diff options
| author | Simon Kelley <simon@thekelleys.org.uk> | 2014-06-18 20:52:53 +0100 |
|---|---|---|
| committer | Simon Kelley <simon@thekelleys.org.uk> | 2014-06-18 20:52:53 +0100 |
| commit | cdb755c5f16a6768c3e8b1f345fe15fc9244228d (patch) | |
| tree | 518ca7e0894f91c60c1a7447802404aa4fd86fe5 | |
| parent | 063efb330a3f341c2548e2cf1f67f83e49cd6395 (diff) | |
| download | dnsmasq-cdb755c5f16a6768c3e8b1f345fe15fc9244228d.tar.gz | |
Fix FTBFS with Nettle-3.0.
| -rw-r--r-- | CHANGELOG | 3 | ||||
| -rw-r--r-- | src/dnssec.c | 18 |
2 files changed, 15 insertions, 6 deletions
@@ -10,6 +10,9 @@ version 2.72 Add DBus methods SetFilterWin2KOption and SetBogusPrivOption Thanks to the Smoothwall project for the patch. + + Fix failure to build against Nettle-3.0. Thanks to Steven + Barth for spotting this and finding the fix. version 2.71 diff --git a/src/dnssec.c b/src/dnssec.c index 2ffb75d..69bfc29 100644 --- a/src/dnssec.c +++ b/src/dnssec.c @@ -28,6 +28,12 @@ #include <nettle/nettle-meta.h> #include <nettle/bignum.h> +/* Nettle-3.0 moved to a new API for DSA. We use a name that's defined in the new API + to detect Nettle-3, and invoke the backwards compatibility mode. */ +#ifdef dsa_params_init +#include <nettle/dsa-compat.h> +#endif + #define SERIAL_UNDEF -100 #define SERIAL_EQ 0 @@ -121,8 +127,8 @@ static int hash_init(const struct nettle_hash *hash, void **ctxp, unsigned char return 1; } -static int rsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len, - unsigned char *digest, int algo) +static int dnsmasq_rsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len, + unsigned char *digest, int algo) { unsigned char *p; size_t exp_len; @@ -173,8 +179,8 @@ static int rsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned return 0; } -static int dsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len, - unsigned char *digest, int algo) +static int dnsmasq_dsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len, + unsigned char *digest, int algo) { unsigned char *p; unsigned int t; @@ -293,10 +299,10 @@ static int verify(struct blockdata *key_data, unsigned int key_len, unsigned cha switch (algo) { case 1: case 5: case 7: case 8: case 10: - return rsa_verify(key_data, key_len, sig, sig_len, digest, algo); + return dnsmasq_rsa_verify(key_data, key_len, sig, sig_len, digest, algo); case 3: case 6: - return dsa_verify(key_data, key_len, sig, sig_len, digest, algo); + return dnsmasq_dsa_verify(key_data, key_len, sig, sig_len, digest, algo); #ifndef NO_NETTLE_ECC case 13: case 14: |