Merge pull request #7146 from heitbaum/network-tools10

[le10] network-tools: update addon (119)
This commit is contained in:
CvH 2022-11-22 21:41:27 +01:00 committed by GitHub
commit 659de079dc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 606 additions and 92 deletions

View File

@ -2,8 +2,8 @@
# Copyright (C) 2016-present Team LibreELEC (https://libreelec.tv)
PKG_NAME="irssi"
PKG_VERSION="1.2.3"
PKG_SHA256="a647bfefed14d2221fa77b6edac594934dc672c4a560417b1abcbbc6b88d769f"
PKG_VERSION="1.4.3"
PKG_SHA256="b93f715223a322e67f42b61a08a512ae29e34bd4a53d7f223766660aaa5a0434"
PKG_LICENSE="GPL"
PKG_SITE="http://www.irssi.org/"
PKG_URL="https://github.com/irssi/irssi/releases/download/${PKG_VERSION}/${PKG_NAME}-${PKG_VERSION}.tar.xz"
@ -11,14 +11,7 @@ PKG_DEPENDS_TARGET="toolchain glib ncurses openssl"
PKG_LONGDESC="Irssi is a terminal based IRC client for UNIX systems."
PKG_BUILD_FLAGS="-sysroot"
PKG_CONFIGURE_OPTS_TARGET="--with-sysroot=${SYSROOT_PREFIX} \
--disable-glibtest \
--without-socks \
--with-textui \
--without-bot \
--without-proxy \
--without-perl"
pre_configure_target() {
export CFLAGS="${CFLAGS} -I${PKG_BUILD}"
}
PKG_MESON_OPTS_TARGET="-Dwithout-textui=no \
-Dwith-bot=no \
-Dwith-proxy=no \
-Dwith-perl=no"

View File

@ -7,13 +7,14 @@ PKG_SHA256="500c29914dd26f5aa6df07446388d49b60249622c9b0fd1f266f62a5706f056c"
PKG_LICENSE="GPL"
PKG_SITE="https://github.com/jpr5/ngrep"
PKG_URL="https://github.com/jpr5/ngrep/archive/${PKG_VERSION}.tar.gz"
PKG_DEPENDS_TARGET="toolchain libpcap"
PKG_DEPENDS_TARGET="toolchain libpcap pcre2"
PKG_LONGDESC="A tool like GNU grep applied to the network layer."
PKG_TOOLCHAIN="autotools"
PKG_BUILD_FLAGS="-sysroot -parallel"
PKG_CONFIGURE_OPTS_TARGET="--with-pcap-includes=${SYSROOT_PREFIX}/usr/include \
--enable-ipv6 \
--enable-pcre2 \
--disable-dropprivs"
pre_build_target() {

View File

@ -0,0 +1,252 @@
From cfcf1e6e9c4f8a2404810d8d1d90e6d1eaa0abdd Mon Sep 17 00:00:00 2001
From: Romain Francoise <romain@rfr.io>
Date: Sat, 20 Nov 2021 23:28:15 +0100
Subject: [PATCH] Port to PCRE2 API and enable JIT compilation
The original PCRE API provided on most systems by libpcre3 is no longer
maintained upstream and is superseded by the new PCRE2 API, which was
first released in 2015. pcre3 will be removed from Debian in 2023, as
noted in this bug report: https://bugs.debian.org/1000080
This commit replaces the existing PCRE implementation with a new one
using PCRE2, which is quite similar. One benefit is that PCRE2 provides
a JIT compiler which can replace the interpretive regular expression
evaluation code with native machine code on most modern platforms:
https://pcre.org/current/doc/html/pcre2jit.html
Depending on the length and complexity of the pattern used, enabling JIT
compilation makes Ngrep 50x to 150x faster, testing in quiet mode on a
multi-gigabyte PCAP file stored on tmpfs.
---
configure.in | 24 ++++++------
ngrep.c | 106 ++++++++++++++++++++++++++++++++++-----------------
2 files changed, 82 insertions(+), 48 deletions(-)
diff --git a/configure.in b/configure.in
index dbef39b..0806a62 100644
--- a/configure.in
+++ b/configure.in
@@ -141,16 +141,16 @@ dnl
REGEX_DIR=''
REGEX_OBJS=''
-AC_ARG_ENABLE(pcre,
-[ --enable-pcre use PCRE instead of GNU regex (default GNU)],
-[ use_pcre="$enableval" ],
-[ use_pcre="no" ])
-
-if test $use_pcre = yes; then
- USE_PCRE="1"
- EXTRA_LIBS="$EXTRA_LIBS -lpcre"
+AC_ARG_ENABLE(pcre2,
+[ --enable-pcre2 use PCRE2 instead of GNU regex (default GNU)],
+[ use_pcre2="$enableval" ],
+[ use_pcre2="no" ])
+
+if test $use_pcre2 = yes; then
+ USE_PCRE2="1"
+ EXTRA_LIBS="$EXTRA_LIBS -lpcre2-8"
else
- USE_PCRE="0"
+ USE_PCRE2="0"
AC_MSG_RESULT
AC_MSG_RESULT(Configuring GNU Regular Expression library ...)
@@ -476,7 +476,7 @@ dnl
AC_DEFINE_UNQUOTED(USE_PCAP_RESTART, $USE_PCAP_RESTART, [whether to call the BPF lexer restart function between multiple BPF filter compilation attempts (default no)])
AC_DEFINE_UNQUOTED(PCAP_RESTART_FUNC, $PCAP_RESTART_FUNC, [routine used for restarting the BPF lexer])
-AC_DEFINE_UNQUOTED(USE_PCRE, $USE_PCRE, [whether to use PCRE (default GNU Regex)])
+AC_DEFINE_UNQUOTED(USE_PCRE2, $USE_PCRE2, [whether to use PCRE2 (default GNU Regex)])
AC_DEFINE_UNQUOTED(USE_IPv6, $USE_IPv6, [whether to use IPv6 (default off)])
AC_DEFINE_UNQUOTED(USE_TCPKILL, $USE_TCPKILL, [whether to enable tcpkill functionality (default off)])
AC_DEFINE_UNQUOTED(USE_VLAN_HACK, $USE_VLAN_HACK, [whether to automatically include VLAN frames (default on)])
@@ -524,8 +524,8 @@ else
AC_MSG_RESULT(CONFIG: privilege dropping DISABLED)
fi
-if test "$USE_PCRE" = "1"; then
- AC_MSG_RESULT(CONFIG: using PCRE regex library)
+if test "$USE_PCRE2" = "1"; then
+ AC_MSG_RESULT(CONFIG: using PCRE2 regex library)
else
AC_MSG_RESULT(CONFIG: using GNU regex library)
fi
diff --git a/ngrep.c b/ngrep.c
index 3df9389..dcf0555 100644
--- a/ngrep.c
+++ b/ngrep.c
@@ -91,8 +91,9 @@
#include <netinet/icmp6.h>
#endif
-#if USE_PCRE
-#include <pcre.h>
+#if USE_PCRE2
+#define PCRE2_CODE_UNIT_WIDTH 8
+#include <pcre2.h>
#else
#include <regex.h>
#endif
@@ -128,12 +129,14 @@ char nonprint_char = '.';
* GNU Regex/PCRE
*/
-#if USE_PCRE
-int32_t err_offset;
-char *re_err = NULL;
+#if USE_PCRE2
+PCRE2_SIZE err_offset;
+int re_err;
-pcre *pattern = NULL;
-pcre_extra *pattern_extra = NULL;
+pcre2_code *re;
+pcre2_match_data *pcre2_md;
+PCRE2_SPTR pattern;
+uint32_t pcre2_jit_on = 0;
#else
const char *re_err = NULL;
@@ -189,6 +192,7 @@ uint32_t ws_row, ws_col = 80, ws_col_forced = 0;
int main(int argc, char **argv) {
int32_t c;
+ const char *extra = "";
signal(SIGINT, clean_exit);
signal(SIGABRT, clean_exit);
@@ -394,8 +398,12 @@ int main(int argc, char **argv) {
if (setup_matcher())
clean_exit(2);
+#if USE_PCRE2
+ if (pcre2_jit_on)
+ extra = " (JIT)";
+#endif
if (quiet < 2 && strlen(match_data))
- printf("%smatch: %s%s\n", invert_match?"don't ":"",
+ printf("%smatch%s: %s%s\n", invert_match?"don't ":"", extra,
(bin_data && !strchr(match_data, 'x'))?"0x":"", match_data);
if (re_match_word) free(match_data);
@@ -631,14 +639,14 @@ int setup_matcher(void) {
} else {
-#if USE_PCRE
- uint32_t pcre_options = PCRE_UNGREEDY;
+#if USE_PCRE2
+ uint32_t pcre_options = PCRE2_UNGREEDY;
if (re_ignore_case)
- pcre_options |= PCRE_CASELESS;
+ pcre_options |= PCRE2_CASELESS;
if (re_multiline_match)
- pcre_options |= PCRE_DOTALL;
+ pcre_options |= PCRE2_DOTALL;
#else
re_syntax_options = RE_CHAR_CLASSES | RE_NO_BK_PARENS | RE_NO_BK_VBAR |
RE_CONTEXT_INDEP_ANCHORS | RE_CONTEXT_INDEP_OPS;
@@ -673,15 +681,36 @@ int setup_matcher(void) {
match_data = word_regex;
}
-#if USE_PCRE
- pattern = pcre_compile(match_data, pcre_options, (const char **)&re_err, &err_offset, 0);
+#if USE_PCRE2
+ re = pcre2_compile((PCRE2_SPTR8)match_data, PCRE2_ZERO_TERMINATED,
+ pcre_options, &re_err, &err_offset, NULL);
+ if (!re) {
+ PCRE2_UCHAR buffer[256];
+ pcre2_get_error_message(re_err, buffer, sizeof(buffer));
+ fprintf(stderr, "regex compile failed: %s (offset: %zd)\n", buffer,
+ err_offset);
+ return 1;
+ }
- if (!pattern) {
- fprintf(stderr, "compile failed: %s\n", re_err);
+ pcre2_md = pcre2_match_data_create_from_pattern(re, NULL);
+ if (!pcre2_md) {
+ fprintf(stderr, "unable to alloc pcre2 match data\n");
return 1;
}
- pattern_extra = pcre_study(pattern, 0, (const char **)&re_err);
+ pcre2_config(PCRE2_CONFIG_JIT, &pcre2_jit_on);
+ if (pcre2_jit_on) {
+ int rc;
+ size_t jitsz;
+
+ if (pcre2_jit_compile(re, PCRE2_JIT_COMPLETE) != 0) {
+ fprintf(stderr, "unable to JIT-compile pcre2 regular expression\n");
+ return 1;
+ }
+ rc = pcre2_pattern_info(re, PCRE2_INFO_JITSIZE, &jitsz);
+ if (rc || jitsz == 0)
+ pcre2_jit_on = 0;
+ }
#else
re_err = re_compile_pattern(match_data, strlen(match_data), &pattern);
if (re_err) {
@@ -990,24 +1019,29 @@ void dump_packet(struct pcap_pkthdr *h, u_char *p, uint8_t proto, unsigned char
}
int8_t re_match_func(unsigned char *data, uint32_t len, uint16_t *mindex, uint16_t *msize) {
-#if USE_PCRE
-
- static int sub[2];
- switch(pcre_exec(pattern, 0, (char const *)data, (int32_t)len, 0, 0, 0, 0)) {
- case PCRE_ERROR_NULL:
- case PCRE_ERROR_BADOPTION:
- case PCRE_ERROR_BADMAGIC:
- case PCRE_ERROR_UNKNOWN_NODE:
- case PCRE_ERROR_NOMEMORY:
- perror("she's dead, jim\n");
- clean_exit(2);
+#if USE_PCRE2
+ int rc;
+ PCRE2_SIZE *ovector;
+ PCRE2_UCHAR errbuf[256];
- case PCRE_ERROR_NOMATCH:
- return 0;
+ if (pcre2_jit_on)
+ rc = pcre2_jit_match(re, data, len, 0, 0, pcre2_md, NULL);
+ else
+ rc = pcre2_match(re, data, len, 0, 0, pcre2_md, NULL);
- default:
- *mindex = sub[0];
- *msize = sub[1] - sub[0];
+ if (rc < 0) {
+ switch (rc) {
+ case PCRE2_ERROR_NOMATCH:
+ return 0;
+ default:
+ pcre2_get_error_message(rc, errbuf, sizeof(errbuf));
+ fprintf(stderr, "she's dead, jim: %s (error %d)\n", errbuf, rc);
+ clean_exit(2);
+ }
+ } else {
+ ovector = pcre2_get_ovector_pointer(pcre2_md);
+ *mindex = ovector[0];
+ *msize = ovector[1] - ovector[0];
}
#else
@@ -1479,9 +1513,9 @@ void clean_exit(int32_t sig) {
if (quiet < 1 && sig >= 0)
printf("exit\n");
-#if USE_PCRE
- if (pattern) pcre_free(pattern);
- if (pattern_extra) pcre_free(pattern_extra);
+#if USE_PCRE2
+ if (re) pcre2_code_free(re);
+ if (pcre2_md) pcre2_match_data_free(pcre2_md);
#else
if (pattern.translate) free(pattern.translate);
if (pattern.fastmap) free(pattern.fastmap);

View File

@ -2,8 +2,8 @@
# Copyright (C) 2016-present Team LibreELEC (https://libreelec.tv)
PKG_NAME="nmap"
PKG_VERSION="7.92"
PKG_SHA256="a5479f2f8a6b0b2516767d2f7189c386c1dc858d997167d7ec5cfc798c7571a1"
PKG_VERSION="7.93"
PKG_SHA256="55bcfe4793e25acc96ba4274d8c4228db550b8e8efd72004b38ec55a2dd16651"
PKG_LICENSE="GPL"
PKG_SITE="https://nmap.org/"
PKG_URL="https://nmap.org/dist/${PKG_NAME}-${PKG_VERSION}.tar.bz2"

View File

@ -0,0 +1,313 @@
From d6bea8dcdee36a3902cece14097993350306f1b6 Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Tue, 6 Sep 2022 22:39:34 +0000
Subject: [PATCH] Build based on OpenSSL version, not API level. Fixes #2516
---
ncat/http_digest.c | 2 +-
ncat/ncat_connect.c | 4 ++--
ncat/ncat_ssl.c | 6 +++---
ncat/ncat_ssl.h | 12 ------------
ncat/test/test-wildcard.c | 4 ++--
nse_openssl.cc | 28 +++++++---------------------
nse_ssl_cert.cc | 24 ++++++------------------
nsock/src/nsock_ssl.c | 4 ++--
nsock/src/nsock_ssl.h | 15 +--------------
9 files changed, 24 insertions(+), 75 deletions(-)
diff --git a/ncat/http_digest.c b/ncat/http_digest.c
index b5f80a920a..e6ff99175c 100644
--- a/ncat/http_digest.c
+++ b/ncat/http_digest.c
@@ -133,7 +133,7 @@ int http_digest_init_secret(void)
return 0;
}
-#if OPENSSL_API_LEVEL < 10100
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
#define EVP_MD_CTX_new EVP_MD_CTX_create
#define EVP_MD_CTX_free EVP_MD_CTX_destroy
#endif
diff --git a/ncat/ncat_connect.c b/ncat/ncat_connect.c
index 0e4b50761c..3dd3291fc9 100644
--- a/ncat/ncat_connect.c
+++ b/ncat/ncat_connect.c
@@ -82,8 +82,8 @@
#include <openssl/err.h>
/* Deprecated in OpenSSL 3.0 */
-#if OPENSSL_API_LEVEL >= 30000
-#define SSL_get_peer_certificate SSL_get1_peer_certificate
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+# define SSL_get_peer_certificate SSL_get1_peer_certificate
#endif
#endif
diff --git a/ncat/ncat_ssl.c b/ncat/ncat_ssl.c
index 9226b48116..3818bfecc5 100644
--- a/ncat/ncat_ssl.c
+++ b/ncat/ncat_ssl.c
@@ -80,7 +80,7 @@
#define FUNC_ASN1_STRING_data ASN1_STRING_data
#endif
-#if OPENSSL_API_LEVEL >= 30000
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
#include <openssl/provider.h>
/* Deprecated in OpenSSL 3.0 */
#define SSL_get_peer_certificate SSL_get1_peer_certificate
@@ -117,7 +117,7 @@ SSL_CTX *setup_ssl_listen(void)
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
SSL_load_error_strings();
-#elif OPENSSL_API_LEVEL >= 30000
+#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
{
loguser("OpenSSL legacy provider failed to load.\n");
@@ -477,7 +477,7 @@ static int ssl_gen_cert(X509 **cert, EVP_PKEY **key)
const char *commonName = "localhost";
char dNSName[128];
int rc;
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
int ret = 0;
RSA *rsa = NULL;
BIGNUM *bne = NULL;
diff --git a/ncat/ncat_ssl.h b/ncat/ncat_ssl.h
index fca0b17716..458736e271 100644
--- a/ncat/ncat_ssl.h
+++ b/ncat/ncat_ssl.h
@@ -67,18 +67,6 @@
#include <openssl/ssl.h>
#include <openssl/err.h>
-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
-#ifndef OPENSSL_API_LEVEL
-# if OPENSSL_API_COMPAT < 0x900000L
-# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
-# else
-# define OPENSSL_API_LEVEL \
- (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
- + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
- + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
-# endif
-#endif
-
#define NCAT_CA_CERTS_FILE "ca-bundle.crt"
enum {
diff --git a/ncat/test/test-wildcard.c b/ncat/test/test-wildcard.c
index 428ece71c7..fe55e1997e 100644
--- a/ncat/test/test-wildcard.c
+++ b/ncat/test/test-wildcard.c
@@ -20,7 +20,7 @@ are rejected. The SSL transactions happen over OpenSSL BIO pairs.
#include "ncat_core.h"
#include "ncat_ssl.h"
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
#include <openssl/bn.h>
#endif
@@ -294,7 +294,7 @@ static int set_dNSNames(X509 *cert, const struct lstr dNSNames[])
static int gen_cert(X509 **cert, EVP_PKEY **key,
const struct lstr commonNames[], const struct lstr dNSNames[])
{
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
int rc, ret=0;
RSA *rsa = NULL;
BIGNUM *bne = NULL;
diff --git a/nse_openssl.cc b/nse_openssl.cc
index 3ee5d73d3f..0f5b450e0c 100644
--- a/nse_openssl.cc
+++ b/nse_openssl.cc
@@ -20,6 +20,9 @@
#define FUNC_EVP_CIPHER_CTX_init EVP_CIPHER_CTX_reset
#define FUNC_EVP_CIPHER_CTX_cleanup EVP_CIPHER_CTX_reset
#define PASS_EVP_CTX(ctx) (ctx)
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+# include <openssl/provider.h>
+#endif
#else
#define FUNC_EVP_MD_CTX_init EVP_MD_CTX_init
#define FUNC_EVP_MD_CTX_cleanup EVP_MD_CTX_cleanup
@@ -37,23 +40,6 @@ extern NmapOps o;
#include "nse_openssl.h"
-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
-#ifndef OPENSSL_API_LEVEL
-# if OPENSSL_API_COMPAT < 0x900000L
-# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
-# else
-# define OPENSSL_API_LEVEL \
- (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
- + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
- + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
-# endif
-#endif
-
-
-#if OPENSSL_API_LEVEL >= 30000
-#include <openssl/provider.h>
-#endif
-
#define NSE_SSL_LUA_ERR(_L) \
luaL_error(_L, "OpenSSL error: %s", ERR_error_string(ERR_get_error(), NULL))
@@ -184,7 +170,7 @@ static int l_bignum_is_prime( lua_State *L ) /** bignum_is_prime( BIGNUM p ) */
bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
BN_CTX * ctx = BN_CTX_new();
int is_prime =
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
#else
BN_check_prime( p->bn, ctx, NULL );
@@ -199,7 +185,7 @@ static int l_bignum_is_safe_prime( lua_State *L ) /** bignum_is_safe_prime( BIGN
bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
BN_CTX * ctx = BN_CTX_new();
int is_prime =
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
#else
BN_check_prime( p->bn, ctx, NULL );
@@ -210,7 +196,7 @@ static int l_bignum_is_safe_prime( lua_State *L ) /** bignum_is_safe_prime( BIGN
BN_sub_word( n, (BN_ULONG)1 );
BN_div_word( n, (BN_ULONG)2 );
is_safe =
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
BN_is_prime_ex( n, BN_prime_checks, ctx, NULL );
#else
BN_check_prime( n, ctx, NULL );
@@ -582,7 +568,7 @@ LUALIB_API int luaopen_openssl(lua_State *L) {
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined LIBRESSL_VERSION_NUMBER
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
-#elif OPENSSL_API_LEVEL >= 30000
+#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
if (NULL == OSSL_PROVIDER_load(NULL, "legacy") && o.debugging > 1)
{
// Legacy provider may not be available.
diff --git a/nse_ssl_cert.cc b/nse_ssl_cert.cc
index 5ae623a475..bc35019a1a 100644
--- a/nse_ssl_cert.cc
+++ b/nse_ssl_cert.cc
@@ -89,19 +89,7 @@
#define X509_get0_notAfter X509_get_notAfter
#endif
-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
-#ifndef OPENSSL_API_LEVEL
-# if OPENSSL_API_COMPAT < 0x900000L
-# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
-# else
-# define OPENSSL_API_LEVEL \
- (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
- + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
- + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
-# endif
-#endif
-
-#if OPENSSL_API_LEVEL >= 30000
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
#include <openssl/core_names.h>
/* Deprecated in OpenSSL 3.0 */
#define SSL_get_peer_certificate SSL_get1_peer_certificate
@@ -459,7 +447,7 @@ static const char *pkey_type_to_string(int type)
}
int lua_push_ecdhparams(lua_State *L, EVP_PKEY *pubkey) {
-#if OPENSSL_API_LEVEL >= 30000
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
char tmp[64] = {0};
size_t len = 0;
/* This structure (ecdhparams.curve_params) comes from tls.lua */
@@ -634,7 +622,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
else
#endif
if (pkey_type == EVP_PKEY_RSA) {
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
RSA *rsa = EVP_PKEY_get1_RSA(pubkey);
if (rsa) {
#endif
@@ -643,7 +631,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
luaL_getmetatable( L, "BIGNUM" );
lua_setmetatable( L, -2 );
#if HAVE_OPAQUE_STRUCTS
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
const BIGNUM *n = NULL, *e = NULL;
data->should_free = false;
RSA_get0_key(rsa, &n, &e, NULL);
@@ -663,7 +651,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
luaL_getmetatable( L, "BIGNUM" );
lua_setmetatable( L, -2 );
#if HAVE_OPAQUE_STRUCTS
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
data->should_free = false;
#else
data->should_free = true;
@@ -673,7 +661,7 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
data->bn = rsa->n;
#endif
lua_setfield(L, -2, "modulus");
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
RSA_free(rsa);
}
#endif
diff --git a/nsock/src/nsock_ssl.c b/nsock/src/nsock_ssl.c
index 1ef7d521f0..23db5513ea 100644
--- a/nsock/src/nsock_ssl.c
+++ b/nsock/src/nsock_ssl.c
@@ -64,7 +64,7 @@
#include "netutils.h"
#if HAVE_OPENSSL
-#if OPENSSL_API_LEVEL >= 30000
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
#include <openssl/provider.h>
#endif
@@ -120,7 +120,7 @@ static SSL_CTX *ssl_init_helper(const SSL_METHOD *method) {
SSL_library_init();
#else
OPENSSL_atexit(nsock_ssl_atexit);
-#if OPENSSL_API_LEVEL >= 30000
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
{
nsock_log_error("OpenSSL legacy provider failed to load.\n");
diff --git a/nsock/src/nsock_ssl.h b/nsock/src/nsock_ssl.h
index bb99b1b5e1..1af473d629 100644
--- a/nsock/src/nsock_ssl.h
+++ b/nsock/src/nsock_ssl.h
@@ -69,20 +69,7 @@
#include <openssl/err.h>
#include <openssl/rand.h>
-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
-#ifndef OPENSSL_API_LEVEL
-# if OPENSSL_API_COMPAT < 0x900000L
-# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
-# else
-# define OPENSSL_API_LEVEL \
- (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
- + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
- + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
-# endif
-#endif
-
-
-#if OPENSSL_API_LEVEL >= 30000
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
/* Deprecated in OpenSSL 3.0 */
#define SSL_get_peer_certificate SSL_get1_peer_certificate
#endif

View File

@ -1,3 +1,12 @@
119
- irssi: update to 1.4.3 and meson build
- ngrep: update to using pcre2
- nmap: update to 7.93
- rsync: update to 3.2.7
115-118
- not released for LibreELEC 10.0
114
- nmap: update to 7.92 and HSTS

View File

@ -3,7 +3,7 @@
PKG_NAME="network-tools"
PKG_VERSION="1.0"
PKG_REV="114"
PKG_REV="119"
PKG_ARCH="any"
PKG_LICENSE="GPL"
PKG_SITE="https://libreelec.tv"

View File

@ -2,35 +2,46 @@
# Copyright (C) 2016-present Team LibreELEC (https://libreelec.tv)
PKG_NAME="rsync"
PKG_VERSION="3.2.3"
PKG_SHA256="becc3c504ceea499f4167a260040ccf4d9f2ef9499ad5683c179a697146ce50e"
PKG_VERSION="3.2.7"
PKG_SHA256="4e7d9d3f6ed10878c58c5fb724a67dacf4b6aac7340b13e488fb2dc41346f2bb"
PKG_LICENSE="GPLv3"
PKG_SITE="http://www.samba.org/ftp/rsync/rsync.html"
PKG_SITE="https://rsync.samba.org"
PKG_URL="https://download.samba.org/pub/rsync/src/${PKG_NAME}-${PKG_VERSION}.tar.gz"
PKG_DEPENDS_HOST="autotools:host zlib:host zstd:host"
PKG_DEPENDS_HOST="autotools:host zlib:host"
PKG_DEPENDS_TARGET="toolchain zlib openssl"
PKG_LONGDESC="A very fast method for bringing remote files into sync."
PKG_BUILD_FLAGS="-sysroot"
PKG_CONFIGURE_OPTS_HOST="--with-included-popt \
--without-included-zlib \
PKG_CONFIGURE_OPTS_HOST="--disable-md2man \
--disable-ipv6 \
--disable-openssl \
--disable-xxhash \
--disable-zstd \
--disable-lz4 \
--enable-zstd \
--disable-xxhash"
--disable-iconv \
--with-included-popt \
--without-included-zlib"
PKG_CONFIGURE_OPTS_TARGET="--disable-acl-support \
--disable-asm \
--disable-md5-asm \
--enable-openssl \
--disable-lz4 \
--disable-md2man \
--disable-simd \
--disable-roll-simd \
--disable-xattr-support \
--disable-xxhash \
--disable-zstd \
--with-included-popt \
--without-included-zlib"
pre_configure_host() {
HOST_CONFIGURE_OPTS=$(echo ${HOST_CONFIGURE_OPTS} | sed -e "s|--disable-static||" -e "s|--enable-shared||")
}
pre_configure_target() {
TARGET_CONFIGURE_OPTS=$(echo ${TARGET_CONFIGURE_OPTS} | sed -e "s|--disable-static||" -e "s|--enable-shared||")
}
pre_make_host() {
# do not detect LE git version
echo "#define RSYNC_GITVER \"${PKG_VERSION}\"" >git-version.h

View File

@ -1,65 +0,0 @@
From 0b187830db0e88d7d5e21a2d2d6040d64fed34c3 Mon Sep 17 00:00:00 2001
From: Wayne Davison <wayne@opencoder.net>
Date: Fri, 30 Oct 2020 15:51:24 -0700
Subject: [PATCH] Work around glibc's lchmod() issue a better way.
---
syscall.c | 34 +++++++++++++++++++++-------------
1 file changed, 21 insertions(+), 13 deletions(-)
diff --git a/syscall.c b/syscall.c
index b9c3b4ef..11d10e4a 100644
--- a/syscall.c
+++ b/syscall.c
@@ -227,27 +227,35 @@ int do_open(const char *pathname, int flags, mode_t mode)
#ifdef HAVE_CHMOD
int do_chmod(const char *path, mode_t mode)
{
+ static int switch_step = 0;
int code;
if (dry_run) return 0;
RETURN_ERROR_IF_RO_OR_LO;
+ switch (switch_step) {
#ifdef HAVE_LCHMOD
- code = lchmod(path, mode & CHMOD_BITS);
-#else
- if (S_ISLNK(mode)) {
+#include "case_N.h"
+ if ((code = lchmod(path, mode & CHMOD_BITS)) == 0 || errno != ENOTSUP)
+ break;
+ switch_step++;
+#endif
+
+#include "case_N.h"
+ if (S_ISLNK(mode)) {
# if defined HAVE_SETATTRLIST
- struct attrlist attrList;
- uint32_t m = mode & CHMOD_BITS; /* manpage is wrong: not mode_t! */
+ struct attrlist attrList;
+ uint32_t m = mode & CHMOD_BITS; /* manpage is wrong: not mode_t! */
- memset(&attrList, 0, sizeof attrList);
- attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
- attrList.commonattr = ATTR_CMN_ACCESSMASK;
- code = setattrlist(path, &attrList, &m, sizeof m, FSOPT_NOFOLLOW);
+ memset(&attrList, 0, sizeof attrList);
+ attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
+ attrList.commonattr = ATTR_CMN_ACCESSMASK;
+ code = setattrlist(path, &attrList, &m, sizeof m, FSOPT_NOFOLLOW);
# else
- code = 1;
+ code = 1;
# endif
- } else
- code = chmod(path, mode & CHMOD_BITS); /* DISCOURAGED FUNCTION */
-#endif /* !HAVE_LCHMOD */
+ } else
+ code = chmod(path, mode & CHMOD_BITS); /* DISCOURAGED FUNCTION */
+ break;
+ }
if (code != 0 && (preserve_perms || preserve_executability))
return code;
return 0;
--
2.33.0