2376f330f3
Resolves: Bug#1173821
132 lines
4.3 KiB
Diff
132 lines
4.3 KiB
Diff
From 6d296f2c4f3c58742543cc0508642c6d06747aea Mon Sep 17 00:00:00 2001
|
|
From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
|
|
Date: Thu, 16 Oct 2014 11:16:57 -0400
|
|
Subject: [PATCH 1/1] Fix OpenSSL version check issues
|
|
|
|
---
|
|
src/include/radiusd.h | 4 ++--
|
|
src/main/version.c | 40 ++++++++++++++++++++--------------------
|
|
2 files changed, 22 insertions(+), 22 deletions(-)
|
|
|
|
diff --git a/src/include/radiusd.h b/src/include/radiusd.h
|
|
index 53a1f3e..1bf15d7 100644
|
|
--- a/src/include/radiusd.h
|
|
+++ b/src/include/radiusd.h
|
|
@@ -598,8 +598,8 @@ void pairlist_free(PAIR_LIST **);
|
|
/* version.c */
|
|
int rad_check_lib_magic(uint64_t magic);
|
|
int ssl_check_consistency(void);
|
|
-char const *ssl_version_by_num(uint64_t version);
|
|
-char const *ssl_version_range(uint64_t low, uint64_t high);
|
|
+char const *ssl_version_by_num(uint32_t version);
|
|
+char const *ssl_version_range(uint32_t low, uint32_t high);
|
|
char const *ssl_version(void);
|
|
void version(void);
|
|
|
|
diff --git a/src/main/version.c b/src/main/version.c
|
|
index 8b56ffa..fd97970 100644
|
|
--- a/src/main/version.c
|
|
+++ b/src/main/version.c
|
|
@@ -38,7 +38,7 @@ static long ssl_built = OPENSSL_VERSION_NUMBER;
|
|
/** Check built and linked versions of OpenSSL match
|
|
*
|
|
* OpenSSL version number consists of:
|
|
- * MMNNFFPPS: major minor fix patch status
|
|
+ * MNNFFPPS: major minor fix patch status
|
|
*
|
|
* Where status >= 0 && < 10 means beta, and status 10 means release.
|
|
*
|
|
@@ -56,11 +56,11 @@ int ssl_check_consistency(void)
|
|
/*
|
|
* Status mismatch always triggers error.
|
|
*/
|
|
- if ((ssl_linked & 0x00000000f) != (ssl_built & 0x00000000f)) {
|
|
+ if ((ssl_linked & 0x0000000f) != (ssl_built & 0x0000000f)) {
|
|
mismatch:
|
|
ERROR("libssl version mismatch. built: %lx linked: %lx",
|
|
- (unsigned long) ssl_built,
|
|
- (unsigned long) ssl_linked);
|
|
+ (unsigned long) ssl_built,
|
|
+ (unsigned long) ssl_linked);
|
|
|
|
return -1;
|
|
}
|
|
@@ -70,14 +70,14 @@ int ssl_check_consistency(void)
|
|
* 1.0.0 and only allow moving backwards within a patch
|
|
* series.
|
|
*/
|
|
- if (ssl_built & 0xff) {
|
|
- if ((ssl_built & 0xffff) != (ssl_linked & 0xffff) ||
|
|
- (ssl_built & 0x0000ff) > (ssl_linked & 0x0000ff)) goto mismatch;
|
|
+ if (ssl_built & 0xf00000000) {
|
|
+ if ((ssl_built & 0xfffff000) != (ssl_linked & 0xfffff000) ||
|
|
+ (ssl_built & 0x00000ff0) > (ssl_linked & 0x00000ff0)) goto mismatch;
|
|
/*
|
|
* Before 1.0.0 we require the same major minor and fix version
|
|
* and ignore the patch number.
|
|
*/
|
|
- } else if ((ssl_built & 0xffffff) != (ssl_linked & 0xffffff)) goto mismatch;
|
|
+ } else if ((ssl_built & 0xfffff000) != (ssl_linked & 0xfffff000)) goto mismatch;
|
|
|
|
return 0;
|
|
}
|
|
@@ -89,22 +89,22 @@ int ssl_check_consistency(void)
|
|
* @param v version to convert.
|
|
* @return pointer to a static buffer containing the version string.
|
|
*/
|
|
-char const *ssl_version_by_num(uint64_t v)
|
|
+char const *ssl_version_by_num(uint32_t v)
|
|
{
|
|
/* 2 (%s) + 1 (.) + 2 (%i) + 1 (.) + 2 (%i) + 1 (c) + 1 (-) + 2 (%i) + \0 */
|
|
static char buffer[13];
|
|
char *p = buffer;
|
|
|
|
- p += sprintf(p, "%i.%i.%i",
|
|
- (int) ((0xff0000000 & v) >> 28),
|
|
- (int) ((0x00ff00000 & v) >> 20),
|
|
- (int) ((0x0000ff000 & v) >> 12));
|
|
+ p += sprintf(p, "%u.%u.%u",
|
|
+ (0xf0000000 & v) >> 28,
|
|
+ (0x0ff00000 & v) >> 20,
|
|
+ (0x000ff000 & v) >> 12);
|
|
|
|
- if ((0x000000ff0 & v) >> 4) {
|
|
- *p++ = (char) (0x60 + ((0x000000ff0 & v) >> 4));
|
|
+ if ((0x00000ff0 & v) >> 4) {
|
|
+ *p++ = (char) (0x60 + ((0x00000ff0 & v) >> 4));
|
|
}
|
|
|
|
- sprintf(p, "-%i", (int) (0x00000000f & v));
|
|
+ sprintf(p, "%x", 0x0000000f & v);
|
|
|
|
return buffer;
|
|
}
|
|
@@ -117,7 +117,7 @@ char const *ssl_version_by_num(uint64_t v)
|
|
* @param high version to convert.
|
|
* @return pointer to a static buffer containing the version range string.
|
|
*/
|
|
-char const *ssl_version_range(uint64_t low, uint64_t high)
|
|
+char const *ssl_version_range(uint32_t low, uint32_t high)
|
|
{
|
|
/* 12 (version) + 3 ( - ) + 12 (version) */
|
|
static char buffer[28];
|
|
@@ -141,12 +141,12 @@ char const *ssl_version(void)
|
|
{
|
|
static char buffer[256];
|
|
|
|
- uint64_t v = (uint64_t) SSLeay();
|
|
+ uint32_t v = SSLeay();
|
|
|
|
- snprintf(buffer, sizeof(buffer), "%s 0x%.9" PRIx64 " (%s)",
|
|
+ snprintf(buffer, sizeof(buffer), "%s 0x%.8x (%s)",
|
|
SSLeay_version(SSLEAY_VERSION), /* Not all builds include a useful version number */
|
|
v,
|
|
- ssl_version_by_num((uint64_t) v));
|
|
+ ssl_version_by_num(v));
|
|
|
|
return buffer;
|
|
}
|
|
--
|
|
2.1.4
|
|
|