From: John Marino Date: Thu, 8 Sep 2016 06:21:59 +0000 (-0500) Subject: Fix build with NO_OPENSSL set X-Git-Tag: v4.8.0rc~1017 X-Git-Url: https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff_plain/82ae7067fc7cf43ff19ea78e572c205e1875d28e Fix build with NO_OPENSSL set In addition to several missing CFLAGS to point to the private libressl headers, various issues related to libressl were fixed. These were exposed by setting NO_OPENSSL in make.conf (and they were obscured when the compiler found the original openssl headers). --- diff --git a/Makefile.inc1 b/Makefile.inc1 index a5eaa78ace..4600409063 100644 --- a/Makefile.inc1 +++ b/Makefile.inc1 @@ -1046,11 +1046,11 @@ _generic_libs+= lib .if !defined(NO_CRYPT) .if !defined(NO_OPENSSL) _prebuild_libs+= secure/lib/libcrypto secure/lib/libssl -_prebuild_libs+= secure/lib/libssh -secure/lib/libssh__L: secure/lib/libcrypto__L lib/libz__L .endif .if !defined(NO_LIBRESSL) _prebuild_libs+= secure/lib/librecrypto secure/lib/libressl +_prebuild_libs+= secure/lib/libssh +secure/lib/libssh__L: secure/lib/librecrypto__L lib/libz__L .endif _generic_libs+= secure/lib .endif diff --git a/gnu/lib/Makefile b/gnu/lib/Makefile index f107780b16..292f53e781 100644 --- a/gnu/lib/Makefile +++ b/gnu/lib/Makefile @@ -7,10 +7,13 @@ SUBDIR= gcc50 SUBDIR+= gcc47 .endif +.if !defined(NO_LIBRESSL) SUBDIR+= libcryptsetup +SUBDIR+= libluks +.endif + SUBDIR+= libdevmapper SUBDIR+= libdialog -SUBDIR+= libluks SUBDIR+= liblvm SUBDIR_ORDERED= diff --git a/gnu/lib/libcryptsetup/Makefile b/gnu/lib/libcryptsetup/Makefile index 730668eca7..ae9674a8a7 100644 --- a/gnu/lib/libcryptsetup/Makefile +++ b/gnu/lib/libcryptsetup/Makefile @@ -9,6 +9,7 @@ SRCS+= backends.c libdevmapper.c setup.c utils.c \ INCS+= libcryptsetup.h CFLAGS+= -I${CRYPTSETUP_DIR}/lib +CFLAGS+= -I${.CURDIR}/../../../crypto/libressl/include .PATH: ${CRYPTSETUP_DIR}/lib diff --git a/gnu/lib/libluks/Makefile b/gnu/lib/libluks/Makefile index cab66e683d..7fadc80efb 100644 --- a/gnu/lib/libluks/Makefile +++ b/gnu/lib/libluks/Makefile @@ -8,6 +8,7 @@ SRCS+= af.c hexprint.c keyencryption.c keymanage.c pbkdf.c random.c INCS+= luks.h CFLAGS+= -I${CRYPTSETUP_DIR}/luks +CFLAGS+= -I${.CURDIR}/../../../crypto/libressl/include .PATH: ${CRYPTSETUP_DIR}/luks diff --git a/lib/Makefile b/lib/Makefile index 0feafbaea0..fa3715c1fc 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -70,7 +70,6 @@ SUBDIR= ${SUBDIR_ORDERED} \ libkiconv \ libkinfo \ libkvm \ - libldns \ libm \ libmagic \ libmandoc \ @@ -89,7 +88,6 @@ SUBDIR= ${SUBDIR_ORDERED} \ ${_libsmdb} \ ${_libsmutil} \ libstand \ - libtcplay \ libtelnet \ libu4bhid \ libvgl \ @@ -102,8 +100,13 @@ SUBDIR= ${SUBDIR_ORDERED} \ SUBDIR:= libc ${SUBDIR:Nlibc} .endif -.if defined(WANT_HAMMER2) +.if !defined(NO_LIBRESSL) +. if defined(WANT_HAMMER2) _libdmsg= libdmsg +. endif + +SUBDIR+= libldns \ + libtcplay .endif .if !defined(NO_LIBC_R) diff --git a/lib/libdmsg/Makefile b/lib/libdmsg/Makefile index 8515fd97ea..e8b0d48f56 100644 --- a/lib/libdmsg/Makefile +++ b/lib/libdmsg/Makefile @@ -3,7 +3,8 @@ LIB= dmsg SRCS+= icrc.c debug.c subs.c crypto.c msg.c msg_lnk.c service.c -CFLAGS+= -pthread +CFLAGS+= -pthread +CFLAGS+= -I${.CURDIR}/../../crypto/libressl/include INCS= dmsg.h diff --git a/lib/libldns/Makefile b/lib/libldns/Makefile index d90d1ce1ba..f9cdbcf6cb 100644 --- a/lib/libldns/Makefile +++ b/lib/libldns/Makefile @@ -51,6 +51,7 @@ INCS+= buffer.h \ .PATH: ${LDNS} ${LDNS}/compat ${LDNS}/ldns ${.CURDIR}/ldns CFLAGS+= -I${.CURDIR} -I${LDNS} +CFLAGS+= -I${.CURDIR}/../../crypto/libressl/include WARNS?= 2 diff --git a/lib/libtcplay/Makefile b/lib/libtcplay/Makefile index 1a6bf64ad5..4250f3d830 100644 --- a/lib/libtcplay/Makefile +++ b/lib/libtcplay/Makefile @@ -20,6 +20,7 @@ MLINKS+= tcplay.3 tc_api_task_get_error.3 CFLAGS+= -DMAJ_VER=${MAJ_VER} -DMIN_VER=${MIN_VER} CFLAGS+= -D_FILE_OFFSET_BITS=64 +CFLAGS+= -I${.CURDIR}/../../crypto/libressl/include SRCS+= tcplay.c crc32.c safe_mem.c io.c hdr.c humanize.c SRCS+= crypto.c generic_xts.c diff --git a/lib/libtelnet/Makefile b/lib/libtelnet/Makefile index 7b3feaf5db..d28c5be0f6 100644 --- a/lib/libtelnet/Makefile +++ b/lib/libtelnet/Makefile @@ -12,6 +12,7 @@ WARNS?= 2 .if !defined(NO_LIBRESSL) SRCS+= encrypt.c auth.c enc_des.c sra.c pk.c CFLAGS+= -DENCRYPTION -DAUTHENTICATION -DSRA +CFLAGS+= -I${.CURDIR}/../../crypto/libressl/include .endif .include diff --git a/lib/libtelnet/enc_des.c b/lib/libtelnet/enc_des.c index 600f844229..44c7d07be7 100644 --- a/lib/libtelnet/enc_des.c +++ b/lib/libtelnet/enc_des.c @@ -201,9 +201,9 @@ fb64_start(struct fb *fbp, int dir, int server __unused) /* * Create a random feed and send it over. */ - des_random_key((Block *)fbp->temp_feed); - des_ecb_encrypt((Block *)fbp->temp_feed, (Block *)fbp->temp_feed, - fbp->krbdes_sched, 1); + DES_random_key((Block *)fbp->temp_feed); + DES_ecb_encrypt((Block *)fbp->temp_feed, (Block *)fbp->temp_feed, + &fbp->krbdes_sched, 1); p = fbp->fb_feed + 3; *p++ = ENCRYPT_IS; p++; @@ -387,7 +387,7 @@ fb64_session(Session_Key *key, int server, struct fb *fbp) fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_ENCRYPT-1]); fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_DECRYPT-1]); - des_key_sched((Block *)fbp->krbdes_key, fbp->krbdes_sched); + DES_key_sched((Block *)fbp->krbdes_key, &fbp->krbdes_sched); /* * Now look to see if krbdes_start() was was waiting for * the key to show up. If so, go ahead an call it now @@ -493,7 +493,7 @@ fb64_stream_iv(Block seed, struct stinfo *stp) memmove((void *)stp->str_iv, (void *)seed, sizeof(Block)); memmove((void *)stp->str_output, (void *)seed, sizeof(Block)); - des_key_sched((Block *)stp->str_ikey, stp->str_sched); + DES_key_sched((Block *)stp->str_ikey, &stp->str_sched); stp->str_index = sizeof(Block); } @@ -502,7 +502,7 @@ void fb64_stream_key(Block key, struct stinfo *stp) { memmove((void *)stp->str_ikey, (void *)key, sizeof(Block)); - des_key_sched((Block *)key, stp->str_sched); + DES_key_sched((Block *)key, &stp->str_sched); memmove((void *)stp->str_output, (void *)stp->str_iv, sizeof(Block)); @@ -541,7 +541,7 @@ cfb64_encrypt(unsigned char *s, int c) while (c-- > 0) { if (idx == sizeof(Block)) { Block b; - des_ecb_encrypt((Block *)stp->str_output, (Block *)b, stp->str_sched, 1); + DES_ecb_encrypt((Block *)stp->str_output, (Block *)b, &stp->str_sched, 1); memmove((void *)stp->str_feed, (void *)b, sizeof(Block)); idx = 0; } @@ -574,7 +574,7 @@ cfb64_decrypt(int data) idx = stp->str_index++; if (idx == sizeof(Block)) { Block b; - des_ecb_encrypt((Block *)stp->str_output, (Block *)b, stp->str_sched, 1); + DES_ecb_encrypt((Block *)stp->str_output, (Block *)b, &stp->str_sched, 1); memmove((void *)stp->str_feed, (void *)b, sizeof(Block)); stp->str_index = 1; /* Next time will be 1 */ idx = 0; /* But now use 0 */ @@ -614,7 +614,7 @@ ofb64_encrypt(unsigned char *s, int c) while (c-- > 0) { if (idx == sizeof(Block)) { Block b; - des_ecb_encrypt((Block *)stp->str_feed, (Block *)b, stp->str_sched, 1); + DES_ecb_encrypt((Block *)stp->str_feed, (Block *)b, &stp->str_sched, 1); memmove((void *)stp->str_feed, (void *)b, sizeof(Block)); idx = 0; } @@ -644,7 +644,7 @@ ofb64_decrypt(int data) idx = stp->str_index++; if (idx == sizeof(Block)) { Block b; - des_ecb_encrypt((Block *)stp->str_feed, (Block *)b, stp->str_sched, 1); + DES_ecb_encrypt((Block *)stp->str_feed, (Block *)b, &stp->str_sched, 1); memmove((void *)stp->str_feed, (void *)b, sizeof(Block)); stp->str_index = 1; /* Next time will be 1 */ idx = 0; /* But now use 0 */ diff --git a/lib/libtelnet/encrypt.h b/lib/libtelnet/encrypt.h index b041b98701..33a75d5011 100644 --- a/lib/libtelnet/encrypt.h +++ b/lib/libtelnet/encrypt.h @@ -64,7 +64,7 @@ typedef unsigned char *BlockT; #if 0 typedef struct { Block __; } Schedule[16]; #else -#define Schedule des_key_schedule +#define Schedule DES_key_schedule #endif #define VALIDKEY(key) ( key[0] | key[1] | key[2] | key[3] | \ diff --git a/lib/libtelnet/pk.c b/lib/libtelnet/pk.c index f28ac8924d..c106e46d10 100644 --- a/lib/libtelnet/pk.c +++ b/lib/libtelnet/pk.c @@ -145,7 +145,7 @@ common_key(char *xsecret, char *xpublic, IdeaData *ideakey, DesData *deskey) BN_mod_exp(common, public, secret, modulus, ctx); extractdeskey(common, deskey); extractideakey(common, ideakey); - des_set_odd_parity(deskey); + DES_set_odd_parity(deskey); BN_free(common); BN_free(secret); BN_free(public); @@ -272,14 +272,14 @@ pk_encode(char *in, char *out, DesData *key) { char buf[256]; DesData i; - des_key_schedule k; + DES_key_schedule k; int l,op,deslen; memset(&i,0,sizeof(i)); memset(buf,0,sizeof(buf)); deslen = ((strlen(in) + 7)/8)*8; - des_key_sched(key, k); - des_cbc_encrypt(in,buf,deslen, k,&i,DES_ENCRYPT); + DES_key_sched(key, &k); + DES_cbc_encrypt(in,buf,deslen, &k,&i,DES_ENCRYPT); for (l=0,op=0;l> 4]; out[op++] = hextab[(buf[l] & 0x0f)]; @@ -293,7 +293,7 @@ pk_decode(char *in, char *out, DesData *key) { char buf[256]; DesData i; - des_key_schedule k; + DES_key_schedule k; int n1,n2,op; size_t l; @@ -310,7 +310,7 @@ pk_decode(char *in, char *out, DesData *key) n2 = in[op+1] - '0'; buf[l] = n1*16 +n2; } - des_key_sched(key, k); - des_cbc_encrypt(buf,out,strlen(in)/2, k,&i,DES_DECRYPT); + DES_key_sched(key, &k); + DES_cbc_encrypt(buf,out,strlen(in)/2, &k,&i,DES_DECRYPT); out[strlen(in)/2] = '\0'; } diff --git a/lib/libtelnet/pk.h b/lib/libtelnet/pk.h index b168be0235..78e79b5f1d 100644 --- a/lib/libtelnet/pk.h +++ b/lib/libtelnet/pk.h @@ -33,7 +33,7 @@ /* header for the des routines that we will use */ typedef unsigned char byte, DesData[ 8], IdeaData[16]; -#define DesKeys des_key_schedule +#define DesKeys DES_key_schedule #define DES_DECRYPT 0 #define DES_ENCRYPT 1 diff --git a/libexec/dma/dma-mbox-create/Makefile b/libexec/dma/dma-mbox-create/Makefile index daed61056a..fd7c3794fa 100644 --- a/libexec/dma/dma-mbox-create/Makefile +++ b/libexec/dma/dma-mbox-create/Makefile @@ -4,6 +4,7 @@ CFLAGS+=-I${.CURDIR}/.. CFLAGS+= -DHAVE_REALLOCF -DHAVE_STRLCPY -DHAVE_GETPROGNAME CFLAGS+=-DCONF_PATH='"/etc/dma"' CFLAGS+=-DLIBEXEC_PATH='"/usr/libexec"' -DDMA_VERSION='"v0.9+"' +CFLAGS+=-I${.CURDIR}/../../../crypto/libressl/include PROG= dma-mbox-create NOMAN= diff --git a/sbin/mount_hammer2/Makefile b/sbin/mount_hammer2/Makefile index 7f43f4da2c..d69ad3aaa8 100644 --- a/sbin/mount_hammer2/Makefile +++ b/sbin/mount_hammer2/Makefile @@ -3,6 +3,7 @@ SRCS= mount_hammer2.c MAN= CFLAGS+= -I${.CURDIR}/.. +CFLAGS+= -I${.CURDIR}/../../crypto/libressl/include LDADD= -lutil DPADD= ${LIBUTIL} diff --git a/secure/lib/libressl/Makefile b/secure/lib/libressl/Makefile index a62084663f..4813365e00 100644 --- a/secure/lib/libressl/Makefile +++ b/secure/lib/libressl/Makefile @@ -20,7 +20,7 @@ libssl_la_SOURCES= \ SRCS= ${libssl_la_SOURCES} -INCS= dtls1.h srtp.h ssl.h ssl2.h ssl23.h tls1.h +INCS= dtls1.h srtp.h ssl.h ssl2.h ssl23.h ssl3.h tls1.h INCSDIR= ${INCLUDEDIR}/priv/openssl # We can't use ${LIBRECRYPTO} because of LIBDIR definition, so recreate it diff --git a/secure/usr.bin/bdes/Makefile b/secure/usr.bin/bdes/Makefile index 3568bd00ba..a33adfc8eb 100644 --- a/secure/usr.bin/bdes/Makefile +++ b/secure/usr.bin/bdes/Makefile @@ -8,5 +8,6 @@ WARNS?= 2 DPADD= ${LIBRECRYPTO} LDADD= -lprivate_crypto LDFLAGS+= -rpath /lib/priv -L ${_SHLIBDIRPREFIX}/usr/lib/priv +CFLAGS+= -I${.CURDIR}/../../../crypto/libressl/include .include diff --git a/usr.sbin/802_11/Makefile.crypto b/usr.sbin/802_11/Makefile.crypto index 7c0ce621c5..32f3066be0 100644 --- a/usr.sbin/802_11/Makefile.crypto +++ b/usr.sbin/802_11/Makefile.crypto @@ -3,7 +3,7 @@ SRCS+= crypto_openssl.c random.c sha1-prf.c sha256-prf.c DPADD+= ${LIBRESSL} ${LIBRECRYPTO} LDADD+= -lprivate_ssl -lprivate_crypto -CFLAGS+= -DCONFIG_SHA256 -I${.CURDIR}/../../crypto/libressl/include +CFLAGS+= -DCONFIG_SHA256 -I${.CURDIR}/../../../crypto/libressl/include LDFLAGS+= -rpath /lib/priv -L ${_SHLIBDIRPREFIX}/usr/lib/priv .if defined(TLS_FUNCS)