libldns: Fix OpenSSL deprecated API usage
authorRosen Penev <rosenp@gmail.com>
Sat, 3 Nov 2018 01:35:43 +0000 (18:35 -0700)
committerKevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Sun, 4 Nov 2018 10:22:05 +0000 (10:22 +0000)
Tested with OpenSSL 1.0.2 and 1.1.1

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[minor tweak to add #ifdef HAVE_SSL in host2str.c]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
libs/ldns/Makefile
libs/ldns/patches/200-deprecated-openssl.patch [new file with mode: 0644]

index 845bfff40bc47d0db9394d049ab3eb914b04e675..291e6912fcbaf2b7aba042d16a3836aa1291e634 100644 (file)
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ldns
 PKG_VERSION:=1.7.0
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://www.nlnetlabs.nl/downloads/ldns
@@ -20,6 +20,7 @@ PKG_LICENSE_FILES:=LICENSE
 PKG_MAINTAINER:=
 
 PKG_FIXUP:=autoreconf
+PKG_BUILD_PARALLEL:=1
 PKG_INSTALL:=1
 
 include $(INCLUDE_DIR)/package.mk
diff --git a/libs/ldns/patches/200-deprecated-openssl.patch b/libs/ldns/patches/200-deprecated-openssl.patch
new file mode 100644 (file)
index 0000000..cdeff84
--- /dev/null
@@ -0,0 +1,78 @@
+--- a/dnssec.c
++++ b/dnssec.c
+@@ -23,6 +23,9 @@
+ #include <openssl/rand.h>
+ #include <openssl/err.h>
+ #include <openssl/md5.h>
++#include <openssl/bn.h>
++#include <openssl/rsa.h>
++#include <openssl/dsa.h>
+ #endif
+ ldns_rr *
+--- a/dnssec_sign.c
++++ b/dnssec_sign.c
+@@ -17,6 +17,9 @@
+ #include <openssl/rand.h>
+ #include <openssl/err.h>
+ #include <openssl/md5.h>
++#include <openssl/bn.h>
++#include <openssl/rsa.h>
++#include <openssl/dsa.h>
+ #endif /* HAVE_SSL */
+ ldns_rr *
+--- a/dnssec_verify.c
++++ b/dnssec_verify.c
+@@ -594,7 +594,9 @@ ldns_dnssec_trust_tree_print_sm_fmt(FILE
+                                               if (tree->parent_status[i]
+                                                   == LDNS_STATUS_SSL_ERR) {
+                                                       printf("; SSL Error: ");
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+                                                       ERR_load_crypto_strings();
++#endif
+                                                       ERR_print_errors_fp(stdout);
+                                                       printf("\n");
+                                               }
+--- a/drill/drill.c
++++ b/drill/drill.c
+@@ -1013,7 +1013,7 @@ main(int argc, char *argv[])
+       xfree(tsig_data);
+       xfree(tsig_algorithm);
+-#ifdef HAVE_SSL
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+       CRYPTO_cleanup_all_ex_data();
+       ERR_free_strings();
+       EVP_cleanup();
+--- a/host2str.c
++++ b/host2str.c
+@@ -28,6 +28,12 @@
+ #include <time.h>
+ #include <sys/time.h>
++#ifdef HAVE_SSL
++#include <openssl/bn.h>
++#include <openssl/rsa.h>
++#include <openssl/dsa.h>
++#endif
++
+ #ifndef INET_ADDRSTRLEN
+ #define INET_ADDRSTRLEN 16
+ #endif
+--- a/keys.c
++++ b/keys.c
+@@ -16,8 +16,12 @@
+ #ifdef HAVE_SSL
+ #include <openssl/ssl.h>
+-#include <openssl/engine.h>
+ #include <openssl/rand.h>
++#include <openssl/bn.h>
++#include <openssl/rsa.h>
++#include <openssl/dsa.h>
++#include <openssl/engine.h>
++#include <openssl/ui.h>
+ #endif /* HAVE_SSL */
+ ldns_lookup_table ldns_signing_algorithms[] = {