[ruby/openssl] Check for OpenSSL functions in headers

While building with a custom build of OpenSSL, I noticed in mkmf.log
that all the feature detection checks are done using a program lacking
an OpenSSL header include. `mkmf` retries using a fallback program when
this fails, but that means all the `have_func` calls compile twice when
compiling once should suffice. Example log without this commit:

    have_func: checking for X509_STORE_CTX_get0_cert()... -------------------- yes

    DYLD_FALLBACK_LIBRARY_PATH=.:../.. "clang -o conftest ...
    conftest.c:14:57: error: use of undeclared identifier 'X509_STORE_CTX_get0_cert'
    int t(void) { void ((*volatile p)()); p = (void ((*)()))X509_STORE_CTX_get0_cert; return !p; }
                                                            ^
    1 error generated.
    checked program was:
    /* begin */
     1: #include "ruby.h"
     2:
     3: /*top*/
     4: extern int t(void);
     5: int main(int argc, char **argv)
     6: {
     7:   if (argc > 1000000) {
     8:     int (* volatile tp)(void)=(int (*)(void))&t;
     9:     printf("%d", (*tp)());
    10:   }
    11:
    12:   return !!argv[argc];
    13: }
    14: int t(void) { void ((*volatile p)()); p = (void ((*)()))X509_STORE_CTX_get0_cert; return !p; }
    /* end */

    DYLD_FALLBACK_LIBRARY_PATH=.:../.. "clang -o conftest ...
    checked program was:
    /* begin */
     1: #include "ruby.h"
     2:
     3: /*top*/
     4: extern int t(void);
     5: int main(int argc, char **argv)
     6: {
     7:   if (argc > 1000000) {
     8:     int (* volatile tp)(void)=(int (*)(void))&t;
     9:     printf("%d", (*tp)());
    10:   }
    11:
    12:   return !!argv[argc];
    13: }
    14: extern void X509_STORE_CTX_get0_cert();
    15: int t(void) { X509_STORE_CTX_get0_cert(); return 0; }
    /* end */

The second compilation succeeds.

Specify the header for each checked function.

https://github.com/ruby/openssl/commit/34ae7d92d0

1 files changed, 51 insertions, 46 deletions

diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb
index cc2b1f8ba2..4a9ae5598d 100644
--- a/ext/openssl/extconf.rb
+++ b/ext/openssl/extconf.rb
@@ -120,8 +120,13 @@ if is_libressl && ($mswin || $mingw)
 end
 
 Logging::message "=== Checking for OpenSSL features... ===\n"
+evp_h = "openssl/evp.h".freeze
+x509_h = "openssl/x509.h".freeze
+ts_h = "openssl/ts.h".freeze
+ssl_h = "openssl/ssl.h".freeze
+
 # compile options
-have_func("RAND_egd")
+have_func("RAND_egd", "openssl/rand.h")
 engines = %w{dynamic 4758cca aep atalla chil
              cswift nuron sureware ubsec padlock capi gmp gost cryptodev}
 engines.each { |name|
@@ -132,56 +137,56 @@ engines.each { |name|
 if !have_struct_member("SSL", "ctx", "openssl/ssl.h") || is_libressl
   $defs.push("-DHAVE_OPAQUE_OPENSSL")
 end
-have_func("EVP_MD_CTX_new")
-have_func("EVP_MD_CTX_free")
-have_func("EVP_MD_CTX_pkey_ctx")
-have_func("X509_STORE_get_ex_data")
-have_func("X509_STORE_set_ex_data")
-have_func("X509_STORE_get_ex_new_index")
-have_func("X509_CRL_get0_signature")
-have_func("X509_REQ_get0_signature")
-have_func("X509_REVOKED_get0_serialNumber")
-have_func("X509_REVOKED_get0_revocationDate")
-have_func("X509_get0_tbs_sigalg")
-have_func("X509_STORE_CTX_get0_untrusted")
-have_func("X509_STORE_CTX_get0_cert")
-have_func("X509_STORE_CTX_get0_chain")
-have_func("OCSP_SINGLERESP_get0_id")
-have_func("SSL_CTX_get_ciphers")
-have_func("X509_up_ref")
-have_func("X509_CRL_up_ref")
-have_func("X509_STORE_up_ref")
-have_func("SSL_SESSION_up_ref")
-have_func("EVP_PKEY_up_ref")
-have_func("SSL_CTX_set_min_proto_version(NULL, 0)", "openssl/ssl.h")
-have_func("SSL_CTX_get_security_level")
-have_func("X509_get0_notBefore")
-have_func("SSL_SESSION_get_protocol_version")
-have_func("TS_STATUS_INFO_get0_status")
-have_func("TS_STATUS_INFO_get0_text")
-have_func("TS_STATUS_INFO_get0_failure_info")
-have_func("TS_VERIFY_CTS_set_certs(NULL, NULL)", "openssl/ts.h")
-have_func("TS_VERIFY_CTX_set_store")
-have_func("TS_VERIFY_CTX_add_flags")
-have_func("TS_RESP_CTX_set_time_cb")
-have_func("EVP_PBE_scrypt")
-have_func("SSL_CTX_set_post_handshake_auth")
+have_func("EVP_MD_CTX_new", evp_h)
+have_func("EVP_MD_CTX_free", evp_h)
+have_func("EVP_MD_CTX_pkey_ctx", evp_h)
+have_func("X509_STORE_get_ex_data", x509_h)
+have_func("X509_STORE_set_ex_data", x509_h)
+have_func("X509_STORE_get_ex_new_index", x509_h)
+have_func("X509_CRL_get0_signature", x509_h)
+have_func("X509_REQ_get0_signature", x509_h)
+have_func("X509_REVOKED_get0_serialNumber", x509_h)
+have_func("X509_REVOKED_get0_revocationDate", x509_h)
+have_func("X509_get0_tbs_sigalg", x509_h)
+have_func("X509_STORE_CTX_get0_untrusted", x509_h)
+have_func("X509_STORE_CTX_get0_cert", x509_h)
+have_func("X509_STORE_CTX_get0_chain", x509_h)
+have_func("OCSP_SINGLERESP_get0_id", "openssl/ocsp.h")
+have_func("SSL_CTX_get_ciphers", ssl_h)
+have_func("X509_up_ref", x509_h)
+have_func("X509_CRL_up_ref", x509_h)
+have_func("X509_STORE_up_ref", x509_h)
+have_func("SSL_SESSION_up_ref", ssl_h)
+have_func("EVP_PKEY_up_ref", evp_h)
+have_func("SSL_CTX_set_min_proto_version(NULL, 0)", ssl_h)
+have_func("SSL_CTX_get_security_level", ssl_h)
+have_func("X509_get0_notBefore", x509_h)
+have_func("SSL_SESSION_get_protocol_version", ssl_h)
+have_func("TS_STATUS_INFO_get0_status", ts_h)
+have_func("TS_STATUS_INFO_get0_text", ts_h)
+have_func("TS_STATUS_INFO_get0_failure_info", ts_h)
+have_func("TS_VERIFY_CTS_set_certs(NULL, NULL)", ts_h)
+have_func("TS_VERIFY_CTX_set_store", ts_h)
+have_func("TS_VERIFY_CTX_add_flags", ts_h)
+have_func("TS_RESP_CTX_set_time_cb", ts_h)
+have_func("EVP_PBE_scrypt", evp_h)
+have_func("SSL_CTX_set_post_handshake_auth", ssl_h)
 
 # added in 1.1.1
-have_func("EVP_PKEY_check")
-have_func("SSL_CTX_set_ciphersuites")
+have_func("EVP_PKEY_check", evp_h)
+have_func("SSL_CTX_set_ciphersuites", ssl_h)
 
 # added in 3.0.0
 openssl_3 =
-have_func("SSL_set0_tmp_dh_pkey")
-have_func("ERR_get_error_all")
-have_func("TS_VERIFY_CTX_set_certs(NULL, NULL)", "openssl/ts.h")
-have_func("SSL_CTX_load_verify_file")
-have_func("BN_check_prime")
-have_func("EVP_MD_CTX_get0_md")
-have_func("EVP_MD_CTX_get_pkey_ctx")
-have_func("EVP_PKEY_eq")
-have_func("EVP_PKEY_dup")
+have_func("SSL_set0_tmp_dh_pkey", ssl_h)
+have_func("ERR_get_error_all", "openssl/err.h")
+have_func("TS_VERIFY_CTX_set_certs(NULL, NULL)", ts_h)
+have_func("SSL_CTX_load_verify_file", ssl_h)
+have_func("BN_check_prime", "openssl/bn.h")
+have_func("EVP_MD_CTX_get0_md", evp_h)
+have_func("EVP_MD_CTX_get_pkey_ctx", evp_h)
+have_func("EVP_PKEY_eq", evp_h)
+have_func("EVP_PKEY_dup", evp_h)
 
 Logging::message "=== Checking done. ===\n"