pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/net/net-snmp net-snmp: fix build with openssl-1.1.



details:   https://anonhg.NetBSD.org/pkgsrc/rev/4ed3d92590a3
branches:  trunk
changeset: 376044:4ed3d92590a3
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Sun Feb 25 18:35:29 2018 +0000

description:
net-snmp: fix build with openssl-1.1.

Bump PKGREVISION.

diffstat:

 net/net-snmp/Makefile                                    |    4 +-
 net/net-snmp/distinfo                                    |    6 +-
 net/net-snmp/patches/patch-apps_snmpusm.c                |  102 +++++++++++++++
 net/net-snmp/patches/patch-configure.d_config__os__libs2 |   37 +++++
 net/net-snmp/patches/patch-snmplib_keytools.c            |   56 ++++++++
 net/net-snmp/patches/patch-snmplib_scapi.c               |   59 ++++++++
 6 files changed, 261 insertions(+), 3 deletions(-)

diffs (truncated from 310 to 300 lines):

diff -r ecab9cc91e0c -r 4ed3d92590a3 net/net-snmp/Makefile
--- a/net/net-snmp/Makefile     Sun Feb 25 18:00:11 2018 +0000
+++ b/net/net-snmp/Makefile     Sun Feb 25 18:35:29 2018 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.121 2017/10/06 02:39:38 gavan Exp $
+# $NetBSD: Makefile,v 1.122 2018/02/25 18:35:29 wiz Exp $
 
 .include "Makefile.common"
 CATEGORIES=    net
-PKGREVISION=   8
+PKGREVISION=   9
 
 MAINTAINER=    adam%NetBSD.org@localhost
 COMMENT=       Extensible SNMP implementation
diff -r ecab9cc91e0c -r 4ed3d92590a3 net/net-snmp/distinfo
--- a/net/net-snmp/distinfo     Sun Feb 25 18:00:11 2018 +0000
+++ b/net/net-snmp/distinfo     Sun Feb 25 18:35:29 2018 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.91 2017/10/06 02:39:38 gavan Exp $
+$NetBSD: distinfo,v 1.92 2018/02/25 18:35:29 wiz Exp $
 
 SHA1 (net-snmp-5.7.3.tar.gz) = 97dc25077257680815de44e34128d365c76bd839
 RMD160 (net-snmp-5.7.3.tar.gz) = c5cf54d5723ee417e07f1f9fa3936aef505104a2
@@ -30,7 +30,9 @@
 SHA1 (patch-ak) = 50ac67db8a9ffc16d983b4192e74db25ef439321
 SHA1 (patch-am) = d01e8a93f6e766cedfdc324efd69168f71aac76f
 SHA1 (patch-ap) = 44a4ce6302457094ba2b200e4c47ff6c2a425746
+SHA1 (patch-apps_snmpusm.c) = 5df02e77038cf36cd5fafe19df7bc095b12a4a8f
 SHA1 (patch-aq) = a8fe703d8902c2847ca6692af4400ddbf9cbe74b
+SHA1 (patch-configure.d_config__os__libs2) = 9dd3f200295460b9c43a249c60508ce5f142fbed
 SHA1 (patch-da) = 40e8d78bad93ca12f4c08c43b86e7f13edafc299
 SHA1 (patch-db) = 281be9a88860987880c71770f4050fd965dd8ed9
 SHA1 (patch-dl) = 92563fd6be6f27be5b348cdc8bc02061374026b0
@@ -53,4 +55,6 @@
 SHA1 (patch-perl_agent_default__store_Makefile.PL) = 0599d99ce5226eaeaab3f1af76c68bfe7e57e1bd
 SHA1 (patch-perl_default__store_Makefile.PL) = ed5ad7385680632b2153fa572635c5aea83c9114
 SHA1 (patch-perl_manager_Makefile.PL) = bb34b119a2b3887a1af1f9b88e6d4bad6baf60bb
+SHA1 (patch-snmplib_keytools.c) = c209a42a2767c8639d8535e02542de119264ebfc
+SHA1 (patch-snmplib_scapi.c) = 9a49b1a00df8f9ab6bd69057f806377e9164cf1f
 SHA1 (patch-snmplib_snmp__api.c) = b4f498aa93b61f809e3696df1fc6bf32bd942233
diff -r ecab9cc91e0c -r 4ed3d92590a3 net/net-snmp/patches/patch-apps_snmpusm.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/net-snmp/patches/patch-apps_snmpusm.c Sun Feb 25 18:35:29 2018 +0000
@@ -0,0 +1,102 @@
+$NetBSD: patch-apps_snmpusm.c,v 1.1 2018/02/25 18:35:30 wiz Exp $
+
+From: Andreas Henriksson <andreas%fatal.se@localhost>
+Date: Sat, 23 Dec 2017 22:25:41 +0000
+Subject: [PATCH] Port OpenSSL 1.1.0 with support for 1.0.2
+
+Initial support for OpenSSL 1.1.0
+
+Changes by sebastian%breakpoint.cc@localhost:
+- added OpenSSL 1.0.2 glue layer for backwarts compatibility
+- dropped HAVE_EVP_MD_CTX_CREATE + DESTROY and added a check for OpenSSL
+  version instead (and currently 1.0.2 is the only one supported).
+
+BTS: https://bugs.debian.org/828449
+Signed-off-by: Sebastian Andrzej Siewior <sebastian%breakpoint.cc@localhost>
+---
+ apps/snmpusm.c              |   43 ++++++++++++++++++++++++++++++++++++-------
+ configure.d/config_os_libs2 |    6 ------
+ snmplib/keytools.c          |   13 ++++++-------
+ snmplib/scapi.c             |   17 +++++------------
+ 4 files changed, 47 insertions(+), 32 deletions(-)
+
+
+--- apps/snmpusm.c.orig        2018-02-25 18:04:17.011901242 +0000
++++ apps/snmpusm.c
+@@ -183,6 +183,31 @@ setup_oid(oid * it, size_t * len, u_char
+ }
+ 
+ #if defined(HAVE_OPENSSL_DH_H) && defined(HAVE_LIBCRYPTO)
++
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
++
++static void DH_get0_pqg(const DH *dh,
++                      const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
++{
++      if (p != NULL)
++              *p = dh->p;
++      if (q != NULL)
++              *q = dh->q;
++      if (g != NULL)
++              *g = dh->g;
++}
++
++static void DH_get0_key(const DH *dh, const BIGNUM **pub_key,
++                      const BIGNUM **priv_key)
++{
++      if (pub_key != NULL)
++              *pub_key = dh->pub_key;
++      if (priv_key != NULL)
++              *priv_key = dh->priv_key;
++}
++
++#endif
++
+ int
+ get_USM_DH_key(netsnmp_variable_list *vars, netsnmp_variable_list *dhvar,
+                size_t outkey_len,
+@@ -190,7 +215,7 @@ get_USM_DH_key(netsnmp_variable_list *va
+                oid *keyoid, size_t keyoid_len) {
+     u_char *dhkeychange;
+     DH *dh;
+-    BIGNUM *other_pub;
++    const BIGNUM *p, *g, *pub_key, *other_pub;
+     u_char *key;
+     size_t key_len;
+             
+@@ -205,25 +230,29 @@ get_USM_DH_key(netsnmp_variable_list *va
+         dh = d2i_DHparams(NULL, &cp, dhvar->val_len);
+     }
+ 
+-    if (!dh || !dh->g || !dh->p) {
++    if (dh)
++        DH_get0_pqg(dh, &p, NULL, &g);
++
++    if (!dh || !g || !p) {
+         SNMP_FREE(dhkeychange);
+         return SNMPERR_GENERR;
+     }
+ 
+-    DH_generate_key(dh);
+-    if (!dh->pub_key) {
++    if (!DH_generate_key(dh)) {
+         SNMP_FREE(dhkeychange);
+         return SNMPERR_GENERR;
+     }
+             
+-    if (vars->val_len != (unsigned int)BN_num_bytes(dh->pub_key)) {
++    DH_get0_key(dh, &pub_key, NULL);
++
++    if (vars->val_len != (unsigned int)BN_num_bytes(pub_key)) {
+         SNMP_FREE(dhkeychange);
+         fprintf(stderr,"incorrect diffie-helman lengths (%lu != %d)\n",
+-                (unsigned long)vars->val_len, BN_num_bytes(dh->pub_key));
++                (unsigned long)vars->val_len, BN_num_bytes(pub_key));
+         return SNMPERR_GENERR;
+     }
+ 
+-    BN_bn2bin(dh->pub_key, dhkeychange + vars->val_len);
++    BN_bn2bin(pub_key, dhkeychange + vars->val_len);
+ 
+     key_len = DH_size(dh);
+     if (!key_len) {
diff -r ecab9cc91e0c -r 4ed3d92590a3 net/net-snmp/patches/patch-configure.d_config__os__libs2
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/net-snmp/patches/patch-configure.d_config__os__libs2  Sun Feb 25 18:35:29 2018 +0000
@@ -0,0 +1,37 @@
+$NetBSD: patch-configure.d_config__os__libs2,v 1.1 2018/02/25 18:35:30 wiz Exp $
+
+From: Andreas Henriksson <andreas%fatal.se@localhost>
+Date: Sat, 23 Dec 2017 22:25:41 +0000
+Subject: [PATCH] Port OpenSSL 1.1.0 with support for 1.0.2
+
+Initial support for OpenSSL 1.1.0
+
+Changes by sebastian%breakpoint.cc@localhost:
+- added OpenSSL 1.0.2 glue layer for backwarts compatibility
+- dropped HAVE_EVP_MD_CTX_CREATE + DESTROY and added a check for OpenSSL
+  version instead (and currently 1.0.2 is the only one supported).
+
+BTS: https://bugs.debian.org/828449
+Signed-off-by: Sebastian Andrzej Siewior <sebastian%breakpoint.cc@localhost>
+---
+ apps/snmpusm.c              |   43 ++++++++++++++++++++++++++++++++++++-------
+ configure.d/config_os_libs2 |    6 ------
+ snmplib/keytools.c          |   13 ++++++-------
+ snmplib/scapi.c             |   17 +++++------------
+ 4 files changed, 47 insertions(+), 32 deletions(-)
+
+--- configure.d/config_os_libs2.orig   2018-02-25 18:04:17.012343125 +0000
++++ configure.d/config_os_libs2
+@@ -291,12 +291,6 @@ if test "x$tryopenssl" != "xno" -a "x$tr
+             AC_CHECK_LIB(${CRYPTO}, AES_cfb128_encrypt, 
+                 AC_DEFINE(HAVE_AES_CFB128_ENCRYPT, 1,
+                     [Define to 1 if you have the `AES_cfb128_encrypt' function.]))
+-
+-            AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_create,
+-                AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [],
+-                    [Define to 1 if you have the `EVP_MD_CTX_create' function.])
+-                AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [],
+-                    [Define to 1 if you have the `EVP_MD_CTX_destroy' function.]))
+         fi
+         if echo " $transport_result_list " | $GREP "DTLS" > /dev/null; then
+           AC_CHECK_LIB(ssl, DTLSv1_method,
diff -r ecab9cc91e0c -r 4ed3d92590a3 net/net-snmp/patches/patch-snmplib_keytools.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/net-snmp/patches/patch-snmplib_keytools.c     Sun Feb 25 18:35:29 2018 +0000
@@ -0,0 +1,56 @@
+$NetBSD: patch-snmplib_keytools.c,v 1.1 2018/02/25 18:35:30 wiz Exp $
+
+From: Andreas Henriksson <andreas%fatal.se@localhost>
+Date: Sat, 23 Dec 2017 22:25:41 +0000
+Subject: [PATCH] Port OpenSSL 1.1.0 with support for 1.0.2
+
+Initial support for OpenSSL 1.1.0
+
+Changes by sebastian%breakpoint.cc@localhost:
+- added OpenSSL 1.0.2 glue layer for backwarts compatibility
+- dropped HAVE_EVP_MD_CTX_CREATE + DESTROY and added a check for OpenSSL
+  version instead (and currently 1.0.2 is the only one supported).
+
+BTS: https://bugs.debian.org/828449
+Signed-off-by: Sebastian Andrzej Siewior <sebastian%breakpoint.cc@localhost>
+---
+ apps/snmpusm.c              |   43 ++++++++++++++++++++++++++++++++++++-------
+ configure.d/config_os_libs2 |    6 ------
+ snmplib/keytools.c          |   13 ++++++-------
+ snmplib/scapi.c             |   17 +++++------------
+ 4 files changed, 47 insertions(+), 32 deletions(-)
+
+--- snmplib/keytools.c.orig    2018-02-25 18:04:17.012838017 +0000
++++ snmplib/keytools.c
+@@ -149,13 +149,13 @@ generate_Ku(const oid * hashtype, u_int 
+      */
+ #ifdef NETSNMP_USE_OPENSSL
+ 
+-#ifdef HAVE_EVP_MD_CTX_CREATE
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
+     ctx = EVP_MD_CTX_create();
+ #else
+-    ctx = malloc(sizeof(*ctx));
+-    if (!EVP_MD_CTX_init(ctx))
+-        return SNMPERR_GENERR;
++    ctx = EVP_MD_CTX_new();
+ #endif
++    if (!ctx)
++        return SNMPERR_GENERR;
+ #ifndef NETSNMP_DISABLE_MD5
+     if (ISTRANSFORM(hashtype, HMACMD5Auth)) {
+         if (!EVP_DigestInit(ctx, EVP_md5()))
+@@ -259,11 +259,10 @@ generate_Ku(const oid * hashtype, u_int 
+     memset(buf, 0, sizeof(buf));
+ #ifdef NETSNMP_USE_OPENSSL
+     if (ctx) {
+-#ifdef HAVE_EVP_MD_CTX_DESTROY
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
+         EVP_MD_CTX_destroy(ctx);
+ #else
+-        EVP_MD_CTX_cleanup(ctx);
+-        free(ctx);
++        EVP_MD_CTX_free(ctx);
+ #endif
+     }
+ #endif
diff -r ecab9cc91e0c -r 4ed3d92590a3 net/net-snmp/patches/patch-snmplib_scapi.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/net-snmp/patches/patch-snmplib_scapi.c        Sun Feb 25 18:35:29 2018 +0000
@@ -0,0 +1,59 @@
+$NetBSD: patch-snmplib_scapi.c,v 1.1 2018/02/25 18:35:30 wiz Exp $
+
+From: Andreas Henriksson <andreas%fatal.se@localhost>
+Date: Sat, 23 Dec 2017 22:25:41 +0000
+Subject: [PATCH] Port OpenSSL 1.1.0 with support for 1.0.2
+
+Initial support for OpenSSL 1.1.0
+
+Changes by sebastian%breakpoint.cc@localhost:
+- added OpenSSL 1.0.2 glue layer for backwarts compatibility
+- dropped HAVE_EVP_MD_CTX_CREATE + DESTROY and added a check for OpenSSL
+  version instead (and currently 1.0.2 is the only one supported).
+
+BTS: https://bugs.debian.org/828449
+Signed-off-by: Sebastian Andrzej Siewior <sebastian%breakpoint.cc@localhost>
+---
+ apps/snmpusm.c              |   43 ++++++++++++++++++++++++++++++++++++-------
+ configure.d/config_os_libs2 |    6 ------
+ snmplib/keytools.c          |   13 ++++++-------
+ snmplib/scapi.c             |   17 +++++------------
+ 4 files changed, 47 insertions(+), 32 deletions(-)
+
+--- snmplib/scapi.c.orig       2018-02-25 18:04:17.013625332 +0000
++++ snmplib/scapi.c
+@@ -486,15 +486,10 @@ sc_hash(const oid * hashtype, size_t has
+     }
+ 
+ /** initialize the pointer */
+-#ifdef HAVE_EVP_MD_CTX_CREATE
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
+     cptr = EVP_MD_CTX_create();
+ #else
+-    cptr = malloc(sizeof(*cptr));
+-#if defined(OLD_DES)
+-    memset(cptr, 0, sizeof(*cptr));
+-#else
+-    EVP_MD_CTX_init(cptr);
+-#endif
++    cptr = EVP_MD_CTX_new();
+ #endif
+     if (!EVP_DigestInit(cptr, hashfn)) {
+         /* requested hash function is not available */
+@@ -507,13 +502,11 @@ sc_hash(const oid * hashtype, size_t has
+ /** do the final pass */
+     EVP_DigestFinal(cptr, MAC, &tmp_len);
+     *MAC_len = tmp_len;
+-#ifdef HAVE_EVP_MD_CTX_DESTROY
++
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)



Home | Main Index | Thread Index | Old Index