Merge pull request #19340 from EricLuehrsen/nut-280
nut: update to 2.8.0
This commit is contained in:
Hannu Nyman
GitHub
commit
dd2874594c
2 changed files with 5 additions and 173 deletions
|
|
@ -8,12 +8,12 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=nut
|
||||
PKG_VERSION:=2.7.4
|
||||
PKG_RELEASE:=28
|
||||
PKG_VERSION:=2.8.0
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=http://www.networkupstools.org/source/2.7/
|
||||
PKG_HASH:=980e82918c52d364605c0703a5dcf01f74ad2ef06e3d365949e43b7d406d25a7
|
||||
PKG_SOURCE_URL:=http://www.networkupstools.org/source/2.8/
|
||||
PKG_HASH:=c3e5a708da797b7c70b653d37b1206a000fcb503b85519fe4cdf6353f792bfe5
|
||||
PKG_LICENSE:=GPL-2.0-or-later GPL-3.0-or-later GPL-1.0-or-later Artistic-1.0-Perl
|
||||
PKG_LICENSE_FILES:=LICENSE-GPL2 LICENSE-GPL3 COPYING
|
||||
PKG_FIXUP:=autoreconf
|
||||
|
|
@ -399,7 +399,7 @@ endef
|
|||
SERIAL_DRIVERLIST = al175 bcmxcp belkin belkinunv bestfcom \
|
||||
bestfortress bestuferrups bestups dummy-ups etapro everups \
|
||||
gamatronic genericups isbmex liebert liebert-esp2 masterguard metasys \
|
||||
oldmge-shut mge-utalk microdowell mge-shut oneac optiups powercom rhino \
|
||||
mge-utalk microdowell mge-shut oneac optiups powercom rhino \
|
||||
safenet skel solis tripplite tripplitesu upscode2 victronups powerpanel \
|
||||
blazer_ser clone clone-outlet ivtscd apcsmart apcsmart-old apcupsd-ups riello_ser \
|
||||
nutdrv_qx
|
||||
|
|
@ -459,8 +459,6 @@ $(eval $(call DriverDescription,serial,masterguard,\
|
|||
Driver for Masterguard UPS equipment))
|
||||
$(eval $(call DriverDescription,serial,metasys,\
|
||||
Driver for Meta System UPS equipment))
|
||||
$(eval $(call DriverDescription,serial,oldmge-shut,\
|
||||
Driver for SHUT Protocol UPS equipment, deprecated, use mge-shut))
|
||||
$(eval $(call DriverDescription,serial,mge-utalk,\
|
||||
Driver for MGE UPS SYSTEMS UTalk protocol equipment))
|
||||
$(eval $(call DriverDescription,serial,microdowell,\
|
||||
|
|
|
|||
|
|
@ -1,166 +0,0 @@
|
|||
commit 612c05efb3c3b243da603a3a050993281888b6e3
|
||||
Author: Arjen de Korte <build+github@de-korte.org>
|
||||
Date: Fri Mar 15 10:17:32 2019 +0100
|
||||
|
||||
Add support for openssl-1.1.0 (#504)
|
||||
|
||||
* Add support for openssl-1.1.0
|
||||
|
||||
* Allow TLSv1 and higher (not just TLSv1)
|
||||
|
||||
* Fix check for empty string
|
||||
|
||||
* Report TLS handshake in debug mode
|
||||
|
||||
* Update nut_check_libopenssl.m4
|
||||
|
||||
* Update upsclient.c
|
||||
|
||||
* Update netssl.c
|
||||
|
||||
--- a/clients/upsclient.c
|
||||
+++ b/clients/upsclient.c
|
||||
@@ -299,11 +299,6 @@ int upscli_init(int certverify, const ch
|
||||
{
|
||||
#ifdef WITH_OPENSSL
|
||||
int ret, ssl_mode = SSL_VERIFY_NONE;
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
|
||||
- const SSL_METHOD *ssl_method;
|
||||
-#else
|
||||
- SSL_METHOD *ssl_method;
|
||||
-#endif
|
||||
#elif defined(WITH_NSS) /* WITH_OPENSSL */
|
||||
SECStatus status;
|
||||
#endif /* WITH_OPENSSL | WITH_NSS */
|
||||
@@ -315,22 +310,32 @@ int upscli_init(int certverify, const ch
|
||||
}
|
||||
|
||||
#ifdef WITH_OPENSSL
|
||||
-
|
||||
- SSL_library_init();
|
||||
- SSL_load_error_strings();
|
||||
|
||||
- ssl_method = TLSv1_client_method();
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
+ SSL_load_error_strings();
|
||||
+ SSL_library_init();
|
||||
|
||||
- if (!ssl_method) {
|
||||
- return 0;
|
||||
- }
|
||||
+ ssl_ctx = SSL_CTX_new(SSLv23_client_method());
|
||||
+#else
|
||||
+ ssl_ctx = SSL_CTX_new(TLS_client_method());
|
||||
+#endif
|
||||
|
||||
- ssl_ctx = SSL_CTX_new(ssl_method);
|
||||
if (!ssl_ctx) {
|
||||
upslogx(LOG_ERR, "Can not initialize SSL context");
|
||||
return -1;
|
||||
}
|
||||
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
+ /* set minimum protocol TLSv1 */
|
||||
+ SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
|
||||
+#else
|
||||
+ ret = SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_VERSION);
|
||||
+ if (ret != 1) {
|
||||
+ upslogx(LOG_ERR, "Can not set minimum protocol to TLSv1");
|
||||
+ return -1;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
if (!certpath) {
|
||||
if (certverify == 1) {
|
||||
upslogx(LOG_ERR, "Can not verify certificate if any is specified");
|
||||
@@ -737,7 +742,7 @@ static int upscli_sslinit(UPSCONN_t *ups
|
||||
switch(res)
|
||||
{
|
||||
case 1:
|
||||
- upsdebugx(3, "SSL connected");
|
||||
+ upsdebugx(3, "SSL connected (%s)", SSL_get_version(ups->ssl));
|
||||
break;
|
||||
case 0:
|
||||
upslog_with_errno(1, "SSL_connect do not accept handshake.");
|
||||
--- a/clients/upssched.c
|
||||
+++ b/clients/upssched.c
|
||||
@@ -794,7 +794,7 @@ static void parse_at(const char *ntype,
|
||||
}
|
||||
|
||||
if (!strcmp(cmd, "EXECUTE")) {
|
||||
- if (ca1 == '\0') {
|
||||
+ if (ca1[0] == '\0') {
|
||||
upslogx(LOG_ERR, "Empty EXECUTE command argument");
|
||||
return;
|
||||
}
|
||||
--- a/m4/nut_check_libopenssl.m4
|
||||
+++ b/m4/nut_check_libopenssl.m4
|
||||
@@ -58,7 +58,7 @@ if test -z "${nut_have_libopenssl_seen}"
|
||||
|
||||
dnl check if openssl is usable
|
||||
AC_CHECK_HEADERS(openssl/ssl.h, [nut_have_openssl=yes], [nut_have_openssl=no], [AC_INCLUDES_DEFAULT])
|
||||
- AC_CHECK_FUNCS(SSL_library_init, [], [nut_have_openssl=no])
|
||||
+ AC_CHECK_FUNCS(SSL_CTX_new, [], [nut_have_openssl=no])
|
||||
|
||||
if test "${nut_have_openssl}" = "yes"; then
|
||||
nut_with_ssl="yes"
|
||||
--- a/server/netssl.c
|
||||
+++ b/server/netssl.c
|
||||
@@ -274,7 +274,7 @@ void net_starttls(nut_ctype_t *client, i
|
||||
{
|
||||
case 1:
|
||||
client->ssl_connected = 1;
|
||||
- upsdebugx(3, "SSL connected");
|
||||
+ upsdebugx(3, "SSL connected (%s)", SSL_get_version(client->ssl));
|
||||
break;
|
||||
|
||||
case 0:
|
||||
@@ -370,13 +370,7 @@ void ssl_init(void)
|
||||
{
|
||||
#ifdef WITH_NSS
|
||||
SECStatus status;
|
||||
-#elif defined(WITH_OPENSSL)
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
|
||||
- const SSL_METHOD *ssl_method;
|
||||
-#else
|
||||
- SSL_METHOD *ssl_method;
|
||||
-#endif
|
||||
-#endif /* WITH_NSS|WITH_OPENSSL */
|
||||
+#endif /* WITH_NSS */
|
||||
|
||||
if (!certfile) {
|
||||
return;
|
||||
@@ -386,18 +380,29 @@ void ssl_init(void)
|
||||
|
||||
#ifdef WITH_OPENSSL
|
||||
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
SSL_load_error_strings();
|
||||
SSL_library_init();
|
||||
|
||||
- if ((ssl_method = TLSv1_server_method()) == NULL) {
|
||||
+ ssl_ctx = SSL_CTX_new(SSLv23_server_method());
|
||||
+#else
|
||||
+ ssl_ctx = SSL_CTX_new(TLS_server_method());
|
||||
+#endif
|
||||
+
|
||||
+ if (!ssl_ctx) {
|
||||
ssl_debug();
|
||||
- fatalx(EXIT_FAILURE, "TLSv1_server_method failed");
|
||||
+ fatalx(EXIT_FAILURE, "SSL_CTX_new failed");
|
||||
}
|
||||
|
||||
- if ((ssl_ctx = SSL_CTX_new(ssl_method)) == NULL) {
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
+ /* set minimum protocol TLSv1 */
|
||||
+ SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
|
||||
+#else
|
||||
+ if (SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_VERSION) != 1) {
|
||||
ssl_debug();
|
||||
- fatalx(EXIT_FAILURE, "SSL_CTX_new failed");
|
||||
+ fatalx(EXIT_FAILURE, "SSL_CTX_set_min_proto_version(TLS1_VERSION)");
|
||||
}
|
||||
+#endif
|
||||
|
||||
if (SSL_CTX_use_certificate_chain_file(ssl_ctx, certfile) != 1) {
|
||||
ssl_debug();
|
||||
Loading…
Reference in a new issue