umip: support openssl 1.1.x

Long time no maintain from upstream since 2013, backport a fix from openSUSE Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
author: Hongxu Jia <hongxu.jia@windriver.com> 2018-09-25 21:19:09 +0800
committer: Khem Raj <raj.khem@gmail.com> 2018-09-25 22:24:15 -0700
commit: bec44085eff3276e06d915597032fcc9ea18c86f (patch)
tree: ad522662cd35753306b9252938274e9d9171a13b
parent: 8a574d804d762bee6c750de0efbf0f58b940ab98 (diff)
download: meta-openembedded-bec44085eff3276e06d915597032fcc9ea18c86f.tar.gz
2 files changed, 90 insertions, 1 deletions
diff --git a/meta-oe/recipes-connectivity/umip/files/0001-support-openssl-1.1.x.patch b/meta-oe/recipes-connectivity/umip/files/0001-support-openssl-1.1.x.patch
new file mode 100644
index 000000000..d8355e25f
--- /dev/null
+++ b/meta-oe/recipes-connectivity/umip/files/0001-support-openssl-1.1.x.patch
@@ -0,0 +1,88 @@
+From 62784e8b6df8ff3a907c1f816154808bea9d7064 Mon Sep 17 00:00:00 2001
+From: Hongxu Jia <hongxu.jia@windriver.com>
+Date: Tue, 25 Sep 2018 14:38:14 +0800
+Subject: [PATCH] support openssl 1.1.x
+Long time no maintain from upstream since 2013
+(git://git.umip.org/umip/umip.git), backport a
+fix from openSUSE
+Upstream-Status: Backport [openSUSE]
+http://ftp.gwdg.de/pub/opensuse/source/distribution/leap/15.0/repo/oss/src/mipv6d-2.0.2.umip.0.4-lp150.1.2.src.rpm
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ src/keygen.c | 12 ++++++++++++
+ src/mh.c     | 17 ++++++++++++++++-
+ 2 files changed, 28 insertions(+), 1 deletion(-)
+diff --git a/src/keygen.c b/src/keygen.c
+index e434a38..b902644 100644
+--- a/src/keygen.c
+++ b/src/keygen.c
+@@ -172,6 +172,7 @@ static void build_kgen_token(struct in6_addr *addr, uint8_t *nonce,
+        uint8_t tmp[20];
+ #ifdef HAVE_LIBCRYPTO
+        unsigned int len = 20;
+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x1010006fL
+        HMAC_CTX ctx;
+ 
+        HMAC_CTX_init(&ctx);
+@@ -182,6 +183,17 @@ static void build_kgen_token(struct in6_addr *addr, uint8_t *nonce,
+        HMAC_Final(&ctx, tmp, &len);
+        HMAC_CTX_cleanup(&ctx);
+ #else
+       HMAC_CTX *ctx;
+       ctx = HMAC_CTX_new();
+       HMAC_Init_ex(ctx, key_cn, sizeof(key_cn), EVP_sha1(), NULL);
+       HMAC_Update(ctx, (unsigned char *)addr, sizeof(*addr));
+       HMAC_Update(ctx, nonce, NONCE_LENGTH);
+       HMAC_Update(ctx, &id, sizeof(id));
+       HMAC_Final(ctx, tmp, &len);
+       HMAC_CTX_free(ctx);
+#endif // End of defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x1010006fL
+
+#else
+        HMAC_SHA1_CTX ctx;
+ 
+        HMAC_SHA1_init(&ctx, key_cn, sizeof(key_cn));
+diff --git a/src/mh.c b/src/mh.c
+index cba9a33..212eb5a 100644
+--- a/src/mh.c
+++ b/src/mh.c
+@@ -518,9 +518,10 @@ static int calculate_auth_data(const struct iovec *iov, int iovlen,
+ 
+ #ifdef HAVE_LIBCRYPTO
+        unsigned int len = HMAC_SHA1_HASH_LEN;
+-       HMAC_CTX ctx;
+        const EVP_MD *evp_md = EVP_sha1();
+ 
+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x1010006fL
+       HMAC_CTX ctx;
+        HMAC_CTX_init(&ctx);
+        HMAC_Init_ex(&ctx, key, HMAC_SHA1_KEY_SIZE, evp_md, NULL);
+ 
+@@ -532,6 +533,20 @@ static int calculate_auth_data(const struct iovec *iov, int iovlen,
+        HMAC_Final(&ctx, buf, &len);
+        HMAC_CTX_cleanup(&ctx);
+ #else
+       HMAC_CTX *ctx;
+       ctx = HMAC_CTX_new();
+       HMAC_Init_ex(ctx, key, HMAC_SHA1_KEY_SIZE, evp_md, NULL);
+
+       HMAC_Update(ctx, (uint8_t *)coa, sizeof(*coa));
+       HMAC_Update(ctx, (uint8_t *)cn, sizeof(*coa));
+       for (i = 0; i < iovlen; i++) {
+               HMAC_Update(ctx, (uint8_t *)iov[i].iov_base, iov[i].iov_len);
+       }
+       HMAC_Final(ctx, buf, &len);
+       HMAC_CTX_free(ctx);
+#endif
+
+#else
+        HMAC_SHA1_CTX ctx;
+ 
+        HMAC_SHA1_init(&ctx, key, HMAC_SHA1_KEY_SIZE);
+-- 
+2.7.4
diff --git a/meta-oe/recipes-connectivity/umip/umip_1.0.bb b/meta-oe/recipes-connectivity/umip/umip_1.0.bb
index cee44f6c7..e2abc02ce 100644
--- a/meta-oe/recipes-connectivity/umip/umip_1.0.bb
+++ b/meta-oe/recipes-connectivity/umip/umip_1.0.bb
@@ -7,7 +7,7 @@ HOMEPAGE = "http://umip.org/"
 SECTION = "System Environment/Base"
 LICENSE = "GPLv2"
 LIC_FILES_CHKSUM = "file://COPYING;md5=073dc31ccb2ebed70db54f1e8aeb4c33"
-DEPENDS = "openssl10 ipsec-tools radvd indent-native bison-native"
+DEPENDS = "openssl ipsec-tools radvd indent-native bison-native"
 SRC_URI = "git://git.umip.org/umip/umip.git \
           file://add-dependency-to-support-parallel-compilation.patch \
@@ -16,6 +16,7 @@ SRC_URI = "git://git.umip.org/umip/umip.git \
           file://0001-Add-format-string-to-fprintf-call.patch \
           file://0001-replace-SIGCLD-with-SIGCHLD-and-include-sys-types.h.patch \
           file://0002-replace-PTHREAD_MUTEX_FAST_NP-with-PTHREAD_MUTEX_NOR.patch \
+           file://0001-support-openssl-1.1.x.patch \
           "
 SRCREV = "cbd441c5db719db554ff2b4fcb02fef88ae2f791"
author	Hongxu Jia <hongxu.jia@windriver.com>	2018-09-25 21:19:09 +0800
committer	Khem Raj <raj.khem@gmail.com>	2018-09-25 22:24:15 -0700
commit	bec44085eff3276e06d915597032fcc9ea18c86f (patch)
tree	ad522662cd35753306b9252938274e9d9171a13b
parent	8a574d804d762bee6c750de0efbf0f58b940ab98 (diff)
download	meta-openembedded-bec44085eff3276e06d915597032fcc9ea18c86f.tar.gz

diff --git a/meta-oe/recipes-connectivity/umip/files/0001-support-openssl-1.1.x.patch b/meta-oe/recipes-connectivity/umip/files/0001-support-openssl-1.1.x.patch new file mode 100644 index 000000000..d8355e25f --- /dev/null +++ b/meta-oe/recipes-connectivity/umip/files/0001-support-openssl-1.1.x.patch
@@ -0,0 +1,88 @@
		1	From 62784e8b6df8ff3a907c1f816154808bea9d7064 Mon Sep 17 00:00:00 2001
		2	From: Hongxu Jia <hongxu.jia@windriver.com>
		3	Date: Tue, 25 Sep 2018 14:38:14 +0800
		4	Subject: [PATCH] support openssl 1.1.x
		5
		6	Long time no maintain from upstream since 2013
		7	(git://git.umip.org/umip/umip.git), backport a
		8	fix from openSUSE
		9
		10	Upstream-Status: Backport [openSUSE]
		11	http://ftp.gwdg.de/pub/opensuse/source/distribution/leap/15.0/repo/oss/src/mipv6d-2.0.2.umip.0.4-lp150.1.2.src.rpm
		12
		13	Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
		14	---
		15	src/keygen.c \| 12 ++++++++++++
		16	src/mh.c \| 17 ++++++++++++++++-
		17	2 files changed, 28 insertions(+), 1 deletion(-)
		18
		19	diff --git a/src/keygen.c b/src/keygen.c
		20	index e434a38..b902644 100644
		21	--- a/src/keygen.c
		22	+++ b/src/keygen.c
		23	@@ -172,6 +172,7 @@ static void build_kgen_token(struct in6_addr addr, uint8_t nonce,
		24	uint8_t tmp[20];
		25	#ifdef HAVE_LIBCRYPTO
		26	unsigned int len = 20;
		27	+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x1010006fL
		28	HMAC_CTX ctx;
		29
		30	HMAC_CTX_init(&ctx);
		31	@@ -182,6 +183,17 @@ static void build_kgen_token(struct in6_addr addr, uint8_t nonce,
		32	HMAC_Final(&ctx, tmp, &len);
		33	HMAC_CTX_cleanup(&ctx);
		34	#else
		35	+ HMAC_CTX *ctx;
		36	+ ctx = HMAC_CTX_new();
		37	+ HMAC_Init_ex(ctx, key_cn, sizeof(key_cn), EVP_sha1(), NULL);
		38	+ HMAC_Update(ctx, (unsigned char )addr, sizeof(addr));
		39	+ HMAC_Update(ctx, nonce, NONCE_LENGTH);
		40	+ HMAC_Update(ctx, &id, sizeof(id));
		41	+ HMAC_Final(ctx, tmp, &len);
		42	+ HMAC_CTX_free(ctx);
		43	+#endif // End of defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x1010006fL
		44	+
		45	+#else
		46	HMAC_SHA1_CTX ctx;
		47
		48	HMAC_SHA1_init(&ctx, key_cn, sizeof(key_cn));
		49	diff --git a/src/mh.c b/src/mh.c
		50	index cba9a33..212eb5a 100644
		51	--- a/src/mh.c
		52	+++ b/src/mh.c
		53	@@ -518,9 +518,10 @@ static int calculate_auth_data(const struct iovec *iov, int iovlen,
		54
		55	#ifdef HAVE_LIBCRYPTO
		56	unsigned int len = HMAC_SHA1_HASH_LEN;
		57	- HMAC_CTX ctx;
		58	const EVP_MD *evp_md = EVP_sha1();
		59
		60	+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x1010006fL
		61	+ HMAC_CTX ctx;
		62	HMAC_CTX_init(&ctx);
		63	HMAC_Init_ex(&ctx, key, HMAC_SHA1_KEY_SIZE, evp_md, NULL);
		64
		65	@@ -532,6 +533,20 @@ static int calculate_auth_data(const struct iovec *iov, int iovlen,
		66	HMAC_Final(&ctx, buf, &len);
		67	HMAC_CTX_cleanup(&ctx);
		68	#else
		69	+ HMAC_CTX *ctx;
		70	+ ctx = HMAC_CTX_new();
		71	+ HMAC_Init_ex(ctx, key, HMAC_SHA1_KEY_SIZE, evp_md, NULL);
		72	+
		73	+ HMAC_Update(ctx, (uint8_t )coa, sizeof(coa));
		74	+ HMAC_Update(ctx, (uint8_t )cn, sizeof(coa));
		75	+ for (i = 0; i < iovlen; i++) {
		76	+ HMAC_Update(ctx, (uint8_t *)iov[i].iov_base, iov[i].iov_len);
		77	+ }
		78	+ HMAC_Final(ctx, buf, &len);
		79	+ HMAC_CTX_free(ctx);
		80	+#endif
		81	+
		82	+#else
		83	HMAC_SHA1_CTX ctx;
		84
		85	HMAC_SHA1_init(&ctx, key, HMAC_SHA1_KEY_SIZE);
		86	--
		87	2.7.4
		88


diff --git a/meta-oe/recipes-connectivity/umip/umip_1.0.bb b/meta-oe/recipes-connectivity/umip/umip_1.0.bb index cee44f6c7..e2abc02ce 100644 --- a/meta-oe/recipes-connectivity/umip/umip_1.0.bb +++ b/meta-oe/recipes-connectivity/umip/umip_1.0.bb
@@ -7,7 +7,7 @@ HOMEPAGE = "http://umip.org/"
7	SECTION = "System Environment/Base"	7	SECTION = "System Environment/Base"
8	LICENSE = "GPLv2"	8	LICENSE = "GPLv2"
9	LIC_FILES_CHKSUM = "file://COPYING;md5=073dc31ccb2ebed70db54f1e8aeb4c33"	9	LIC_FILES_CHKSUM = "file://COPYING;md5=073dc31ccb2ebed70db54f1e8aeb4c33"
10	DEPENDS = "openssl10 ipsec-tools radvd indent-native bison-native"	10	DEPENDS = "openssl ipsec-tools radvd indent-native bison-native"
11		11
12	SRC_URI = "git://git.umip.org/umip/umip.git \	12	SRC_URI = "git://git.umip.org/umip/umip.git \
13	file://add-dependency-to-support-parallel-compilation.patch \	13	file://add-dependency-to-support-parallel-compilation.patch \
@@ -16,6 +16,7 @@ SRC_URI = "git://git.umip.org/umip/umip.git \
16	file://0001-Add-format-string-to-fprintf-call.patch \	16	file://0001-Add-format-string-to-fprintf-call.patch \
17	file://0001-replace-SIGCLD-with-SIGCHLD-and-include-sys-types.h.patch \	17	file://0001-replace-SIGCLD-with-SIGCHLD-and-include-sys-types.h.patch \
18	file://0002-replace-PTHREAD_MUTEX_FAST_NP-with-PTHREAD_MUTEX_NOR.patch \	18	file://0002-replace-PTHREAD_MUTEX_FAST_NP-with-PTHREAD_MUTEX_NOR.patch \
		19	file://0001-support-openssl-1.1.x.patch \
19	"	20	"
20	SRCREV = "cbd441c5db719db554ff2b4fcb02fef88ae2f791"	21	SRCREV = "cbd441c5db719db554ff2b4fcb02fef88ae2f791"
21		22