Index: branches/2018Q4/net-mgmt/net-snmp/Makefile =================================================================== --- branches/2018Q4/net-mgmt/net-snmp/Makefile (revision 483586) +++ branches/2018Q4/net-mgmt/net-snmp/Makefile (revision 483587) @@ -1,317 +1,321 @@ # Created by: gpalmer # $FreeBSD$ PORTNAME= snmp PORTVERSION= 5.7.3 PORTREVISION= 18 CATEGORIES= net-mgmt ipv6 MASTER_SITES= SF/net-${PORTNAME}/net-${PORTNAME}/${PORTVERSION} \ ZI PKGNAMEPREFIX= net- DISTNAME= ${PKGNAMEPREFIX}${PORTNAME}-${PORTVERSION} MAINTAINER= zi@FreeBSD.org COMMENT= Extendable SNMP implementation LICENSE= BSD3CLAUSE LICENSE_FILE= ${WRKSRC}/COPYING BROKEN_SSL= openssl-devel LIB_DEPENDS= libpkg.so:ports-mgmt/pkg NOT_FOR_ARCHS= mips mips64 NOT_FOR_ARCHS_REASON= SSP is currently broken on MIPS OPTIONS_DEFINE= IPV6 MFD_REWRITES PERL PERL_EMBEDDED PYTHON DUMMY TKMIB \ MYSQL AX_SOCKONLY UNPRIVILEGED SMUX DOCS JAIL AX_DISABLE_TRAP \ TLS NEWSYSLOG OPTIONS_DEFAULT=PERL PERL_EMBEDDED DUMMY SMUX NEWSYSLOG OPTIONS_SUB= yes MFD_REWRITES_DESC= Use new MFD rewrites of mib modules PERL_EMBEDDED_DESC= Build embedded perl DUMMY_DESC= Enable dummy values as placeholders TKMIB_DESC= Install graphical MIB browser AX_SOCKONLY_DESC= Disable UDP/TCP transports for agentx AX_DISABLE_TRAP_DESC= Disable agentx subagent code in snmptrapd UNPRIVILEGED_DESC= Allow unprivileged users to execute net-snmp SMUX_DESC= Build with SNMP multiplexing (SMUX) support JAIL_DESC= Options for running snmpd within a jail(8) NEWSYSLOG_DESC= Automatically rotate snmpd.log via newsyslog MAKE_JOBS_UNSAFE= yes PORTSCOUT= skipv:5.7.2.1 GNU_CONFIGURE= yes USE_RC_SUBR= snmpd snmptrapd USE_LDCONFIG= yes USES= cpe libtool perl5 ssl CPE_VENDOR= net-snmp USE_PERL5= build run USE_CSTD= c99 CFLAGS+= -I${LOCALBASE}/include -I${PKG_PREFIX}/include LDFLAGS+= -L${LOCALBASE}/lib CONFIGURE_ENV+= PERLPROG="${PERL}" PSPROG="${PS_CMD}" SED="${SED}" CONFIGURE_ARGS+=--enable-shared --enable-internal-md5 \ --with-default-snmp-version="${DEFAULT_SNMP_VERSION}" \ --with-sys-contact="${NET_SNMP_SYS_CONTACT}" \ --with-sys-location="${NET_SNMP_SYS_LOCATION}" \ --with-logfile="${NET_SNMP_LOGFILE}" \ --with-persistent-directory="${NET_SNMP_PERSISTENTDIR}" \ --with-gnu-ld --without-libwrap \ --with-ldflags="-lm -lkvm -ldevstat -L${PKG_PREFIX}/lib -L${LOCALBASE}/lib ${LCRYPTO}" SUB_FILES= pkg-message .if !defined(WITHOUT_SSP) CONFIGURE_ARGS+=--with-libs="-lssp_nonshared" .endif .if defined(BATCH) CONFIGURE_ARGS+=--with-defaults .endif TLS_CONFIGURE_ON= --with-security-modules=tsm --with-transports=TLSTCP,DTLSUDP .include +.if ${OSVERSION} >= 1200085 +EXTRA_PATCHES= ${PATCHDIR}/extra-patch-openssl11 +.endif + .if ${PORT_OPTIONS:MPYTHON} PYDISTUTILS_PKGNAME?= netsnmp-python PYDISTUTILS_PKGVERSION?= 1.0a1 USES+= python:2.7 RUN_DEPENDS+= ${PYTHON_PKGNAMEPREFIX}setuptools>0:devel/py-setuptools@${PY_FLAVOR} BUILD_DEPENDS+= ${PYTHON_PKGNAMEPREFIX}setuptools>0:devel/py-setuptools@${PY_FLAVOR} CONFIGURE_ARGS+=--with-python-modules CONFIGURE_ENV+= PYTHONPROG="${PYTHON_CMD}" MAKE_ENV+= PYDISTUTILS_INSTALLARGS="${PYDISTUTILS_INSTALLARGS}" STAGEDIR="${STAGEDIR}" PLIST_SUB+= WITH_PYTHON="" PYTHON_VER=${PYTHON_VER} PLIST_SUB+= PYDISTUTILS_PKGVERSION=${PYDISTUTILS_PKGVERSION} .else PLIST_SUB+= WITH_PYTHON="@comment " .endif CONFIGURE_ARGS+=--with-openssl="/usr" .if ${PORT_OPTIONS:MDUMMY} CONFIGURE_ARGS+=--with-dummy-values .endif .if ! ${PORT_OPTIONS:MTKMIB} EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-local_Makefile.in PLIST_SUB+= WITH_TKMIB="@comment " .else RUN_DEPENDS+= p5-Tk>=0:x11-toolkits/p5-Tk PLIST_SUB+= WITH_TKMIB="" .endif .if ${PORT_OPTIONS:MPERL} CONFIGURE_ARGS+=--with-perl-modules .if ! ${PORT_OPTIONS:MPERL_EMBEDDED} CONFIGURE_ARGS+=--disable-embedded-perl PLIST_SUB+= WITH_PERL_EMBEDDED="@comment " .else CONFIGURE_ARGS+=--enable-embedded-perl PLIST_SUB+= WITH_PERL_EMBEDDED="" .endif PLIST_SUB+= WITH_PERL="" .else USE_PERL5= build CONFIGURE_ARGS+=--disable-embedded-perl --without-perl-modules PLIST_SUB+= WITH_PERL_EMBEDDED="@comment " PLIST_SUB+= WITH_PERL="@comment " .endif .if ${PORT_OPTIONS:MMYSQL} USES+= mysql CONFIGURE_ARGS+=--with-mysql CONFIGURE_ENV+= MYSQLCONFIG=${LOCALBASE}/bin/mysql_config .endif .if ${PORT_OPTIONS:MAX_DISABLE_TRAP} CONFIGURE_ARGS+=--disable-snmptrapd-subagent .endif .if ${PORT_OPTIONS:MAX_SOCKONLY} CONFIGURE_ARGS+=--enable-agentx-dom-sock-only .endif .if ${PORT_OPTIONS:MIPV6} CONFIGURE_ARGS+=--enable-ipv6 # --with-transport="UDPIPv6 TCPIPv6" --with-modules=mibII/ipv6" PLIST_SUB+= WITH_IPV6="" .else PLIST_SUB+= WITH_IPV6="@comment " .endif .if ${PORT_OPTIONS:MUNPRIVILEGED} CONFIGURE_ARGS+=--without-root-access .endif SHLIB_VERSION= 30 SHLIB_VERSION2= .0.3 PLIST_SUB+= SHLIB_VERSION=${SHLIB_VERSION} SHLIB_VERSION2=${SHLIB_VERSION2} SCRIPTS_SUB= PREFIX=${PREFIX} PERL=${PERL} DEFAULT_SNMP_VERSION?= 3 NET_SNMP_SYS_CONTACT?= nobody@nowhere.invalid NET_SNMP_SYS_LOCATION?= somewhere NET_SNMP_LOGFILE?= /var/log/snmpd.log NET_SNMP_PERSISTENTDIR?=/var/net-snmp NET_SNMP_WITH_MIB_MODULE_LIST+= host disman/event-mib mibII/mta_sendmail mibII/tcpTable ucd-snmp/diskio sctp-mib .if ${OPSYS} == FreeBSD && ${OSVERSION} < 1100062 CFLAGS+= -D_WANT_IFADDR .endif .if ${OPSYS} == FreeBSD && ${OSVERSION} >= 1100062 NET_SNMP_WITHOUT_MIB_MODULE_LIST+= mibII/ipv6 .endif .if ${PORT_OPTIONS:MMFD_REWRITES} CONFIGURE_ARGS+=--enable-mfd-rewrites NET_SNMP_WITH_MIB_MODULE_LIST+= if-mib .endif .if ${PORT_OPTIONS:MJAIL} NET_SNMP_WITHOUT_MIB_MODULE_LIST+= host NET_SNMP_WITHOUT_MIB_MODULE_LIST+= ucd-snmp/memory CONFIGURE_ARGS+= --without-kmem-usage .endif .if ${PORT_OPTIONS:MSMUX} NET_SNMP_WITH_MIB_MODULE_LIST+= smux .else NET_SNMP_WITHOUT_MIB_MODULE_LIST+= smux .endif .if defined(NET_SNMP_WITH_MIB_MODULE_LIST) && \ !empty(NET_SNMP_WITH_MIB_MODULE_LIST) CONFIGURE_ARGS+=--with-mib-modules="${NET_SNMP_WITH_MIB_MODULE_LIST}" .endif .if defined(NET_SNMP_WITHOUT_MIB_MODULE_LIST) && \ !empty(NET_SNMP_WITHOUT_MIB_MODULE_LIST) CONFIGURE_ARGS+=--with-out-mib-modules="${NET_SNMP_WITHOUT_MIB_MODULE_LIST}" .endif BIN_FILES= snmpbulkwalk snmpget snmpgetnext snmpset \ snmpstatus snmptest snmptranslate snmptrap snmpwalk \ snmptable snmpbulkget snmpdelta snmpdf agentxtrap \ snmpvacm snmpusm encode_keychange snmpnetstat LIB_FILES= libnetsnmp.so.${SHLIB_VERSION}${SHLIB_VERSION2} \ libnetsnmpagent.so.${SHLIB_VERSION}${SHLIB_VERSION2} \ libnetsnmpmibs.so.${SHLIB_VERSION}${SHLIB_VERSION2} \ libnetsnmphelpers.so.${SHLIB_VERSION}${SHLIB_VERSION2} \ libnetsnmptrapd.so.${SHLIB_VERSION}${SHLIB_VERSION2} SBIN_FILES= snmpd snmptrapd STARTUP_DIR= ${PREFIX}/etc/rc.d SCRIPT_FILES= snmpcheck.def mib2c fixproc ipf-mod.pl traptoemail .if ${PORT_OPTIONS:MTKMIB} SCRIPT_FILES+= tkmib .endif DOC_FILES= AGENT.txt COPYING FAQ NEWS README \ README.agentx README.krb5 README.snmpv3 README.thread \ agent/mibgroup/README.smux CONFLICTS= ucd-snmp-4.* net-snmp-5.3.* .include .if ${SSL_DEFAULT} != base LCRYPTO= -lcrypto .else LCRYPTO= .endif pre-everything:: @${ECHO_MSG} @${ECHO_MSG} "You may use the following build options:" @${ECHO_MSG} @${ECHO_MSG} "DEFAULT_SNMP_VERSION=\"3\" Default version of SNMP to use." @${ECHO_MSG} "NET_SNMP_SYS_CONTACT=\"${NET_SNMP_SYS_CONTACT}\"" @${ECHO_MSG} " Default system contact." @${ECHO_MSG} "NET_SNMP_SYS_LOCATION=\"${NET_SNMP_SYS_LOCATION}\"" @${ECHO_MSG} " Default system location." @${ECHO_MSG} "NET_SNMP_LOGFILE=\"${NET_SNMP_LOGFILE}\"" @${ECHO_MSG} " Default log file location for snmpd." @${ECHO_MSG} "NET_SNMP_PERSISTENTDIR=\"${NET_SNMP_PERSISTENTDIR}\"" @${ECHO_MSG} " Default directory for persistent data storage." @${ECHO_MSG} "NET_SNMP_WITH_MIB_MODULE_LIST=\"${NET_SNMP_WITH_MIB_MODULE_LIST}\"" @${ECHO_MSG} " MIBs to add to the build." @${ECHO_MSG} "NET_SNMP_WITHOUT_MIB_MODULE_LIST=\"${NET_SNMP_WITHOUT_MIB_MODULE_LIST}\"" @${ECHO_MSG} " MIBs to omit from the build." @${ECHO_MSG} post-patch: .for filename in ${SCRIPT_FILES} @${REINPLACE_CMD} -e 's|/usr/local|${PREFIX}|' ${WRKSRC}/local/${filename} .endfor @${REINPLACE_CMD} -e 's!utmp_p->ut_name!utmp_p->ut_user!' \ ${WRKSRC}/agent/mibgroup/host/hr_system.c @${REINPLACE_CMD} -E -e 's|return pci_lookup_name|disabled broken|g' \ ${WRKSRC}/configure post-configure: @${FIND} ${WRKSRC} -name Makefile | \ ${XARGS} ${REINPLACE_CMD} -E -e '/^INSTALL[ ]+=/s|$$| -m 755|' .for hdr in sys/mbuf.h netinet/in_pcb.h netinet/in_var.h netinet/ip6.h pkg.h @${REINPLACE_CMD} -E -e '\ s!^.*#undef.*(HAVE_${hdr:tu:S/./_/g:S/\//_/g}).*$$!#define \1 1!g' \ ${WRKSRC}/include/net-snmp/net-snmp-config.h .endfor .if ${PORT_OPTIONS:MPYTHON} @(cd ${WRKSRC}/python; \ ${SETENV} ${MAKE_ENV} ${PYTHON_CMD} ${PYSETUP} setopt -c bdist_egg \ -o plat-name -s "" --basedir=${WRKSRC}; \ ${SETENV} ${MAKE_ENV} ${PYTHON_CMD} ${PYSETUP} setopt -c bdist \ -o plat-name -s "" --basedir=${WRKSRC}) .endif post-build: .if ${PORT_OPTIONS:MPERL} ${FIND} ${WRKSRC}/perl -name Makefile | \ ${XARGS} ${REINPLACE_CMD} -E -e '\ s!^(PREFIX) = .*!\1 = ${PREFIX}!; \ s!^(INSTALLMAN3DIR|INSTALLSITEMAN3DIR) = .*!\1 = ${PREFIX}/man/man3!; \ s!^(INSTALLSITELIB|INSTALLSITEARCH) = /usr/local/(.*)!\1 = ${PREFIX}/\2!; \ s! doc_(perl|site|\$$\(INSTALLDIRS\))_install$$!!; \ ' .else ${REINPLACE_CMD} -e 's| perlinstall||' ${WRKSRC}/Makefile .endif post-install: strip-files install-config-files install-doc-files @${MKDIR} ${STAGEDIR}/var/agentx @(cd ${STAGEDIR}${PREFIX}/lib && ${LN} -sf libnetsnmp.so.${SHLIB_VERSION} libnetsnmp.so) @(cd ${STAGEDIR}${PREFIX}/lib && ${LN} -sf libnetsnmpagent.so.${SHLIB_VERSION} libnetsnmpagent.so) @(cd ${STAGEDIR}${PREFIX}/lib && ${LN} -sf libnetsnmphelpers.so.${SHLIB_VERSION} libnetsnmphelpers.so) @(cd ${STAGEDIR}${PREFIX}/lib && ${LN} -sf libnetsnmpmibs.so.${SHLIB_VERSION} libnetsnmpmibs.so) @(cd ${STAGEDIR}${PREFIX}/lib && ${LN} -sf libnetsnmptrapd.so.${SHLIB_VERSION} libnetsnmptrapd.so) .if ${PORT_OPTIONS:MNEWSYSLOG} @${MKDIR} ${STAGEDIR}${PREFIX}/etc/newsyslog.conf.d ${INSTALL_DATA} ${FILESDIR}/net-snmp.conf ${STAGEDIR}${PREFIX}/etc/newsyslog.conf.d/ .endif strip-files: (cd ${STAGEDIR}${PREFIX}/bin; ${STRIP_CMD} ${BIN_FILES}) (cd ${STAGEDIR}${PREFIX}/lib; ${STRIP_CMD} ${LIB_FILES}) (cd ${STAGEDIR}${PREFIX}/sbin; ${STRIP_CMD} ${SBIN_FILES}) install-config-files: ${INSTALL_DATA} ${WRKSRC}/EXAMPLE.conf ${STAGEDIR}${DATADIR}/snmpd.conf.example install-doc-files: .if ${PORT_OPTIONS:MDOCS} @${MKDIR} ${STAGEDIR}${DOCSDIR} . for filename in ${DOC_FILES} ${INSTALL_DATA} ${WRKSRC}/${filename} ${STAGEDIR}${DOCSDIR} . endfor .endif # Maintainer's note: # Don't forget to bump library version in these ports. # french/plgrenouille,graphics/hpoj,lang/php4,lang/php5,mail/cyrus-imapd22,mail/cyrus-imapd23,misc/kdeutils3,net-mgmt/braa,net-mgmt/docsis,net-mgmt/mbrowse,net-mgmt/nagios-snmp-plugins,net-mgmt/p5-SNMP-Info,net-mgmt/py-yapsnmp,net-mgmt/sdig,net-mgmt/zabbix,net/cactid,net/wireshark,net/ifstat,net/quagga,net/rtg,print/hplip,security/libfwbuilder,sysutils/apcupsd,sysutils/jailadmin,sysutils/nut .include Index: branches/2018Q4/net-mgmt/net-snmp/files/extra-patch-openssl11 =================================================================== --- branches/2018Q4/net-mgmt/net-snmp/files/extra-patch-openssl11 (nonexistent) +++ branches/2018Q4/net-mgmt/net-snmp/files/extra-patch-openssl11 (revision 483587) @@ -0,0 +1,223 @@ +--- apps/snmpusm.c ++++ apps/snmpusm.c +@@ -125,6 +125,32 @@ char *usmUserPublic_val = NULL + int docreateandwait = 0; + + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ++ ++#include ++#include ++ ++void DH_get0_pqg(const DH *dh, ++ const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) ++{ ++ if (p != NULL) ++ *p = dh->p; ++ if (q != NULL) ++ *q = dh->q; ++ if (g != NULL) ++ *g = dh->g; ++} ++ ++void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) ++{ ++ if (pub_key != NULL) ++ *pub_key = dh->pub_key; ++ if (priv_key != NULL) ++ *priv_key = dh->priv_key; ++} ++ ++#endif ++ + void + usage(void) + { +@@ -190,7 +216,7 @@ get_USM_DH_key(netsnmp_variable_list *va + oid *keyoid, size_t keyoid_len) { + u_char *dhkeychange; + DH *dh; +- BIGNUM *other_pub; ++ BIGNUM *p, *g, *pub_key, *other_pub; + u_char *key; + size_t key_len; + +@@ -205,25 +231,29 @@ get_USM_DH_key(netsnmp_variable_list *va + dh = d2i_DHparams(NULL, &cp, dhvar->val_len); + } + +- if (!dh || !dh->g || !dh->p) { ++ if (dh) ++ DH_get0_pqg(dh, &p, NULL, &g); ++ ++ if (!dh || !g || !p) { + SNMP_FREE(dhkeychange); + return SNMPERR_GENERR; + } + +- DH_generate_key(dh); +- if (!dh->pub_key) { ++ if (!DH_generate_key(dh)) { + SNMP_FREE(dhkeychange); + return SNMPERR_GENERR; + } + +- if (vars->val_len != (unsigned int)BN_num_bytes(dh->pub_key)) { ++ DH_get0_key(dh, &pub_key, NULL); ++ ++ if (vars->val_len != (unsigned int)BN_num_bytes(pub_key)) { + SNMP_FREE(dhkeychange); + fprintf(stderr,"incorrect diffie-helman lengths (%lu != %d)\n", +- (unsigned long)vars->val_len, BN_num_bytes(dh->pub_key)); ++ (unsigned long)vars->val_len, BN_num_bytes(pub_key)); + return SNMPERR_GENERR; + } + +- BN_bn2bin(dh->pub_key, dhkeychange + vars->val_len); ++ BN_bn2bin(pub_key, dhkeychange + vars->val_len); + + key_len = DH_size(dh); + if (!key_len) { +--- configure.d/config_os_libs2 ++++ configure.d/config_os_libs2 +@@ -291,12 +291,6 @@ if test "x$tryopenssl" != "xno" -a "x$tr + AC_CHECK_LIB(${CRYPTO}, AES_cfb128_encrypt, + AC_DEFINE(HAVE_AES_CFB128_ENCRYPT, 1, + [Define to 1 if you have the `AES_cfb128_encrypt' function.])) +- +- AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_create, +- AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [], +- [Define to 1 if you have the `EVP_MD_CTX_create' function.]) +- AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [], +- [Define to 1 if you have the `EVP_MD_CTX_destroy' function.])) + fi + if echo " $transport_result_list " | $GREP "DTLS" > /dev/null; then + AC_CHECK_LIB(ssl, DTLSv1_method, +--- snmplib/keytools.c ++++ snmplib/keytools.c +@@ -149,13 +149,13 @@ generate_Ku(const oid * hashtype, u_int + */ + #ifdef NETSNMP_USE_OPENSSL + +-#ifdef HAVE_EVP_MD_CTX_CREATE ++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER) + ctx = EVP_MD_CTX_create(); + #else +- ctx = malloc(sizeof(*ctx)); +- if (!EVP_MD_CTX_init(ctx)) +- return SNMPERR_GENERR; ++ ctx = EVP_MD_CTX_new(); + #endif ++ if (!ctx) ++ return SNMPERR_GENERR; + #ifndef NETSNMP_DISABLE_MD5 + if (ISTRANSFORM(hashtype, HMACMD5Auth)) { + if (!EVP_DigestInit(ctx, EVP_md5())) +@@ -259,11 +259,10 @@ generate_Ku(const oid * hashtype, u_int + memset(buf, 0, sizeof(buf)); + #ifdef NETSNMP_USE_OPENSSL + if (ctx) { +-#ifdef HAVE_EVP_MD_CTX_DESTROY ++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER) + EVP_MD_CTX_destroy(ctx); + #else +- EVP_MD_CTX_cleanup(ctx); +- free(ctx); ++ EVP_MD_CTX_free(ctx); + #endif + } + #endif +--- snmplib/scapi.c ++++ snmplib/scapi.c +@@ -486,15 +486,10 @@ sc_hash(const oid * hashtype, size_t has + } + + /** initialize the pointer */ +-#ifdef HAVE_EVP_MD_CTX_CREATE ++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER) + cptr = EVP_MD_CTX_create(); + #else +- cptr = malloc(sizeof(*cptr)); +-#if defined(OLD_DES) +- memset(cptr, 0, sizeof(*cptr)); +-#else +- EVP_MD_CTX_init(cptr); +-#endif ++ cptr = EVP_MD_CTX_new(); + #endif + if (!EVP_DigestInit(cptr, hashfn)) { + /* requested hash function is not available */ +@@ -507,13 +502,11 @@ sc_hash(const oid * hashtype, size_t has + /** do the final pass */ + EVP_DigestFinal(cptr, MAC, &tmp_len); + *MAC_len = tmp_len; +-#ifdef HAVE_EVP_MD_CTX_DESTROY ++ ++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER) + EVP_MD_CTX_destroy(cptr); + #else +-#if !defined(OLD_DES) +- EVP_MD_CTX_cleanup(cptr); +-#endif +- free(cptr); ++ EVP_MD_CTX_free(cptr); + #endif + return (rval); + + +--- snmplib/snmp_openssl.c 2014-12-08 21:23:22.000000000 +0100 ++++ snmplib/snmp_openssl.c 2017-02-20 12:46:00.059727928 +0100 +@@ -47,7 +47,7 @@ void netsnmp_init_openssl(void) { + DEBUGMSGTL(("snmp_openssl", "initializing\n")); + + /* Initializing OpenSSL */ +- SSL_library_init(); ++ OPENSSL_init_ssl(0, NULL); + SSL_load_error_strings(); + ERR_load_BIO_strings(); + OpenSSL_add_all_algorithms(); +@@ -164,11 +164,11 @@ netsnmp_openssl_cert_dump_names(X509 *oc + oname_entry = X509_NAME_get_entry(osubj_name, i); + netsnmp_assert(NULL != oname_entry); + +- if (oname_entry->value->type != V_ASN1_PRINTABLESTRING) ++ if (X509_NAME_ENTRY_get_data(oname_entry)->type != V_ASN1_PRINTABLESTRING) + continue; + + /** get NID */ +- onid = OBJ_obj2nid(oname_entry->object); ++ onid = OBJ_obj2nid(X509_NAME_ENTRY_get_object(oname_entry)); + if (onid == NID_undef) { + prefix_long = prefix_short = "UNKNOWN"; + } +@@ -179,9 +179,9 @@ netsnmp_openssl_cert_dump_names(X509 *oc + + DEBUGMSGT(("9:cert:dump:names", + "[%02d] NID type %d, ASN type %d\n", i, onid, +- oname_entry->value->type)); ++ X509_NAME_ENTRY_get_data(oname_entry)->type)); + DEBUGMSGT(("9:cert:dump:names", "%s/%s: '%s'\n", prefix_long, +- prefix_short, ASN1_STRING_data(oname_entry->value))); ++ prefix_short, ASN1_STRING_data(X509_NAME_ENTRY_get_data(oname_entry)))); + } + } + #endif /* NETSNMP_FEATURE_REMOVE_CERT_DUMP_NAMES */ +@@ -470,7 +470,7 @@ netsnmp_openssl_cert_get_hash_type(X509 + if (NULL == ocert) + return 0; + +- return _nid2ht(OBJ_obj2nid(ocert->sig_alg->algorithm)); ++ return _nid2ht(X509_get_signature_nid(ocert)); + } + + /** +@@ -487,7 +487,7 @@ netsnmp_openssl_cert_get_fingerprint(X50 + if (NULL == ocert) + return NULL; + +- nid = OBJ_obj2nid(ocert->sig_alg->algorithm); ++ nid = X509_get_signature_nid(ocert); + DEBUGMSGT(("9:openssl:fingerprint", "alg %d, cert nid %d (%d)\n", alg, nid, + _nid2ht(nid))); + + Property changes on: branches/2018Q4/net-mgmt/net-snmp/files/extra-patch-openssl11 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: branches/2018Q4 =================================================================== --- branches/2018Q4 (revision 483586) +++ branches/2018Q4 (revision 483587) Property changes on: branches/2018Q4 ___________________________________________________________________ Modified: svn:mergeinfo ## -0,0 +0,1 ## Merged /head:r483586