freeradius: check existence of openssl's commands in bootstrap

It calls openssl's commands 'dhparam' and 'pkcs12' in script bootstrap. These commands are configurable based on configure options 'no-dh' and 'no-des', and may not be provided by openssl. So check existence of these commands. If not, abort running of script bootstrap. 1. https://github.com/openssl/openssl/blob/master/apps/build.info#L37 2. https://github.com/openssl/openssl/blob/master/apps/build.info#L22 Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2026-05-22 02:46:46 +00:00 · 2021-04-21 17:40:24 +08:00 · 2021-04-21 17:40:24 +08:00 · c8ceefc5c3
commit c8ceefc5c3
parent e418ee4657
2 changed files with 39 additions and 0 deletions
--- a/meta-networking/recipes-connectivity/freeradius/files/check-openssl-cmds-in-script-bootstrap.patch
+++ b/meta-networking/recipes-connectivity/freeradius/files/check-openssl-cmds-in-script-bootstrap.patch
@ -0,0 +1,38 @@
+bootstrap: check commands of openssl exist
+
+It calls openssl commands dhparam and pkcs12 in script bootstrap. These
+commands are configurable based on configure options 'no-dh' and
+'no-des', and may not be provided by openssl. So check existence of
+these commands. If not, abort running of script bootstrap.
+
+1. https://github.com/openssl/openssl/blob/master/apps/build.info#L37
+2. https://github.com/openssl/openssl/blob/master/apps/build.info#L22
+
+Upstream-Status: Denied [https://github.com/FreeRADIUS/freeradius-server/pull/4059]
+				 The maintainer commented in the pull that the script could
+				 be run on a host which provides these openssl commands.
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+---
+ raddb/certs/bootstrap | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/raddb/certs/bootstrap b/raddb/certs/bootstrap
+index 0f719aafd4..17feddbeeb 100755
+--- a/raddb/certs/bootstrap
+++ b/raddb/certs/bootstrap
+@@ -13,6 +13,14 @@
+ umask 027
+ cd `dirname $0`
+ 
+#  check commands of openssl exist
+for cmd in dhparam pkcs12; do
+	if ! openssl ${cmd} -help >/dev/null 2>&1; then
+		echo "Error: command ${cmd} is not supported by openssl."
+		exit 1
+	fi
+done
+
+ make -h > /dev/null 2>&1
+ 
+ #
--- a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
+++ b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb
@ -31,6 +31,7 @@ SRC_URI = "git://github.com/FreeRADIUS/freeradius-server.git;branch=v3.0.x;lfs=0
    file://0001-workaround-error-with-autoconf-2.7.patch \
    file://radiusd.service \
    file://radiusd-volatiles.conf \
+    file://check-openssl-cmds-in-script-bootstrap.patch \
 "

 SRCREV = "af428abda249b2279ba0582180985a9f6f4a144a"