mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-21 05:00:16 +00:00
Code Issues Wiki Activity

Merge pull request #53032 from netixx/update-openvswitch-2.9.2

Browse source 
openvswitch: 2.5.4 -> 2.12.0
This commit is contained in:
Franz Pletz 2019-11-24 20:53:44 +00:00 committed by GitHub
parent 013b9a853b 0f5366d9e5
commit e315f34bb3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 386 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
maintainers/maintainer-list.nix
View file

@ -3601,6 +3601,12 @@
github = "klntsky";
githubId = 18447310;
};
kmcopper = {
email = "kmcopper@danwin1210.me";
name = "Kyle Copperfield";
github = "kmcopper";
githubId = 57132115;
};
kmeakin = {
email = "karlwfmeakin@gmail.com";
name = "Karl Meakin";

13
nixos/modules/virtualisation/openvswitch.nix
View file

@ -42,6 +42,9 @@ in {
default = false;
description = ''
Whether to start racoon service for openvswitch.
Supported only if openvswitch version is less than 2.6.0.
Use <literal>virtualisation.vswitch.package = pkgs.openvswitch-lts</literal>
for a version that supports ipsec over GRE.
'';
};
};
@ -89,6 +92,13 @@ in {
"${cfg.package}/share/openvswitch/vswitch.ovsschema"
fi
chmod -R +w /var/db/openvswitch
if ${cfg.package}/bin/ovsdb-tool needs-conversion /var/db/openvswitch/conf.db | grep -q "yes"
then
echo "Performing database upgrade"
${cfg.package}/bin/ovsdb-tool convert /var/db/openvswitch/conf.db
else
echo "Database already up to date"
fi
'';
serviceConfig = {
ExecStart =
@ -133,7 +143,7 @@ in {
};
}
(mkIf cfg.ipsec {
(mkIf (cfg.ipsec && (versionOlder cfg.package.version "2.6.0")) {
services.racoon.enable = true;
services.racoon.configPath = "${runDir}/ipsec/etc/racoon/racoon.conf";
@ -172,5 +182,4 @@ in {
'';
};
})]));
}

32
pkgs/os-specific/linux/openvswitch/default.nix
View file

@ -1,24 +1,25 @@
{ stdenv, fetchurl, makeWrapper, pkgconfig, utillinux, which
, procps, libcap_ng, openssl, python27 , perl
, procps, libcap_ng, openssl, python3 , perl
, kernel ? null }:
with stdenv.lib;
let
_kernel = kernel;
pythonEnv = python3.withPackages (ps: with ps; [ six ]);
in stdenv.mkDerivation rec {
version = "2.5.4";
version = "2.12.0";
pname = "openvswitch";
src = fetchurl {
url = "http://openvswitch.org/releases/${pname}-${version}.tar.gz";
sha256 = "1lji87wg953lqcdf02f1zv2m54vhd2x9jd03bb91lnlb4qlhifiv";
url = "https://www.openvswitch.org/releases/${pname}-${version}.tar.gz";
sha256 = "1y78ix5inhhcvicbvyy2ij38am1215nr55vydhab3d4065q45z8k";
};
kernel = optional (_kernel != null) _kernel.dev;
nativeBuildInputs = [ pkgconfig ];
buildInputs = [ makeWrapper utillinux openssl libcap_ng python27
buildInputs = [ makeWrapper utillinux openssl libcap_ng pythonEnv
perl procps which ];
configureFlags = [
@ -36,27 +37,13 @@ in stdenv.mkDerivation rec {
postBuild = ''
# fix tests
substituteInPlace xenserver/opt_xensource_libexec_interface-reconfigure --replace '/usr/bin/env python' '${python27.interpreter}'
substituteInPlace vtep/ovs-vtep --replace '/usr/bin/env python' '${python27.interpreter}'
substituteInPlace xenserver/opt_xensource_libexec_interface-reconfigure --replace '/usr/bin/env python' '${pythonEnv.interpreter}'
substituteInPlace vtep/ovs-vtep --replace '/usr/bin/env python' '${pythonEnv.interpreter}'
'';
enableParallelBuilding = true;
doCheck = false; # bash-completion test fails with "compgen: command not found"
postInstall = ''
cp debian/ovs-monitor-ipsec $out/share/openvswitch/scripts
makeWrapper \
$out/share/openvswitch/scripts/ovs-monitor-ipsec \
$out/bin/ovs-monitor-ipsec \
--prefix PYTHONPATH : "$out/share/openvswitch/python"
substituteInPlace $out/share/openvswitch/scripts/ovs-monitor-ipsec \
--replace "UnixctlServer.create(None)" "UnixctlServer.create(os.environ['UNIXCTLPATH'])"
substituteInPlace $out/share/openvswitch/scripts/ovs-monitor-ipsec \
--replace "self.psk_file" "root_prefix + self.psk_file"
substituteInPlace $out/share/openvswitch/scripts/ovs-monitor-ipsec \
--replace "self.cert_dir" "root_prefix + self.cert_dir"
'';
meta = with stdenv.lib; {
platforms = platforms.linux;
description = "A multilayer virtual switch";
@ -71,7 +58,8 @@ in stdenv.mkDerivation rec {
support distribution across multiple physical servers similar
to VMware's vNetwork distributed vswitch or Cisco's Nexus 1000V.
'';
homepage = http://openvswitch.org/;
homepage = https://www.openvswitch.org/;
license = licenses.asl20;
maintainers = with maintainers; [ netixx kmcopper ];
};
}

82
pkgs/os-specific/linux/openvswitch/lts.nix Normal file
View file

@ -0,0 +1,82 @@
{ stdenv, fetchurl, makeWrapper, pkgconfig, utillinux, which
, procps, libcap_ng, openssl, python2, iproute , perl
, automake, autoconf, libtool, kernel ? null }:
with stdenv.lib;
let
_kernel = kernel;
in stdenv.mkDerivation rec {
version = "2.5.9";
pname = "openvswitch";
src = fetchurl {
url = "https://www.openvswitch.org/releases/${pname}-${version}.tar.gz";
sha256 = "0iv0ncwl6s4qyyb655yj5xvqrjr1zbymmab96q259wa09xnyw7b7";
};
patches = [ ./patches/lts-ssl.patch ];
kernel = optional (_kernel != null) _kernel.dev;
nativeBuildInputs = [ autoconf libtool automake pkgconfig ];
buildInputs = [ makeWrapper utillinux openssl libcap_ng python2
perl procps which ];
preConfigure = "./boot.sh";
configureFlags = [
"--localstatedir=/var"
"--sharedstatedir=/var"
"--sbindir=$(out)/bin"
] ++ (optionals (_kernel != null) ["--with-linux"]);
# Leave /var out of this!
installFlags = [
"LOGDIR=$(TMPDIR)/dummy"
"RUNDIR=$(TMPDIR)/dummy"
"PKIDIR=$(TMPDIR)/dummy"
];
postBuild = ''
# fix tests
substituteInPlace xenserver/opt_xensource_libexec_interface-reconfigure --replace '/usr/bin/env python' '${python2.interpreter}'
substituteInPlace vtep/ovs-vtep --replace '/usr/bin/env python' '${python2.interpreter}'
'';
enableParallelBuilding = true;
doCheck = false; # bash-completion test fails with "compgen: command not found"
postInstall = ''
cp debian/ovs-monitor-ipsec $out/share/openvswitch/scripts
makeWrapper \
$out/share/openvswitch/scripts/ovs-monitor-ipsec \
$out/bin/ovs-monitor-ipsec \
--prefix PYTHONPATH : "$out/share/openvswitch/python"
substituteInPlace $out/share/openvswitch/scripts/ovs-monitor-ipsec \
--replace "UnixctlServer.create(None)" "UnixctlServer.create(os.environ['UNIXCTLPATH'])"
substituteInPlace $out/share/openvswitch/scripts/ovs-monitor-ipsec \
--replace "self.psk_file" "root_prefix + self.psk_file"
substituteInPlace $out/share/openvswitch/scripts/ovs-monitor-ipsec \
--replace "self.cert_dir" "root_prefix + self.cert_dir"
'';
meta = with stdenv.lib; {
platforms = platforms.linux;
description = "A multilayer virtual switch";
longDescription =
''
Open vSwitch is a production quality, multilayer virtual switch
licensed under the open source Apache 2.0 license. It is
designed to enable massive network automation through
programmatic extension, while still supporting standard
management interfaces and protocols (e.g. NetFlow, sFlow, SPAN,
RSPAN, CLI, LACP, 802.1ag). In addition, it is designed to
support distribution across multiple physical servers similar
to VMware's vNetwork distributed vswitch or Cisco's Nexus 1000V.
'';
homepage = https://www.openvswitch.org/;
license = licenses.asl20;
maintainers = with maintainers; [ netixx kmcopper ];
};
}

274
pkgs/os-specific/linux/openvswitch/patches/lts-ssl.patch Normal file
View file

@ -0,0 +1,274 @@
diff --git a/build-aux/automake.mk b/build-aux/automake.mk
new file mode 100644
index 000000000..5d2657fd6
--- /dev/null
+++ b/build-aux/automake.mk
@@ -0,0 +1,2 @@
+EXTRA_DIST += \
+ build-aux/generate-dhparams-c
diff --git a/build-aux/generate-dhparams-c b/build-aux/generate-dhparams-c
new file mode 100755
index 000000000..bcd25e2d8
--- /dev/null
+++ b/build-aux/generate-dhparams-c
@@ -0,0 +1,33 @@
+#! /bin/sh -e
+
+cat <<'EOF'
+/* Generated automatically; do not modify! -*- buffer-read-only: t -*-
+ *
+ * If you do need to regenerate this file, run "make generate-dhparams-c". */
+
+#include <config.h>
+#include "lib/dhparams.h"
+#include "lib/util.h"
+
+static int
+my_DH_set0_pqg(DH *dh, BIGNUM *p, const BIGNUM **q OVS_UNUSED, BIGNUM *g)
+{
+ ovs_assert(q == NULL);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER)
+ dh->p = p;
+ dh->g = g;
+ return 1;
+#else
+ return DH_set0_pqg(dh, p, NULL, g);
+#endif
+}
+EOF
+(openssl dhparam -C -in lib/dh1024.pem -noout &&
+openssl dhparam -C -in lib/dh2048.pem -noout &&
+openssl dhparam -C -in lib/dh4096.pem -noout) | sed '
+ s/^static DH/DH/
+ s/\(get_dh[0-9]*\)()/\1(void)/
+ s/\(DH_set0_pqg\)/my_\1/
+ s/[ ]*$//
+ s/ / /g
+'
diff --git a/lib/automake.mk b/lib/automake.mk
index 5387d519a..804a8b7d7 100644
--- a/lib/automake.mk
+++ b/lib/automake.mk
@@ -399,15 +399,16 @@ lib_libopenvswitch_la_SOURCES += \
lib/route-table-bsd.c
endif
+.PHONY: generate-dhparams-c
if HAVE_OPENSSL
-lib_libopenvswitch_la_SOURCES += lib/stream-ssl.c
-nodist_lib_libopenvswitch_la_SOURCES += lib/dhparams.c
-lib/dhparams.c: lib/dh1024.pem lib/dh2048.pem lib/dh4096.pem
- $(AM_V_GEN)(echo '#include "lib/dhparams.h"' && \
- openssl dhparam -C -in $(srcdir)/lib/dh1024.pem -noout && \
- openssl dhparam -C -in $(srcdir)/lib/dh2048.pem -noout && \
- openssl dhparam -C -in $(srcdir)/lib/dh4096.pem -noout) \
- | sed 's/\(get_dh[0-9]*\)()/\1(void)/' > lib/dhparams.c.tmp && \
+lib_libopenvswitch_la_SOURCES += lib/stream-ssl.c lib/dhparams.c
+
+# Manually regenerates lib/dhparams.c. Not normally necessary since
+# lib/dhparams.c is part of the repository and doesn't normally need
+# updates.
+generate-dhparams-c:
+ $(AM_V_GEN)cd $(srcdir) && \
+ build-aux/generate-dhparams-c > lib/dhparams.c.tmp && \
mv lib/dhparams.c.tmp lib/dhparams.c
else
lib_libopenvswitch_la_SOURCES += lib/stream-nossl.c
diff --git a/lib/dhparams.c b/lib/dhparams.c
new file mode 100644
index 000000000..4e42efad2
--- /dev/null
+++ b/lib/dhparams.c
@@ -0,0 +1,192 @@
+/* Generated automatically; do not modify! -*- buffer-read-only: t -*-
+ *
+ * If you do need to regenerate this file, run "make generate-dhparams-c". */
+
+#include <config.h>
+#include "lib/dhparams.h"
+#include "lib/util.h"
+
+static int
+my_DH_set0_pqg(DH *dh, BIGNUM *p, const BIGNUM **q OVS_UNUSED, BIGNUM *g)
+{
+ ovs_assert(q == NULL);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER)
+ dh->p = p;
+ dh->g = g;
+ return 1;
+#else
+ return DH_set0_pqg(dh, p, NULL, g);
+#endif
+}
+#ifndef HEADER_DH_H
+# include <openssl/dh.h>
+#endif
+
+DH *get_dh1024(void)
+{
+ static unsigned char dhp_1024[] = {
+ 0xF4, 0x88, 0xFD, 0x58, 0x4E, 0x49, 0xDB, 0xCD, 0x20, 0xB4,
+ 0x9D, 0xE4, 0x91, 0x07, 0x36, 0x6B, 0x33, 0x6C, 0x38, 0x0D,
+ 0x45, 0x1D, 0x0F, 0x7C, 0x88, 0xB3, 0x1C, 0x7C, 0x5B, 0x2D,
+ 0x8E, 0xF6, 0xF3, 0xC9, 0x23, 0xC0, 0x43, 0xF0, 0xA5, 0x5B,
+ 0x18, 0x8D, 0x8E, 0xBB, 0x55, 0x8C, 0xB8, 0x5D, 0x38, 0xD3,
+ 0x34, 0xFD, 0x7C, 0x17, 0x57, 0x43, 0xA3, 0x1D, 0x18, 0x6C,
+ 0xDE, 0x33, 0x21, 0x2C, 0xB5, 0x2A, 0xFF, 0x3C, 0xE1, 0xB1,
+ 0x29, 0x40, 0x18, 0x11, 0x8D, 0x7C, 0x84, 0xA7, 0x0A, 0x72,
+ 0xD6, 0x86, 0xC4, 0x03, 0x19, 0xC8, 0x07, 0x29, 0x7A, 0xCA,
+ 0x95, 0x0C, 0xD9, 0x96, 0x9F, 0xAB, 0xD0, 0x0A, 0x50, 0x9B,
+ 0x02, 0x46, 0xD3, 0x08, 0x3D, 0x66, 0xA4, 0x5D, 0x41, 0x9F,
+ 0x9C, 0x7C, 0xBD, 0x89, 0x4B, 0x22, 0x19, 0x26, 0xBA, 0xAB,
+ 0xA2, 0x5E, 0xC3, 0x55, 0xE9, 0x2F, 0x78, 0xC7
+ };
+ static unsigned char dhg_1024[] = {
+ 0x02
+ };
+ DH *dh = DH_new();
+ BIGNUM *dhp_bn, *dhg_bn;
+
+ if (dh == NULL)
+ return NULL;
+ dhp_bn = BN_bin2bn(dhp_1024, sizeof (dhp_1024), NULL);
+ dhg_bn = BN_bin2bn(dhg_1024, sizeof (dhg_1024), NULL);
+ if (dhp_bn == NULL || dhg_bn == NULL
+ || !my_DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
+ DH_free(dh);
+ BN_free(dhp_bn);
+ BN_free(dhg_bn);
+ return NULL;
+ }
+ return dh;
+}
+#ifndef HEADER_DH_H
+# include <openssl/dh.h>
+#endif
+
+DH *get_dh2048(void)
+{
+ static unsigned char dhp_2048[] = {
+ 0xF6, 0x42, 0x57, 0xB7, 0x08, 0x7F, 0x08, 0x17, 0x72, 0xA2,
+ 0xBA, 0xD6, 0xA9, 0x42, 0xF3, 0x05, 0xE8, 0xF9, 0x53, 0x11,
+ 0x39, 0x4F, 0xB6, 0xF1, 0x6E, 0xB9, 0x4B, 0x38, 0x20, 0xDA,
+ 0x01, 0xA7, 0x56, 0xA3, 0x14, 0xE9, 0x8F, 0x40, 0x55, 0xF3,
+ 0xD0, 0x07, 0xC6, 0xCB, 0x43, 0xA9, 0x94, 0xAD, 0xF7, 0x4C,
+ 0x64, 0x86, 0x49, 0xF8, 0x0C, 0x83, 0xBD, 0x65, 0xE9, 0x17,
+ 0xD4, 0xA1, 0xD3, 0x50, 0xF8, 0xF5, 0x59, 0x5F, 0xDC, 0x76,
+ 0x52, 0x4F, 0x3D, 0x3D, 0x8D, 0xDB, 0xCE, 0x99, 0xE1, 0x57,
+ 0x92, 0x59, 0xCD, 0xFD, 0xB8, 0xAE, 0x74, 0x4F, 0xC5, 0xFC,
+ 0x76, 0xBC, 0x83, 0xC5, 0x47, 0x30, 0x61, 0xCE, 0x7C, 0xC9,
+ 0x66, 0xFF, 0x15, 0xF9, 0xBB, 0xFD, 0x91, 0x5E, 0xC7, 0x01,
+ 0xAA, 0xD3, 0x5B, 0x9E, 0x8D, 0xA0, 0xA5, 0x72, 0x3A, 0xD4,
+ 0x1A, 0xF0, 0xBF, 0x46, 0x00, 0x58, 0x2B, 0xE5, 0xF4, 0x88,
+ 0xFD, 0x58, 0x4E, 0x49, 0xDB, 0xCD, 0x20, 0xB4, 0x9D, 0xE4,
+ 0x91, 0x07, 0x36, 0x6B, 0x33, 0x6C, 0x38, 0x0D, 0x45, 0x1D,
+ 0x0F, 0x7C, 0x88, 0xB3, 0x1C, 0x7C, 0x5B, 0x2D, 0x8E, 0xF6,
+ 0xF3, 0xC9, 0x23, 0xC0, 0x43, 0xF0, 0xA5, 0x5B, 0x18, 0x8D,
+ 0x8E, 0xBB, 0x55, 0x8C, 0xB8, 0x5D, 0x38, 0xD3, 0x34, 0xFD,
+ 0x7C, 0x17, 0x57, 0x43, 0xA3, 0x1D, 0x18, 0x6C, 0xDE, 0x33,
+ 0x21, 0x2C, 0xB5, 0x2A, 0xFF, 0x3C, 0xE1, 0xB1, 0x29, 0x40,
+ 0x18, 0x11, 0x8D, 0x7C, 0x84, 0xA7, 0x0A, 0x72, 0xD6, 0x86,
+ 0xC4, 0x03, 0x19, 0xC8, 0x07, 0x29, 0x7A, 0xCA, 0x95, 0x0C,
+ 0xD9, 0x96, 0x9F, 0xAB, 0xD0, 0x0A, 0x50, 0x9B, 0x02, 0x46,
+ 0xD3, 0x08, 0x3D, 0x66, 0xA4, 0x5D, 0x41, 0x9F, 0x9C, 0x7C,
+ 0xBD, 0x89, 0x4B, 0x22, 0x19, 0x26, 0xBA, 0xAB, 0xA2, 0x5E,
+ 0xC3, 0x55, 0xE9, 0x32, 0x0B, 0x3B
+ };
+ static unsigned char dhg_2048[] = {
+ 0x02
+ };
+ DH *dh = DH_new();
+ BIGNUM *dhp_bn, *dhg_bn;
+
+ if (dh == NULL)
+ return NULL;
+ dhp_bn = BN_bin2bn(dhp_2048, sizeof (dhp_2048), NULL);
+ dhg_bn = BN_bin2bn(dhg_2048, sizeof (dhg_2048), NULL);
+ if (dhp_bn == NULL || dhg_bn == NULL
+ || !my_DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
+ DH_free(dh);
+ BN_free(dhp_bn);
+ BN_free(dhg_bn);
+ return NULL;
+ }
+ return dh;
+}
+#ifndef HEADER_DH_H
+# include <openssl/dh.h>
+#endif
+
+DH *get_dh4096(void)
+{
+ static unsigned char dhp_4096[] = {
+ 0xFA, 0x14, 0x72, 0x52, 0xC1, 0x4D, 0xE1, 0x5A, 0x49, 0xD4,
+ 0xEF, 0x09, 0x2D, 0xC0, 0xA8, 0xFD, 0x55, 0xAB, 0xD7, 0xD9,
+ 0x37, 0x04, 0x28, 0x09, 0xE2, 0xE9, 0x3E, 0x77, 0xE2, 0xA1,
+ 0x7A, 0x18, 0xDD, 0x46, 0xA3, 0x43, 0x37, 0x23, 0x90, 0x97,
+ 0xF3, 0x0E, 0xC9, 0x03, 0x50, 0x7D, 0x65, 0xCF, 0x78, 0x62,
+ 0xA6, 0x3A, 0x62, 0x22, 0x83, 0xA1, 0x2F, 0xFE, 0x79, 0xBA,
+ 0x35, 0xFF, 0x59, 0xD8, 0x1D, 0x61, 0xDD, 0x1E, 0x21, 0x13,
+ 0x17, 0xFE, 0xCD, 0x38, 0x87, 0x9E, 0xF5, 0x4F, 0x79, 0x10,
+ 0x61, 0x8D, 0xD4, 0x22, 0xF3, 0x5A, 0xED, 0x5D, 0xEA, 0x21,
+ 0xE9, 0x33, 0x6B, 0x48, 0x12, 0x0A, 0x20, 0x77, 0xD4, 0x25,
+ 0x60, 0x61, 0xDE, 0xF6, 0xB4, 0x4F, 0x1C, 0x63, 0x40, 0x8B,
+ 0x3A, 0x21, 0x93, 0x8B, 0x79, 0x53, 0x51, 0x2C, 0xCA, 0xB3,
+ 0x7B, 0x29, 0x56, 0xA8, 0xC7, 0xF8, 0xF4, 0x7B, 0x08, 0x5E,
+ 0xA6, 0xDC, 0xA2, 0x45, 0x12, 0x56, 0xDD, 0x41, 0x92, 0xF2,
+ 0xDD, 0x5B, 0x8F, 0x23, 0xF0, 0xF3, 0xEF, 0xE4, 0x3B, 0x0A,
+ 0x44, 0xDD, 0xED, 0x96, 0x84, 0xF1, 0xA8, 0x32, 0x46, 0xA3,
+ 0xDB, 0x4A, 0xBE, 0x3D, 0x45, 0xBA, 0x4E, 0xF8, 0x03, 0xE5,
+ 0xDD, 0x6B, 0x59, 0x0D, 0x84, 0x1E, 0xCA, 0x16, 0x5A, 0x8C,
+ 0xC8, 0xDF, 0x7C, 0x54, 0x44, 0xC4, 0x27, 0xA7, 0x3B, 0x2A,
+ 0x97, 0xCE, 0xA3, 0x7D, 0x26, 0x9C, 0xAD, 0xF4, 0xC2, 0xAC,
+ 0x37, 0x4B, 0xC3, 0xAD, 0x68, 0x84, 0x7F, 0x99, 0xA6, 0x17,
+ 0xEF, 0x6B, 0x46, 0x3A, 0x7A, 0x36, 0x7A, 0x11, 0x43, 0x92,
+ 0xAD, 0xE9, 0x9C, 0xFB, 0x44, 0x6C, 0x3D, 0x82, 0x49, 0xCC,
+ 0x5C, 0x6A, 0x52, 0x42, 0xF8, 0x42, 0xFB, 0x44, 0xF9, 0x39,
+ 0x73, 0xFB, 0x60, 0x79, 0x3B, 0xC2, 0x9E, 0x0B, 0xDC, 0xD4,
+ 0xA6, 0x67, 0xF7, 0x66, 0x3F, 0xFC, 0x42, 0x3B, 0x1B, 0xDB,
+ 0x4F, 0x66, 0xDC, 0xA5, 0x8F, 0x66, 0xF9, 0xEA, 0xC1, 0xED,
+ 0x31, 0xFB, 0x48, 0xA1, 0x82, 0x7D, 0xF8, 0xE0, 0xCC, 0xB1,
+ 0xC7, 0x03, 0xE4, 0xF8, 0xB3, 0xFE, 0xB7, 0xA3, 0x13, 0x73,
+ 0xA6, 0x7B, 0xC1, 0x0E, 0x39, 0xC7, 0x94, 0x48, 0x26, 0x00,
+ 0x85, 0x79, 0xFC, 0x6F, 0x7A, 0xAF, 0xC5, 0x52, 0x35, 0x75,
+ 0xD7, 0x75, 0xA4, 0x40, 0xFA, 0x14, 0x74, 0x61, 0x16, 0xF2,
+ 0xEB, 0x67, 0x11, 0x6F, 0x04, 0x43, 0x3D, 0x11, 0x14, 0x4C,
+ 0xA7, 0x94, 0x2A, 0x39, 0xA1, 0xC9, 0x90, 0xCF, 0x83, 0xC6,
+ 0xFF, 0x02, 0x8F, 0xA3, 0x2A, 0xAC, 0x26, 0xDF, 0x0B, 0x8B,
+ 0xBE, 0x64, 0x4A, 0xF1, 0xA1, 0xDC, 0xEE, 0xBA, 0xC8, 0x03,
+ 0x82, 0xF6, 0x62, 0x2C, 0x5D, 0xB6, 0xBB, 0x13, 0x19, 0x6E,
+ 0x86, 0xC5, 0x5B, 0x2B, 0x5E, 0x3A, 0xF3, 0xB3, 0x28, 0x6B,
+ 0x70, 0x71, 0x3A, 0x8E, 0xFF, 0x5C, 0x15, 0xE6, 0x02, 0xA4,
+ 0xCE, 0xED, 0x59, 0x56, 0xCC, 0x15, 0x51, 0x07, 0x79, 0x1A,
+ 0x0F, 0x25, 0x26, 0x27, 0x30, 0xA9, 0x15, 0xB2, 0xC8, 0xD4,
+ 0x5C, 0xCC, 0x30, 0xE8, 0x1B, 0xD8, 0xD5, 0x0F, 0x19, 0xA8,
+ 0x80, 0xA4, 0xC7, 0x01, 0xAA, 0x8B, 0xBA, 0x53, 0xBB, 0x47,
+ 0xC2, 0x1F, 0x6B, 0x54, 0xB0, 0x17, 0x60, 0xED, 0x79, 0x21,
+ 0x95, 0xB6, 0x05, 0x84, 0x37, 0xC8, 0x03, 0xA4, 0xDD, 0xD1,
+ 0x06, 0x69, 0x8F, 0x4C, 0x39, 0xE0, 0xC8, 0x5D, 0x83, 0x1D,
+ 0xBE, 0x6A, 0x9A, 0x99, 0xF3, 0x9F, 0x0B, 0x45, 0x29, 0xD4,
+ 0xCB, 0x29, 0x66, 0xEE, 0x1E, 0x7E, 0x3D, 0xD7, 0x13, 0x4E,
+ 0xDB, 0x90, 0x90, 0x58, 0xCB, 0x5E, 0x9B, 0xCD, 0x2E, 0x2B,
+ 0x0F, 0xA9, 0x4E, 0x78, 0xAC, 0x05, 0x11, 0x7F, 0xE3, 0x9E,
+ 0x27, 0xD4, 0x99, 0xE1, 0xB9, 0xBD, 0x78, 0xE1, 0x84, 0x41,
+ 0xA0, 0xDF
+ };
+ static unsigned char dhg_4096[] = {
+ 0x02
+ };
+ DH *dh = DH_new();
+ BIGNUM *dhp_bn, *dhg_bn;
+
+ if (dh == NULL)
+ return NULL;
+ dhp_bn = BN_bin2bn(dhp_4096, sizeof (dhp_4096), NULL);
+ dhg_bn = BN_bin2bn(dhg_4096, sizeof (dhg_4096), NULL);
+ if (dhp_bn == NULL || dhg_bn == NULL
+ || !my_DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
+ DH_free(dh);
+ BN_free(dhp_bn);
+ BN_free(dhg_bn);
+ return NULL;
+ }
+ return dh;
+}

6
pkgs/top-level/all-packages.nix
View file

@ -5428,9 +5428,9 @@ in
opentracing-cpp = callPackage ../development/libraries/opentracing-cpp { };
openvswitch = callPackage ../os-specific/linux/openvswitch {
openssl = openssl_1_0_2;
};
openvswitch = callPackage ../os-specific/linux/openvswitch { };
openvswitch-lts = callPackage ../os-specific/linux/openvswitch/lts.nix { };
optipng = callPackage ../tools/graphics/optipng {
libpng = libpng12;