From e3f6f7d50e6f5b43e9795f1b8a5b54e185eee744 Mon Sep 17 00:00:00 2001 From: Lucian Cristian Date: Sun, 12 Apr 2020 03:02:49 +0300 Subject: [PATCH] open-isns: add open-isns libs needed for open-iscsi Signed-off-by: Lucian Cristian --- net/open-isns/Makefile | 54 +++++ net/open-isns/patches/01-security_mode.patch | 185 ++++++++++++++++++ .../patches/02-fix_signed_vs_unsigned.patch | 41 ++++ net/open-isns/patches/03-include_poll_h.patch | 24 +++ net/open-isns/patches/04-ignore_write.patch | 86 ++++++++ .../10-without_deprecated_openssl.patch | 26 +++ 6 files changed, 416 insertions(+) create mode 100644 net/open-isns/Makefile create mode 100644 net/open-isns/patches/01-security_mode.patch create mode 100644 net/open-isns/patches/02-fix_signed_vs_unsigned.patch create mode 100644 net/open-isns/patches/03-include_poll_h.patch create mode 100644 net/open-isns/patches/04-ignore_write.patch create mode 100644 net/open-isns/patches/10-without_deprecated_openssl.patch diff --git a/net/open-isns/Makefile b/net/open-isns/Makefile new file mode 100644 index 000000000..12df1260a --- /dev/null +++ b/net/open-isns/Makefile @@ -0,0 +1,54 @@ +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. + +include $(TOPDIR)/rules.mk + +PKG_NAME:=open-isns +PKG_VERSION:=0.100 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://codeload.github.com/open-iscsi/open-isns/tar.gz/v$(PKG_VERSION)? +PKG_HASH:=b011edbb0f31690aaca902a8ecf4e1f17b01d6c9e9afc51909d26b0993b4328f + +PKG_MAINTAINER:=Lucian CRISTIAN +PKG_LICENSE:=GPL-2.0-or-later +PKG_LICENSE_FILES:=COPYING + +PKG_FIXUP:=autoreconf +PKG_BUILD_PARALLEL:=1 +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/open-isns + SECTION:=libs + CATEGORY:=Libraries + URL:=http://www.open-iscsi.com/ + TITLE:=open-isns + DEPENDS:=+libopenssl +endef + +define Package/open-isns/description +This is a partial implementation of iSNS, according to RFC4171. +endef + +CONFIGURE_ARGS += \ + --enable-shared + +TARGET_CFLAGS += $(FPIC) -flto +TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include/libisns + $(INSTALL_DATA) $(PKG_BUILD_DIR)/include/libisns/* $(1)/usr/include/libisns/ + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_BUILD_DIR)/libisns.so* $(1)/usr/lib/ +endef + +define Package/open-isns/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_BUILD_DIR)/libisns.so* $(1)/usr/lib/ +endef + +$(eval $(call BuildPackage,open-isns)) diff --git a/net/open-isns/patches/01-security_mode.patch b/net/open-isns/patches/01-security_mode.patch new file mode 100644 index 000000000..dc827bd96 --- /dev/null +++ b/net/open-isns/patches/01-security_mode.patch @@ -0,0 +1,185 @@ +From 0543f1d02ee733d34ee109d00e7d0efd432bb37b Mon Sep 17 00:00:00 2001 +From: Lee Duncan +Date: Tue, 28 Jan 2020 11:49:55 -0800 +Subject: [PATCH] Fix compiler issue when not in security mode + +--- + client.c | 20 +++++++++++++------- + db-policy.c | 12 +++++++++--- + include/libisns/util.h | 1 + + isnsadm.c | 2 +- + security.c | 14 ++++++++------ + socket.c | 5 +++-- + 6 files changed, 35 insertions(+), 19 deletions(-) + +diff --git a/client.c b/client.c +index 8487877..fda26be 100644 +--- a/client.c ++++ b/client.c +@@ -122,22 +122,17 @@ isns_client_get_local_address(const isns_client_t *clnt, + /* + * Create a security context + */ ++#ifdef WITH_SECURITY + static isns_security_t * + __create_security_context(const char *name, const char *auth_key, + const char *server_key) + { +-#ifdef WITH_SECURITY + isns_security_t *ctx; + isns_principal_t *princ; +-#endif /* WITH_SECURITY */ + + if (!isns_config.ic_security) + return NULL; + +-#ifndef WITH_SECURITY +- isns_error("Cannot create security context: security disabled at build time\n"); +- return NULL; +-#else /* WITH_SECURITY */ + ctx = isns_create_dsa_context(); + if (ctx == NULL) + isns_fatal("Unable to create security context\n"); +@@ -174,8 +169,19 @@ __create_security_context(const char *name, const char *auth_key, + } + + return ctx; +-#endif /* WITH_SECURITY */ + } ++#else /* WITH_SECURITY */ ++static isns_security_t * ++__create_security_context(__attribute__((unused))const char *name, ++ __attribute__((unused))const char *auth_key, ++ __attribute__((unused))const char *server_key) ++{ ++ if (!isns_config.ic_security) ++ return NULL; ++ isns_error("Cannot create security context: security disabled at build time\n"); ++ return NULL; ++} ++#endif /* WITH_SECURITY */ + + /* + * Create the default security context +diff --git a/db-policy.c b/db-policy.c +index b1c46e2..d4a0cba 100644 +--- a/db-policy.c ++++ b/db-policy.c +@@ -52,11 +52,11 @@ __isns_db_keystore_lookup(isns_db_keystore_t *store, + /* + * Load a DSA key from the DB store + */ ++#ifdef WITH_SECURITY + static EVP_PKEY * + __isns_db_keystore_find(isns_keystore_t *store_base, + const char *name, size_t namelen) + { +-#ifdef WITH_SECURITY + isns_db_keystore_t *store = (isns_db_keystore_t *) store_base; + isns_object_t *obj; + const void *key_data; +@@ -71,10 +71,16 @@ __isns_db_keystore_find(isns_keystore_t *store_base, + return NULL; + + return isns_dsa_decode_public(key_data, key_size); +-#else ++} ++#else /* WITH_SECURITY */ ++static EVP_PKEY * ++__isns_db_keystore_find(__attribute__((unused))isns_keystore_t *store_base, ++ __attribute__((unused))const char *name, ++ __attribute__((unused))size_t namelen) ++{ + return NULL; +-#endif + } ++#endif /* WITH_SECURITY */ + + /* + * Retrieve policy from database +diff --git a/include/libisns/util.h b/include/libisns/util.h +index 4174480..e5ed037 100644 +--- a/include/libisns/util.h ++++ b/include/libisns/util.h +@@ -14,6 +14,7 @@ + #include // for strdup + #include + #include ++#include + + #define array_num_elements(a) (sizeof(a) / sizeof((a)[0])) + +diff --git a/isnsadm.c b/isnsadm.c +index 7a96007..94c705e 100644 +--- a/isnsadm.c ++++ b/isnsadm.c +@@ -1162,7 +1162,7 @@ generate_key_callback(void) + } + + isns_attr_t * +-load_key_callback(const char *pathname) ++load_key_callback(__attribute__((unused))const char *pathname) + { + isns_fatal("Authentication disabled in this build\n"); + return NULL; +diff --git a/security.c b/security.c +index 673a26e..68eb779 100644 +--- a/security.c ++++ b/security.c +@@ -408,32 +408,34 @@ isns_security_init(void) + } + + isns_keystore_t * +-isns_create_keystore(const char *spec) ++isns_create_keystore(__attribute__((unused))const char *spec) + { + isns_no_security(); + return NULL; + } + + void +-isns_security_set_keystore(isns_security_t *ctx, +- isns_keystore_t *ks) ++isns_security_set_keystore(__attribute__((unused))isns_security_t *ctx, ++ __attribute__((unused))isns_keystore_t *ks) + { + isns_no_security(); + } + + void +-isns_principal_free(isns_principal_t *peer) ++isns_principal_free(__attribute__((unused))isns_principal_t *peer) + { + } + + isns_principal_t * +-isns_get_principal(isns_security_t *ctx, const char *spi, size_t spi_len) ++isns_get_principal(__attribute__((unused))isns_security_t *ctx, ++ __attribute__((unused))const char *spi, ++ __attribute__((unused))size_t spi_len) + { + return NULL; + } + + const char * +-isns_principal_name(const isns_principal_t *princ) ++isns_principal_name(__attribute__((unused))const isns_principal_t *princ) + { + return NULL; + } +diff --git a/socket.c b/socket.c +index da9f5dc..a76d593 100644 +--- a/socket.c ++++ b/socket.c +@@ -322,8 +322,9 @@ isns_pdu_authenticate(isns_security_t *sec, + } + #else /* WITH_SECURITY */ + static int +-isns_pdu_authenticate(isns_security_t *sec, +- struct isns_partial_msg *msg, buf_t *bp) ++isns_pdu_authenticate(__attribute__((unused))isns_security_t *sec, ++ __attribute__((unused))struct isns_partial_msg *msg, ++ __attribute__((unused))buf_t *bp) + { + return 0; + } diff --git a/net/open-isns/patches/02-fix_signed_vs_unsigned.patch b/net/open-isns/patches/02-fix_signed_vs_unsigned.patch new file mode 100644 index 000000000..2d966dd3a --- /dev/null +++ b/net/open-isns/patches/02-fix_signed_vs_unsigned.patch @@ -0,0 +1,41 @@ +From 40eb9ce75518817762a0eac4a93016ab817add89 Mon Sep 17 00:00:00 2001 +From: Lee Duncan +Date: Sat, 1 Feb 2020 10:23:04 -0800 +Subject: [PATCH] Fix 586 compile issue and remove -Werror + +Using -Werror causes any issue to break the build, whereas +I'd rather let the build continue and address the issue. + +Also, fixed one signed-vs-unsigned compare for time_t, which +shows up only on 586 (32-bit). +--- + configure.ac | 2 +- + isnsdd.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index e4f3995..d956e58 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -17,7 +17,7 @@ AC_PATH_PROG(SH, sh) + dnl C Compiler features + AC_C_INLINE + if test "$GCC" = "yes"; then +- CFLAGS="-Wall -Werror -Wextra $CFLAGS" ++ CFLAGS="-Wall -Wextra $CFLAGS" + CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE" + fi + +diff --git a/isnsdd.c b/isnsdd.c +index 58825cc..9cedb9f 100644 +--- a/isnsdd.c ++++ b/isnsdd.c +@@ -401,7 +401,7 @@ check_portal_registration(__attribute__((unused))void *ptr) + continue; + + last_modified = isns_object_last_modified(obj); +- if (last_modified + 2 * interval > now) { ++ if ((time_t)(last_modified + 2 * interval) > now) { + good_portals++; + continue; + } diff --git a/net/open-isns/patches/03-include_poll_h.patch b/net/open-isns/patches/03-include_poll_h.patch new file mode 100644 index 000000000..cf87b51b5 --- /dev/null +++ b/net/open-isns/patches/03-include_poll_h.patch @@ -0,0 +1,24 @@ +From 2e27c43228210eaa7aaabc2048c78645f319d080 Mon Sep 17 00:00:00 2001 +From: Leo +Date: Tue, 4 Feb 2020 05:42:22 +0100 +Subject: [PATCH] socket.c: include poll.h instead of sys/poll.h for POSIX + compatibility + +https://pubs.opengroup.org/onlinepubs/009695399/basedefs/poll.h.html +--- + socket.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/socket.c b/socket.c +index a76d593..432a9bd 100644 +--- a/socket.c ++++ b/socket.c +@@ -5,7 +5,7 @@ + */ + + #include +-#include ++#include + #include + #include + #include diff --git a/net/open-isns/patches/04-ignore_write.patch b/net/open-isns/patches/04-ignore_write.patch new file mode 100644 index 000000000..012bea7d4 --- /dev/null +++ b/net/open-isns/patches/04-ignore_write.patch @@ -0,0 +1,86 @@ +From 4c39cb09735a494099fba0474d25ff26800de952 Mon Sep 17 00:00:00 2001 +From: Lee Duncan +Date: Wed, 29 Jan 2020 12:47:16 -0800 +Subject: [PATCH] Do not ignore write() return value. + +Some distros set the warn_unused_result attribute for the write() +system call, so check the return value. +--- + pki.c | 37 ++++++++++++++++++++++++++++++++----- + 1 file changed, 32 insertions(+), 5 deletions(-) + +diff --git a/pki.c b/pki.c +index 486d9bb..57ea664 100644 +--- a/pki.c ++++ b/pki.c +@@ -9,12 +9,13 @@ + #include + #include + #include "config.h" ++#include ++#include + #ifdef WITH_SECURITY + #include + #include + #include + #endif +-#include + #include + #include "security.h" + #include +@@ -431,17 +432,43 @@ isns_dsa_load_params(const char *filename) + return dsa; + } + ++/* ++ * write one 'status' character to stdout ++ */ ++static void ++write_status_byte(int ch) ++{ ++ static int stdout_fd = 1; /* fileno(stdout) */ ++ char buf[2]; ++ int res; ++ ++ /* ++ * We don't actually care about the return value here, since ++ * we are just dumping a status byte to stdout, but ++ * some linux distrubutions set the warn_unused_result attribute ++ * for the write() API, so we might as well use the return value ++ * to make sure the write command isn't broken. ++ */ ++ assert(ch); ++ buf[0] = ch; ++ buf[1] = '\0'; ++ res = write(stdout_fd, buf, 1); ++ assert(res == 1); ++} ++ + static int + isns_dsa_param_gen_callback(int stage, + __attribute__((unused))int index, + __attribute__((unused))void *dummy) + { + if (stage == 0) +- write(1, "+", 1); ++ write_status_byte('+'); + else if (stage == 1) +- write(1, ".", 1); ++ write_status_byte('.'); + else if (stage == 2) +- write(1, "/", 1); ++ write_status_byte('/'); ++ ++ /* as a callback, we must return a value, so just return success */ + return 0; + } + +@@ -478,7 +505,7 @@ isns_dsa_init_params(const char *filename) + dsa = DSA_generate_parameters(dsa_key_bits, NULL, 0, + NULL, NULL, isns_dsa_param_gen_callback, NULL); + #endif +- write(1, "\n", 1); ++ write_status_byte('\n'); + + if (dsa == NULL) { + isns_dsasig_report_errors("Error generating DSA parameters", diff --git a/net/open-isns/patches/10-without_deprecated_openssl.patch b/net/open-isns/patches/10-without_deprecated_openssl.patch new file mode 100644 index 000000000..641eea04c --- /dev/null +++ b/net/open-isns/patches/10-without_deprecated_openssl.patch @@ -0,0 +1,26 @@ +--- a/pki.c ++++ b/pki.c +@@ -15,6 +15,8 @@ + #include + #include + #include ++#include ++#include + #endif + #include + #include "security.h" +@@ -97,13 +99,11 @@ isns_create_dsa_context(void) + isns_security_t *ctx; + + if (!isns_openssl_init) { +- ERR_load_crypto_strings(); + #if OPENSSL_API_COMPAT < 0x10100000L ++ ERR_load_crypto_strings(); + OpenSSL_add_all_algorithms(); + OpenSSL_add_all_ciphers(); + OpenSSL_add_all_digests(); +-#else +- OPENSSL_init_crypto(); + #endif + isns_openssl_init = 1; + }