From 3ee65300d100a9040823c4b7a007e33bf477fa96 Mon Sep 17 00:00:00 2001 From: Rosen Penev Date: Fri, 2 Nov 2018 18:35:43 -0700 Subject: [PATCH] libldns: Fix OpenSSL deprecated API usage Tested with OpenSSL 1.0.2 and 1.1.1 Signed-off-by: Rosen Penev [minor tweak to add #ifdef HAVE_SSL in host2str.c] Signed-off-by: Kevin Darbyshire-Bryant --- libs/ldns/Makefile | 3 +- .../ldns/patches/200-deprecated-openssl.patch | 78 +++++++++++++++++++ 2 files changed, 80 insertions(+), 1 deletion(-) create mode 100644 libs/ldns/patches/200-deprecated-openssl.patch diff --git a/libs/ldns/Makefile b/libs/ldns/Makefile index 845bfff40..291e6912f 100644 --- a/libs/ldns/Makefile +++ b/libs/ldns/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ldns PKG_VERSION:=1.7.0 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://www.nlnetlabs.nl/downloads/ldns @@ -20,6 +20,7 @@ PKG_LICENSE_FILES:=LICENSE PKG_MAINTAINER:= PKG_FIXUP:=autoreconf +PKG_BUILD_PARALLEL:=1 PKG_INSTALL:=1 include $(INCLUDE_DIR)/package.mk diff --git a/libs/ldns/patches/200-deprecated-openssl.patch b/libs/ldns/patches/200-deprecated-openssl.patch new file mode 100644 index 000000000..cdeff84a7 --- /dev/null +++ b/libs/ldns/patches/200-deprecated-openssl.patch @@ -0,0 +1,78 @@ +--- a/dnssec.c ++++ b/dnssec.c +@@ -23,6 +23,9 @@ + #include + #include + #include ++#include ++#include ++#include + #endif + + ldns_rr * +--- a/dnssec_sign.c ++++ b/dnssec_sign.c +@@ -17,6 +17,9 @@ + #include + #include + #include ++#include ++#include ++#include + #endif /* HAVE_SSL */ + + ldns_rr * +--- a/dnssec_verify.c ++++ b/dnssec_verify.c +@@ -594,7 +594,9 @@ ldns_dnssec_trust_tree_print_sm_fmt(FILE + if (tree->parent_status[i] + == LDNS_STATUS_SSL_ERR) { + printf("; SSL Error: "); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + ERR_load_crypto_strings(); ++#endif + ERR_print_errors_fp(stdout); + printf("\n"); + } +--- a/drill/drill.c ++++ b/drill/drill.c +@@ -1013,7 +1013,7 @@ main(int argc, char *argv[]) + xfree(tsig_data); + xfree(tsig_algorithm); + +-#ifdef HAVE_SSL ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + CRYPTO_cleanup_all_ex_data(); + ERR_free_strings(); + EVP_cleanup(); +--- a/host2str.c ++++ b/host2str.c +@@ -28,6 +28,12 @@ + #include + #include + ++#ifdef HAVE_SSL ++#include ++#include ++#include ++#endif ++ + #ifndef INET_ADDRSTRLEN + #define INET_ADDRSTRLEN 16 + #endif +--- a/keys.c ++++ b/keys.c +@@ -16,8 +16,12 @@ + + #ifdef HAVE_SSL + #include +-#include + #include ++#include ++#include ++#include ++#include ++#include + #endif /* HAVE_SSL */ + + ldns_lookup_table ldns_signing_algorithms[] = {