Преглед изворни кода

Merge branch 'maint'

* maint:
  Prefer TLS_client_method() over SSLv23_client_method()
  These compat symbols can be static
  Fix openssl 1.1 forward compat.
  Enable -Wformat to shutup gcc6

Conflicts:
	src/Makefile.in
Bryan Drewery пре 6 година
родитељ
комит
883528ce10
9 измењених фајлова са 34 додато и 17 уклоњено
  1. 1 1
      build/autotools/includes/depend.m4
  2. 1 1
      configure
  3. 2 0
      doc/UPDATES.md
  4. 3 1
      src/Makefile.in
  5. 6 2
      src/compat/openssl.cc
  6. 7 7
      src/dl.h
  7. 10 2
      src/generate_defs.sh
  8. 0 3
      src/libssl.cc
  9. 4 0
      src/openssl.cc

+ 1 - 1
build/autotools/includes/depend.m4

@@ -12,7 +12,7 @@ if [[ "$num" -ge "3" ]]; then
   CCDEPMODE=gcc3
   GCC3_CFLAGS="-W -Wno-unused-parameter -Wdisabled-optimization -Wno-write-strings -Wno-format-security -Wno-format-y2k"
   GCC3_CXXFLAGS="-Woverloaded-virtual"
-  GCC3DEB="-Wno-disabled-optimization -Wmissing-format-attribute -Wwrite-strings -Wformat-security"
+  GCC3DEB="-Wno-disabled-optimization -Wmissing-format-attribute -Wwrite-strings -Wformat -Wformat-security"
 fi
 AC_SUBST(CCDEPMODE)dnl
 AC_SUBST(GCC3_CFLAGS)dnl

+ 1 - 1
configure

@@ -4604,7 +4604,7 @@ if [ "$num" -ge "3" ]; then
   CCDEPMODE=gcc3
   GCC3_CFLAGS="-W -Wno-unused-parameter -Wdisabled-optimization -Wno-write-strings -Wno-format-security -Wno-format-y2k"
   GCC3_CXXFLAGS="-Woverloaded-virtual"
-  GCC3DEB="-Wno-disabled-optimization -Wmissing-format-attribute -Wwrite-strings -Wformat-security"
+  GCC3DEB="-Wno-disabled-optimization -Wmissing-format-attribute -Wwrite-strings -Wformat -Wformat-security"
 fi
 
 

+ 2 - 0
doc/UPDATES.md

@@ -26,6 +26,8 @@
   * Fix cmd_slowjoin still adding the channel on parsing error.
   * Fix -Wwritable-strings warnings
   * Fix dirname(3) support on FreeBSD (#89).
+  * Fix OpenSSL 1.1 forward compat.
+  * SSL: Prefer TLS_client_method() over SSLv23_client_method().
 
 # 1.4.9
   * Fix various compile warnings and spam

+ 3 - 1
src/Makefile.in

@@ -15,6 +15,7 @@ LDFLAGS = @LDFLAGS@ $(DEBLDFLAGS)
 SETTINGSFILE = $(top_srcdir)/doc/settings.txt
 RESPONSESFILE = $(top_srcdir)/doc/responses.txt
 HELPFILE = $(top_srcdir)/doc/help.txt
+EXPORTS = $(srcdir)/.defs/exports
 
 include $(top_srcdir)/build/build.mk
 
@@ -114,7 +115,8 @@ sorthelp: sorthelp.cc $(top_builddir)/lib/bdlib/libbdlib.a
 
 ../$(EGGEXEC): $(OBJS) $(top_builddir)/lib/bdlib/libbdlib.a @LIBELF_BUNDLED@
 	@echo -e "[LD ]	\033[1m$@\033[0m"
-	$(LD) $(LDFLAGS) -o ../$(EGGEXEC) $(OBJS) $(top_builddir)/lib/bdlib/libbdlib.a $(LIBS) @LIBELF_LIB@
+	$(LD) $(LDFLAGS) -o ../$(EGGEXEC) $(OBJS) $(top_builddir)/lib/bdlib/libbdlib.a \
+	    $(LIBS) @LIBELF_LIB@ -Wl,--dynamic-list=$(EXPORTS)
 	@$(STRIP) ../$(EGGEXEC)
 	@$(OBJCOPY) ../$(EGGEXEC)
 	@echo "Successful compile: $(EGGEXEC)"

+ 6 - 2
src/compat/openssl.cc

@@ -1,4 +1,5 @@
 #include <openssl/opensslv.h>
+/* Provide forward compat functions when built from < 1.1. */
 #if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x10100000L
 #include <stdlib.h>
 #include <stdint.h>
@@ -6,19 +7,22 @@
 
 extern "C" {
 typedef int (*OPENSSL_init_ssl_t)(uint64_t a1, const void *a2);
-int _OPENSSL_init_ssl(uint64_t a1, const void *a2) {
+static int _OPENSSL_init_ssl(uint64_t a1, const void *a2) {
   if (DLSYM_VAR(OPENSSL_init_ssl) == NULL)
     if (DLSYM_GLOBAL_SIMPLE(RTLD_NEXT, OPENSSL_init_ssl) == NULL)
       return 0;
   return DLSYM_VAR(OPENSSL_init_ssl)(a1, a2);
 }
 
+void _ERR_free_strings(void) __attribute__((const));
 void _ERR_free_strings(void) {
 }
 
+void _EVP_cleanup(void) __attribute__((const));
 void _EVP_cleanup(void) {
 }
 
+void _CRYPTO_cleanup_all_ex_data(void) __attribute__((const));
 void _CRYPTO_cleanup_all_ex_data(void) {
 }
 
@@ -34,7 +38,7 @@ void _SSL_load_error_strings(void) {
 }
 
 typedef void *(*TLS_client_method_t)(void);
-const void *_TLS_client_method(void) {
+static const void *_TLS_client_method(void) {
   if (DLSYM_VAR(TLS_client_method) == NULL)
     if (DLSYM_GLOBAL_SIMPLE(RTLD_NEXT, TLS_client_method) == NULL)
       return NULL;

+ 7 - 7
src/dl.h

@@ -22,14 +22,14 @@ extern const char *dlsym_error;
 #define DLSYM_GLOBAL_FWDCOMPAT(_handle, x) do { \
   dlerror(); \
   if ((dl_symbol_table[#x] = (FunctionPtr) ((x##_t) dlsym(_handle, #x))) == \
-    NULL) { \
-    if ((dl_symbol_table[#x] = \
+    NULL && \
+    dlerror() && \
+    (dl_symbol_table[#x] = \
       (FunctionPtr) ((x##_t) dlsym(NULL, "_" #x))) == NULL) { \
-      dlsym_error = dlerror(); \
-      if (dlsym_error) { \
-        fprintf(stderr, "%s", dlsym_error); \
-        return(1); \
-      } \
+    dlsym_error = dlerror(); \
+    if (dlsym_error) { \
+      fprintf(stderr, "%s", dlsym_error); \
+      return(1); \
     } \
   } else { \
     my_symbols << #x; \

+ 10 - 2
src/generate_defs.sh

@@ -13,6 +13,7 @@ INCLUDES="${TCL_INCLUDES} ${SSL_INCLUDES}"
 mkdir -p src/.defs > /dev/null 2>&1
 TMPFILE=$(mktemp "/tmp/pre.XXXXXX")
 files=$(grep -l DLSYM_GLOBAL src/*.cc|grep -v "src/_")
+exportsFile="src/.defs/exports"
 
 for file in ${files}; do
   suffix=${file##*.}
@@ -29,6 +30,7 @@ for file in ${files}; do
   : > $defsFile_wrappers
 done
 
+echo "{" > $exportsFile
 for file in ${files}; do
   suffix=${file##*.}
   basename=${file%%.*}
@@ -51,7 +53,8 @@ for file in ${files}; do
   mv $TMPFILE.sed $TMPFILE
   cd ..
 
-  for symbol in $($SED -n -e 's/.*DLSYM_GLOBAL[^ (]*(.*, \([^)]*\).*/\1/p' $TMPFILE|sort -u); do
+  $SED -n -e 's/.*\(DLSYM_GLOBAL[^ (]*\)(.*, \([^)]*\).*/\2 \1/p' $TMPFILE | \
+    sort -u | while read symbol dlsym; do
     # Check if the typedef is already defined ...
     typedef=$(grep "^typedef .*(\*${symbol}_t)" ${dirname}/${basename}.h)
     # ... if not, generate it
@@ -70,7 +73,11 @@ for file in ${files}; do
     fi
 
     #pipe typedef into generate_symbol.sh
-    test -n "$typedef" && echo "${symbol} ${existing_typedef} ${typedef}"
+    [ -z "$typedef" ] && continue
+    if [ "${dlsym}" = "DLSYM_GLOBAL_FWDCOMPAT" ]; then
+      echo "_${symbol};" >> $exportsFile
+    fi
+    echo "${symbol} ${existing_typedef} ${typedef}"
   done | src/generate_symbol.sh $defsFile_wrappers $defsFile_pre $defsFile_post
 
   echo "}" >> $defsFile_wrappers
@@ -78,4 +85,5 @@ for file in ${files}; do
 
   echo "done"
 done
+echo "};">> $exportsFile
 rm -f $TMPFILE

+ 0 - 3
src/libssl.cc

@@ -61,10 +61,7 @@ static int load_symbols(void *handle) {
   /* Some forward-compat is handled in src/compat/openssl.cc. */
 #endif
 #if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
-  /* For SSLv23_client_method */
   DLSYM_GLOBAL(handle, TLS_client_method);
-  /* For SSLv23_method */
-  DLSYM_GLOBAL(handle, TLS_method);
   DLSYM_GLOBAL(handle, SSL_CTX_set_options);
 #else
   DLSYM_GLOBAL_FWDCOMPAT(handle, SSLv23_client_method);

+ 4 - 0
src/openssl.cc

@@ -78,7 +78,11 @@ int init_openssl() {
   /* good place to init ssl stuff */
   SSL_load_error_strings();
   OpenSSL_add_ssl_algorithms();
+#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x10100000L
+  ssl_ctx = SSL_CTX_new(TLS_client_method());
+#else
   ssl_ctx = SSL_CTX_new(SSLv23_client_method());
+#endif
   if (!ssl_ctx) {
     sdprintf("SSL_CTX_new() failed");
     return 1;