use_openssl = "no";
+	    die "OpenSSL support is now mandatory\n";
         } elsif ($val !~ /^yes$/i) {
             $use_openssl = "yes";
             $openssl_path = $val;
@@ -765,12 +756,6 @@ sub mywith {
             $pkcs11_path = $val;
             $pkcs11_path =~ s/\.dll$//i;
         }
-    } elsif ($key =~ /^ecdsa$/i) {
-        if ($val =~ /^no$/i) {
-            $use_ecdsa = "no";
-        } elsif ($val =~ /^yes$/i) {
-            $use_ecdsa = "yes";
-        }
     } elsif ($key =~ /^eddsa$/i) {
         if ($val =~ /^no$/i) {
             $use_eddsa = "no";
@@ -879,19 +864,6 @@ sub mywith {
     }
 }
 
-# resolve enable-openssl-hash
-if ($enable_openssl_hash eq "auto") {
-    if ($use_openssl ne "no") {
-        if ($enable_native_pkcs11 eq "yes") {
-            $enable_openssl_hash="no";
-        } else {
-            $enable_openssl_hash="yes";
-        }
-    } else {
-        $enable_openssl_hash="no";
-    }
-}
-
 if ($want_help ne "no") {
     foreach (@help) {
         print $_;
@@ -951,11 +923,7 @@ if ($verbose) {
     } else {
         print "native-pkcs11: disabled\n";
     }
-    if ($enable_openssl_hash eq "yes") {
-        print "openssl-hash: enabled\n";
-    } else {
-        print "openssl-hash: disabled\n";
-    }
+    print "openssl-hash: enabled\n";
     if ($enable_isc_spnego eq "yes") {
         print "isc-spnego: enabled\n";
     } else {
@@ -987,11 +955,7 @@ if ($verbose) {
         print "rpz-nsdname: disabled\n";
     }
     print "cookie algorithm: $cookie_algorithm\n";
-    if ($use_openssl eq "no") {
-        print "openssl: disabled\n";
-    } else {
-        print "openssl-path: $openssl_path\n";
-    }
+    print "openssl-path: $openssl_path\n";
     if ($use_tests eq "yes") {
         print "tests: enabled\n";
     }
@@ -1009,11 +973,7 @@ if ($verbose) {
     } else {
         print "pkcs11-provider-path: $pkcs11_path\n";
     }
-    if ($use_ecdsa eq "no") {
-        print "ecdsa: disabled\n";
-    } else {
-        print "ecdsa: enabled\n";
-    }
+    print "ecdsa: enabled\n";
     if ($use_eddsa eq "no") {
         print "eddsa: disabled\n";
     } else {
@@ -1294,12 +1254,6 @@ if ($enable_intrinsics eq "yes") {
 # enable-native-pkcs11
 if ($enable_native_pkcs11 eq "yes") {
     $cryptolib = "pkcs11";
-    if ($use_openssl eq "auto") {
-        $use_openssl = "no";
-    }
-    if ($use_openssl ne "no") {
-        die "can't have both OpenSSL and native PKCS#11\n";
-    }
     if ($use_pkcs11 ne "yes") {
         if ($verbose) {
             print "native PKCS#11 support: force with-pkcs11\n";
@@ -1313,16 +1267,6 @@ if ($enable_native_pkcs11 eq "yes") {
     }
     $configdefd{"CRYPTO"} = "PKCS11CRYPTO";
     $configdefh{"USE_PKCS11"} = 1;
-    if ($use_ecdsa eq "no") {
-        if ($verbose) {
-            print "no ECDSA support in native PKCS#11\n";
-        }
-    } else {
-        if ($verbose) {
-            print "enabled ECDSA support in native PKCS#11\n";
-        }
-        $configdefh{"HAVE_PKCS11_ECDSA"} = 1;
-    }
     if ($use_eddsa eq "no") {
         if ($verbose) {
             print "no EDDSA support in native PKCS#11\n";
@@ -1396,11 +1340,7 @@ if ($use_samples eq "yes") {
 }
 
 # with-openssl
-if ($use_openssl eq "no") {
-    if ($verbose) {
-        print "OpenSSL library is disabled\n";
-    }
-} elsif ($use_openssl eq "auto") {
+if ($use_openssl eq "auto") {
     if ($verbose) {
         print "checking for an OpenSSL built directory at sibling root\n";
     }
@@ -1629,52 +1569,6 @@ EOF
     }
 }
 
-# with-ecdsa
-if ($use_openssl eq "no") {
-    $use_ecdsa = "no";
-}
-if ($use_ecdsa eq "auto") {
-    if ($verbose) {
-        print "checking for OpenSSL ECDSA support\n";
-    }
-    open F, ">testecdsa.c" || die $!;
-    print F << 'EOF';
-#include <openssl/ecdsa.h>
-#include <openssl/objects.h>
-
-int
-main(void)
-{
-        EC_KEY *ec256, *ec384;
-
-        ec256 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
-        ec384 = EC_KEY_new_by_curve_name(NID_secp384r1);
-        if (ec256 == NULL || ec384 == NULL)
-                return (2);
-        return (0);
-}
-EOF
-    close F;
-    my $include = $configinc{"OPENSSL_INC"};
-    my $library = $configlib{"OPENSSL_LIB"};
-    $compret = `cl /nologo /MD /I "$include" testecdsa.c "$library"`;
-    if (grep { -f and -x } ".\\testecdsa.exe") {
-        `.\\testecdsa.exe`;
-        if ($? != 0) {
-            if ($verbose) {
-                print "ECDSA test failed: disabling ECDSA\n";
-            }
-            $use_ecdsa = "no";
-        }
-    } else {
-        if ($verbose) {
-            print "can't compile ECDSA test: $compret\n";
-            print "disabling ECDSA\n";
-        }
-    $use_ecdsa = "no";
-    }
-}
-
 # with-eddsa
 if ($use_openssl eq "no") {
     $use_eddsa = "no";
@@ -1881,14 +1775,6 @@ if ($cryptolib ne "") {
     die "No cryptography library has been found or provided."
 }
 
-# enable-openssl-hash
-if ($enable_openssl_hash eq "yes") {
-    if ($use_openssl eq "no") {
-        die "No OpenSSL for hash functions\n";
-    }
-    $configdefp{"ISC_PLATFORM_OPENSSLHASH"} = 1;
-}
-
 # with-pkcs11
 if ($use_pkcs11 ne "no") {
     $configcond{"PKCS11"} = 1;