Control: tags 828279 + patch Control: tags 828279 + pending Dear maintainer,
I've prepared an NMU for davix (versioned as 0.6.4-1.1) and uploaded it to DELAYED/4. Please feel free to tell me if I should delay it longer. Regards.
diff -Nru davix-0.6.4/debian/changelog davix-0.6.4/debian/changelog --- davix-0.6.4/debian/changelog 2016-08-25 15:23:58.000000000 +0200 +++ davix-0.6.4/debian/changelog 2016-12-15 21:40:12.000000000 +0100 @@ -1,3 +1,11 @@ +davix (0.6.4-1.1) unstable; urgency=medium + + * Non-maintainer upload. + * Add OpenSSL 1.1.0 support (Closes: #828279). + * Don't install gtest's header files or static libs. + + -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Thu, 15 Dec 2016 21:40:12 +0100 + davix (0.6.4-1) unstable; urgency=medium * Update to version 0.6.4 diff -Nru davix-0.6.4/debian/control davix-0.6.4/debian/control --- davix-0.6.4/debian/control 2016-08-25 15:23:58.000000000 +0200 +++ davix-0.6.4/debian/control 2016-12-15 21:40:12.000000000 +0100 @@ -1,7 +1,7 @@ Source: davix Priority: optional Maintainer: Mattias Ellert <mattias.ell...@physics.uu.se> -Build-Depends: debhelper (>= 8.0.0), cmake, libxml2-dev, libssl-dev, gsoap, libboost-system-dev, libboost-thread-dev, libgtest-dev, abi-compliance-checker, pkg-config, doxygen, python-sphinx +Build-Depends: debhelper (>= 8.0.0), cmake, libxml2-dev, libssl-dev, gsoap, libboost-system-dev, libboost-thread-dev, libgtest-dev, abi-compliance-checker, pkg-config, doxygen, python-sphinx, zlib1g-dev Standards-Version: 3.9.8 Section: net Homepage: http://dmc.web.cern.ch/projects/davix/home diff -Nru davix-0.6.4/debian/patches/0001-DMC-888-16-Add-support-for-openssl-1.1.0.patch davix-0.6.4/debian/patches/0001-DMC-888-16-Add-support-for-openssl-1.1.0.patch --- davix-0.6.4/debian/patches/0001-DMC-888-16-Add-support-for-openssl-1.1.0.patch 1970-01-01 01:00:00.000000000 +0100 +++ davix-0.6.4/debian/patches/0001-DMC-888-16-Add-support-for-openssl-1.1.0.patch 2016-12-15 21:38:21.000000000 +0100 @@ -0,0 +1,145 @@ +From 748698152f2d9c049c31ad7d44d6d2405e540163 Mon Sep 17 00:00:00 2001 +From: Georgios Bitzes <georgios.bit...@cern.ch> +Date: Tue, 20 Sep 2016 14:16:38 +0200 +Subject: [PATCH 1/2] DMC-888 #16 Add support for openssl-1.1.0 + +--- + deps/libneon/src/ne_openssl.c | 41 +++++++++++++----- + deps/libneon/src/ne_socket.c | 11 +++- + src/modules/copy/delegation/GRSTx509MakeProxyCert.cpp | 2 + 3 files changed, 39 insertions(+), 15 deletions(-) + +--- a/deps/libneon/src/ne_openssl.c ++++ b/deps/libneon/src/ne_openssl.c +@@ -128,12 +128,12 @@ char *ne_ssl_readable_dname(const ne_ssl + + /* Skip commonName or emailAddress except if there is no other + * attribute in dname. */ +- if ((OBJ_cmp(ent->object, cname) && OBJ_cmp(ent->object, email)) || ++ if ((OBJ_cmp(X509_NAME_ENTRY_get_object(ent), cname) && OBJ_cmp(X509_NAME_ENTRY_get_object(ent), email)) || + (!flag && n == 1)) { + if (flag++) + ne_buffer_append(dump, ", ", 2); + +- if (append_dirstring(dump, ent->value)) ++ if (append_dirstring(dump, X509_NAME_ENTRY_get_data(ent))) + ne_buffer_czappend(dump, "???"); + } + } +@@ -475,6 +475,17 @@ static int check_certificate(ne_session + return ret; + } + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++void X509_up_ref(X509 *x) ++{ ++ x->references++; ++} ++void EVP_PKEY_up_ref(EVP_PKEY *pkey) ++{ ++ pkey->references++; ++} ++#endif ++ + /* Duplicate a client certificate, which must be in the decrypted state. */ + static ne_ssl_client_cert *dup_client_cert(const ne_ssl_client_cert *cc) + { +@@ -488,15 +499,15 @@ static ne_ssl_client_cert *dup_client_ce + + populate_cert(&newcc->cert, cc->cert.subject); + +- cc->cert.subject->references++; +- cc->pkey->references++; ++ X509_up_ref(cc->cert.subject); ++ EVP_PKEY_up_ref(cc->pkey); + + if(cc->cert.chain != NULL){ + int count, n; + newcc->cert.chain = sk_X509_dup(cc->cert.chain); + count = sk_X509_num(newcc->cert.chain); + for (n = 0; n < count; ++n) { +- sk_X509_value(newcc->cert.chain, n)->references++; ++ X509_up_ref(sk_X509_value(newcc->cert.chain, n)); + } + } + +@@ -540,8 +551,8 @@ static int provide_client_cert(SSL *ssl, + + ne_ssl_client_cert *const cc = sess->client_cert; + NE_DEBUG(NE_DBG_SSL, "Supplying client certificate."); +- cc->pkey->references++; +- cc->cert.subject->references++; ++ EVP_PKEY_up_ref(cc->pkey); ++ X509_up_ref(cc->cert.subject); + *cert = cc->cert.subject; + *pkey = cc->pkey; + +@@ -664,8 +675,14 @@ void ne_ssl_context_destroy(ne_ssl_conte + * sufficient. */ + static int SSL_SESSION_cmp(SSL_SESSION *a, SSL_SESSION *b) + { +- return a->session_id_length == b->session_id_length +- && memcmp(a->session_id, b->session_id, a->session_id_length) == 0; ++ unsigned int len1; ++ const unsigned char *session_id1 = SSL_SESSION_get_id(a, &len1); ++ ++ unsigned int len2; ++ const unsigned char *session_id2 = SSL_SESSION_get_id(a, &len2); ++ ++ return len1 == len2 ++ && memcmp(session_id1, session_id2, len1) == 0; + } + #endif + +@@ -1251,9 +1268,13 @@ static void thread_lock_neon(int mode, i + #define ID_CALLBACK_IS_NEON (CRYPTO_get_id_callback() == thread_id_neon) + #endif + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#define OPENSSL_malloc_init CRYPTO_malloc_init ++#endif ++ + int ne__ssl_init(void) + { +- CRYPTO_malloc_init(); ++ OPENSSL_malloc_init(); + SSL_load_error_strings(); + SSL_library_init(); + OpenSSL_add_all_algorithms(); +--- a/deps/libneon/src/ne_socket.c ++++ b/deps/libneon/src/ne_socket.c +@@ -1987,16 +1987,19 @@ int ne_sock_sessid(ne_socket *sock, unsi + sess = SSL_get0_session(sock->ssl); + + if (!buf) { +- *buflen = sess->session_id_length; ++ SSL_SESSION_get_id(sess, buflen); + return 0; + } + +- if (*buflen < sess->session_id_length) { ++ unsigned int session_id_length; ++ const unsigned char* session_id = SSL_SESSION_get_id(sess, &session_id_length); ++ ++ if (*buflen < session_id_length) { + return -1; + } + +- *buflen = sess->session_id_length; +- memcpy(buf, sess->session_id, *buflen); ++ *buflen = session_id_length; ++ memcpy(buf, session_id, *buflen); + return 0; + #endif + #else +--- a/src/modules/copy/delegation/GRSTx509MakeProxyCert.cpp ++++ b/src/modules/copy/delegation/GRSTx509MakeProxyCert.cpp +@@ -382,7 +382,7 @@ int GRSTx509MakeProxyCert(char **proxych + X509_NAME_ENTRY_free(ent); + + /* sign the certificate with the signing private key */ +- if (EVP_PKEY_type(CApkey->type) == EVP_PKEY_RSA) ++ if ( EVP_PKEY_base_id(CApkey) == EVP_PKEY_RSA) + digest = EVP_md5(); + else + { diff -Nru davix-0.6.4/debian/patches/0002-DMC-888-16-Fix-SL5-build.patch davix-0.6.4/debian/patches/0002-DMC-888-16-Fix-SL5-build.patch --- davix-0.6.4/debian/patches/0002-DMC-888-16-Fix-SL5-build.patch 1970-01-01 01:00:00.000000000 +0100 +++ davix-0.6.4/debian/patches/0002-DMC-888-16-Fix-SL5-build.patch 2016-12-15 21:39:28.000000000 +0100 @@ -0,0 +1,34 @@ +From 77558ecb03ebe5f9b770bf478cd4d1718a10952d Mon Sep 17 00:00:00 2001 +From: Georgios Bitzes <georgios.bit...@cern.ch> +Date: Tue, 20 Sep 2016 14:50:14 +0200 +Subject: [PATCH 2/2] DMC-888 #16 Fix SL5 build + +--- + src/modules/copy/delegation/GRSTx509MakeProxyCert.cpp | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +--- a/src/modules/copy/delegation/GRSTx509MakeProxyCert.cpp ++++ b/src/modules/copy/delegation/GRSTx509MakeProxyCert.cpp +@@ -90,6 +90,13 @@ static time_t GRSTasn1TimeToTimeT(const + } + + ++#if OPENSSL_VERSION_NUMBER < 0x1000000fL ++int EVP_PKEY_base_id(const EVP_PKEY *pkey) ++{ ++ return EVP_PKEY_type(pkey->type); ++} ++#endif ++ + int GRSTx509MakeProxyCert(char **proxychain, FILE *debugfp, + char *reqtxt, char *cert, char *key, int minutes) + /// +@@ -382,7 +389,7 @@ int GRSTx509MakeProxyCert(char **proxych + X509_NAME_ENTRY_free(ent); + + /* sign the certificate with the signing private key */ +- if ( EVP_PKEY_base_id(CApkey) == EVP_PKEY_RSA) ++ if (EVP_PKEY_base_id(CApkey) == EVP_PKEY_RSA) + digest = EVP_md5(); + else + { diff -Nru davix-0.6.4/debian/patches/series davix-0.6.4/debian/patches/series --- davix-0.6.4/debian/patches/series 2016-04-19 15:56:13.000000000 +0200 +++ davix-0.6.4/debian/patches/series 2016-12-15 21:36:45.000000000 +0100 @@ -1 +1,3 @@ davix-linking.patch +0001-DMC-888-16-Add-support-for-openssl-1.1.0.patch +0002-DMC-888-16-Fix-SL5-build.patch diff -Nru davix-0.6.4/debian/rules davix-0.6.4/debian/rules --- davix-0.6.4/debian/rules 2016-08-25 15:23:58.000000000 +0200 +++ davix-0.6.4/debian/rules 2016-12-15 21:40:12.000000000 +0100 @@ -31,6 +31,7 @@ override_dh_install: rm debian/tmp/usr/share/doc/davix/LICENSE + rm -rf debian/tmp/usr/include/gtest debian/tmp/usr/lib/libgtest.a debian/tmp/usr/lib/libgtest_main.a dh_install --fail-missing override_dh_strip:
