From 21c7debd3fc2613e10d7ee81543dbd65b2b897fa Mon Sep 17 00:00:00 2001
From: Milind Changire <mchangir@redhat.com>
Date: Thu, 5 Nov 2015 20:08:33 +0530
Subject: build: fix ecdh.h and dh.h deps

openssl/ecdh.h and openssl/dh.h are not available on all platforms,
especially rhel-5.
This patch adds check to autoconf and updates relevant source files.

Added conditional to test for SSL_OP_NO_TICKET and SSL_OP_NO_COMPRESSION
presence before setting the SSL context options.

Macros UTIME_OMIT and UTIME_NOW picked up from Fedora 22
/usr/include/bits/stat.h to help rhel-5 build.

Change-Id: I2bdee4fe643f9c1f5fe77cf89bd30946cd6b591a
Reviewed-on: http://review.gluster.org/#/c/12517/
BUG: 1258594
Signed-off-by: Milind Changire <mchangir@redhat.com>
Reviewed-on: http://review.gluster.org/12518
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
---
 rpc/rpc-transport/socket/src/socket.c | 16 ++++++++++------
 rpc/rpc-transport/socket/src/socket.h |  4 ++--
 2 files changed, 12 insertions(+), 8 deletions(-)

(limited to 'rpc')

diff --git a/rpc/rpc-transport/socket/src/socket.c b/rpc/rpc-transport/socket/src/socket.c
index bcc73016382..c5ab22f9941 100644
--- a/rpc/rpc-transport/socket/src/socket.c
+++ b/rpc/rpc-transport/socket/src/socket.c
@@ -3996,8 +3996,12 @@ socket_init (rpc_transport_t *this)
 
                 SSL_CTX_set_options(priv->ssl_ctx, SSL_OP_NO_SSLv2);
                 SSL_CTX_set_options(priv->ssl_ctx, SSL_OP_NO_SSLv3);
+#ifdef SSL_OP_NO_TICKET
                 SSL_CTX_set_options(priv->ssl_ctx, SSL_OP_NO_TICKET);
+#endif
+#ifdef SSL_OP_NO_COMPRESSION
                 SSL_CTX_set_options(priv->ssl_ctx, SSL_OP_NO_COMPRESSION);
+#endif
 
 		if ((bio = BIO_new_file(dh_param, "r")) == NULL) {
 			gf_log(this->name,GF_LOG_ERROR,
@@ -4006,7 +4010,7 @@ socket_init (rpc_transport_t *this)
 		}
 
 		if (bio != NULL) {
-#ifdef ERR_R_DH_LIB
+#ifdef HAVE_OPENSSL_DH_H
                         DH *dh;
                         unsigned long err;
 
@@ -4024,15 +4028,15 @@ socket_init (rpc_transport_t *this)
                                        "DH ciphers are disabled.",
                                        dh_param, ERR_error_string(err, NULL));
                         }
-#else /* ERR_R_DH_LIB */
+#else /* HAVE_OPENSSL_DH_H */
                         BIO_free(bio);
                         gf_log(this->name, GF_LOG_ERROR,
                                "OpenSSL has no DH support");
-#endif /* ERR_R_DH_LIB */
+#endif /* HAVE_OPENSSL_DH_H */
                 }
 
                 if (ec_curve != NULL) {
-#ifdef ERR_R_ECDH_LIB
+#ifdef HAVE_OPENSSL_ECDH_H
                         EC_KEY *ecdh = NULL;
                         int nid;
                         unsigned long err;
@@ -4053,10 +4057,10 @@ socket_init (rpc_transport_t *this)
 				       "ECDH ciphers are disabled.",
                                        ec_curve, ERR_error_string(err, NULL));
 			}
-#else /* ERR_R_ECDH_LIB */
+#else /* HAVE_OPENSSL_ECDH_H */
                         gf_log(this->name, GF_LOG_ERROR,
                                "OpenSSL has no ECDH support");
-#endif /* ERR_R_ECDH_LIB */
+#endif /* HAVE_OPENSSL_ECDH_H */
                 }
 
 		/* This must be done after DH and ECDH setups */
diff --git a/rpc/rpc-transport/socket/src/socket.h b/rpc/rpc-transport/socket/src/socket.h
index 238c1457e4d..c4d27e21947 100644
--- a/rpc/rpc-transport/socket/src/socket.h
+++ b/rpc/rpc-transport/socket/src/socket.h
@@ -14,10 +14,10 @@
 #include <openssl/ssl.h>
 #include <openssl/err.h>
 #include <openssl/x509v3.h>
-#ifdef ERR_R_DH_LIB
+#ifdef HAVE_OPENSSL_DH_H
 #include <openssl/dh.h>
 #endif
-#ifdef ERR_R_ECDH_LIB
+#ifdef HAVE_OPENSSL_ECDH_H
 #include <openssl/objects.h>
 #include <openssl/ecdh.h>
 #endif
-- 
cgit