From 5c0bde8ea01a6c3ac6966c8cec231019e4e1b9e7 Mon Sep 17 00:00:00 2001
From: pancake <pancake@nowsecure.com>
Date: Thu, 29 Dec 2022 16:57:00 +0100
Subject: [PATCH] Add --with-ssl-crypto, rename --with-openssl to --with-ssl
 ##build (#21213)

* Expose the use_ssl_crypto option for meson
* Add SSL builds in the CI
---
 .github/workflows/ci.yml      |  4 ++--
 config-user.mk.acr            |  1 +
 configure                     | 22 +++++++++++++++-------
 configure.acr                 | 16 ++++++++++++----
 libr/crypto/hash/deps.mk      |  3 ++-
 libr/crypto/hash/state.c      |  2 +-
 libr/crypto/meson.build       |  2 +-
 libr/include/r_hash.h         |  2 +-
 libr/include/r_userconf.h.acr |  4 ++++
 meson.build                   |  3 +++
 meson_options.txt             |  1 +
 11 files changed, 43 insertions(+), 17 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 3094da5dd1..ced69b5f4d 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -46,12 +46,12 @@ jobs:
       uses: actions/checkout@v3
     - name: Linting
       run: sys/lint.sh
-    - name: Building without capstone
+    - name: Building without capstone but with ssl
       env:
         CFLAGS: -O0
       run: |
         cp -f dist/plugins-cfg/plugins.nocs.cfg plugins.cfg
-        ./configure --without-capstone --with-rpath && make -j
+        ./configure --without-capstone --with-rpath --with-ssl && make -j
         sudo make install
     - name: Running c/m with self-hosted libmagic
       run:
diff --git a/config-user.mk.acr b/config-user.mk.acr
index c5a86debc7..8ac19641ab 100644
--- a/config-user.mk.acr
+++ b/config-user.mk.acr
@@ -87,6 +87,7 @@ endif
 
 HAVE_LIB_GMP=@HAVE_LIB_GMP@
 HAVE_LIB_SSL=@HAVE_OPENSSL@
+WANT_SSL_CRYPTO=@WANT_SSL_CRYPTO@
 HAVE_LIB_MAGIC=@HAVE_LIB_MAGIC@
 USE_LIB_MAGIC=@USE_LIB_MAGIC@
 HAVE_LIB_XXHASH=@HAVE_LIB_XXHASH@
diff --git a/configure b/configure
index b06e2e3021..4e5692d2fa 100755
--- a/configure
+++ b/configure
@@ -37,7 +37,8 @@ WITH_SYSLZ4=0
 USE_ZIP=0
 USE_XXHASH=0
 WITH_GPL=1
-WANT_OPENSSL=0
+WANT_SSL=0
+WANT_SSL_CRYPTO=0
 WANT_LIBUV=0
 USE_RPATH=0
 [ -z "${USERCC}" ] && USERCC="gcc"
@@ -204,7 +205,8 @@ Optional Features:
   --with-syszip          force to use system's libzip and zlib
   --with-sysxxhash       force to use system's xxhash
   --without-gpl          do not build GPL code (grub, cxx, ... )
-  --with-openssl         build with openssl if possible
+  --with-ssl             build with (Open|Boring|..)SSL if possible
+  --with-ssl-crypto      build crypto code with libssl
   --with-libuv           disable libuv dependency
   --with-rpath           use rpath to build
   --with-compiler        Define compiler to use (see mk/) (USERCC=gcc)
@@ -285,7 +287,7 @@ echo "LANGS:     c"
 echo "REQUIRED:  libdl"
 echo "OPTIONAL:  libmagic libz libzip libxxhash libssl liblibuv>=1.0.0"
 echo "PKG-CONFIG:  capstone liblz4 openssl libuv"
-echo "FLAGS:     --disable-debugger --with-sysmagic --disable-threads --disable-loadlibs --enable-threadsafety --without-dylink --without-fork --without-ptrace-wrap --without-gperf --without-capstone --with-libr --with-static-themes --with-capstone5 --with-capstone4 --with-syscapstone --with-syslz4 --with-syszip --with-sysxxhash --without-gpl --with-openssl --with-libuv --with-rpath --with-compiler=gcc --with-ostype=auto --with-libversion=xxx --without-jemalloc --with-checks-level=2"
+echo "FLAGS:     --disable-debugger --with-sysmagic --disable-threads --disable-loadlibs --enable-threadsafety --without-dylink --without-fork --without-ptrace-wrap --without-gperf --without-capstone --with-libr --with-static-themes --with-capstone5 --with-capstone4 --with-syscapstone --with-syslz4 --with-syszip --with-sysxxhash --without-gpl --with-ssl --with-ssl-crypto --with-libuv --with-rpath --with-compiler=gcc --with-ostype=auto --with-libversion=xxx --without-jemalloc --with-checks-level=2"
 	exit 0
 	;;
 --cache-file)
@@ -354,7 +356,8 @@ echo "FLAGS:     --disable-debugger --with-sysmagic --disable-threads --disable-
 "--with-syszip") USE_ZIP="1"; ;;
 "--with-sysxxhash") USE_XXHASH="1"; ;;
 "--without-gpl") WITH_GPL="0"; ;;
-"--with-openssl") WANT_OPENSSL="1"; ;;
+"--with-ssl") WANT_SSL="1"; ;;
+"--with-ssl-crypto") WANT_SSL_CRYPTO="1"; ;;
 "--with-libuv") WANT_LIBUV="1"; ;;
 "--with-rpath") USE_RPATH="1"; ;;
 --with-compiler) if [ -z "${value}" ]; then USERCC="gcc"; else USERCC="${value}" ; fi ;;
@@ -379,7 +382,7 @@ parse_options "$1"
 shift
 done
 
-ENVWORDS="MANDIR INFODIR LIBDIR INCLUDEDIR LOCALSTATEDIR ETCDIR SYSCONFDIR DATADIR DOCDIR LIBEXECDIR SBINDIR BINDIR EPREFIX PREFIX SPREFIX TARGET HOST BUILD INSTALL INSTALL_LIB INSTALL_MAN INSTALL_PROGRAM INSTALL_PROGRAM_STRIP INSTALL_DIR INSTALL_SCRIPT INSTALL_DATA HOST_OS HOST_CPU BUILD_OS BUILD_CPU TARGET_OS TARGET_CPU VERSION VERSION_MAJOR VERSION_MINOR VERSION_PATCH VERSION_NUMBER PKGNAME VPATH CONTACT CONTACT_NAME CONTACT_MAIL CC CFLAGS CPPFLAGS LDFLAGS HAVE_LANG_C DEBUGGER HAVE_LIB_DL DL_LIBS PKGCONFIG HAVE_PATCH PATCH HAVE_AR AR HAVE_GIT GIT HAVE_GPERF GPERF HAVE_LIB_MAGIC USE_MAGIC USE_LIB_MAGIC LIBMAGIC WANT_THREADS LOADLIBS R_CRITICAL_ENABLED WANT_DYLINK HAVE_FORK WANT_PTRACE_WRAP WANT_GPERF WANT_CAPSTONE WITH_LIBR WITH_STATIC_THEMES USE_CS5 USE_CS4 WITH_CAPSTONE CAPSTONE_CFLAGS CAPSTONE_LDFLAGS HAVE_PKGCFG_CAPSTONE USE_CAPSTONE LZ4_CFLAGS LZ4_LDFLAGS HAVE_PKGCFG_LIBLZ4 WITH_SYSLZ4 USE_SYSLZ4 HAVE_LIB_Z HAVE_LIB_ZIP USE_ZIP USE_LIB_ZIP LIBZIP HAVE_LIB_XXHASH USE_XXHASH USE_LIB_XXHASH LIBXXHASH WITH_GPL HAVE_DECL_ADDR_NO_RANDOMIZE HAVE_DECL___GLIBC__ HAVE_ARC4RANDOM_UNIFORM HAVE_EXPLICIT_BZERO HAVE_EXPLICIT_MEMSET HAVE_CLOCK_NANOSLEEP HAVE_SIGACTION HAVE_CLOCK_GETTIME CLOCK_LDFLAGS SUPPORT_GNU99 HAVE_LIB_GMP HAVE_LIB_SSL SSL_CFLAGS SSL_LDFLAGS HAVE_PKGCFG_OPENSSL HAVE_OPENSSL WANT_OPENSSL WANT_LIBUV HAVE_LIBUV_VERSION_1_0_0 LIBUV_CFLAGS LIBUV_LDFLAGS HAVE_PKGCFG_LIBUV HAVE_LIBUV USE_RPATH USERCC USEROSTYPE LIBVERSION HAVE_JEMALLOC HAVE_PTRACE USE_PTRACE_WRAP R_CHECKS_LEVEL"
+ENVWORDS="MANDIR INFODIR LIBDIR INCLUDEDIR LOCALSTATEDIR ETCDIR SYSCONFDIR DATADIR DOCDIR LIBEXECDIR SBINDIR BINDIR EPREFIX PREFIX SPREFIX TARGET HOST BUILD INSTALL INSTALL_LIB INSTALL_MAN INSTALL_PROGRAM INSTALL_PROGRAM_STRIP INSTALL_DIR INSTALL_SCRIPT INSTALL_DATA HOST_OS HOST_CPU BUILD_OS BUILD_CPU TARGET_OS TARGET_CPU VERSION VERSION_MAJOR VERSION_MINOR VERSION_PATCH VERSION_NUMBER PKGNAME VPATH CONTACT CONTACT_NAME CONTACT_MAIL CC CFLAGS CPPFLAGS LDFLAGS HAVE_LANG_C DEBUGGER HAVE_LIB_DL DL_LIBS PKGCONFIG HAVE_PATCH PATCH HAVE_AR AR HAVE_GIT GIT HAVE_GPERF GPERF HAVE_LIB_MAGIC USE_MAGIC USE_LIB_MAGIC LIBMAGIC WANT_THREADS LOADLIBS R_CRITICAL_ENABLED WANT_DYLINK HAVE_FORK WANT_PTRACE_WRAP WANT_GPERF WANT_CAPSTONE WITH_LIBR WITH_STATIC_THEMES USE_CS5 USE_CS4 WITH_CAPSTONE CAPSTONE_CFLAGS CAPSTONE_LDFLAGS HAVE_PKGCFG_CAPSTONE USE_CAPSTONE LZ4_CFLAGS LZ4_LDFLAGS HAVE_PKGCFG_LIBLZ4 WITH_SYSLZ4 USE_SYSLZ4 HAVE_LIB_Z HAVE_LIB_ZIP USE_ZIP USE_LIB_ZIP LIBZIP HAVE_LIB_XXHASH USE_XXHASH USE_LIB_XXHASH LIBXXHASH WITH_GPL HAVE_DECL_ADDR_NO_RANDOMIZE HAVE_DECL___GLIBC__ HAVE_ARC4RANDOM_UNIFORM HAVE_EXPLICIT_BZERO HAVE_EXPLICIT_MEMSET HAVE_CLOCK_NANOSLEEP HAVE_SIGACTION HAVE_CLOCK_GETTIME CLOCK_LDFLAGS SUPPORT_GNU99 HAVE_LIB_GMP HAVE_LIB_SSL SSL_CFLAGS SSL_LDFLAGS HAVE_PKGCFG_OPENSSL HAVE_OPENSSL WANT_SSL WANT_SSL_CRYPTO WANT_LIBUV HAVE_LIBUV_VERSION_1_0_0 LIBUV_CFLAGS LIBUV_LDFLAGS HAVE_PKGCFG_LIBUV HAVE_LIBUV USE_RPATH USERCC USEROSTYPE LIBVERSION HAVE_JEMALLOC HAVE_PTRACE USE_PTRACE_WRAP R_CHECKS_LEVEL"
 
 create_environ
 
@@ -730,7 +733,7 @@ echo yes; HAVE_PKGCFG_OPENSSL=1;
 SSL_LDFLAGS=$tmp; fi; fi
 if [ ! "$SSL_LDFLAGS" = "" ]; then
 HAVE_OPENSSL="1"; fi
-if [ 11 = "$WANT_OPENSSL$HAVE_OPENSSL" ]; then
+if [ 11 = "$WANT_SSL$HAVE_OPENSSL" ]; then
 
 HAVE_OPENSSL="1"
 else
@@ -740,6 +743,11 @@ if [ "$HAVE_LIB_SSL" = "0" ]; then
 HAVE_OPENSSL="0"
 else
 SSL_LDFLAGS="-lssl"; fi; fi
+if [ 11 = "$WANT_SSL_CRYPTO$HAVE_OPENSSL" ]; then
+
+WANT_SSL_CRYPTO="1"
+else
+WANT_SSL_CRYPTO="0"; fi
 HAVE_LIBUV_VERSION_1_0_0=0
 printf "checking version of library libuv >= 1.0.0... "
 ${PKGCONFIG} --atleast-version=1.0.0 libuv >/dev/null 2>&1
@@ -891,7 +899,7 @@ do_remove
 if [ "$QUIET" = 0 ]; then
 echo
 echo "Final report:"
-for A in  BUILD CC CFLAGS DEBUGGER HAVE_ARC4RANDOM_UNIFORM HAVE_EXPLICIT_BZERO HAVE_EXPLICIT_MEMSET HAVE_FORK HAVE_GPERF HAVE_LIBUV HAVE_LIB_GMP HAVE_OPENSSL HAVE_PTRACE HOST LDFLAGS LIBVERSION PKGCONFIG PREFIX R_CHECKS_LEVEL TARGET USERCC USEROSTYPE USE_CAPSTONE USE_LIB_MAGIC USE_LIB_XXHASH USE_LIB_ZIP USE_PTRACE_WRAP USE_SYSLZ4 VERSION WANT_DYLINK ; do
+for A in  BUILD CC CFLAGS DEBUGGER HAVE_ARC4RANDOM_UNIFORM HAVE_EXPLICIT_BZERO HAVE_EXPLICIT_MEMSET HAVE_FORK HAVE_GPERF HAVE_LIBUV HAVE_LIB_GMP HAVE_OPENSSL WANT_SSL_CRYPTO HAVE_PTRACE HOST LDFLAGS LIBVERSION PKGCONFIG PREFIX R_CHECKS_LEVEL TARGET USERCC USEROSTYPE USE_CAPSTONE USE_LIB_MAGIC USE_LIB_XXHASH USE_LIB_ZIP USE_PTRACE_WRAP USE_SYSLZ4 VERSION WANT_DYLINK ; do
 eval VAL="\$${A}"
 [ -z "${VAL}" ] && VAL="\"\""
 echo " - ${A} = ${VAL}"
diff --git a/configure.acr b/configure.acr
index df2e1a560b..f161cdd0b9 100644
--- a/configure.acr
+++ b/configure.acr
@@ -123,14 +123,16 @@ HAVE_GMP = 0 ;
 ))
 HAVE_LIB_GMP = 0 ;
 
+
+(( openssl is used for https:// in rsocket and crypto/hash ))
 CHKLIB ssl
 PKGCFG SSL_CFLAGS SSL_LDFLAGS openssl
 IFNOTNULL SSL_LDFLAGS {
 	HAVE_OPENSSL = 1 ;
 }
-(( ARG_WITHOUT HAVE_OPENSSL ssl disable openssl dependency ; ))
-ARG_WITH WANT_OPENSSL openssl build with openssl if possible ;
-IFAND WANT_OPENSSL HAVE_OPENSSL {
+
+ARG_WITH WANT_SSL ssl build with (Open|Boring|..)SSL if possible ;
+IFAND WANT_SSL HAVE_OPENSSL {
 	HAVE_OPENSSL = 1 ;
 }{
 	HAVE_OPENSSL = 0 ;
@@ -142,6 +144,12 @@ IFNULL SSL_LDFLAGS {
 		SSL_LDFLAGS = -lssl ;
 	}
 }
+ARG_WITH WANT_SSL_CRYPTO ssl-crypto build crypto code with libssl ;
+IFAND WANT_SSL_CRYPTO HAVE_OPENSSL {
+	WANT_SSL_CRYPTO = 1 ;
+}{
+	WANT_SSL_CRYPTO = 0 ;
+}
 
 ARG_WITH WANT_LIBUV libuv disable libuv dependency ;
 CHKVER libuv 1.0.0
@@ -267,7 +275,7 @@ ARG_WITH R_CHECKS_LEVEL=2 checks-level value between 0 and 3 to enable different
 REPORT
 	BUILD CC CFLAGS DEBUGGER HAVE_ARC4RANDOM_UNIFORM HAVE_EXPLICIT_BZERO
 	HAVE_EXPLICIT_MEMSET HAVE_FORK HAVE_GPERF HAVE_LIBUV HAVE_LIB_GMP
-	HAVE_OPENSSL HAVE_PTRACE HOST LDFLAGS LIBVERSION PKGCONFIG PREFIX
+	HAVE_OPENSSL WANT_SSL_CRYPTO HAVE_PTRACE HOST LDFLAGS LIBVERSION PKGCONFIG PREFIX
 	R_CHECKS_LEVEL TARGET USERCC USEROSTYPE USE_CAPSTONE USE_LIB_MAGIC
 	USE_LIB_XXHASH USE_LIB_ZIP USE_PTRACE_WRAP USE_SYSLZ4 VERSION WANT_DYLINK
 ;
diff --git a/libr/crypto/hash/deps.mk b/libr/crypto/hash/deps.mk
index 61e5b87793..7ff18a9e26 100644
--- a/libr/crypto/hash/deps.mk
+++ b/libr/crypto/hash/deps.mk
@@ -1,7 +1,8 @@
 
 OBJS+=hash/state.o hash/hash.o hash/hamdist.o hash/crca.o hash/fletcher.o hash/sip.o
 OBJS+=hash/entropy.o hash/hcalc.o hash/adler32.o hash/luhn.o hash/ssdeep.o
-ifeq ($(HAVE_LIB_SSL),1)
+
+ifeq ($(WANT_SSL_CRYPTO),1)
 CFLAGS+=${SSL_CFLAGS}
 LDFLAGS+=${SSL_LDFLAGS}
 LINK+=${SSL_LDFLAGS}
diff --git a/libr/crypto/hash/state.c b/libr/crypto/hash/state.c
index 174187d0a0..96303bec57 100644
--- a/libr/crypto/hash/state.c
+++ b/libr/crypto/hash/state.c
@@ -3,7 +3,7 @@
 #include <r_hash.h>
 #include <r_util.h>
 
-#if HAVE_LIB_SSL
+#if WANT_SSL_CRYPTO
 #  include <openssl/md4.h>
 #  include <openssl/md5.h>
 #  include <openssl/sha.h>
diff --git a/libr/crypto/meson.build b/libr/crypto/meson.build
index 5c0baa28db..7178327295 100644
--- a/libr/crypto/meson.build
+++ b/libr/crypto/meson.build
@@ -46,7 +46,7 @@ else
   r_crypto_sources += files('hash/xxhash.c')
 endif
 
-if use_sys_openssl
+if use_sys_openssl and use_ssl_crypto
   r_crypto_deps += sys_openssl
 else
   r_crypto_sources += files('hash/md4.c', 'hash/md5.c', 'hash/sha1.c', 'hash/sha2.c')
diff --git a/libr/include/r_hash.h b/libr/include/r_hash.h
index ba771668e9..47acb415c7 100644
--- a/libr/include/r_hash.h
+++ b/libr/include/r_hash.h
@@ -11,7 +11,7 @@ extern "C" {
 
 R_LIB_VERSION_HEADER (r_hash);
 
-#if HAVE_LIB_SSL
+#if WANT_SSL_CRYPTO
 #include <openssl/sha.h>
 #include <openssl/md5.h>
 typedef MD5_CTX RHashMD5Context;
diff --git a/libr/include/r_userconf.h.acr b/libr/include/r_userconf.h.acr
index 742089ec7f..c776825303 100644
--- a/libr/include/r_userconf.h.acr
+++ b/libr/include/r_userconf.h.acr
@@ -92,6 +92,10 @@ extern "C" {
 #define HAVE_LIB_SSL @HAVE_OPENSSL@
 #endif
 
+#ifndef WANT_SSL_CRYPTO
+#define WANT_SSL_CRYPTO @WANT_SSL_CRYPTO@
+#endif
+
 #define HAVE_LIBUV @HAVE_LIBUV@
 
 #if __MINGW32__
diff --git a/meson.build b/meson.build
index a63aa1a259..8e59b8014f 100644
--- a/meson.build
+++ b/meson.build
@@ -290,10 +290,12 @@ if get_option('use_ssl')
     use_sys_openssl = true
   else
     message('Using bundled openssl code')
+    use_ssl_crypto = false
   endif
 else
   sys_openssl = false
   use_sys_openssl = false
+  use_ssl_crypto = false
 endif
 
 use_fork = get_option('use_fork')
@@ -375,6 +377,7 @@ userconf.set('PLUGINS', r2_plugins)
 userconf.set('EXTRAS', r2_extras)
 userconf.set('BINDINGS', r2_bindings)
 userconf.set10('HAVE_OPENSSL', use_sys_openssl)
+userconf.set10('WANT_SSL_CRYPTO', use_ssl_crypto)
 userconf.set10('HAVE_LIBUV', use_libuv)
 userconf.set10('HAVE_FORK', use_fork)
 userconf.set10('HAVE_GPERF', get_option('sdb_cgen'))
diff --git a/meson_options.txt b/meson_options.txt
index c22f43de92..d3a0c54abd 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -35,6 +35,7 @@ option('use_sys_zlib', type: 'boolean', value: false)
 option('use_sys_lz4', type: 'boolean', value: false)
 option('use_sys_xxhash', type: 'boolean', value: false)
 option('use_ssl', type: 'boolean', value: false)
+option('use_ssl_crypto', type: 'boolean', value: false)
 option('use_v35', type: 'boolean', value: false)
 option('use_sys_openssl', type: 'boolean', value: false)
 option('static_sys_openssl', type: 'boolean', value: false)