Convert docker-snmp-sv2 to buster (#4529)
* Fix libsnmp-base compilation failure * Convert docker-snmp-sv2 to buster * Define install_python3_wheels * Address review comments * Address review comments * Advance snmpagent submodule * Bump net-snmp to the Buster version * Revert "Fix libsnmp-base compilation failure" * use azure storage url
This commit is contained in:
parent
0542afb619
commit
9dea816532
@ -1,5 +1,5 @@
|
|||||||
{% from "dockers/dockerfile-macros.j2" import install_debian_packages, install_python_wheels, copy_files %}
|
{% from "dockers/dockerfile-macros.j2" import install_debian_packages, install_python3_wheels, copy_files %}
|
||||||
FROM docker-config-engine-stretch
|
FROM docker-config-engine-buster
|
||||||
|
|
||||||
ARG docker_container_name
|
ARG docker_container_name
|
||||||
RUN [ -f /etc/rsyslog.conf ] && sed -ri "s/%syslogtag%/$docker_container_name#%syslogtag%/;" /etc/rsyslog.conf
|
RUN [ -f /etc/rsyslog.conf ] && sed -ri "s/%syslogtag%/$docker_container_name#%syslogtag%/;" /etc/rsyslog.conf
|
||||||
@ -18,7 +18,9 @@ ENV DEBIAN_FRONTEND=noninteractive
|
|||||||
# The file referenced (`/usr/share/dpkg/no-pie-compile.specs`) is in the `libdpkg-perl` package on Debian
|
# The file referenced (`/usr/share/dpkg/no-pie-compile.specs`) is in the `libdpkg-perl` package on Debian
|
||||||
RUN apt-get update && \
|
RUN apt-get update && \
|
||||||
apt-get install -y \
|
apt-get install -y \
|
||||||
curl \
|
python3 \
|
||||||
|
python3-pip \
|
||||||
|
python3-dev \
|
||||||
ca-certificates \
|
ca-certificates \
|
||||||
gcc \
|
gcc \
|
||||||
make \
|
make \
|
||||||
@ -43,11 +45,11 @@ RUN sed -i '/^#.* en_US.* /s/^#//' /etc/locale.gen
|
|||||||
RUN locale-gen
|
RUN locale-gen
|
||||||
|
|
||||||
# Install up-to-date version of pip
|
# Install up-to-date version of pip
|
||||||
RUN curl https://bootstrap.pypa.io/get-pip.py | python3.6
|
RUN pip3 install --no-cache-dir setuptools wheel
|
||||||
|
|
||||||
# Install pyyaml dependency for use by some plugins
|
# Install pyyaml dependency for use by some plugins
|
||||||
# Install smbus dependency for use by some plugins
|
# Install smbus dependency for use by some plugins
|
||||||
RUN python3.6 -m pip install --no-cache-dir \
|
RUN python3 -m pip install --no-cache-dir \
|
||||||
hiredis \
|
hiredis \
|
||||||
pyyaml \
|
pyyaml \
|
||||||
smbus
|
smbus
|
||||||
@ -57,15 +59,14 @@ RUN python3.6 -m pip install --no-cache-dir \
|
|||||||
{{ copy_files("python-wheels/", docker_snmp_sv2_whls.split(' '), "/python-wheels/") }}
|
{{ copy_files("python-wheels/", docker_snmp_sv2_whls.split(' '), "/python-wheels/") }}
|
||||||
|
|
||||||
# Install locally-built Python wheel dependencies
|
# Install locally-built Python wheel dependencies
|
||||||
{{ install_python_wheels(docker_snmp_sv2_whls.split(' ')) }}
|
{{ install_python3_wheels(docker_snmp_sv2_whls.split(' ')) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
RUN python3.6 -m sonic_ax_impl install
|
RUN python3 -m sonic_ax_impl install
|
||||||
|
|
||||||
# Clean up
|
# Clean up
|
||||||
RUN apt-get -y purge \
|
RUN apt-get -y purge \
|
||||||
libpython3.6-dev \
|
python3-dev \
|
||||||
libpython3.6 \
|
|
||||||
curl \
|
curl \
|
||||||
gcc \
|
gcc \
|
||||||
make \
|
make \
|
||||||
|
@ -34,7 +34,7 @@ stdout_logfile=syslog
|
|||||||
stderr_logfile=syslog
|
stderr_logfile=syslog
|
||||||
|
|
||||||
[program:snmp-subagent]
|
[program:snmp-subagent]
|
||||||
command=/usr/bin/env python3.6 -m sonic_ax_impl
|
command=/usr/bin/env python3 -m sonic_ax_impl
|
||||||
priority=4
|
priority=4
|
||||||
autostart=false
|
autostart=false
|
||||||
autorestart=false
|
autorestart=false
|
||||||
|
@ -9,6 +9,10 @@ RUN dpkg_apt() { [ -f $1 ] && { dpkg -i $1 || apt-get -y install -f; } || return
|
|||||||
RUN cd /python-wheels/ && pip install {{ packages | join(' ') }}
|
RUN cd /python-wheels/ && pip install {{ packages | join(' ') }}
|
||||||
{%- endmacro %}
|
{%- endmacro %}
|
||||||
|
|
||||||
|
{% macro install_python3_wheels(packages) -%}
|
||||||
|
RUN cd /python-wheels/ && pip3 install {{ packages | join(' ') }}
|
||||||
|
{%- endmacro %}
|
||||||
|
|
||||||
{% macro copy_files(prefix, files, dest) -%}
|
{% macro copy_files(prefix, files, dest) -%}
|
||||||
COPY \
|
COPY \
|
||||||
{%- for file in files %}
|
{%- for file in files %}
|
||||||
|
@ -7,23 +7,21 @@ DOCKER_SNMP_SV2_DBG = $(DOCKER_SNMP_SV2_STEM)-$(DBG_IMAGE_MARK).gz
|
|||||||
$(DOCKER_SNMP_SV2)_PATH = $(DOCKERS_PATH)/docker-snmp-sv2
|
$(DOCKER_SNMP_SV2)_PATH = $(DOCKERS_PATH)/docker-snmp-sv2
|
||||||
|
|
||||||
## TODO: remove LIBPY3_DEV if we can get pip3 directly
|
## TODO: remove LIBPY3_DEV if we can get pip3 directly
|
||||||
$(DOCKER_SNMP_SV2)_DEPENDS += $(SNMP) $(SNMPD) $(PY3) $(LIBPY3_DEV)
|
$(DOCKER_SNMP_SV2)_DEPENDS += $(SNMP) $(SNMPD)
|
||||||
|
|
||||||
$(DOCKER_SNMP_SV2)_DBG_DEPENDS = $($(DOCKER_CONFIG_ENGINE_STRETCH)_DBG_DEPENDS)
|
$(DOCKER_SNMP_SV2)_DBG_DEPENDS = $($(DOCKER_CONFIG_ENGINE_BUSTER)_DBG_DEPENDS)
|
||||||
$(DOCKER_SNMP_SV2)_DBG_DEPENDS += $(SNMP_DBG) $(SNMPD_DBG) $(LIBSNMP_DBG)
|
$(DOCKER_SNMP_SV2)_DBG_DEPENDS += $(SNMP_DBG) $(SNMPD_DBG) $(LIBSNMP_DBG)
|
||||||
|
|
||||||
$(DOCKER_SNMP_SV2)_DBG_IMAGE_PACKAGES = $($(DOCKER_CONFIG_ENGINE_STRETCH)_DBG_IMAGE_PACKAGES)
|
$(DOCKER_SNMP_SV2)_DBG_IMAGE_PACKAGES = $($(DOCKER_CONFIG_ENGINE_BUSTER)_DBG_IMAGE_PACKAGES)
|
||||||
|
|
||||||
$(DOCKER_SNMP_SV2)_PYTHON_WHEELS += $(SONIC_PLATFORM_COMMON_PY3) $(SWSSSDK_PY3) $(ASYNCSNMP_PY3)
|
$(DOCKER_SNMP_SV2)_PYTHON_WHEELS += $(SONIC_PLATFORM_COMMON_PY3) $(SWSSSDK_PY3) $(ASYNCSNMP_PY3)
|
||||||
$(DOCKER_SNMP_SV2)_LOAD_DOCKERS += $(DOCKER_CONFIG_ENGINE_STRETCH)
|
$(DOCKER_SNMP_SV2)_LOAD_DOCKERS += $(DOCKER_CONFIG_ENGINE_BUSTER)
|
||||||
|
|
||||||
SONIC_DOCKER_IMAGES += $(DOCKER_SNMP_SV2)
|
SONIC_DOCKER_IMAGES += $(DOCKER_SNMP_SV2)
|
||||||
SONIC_INSTALL_DOCKER_IMAGES += $(DOCKER_SNMP_SV2)
|
SONIC_INSTALL_DOCKER_IMAGES += $(DOCKER_SNMP_SV2)
|
||||||
SONIC_STRETCH_DOCKERS += $(DOCKER_SNMP_SV2)
|
|
||||||
|
|
||||||
SONIC_DOCKER_DBG_IMAGES += $(DOCKER_SNMP_SV2_DBG)
|
SONIC_DOCKER_DBG_IMAGES += $(DOCKER_SNMP_SV2_DBG)
|
||||||
SONIC_INSTALL_DOCKER_DBG_IMAGES += $(DOCKER_SNMP_SV2_DBG)
|
SONIC_INSTALL_DOCKER_DBG_IMAGES += $(DOCKER_SNMP_SV2_DBG)
|
||||||
SONIC_STRETCH_DBG_DOCKERS += $(DOCKER_SNMP_SV2_DBG)
|
|
||||||
|
|
||||||
$(DOCKER_SNMP_SV2)_CONTAINER_NAME = snmp
|
$(DOCKER_SNMP_SV2)_CONTAINER_NAME = snmp
|
||||||
$(DOCKER_SNMP_SV2)_RUN_OPT += --privileged -t
|
$(DOCKER_SNMP_SV2)_RUN_OPT += --privileged -t
|
||||||
|
@ -1,35 +0,0 @@
|
|||||||
PYTHON_VER=3.6.0-1
|
|
||||||
PYTHON_PNAME=python3.6
|
|
||||||
|
|
||||||
export PYTHON_VER
|
|
||||||
export PYTHON_PNAME
|
|
||||||
|
|
||||||
LIBPY3_MIN = lib$(PYTHON_PNAME)-minimal_$(PYTHON_VER)_$(CONFIGURED_ARCH).deb
|
|
||||||
$(LIBPY3_MIN)_SRC_PATH = $(SRC_PATH)/python3
|
|
||||||
$(LIBPY3_MIN)_DEPENDS +=
|
|
||||||
$(LIBPY3_MIN)_RDEPENDS +=
|
|
||||||
SONIC_MAKE_DEBS += $(LIBPY3_MIN)
|
|
||||||
|
|
||||||
LIBPY3_STD = lib$(PYTHON_PNAME)-stdlib_$(PYTHON_VER)_$(CONFIGURED_ARCH).deb
|
|
||||||
$(eval $(call add_derived_package,$(LIBPY3_MIN),$(LIBPY3_STD)))
|
|
||||||
$(LIBPY3_STD)_DEPENDS += $(LIBMPDECIMAL)
|
|
||||||
$(LIBPY3_STD)_RDEPENDS += $(LIBPY3_MIN) $(LIBMPDECIMAL)
|
|
||||||
|
|
||||||
LIBPY3 = lib$(PYTHON_PNAME)_$(PYTHON_VER)_$(CONFIGURED_ARCH).deb
|
|
||||||
$(eval $(call add_derived_package,$(LIBPY3_MIN),$(LIBPY3)))
|
|
||||||
$(LIBPY3)_DEPENDS += $(LIBPY3_STD)
|
|
||||||
$(LIBPY3)_RDEPENDS += $(LIBPY3_MIN) $(LIBPY3_STD)
|
|
||||||
|
|
||||||
PY3_MIN = $(PYTHON_PNAME)-minimal_$(PYTHON_VER)_$(CONFIGURED_ARCH).deb
|
|
||||||
$(eval $(call add_derived_package,$(LIBPY3_MIN),$(PY3_MIN)))
|
|
||||||
$(PY3_MIN)_RDEPENDS += $(LIBPY3_MIN)
|
|
||||||
|
|
||||||
PY3 = $(PYTHON_PNAME)_$(PYTHON_VER)_$(CONFIGURED_ARCH).deb
|
|
||||||
$(eval $(call add_derived_package,$(LIBPY3_MIN),$(PY3)))
|
|
||||||
$(PY3)_DEPENDS += $(PY3_MIN) $(LIBPY3_STD)
|
|
||||||
$(PY3)_RDEPENDS += $(PY3_MIN) $(LIBPY3_STD)
|
|
||||||
|
|
||||||
LIBPY3_DEV = lib$(PYTHON_PNAME)-dev_$(PYTHON_VER)_$(CONFIGURED_ARCH).deb
|
|
||||||
$(eval $(call add_derived_package,$(LIBPY3_MIN),$(LIBPY3_DEV)))
|
|
||||||
$(LIBPY3_DEV)_DEPENDS += $(LIBPY3) $($(LIBPY3)_DEPENDS)
|
|
||||||
$(LIBPY3_DEV)_RDEPENDS += $(LIBPY3) $($(LIBPY3)_RDEPENDS)
|
|
@ -1,7 +1,7 @@
|
|||||||
# snmpd package
|
# snmpd package
|
||||||
|
|
||||||
SNMPD_VERSION = 5.7.3+dfsg
|
SNMPD_VERSION = 5.7.3+dfsg
|
||||||
SNMPD_VERSION_FULL = $(SNMPD_VERSION)-1.5
|
SNMPD_VERSION_FULL = $(SNMPD_VERSION)-5
|
||||||
|
|
||||||
export SNMPD_VERSION SNMPD_VERSION_FULL
|
export SNMPD_VERSION SNMPD_VERSION_FULL
|
||||||
|
|
||||||
|
@ -19,10 +19,7 @@ $(addprefix $(DEST)/, $(MAIN_TARGET)): $(DEST)/% :
|
|||||||
rm -rf net-snmp-$(SNMPD_VERSION)
|
rm -rf net-snmp-$(SNMPD_VERSION)
|
||||||
|
|
||||||
# download debian net-snmp
|
# download debian net-snmp
|
||||||
wget -NO net-snmp_$(SNMPD_VERSION_FULL).dsc "https://sonicstorage.blob.core.windows.net/packages/net-snmp_5.7.3+dfsg-1.5.dsc?sv=2015-04-05&sr=b&sig=vDAYAKlwi7JjF%2FesdJUyf4VIEXPsCfLhqqTqNr75zBs%3D&se=2030-10-12T13%3A59%3A45Z&sp=r"
|
dget -u https://sonicstorage.blob.core.windows.net/debian/pool/main/n/net-snmp/net-snmp_$(SNMPD_VERSION_FULL).dsc
|
||||||
wget -NO net-snmp_$(SNMPD_VERSION).orig.tar.xz "https://sonicstorage.blob.core.windows.net/packages/net-snmp_5.7.3+dfsg.orig.tar.xz?sv=2015-04-05&sr=b&sig=UjIh%2FTcHrIEzEV7a%2BV2ZP4ks3xHlAA3wqyxkyV7Ms8I%3D&se=2030-10-12T13%3A58%3A19Z&sp=r"
|
|
||||||
wget -NO net-snmp_$(SNMPD_VERSION_FULL).debian.tar.xz "https://sonicstorage.blob.core.windows.net/packages/net-snmp_5.7.3+dfsg-1.5.debian.tar.xz?sv=2015-04-05&sr=b&sig=xJkmxjtKXYcPe4yR%2FuCA0TXUfT40rj4XUMBaiK9CjsA%3D&se=2030-10-12T14%3A00%3A15Z&sp=r"
|
|
||||||
dpkg-source -x net-snmp_$(SNMPD_VERSION_FULL).dsc
|
|
||||||
|
|
||||||
pushd net-snmp-$(SNMPD_VERSION)
|
pushd net-snmp-$(SNMPD_VERSION)
|
||||||
git init
|
git init
|
||||||
|
@ -1,184 +0,0 @@
|
|||||||
From: Andreas Henriksson <andreas@fatal.se>
|
|
||||||
Date: Sat, 23 Dec 2017 22:25:41 +0000
|
|
||||||
Subject: [PATCH] Port OpenSSL 1.1.0 with support for 1.0.2
|
|
||||||
|
|
||||||
Initial support for OpenSSL 1.1.0
|
|
||||||
|
|
||||||
Changes by sebastian@breakpoint.cc:
|
|
||||||
- added OpenSSL 1.0.2 glue layer for backwarts compatibility
|
|
||||||
- dropped HAVE_EVP_MD_CTX_CREATE + DESTROY and added a check for OpenSSL
|
|
||||||
version instead (and currently 1.0.2 is the only one supported).
|
|
||||||
|
|
||||||
BTS: https://bugs.debian.org/828449
|
|
||||||
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
|
|
||||||
---
|
|
||||||
apps/snmpusm.c | 43 ++++++++++++++++++++++++++++++++++++-------
|
|
||||||
configure.d/config_os_libs2 | 6 ------
|
|
||||||
snmplib/keytools.c | 13 ++++++-------
|
|
||||||
snmplib/scapi.c | 17 +++++------------
|
|
||||||
4 files changed, 47 insertions(+), 32 deletions(-)
|
|
||||||
|
|
||||||
--- a/apps/snmpusm.c
|
|
||||||
+++ b/apps/snmpusm.c
|
|
||||||
@@ -183,6 +183,31 @@ setup_oid(oid * it, size_t * len, u_char
|
|
||||||
}
|
|
||||||
|
|
||||||
#if defined(HAVE_OPENSSL_DH_H) && defined(HAVE_LIBCRYPTO)
|
|
||||||
+
|
|
||||||
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
|
|
||||||
+
|
|
||||||
+static void DH_get0_pqg(const DH *dh,
|
|
||||||
+ const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
|
|
||||||
+{
|
|
||||||
+ if (p != NULL)
|
|
||||||
+ *p = dh->p;
|
|
||||||
+ if (q != NULL)
|
|
||||||
+ *q = dh->q;
|
|
||||||
+ if (g != NULL)
|
|
||||||
+ *g = dh->g;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static void DH_get0_key(const DH *dh, const BIGNUM **pub_key,
|
|
||||||
+ const BIGNUM **priv_key)
|
|
||||||
+{
|
|
||||||
+ if (pub_key != NULL)
|
|
||||||
+ *pub_key = dh->pub_key;
|
|
||||||
+ if (priv_key != NULL)
|
|
||||||
+ *priv_key = dh->priv_key;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
int
|
|
||||||
get_USM_DH_key(netsnmp_variable_list *vars, netsnmp_variable_list *dhvar,
|
|
||||||
size_t outkey_len,
|
|
||||||
@@ -190,7 +215,7 @@ get_USM_DH_key(netsnmp_variable_list *va
|
|
||||||
oid *keyoid, size_t keyoid_len) {
|
|
||||||
u_char *dhkeychange;
|
|
||||||
DH *dh;
|
|
||||||
- BIGNUM *other_pub;
|
|
||||||
+ const BIGNUM *p, *g, *pub_key, *other_pub;
|
|
||||||
u_char *key;
|
|
||||||
size_t key_len;
|
|
||||||
|
|
||||||
@@ -205,25 +230,29 @@ get_USM_DH_key(netsnmp_variable_list *va
|
|
||||||
dh = d2i_DHparams(NULL, &cp, dhvar->val_len);
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (!dh || !dh->g || !dh->p) {
|
|
||||||
+ if (dh)
|
|
||||||
+ DH_get0_pqg(dh, &p, NULL, &g);
|
|
||||||
+
|
|
||||||
+ if (!dh || !g || !p) {
|
|
||||||
SNMP_FREE(dhkeychange);
|
|
||||||
return SNMPERR_GENERR;
|
|
||||||
}
|
|
||||||
|
|
||||||
- DH_generate_key(dh);
|
|
||||||
- if (!dh->pub_key) {
|
|
||||||
+ if (!DH_generate_key(dh)) {
|
|
||||||
SNMP_FREE(dhkeychange);
|
|
||||||
return SNMPERR_GENERR;
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (vars->val_len != (unsigned int)BN_num_bytes(dh->pub_key)) {
|
|
||||||
+ DH_get0_key(dh, &pub_key, NULL);
|
|
||||||
+
|
|
||||||
+ if (vars->val_len != (unsigned int)BN_num_bytes(pub_key)) {
|
|
||||||
SNMP_FREE(dhkeychange);
|
|
||||||
fprintf(stderr,"incorrect diffie-helman lengths (%lu != %d)\n",
|
|
||||||
- (unsigned long)vars->val_len, BN_num_bytes(dh->pub_key));
|
|
||||||
+ (unsigned long)vars->val_len, BN_num_bytes(pub_key));
|
|
||||||
return SNMPERR_GENERR;
|
|
||||||
}
|
|
||||||
|
|
||||||
- BN_bn2bin(dh->pub_key, dhkeychange + vars->val_len);
|
|
||||||
+ BN_bn2bin(pub_key, dhkeychange + vars->val_len);
|
|
||||||
|
|
||||||
key_len = DH_size(dh);
|
|
||||||
if (!key_len) {
|
|
||||||
--- a/configure.d/config_os_libs2
|
|
||||||
+++ b/configure.d/config_os_libs2
|
|
||||||
@@ -291,12 +291,6 @@ if test "x$tryopenssl" != "xno" -a "x$tr
|
|
||||||
AC_CHECK_LIB(${CRYPTO}, AES_cfb128_encrypt,
|
|
||||||
AC_DEFINE(HAVE_AES_CFB128_ENCRYPT, 1,
|
|
||||||
[Define to 1 if you have the `AES_cfb128_encrypt' function.]))
|
|
||||||
-
|
|
||||||
- AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_create,
|
|
||||||
- AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [],
|
|
||||||
- [Define to 1 if you have the `EVP_MD_CTX_create' function.])
|
|
||||||
- AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [],
|
|
||||||
- [Define to 1 if you have the `EVP_MD_CTX_destroy' function.]))
|
|
||||||
fi
|
|
||||||
if echo " $transport_result_list " | $GREP "DTLS" > /dev/null; then
|
|
||||||
AC_CHECK_LIB(ssl, DTLSv1_method,
|
|
||||||
--- a/snmplib/keytools.c
|
|
||||||
+++ b/snmplib/keytools.c
|
|
||||||
@@ -149,13 +149,13 @@ generate_Ku(const oid * hashtype, u_int
|
|
||||||
*/
|
|
||||||
#ifdef NETSNMP_USE_OPENSSL
|
|
||||||
|
|
||||||
-#ifdef HAVE_EVP_MD_CTX_CREATE
|
|
||||||
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
|
|
||||||
ctx = EVP_MD_CTX_create();
|
|
||||||
#else
|
|
||||||
- ctx = malloc(sizeof(*ctx));
|
|
||||||
- if (!EVP_MD_CTX_init(ctx))
|
|
||||||
- return SNMPERR_GENERR;
|
|
||||||
+ ctx = EVP_MD_CTX_new();
|
|
||||||
#endif
|
|
||||||
+ if (!ctx)
|
|
||||||
+ return SNMPERR_GENERR;
|
|
||||||
#ifndef NETSNMP_DISABLE_MD5
|
|
||||||
if (ISTRANSFORM(hashtype, HMACMD5Auth)) {
|
|
||||||
if (!EVP_DigestInit(ctx, EVP_md5()))
|
|
||||||
@@ -259,11 +259,10 @@ generate_Ku(const oid * hashtype, u_int
|
|
||||||
memset(buf, 0, sizeof(buf));
|
|
||||||
#ifdef NETSNMP_USE_OPENSSL
|
|
||||||
if (ctx) {
|
|
||||||
-#ifdef HAVE_EVP_MD_CTX_DESTROY
|
|
||||||
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
|
|
||||||
EVP_MD_CTX_destroy(ctx);
|
|
||||||
#else
|
|
||||||
- EVP_MD_CTX_cleanup(ctx);
|
|
||||||
- free(ctx);
|
|
||||||
+ EVP_MD_CTX_free(ctx);
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
--- a/snmplib/scapi.c
|
|
||||||
+++ b/snmplib/scapi.c
|
|
||||||
@@ -486,15 +486,10 @@ sc_hash(const oid * hashtype, size_t has
|
|
||||||
}
|
|
||||||
|
|
||||||
/** initialize the pointer */
|
|
||||||
-#ifdef HAVE_EVP_MD_CTX_CREATE
|
|
||||||
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
|
|
||||||
cptr = EVP_MD_CTX_create();
|
|
||||||
#else
|
|
||||||
- cptr = malloc(sizeof(*cptr));
|
|
||||||
-#if defined(OLD_DES)
|
|
||||||
- memset(cptr, 0, sizeof(*cptr));
|
|
||||||
-#else
|
|
||||||
- EVP_MD_CTX_init(cptr);
|
|
||||||
-#endif
|
|
||||||
+ cptr = EVP_MD_CTX_new();
|
|
||||||
#endif
|
|
||||||
if (!EVP_DigestInit(cptr, hashfn)) {
|
|
||||||
/* requested hash function is not available */
|
|
||||||
@@ -507,13 +502,11 @@ sc_hash(const oid * hashtype, size_t has
|
|
||||||
/** do the final pass */
|
|
||||||
EVP_DigestFinal(cptr, MAC, &tmp_len);
|
|
||||||
*MAC_len = tmp_len;
|
|
||||||
-#ifdef HAVE_EVP_MD_CTX_DESTROY
|
|
||||||
+
|
|
||||||
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
|
|
||||||
EVP_MD_CTX_destroy(cptr);
|
|
||||||
#else
|
|
||||||
-#if !defined(OLD_DES)
|
|
||||||
- EVP_MD_CTX_cleanup(cptr);
|
|
||||||
-#endif
|
|
||||||
- free(cptr);
|
|
||||||
+ EVP_MD_CTX_free(cptr);
|
|
||||||
#endif
|
|
||||||
return (rval);
|
|
@ -11,14 +11,12 @@ diff --git a/debian/rules b/debian/rules
|
|||||||
index 4c3b5b6..1fab6a4 100755
|
index 4c3b5b6..1fab6a4 100755
|
||||||
--- a/debian/rules
|
--- a/debian/rules
|
||||||
+++ b/debian/rules
|
+++ b/debian/rules
|
||||||
@@ -5,6 +5,7 @@
|
@@ -4,4 +4,5 @@
|
||||||
# without -pie build fails during perl module build somehow...
|
export DEB_BUILD_MAINT_OPTIONS := hardening=+all
|
||||||
export DEB_BUILD_MAINT_OPTIONS := hardening=+all,-pie
|
|
||||||
DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
|
DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
|
||||||
+DEB_BUILD_ARCH_OS ?= $(shell dpkg-architecture -qDEB_BUILD_ARCH_OS)
|
+DEB_BUILD_ARCH_OS ?= $(shell dpkg-architecture -qDEB_BUILD_ARCH_OS)
|
||||||
|
|
||||||
LIB_VERSION = 30
|
LIB_VERSION = 30
|
||||||
UPSTREAM_VERSION = $(shell dpkg-parsechangelog | egrep '^Version:' | cut -f 2 -d ':' | sed 's/ //' | sed 's/~dfsg.*$$//')
|
|
||||||
--
|
--
|
||||||
2.18.0
|
2.18.0
|
||||||
|
|
||||||
|
@ -1,7 +1,5 @@
|
|||||||
0001-SNMP-Stop-spamming-logs-with-statfs-permission-denie.patch
|
0001-SNMP-Stop-spamming-logs-with-statfs-permission-denie.patch
|
||||||
0002-at.c-properly-check-return-status-from-realloc.-Than.patch
|
0002-at.c-properly-check-return-status-from-realloc.-Than.patch
|
||||||
0003-CHANGES-BUG-2743-snmpd-crashes-when-receiving-a-GetN.patch
|
|
||||||
0005-Port-OpenSSL-1.1.0-with-support-for-1.0.2.patch
|
|
||||||
0006-From-Jiri-Cervenka-snmpd-Fixed-agentx-crashing-and-or-freezing-on-timeout.patch
|
0006-From-Jiri-Cervenka-snmpd-Fixed-agentx-crashing-and-or-freezing-on-timeout.patch
|
||||||
0007-Linux-VRF-5.7.3-Support.patch
|
0007-Linux-VRF-5.7.3-Support.patch
|
||||||
0008-Enable-macro-DEB_BUILD_ARCH_OS-in-order-to-build-ipv.patch
|
0008-Enable-macro-DEB_BUILD_ARCH_OS-in-order-to-build-ipv.patch
|
||||||
|
@ -1 +1 @@
|
|||||||
Subproject commit 7632ee89caa8a485d68ce389f60f202fce197579
|
Subproject commit c8e5757b7f5495607bbf13d936f106991c13ddf5
|
Loading…
Reference in New Issue
Block a user