View | Details | Raw Unified | Return to bug 228898 | Differences between
and this patch

Collapse All | Expand All

(-)Makefile (-1 / +1 lines)
Lines 92-98 Link Here
92
PLIST_SUB+=	WITH_PYTHON="@comment "
92
PLIST_SUB+=	WITH_PYTHON="@comment "
93
.endif
93
.endif
94
94
95
CONFIGURE_ARGS+=--with-openssl="/usr"
95
CONFIGURE_ARGS+=--with-openssl="${OPENSSLBASE}"
96
96
97
.if ${PORT_OPTIONS:MDUMMY}
97
.if ${PORT_OPTIONS:MDUMMY}
98
CONFIGURE_ARGS+=--with-dummy-values
98
CONFIGURE_ARGS+=--with-dummy-values
(-)files/patch-openssl (+167 lines)
Line 0 Link Here
1
--- apps/snmpusm.c
2
+++ apps/snmpusm.c
3
@@ -125,6 +125,32 @@ char           *usmUserPublic_val = NULL
4
 int             docreateandwait = 0;
5
 
6
 
7
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
8
+
9
+#include <string.h>
10
+#include <openssl/engine.h>
11
+
12
+void DH_get0_pqg(const DH *dh,
13
+                const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
14
+{
15
+   if (p != NULL)
16
+       *p = dh->p;
17
+   if (q != NULL)
18
+       *q = dh->q;
19
+   if (g != NULL)
20
+       *g = dh->g;
21
+}
22
+
23
+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
24
+{
25
+   if (pub_key != NULL)
26
+       *pub_key = dh->pub_key;
27
+   if (priv_key != NULL)
28
+       *priv_key = dh->priv_key;
29
+}
30
+
31
+#endif
32
+
33
 void
34
 usage(void)
35
 {
36
@@ -190,7 +216,7 @@ get_USM_DH_key(netsnmp_variable_list *va
37
                oid *keyoid, size_t keyoid_len) {
38
     u_char *dhkeychange;
39
     DH *dh;
40
-    BIGNUM *other_pub;
41
+    BIGNUM *p, *g, *pub_key, *other_pub;
42
     u_char *key;
43
     size_t key_len;
44
             
45
@@ -205,25 +231,29 @@ get_USM_DH_key(netsnmp_variable_list *va
46
         dh = d2i_DHparams(NULL, &cp, dhvar->val_len);
47
     }
48
 
49
-    if (!dh || !dh->g || !dh->p) {
50
+    if (dh)
51
+        DH_get0_pqg(dh, &p, NULL, &g);
52
+
53
+    if (!dh || !g || !p) {
54
         SNMP_FREE(dhkeychange);
55
         return SNMPERR_GENERR;
56
     }
57
 
58
-    DH_generate_key(dh);
59
-    if (!dh->pub_key) {
60
+    if (!DH_generate_key(dh)) {
61
         SNMP_FREE(dhkeychange);
62
         return SNMPERR_GENERR;
63
     }
64
             
65
-    if (vars->val_len != (unsigned int)BN_num_bytes(dh->pub_key)) {
66
+    DH_get0_key(dh, &pub_key, NULL);
67
+
68
+    if (vars->val_len != (unsigned int)BN_num_bytes(pub_key)) {
69
         SNMP_FREE(dhkeychange);
70
         fprintf(stderr,"incorrect diffie-helman lengths (%lu != %d)\n",
71
-                (unsigned long)vars->val_len, BN_num_bytes(dh->pub_key));
72
+                (unsigned long)vars->val_len, BN_num_bytes(pub_key));
73
         return SNMPERR_GENERR;
74
     }
75
 
76
-    BN_bn2bin(dh->pub_key, dhkeychange + vars->val_len);
77
+    BN_bn2bin(pub_key, dhkeychange + vars->val_len);
78
 
79
     key_len = DH_size(dh);
80
     if (!key_len) {
81
--- configure.d/config_os_libs2
82
+++ configure.d/config_os_libs2
83
@@ -291,12 +291,6 @@ if test "x$tryopenssl" != "xno" -a "x$tr
84
             AC_CHECK_LIB(${CRYPTO}, AES_cfb128_encrypt, 
85
                 AC_DEFINE(HAVE_AES_CFB128_ENCRYPT, 1,
86
                     [Define to 1 if you have the `AES_cfb128_encrypt' function.]))
87
-
88
-            AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_create,
89
-                AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [],
90
-                    [Define to 1 if you have the `EVP_MD_CTX_create' function.])
91
-                AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [],
92
-                    [Define to 1 if you have the `EVP_MD_CTX_destroy' function.]))
93
         fi
94
         if echo " $transport_result_list " | $GREP "DTLS" > /dev/null; then
95
 	    AC_CHECK_LIB(ssl, DTLSv1_method,
96
--- snmplib/keytools.c
97
+++ snmplib/keytools.c
98
@@ -149,13 +149,13 @@ generate_Ku(const oid * hashtype, u_int
99
      */
100
 #ifdef NETSNMP_USE_OPENSSL
101
 
102
-#ifdef HAVE_EVP_MD_CTX_CREATE
103
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
104
     ctx = EVP_MD_CTX_create();
105
 #else
106
-    ctx = malloc(sizeof(*ctx));
107
-    if (!EVP_MD_CTX_init(ctx))
108
-        return SNMPERR_GENERR;
109
+    ctx = EVP_MD_CTX_new();
110
 #endif
111
+    if (!ctx)
112
+        return SNMPERR_GENERR;
113
 #ifndef NETSNMP_DISABLE_MD5
114
     if (ISTRANSFORM(hashtype, HMACMD5Auth)) {
115
         if (!EVP_DigestInit(ctx, EVP_md5()))
116
@@ -259,11 +259,10 @@ generate_Ku(const oid * hashtype, u_int
117
     memset(buf, 0, sizeof(buf));
118
 #ifdef NETSNMP_USE_OPENSSL
119
     if (ctx) {
120
-#ifdef HAVE_EVP_MD_CTX_DESTROY
121
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
122
         EVP_MD_CTX_destroy(ctx);
123
 #else
124
-        EVP_MD_CTX_cleanup(ctx);
125
-        free(ctx);
126
+        EVP_MD_CTX_free(ctx);
127
 #endif
128
     }
129
 #endif
130
--- snmplib/scapi.c
131
+++ snmplib/scapi.c
132
@@ -486,15 +486,10 @@ sc_hash(const oid * hashtype, size_t has
133
     }
134
 
135
 /** initialize the pointer */
136
-#ifdef HAVE_EVP_MD_CTX_CREATE
137
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
138
     cptr = EVP_MD_CTX_create();
139
 #else
140
-    cptr = malloc(sizeof(*cptr));
141
-#if defined(OLD_DES)
142
-    memset(cptr, 0, sizeof(*cptr));
143
-#else
144
-    EVP_MD_CTX_init(cptr);
145
-#endif
146
+    cptr = EVP_MD_CTX_new();
147
 #endif
148
     if (!EVP_DigestInit(cptr, hashfn)) {
149
         /* requested hash function is not available */
150
@@ -507,13 +502,11 @@ sc_hash(const oid * hashtype, size_t has
151
 /** do the final pass */
152
     EVP_DigestFinal(cptr, MAC, &tmp_len);
153
     *MAC_len = tmp_len;
154
-#ifdef HAVE_EVP_MD_CTX_DESTROY
155
+
156
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
157
     EVP_MD_CTX_destroy(cptr);
158
 #else
159
-#if !defined(OLD_DES)
160
-    EVP_MD_CTX_cleanup(cptr);
161
-#endif
162
-    free(cptr);
163
+    EVP_MD_CTX_free(cptr);
164
 #endif
165
     return (rval);
166
 
167

Return to bug 228898