update to 5.9 [release 5.9-1mamba;Mon Dec 07 2020]

This commit is contained in:
Silvan Calarco 2024-01-06 07:35:05 +01:00
parent aa8860ea30
commit cfb0cdac85
6 changed files with 259 additions and 195 deletions

View File

@ -0,0 +1,171 @@
net-snmp build fails on Debian 9 with OpenSSL 1.1.0
With these changes, net-snmp builds with both
OpenSSL 1.0.x and 1.1.x.
Author: Sharmila Podury <sharmila.podury@brocade.com>
--- a/apps/snmpusm.c
+++ b/apps/snmpusm.c
@@ -125,6 +125,32 @@ char *usmUserPublic_val = NULL
int docreateandwait = 0;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+
+#include <string.h>
+#include <openssl/engine.h>
+
+void DH_get0_pqg(const DH *dh,
+ const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
+{
+ if (p != NULL)
+ *p = dh->p;
+ if (q != NULL)
+ *q = dh->q;
+ if (g != NULL)
+ *g = dh->g;
+}
+
+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
+{
+ if (pub_key != NULL)
+ *pub_key = dh->pub_key;
+ if (priv_key != NULL)
+ *priv_key = dh->priv_key;
+}
+
+#endif
+
void
usage(void)
{
@@ -190,7 +216,7 @@ get_USM_DH_key(netsnmp_variable_list *va
oid *keyoid, size_t keyoid_len) {
u_char *dhkeychange;
DH *dh;
- BIGNUM *other_pub;
+ BIGNUM *p, *g, *pub_key, *other_pub;
u_char *key;
size_t key_len;
@@ -205,25 +231,29 @@ get_USM_DH_key(netsnmp_variable_list *va
dh = d2i_DHparams(NULL, &cp, dhvar->val_len);
}
- if (!dh || !dh->g || !dh->p) {
+ if (dh)
+ DH_get0_pqg(dh, &p, NULL, &g);
+
+ if (!dh || !g || !p) {
SNMP_FREE(dhkeychange);
return SNMPERR_GENERR;
}
- DH_generate_key(dh);
- if (!dh->pub_key) {
+ if (!DH_generate_key(dh)) {
SNMP_FREE(dhkeychange);
return SNMPERR_GENERR;
}
- if (vars->val_len != (unsigned int)BN_num_bytes(dh->pub_key)) {
+ DH_get0_key(dh, &pub_key, NULL);
+
+ if (vars->val_len != (unsigned int)BN_num_bytes(pub_key)) {
SNMP_FREE(dhkeychange);
fprintf(stderr,"incorrect diffie-helman lengths (%lu != %d)\n",
- (unsigned long)vars->val_len, BN_num_bytes(dh->pub_key));
+ (unsigned long)vars->val_len, BN_num_bytes(pub_key));
return SNMPERR_GENERR;
}
- BN_bn2bin(dh->pub_key, dhkeychange + vars->val_len);
+ BN_bn2bin(pub_key, dhkeychange + vars->val_len);
key_len = DH_size(dh);
if (!key_len) {
--- a/configure.d/config_os_libs2
+++ b/configure.d/config_os_libs2
@@ -327,10 +327,16 @@ if test "x$tryopenssl" != "xno" -a "x$tr
[[#include <openssl/evp.h>]])
AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_create,
- AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [],
+ AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [1],
[Define to 1 if you have the `EVP_MD_CTX_create' function.])
- AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [],
+ AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [1],
[Define to 1 if you have the `EVP_MD_CTX_destroy' function.]))
+
+ AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_new,
+ AC_DEFINE([HAVE_EVP_MD_CTX_NEW], [1],
+ [Define to 1 if you have the `EVP_MD_CTX_new' function.])
+ AC_DEFINE([HAVE_EVP_MD_CTX_FREE], [1],
+ [Define to 1 if you have the `EVP_MD_CTX_free' function.]))
fi
if echo " $transport_result_list " | $GREP "DTLS" > /dev/null; then
AC_CHECK_LIB(ssl, DTLSv1_method,
--- a/include/net-snmp/net-snmp-config.h.in
+++ b/include/net-snmp/net-snmp-config.h.in
@@ -164,6 +164,12 @@
/* Define to 1 if you have the `EVP_MD_CTX_destroy' function. */
#undef HAVE_EVP_MD_CTX_DESTROY
+/* Define to 1 if you have the `EVP_MD_CTX_free' function. */
+#undef HAVE_EVP_MD_CTX_FREE
+
+/* Define to 1 if you have the `EVP_MD_CTX_new' function. */
+#undef HAVE_EVP_MD_CTX_NEW
+
/* Define if you have EVP_sha224/256 in openssl */
#undef HAVE_EVP_SHA224
--- a/snmplib/keytools.c
+++ b/snmplib/keytools.c
@@ -176,7 +176,9 @@ generate_Ku(const oid * hashtype, u_int
QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
}
-#ifdef HAVE_EVP_MD_CTX_CREATE
+#ifdef HAVE_EVP_MD_CTX_NEW
+ ctx = EVP_MD_CTX_new();
+#elif HAVE_EVP_MD_CTX_CREATE
ctx = EVP_MD_CTX_create();
#else
ctx = malloc(sizeof(*ctx));
@@ -278,7 +280,9 @@ generate_Ku(const oid * hashtype, u_int
memset(buf, 0, sizeof(buf));
#ifdef NETSNMP_USE_OPENSSL
if (ctx) {
-#ifdef HAVE_EVP_MD_CTX_DESTROY
+#ifdef HAVE_EVP_MD_CTX_FREE
+ EVP_MD_CTX_free(ctx);
+#elif HAVE_EVP_MD_CTX_DESTROY
EVP_MD_CTX_destroy(ctx);
#else
EVP_MD_CTX_cleanup(ctx);
--- a/snmplib/scapi.c
+++ b/snmplib/scapi.c
@@ -627,7 +627,9 @@ sc_hash(const oid * hashtype, size_t has
return SNMPERR_GENERR;
/** initialize the pointer */
-#ifdef HAVE_EVP_MD_CTX_CREATE
+#ifdef HAVE_EVP_MD_CTX_NEW
+ cptr = EVP_MD_CTX_new();
+#elif HAVE_EVP_MD_CTX_CREATE
cptr = EVP_MD_CTX_create();
#else
cptr = malloc(sizeof(*cptr));
@@ -648,7 +650,9 @@ sc_hash(const oid * hashtype, size_t has
/** do the final pass */
EVP_DigestFinal(cptr, MAC, &tmp_len);
*MAC_len = tmp_len;
-#ifdef HAVE_EVP_MD_CTX_DESTROY
+#ifdef HAVE_EVP_MD_CTX_FREE
+ EVP_MD_CTX_free(cptr);
+#elif HAVE_EVP_MD_CTX_DESTROY
EVP_MD_CTX_destroy(cptr);
#else
#if !defined(OLD_DES)

View File

@ -1,8 +1,8 @@
%define perl_major_ver %(eval `perl -V:version`; echo ${version%*.[0-9]*}.0)
Name: net-snmp
Version: 5.7.3
Release: 2mamba
Version: 5.9
Release: 1mamba
Summary: net-snmp is an extensible SNMP agent and library and more
Group: Network/Monitoring
Vendor: openmamba
@ -10,29 +10,47 @@ Distribution: openmamba
Packager: Silvan Calarco <silvan.calarco@mambasoft.it>
URL: http://net-snmp.sourceforge.net/
Source0: http://downloads.sourceforge.net/sourceforge/net-snmp/net-snmp-%{version}.tar.gz
Source1: net-snmpd.initscript
Source2: net-snmptrapd.initscript
Source1: snmpd.service
Source2: snmptrapd.service
Source3: net-snmpd.logrotate
Source4: net-snmptrapd.logrotate
Patch0: net-snmp-5.7.3-perl-5.24.patch
Patch1: net-snmp-5.7.3-perl-5.24-2.patch
Patch2: net-snmp-5.7.3-openssl-1.1.patch
License: BSD
## AUTOBUILDREQ-BEGIN
BuildRequires: glibc-devel
BuildRequires: ldconfig
BuildRequires: libbzip2-devel
BuildRequires: libdb53-devel
BuildRequires: libe2fs-devel
BuildRequires: libelf-devel
BuildRequires: libkrb5-devel
BuildRequires: liblzma-devel
BuildRequires: libncurses-devel
BuildRequires: libnl-devel
BuildRequires: libnsl-devel
BuildRequires: libnss-devel
BuildRequires: libopenssl-devel
BuildRequires: libpcap-devel
BuildRequires: libpci-devel
BuildRequires: libpcre-devel
BuildRequires: libperl
BuildRequires: libpython-devel
BuildRequires: libpython27-devel
BuildRequires: libpopt-devel
BuildRequires: libpython3-devel
BuildRequires: librpm-devel
BuildRequires: libtirpc-devel
BuildRequires: libwrap-devel
BuildRequires: libz-devel
BuildRequires: libzstd-devel
BuildRequires: perl-JSON
BuildRequires: perl-Mail-Sender
BuildRequires: perl-devel
BuildRequires: python3
## AUTOBUILDREQ-END
BuildRequires: elfutils-devel
BuildRequires: libbzip2-devel
BuildRequires: lm_sensors-devel
BuildRequires: python-devel
BuildRequires: python-setuptools >= 0.6c5
BuildRequires: python-setuptools-py3 >= 0.6c5
Requires: libnetsnmp = %{?epoch:%epoch:}%{version}-%{release}
Requires: perl >= %{perl_major_ver}
Requires: perl-Term-ReadKey
@ -131,14 +149,18 @@ Net-SNMP includes various tools relating to the Simple Network Management Protoc
This package is originally based on the Carnegie Mellon University SNMP implementation (version 2.1.2.1), but has developed significantly since then.
This package contains the netsnmp Python module.
%debug_package
%prep
%setup -q
%patch0 -p1
%patch1 -p1
#-D -T
#:<< _EOF
sed -i "s,| arm-\* |,| aarch64-\* | arm-\* |," config.sub
sed -i "s|PYMAKE=python|PYMAKE=%{__python}|" Makefile.in
sed -i "s|PYMAKE=python|PYMAKE=%{__python3}|" Makefile.in
%build
#:<< _EOF
# see: net-snmp-%{version}/configure --help
MIBS="\
smux etherlike-mib sctp-mib tcp-mib rmon-mib udp-mib \
@ -172,9 +194,9 @@ ucd-snmp/diskio"
find perl/blib -type f -name "*.so" -print -exec chrpath --delete {} \;
# compile python module
pushd python
%{__python} setup.py --basedir="../" build
popd
cd python
%{__python3} setup.py --basedir="../" build
cd ..
%install
[ "%{buildroot}" != / ] && rm -rf "%{buildroot}"
@ -183,16 +205,16 @@ popd
ucdincludedir=%{_includedir}/ucd-snmp \
INSTALL_PREFIX=%{buildroot} \
PYMAKE="\
%{__python} setup.py install -O1 --skip-build \
--root %{buildroot} --install-lib=%{python_sitearch}"
%{__python3} setup.py install -O1 --skip-build \
--root %{buildroot} --install-lib=%{python3_sitearch}"
install -d %{buildroot}/var/lib/net-snmp
install -D -m 644 EXAMPLE.conf %{buildroot}%{_sysconfdir}/net-snmp/snmpd.conf
# > %{buildroot}%{_sysconfdir}/net-snmp/snmptrapd.conf
install -D -m 744 %{S:1} %{buildroot}%{_initrddir}/snmpd
install -D -m 744 %{S:2} %{buildroot}%{_initrddir}/snmptrapd
install -D -m 744 %{S:1} %{buildroot}%{_unitdir}/snmpd.service
install -D -m 744 %{S:2} %{buildroot}%{_unitdir}/snmptrapd.service
install -D -m 644 %{S:3} %{buildroot}%{_sysconfdir}/logrotate.d/snmpd
install -D -m 644 %{S:4} %{buildroot}%{_sysconfdir}/logrotate.d/snmptrapd
@ -215,53 +237,19 @@ rm -f %{buildroot}%{_bindir}/snmpcheck
rm -f .packlist
%post
if [ $1 -eq 1 ]; then
#new install
# NOTE: the domain name is used as keyword for the ro community
sed -i "s/^\(com2sec local .*\) COMMUNITY/\1 `hostname -d`/" \
%{_sysconfdir}/net-snmp/snmpd.conf
# . /etc/sysconfig/rc
# . $rc_networkfunctions
#
# get_interfaces_by_zone
# [ ${#ifzone_local[@]} -eq 0 ] && exit 0
#
# for i in `seq 1 ${#ifzone_local[@]}`; do
# get_interface_parameters ${ifzone_local[i-1]}
# if [ $? -ne 0 ]; then
# echo "\
#WARNING: could not determine network parameters for interface ${ifzone_local[i-1]}" 1>&2
# continue
# fi
#
# [ $i -eq 1 ] && sed -i "\
#s|^com2sec mynetwork .*|com2sec mynetwork $int_network/$int_netmask `hostname -d`|" \
# %{_sysconfdir}/net-snmp/snmpd.conf ||
# sed -i "/^com2sec mynetwork .*/a\\
#com2sec mynetwork $int_network/$int_netmask `hostname -d`" \
# %{_sysconfdir}/net-snmp/snmpd.conf
# done
fi
exit 0
%systemd_post snmpd
%systemd_post snmptrapd
:
%preun
#erase
if [ $1 -eq 0 ]; then
service snmpd stop >/dev/null 2>&1
service snmptrapd stop >/dev/null 2>&1
/sbin/chkconfig --del snmpd
/sbin/chkconfig --del snmptrapd
fi
exit 0
%systemd_preun snmpd
%systemd_preun snmptrapd
:
%postun
# upgrade
if [ $1 -eq 1 ]; then
service snmpd condrestart >/dev/null 2>&1
service snmptrapd condrestart >/dev/null 2>&1
fi
exit 0
%systemd_postun_with_restart snmpd
%systemd_postun_with_restart snmptrapd
:
%post -n libnetsnmp -p /sbin/ldconfig
%postun -n libnetsnmp -p /sbin/ldconfig
@ -271,12 +259,13 @@ exit 0
%dir %{_sysconfdir}/net-snmp
%config(noreplace) %{_sysconfdir}/net-snmp/*.conf
%{_bindir}/agentxtrap
%{_bindir}/checkbandwidth
%{_bindir}/net-snmp-create-v3-user
%{_bindir}/snmpconf
%{_sbindir}/snmpd
%{_sbindir}/snmptrapd
%{_initrddir}/snmpd
%{_initrddir}/snmptrapd
%{_unitdir}/snmpd.service
%{_unitdir}/snmptrapd.service
%config(noreplace) %{_sysconfdir}/logrotate.d/*
%{_mandir}/man[58]/snmp*d*
%{_mandir}/man5/snmp_config.*
@ -284,8 +273,7 @@ exit 0
%{_mandir}/man1/agentxtrap.*
%{_mandir}/man1/net-snmp-create-v3-user*
%{_mandir}/man1/snmpconf.*
%doc COPYING FAQ NEWS README
%doc README.agent-mibs README.agentx README.snmpv3 README.thread
%doc COPYING
%files gui
%defattr(-,root,root)
@ -333,9 +321,13 @@ exit 0
%{_libdir}/libnetsnmpmibs.so
%{_libdir}/libnetsnmptrapd.la
%{_libdir}/libnetsnmptrapd.so
%{_libdir}/pkgconfig/netsnmp-agent.pc
%{_libdir}/pkgconfig/netsnmp.pc
%{_mandir}/man3/*
%{_mandir}/man1/net-snmp-config*.1.*
%doc AGENT.txt ChangeLog CodingStyle PORTING README.thread TODO
%doc AGENT.txt ChangeLog CodingStyle TODO
%doc README.agent-mibs README.agentx README.snmpv3 README.thread
%doc FAQ NEWS README
%files -n perl-NetSNMP -f .packlist
%defattr(-,root,root)
@ -348,10 +340,13 @@ exit 0
%files -n python-netsnmp
%defattr(-,root,root)
%{python_sitearch}/netsnmp/
%{python_sitearch}/netsnmp_python-*/
%{python3_sitearch}/netsnmp/
%{python3_sitearch}/netsnmp_python-*/
%changelog
* Mon Dec 07 2020 Silvan Calarco <silvan.calarco@mambasoft.it> 5.9-1mamba
- update to 5.9
* Wed Nov 09 2016 Silvan Calarco <silvan.calarco@mambasoft.it> 5.7.3-2mamba
- rebuilt with perl 5.24

View File

@ -1,63 +0,0 @@
#! /bin/bash
#
# snmpd -- start/stop the Simple Network Management Protocol daemon
# chkconfig: 2345 55 15
# description: Simple Network Management Protocol
# processname: snmp
# pidfile: /var/run/snmp.pid
# config: /etc/net-snmp/snmpd.conf
# source function library
. /etc/sysconfig/rc
. $rc_functions
NAME=snmpd
DAEMON=/usr/sbin/$NAME
DAEMONPID=/var/run/$NAME.pid
DAEMONCONF=/etc/net-snmp/snmpd.conf
DAEMONLOG=/var/log/snmpd.log
OPTIONS="-Lsd -Lf $DAEMONLOG -c $DAEMONCONF -p $DAEMONPID -a"
[ -x $DAEMON ] || exit 0
[ -r /etc/sysconfig/$NAME ] && . /etc/sysconfig/$NAME
# check if the snmpd conf file is present
[ -r $DAEMONCONF ] || exit 0
RETVAL=0
case "$1" in
start)
echo -n $"Starting $NAME: "
daemon --pidfile=$DAEMONPID $DAEMON $OPTIONS
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$NAME
;;
stop)
echo -n $"Stopping $NAME: "
killproc -p $DAEMONPID $DAEMON
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$NAME $DAEMONPID
;;
restart|force-reload|reload)
$0 stop
sleep 1
$0 start
;;
condrestart)
[ -e /var/lock/subsys/$NAME ] && $0 restart
;;
status)
statusproc $DAEMON
RETVAL=$?
;;
*)
echo $"Usage: ""/etc/init.d/$NAME {start|stop|status|restart|condrestart}"
exit 1
;;
esac
exit $RETVAL

View File

@ -1,63 +0,0 @@
#! /bin/bash
#
# snmptrapd -- start/stop the Simple Network Management Protocol Trap daemon
# chkconfig: 2345 55 15
# description: Simple Network Management Protocol TRAP and INFORM messages
# processname: snmptrapd
# pidfile: /var/run/snmptrapd.pid
# config: /etc/net-snmp/snmptrapd.conf
# source function library
. /etc/sysconfig/rc
. $rc_functions
NAME=snmptrapd
DAEMON=/usr/sbin/$NAME
DAEMONPID=/var/run/$NAME.pid
DAEMONCONF=/etc/net-snmp/snmptrapd.conf
DAEMONLOG=/var/log/snmptrapd.log
OPTIONS="-Lf $DAEMONLOG -c $DAEMONCONF -p $DAEMONPID"
[ -x $DAEMON ] || exit 0
[ -r /etc/sysconfig/$NAME ] && . /etc/sysconfig/$NAME
# check if the snmpd conf file is present
[ -r $DAEMONCONF ] || exit 0
RETVAL=0
case "$1" in
start)
echo -n $"Starting $NAME: "
daemon --pidfile=$DAEMONPID $DAEMON $OPTIONS
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$NAME
;;
stop)
echo -n $"Stopping $NAME: "
killproc -p $DAEMONPID $DAEMON
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$NAME $DAEMONPID
;;
restart|force-reload|reload)
$0 stop
sleep 1
$0 start
;;
condrestart)
[ -e /var/lock/subsys/$NAME ] && $0 restart
;;
status)
statusproc $DAEMON
RETVAL=$?
;;
*)
echo $"Usage: ""/etc/init.d/$NAME {start|stop|status|restart|condrestart}"
exit 1
;;
esac
exit $RETVAL

12
snmpd.service Normal file
View File

@ -0,0 +1,12 @@
[Unit]
Description=Simple Network Management Protocol (SNMP) Daemon
After=syslog.target network.target
[Service]
Type=forking
PIDFile=/run/snmpd.pid
ExecStart=/usr/bin/snmpd -p /run/snmpd.pid
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target

12
snmptrapd.service Normal file
View File

@ -0,0 +1,12 @@
[Unit]
Description=Simple Network Management Protocol (SNMP) TRAP Daemon
After=syslog.target network.target
[Service]
Type=forking
PIDFile=/run/snmptrapd.pid
ExecStart=/usr/bin/snmptrapd -p /run/snmptrapd.pid
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target