diff options
-rw-r--r-- | .SRCINFO | 15 | ||||
-rw-r--r-- | PKGBUILD | 15 | ||||
-rw-r--r-- | openssl-1.0.patch | 57 | ||||
-rw-r--r-- | openssl-1.1.diff | 310 |
4 files changed, 324 insertions, 73 deletions
@@ -1,9 +1,9 @@ # Generated by mksrcinfo v8 -# Mon Apr 24 21:04:21 UTC 2017 +# Sun May 14 21:45:10 UTC 2017 pkgbase = ccnet-server pkgdesc = A framework for writing networked applications in C. - pkgver = 6.0.10 - pkgrel = 2 + pkgver = 6.1.0 + pkgrel = 1 url = https://github.com/haiwen/ccnet-server arch = i686 arch = x86_64 @@ -18,13 +18,12 @@ pkgbase = ccnet-server depends = libsearpc depends = libldap depends = python2 - depends = openssl-1.0 - source = ccnet-server-v6.0.10-server.tar.gz::https://github.com/haiwen/ccnet-server/archive/v6.0.10-server.tar.gz + source = ccnet-server-v6.1.0-server.tar.gz::https://github.com/haiwen/ccnet-server/archive/v6.1.0-server.tar.gz source = libccnet.pc.patch - source = openssl-1.0.patch - sha256sums = 1a31a917c143c74bbb6fd67c54ee61841c343650b70f3d07dc130c990d8ffc1f + source = openssl-1.1.diff + sha256sums = a4999ff8638e5f6cf6487a7e8d649e0f1992221c44632682a5fe61cb6c6cff79 sha256sums = 66c3b02c3981db6a80819e0ae103bedadf8dfdf81405a7f75a9cba714acf973f - sha256sums = df166018e220074216b108f8b6969e623bdf51c1fa79f354a3127bae629059e2 + sha256sums = f98a17d467214984d11ddf819e02d54b2b88e89ebafec1955922e43c123800d4 pkgname = ccnet-server @@ -4,30 +4,29 @@ # Contributor: Adrian Hühn <adrian.huehn@web.de> pkgname=ccnet-server -pkgver=6.0.10 -pkgrel=2 +pkgver=6.1.0 +pkgrel=1 pkgdesc="A framework for writing networked applications in C." arch=('i686' 'x86_64' 'armv7h' 'armv6h' 'aarch64') url="https://github.com/haiwen/${pkgname}" license=('GPL2') -depends=('libevent' 'libzdb' 'libsearpc' 'libldap' 'python2' 'openssl-1.0') +depends=('libevent' 'libzdb' 'libsearpc' 'libldap' 'python2') makedepends=('vala' 'libmariadbclient') source=("${pkgname}-v${pkgver}-server.tar.gz::${url}/archive/v${pkgver}-server.tar.gz" "libccnet.pc.patch" - "openssl-1.0.patch") -sha256sums=('1a31a917c143c74bbb6fd67c54ee61841c343650b70f3d07dc130c990d8ffc1f' + "openssl-1.1.diff") +sha256sums=('a4999ff8638e5f6cf6487a7e8d649e0f1992221c44632682a5fe61cb6c6cff79' '66c3b02c3981db6a80819e0ae103bedadf8dfdf81405a7f75a9cba714acf973f' - 'df166018e220074216b108f8b6969e623bdf51c1fa79f354a3127bae629059e2') + 'f98a17d467214984d11ddf819e02d54b2b88e89ebafec1955922e43c123800d4') prepare () { cd "${srcdir}/${pkgname}-${pkgver}-server" patch -p1 -i "${srcdir}"/libccnet.pc.patch - patch -p1 -i "${srcdir}"/openssl-1.0.patch + patch -p1 -i "${srcdir}"/openssl-1.1.diff } build () { cd "${srcdir}/${pkgname}-${pkgver}-server" - export PKG_CONFIG_PATH=/usr/lib/openssl-1.0/pkgconfig ./autogen.sh ./configure --enable-ldap --enable-python --enable-console --prefix=/usr PYTHON=/usr/bin/python2 make diff --git a/openssl-1.0.patch b/openssl-1.0.patch deleted file mode 100644 index 48b33830acca..000000000000 --- a/openssl-1.0.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 19207efc5cd56b4b8f39e8fa0dcb92afb8d70d43 Mon Sep 17 00:00:00 2001 -From: Pascal Ernster <git@hardfalcon.net> -Date: Mon, 20 Feb 2017 02:17:08 +0100 -Subject: [PATCH] Add @SSL_CFLAGS@ to Makefiles to support PKG_CONFIG_PATH and - PKG_CONFIG_LIBDIR environment variables for libcrypto and libssl - ---- - lib/Makefile.am | 4 +++- - net/server/Makefile.am | 1 + - tools/Makefile.am | 2 +- - 3 files changed, 5 insertions(+), 2 deletions(-) - -diff --git a/lib/Makefile.am b/lib/Makefile.am -index f744675..b414b26 100644 ---- a/lib/Makefile.am -+++ b/lib/Makefile.am -@@ -30,7 +30,7 @@ noinst_HEADERS = buffer.h \ - ccnetincludedir = $(includedir)/ccnet - ccnetinclude_DATA = ccnet-object.h - --libccnet_la_CPPFLAGS = $(AM_CPPFLAGS) -DCCNET_LIB @PTHREAD_CFLAGS@ -+libccnet_la_CPPFLAGS = $(AM_CPPFLAGS) -DCCNET_LIB @PTHREAD_CFLAGS@ @SSL_CFLAGS@ - - libccnet_la_SOURCES = ccnet-client.c packet-io.c libccnet_utils.c \ - message.c proc-factory.c \ -@@ -54,6 +54,8 @@ libccnet_la_LIBADD = @PTHREAD_LIBS@ @GLIB2_LIBS@ @GOBJECT_LIBS@ @LIB_GDI32@ \ - - noinst_LTLIBRARIES = libccnetd.la - -+libccnetd_la_CPPFLAGS = $(AM_CPPFLAGS) @SSL_CFLAGS@ -+ - libccnetd_la_SOURCES = utils.c db.c job-mgr.c \ - rsa.c bloom-filter.c marshal.c net.c timer.c ccnet-session-base.c \ - ccnetobj.c -diff --git a/net/server/Makefile.am b/net/server/Makefile.am -index 7cda288..75abbce 100644 ---- a/net/server/Makefile.am -+++ b/net/server/Makefile.am -@@ -7,6 +7,7 @@ AM_CPPFLAGS = @GLIB2_CFLAGS@ @GOBJECT_CFLAGS@ \ - -I$(top_builddir)/include \ - -I$(top_builddir)/lib \ - @SEARPC_CFLAGS@ \ -+ @SSL_CFLAGS@ \ - -Wall - - bin_PROGRAMS = ccnet-server -diff --git a/tools/Makefile.am b/tools/Makefile.am -index 61d0482..7d36040 100644 ---- a/tools/Makefile.am -+++ b/tools/Makefile.am -@@ -1,5 +1,5 @@ - --AM_CPPFLAGS = -I$(top_srcdir)/include @GLIB2_CFLAGS@ -I$(top_srcdir)/lib -+AM_CPPFLAGS = -I$(top_srcdir)/include @GLIB2_CFLAGS@ -I$(top_srcdir)/lib @SSL_CFLAGS@ - - bin_PROGRAMS = ccnet-init - diff --git a/openssl-1.1.diff b/openssl-1.1.diff new file mode 100644 index 000000000000..acac9ab6092d --- /dev/null +++ b/openssl-1.1.diff @@ -0,0 +1,310 @@ +diff -ur ccnet-server-v6.0.10/lib/rsa.c ccnet-server/lib/rsa.c +--- ccnet-server-v6.0.10/lib/rsa.c 2017-05-14 09:14:22.274184846 +0200 ++++ ccnet-server/lib/rsa.c 2017-05-14 13:33:46.600971500 +0200 +@@ -11,13 +11,55 @@ + #include "rsa.h" + #include "utils.h" + ++/* Forward compatibility functions if libssl < 1.1.0. */ ++ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ ++int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) ++{ ++ /* If the fields n and e in r are NULL, the corresponding input ++ * parameters MUST be non-NULL for n and e. d may be ++ * left NULL (in case only the public key is used). ++ */ ++ if ((r->n == NULL && n == NULL) ++ || (r->e == NULL && e == NULL)) ++ return 0; ++ if (n != NULL) { ++ BN_free(r->n); ++ r->n = n; ++ } ++ if (e != NULL) { ++ BN_free(r->e); ++ r->e = e; ++ } ++ if (d != NULL) { ++ BN_free(r->d); ++ r->d = d; ++ } ++ return 1; ++} ++ ++void RSA_get0_key(const RSA *r, ++ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) ++{ ++ if (n != NULL) ++ *n = r->n; ++ if (e != NULL) ++ *e = r->e; ++ if (d != NULL) ++ *d = r->d; ++} ++ ++#endif ++ + RSA* + private_key_to_pub(RSA *priv) + { + RSA *pub = RSA_new(); ++ const BIGNUM *n, *e; + +- pub->n = BN_dup(priv->n); +- pub->e = BN_dup(priv->e); ++ RSA_get0_key (priv, &n, &e, NULL); ++ RSA_set0_key (pub, BN_dup(n), BN_dup(e), NULL); + + return pub; + } +@@ -28,18 +70,21 @@ + GString *buf = g_string_new(NULL); + unsigned char *temp; + char *coded; ++ const BIGNUM *n, *e; + +- gsize len = BN_num_bytes(rsa->n); ++ RSA_get0_key (rsa, &n, &e, NULL); ++ ++ gsize len = BN_num_bytes(n); + temp = malloc(len); +- BN_bn2bin(rsa->n, temp); ++ BN_bn2bin(n, temp); + coded = g_base64_encode(temp, len); + g_string_append (buf, coded); + g_string_append_c (buf, ' '); + g_free(coded); + +- len = BN_num_bytes(rsa->e); ++ len = BN_num_bytes(e); + temp = realloc(temp, len); +- BN_bn2bin(rsa->e, temp); ++ BN_bn2bin(e, temp); + coded = g_base64_encode(temp, len); + g_string_append (buf, coded); + g_free(coded); +@@ -54,18 +99,21 @@ + { + unsigned char *temp; + char *coded; ++ const BIGNUM *n, *e; ++ ++ RSA_get0_key (rsa, &n, &e, NULL); + +- gsize len = BN_num_bytes(rsa->n); ++ gsize len = BN_num_bytes(n); + temp = malloc(len); +- BN_bn2bin(rsa->n, temp); ++ BN_bn2bin(n, temp); + coded = g_base64_encode(temp, len); + g_string_append (buf, coded); + g_string_append_c (buf, ' '); + g_free(coded); + +- len = BN_num_bytes(rsa->e); ++ len = BN_num_bytes(e); + temp = realloc(temp, len); +- BN_bn2bin(rsa->e, temp); ++ BN_bn2bin(e, temp); + coded = g_base64_encode(temp, len); + g_string_append (buf, coded); + g_free(coded); +@@ -86,24 +134,31 @@ + *p = '\0'; + + RSA *key = RSA_new(); ++ BIGNUM *n = NULL, *e = NULL; + + num = g_base64_decode(str, &len); +- key->n = BN_bin2bn(num, len, NULL); +- if (!key->n) ++ n = BN_bin2bn(num, len, NULL); ++ if (!n) + goto err; + g_free(num); + + num = g_base64_decode(p+1, &len); +- key->e = BN_bin2bn(num, len, NULL); +- if (!key->e) ++ e = BN_bin2bn(num, len, NULL); ++ if (!e) + goto err; + g_free(num); + ++ RSA_set0_key (key, n, e, NULL); ++ + *p = ' '; + return key; + err: + *p = ' '; + RSA_free (key); ++ if (n) ++ BN_free (n); ++ if (e) ++ BN_free (e); + g_free(num); + return NULL; + } +@@ -153,9 +208,22 @@ + generate_private_key(u_int bits) + { + RSA *private = NULL; +- +- private = RSA_generate_key(bits, 35, NULL, NULL); +- if (private == NULL) +- g_error ("rsa_generate_private_key: key generation failed."); ++ BIGNUM* bne = NULL; ++ ++ bne = BN_new(); ++ if (!BN_set_word(bne, RSA_3)) ++ goto free_all; ++ ++ private = RSA_new(); ++ ++ if (!RSA_generate_key_ex(private, bits, bne, NULL)) ++ goto free_all; ++ + return private; ++ ++free_all: ++ RSA_free(private); ++ BN_free(bne); ++ g_error ("rsa_generate_private_key: key generation failed."); ++ return NULL; + } +diff -ur ccnet-server-v6.0.10/lib/utils.c ccnet-server/lib/utils.c +--- ccnet-server-v6.0.10/lib/utils.c 2017-05-14 09:14:22.274184846 +0200 ++++ ccnet-server/lib/utils.c 2017-05-14 09:51:57.671395998 +0200 +@@ -1053,14 +1053,14 @@ + return -1; + } + +- EVP_CIPHER_CTX ctx; ++ EVP_CIPHER_CTX *ctx; + int ret; + int blks; + + /* Prepare CTX for encryption. */ +- EVP_CIPHER_CTX_init (&ctx); ++ ctx = EVP_CIPHER_CTX_new (); + +- ret = EVP_EncryptInit_ex (&ctx, ++ ret = EVP_EncryptInit_ex (ctx, + EVP_aes_256_cbc(), /* cipher mode */ + NULL, /* engine, NULL for default */ + key, /* derived key */ +@@ -1068,6 +1068,7 @@ + + if (ret == ENC_FAILURE) { + g_warning ("error init\n"); ++ EVP_CIPHER_CTX_free (ctx); + return -1; + } + +@@ -1089,7 +1090,7 @@ + int update_len, final_len; + + /* Do the encryption. */ +- ret = EVP_EncryptUpdate (&ctx, ++ ret = EVP_EncryptUpdate (ctx, + (unsigned char*)*data_out, + &update_len, + (unsigned char*)data_in, +@@ -1100,7 +1101,7 @@ + } + + /* Finish the possible partial block. */ +- ret = EVP_EncryptFinal_ex (&ctx, ++ ret = EVP_EncryptFinal_ex (ctx, + (unsigned char*)*data_out + update_len, + &final_len); + *out_len = update_len + final_len; +@@ -1109,11 +1110,11 @@ + goto enc_error; + } + +- EVP_CIPHER_CTX_cleanup (&ctx); ++ EVP_CIPHER_CTX_free (ctx); + return 0; + + enc_error: +- EVP_CIPHER_CTX_cleanup (&ctx); ++ EVP_CIPHER_CTX_free (ctx); + *out_len = -1; + if (*data_out != NULL) + g_free (*data_out); +@@ -1138,22 +1139,24 @@ + return -1; + } + +- EVP_CIPHER_CTX ctx; ++ EVP_CIPHER_CTX *ctx; + int ret; + + *data_out = NULL; + *out_len = -1; + + /* Prepare CTX for decryption. */ +- EVP_CIPHER_CTX_init (&ctx); +- ret = EVP_DecryptInit_ex (&ctx, ++ ctx = EVP_CIPHER_CTX_new (); ++ ret = EVP_DecryptInit_ex (ctx, + EVP_aes_256_cbc(), /* cipher mode */ + NULL, /* engine, NULL for default */ + key, /* derived key */ + iv); /* initial vector */ + +- if (ret == DEC_FAILURE) ++ if (ret == DEC_FAILURE) { ++ EVP_CIPHER_CTX_free (ctx); + return -1; ++ } + + /* Allocating output buffer. */ + *data_out = (char *)g_malloc (in_len); +@@ -1165,7 +1168,7 @@ + int update_len, final_len; + + /* Do the decryption. */ +- ret = EVP_DecryptUpdate (&ctx, ++ ret = EVP_DecryptUpdate (ctx, + (unsigned char*)*data_out, + &update_len, + (unsigned char*)data_in, +@@ -1174,7 +1177,7 @@ + goto dec_error; + + /* Finish the possible partial block. */ +- ret = EVP_DecryptFinal_ex (&ctx, ++ ret = EVP_DecryptFinal_ex (ctx, + (unsigned char*)*data_out + update_len, + &final_len); + *out_len = update_len + final_len; +@@ -1182,11 +1185,11 @@ + if (ret == DEC_FAILURE || *out_len > in_len) + goto dec_error; + +- EVP_CIPHER_CTX_cleanup (&ctx); ++ EVP_CIPHER_CTX_free (ctx); + return 0; + + dec_error: +- EVP_CIPHER_CTX_cleanup (&ctx); ++ EVP_CIPHER_CTX_free (ctx); + *out_len = -1; + if (*data_out != NULL) + g_free (*data_out); +diff -ur ccnet-server-v6.0.10/tools/ccnet-init.c ccnet-server/tools/ccnet-init.c +--- ccnet-server-v6.0.10/tools/ccnet-init.c 2017-05-14 09:14:22.282184865 +0200 ++++ ccnet-server/tools/ccnet-init.c 2017-05-14 09:57:45.256750068 +0200 +@@ -162,7 +162,7 @@ + + config_dir = ccnet_expand_path (config_dir); + /* printf("[conf_dir=%s\n]", config_dir); */ +- SSLeay_add_all_algorithms(); ++ OpenSSL_add_all_algorithms(); + + if (RAND_status() != 1) { /* it should be seeded automatically */ + fprintf(stderr, "PRNG is not seeded\n"); |