From: Dave Hart Date: Mon, 30 Oct 2023 04:31:05 +0000 (+0000) Subject: [Bug 3847] SSL detection in configure should run-test if runpath is needed. X-Git-Tag: NTP_4_2_8P18_RC1~28^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=84546d7328fc5b85633ba5ecd0a3f8dc3e126d75;p=thirdparty%2Fntp.git [Bug 3847] SSL detection in configure should run-test if runpath is needed. Use @configure_input@ in various *.in files to include a comment that the file is generated from another pointing to the *.in. Correct underquoting, indents in ntp_facilitynames.m4. Clean up a few warnings seen building with older gcc. Fix build on older FreeBSD lacking sys/procctl.h. Disable [Bug 3627] workaround on newer FreeBSD which has the kernel fix that makes it unnecessary, re-enabling ASLR stack gap. bk: 653f31897n94qYaXxYl_Y6WfXi_HHw --- diff --git a/ChangeLog b/ChangeLog index a27b72b5a..374eb9633 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,7 @@ --- +* [Bug 3847] SSL detection in configure should run-test if runpath is needed. + * [Bug 3869] Remove long-gone "calldelay" & "crypto sign" from docs. Reported by PoolMUC@web.de. * [Bug 3859] Use NotifyIpInterfaceChange on Windows ntpd. @@ -39,6 +41,13 @@ * Provide ntpd thread names to debugger on Windows. * Remove dead code libntp/numtohost.c and its unit tests. * Remove class A, B, C IPv4 distinctions in netof(). +* Use @configure_input@ in various *.in files to include a comment that + the file is generated from another pointing to the *.in. +* Correct underquoting, indents in ntp_facilitynames.m4. +* Clean up a few warnings seen building with older gcc. +* Fix build on older FreeBSD lacking sys/procctl.h. +* Disable [Bug 3627] workaround on newer FreeBSD which has the kernel fix + that makes it unnecessary, re-enabling ASLR stack gap. --- (4.2.8p17) 2023/06/06 Released by Harlan Stenn diff --git a/check-libntp.mf b/check-libntp.mf index ba3b12570..86fcca45b 100644 --- a/check-libntp.mf +++ b/check-libntp.mf @@ -3,9 +3,12 @@ ## sntp/check-libntp.mf ## The above file has a version of this for the sntp tree. +.PHONY: check-libntp + +if LIBNTP_SUBMAKES BUILT_SOURCES += check-libntp -.PHONY: check-libntp check-libntp: cd $(top_builddir)/libntp && $(MAKE) $(AM_MAKEFLAGS) libntp.a +endif diff --git a/configure.ac b/configure.ac index 3f53382de..f478a1193 100644 --- a/configure.ac +++ b/configure.ac @@ -35,7 +35,7 @@ AC_PRESERVE_HELP_ORDER # the date YYYYMMDD optionally with -HHMM if there is more than one # bump in a day. -ntp_configure_cache_version=20230625 +ntp_configure_cache_version=20231028 # When the cache version of config.cache and configure do not # match, NTP_CACHEVERSION will flush the cache. @@ -70,7 +70,7 @@ AX_C99_STRUCT_INIT NTP_HARDEN([sntp]) -NTP_VPATH_HACK dnl used only by ntpd/Makefile.am +NTP_VPATH_HACK dnl used by ntpd/Makefile.am libparse/Makefile.am NTP_LOCINFO([sntp]) dnl takes over from NTP_BINDIR, in NTP_LIBNTP @@ -121,9 +121,6 @@ AS_UNSET([ac_cv_prog_AWK]) AC_SUBST([AWK]) dnl scripts/ntpver.in AC_PROG_MAKE_SET -AC_SUBST([CFLAGS]) -AC_SUBST([LDFLAGS]) - AC_PROG_LN_S AC_ISC_POSIX @@ -277,13 +274,13 @@ case "$host" in *) # HMS: Make sure we check for -lrt for clock_* before this... case "$ac_cv_search_clock_gettime" in - '') AC_MSG_ERROR([Internal Error: Haven't looked for clock_gettime() yet!]) ;; + '') AC_MSG_FAILURE([Internal Error: Haven't looked for clock_gettime() yet!]) ;; esac AC_SEARCH_LIBS([sched_setscheduler], [rt posix4]) ;; esac -AC_CHECK_HEADERS([bstring.h]) +AC_CHECK_HEADERS([bstring.h sys/procctl.h]) AC_CHECK_HEADER( [dns_sd.h], [AC_SEARCH_LIBS( @@ -3024,7 +3021,6 @@ AC_MSG_RESULT([$ans]) NTP_CRYPTO_RAND # if we are using OpenSSL (--with-crypto), by default Autokey is enabled -AC_MSG_CHECKING([if we want to include NTP Autokey protocol support]) AC_ARG_ENABLE( [autokey], AS_HELP_STRING( @@ -3040,7 +3036,7 @@ case "$ntp_autokey" in *) case "$ntp_openssl" in no) - AC_MSG_WARN([Disabling Autokey, --enable-autokey requires --with-crypto.]) + AC_MSG_WARN([Disabling Autokey, crypto unavailable.]) ntp_autokey=no ;; *) @@ -3050,6 +3046,7 @@ case "$ntp_autokey" in esac ;; esac +AC_MSG_CHECKING([if we want NTP Autokey protocol support]) AC_MSG_RESULT([$ntp_autokey]) AC_SUBST([MAKE_CHECK_LAYOUT]) @@ -4455,7 +4452,7 @@ AC_CONFIG_FILES([kernel/sys/Makefile]) AC_CONFIG_FILES([libntp/Makefile]) AC_CONFIG_FILES([libparse/Makefile]) AC_CONFIG_FILES([ntpd/Makefile]) -AC_CONFIG_FILES([ntpd/complete.conf], [sed -e '/^rlimit$/d' -e '/^$/d' < ntpd/complete.conf > ntpd/complete.conf.new && mv ntpd/complete.conf.new ntpd/complete.conf]) +AC_CONFIG_FILES([ntpd/complete.conf], [$SED -e '/^rlimit$/d' -e '/^$/d' < ntpd/complete.conf > ntpd/complete.conf.new && mv ntpd/complete.conf.new ntpd/complete.conf]) AC_CONFIG_FILES([ntpdate/Makefile]) AC_CONFIG_FILES([ntpdc/Makefile]) AC_CONFIG_FILES([ntpdc/nl.pl], [chmod +x ntpdc/nl.pl]) diff --git a/libntp/ntp_realpath.c b/libntp/ntp_realpath.c index 116542945..90e5a0d59 100644 --- a/libntp/ntp_realpath.c +++ b/libntp/ntp_realpath.c @@ -103,7 +103,7 @@ realpath1(const char *path, char *resolved) size_t left_len, resolved_len, next_token_len; unsigned symlinks; ssize_t slen; - char left[NTP_PATH_MAX], next_token[NTP_PATH_MAX], symlink[NTP_PATH_MAX]; + char left[NTP_PATH_MAX], next_token[NTP_PATH_MAX], link_tgt[NTP_PATH_MAX]; symlinks = 0; if (path[0] == '/') { @@ -157,7 +157,7 @@ realpath1(const char *path, char *resolved) resolved[resolved_len++] = '/'; resolved[resolved_len] = '\0'; } - if (next_token[0] == '\0') { + if ('\0' == next_token[0]) { /* Handle consequential slashes. */ continue; } else if (strcmp(next_token, ".") == 0) { @@ -187,23 +187,24 @@ realpath1(const char *path, char *resolved) if (lstat(resolved, &sb) != 0) return (NULL); if (S_ISLNK(sb.st_mode)) { - if (symlinks++ > NTP_MAXSYMLINKS) { + if (++symlinks > NTP_MAXSYMLINKS) { errno = ELOOP; return (NULL); } - slen = readlink(resolved, symlink, sizeof(symlink)); - if (slen <= 0 || slen >= (ssize_t)sizeof(symlink)) { - if (slen < 0) - ; /* keep errno from readlink(2) call */ - else if (slen == 0) + slen = readlink(resolved, link_tgt, sizeof(link_tgt)); + if (slen <= 0 || slen >= (ssize_t)sizeof(link_tgt)) { + if (slen < 0) { + /* keep errno from readlink(2) call */ + } else if (slen == 0) { errno = ENOENT; - else + } else { errno = ENAMETOOLONG; + } return (NULL); } - symlink[slen] = '\0'; - if (symlink[0] == '/') { - resolved[1] = 0; + link_tgt[slen] = '\0'; + if (link_tgt[0] == '/') { + resolved[1] = '\0'; resolved_len = 1; } else { /* Strip the last path component. */ @@ -214,26 +215,26 @@ realpath1(const char *path, char *resolved) /* * If there are any path components left, then - * append them to symlink. The result is placed + * append them to link_tgt. The result is placed * in `left'. */ if (p != NULL) { - if (symlink[slen - 1] != '/') { - if (slen + 1 >= (ssize_t)sizeof(symlink)) { + if (link_tgt[slen - 1] != '/') { + if (slen + 1 >= (ssize_t)sizeof(link_tgt)) { errno = ENAMETOOLONG; return (NULL); } - symlink[slen] = '/'; - symlink[slen + 1] = 0; + link_tgt[slen] = '/'; + link_tgt[slen + 1] = 0; } - left_len = strlcat(symlink, left, - sizeof(symlink)); - if (left_len >= sizeof(symlink)) { + left_len = strlcat(link_tgt, left, + sizeof(link_tgt)); + if (left_len >= sizeof(link_tgt)) { errno = ENAMETOOLONG; return (NULL); } } - left_len = strlcpy(left, symlink, sizeof(left)); + left_len = strlcpy(left, link_tgt, sizeof(left)); } else if (!S_ISDIR(sb.st_mode) && p != NULL) { errno = ENOTDIR; return (NULL); diff --git a/libntp/timexsup.c b/libntp/timexsup.c index 979a7c4ae..21f7738d3 100644 --- a/libntp/timexsup.c +++ b/libntp/timexsup.c @@ -6,14 +6,27 @@ */ #include "config.h" -#include "timexsup.h" #include #include +#ifdef HAVE_SYS_TIME_H +# include +#else +# ifdef HAVE_TIME_H +# include +# endif +#endif #ifdef HAVE_SYS_TIMEX_H # include +#else +# ifdef HAVE_TIMEX_H +# include +# endif #endif +#include "ntp_types.h" +#include "timexsup.h" + #if defined(MOD_NANO) != defined(STA_NANO) # warning inconsistent definitions of MOD_NANO vs STA_NANO #endif @@ -41,10 +54,11 @@ dbl_from_var_long( ) { #ifdef STA_NANO - if (status & STA_NANO) + if (STA_NANO & status) { return (double)lval * 1e-9; + } #else - (void)status; + UNUSED_ARG(status); #endif return (double)lval * 1e-6; } @@ -67,7 +81,7 @@ var_long_from_dbl( *modes |= MOD_NANO; dval *= 1e+9; #else - (void)modes; + UNUSED_ARG(modes); dval *= 1e+6; #endif return clamp_rounded(dval); diff --git a/libparse/Makefile.am b/libparse/Makefile.am index a4a3ed264..f88e3b2af 100644 --- a/libparse/Makefile.am +++ b/libparse/Makefile.am @@ -94,14 +94,9 @@ AM_LDFLAGS = $(NTP_HARD_LDFLAGS) EXTRA_DIST = parsesolaris.c parsestreams.c mkinfo_scmd.sed mkinfo_rcmd.sed info_trimble.c info_trimble.c: $(top_srcdir)/include/trimble.h $(srcdir)/Makefile.am $(srcdir)/mkinfo_scmd.sed $(srcdir)/mkinfo_rcmd.sed - sed -n -f $(srcdir)/mkinfo_scmd.sed $(top_srcdir)/include/trimble.h > info_trimble.new - sed -n -f $(srcdir)/mkinfo_rcmd.sed $(top_srcdir)/include/trimble.h >> info_trimble.new - mv -f info_trimble.new $@ - -#$(srcdir)/info_trimble.c: $(top_srcdir)/include/trimble.h $(srcdir)/Makefile.am $(srcdir)/mkinfo_scmd.sed $(srcdir)/mkinfo_rcmd.sed -# sed -n -f $(srcdir)/mkinfo_scmd.sed $(top_srcdir)/include/trimble.h > info_trimble.new -# sed -n -f $(srcdir)/mkinfo_rcmd.sed $(top_srcdir)/include/trimble.h >> info_trimble.new -# mv -f info_trimble.new $@ + $(AM_V_at)$(SED) -n -f $(srcdir)/mkinfo_scmd.sed $(top_srcdir)/include/trimble.h > info_trimble.new + $(AM_V_at)$(SED) -n -f $(srcdir)/mkinfo_rcmd.sed $(top_srcdir)/include/trimble.h >> info_trimble.new + $(AM_V_at)mv -f info_trimble.new $@ kieee754io.o: $(srcdir)/ieee754io.c $(COMPILE) $(K_CFLAGS) -c $(srcdir)/ieee754io.c -o $@ @@ -165,11 +160,11 @@ parse: $(parsesolaris_OBJECTS) libparse_kernel.a ../libntp/libntp.a parsesolaris.o: sys/systm.h -# [Bug3608] Solaris has inconsistent definitions of ffs() and fls(). Drop the +# [Bug 3608] Solaris has inconsistent definitions of ffs() and fls(). Drop the # ones from 'systm.h'. sys/systm.h: -mkdir sys - sed -e '/f[fl]s(.*)/d' < /usr/include/sys/systm.h > sys/systm.h + $(SED) -e '/f[fl]s(.*)/d' < /usr/include/sys/systm.h > sys/systm.h ## check-libparse is invoked by ntpd/Makefile.am check-libparse: $(noinst_LIBRARIES) diff --git a/ntpd/complete.conf.in b/ntpd/complete.conf.in index 77b619773..b046e9d8c 100644 --- a/ntpd/complete.conf.in +++ b/ntpd/complete.conf.in @@ -33,14 +33,14 @@ tinker allan 1500 dispersion 15 freq 0 huffpuff 7200 panic 1000 step 0.128 stepo broadcastclient server 127.127.1.0 mode 4294967295 prefer true fudge 127.127.1.0 time1 0 time2 1.1 stratum 7 refid Abcd minjitter 0.2 -pool 0.north-america.pool.ntp.org. iburst preempt -server 1.north-america.pool.ntp.org. iburst -server -4 2.north-america.pool.ntp.org. minpoll 6 maxpoll 10 iburst -server -6 ntp.davehart.net. minpoll 6 maxpoll 10 version 5 burst iburst -peer -6 davehart.broker.freenet6.net. ident "autokey-group" xleave autokey -peer -4 192.168.192.168 key 1 noselect +pool 2.ubuntu.pool.ntp.org. iburst preempt +pool 2.freebsd.pool.ntp.org. iburst +server -6 2.debian.pool.ntp.org. minpoll 6 maxpoll 10 iburst +server -4 ntp.davehart.net. minpoll 6 maxpoll 10 version 5 burst iburst +peer -6 ntp.md. ident "autokey-group" xleave autokey +peer -4 198.51.100.123 key 1 noselect server [fe80::123%1] xmtnonce -broadcast 192.168.192.255 +broadcast 192.0.2.255 manycastclient 224.0.1.1 manycastclient ff05::101 manycastserver 224.0.1.1 ff05::101 @@ -54,16 +54,16 @@ restrict source ippeerlimit 1 restrict source ippeerlimit 2 nomodify limited kod restrict trusted.host.name.example.com. ippeerlimit -1 nomodify restrict [fe80::1] mask [ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff] ippeerlimit -1 -restrict 127.0.0.1 mask 255.255.255.255 ippeerlimit -1 -restrict 127.0.0.2 ippeerlimit -1 serverresponse fuzz +restrict 127.0.0.1 mask 255.0.0.0 ippeerlimit -1 +restrict 198.51.100.123 ippeerlimit -1 serverresponse fuzz restrict ::1 ippeerlimit -1 interface drop ipv6 interface ignore ipv4 interface drop wildcard interface listen eth0 interface listen ipv6 -interface listen 192.168.192.0/24 -interface listen 192.168.193.1 +interface listen 203.0.113.0/24 +interface listen 192.0.2.123 phone "ATDT13034944774" "ATDT12027621594" setvar varnondef = "this variable does not have default after the value" setvar vanity = "name plate" default diff --git a/ntpd/ntp_config.c b/ntpd/ntp_config.c index ad456b42b..d19d56594 100644 --- a/ntpd/ntp_config.c +++ b/ntpd/ntp_config.c @@ -334,7 +334,7 @@ static void config_ntpdsim(config_tree *); static void config_ntpd(config_tree *, int/*BOOL*/ input_from_file); static void config_other_modes(config_tree *); static void config_auth(config_tree *); -static void attrtopsl(u_char poll, attr_val *avp); +static void attrtopsl(u_char log2_poll, attr_val *avp); static void config_access(config_tree *); static void config_mdnstries(config_tree *); static void config_phone(config_tree *); @@ -2214,9 +2214,9 @@ config_tos_clock( } } - if (basedate_get_day() <= NTP_TO_UNIX_DAYS) + if (basedate_get_day() <= NTP_TO_UNIX_DAYS) { basedate_set_day(basedate_eval_buildstamp() - 11); - + } return ret; } #endif /* SIM */ @@ -3017,26 +3017,26 @@ config_access( static void attrtopsl( - u_char poll, + u_char log2_poll, attr_val * avp ) { - int pao = poll - NTP_MINPOLL; /* poll array offset */ + int pao = log2_poll - NTP_MINPOLL; /* poll array offset */ u_int32 lower = (u_short)avp->value.r.first; /* ntp_parser.y ensures */ u_int32 upper = (u_short)avp->value.r.last; /* non-neg. first/last */ - u_int psmax = 1 << (poll - 1); + u_int psmax = 1 << (log2_poll - 1); u_int32 qmsk; DEBUG_INSIST(pao >= 0 && pao < COUNTOF(psl)); if (lower > psmax) { msyslog(LOG_WARNING, "pollskewlist %d lower bound reduced from %d to %d", - poll, lower, psmax); + log2_poll, lower, psmax); lower = psmax; } if (upper > psmax) { msyslog(LOG_WARNING, "pollskewlist %d upper bound reduced from %d to %d", - poll, upper, psmax); + log2_poll, upper, psmax); upper = psmax; } psl[pao].sub = lower; @@ -3868,7 +3868,7 @@ config_fudge( sockaddr_u addr_sock; address_node *addr_node; struct refclockstat clock_stat; - char refid_str[5]; + char refidstr[5]; int err_flag; curr_fudge = HEAD_PFIFO(ptree->fudge); @@ -3899,9 +3899,6 @@ config_fudge( clock_stat.fudgeminjitter = 0.0; clock_stat.fudgetime1 = 0.0; clock_stat.fudgetime2 = 0.0; - clock_stat.p_lastcode = NULL; - clock_stat.clockdesc = NULL; - clock_stat.kv_list = NULL; curr_opt = HEAD_PFIFO(curr_fudge->options); for (; curr_opt != NULL; curr_opt = curr_opt->link) { switch (curr_opt->attr) { @@ -3923,10 +3920,17 @@ config_fudge( case T_Refid: clock_stat.haveflags |= CLK_HAVEVAL2; - /* strncpy() does exactly what we want here: */ - strncpy(refid_str, curr_opt->value.s, - sizeof refid_str - 1); - memcpy(&clock_stat.fudgeval2, refid_str, + /* + * strncpy() does exactly what we want + * here, do not be tempted to replace + * it with strlcpy(), we want it to + * zero-fill refid's less than 4 chars + * because we're going to stuff it + * into a u_int32. + */ + strncpy(refidstr, curr_opt->value.s, + sizeof refidstr - 1); + memcpy(&clock_stat.fudgeval2, refidstr, sizeof clock_stat.fudgeval2); break; diff --git a/ntpd/ntp_util.c b/ntpd/ntp_util.c index d6ff7a250..40e12411e 100644 --- a/ntpd/ntp_util.c +++ b/ntpd/ntp_util.c @@ -181,7 +181,7 @@ init_util(void) void write_stats(void) { - FILE *fp; + FILE *fp = NULL; #ifdef DOSYNCTODR struct timeval tv; #if !defined(VMS) @@ -487,7 +487,7 @@ stats_config( len = strlen(value); if (len > sizeof(statsdir) - 2) { msyslog(LOG_ERR, - "statsdir %s too long (>%u)", + "statsdir %s too long (>%u)", value, (u_int)sizeof(statsdir) - 2); break; } diff --git a/ntpd/ntpd.c b/ntpd/ntpd.c index 8631c88fc..ec260b9dc 100644 --- a/ntpd/ntpd.c +++ b/ntpd/ntpd.c @@ -135,15 +135,11 @@ # include #endif /* LIBSECCOMP and KERN_SECCOMP */ -#ifdef __FreeBSD__ -#include -#ifndef PROC_STACKGAP_CTL -/* - * Even if we compile on an older system we can still run on a newer one. - */ -#define PROC_STACKGAP_CTL 17 -#define PROC_STACKGAP_DISABLE 0x0002 -#endif +#if defined(__FreeBSD__) && __FreeBSD_version < 1400037 && defined(HAVE_SYS_PROCCTL_H) +# include +# ifdef PROC_STACKGAP_DISABLE +# define DISABLE_FREEBSD_STACKGAP +# endif #endif #ifdef HAVE_DNSREGISTRATION @@ -428,18 +424,24 @@ main( char *argv[] ) { -# ifdef __FreeBSD__ - { - /* - * We Must disable ASLR stack gap on FreeBSD to avoid a - * segfault. See PR/241421 and PR/241960. - */ - int aslr_var = PROC_STACKGAP_DISABLE; +# ifdef DISABLE_FREEBSD_STACKGAP + /* + * We must disable ASLR stack gap on FreeBSD that has + * PROC_STACKGAP_DISABLE up through early FreeBSD 14 + * versions to avoid a segfault. See: + * + * https://bugs.ntp.org/3627 + * https://cgit.freebsd.org/src/commit/?id=889b56c8cd84c9a9f2d9e3b019c154d6f14d9021 + * https://cgit.freebsd.org/src/commit/?id=fc393054398ea50fb0cee52704e9385afe888b48 + * https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253208 + * https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241421 + * https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241960 + */ + int aslr_var = PROC_STACKGAP_DISABLE; + + procctl(P_PID, getpid(), PROC_STACKGAP_CTL, &aslr_var); +# endif /* DISABLE_FREEBSD_STACKGAP */ - pid_t my_pid = getpid(); - procctl(P_PID, my_pid, PROC_STACKGAP_CTL, &aslr_var); - } -# endif return ntpdmain(argc, argv); } #endif /* !SYS_WINNT */ @@ -573,7 +575,7 @@ set_process_priority(void) # ifdef HAVE_WORKING_FORK static void detach_from_terminal( - int pipe[2], + int pipes[2], long wait_sync, const char *logfilename ) @@ -594,10 +596,10 @@ detach_from_terminal( msyslog(LOG_ERR, "fork: %m"); exit_code = EX_OSERR; } else { - close(pipe[1]); - pipe[1] = -1; + close(pipes[1]); + pipes[1] = -1; exit_code = wait_child_sync_if( - pipe[0], wait_sync); + pipes[0], wait_sync); if (exit_code <= 0) { /* probe daemon exit code -- wait for * child process if we have an unexpected @@ -621,8 +623,8 @@ detach_from_terminal( syslog_file = NULL; syslogit = TRUE; } - close_all_except(pipe[1]); - pipe[0] = -1; + close_all_except(pipes[1]); + pipes[0] = -1; INSIST(0 == open("/dev/null", 0) && 1 == dup2(0, 1) \ && 2 == dup2(0, 2)); diff --git a/ntpdc/nl.pl.in b/ntpdc/nl.pl.in index 8007538dc..acf98d13a 100644 --- a/ntpdc/nl.pl.in +++ b/ntpdc/nl.pl.in @@ -1,4 +1,5 @@ #! @PATH_PERL@ -w +# @configure_input@ $found = 0; $last = 0; diff --git a/ntpq/ntpq-subs.c b/ntpq/ntpq-subs.c index e74c2bc45..4ed19a4e4 100644 --- a/ntpq/ntpq-subs.c +++ b/ntpq/ntpq-subs.c @@ -1495,7 +1495,7 @@ radiostatus( #endif /* UNUSED */ /* - * when - print how long its been since his last packet arrived + * when - return how long its been since his last packet arrived */ static long when( @@ -1851,7 +1851,7 @@ doprintpeers( if (!decodets(value, &reftime)) L_CLR(&reftime); } else if (!strcmp("flash", name)) { - decodeuint(value, &flash); + decodeuint(value, &flash); } else { // xprintf(stderr, "UNRECOGNIZED name=%s ", name); } diff --git a/ntpsnmpd/Makefile.am b/ntpsnmpd/Makefile.am index 71a53d996..d3cd0be85 100644 --- a/ntpsnmpd/Makefile.am +++ b/ntpsnmpd/Makefile.am @@ -19,8 +19,8 @@ AM_CFLAGS += $(NTP_HARD_CFLAGS) AM_CPPFLAGS = -I$(top_srcdir)/ntpq AM_CPPFLAGS += $(NTP_INCS) AM_CPPFLAGS += $(LIBOPTS_CFLAGS) -AM_CPPFLAGS += $(SNMP_CPPFLAGS) AM_CPPFLAGS += $(CPPFLAGS_NTP) +AM_CPPFLAGS += $(SNMP_CPPFLAGS) AM_CPPFLAGS += $(NTP_HARD_CPPFLAGS) AM_LDFLAGS = $(LDFLAGS_NTP) diff --git a/scripts/build/genAuthors.in b/scripts/build/genAuthors.in index a5a15e127..a1b5a4023 100644 --- a/scripts/build/genAuthors.in +++ b/scripts/build/genAuthors.in @@ -1,4 +1,5 @@ #! @PATH_PERL@ +# @configure_input@ # DESCRIPTION # diff --git a/scripts/build/mkver.in b/scripts/build/mkver.in index c58d8040f..89ea50bc5 100644 --- a/scripts/build/mkver.in +++ b/scripts/build/mkver.in @@ -1,4 +1,6 @@ #!@CONFIG_SHELL@ +# @configure_input@ + PROG=${1-UNKNOWN} ConfStr="$PROG" diff --git a/scripts/calc_tickadj/calc_tickadj.in b/scripts/calc_tickadj/calc_tickadj.in index 38b826eb2..56c549adc 100644 --- a/scripts/calc_tickadj/calc_tickadj.in +++ b/scripts/calc_tickadj/calc_tickadj.in @@ -1,4 +1,5 @@ #! @PATH_PERL@ -w +# @configure_input@ # # drift of 104.8576 -> +1 tick. Base of 10000 ticks. # diff --git a/scripts/ntp-wait/ntp-wait.in b/scripts/ntp-wait/ntp-wait.in index cfccbe0ac..3b7a3ce4c 100644 --- a/scripts/ntp-wait/ntp-wait.in +++ b/scripts/ntp-wait/ntp-wait.in @@ -1,4 +1,5 @@ #! @PATH_PERL@ +# @configure_input@ package ntp_wait; use 5.006_000; diff --git a/scripts/ntpsweep/ntpsweep.in b/scripts/ntpsweep/ntpsweep.in index 75ac0c8b0..b9b329e5d 100644 --- a/scripts/ntpsweep/ntpsweep.in +++ b/scripts/ntpsweep/ntpsweep.in @@ -1,4 +1,5 @@ #! @PATH_PERL@ -w +# @configure_input@ # # $Id$ # diff --git a/scripts/ntptrace/ntptrace.in b/scripts/ntptrace/ntptrace.in index 7cc5ce7f7..e9439773b 100755 --- a/scripts/ntptrace/ntptrace.in +++ b/scripts/ntptrace/ntptrace.in @@ -1,4 +1,5 @@ #! @PATH_PERL@ -w +# @configure_input@ # John Hay -- John.Hay@icomtek.csir.co.za / jhay@FreeBSD.org package ntptrace; diff --git a/scripts/ntpver.in b/scripts/ntpver.in index 9615e66d6..4037e4403 100644 --- a/scripts/ntpver.in +++ b/scripts/ntpver.in @@ -1,7 +1,8 @@ #!@CONFIG_SHELL@ +# @configure_input@ # print version string of NTP daemon # Copyright (c) 1997 by Ulrich Windl # Modified 970318: Harlan Stenn: rewritten... # usage: ntpver hostname -ntpq -c "rv 0 daemon_version" $* | @AWK@ '/daemon_version/ { print $2 }' +ntpq -c "rv 0 version" $* | @AWK@ '/version/ { print $2 }' diff --git a/scripts/plot_summary.in b/scripts/plot_summary.in index 3401b0d0b..f081fd1aa 100644 --- a/scripts/plot_summary.in +++ b/scripts/plot_summary.in @@ -1,4 +1,5 @@ #! @PATH_PERL@ -w +# @configure_input@ # $Id$ # # Use Gnuplot to display data in summary files produced by summary.pl. diff --git a/scripts/summary.in b/scripts/summary.in index a99f8df0e..7e346d80f 100644 --- a/scripts/summary.in +++ b/scripts/summary.in @@ -1,4 +1,5 @@ #! @PATH_PERL@ -w +# @configure_input@ # $Id$ # Perl version of (summary.sh, loop.awk, peer.awk): # Create summaries from xntpd's loop and peer statistics. diff --git a/scripts/update-leap/update-leap.in b/scripts/update-leap/update-leap.in index abf1134c1..defc6176b 100755 --- a/scripts/update-leap/update-leap.in +++ b/scripts/update-leap/update-leap.in @@ -1,4 +1,5 @@ #! @PATH_PERL@ -w +# @configure_input # Copyright (C) 2015, 2017 Network Time Foundation # Author: Harlan Stenn diff --git a/sntp/Makefile.am b/sntp/Makefile.am index 8f9d1f612..4c4e19ed8 100644 --- a/sntp/Makefile.am +++ b/sntp/Makefile.am @@ -274,8 +274,7 @@ libevent: distdir-pre-check distdir-pre-check: case "$(DIST_FAIL)" in \ '') ;; \ - *) $(error re-run configure adding $(DIST_FAIL) if you want to make a distribution.); \ - echo "re-run configure adding $(DIST_FAIL) if you want to make a distribution."; \ + *) echo "re-run configure adding $(DIST_FAIL) if you want to make a distribution."; \ exit 1 ;; \ esac diff --git a/sntp/check-libntp.mf b/sntp/check-libntp.mf index c4741ce72..f27aeb66e 100644 --- a/sntp/check-libntp.mf +++ b/sntp/check-libntp.mf @@ -4,8 +4,12 @@ ## The above file has a version of this for the non-sntp portion ## of the NTP package. +.PHONY: check-libntp + +if LIBNTP_SUBMAKES BUILT_SOURCES += check-libntp -.PHONY: check-libntp check-libntp: cd $(top_builddir)/../libntp && $(MAKE) $(AM_MAKEFLAGS) libntp.a + +endif diff --git a/sntp/configure.ac b/sntp/configure.ac index 5ed410b47..e6ff40101 100644 --- a/sntp/configure.ac +++ b/sntp/configure.ac @@ -33,7 +33,7 @@ AC_LANG([C]) # the date YYYYMMDD optionally with -HHMM if there is more than one # bump in a day. -sntp_configure_cache_version=20230625 +sntp_configure_cache_version=20231028 # When the version of config.cache and configure do not # match, NTP_CACHEVERSION will flush the cache. diff --git a/sntp/libevent/kqueue.c b/sntp/libevent/kqueue.c index dfd7751d6..14a8946fe 100644 --- a/sntp/libevent/kqueue.c +++ b/sntp/libevent/kqueue.c @@ -346,7 +346,7 @@ kq_dispatch(struct event_base *base, struct timeval *tv) * on FreeBSD. */ case EINVAL: continue; -#if defined(__FreeBSD__) +#if defined(__FreeBSD__) && defined(ENOTCAPABLE) /* * This currently occurs if an FD is closed * before the EV_DELETE makes it out via kevent(). diff --git a/sntp/m4/ntp_facilitynames.m4 b/sntp/m4/ntp_facilitynames.m4 index f58f89438..5b79fafe3 100644 --- a/sntp/m4/ntp_facilitynames.m4 +++ b/sntp/m4/ntp_facilitynames.m4 @@ -1,24 +1,31 @@ dnl ###################################################################### dnl Check syslog.h for 'facilitynames' table AC_DEFUN([NTP_FACILITYNAMES], [ -AC_CACHE_CHECK([for facilitynames in syslog.h],ac_cv_HAVE_SYSLOG_FACILITYNAMES,[ -AC_TRY_COMPILE([ -#define SYSLOG_NAMES -#include -#include -], -[ void *fnames; fnames = facilitynames; ], -ac_cv_HAVE_SYSLOG_FACILITYNAMES=yes,ac_cv_HAVE_SYSLOG_FACILITYNAMES=no,ac_cv_HAVE_SYSLOG_FACILITYNAMES=cross)]) + +AC_CACHE_CHECK( + [for facilitynames in syslog.h], + [ac_cv_HAVE_SYSLOG_FACILITYNAMES], + [AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM( + [[ + #define SYSLOG_NAMES + #include + #include + ]], + [[ + void *fnames = facilitynames; + ]] + )] + [ac_cv_HAVE_SYSLOG_FACILITYNAMES=yes], + [ac_cv_HAVE_SYSLOG_FACILITYNAMES=no] + )] +) case "$ac_cv_HAVE_SYSLOG_FACILITYNAMES" in yes) - AC_DEFINE(HAVE_SYSLOG_FACILITYNAMES,1,[ ]) + AC_DEFINE([HAVE_SYSLOG_FACILITYNAMES], [1], [syslog.h provides facilitynames]) ;; no) AC_MSG_WARN([No facilitynames in ]) - ;; - cross) - AC_MSG_WARN([facilitynames in - cross-compiling]) - ;; esac ]) dnl ====================================================================== diff --git a/sntp/m4/ntp_libntp.m4 b/sntp/m4/ntp_libntp.m4 index 21d0cff82..39d7c6109 100644 --- a/sntp/m4/ntp_libntp.m4 +++ b/sntp/m4/ntp_libntp.m4 @@ -8,12 +8,13 @@ dnl subpackage while retaining access to such test results. dnl AC_DEFUN([NTP_LIBNTP], [ +AC_REQUIRE([AC_PROG_SED]) AC_REQUIRE([NTP_CROSSCOMPILE]) # HMS: Save $LIBS and empty it. # any LIBS we add here should go in to LDADD_LIBNTP AC_SUBST([LDADD_LIBNTP]) -__LIBS=$LIBS +SAVED_LIBS=$LIBS LIBS= dnl The contents of NTP_PROG_CC used to be here... @@ -1176,11 +1177,16 @@ case "$ntp_warning" in ;; esac +dnl Do not ensure libntp.a is up to date when building client directories +dnl if --disable-dependency-tracking is used to save build time for one-off +dnl build from tarball. It's only useful when modifying libntp source code +dnl and rebuilding in a client subdir rather than the whole package. +AM_CONDITIONAL([LIBNTP_SUBMAKES], [test x"$enable_dependency_tracking" = x"yes"]) dnl add to LDADD_LIBNTP set by ntp_compiler.m4 LDADD_LIBNTP="$LDADD_LIBNTP $LIBS" -LIBS=$__LIBS -AS_UNSET([__LIBS]) +LIBS=$SAVED_LIBS +AS_UNSET([SAVED_LIBS]) ])dnl dnl ====================================================================== diff --git a/sntp/m4/ntp_openssl.m4 b/sntp/m4/ntp_openssl.m4 index 2f9d6c431..48a8b4b42 100644 --- a/sntp/m4/ntp_openssl.m4 +++ b/sntp/m4/ntp_openssl.m4 @@ -14,6 +14,7 @@ dnl OPENSSL defined only if using OpenSSL dnl dnl Output variables: dnl ntp_openssl yes if using OpenSSL, no otherwise +dnl VER_SUFFIX "o" if using OpenSSL dnl dnl Output substitutions: dnl CFLAGS_NTP OpenSSL-specific flags added as needed, and @@ -26,6 +27,7 @@ dnl LDFLAGS_NTP Other OpenSSL link flags added as needed. dnl dnl #################################################################### AC_DEFUN([NTP_OPENSSL], [ +AC_REQUIRE([AC_PROG_SED]) AC_REQUIRE([NTP_PKG_CONFIG])dnl AC_REQUIRE([NTP_VER_SUFFIX])dnl @@ -34,7 +36,14 @@ AC_ARG_WITH( [AS_HELP_STRING( [--with-crypto], [+ =openssl,libcrypto] - )] + )], + [ dnl if given + case "$with_crypto" in + yes) + with_crypto=openssl,libcrypto + esac + ], + [with_crypto=openssl,libcrypto] dnl if not given ) AC_ARG_WITH( [openssl-libdir], @@ -47,42 +56,50 @@ AC_ARG_WITH( [openssl-incdir], [AS_HELP_STRING( [--with-openssl-incdir], - [+ =/something/reasonable] - )] -) -AC_ARG_WITH( - [rpath], - [AS_HELP_STRING( - [--without-rpath], - [s Disable auto-added -R linker paths] + [+ =search likely dirs] )] ) ntp_openssl=no ntp_openssl_from_pkg_config=no +ntp_ssl_incdir= +ntp_ssl_cflags= +ntp_ssl_libdir= +ntp_ssl_libs_l= +ntp_ssl_ldflags= -with_crypto=${with_crypto:-openssl,libcrypto} -case "$with_crypto" in - yes) - with_crypto=openssl,libcrypto -esac +NTPSSL_SAVED_CFLAGS="$CFLAGS" +NTPSSL_SAVED_CPPFLAGS="$CPPFLAGS" +NTPSSL_SAVED_LIBS="$LIBS" +NTPSSL_SAVED_LDFLAGS="$LDFLAGS" -dnl AC_MSG_NOTICE(['%with_crypto:%{PKG_CONFIG:+notempty}:%{with_openssl_libdir-notgiven}:%{with_openssl_incdir-notgiven}']) +dnl AC_MSG_NOTICE(['%with_crypto:%{PKG_CONFIG:+notempty}:%{with_openssl_libdir-notgiven}:%{with_ntp_ssl_incdir-notgiven}']) dnl str="$with_crypto:${PKG_CONFIG:+notempty}:${with_openssl_libdir-notgiven}:${with_openssl_incdir-notgiven}" dnl AC_MSG_NOTICE([$str]) case "$with_crypto:${PKG_CONFIG:+notempty}:${with_openssl_libdir-notgiven}:${with_openssl_incdir-notgiven}" in no:*) ;; *:notempty:notgiven:notgiven) - for pkg in `echo $with_crypto | sed -e 's/,/ /'`; do + for pkg in `echo $with_crypto | $SED -e 's/,/ /'`; do AC_MSG_CHECKING([pkg-config for $pkg]) if $PKG_CONFIG --exists $pkg ; then - CPPFLAGS_NTP="$CPPFLAGS_NTP `$PKG_CONFIG --cflags-only-I $pkg`" - CFLAGS_NTP="$CFLAGS_NTP `$PKG_CONFIG --cflags-only-other $pkg`" - LDADD_NTP="$LDADD_NTP `$PKG_CONFIG --libs-only-L $pkg`" - LDADD_NTP="$LDADD_NTP `$PKG_CONFIG --libs-only-l --static $pkg`" - LDFLAGS_NTP="$LDFLAGS_NTP `$PKG_CONFIG --libs-only-other $pkg`" - VER_SUFFIX=o + ntp_ssl_incdir="`$PKG_CONFIG --cflags-only-I $pkg`" + case "$ntp_ssl_incdir=" in + '') + ;; + *) + ntp_ssl_incdir="`echo $ntp_ssl_incdir | $SED -e 's/-I//'`" + esac + ntp_ssl_cflags="`$PKG_CONFIG --cflags-only-other $pkg`" + ntp_ssl_libdir="`$PKG_CONFIG --libs-only-L $pkg`" + case "$ntp_ssl_libdir" in + '') + ;; + *) + ntp_ssl_libdir="`echo $ntp_ssl_libdir | $SED -e 's/-L//'`" + esac + ntp_ssl_libs_l="`$PKG_CONFIG --libs-only-l $pkg`" + ntp_ssl_ldflags="`$PKG_CONFIG --libs-only-other $pkg`" ntp_openssl=yes ntp_openssl_from_pkg_config=yes ntp_openssl_version="`$PKG_CONFIG --modversion $pkg`" @@ -97,183 +114,236 @@ case "$with_crypto:${PKG_CONFIG:+notempty}:${with_openssl_libdir-notgiven}:${wit AC_MSG_RESULT([no]) done esac + dnl AC_MSG_NOTICE([OpenSSL Phase I checks:]) dnl AC_MSG_NOTICE([CPPFLAGS_NTP: $CPPFLAGS_NTP]) dnl AC_MSG_NOTICE([CFLAGS_NTP: $CFLAGS_NTP]) dnl AC_MSG_NOTICE([LDADD_NTP: $LDADD_NTP]) dnl AC_MSG_NOTICE([LDFLAGS_NTP: $LDFLAGS_NTP]) -case "$with_crypto:$ntp_openssl" in - no:*) ;; - *:no) - need_dash_r= - need_dash_Wlrpath= - case "${with_rpath-notgiven}" in - yes) - # Lame - what to do if we need -Wl... but not -R? - need_dash_r=1 - ;; - notgiven) - case "$host" in - *-*-linux*) - # This may really only be true for gcc - need_dash_Wlrpath=1 - ;; - *-*-netbsd*) - need_dash_r=1 - ;; - *-*-solaris*) - need_dash_r=1 - ;; - esac - ;; - esac +dnl AC_MSG_NOTICE([ntp_ssl_cflags: $ntp_ssl_cflags]) +dnl AC_MSG_NOTICE([ntp_openssl_from_pkg_config: $ntp_openssl_from_pkg_config]) +dnl AC_MSG_NOTICE([ntp_ssl_incdir: $ntp_ssl_incdir]) +dnl AC_MSG_NOTICE([ntp_ssl_libdir: $ntp_ssl_libdir]) +dnl AC_MSG_NOTICE([ntp_ssl_libs_l: $ntp_ssl_libs_l]) +dnl AC_MSG_NOTICE([ntp_ssl_ldflags: $ntp_ssl_ldflags]) + +case "$with_crypto" in + no) + ntp_openssl=no + ;; + *) + dnl ### set ntp_ssl_libdir ### AC_MSG_CHECKING([for openssl library directory]) - with_openssl_libdir=${with_openssl_libdir-notgiven} + case "$with_openssl_libdir" in - notgiven) - case "$build" in - $host) - with_openssl_libdir=default + '') + case "$ntp_ssl_libdir" in + '') + ntp_ssl_libdir_search="/usr/lib /usr/lib/openssl /usr/sfw/lib" + ntp_ssl_libdir_search="$ntp_ssl_libdir_search /usr/local/lib" + ntp_ssl_libdir_search="$ntp_ssl_libdir_search /opt/local/lib" + ntp_ssl_libdir_search="$ntp_ssl_libdir_search /usr/local/ssl/lib" + ntp_ssl_libdir_search="$ntp_ssl_libdir_search /lib /lib64" ;; *) - with_openssl_libdir=no - ;; + ntp_ssl_libdir_search="$ntp_ssl_libdir" esac - esac - case "$with_openssl_libdir" in - default) - # Look in: - with_openssl_libdir="/usr/lib /usr/lib/openssl /usr/sfw/lib" - with_openssl_libdir="$with_openssl_libdir /usr/local/lib" - with_openssl_libdir="$with_openssl_libdir /usr/local/ssl/lib /lib" - esac - case "$with_openssl_libdir" in - no) - ;; - *) # Look for libcrypto.a and libssl.a: - for i in $with_openssl_libdir no - do - case "$host" in - *-*-darwin*) - test -f $i/libcrypto.dylib -a -f $i/libssl.dylib && break - ;; - *) - test -f $i/libcrypto.so -a -f $i/libssl.so && break - test -f $i/libcrypto.a -a -f $i/libssl.a && break - ;; - esac - done - openssl_libdir=$i ;; + *) + ntp_ssl_libdir_search="$with_openssl_libdir" esac - AC_MSG_RESULT([$openssl_libdir]) - case "$openssl_libdir" in - no) - openssl_libdir= - AC_MSG_WARN([libcrypto and libssl not found in any of $with_openssl_libdir]) + for i in $ntp_ssl_libdir_search not_found + do + case "$host" in + *-*-darwin*) + test -f $i/libcrypto.dylib -a -f $i/libssl.dylib && break + ;; + *) + test -f $i/libcrypto.so -a -f $i/libssl.so && break + test -f $i/libcrypto.a -a -f $i/libssl.a && break + ;; + esac + done + ntp_ssl_libdir=$i + + AC_MSG_RESULT([$ntp_ssl_libdir]) + + case "$ntp_ssl_libdir" in + not_found) + ntp_ssl_libdir= + AC_MSG_WARN([libcrypto and libssl not found in any of $ntp_ssl_libdir_search]) esac + dnl ### set ntp_ssl_incdir ### + AC_MSG_CHECKING([for openssl include directory]) - with_openssl_incdir=${with_openssl_incdir-notgiven} - case "$with_openssl_incdir" in - notgiven) - # Look in: - with_openssl_incdir="/usr/include /usr/sfw/include" - with_openssl_incdir="$with_openssl_incdir /usr/local/include" - with_openssl_incdir="$with_openssl_incdir /usr/local/ssl/include" - esac + case "$with_openssl_incdir" in - no) - ;; - *) # look for openssl/evp.h: - for i in $with_openssl_incdir no - do - test -f $i/openssl/evp.h && break - done - openssl_incdir=$i + '') + case "$ntp_ssl_incdir" in + '') + ntp_ssl_incdir_search="/usr/include /usr/sfw/include" + ntp_ssl_incdir_search="$ntp_ssl_incdir_search /usr/local/include" + ntp_ssl_incdir_search="$ntp_ssl_incdir_search /opt/local/include" + ntp_ssl_incdir_search="$ntp_ssl_incdir_search /usr/local/ssl/include" + ;; + *) + ntp_ssl_incdir_search="$ntp_ssl_incdir" + esac ;; + *) + ntp_ssl_incdir_search="$with_openssl_incdir" esac + for i in $ntp_ssl_incdir_search not_found + do + test -f $i/openssl/evp.h && break + done + ntp_ssl_incdir=$i AS_UNSET([i]) - AC_MSG_RESULT([$openssl_incdir]) - case "$openssl_incdir" in - no) - openssl_incdir= - AC_MSG_WARN([did not find openssl/evp.h in any of $with_openssl_incdir]) + + AC_MSG_RESULT([$ntp_ssl_incdir]) + + case "$ntp_ssl_incdir" in + not_found) + ntp_ssl_incdir= + AC_MSG_WARN([did not find openssl/evp.h in any of $ntp_ssl_incdir_search]) esac - if test -z "$openssl_libdir" -o -z "$openssl_incdir" + if test -z "$ntp_ssl_libdir" -o -z "$ntp_ssl_incdir" then ntp_openssl=no else ntp_openssl=yes - VER_SUFFIX=o + ntp_ssl_cppflags="-I$ntp_ssl_incdir" fi - case "$ntp_openssl" in - yes) - # We have OpenSSL inc/lib dirs - use them. - case "$openssl_incdir" in - /usr/include) - ;; - *) - CPPFLAGS_NTP="$CPPFLAGS_NTP -I$openssl_incdir" - ;; - esac - case "$openssl_libdir" in - /usr/lib) +esac dnl building with SSL ($with_crypto not "no") + +case "$ntp_openssl" in + yes) + case "$ntp_ssl_libs_l" in + '') + ntp_ssl_libs_l="-lssl -lcrypto" + esac + CFLAGS="$NTPSSL_SAVED_CFLAGS $ntp_ssl_cflags" + CPPFLAGS="$NTPSSL_SAVED_CPPFLAGS $ntp_ssl_cppflags" + LIBS="$NTPSSL_SAVED_LIBS -L$ntp_ssl_libdir $ntp_ssl_libs_l" + LDFLAGS="$NTPSSL_SAVED_LDFLAGS $ntp_ssl_ldflags" + dnl test if runpath is needed for crypto + ntp_ssl_run_test_failed=no + AC_CACHE_CHECK( + [if SSL executable works without runpath], + [ntp_cv_ssl_without_runpath], + [AC_RUN_IFELSE( + [AC_LANG_PROGRAM( + [[ + #include "openssl/evp.h" + ]], + [[ + if (!EVP_MD_CTX_new()) { + return 1; + } + ]] + )], + [ntp_cv_ssl_without_runpath=yes], + [ntp_cv_ssl_without_runpath=no], + [ntp_cv_ssl_without_runpath=yes] dnl cross-compile + )] + ) + case "$ntp_cv_ssl_without_runpath" in + no) + AC_CACHE_CHECK( + [if SSL executable needs -Wl,-rpath,], + [ntp_cv_ssl_needs_dashWl_rpath], + [ + LDFLAGS="$NTPSSL_SAVED_LDFLAGS $ntp_ssl_ldflags -Wl,-rpath,$ntp_ssl_libdir" + AC_RUN_IFELSE( + [AC_LANG_PROGRAM( + [[ + #include "openssl/evp.h" + ]], + [[ + if (!EVP_MD_CTX_new()) { + return 1; + } + ]] + )], + [ntp_cv_ssl_needs_dashWl_rpath=yes], + [ntp_cv_ssl_needs_dashWl_rpath=no] + ) + ] + ) + case "$ntp_cv_ssl_needs_dashWl_rpath" in + yes) + ntp_ssl_ldflags="$ntp_ssl_ldflags -Wl,-rpath,$ntp_ssl_libdir" ;; - *) - LDADD_NTP="$LDADD_NTP -L$openssl_libdir" - case "$need_dash_r" in - 1) - LDFLAGS_NTP="$LDFLAGS_NTP -R$openssl_libdir" + no) + AC_CACHE_CHECK( + [if SSL executable needs -R], + [ntp_cv_ssl_needs_dashR], + [ + LDFLAGS="$NTPSSL_SAVED_LDFLAGS $ntp_ssl_ldflags -R$ntp_ssl_libdir" + AC_RUN_IFELSE( + [AC_LANG_PROGRAM( + [[ + #include "openssl/evp.h" + ]], + [[ + if (!EVP_MD_CTX_new()) { + return 1; + } + ]] + )], + [ntp_cv_ssl_needs_dashR=yes], + [ntp_cv_ssl_needs_dashR=no] + ) + ] + ) + case "$ntp_cv_ssl_needs_dashR" in + yes) + ntp_ssl_ldflags="$ntp_ssl_ldflags -R$ntp_ssl_libdir" esac - case "$need_dash_Wlrpath" in - 1) - LDFLAGS_NTP="$LDFLAGS_NTP -Wl,-rpath,$openssl_libdir" + case "$build:$ntp_cv_ssl_needs_dashR" in + $host:no) + AC_MSG_FAILURE([Unable to run program using SSL]) esac - ;; esac - LDADD_NTP="$LDADD_NTP -lcrypto" esac -esac +esac dnl ntp_openssl was yes -AC_MSG_CHECKING([if we will use crypto]) -AC_MSG_RESULT([$ntp_openssl]) - -case "$ntp_openssl" in - yes) - AC_CHECK_HEADERS([openssl/cmac.h openssl/hmac.h]) - AC_DEFINE([OPENSSL], [], [Use OpenSSL?]) - case "$VER_SUFFIX" in - *o*) ;; - *) AC_MSG_ERROR([OPENSSL set but no 'o' in VER_SUFFIX!]) ;; - esac - ;; -esac - -NTPO_SAVED_CPPFLAGS="$CPPFLAGS" -CPPFLAGS="$CPPFLAGS $CPPFLAGS_NTP" -NTPO_SAVED_LIBS="$LIBS" +dnl AC_MSG_NOTICE([OpenSSL Phase II checks:]) +dnl AC_MSG_NOTICE([ntp_ssl_cppflags: $ntp_ssl_cppflags]) +dnl AC_MSG_NOTICE([ntp_ssl_cflags: $ntp_ssl_cflags]) +dnl AC_MSG_NOTICE([ntp_openssl_from_pkg_config: $ntp_openssl_from_pkg_config]) +dnl AC_MSG_NOTICE([ntp_ssl_incdir: $ntp_ssl_incdir]) +dnl AC_MSG_NOTICE([ntp_ssl_libdir: $ntp_ssl_libdir]) +dnl AC_MSG_NOTICE([ntp_ssl_libs_l: $ntp_ssl_libs_l]) +dnl AC_MSG_NOTICE([ntp_ssl_ldflags: $ntp_ssl_ldflags]) -# -# check for linking with -lcrypto failure, and try -lcrypto -lz. -# Helps m68k-atari-mint -# +dnl check for linking with -lcrypto failure, and try -lcrypto -lz. +dnl Helps m68k-atari-mint +dnl +dnl Needs work with the changes to run-test whether runpath is needed. +dnl Probably needs to be moved ahead of runpath testing. +dnl hart@ is reaching out to MiNT users to try to find a tester. +dnl Meanwhile can be forced by passing both ntp_cv_bare_lcrypto=no +dnl and ntp_cv_lcrypto_lz=yes on the configure command line. +dnl case "$ntp_openssl:$ntp_openssl_from_pkg_config" in yes:no) - LIBS="$NTPO_SAVED_LIBS $LDADD_NTP" + CFLAGS="$NTPSSL_SAVED_CFLAGS $ntp_ssl_cflags" + CPPFLAGS="$NTPSSL_SAVED_CPPFLAGS $ntp_ssl_cppflags" + LIBS="$NTPSSL_SAVED_LIBS -L$ntp_ssl_libdir $ntp_ssl_libs_l" + LDFLAGS="$NTPSSL_SAVED_LDFLAGS $ntp_ssl_ldflags" AC_CACHE_CHECK( - [if linking with -lcrypto alone works], + [if linking with $ntp_ssl_libs_l alone works], [ntp_cv_bare_lcrypto], [AC_LINK_IFELSE( [AC_LANG_PROGRAM( [[ - #include "openssl/err.h" #include "openssl/evp.h" ]], [[ - ERR_load_crypto_strings(); - OpenSSL_add_all_algorithms(); + EVP_MD_CTX_new(); ]] )], [ntp_cv_bare_lcrypto=yes], @@ -282,19 +352,17 @@ case "$ntp_openssl:$ntp_openssl_from_pkg_config" in ) case "$ntp_cv_bare_lcrypto" in no) - LIBS="$NTPO_SAVED_LIBS $LDADD_NTP -lz" + LIBS="$NTPSSL_SAVED_LIBS -L$ntp_ssl_libdir $ntp_ssl_libs -lz" AC_CACHE_CHECK( - [if linking with -lcrypto -lz works], + [if linking with $ntp_ssl_libs_l -lz works], [ntp_cv_lcrypto_lz], [AC_LINK_IFELSE( [AC_LANG_PROGRAM( [[ - #include "openssl/err.h" #include "openssl/evp.h" ]], [[ - ERR_load_crypto_strings(); - OpenSSL_add_all_algorithms(); + EVP_MD_CTX_new(); ]] )], [ntp_cv_lcrypto_lz=yes], @@ -303,103 +371,130 @@ case "$ntp_openssl:$ntp_openssl_from_pkg_config" in ) case "$ntp_cv_lcrypto_lz" in yes) - LDADD_NTP="$LDADD_NTP -lz" + ntp_ssl_ldadd="$ntp_ssl_ldadd -lz" esac - esac -esac + esac dnl linking with -lcrypto alone fails +esac dnl using SSL and not from pkg-config -# -# Older OpenSSL headers have a number of callback prototypes inside -# other function prototypes which trigger copious warnings with gcc's -# -Wstrict-prototypes, which is included in -Wall. -# -# An example: -# -# int i2d_RSA_NET(const RSA *a, unsigned char **pp, -# int (*cb)(), int sgckey); -# ^^^^^^^^^^^ -# -# -# +dnl +dnl Older OpenSSL headers have a number of callback prototypes inside +dnl other function prototypes which trigger copious warnings with gcc's +dnl -Wstrict-prototypes, which is included in -Wall. +dnl +dnl An example: +dnl +dnl int i2d_RSA_NET(const RSA *a, unsigned char **pp, +dnl int (*cb)(), int sgckey); +dnl ^^^^^^^^^^^ +dnl openssl_triggers_warnings=unknown -NTPO_SAVED_CFLAGS="$CFLAGS" - case "$ntp_openssl:$GCC" in yes:yes) - CFLAGS="$CFLAGS -Werror" - AC_COMPILE_IFELSE( - [AC_LANG_PROGRAM( - [[ - ]], - [[ - /* see if -Werror breaks gcc */ - ]] - )], - [gcc_handles_Werror=yes], - [gcc_handles_Werror=no] + CFLAGS="$NTP_SAVED_CFLAGS $ntp_ssl_cflags -Werror" + AC_CACHE_CHECK( + [If $CC supports -Werror], + [ntp_cv_gcc_supports_Werror], + [AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM([], [])], + [ntp_cv_gcc_supports_Werror=yes], + [ntp_cv_gcc_supports_Werror=no] + )] ) - case "$gcc_handles_Werror" in + case "ntp_cv_gcc_supports_Werror" in no) - # if this gcc doesn't do -Werror go ahead and use - # -Wstrict-prototypes. - openssl_triggers_warnings=yes + ntp_use_Wstrict_prototypes=yes ;; yes) CFLAGS="$CFLAGS -Wstrict-prototypes" - AC_COMPILE_IFELSE( - [AC_LANG_PROGRAM( - [[ - #include "openssl/asn1_mac.h" - #include "openssl/bn.h" - #include "openssl/err.h" - #include "openssl/evp.h" - #include "openssl/pem.h" - #include "openssl/rand.h" - #include "openssl/x509v3.h" - ]], - [[ - /* empty body */ - ]] - )], - [openssl_triggers_warnings=no], - [openssl_triggers_warnings=yes] + AC_CACHE_CHECK( + [if OpenSSL triggers warnings], + [ntp_cv_ssl_triggers_warnings], + [AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM( + [[ + #include "openssl/asn1_mac.h" + #include "openssl/bn.h" + #include "openssl/err.h" + #include "openssl/evp.h" + #include "openssl/pem.h" + #include "openssl/rand.h" + #include "openssl/x509v3.h" + ]], + [[ + /* empty body */ + ]] + )], + [ntp_cv_ssl_triggers_warnings=no], + [ntp_cv_ssl_triggers_warnings=yes] + )] ) + case "$ntp_cv_ssl_triggers_warnings" in + yes) + ntp_use_Wstrict_prototypes=no + ;; + *) + ntp_use_Wstrict_prototypes=yes + esac esac - case "$openssl_triggers_warnings" in - yes) - CFLAGS_NTP="$CFLAGS_NTP -Wno-strict-prototypes" + case "$ntp_use_Wstrict_prototypes" in + no) + ntp_ssl_cflags="$ntp_ssl_cflags -Wno-strict-prototypes" ;; *) - CFLAGS_NTP="$CFLAGS_NTP -Wstrict-prototypes" + ntp_ssl_cflags="$ntp_ssl_cflags -Wstrict-prototypes" esac ;; no:yes) - # gcc without OpenSSL - CFLAGS_NTP="$CFLAGS_NTP -Wstrict-prototypes" -esac + dnl gcc without OpenSSL + ntp_ssl_cflags="$ntp_ssl_cflags -Wstrict-prototypes" +esac dnl checking for gcc problems with -Werror and -Wstrict-prototypes -# Because we don't want -Werror for the EVP_MD_do_all_sorted check -CFLAGS="$NTPO_SAVED_CFLAGS" +AC_MSG_CHECKING([if we will use crypto]) +AC_MSG_RESULT([$ntp_openssl]) case "$ntp_openssl" in yes) - LIBS="$NTPO_SAVED_LIBS $LDADD_NTP" + VER_SUFFIX=o + AC_CHECK_HEADERS([openssl/cmac.h openssl/hmac.h]) + AC_DEFINE([OPENSSL], [], [Use OpenSSL?]) + dnl We don't want -Werror for the EVP_MD_do_all_sorted check + CFLAGS="$NTPSSL_SAVED_CFLAGS" AC_CHECK_FUNCS([EVP_MD_do_all_sorted]) - ;; + CPPFLAGS_NTP="$CPPFLAGS_NTP $ntp_ssl_cppflags" + CFLAGS_NTP="$CFLAGS_NTP $ntp_ssl_cflags" + LDADD_NTP="$LDADD_NTP -L$ntp_ssl_libdir $ntp_ssl_libs_l $ntp_ssl_ldadd" + LDFLAGS_NTP="$LDFLAGS_NTP $ntp_ssl_ldflags" esac dnl AC_MSG_NOTICE([OpenSSL final checks:]) +dnl AC_MSG_NOTICE([ntp_openssl: $ntp_openssl]) dnl AC_MSG_NOTICE([CPPFLAGS_NTP: $CPPFLAGS_NTP]) dnl AC_MSG_NOTICE([CFLAGS_NTP: $CFLAGS_NTP]) dnl AC_MSG_NOTICE([LDADD_NTP: $LDADD_NTP]) dnl AC_MSG_NOTICE([LDFLAGS_NTP: $LDFLAGS_NTP]) -CPPFLAGS="$NTPO_SAVED_CPPFLAGS" -LIBS="$NTPO_SAVED_LIBS" -AS_UNSET([NTPO_SAVED_CFLAGS]) -AS_UNSET([NTPO_SAVED_CPPFLAGS]) -AS_UNSET([NTPO_SAVED_LIBS]) -AS_UNSET([openssl_triggers_warnings]) +CFLAGS="$NTPSSL_SAVED_CFLAGS" +CPPFLAGS="$NTPSSL_SAVED_CPPFLAGS" +LIBS="$NTPSSL_SAVED_LIBS" +LDFLAGS="$NTPSSL_SAVED_LDFLAGS" + +AS_UNSET([pkg]) +AS_UNSET([NTPSSL_SAVED_CFLAGS]) +AS_UNSET([NTPSSL_SAVED_CPPFLAGS]) +AS_UNSET([NTPSSL_SAVED_LIBS]) +AS_UNSET([ntp_use_Wstrict_prototypes]) AS_UNSET([ntp_openssl_from_pkg_config]) +AS_UNSET([ntp_openssl_version]) +AS_UNSET([ntp_ssl_cflags]) +AS_UNSET([ntp_ssl_libdir_search]) +AS_UNSET([ntp_ssl_incdir_search]) +AS_UNSET([ntp_ssl_libdir]) +AS_UNSET([ntp_ssl_incdir]) +AS_UNSET([ntp_ssl_libs_l]) +AS_UNSET([ntp_ssl_ldflags]) +AS_UNSET([ntp_ssl_run_test_failed]) +AS_UNSET([ntp_ssl_with_dashR]) + ]) +dnl end of AC_DEFUN([NTP_OPENSSL]) dnl ====================================================================== diff --git a/sntp/tests/fileHandlingTest.h.in b/sntp/tests/fileHandlingTest.h.in index b93ed9e90..86c9f2c7c 100644 --- a/sntp/tests/fileHandlingTest.h.in +++ b/sntp/tests/fileHandlingTest.h.in @@ -1,3 +1,9 @@ +/* + * fileHandlingTest.h[.in] + * + * @configure_input@ + */ + #ifndef FILE_HANDLING_TEST_H #define FILE_HANDLING_TEST_H @@ -23,4 +29,4 @@ extern int GetFileSize(FILE *file); extern bool CompareFileContent(FILE* expected, FILE* actual); extern void ClearFile(const char * filename) ; -#endif // FILE_HANDLING_TEST_H +#endif /* FILE_HANDLING_TEST_H */