Nmap Development mailing list archives

[patch] openssl/md2 issue autoconf files configure.ac configure nse_openssl.cc

From: olli hauer <ohauer () gmx de>
Date: Fri, 20 Aug 2010 22:10:33 +0200

Hi,

I just saw on the list that the md2 code is already removed.

If it is not to late, please test attached patches for
configure.ac configure and nse_openssl.cc.

The patch for ./configure was build with autoconf-2.62.


PS:
Has someone a workaround if openssl is build with SCTP support?
I got the following build failure if SCTP is anabled in openssl.

In file included from /usr/local/include/openssl/dtls1.h:78,
                 from /usr/local/include/openssl/ssl.h:1193,
                 from service_scan.cc:106:
/usr/include/netinet/sctp.h:57: error: redefinition of 'struct sctp_chunkhdr'
./libdnet-stripped/include/dnet/sctp.h:39: error: previous definition of 'struct
sctp_chunkhdr'
gmake[1]: *** [service_scan.o] Error 1
gmake[1]: Leaving directory `/data/work/usr/ports/security/nmap/work/nmap-5.35DC1'
gmake: *** [all] Error 2
*** Error code 1


//olli


Index: nse_openssl.cc
=================================================
--- nse_openssl.cc
+++ nse_openssl.cc
@@ -8,7 +8,9 @@
 #include <openssl/crypto.h>
 #include <openssl/bn.h>
 #include <openssl/rand.h>
+#ifndef OPENSSL_NO_MD2
 #include <openssl/md2.h>
+#endif
 #include <openssl/md4.h>
 #include <openssl/md5.h>
 #include <openssl/sha.h>
@@ -219,6 +221,7 @@
   return 1;
 }

+#ifndef OPENSSL_NO_MD2
 static int l_md2(lua_State *L)     /** md2(string s) */
 {
   size_t len;
@@ -228,6 +231,7 @@
   lua_pushlstring( L, (char *) MD2( s, len, digest ), 16 );
   return 1;
 }
+#endif

 static int l_md4(lua_State *L)     /** md4(string s) */
 {
@@ -515,7 +519,9 @@
   { "bignum_mod_exp", l_bignum_mod_exp },
   { "rand_bytes", l_rand_bytes },
   { "rand_pseudo_bytes", l_rand_pseudo_bytes },
+#ifndef OPENSSL_NO_MD2
   { "md2", l_md2 },
+#endif
   { "md4", l_md4 },
   { "md5", l_md5 },
   { "sha1", l_sha1 },
Index: configure.ac
=================================================
--- configure.ac
+++ configure.ac
@@ -330,6 +330,15 @@
  fi
 fi

+OPENSSL_NO_MD2=
+if test "$use_openssl" = "yes"; then
+  AC_CHECK_HEADER(openssl/md2.h,,
+    AC_DEFINE(OPENSSL_NO_MD2)
+    [CPPFLAGS="$CPPFLAGS -DOPENSSL_NO_MD2"]
+  )
+  AC_SUBST(OPENSSL_NO_MD2)
+fi
+
 OPENSSL_LIBS=
 if test "$use_openssl" = "yes"; then
   AC_DEFINE(HAVE_OPENSSL)
Index: configure
=================================================
--- configure
+++ configure
@@ -675,6 +675,7 @@
 PCAP_BUILD
 PCAP_DEPENDS
 OPENSSL_LIBS
+OPENSSL_NO_MD2
 NPING_DIST_CLEAN
 NPING_CLEAN
 UNINSTALLNPING
@@ -7037,6 +7038,150 @@
  fi
 fi

+OPENSSL_NO_MD2=
+if test "$use_openssl" = "yes"; then
+  if test "${ac_cv_header_openssl_md2_h+set}" = set; then
+  { $as_echo "$as_me:$LINENO: checking for openssl/md2.h" >&5
+$as_echo_n "checking for openssl/md2.h... " >&6; }
+if test "${ac_cv_header_openssl_md2_h+set}" = set; then
+  $as_echo_n "(cached) " >&6
+fi
+{ $as_echo "$as_me:$LINENO: result: $ac_cv_header_openssl_md2_h" >&5
+$as_echo "$ac_cv_header_openssl_md2_h" >&6; }
+else
+  # Is the header compilable?
+{ $as_echo "$as_me:$LINENO: checking openssl/md2.h usability" >&5
+$as_echo_n "checking openssl/md2.h usability... " >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h.  */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h.  */
+$ac_includes_default
+#include <openssl/md2.h>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
+$as_echo "$ac_try_echo") >&5
+  (eval "$ac_compile") 2>conftest.er1
+  ac_status=$?
+  grep -v '^ *+' conftest.er1 >conftest.err
+  rm -f conftest.er1
+  cat conftest.err >&5
+  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+  (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+       } && test -s conftest.$ac_objext; then
+  ac_header_compiler=yes
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+       ac_header_compiler=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ $as_echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+$as_echo "$ac_header_compiler" >&6; }
+
+# Is the header present?
+{ $as_echo "$as_me:$LINENO: checking openssl/md2.h presence" >&5
+$as_echo_n "checking openssl/md2.h presence... " >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h.  */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h.  */
+#include <openssl/md2.h>
+_ACEOF
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
+$as_echo "$ac_try_echo") >&5
+  (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
+  ac_status=$?
+  grep -v '^ *+' conftest.er1 >conftest.err
+  rm -f conftest.er1
+  cat conftest.err >&5
+  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+  (exit $ac_status); } >/dev/null && {
+        test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+        test ! -s conftest.err
+       }; then
+  ac_header_preproc=yes
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+  ac_header_preproc=no
+fi
+
+rm -f conftest.err conftest.$ac_ext
+{ $as_echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+$as_echo "$ac_header_preproc" >&6; }
+
+# So?  What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+  yes:no: )
+    { $as_echo "$as_me:$LINENO: WARNING: openssl/md2.h: accepted by the
compiler, rejected by the preprocessor!" >&5
+$as_echo "$as_me: WARNING: openssl/md2.h: accepted by the compiler, rejected by
the preprocessor!" >&2;}
+    { $as_echo "$as_me:$LINENO: WARNING: openssl/md2.h: proceeding with the
compiler's result" >&5
+$as_echo "$as_me: WARNING: openssl/md2.h: proceeding with the compiler's
result" >&2;}
+    ac_header_preproc=yes
+    ;;
+  no:yes:* )
+    { $as_echo "$as_me:$LINENO: WARNING: openssl/md2.h: present but cannot be
compiled" >&5
+$as_echo "$as_me: WARNING: openssl/md2.h: present but cannot be compiled" >&2;}
+    { $as_echo "$as_me:$LINENO: WARNING: openssl/md2.h:     check for missing
prerequisite headers?" >&5
+$as_echo "$as_me: WARNING: openssl/md2.h:     check for missing prerequisite
headers?" >&2;}
+    { $as_echo "$as_me:$LINENO: WARNING: openssl/md2.h: see the Autoconf
documentation" >&5
+$as_echo "$as_me: WARNING: openssl/md2.h: see the Autoconf documentation" >&2;}
+    { $as_echo "$as_me:$LINENO: WARNING: openssl/md2.h:     section \"Present
But Cannot Be Compiled\"" >&5
+$as_echo "$as_me: WARNING: openssl/md2.h:     section \"Present But Cannot Be
Compiled\"" >&2;}
+    { $as_echo "$as_me:$LINENO: WARNING: openssl/md2.h: proceeding with the
preprocessor's result" >&5
+$as_echo "$as_me: WARNING: openssl/md2.h: proceeding with the preprocessor's
result" >&2;}
+    { $as_echo "$as_me:$LINENO: WARNING: openssl/md2.h: in the future, the
compiler will take precedence" >&5
+$as_echo "$as_me: WARNING: openssl/md2.h: in the future, the compiler will take
precedence" >&2;}
+
+    ;;
+esac
+{ $as_echo "$as_me:$LINENO: checking for openssl/md2.h" >&5
+$as_echo_n "checking for openssl/md2.h... " >&6; }
+if test "${ac_cv_header_openssl_md2_h+set}" = set; then
+  $as_echo_n "(cached) " >&6
+else
+  ac_cv_header_openssl_md2_h=$ac_header_preproc
+fi
+{ $as_echo "$as_me:$LINENO: result: $ac_cv_header_openssl_md2_h" >&5
+$as_echo "$ac_cv_header_openssl_md2_h" >&6; }
+
+fi
+if test $ac_cv_header_openssl_md2_h = yes; then
+  :
+else
+  cat >>confdefs.h <<\_ACEOF
+#define OPENSSL_NO_MD2 1
+_ACEOF
+
+    CPPFLAGS="$CPPFLAGS -DOPENSSL_NO_MD2"
+
+fi
+
+
+
+fi
+
 OPENSSL_LIBS=
 if test "$use_openssl" = "yes"; then
   cat >>confdefs.h <<\_ACEOF

Attachment: patch-configure
Description:

Attachment: patch-nse_openssl.cc
Description:

Attachment: patch-configure.ac
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[patch] openssl/md2 issue autoconf files configure.ac configure nse_openssl.cc olli hauer (Aug 20)
- Re: [patch] openssl/md2 issue autoconf files configure.ac configure nse_openssl.cc David Fifield (Aug 20)
- Re: [patch] openssl/md2 issue autoconf files configure.ac configure nse_openssl.cc David Fifield (Aug 26)
  - Re: [patch] openssl/md2 issue autoconf files configure.ac configure nse_openssl.cc Daniel Roethlisberger (Aug 28)
  - Re: [patch] openssl/md2 issue autoconf files configure.ac configure nse_openssl.cc olli hauer (Aug 28)
    - Re: [patch] openssl/md2 issue autoconf files configure.ac configure nse_openssl.cc David Fifield (Aug 29)
    - Re: [patch] openssl/md2 issue autoconf files configure.ac configure nse_openssl.cc olli hauer (Aug 29)
    - Re: [patch] openssl/md2 issue autoconf files configure.ac configure nse_openssl.cc Daniel Roethlisberger (Aug 31)
    - Re: [patch] openssl/md2 issue autoconf files configure.ac configure nse_openssl.cc David Fifield (Sep 04)
- <Possible follow-ups>
- [patch] openssl/md2 issue autoconf files configure.ac configure nse_openssl.cc olli hauer (Aug 20)