Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 458774 Details for
Bug 604642
net-misc/ntp-4.2.8_p9 with dev-libs/openssl-1.1.0c - undefined reference to `ERR_load_crypto_strings'
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
0001-Enhance-openssl-1.1.0-compatibility.patch
0001-Enhance-openssl-1.1.0-compatibility.patch (text/plain), 6.11 KB, created by
eroen
on 2017-01-04 17:53:25 UTC
(
hide
)
Description:
0001-Enhance-openssl-1.1.0-compatibility.patch
Filename:
MIME Type:
Creator:
eroen
Created:
2017-01-04 17:53:25 UTC
Size:
6.11 KB
patch
obsolete
>From 504355ac3988eeb07d5a99976c6e5e5dc84b5e0f Mon Sep 17 00:00:00 2001 >From: eroen <ntp.org@occam.eroen.eu> >Date: Wed, 4 Jan 2017 18:47:13 +0100 >Subject: [PATCH] Enhance openssl 1.1.0 compatibility > >This prevents various build errors errors when openssl 1.1.0 is built with >`--api=1.1` or compatibility mode is disabled. > >- Skip deprecated initialization, openssl 1.1.0 handles this internally and > the functions are not necessarily available >- Use const versions of X509_get* >- Use openssl version interfaces rather than old ssleay ones > >X-Gentoo-Bug: 604642 >X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=604642 >--- > libntp/ssl_init.c | 29 ++++++++++++++++++++++++----- > ntpd/ntp_crypto.c | 22 ++++++++++++++++------ > util/ntp-keygen.c | 31 ++++++++++++++++++++++++++----- > 3 files changed, 66 insertions(+), 16 deletions(-) > >diff --git a/libntp/ssl_init.c b/libntp/ssl_init.c >index ef0f1c1..8de598b 100644 >--- a/libntp/ssl_init.c >+++ b/libntp/ssl_init.c >@@ -17,10 +17,11 @@ > #include "openssl/evp.h" > #include "libssl_compat.h" > >-void atexit_ssl_cleanup(void); >- > int ssl_init_done; > >+#if OPENSSL_VERSION_NUMBER < 0x10100000L >+void atexit_ssl_cleanup(void); >+ > void > ssl_init(void) > { >@@ -47,18 +48,36 @@ atexit_ssl_cleanup(void) > EVP_cleanup(); > ERR_free_strings(); > } >+#else /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ >+void >+ssl_init(void) >+{ >+ init_lib(); >+ >+ if (ssl_init_done) >+ return; >+ >+ ssl_init_done = TRUE; >+} >+#endif > > > void > ssl_check_version(void) > { >- if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L) { >+ unsigned long v; >+#if OPENSSL_VERSION_NUMBER < 0x10100000L >+ v = SSLeay(); >+#else /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ >+ v = OpenSSL_version_num(); >+#endif >+ if ((v ^ OPENSSL_VERSION_NUMBER) & ~0xff0L) { > msyslog(LOG_WARNING, > "OpenSSL version mismatch. Built against %lx, you have %lx", >- (u_long)OPENSSL_VERSION_NUMBER, SSLeay()); >+ (u_long)OPENSSL_VERSION_NUMBER, v); > fprintf(stderr, > "OpenSSL version mismatch. Built against %lx, you have %lx\n", >- (u_long)OPENSSL_VERSION_NUMBER, SSLeay()); >+ (u_long)OPENSSL_VERSION_NUMBER, v); > } > > INIT_SSL(); >diff --git a/ntpd/ntp_crypto.c b/ntpd/ntp_crypto.c >index 2b9cb52..2954ada 100644 >--- a/ntpd/ntp_crypto.c >+++ b/ntpd/ntp_crypto.c >@@ -193,7 +193,7 @@ static int crypto_gq (struct exten *, struct peer *); > static int crypto_mv (struct exten *, struct peer *); > static int crypto_send (struct exten *, struct value *, int); > static tstamp_t crypto_time (void); >-static void asn_to_calendar (ASN1_TIME *, struct calendar*); >+static void asn_to_calendar (const ASN1_TIME *, struct calendar*); > static struct cert_info *cert_parse (const u_char *, long, tstamp_t); > static int cert_sign (struct exten *, struct value *); > static struct cert_info *cert_install (struct exten *, struct peer *); >@@ -2010,7 +2010,7 @@ crypto_time() > static > void > asn_to_calendar ( >- ASN1_TIME *asn1time, /* pointer to ASN1_TIME structure */ >+ const ASN1_TIME *asn1time, /* pointer to ASN1_TIME structure */ > struct calendar *pjd /* pointer to result */ > ) > { >@@ -3187,8 +3187,18 @@ cert_sign( > serial = ASN1_INTEGER_new(); > ASN1_INTEGER_set(serial, tstamp); > X509_set_serialNumber(cert, serial); >- X509_gmtime_adj(X509_get_notBefore(cert), 0L); >- X509_gmtime_adj(X509_get_notAfter(cert), YEAR); >+ { >+ ASN1_TIME *t; >+ t = (ASN1_TIME*)ASN1_STRING_dup(X509_get0_notBefore(cert)); >+ X509_gmtime_adj(t, 0L); >+ X509_set1_notBefore(cert, t); >+ ASN1_STRING_free(t); >+ >+ t = (ASN1_TIME*)ASN1_STRING_dup(X509_get0_notAfter(cert)); >+ X509_gmtime_adj(t, YEAR); >+ X509_set1_notAfter(cert, t); >+ ASN1_STRING_free(t); >+ } > subj = X509_get_issuer_name(cert); > X509_NAME_add_entry_by_txt(subj, "commonName", MBSTRING_ASC, > hostval.ptr, strlen((const char *)hostval.ptr), -1, 0); >@@ -3497,8 +3507,8 @@ cert_parse( > return (NULL); > } > ret->issuer = estrdup(pch + 3); >- asn_to_calendar(X509_get_notBefore(cert), &(ret->first)); >- asn_to_calendar(X509_get_notAfter(cert), &(ret->last)); >+ asn_to_calendar(X509_get0_notBefore(cert), &(ret->first)); >+ asn_to_calendar(X509_get0_notAfter(cert), &(ret->last)); > > /* > * Extract extension fields. These are ad hoc ripoffs of >diff --git a/util/ntp-keygen.c b/util/ntp-keygen.c >index 66a4755..bb4d201 100644 >--- a/util/ntp-keygen.c >+++ b/util/ntp-keygen.c >@@ -363,12 +363,21 @@ main( > argv += optct; // Just in case we care later. > > #ifdef OPENSSL >- if (SSLeay() == SSLEAY_VERSION_NUMBER) >+ const char *sslvtext; >+ int sslvmatch; >+#if OPENSSL_VERSION_NUMBER < 0x10100000L >+ sslvtext = SSLeay_version(SSLEAY_VERSION); >+ sslvmatch = SSLeay() == SSLEAY_VERSION_NUMBER; >+#else /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ >+ sslvtext = OpenSSL_version(OPENSSL_VERSION); >+ sslvmatch = OpenSSL_version_num() == OPENSSL_VERSION_NUMBER; >+#endif >+ if (sslvmatch) > fprintf(stderr, "Using OpenSSL version %s\n", >- SSLeay_version(SSLEAY_VERSION)); >+ sslvtext); > else > fprintf(stderr, "Built against OpenSSL %s, using version %s\n", >- OPENSSL_VERSION_TEXT, SSLeay_version(SSLEAY_VERSION)); >+ OPENSSL_VERSION_TEXT, sslvtext); > #endif /* OPENSSL */ > > debug = OPT_VALUE_SET_DEBUG_LEVEL; >@@ -464,8 +473,10 @@ main( > /* > * Seed random number generator and grow weeds. > */ >+#if OPENSSL_VERSION_NUMBER < 0x10100000L > ERR_load_crypto_strings(); > OpenSSL_add_all_algorithms(); >+#endif > if (!RAND_status()) { > if (RAND_file_name(pathbuf, sizeof(pathbuf)) == NULL) { > fprintf(stderr, "RAND_file_name %s\n", >@@ -1970,8 +1981,18 @@ x509 ( > ASN1_INTEGER_set(serial, (long)epoch + JAN_1970); > X509_set_serialNumber(cert, serial); > ASN1_INTEGER_free(serial); >- X509_time_adj(X509_get_notBefore(cert), 0L, &epoch); >- X509_time_adj(X509_get_notAfter(cert), lifetime * SECSPERDAY, &epoch); >+ { >+ ASN1_TIME *t; >+ t = (ASN1_TIME*)ASN1_STRING_dup(X509_get0_notBefore(cert)); >+ X509_time_adj(t, 0L, &epoch); >+ X509_set1_notBefore(cert, t); >+ ASN1_STRING_free(t); >+ >+ t = (ASN1_TIME*)ASN1_STRING_dup(X509_get0_notAfter(cert)); >+ X509_time_adj(t, lifetime * SECSPERDAY, &epoch); >+ X509_set1_notAfter(cert, t); >+ ASN1_STRING_free(t); >+ } > subj = X509_get_subject_name(cert); > X509_NAME_add_entry_by_txt(subj, "commonName", MBSTRING_ASC, > (u_char *)name, -1, -1, 0); >-- >2.11.0 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=458774">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 604642
:
458706
|
458774
|
458864
