[arch-commits] Commit in net-snmp/trunk (PKGBUILD fix-openssl-build-errors.patch)
Jelle van der Waa
jelle at archlinux.org
Fri Mar 10 20:04:44 UTC 2017
Date: Friday, March 10, 2017 @ 20:04:44
Author: jelle
Revision: 290505
upgpkg: net-snmp 5.7.3-4
openssl 1.1.0 rebuild
Added:
net-snmp/trunk/fix-openssl-build-errors.patch
Modified:
net-snmp/trunk/PKGBUILD
--------------------------------+
PKGBUILD | 9 +-
fix-openssl-build-errors.patch | 171 +++++++++++++++++++++++++++++++++++++++
2 files changed, 177 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2017-03-10 15:42:47 UTC (rev 290504)
+++ PKGBUILD 2017-03-10 20:04:44 UTC (rev 290505)
@@ -4,7 +4,7 @@
pkgname=net-snmp
pkgver=5.7.3
-pkgrel=3
+pkgrel=4
pkgdesc="A suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both IPv4 and IPv6"
arch=('i686' 'x86_64')
url="http://www.net-snmp.org/"
@@ -16,12 +16,13 @@
'python2: for the python modules')
options=('!emptydirs' '!makeflags')
source=(http://downloads.sourceforge.net/${pkgname}/${pkgname}-${pkgver}.tar.gz{,.asc}
- snmpd.service snmptrapd.service net-snmp-5.7.3-perl-5.24.patch)
+ snmpd.service snmptrapd.service net-snmp-5.7.3-perl-5.24.patch fix-openssl-build-errors.patch)
sha1sums=('97dc25077257680815de44e34128d365c76bd839'
'SKIP'
'84e32c54d32e6b608747054e04a3ddfe6d6638cc'
'0244e91c7baa0abebfb5c0560e8ce04c966c5992'
- '31beef2cb5ad9b4ac655f8ced53058ebf6e99ca9')
+ '31beef2cb5ad9b4ac655f8ced53058ebf6e99ca9'
+ 'b329ff700a3e20cdfcab4643a573ef976f9182c0')
validpgpkeys=('8AAA779B597B405BBC329B6376CF47B8A77C5329'
'27CAA4A32E371383A33ED0587D5F9576E0F81533') # Net-SNMP Administrators
@@ -28,6 +29,8 @@
prepare() {
cd ${pkgname}-${pkgver}
patch -p1 -i ../net-snmp-5.7.3-perl-5.24.patch
+ patch -p1 -i ../fix-openssl-build-errors.patch
+ autoreconf -i
}
build() {
Added: fix-openssl-build-errors.patch
===================================================================
--- fix-openssl-build-errors.patch (rev 0)
+++ fix-openssl-build-errors.patch 2017-03-10 20:04:44 UTC (rev 290505)
@@ -0,0 +1,171 @@
+net-snmp build fails on Debian 9 with OpenSSL 1.1.0
+
+With these changes, net-snmp builds with both
+OpenSSL 1.0.x and 1.1.x.
+
+Author: Sharmila Podury <sharmila.podury at brocade.com>
+
+--- a/apps/snmpusm.c
++++ b/apps/snmpusm.c
+@@ -125,6 +125,32 @@ char *usmUserPublic_val = NULL
+ int docreateandwait = 0;
+
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++
++#include <string.h>
++#include <openssl/engine.h>
++
++void DH_get0_pqg(const DH *dh,
++ const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
++{
++ if (p != NULL)
++ *p = dh->p;
++ if (q != NULL)
++ *q = dh->q;
++ if (g != NULL)
++ *g = dh->g;
++}
++
++void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
++{
++ if (pub_key != NULL)
++ *pub_key = dh->pub_key;
++ if (priv_key != NULL)
++ *priv_key = dh->priv_key;
++}
++
++#endif
++
+ void
+ usage(void)
+ {
+@@ -190,7 +216,7 @@ get_USM_DH_key(netsnmp_variable_list *va
+ oid *keyoid, size_t keyoid_len) {
+ u_char *dhkeychange;
+ DH *dh;
+- BIGNUM *other_pub;
++ BIGNUM *p, *g, *pub_key, *other_pub;
+ u_char *key;
+ size_t key_len;
+
+@@ -205,25 +231,29 @@ get_USM_DH_key(netsnmp_variable_list *va
+ dh = d2i_DHparams(NULL, &cp, dhvar->val_len);
+ }
+
+- if (!dh || !dh->g || !dh->p) {
++ if (dh)
++ DH_get0_pqg(dh, &p, NULL, &g);
++
++ if (!dh || !g || !p) {
+ SNMP_FREE(dhkeychange);
+ return SNMPERR_GENERR;
+ }
+
+- DH_generate_key(dh);
+- if (!dh->pub_key) {
++ if (!DH_generate_key(dh)) {
+ SNMP_FREE(dhkeychange);
+ return SNMPERR_GENERR;
+ }
+
+- if (vars->val_len != (unsigned int)BN_num_bytes(dh->pub_key)) {
++ DH_get0_key(dh, &pub_key, NULL);
++
++ if (vars->val_len != (unsigned int)BN_num_bytes(pub_key)) {
+ SNMP_FREE(dhkeychange);
+ fprintf(stderr,"incorrect diffie-helman lengths (%lu != %d)\n",
+- (unsigned long)vars->val_len, BN_num_bytes(dh->pub_key));
++ (unsigned long)vars->val_len, BN_num_bytes(pub_key));
+ return SNMPERR_GENERR;
+ }
+
+- BN_bn2bin(dh->pub_key, dhkeychange + vars->val_len);
++ BN_bn2bin(pub_key, dhkeychange + vars->val_len);
+
+ key_len = DH_size(dh);
+ if (!key_len) {
+--- a/configure.d/config_os_libs2
++++ b/configure.d/config_os_libs2
+@@ -327,10 +327,16 @@ if test "x$tryopenssl" != "xno" -a "x$tr
+ [[#include <openssl/evp.h>]])
+
+ AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_create,
+- AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [],
++ AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [1],
+ [Define to 1 if you have the `EVP_MD_CTX_create' function.])
+- AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [],
++ AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [1],
+ [Define to 1 if you have the `EVP_MD_CTX_destroy' function.]))
++
++ AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_new,
++ AC_DEFINE([HAVE_EVP_MD_CTX_NEW], [1],
++ [Define to 1 if you have the `EVP_MD_CTX_new' function.])
++ AC_DEFINE([HAVE_EVP_MD_CTX_FREE], [1],
++ [Define to 1 if you have the `EVP_MD_CTX_free' function.]))
+ fi
+ if echo " $transport_result_list " | $GREP "DTLS" > /dev/null; then
+ AC_CHECK_LIB(ssl, DTLSv1_method,
+--- a/include/net-snmp/net-snmp-config.h.in
++++ b/include/net-snmp/net-snmp-config.h.in
+@@ -164,6 +164,12 @@
+ /* Define to 1 if you have the `EVP_MD_CTX_destroy' function. */
+ #undef HAVE_EVP_MD_CTX_DESTROY
+
++/* Define to 1 if you have the `EVP_MD_CTX_free' function. */
++#undef HAVE_EVP_MD_CTX_FREE
++
++/* Define to 1 if you have the `EVP_MD_CTX_new' function. */
++#undef HAVE_EVP_MD_CTX_NEW
++
+ /* Define if you have EVP_sha224/256 in openssl */
+ #undef HAVE_EVP_SHA224
+
+--- a/snmplib/keytools.c
++++ b/snmplib/keytools.c
+@@ -176,7 +176,9 @@ generate_Ku(const oid * hashtype, u_int
+ QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
+ }
+
+-#ifdef HAVE_EVP_MD_CTX_CREATE
++#ifdef HAVE_EVP_MD_CTX_NEW
++ ctx = EVP_MD_CTX_new();
++#elif HAVE_EVP_MD_CTX_CREATE
+ ctx = EVP_MD_CTX_create();
+ #else
+ ctx = malloc(sizeof(*ctx));
+@@ -278,7 +280,9 @@ generate_Ku(const oid * hashtype, u_int
+ memset(buf, 0, sizeof(buf));
+ #ifdef NETSNMP_USE_OPENSSL
+ if (ctx) {
+-#ifdef HAVE_EVP_MD_CTX_DESTROY
++#ifdef HAVE_EVP_MD_CTX_FREE
++ EVP_MD_CTX_free(ctx);
++#elif HAVE_EVP_MD_CTX_DESTROY
+ EVP_MD_CTX_destroy(ctx);
+ #else
+ EVP_MD_CTX_cleanup(ctx);
+--- a/snmplib/scapi.c
++++ b/snmplib/scapi.c
+@@ -627,7 +627,9 @@ sc_hash(const oid * hashtype, size_t has
+ return SNMPERR_GENERR;
+
+ /** initialize the pointer */
+-#ifdef HAVE_EVP_MD_CTX_CREATE
++#ifdef HAVE_EVP_MD_CTX_NEW
++ cptr = EVP_MD_CTX_new();
++#elif HAVE_EVP_MD_CTX_CREATE
+ cptr = EVP_MD_CTX_create();
+ #else
+ cptr = malloc(sizeof(*cptr));
+@@ -648,7 +650,9 @@ sc_hash(const oid * hashtype, size_t has
+ /** do the final pass */
+ EVP_DigestFinal(cptr, MAC, &tmp_len);
+ *MAC_len = tmp_len;
+-#ifdef HAVE_EVP_MD_CTX_DESTROY
++#ifdef HAVE_EVP_MD_CTX_FREE
++ EVP_MD_CTX_free(cptr);
++#elif HAVE_EVP_MD_CTX_DESTROY
+ EVP_MD_CTX_destroy(cptr);
+ #else
+ #if !defined(OLD_DES)
More information about the arch-commits
mailing list