[packages/OSPToolkit] - up to 4.13.0; openssl patch from debian
arekm
arekm at pld-linux.org
Thu Sep 20 09:21:28 CEST 2018
commit de7e8a4abe4d240f34aaa511c899063c351c7500
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Thu Sep 20 09:21:21 2018 +0200
- up to 4.13.0; openssl patch from debian
OSPToolkit.spec | 11 ++-
openssl.patch | 236 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 243 insertions(+), 4 deletions(-)
---
diff --git a/OSPToolkit.spec b/OSPToolkit.spec
index 3f473cd..8ffadcb 100644
--- a/OSPToolkit.spec
+++ b/OSPToolkit.spec
@@ -1,13 +1,14 @@
Summary: Implementation of the ETSI OSP VoIP Peering protocol
Summary(pl.UTF-8): Implementacja protokołu ETSI OSP VoIP Peering
Name: OSPToolkit
-Version: 4.2.0
-Release: 3
+Version: 4.13.0
+Release: 1
License: BSD
Group: Libraries
Source0: http://downloads.sourceforge.net/osp-toolkit/%{name}-%{version}.tar.gz
-# Source0-md5: edb0ac6d84cf6da0f0406f3d356b6204
+# Source0-md5: 456c59a7c1c9049f797c471f760546c8
Patch0: sharedlib.patch
+Patch1: openssl.patch
URL: http://www.freerouteserver.com/index.php/osp-toolkit
BuildRequires: openssl-devel
BuildRequires: sed >= 4.0
@@ -54,8 +55,10 @@ Static OSP Toolkit library.
Statyczna biblioteka OSP Toolkit.
%prep
-%setup -q -n TK-%(echo %{version} | tr . _)-20131014
+%setup -q -n TK-%(echo %{version} | tr . _)-20161107
%patch0 -p1
+%patch1 -p1
+
%{__sed} -i -e 's,\$(INSTALL_PATH)/lib,$(INSTALL_PATH)/%{_lib},' src/Makefile
%build
diff --git a/openssl.patch b/openssl.patch
new file mode 100644
index 0000000..b058ad3
--- /dev/null
+++ b/openssl.patch
@@ -0,0 +1,236 @@
+Description: Changes for OpenSSL 1.1.0.
+Forwarded: no
+From: Di-Shi Sun <di-shi at transnexus.com>
+Last-Update: 2017-02-21
+
+--- a/src/ospcryptowrap.c
++++ b/src/ospcryptowrap.c
+@@ -45,7 +45,12 @@
+ unsigned char digestedData[OSPC_CRYPTO_DIGEST_BUFFER_MAXLENGTH];
+ unsigned int digestedDataLength = 0;
+
+- EVP_MD_CTX ctx;
++#if (OPENSSL_VERSION_NUMBER >= 0x010100000)
++ EVP_MD_CTX *ctx;
++#else
++ EVP_MD_CTX ctxbuf;
++ EVP_MD_CTX *ctx = &ctxbuf;
++#endif
+ EVP_MD *type = OSPC_OSNULL;
+
+ OSPM_ARGUSED(ospvFlags);
+@@ -60,9 +65,15 @@
+
+ if (type) {
+ /* Calcualte digest */
+- EVP_DigestInit(&ctx, type);
+- EVP_DigestUpdate(&ctx, ospvData, ospvDataLength);
+- EVP_DigestFinal(&ctx, digestedData, &digestedDataLength);
++#if (OPENSSL_VERSION_NUMBER >= 0x010100000)
++ ctx = EVP_MD_CTX_new();
++#endif
++ EVP_DigestInit(ctx, type);
++ EVP_DigestUpdate(ctx, ospvData, ospvDataLength);
++ EVP_DigestFinal(ctx, digestedData, &digestedDataLength);
++#if (OPENSSL_VERSION_NUMBER >= 0x010100000)
++ EVP_MD_CTX_free(ctx);
++#endif
+ errorcode = OSPC_ERR_NO_ERROR;
+ } else {
+ OSPM_DBGERRORLOG(errorcode, "Error setting digest type");
+@@ -127,10 +138,7 @@
+ unsigned char decryptedData[OSPC_CRYPTO_ENCRYPT_BUFFER_MAXLENGTH];
+ unsigned int decryptedDataLength = 0;
+
+- X509_PUBKEY *pX509PubKey = OSPC_OSNULL;
+ RSA *pRSAPubKey = OSPC_OSNULL;
+- unsigned char *pData = OSPC_OSNULL;
+- unsigned int len = 0;
+
+ OSPM_ARGUSED(ospvFlags);
+ OSPM_ARGUSED(ospvBERAlgorithm);
+@@ -139,34 +147,21 @@
+ OSPTNLOGDUMP(ospvEncryptedData, ospvEncryptedDataLength, "DECRYPT: ospvEncryptedData");
+ OSPTNLOGDUMP(ospvBERReaderKey, ospvBERReaderKeyLength, "DECRYPT: ospvBERReaderKey");
+
+- pX509PubKey = d2i_X509_PUBKEY(NULL, (const unsigned char **)(&ospvBERReaderKey), ospvBERReaderKeyLength);
+-
+- if (pX509PubKey) {
+- pData = pX509PubKey->public_key->data;
+- len = pX509PubKey->public_key->length;
+- pRSAPubKey = d2i_RSAPublicKey(NULL, (const unsigned char **)&pData, len);
+-
+- if (pRSAPubKey) {
+- decryptedDataLength = RSA_public_decrypt(ospvEncryptedDataLength, ospvEncryptedData, decryptedData, pRSAPubKey, RSA_PKCS1_PADDING);
+- if (decryptedDataLength != -1) {
+- errorcode = OSPC_ERR_NO_ERROR;
+- } else {
+- OSPM_DBGERRORLOG(errorcode, "Failed to decrypt message");
+- }
+-
+- /* Free up mem */
+- RSA_free(pRSAPubKey);
++ pRSAPubKey = d2i_RSA_PUBKEY(NULL, (const unsigned char **)(&ospvBERReaderKey), ospvBERReaderKeyLength);
++ if (pRSAPubKey) {
++ decryptedDataLength = RSA_public_decrypt(ospvEncryptedDataLength, ospvEncryptedData, decryptedData, pRSAPubKey, RSA_PKCS1_PADDING);
++ if (decryptedDataLength != -1) {
++ errorcode = OSPC_ERR_NO_ERROR;
+ } else {
+- OSPM_DBGERRORLOG(errorcode, "Failed to init RSA key");
++ OSPM_DBGERRORLOG(errorcode, "Failed to decrypt message");
+ }
+
+ /* Free up mem */
+- X509_PUBKEY_free(pX509PubKey);
++ RSA_free(pRSAPubKey);
+ } else {
+- OSPM_DBGERRORLOG(errorcode, "Failed to init X509_PUBKEY");
++ OSPM_DBGERRORLOG(errorcode, "Failed to init RSA key");
+ }
+
+-
+ /* Copy results to OUT params */
+ if (errorcode == OSPC_ERR_NO_ERROR) {
+ if (ospvDecryptedData == OSPC_OSNULL) {
+@@ -202,10 +197,7 @@
+ int errorcode = OSPC_ERR_CRYPTO_IMPLEMENTATION_SPECIFIC_ERROR;
+ unsigned char digestedData[OSPC_CRYPTO_DIGEST_BUFFER_MAXLENGTH];
+ unsigned int digestedDataLength = OSPC_CRYPTO_DIGEST_BUFFER_MAXLENGTH;
+- X509_PUBKEY *pX509PubKey = OSPC_OSNULL;
+ RSA *pRSAPubKey = OSPC_OSNULL;
+- unsigned char *pData = OSPC_OSNULL;
+- unsigned int len = 0;
+ int type = NID_md5;
+
+ OSPM_ARGUSED(ospvFlags);
+@@ -214,34 +206,22 @@
+ OSPTNLOGDUMP(ospvSignature, ospvSignatureLength, "VERIFY: ospvSignature");
+ OSPTNLOGDUMP(ospvBERReaderKey, ospvBERReaderKeyLength, "VERIFY: ospvBERReaderKey");
+
+- pX509PubKey = d2i_X509_PUBKEY(NULL, (const unsigned char **)(&ospvBERReaderKey), ospvBERReaderKeyLength);
+-
+- if (pX509PubKey) {
+- pData = pX509PubKey->public_key->data;
+- len = pX509PubKey->public_key->length;
+- pRSAPubKey = d2i_RSAPublicKey(NULL, (const unsigned char **)&pData, len);
+-
+- if (pRSAPubKey) {
+- if (OSPC_ERR_NO_ERROR == OSPPCryptoWrapDigest(digestedData, &digestedDataLength, OSPC_OSNULL, 0, ospvData, ospvDataLength, 0)) {
+- if (1 == RSA_verify(type, digestedData, digestedDataLength, ospvSignature, ospvSignatureLength, pRSAPubKey)) {
+- errorcode = OSPC_ERR_NO_ERROR;
+- } else {
+- OSPM_DBGERRORLOG(errorcode, "Open-SSL error occurred in Verify");
+- }
++ pRSAPubKey = d2i_RSA_PUBKEY(NULL, (const unsigned char **)(&ospvBERReaderKey), ospvBERReaderKeyLength);
++ if (pRSAPubKey) {
++ if (OSPC_ERR_NO_ERROR == OSPPCryptoWrapDigest(digestedData, &digestedDataLength, OSPC_OSNULL, 0, ospvData, ospvDataLength, 0)) {
++ if (1 == RSA_verify(type, digestedData, digestedDataLength, ospvSignature, ospvSignatureLength, pRSAPubKey)) {
++ errorcode = OSPC_ERR_NO_ERROR;
+ } else {
+- OSPM_DBGERRORLOG(errorcode, "Failed to calculate digest");
++ OSPM_DBGERRORLOG(errorcode, "Open-SSL error occurred in Verify");
+ }
+-
+- /* Free up mem */
+- RSA_free(pRSAPubKey);
+ } else {
+- OSPM_DBGERRORLOG(errorcode, "Failed to init RSA key");
++ OSPM_DBGERRORLOG(errorcode, "Failed to calculate digest");
+ }
+
+ /* Free up mem */
+- X509_PUBKEY_free(pX509PubKey);
++ RSA_free(pRSAPubKey);
+ } else {
+- OSPM_DBGERRORLOG(errorcode, "Failed to init X509_PUBKEY");
++ OSPM_DBGERRORLOG(errorcode, "Failed to init RSA key");
+ }
+
+ return errorcode;
+Description: Changes for OpenSSL 1.1.0.
+Forwarded: no
+From: Di-Shi Sun <di-shi at transnexus.com>
+Last-Update: 2017-02-21
+
+--- a/src/ospopenssl.c
++++ b/src/ospopenssl.c
+@@ -84,7 +84,11 @@
+ * function. It will be done only once now, rather than with every ProviderNew
+ */
+ ctx = (SSL_CTX **)&(security->ContextRef);
++#if (OPENSSL_VERSION_NUMBER >= 0x010100000)
++ version = TLS_client_method();
++#else
+ version = TLSv1_client_method();
++#endif
+ *ctx = SSL_CTX_new(version);
+
+ if (*ctx != OSPC_OSNULL) {
+@@ -508,21 +512,21 @@
+ ok = 0;
+ }
+ }
+- switch (ctx->error) {
++ switch (err) {
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+- X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, 256);
++ X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256);
+ BIO_printf(bio_stdout, "issuer= %s\n", buf);
+ break;
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+ BIO_printf(bio_stdout, "notBefore=");
+- ASN1_TIME_print(bio_stdout, X509_get_notBefore(ctx->current_cert));
++ ASN1_TIME_print(bio_stdout, X509_get_notBefore(err_cert));
+ BIO_printf(bio_stdout, "\n");
+ break;
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+ BIO_printf(bio_stdout, "notAfter=");
+- ASN1_TIME_print(bio_stdout, X509_get_notAfter(ctx->current_cert));
++ ASN1_TIME_print(bio_stdout, X509_get_notAfter(err_cert));
+ BIO_printf(bio_stdout, "\n");
+ break;
+ }
+Description: Changes for gcc and ABI issues.
+Forwarded: no
+From: Di-Shi Sun <di-shi at transnexus.com>
+Last-Update: 2017-02-13
+
+--- a/src/osptransapi.c
++++ b/src/osptransapi.c
+@@ -983,7 +983,7 @@
+ /* sample mean - have to cast Samples to a float to get some precision on the mean */
+ mean = ((metrics.mean * currnumber) + (ospvMean * ospvSamples)) / (float)metrics.samples;
+
+- OSPM_ISNAN(metrics.mean, tnisnan);
++ OSPM_ISNAN(((float)metrics.mean), tnisnan);
+
+ if (tnisnan) {
+ errcode = OSPC_ERR_TRAN_INVALID_CALC;
+@@ -5297,7 +5297,7 @@
+ return errcode;
+ }
+
+-int OSPPTransactionSetSrcServiceProvider(
++int OSPPTransactionSetServiceProvider(
+ OSPTTRANHANDLE ospvTransaction, /* In - Transaction handle */
+ const char *ospvServiceProvider) /* In - Service provider */
+ {
+Description: Change for ABI issue.
+Forwarded: no
+From: Di-Shi Sun <di-shi at transnexus.com>
+Last-Update: 2017-02-28
+
+--- a/include/osp/osptransapi.h
++++ b/include/osp/osptransapi.h
+@@ -136,7 +136,8 @@
+ int OSPPTransactionSetTransferId(OSPTTRANHANDLE, const char*);
+ int OSPPTransactionSetTransferStatus(OSPTTRANHANDLE, OSPE_TRANSFER_STATUS);
+ int OSPPTransactionSetNetworkTranslatedCalledNumber(OSPTTRANHANDLE, OSPE_NUMBER_FORMAT, const char *);
+- int OSPPTransactionSetSrcServiceProvider(OSPTTRANHANDLE, const char *);
++ int OSPPTransactionSetServiceProvider(OSPTTRANHANDLE, const char *);
++#define OSPPTransactionSetSrcServiceProvider(transaction, provider) OSPPTransactionSetServiceProvider(transaction, provider);
+ int OSPPTransactionSetDestServiceProvider(OSPTTRANHANDLE, const char *);
+ int OSPPTransactionSetSystemId(OSPTTRANHANDLE, const char *);
+ int OSPPTransactionSetRelatedReason(OSPTTRANHANDLE, const char *);
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/OSPToolkit.git/commitdiff/de7e8a4abe4d240f34aaa511c899063c351c7500
More information about the pld-cvs-commit
mailing list