pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/net-snmp net-snmp: fix build with openssl-1.1.
details: https://anonhg.NetBSD.org/pkgsrc/rev/4ed3d92590a3
branches: trunk
changeset: 376044:4ed3d92590a3
user: wiz <wiz%pkgsrc.org@localhost>
date: Sun Feb 25 18:35:29 2018 +0000
description:
net-snmp: fix build with openssl-1.1.
Bump PKGREVISION.
diffstat:
net/net-snmp/Makefile | 4 +-
net/net-snmp/distinfo | 6 +-
net/net-snmp/patches/patch-apps_snmpusm.c | 102 +++++++++++++++
net/net-snmp/patches/patch-configure.d_config__os__libs2 | 37 +++++
net/net-snmp/patches/patch-snmplib_keytools.c | 56 ++++++++
net/net-snmp/patches/patch-snmplib_scapi.c | 59 ++++++++
6 files changed, 261 insertions(+), 3 deletions(-)
diffs (truncated from 310 to 300 lines):
diff -r ecab9cc91e0c -r 4ed3d92590a3 net/net-snmp/Makefile
--- a/net/net-snmp/Makefile Sun Feb 25 18:00:11 2018 +0000
+++ b/net/net-snmp/Makefile Sun Feb 25 18:35:29 2018 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.121 2017/10/06 02:39:38 gavan Exp $
+# $NetBSD: Makefile,v 1.122 2018/02/25 18:35:29 wiz Exp $
.include "Makefile.common"
CATEGORIES= net
-PKGREVISION= 8
+PKGREVISION= 9
MAINTAINER= adam%NetBSD.org@localhost
COMMENT= Extensible SNMP implementation
diff -r ecab9cc91e0c -r 4ed3d92590a3 net/net-snmp/distinfo
--- a/net/net-snmp/distinfo Sun Feb 25 18:00:11 2018 +0000
+++ b/net/net-snmp/distinfo Sun Feb 25 18:35:29 2018 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.91 2017/10/06 02:39:38 gavan Exp $
+$NetBSD: distinfo,v 1.92 2018/02/25 18:35:29 wiz Exp $
SHA1 (net-snmp-5.7.3.tar.gz) = 97dc25077257680815de44e34128d365c76bd839
RMD160 (net-snmp-5.7.3.tar.gz) = c5cf54d5723ee417e07f1f9fa3936aef505104a2
@@ -30,7 +30,9 @@
SHA1 (patch-ak) = 50ac67db8a9ffc16d983b4192e74db25ef439321
SHA1 (patch-am) = d01e8a93f6e766cedfdc324efd69168f71aac76f
SHA1 (patch-ap) = 44a4ce6302457094ba2b200e4c47ff6c2a425746
+SHA1 (patch-apps_snmpusm.c) = 5df02e77038cf36cd5fafe19df7bc095b12a4a8f
SHA1 (patch-aq) = a8fe703d8902c2847ca6692af4400ddbf9cbe74b
+SHA1 (patch-configure.d_config__os__libs2) = 9dd3f200295460b9c43a249c60508ce5f142fbed
SHA1 (patch-da) = 40e8d78bad93ca12f4c08c43b86e7f13edafc299
SHA1 (patch-db) = 281be9a88860987880c71770f4050fd965dd8ed9
SHA1 (patch-dl) = 92563fd6be6f27be5b348cdc8bc02061374026b0
@@ -53,4 +55,6 @@
SHA1 (patch-perl_agent_default__store_Makefile.PL) = 0599d99ce5226eaeaab3f1af76c68bfe7e57e1bd
SHA1 (patch-perl_default__store_Makefile.PL) = ed5ad7385680632b2153fa572635c5aea83c9114
SHA1 (patch-perl_manager_Makefile.PL) = bb34b119a2b3887a1af1f9b88e6d4bad6baf60bb
+SHA1 (patch-snmplib_keytools.c) = c209a42a2767c8639d8535e02542de119264ebfc
+SHA1 (patch-snmplib_scapi.c) = 9a49b1a00df8f9ab6bd69057f806377e9164cf1f
SHA1 (patch-snmplib_snmp__api.c) = b4f498aa93b61f809e3696df1fc6bf32bd942233
diff -r ecab9cc91e0c -r 4ed3d92590a3 net/net-snmp/patches/patch-apps_snmpusm.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/net-snmp/patches/patch-apps_snmpusm.c Sun Feb 25 18:35:29 2018 +0000
@@ -0,0 +1,102 @@
+$NetBSD: patch-apps_snmpusm.c,v 1.1 2018/02/25 18:35:30 wiz Exp $
+
+From: Andreas Henriksson <andreas%fatal.se@localhost>
+Date: Sat, 23 Dec 2017 22:25:41 +0000
+Subject: [PATCH] Port OpenSSL 1.1.0 with support for 1.0.2
+
+Initial support for OpenSSL 1.1.0
+
+Changes by sebastian%breakpoint.cc@localhost:
+- added OpenSSL 1.0.2 glue layer for backwarts compatibility
+- dropped HAVE_EVP_MD_CTX_CREATE + DESTROY and added a check for OpenSSL
+ version instead (and currently 1.0.2 is the only one supported).
+
+BTS: https://bugs.debian.org/828449
+Signed-off-by: Sebastian Andrzej Siewior <sebastian%breakpoint.cc@localhost>
+---
+ apps/snmpusm.c | 43 ++++++++++++++++++++++++++++++++++++-------
+ configure.d/config_os_libs2 | 6 ------
+ snmplib/keytools.c | 13 ++++++-------
+ snmplib/scapi.c | 17 +++++------------
+ 4 files changed, 47 insertions(+), 32 deletions(-)
+
+
+--- apps/snmpusm.c.orig 2018-02-25 18:04:17.011901242 +0000
++++ apps/snmpusm.c
+@@ -183,6 +183,31 @@ setup_oid(oid * it, size_t * len, u_char
+ }
+
+ #if defined(HAVE_OPENSSL_DH_H) && defined(HAVE_LIBCRYPTO)
++
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
++
++static void DH_get0_pqg(const DH *dh,
++ const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
++{
++ if (p != NULL)
++ *p = dh->p;
++ if (q != NULL)
++ *q = dh->q;
++ if (g != NULL)
++ *g = dh->g;
++}
++
++static void DH_get0_key(const DH *dh, const BIGNUM **pub_key,
++ const BIGNUM **priv_key)
++{
++ if (pub_key != NULL)
++ *pub_key = dh->pub_key;
++ if (priv_key != NULL)
++ *priv_key = dh->priv_key;
++}
++
++#endif
++
+ int
+ get_USM_DH_key(netsnmp_variable_list *vars, netsnmp_variable_list *dhvar,
+ size_t outkey_len,
+@@ -190,7 +215,7 @@ get_USM_DH_key(netsnmp_variable_list *va
+ oid *keyoid, size_t keyoid_len) {
+ u_char *dhkeychange;
+ DH *dh;
+- BIGNUM *other_pub;
++ const BIGNUM *p, *g, *pub_key, *other_pub;
+ u_char *key;
+ size_t key_len;
+
+@@ -205,25 +230,29 @@ get_USM_DH_key(netsnmp_variable_list *va
+ dh = d2i_DHparams(NULL, &cp, dhvar->val_len);
+ }
+
+- if (!dh || !dh->g || !dh->p) {
++ if (dh)
++ DH_get0_pqg(dh, &p, NULL, &g);
++
++ if (!dh || !g || !p) {
+ SNMP_FREE(dhkeychange);
+ return SNMPERR_GENERR;
+ }
+
+- DH_generate_key(dh);
+- if (!dh->pub_key) {
++ if (!DH_generate_key(dh)) {
+ SNMP_FREE(dhkeychange);
+ return SNMPERR_GENERR;
+ }
+
+- if (vars->val_len != (unsigned int)BN_num_bytes(dh->pub_key)) {
++ DH_get0_key(dh, &pub_key, NULL);
++
++ if (vars->val_len != (unsigned int)BN_num_bytes(pub_key)) {
+ SNMP_FREE(dhkeychange);
+ fprintf(stderr,"incorrect diffie-helman lengths (%lu != %d)\n",
+- (unsigned long)vars->val_len, BN_num_bytes(dh->pub_key));
++ (unsigned long)vars->val_len, BN_num_bytes(pub_key));
+ return SNMPERR_GENERR;
+ }
+
+- BN_bn2bin(dh->pub_key, dhkeychange + vars->val_len);
++ BN_bn2bin(pub_key, dhkeychange + vars->val_len);
+
+ key_len = DH_size(dh);
+ if (!key_len) {
diff -r ecab9cc91e0c -r 4ed3d92590a3 net/net-snmp/patches/patch-configure.d_config__os__libs2
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/net-snmp/patches/patch-configure.d_config__os__libs2 Sun Feb 25 18:35:29 2018 +0000
@@ -0,0 +1,37 @@
+$NetBSD: patch-configure.d_config__os__libs2,v 1.1 2018/02/25 18:35:30 wiz Exp $
+
+From: Andreas Henriksson <andreas%fatal.se@localhost>
+Date: Sat, 23 Dec 2017 22:25:41 +0000
+Subject: [PATCH] Port OpenSSL 1.1.0 with support for 1.0.2
+
+Initial support for OpenSSL 1.1.0
+
+Changes by sebastian%breakpoint.cc@localhost:
+- added OpenSSL 1.0.2 glue layer for backwarts compatibility
+- dropped HAVE_EVP_MD_CTX_CREATE + DESTROY and added a check for OpenSSL
+ version instead (and currently 1.0.2 is the only one supported).
+
+BTS: https://bugs.debian.org/828449
+Signed-off-by: Sebastian Andrzej Siewior <sebastian%breakpoint.cc@localhost>
+---
+ apps/snmpusm.c | 43 ++++++++++++++++++++++++++++++++++++-------
+ configure.d/config_os_libs2 | 6 ------
+ snmplib/keytools.c | 13 ++++++-------
+ snmplib/scapi.c | 17 +++++------------
+ 4 files changed, 47 insertions(+), 32 deletions(-)
+
+--- configure.d/config_os_libs2.orig 2018-02-25 18:04:17.012343125 +0000
++++ configure.d/config_os_libs2
+@@ -291,12 +291,6 @@ if test "x$tryopenssl" != "xno" -a "x$tr
+ AC_CHECK_LIB(${CRYPTO}, AES_cfb128_encrypt,
+ AC_DEFINE(HAVE_AES_CFB128_ENCRYPT, 1,
+ [Define to 1 if you have the `AES_cfb128_encrypt' function.]))
+-
+- AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_create,
+- AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [],
+- [Define to 1 if you have the `EVP_MD_CTX_create' function.])
+- AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [],
+- [Define to 1 if you have the `EVP_MD_CTX_destroy' function.]))
+ fi
+ if echo " $transport_result_list " | $GREP "DTLS" > /dev/null; then
+ AC_CHECK_LIB(ssl, DTLSv1_method,
diff -r ecab9cc91e0c -r 4ed3d92590a3 net/net-snmp/patches/patch-snmplib_keytools.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/net-snmp/patches/patch-snmplib_keytools.c Sun Feb 25 18:35:29 2018 +0000
@@ -0,0 +1,56 @@
+$NetBSD: patch-snmplib_keytools.c,v 1.1 2018/02/25 18:35:30 wiz Exp $
+
+From: Andreas Henriksson <andreas%fatal.se@localhost>
+Date: Sat, 23 Dec 2017 22:25:41 +0000
+Subject: [PATCH] Port OpenSSL 1.1.0 with support for 1.0.2
+
+Initial support for OpenSSL 1.1.0
+
+Changes by sebastian%breakpoint.cc@localhost:
+- added OpenSSL 1.0.2 glue layer for backwarts compatibility
+- dropped HAVE_EVP_MD_CTX_CREATE + DESTROY and added a check for OpenSSL
+ version instead (and currently 1.0.2 is the only one supported).
+
+BTS: https://bugs.debian.org/828449
+Signed-off-by: Sebastian Andrzej Siewior <sebastian%breakpoint.cc@localhost>
+---
+ apps/snmpusm.c | 43 ++++++++++++++++++++++++++++++++++++-------
+ configure.d/config_os_libs2 | 6 ------
+ snmplib/keytools.c | 13 ++++++-------
+ snmplib/scapi.c | 17 +++++------------
+ 4 files changed, 47 insertions(+), 32 deletions(-)
+
+--- snmplib/keytools.c.orig 2018-02-25 18:04:17.012838017 +0000
++++ snmplib/keytools.c
+@@ -149,13 +149,13 @@ generate_Ku(const oid * hashtype, u_int
+ */
+ #ifdef NETSNMP_USE_OPENSSL
+
+-#ifdef HAVE_EVP_MD_CTX_CREATE
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
+ ctx = EVP_MD_CTX_create();
+ #else
+- ctx = malloc(sizeof(*ctx));
+- if (!EVP_MD_CTX_init(ctx))
+- return SNMPERR_GENERR;
++ ctx = EVP_MD_CTX_new();
+ #endif
++ if (!ctx)
++ return SNMPERR_GENERR;
+ #ifndef NETSNMP_DISABLE_MD5
+ if (ISTRANSFORM(hashtype, HMACMD5Auth)) {
+ if (!EVP_DigestInit(ctx, EVP_md5()))
+@@ -259,11 +259,10 @@ generate_Ku(const oid * hashtype, u_int
+ memset(buf, 0, sizeof(buf));
+ #ifdef NETSNMP_USE_OPENSSL
+ if (ctx) {
+-#ifdef HAVE_EVP_MD_CTX_DESTROY
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
+ EVP_MD_CTX_destroy(ctx);
+ #else
+- EVP_MD_CTX_cleanup(ctx);
+- free(ctx);
++ EVP_MD_CTX_free(ctx);
+ #endif
+ }
+ #endif
diff -r ecab9cc91e0c -r 4ed3d92590a3 net/net-snmp/patches/patch-snmplib_scapi.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/net-snmp/patches/patch-snmplib_scapi.c Sun Feb 25 18:35:29 2018 +0000
@@ -0,0 +1,59 @@
+$NetBSD: patch-snmplib_scapi.c,v 1.1 2018/02/25 18:35:30 wiz Exp $
+
+From: Andreas Henriksson <andreas%fatal.se@localhost>
+Date: Sat, 23 Dec 2017 22:25:41 +0000
+Subject: [PATCH] Port OpenSSL 1.1.0 with support for 1.0.2
+
+Initial support for OpenSSL 1.1.0
+
+Changes by sebastian%breakpoint.cc@localhost:
+- added OpenSSL 1.0.2 glue layer for backwarts compatibility
+- dropped HAVE_EVP_MD_CTX_CREATE + DESTROY and added a check for OpenSSL
+ version instead (and currently 1.0.2 is the only one supported).
+
+BTS: https://bugs.debian.org/828449
+Signed-off-by: Sebastian Andrzej Siewior <sebastian%breakpoint.cc@localhost>
+---
+ apps/snmpusm.c | 43 ++++++++++++++++++++++++++++++++++++-------
+ configure.d/config_os_libs2 | 6 ------
+ snmplib/keytools.c | 13 ++++++-------
+ snmplib/scapi.c | 17 +++++------------
+ 4 files changed, 47 insertions(+), 32 deletions(-)
+
+--- snmplib/scapi.c.orig 2018-02-25 18:04:17.013625332 +0000
++++ snmplib/scapi.c
+@@ -486,15 +486,10 @@ sc_hash(const oid * hashtype, size_t has
+ }
+
+ /** initialize the pointer */
+-#ifdef HAVE_EVP_MD_CTX_CREATE
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
+ cptr = EVP_MD_CTX_create();
+ #else
+- cptr = malloc(sizeof(*cptr));
+-#if defined(OLD_DES)
+- memset(cptr, 0, sizeof(*cptr));
+-#else
+- EVP_MD_CTX_init(cptr);
+-#endif
++ cptr = EVP_MD_CTX_new();
+ #endif
+ if (!EVP_DigestInit(cptr, hashfn)) {
+ /* requested hash function is not available */
+@@ -507,13 +502,11 @@ sc_hash(const oid * hashtype, size_t has
+ /** do the final pass */
+ EVP_DigestFinal(cptr, MAC, &tmp_len);
+ *MAC_len = tmp_len;
+-#ifdef HAVE_EVP_MD_CTX_DESTROY
++
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
Home |
Main Index |
Thread Index |
Old Index