diff options
author | Andrej Valek <andrej.valek@siemens.com> | 2018-06-07 15:21:08 +0200 |
---|---|---|
committer | Khem Raj <raj.khem@gmail.com> | 2018-06-12 09:13:46 -0700 |
commit | d3bd6dac4496dd66251a75fcaee5e39d5a1ffc27 (patch) | |
tree | fb590717bbeae7b0d5e5015d3f37e2517ee63b35 /meta-networking/recipes-protocols | |
parent | c27756081d79da84f40bdc77e24b4d5e23bc7159 (diff) | |
download | meta-openembedded-d3bd6dac4496dd66251a75fcaee5e39d5a1ffc27.tar.gz |
net-snmp: add support for openssl 1.1x
Patch was copied from [https://sourceforge.net/p/net-snmp/patches/1336].
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-networking/recipes-protocols')
-rw-r--r-- | meta-networking/recipes-protocols/net-snmp/net-snmp/fix-openssl-build-errors.patch | 171 | ||||
-rw-r--r-- | meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.3.bb | 1 |
2 files changed, 172 insertions, 0 deletions
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/fix-openssl-build-errors.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/fix-openssl-build-errors.patch new file mode 100644 index 000000000..53bc37226 --- /dev/null +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/fix-openssl-build-errors.patch | |||
@@ -0,0 +1,171 @@ | |||
1 | net-snmp build fails on Debian 9 with OpenSSL 1.1.0 | ||
2 | |||
3 | With these changes, net-snmp builds with both | ||
4 | OpenSSL 1.0.x and 1.1.x. | ||
5 | |||
6 | Author: Sharmila Podury <sharmila.podury@brocade.com> | ||
7 | |||
8 | --- a/apps/snmpusm.c | ||
9 | +++ b/apps/snmpusm.c | ||
10 | @@ -125,6 +125,32 @@ char *usmUserPublic_val = NULL | ||
11 | int docreateandwait = 0; | ||
12 | |||
13 | |||
14 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | ||
15 | + | ||
16 | +#include <string.h> | ||
17 | +#include <openssl/engine.h> | ||
18 | + | ||
19 | +void DH_get0_pqg(const DH *dh, | ||
20 | + const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) | ||
21 | +{ | ||
22 | + if (p != NULL) | ||
23 | + *p = dh->p; | ||
24 | + if (q != NULL) | ||
25 | + *q = dh->q; | ||
26 | + if (g != NULL) | ||
27 | + *g = dh->g; | ||
28 | +} | ||
29 | + | ||
30 | +void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) | ||
31 | +{ | ||
32 | + if (pub_key != NULL) | ||
33 | + *pub_key = dh->pub_key; | ||
34 | + if (priv_key != NULL) | ||
35 | + *priv_key = dh->priv_key; | ||
36 | +} | ||
37 | + | ||
38 | +#endif | ||
39 | + | ||
40 | void | ||
41 | usage(void) | ||
42 | { | ||
43 | @@ -190,7 +216,7 @@ get_USM_DH_key(netsnmp_variable_list *va | ||
44 | oid *keyoid, size_t keyoid_len) { | ||
45 | u_char *dhkeychange; | ||
46 | DH *dh; | ||
47 | - BIGNUM *other_pub; | ||
48 | + BIGNUM *p, *g, *pub_key, *other_pub; | ||
49 | u_char *key; | ||
50 | size_t key_len; | ||
51 | |||
52 | @@ -205,25 +231,29 @@ get_USM_DH_key(netsnmp_variable_list *va | ||
53 | dh = d2i_DHparams(NULL, &cp, dhvar->val_len); | ||
54 | } | ||
55 | |||
56 | - if (!dh || !dh->g || !dh->p) { | ||
57 | + if (dh) | ||
58 | + DH_get0_pqg(dh, &p, NULL, &g); | ||
59 | + | ||
60 | + if (!dh || !g || !p) { | ||
61 | SNMP_FREE(dhkeychange); | ||
62 | return SNMPERR_GENERR; | ||
63 | } | ||
64 | |||
65 | - DH_generate_key(dh); | ||
66 | - if (!dh->pub_key) { | ||
67 | + if (!DH_generate_key(dh)) { | ||
68 | SNMP_FREE(dhkeychange); | ||
69 | return SNMPERR_GENERR; | ||
70 | } | ||
71 | |||
72 | - if (vars->val_len != (unsigned int)BN_num_bytes(dh->pub_key)) { | ||
73 | + DH_get0_key(dh, &pub_key, NULL); | ||
74 | + | ||
75 | + if (vars->val_len != (unsigned int)BN_num_bytes(pub_key)) { | ||
76 | SNMP_FREE(dhkeychange); | ||
77 | fprintf(stderr,"incorrect diffie-helman lengths (%lu != %d)\n", | ||
78 | - (unsigned long)vars->val_len, BN_num_bytes(dh->pub_key)); | ||
79 | + (unsigned long)vars->val_len, BN_num_bytes(pub_key)); | ||
80 | return SNMPERR_GENERR; | ||
81 | } | ||
82 | |||
83 | - BN_bn2bin(dh->pub_key, dhkeychange + vars->val_len); | ||
84 | + BN_bn2bin(pub_key, dhkeychange + vars->val_len); | ||
85 | |||
86 | key_len = DH_size(dh); | ||
87 | if (!key_len) { | ||
88 | --- a/configure.d/config_os_libs2 | ||
89 | +++ b/configure.d/config_os_libs2 | ||
90 | @@ -327,10 +327,16 @@ if test "x$tryopenssl" != "xno" -a "x$tr | ||
91 | [[#include <openssl/evp.h>]]) | ||
92 | |||
93 | AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_create, | ||
94 | - AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [], | ||
95 | + AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [1], | ||
96 | [Define to 1 if you have the `EVP_MD_CTX_create' function.]) | ||
97 | - AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [], | ||
98 | + AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [1], | ||
99 | [Define to 1 if you have the `EVP_MD_CTX_destroy' function.])) | ||
100 | + | ||
101 | + AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_new, | ||
102 | + AC_DEFINE([HAVE_EVP_MD_CTX_NEW], [1], | ||
103 | + [Define to 1 if you have the `EVP_MD_CTX_new' function.]) | ||
104 | + AC_DEFINE([HAVE_EVP_MD_CTX_FREE], [1], | ||
105 | + [Define to 1 if you have the `EVP_MD_CTX_free' function.])) | ||
106 | fi | ||
107 | if echo " $transport_result_list " | $GREP "DTLS" > /dev/null; then | ||
108 | AC_CHECK_LIB(ssl, DTLSv1_method, | ||
109 | --- a/include/net-snmp/net-snmp-config.h.in | ||
110 | +++ b/include/net-snmp/net-snmp-config.h.in | ||
111 | @@ -164,6 +164,12 @@ | ||
112 | /* Define to 1 if you have the `EVP_MD_CTX_destroy' function. */ | ||
113 | #undef HAVE_EVP_MD_CTX_DESTROY | ||
114 | |||
115 | +/* Define to 1 if you have the `EVP_MD_CTX_free' function. */ | ||
116 | +#undef HAVE_EVP_MD_CTX_FREE | ||
117 | + | ||
118 | +/* Define to 1 if you have the `EVP_MD_CTX_new' function. */ | ||
119 | +#undef HAVE_EVP_MD_CTX_NEW | ||
120 | + | ||
121 | /* Define if you have EVP_sha224/256 in openssl */ | ||
122 | #undef HAVE_EVP_SHA224 | ||
123 | |||
124 | --- a/snmplib/keytools.c | ||
125 | +++ b/snmplib/keytools.c | ||
126 | @@ -176,7 +176,9 @@ generate_Ku(const oid * hashtype, u_int | ||
127 | QUITFUN(SNMPERR_GENERR, generate_Ku_quit); | ||
128 | } | ||
129 | |||
130 | -#ifdef HAVE_EVP_MD_CTX_CREATE | ||
131 | +#ifdef HAVE_EVP_MD_CTX_NEW | ||
132 | + ctx = EVP_MD_CTX_new(); | ||
133 | +#elif HAVE_EVP_MD_CTX_CREATE | ||
134 | ctx = EVP_MD_CTX_create(); | ||
135 | #else | ||
136 | ctx = malloc(sizeof(*ctx)); | ||
137 | @@ -278,7 +280,9 @@ generate_Ku(const oid * hashtype, u_int | ||
138 | memset(buf, 0, sizeof(buf)); | ||
139 | #ifdef NETSNMP_USE_OPENSSL | ||
140 | if (ctx) { | ||
141 | -#ifdef HAVE_EVP_MD_CTX_DESTROY | ||
142 | +#ifdef HAVE_EVP_MD_CTX_FREE | ||
143 | + EVP_MD_CTX_free(ctx); | ||
144 | +#elif HAVE_EVP_MD_CTX_DESTROY | ||
145 | EVP_MD_CTX_destroy(ctx); | ||
146 | #else | ||
147 | EVP_MD_CTX_cleanup(ctx); | ||
148 | --- a/snmplib/scapi.c | ||
149 | +++ b/snmplib/scapi.c | ||
150 | @@ -627,7 +627,9 @@ sc_hash(const oid * hashtype, size_t has | ||
151 | return SNMPERR_GENERR; | ||
152 | |||
153 | /** initialize the pointer */ | ||
154 | -#ifdef HAVE_EVP_MD_CTX_CREATE | ||
155 | +#ifdef HAVE_EVP_MD_CTX_NEW | ||
156 | + cptr = EVP_MD_CTX_new(); | ||
157 | +#elif HAVE_EVP_MD_CTX_CREATE | ||
158 | cptr = EVP_MD_CTX_create(); | ||
159 | #else | ||
160 | cptr = malloc(sizeof(*cptr)); | ||
161 | @@ -648,7 +650,9 @@ sc_hash(const oid * hashtype, size_t has | ||
162 | /** do the final pass */ | ||
163 | EVP_DigestFinal(cptr, MAC, &tmp_len); | ||
164 | *MAC_len = tmp_len; | ||
165 | -#ifdef HAVE_EVP_MD_CTX_DESTROY | ||
166 | +#ifdef HAVE_EVP_MD_CTX_FREE | ||
167 | + EVP_MD_CTX_free(cptr); | ||
168 | +#elif HAVE_EVP_MD_CTX_DESTROY | ||
169 | EVP_MD_CTX_destroy(cptr); | ||
170 | #else | ||
171 | #if !defined(OLD_DES) | ||
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.3.bb b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.3.bb index 6832b078d..5c827bb86 100644 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.3.bb +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.3.bb | |||
@@ -33,6 +33,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/net-snmp/net-snmp-${PV}.zip \ | |||
33 | file://net-snmp-5.7.2-fix-engineBoots-value-on-SIGHUP.patch \ | 33 | file://net-snmp-5.7.2-fix-engineBoots-value-on-SIGHUP.patch \ |
34 | file://net-snmp-fix-for-disable-des.patch \ | 34 | file://net-snmp-fix-for-disable-des.patch \ |
35 | file://0001-Remove-U64-typedef.patch \ | 35 | file://0001-Remove-U64-typedef.patch \ |
36 | file://fix-openssl-build-errors.patch \ | ||
36 | " | 37 | " |
37 | SRC_URI[md5sum] = "9f682bd70c717efdd9f15b686d07baee" | 38 | SRC_URI[md5sum] = "9f682bd70c717efdd9f15b686d07baee" |
38 | SRC_URI[sha256sum] = "e8dfc79b6539b71a6ff335746ce63d2da2239062ad41872fff4354cafed07a3e" | 39 | SRC_URI[sha256sum] = "e8dfc79b6539b71a6ff335746ce63d2da2239062ad41872fff4354cafed07a3e" |