wok-next annotate net-snmp/stuff/patches/fix-openssl-build-errors.patch @ rev 21595

updated dokuwiki (2012-01-25 -> 2018-04-22c)
author Hans-G?nter Theisgen
date Wed Jun 24 13:53:45 2020 +0100 (2020-06-24)
parents
children
rev   line source
al@20519 1 net-snmp build fails on Debian 9 with OpenSSL 1.1.0
al@20519 2
al@20519 3 With these changes, net-snmp builds with both
al@20519 4 OpenSSL 1.0.x and 1.1.x.
al@20519 5
al@20519 6 Author: Sharmila Podury <sharmila.podury@brocade.com>
al@20519 7
al@20519 8 --- a/apps/snmpusm.c
al@20519 9 +++ b/apps/snmpusm.c
al@20519 10 @@ -125,6 +125,32 @@ char *usmUserPublic_val = NULL
al@20519 11 int docreateandwait = 0;
al@20519 12
al@20519 13
al@20519 14 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
al@20519 15 +
al@20519 16 +#include <string.h>
al@20519 17 +#include <openssl/engine.h>
al@20519 18 +
al@20519 19 +void DH_get0_pqg(const DH *dh,
al@20519 20 + const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
al@20519 21 +{
al@20519 22 + if (p != NULL)
al@20519 23 + *p = dh->p;
al@20519 24 + if (q != NULL)
al@20519 25 + *q = dh->q;
al@20519 26 + if (g != NULL)
al@20519 27 + *g = dh->g;
al@20519 28 +}
al@20519 29 +
al@20519 30 +void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
al@20519 31 +{
al@20519 32 + if (pub_key != NULL)
al@20519 33 + *pub_key = dh->pub_key;
al@20519 34 + if (priv_key != NULL)
al@20519 35 + *priv_key = dh->priv_key;
al@20519 36 +}
al@20519 37 +
al@20519 38 +#endif
al@20519 39 +
al@20519 40 void
al@20519 41 usage(void)
al@20519 42 {
al@20519 43 @@ -190,7 +216,7 @@ get_USM_DH_key(netsnmp_variable_list *va
al@20519 44 oid *keyoid, size_t keyoid_len) {
al@20519 45 u_char *dhkeychange;
al@20519 46 DH *dh;
al@20519 47 - BIGNUM *other_pub;
al@20519 48 + BIGNUM *p, *g, *pub_key, *other_pub;
al@20519 49 u_char *key;
al@20519 50 size_t key_len;
al@20519 51
al@20519 52 @@ -205,25 +231,29 @@ get_USM_DH_key(netsnmp_variable_list *va
al@20519 53 dh = d2i_DHparams(NULL, &cp, dhvar->val_len);
al@20519 54 }
al@20519 55
al@20519 56 - if (!dh || !dh->g || !dh->p) {
al@20519 57 + if (dh)
al@20519 58 + DH_get0_pqg(dh, &p, NULL, &g);
al@20519 59 +
al@20519 60 + if (!dh || !g || !p) {
al@20519 61 SNMP_FREE(dhkeychange);
al@20519 62 return SNMPERR_GENERR;
al@20519 63 }
al@20519 64
al@20519 65 - DH_generate_key(dh);
al@20519 66 - if (!dh->pub_key) {
al@20519 67 + if (!DH_generate_key(dh)) {
al@20519 68 SNMP_FREE(dhkeychange);
al@20519 69 return SNMPERR_GENERR;
al@20519 70 }
al@20519 71
al@20519 72 - if (vars->val_len != (unsigned int)BN_num_bytes(dh->pub_key)) {
al@20519 73 + DH_get0_key(dh, &pub_key, NULL);
al@20519 74 +
al@20519 75 + if (vars->val_len != (unsigned int)BN_num_bytes(pub_key)) {
al@20519 76 SNMP_FREE(dhkeychange);
al@20519 77 fprintf(stderr,"incorrect diffie-helman lengths (%lu != %d)\n",
al@20519 78 - (unsigned long)vars->val_len, BN_num_bytes(dh->pub_key));
al@20519 79 + (unsigned long)vars->val_len, BN_num_bytes(pub_key));
al@20519 80 return SNMPERR_GENERR;
al@20519 81 }
al@20519 82
al@20519 83 - BN_bn2bin(dh->pub_key, dhkeychange + vars->val_len);
al@20519 84 + BN_bn2bin(pub_key, dhkeychange + vars->val_len);
al@20519 85
al@20519 86 key_len = DH_size(dh);
al@20519 87 if (!key_len) {
al@20519 88 --- a/configure.d/config_os_libs2
al@20519 89 +++ b/configure.d/config_os_libs2
al@20519 90 @@ -327,10 +327,16 @@ if test "x$tryopenssl" != "xno" -a "x$tr
al@20519 91 [[#include <openssl/evp.h>]])
al@20519 92
al@20519 93 AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_create,
al@20519 94 - AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [],
al@20519 95 + AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [1],
al@20519 96 [Define to 1 if you have the `EVP_MD_CTX_create' function.])
al@20519 97 - AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [],
al@20519 98 + AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [1],
al@20519 99 [Define to 1 if you have the `EVP_MD_CTX_destroy' function.]))
al@20519 100 +
al@20519 101 + AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_new,
al@20519 102 + AC_DEFINE([HAVE_EVP_MD_CTX_NEW], [1],
al@20519 103 + [Define to 1 if you have the `EVP_MD_CTX_new' function.])
al@20519 104 + AC_DEFINE([HAVE_EVP_MD_CTX_FREE], [1],
al@20519 105 + [Define to 1 if you have the `EVP_MD_CTX_free' function.]))
al@20519 106 fi
al@20519 107 if echo " $transport_result_list " | $GREP "DTLS" > /dev/null; then
al@20519 108 AC_CHECK_LIB(ssl, DTLSv1_method,
al@20519 109 --- a/include/net-snmp/net-snmp-config.h.in
al@20519 110 +++ b/include/net-snmp/net-snmp-config.h.in
al@20519 111 @@ -164,6 +164,12 @@
al@20519 112 /* Define to 1 if you have the `EVP_MD_CTX_destroy' function. */
al@20519 113 #undef HAVE_EVP_MD_CTX_DESTROY
al@20519 114
al@20519 115 +/* Define to 1 if you have the `EVP_MD_CTX_free' function. */
al@20519 116 +#undef HAVE_EVP_MD_CTX_FREE
al@20519 117 +
al@20519 118 +/* Define to 1 if you have the `EVP_MD_CTX_new' function. */
al@20519 119 +#undef HAVE_EVP_MD_CTX_NEW
al@20519 120 +
al@20519 121 /* Define if you have EVP_sha224/256 in openssl */
al@20519 122 #undef HAVE_EVP_SHA224
al@20519 123
al@20519 124 --- a/snmplib/keytools.c
al@20519 125 +++ b/snmplib/keytools.c
al@20519 126 @@ -176,7 +176,9 @@ generate_Ku(const oid * hashtype, u_int
al@20519 127 QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
al@20519 128 }
al@20519 129
al@20519 130 -#ifdef HAVE_EVP_MD_CTX_CREATE
al@20519 131 +#ifdef HAVE_EVP_MD_CTX_NEW
al@20519 132 + ctx = EVP_MD_CTX_new();
al@20519 133 +#elif HAVE_EVP_MD_CTX_CREATE
al@20519 134 ctx = EVP_MD_CTX_create();
al@20519 135 #else
al@20519 136 ctx = malloc(sizeof(*ctx));
al@20519 137 @@ -278,7 +280,9 @@ generate_Ku(const oid * hashtype, u_int
al@20519 138 memset(buf, 0, sizeof(buf));
al@20519 139 #ifdef NETSNMP_USE_OPENSSL
al@20519 140 if (ctx) {
al@20519 141 -#ifdef HAVE_EVP_MD_CTX_DESTROY
al@20519 142 +#ifdef HAVE_EVP_MD_CTX_FREE
al@20519 143 + EVP_MD_CTX_free(ctx);
al@20519 144 +#elif HAVE_EVP_MD_CTX_DESTROY
al@20519 145 EVP_MD_CTX_destroy(ctx);
al@20519 146 #else
al@20519 147 EVP_MD_CTX_cleanup(ctx);
al@20519 148 --- a/snmplib/scapi.c
al@20519 149 +++ b/snmplib/scapi.c
al@20519 150 @@ -627,7 +627,9 @@ sc_hash(const oid * hashtype, size_t has
al@20519 151 return SNMPERR_GENERR;
al@20519 152
al@20519 153 /** initialize the pointer */
al@20519 154 -#ifdef HAVE_EVP_MD_CTX_CREATE
al@20519 155 +#ifdef HAVE_EVP_MD_CTX_NEW
al@20519 156 + cptr = EVP_MD_CTX_new();
al@20519 157 +#elif HAVE_EVP_MD_CTX_CREATE
al@20519 158 cptr = EVP_MD_CTX_create();
al@20519 159 #else
al@20519 160 cptr = malloc(sizeof(*cptr));
al@20519 161 @@ -648,7 +650,9 @@ sc_hash(const oid * hashtype, size_t has
al@20519 162 /** do the final pass */
al@20519 163 EVP_DigestFinal(cptr, MAC, &tmp_len);
al@20519 164 *MAC_len = tmp_len;
al@20519 165 -#ifdef HAVE_EVP_MD_CTX_DESTROY
al@20519 166 +#ifdef HAVE_EVP_MD_CTX_FREE
al@20519 167 + EVP_MD_CTX_free(cptr);
al@20519 168 +#elif HAVE_EVP_MD_CTX_DESTROY
al@20519 169 EVP_MD_CTX_destroy(cptr);
al@20519 170 #else
al@20519 171 #if !defined(OLD_DES)