Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update cppcheck version to 2.16.0 #3291

Merged
merged 2 commits into from
Nov 14, 2024

Conversation

matt335672
Copy link
Member

Bumps the cppcheck version from 2.15.0 to 2.16.0

There is also a small change to common/ssl_calls.c.

Initially, this version of cppcheck threw a syntax error on this code:-

#if defined(SSL_CTX_set_ecdh_auto)
    if (!SSL_CTX_set_ecdh_auto(self->ctx, 1))
    {
        LOG(LOG_LEVEL_WARNING, "TLS ecdh auto failed to be enabled");
    }
#endif

The reason is that cppcheck tries a pass with SSL_CTX_set_ecdh_auto set to 1, which (of course) fails.

The macro was introduced for OpenSSL 1.0.2 (see https://github.com/openssl/openssl/blob/OpenSSL_1_0_2/CHANGES) and disabled for OpenSSL 1.1.0 (see https://github.com/openssl/openssl/blob/OpenSSL_1_1_0/CHANGES). Versions of OpenSSL after 1.1.0 have a compatibility macro which does nothing if the second parameter is non-zero (i.e.):-

#  define SSL_CTX_set_ecdh_auto(dummy, onoff)      ((onoff) != 0)

Solution for the cppcheck issue is to replace the test for the SSL_CTX_set_ecdh_auto macro with explicit version tests.

Another problem with the code was that the macro was being called twice for OpenSSL 3.x. This regression was introduced during the OpenSSL 3.x migration (6cebade). As previously explained there is no need to call this macto for this version of OpenSSL.

@firewave - you asked to be notified for cppcheck-related issues.

SSL_CTX_set_ecdh_auto() was introduced for  OpenSSL 1.0.2. It
has no effect for OpenSSL 1.1.0 and later. For versions before
1.0.2 and after (and including 1.1.0) it should not be called.

The macro was erroneously being called twice for OpenSSL 3.0.0 and
later - this has also been remedied
@matt335672
Copy link
Member Author

Incidentally, I've tried the latest version of astyle too (3.6.3)

The showstopper we had before is fixed, provided --align-reference-name is added to the config. However there now appears to be a difference with continuation lines within parentheses not being indented, or being indented too much. I've not been able to come up with a way to update astyle yet.

@matt335672 matt335672 merged commit 595bda6 into neutrinolabs:devel Nov 14, 2024
14 checks passed
@matt335672 matt335672 deleted the update_cppcheck_ver branch November 14, 2024 10:22
@firewave
Copy link
Contributor

Sorry for the late reply.

The reason is that cppcheck tries a pass with SSL_CTX_set_ecdh_auto set to 1, which (of course) fails.

That is expected behavior when using a non-fixed configuration. In that case it will try to determine configurations based on the available preprocessor checks in each file. I doubt it will be possible to add logic for defines which might be functions.

Also that issue with HAVE_BOOST you had with the previous update has been resolved so you can enable that again.

@firewave
Copy link
Contributor

firewave commented Dec 4, 2024

The reason is that cppcheck tries a pass with SSL_CTX_set_ecdh_auto set to 1, which (of course) fails.

That is expected behavior when using a non-fixed configuration. In that case it will try to determine configurations based on the available preprocessor checks in each file. I doubt it will be possible to add logic for defines which might be functions.

FYI the issue is now being tracked in https://trac.cppcheck.net/ticket/13378. I forgot to file one but somebody else also ran into this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants