diff --git a/configure b/configure index 781653a..d89984c 100755 --- a/configure +++ b/configure @@ -730,6 +730,7 @@ am__nodep AMDEPBACKSLASH AMDEP_FALSE AMDEP_TRUE +am__quote am__include DEPDIR OBJEXT @@ -789,6 +790,7 @@ infodir docdir oldincludedir includedir +runstatedir localstatedir sharedstatedir sysconfdir @@ -807,8 +809,7 @@ PACKAGE_VERSION PACKAGE_TARNAME PACKAGE_NAME PATH_SEPARATOR -SHELL -am__quote' +SHELL' ac_subst_files='' ac_user_opts=' enable_option_checking @@ -924,6 +925,7 @@ datadir='${datarootdir}' sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' +runstatedir='${localstatedir}/run' includedir='${prefix}/include' oldincludedir='/usr/include' docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' @@ -1176,6 +1178,15 @@ do | -silent | --silent | --silen | --sile | --sil) silent=yes ;; + -runstatedir | --runstatedir | --runstatedi | --runstated \ + | --runstate | --runstat | --runsta | --runst | --runs \ + | --run | --ru | --r) + ac_prev=runstatedir ;; + -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ + | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ + | --run=* | --ru=* | --r=*) + runstatedir=$ac_optarg ;; + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ @@ -1313,7 +1324,7 @@ fi for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ - libdir localedir mandir + libdir localedir mandir runstatedir do eval ac_val=\$$ac_var # Remove trailing slashes. @@ -1466,6 +1477,7 @@ Fine tuning of the installation directories: --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] @@ -2677,7 +2689,7 @@ ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $ ac_compiler_gnu=$ac_cv_c_compiler_gnu -am__api_version='1.16' +am__api_version='1.15' ac_aux_dir= for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do @@ -3222,8 +3234,8 @@ MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"} # For better backward compatibility. To be removed once Automake 1.9.x # dies out for good. For more background, see: -# -# +# +# mkdir_p='$(MKDIR_P)' # We need awk for the "check" target (and possibly the TAP driver). The @@ -3274,7 +3286,7 @@ END Aborting the configuration process, to ensure you take notice of the issue. You can download and install GNU coreutils to get an 'rm' implementation -that behaves properly: . +that behaves properly: . If you want to complete the configuration process using your problematic 'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM @@ -4638,45 +4650,45 @@ DEPDIR="${am__leading_dot}deps" ac_config_commands="$ac_config_commands depfiles" -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} supports the include directive" >&5 -$as_echo_n "checking whether ${MAKE-make} supports the include directive... " >&6; } -cat > confinc.mk << 'END' + +am_make=${MAKE-make} +cat > confinc << 'END' am__doit: - @echo this is the am__doit target >confinc.out + @echo this is the am__doit target .PHONY: am__doit END +# If we don't find an include directive, just comment out the code. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for style of include used by $am_make" >&5 +$as_echo_n "checking for style of include used by $am_make... " >&6; } am__include="#" am__quote= -# BSD make does it like this. -echo '.include "confinc.mk" # ignored' > confmf.BSD -# Other make implementations (GNU, Solaris 10, AIX) do it like this. -echo 'include confinc.mk # ignored' > confmf.GNU -_am_result=no -for s in GNU BSD; do - { echo "$as_me:$LINENO: ${MAKE-make} -f confmf.$s && cat confinc.out" >&5 - (${MAKE-make} -f confmf.$s && cat confinc.out) >&5 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } - case $?:`cat confinc.out 2>/dev/null` in #( - '0:this is the am__doit target') : - case $s in #( - BSD) : - am__include='.include' am__quote='"' ;; #( - *) : - am__include='include' am__quote='' ;; -esac ;; #( - *) : - ;; +_am_result=none +# First try GNU make style include. +echo "include confinc" > confmf +# Ignore all kinds of additional output from 'make'. +case `$am_make -s -f confmf 2> /dev/null` in #( +*the\ am__doit\ target*) + am__include=include + am__quote= + _am_result=GNU + ;; esac - if test "$am__include" != "#"; then - _am_result="yes ($s style)" - break - fi -done -rm -f confinc.* confmf.* -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: ${_am_result}" >&5 -$as_echo "${_am_result}" >&6; } +# Now try BSD make style include. +if test "$am__include" = "#"; then + echo '.include "confinc"' > confmf + case `$am_make -s -f confmf 2> /dev/null` in #( + *the\ am__doit\ target*) + am__include=.include + am__quote="\"" + _am_result=BSD + ;; + esac +fi + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $_am_result" >&5 +$as_echo "$_am_result" >&6; } +rm -f confinc confmf # Check whether --enable-dependency-tracking was given. if test "${enable_dependency_tracking+set}" = set; then : @@ -7494,8 +7506,8 @@ fi done -# SSL_set0_rbio(), SSL_set0_wbio() OPENSSL_init_crypto() and TLS_method() introduced OpenSSL v1.1.0 -for ac_func in SSL_set0_rbio OPENSSL_init_crypto TLS_method +# SSL_set0_rbio(), SSL_set0_wbio() and OPENSSL_init_crypto() introduced OpenSSL v1.1.0 +for ac_func in SSL_set0_rbio OPENSSL_init_crypto do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" @@ -7508,62 +7520,19 @@ fi done -# In OpenSSL v1.1.1 the call to SSL_CTX_new() fails if OPENSSL_init_crypto() has been called with -# OPENSSL_INIT_NO_LOAD_CONFIG. It does not fail in v1.1.0h and v1.1.1b. -if test .$ac_cv_func_OPENSSL_init_crypto = .yes; then : - - if test .$ac_cv_func_TLS_method = .yes; then : - method_func=TLS_method -else - method_func=SSLv23_method -fi - if test "$cross_compiling" = yes; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Cannot determine if need to OPENSSL_init_crypto() problem. Assuming yes for safety." >&5 -$as_echo "$as_me: WARNING: Cannot determine if need to OPENSSL_init_crypto() problem. Assuming yes for safety." >&2;} - openssl_init_no_load_bug=1 - - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -int -main () -{ - - const SSL_METHOD *meth; - SSL_CTX *ctx; - - if (!OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL)) - return 1; - - /* Initialize SSL context */ - meth = $method_func(); - if (!(ctx = SSL_CTX_new(meth))) - return 1; - return 0; - - ; - return 0; -} +# TLS_method() introduced OpenSSL v1.1.0 +for ac_func in TLS_method +do : + ac_fn_c_check_func "$LINENO" "TLS_method" "ac_cv_func_TLS_method" +if test "x$ac_cv_func_TLS_method" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_TLS_METHOD 1 _ACEOF -if ac_fn_c_try_run "$LINENO"; then : - openssl_init_no_load_bug=0 -else - openssl_init_no_load_bug=1 -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - if test $openssl_init_no_load_bug -eq 1; then : - -$as_echo "#define HAVE_OPENSSL_INIT_NO_LOAD_CONFIG_BUG 1 " >>confdefs.h fi +done + -fi unset LIBS if test $BUILD_GENHASH = No; then @@ -12726,7 +12695,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # # INIT-COMMANDS # -AMDEP_TRUE="$AMDEP_TRUE" MAKE="${MAKE-make}" +AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir" _ACEOF @@ -13353,35 +13322,29 @@ $as_echo "$as_me: executing $ac_file commands" >&6;} # Older Autoconf quotes --file arguments for eval, but not when files # are listed without --file. Let's play safe and only enable the eval # if we detect the quoting. - # TODO: see whether this extra hack can be removed once we start - # requiring Autoconf 2.70 or later. - case $CONFIG_FILES in #( - *\'*) : - eval set x "$CONFIG_FILES" ;; #( - *) : - set x $CONFIG_FILES ;; #( - *) : - ;; -esac + case $CONFIG_FILES in + *\'*) eval set x "$CONFIG_FILES" ;; + *) set x $CONFIG_FILES ;; + esac shift - # Used to flag and report bootstrapping failures. - am_rc=0 - for am_mf + for mf do # Strip MF so we end up with the name of the file. - am_mf=`$as_echo "$am_mf" | sed -e 's/:.*$//'` - # Check whether this is an Automake generated Makefile which includes - # dependency-tracking related rules and includes. - # Grep'ing the whole file directly is not great: AIX grep has a line + mf=`echo "$mf" | sed -e 's/:.*$//'` + # Check whether this is an Automake generated Makefile or not. + # We used to match only the files named 'Makefile.in', but + # some people rename them; so instead we look at the file content. + # Grep'ing the first line is not enough: some people post-process + # each Makefile.in and add a new line on top of each file to say so. + # Grep'ing the whole file is not good either: AIX grep has a line # limit of 2048, but all sed's we know have understand at least 4000. - sed -n 's,^am--depfiles:.*,X,p' "$am_mf" | grep X >/dev/null 2>&1 \ - || continue - am_dirpart=`$as_dirname -- "$am_mf" || -$as_expr X"$am_mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$am_mf" : 'X\(//\)[^/]' \| \ - X"$am_mf" : 'X\(//\)$' \| \ - X"$am_mf" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$am_mf" | + if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then + dirpart=`$as_dirname -- "$mf" || +$as_expr X"$mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$mf" : 'X\(//\)[^/]' \| \ + X"$mf" : 'X\(//\)$' \| \ + X"$mf" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$mf" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -13399,48 +13362,53 @@ $as_echo X"$am_mf" | q } s/.*/./; q'` - am_filepart=`$as_basename -- "$am_mf" || -$as_expr X/"$am_mf" : '.*/\([^/][^/]*\)/*$' \| \ - X"$am_mf" : 'X\(//\)$' \| \ - X"$am_mf" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X/"$am_mf" | - sed '/^.*\/\([^/][^/]*\)\/*$/{ + else + continue + fi + # Extract the definition of DEPDIR, am__include, and am__quote + # from the Makefile without running 'make'. + DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` + test -z "$DEPDIR" && continue + am__include=`sed -n 's/^am__include = //p' < "$mf"` + test -z "$am__include" && continue + am__quote=`sed -n 's/^am__quote = //p' < "$mf"` + # Find all dependency output files, they are included files with + # $(DEPDIR) in their names. We invoke sed twice because it is the + # simplest approach to changing $(DEPDIR) to its actual value in the + # expansion. + for file in `sed -n " + s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ + sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do + # Make sure the directory exists. + test -f "$dirpart/$file" && continue + fdir=`$as_dirname -- "$file" || +$as_expr X"$file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$file" : 'X\(//\)[^/]' \| \ + X"$file" : 'X\(//\)$' \| \ + X"$file" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$file" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } - /^X\/\(\/\/\)$/{ + /^X\(\/\/\)[^/].*/{ s//\1/ q } - /^X\/\(\/\).*/{ + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` - { echo "$as_me:$LINENO: cd "$am_dirpart" \ - && sed -e '/# am--include-marker/d' "$am_filepart" \ - | $MAKE -f - am--depfiles" >&5 - (cd "$am_dirpart" \ - && sed -e '/# am--include-marker/d' "$am_filepart" \ - | $MAKE -f - am--depfiles) >&5 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } || am_rc=$? + as_dir=$dirpart/$fdir; as_fn_mkdir_p + # echo "creating $dirpart/$file" + echo '# dummy' > "$dirpart/$file" + done done - if test $am_rc -ne 0; then - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "Something went wrong bootstrapping makefile fragments - for automatic dependency tracking. Try re-running configure with the - '--disable-dependency-tracking' option to at least be able to build - the package (albeit without support for automatic dependency tracking). -See \`config.log' for more details" "$LINENO" 5; } - fi - { am_dirpart=; unset am_dirpart;} - { am_filepart=; unset am_filepart;} - { am_mf=; unset am_mf;} - { am_rc=; unset am_rc;} - rm -f conftest-deps.mk } ;; diff --git a/configure.ac b/configure.ac index c964a11..89399ca 100644 --- a/configure.ac +++ b/configure.ac @@ -813,40 +813,12 @@ AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ # SSL_CTX_set_verify_depth() introduced OpenSSL v0.9.5a AC_CHECK_FUNCS([SSL_CTX_set_verify_depth]) -# SSL_set0_rbio(), SSL_set0_wbio() OPENSSL_init_crypto() and TLS_method() introduced OpenSSL v1.1.0 -AC_CHECK_FUNCS([SSL_set0_rbio OPENSSL_init_crypto TLS_method]) +# SSL_set0_rbio(), SSL_set0_wbio() and OPENSSL_init_crypto() introduced OpenSSL v1.1.0 +AC_CHECK_FUNCS([SSL_set0_rbio OPENSSL_init_crypto]) + +# TLS_method() introduced OpenSSL v1.1.0 +AC_CHECK_FUNCS([TLS_method]) -# In OpenSSL v1.1.1 the call to SSL_CTX_new() fails if OPENSSL_init_crypto() has been called with -# OPENSSL_INIT_NO_LOAD_CONFIG. It does not fail in v1.1.0h and v1.1.1b. -AS_IF([test .$ac_cv_func_OPENSSL_init_crypto = .yes], - [ - AS_IF([test .$ac_cv_func_TLS_method = .yes], [method_func=TLS_method], [method_func=SSLv23_method]) - AC_RUN_IFELSE( - [AC_LANG_PROGRAM( - [[#include ]], - [[ - const SSL_METHOD *meth; - SSL_CTX *ctx; - - if (!OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL)) - return 1; - - /* Initialize SSL context */ - meth = $method_func(); - if (!(ctx = SSL_CTX_new(meth))) - return 1; - return 0; - ]])], - [openssl_init_no_load_bug=0], - [openssl_init_no_load_bug=1], - [ - AC_MSG_WARN([Cannot determine if need to OPENSSL_init_crypto() problem. Assuming yes for safety.]) - openssl_init_no_load_bug=1 - ] - ) - AS_IF([test $openssl_init_no_load_bug -eq 1], - [AC_DEFINE([HAVE_OPENSSL_INIT_NO_LOAD_CONFIG_BUG], [ 1 ], [Define to 1 if OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG) bug)])]) - ]) unset LIBS if test $BUILD_GENHASH = No; then diff --git a/genhash/ssl.c b/genhash/ssl.c index 0574675..8e9162c 100644 --- a/genhash/ssl.c +++ b/genhash/ssl.c @@ -44,22 +44,16 @@ void init_ssl(void) { /* Library initialization */ -#ifdef HAVE_OPENSSL_INIT_CRYPTO -#ifndef HAVE_OPENSSL_INIT_NO_LOAD_CONFIG_BUG - /* In OpenSSL v1.1.1 if the following is called, SSL_CTX_new() below fails. - * It works in v1.1.0h and v1.1.1b. - * It transpires that it works without setting NO_LOAD_CONFIG, but it is - * presumably more efficient not to load it. */ +#if HAVE_OPENSSL_INIT_CRYPTO if (!OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL)) fprintf(stderr, "OPENSSL_init_crypto failed\n"); -#endif #else SSL_library_init(); SSL_load_error_strings(); #endif /* Initialize SSL context */ -#ifdef HAVE_TLS_METHOD +#if HAVE_TLS_METHOD req->meth = TLS_method(); #else req->meth = SSLv23_method(); @@ -123,7 +117,7 @@ ssl_connect(thread_t * thread) } BIO_set_nbio(sock_obj->bio, 1); /* Set the Non-Blocking flag */ -#ifdef HAVE_SSL_SET0_RBIO +#if HAVE_SSL_SET0_RBIO BIO_up_ref(sock_obj->bio); SSL_set0_rbio(sock_obj->ssl, sock_obj->bio); SSL_set0_wbio(sock_obj->ssl, sock_obj->bio); diff --git a/keepalived/check/check_ssl.c b/keepalived/check/check_ssl.c index 58061b9..6bf6a00 100644 --- a/keepalived/check/check_ssl.c +++ b/keepalived/check/check_ssl.c @@ -68,15 +68,9 @@ build_ssl_ctx(void) ssl_data_t *ssl; /* Library initialization */ -#ifdef HAVE_OPENSSL_INIT_CRYPTO -#ifndef HAVE_OPENSSL_INIT_NO_LOAD_CONFIG_BUG - /* In OpenSSL v1.1.1 if the following is called, SSL_CTX_new() below fails. - * It works in v1.1.0h and v1.1.1b. - * It transpires that it works without setting NO_LOAD_CONFIG, but it is - * presumably more efficient not to load it. */ +#if HAVE_OPENSSL_INIT_CRYPTO if (!OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL)) log_message(LOG_INFO, "OPENSSL_init_crypto failed"); -#endif #else SSL_library_init(); SSL_load_error_strings(); @@ -88,7 +82,7 @@ build_ssl_ctx(void) ssl = check_data->ssl; /* Initialize SSL context */ -#ifdef HAVE_TLS_METHOD +#if HAVE_TLS_METHOD ssl->meth = TLS_method(); #else ssl->meth = SSLv23_method(); @@ -226,7 +220,7 @@ ssl_connect(thread_t * thread, int new_req) BIO_get_fd(req->bio, &bio_fd); fcntl(bio_fd, F_SETFD, fcntl(bio_fd, F_GETFD) | FD_CLOEXEC); -#ifdef HAVE_SSL_SET0_RBIO +#if HAVE_SSL_SET0_RBIO BIO_up_ref(req->bio); SSL_set0_rbio(req->ssl, req->bio); SSL_set0_wbio(req->ssl, req->bio); diff --git a/keepalived/core/global_data.c b/keepalived/core/global_data.c index be9fecb..6e872dc 100644 --- a/keepalived/core/global_data.c +++ b/keepalived/core/global_data.c @@ -253,14 +253,12 @@ init_global_data(data_t * data, data_t *old_global_data) if (!data->smtp_connection_to) set_default_smtp_connection_timeout(data); - if (data->local_name && strcmp(data->local_name, unknown_name)) { + if (strcmp(data->local_name, unknown_name)) { if (!data->email_from) set_default_email_from(data, data->local_name); - if (!data->smtp_helo_name) { - data->smtp_helo_name = MALLOC(strlen(data->local_name) + 1); - strcpy(data->smtp_helo_name, data->local_name); - } + if (!data->smtp_helo_name) + data->smtp_helo_name = data->local_name; } } diff --git a/keepalived/vrrp/vrrp_if.c b/keepalived/vrrp/vrrp_if.c index 4a292e0..5b2e8c4 100644 --- a/keepalived/vrrp/vrrp_if.c +++ b/keepalived/vrrp/vrrp_if.c @@ -1051,9 +1051,7 @@ interface_down(interface_t *ifp) /* Any route that has an oif will be tracking the interface, * so we only need to check for routes that dont specify an * oif */ - /* Don't track route if it's not configured with this down - * interface. */ - if (!route->oif || route->configured_ifindex != ifp->ifindex) + if (!route->oif && route->configured_ifindex != ifp->ifindex) continue; route->set = false; diff --git a/lib/notify.c b/lib/notify.c index eac0937..e79fbde 100644 --- a/lib/notify.c +++ b/lib/notify.c @@ -130,18 +130,10 @@ cmd_str_r(const notify_script_t *script, char *buf, size_t len) if (i) *str_p++ = ' '; - - /* Allow special case of bash script which is redirection only to - * test for file existence. */ - if (i || (script->args[i][0] != '<' && script->args[i][0] != '>')) - *str_p++ = '\''; - + *str_p++ = '\''; strcpy(str_p, script->args[i]); str_p += str_len; - - /* Close opening ' if we added one */ - if (i || (script->args[i][0] != '<' && script->args[i][0] != '>')) - *str_p++ = '\''; + *str_p++ = '\''; } *str_p = '\0';