[ntpsec commit] Minor improvements to waf's OpenSSL configuration.

Eric S. Raymond esr at ntpsec.org
Thu Oct 1 20:19:08 UTC 2015


Module:    ntpsec
Branch:    master
Commit:    e18fd114db2caf304ff059b59b0ae31ed5356613
Changeset: http://git.ntpsec.org/ntpsec/commit/?id=e18fd114db2caf304ff059b59b0ae31ed5356613

Author:    Eric S. Raymond <esr at thyrsus.com>
Date:      Thu Oct  1 16:17:58 2015 -0400

Minor improvements to waf's OpenSSL configuration.

---

 include/ntp_refclock.h |  2 +-
 include/recvbuff.h     |  2 +-
 ntpd/ntp_io.c          |  4 ++--
 ntpd/refclock_acts.c   |  2 +-
 pylib/configure.py     | 15 ++++++++-------
 tests/sntp/crypto.c    | 16 ++++++++--------
 tests/sntp/crypto.cpp  |  8 ++++----
 7 files changed, 25 insertions(+), 24 deletions(-)

diff --git a/include/ntp_refclock.h b/include/ntp_refclock.h
index 9b0418d..fa03179 100644
--- a/include/ntp_refclock.h
+++ b/include/ntp_refclock.h
@@ -99,7 +99,7 @@ struct refclockio {
 				due to small bursts
 				of refclock input data */
 	struct peer *srcclock;	/* refclock peer */
-	int	datalen;	/* length of data */
+	u_int	datalen;	/* length of data */
 	int	fd;		/* file descriptor */
 	u_long	recvcount;	/* count of receive completions */
 	bool	active;		/* true when in use */
diff --git a/include/recvbuff.h b/include/recvbuff.h
index 07f1081..c7b5fc7 100644
--- a/include/recvbuff.h
+++ b/include/recvbuff.h
@@ -66,7 +66,7 @@ struct recvbuf {
 	int		msg_flags;	/* Flags received about the packet */
 	l_fp		recv_time;	/* time of arrival */
 	void		(*receiver)(struct recvbuf *); /* callback */
-	int		recv_length;	/* number of octets received */
+	u_int		recv_length;	/* number of octets received */
 	union {
 		struct pkt	X_recv_pkt;
 		uint8_t		X_recv_buffer[RX_BUFF_SIZE];
diff --git a/ntpd/ntp_io.c b/ntpd/ntp_io.c
index 57df1d1..b93d9be 100644
--- a/ntpd/ntp_io.c
+++ b/ntpd/ntp_io.c
@@ -3250,8 +3250,8 @@ read_refclock_packet(
 	}
 
 	i = (rp->datalen == 0
-	     || rp->datalen > (int)sizeof(rb->recv_space))
-		? (int)sizeof(rb->recv_space)
+	     || rp->datalen > sizeof(rb->recv_space))
+	        ? (int)sizeof(rb->recv_space)
 		: rp->datalen;
 	do {
 		buflen = read(fd, (char *)&rb->recv_space, (u_int)i);
diff --git a/ntpd/refclock_acts.c b/ntpd/refclock_acts.c
index 139ec41..4b59ce7 100644
--- a/ntpd/refclock_acts.c
+++ b/ntpd/refclock_acts.c
@@ -315,7 +315,7 @@ acts_receive(
 	struct peer *peer;
 	char	tbuf[sizeof(up->buf)];
 	char *	tptr;
-	int	octets;
+	u_int	octets;
 
 	/*
 	 * Initialize pointers and read the timecode and timestamp. Note
diff --git a/pylib/configure.py b/pylib/configure.py
index d11cdf7..1c21129 100644
--- a/pylib/configure.py
+++ b/pylib/configure.py
@@ -151,6 +151,13 @@ def cmd_configure(ctx):
 	ctx.check_cc(lib="thr", mandatory=False)
 	ctx.check_cc(lib="gcc_s", mandatory=False)
 
+	# Find OpenSSL. Must happen before function checks
+	if ctx.options.enable_crypto:
+		from check_openssl import configure_ssl
+		configure_ssl(ctx)
+		ctx.define("USE_OPENSSL_CRYPTO_RAND", 1)
+		ctx.define("ISC_PLATFORM_OPENSSLHASH", 1)
+
 	# Optional functions.  Do all function checks here, otherwise
 	# we're likely to duplicate them.
 	functions = (
@@ -159,6 +166,7 @@ def cmd_configure(ctx):
 		('arc4random_buf', "stdlib.h"),
 		('clock_gettime', "time.h", "RT"),
 		('clock_settime', "time.h", "RT"),
+		('EVP_MD_do_all_sorted', "openssl/evp.h", "CRYPTO"),
 		('getclock', "sys/timers.h"),
 		('getdtablesize', "unistd.h"),		# SVr4, 4.2BSD
 		('getpassphrase', "stdlib.h"),		# Sun systems
@@ -382,13 +390,6 @@ def cmd_configure(ctx):
         else:
                 print "Can't determine byte order!"
 
-
-	if ctx.options.enable_crypto:
-		from check_openssl import configure_ssl
-		configure_ssl(ctx)
-		ctx.define("USE_OPENSSL_CRYPTO_RAND", 1)
-		ctx.define("ISC_PLATFORM_OPENSSLHASH", 1)
-
 	probe_vsprintfm(ctx, "VSNPRINTF_PERCENT_M",
 			    "Checking for %m expansion in vsnprintf(3)")
 
diff --git a/tests/sntp/crypto.c b/tests/sntp/crypto.c
index 217bde2..9286bb1 100644
--- a/tests/sntp/crypto.c
+++ b/tests/sntp/crypto.c
@@ -35,7 +35,7 @@ TEST(crypto, MakeMd5Mac) {
 	TEST_ASSERT_TRUE(memcmp(EXPECTED_DIGEST, actual, MD5_LENGTH) == 0);
 }
 
-#ifdef ENABLE_CRYPTO
+#ifdef HAVE_OPENSSL
 TEST(crypto, MakeSHA1Mac) {
 	const char* PKT_DATA = "abcdefgh0123";
 	const int PKT_LEN = strlen(PKT_DATA);
@@ -56,7 +56,7 @@ TEST(crypto, MakeSHA1Mac) {
 
 	TEST_ASSERT_TRUE(memcmp(EXPECTED_DIGEST, actual, SHA1_LENGTH) == 0);
 }
-#endif	/* ENABLE_CRYPTO */
+#endif	/* HAVE_OPENSSL */
 
 TEST(crypto, VerifyCorrectMD5) {
 	const char* PKT_DATA =
@@ -76,7 +76,7 @@ TEST(crypto, VerifyCorrectMD5) {
 	TEST_ASSERT_TRUE(auth_md5((char*)PKT_DATA, PKT_LEN, MD5_LENGTH, &md5));
 }
 
-#ifdef ENABLE_CRYPTO
+#ifdef HAVE_OPENSSL
 TEST(crypto, VerifySHA1) {
 	const char* PKT_DATA =
 		"sometestdata"		// Data
@@ -94,7 +94,7 @@ TEST(crypto, VerifySHA1) {
 
 	TEST_ASSERT_TRUE(auth_md5((char*)PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1));
 }
-#endif	/* ENABLE_CRYPTO */
+#endif	/* HAVE_OPENSSL */
 
 TEST(crypto, VerifyFailure) {
 	/* We use a copy of the MD5 verification code, but modify
@@ -133,13 +133,13 @@ TEST(crypto, PacketSizeNotMultipleOfFourBytes) {
 
 TEST_GROUP_RUNNER(crypto) {
 	RUN_TEST_CASE(crypto, MakeMd5Mac);
-#ifdef ENABLE_CRYPTO
+#ifdef HAVE_OPENSSL
 	RUN_TEST_CASE(crypto, MakeSHA1Mac);
-#endif	/* ENABLE_CRYPTO */
+#endif	/* HAVE_OPENSSL */
 	RUN_TEST_CASE(crypto, VerifyCorrectMD5);
-#ifdef ENABLE_CRYPTO
+#ifdef HAVE_OPENSSL
 	RUN_TEST_CASE(crypto, VerifySHA1);
-#endif	/* ENABLE_CRYPTO */
+#endif	/* HAVE_OPENSSL */
 	RUN_TEST_CASE(crypto, VerifyFailure);
 	RUN_TEST_CASE(crypto, PacketSizeNotMultipleOfFourBytes);
 }
diff --git a/tests/sntp/crypto.cpp b/tests/sntp/crypto.cpp
index 574cf2a..61ae004 100644
--- a/tests/sntp/crypto.cpp
+++ b/tests/sntp/crypto.cpp
@@ -140,13 +140,13 @@ TEST(crypto, PacketSizeNotMultipleOfFourBytes) {
 
 TEST_GROUP_RUNNER(crypto) {
 	RUN_TEST_CASE(crypto, MakeMd5Mac);
-#ifdef ENABLE_CRYPTO
+#ifdef HAVE_OPENSSL
 	RUN_TEST_CASE(crypto, MakeSHA1Mac);
-#endif	/* ENABLE_CRYPTO */
+#endif	/* HAVE_OPENSSL */
 	RUN_TEST_CASE(crypto, VerifyCorrectMD5);
-#ifdef ENABLE_CRYPTO
+#ifdef HAVE_OPENSSL
 	RUN_TEST_CASE(crypto, VerifySHA1);
-#endif	/* ENABLE_CRYPTO */
+#endif	/* HAVE_OPENSSL */
 	RUN_TEST_CASE(crypto, VerifyFailure);
 	RUN_TEST_CASE(crypto, PacketSizeNotMultipleOfFourBytes);
 }



More information about the vc mailing list