Browse Source

freeradius3: allow build without openssl engines

This applies a patch from upstream that avoids a call to ENGINE_cleanup
when the openssl library was built without engine support.

A workaround for a missing header check was used to silence a warning
about the implicit definition of RAND_load_file.  A proper fix has been
merged upstream as well.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
lilik-openwrt-22.03
Eneas U de Queiroz 6 years ago
parent
commit
f7db77282c
No known key found for this signature in database GPG Key ID: 1EB043ABD7ACF202
2 changed files with 32 additions and 1 deletions
  1. +8
    -1
      net/freeradius3/Makefile
  2. +24
    -0
      net/freeradius3/patches/004-tls.c-allow-build-with-no-openssl-engine-support.patch

+ 8
- 1
net/freeradius3/Makefile View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=freeradius3 PKG_NAME:=freeradius3
PKG_VERSION:=release_3_0_17 PKG_VERSION:=release_3_0_17
PKG_RELEASE:=2
PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/FreeRADIUS/freeradius-server/archive PKG_SOURCE_URL:=https://github.com/FreeRADIUS/freeradius-server/archive
@ -381,6 +381,13 @@ define Package/freeradius3-utils
TITLE:=Misc. client utilities TITLE:=Misc. client utilities
endef endef
# This is a workaround for a bug in configure.ac, that does not check
# for the openss/rand.h header. Setting the macro is safe for openwrt,
# and faster than rebuilding configure.
# This has been fixed upstream in the 3.0.x branch, and should not be
# needed in a future release.
EXTRA_CFLAGS+= -DHAVE_OPENSSL_RAND_H
CONFIGURE_ARGS+= \ CONFIGURE_ARGS+= \
--libdir=/usr/lib/freeradius3 \ --libdir=/usr/lib/freeradius3 \
--libexecdir=/usr/lib/freeradius3 \ --libexecdir=/usr/lib/freeradius3 \


+ 24
- 0
net/freeradius3/patches/004-tls.c-allow-build-with-no-openssl-engine-support.patch View File

@ -0,0 +1,24 @@
From 0b17cf6e39064b008792811a6babf4cd75ac7744 Mon Sep 17 00:00:00 2001
From: Eneas U de Queiroz <cote2004-github@yahoo.com>
Date: Mon, 25 Feb 2019 10:48:48 -0300
Subject: [PATCH] tls.c: allow build with no openssl engine support
This avoids an ENGINE_cleanup call if openssl was compiled without
engine support.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
diff --git a/src/main/tls.c b/src/main/tls.c
index 73f0e3a3e8..9726953234 100644
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -2743,7 +2743,9 @@ void tls_global_cleanup(void)
#elif OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
ERR_remove_thread_state(NULL);
#endif
+#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
+#endif
CONF_modules_unload(1);
ERR_free_strings();
EVP_cleanup();

Loading…
Cancel
Save