From 6d3d964ef41919acec58445353152c80d1fd09f7 Mon Sep 17 00:00:00 2001 From: christos Date: Tue, 9 May 2023 20:51:14 +0000 Subject: [PATCH] Handle OpenSSL-3.x --- external/bsd/ntp/bin/ntp-keygen/Makefile | 3 ++- external/bsd/ntp/bin/ntpd/Makefile | 3 ++- external/bsd/ntp/bin/sntp/Makefile | 3 ++- external/bsd/ntp/dist/ntpd/ntp_crypto.c | 24 ++++++++++++------------ external/bsd/ntp/dist/util/ntp-keygen.c | 12 ++++++------ 5 files changed, 24 insertions(+), 21 deletions(-) diff --git a/external/bsd/ntp/bin/ntp-keygen/Makefile b/external/bsd/ntp/bin/ntp-keygen/Makefile index 4ee375dff5f2..fbefcfacdf83 100644 --- a/external/bsd/ntp/bin/ntp-keygen/Makefile +++ b/external/bsd/ntp/bin/ntp-keygen/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.7 2020/10/11 07:07:31 rin Exp $ +# $NetBSD: Makefile,v 1.8 2023/05/09 20:51:14 christos Exp $ .include @@ -21,6 +21,7 @@ CPPFLAGS+=-I${IDIST}/include -I${IDIST}/sntp/libopts .PATH: ${DIST} COPTS.ntp-keygen.c+= ${${ACTIVE_CC} == "gcc" && ${HAVE_GCC:U0} == 8:? -Wno-error=restrict :} +COPTS.ntp-keygen.c+= -Wno-error=deprecated-declarations CLEANFILES+=${MAN} diff --git a/external/bsd/ntp/bin/ntpd/Makefile b/external/bsd/ntp/bin/ntpd/Makefile index 1d393fd154f5..597730045de0 100644 --- a/external/bsd/ntp/bin/ntpd/Makefile +++ b/external/bsd/ntp/bin/ntpd/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.28 2020/10/11 07:07:31 rin Exp $ +# $NetBSD: Makefile,v 1.29 2023/05/09 20:51:14 christos Exp $ .include @@ -96,6 +96,7 @@ COPTS.refclock_parse.c+= ${GCC_NO_FORMAT_TRUNCATION} COPTS.refclock_leitch.c+= ${GCC_NO_FORMAT_TRUNCATION} COPTS.refclock_neoclock4x.c+= ${GCC_NO_FORMAT_TRUNCATION} COPTS.ntp_io.c+= ${GCC_NO_ADDR_OF_PACKED_MEMBER} +COPTS.ntp_crypto.c+= -Wno-error=deprecated-declarations CLEANFILES+=${MAN} diff --git a/external/bsd/ntp/bin/sntp/Makefile b/external/bsd/ntp/bin/sntp/Makefile index f3fa72190669..22f9d96e0102 100644 --- a/external/bsd/ntp/bin/sntp/Makefile +++ b/external/bsd/ntp/bin/sntp/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.9 2020/10/11 07:07:32 rin Exp $ +# $NetBSD: Makefile,v 1.10 2023/05/09 20:51:14 christos Exp $ USE_FORT?= yes # network client/server @@ -34,6 +34,7 @@ LDADD+= -L${LIBISC} -liscntp -levent -lm DPADD+= ${LIBM} ${LIBEVENT} COPTS.utilities.c+= ${GCC_NO_FORMAT_TRUNCATION} +COPTS.crypto.c+= -Wno-error=deprecated-declarations CLEANFILES+=${MAN} diff --git a/external/bsd/ntp/dist/ntpd/ntp_crypto.c b/external/bsd/ntp/dist/ntpd/ntp_crypto.c index 0d9358cbbcbf..ed3150efe3a3 100644 --- a/external/bsd/ntp/dist/ntpd/ntp_crypto.c +++ b/external/bsd/ntp/dist/ntpd/ntp_crypto.c @@ -1,4 +1,4 @@ -/* $NetBSD: ntp_crypto.c,v 1.16 2020/05/25 20:47:25 christos Exp $ */ +/* $NetBSD: ntp_crypto.c,v 1.17 2023/05/09 20:51:14 christos Exp $ */ /* * ntp_crypto.c - NTP version 4 public key routines @@ -836,7 +836,7 @@ crypto_recv( * errors. */ if (vallen == (u_int)EVP_PKEY_size(host_pkey)) { - RSA *rsa = EVP_PKEY_get0_RSA(host_pkey); + RSA *rsa = __UNCONST(EVP_PKEY_get0_RSA(host_pkey)); u_int32 *cookiebuf = malloc(RSA_size(rsa)); if (!cookiebuf) { rval = XEVNT_CKY; @@ -1613,7 +1613,7 @@ crypto_encrypt( puch = vp->ptr; temp32 = htonl(*cookie); if (RSA_public_encrypt(4, (u_char *)&temp32, puch, - EVP_PKEY_get0_RSA(pkey), RSA_PKCS1_OAEP_PADDING) <= 0) { + __UNCONST(EVP_PKEY_get0_RSA(pkey)), RSA_PKCS1_OAEP_PADDING) <= 0) { msyslog(LOG_ERR, "crypto_encrypt: %s", ERR_error_string(ERR_get_error(), NULL)); free(vp->ptr); @@ -2186,7 +2186,7 @@ crypto_alice( return (XEVNT_ID); } - if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) { + if ((dsa = __UNCONST(EVP_PKEY_get0_DSA(peer->ident_pkey->pkey))) == NULL) { msyslog(LOG_NOTICE, "crypto_alice: defective key"); return (XEVNT_PUB); } @@ -2264,7 +2264,7 @@ crypto_bob( msyslog(LOG_NOTICE, "crypto_bob: scheme unavailable"); return (XEVNT_ID); } - dsa = EVP_PKEY_get0_DSA(iffkey_info->pkey); + dsa = __UNCONST(EVP_PKEY_get0_DSA(iffkey_info->pkey)); DSA_get0_pqg(dsa, &p, &q, &g); DSA_get0_key(dsa, NULL, &priv_key); @@ -2383,7 +2383,7 @@ crypto_iff( ntohl(ep->fstamp)); return (XEVNT_FSP); } - if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) { + if ((dsa = __UNCONST(EVP_PKEY_get0_DSA(peer->ident_pkey->pkey))) == NULL) { msyslog(LOG_NOTICE, "crypto_iff: defective key"); return (XEVNT_PUB); } @@ -2516,7 +2516,7 @@ crypto_alice2( if (peer->ident_pkey == NULL) return (XEVNT_ID); - if ((rsa = EVP_PKEY_get0_RSA(peer->ident_pkey->pkey)) == NULL) { + if ((rsa = __UNCONST(EVP_PKEY_get0_RSA(peer->ident_pkey->pkey))) == NULL) { msyslog(LOG_NOTICE, "crypto_alice2: defective key"); return (XEVNT_PUB); } @@ -2594,7 +2594,7 @@ crypto_bob2( msyslog(LOG_NOTICE, "crypto_bob2: scheme unavailable"); return (XEVNT_ID); } - rsa = EVP_PKEY_get0_RSA(gqkey_info->pkey); + rsa = __UNCONST(EVP_PKEY_get0_RSA(gqkey_info->pkey)); RSA_get0_key(rsa, &n, &p, &e); /* @@ -2707,7 +2707,7 @@ crypto_gq( ntohl(ep->fstamp)); return (XEVNT_FSP); } - if ((rsa = EVP_PKEY_get0_RSA(peer->ident_pkey->pkey)) == NULL) { + if ((rsa = __UNCONST(EVP_PKEY_get0_RSA(peer->ident_pkey->pkey))) == NULL) { msyslog(LOG_NOTICE, "crypto_gq: defective key"); return (XEVNT_PUB); } @@ -2860,7 +2860,7 @@ crypto_alice3( if (peer->ident_pkey == NULL) return (XEVNT_ID); - if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) { + if ((dsa = __UNCONST(EVP_PKEY_get0_DSA(peer->ident_pkey->pkey))) == NULL) { msyslog(LOG_NOTICE, "crypto_alice3: defective key"); return (XEVNT_PUB); } @@ -2938,7 +2938,7 @@ crypto_bob3( msyslog(LOG_NOTICE, "crypto_bob3: scheme unavailable"); return (XEVNT_ID); } - dsa = EVP_PKEY_get0_DSA(mvkey_info->pkey); + dsa = __UNCONST(EVP_PKEY_get0_DSA(mvkey_info->pkey)); DSA_get0_pqg(dsa, &p, &q, &g); DSA_get0_key(dsa, &pub_key, &priv_key); @@ -3058,7 +3058,7 @@ crypto_mv( ntohl(ep->fstamp)); return (XEVNT_FSP); } - if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) { + if ((dsa = __UNCONST(EVP_PKEY_get0_DSA(peer->ident_pkey->pkey))) == NULL) { msyslog(LOG_NOTICE, "crypto_mv: defective key"); return (XEVNT_PUB); } diff --git a/external/bsd/ntp/dist/util/ntp-keygen.c b/external/bsd/ntp/dist/util/ntp-keygen.c index cff49df3c91f..5856b18c7974 100644 --- a/external/bsd/ntp/dist/util/ntp-keygen.c +++ b/external/bsd/ntp/dist/util/ntp-keygen.c @@ -1,4 +1,4 @@ -/* $NetBSD: ntp-keygen.c,v 1.14 2020/05/27 23:52:20 christos Exp $ */ +/* $NetBSD: ntp-keygen.c,v 1.15 2023/05/09 20:51:15 christos Exp $ */ /* * Program to generate cryptographic keys for ntp clients and servers @@ -645,7 +645,7 @@ main( RSA *rsa; const BIGNUM *q; - rsa = EVP_PKEY_get0_RSA(pkey_gqkey); + rsa = __UNCONST(EVP_PKEY_get0_RSA(pkey_gqkey)); RSA_get0_factors(rsa, NULL, &q); grpkey = BN_bn2hex(q); } @@ -666,7 +666,7 @@ main( ctime(&epoch)); /* XXX: This modifies the private key and should probably use a * copy of it instead. */ - rsa = EVP_PKEY_get0_RSA(pkey_gqkey); + rsa = __UNCONST(EVP_PKEY_get0_RSA(pkey_gqkey)); RSA_set0_factors(rsa, BN_dup(BN_value_one()), BN_dup(BN_value_one())); pkey = EVP_PKEY_new(); EVP_PKEY_assign_RSA(pkey, rsa); @@ -689,7 +689,7 @@ main( filename); fprintf(stdout, "# %s\n# %s\n", filename, ctime(&epoch)); - rsa = EVP_PKEY_get0_RSA(pkey_gqkey); + rsa = __UNCONST(EVP_PKEY_get0_RSA(pkey_gqkey)); pkey = EVP_PKEY_new(); EVP_PKEY_assign_RSA(pkey, rsa); PEM_write_PKCS8PrivateKey(stdout, pkey, cipher, NULL, 0, @@ -732,7 +732,7 @@ main( ctime(&epoch)); /* XXX: This modifies the private key and should probably use a * copy of it instead. */ - dsa = EVP_PKEY_get0_DSA(pkey_iffkey); + dsa = __UNCONST(EVP_PKEY_get0_DSA(pkey_iffkey)); DSA_set0_key(dsa, NULL, BN_dup(BN_value_one())); pkey = EVP_PKEY_new(); EVP_PKEY_assign_DSA(pkey, dsa); @@ -755,7 +755,7 @@ main( filename); fprintf(stdout, "# %s\n# %s\n", filename, ctime(&epoch)); - dsa = EVP_PKEY_get0_DSA(pkey_iffkey); + dsa = __UNCONST(EVP_PKEY_get0_DSA(pkey_iffkey)); pkey = EVP_PKEY_new(); EVP_PKEY_assign_DSA(pkey, dsa); PEM_write_PKCS8PrivateKey(stdout, pkey, cipher, NULL, 0,