Fix build issues with LibreSSL

Makefile.am

@@ -11,8 +11,6 @@ AM_CXXFLAGS = \
 	-fno-exceptions
 
 BUILT_SOURCES = \
-	cpp/gmock-all.cc \
-	cpp/gtest-all.cc \
 	cpp/monitoring/prometheus/metrics.pb.cc \
 	cpp/monitoring/prometheus/metrics.pb.h \
 	proto/ct.pb.cc \
@@ -112,7 +110,7 @@ TESTS = \
 	cpp/util/sync_task_test \
 	cpp/util/task_test
 
-if !OPENSSL_IS_BORINGSSL
+if !OPENSSL_NO_CMS
 TESTS += cpp/log/cms_verifier_test
 endif
 
@@ -131,9 +129,6 @@ endif
 cpp/gtest-all.cc: $(GTEST_DIR)/src/gtest-all.cc
 	$(AM_V_at)cp $^ $@
 
-cpp/gmock-all.cc: $(GMOCK_DIR)/src/gmock-all.cc
-	$(AM_V_at)cp $^ $@
-
 test/testdata/urlfetcher_test_certs/localhost-key.pem: test/create_url_fetcher_test_certs.sh
 	$(AM_V_GEN)test/create_url_fetcher_test_certs.sh
 
@@ -217,7 +212,7 @@ cpp_libcore_a_SOURCES = \
 	proto/ct.pb.cc \
 	proto/ct.pb.h
 
-if !OPENSSL_IS_BORINGSSL
+if !OPENSSL_NO_CMS
 cpp_libcore_a_SOURCES += cpp/log/cms_verifier.cc
 endif
 
@@ -226,8 +221,6 @@ cpp_libtest_a_CPPFLAGS = \
 	-I$(GTEST_DIR) \
 	$(AM_CPPFLAGS)
 cpp_libtest_a_SOURCES = \
-	cpp/gmock-all.cc \
-	cpp/gtest-all.cc \
 	cpp/util/testing.cc
 
 cpp_server_ct_mirror_LDADD = \
@@ -907,7 +900,7 @@ cpp_log_cert_test_SOURCES = \
 	cpp/log/cert_test.cc \
 	cpp/util/util.cc
 
-if !OPENSSL_IS_BORINGSSL
+if !OPENSSL_NO_CMS
 cpp_log_cms_verifier_test_LDADD = \
 	cpp/libcore.a \
 	cpp/libtest.a \

configure.ac

@@ -84,9 +84,7 @@ AC_CHECK_HEADER([gtest/gtest.h],, [missing_gtest=1])
 AS_VAR_APPEND([CPPFLAGS], [" -I$GMOCK_DIR/include"])
 AC_CHECK_HEADER([gmock/gmock.h],, [missing_gmock=1])
 AS_VAR_APPEND([CPPFLAGS], [" -I$GTEST_DIR"])
-AC_CHECK_HEADER([$GTEST_DIR/src/gtest-all.cc],, [missing_gtest=1])
 AS_VAR_APPEND([CPPFLAGS], [" -I$GMOCK_DIR"])
-AC_CHECK_HEADER([$GMOCK_DIR/src/gmock-all.cc],, [missing_gmock=1])
 CPPFLAGS="$saved_CPPFLAGS"
 AS_IF([test -n "$missing_gtest"],
       [AC_MSG_ERROR([could not find a working Google Test])])
@@ -106,7 +104,7 @@ AC_SEARCH_LIBS([clock_gettime], [rt],,, [$save_LIBS])
 
 AC_MSG_CHECKING([checking for gflags library])
 LIBS="-lgflags $LIBS"
-AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <gflags/gflags.h>]], [[google::ParseCommandLineFlags(NULL, NULL, true)]])], [have_gflags=yes], [have_gflags=no])
+AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <gflags/gflags.h>]], [[gflags::ParseCommandLineFlags(NULL, NULL, true)]])], [have_gflags=yes], [have_gflags=no])
 AC_MSG_RESULT([$have_gflags])
 AS_IF([test "x$have_gflags" = "xno"],
       [AC_MSG_ERROR([gflags library could not be found])])
@@ -118,6 +116,9 @@ AC_MSG_RESULT([$have_glog])
 AS_IF([test "x$have_glog" = "xno"],
       [AC_MSG_ERROR([glog library could not be found])])
 
+# Required for "make check" to build.
+LIBS="$LIBS -lgtest -lgmock"
+
 save_LIBS="$LIBS"
 AS_UNSET([LIBS])
 AC_SEARCH_LIBS([snappy_compress], [snappy],,, [$save_LIBS])
@@ -146,6 +147,17 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <openssl/base.h>]],
                   [AC_MSG_RESULT([yes]); openssl_is_boringssl=1],
                   [AC_MSG_RESULT([no])])
 
+AC_MSG_CHECKING([for LibreSSL])
+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <openssl/opensslv.h>]],
+                                   [[
+                                     #ifndef LIBRESSL_VERSION_NUMBER
+                                     # error not LibreSSL
+                                     #endif
+                                   ]])
+                  ],
+                  [AC_MSG_RESULT([yes]); openssl_is_libressl=1],
+                  [AC_MSG_RESULT([no])])
+
 save_LIBS="$LIBS"
 AS_UNSET([LIBS])
 AC_SEARCH_LIBS([event_base_dispatch], [event],, [missing_libevent=1],
@@ -212,6 +224,7 @@ AM_CONDITIONAL([HAVE_ANT], [test -n "$ANT"])
 AM_CONDITIONAL([HAVE_LDNS], [test -z "$missing_ldns"])
 AM_CONDITIONAL([HAVE_OBJECTHASH], [test -z "$missing_objecthash"])
 AM_CONDITIONAL([OPENSSL_IS_BORINGSSL], [test -n "$openssl_is_boringssl"])
+AM_CONDITIONAL([OPENSSL_NO_CMS], [test -z "$openssl_is_boringssl" -o -z "$openssl_is_boringssl"])
 AC_DEFINE_UNQUOTED([TEST_SRCDIR], ["$srcdir"], [Top of the source directory, for tests.])
 AC_SUBST([INSTALL_DIR])
 AC_CONFIG_FILES([Makefile])

cpp/client/ct.cc

@@ -530,7 +530,7 @@ static void ProofToExtensionData() {
                       << " for writing:" << strerror(errno);
 
 // Work around broken PEM_write() declaration in older OpenSSL versions.
-#if OPENSSL_VERSION_NUMBER < 0x10002000L
+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
   PEM_write(out, const_cast<char*>(kPEMLabel), const_cast<char*>(""),
             const_cast<unsigned char*>(reinterpret_cast<const unsigned char*>(
                 extension_data_out.str().data())),

cpp/client/ssl_client.cc

@@ -88,7 +88,7 @@ SSLClient::SSLClient(const string& server, const string& port,
 
   SSL_CTX_set_cert_verify_callback(ctx_.get(), &VerifyCallback, &verify_args_);
 
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
   SSL_CTX_add_client_custom_ext(ctx_.get(), CT_EXTENSION_TYPE, NULL, NULL,
                                 NULL, ExtensionCallback, &verify_args_);
 #else

cpp/log/cert.cc

@@ -31,15 +31,15 @@ using util::StatusOr;
 using util::error::Code;
 
 
-#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(OPENSSL_IS_BORINGSSL)
+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(OPENSSL_IS_BORINGSSL) || defined(LIBRESSL_VERSION_NUMBER)
 // Backport from 1.0.2-beta3.
 static int i2d_re_X509_tbs(X509* x, unsigned char** pp) {
   x->cert_info->enc.modified = 1;
   return i2d_X509_CINF(x->cert_info, pp);
 }
 #endif
 
-#if OPENSSL_VERSION_NUMBER < 0x10002000L
+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
 static int X509_get_signature_nid(const X509* x) {
   return OBJ_obj2nid(x->sig_alg->algorithm);
 }