rpms / telepathy-salut

Clone
Source Code
GIT

#3 Port to openssl110, patch extracted from upstream
Merged 2 years ago by chimosky. Opened 2 years ago by mtasaka.
rpms/ mtasaka/telepathy-salut port-openssl110  into  master

file added
+184 
@@ -0,0 +1,184 @@ 
 

+ telepathy-salut-0.8.1/lib/ext/wocky: fix build with openssl >= 1.1.0
 

+ 

+ Extracted from:
 

+ https://github.com/TelepathyIM/wocky/commit/68e7fb2f17dd9348e586ef676d8138c4b849a1ce
 

+ https://github.com/TelepathyIM/wocky/commit/f84b25243bd03ceea17dc129493af6cd843b067e
 

+ 

+ Note that 68e7fb2f17dd9348e586ef676d8138c4b849a1ce includes fix for changes by:
 

+ https://github.com/TelepathyIM/wocky/commit/c132b9d299936eb9880015f0f5978053fa95fb48 ,
 

+ but telepathy-salut 0.8.1 does not contain above change, so fix for X509_V_ERR_UNABLE_TO_GET_CRL
 

+ case is not needed.
 

+ 

+ ---
 

+  wocky/wocky/wocky-openssl-dh1024.c |   10 ++++++++++
 

+  wocky/wocky/wocky-openssl-dh2048.c |   10 ++++++++++
 

+  wocky/wocky/wocky-openssl-dh4096.c |   10 ++++++++++
 

+  wocky/wocky/wocky-openssl-dh512.c  |   10 ++++++++++
 

+  wocky/wocky/wocky-openssl.c        |   25 +++++++++++++++++++++----
 

+  5 files changed, 61 insertions(+), 4 deletions(-)
 

+ 

+ --- wocky/wocky/wocky-openssl-dh1024.c.openssl110	2012-11-16 23:24:13.000000000 +0900
 

+ +++ wocky/wocky/wocky-openssl-dh1024.c	2020-12-31 13:27:51.169489405 +0900
 

+ @@ -21,11 +21,21 @@ DH *get_dh1024(void)
 

+  		0x02,
 

+  		};
 

+  	DH *dh;
 

+ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 

+ +	int r = 0;
 

+ +#endif
 

+  

+  	if ((dh=DH_new()) == NULL) return(NULL);
 

+ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 

+ +	r = DH_set0_pqg(dh, BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL),
 

+ +					NULL, BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL));
 

+ +	if (!r)
 

+ +		{ DH_free(dh); return(NULL); }
 

+ +#else
 

+  	dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
 

+  	dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
 

+  	if ((dh->p == NULL) || (dh->g == NULL))
 

+  		{ DH_free(dh); return(NULL); }
 

+ +#endif
 

+  	return(dh);
 

+  	}
 

+ --- wocky/wocky/wocky-openssl-dh2048.c.openssl110	2012-11-16 23:24:13.000000000 +0900
 

+ +++ wocky/wocky/wocky-openssl-dh2048.c	2020-12-31 13:28:29.768443055 +0900
 

+ @@ -32,11 +32,21 @@ DH *get_dh2048(void)
 

+  		0x02,
 

+  		};
 

+  	DH *dh;
 

+ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 

+ +	int r = 0;
 

+ +#endif
 

+  

+  	if ((dh=DH_new()) == NULL) return(NULL);
 

+ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 

+ +	r = DH_set0_pqg(dh, BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL),
 

+ +						NULL, BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL));
 

+ +	if (!r)
 

+ +		{ DH_free(dh); return(NULL); }
 

+ +#else
 

+  	dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
 

+  	dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
 

+  	if ((dh->p == NULL) || (dh->g == NULL))
 

+  		{ DH_free(dh); return(NULL); }
 

+ +#endif
 

+  	return(dh);
 

+  	}
 

+ --- wocky/wocky/wocky-openssl-dh4096.c.openssl110	2012-11-16 23:24:13.000000000 +0900
 

+ +++ wocky/wocky/wocky-openssl-dh4096.c	2020-12-31 13:28:49.267419631 +0900
 

+ @@ -53,11 +53,21 @@ DH *get_dh4096(void)
 

+  		0x02,
 

+  		};
 

+  	DH *dh;
 

+ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 

+ +	int r = 0;
 

+ +#endif
 

+  

+  	if ((dh=DH_new()) == NULL) return(NULL);
 

+ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 

+ +	r = DH_set0_pqg(dh, BN_bin2bn(dh4096_p,sizeof(dh4096_p),NULL),
 

+ +						NULL, BN_bin2bn(dh4096_g,sizeof(dh4096_g),NULL));
 

+ +	if (!r)
 

+ +		{ DH_free(dh); return(NULL); }
 

+ +#else
 

+  	dh->p=BN_bin2bn(dh4096_p,sizeof(dh4096_p),NULL);
 

+  	dh->g=BN_bin2bn(dh4096_g,sizeof(dh4096_g),NULL);
 

+  	if ((dh->p == NULL) || (dh->g == NULL))
 

+  		{ DH_free(dh); return(NULL); }
 

+ +#endif
 

+  	return(dh);
 

+  	}
 

+ --- wocky/wocky/wocky-openssl-dh512.c.openssl110	2012-11-16 23:24:13.000000000 +0900
 

+ +++ wocky/wocky/wocky-openssl-dh512.c	2020-12-31 13:27:21.447525102 +0900
 

+ @@ -16,11 +16,21 @@ DH *get_dh512(void)
 

+  		0x02,
 

+  		};
 

+  	DH *dh;
 

+ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 

+ +	int r = 0;
 

+ +#endif
 

+  

+  	if ((dh=DH_new()) == NULL) return(NULL);
 

+ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 

+ +	r = DH_set0_pqg(dh, BN_bin2bn(dh512_p,sizeof(dh512_p),NULL),
 

+ +					NULL, BN_bin2bn(dh512_g,sizeof(dh512_g),NULL));
 

+ +	if (!r)
 

+ +	   { DH_free(dh); return(NULL); }
 

+ +#else
 

+  	dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
 

+  	dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
 

+  	if ((dh->p == NULL) || (dh->g == NULL))
 

+  		{ DH_free(dh); return(NULL); }
 

+ +#endif
 

+  	return(dh);
 

+  	}
 

+ --- wocky/wocky/wocky-openssl.c.openssl110	2012-11-16 23:24:13.000000000 +0900
 

+ +++ wocky/wocky/wocky-openssl.c	2020-12-31 13:15:58.261336873 +0900
 

+ @@ -861,7 +861,11 @@ check_peer_name (const char *target, X50
 

+    int i;
 

+    gboolean rval = FALSE;
 

+    X509_NAME *subject = X509_get_subject_name (cert);
 

+ -  X509_CINF *ci = cert->cert_info;
 

+ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 

+ +  const STACK_OF(X509_EXTENSION)* extensions = X509_get0_extensions(cert);
 

+ +#else
 

+ +  const STACK_OF(X509_EXTENSION)* extensions = cert->cert_info->extensions;
 

+ +#endif
 

+    static const long nid[] = { NID_commonName, NID_subject_alt_name, NID_undef };
 

+  

+    /* first, see if the x509 name contains the info we want: */
 

+ @@ -882,16 +886,21 @@ check_peer_name (const char *target, X50
 

+     * and extract the subject_alt_name from the x509 v3 extensions: if that   *
 

+     * extension is present, and a string, use that. If it is present, and     *
 

+     * a multi-value stack, trawl it for the "DNS" entry and use that          */
 

+ -  if (!rval && (ci->extensions != NULL))
 

+ -    for (i = 0; i < sk_X509_EXTENSION_num(ci->extensions) && !rval; i++)
 

+ +  if (!rval && (extensions != NULL))
 

+ +    for (i = 0; i < sk_X509_EXTENSION_num(extensions) && !rval; i++)
 

+        {
 

+ -        X509_EXTENSION *ext = sk_X509_EXTENSION_value (ci->extensions, i);
 

+ +        X509_EXTENSION *ext = sk_X509_EXTENSION_value (extensions, i);
 

+          ASN1_OBJECT *obj = X509_EXTENSION_get_object (ext);
 

+          X509V3_EXT_METHOD *convert = NULL;
 

+          long ni = OBJ_obj2nid (obj);
 

+          const guchar *p;
 

+          char *value = NULL;
 

+ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 

+ +        const ASN1_OCTET_STRING* ext_value = X509_EXTENSION_get_data(ext);
 

+ +        int len = ASN1_STRING_length(ext_value);
 

+ +#else
 

+          int len = ext->value->length;
 

+ +#endif
 

+          void *ext_str = NULL;
 

+  

+          if (ni != NID_subject_alt_name)
 

+ @@ -903,7 +912,11 @@ check_peer_name (const char *target, X50
 

+          if ((convert = (X509V3_EXT_METHOD *) X509V3_EXT_get (ext)) == NULL)
 

+            continue;
 

+  

+ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 

+ +        p = ASN1_STRING_get0_data(ext_value);
 

+ +#else
 

+          p = ext->value->data;
 

+ +#endif
 

+          ext_str = ((convert->it != NULL) ?
 

+                     ASN1_item_d2i (NULL, &p, len, ASN1_ITEM_ptr(convert->it)) :
 

+                     convert->d2i (NULL, &p, len) );
 

+ @@ -1607,12 +1620,16 @@ wocky_tls_session_init (WockyTLSSession
 

+  

+    if G_UNLIKELY (g_once_init_enter (&initialised))
 

+      {
 

+ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 

+ +      DEBUG ("initialising SSL library and error strings");
 

+ +#else
 

+        gint malloc_init_succeeded;
 

+  

+        DEBUG ("initialising SSL library and error strings");
 

+  

+        malloc_init_succeeded = CRYPTO_malloc_init ();
 

+        g_warn_if_fail (malloc_init_succeeded);
 

+ +#endif
 

+  

+        SSL_library_init ();
 

+        SSL_load_error_strings ();

file modified
+11 -2 
@@ -1,6 +1,6 @@ 
 

  Name:           telepathy-salut
 

  Version:        0.8.1
 

- Release:        21%{?dist}
 

+ Release:        22%{?dist}
 

  Summary:        Link-local XMPP telepathy connection manager
 

  

  License:        LGPLv2+
 
@@ -8,6 +8,8 @@ 
 

  Source0:        http://telepathy.freedesktop.org/releases/%{name}/%{name}-%{version}.tar.gz
 

  # python3
 

  Patch0:         telepathy-salut-0.8.1-python3.patch
 

+ # Openssl 1.1.0
 

+ Patch1:         telepathy-salut-0.8.1-wocky-openssl110.patch
 

  

  BuildRequires: make
 

  BuildRequires:  dbus-devel >= 1.1.0
 
@@ -15,7 +17,7 @@ 
 

  BuildRequires:	python3-dbus
 

  BuildRequires:	avahi-gobject-devel
 

  BuildRequires:	libxml2-devel
 

- BuildRequires:	compat-openssl10-devel
 

+ BuildRequires:	openssl-devel
 

  BuildRequires:	cyrus-sasl-devel
 

  BuildRequires:	libxslt
 

  BuildRequires:	libasyncns-devel >= 0.3
 
@@ -40,6 +42,10 @@ 
 

  %prep
 

  %setup -q
 

  %patch0 -p1 -b .py3
 

+ (
 

+ cd lib/ext
 

+ %patch1 -p0 -b .openssl110
 

+ )
 

  

  %build
 

  export PYTHON=python3
 
@@ -79,6 +85,9 @@ 
 

  

  

  %changelog
 

+ * Thu Dec 31 2020 Mamoru TASAKA <mtasaka@fedoraproject.org> - 0.8.1-22
 

+ - Port to openssl110, patch extracted from upstream
 

+ 

  * Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.1-21
 

  - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

So maybe you may be trying to fully rebase telepathy-salut to the newest code, however for now just try to apply minimul change extracted from the upstream git repo to unbreak rawhide package as quickly as possible, and then try rebasing fully later?

Scratch build available here: https://koji.fedoraproject.org/koji/taskinfo?taskID=58641612

1 new commit added

  • fix patch description
2 years ago

rebased onto c24cadb
2 years ago

Thanks for the change, I'd just gotten around to creating a patch today then I saw yours.

Pull-Request has been merged by chimosky
2 years ago

How did you prepare the patch?

How did you prepare the patch?

Well,

  • firstly I built telepathy-salut on rawhide,
  • looking at where build error happened, actually build failure happened on wocky (submodule)
  • looking at wocky upstream git changelog, found the solution.

Please look at the comment of the patch, where the corresponding upstream commit (fix) is written.

How did you prepare the patch?

Well,

  • firstly I built telepathy-salut on rawhide,
  • looking at where build error happened, actually build failure happened on wocky (submodule)
  • looking at wocky upstream git changelog, found the solution.

Please look at the comment of the patch, where the corresponding upstream commit (fix) is written.

Thanks.

@mtasaka subsequent to this conversation, ten days ago, on February 3rd, telepathy-glib 0.24.2 was released: https://lists.freedesktop.org/archives/telepathy/2021-February/007081.html

Since you're the only packager for this package now, and it is a critical one for Sugar Desktop (SoaS spin), would you mind rebasing to upstream, since there seem to be some important memory leak bug fixes? Thanks.

Changes Summary 2
+184
file added
telepathy-salut-0.8.1-wocky-openssl110.patch
+11 -2
file changed
telepathy-salut.spec
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.