Fix OpenSSL version check issues
Resolves: Bug#1173821
This commit is contained in:
parent
c9fec23c45
commit
2376f330f3
131
freeradius-Fix-OpenSSL-version-check-issues.patch
Normal file
131
freeradius-Fix-OpenSSL-version-check-issues.patch
Normal file
@ -0,0 +1,131 @@
|
||||
From 6d296f2c4f3c58742543cc0508642c6d06747aea Mon Sep 17 00:00:00 2001
|
||||
From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
|
||||
Date: Thu, 16 Oct 2014 11:16:57 -0400
|
||||
Subject: [PATCH 1/1] Fix OpenSSL version check issues
|
||||
|
||||
---
|
||||
src/include/radiusd.h | 4 ++--
|
||||
src/main/version.c | 40 ++++++++++++++++++++--------------------
|
||||
2 files changed, 22 insertions(+), 22 deletions(-)
|
||||
|
||||
diff --git a/src/include/radiusd.h b/src/include/radiusd.h
|
||||
index 53a1f3e..1bf15d7 100644
|
||||
--- a/src/include/radiusd.h
|
||||
+++ b/src/include/radiusd.h
|
||||
@@ -598,8 +598,8 @@ void pairlist_free(PAIR_LIST **);
|
||||
/* version.c */
|
||||
int rad_check_lib_magic(uint64_t magic);
|
||||
int ssl_check_consistency(void);
|
||||
-char const *ssl_version_by_num(uint64_t version);
|
||||
-char const *ssl_version_range(uint64_t low, uint64_t high);
|
||||
+char const *ssl_version_by_num(uint32_t version);
|
||||
+char const *ssl_version_range(uint32_t low, uint32_t high);
|
||||
char const *ssl_version(void);
|
||||
void version(void);
|
||||
|
||||
diff --git a/src/main/version.c b/src/main/version.c
|
||||
index 8b56ffa..fd97970 100644
|
||||
--- a/src/main/version.c
|
||||
+++ b/src/main/version.c
|
||||
@@ -38,7 +38,7 @@ static long ssl_built = OPENSSL_VERSION_NUMBER;
|
||||
/** Check built and linked versions of OpenSSL match
|
||||
*
|
||||
* OpenSSL version number consists of:
|
||||
- * MMNNFFPPS: major minor fix patch status
|
||||
+ * MNNFFPPS: major minor fix patch status
|
||||
*
|
||||
* Where status >= 0 && < 10 means beta, and status 10 means release.
|
||||
*
|
||||
@@ -56,11 +56,11 @@ int ssl_check_consistency(void)
|
||||
/*
|
||||
* Status mismatch always triggers error.
|
||||
*/
|
||||
- if ((ssl_linked & 0x00000000f) != (ssl_built & 0x00000000f)) {
|
||||
+ if ((ssl_linked & 0x0000000f) != (ssl_built & 0x0000000f)) {
|
||||
mismatch:
|
||||
ERROR("libssl version mismatch. built: %lx linked: %lx",
|
||||
- (unsigned long) ssl_built,
|
||||
- (unsigned long) ssl_linked);
|
||||
+ (unsigned long) ssl_built,
|
||||
+ (unsigned long) ssl_linked);
|
||||
|
||||
return -1;
|
||||
}
|
||||
@@ -70,14 +70,14 @@ int ssl_check_consistency(void)
|
||||
* 1.0.0 and only allow moving backwards within a patch
|
||||
* series.
|
||||
*/
|
||||
- if (ssl_built & 0xff) {
|
||||
- if ((ssl_built & 0xffff) != (ssl_linked & 0xffff) ||
|
||||
- (ssl_built & 0x0000ff) > (ssl_linked & 0x0000ff)) goto mismatch;
|
||||
+ if (ssl_built & 0xf00000000) {
|
||||
+ if ((ssl_built & 0xfffff000) != (ssl_linked & 0xfffff000) ||
|
||||
+ (ssl_built & 0x00000ff0) > (ssl_linked & 0x00000ff0)) goto mismatch;
|
||||
/*
|
||||
* Before 1.0.0 we require the same major minor and fix version
|
||||
* and ignore the patch number.
|
||||
*/
|
||||
- } else if ((ssl_built & 0xffffff) != (ssl_linked & 0xffffff)) goto mismatch;
|
||||
+ } else if ((ssl_built & 0xfffff000) != (ssl_linked & 0xfffff000)) goto mismatch;
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -89,22 +89,22 @@ int ssl_check_consistency(void)
|
||||
* @param v version to convert.
|
||||
* @return pointer to a static buffer containing the version string.
|
||||
*/
|
||||
-char const *ssl_version_by_num(uint64_t v)
|
||||
+char const *ssl_version_by_num(uint32_t v)
|
||||
{
|
||||
/* 2 (%s) + 1 (.) + 2 (%i) + 1 (.) + 2 (%i) + 1 (c) + 1 (-) + 2 (%i) + \0 */
|
||||
static char buffer[13];
|
||||
char *p = buffer;
|
||||
|
||||
- p += sprintf(p, "%i.%i.%i",
|
||||
- (int) ((0xff0000000 & v) >> 28),
|
||||
- (int) ((0x00ff00000 & v) >> 20),
|
||||
- (int) ((0x0000ff000 & v) >> 12));
|
||||
+ p += sprintf(p, "%u.%u.%u",
|
||||
+ (0xf0000000 & v) >> 28,
|
||||
+ (0x0ff00000 & v) >> 20,
|
||||
+ (0x000ff000 & v) >> 12);
|
||||
|
||||
- if ((0x000000ff0 & v) >> 4) {
|
||||
- *p++ = (char) (0x60 + ((0x000000ff0 & v) >> 4));
|
||||
+ if ((0x00000ff0 & v) >> 4) {
|
||||
+ *p++ = (char) (0x60 + ((0x00000ff0 & v) >> 4));
|
||||
}
|
||||
|
||||
- sprintf(p, "-%i", (int) (0x00000000f & v));
|
||||
+ sprintf(p, "%x", 0x0000000f & v);
|
||||
|
||||
return buffer;
|
||||
}
|
||||
@@ -117,7 +117,7 @@ char const *ssl_version_by_num(uint64_t v)
|
||||
* @param high version to convert.
|
||||
* @return pointer to a static buffer containing the version range string.
|
||||
*/
|
||||
-char const *ssl_version_range(uint64_t low, uint64_t high)
|
||||
+char const *ssl_version_range(uint32_t low, uint32_t high)
|
||||
{
|
||||
/* 12 (version) + 3 ( - ) + 12 (version) */
|
||||
static char buffer[28];
|
||||
@@ -141,12 +141,12 @@ char const *ssl_version(void)
|
||||
{
|
||||
static char buffer[256];
|
||||
|
||||
- uint64_t v = (uint64_t) SSLeay();
|
||||
+ uint32_t v = SSLeay();
|
||||
|
||||
- snprintf(buffer, sizeof(buffer), "%s 0x%.9" PRIx64 " (%s)",
|
||||
+ snprintf(buffer, sizeof(buffer), "%s 0x%.8x (%s)",
|
||||
SSLeay_version(SSLEAY_VERSION), /* Not all builds include a useful version number */
|
||||
v,
|
||||
- ssl_version_by_num((uint64_t) v));
|
||||
+ ssl_version_by_num(v));
|
||||
|
||||
return buffer;
|
||||
}
|
||||
--
|
||||
2.1.4
|
||||
|
@ -52,6 +52,7 @@ Patch28: freeradius-raddb-Move-trigger.conf-INCLUDE-before-modules.patch
|
||||
Patch29: freeradius-Resolve-to-all-families-on-ip_hton-fallback.patch
|
||||
Patch30: freeradius-Don-t-overwrite-ip_hton-af-prefix-in-fr_pton4-6.patch
|
||||
Patch31: freeradius-raddb-Comment-on-ipaddr-ipv4addr-ipv6addr-use.patch
|
||||
Patch32: freeradius-Fix-OpenSSL-version-check-issues.patch
|
||||
|
||||
%global docdir %{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user