open-isns: add open-isns libs

needed for open-iscsi

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>

net/open-isns/Makefile

@@ -0,0 +1,54 @@
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=open-isns
+PKG_VERSION:=0.100
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/open-iscsi/open-isns/tar.gz/v$(PKG_VERSION)?
+PKG_HASH:=b011edbb0f31690aaca902a8ecf4e1f17b01d6c9e9afc51909d26b0993b4328f
+
+PKG_MAINTAINER:=Lucian CRISTIAN <lucian.cristian@gmail.com>
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
+
+PKG_FIXUP:=autoreconf
+PKG_BUILD_PARALLEL:=1
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/open-isns
+  SECTION:=libs
+  CATEGORY:=Libraries
+  URL:=http://www.open-iscsi.com/
+  TITLE:=open-isns
+  DEPENDS:=+libopenssl
+endef
+
+define Package/open-isns/description
+This is a partial implementation of iSNS, according to RFC4171.
+endef
+
+CONFIGURE_ARGS += \
+    --enable-shared
+
+TARGET_CFLAGS += $(FPIC) -flto
+TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed
+
+define Build/InstallDev
+	$(INSTALL_DIR) $(1)/usr/include/libisns
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/include/libisns/* $(1)/usr/include/libisns/
+	$(INSTALL_DIR) $(1)/usr/lib
+	$(CP) $(PKG_BUILD_DIR)/libisns.so* $(1)/usr/lib/
+endef
+
+define Package/open-isns/install
+	$(INSTALL_DIR) $(1)/usr/lib
+	$(CP) $(PKG_BUILD_DIR)/libisns.so* $(1)/usr/lib/
+endef
+
+$(eval $(call BuildPackage,open-isns))

net/open-isns/patches/01-security_mode.patch

@@ -0,0 +1,185 @@
+From 0543f1d02ee733d34ee109d00e7d0efd432bb37b Mon Sep 17 00:00:00 2001
+From: Lee Duncan <lduncan@suse.com>
+Date: Tue, 28 Jan 2020 11:49:55 -0800
+Subject: [PATCH] Fix compiler issue when not in security mode
+
+---
+ client.c               | 20 +++++++++++++-------
+ db-policy.c            | 12 +++++++++---
+ include/libisns/util.h |  1 +
+ isnsadm.c              |  2 +-
+ security.c             | 14 ++++++++------
+ socket.c               |  5 +++--
+ 6 files changed, 35 insertions(+), 19 deletions(-)
+
+diff --git a/client.c b/client.c
+index 8487877..fda26be 100644
+--- a/client.c
++++ b/client.c
+@@ -122,22 +122,17 @@ isns_client_get_local_address(const isns_client_t *clnt,
+ /*
+  * Create a security context
+  */
++#ifdef WITH_SECURITY
+ static isns_security_t *
+ __create_security_context(const char *name, const char *auth_key,
+ 		const char *server_key)
+ {
+-#ifdef WITH_SECURITY
+ 	isns_security_t 	*ctx;
+ 	isns_principal_t	*princ;
+-#endif /* WITH_SECURITY */
+ 
+ 	if (!isns_config.ic_security)
+ 		return NULL;
+ 
+-#ifndef WITH_SECURITY
+-	isns_error("Cannot create security context: security disabled at build time\n");
+-	return NULL;
+-#else /* WITH_SECURITY */
+ 	ctx = isns_create_dsa_context();
+ 	if (ctx == NULL)
+ 		isns_fatal("Unable to create security context\n");
+@@ -174,8 +169,19 @@ __create_security_context(const char *name, const char *auth_key,
+ 	}
+ 
+ 	return ctx;
+-#endif /* WITH_SECURITY */
+ }
++#else	/* WITH_SECURITY */
++static isns_security_t *
++__create_security_context(__attribute__((unused))const char *name,
++			  __attribute__((unused))const char *auth_key,
++			  __attribute__((unused))const char *server_key)
++{
++	if (!isns_config.ic_security)
++		return NULL;
++	isns_error("Cannot create security context: security disabled at build time\n");
++	return NULL;
++}
++#endif	/* WITH_SECURITY */
+ 
+ /*
+  * Create the default security context
+diff --git a/db-policy.c b/db-policy.c
+index b1c46e2..d4a0cba 100644
+--- a/db-policy.c
++++ b/db-policy.c
+@@ -52,11 +52,11 @@ __isns_db_keystore_lookup(isns_db_keystore_t *store,
+ /*
+  * Load a DSA key from the DB store
+  */
++#ifdef WITH_SECURITY
+ static EVP_PKEY *
+ __isns_db_keystore_find(isns_keystore_t *store_base,
+ 		const char *name, size_t namelen)
+ {
+-#ifdef WITH_SECURITY
+ 	isns_db_keystore_t *store = (isns_db_keystore_t *) store_base;
+ 	isns_object_t	*obj;
+ 	const void	*key_data;
+@@ -71,10 +71,16 @@ __isns_db_keystore_find(isns_keystore_t *store_base,
+ 		return NULL;
+ 
+ 	return isns_dsa_decode_public(key_data, key_size);
+-#else
++}
++#else	/* WITH_SECURITY */
++static EVP_PKEY *
++__isns_db_keystore_find(__attribute__((unused))isns_keystore_t *store_base,
++			__attribute__((unused))const char *name,
++			__attribute__((unused))size_t namelen)
++{
+ 	return NULL;
+-#endif
+ }
++#endif	/* WITH_SECURITY */
+ 
+ /*
+  * Retrieve policy from database
+diff --git a/include/libisns/util.h b/include/libisns/util.h
+index 4174480..e5ed037 100644
+--- a/include/libisns/util.h
++++ b/include/libisns/util.h
+@@ -14,6 +14,7 @@
+ #include <string.h>	// for strdup
+ #include <signal.h>
+ #include <libisns/types.h>
++#include <stdlib.h>
+ 
+ #define array_num_elements(a) (sizeof(a) / sizeof((a)[0]))
+ 
+diff --git a/isnsadm.c b/isnsadm.c
+index 7a96007..94c705e 100644
+--- a/isnsadm.c
++++ b/isnsadm.c
+@@ -1162,7 +1162,7 @@ generate_key_callback(void)
+ }
+ 
+ isns_attr_t *
+-load_key_callback(const char *pathname)
++load_key_callback(__attribute__((unused))const char *pathname)
+ {
+ 	isns_fatal("Authentication disabled in this build\n");
+ 	return NULL;
+diff --git a/security.c b/security.c
+index 673a26e..68eb779 100644
+--- a/security.c
++++ b/security.c
+@@ -408,32 +408,34 @@ isns_security_init(void)
+ }
+ 
+ isns_keystore_t *
+-isns_create_keystore(const char *spec)
++isns_create_keystore(__attribute__((unused))const char *spec)
+ {
+ 	isns_no_security();
+ 	return NULL;
+ }
+ 
+ void
+-isns_security_set_keystore(isns_security_t *ctx,
+-			isns_keystore_t *ks)
++isns_security_set_keystore(__attribute__((unused))isns_security_t *ctx,
++			   __attribute__((unused))isns_keystore_t *ks)
+ {
+ 	isns_no_security();
+ }
+ 
+ void
+-isns_principal_free(isns_principal_t *peer)
++isns_principal_free(__attribute__((unused))isns_principal_t *peer)
+ {
+ }
+ 
+ isns_principal_t *
+-isns_get_principal(isns_security_t *ctx, const char *spi, size_t spi_len)
++isns_get_principal(__attribute__((unused))isns_security_t *ctx,
++		   __attribute__((unused))const char *spi,
++		   __attribute__((unused))size_t spi_len)
+ {
+ 	return NULL;
+ }
+ 
+ const char *
+-isns_principal_name(const isns_principal_t *princ)
++isns_principal_name(__attribute__((unused))const isns_principal_t *princ)
+ {
+ 	return NULL;
+ }
+diff --git a/socket.c b/socket.c
+index da9f5dc..a76d593 100644
+--- a/socket.c
++++ b/socket.c
+@@ -322,8 +322,9 @@ isns_pdu_authenticate(isns_security_t *sec,
+ }
+ #else /* WITH_SECURITY */
+ static int
+-isns_pdu_authenticate(isns_security_t *sec,
+-		struct isns_partial_msg *msg, buf_t *bp)
++isns_pdu_authenticate(__attribute__((unused))isns_security_t *sec,
++		      __attribute__((unused))struct isns_partial_msg *msg,
++		      __attribute__((unused))buf_t *bp)
+ {
+ 	return 0;
+ }

net/open-isns/patches/02-fix_signed_vs_unsigned.patch

@@ -0,0 +1,41 @@
+From 40eb9ce75518817762a0eac4a93016ab817add89 Mon Sep 17 00:00:00 2001
+From: Lee Duncan <lduncan@suse.com>
+Date: Sat, 1 Feb 2020 10:23:04 -0800
+Subject: [PATCH] Fix 586 compile issue and remove -Werror
+
+Using -Werror causes any issue to break the build, whereas
+I'd rather let the build continue and address the issue.
+
+Also, fixed one signed-vs-unsigned compare for time_t, which
+shows up only on 586 (32-bit).
+---
+ configure.ac | 2 +-
+ isnsdd.c     | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index e4f3995..d956e58 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -17,7 +17,7 @@ AC_PATH_PROG(SH, sh)
+ dnl C Compiler features
+ AC_C_INLINE
+ if test "$GCC" = "yes"; then
+-        CFLAGS="-Wall -Werror -Wextra $CFLAGS"
++        CFLAGS="-Wall -Wextra $CFLAGS"
+ 	CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE"
+ fi
+ 
+diff --git a/isnsdd.c b/isnsdd.c
+index 58825cc..9cedb9f 100644
+--- a/isnsdd.c
++++ b/isnsdd.c
+@@ -401,7 +401,7 @@ check_portal_registration(__attribute__((unused))void *ptr)
+ 			continue;
+ 
+ 		last_modified = isns_object_last_modified(obj);
+-		if (last_modified + 2 * interval > now) {
++		if ((time_t)(last_modified + 2 * interval) > now) {
+ 			good_portals++;
+ 			continue;
+ 		}

net/open-isns/patches/03-include_poll_h.patch

@@ -0,0 +1,24 @@
+From 2e27c43228210eaa7aaabc2048c78645f319d080 Mon Sep 17 00:00:00 2001
+From: Leo <thinkabit.ukim@gmail.com>
+Date: Tue, 4 Feb 2020 05:42:22 +0100
+Subject: [PATCH] socket.c: include poll.h instead of sys/poll.h for POSIX
+ compatibility
+
+https://pubs.opengroup.org/onlinepubs/009695399/basedefs/poll.h.html
+---
+ socket.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/socket.c b/socket.c
+index a76d593..432a9bd 100644
+--- a/socket.c
++++ b/socket.c
+@@ -5,7 +5,7 @@
+  */
+ 
+ #include <sys/socket.h>
+-#include <sys/poll.h>
++#include <poll.h>
+ #include <sys/time.h>
+ #include <sys/un.h>
+ #include <string.h>

net/open-isns/patches/04-ignore_write.patch

@@ -0,0 +1,86 @@
+From 4c39cb09735a494099fba0474d25ff26800de952 Mon Sep 17 00:00:00 2001
+From: Lee Duncan <lduncan@suse.com>
+Date: Wed, 29 Jan 2020 12:47:16 -0800
+Subject: [PATCH] Do not ignore write() return value.
+
+Some distros set the warn_unused_result attribute for the write()
+system call, so check the return value.
+---
+ pki.c | 37 ++++++++++++++++++++++++++++++++-----
+ 1 file changed, 32 insertions(+), 5 deletions(-)
+
+diff --git a/pki.c b/pki.c
+index 486d9bb..57ea664 100644
+--- a/pki.c
++++ b/pki.c
+@@ -9,12 +9,13 @@
+ #include <unistd.h>
+ #include <limits.h>
+ #include "config.h"
++#include <fcntl.h>
++#include <assert.h>
+ #ifdef	WITH_SECURITY
+ #include <openssl/pem.h>
+ #include <openssl/err.h>
+ #include <openssl/evp.h>
+ #endif
+-#include <fcntl.h>
+ #include <libisns/isns.h>
+ #include "security.h"
+ #include <libisns/util.h>
+@@ -431,17 +432,43 @@ isns_dsa_load_params(const char *filename)
+ 	return dsa;
+ }
+ 
++/*
++ * write one 'status' character to stdout
++ */
++static void
++write_status_byte(int ch)
++{
++	static int	stdout_fd = 1;	/* fileno(stdout) */
++	char		buf[2];
++	int		res;
++
++	/*
++	 * We don't actually care about the return value here, since
++	 * we are just dumping a status byte to stdout, but
++	 * some linux distrubutions set the warn_unused_result attribute
++	 * for the write() API, so we might as well use the return value
++	 * to make sure the write command isn't broken.
++	 */
++	assert(ch);
++	buf[0] = ch;
++	buf[1] = '\0';
++	res = write(stdout_fd, buf, 1);
++	assert(res == 1);
++}
++
+ static int
+ isns_dsa_param_gen_callback(int stage,
+ 		__attribute__((unused))int index,
+ 		__attribute__((unused))void *dummy)
+ {
+ 	if (stage == 0)
+-		write(1, "+", 1);
++		write_status_byte('+');
+ 	else if (stage == 1)
+-		write(1, ".", 1);
++		write_status_byte('.');
+ 	else if (stage == 2)
+-		write(1, "/", 1);
++		write_status_byte('/');
++
++	/* as a callback, we must return a value, so just return success */
+ 	return 0;
+ }
+ 
+@@ -478,7 +505,7 @@ isns_dsa_init_params(const char *filename)
+ 	dsa = DSA_generate_parameters(dsa_key_bits, NULL, 0,
+ 			NULL, NULL, isns_dsa_param_gen_callback, NULL);
+ #endif
+-	write(1, "\n", 1);
++	write_status_byte('\n');
+ 
+ 	if (dsa == NULL) {
+ 		isns_dsasig_report_errors("Error generating DSA parameters",

net/open-isns/patches/10-without_deprecated_openssl.patch

@@ -0,0 +1,26 @@
+--- a/pki.c
++++ b/pki.c
+@@ -15,6 +15,8 @@
+ #include <openssl/pem.h>
+ #include <openssl/err.h>
+ #include <openssl/evp.h>
++#include <openssl/dsa.h>
++#include <openssl/bn.h>
+ #endif
+ #include <libisns/isns.h>
+ #include "security.h"
+@@ -97,13 +99,11 @@ isns_create_dsa_context(void)
+ 	isns_security_t	*ctx;
+ 
+ 	if (!isns_openssl_init) {
+-		ERR_load_crypto_strings();
+ #if OPENSSL_API_COMPAT < 0x10100000L
++		ERR_load_crypto_strings();
+ 		OpenSSL_add_all_algorithms();
+ 		OpenSSL_add_all_ciphers();
+ 		OpenSSL_add_all_digests();
+-#else
+-		OPENSSL_init_crypto();
+ #endif
+ 		isns_openssl_init = 1;
+ 	}