wok-next view net-snmp/stuff/patches/fix-openssl-build-errors.patch @ rev 21595
updated dokuwiki (2012-01-25 -> 2018-04-22c)
| author | Hans-G?nter Theisgen |
|---|---|
| date | Wed Jun 24 13:53:45 2020 +0100 (2020-06-24) |
| parents | |
| children |
line source
1 net-snmp build fails on Debian 9 with OpenSSL 1.1.0
3 With these changes, net-snmp builds with both
4 OpenSSL 1.0.x and 1.1.x.
6 Author: Sharmila Podury <sharmila.podury@brocade.com>
8 --- a/apps/snmpusm.c
9 +++ b/apps/snmpusm.c
10 @@ -125,6 +125,32 @@ char *usmUserPublic_val = NULL
11 int docreateandwait = 0;
14 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
15 +
16 +#include <string.h>
17 +#include <openssl/engine.h>
18 +
19 +void DH_get0_pqg(const DH *dh,
20 + const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
21 +{
22 + if (p != NULL)
23 + *p = dh->p;
24 + if (q != NULL)
25 + *q = dh->q;
26 + if (g != NULL)
27 + *g = dh->g;
28 +}
29 +
30 +void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
31 +{
32 + if (pub_key != NULL)
33 + *pub_key = dh->pub_key;
34 + if (priv_key != NULL)
35 + *priv_key = dh->priv_key;
36 +}
37 +
38 +#endif
39 +
40 void
41 usage(void)
42 {
43 @@ -190,7 +216,7 @@ get_USM_DH_key(netsnmp_variable_list *va
44 oid *keyoid, size_t keyoid_len) {
45 u_char *dhkeychange;
46 DH *dh;
47 - BIGNUM *other_pub;
48 + BIGNUM *p, *g, *pub_key, *other_pub;
49 u_char *key;
50 size_t key_len;
52 @@ -205,25 +231,29 @@ get_USM_DH_key(netsnmp_variable_list *va
53 dh = d2i_DHparams(NULL, &cp, dhvar->val_len);
54 }
56 - if (!dh || !dh->g || !dh->p) {
57 + if (dh)
58 + DH_get0_pqg(dh, &p, NULL, &g);
59 +
60 + if (!dh || !g || !p) {
61 SNMP_FREE(dhkeychange);
62 return SNMPERR_GENERR;
63 }
65 - DH_generate_key(dh);
66 - if (!dh->pub_key) {
67 + if (!DH_generate_key(dh)) {
68 SNMP_FREE(dhkeychange);
69 return SNMPERR_GENERR;
70 }
72 - if (vars->val_len != (unsigned int)BN_num_bytes(dh->pub_key)) {
73 + DH_get0_key(dh, &pub_key, NULL);
74 +
75 + if (vars->val_len != (unsigned int)BN_num_bytes(pub_key)) {
76 SNMP_FREE(dhkeychange);
77 fprintf(stderr,"incorrect diffie-helman lengths (%lu != %d)\n",
78 - (unsigned long)vars->val_len, BN_num_bytes(dh->pub_key));
79 + (unsigned long)vars->val_len, BN_num_bytes(pub_key));
80 return SNMPERR_GENERR;
81 }
83 - BN_bn2bin(dh->pub_key, dhkeychange + vars->val_len);
84 + BN_bn2bin(pub_key, dhkeychange + vars->val_len);
86 key_len = DH_size(dh);
87 if (!key_len) {
88 --- a/configure.d/config_os_libs2
89 +++ b/configure.d/config_os_libs2
90 @@ -327,10 +327,16 @@ if test "x$tryopenssl" != "xno" -a "x$tr
91 [[#include <openssl/evp.h>]])
93 AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_create,
94 - AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [],
95 + AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [1],
96 [Define to 1 if you have the `EVP_MD_CTX_create' function.])
97 - AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [],
98 + AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [1],
99 [Define to 1 if you have the `EVP_MD_CTX_destroy' function.]))
100 +
101 + AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_new,
102 + AC_DEFINE([HAVE_EVP_MD_CTX_NEW], [1],
103 + [Define to 1 if you have the `EVP_MD_CTX_new' function.])
104 + AC_DEFINE([HAVE_EVP_MD_CTX_FREE], [1],
105 + [Define to 1 if you have the `EVP_MD_CTX_free' function.]))
106 fi
107 if echo " $transport_result_list " | $GREP "DTLS" > /dev/null; then
108 AC_CHECK_LIB(ssl, DTLSv1_method,
109 --- a/include/net-snmp/net-snmp-config.h.in
110 +++ b/include/net-snmp/net-snmp-config.h.in
111 @@ -164,6 +164,12 @@
112 /* Define to 1 if you have the `EVP_MD_CTX_destroy' function. */
113 #undef HAVE_EVP_MD_CTX_DESTROY
115 +/* Define to 1 if you have the `EVP_MD_CTX_free' function. */
116 +#undef HAVE_EVP_MD_CTX_FREE
117 +
118 +/* Define to 1 if you have the `EVP_MD_CTX_new' function. */
119 +#undef HAVE_EVP_MD_CTX_NEW
120 +
121 /* Define if you have EVP_sha224/256 in openssl */
122 #undef HAVE_EVP_SHA224
124 --- a/snmplib/keytools.c
125 +++ b/snmplib/keytools.c
126 @@ -176,7 +176,9 @@ generate_Ku(const oid * hashtype, u_int
127 QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
128 }
130 -#ifdef HAVE_EVP_MD_CTX_CREATE
131 +#ifdef HAVE_EVP_MD_CTX_NEW
132 + ctx = EVP_MD_CTX_new();
133 +#elif HAVE_EVP_MD_CTX_CREATE
134 ctx = EVP_MD_CTX_create();
135 #else
136 ctx = malloc(sizeof(*ctx));
137 @@ -278,7 +280,9 @@ generate_Ku(const oid * hashtype, u_int
138 memset(buf, 0, sizeof(buf));
139 #ifdef NETSNMP_USE_OPENSSL
140 if (ctx) {
141 -#ifdef HAVE_EVP_MD_CTX_DESTROY
142 +#ifdef HAVE_EVP_MD_CTX_FREE
143 + EVP_MD_CTX_free(ctx);
144 +#elif HAVE_EVP_MD_CTX_DESTROY
145 EVP_MD_CTX_destroy(ctx);
146 #else
147 EVP_MD_CTX_cleanup(ctx);
148 --- a/snmplib/scapi.c
149 +++ b/snmplib/scapi.c
150 @@ -627,7 +627,9 @@ sc_hash(const oid * hashtype, size_t has
151 return SNMPERR_GENERR;
153 /** initialize the pointer */
154 -#ifdef HAVE_EVP_MD_CTX_CREATE
155 +#ifdef HAVE_EVP_MD_CTX_NEW
156 + cptr = EVP_MD_CTX_new();
157 +#elif HAVE_EVP_MD_CTX_CREATE
158 cptr = EVP_MD_CTX_create();
159 #else
160 cptr = malloc(sizeof(*cptr));
161 @@ -648,7 +650,9 @@ sc_hash(const oid * hashtype, size_t has
162 /** do the final pass */
163 EVP_DigestFinal(cptr, MAC, &tmp_len);
164 *MAC_len = tmp_len;
165 -#ifdef HAVE_EVP_MD_CTX_DESTROY
166 +#ifdef HAVE_EVP_MD_CTX_FREE
167 + EVP_MD_CTX_free(cptr);
168 +#elif HAVE_EVP_MD_CTX_DESTROY
169 EVP_MD_CTX_destroy(cptr);
170 #else
171 #if !defined(OLD_DES)