diff options
Diffstat (limited to 'abs/extra/net-snmp/fix-openssl-build-errors.patch')
-rw-r--r-- | abs/extra/net-snmp/fix-openssl-build-errors.patch | 171 |
1 files changed, 171 insertions, 0 deletions
diff --git a/abs/extra/net-snmp/fix-openssl-build-errors.patch b/abs/extra/net-snmp/fix-openssl-build-errors.patch new file mode 100644 index 0000000..53bc372 --- /dev/null +++ b/abs/extra/net-snmp/fix-openssl-build-errors.patch @@ -0,0 +1,171 @@ +net-snmp build fails on Debian 9 with OpenSSL 1.1.0 + +With these changes, net-snmp builds with both +OpenSSL 1.0.x and 1.1.x. + +Author: Sharmila Podury <sharmila.podury@brocade.com> + +--- a/apps/snmpusm.c ++++ b/apps/snmpusm.c +@@ -125,6 +125,32 @@ char *usmUserPublic_val = NULL + int docreateandwait = 0; + + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ ++#include <string.h> ++#include <openssl/engine.h> ++ ++void DH_get0_pqg(const DH *dh, ++ const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) ++{ ++ if (p != NULL) ++ *p = dh->p; ++ if (q != NULL) ++ *q = dh->q; ++ if (g != NULL) ++ *g = dh->g; ++} ++ ++void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) ++{ ++ if (pub_key != NULL) ++ *pub_key = dh->pub_key; ++ if (priv_key != NULL) ++ *priv_key = dh->priv_key; ++} ++ ++#endif ++ + void + usage(void) + { +@@ -190,7 +216,7 @@ get_USM_DH_key(netsnmp_variable_list *va + oid *keyoid, size_t keyoid_len) { + u_char *dhkeychange; + DH *dh; +- BIGNUM *other_pub; ++ BIGNUM *p, *g, *pub_key, *other_pub; + u_char *key; + size_t key_len; + +@@ -205,25 +231,29 @@ get_USM_DH_key(netsnmp_variable_list *va + dh = d2i_DHparams(NULL, &cp, dhvar->val_len); + } + +- if (!dh || !dh->g || !dh->p) { ++ if (dh) ++ DH_get0_pqg(dh, &p, NULL, &g); ++ ++ if (!dh || !g || !p) { + SNMP_FREE(dhkeychange); + return SNMPERR_GENERR; + } + +- DH_generate_key(dh); +- if (!dh->pub_key) { ++ if (!DH_generate_key(dh)) { + SNMP_FREE(dhkeychange); + return SNMPERR_GENERR; + } + +- if (vars->val_len != (unsigned int)BN_num_bytes(dh->pub_key)) { ++ DH_get0_key(dh, &pub_key, NULL); ++ ++ if (vars->val_len != (unsigned int)BN_num_bytes(pub_key)) { + SNMP_FREE(dhkeychange); + fprintf(stderr,"incorrect diffie-helman lengths (%lu != %d)\n", +- (unsigned long)vars->val_len, BN_num_bytes(dh->pub_key)); ++ (unsigned long)vars->val_len, BN_num_bytes(pub_key)); + return SNMPERR_GENERR; + } + +- BN_bn2bin(dh->pub_key, dhkeychange + vars->val_len); ++ BN_bn2bin(pub_key, dhkeychange + vars->val_len); + + key_len = DH_size(dh); + if (!key_len) { +--- a/configure.d/config_os_libs2 ++++ b/configure.d/config_os_libs2 +@@ -327,10 +327,16 @@ if test "x$tryopenssl" != "xno" -a "x$tr + [[#include <openssl/evp.h>]]) + + AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_create, +- AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [], ++ AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [1], + [Define to 1 if you have the `EVP_MD_CTX_create' function.]) +- AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [], ++ AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [1], + [Define to 1 if you have the `EVP_MD_CTX_destroy' function.])) ++ ++ AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_new, ++ AC_DEFINE([HAVE_EVP_MD_CTX_NEW], [1], ++ [Define to 1 if you have the `EVP_MD_CTX_new' function.]) ++ AC_DEFINE([HAVE_EVP_MD_CTX_FREE], [1], ++ [Define to 1 if you have the `EVP_MD_CTX_free' function.])) + fi + if echo " $transport_result_list " | $GREP "DTLS" > /dev/null; then + AC_CHECK_LIB(ssl, DTLSv1_method, +--- a/include/net-snmp/net-snmp-config.h.in ++++ b/include/net-snmp/net-snmp-config.h.in +@@ -164,6 +164,12 @@ + /* Define to 1 if you have the `EVP_MD_CTX_destroy' function. */ + #undef HAVE_EVP_MD_CTX_DESTROY + ++/* Define to 1 if you have the `EVP_MD_CTX_free' function. */ ++#undef HAVE_EVP_MD_CTX_FREE ++ ++/* Define to 1 if you have the `EVP_MD_CTX_new' function. */ ++#undef HAVE_EVP_MD_CTX_NEW ++ + /* Define if you have EVP_sha224/256 in openssl */ + #undef HAVE_EVP_SHA224 + +--- a/snmplib/keytools.c ++++ b/snmplib/keytools.c +@@ -176,7 +176,9 @@ generate_Ku(const oid * hashtype, u_int + QUITFUN(SNMPERR_GENERR, generate_Ku_quit); + } + +-#ifdef HAVE_EVP_MD_CTX_CREATE ++#ifdef HAVE_EVP_MD_CTX_NEW ++ ctx = EVP_MD_CTX_new(); ++#elif HAVE_EVP_MD_CTX_CREATE + ctx = EVP_MD_CTX_create(); + #else + ctx = malloc(sizeof(*ctx)); +@@ -278,7 +280,9 @@ generate_Ku(const oid * hashtype, u_int + memset(buf, 0, sizeof(buf)); + #ifdef NETSNMP_USE_OPENSSL + if (ctx) { +-#ifdef HAVE_EVP_MD_CTX_DESTROY ++#ifdef HAVE_EVP_MD_CTX_FREE ++ EVP_MD_CTX_free(ctx); ++#elif HAVE_EVP_MD_CTX_DESTROY + EVP_MD_CTX_destroy(ctx); + #else + EVP_MD_CTX_cleanup(ctx); +--- a/snmplib/scapi.c ++++ b/snmplib/scapi.c +@@ -627,7 +627,9 @@ sc_hash(const oid * hashtype, size_t has + return SNMPERR_GENERR; + + /** initialize the pointer */ +-#ifdef HAVE_EVP_MD_CTX_CREATE ++#ifdef HAVE_EVP_MD_CTX_NEW ++ cptr = EVP_MD_CTX_new(); ++#elif HAVE_EVP_MD_CTX_CREATE + cptr = EVP_MD_CTX_create(); + #else + cptr = malloc(sizeof(*cptr)); +@@ -648,7 +650,9 @@ sc_hash(const oid * hashtype, size_t has + /** do the final pass */ + EVP_DigestFinal(cptr, MAC, &tmp_len); + *MAC_len = tmp_len; +-#ifdef HAVE_EVP_MD_CTX_DESTROY ++#ifdef HAVE_EVP_MD_CTX_FREE ++ EVP_MD_CTX_free(cptr); ++#elif HAVE_EVP_MD_CTX_DESTROY + EVP_MD_CTX_destroy(cptr); + #else + #if !defined(OLD_DES) |