From: Dave Hart Date: Fri, 23 Feb 2024 08:49:49 +0000 (+0000) Subject: Remove deprecated configure --with-arlib option. X-Git-Tag: NTP_4_2_8P18_RC1~15 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=efc04796a8712aece8d0e1119f2a022fdb96246c;p=thirdparty%2Fntp.git Remove deprecated configure --with-arlib option. Remove configure support for ISC UNIX ca. 1998. Move NTP_OPENSSL and NTP_CRYPTO_RAND invocations from configure.ac files to NTP_LIBNTP. Move ENABLE_CMAC to ntp_openssl.m4, enabling sntp/tests CMAC unit tests. Remove dead code: HAVE_U_INT32_ONLY_WITH_DNS. Eliminate [v]snprintf redefinition warnings on macOS. Fix clang 14 cast increases alignment warning on Linux. Move ENABLE_CMAC to ntp_openssl.m4, reviving sntp/tests CMAC unit tests. Use NTP_HARD_CPPFLAGS in libopts tearoff. bk: 65d85c2dYeIoIL_Q7vglwfR09-t_Mg --- diff --git a/ChangeLog b/ChangeLog index dad79b3fa..52b3cf3c8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -62,7 +62,6 @@ * Provide ntpd thread names to debugger on Windows. * Remove dead code libntp/numtohost.c and its unit tests. * Remove class A, B, C IPv4 distinctions in netof(). -* Use NONEMPTY_COMPILATION_UNIT in more conditionally-compiled files. * Use @configure_input@ in various *.in files to include a comment that the file is generated from another pointing to the *.in. * Correct underquoting, indents in ntp_facilitynames.m4. @@ -89,6 +88,18 @@ * Add configure --enable-verbose-ssl to trace SSL detection. * Add build test coverage for --disable-saveconfig to flock-build script. +* Remove deprecated configure --with-arlib option. +* Remove configure support for ISC UNIX ca. 1998. +* Move NTP_OPENSSL and NTP_CRYPTO_RAND invocations from configure.ac files + to NTP_LIBNTP. +* Move ENABLE_CMAC to ntp_openssl.m4, enabling sntp/tests CMAC unit tests. + +* Remove dead code: HAVE_U_INT32_ONLY_WITH_DNS. +* Eliminate [v]snprintf redefinition warnings on macOS. +* Fix clang 14 cast increases alignment warning on Linux. +* Move ENABLE_CMAC to ntp_openssl.m4, reviving sntp/tests CMAC unit tests. + +* Use NTP_HARD_CPPFLAGS in libopts tearoff. --- (4.2.8p17) 2023/06/06 Released by Harlan Stenn diff --git a/configure.ac b/configure.ac index 7362ec6cd..1bd183d13 100644 --- a/configure.ac +++ b/configure.ac @@ -35,7 +35,7 @@ AC_PRESERVE_HELP_ORDER # the date YYYYMMDD optionally with -HHMM if there is more than one # bump in a day. -ntp_configure_cache_version=20240103 +ntp_configure_cache_version=20240218 # When the cache version of config.cache and configure do not # match, NTP_CACHEVERSION will flush the cache. @@ -103,18 +103,6 @@ NTP_LIBEVENT_CHECK_NOBUILD([2], [sntp/libevent]) NTP_LIBNTP -AC_MSG_CHECKING([for deprecated --with-arlib]) -AC_ARG_WITH([arlib], - AS_HELP_STRING([--with-arlib], [- deprecated, arlib not distributed]), - [ans=$withval], [ans=no]) -AC_MSG_RESULT([$ans]) - -case "$ans" in - yes) - AC_MSG_WARN([Please do not use --with-arlib, arlib is no longer included. In the future, --with-arlib will not be recognized.]) - ;; -esac - dnl we need to check for cross compile tools for vxWorks here AC_PROG_AWK AS_UNSET([ac_cv_prog_AWK]) @@ -122,7 +110,6 @@ AC_SUBST([AWK]) dnl scripts/ntpver.in AC_PROG_MAKE_SET AC_PROG_LN_S -AC_ISC_POSIX AC_PATH_PROG([PATH_PERL], [perl]) @@ -3005,22 +2992,7 @@ case "$ntp_libparse" in esac AC_MSG_RESULT([$ans]) -NTP_OPENSSL - -AC_MSG_CHECKING([if we want to enable CMAC support]) -case "$ac_cv_header_openssl_cmac_h" in - yes) - AC_DEFINE([ENABLE_CMAC], [1], [Enable CMAC support?]) - ans="yes" - ;; - *) ans="no" - ;; -esac -AC_MSG_RESULT([$ans]) - -NTP_CRYPTO_RAND - -# if we are building Autokey (--with-autokey), by default Autokey is enabled +# if we have crypto, by default Autokey is enabled AC_ARG_ENABLE( [autokey], AS_HELP_STRING( diff --git a/include/c99_snprintf.h b/include/c99_snprintf.h new file mode 100644 index 000000000..f5c1bf0e1 --- /dev/null +++ b/include/c99_snprintf.h @@ -0,0 +1,28 @@ +/* + * ntp_c99_snprintf.h + * + * Included from config.h to deal with replacing [v]snprintf() on older + * systems. The #undef lines below cannot be directly in config.h as + * config.status modifies each #undef in config.h.in to either be a + * commented-out #undef or a functional #define. Here they are used + * to avoid redefinition warnings on systems such as macos ca. 2024 + * where system headers define [v]snprintf as preprocessor macros. + * + * Do not include this file directly, leave it to config.h. + */ + +#if !defined(_KERNEL) && !defined(PARSESTREAM) +/* + * stdio.h must be included in config.h after _GNU_SOURCE is defined + * but before #define snprintf rpl_snprintf + */ +# include +#endif + +#ifdef HW_WANT_RPL_SNPRINTF +# undef snprintf +#endif +#ifdef HW_WANT_RPL_VSNPRINTF +# undef vsnprintf +#endif + diff --git a/libntp/ntp_intres.c b/libntp/ntp_intres.c index 9fc3815ef..29546147d 100644 --- a/libntp/ntp_intres.c +++ b/libntp/ntp_intres.c @@ -84,12 +84,6 @@ # include # endif # include -# ifdef HAVE_INT32_ONLY_WITH_DNS -# define HAVE_INT32 -# endif -# ifdef HAVE_U_INT32_ONLY_WITH_DNS -# define HAVE_U_INT32 -# endif #endif #include "ntp.h" diff --git a/ntpd/ntp_io.c b/ntpd/ntp_io.c index 5bb357c31..bcd4632ce 100644 --- a/ntpd/ntp_io.c +++ b/ntpd/ntp_io.c @@ -4802,7 +4802,7 @@ localaddrtoa( static void process_routing_msgs(struct asyncio_reader *reader) { - static char * buffer; + static void * buffer; static size_t buffsz = 8192; int cnt, new, msg_type; socklen_t len; @@ -4859,9 +4859,7 @@ process_routing_msgs(struct asyncio_reader *reader) * process routing message */ #ifdef HAVE_RTNETLINK - for (nh = UA_PTR(struct nlmsghdr, buffer); - NLMSG_OK(nh, cnt); - nh = NLMSG_NEXT(nh, cnt)) + for (nh = buffer; NLMSG_OK(nh, cnt); nh = NLMSG_NEXT(nh, cnt)) { msg_type = nh->nlmsg_type; #else @@ -4880,7 +4878,7 @@ process_routing_msgs(struct asyncio_reader *reader) return; } msg_type = rtm.rtm_type; -#endif +#endif /* !HAVE_RTNETLINK */ switch (msg_type) { #ifdef RTM_NEWADDR case RTM_NEWADDR: diff --git a/sntp/configure.ac b/sntp/configure.ac index f5db852d3..f4924f870 100644 --- a/sntp/configure.ac +++ b/sntp/configure.ac @@ -33,7 +33,7 @@ AC_LANG([C]) # the date YYYYMMDD optionally with -HHMM if there is more than one # bump in a day. -sntp_configure_cache_version=20240103 +sntp_configure_cache_version=20240218 # When the version of config.cache and configure do not # match, NTP_CACHEVERSION will flush the cache. @@ -121,7 +121,6 @@ NTP_FACILITYNAMES # Checks for typedefs, structures, and compiler characteristics. AC_HEADER_STDBOOL -NTP_OPENSSL NTP_IPV6 ### diff --git a/sntp/libopts/Makefile.am b/sntp/libopts/Makefile.am index 7490a75e6..72e9dc447 100644 --- a/sntp/libopts/Makefile.am +++ b/sntp/libopts/Makefile.am @@ -6,7 +6,6 @@ else noinst_LTLIBRARIES = libopts.la endif libopts_la_SOURCES = libopts.c -libopts_la_CPPFLAGS = -I$(srcdir) libopts_la_LDFLAGS = -version-info 42:1:17 EXTRA_DIST = @@ -14,8 +13,7 @@ BUILT_SOURCES = MOSTLYCLEANFILES = AM_CFLAGS = $(NTP_HARD_CFLAGS) $(CC_NOFORMAT) -AM_CPPFLAGS = $(NTP_HARD_CPPFLAGS) -AM_LDFLAGS = $(NTP_HARD_LDFLAGS) +AM_CPPFLAGS = $(NTP_HARD_CPPFLAGS) -I$(top_srcdir)/../include libopts.c: $(BUILT_SOURCES) @: do-nothing rule to avoid default SCCS get diff --git a/sntp/m4/ntp_libntp.m4 b/sntp/m4/ntp_libntp.m4 index 917c83044..e44147f3f 100644 --- a/sntp/m4/ntp_libntp.m4 +++ b/sntp/m4/ntp_libntp.m4 @@ -492,7 +492,7 @@ AC_DEFUN([NTP_BEFORE_HW_FUNC_VSNPRINTF], [ AC_ARG_ENABLE( [c99-snprintf], [AS_HELP_STRING( - [--enable-c99-snprintf], + [--enable-c99-snprintf], [s use replacement printf family] )], [force_c99_snprintf=$enableval], @@ -505,15 +505,8 @@ AC_DEFUN([NTP_BEFORE_HW_FUNC_VSNPRINTF], [ esac AH_VERBATIM( [snprinte],dnl sorted in config.h just before #define snprintf - [ - #if !defined(_KERNEL) && !defined(PARSESTREAM) - /* - * stdio.h must be included after _GNU_SOURCE is defined - * but before #define snprintf rpl_snprintf - */ - # include - #endif - ]) + [#include "c99_snprintf.h"] + ) AH_BOTTOM([ #if !defined(_KERNEL) && !defined(PARSESTREAM) # if defined(HW_WANT_RPL_VSNPRINTF) @@ -756,62 +749,6 @@ typedef unsigned int uintptr_t; #define HAVE_UINTPTR_T 1 #endif]) -case "$ac_cv_type_int32::$ac_cv_header_resolv_h" in - no::yes) - AC_CACHE_CHECK( - [for int32 with DNS headers included], - [ntp_cv_type_int32_with_dns], - [AC_COMPILE_IFELSE( - [AC_LANG_PROGRAM( - [[ - #ifdef HAVE_ARPA_NAMESER_H - # include - #endif - #include - ]], - [[ - size_t cb = sizeof(int32); - ]] - )], - [ntp_cv_type_int32_with_dns=yes], - [ntp_cv_type_int32_with_dns=no] - )] - ) - case "$ntp_cv_type_int32_with_dns" in - yes) - AC_DEFINE([HAVE_INT32_ONLY_WITH_DNS], [1], - [int32 type in DNS headers, not others.]) - esac -esac - -case "$ac_cv_type_u_int32::$ac_cv_header_resolv_h" in - no::yes) - AC_CACHE_CHECK( - [for u_int32 with DNS headers included], - [ntp_cv_type_u_int32_with_dns], - [AC_COMPILE_IFELSE( - [AC_LANG_PROGRAM( - [[ - #ifdef HAVE_ARPA_NAMESER_H - # include - #endif - #include - ]], - [[ - size_t cb = sizeof(u_int32); - ]] - )], - [ntp_cv_type_u_int32_with_dns=yes], - [ntp_cv_type_u_int32_with_dns=no] - )] - ) - case "$ntp_cv_type_u_int32_with_dns" in - yes) - AC_DEFINE([HAVE_U_INT32_ONLY_WITH_DNS], [1], - [u_int32 type in DNS headers, not others.]) - esac -esac - AC_CHECK_HEADERS( [sys/timepps.h], [], @@ -1186,6 +1123,9 @@ dnl build from tarball. It's only useful when modifying libntp source code dnl and rebuilding in a client subdir rather than the whole package. AM_CONDITIONAL([LIBNTP_SUBMAKES], [test x"$enable_dependency_tracking" = x"yes"]) +NTP_OPENSSL +NTP_CRYPTO_RAND + dnl add to LDADD_LIBNTP set by ntp_compiler.m4 LDADD_LIBNTP="$LDADD_LIBNTP $LIBS" LIBS=$SAVED_LIBS diff --git a/sntp/m4/ntp_openssl.m4 b/sntp/m4/ntp_openssl.m4 index 74ffb5ad9..224f5b5ec 100644 --- a/sntp/m4/ntp_openssl.m4 +++ b/sntp/m4/ntp_openssl.m4 @@ -180,6 +180,8 @@ case "$with_crypto" in '') dnl ### set ntp_ssl_libdir ### + dnl unconventional, using AC_CHECK_LIB repeatedly, clear cached result. + AS_UNSET([ac_cv_lib_crypto_EVP_MD_CTX_new]) AC_MSG_NOTICE([Searching for libcrypto without -L]) AC_CHECK_LIB( [crypto], @@ -543,7 +545,15 @@ AC_MSG_RESULT([$ntp_openssl]) case "$ntp_openssl" in yes) VER_SUFFIX=o - AC_CHECK_HEADERS([openssl/cmac.h openssl/hmac.h]) + AC_CHECK_HEADERS( + [openssl/cmac.h], + [ntp_enable_cmac=yes], + [ntp_enable_cmac=no] + ) + case "$ntp_enable_cmac" in + yes) + AC_DEFINE([ENABLE_CMAC], [1], [Enable CMAC support?]) + esac AC_DEFINE([OPENSSL], [], [Use OpenSSL?]) dnl OpenSSL 3 deprecates a bunch of functions used by Autokey. dnl Adapting our code to the bold new way is not a priority @@ -578,6 +588,7 @@ AS_UNSET([NTPSSL_SAVED_CFLAGS]) AS_UNSET([NTPSSL_SAVED_CPPFLAGS]) AS_UNSET([NTPSSL_SAVED_LIBS]) AS_UNSET([NTPSSL_SAVED_LDFLAGS]) +AS_UNSET([ntp_enable_cmac]) AS_UNSET([ntp_use_Wstrict_prototypes]) AS_UNSET([ntp_openssl_from_pkg_config]) AS_UNSET([ntp_openssl_version]) diff --git a/sntp/tests/crypto.c b/sntp/tests/crypto.c index e033cfb60..7e4bf423e 100644 --- a/sntp/tests/crypto.c +++ b/sntp/tests/crypto.c @@ -41,7 +41,7 @@ test_MakeMd5Mac(void) memcpy(&md5.key_seq, "md5seq", md5.key_len); strlcpy(md5.typen, "MD5", sizeof(md5.typen)); md5.typei = keytype_from_text(md5.typen, NULL); - + TEST_ASSERT_EQUAL(MD5_LENGTH, make_mac(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5, actual)); @@ -73,11 +73,11 @@ test_MakeSHA1Mac(void) make_mac(PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1, actual)); TEST_ASSERT_EQUAL_MEMORY(EXPECTED_DIGEST, actual, SHA1_LENGTH); - + #else - + TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); - + #endif /* OPENSSL */ } @@ -93,8 +93,8 @@ test_MakeCMac(void) "\xdd\x35\xd5\xf5\x14\x23\xd9\xd6" "\x38\x5d\x29\x80\xfe\x51\xb9\x6b"; char actual[CMAC_LENGTH]; - struct key cmac; + cmac.next = NULL; cmac.key_id = 30; cmac.key_len = CMAC_LENGTH; @@ -105,11 +105,11 @@ test_MakeCMac(void) make_mac(PKT_DATA, PKT_LEN, CMAC_LENGTH, &cmac, actual)); TEST_ASSERT_EQUAL_MEMORY(EXPECTED_DIGEST, actual, CMAC_LENGTH); - + #else - - TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); - + + TEST_IGNORE_MESSAGE("CMAC not enabled, skipping..."); + #endif /* OPENSSL */ } @@ -123,8 +123,8 @@ test_VerifyCorrectMD5(void) "\xc7\x58\x99\xdd\x99\x32\x0f\x71" /* MAC */ "\x2b\x7b\xfe\x4f\xa2\x32\xcf\xac"; const int PKT_LEN = 12; - struct key md5; + md5.next = NULL; md5.key_id = 0; md5.key_len = 6; @@ -147,21 +147,21 @@ test_VerifySHA1(void) "\xad\x07\xde\x36\x39\xa6\x77\xfa\x5b\xce" /* MAC */ "\x2d\x8a\x7d\x06\x96\xe6\x0c\xbc\xed\xe1"; const int PKT_LEN = 12; - struct key sha1; + sha1.next = NULL; sha1.key_id = 0; sha1.key_len = 7; memcpy(&sha1.key_seq, "sha1key", sha1.key_len); - strlcpy(sha1.typen, "SHA1", sizeof(sha1.typen)); + strlcpy(sha1.typen, "SHA1", sizeof(sha1.typen)); sha1.typei = keytype_from_text(sha1.typen, NULL); TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1)); - + #else - + TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); - + #endif /* OPENSSL */ } @@ -192,9 +192,9 @@ VerifyOpenSSLCMAC(struct key *cmac) TEST_IGNORE_MESSAGE("VerifyOpenSSLCMAC needs to be implemented, skipping..."); #else - - TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); - + + TEST_IGNORE_MESSAGE("CMAC not enabled, skipping..."); + #endif /* OPENSSL */ return; } @@ -225,8 +225,8 @@ test_VerifyFailure(void) "\xc7\x58\x99\xdd\x99\x32\x0f\x71" /* MAC */ "\x2b\x7b\xfe\x4f\xa2\x32\xcf\x00"; /* Last byte is wrong! */ const int PKT_LEN = 12; - struct key md5; + md5.next = NULL; md5.key_id = 0; md5.key_len = 6; @@ -244,8 +244,8 @@ test_PacketSizeNotMultipleOfFourBytes(void) const char* PKT_DATA = "123456"; const int PKT_LEN = 6; char actual[MD5_LENGTH]; - struct key md5; + md5.next = NULL; md5.key_id = 10; md5.key_len = 6; diff --git a/sntp/tests/packetProcessing.c b/sntp/tests/packetProcessing.c index 53c454a9f..03d219399 100644 --- a/sntp/tests/packetProcessing.c +++ b/sntp/tests/packetProcessing.c @@ -483,7 +483,7 @@ test_CorrectAuthenticatedPacketCMAC(void) #else - TEST_IGNORE_MESSAGE("OpenSSL CMAC not used, skipping..."); + TEST_IGNORE_MESSAGE("CMAC not enabled, skipping..."); #endif /* OPENSSL */ } diff --git a/sntp/tests/run-packetProcessing.c b/sntp/tests/run-packetProcessing.c index c91a6d340..b3782314d 100644 --- a/sntp/tests/run-packetProcessing.c +++ b/sntp/tests/run-packetProcessing.c @@ -77,25 +77,25 @@ int main(int argc, char *argv[]) progname = argv[0]; suite_setup(); UnityBegin("packetProcessing.c"); - RUN_TEST(test_TooShortLength, 23); - RUN_TEST(test_LengthNotMultipleOfFour, 24); - RUN_TEST(test_TooShortExtensionFieldLength, 25); - RUN_TEST(test_UnauthenticatedPacketReject, 26); - RUN_TEST(test_CryptoNAKPacketReject, 27); - RUN_TEST(test_AuthenticatedPacketInvalid, 28); - RUN_TEST(test_AuthenticatedPacketUnknownKey, 29); - RUN_TEST(test_ServerVersionTooOld, 30); - RUN_TEST(test_ServerVersionTooNew, 31); - RUN_TEST(test_NonWantedMode, 32); - RUN_TEST(test_KoDRate, 33); - RUN_TEST(test_KoDDeny, 34); - RUN_TEST(test_RejectUnsyncedServer, 35); - RUN_TEST(test_RejectWrongResponseServerMode, 36); - RUN_TEST(test_AcceptNoSentPacketBroadcastMode, 37); - RUN_TEST(test_CorrectUnauthenticatedPacket, 38); - RUN_TEST(test_CorrectAuthenticatedPacketMD5, 39); - RUN_TEST(test_CorrectAuthenticatedPacketSHA1, 40); - RUN_TEST(test_CorrectAuthenticatedPacketCMAC, 41); + RUN_TEST(test_TooShortLength, 21); + RUN_TEST(test_LengthNotMultipleOfFour, 22); + RUN_TEST(test_TooShortExtensionFieldLength, 23); + RUN_TEST(test_UnauthenticatedPacketReject, 24); + RUN_TEST(test_CryptoNAKPacketReject, 25); + RUN_TEST(test_AuthenticatedPacketInvalid, 26); + RUN_TEST(test_AuthenticatedPacketUnknownKey, 27); + RUN_TEST(test_ServerVersionTooOld, 28); + RUN_TEST(test_ServerVersionTooNew, 29); + RUN_TEST(test_NonWantedMode, 30); + RUN_TEST(test_KoDRate, 31); + RUN_TEST(test_KoDDeny, 32); + RUN_TEST(test_RejectUnsyncedServer, 33); + RUN_TEST(test_RejectWrongResponseServerMode, 34); + RUN_TEST(test_AcceptNoSentPacketBroadcastMode, 35); + RUN_TEST(test_CorrectUnauthenticatedPacket, 36); + RUN_TEST(test_CorrectAuthenticatedPacketMD5, 37); + RUN_TEST(test_CorrectAuthenticatedPacketSHA1, 38); + RUN_TEST(test_CorrectAuthenticatedPacketCMAC, 39); return (UnityEnd()); }