From patchwork Tue Apr 6 06:25:14 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 1719 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director10.mail.ord1d.rsapps.net ([172.27.255.57]) by backend30.mail.ord1d.rsapps.net with LMTP id qBP6F72LbGD2dgAAIUCqbw (envelope-from ) for ; Tue, 06 Apr 2021 12:26:37 -0400 Received: from proxy21.mail.iad3a.rsapps.net ([172.27.255.57]) by director10.mail.ord1d.rsapps.net with LMTP id uDT7F72LbGCBKwAApN4f7A (envelope-from ) for ; Tue, 06 Apr 2021 12:26:37 -0400 Received: from smtp49.gate.iad3a ([172.27.255.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy21.mail.iad3a.rsapps.net with LMTPS id wD3JEL2LbGA3RwAASBQwCQ (envelope-from ) for ; Tue, 06 Apr 2021 12:26:37 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp49.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: db29936c-96f4-11eb-bad8-525400fffce0-1-1 Received: from [216.105.38.7] ([216.105.38.7:46418] helo=lists.sourceforge.net) by smtp49.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 4F/8D-21271-CBB8C606; Tue, 06 Apr 2021 12:26:36 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1lToWV-0003On-Ua; Tue, 06 Apr 2021 16:25:52 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lToWU-0003OT-23 for openvpn-devel@lists.sourceforge.net; Tue, 06 Apr 2021 16:25:50 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc: MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=02WXlqYok+cD2jjz5+DwbKmXYq4C0AZGqV52J4LLp7Q=; b=CM++usBkoO0zGzD8OoARz1N4Hp tKXVxqG3USIORQW7efu184PeX2cdKkwxxBSrpsQ3VDZ6Ew+fsm0ViWY2UdFgI79GMGE8tNGc9WDpe xB/GeAoJWNE45eZrwrCCeh5sqPFiGbuChOrKVbObfgTgpGVSBsVe5aHYdlKSV7iNMa8k=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=02WXlqYok+cD2jjz5+DwbKmXYq4C0AZGqV52J4LLp7Q=; b=AIJi0onxKZegNUrq+M97TJE0UC O4tajJwZQ3W623Uvyrt4BQ03sevCp6ACvJ9/1sQTubKPGgEcqqFfitflfVqiDqOlftsPlBjWEwazk OU0ypL+c37AjDMQECfROLYYr2jxJkKEwf/wJYyaog2eFlWSR0tgw4M1C01iObhLiv0G0=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1lToW8-00BauR-Ae for openvpn-devel@lists.sourceforge.net; Tue, 06 Apr 2021 16:25:50 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.94 (FreeBSD)) (envelope-from ) id 1lToVy-0003qy-6k for openvpn-devel@lists.sourceforge.net; Tue, 06 Apr 2021 18:25:18 +0200 Received: (nullmailer pid 4124 invoked by uid 10006); Tue, 06 Apr 2021 16:25:18 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Tue, 6 Apr 2021 18:25:14 +0200 Message-Id: <20210406162518.4075-1-arne@rfc2549.org> X-Mailer: git-send-email 2.17.1 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 TIME_LIMIT_EXCEEDED Exceeded time limit / deadline X-Headers-End: 1lToW8-00BauR-Ae Subject: [Openvpn-devel] [PATCH 1/5] Remove check for socket functions and Win XP compatbility code X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox While the check if all socket related functions are present sounds like a good idea in theory, in reality it just adds time to configure runs. Our poll check on windows is currently only depending on sys/poll.h non-existance. Make the check and comment more explicit. Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- config-msvc.h | 23 ---------- configure.ac | 48 +-------------------- src/compat/Makefile.am | 2 - src/compat/compat-inet_ntop.c | 78 --------------------------------- src/compat/compat-inet_pton.c | 81 ----------------------------------- src/compat/compat.h | 10 ----- src/compat/compat.vcxproj | 2 - src/openvpn/mtu.c | 4 +- src/openvpn/socket.c | 12 +++--- src/openvpn/syshead.h | 8 ++-- 10 files changed, 14 insertions(+), 254 deletions(-) delete mode 100644 src/compat/compat-inet_ntop.c delete mode 100644 src/compat/compat-inet_pton.c diff --git a/config-msvc.h b/config-msvc.h index aea2628be..0f5b539fa 100644 --- a/config-msvc.h +++ b/config-msvc.h @@ -53,23 +53,6 @@ #define HAVE_PUTENV 1 #define HAVE_STAT 1 -#define HAVE_SOCKET 1 -#define HAVE_RECV 1 -#define HAVE_RECVFROM 1 -#define HAVE_SEND 1 -#define HAVE_SENDTO 1 -#define HAVE_LISTEN 1 -#define HAVE_ACCEPT 1 -#define HAVE_CONNECT 1 -#define HAVE_BIND 1 -#define HAVE_SELECT 1 -#define HAVE_GETHOSTBYNAME 1 -#define HAVE_INET_NTOA 1 -#define HAVE_SETSOCKOPT 1 -#define HAVE_GETSOCKOPT 1 -#define HAVE_GETSOCKNAME 1 -#define HAVE_POLL 1 - #define HAVE_OPENSSL_ENGINE 1 /* hardcode usage of OpenSSL 1.1.x */ #define HAVE_EVP_MD_CTX_RESET 1 @@ -155,9 +138,3 @@ typedef uint16_t in_port_t; #ifdef HAVE_CONFIG_MSVC_LOCAL_H #include #endif - -/* Vista and above has implementation of inet_ntop / inet_pton */ -#if _WIN32_WINNT >= _WIN32_WINNT_VISTA - #define HAVE_INET_NTOP - #define HAVE_INET_PTON -#endif diff --git a/configure.ac b/configure.ac index 7bc6c7b90..23dac74f1 100644 --- a/configure.ac +++ b/configure.ac @@ -684,53 +684,7 @@ AC_SUBST([SOCKETS_LIBS]) old_LIBS="${LIBS}" LIBS="${LIBS} ${SOCKETS_LIBS}" AC_CHECK_FUNCS([sendmsg recvmsg]) -# Windows use stdcall for winsock so we cannot auto detect these -m4_define( - [SOCKET_FUNCS], -[socket recv recvfrom send sendto listen dnl -accept connect bind select gethostbyname inet_ntoa]dnl -) -m4_define( - [SOCKET_OPT_FUNCS], - [setsockopt getsockopt getsockname poll]dnl -) -if test "${WIN32}" = "yes"; then -# normal autoconf function checking does not find inet_ntop/inet_pton -# because they need to include the actual header file and link ws2_32.dll - LIBS="${LIBS} -lws2_32" - AC_MSG_CHECKING([for MinGW inet_ntop()/inet_pton()]) - AC_LINK_IFELSE( - [AC_LANG_PROGRAM( - [[ -#include - ]], - [[ -int r = (int) inet_ntop (0, NULL, NULL, 0); - r += inet_pton(AF_INET, NULL, NULL); -return r; - ]] - )], - [AC_MSG_RESULT([OK]) - AC_DEFINE([HAVE_INET_NTOP],[1],[MinGW inet_ntop]) - AC_DEFINE([HAVE_INET_PTON],[1],[MinGW inet_pton]) - ], - [AC_MSG_RESULT([not found])] - ) - m4_foreach( - [F], - m4_split(SOCKET_FUNCS SOCKET_OPT_FUNCS), - m4_define([UF], [[m4_join([_], [HAVE], m4_toupper(F))]]) - AC_DEFINE([UF], [1], [Win32 builtin]) - ) -else - AC_CHECK_FUNCS([inet_ntop inet_pton]) - AC_CHECK_FUNCS( - SOCKET_FUNCS, - , - [AC_MSG_ERROR([Required library function not found])] - ) - AC_CHECK_FUNCS(SOCKET_OPT_FUNCS) -fi + LIBS="${old_LIBS}" # we assume res_init() always exist, but need to find out *where*... diff --git a/src/compat/Makefile.am b/src/compat/Makefile.am index 34b7ce773..206ea145b 100644 --- a/src/compat/Makefile.am +++ b/src/compat/Makefile.am @@ -27,7 +27,5 @@ libcompat_la_SOURCES = \ compat-basename.c \ compat-gettimeofday.c \ compat-daemon.c \ - compat-inet_ntop.c \ - compat-inet_pton.c \ compat-strsep.c \ compat-versionhelpers.h diff --git a/src/compat/compat-inet_ntop.c b/src/compat/compat-inet_ntop.c deleted file mode 100644 index f2a181e86..000000000 --- a/src/compat/compat-inet_ntop.c +++ /dev/null @@ -1,78 +0,0 @@ -/* - * OpenVPN -- An application to securely tunnel IP networks - * over a single UDP port, with support for SSL/TLS-based - * session authentication and key exchange, - * packet encryption, packet authentication, and - * packet compression. - * - * Copyright (C) 2011 - David Sommerseth - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ - -#ifdef HAVE_CONFIG_H -#include "config.h" -#elif defined(_MSC_VER) -#include "config-msvc.h" -#endif - -#ifndef HAVE_INET_NTOP - -#include "compat.h" - -#ifdef _WIN32 - -#include - -/* - * inet_ntop() and inet_pton() wrap-implementations using - * WSAAddressToString() and WSAStringToAddress() functions - * - * this is needed as long as we support running OpenVPN on WinXP - */ - -const char * -inet_ntop(int af, const void *src, char *dst, socklen_t size) -{ - struct sockaddr_storage ss; - unsigned long s = size; - - ZeroMemory(&ss, sizeof(ss)); - ss.ss_family = af; - - switch (af) - { - case AF_INET: - ((struct sockaddr_in *)&ss)->sin_addr = *(struct in_addr *)src; - break; - - case AF_INET6: - ((struct sockaddr_in6 *)&ss)->sin6_addr = *(struct in6_addr *)src; - break; - - default: - return NULL; - } - /* cannot direclty use &size because of strict aliasing rules */ - return (WSAAddressToString((struct sockaddr *)&ss, sizeof(ss), NULL, dst, &s) == 0) ? - dst : NULL; -} - -#else /* ifdef _WIN32 */ - -#error no emulation for inet_ntop - -#endif /* ifdef _WIN32 */ - -#endif /* ifndef HAVE_INET_NTOP */ diff --git a/src/compat/compat-inet_pton.c b/src/compat/compat-inet_pton.c deleted file mode 100644 index 9d451ccad..000000000 --- a/src/compat/compat-inet_pton.c +++ /dev/null @@ -1,81 +0,0 @@ -/* - * OpenVPN -- An application to securely tunnel IP networks - * over a single UDP port, with support for SSL/TLS-based - * session authentication and key exchange, - * packet encryption, packet authentication, and - * packet compression. - * - * Copyright (C) 2011 - David Sommerseth - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ - -#ifdef HAVE_CONFIG_H -#include "config.h" -#elif defined(_MSC_VER) -#include "config-msvc.h" -#endif - -#ifndef HAVE_INET_PTON - -#include "compat.h" - -#ifdef _WIN32 - -#include -#include - -/* - * inet_ntop() and inet_pton() wrap-implementations using - * WSAAddressToString() and WSAStringToAddress() functions - * - * this is needed as long as we support running OpenVPN on WinXP - */ - - -int -inet_pton(int af, const char *src, void *dst) -{ - struct sockaddr_storage ss; - int size = sizeof(ss); - char src_copy[INET6_ADDRSTRLEN+1]; - - ZeroMemory(&ss, sizeof(ss)); - /* stupid non-const API */ - strncpy(src_copy, src, INET6_ADDRSTRLEN+1); - src_copy[INET6_ADDRSTRLEN] = 0; - - if (WSAStringToAddress(src_copy, af, NULL, (struct sockaddr *)&ss, &size) == 0) - { - switch (af) - { - case AF_INET: - *(struct in_addr *)dst = ((struct sockaddr_in *)&ss)->sin_addr; - return 1; - - case AF_INET6: - *(struct in6_addr *)dst = ((struct sockaddr_in6 *)&ss)->sin6_addr; - return 1; - } - } - return 0; -} - -#else /* ifdef _WIN32 */ - -#error no emulation for inet_ntop - -#endif /* ifdef _WIN32 */ - -#endif /* ifndef HAVE_INET_PTON */ diff --git a/src/compat/compat.h b/src/compat/compat.h index a66a42350..2bf48a5eb 100644 --- a/src/compat/compat.h +++ b/src/compat/compat.h @@ -60,16 +60,6 @@ int daemon(int nochdir, int noclose); #endif -#ifndef HAVE_INET_NTOP -const char *inet_ntop(int af, const void *src, char *dst, socklen_t size); - -#endif - -#ifndef HAVE_INET_PTON -int inet_pton(int af, const char *src, void *dst); - -#endif - #ifndef HAVE_STRSEP char *strsep(char **stringp, const char *delim); diff --git a/src/compat/compat.vcxproj b/src/compat/compat.vcxproj index 23e9b9c00..b9dba0c46 100644 --- a/src/compat/compat.vcxproj +++ b/src/compat/compat.vcxproj @@ -98,8 +98,6 @@ - - diff --git a/src/openvpn/mtu.c b/src/openvpn/mtu.c index 3317c884d..15e4cedea 100644 --- a/src/openvpn/mtu.c +++ b/src/openvpn/mtu.c @@ -172,7 +172,7 @@ set_mtu_discover_type(socket_descriptor_t sd, int mtu_type, sa_family_t proto_af { switch (proto_af) { -#if defined(HAVE_SETSOCKOPT) && defined(IP_MTU_DISCOVER) +#if defined(IP_MTU_DISCOVER) case AF_INET: if (setsockopt(sd, IPPROTO_IP, IP_MTU_DISCOVER, (void *) &mtu_type, sizeof(mtu_type))) @@ -183,7 +183,7 @@ set_mtu_discover_type(socket_descriptor_t sd, int mtu_type, sa_family_t proto_af break; #endif -#if defined(HAVE_SETSOCKOPT) && defined(IPV6_MTU_DISCOVER) +#if defined(IPV6_MTU_DISCOVER) case AF_INET6: if (setsockopt(sd, IPPROTO_IPV6, IPV6_MTU_DISCOVER, (void *) &mtu_type, sizeof(mtu_type))) diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c index 6bb107de6..b13d2e0f1 100644 --- a/src/openvpn/socket.c +++ b/src/openvpn/socket.c @@ -848,7 +848,7 @@ mac_addr_safe(const char *mac_addr) static int socket_get_sndbuf(socket_descriptor_t sd) { -#if defined(HAVE_GETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_SNDBUF) +#if defined(SOL_SOCKET) && defined(SO_SNDBUF) int val; socklen_t len; @@ -865,7 +865,7 @@ socket_get_sndbuf(socket_descriptor_t sd) static void socket_set_sndbuf(socket_descriptor_t sd, int size) { -#if defined(HAVE_SETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_SNDBUF) +#if defined(SOL_SOCKET) && defined(SO_SNDBUF) if (setsockopt(sd, SOL_SOCKET, SO_SNDBUF, (void *) &size, sizeof(size)) != 0) { msg(M_WARN, "NOTE: setsockopt SO_SNDBUF=%d failed", size); @@ -876,7 +876,7 @@ socket_set_sndbuf(socket_descriptor_t sd, int size) static int socket_get_rcvbuf(socket_descriptor_t sd) { -#if defined(HAVE_GETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_RCVBUF) +#if defined(SOL_SOCKET) && defined(SO_RCVBUF) int val; socklen_t len; @@ -893,7 +893,7 @@ socket_get_rcvbuf(socket_descriptor_t sd) static bool socket_set_rcvbuf(socket_descriptor_t sd, int size) { -#if defined(HAVE_SETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_RCVBUF) +#if defined(SOL_SOCKET) && defined(SO_RCVBUF) if (setsockopt(sd, SOL_SOCKET, SO_RCVBUF, (void *) &size, sizeof(size)) != 0) { msg(M_WARN, "NOTE: setsockopt SO_RCVBUF=%d failed", size); @@ -936,7 +936,7 @@ socket_set_buffers(socket_descriptor_t fd, const struct socket_buffer_size *sbs) static bool socket_set_tcp_nodelay(socket_descriptor_t sd, int state) { -#if defined(_WIN32) || (defined(HAVE_SETSOCKOPT) && defined(IPPROTO_TCP) && defined(TCP_NODELAY)) +#if defined(_WIN32) || (defined(IPPROTO_TCP) && defined(TCP_NODELAY)) if (setsockopt(sd, IPPROTO_TCP, TCP_NODELAY, (void *) &state, sizeof(state)) != 0) { msg(M_WARN, "NOTE: setsockopt TCP_NODELAY=%d failed", state); @@ -947,7 +947,7 @@ socket_set_tcp_nodelay(socket_descriptor_t sd, int state) dmsg(D_OSBUF, "Socket flags: TCP_NODELAY=%d succeeded", state); return true; } -#else /* if defined(_WIN32) || (defined(HAVE_SETSOCKOPT) && defined(IPPROTO_TCP) && defined(TCP_NODELAY)) */ +#else /* if defined(_WIN32) || (defined(IPPROTO_TCP) && defined(TCP_NODELAY)) */ msg(M_WARN, "NOTE: setsockopt TCP_NODELAY=%d failed (No kernel support)", state); return false; #endif diff --git a/src/openvpn/syshead.h b/src/openvpn/syshead.h index de4fbbf94..16f5ab11f 100644 --- a/src/openvpn/syshead.h +++ b/src/openvpn/syshead.h @@ -399,7 +399,7 @@ typedef int MIB_TCP_STATE; /* * Do we have the capability to support the --passtos option? */ -#if defined(IPPROTO_IP) && defined(IP_TOS) && defined(HAVE_SETSOCKOPT) +#if defined(IPPROTO_IP) && defined(IP_TOS) #define PASSTOS_CAPABILITY 1 #else #define PASSTOS_CAPABILITY 0 @@ -557,8 +557,10 @@ socket_defined(const socket_descriptor_t sd) /* * Is poll available on this platform? + * (Note: on win32 select is faster than poll and we avoid + * using poll there) */ -#if defined(HAVE_POLL) && defined(HAVE_POLL_H) +#if defined(HAVE_POLL_H) || !defined(_WIN32) #define POLL 1 #else #define POLL 0 @@ -582,7 +584,7 @@ socket_defined(const socket_descriptor_t sd) /* * Is non-blocking connect() supported? */ -#if defined(HAVE_GETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_ERROR) && defined(EINPROGRESS) && defined(ETIMEDOUT) +#if defined(SOL_SOCKET) && defined(SO_ERROR) && defined(EINPROGRESS) && defined(ETIMEDOUT) #define CONNECT_NONBLOCK #endif From patchwork Tue Apr 6 06:25:15 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 1715 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director7.mail.ord1d.rsapps.net ([172.27.255.54]) by backend30.mail.ord1d.rsapps.net with LMTP id +J+DG7WLbGAoUAAAIUCqbw (envelope-from ) for ; Tue, 06 Apr 2021 12:26:29 -0400 Received: from proxy2.mail.iad3a.rsapps.net ([172.27.255.54]) by director7.mail.ord1d.rsapps.net with LMTP id oIdEG7WLbGAEeAAAovjBpQ (envelope-from ) for ; Tue, 06 Apr 2021 12:26:29 -0400 Received: from smtp21.gate.iad3a ([172.27.255.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy2.mail.iad3a.rsapps.net with LMTPS id 6AP5FbWLbGDBUQAABcWvHw (envelope-from ) for ; Tue, 06 Apr 2021 12:26:29 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp21.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: d69ec70e-96f4-11eb-b98b-525400e75841-1-1 Received: from [216.105.38.7] ([216.105.38.7:52344] helo=lists.sourceforge.net) by smtp21.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 1C/F6-01836-4BB8C606; Tue, 06 Apr 2021 12:26:28 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.92.3) (envelope-from ) id 1lToWS-0001wi-PT; Tue, 06 Apr 2021 16:25:48 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) (envelope-from ) id 1lToWQ-0001wZ-LF for openvpn-devel@lists.sourceforge.net; Tue, 06 Apr 2021 16:25:46 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To: From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=Bpji3qd/hJx9xqPC8M5SKLsjZKwnv1DHxQ5CpODUB6M=; b=ldNRycgNjT4RPT/cpT/5wwocoe e+UK17YIsCOhfr2oDeecKgFPeuisfTJKVJrH7Hrf7Ed6TtM2X5tJDANgf1tUL7cPIX8/ZMBdYo4NH zHfVIpZ4vKa0tIMcbGw4p8JcIE/lhjnJDF1Z6+h67Jrtlv6zFau1fGXhqFyt4vJrnAcY=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=Bpji3qd/hJx9xqPC8M5SKLsjZKwnv1DHxQ5CpODUB6M=; b=CauGSzbUwvZS18k09LPZ5lIF/S gS40R1/oJclsQRh90NqkbKGl4rOzGwSwmAgKrawLQ8JhTaP64vYl+zpjOyLaCi1qwFQ/PnYqDqNA3 cSRMBT2TNchkzdUgSS7AYQM42wn+YKmAOEZAMRLSfX3kktoXZ7DFZFMZf1oP9j6IkwJw=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) id 1lToW8-00020b-EP for openvpn-devel@lists.sourceforge.net; Tue, 06 Apr 2021 16:25:46 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.94 (FreeBSD)) (envelope-from ) id 1lToVy-0003r0-9A for openvpn-devel@lists.sourceforge.net; Tue, 06 Apr 2021 18:25:18 +0200 Received: (nullmailer pid 4127 invoked by uid 10006); Tue, 06 Apr 2021 16:25:18 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Tue, 6 Apr 2021 18:25:15 +0200 Message-Id: <20210406162518.4075-2-arne@rfc2549.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210406162518.4075-1-arne@rfc2549.org> References: <20210406162518.4075-1-arne@rfc2549.org> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Headers-End: 1lToW8-00020b-EP Subject: [Openvpn-devel] [PATCH 2/5] Remove checks for uint* types that are part of C99 X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Signed-off-by: Arne Schwabe Acked-by: Antonio Quartulli --- compat.m4 | 18 ------------------ configure.ac | 8 -------- src/openvpn/syshead.h | 4 +--- 3 files changed, 1 insertion(+), 29 deletions(-) diff --git a/compat.m4 b/compat.m4 index 47650f6d3..8fa9abee1 100644 --- a/compat.m4 +++ b/compat.m4 @@ -46,24 +46,6 @@ ifdef( , [AC_DEFUN([AC_PROG_SED], [AC_CHECK_PROGS([SED], [sed])])] ) -ifdef( - [AC_TYPE_INT8_T], - , - [ - AC_CHECK_HEADERS([inttypes.h stdint.h]) - test -z "${ac_cv_header_inttypes_h}${ac_cv_header_stdint_h}" && \ - AC_MSG_ERROR([Required inttypes.h stdint.h not found]) - - AC_DEFUN([AC_TYPE_INT8_T], []) - AC_DEFUN([AC_TYPE_INT16_T], []) - AC_DEFUN([AC_TYPE_INT32_T], []) - AC_DEFUN([AC_TYPE_INT64_T], []) - AC_DEFUN([AC_TYPE_UINT8_T], []) - AC_DEFUN([AC_TYPE_UINT16_T], []) - AC_DEFUN([AC_TYPE_UINT32_T], []) - AC_DEFUN([AC_TYPE_UINT64_T], []) - ] -) ifdef( [PKG_CHECK_VAR], , diff --git a/configure.ac b/configure.ac index 23dac74f1..07a62ad8f 100644 --- a/configure.ac +++ b/configure.ac @@ -409,14 +409,6 @@ AC_TYPE_OFF_T AC_TYPE_PID_T AC_TYPE_SIZE_T AC_TYPE_UID_T -AC_TYPE_INT8_T -AC_TYPE_INT16_T -AC_TYPE_INT32_T -AC_TYPE_INT64_T -AC_TYPE_UINT8_T -AC_TYPE_UINT16_T -AC_TYPE_UINT32_T -AC_TYPE_UINT64_T AC_TYPE_SIGNAL AX_TYPE_SOCKLEN_T AC_CHECK_SIZEOF([unsigned int]) diff --git a/src/openvpn/syshead.h b/src/openvpn/syshead.h index 16f5ab11f..bca71d5cf 100644 --- a/src/openvpn/syshead.h +++ b/src/openvpn/syshead.h @@ -118,11 +118,9 @@ #include #endif -#ifdef HAVE_INTTYPES_H +/* These headers belong to C99 and should be always be present */ #include -#elif defined(HAVE_STDINT_H) #include -#endif #ifdef HAVE_STDARG_H #include From patchwork Tue Apr 6 06:25:16 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 1718 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director8.mail.ord1d.rsapps.net ([172.27.255.7]) by backend30.mail.ord1d.rsapps.net with LMTP id WENEObaLbGAZdAAAIUCqbw (envelope-from ) for ; Tue, 06 Apr 2021 12:26:30 -0400 Received: from proxy1.mail.iad3a.rsapps.net ([172.27.255.7]) by director8.mail.ord1d.rsapps.net with LMTP id UHEFObaLbGCgcAAAfY0hYg (envelope-from ) for ; Tue, 06 Apr 2021 12:26:30 -0400 Received: from smtp38.gate.iad3a ([172.27.255.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy1.mail.iad3a.rsapps.net with LMTPS id 4IMoMraLbGCcDgAA8TVjwQ (envelope-from ) for ; Tue, 06 Apr 2021 12:26:30 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp38.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: d77617c2-96f4-11eb-82fe-525400000c92-1-1 Received: from [216.105.38.7] ([216.105.38.7:56110] helo=lists.sourceforge.net) by smtp38.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 39/B1-20246-6BB8C606; Tue, 06 Apr 2021 12:26:30 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1lToWX-0000mz-QW; Tue, 06 Apr 2021 16:25:53 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lToWK-0000jH-5h for openvpn-devel@lists.sourceforge.net; Tue, 06 Apr 2021 16:25:40 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To: From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=Cnr4n7J3gCtuCFv+hr+ZNxIKxOfd/Q5MpVxmkUPNxTQ=; b=cBU0uKGG9XXO/1gdzto6/EdGlY evpH/K/lhO8MPnbT9x2i2oG60NCjhxlGmvsyIlRu0EQ942BGMRw4Rr+GJl3XZFaQHehBRVulGu6q1 oyJdB1Gn29SIx5jzsiGpMmlxsPxnFxHDHx+ZkQK6JnCFx1lMElpWS8JY/yxLpdAxH+RY=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=Cnr4n7J3gCtuCFv+hr+ZNxIKxOfd/Q5MpVxmkUPNxTQ=; b=a9tZLGjhIVZPIcI2QHQ4wlYlwS X4cLPdpqJpZCb+V1261WW+5pWyoeB38GO3Cs4ZK+SQ9ZgdQ/vpSfdHa9ZyQqC+VDn1N3nlVwhBET9 eNyHodYztf2F4/cxMFYaX1SKyWgyebOXnwe4odw4zD7/AehmtUs4KW3Q2uJPc/qEibU8=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1lToW8-00BauS-B5 for openvpn-devel@lists.sourceforge.net; Tue, 06 Apr 2021 16:25:39 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.94 (FreeBSD)) (envelope-from ) id 1lToVy-0003r4-CZ for openvpn-devel@lists.sourceforge.net; Tue, 06 Apr 2021 18:25:18 +0200 Received: (nullmailer pid 4130 invoked by uid 10006); Tue, 06 Apr 2021 16:25:18 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Tue, 6 Apr 2021 18:25:16 +0200 Message-Id: <20210406162518.4075-3-arne@rfc2549.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210406162518.4075-1-arne@rfc2549.org> References: <20210406162518.4075-1-arne@rfc2549.org> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Headers-End: 1lToW8-00BauS-B5 Subject: [Openvpn-devel] [PATCH 3/5] Remove a number of checks for functions/headers that are always present X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox For the unlink function we actually have code that just ignores the unlink call if the unlink function is not present. But all platforms should have an unlink function. This also removes all conditionals check for the headers that belong to the C99 standard library header list (https://en.cppreference.com/w/c/header). Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- config-msvc.h | 11 ----------- configure.ac | 26 ++++++------------------- src/compat/compat-daemon.c | 4 ---- src/compat/compat-gettimeofday.c | 2 -- src/openvpn/platform.c | 4 +--- src/openvpn/sig.c | 10 ---------- src/openvpn/syshead.h | 33 ++++---------------------------- 7 files changed, 11 insertions(+), 79 deletions(-) diff --git a/config-msvc.h b/config-msvc.h index 0f5b539fa..2d5e1a51c 100644 --- a/config-msvc.h +++ b/config-msvc.h @@ -5,7 +5,6 @@ #define ENABLE_PF 1 #define ENABLE_CRYPTO_OPENSSL 1 #define ENABLE_DEBUG 1 -#define ENABLE_EUREPHIA 1 #define ENABLE_FRAGMENT 1 #define ENABLE_HTTP_PROXY 1 #define ENABLE_LZO 1 @@ -17,13 +16,9 @@ #define ENABLE_PORT_SHARE 1 #define ENABLE_SOCKS 1 -#define HAVE_ERRNO_H 1 #define HAVE_FCNTL_H 1 -#define HAVE_CTYPE_H 1 -#define HAVE_STDARG_H 1 #define HAVE_STDIO_H 1 #define HAVE_STDLIB_H 1 -#define HAVE_STRDUP 1 #define HAVE_STRERROR 1 #define HAVE_STRINGS_H 1 #define HAVE_STRING_H 1 @@ -31,8 +26,6 @@ #define HAVE_SYSTEM 1 #define HAVE_TIME 1 #define HAVE_TIME_H 1 -#define HAVE_UNLINK 1 -#define HAVE_VSNPRINTF 1 #define HAVE_WINDOWS_H 1 #define HAVE_WINSOCK2_H 1 #define HAVE_WS2TCPIP_H 1 @@ -47,11 +40,7 @@ #define HAVE_ACCESS 1 #define HAVE_CHDIR 1 #define HAVE_CHSIZE 1 -#define HAVE_CTIME 1 #define HAVE_IN_PKTINFO 1 -#define HAVE_MEMSET 1 -#define HAVE_PUTENV 1 -#define HAVE_STAT 1 #define HAVE_OPENSSL_ENGINE 1 /* hardcode usage of OpenSSL 1.1.x */ diff --git a/configure.ac b/configure.ac index 07a62ad8f..81700abcb 100644 --- a/configure.ac +++ b/configure.ac @@ -414,10 +414,9 @@ AX_TYPE_SOCKLEN_T AC_CHECK_SIZEOF([unsigned int]) AC_CHECK_SIZEOF([unsigned long]) AC_CHECK_HEADERS([ \ - stdio.h stdarg.h limits.h \ - time.h errno.h fcntl.h io.h direct.h \ - ctype.h sys/types.h sys/socket.h \ - signal.h unistd.h dlfcn.h \ + fcntl.h io.h direct.h \ + sys/types.h sys/socket.h \ + unistd.h dlfcn.h \ netinet/in.h netinet/in_systm.h \ netinet/tcp.h arpa/inet.h netdb.h \ windows.h winsock2.h ws2tcpip.h \ @@ -426,16 +425,14 @@ AC_CHECK_HEADERS([ \ AC_CHECK_HEADERS([ \ sys/time.h sys/ioctl.h sys/stat.h \ sys/mman.h sys/file.h sys/wait.h \ - unistd.h signal.h libgen.h stropts.h \ + unistd.h libgen.h stropts.h \ syslog.h pwd.h grp.h termios.h \ sys/sockio.h sys/uio.h linux/sockios.h \ linux/types.h poll.h sys/epoll.h err.h \ ]) SOCKET_INCLUDES=" -#ifdef HAVE_STDLIB_H #include -#endif #ifdef HAVE_SYS_TYPES_H #include #endif @@ -591,9 +588,7 @@ AC_CHECK_DECLS( , [AC_DEFINE([SIGHUP], [1], [SIGHUP replacement])], [[ - #ifdef HAVE_SIGNAL_H #include - #endif ]] ) AC_CHECK_DECLS( @@ -601,9 +596,7 @@ AC_CHECK_DECLS( , [AC_DEFINE([SIGINT], [2], [SIGINT replacement])], [[ - #ifdef HAVE_SIGNAL_H #include - #endif ]] ) AC_CHECK_DECLS( @@ -611,9 +604,7 @@ AC_CHECK_DECLS( , [AC_DEFINE([SIGUSR1], [10], [SIGUSR1 replacement])], [[ - #ifdef HAVE_SIGNAL_H #include - #endif ]] ) AC_CHECK_DECLS( @@ -621,9 +612,7 @@ AC_CHECK_DECLS( , [AC_DEFINE([SIGUSR2], [12], [SIGUSR2 replacement])], [[ - #ifdef HAVE_SIGNAL_H #include - #endif ]] ) AC_CHECK_DECLS( @@ -631,9 +620,7 @@ AC_CHECK_DECLS( , [AC_DEFINE([SIGTERM], [15], [SIGTERM replacement])], [[ - #ifdef HAVE_SIGNAL_H #include - #endif ]] ) @@ -642,9 +629,8 @@ AC_FUNC_FORK AC_CHECK_FUNCS([ \ daemon chroot getpwnam setuid nice system getpid dup dup2 \ syslog openlog mlockall getrlimit getgrnam setgid \ - setgroups stat flock readv writev time gettimeofday \ - ctime memset vsnprintf strdup \ - setsid chdir putenv getpeername unlink \ + setgroups flock readv writev time gettimeofday \ + setsid chdir getpeername unlink \ chsize ftruncate execve getpeereid umask basename dirname access \ epoll_create strsep \ ]) diff --git a/src/compat/compat-daemon.c b/src/compat/compat-daemon.c index 4ef28faf0..197bc3f1b 100644 --- a/src/compat/compat-daemon.c +++ b/src/compat/compat-daemon.c @@ -33,9 +33,7 @@ #include #endif -#ifdef HAVE_STDLIB_H #include -#endif #ifdef HAVE_SYS_TYPES_H #include @@ -49,9 +47,7 @@ #include #endif -#ifdef HAVE_ERRNO_H #include -#endif int daemon(int nochdir, int noclose) diff --git a/src/compat/compat-gettimeofday.c b/src/compat/compat-gettimeofday.c index e63c8d7f8..823dfba6a 100644 --- a/src/compat/compat-gettimeofday.c +++ b/src/compat/compat-gettimeofday.c @@ -117,9 +117,7 @@ gettimeofday(struct timeval *tv, void *tz) #else /* ifdef _WIN32 */ -#ifdef HAVE_TIME_H #include -#endif int gettimeofday(struct timeval *tv, void *tz) diff --git a/src/openvpn/platform.c b/src/openvpn/platform.c index 3bf95f843..45ee54541 100644 --- a/src/openvpn/platform.c +++ b/src/openvpn/platform.c @@ -354,10 +354,8 @@ platform_unlink(const char *filename) BOOL ret = DeleteFileW(wide_string(filename, &gc)); gc_free(&gc); return (ret != 0); -#elif defined(HAVE_UNLINK) +#else return (unlink(filename) == 0); -#else /* if defined(_WIN32) */ - return false; #endif } diff --git a/src/openvpn/sig.c b/src/openvpn/sig.c index 24a2878fa..3409c3adb 100644 --- a/src/openvpn/sig.c +++ b/src/openvpn/sig.c @@ -214,7 +214,6 @@ signal_restart_status(const struct signal_info *si) #endif /* ifdef ENABLE_MANAGEMENT */ } -#ifdef HAVE_SIGNAL_H /* normal signal handler, when we are in event loop */ static void @@ -224,22 +223,18 @@ signal_handler(const int signum) signal(signum, signal_handler); } -#endif /* set handlers for unix signals */ -#ifdef HAVE_SIGNAL_H #define SM_UNDEF 0 #define SM_PRE_INIT 1 #define SM_POST_INIT 2 static int signal_mode; /* GLOBAL */ -#endif void pre_init_signal_catch(void) { #ifndef _WIN32 -#ifdef HAVE_SIGNAL_H signal_mode = SM_PRE_INIT; signal(SIGINT, signal_handler); signal(SIGTERM, signal_handler); @@ -247,7 +242,6 @@ pre_init_signal_catch(void) signal(SIGUSR1, SIG_IGN); signal(SIGUSR2, SIG_IGN); signal(SIGPIPE, SIG_IGN); -#endif /* HAVE_SIGNAL_H */ #endif /* _WIN32 */ } @@ -255,7 +249,6 @@ void post_init_signal_catch(void) { #ifndef _WIN32 -#ifdef HAVE_SIGNAL_H signal_mode = SM_POST_INIT; signal(SIGINT, signal_handler); signal(SIGTERM, signal_handler); @@ -263,7 +256,6 @@ post_init_signal_catch(void) signal(SIGUSR1, signal_handler); signal(SIGUSR2, signal_handler); signal(SIGPIPE, SIG_IGN); -#endif /* HAVE_SIGNAL_H */ #endif } @@ -271,7 +263,6 @@ post_init_signal_catch(void) void restore_signal_state(void) { -#ifdef HAVE_SIGNAL_H if (signal_mode == SM_PRE_INIT) { pre_init_signal_catch(); @@ -280,7 +271,6 @@ restore_signal_state(void) { post_init_signal_catch(); } -#endif } /* diff --git a/src/openvpn/syshead.h b/src/openvpn/syshead.h index bca71d5cf..bac07d102 100644 --- a/src/openvpn/syshead.h +++ b/src/openvpn/syshead.h @@ -78,9 +78,7 @@ #include #endif -#ifdef HAVE_TIME_H #include -#endif #ifdef HAVE_SYS_SOCKET_H #include @@ -114,40 +112,19 @@ #include #endif -#ifdef HAVE_STDLIB_H -#include -#endif - /* These headers belong to C99 and should be always be present */ +#include #include #include - -#ifdef HAVE_STDARG_H #include -#endif - -#ifdef HAVE_UNISTD_H -#include -#endif - -#ifdef HAVE_SIGNAL_H #include -#endif - -#ifdef HAVE_LIMITS_H #include -#endif - -#ifdef HAVE_STDIO_H #include -#endif - -#ifdef HAVE_CTYPE_H #include -#endif - -#ifdef HAVE_ERRNO_H #include + +#ifdef HAVE_UNISTD_H +#include #endif #ifdef HAVE_ERR_H @@ -199,10 +176,8 @@ #include #endif #else -#ifdef HAVE_STRING_H #include #endif -#endif #ifdef HAVE_ARPA_INET_H #include From patchwork Tue Apr 6 06:25:17 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 1717 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director14.mail.ord1d.rsapps.net ([172.27.255.8]) by backend30.mail.ord1d.rsapps.net with LMTP id IM9LJLWLbGCoQAAAIUCqbw (envelope-from ) for ; Tue, 06 Apr 2021 12:26:29 -0400 Received: from proxy19.mail.iad3a.rsapps.net ([172.27.255.8]) by director14.mail.ord1d.rsapps.net with LMTP id EC0hJLWLbGC5FQAAeJ7fFg (envelope-from ) for ; Tue, 06 Apr 2021 12:26:29 -0400 Received: from smtp27.gate.iad3a ([172.27.255.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy19.mail.iad3a.rsapps.net with LMTPS id EAacG7WLbGBDYQAAXy6Yeg (envelope-from ) for ; Tue, 06 Apr 2021 12:26:29 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp27.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: d6972b66-96f4-11eb-9019-525400358560-1-1 Received: from [216.105.38.7] ([216.105.38.7:46360] helo=lists.sourceforge.net) by smtp27.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id F1/B8-26736-4BB8C606; Tue, 06 Apr 2021 12:26:28 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1lToWO-0003O0-PM; Tue, 06 Apr 2021 16:25:44 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lToWN-0003No-TV for openvpn-devel@lists.sourceforge.net; Tue, 06 Apr 2021 16:25:43 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To: From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=GadzUPfc+bB9YyvLyOuPBqnDSR8GtrRLKtsi1GiyiDk=; b=DB5tO7kPFWRkHC+rSQjAkqydUg IGsRrQoGpWd+kg2WOnagS18fKiB4mGA8EFCH9zcixqZnLnL1lYLK1uyfjaf6XKNjnGHnr1HLA/ZIl TjXzLUj6+LcY2/dqYbxp9xv/u+w1mZVxjwhzFAH7FfJehuNfNmrppdj3OUnYOTzafdE8=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=GadzUPfc+bB9YyvLyOuPBqnDSR8GtrRLKtsi1GiyiDk=; b=YkuqPhCMTachEvTnhq16K9QiOG OIFqFkO97nvwm9Mwr3xIsMORFUGKwUuFzF7ZwSrQC8slebw2W3Aikw63jnXDAz0+fO8Qwr4D/Z8/d FcHbxhd0xxkzFaQ36klqg6SppgKt7H6VKtoEgEx0BjW5PTvEfraRkGYN0fOWJOLuaKqg=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) id 1lToW8-00020c-FF for openvpn-devel@lists.sourceforge.net; Tue, 06 Apr 2021 16:25:43 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.94 (FreeBSD)) (envelope-from ) id 1lToVy-0003r7-Eu for openvpn-devel@lists.sourceforge.net; Tue, 06 Apr 2021 18:25:18 +0200 Received: (nullmailer pid 4133 invoked by uid 10006); Tue, 06 Apr 2021 16:25:18 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Tue, 6 Apr 2021 18:25:17 +0200 Message-Id: <20210406162518.4075-4-arne@rfc2549.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210406162518.4075-1-arne@rfc2549.org> References: <20210406162518.4075-1-arne@rfc2549.org> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 TIME_LIMIT_EXCEEDED Exceeded time limit / deadline X-Headers-End: 1lToW8-00020c-FF Subject: [Openvpn-devel] [PATCH 4/5] Use EVP_CTRL_AEAD_* instead EVP_CTRL_GCM_* X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Use the modern names instead of the old GCM specific ones. AEAD instead GCM makes especially sense when using Chacha20-Poly1305. Signed-off-by: Arne Schwabe Acked-by: Antonio Quartulli --- src/openvpn/crypto_openssl.c | 4 ++-- src/openvpn/openssl_compat.h | 5 +++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index dc6b0fa71..f8b36bf85 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -792,7 +792,7 @@ cipher_ctx_iv_length(const EVP_CIPHER_CTX *ctx) int cipher_ctx_get_tag(EVP_CIPHER_CTX *ctx, uint8_t *tag_buf, int tag_size) { - return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, tag_size, tag_buf); + return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, tag_size, tag_buf); } int @@ -853,7 +853,7 @@ cipher_ctx_final_check_tag(EVP_CIPHER_CTX *ctx, uint8_t *dst, int *dst_len, uint8_t *tag, size_t tag_len) { ASSERT(tag_len < SIZE_MAX); - if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, tag_len, tag)) + if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag_len, tag)) { return 0; } diff --git a/src/openvpn/openssl_compat.h b/src/openvpn/openssl_compat.h index eb6c9c906..ff024feff 100644 --- a/src/openvpn/openssl_compat.h +++ b/src/openvpn/openssl_compat.h @@ -46,6 +46,11 @@ #include #include +#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)) && !defined(ENABLE_CRYPTO_WOLFSSL) +#define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG +#define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG +#endif + #if !defined(HAVE_EVP_MD_CTX_RESET) /** * Reset a message digest context From patchwork Tue Apr 6 06:25:18 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 1716 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director8.mail.ord1d.rsapps.net ([172.27.255.53]) by backend30.mail.ord1d.rsapps.net with LMTP id gH9QHrWLbGD2dgAAIUCqbw (envelope-from ) for ; Tue, 06 Apr 2021 12:26:29 -0400 Received: from proxy13.mail.iad3a.rsapps.net ([172.27.255.53]) by director8.mail.ord1d.rsapps.net with LMTP id wPUDHrWLbGB1cQAAfY0hYg (envelope-from ) for ; Tue, 06 Apr 2021 12:26:29 -0400 Received: from smtp37.gate.iad3a ([172.27.255.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy13.mail.iad3a.rsapps.net with LMTPS id cGVjF7WLbGBlRQAAwhxzoA (envelope-from ) for ; Tue, 06 Apr 2021 12:26:29 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp37.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: d6baf1ae-96f4-11eb-b423-525400dc5f6a-1-1 Received: from [216.105.38.7] ([216.105.38.7:46362] helo=lists.sourceforge.net) by smtp37.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id CB/85-17059-4BB8C606; Tue, 06 Apr 2021 12:26:29 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1lToWL-0003NO-Ia; Tue, 06 Apr 2021 16:25:41 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lToWJ-0003NF-GC for openvpn-devel@lists.sourceforge.net; Tue, 06 Apr 2021 16:25:39 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To: From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=lULAV2vEJ92q3XQpiEE/h1E9LvgarzzHpezn2x6ev8w=; b=DTp6fbys+s0lpK2jayFV6BddG+ 0KCYsuArrm3s4j92toHNezOqHUE80o8UmZUbgi4bnVgKGeToEi3sZOhbZihKdoReCOwc7lZzGXmlb UV/DrMsrmXUtZ+JRcyACPWb3uvAjXBlkYllRqMzyKxQkYfTZpnNCI3h4o+DacHgF1qQ4=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=lULAV2vEJ92q3XQpiEE/h1E9LvgarzzHpezn2x6ev8w=; b=GRUXpJZhKXYWslC2lOXmJLDW7o rJKsOaHkgR01vk6IxhQ+xLu9mseJVFCOvOJet0811IY51iAp0G6kGy3P77QVjgsnS2UTh8kISU6zA UVcLFDUHWCBlOQykuObjbMbCwZtGQvdb+jpCjQjfdXzqawvgf85gqjOwiEAfQweUyIJw=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) id 1lToW8-00020d-EQ for openvpn-devel@lists.sourceforge.net; Tue, 06 Apr 2021 16:25:38 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.94 (FreeBSD)) (envelope-from ) id 1lToVy-0003rA-IQ for openvpn-devel@lists.sourceforge.net; Tue, 06 Apr 2021 18:25:18 +0200 Received: (nullmailer pid 4136 invoked by uid 10006); Tue, 06 Apr 2021 16:25:18 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Tue, 6 Apr 2021 18:25:18 +0200 Message-Id: <20210406162518.4075-5-arne@rfc2549.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210406162518.4075-1-arne@rfc2549.org> References: <20210406162518.4075-1-arne@rfc2549.org> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Headers-End: 1lToW8-00020d-EQ Subject: [Openvpn-devel] [PATCH 5/5] Remove OpenSSL configure checks X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox These checks for the functions take a lot of time in configure call and also having these checks make it more blurry for which of the supported OpenSSL versions (and libraries claiming to be OpenSSL) are actually needed. Tested with OpenSSL 1.1.1(Ubuntu 20, macOS), 1.0.2 (CentOS7), 1.1.0 (Debian stretch), LibreSSL (OpenBSD 6.8) and wolfSSL Signed-off-by: Arne Schwabe Acked-by: Antonio Quartulli --- configure.ac | 84 -------------------- src/openvpn/openssl_compat.h | 144 +++++++---------------------------- 2 files changed, 29 insertions(+), 199 deletions(-) diff --git a/configure.ac b/configure.ac index 81700abcb..747325164 100644 --- a/configure.ac +++ b/configure.ac @@ -846,50 +846,6 @@ if test "${with_crypto_library}" = "openssl"; then # have this feature have_export_keying_material="yes" - AC_CHECK_FUNCS( - [ \ - HMAC_CTX_new \ - HMAC_CTX_free \ - HMAC_CTX_reset \ - EVP_MD_CTX_new \ - EVP_MD_CTX_free \ - EVP_MD_CTX_reset \ - EVP_CIPHER_CTX_reset \ - OpenSSL_version \ - SSL_CTX_get_default_passwd_cb \ - SSL_CTX_get_default_passwd_cb_userdata \ - SSL_CTX_set1_groups \ - SSL_CTX_set_security_level \ - X509_get0_notBefore \ - X509_get0_notAfter \ - X509_get0_pubkey \ - X509_STORE_get0_objects \ - X509_OBJECT_free \ - X509_OBJECT_get_type \ - EVP_PKEY_get0_RSA \ - EVP_PKEY_get0_DSA \ - EVP_PKEY_get0_EC_KEY \ - RSA_set_flags \ - RSA_bits \ - RSA_get0_key \ - RSA_set0_key \ - DSA_get0_pqg \ - DSA_bits \ - RSA_meth_new \ - RSA_meth_free \ - RSA_meth_set_pub_enc \ - RSA_meth_set_pub_dec \ - RSA_meth_set_priv_enc \ - RSA_meth_set_priv_dec \ - RSA_meth_set_init \ - RSA_meth_set_sign \ - RSA_meth_set_finish \ - RSA_meth_set0_app_data \ - RSA_meth_get0_app_data \ - EC_GROUP_order_bits - ] - ) - CFLAGS="${saved_CFLAGS}" LIBS="${saved_LIBS}" @@ -999,46 +955,6 @@ elif test "${with_crypto_library}" = "wolfssl"; then # wolfSSL signal EKM support have_export_keying_material="yes" - AC_DEFINE([HAVE_HMAC_CTX_NEW], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_HMAC_CTX_FREE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_HMAC_CTX_RESET], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_EVP_MD_CTX_NEW], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_EVP_MD_CTX_FREE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_EVP_MD_CTX_RESET], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_EVP_CIPHER_CTX_RESET], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_OPENSSL_VERSION], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_SSL_CTX_GET_DEFAULT_PASSWD_CB], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_SSL_CTX_GET_DEFAULT_PASSWD_CB_USERDATA], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_SSL_CTX_SET_SECURITY_LEVEL], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_X509_GET0_NOTBEFORE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_X509_GET0_NOTAFTER], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_X509_GET0_PUBKEY], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_X509_STORE_GET0_OBJECTS], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_X509_OBJECT_FREE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_X509_OBJECT_GET_TYPE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_EVP_PKEY_ID], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_EVP_PKEY_GET0_RSA], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_EVP_PKEY_GET0_DSA], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_EVP_PKEY_GET0_EC_KEY], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_RSA_SET_FLAGS], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_RSA_BITS], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_RSA_GET0_KEY], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_RSA_SET0_KEY], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_DSA_GET0_PQG], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_DSA_BITS], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_RSA_METH_NEW], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_RSA_METH_FREE], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_RSA_METH_SET_PUB_ENC], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_RSA_METH_SET_PUB_DEC], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_RSA_METH_SET_PRIV_ENC], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_RSA_METH_SET_PRIV_DEC], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_RSA_METH_SET_INIT], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_RSA_METH_SET_SIGN], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_RSA_METH_SET_FINISH], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_RSA_METH_SET0_APP_DATA], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_RSA_METH_GET0_APP_DATA], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - AC_DEFINE([HAVE_EC_GROUP_ORDER_BITS], [1], [Emulate AC_CHECK_FUNCS since these are defined as macros]) - if test "${enable_wolfssl_options_h}" = "yes"; then AC_DEFINE([EXTERNAL_OPTS_OPENVPN], [1], [Include options.h from wolfSSL library]) else diff --git a/src/openvpn/openssl_compat.h b/src/openvpn/openssl_compat.h index ff024feff..9fc4f2600 100644 --- a/src/openvpn/openssl_compat.h +++ b/src/openvpn/openssl_compat.h @@ -46,12 +46,36 @@ #include #include +/* Functionality missing in 1.1.0 */ +#if OPENSSL_VERSION_NUMBER < 0x10101000L && !defined(ENABLE_CRYPTO_WOLFSSL) +#define SSL_CTX_set1_groups SSL_CTX_set1_curves +#endif + +/* Functionality missing in LibreSSL and OpenSSL 1.0.2 */ #if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)) && !defined(ENABLE_CRYPTO_WOLFSSL) -#define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG -#define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG +/** + * Destroy a X509 object + * + * @param obj X509 object + */ +static inline void +X509_OBJECT_free(X509_OBJECT *obj) +{ + if (obj) + { + X509_OBJECT_free_contents(obj); + OPENSSL_free(obj); + } +} + +#define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT RSA_F_RSA_EAY_PRIVATE_ENCRYPT +#define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG +#define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG #endif -#if !defined(HAVE_EVP_MD_CTX_RESET) + +/* Functionality missing in 1.0.2 */ +#if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(ENABLE_CRYPTO_WOLFSSL) /** * Reset a message digest context * @@ -64,9 +88,7 @@ EVP_MD_CTX_reset(EVP_MD_CTX *ctx) EVP_MD_CTX_cleanup(ctx); return 1; } -#endif -#if !defined(HAVE_EVP_MD_CTX_FREE) /** * Free an existing message digest context * @@ -77,9 +99,7 @@ EVP_MD_CTX_free(EVP_MD_CTX *ctx) { free(ctx); } -#endif -#if !defined(HAVE_EVP_MD_CTX_NEW) /** * Allocate a new message digest object * @@ -92,21 +112,11 @@ EVP_MD_CTX_new(void) ALLOC_OBJ_CLEAR(ctx, EVP_MD_CTX); return ctx; } -#endif -#if !defined(HAVE_EVP_CIPHER_CTX_RESET) #define EVP_CIPHER_CTX_reset EVP_CIPHER_CTX_init -#endif - -#if !defined(HAVE_X509_GET0_NOTBEFORE) #define X509_get0_notBefore X509_get_notBefore -#endif - -#if !defined(HAVE_X509_GET0_NOTAFTER) #define X509_get0_notAfter X509_get_notAfter -#endif -#if !defined(HAVE_HMAC_CTX_RESET) /** * Reset a HMAC context * @@ -129,9 +139,7 @@ HMAC_CTX_reset(HMAC_CTX *ctx) HMAC_CTX_init(ctx); return 1; } -#endif -#if !defined(HAVE_HMAC_CTX_FREE) /** * Cleanup and free an existing HMAC context * @@ -143,9 +151,7 @@ HMAC_CTX_free(HMAC_CTX *ctx) HMAC_CTX_cleanup(ctx); free(ctx); } -#endif -#if !defined(HAVE_HMAC_CTX_NEW) /** * Allocate a new HMAC context object * @@ -158,9 +164,7 @@ HMAC_CTX_new(void) ALLOC_OBJ_CLEAR(ctx, HMAC_CTX); return ctx; } -#endif -#if !defined(HAVE_SSL_CTX_GET_DEFAULT_PASSWD_CB_USERDATA) /** * Fetch the default password callback user data from the SSL context * @@ -172,9 +176,7 @@ SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx) { return ctx ? ctx->default_passwd_callback_userdata : NULL; } -#endif -#if !defined(HAVE_SSL_CTX_GET_DEFAULT_PASSWD_CB) /** * Fetch the default password callback from the SSL context * @@ -186,15 +188,7 @@ SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx) { return ctx ? ctx->default_passwd_callback : NULL; } -#endif -/* This function is implemented as macro, so the configure check for the - * function may fail, so we check for both variants here */ -#if !defined(HAVE_SSL_CTX_SET1_GROUPS) && !defined(SSL_CTX_set1_groups) -#define SSL_CTX_set1_groups SSL_CTX_set1_curves -#endif - -#if !defined(HAVE_X509_GET0_PUBKEY) /** * Get the public key from a X509 certificate * @@ -207,9 +201,7 @@ X509_get0_pubkey(const X509 *x) return (x && x->cert_info && x->cert_info->key) ? x->cert_info->key->pkey : NULL; } -#endif -#if !defined(HAVE_X509_STORE_GET0_OBJECTS) /** * Fetch the X509 object stack from the X509 store * @@ -221,26 +213,7 @@ static inline STACK_OF(X509_OBJECT) { return store ? store->objs : NULL; } -#endif - -#if !defined(HAVE_X509_OBJECT_FREE) -/** - * Destroy a X509 object - * - * @param obj X509 object - */ -static inline void -X509_OBJECT_free(X509_OBJECT *obj) -{ - if (obj) - { - X509_OBJECT_free_contents(obj); - OPENSSL_free(obj); - } -} -#endif -#if !defined(HAVE_X509_OBJECT_GET_TYPE) /** * Get the type of an X509 object * @@ -252,9 +225,7 @@ X509_OBJECT_get_type(const X509_OBJECT *obj) { return obj ? obj->type : X509_LU_FAIL; } -#endif -#if !defined(HAVE_EVP_PKEY_GET0_RSA) /** * Get the RSA object of a public key * @@ -266,9 +237,7 @@ EVP_PKEY_get0_RSA(EVP_PKEY *pkey) { return (pkey && pkey->type == EVP_PKEY_RSA) ? pkey->pkey.rsa : NULL; } -#endif -#if !defined(HAVE_EVP_PKEY_GET0_EC_KEY) && !defined(OPENSSL_NO_EC) /** * Get the EC_KEY object of a public key * @@ -280,9 +249,8 @@ EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) { return (pkey && pkey->type == EVP_PKEY_EC) ? pkey->pkey.ec : NULL; } -#endif -#if !defined(HAVE_EVP_PKEY_GET0_DSA) + /** * Get the DSA object of a public key * @@ -294,9 +262,7 @@ EVP_PKEY_get0_DSA(EVP_PKEY *pkey) { return (pkey && pkey->type == EVP_PKEY_DSA) ? pkey->pkey.dsa : NULL; } -#endif -#if !defined(HAVE_RSA_SET_FLAGS) /** * Set the RSA flags * @@ -311,9 +277,7 @@ RSA_set_flags(RSA *rsa, int flags) rsa->flags = flags; } } -#endif -#if !defined(HAVE_RSA_GET0_KEY) /** * Get the RSA parameters * @@ -339,9 +303,7 @@ RSA_get0_key(const RSA *rsa, const BIGNUM **n, *d = rsa ? rsa->d : NULL; } } -#endif -#if !defined(HAVE_RSA_SET0_KEY) /** * Set the RSA parameters * @@ -378,9 +340,7 @@ RSA_set0_key(RSA *rsa, BIGNUM *n, BIGNUM *e, BIGNUM *d) return 1; } -#endif /* if !defined(HAVE_RSA_SET0_KEY) */ -#if !defined(HAVE_RSA_BITS) /** * Number of significant RSA bits * @@ -394,9 +354,7 @@ RSA_bits(const RSA *rsa) RSA_get0_key(rsa, &n, NULL, NULL); return n ? BN_num_bits(n) : 0; } -#endif -#if !defined(HAVE_DSA_GET0_PQG) /** * Get the DSA parameters * @@ -422,9 +380,7 @@ DSA_get0_pqg(const DSA *dsa, const BIGNUM **p, *g = dsa ? dsa->g : NULL; } } -#endif -#if !defined(HAVE_DSA_BITS) /** * Number of significant DSA bits * @@ -438,9 +394,7 @@ DSA_bits(const DSA *dsa) DSA_get0_pqg(dsa, &p, NULL, NULL); return p ? BN_num_bits(p) : 0; } -#endif -#if !defined(HAVE_RSA_METH_NEW) /** * Allocate a new RSA method object * @@ -457,9 +411,7 @@ RSA_meth_new(const char *name, int flags) rsa_meth->flags = flags; return rsa_meth; } -#endif -#if !defined(HAVE_RSA_METH_FREE) /** * Free an existing RSA_METHOD object * @@ -480,9 +432,7 @@ RSA_meth_free(RSA_METHOD *meth) free(meth); } } -#endif -#if !defined(HAVE_RSA_METH_SET_PUB_ENC) /** * Set the public encoding function of an RSA_METHOD object * @@ -503,9 +453,7 @@ RSA_meth_set_pub_enc(RSA_METHOD *meth, } return 0; } -#endif -#if !defined(HAVE_RSA_METH_SET_PUB_DEC) /** * Set the public decoding function of an RSA_METHOD object * @@ -526,9 +474,7 @@ RSA_meth_set_pub_dec(RSA_METHOD *meth, } return 0; } -#endif -#if !defined(HAVE_RSA_METH_SET_PRIV_ENC) /** * Set the private encoding function of an RSA_METHOD object * @@ -549,9 +495,7 @@ RSA_meth_set_priv_enc(RSA_METHOD *meth, } return 0; } -#endif -#if !defined(HAVE_RSA_METH_SET_PRIV_DEC) /** * Set the private decoding function of an RSA_METHOD object * @@ -572,9 +516,7 @@ RSA_meth_set_priv_dec(RSA_METHOD *meth, } return 0; } -#endif -#if !defined(HAVE_RSA_METH_SET_INIT) /** * Set the init function of an RSA_METHOD object * @@ -592,9 +534,7 @@ RSA_meth_set_init(RSA_METHOD *meth, int (*init)(RSA *rsa)) } return 0; } -#endif -#if !defined (HAVE_RSA_METH_SET_SIGN) /** * Set the sign function of an RSA_METHOD object * @@ -613,9 +553,7 @@ RSA_meth_set_sign(RSA_METHOD *meth, meth->rsa_sign = sign; return 1; } -#endif -#if !defined(HAVE_RSA_METH_SET_FINISH) /** * Set the finish function of an RSA_METHOD object * @@ -633,9 +571,7 @@ RSA_meth_set_finish(RSA_METHOD *meth, int (*finish)(RSA *rsa)) } return 0; } -#endif -#if !defined(HAVE_RSA_METH_SET0_APP_DATA) /** * Set the application data of an RSA_METHOD object * @@ -653,9 +589,7 @@ RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data) } return 0; } -#endif -#if !defined(HAVE_RSA_METH_GET0_APP_DATA) /** * Get the application data of an RSA_METHOD object * @@ -667,9 +601,7 @@ RSA_meth_get0_app_data(const RSA_METHOD *meth) { return meth ? meth->app_data : NULL; } -#endif -#if !defined(HAVE_EC_GROUP_ORDER_BITS) && !defined(OPENSSL_NO_EC) /** * Gets the number of bits of the order of an EC_GROUP * @@ -685,22 +617,11 @@ EC_GROUP_order_bits(const EC_GROUP *group) BN_free(order); return bits; } -#endif /* SSLeay symbols have been renamed in OpenSSL 1.1 */ -#ifndef OPENSSL_VERSION #define OPENSSL_VERSION SSLEAY_VERSION -#endif - -#ifndef HAVE_OPENSSL_VERSION #define OpenSSL_version SSLeay_version -#endif -#if !defined(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT) -#define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT RSA_F_RSA_EAY_PRIVATE_ENCRYPT -#endif - -#ifndef SSL_CTX_get_min_proto_version /** Return the min SSL protocol version currently enabled in the context. * If no valid version >= TLS1.0 is found, return 0. */ static inline int @@ -721,9 +642,7 @@ SSL_CTX_get_min_proto_version(SSL_CTX *ctx) } return 0; } -#endif /* SSL_CTX_get_min_proto_version */ -#ifndef SSL_CTX_get_max_proto_version /** Return the max SSL protocol version currently enabled in the context. * If no valid version >= TLS1.0 is found, return 0. */ static inline int @@ -744,9 +663,7 @@ SSL_CTX_get_max_proto_version(SSL_CTX *ctx) } return 0; } -#endif /* SSL_CTX_get_max_proto_version */ -#ifndef SSL_CTX_set_min_proto_version /** Mimics SSL_CTX_set_min_proto_version for OpenSSL < 1.1 */ static inline int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, long tls_ver_min) @@ -773,9 +690,7 @@ SSL_CTX_set_min_proto_version(SSL_CTX *ctx, long tls_ver_min) return 1; } -#endif /* SSL_CTX_set_min_proto_version */ -#ifndef SSL_CTX_set_max_proto_version /** Mimics SSL_CTX_set_max_proto_version for OpenSSL < 1.1 */ static inline int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, long tls_ver_max) @@ -802,6 +717,5 @@ SSL_CTX_set_max_proto_version(SSL_CTX *ctx, long tls_ver_max) return 1; } -#endif /* SSL_CTX_set_max_proto_version */ - +#endif #endif /* OPENSSL_COMPAT_H_ */