Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[V0.10] update cppcheck version to v2.16.0 #3309

Merged
merged 2 commits into from
Nov 14, 2024
Merged

[V0.10] update cppcheck version to v2.16.0 #3309

merged 2 commits into from
Nov 14, 2024

Conversation

matt335672
Copy link
Member

Backport of #3291

Bumps the cppcheck version from 2.15.0 to 2.16.0

There is also a small change to common/ssl_calls.c.

Initially, this version of cppcheck threw a syntax error on this code:-

#if defined(SSL_CTX_set_ecdh_auto)
    if (!SSL_CTX_set_ecdh_auto(self->ctx, 1))
    {
        LOG(LOG_LEVEL_WARNING, "TLS ecdh auto failed to be enabled");
    }
#endif

The reason is that cppcheck tries a pass with SSL_CTX_set_ecdh_auto set to 1, which (of course) fails.

The macro was introduced for OpenSSL 1.0.2 (see https://github.com/openssl/openssl/blob/OpenSSL_1_0_2/CHANGES) and disabled for OpenSSL 1.1.0 (see https://github.com/openssl/openssl/blob/OpenSSL_1_1_0/CHANGES). Versions of OpenSSL after 1.1.0 have a compatibility macro which does nothing if the second parameter is non-zero (i.e.):-

#  define SSL_CTX_set_ecdh_auto(dummy, onoff)      ((onoff) != 0)

Solution for the cppcheck issue is to replace the test for the SSL_CTX_set_ecdh_auto macro with explicit version tests.

Another problem with the code was that the macro was being called twice for OpenSSL 3.x. This regression was introduced during the OpenSSL 3.x migration (6cebade). As previously explained there is no need to call this macro for this version of OpenSSL.

@matt335672
Remove calls to SSL_CTX_set_ecdh_auto()
a3f4c49 
SSL_CTX_set_ecdh_auto() was introduced for  OpenSSL 1.0.2. It
has no effect for OpenSSL 1.1.0 and later. For versions before
1.0.2 and after (and including 1.1.0) it should not be called.

The macro was erroneously being called twice for OpenSSL 3.0.0 and
later - this has also been remedied

(cherry picked from commit a958e37)
@matt335672
cppcheck 2.15.0 -> 2.16.0
34d9e9f 
(cherry picked from commit 1e3acce)
@matt335672 matt335672 changed the title [V0.10] update cppcheck ver [V0.10] update cppcheck version to v2.16.0 Nov 14, 2024
@matt335672 matt335672 merged commit a826445 into neutrinolabs:v0.10 Nov 14, 2024
13 checks passed
@matt335672 matt335672 deleted the v0_10_update_cppcheck_ver branch November 14, 2024 11:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@matt335672