From 848950877fb2d66d76cb1258fc28a2b1b453a42d Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 14 Dec 2023 03:36:09 +0000 Subject: [PATCH 1/5] cmake: stop exporting compat functions --- CMakeLists.txt | 6 +- apps/ocspcheck/CMakeLists.txt | 2 +- apps/openssl/CMakeLists.txt | 2 +- crypto/CMakeLists.txt | 111 ++++++++++++---------------------- ssl/CMakeLists.txt | 2 +- tls/CMakeLists.txt | 30 +++++---- 6 files changed, 63 insertions(+), 90 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index ac3e5a0e6d..32b5b15e42 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -413,11 +413,11 @@ set(LIBTLS_LIBS tls ${PLATFORM_LIBS}) # libraries for regression test if(BUILD_SHARED_LIBS) - set(OPENSSL_TEST_LIBS ssl-static crypto-static ${PLATFORM_LIBS}) + set(OPENSSL_TEST_LIBS ssl-static crypto-static ${PLATFORM_LIBS} compat_obj) set(LIBTLS_TEST_LIBS tls-static ${OPENSSL_TEST_LIBS}) else() - set(OPENSSL_TEST_LIBS ssl crypto ${PLATFORM_LIBS}) - set(LIBTLS_TEST_LIBS tls ${PLATFORM_LIBS}) + set(OPENSSL_TEST_LIBS ssl crypto ${PLATFORM_LIBS} compat_obj) + set(LIBTLS_TEST_LIBS tls ${PLATFORM_LIBS} compat_obj) endif() if(OPENSSLDIR STREQUAL "") diff --git a/apps/ocspcheck/CMakeLists.txt b/apps/ocspcheck/CMakeLists.txt index 41c7845ec7..778e837629 100644 --- a/apps/ocspcheck/CMakeLists.txt +++ b/apps/ocspcheck/CMakeLists.txt @@ -20,7 +20,7 @@ target_include_directories(ocspcheck PUBLIC ../../include ${CMAKE_BINARY_DIR}/include) -target_link_libraries(ocspcheck tls ${OPENSSL_LIBS}) +target_link_libraries(ocspcheck tls ${OPENSSL_LIBS} compat_obj tls_compat_obj) if(ENABLE_LIBRESSL_INSTALL) install(TARGETS ocspcheck DESTINATION ${CMAKE_INSTALL_BINDIR}) diff --git a/apps/openssl/CMakeLists.txt b/apps/openssl/CMakeLists.txt index efea2175ed..f2dcf97c6a 100644 --- a/apps/openssl/CMakeLists.txt +++ b/apps/openssl/CMakeLists.txt @@ -75,7 +75,7 @@ target_include_directories(openssl PUBLIC ../../include ${CMAKE_BINARY_DIR}/include) -target_link_libraries(openssl ${OPENSSL_LIBS}) +target_link_libraries(openssl ${OPENSSL_LIBS} compat_obj) if(ENABLE_LIBRESSL_INSTALL) install(TARGETS openssl DESTINATION ${CMAKE_INSTALL_BINDIR}) diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt index 8046efe87f..496d64bba5 100644 --- a/crypto/CMakeLists.txt +++ b/crypto/CMakeLists.txt @@ -734,6 +734,8 @@ set( x509/x_all.c ) +set(COMPAT_SRC "") + if(UNIX) set(CRYPTO_SRC ${CRYPTO_SRC} crypto_lock.c) set(CRYPTO_SRC ${CRYPTO_SRC} bio/b_posix.c) @@ -749,38 +751,19 @@ if(WIN32) endif() if(WIN32) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/posix_win.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} gettimeofday) - set(EXTRA_EXPORT ${EXTRA_EXPORT} getuid) - set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_perror) - set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_fopen) - set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_fgets) - set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_open) - set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_rename) - set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_connect) - set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_close) - set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_read) - set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_write) - set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_getsockopt) - set(EXTRA_EXPORT ${EXTRA_EXPORT} posix_setsockopt) + set(COMPAT_SRC ${COMPAT_SRC} compat/posix_win.c) endif() if(NOT HAVE_ASPRINTF) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/bsd-asprintf.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_asprintf) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_vasprintf) + set(COMPAT_SRC ${COMPAT_SRC} compat/bsd-asprintf.c) endif() if(NOT HAVE_FREEZERO) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/freezero.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_freezero) + set(COMPAT_SRC ${COMPAT_SRC} compat/freezero.c) endif() if(NOT HAVE_GETOPT) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/getopt_long.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} getopt) - set(EXTRA_EXPORT ${EXTRA_EXPORT} optarg) - set(EXTRA_EXPORT ${EXTRA_EXPORT} optind) + set(COMPAT_SRC ${COMPAT_SRC} compat/getopt_long.c) endif() if(NOT HAVE_GETPAGESIZE) @@ -798,47 +781,38 @@ if(NOT HAVE_GETPROGNAME) endif() if(NOT HAVE_REALLOCARRAY) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/reallocarray.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_reallocarray) + set(COMPAT_SRC ${COMPAT_SRC} compat/reallocarray.c) endif() if(NOT HAVE_RECALLOCARRAY) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/recallocarray.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_recallocarray) + set(COMPAT_SRC ${COMPAT_SRC} compat/recallocarray.c) endif() if(NOT HAVE_STRCASECMP) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/strcasecmp.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_strcasecmp) + set(COMPAT_SRC ${COMPAT_SRC} compat/strcasecmp.c) endif() if(NOT HAVE_STRLCAT) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/strlcat.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_strlcat) + set(COMPAT_SRC ${COMPAT_SRC} compat/strlcat.c) endif() if(NOT HAVE_STRLCPY) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/strlcpy.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_strlcpy) + set(COMPAT_SRC ${COMPAT_SRC} compat/strlcpy.c) endif() if(NOT HAVE_STRNDUP) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/strndup.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_strndup) + set(COMPAT_SRC ${COMPAT_SRC} compat/strndup.c) if(NOT HAVE_STRNLEN) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/strnlen.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_strnlen) + set(COMPAT_SRC ${COMPAT_SRC} compat/strnlen.c) endif() endif() if(NOT HAVE_STRSEP) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/strsep.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_strsep) + set(COMPAT_SRC ${COMPAT_SRC} compat/strsep.c) endif() if(NOT HAVE_STRTONUM) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/strtonum.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_strtonum) + set(COMPAT_SRC ${COMPAT_SRC} compat/strtonum.c) endif() if(NOT HAVE_SYSLOG_R) @@ -846,57 +820,49 @@ if(NOT HAVE_SYSLOG_R) endif() if(NOT HAVE_TIMEGM) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/timegm.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} timegm) + set(COMPAT_SRC ${COMPAT_SRC} compat/timegm.c) endif() if(NOT HAVE_EXPLICIT_BZERO) if(WIN32) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/explicit_bzero_win.c) + set(COMPAT_SRC ${COMPAT_SRC} compat/explicit_bzero_win.c) else() - set(CRYPTO_SRC ${CRYPTO_SRC} compat/explicit_bzero.c) + set(COMPAT_SRC ${COMPAT_SRC} compat/explicit_bzero.c) set_source_files_properties(compat/explicit_bzero.c PROPERTIES COMPILE_FLAGS -O0) endif() - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_explicit_bzero) endif() if(NOT HAVE_ARC4RANDOM_BUF) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/arc4random.c) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/arc4random_uniform.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_arc4random) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_arc4random_buf) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_arc4random_uniform) + set(COMPAT_SRC ${COMPAT_SRC} compat/arc4random.c) + set(COMPAT_SRC ${COMPAT_SRC} compat/arc4random_uniform.c) if(NOT HAVE_GETENTROPY) if(WIN32) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_win.c) + set(COMPAT_SRC ${COMPAT_SRC} compat/getentropy_win.c) elseif(CMAKE_SYSTEM_NAME MATCHES "AIX") - set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_aix.c) + set(COMPAT_SRC ${COMPAT_SRC} compat/getentropy_aix.c) elseif(CMAKE_SYSTEM_NAME MATCHES "FreeBSD") - set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_freebsd.c) + set(COMPAT_SRC ${COMPAT_SRC} compat/getentropy_freebsd.c) elseif(CMAKE_SYSTEM_NAME MATCHES "HP-UX") - set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_hpux.c) + set(COMPAT_SRC ${COMPAT_SRC} compat/getentropy_hpux.c) elseif(CMAKE_SYSTEM_NAME MATCHES "Linux") - set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_linux.c) + set(COMPAT_SRC ${COMPAT_SRC} compat/getentropy_linux.c) elseif(CMAKE_SYSTEM_NAME MATCHES "NetBSD") - set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_netbsd.c) + set(COMPAT_SRC ${COMPAT_SRC} compat/getentropy_netbsd.c) elseif(CMAKE_SYSTEM_NAME MATCHES "Darwin") - set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_osx.c) + set(COMPAT_SRC ${COMPAT_SRC} compat/getentropy_osx.c) elseif(CMAKE_SYSTEM_NAME MATCHES "SunOS") - set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_solaris.c) + set(COMPAT_SRC ${COMPAT_SRC} compat/getentropy_solaris.c) endif() - set(EXTRA_EXPORT ${EXTRA_EXPORT} getentropy) endif() endif() if(NOT HAVE_TIMINGSAFE_BCMP) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/timingsafe_bcmp.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_timingsafe_bcmp) + set(COMPAT_SRC ${COMPAT_SRC} compat/timingsafe_bcmp.c) endif() if(NOT HAVE_TIMINGSAFE_MEMCMP) - set(CRYPTO_SRC ${CRYPTO_SRC} compat/timingsafe_memcmp.c) - set(EXTRA_EXPORT ${EXTRA_EXPORT} libressl_timingsafe_memcmp) + set(COMPAT_SRC ${COMPAT_SRC} compat/timingsafe_memcmp.c) endif() if(NOT ENABLE_ASM) @@ -919,15 +885,14 @@ foreach(SYM IN LISTS CRYPTO_UNEXPORT) string(REPLACE "${SYM}\n" "" SYMS ${SYMS}) endforeach() file(WRITE ${CMAKE_CURRENT_BINARY_DIR}/crypto_p.sym ${SYMS}) -# XXX should we still be doing this? -if(EXTRA_EXPORT) - list(SORT EXTRA_EXPORT) - foreach(SYM IN LISTS EXTRA_EXPORT) - file(APPEND ${CMAKE_CURRENT_BINARY_DIR}/crypto_p.sym "${SYM}\n") - endforeach() -endif() -set(LIBTLS_EXTRA_EXPORT ${EXTRA_EXPORT} PARENT_SCOPE) +add_library(compat_obj OBJECT ${COMPAT_SRC}) +target_include_directories(compat_obj + PRIVATE + ../include/compat + PUBLIC + ../include + ${CMAKE_BINARY_DIR}/include) add_library(crypto_obj OBJECT ${CRYPTO_SRC}) target_include_directories(crypto_obj @@ -977,7 +942,7 @@ elseif(HOST_X86_64) target_include_directories(crypto_obj PRIVATE bn/arch/amd64) endif() -add_library(crypto $ empty.c) +add_library(crypto $ $ empty.c) export_symbol(crypto ${CMAKE_CURRENT_BINARY_DIR}/crypto_p.sym) target_link_libraries(crypto ${PLATFORM_LIBS}) diff --git a/ssl/CMakeLists.txt b/ssl/CMakeLists.txt index 22385ba1f1..9be9e99858 100644 --- a/ssl/CMakeLists.txt +++ b/ssl/CMakeLists.txt @@ -78,7 +78,7 @@ target_include_directories(bs_obj ../include/compat) if(BUILD_SHARED_LIBS) - add_library(ssl $ $) + add_library(ssl $ $ $) else() add_library(ssl $ empty.c) endif() diff --git a/tls/CMakeLists.txt b/tls/CMakeLists.txt index c3c942446f..33ae1849d0 100644 --- a/tls/CMakeLists.txt +++ b/tls/CMakeLists.txt @@ -14,28 +14,32 @@ set( tls_verify.c ) +set(TLS_COMPAT_SRC "") + if(WIN32) set( TLS_SRC ${TLS_SRC} - compat/ftruncate.c - compat/pread.c - compat/pwrite.c ) - set(LIBTLS_EXTRA_EXPORT ${LIBTLS_EXTRA_EXPORT} ftruncate) + set(TLS_COMPAT_SRC ${TLS_COMPAT_SRC} compat/ftruncate.c) + set(TLS_COMPAT_SRC ${TLS_COMPAT_SRC} compat/pread.c) + set(TLS_COMPAT_SRC ${TLS_COMPAT_SRC} compat/pwrite.c) endif() add_definitions(-DTLS_DEFAULT_CA_FILE=\"${OPENSSLDIR}/cert.pem\") file(COPY ${CMAKE_CURRENT_SOURCE_DIR}/tls.sym DESTINATION ${CMAKE_CURRENT_BINARY_DIR}) -if(LIBTLS_EXTRA_EXPORT) - list(SORT LIBTLS_EXTRA_EXPORT) - foreach(SYM IN LISTS LIBTLS_EXTRA_EXPORT) - file(APPEND ${CMAKE_CURRENT_BINARY_DIR}/tls.sym "${SYM}\n") - endforeach() -endif() + +add_library(tls_compat_obj OBJECT ${TLS_COMPAT_SRC}) +target_include_directories(tls_compat_obj + PRIVATE + . + ../include/compat + PUBLIC + ../include + ${CMAKE_BINARY_DIR}/include) add_library(tls_obj OBJECT ${TLS_SRC}) target_include_directories(tls_obj @@ -46,7 +50,11 @@ target_include_directories(tls_obj ../include ${CMAKE_BINARY_DIR}/include) -add_library(tls $ empty.c) +if(BUILD_SHARED_LIBS) + add_library(tls $ $ $ empty.c) +else() + add_library(tls $ $ empty.c) +endif() export_symbol(tls ${CMAKE_CURRENT_BINARY_DIR}/tls.sym) target_link_libraries(tls ${OPENSSL_LIBS}) From 834434b27dfd02a51c6f71938eb6ec9096ec0b6c Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 14 Dec 2023 03:45:52 +0000 Subject: [PATCH 2/5] try avoiding empty compat libs --- crypto/CMakeLists.txt | 2 +- tls/CMakeLists.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt index 496d64bba5..128a7748f4 100644 --- a/crypto/CMakeLists.txt +++ b/crypto/CMakeLists.txt @@ -734,7 +734,7 @@ set( x509/x_all.c ) -set(COMPAT_SRC "") +set(COMPAT_SRC empty.c) if(UNIX) set(CRYPTO_SRC ${CRYPTO_SRC} crypto_lock.c) diff --git a/tls/CMakeLists.txt b/tls/CMakeLists.txt index 33ae1849d0..919b1fa7bb 100644 --- a/tls/CMakeLists.txt +++ b/tls/CMakeLists.txt @@ -14,7 +14,7 @@ set( tls_verify.c ) -set(TLS_COMPAT_SRC "") +set(TLS_COMPAT_SRC empty.c) if(WIN32) set( From fccbb9b556e4922380c296ee03364fb2cde87d13 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 14 Dec 2023 04:39:35 +0000 Subject: [PATCH 3/5] nc needs compat_obj on some platforms --- apps/nc/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/nc/CMakeLists.txt b/apps/nc/CMakeLists.txt index 868b797361..7bbdb025f0 100644 --- a/apps/nc/CMakeLists.txt +++ b/apps/nc/CMakeLists.txt @@ -40,7 +40,7 @@ target_include_directories(nc PUBLIC ../../include ${CMAKE_BINARY_DIR}/include) -target_link_libraries(nc ${LIBTLS_LIBS}) +target_link_libraries(nc ${LIBTLS_LIBS} compat_obj) if(ENABLE_NC) if(ENABLE_LIBRESSL_INSTALL) From 906e10ea83472110616d28831bc000a3e5ab4225 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 14 Dec 2023 04:59:04 +0000 Subject: [PATCH 4/5] try fixing missing tls-compat for tests --- CMakeLists.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 32b5b15e42..bba5a02890 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -414,10 +414,10 @@ set(LIBTLS_LIBS tls ${PLATFORM_LIBS}) # libraries for regression test if(BUILD_SHARED_LIBS) set(OPENSSL_TEST_LIBS ssl-static crypto-static ${PLATFORM_LIBS} compat_obj) - set(LIBTLS_TEST_LIBS tls-static ${OPENSSL_TEST_LIBS}) + set(LIBTLS_TEST_LIBS tls-static ${OPENSSL_TEST_LIBS} tls_compat_obj) else() set(OPENSSL_TEST_LIBS ssl crypto ${PLATFORM_LIBS} compat_obj) - set(LIBTLS_TEST_LIBS tls ${PLATFORM_LIBS} compat_obj) + set(LIBTLS_TEST_LIBS tls ${PLATFORM_LIBS} compat_obj tls_compat_obj) endif() if(OPENSSLDIR STREQUAL "") From 5bb45527ea0bbc22a9b8da4c5990c80f12c5d8de Mon Sep 17 00:00:00 2001 From: Theo Buehler Date: Thu, 14 Dec 2023 08:38:09 +0100 Subject: [PATCH 5/5] Add reminder to remove timegm after the next library bump --- crypto/CMakeLists.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt index 128a7748f4..d545325ab9 100644 --- a/crypto/CMakeLists.txt +++ b/crypto/CMakeLists.txt @@ -820,6 +820,7 @@ if(NOT HAVE_SYSLOG_R) endif() if(NOT HAVE_TIMEGM) + # XXX - Remove after next bump once libtls, ocspcheck, and asn1time are fixed. set(COMPAT_SRC ${COMPAT_SRC} compat/timegm.c) endif()