Fix OpenSSL version check issues

Resolves: Bug#1173821
This commit is contained in:
Nikolai Kondrashov 2015-01-19 18:04:06 +02:00
parent c9fec23c45
commit 2376f330f3
2 changed files with 132 additions and 0 deletions

View File

@ -0,0 +1,131 @@
From 6d296f2c4f3c58742543cc0508642c6d06747aea Mon Sep 17 00:00:00 2001
From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Date: Thu, 16 Oct 2014 11:16:57 -0400
Subject: [PATCH 1/1] Fix OpenSSL version check issues
---
src/include/radiusd.h | 4 ++--
src/main/version.c | 40 ++++++++++++++++++++--------------------
2 files changed, 22 insertions(+), 22 deletions(-)
diff --git a/src/include/radiusd.h b/src/include/radiusd.h
index 53a1f3e..1bf15d7 100644
--- a/src/include/radiusd.h
+++ b/src/include/radiusd.h
@@ -598,8 +598,8 @@ void pairlist_free(PAIR_LIST **);
/* version.c */
int rad_check_lib_magic(uint64_t magic);
int ssl_check_consistency(void);
-char const *ssl_version_by_num(uint64_t version);
-char const *ssl_version_range(uint64_t low, uint64_t high);
+char const *ssl_version_by_num(uint32_t version);
+char const *ssl_version_range(uint32_t low, uint32_t high);
char const *ssl_version(void);
void version(void);
diff --git a/src/main/version.c b/src/main/version.c
index 8b56ffa..fd97970 100644
--- a/src/main/version.c
+++ b/src/main/version.c
@@ -38,7 +38,7 @@ static long ssl_built = OPENSSL_VERSION_NUMBER;
/** Check built and linked versions of OpenSSL match
*
* OpenSSL version number consists of:
- * MMNNFFPPS: major minor fix patch status
+ * MNNFFPPS: major minor fix patch status
*
* Where status >= 0 && < 10 means beta, and status 10 means release.
*
@@ -56,11 +56,11 @@ int ssl_check_consistency(void)
/*
* Status mismatch always triggers error.
*/
- if ((ssl_linked & 0x00000000f) != (ssl_built & 0x00000000f)) {
+ if ((ssl_linked & 0x0000000f) != (ssl_built & 0x0000000f)) {
mismatch:
ERROR("libssl version mismatch. built: %lx linked: %lx",
- (unsigned long) ssl_built,
- (unsigned long) ssl_linked);
+ (unsigned long) ssl_built,
+ (unsigned long) ssl_linked);
return -1;
}
@@ -70,14 +70,14 @@ int ssl_check_consistency(void)
* 1.0.0 and only allow moving backwards within a patch
* series.
*/
- if (ssl_built & 0xff) {
- if ((ssl_built & 0xffff) != (ssl_linked & 0xffff) ||
- (ssl_built & 0x0000ff) > (ssl_linked & 0x0000ff)) goto mismatch;
+ if (ssl_built & 0xf00000000) {
+ if ((ssl_built & 0xfffff000) != (ssl_linked & 0xfffff000) ||
+ (ssl_built & 0x00000ff0) > (ssl_linked & 0x00000ff0)) goto mismatch;
/*
* Before 1.0.0 we require the same major minor and fix version
* and ignore the patch number.
*/
- } else if ((ssl_built & 0xffffff) != (ssl_linked & 0xffffff)) goto mismatch;
+ } else if ((ssl_built & 0xfffff000) != (ssl_linked & 0xfffff000)) goto mismatch;
return 0;
}
@@ -89,22 +89,22 @@ int ssl_check_consistency(void)
* @param v version to convert.
* @return pointer to a static buffer containing the version string.
*/
-char const *ssl_version_by_num(uint64_t v)
+char const *ssl_version_by_num(uint32_t v)
{
/* 2 (%s) + 1 (.) + 2 (%i) + 1 (.) + 2 (%i) + 1 (c) + 1 (-) + 2 (%i) + \0 */
static char buffer[13];
char *p = buffer;
- p += sprintf(p, "%i.%i.%i",
- (int) ((0xff0000000 & v) >> 28),
- (int) ((0x00ff00000 & v) >> 20),
- (int) ((0x0000ff000 & v) >> 12));
+ p += sprintf(p, "%u.%u.%u",
+ (0xf0000000 & v) >> 28,
+ (0x0ff00000 & v) >> 20,
+ (0x000ff000 & v) >> 12);
- if ((0x000000ff0 & v) >> 4) {
- *p++ = (char) (0x60 + ((0x000000ff0 & v) >> 4));
+ if ((0x00000ff0 & v) >> 4) {
+ *p++ = (char) (0x60 + ((0x00000ff0 & v) >> 4));
}
- sprintf(p, "-%i", (int) (0x00000000f & v));
+ sprintf(p, "%x", 0x0000000f & v);
return buffer;
}
@@ -117,7 +117,7 @@ char const *ssl_version_by_num(uint64_t v)
* @param high version to convert.
* @return pointer to a static buffer containing the version range string.
*/
-char const *ssl_version_range(uint64_t low, uint64_t high)
+char const *ssl_version_range(uint32_t low, uint32_t high)
{
/* 12 (version) + 3 ( - ) + 12 (version) */
static char buffer[28];
@@ -141,12 +141,12 @@ char const *ssl_version(void)
{
static char buffer[256];
- uint64_t v = (uint64_t) SSLeay();
+ uint32_t v = SSLeay();
- snprintf(buffer, sizeof(buffer), "%s 0x%.9" PRIx64 " (%s)",
+ snprintf(buffer, sizeof(buffer), "%s 0x%.8x (%s)",
SSLeay_version(SSLEAY_VERSION), /* Not all builds include a useful version number */
v,
- ssl_version_by_num((uint64_t) v));
+ ssl_version_by_num(v));
return buffer;
}
--
2.1.4

View File

@ -52,6 +52,7 @@ Patch28: freeradius-raddb-Move-trigger.conf-INCLUDE-before-modules.patch
Patch29: freeradius-Resolve-to-all-families-on-ip_hton-fallback.patch
Patch30: freeradius-Don-t-overwrite-ip_hton-af-prefix-in-fr_pton4-6.patch
Patch31: freeradius-raddb-Comment-on-ipaddr-ipv4addr-ipv6addr-use.patch
Patch32: freeradius-Fix-OpenSSL-version-check-issues.patch
%global docdir %{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}}