projects / feed / packages.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
nmap: use git as source and bump to PCRE2 support commit
[feed/packages.git] / net / nmap / patches / 010-Build-based-on-OpenSSL-version.patch
1 From d6bea8dcdee36a3902cece14097993350306f1b6 Mon Sep 17 00:00:00 2001
2 From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
3 Date: Tue, 6 Sep 2022 22:39:34 +0000
4 Subject: [PATCH] Build based on OpenSSL version, not API level. Fixes #2516
5
6 ---
7 ncat/http_digest.c | 2 +-
8 ncat/ncat_connect.c | 4 ++--
9 ncat/ncat_ssl.c | 6 +++---
10 ncat/ncat_ssl.h | 12 ------------
11 ncat/test/test-wildcard.c | 4 ++--
12 nse_openssl.cc | 28 +++++++---------------------
13 nse_ssl_cert.cc | 24 ++++++------------------
14 nsock/src/nsock_ssl.c | 4 ++--
15 nsock/src/nsock_ssl.h | 15 +--------------
16 9 files changed, 24 insertions(+), 75 deletions(-)
17
18 --- a/ncat/http_digest.c
19 +++ b/ncat/http_digest.c
20 @@ -133,7 +133,7 @@ int http_digest_init_secret(void)
21 return 0;
22 }
23
24 -#if OPENSSL_API_LEVEL < 10100
25 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
26 #define EVP_MD_CTX_new EVP_MD_CTX_create
27 #define EVP_MD_CTX_free EVP_MD_CTX_destroy
28 #endif
29 --- a/ncat/ncat_connect.c
30 +++ b/ncat/ncat_connect.c
31 @@ -82,8 +82,8 @@
32 #include <openssl/err.h>
33
34 /* Deprecated in OpenSSL 3.0 */
35 -#if OPENSSL_API_LEVEL >= 30000
36 -#define SSL_get_peer_certificate SSL_get1_peer_certificate
37 +#if OPENSSL_VERSION_NUMBER >= 0x30000000L
38 +# define SSL_get_peer_certificate SSL_get1_peer_certificate
39 #endif
40 #endif
41
42 --- a/ncat/ncat_ssl.c
43 +++ b/ncat/ncat_ssl.c
44 @@ -80,7 +80,7 @@
45 #define FUNC_ASN1_STRING_data ASN1_STRING_data
46 #endif
47
48 -#if OPENSSL_API_LEVEL >= 30000
49 +#if OPENSSL_VERSION_NUMBER >= 0x30000000L
50 #include <openssl/provider.h>
51 /* Deprecated in OpenSSL 3.0 */
52 #define SSL_get_peer_certificate SSL_get1_peer_certificate
53 @@ -117,7 +117,7 @@ SSL_CTX *setup_ssl_listen(void)
54 OpenSSL_add_all_algorithms();
55 ERR_load_crypto_strings();
56 SSL_load_error_strings();
57 -#elif OPENSSL_API_LEVEL >= 30000
58 +#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
59 if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
60 {
61 loguser("OpenSSL legacy provider failed to load.\n");
62 @@ -477,7 +477,7 @@ static int ssl_gen_cert(X509 **cert, EVP
63 const char *commonName = "localhost";
64 char dNSName[128];
65 int rc;
66 -#if OPENSSL_API_LEVEL < 30000
67 +#if OPENSSL_VERSION_NUMBER < 0x30000000L
68 int ret = 0;
69 RSA *rsa = NULL;
70 BIGNUM *bne = NULL;
71 --- a/ncat/ncat_ssl.h
72 +++ b/ncat/ncat_ssl.h
73 @@ -67,18 +67,6 @@
74 #include <openssl/ssl.h>
75 #include <openssl/err.h>
76
77 -/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
78 -#ifndef OPENSSL_API_LEVEL
79 -# if OPENSSL_API_COMPAT < 0x900000L
80 -# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
81 -# else
82 -# define OPENSSL_API_LEVEL \
83 - (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
84 - + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
85 - + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
86 -# endif
87 -#endif
88 -
89 #define NCAT_CA_CERTS_FILE "ca-bundle.crt"
90
91 enum {
92 --- a/ncat/test/test-wildcard.c
93 +++ b/ncat/test/test-wildcard.c
94 @@ -20,7 +20,7 @@ are rejected. The SSL transactions happe
95
96 #include "ncat_core.h"
97 #include "ncat_ssl.h"
98 -#if OPENSSL_API_LEVEL < 30000
99 +#if OPENSSL_VERSION_NUMBER < 0x30000000L
100 #include <openssl/bn.h>
101 #endif
102
103 @@ -294,7 +294,7 @@ stack_err:
104 static int gen_cert(X509 **cert, EVP_PKEY **key,
105 const struct lstr commonNames[], const struct lstr dNSNames[])
106 {
107 -#if OPENSSL_API_LEVEL < 30000
108 +#if OPENSSL_VERSION_NUMBER < 0x30000000L
109 int rc, ret=0;
110 RSA *rsa = NULL;
111 BIGNUM *bne = NULL;
112 --- a/nse_openssl.cc
113 +++ b/nse_openssl.cc
114 @@ -20,6 +20,9 @@
115 #define FUNC_EVP_CIPHER_CTX_init EVP_CIPHER_CTX_reset
116 #define FUNC_EVP_CIPHER_CTX_cleanup EVP_CIPHER_CTX_reset
117 #define PASS_EVP_CTX(ctx) (ctx)
118 +#if OPENSSL_VERSION_NUMBER >= 0x30000000L
119 +# include <openssl/provider.h>
120 +#endif
121 #else
122 #define FUNC_EVP_MD_CTX_init EVP_MD_CTX_init
123 #define FUNC_EVP_MD_CTX_cleanup EVP_MD_CTX_cleanup
124 @@ -37,23 +40,6 @@ extern NmapOps o;
125
126 #include "nse_openssl.h"
127
128 -/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
129 -#ifndef OPENSSL_API_LEVEL
130 -# if OPENSSL_API_COMPAT < 0x900000L
131 -# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
132 -# else
133 -# define OPENSSL_API_LEVEL \
134 - (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
135 - + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
136 - + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
137 -# endif
138 -#endif
139 -
140 -
141 -#if OPENSSL_API_LEVEL >= 30000
142 -#include <openssl/provider.h>
143 -#endif
144 -
145 #define NSE_SSL_LUA_ERR(_L) \
146 luaL_error(_L, "OpenSSL error: %s", ERR_error_string(ERR_get_error(), NULL))
147
148 @@ -184,7 +170,7 @@ static int l_bignum_is_prime( lua_State
149 bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
150 BN_CTX * ctx = BN_CTX_new();
151 int is_prime =
152 -#if OPENSSL_API_LEVEL < 30000
153 +#if OPENSSL_VERSION_NUMBER < 0x30000000L
154 BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
155 #else
156 BN_check_prime( p->bn, ctx, NULL );
157 @@ -199,7 +185,7 @@ static int l_bignum_is_safe_prime( lua_S
158 bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
159 BN_CTX * ctx = BN_CTX_new();
160 int is_prime =
161 -#if OPENSSL_API_LEVEL < 30000
162 +#if OPENSSL_VERSION_NUMBER < 0x30000000L
163 BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
164 #else
165 BN_check_prime( p->bn, ctx, NULL );
166 @@ -210,7 +196,7 @@ static int l_bignum_is_safe_prime( lua_S
167 BN_sub_word( n, (BN_ULONG)1 );
168 BN_div_word( n, (BN_ULONG)2 );
169 is_safe =
170 -#if OPENSSL_API_LEVEL < 30000
171 +#if OPENSSL_VERSION_NUMBER < 0x30000000L
172 BN_is_prime_ex( n, BN_prime_checks, ctx, NULL );
173 #else
174 BN_check_prime( n, ctx, NULL );
175 @@ -582,7 +568,7 @@ LUALIB_API int luaopen_openssl(lua_State
176 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined LIBRESSL_VERSION_NUMBER
177 OpenSSL_add_all_algorithms();
178 ERR_load_crypto_strings();
179 -#elif OPENSSL_API_LEVEL >= 30000
180 +#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
181 if (NULL == OSSL_PROVIDER_load(NULL, "legacy") && o.debugging > 1)
182 {
183 // Legacy provider may not be available.
184 --- a/nse_ssl_cert.cc
185 +++ b/nse_ssl_cert.cc
186 @@ -89,19 +89,7 @@
187 #define X509_get0_notAfter X509_get_notAfter
188 #endif
189
190 -/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
191 -#ifndef OPENSSL_API_LEVEL
192 -# if OPENSSL_API_COMPAT < 0x900000L
193 -# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
194 -# else
195 -# define OPENSSL_API_LEVEL \
196 - (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
197 - + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
198 - + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
199 -# endif
200 -#endif
201 -
202 -#if OPENSSL_API_LEVEL >= 30000
203 +#if OPENSSL_VERSION_NUMBER >= 0x30000000L
204 #include <openssl/core_names.h>
205 /* Deprecated in OpenSSL 3.0 */
206 #define SSL_get_peer_certificate SSL_get1_peer_certificate
207 @@ -459,7 +447,7 @@ static const char *pkey_type_to_string(i
208 }
209
210 int lua_push_ecdhparams(lua_State *L, EVP_PKEY *pubkey) {
211 -#if OPENSSL_API_LEVEL >= 30000
212 +#if OPENSSL_VERSION_NUMBER >= 0x30000000L
213 char tmp[64] = {0};
214 size_t len = 0;
215 /* This structure (ecdhparams.curve_params) comes from tls.lua */
216 @@ -634,7 +622,7 @@ static int parse_ssl_cert(lua_State *L,
217 else
218 #endif
219 if (pkey_type == EVP_PKEY_RSA) {
220 -#if OPENSSL_API_LEVEL < 30000
221 +#if OPENSSL_VERSION_NUMBER < 0x30000000L
222 RSA *rsa = EVP_PKEY_get1_RSA(pubkey);
223 if (rsa) {
224 #endif
225 @@ -643,7 +631,7 @@ static int parse_ssl_cert(lua_State *L,
226 luaL_getmetatable( L, "BIGNUM" );
227 lua_setmetatable( L, -2 );
228 #if HAVE_OPAQUE_STRUCTS
229 -#if OPENSSL_API_LEVEL < 30000
230 +#if OPENSSL_VERSION_NUMBER < 0x30000000L
231 const BIGNUM *n = NULL, *e = NULL;
232 data->should_free = false;
233 RSA_get0_key(rsa, &n, &e, NULL);
234 @@ -663,7 +651,7 @@ static int parse_ssl_cert(lua_State *L,
235 luaL_getmetatable( L, "BIGNUM" );
236 lua_setmetatable( L, -2 );
237 #if HAVE_OPAQUE_STRUCTS
238 -#if OPENSSL_API_LEVEL < 30000
239 +#if OPENSSL_VERSION_NUMBER < 0x30000000L
240 data->should_free = false;
241 #else
242 data->should_free = true;
243 @@ -673,7 +661,7 @@ static int parse_ssl_cert(lua_State *L,
244 data->bn = rsa->n;
245 #endif
246 lua_setfield(L, -2, "modulus");
247 -#if OPENSSL_API_LEVEL < 30000
248 +#if OPENSSL_VERSION_NUMBER < 0x30000000L
249 RSA_free(rsa);
250 }
251 #endif
252 --- a/nsock/src/nsock_ssl.c
253 +++ b/nsock/src/nsock_ssl.c
254 @@ -64,7 +64,7 @@
255 #include "netutils.h"
256
257 #if HAVE_OPENSSL
258 -#if OPENSSL_API_LEVEL >= 30000
259 +#if OPENSSL_VERSION_NUMBER >= 0x30000000L
260 #include <openssl/provider.h>
261 #endif
262
263 @@ -120,7 +120,7 @@ static SSL_CTX *ssl_init_helper(const SS
264 SSL_library_init();
265 #else
266 OPENSSL_atexit(nsock_ssl_atexit);
267 -#if OPENSSL_API_LEVEL >= 30000
268 +#if OPENSSL_VERSION_NUMBER >= 0x30000000L
269 if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
270 {
271 nsock_log_error("OpenSSL legacy provider failed to load.\n");
272 --- a/nsock/src/nsock_ssl.h
273 +++ b/nsock/src/nsock_ssl.h
274 @@ -69,20 +69,7 @@
275 #include <openssl/err.h>
276 #include <openssl/rand.h>
277
278 -/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
279 -#ifndef OPENSSL_API_LEVEL
280 -# if OPENSSL_API_COMPAT < 0x900000L
281 -# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
282 -# else
283 -# define OPENSSL_API_LEVEL \
284 - (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
285 - + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
286 - + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
287 -# endif
288 -#endif
289 -
290 -
291 -#if OPENSSL_API_LEVEL >= 30000
292 +#if OPENSSL_VERSION_NUMBER >= 0x30000000L
293 /* Deprecated in OpenSSL 3.0 */
294 #define SSL_get_peer_certificate SSL_get1_peer_certificate
295 #endif
Mirror of packages feed