> Package: gatling > Version: 0.12cvs20120114-3 > Severity: important > > Hi Roland, > gatling fails to build from source in stable:
[..] > This is very likely related to the polarssl update in DSA-2782. Can you fix > the FTBFS in a Wheezy point update? Patch for stable attached. Cheers, Moritz -- Moritz Mühlenhoff Open Source Software Engineer Univention GmbH be open. Mary-Somerville-Str.1 28359 Bremen Tel. : +49 421 22232-0 [.....] Fax : +49 421 22232-99 muehlenh...@univention.de http://www.univention.de Geschäftsführer: Peter H. Ganten HRB 20755 Amtsgericht Bremen Steuer-Nr.: 71-597-02876
diff -Naur gatling-0.12cvs20120114.orig/debian/patches/fix-compat-with-polarssl12.patch gatling-0.12cvs20120114/debian/patches/fix-compat-with-polarssl12.patch --- gatling-0.12cvs20120114.orig/debian/patches/fix-compat-with-polarssl12.patch 1970-01-01 01:00:00.000000000 +0100 +++ gatling-0.12cvs20120114/debian/patches/fix-compat-with-polarssl12.patch 2014-01-27 11:37:49.662659965 +0100 @@ -0,0 +1,133 @@ +Description: Fix compatibility with polarssl 1.2.x + PolarSSL was updated to 1.2.9 in DSA 2782 (due to security fixes which were + not backportable to the older releases). Version 1.2.0 introduces several + non-backwards-compatible API changes (fully mentioned here: + https://polarssl.org/tech-updates/releases/polarssl-1.2.0-released + * Rename cipher suites names + * Remove call to removed ssl_set_scb() function, TLS session cache is handled + internally. Also remove the functions my_get_session() and my_set_session() + used for that and adapt the ssl_set_session() call. +Author: Moritz Mühlenhoff <muehlenh...@univention.de> +Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736318 + +--- gatling-0.12cvs20120114.orig/pssl.c ++++ gatling-0.12cvs20120114/pssl.c +@@ -28,95 +28,21 @@ havege_state hs; + + int my_ciphersuites[] = + { +- SSL_EDH_RSA_AES_256_SHA, +- SSL_EDH_RSA_CAMELLIA_256_SHA, +- SSL_EDH_RSA_AES_128_SHA, +- SSL_EDH_RSA_CAMELLIA_128_SHA, +- SSL_EDH_RSA_DES_168_SHA, +- SSL_RSA_AES_256_SHA, +- SSL_RSA_CAMELLIA_256_SHA, +- SSL_RSA_AES_128_SHA, +- SSL_RSA_CAMELLIA_128_SHA, +- SSL_RSA_DES_168_SHA, +- SSL_RSA_RC4_128_SHA, +- SSL_RSA_RC4_128_MD5, ++ TLS_DHE_RSA_WITH_AES_256_CBC_SHA, ++ TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, ++ TLS_DHE_RSA_WITH_AES_128_CBC_SHA, ++ TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, ++ TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, ++ TLS_RSA_WITH_AES_256_CBC_SHA, ++ TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, ++ TLS_RSA_WITH_AES_128_CBC_SHA, ++ TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, ++ TLS_RSA_WITH_3DES_EDE_CBC_SHA, ++ TLS_RSA_WITH_RC4_128_SHA, ++ TLS_RSA_WITH_RC4_128_MD5, + 0 + }; + +-/* +- * These session callbacks use a simple chained list +- * to store and retrieve the session information. +- */ +-ssl_session *s_list_1st = NULL; +-ssl_session *cur, *prv; +- +-static int my_get_session( ssl_context *ssl ) +-{ +- time_t t = time( NULL ); +- +- if( ssl->resume == 0 ) +- return( 1 ); +- +- cur = s_list_1st; +- prv = NULL; +- +- while( cur != NULL ) +- { +- prv = cur; +- cur = cur->next; +- +- if( ssl->timeout != 0 && t - prv->start > ssl->timeout ) +- continue; +- +- if( ssl->session->ciphersuite != prv->ciphersuite || +- ssl->session->length != prv->length ) +- continue; +- +- if( memcmp( ssl->session->id, prv->id, prv->length ) != 0 ) +- continue; +- +- memcpy( ssl->session->master, prv->master, 48 ); +- return( 0 ); +- } +- +- return( 1 ); +-} +- +-static int my_set_session( ssl_context *ssl ) +-{ +- time_t t = time( NULL ); +- +- cur = s_list_1st; +- prv = NULL; +- +- while( cur != NULL ) +- { +- if( ssl->timeout != 0 && t - cur->start > ssl->timeout ) +- break; /* expired, reuse this slot */ +- +- if( memcmp( ssl->session->id, cur->id, cur->length ) == 0 ) +- break; /* client reconnected */ +- +- prv = cur; +- cur = cur->next; +- } +- +- if( cur == NULL ) +- { +- cur = (ssl_session *) malloc( sizeof( ssl_session ) ); +- if( cur == NULL ) +- return( 1 ); +- +- if( prv == NULL ) +- s_list_1st = cur; +- else prv->next = cur; +- } +- +- memcpy( cur, ssl->session, sizeof( ssl_session ) ); +- +- return( 0 ); +-} +- + static int my_net_recv( void *ctx, unsigned char *buf, size_t len ) { + int sock=(int)(uintptr_t)ctx; + return net_recv(&sock,buf,len); +@@ -178,9 +104,8 @@ fail: + ssl_set_authmode( ssl, SSL_VERIFY_NONE ); + ssl_set_rng( ssl, havege_random, &hs ); + ssl_set_bio( ssl, my_net_recv, (void*)(uintptr_t)sock, my_net_send, (void*)(uintptr_t)sock ); +- ssl_set_scb( ssl, my_get_session, my_set_session ); + ssl_set_ciphersuites( ssl, my_ciphersuites ); +- ssl_set_session( ssl, 1, 0, ssn ); ++ ssl_set_session( ssl, ssn ); + + ssl_set_ca_chain( ssl, srvcert.next, NULL, NULL ); + ssl_set_own_cert( ssl, &srvcert, &rsa ); diff -Naur gatling-0.12cvs20120114.orig/debian/patches/series gatling-0.12cvs20120114/debian/patches/series --- gatling-0.12cvs20120114.orig/debian/patches/series 2012-11-12 22:05:52.000000000 +0100 +++ gatling-0.12cvs20120114/debian/patches/series 2014-01-27 11:35:08.232909740 +0100 @@ -8,3 +8,4 @@ 08-cgi-post-fix.patch 09-gatling-ftp-fix-traversal.patch 10-gatling-http-fix-traversal.patch +fix-compat-with-polarssl12.patch
