From 46dba5b26749d1a024a1ac6941cd31b1668b25d8 Mon Sep 17 00:00:00 2001
From: Yann Ylavic <ylavic@apache.org>
Date: Sat, 18 Mar 2023 16:33:08 +0000
Subject: crypto_openssl: Fix configure/detection of OPENSSL_init_crypto()

git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1908503 13f79535-47bb-0310-9956-ffa450edef68
---
 build/crypto.m4             | 39 +++++++++++++++------------------------
 crypto/apr_crypto_openssl.c |  4 ++--
 2 files changed, 17 insertions(+), 26 deletions(-)

diff --git a/build/crypto.m4 b/build/crypto.m4
index 22859dfd7..e99e7010b 100644
--- a/build/crypto.m4
+++ b/build/crypto.m4
@@ -54,11 +54,11 @@ AC_DEFUN([APU_CHECK_CRYPTO], [
             crypto_library_enabled=1
           fi
         done
-	if test "$crypto_library_enabled" = "1"; then
+        if test "$crypto_library_enabled" = "1"; then
           AC_MSG_NOTICE([Crypto was requested but no crypto library was found; autodetecting possible libraries])
         else
           AC_ERROR([Crypto was requested but all possible crypto libraries were disabled.])
-	fi
+        fi
       fi
 
       APU_CHECK_CRYPTO_OPENSSL
@@ -97,15 +97,14 @@ AC_DEFUN([APU_CHECK_CRYPTO_OPENSSL], [
     if test "$withval" = "yes"; then
       AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1])
       AC_CHECK_LIB(crypto, EVP_CIPHER_CTX_new, openssl_have_libs=1)
-      if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then
+      if test "$openssl_have_headers" = "1" && test "$openssl_have_libs" = "1"; then
         apu_have_openssl=1
       fi
     elif test "$withval" = "no"; then
       apu_have_openssl=0
     else
-
       openssl_CPPFLAGS="-I$withval/include"
-      openssl_LDFLAGS="-L$withval/lib "
+      openssl_LDFLAGS="-L$withval/lib -L$withval/lib64"
 
       APR_ADDTO(CPPFLAGS, [$openssl_CPPFLAGS])
       APR_ADDTO(LDFLAGS, [$openssl_LDFLAGS])
@@ -113,15 +112,13 @@ AC_DEFUN([APU_CHECK_CRYPTO_OPENSSL], [
       AC_MSG_NOTICE(checking for openssl in $withval)
       AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1])
       AC_CHECK_LIB(crypto, EVP_CIPHER_CTX_new, openssl_have_libs=1)
-      if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then
+      if test "$openssl_have_headers" = "1" && test "$openssl_have_libs" = "1"; then
         apu_have_openssl=1
-        APR_ADDTO(LDFLAGS, [-L$withval/lib])
-        APR_ADDTO(INCLUDES, [-I$withval/include])
       fi
-
-      AC_CHECK_DECLS([EVP_PKEY_CTX_new, OPENSSL_init_crypto], [], [],
-                     [#include <openssl/evp.h>])
-
+    fi
+    if test "$apu_have_openssl" = "1"; then
+        AC_CHECK_LIB(crypto, OPENSSL_init_crypto)
+        AC_CHECK_FUNCS([OPENSSL_init_crypto])
     fi
   ], [
     apu_have_openssl=0
@@ -136,18 +133,12 @@ AC_DEFUN([APU_CHECK_CRYPTO_OPENSSL], [
     apu_have_crypto=1
 
     AC_MSG_CHECKING([for const input buffers in OpenSSL])
-    AC_TRY_COMPILE([#include <openssl/rsa.h>],
-        [ const unsigned char * buf;
-          unsigned char * outbuf;
-          RSA rsa;
-
-                RSA_private_decrypt(1,
-                                                        buf,
-                                                        outbuf,
-                                                        &rsa,
-                                                        RSA_PKCS1_PADDING);
-
-        ],
+    AC_TRY_COMPILE(
+        [#include <openssl/evp.h>],
+        [ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
+          const unsigned char key[128] = {0}, iv[128] = {0};
+          EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
+          EVP_CIPHER_CTX_free(ctx); ],
         [AC_MSG_RESULT([yes])]
         [AC_DEFINE([CRYPTO_OPENSSL_CONST_BUFFERS], 1, [Define that OpenSSL uses const buffers])],
         [AC_MSG_RESULT([no])])
diff --git a/crypto/apr_crypto_openssl.c b/crypto/apr_crypto_openssl.c
index 4d38b9051..8867f0931 100644
--- a/crypto/apr_crypto_openssl.c
+++ b/crypto/apr_crypto_openssl.c
@@ -203,7 +203,7 @@ static apr_status_t crypto_error(const apu_err_t **result,
  */
 static apr_status_t crypto_shutdown(void)
 {
-#if HAVE_DECL_OPENSSL_INIT_CRYPTO
+#if HAVE_OPENSSL_INIT_CRYPTO
     /* Openssl v1.1+ handles all termination automatically. Do
      * nothing in this case.
      */
@@ -232,7 +232,7 @@ static apr_status_t crypto_shutdown_helper(void *data)
 static apr_status_t crypto_init(apr_pool_t *pool, const char *params,
         const apu_err_t **result)
 {
-#if HAVE_DECL_OPENSSL_INIT_CRYPTO
+#if HAVE_OPENSSL_INIT_CRYPTO
     /* Openssl v1.1+ handles all initialisation automatically, apart
      * from hints as to how we want to use the library.
      *
-- 
cgit v1.2.1