Handle OpenSSL-3.x

external/bsd/ntp/bin/ntp-keygen/Makefile

@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.7 2020/10/11 07:07:31 rin Exp $
+#	$NetBSD: Makefile,v 1.8 2023/05/09 20:51:14 christos Exp $
 
 .include <bsd.own.mk>
 
@@ -21,6 +21,7 @@ CPPFLAGS+=-I${IDIST}/include -I${IDIST}/sntp/libopts
 .PATH: ${DIST}
 
 COPTS.ntp-keygen.c+=	${${ACTIVE_CC} == "gcc" && ${HAVE_GCC:U0} == 8:? -Wno-error=restrict :}
+COPTS.ntp-keygen.c+=	-Wno-error=deprecated-declarations
 
 CLEANFILES+=${MAN}
 

external/bsd/ntp/bin/ntpd/Makefile

@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.28 2020/10/11 07:07:31 rin Exp $
+#	$NetBSD: Makefile,v 1.29 2023/05/09 20:51:14 christos Exp $
 
 .include <bsd.own.mk>
 
@@ -96,6 +96,7 @@ COPTS.refclock_parse.c+=	${GCC_NO_FORMAT_TRUNCATION}
 COPTS.refclock_leitch.c+=	${GCC_NO_FORMAT_TRUNCATION}
 COPTS.refclock_neoclock4x.c+=	${GCC_NO_FORMAT_TRUNCATION}
 COPTS.ntp_io.c+=        	${GCC_NO_ADDR_OF_PACKED_MEMBER}
+COPTS.ntp_crypto.c+=		-Wno-error=deprecated-declarations
 
 CLEANFILES+=${MAN}
 

external/bsd/ntp/bin/sntp/Makefile

@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.9 2020/10/11 07:07:32 rin Exp $
+# $NetBSD: Makefile,v 1.10 2023/05/09 20:51:14 christos Exp $
 
 USE_FORT?= yes	# network client/server
 
@@ -34,6 +34,7 @@ LDADD+= -L${LIBISC} -liscntp -levent -lm
 DPADD+=	${LIBM} ${LIBEVENT}
 
 COPTS.utilities.c+=	${GCC_NO_FORMAT_TRUNCATION}
+COPTS.crypto.c+=	-Wno-error=deprecated-declarations
 
 CLEANFILES+=${MAN}
 

external/bsd/ntp/dist/ntpd/ntp_crypto.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: ntp_crypto.c,v 1.16 2020/05/25 20:47:25 christos Exp $	*/
+/*	$NetBSD: ntp_crypto.c,v 1.17 2023/05/09 20:51:14 christos Exp $	*/
 
 /*
  * ntp_crypto.c - NTP version 4 public key routines
@@ -836,7 +836,7 @@ crypto_recv(
 			 * errors.
 			 */
 			if (vallen == (u_int)EVP_PKEY_size(host_pkey)) {
-				RSA *rsa = EVP_PKEY_get0_RSA(host_pkey);
+				RSA *rsa = __UNCONST(EVP_PKEY_get0_RSA(host_pkey));
 				u_int32 *cookiebuf = malloc(RSA_size(rsa));
 				if (!cookiebuf) {
 					rval = XEVNT_CKY;
@@ -1613,7 +1613,7 @@ crypto_encrypt(
 	puch = vp->ptr;
 	temp32 = htonl(*cookie);
 	if (RSA_public_encrypt(4, (u_char *)&temp32, puch,
-	    EVP_PKEY_get0_RSA(pkey), RSA_PKCS1_OAEP_PADDING) <= 0) {
+	    __UNCONST(EVP_PKEY_get0_RSA(pkey)), RSA_PKCS1_OAEP_PADDING) <= 0) {
 		msyslog(LOG_ERR, "crypto_encrypt: %s",
 		    ERR_error_string(ERR_get_error(), NULL));
 		free(vp->ptr);
@@ -2186,7 +2186,7 @@ crypto_alice(
 		return (XEVNT_ID);
 	}
 
-	if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {
+	if ((dsa = __UNCONST(EVP_PKEY_get0_DSA(peer->ident_pkey->pkey))) == NULL) {
 		msyslog(LOG_NOTICE, "crypto_alice: defective key");
 		return (XEVNT_PUB);
 	}
@@ -2264,7 +2264,7 @@ crypto_bob(
 		msyslog(LOG_NOTICE, "crypto_bob: scheme unavailable");
 		return (XEVNT_ID);
 	}
-	dsa = EVP_PKEY_get0_DSA(iffkey_info->pkey);
+	dsa = __UNCONST(EVP_PKEY_get0_DSA(iffkey_info->pkey));
 	DSA_get0_pqg(dsa, &p, &q, &g);
 	DSA_get0_key(dsa, NULL, &priv_key);
 
@@ -2383,7 +2383,7 @@ crypto_iff(
 		    ntohl(ep->fstamp));
 		return (XEVNT_FSP);
 	}
-	if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {
+	if ((dsa = __UNCONST(EVP_PKEY_get0_DSA(peer->ident_pkey->pkey))) == NULL) {
 		msyslog(LOG_NOTICE, "crypto_iff: defective key");
 		return (XEVNT_PUB);
 	}
@@ -2516,7 +2516,7 @@ crypto_alice2(
 	if (peer->ident_pkey == NULL)
 		return (XEVNT_ID);
 
-	if ((rsa = EVP_PKEY_get0_RSA(peer->ident_pkey->pkey)) == NULL) {
+	if ((rsa = __UNCONST(EVP_PKEY_get0_RSA(peer->ident_pkey->pkey))) == NULL) {
 		msyslog(LOG_NOTICE, "crypto_alice2: defective key");
 		return (XEVNT_PUB);
 	}
@@ -2594,7 +2594,7 @@ crypto_bob2(
 		msyslog(LOG_NOTICE, "crypto_bob2: scheme unavailable");
 		return (XEVNT_ID);
 	}
-	rsa = EVP_PKEY_get0_RSA(gqkey_info->pkey);
+	rsa = __UNCONST(EVP_PKEY_get0_RSA(gqkey_info->pkey));
 	RSA_get0_key(rsa, &n, &p, &e);
 
 	/*
@@ -2707,7 +2707,7 @@ crypto_gq(
 		    ntohl(ep->fstamp));
 		return (XEVNT_FSP);
 	}
-	if ((rsa = EVP_PKEY_get0_RSA(peer->ident_pkey->pkey)) == NULL) {
+	if ((rsa = __UNCONST(EVP_PKEY_get0_RSA(peer->ident_pkey->pkey))) == NULL) {
 		msyslog(LOG_NOTICE, "crypto_gq: defective key");
 		return (XEVNT_PUB);
 	}
@@ -2860,7 +2860,7 @@ crypto_alice3(
 	if (peer->ident_pkey == NULL)
 		return (XEVNT_ID);
 
-	if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {
+	if ((dsa = __UNCONST(EVP_PKEY_get0_DSA(peer->ident_pkey->pkey))) == NULL) {
 		msyslog(LOG_NOTICE, "crypto_alice3: defective key");
 		return (XEVNT_PUB);
 	}
@@ -2938,7 +2938,7 @@ crypto_bob3(
 		msyslog(LOG_NOTICE, "crypto_bob3: scheme unavailable");
 		return (XEVNT_ID);
 	}
-	dsa = EVP_PKEY_get0_DSA(mvkey_info->pkey);
+	dsa = __UNCONST(EVP_PKEY_get0_DSA(mvkey_info->pkey));
 	DSA_get0_pqg(dsa, &p, &q, &g);
 	DSA_get0_key(dsa, &pub_key, &priv_key);
 
@@ -3058,7 +3058,7 @@ crypto_mv(
 		    ntohl(ep->fstamp));
 		return (XEVNT_FSP);
 	}
-	if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {
+	if ((dsa = __UNCONST(EVP_PKEY_get0_DSA(peer->ident_pkey->pkey))) == NULL) {
 		msyslog(LOG_NOTICE, "crypto_mv: defective key");
 		return (XEVNT_PUB);
 	}

external/bsd/ntp/dist/util/ntp-keygen.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: ntp-keygen.c,v 1.14 2020/05/27 23:52:20 christos Exp $	*/
+/*	$NetBSD: ntp-keygen.c,v 1.15 2023/05/09 20:51:15 christos Exp $	*/
 
 /*
  * Program to generate cryptographic keys for ntp clients and servers
@@ -645,7 +645,7 @@ main(
 		RSA	*rsa;
 		const BIGNUM *q;
 
-		rsa = EVP_PKEY_get0_RSA(pkey_gqkey);
+		rsa = __UNCONST(EVP_PKEY_get0_RSA(pkey_gqkey));
 		RSA_get0_factors(rsa, NULL, &q);
 		grpkey = BN_bn2hex(q);
 	}
@@ -666,7 +666,7 @@ main(
 		    ctime(&epoch));
 		/* XXX: This modifies the private key and should probably use a
 		 * copy of it instead. */
-		rsa = EVP_PKEY_get0_RSA(pkey_gqkey);
+		rsa = __UNCONST(EVP_PKEY_get0_RSA(pkey_gqkey));
 		RSA_set0_factors(rsa, BN_dup(BN_value_one()), BN_dup(BN_value_one()));
 		pkey = EVP_PKEY_new();
 		EVP_PKEY_assign_RSA(pkey, rsa);
@@ -689,7 +689,7 @@ main(
 		    filename);
 		fprintf(stdout, "# %s\n# %s\n", filename,
 		    ctime(&epoch));
-		rsa = EVP_PKEY_get0_RSA(pkey_gqkey);
+		rsa = __UNCONST(EVP_PKEY_get0_RSA(pkey_gqkey));
 		pkey = EVP_PKEY_new();
 		EVP_PKEY_assign_RSA(pkey, rsa);
 		PEM_write_PKCS8PrivateKey(stdout, pkey, cipher, NULL, 0,
@@ -732,7 +732,7 @@ main(
 		    ctime(&epoch));
 		/* XXX: This modifies the private key and should probably use a
 		 * copy of it instead. */
-		dsa = EVP_PKEY_get0_DSA(pkey_iffkey);
+		dsa = __UNCONST(EVP_PKEY_get0_DSA(pkey_iffkey));
 		DSA_set0_key(dsa, NULL, BN_dup(BN_value_one()));
 		pkey = EVP_PKEY_new();
 		EVP_PKEY_assign_DSA(pkey, dsa);
@@ -755,7 +755,7 @@ main(
 		    filename);
 		fprintf(stdout, "# %s\n# %s\n", filename,
 		    ctime(&epoch));
-		dsa = EVP_PKEY_get0_DSA(pkey_iffkey);
+		dsa = __UNCONST(EVP_PKEY_get0_DSA(pkey_iffkey));
 		pkey = EVP_PKEY_new();
 		EVP_PKEY_assign_DSA(pkey, dsa);
 		PEM_write_PKCS8PrivateKey(stdout, pkey, cipher, NULL, 0,