Bug#767916: unblock: libotr/4.1.0-2

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#767916: unblock: libotr/4.1.0-2
From: intrigeri <intrigeri@debian.org>
Date: Mon, 03 Nov 2014 14:51:37 +0100
Message-id: <[🔎] 20141103135137.12957.79501.reportbug@deb.localhost>
Reply-to: intrigeri <intrigeri@debian.org>, 767916@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Hi,

here's a follow-up to the discussion that I've started in
the "libotr transition started by mistake :-/" thread on -release@,
about #767230.

Thanks to the guidance I got both on-list and off-list (thanks everyone!),
here's an updated debdiff (against the version in sid, as requested by Niels).

Changes since my last submitted patch, in case someone already has
looked at it:

  * Add symbols file: now that we have removed upstream's version
    check at runtime, let's use the symbols mechanism to detect (most)
    ABI changes automatically, and let reverse-dependencies pick up
    the version of libotr they should depend on (Closes: #767652).

  * debian/README.source: document how to detect and handle ABI changes.

  * I'm now removing the runtime check entirely. Keeping the warning
    message made sense back when this patch was meant to be temporary,
    but with the introduction of a symbols file, it's here to stay.

I'd like to upload libotr with this patch applied to sid,
and will then ask you to unblock and/or age it.

Shall I proceed with the upload?

diff -Nru libotr-4.1.0/debian/changelog libotr-4.1.0/debian/changelog
--- libotr-4.1.0/debian/changelog	2014-10-21 22:26:51.000000000 +0200
+++ libotr-4.1.0/debian/changelog	2014-11-03 14:34:06.000000000 +0100
@@ -1,3 +1,19 @@
+libotr (4.1.0-2) unstable; urgency=medium
+
+  * New patch:
+    0001-Do-not-error-out-when-an-application-is-run-against-.patch
+    Do not error out when an application is run against an older libotr
+    than the one it was built against: given libotr 4.1 is API- and
+    ABI-compatible with libotr 4.0, let's prevent this runtime check
+    from breaking packages that were built against 4.0 (Closes: #767230).
+  * Add symbols file: now that we have removed upstream's version check
+    at runtime, let's use the symbols mechanism to detect (most) ABI changes
+    automatically, and let reverse-dependencies pick up the version
+    of libotr they should depend on (Closes: #767652).
+  * debian/README.source: document how to detect and handle ABI changes.
+
+ -- intrigeri <intrigeri@debian.org>  Sat, 01 Nov 2014 18:36:49 +0100
+
 libotr (4.1.0-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru libotr-4.1.0/debian/libotr5.symbols libotr-4.1.0/debian/libotr5.symbols
--- libotr-4.1.0/debian/libotr5.symbols	1970-01-01 01:00:00.000000000 +0100
+++ libotr-4.1.0/debian/libotr5.symbols	2014-11-03 14:34:06.000000000 +0100
@@ -0,0 +1,125 @@
+libotr.so.5 libotr5 #MINVER#
+ otrl_api_version@Base 4.0.0
+ otrl_auth_clear@Base 4.0.0
+ otrl_auth_copy_on_key@Base 4.0.0
+ otrl_auth_handle_commit@Base 4.0.0
+ otrl_auth_handle_key@Base 4.0.0
+ otrl_auth_handle_revealsig@Base 4.0.0
+ otrl_auth_handle_signature@Base 4.0.0
+ otrl_auth_handle_v1_key_exchange@Base 4.0.0
+ otrl_auth_new@Base 4.0.0
+ otrl_auth_start_v1@Base 4.0.0
+ otrl_auth_start_v23@Base 4.0.0
+ otrl_base64_decode@Base 4.0.0
+ otrl_base64_encode@Base 4.0.0
+ otrl_base64_otr_decode@Base 4.0.0
+ otrl_base64_otr_encode@Base 4.0.0
+ otrl_context_find@Base 4.0.0
+ otrl_context_find_fingerprint@Base 4.0.0
+ otrl_context_find_recent_instance@Base 4.0.0
+ otrl_context_find_recent_secure_instance@Base 4.0.0
+ otrl_context_force_finished@Base 4.0.0
+ otrl_context_force_plaintext@Base 4.0.0
+ otrl_context_forget@Base 4.0.0
+ otrl_context_forget_all@Base 4.0.0
+ otrl_context_forget_fingerprint@Base 4.0.0
+ otrl_context_is_fingerprint_trusted@Base 4.0.0
+ otrl_context_priv_force_finished@Base 4.0.0
+ otrl_context_priv_new@Base 4.0.0
+ otrl_context_set_trust@Base 4.0.0
+ otrl_context_update_recent_child@Base 4.0.0
+ otrl_dh_cmpctr@Base 4.0.0
+ otrl_dh_compute_v1_session_id@Base 4.0.0
+ otrl_dh_compute_v2_auth_keys@Base 4.0.0
+ otrl_dh_gen_keypair@Base 4.0.0
+ otrl_dh_incctr@Base 4.0.0
+ otrl_dh_init@Base 4.0.0
+ otrl_dh_keypair_copy@Base 4.0.0
+ otrl_dh_keypair_free@Base 4.0.0
+ otrl_dh_keypair_init@Base 4.0.0
+ otrl_dh_session@Base 4.0.0
+ otrl_dh_session_blank@Base 4.0.0
+ otrl_dh_session_free@Base 4.0.0
+ otrl_init@Base 4.0.0
+ otrl_instag_find@Base 4.0.0
+ otrl_instag_forget@Base 4.0.0
+ otrl_instag_forget_all@Base 4.0.0
+ otrl_instag_generate@Base 4.0.0
+ otrl_instag_generate_FILEp@Base 4.0.0
+ otrl_instag_get_new@Base 4.0.0
+ otrl_instag_read@Base 4.0.0
+ otrl_instag_read_FILEp@Base 4.0.0
+ otrl_instag_write@Base 4.0.0
+ otrl_instag_write_FILEp@Base 4.0.0
+ otrl_mem_differ@Base 4.1.0
+ otrl_mem_init@Base 4.0.0
+ otrl_message_abort_smp@Base 4.0.0
+ otrl_message_disconnect@Base 4.0.0
+ otrl_message_disconnect_all_instances@Base 4.0.0
+ otrl_message_free@Base 4.0.0
+ otrl_message_initiate_smp@Base 4.0.0
+ otrl_message_initiate_smp_q@Base 4.0.0
+ otrl_message_poll@Base 4.0.0
+ otrl_message_poll_get_default_interval@Base 4.0.0
+ otrl_message_receiving@Base 4.0.0
+ otrl_message_respond_smp@Base 4.0.0
+ otrl_message_sending@Base 4.0.0
+ otrl_message_symkey@Base 4.0.0
+ otrl_privkey_find@Base 4.0.0
+ otrl_privkey_fingerprint@Base 4.0.0
+ otrl_privkey_fingerprint_raw@Base 4.0.0
+ otrl_privkey_forget@Base 4.0.0
+ otrl_privkey_forget_all@Base 4.0.0
+ otrl_privkey_generate@Base 4.0.0
+ otrl_privkey_generate_FILEp@Base 4.0.0
+ otrl_privkey_generate_calculate@Base 4.0.0
+ otrl_privkey_generate_cancelled@Base 4.0.0
+ otrl_privkey_generate_finish@Base 4.0.0
+ otrl_privkey_generate_finish_FILEp@Base 4.0.0
+ otrl_privkey_generate_start@Base 4.0.0
+ otrl_privkey_hash_to_human@Base 4.0.0
+ otrl_privkey_pending_forget_all@Base 4.0.0
+ otrl_privkey_read@Base 4.0.0
+ otrl_privkey_read_FILEp@Base 4.0.0
+ otrl_privkey_read_fingerprints@Base 4.0.0
+ otrl_privkey_read_fingerprints_FILEp@Base 4.0.0
+ otrl_privkey_sign@Base 4.0.0
+ otrl_privkey_verify@Base 4.0.0
+ otrl_privkey_write_fingerprints@Base 4.0.0
+ otrl_privkey_write_fingerprints_FILEp@Base 4.0.0
+ otrl_proto_accept_data@Base 4.0.0
+ otrl_proto_create_data@Base 4.0.0
+ otrl_proto_data_read_flags@Base 4.0.0
+ otrl_proto_default_query_msg@Base 4.0.0
+ otrl_proto_fragment_accumulate@Base 4.0.0
+ otrl_proto_fragment_create@Base 4.0.0
+ otrl_proto_fragment_free@Base 4.0.0
+ otrl_proto_instance@Base 4.0.0
+ otrl_proto_message_type@Base 4.0.0
+ otrl_proto_message_version@Base 4.0.0
+ otrl_proto_query_bestversion@Base 4.0.0
+ otrl_proto_whitespace_bestversion@Base 4.0.0
+ otrl_sm_init@Base 4.0.0
+ otrl_sm_msg1_init@Base 4.0.0
+ otrl_sm_msg2_init@Base 4.0.0
+ otrl_sm_msg3_init@Base 4.0.0
+ otrl_sm_msg4_init@Base 4.0.0
+ otrl_sm_msg_free@Base 4.0.0
+ otrl_sm_state_free@Base 4.0.0
+ otrl_sm_state_init@Base 4.0.0
+ otrl_sm_state_new@Base 4.0.0
+ otrl_sm_step1@Base 4.0.0
+ otrl_sm_step2a@Base 4.0.0
+ otrl_sm_step2b@Base 4.0.0
+ otrl_sm_step3@Base 4.0.0
+ otrl_sm_step4@Base 4.0.0
+ otrl_sm_step5@Base 4.0.0
+ otrl_tlv_find@Base 4.0.0
+ otrl_tlv_free@Base 4.0.0
+ otrl_tlv_new@Base 4.0.0
+ otrl_tlv_parse@Base 4.0.0
+ otrl_tlv_serialize@Base 4.0.0
+ otrl_tlv_seriallen@Base 4.0.0
+ otrl_userstate_create@Base 4.0.0
+ otrl_userstate_free@Base 4.0.0
+ otrl_version@Base 4.0.0
diff -Nru libotr-4.1.0/debian/patches/0001-Do-not-error-out-when-an-application-is-run-against-.patch libotr-4.1.0/debian/patches/0001-Do-not-error-out-when-an-application-is-run-against-.patch
--- libotr-4.1.0/debian/patches/0001-Do-not-error-out-when-an-application-is-run-against-.patch	1970-01-01 01:00:00.000000000 +0100
+++ libotr-4.1.0/debian/patches/0001-Do-not-error-out-when-an-application-is-run-against-.patch	2014-11-03 14:34:06.000000000 +0100
@@ -0,0 +1,40 @@
+From: intrigeri <intrigeri@boum.org>
+Date: Sat, 1 Nov 2014 17:20:52 +0000
+Bug-Debian: https://bugs.debian.org/767230
+Forwarded: not-needed
+Subject: Do not error out when an application is run against an older libotr
+ than the one it was built against (Closes: #767230).
+
+For Jessie, given libotr 4.1 is API- and ABI-compatible with libotr 4.0, let's
+prevent this runtime check from breaking packages that were built against 4.0.
+
+Besides, we'll be using a symbols files to deal with that soon (see #767652),
+and once this happens we can't keep the runtime check, as it would break
+reverse-dependencies in some cases when they can effectively run with the newer
+version of libotr.
+
+---
+ src/proto.c | 10 ----------
+ 1 file changed, 10 deletions(-)
+
+diff --git a/src/proto.c b/src/proto.c
+index f560a82..922fb9a 100644
+--- a/src/proto.c
++++ b/src/proto.c
+@@ -54,16 +54,6 @@ gcry_error_t otrl_init(unsigned int ver_major, unsigned int ver_minor,
+ {
+     unsigned int api_version;
+ 
+-    /* The major versions have to match, and you can't be using a newer
+-     * minor version than we expect. */
+-    if (ver_major != OTRL_VERSION_MAJOR || ver_minor > OTRL_VERSION_MINOR) {
+-	fprintf(stderr, "Expected libotr API version %u.%u.%u incompatible "
+-		"with actual version %u.%u.%u.  Aborting.\n",
+-		ver_major, ver_minor, ver_sub,
+-		OTRL_VERSION_MAJOR, OTRL_VERSION_MINOR, OTRL_VERSION_SUB);
+-	return gcry_error(GPG_ERR_INV_VALUE);
+-    }
+-
+     /* Set the API version.  If we get called multiple times for some
+      * reason, take the smallest value. */
+     api_version = (ver_major << 16) | (ver_minor << 8) | (ver_sub);
diff -Nru libotr-4.1.0/debian/patches/series libotr-4.1.0/debian/patches/series
--- libotr-4.1.0/debian/patches/series	1970-01-01 01:00:00.000000000 +0100
+++ libotr-4.1.0/debian/patches/series	2014-11-03 14:34:06.000000000 +0100
@@ -0,0 +1 @@
+0001-Do-not-error-out-when-an-application-is-run-against-.patch
diff -Nru libotr-4.1.0/debian/README.source libotr-4.1.0/debian/README.source
--- libotr-4.1.0/debian/README.source	2014-10-21 22:26:51.000000000 +0200
+++ libotr-4.1.0/debian/README.source	2014-11-03 14:34:06.000000000 +0100
@@ -1,3 +1,14 @@
 This package follows the Debian OTR Team's workflow and policy,
 as documented on https://wiki.debian.org/Teams/OTR.
 
+This package ships a shared library. So, when upgrading the package:
+
+* dpkg-gensymbols may warn about changed symbols; in this case, update
+  debian/*.symbols; for more information, see
+  https://www.debian.org/doc/manuals/maint-guide/advanced.en.html#librarysymbols
+
+* Manually diff the header files between the previous version and the
+  new one, and look for incompatible ABI changes that dpkg-gensymbols
+  cannot detect, such as changes in an enum or struct. Then, bump the
+  needed version in the symbols file for every function that uses one
+  of the data structure that has changed.

Reply to:

Follow-Ups:
- Bug#767916: unblock: libotr/4.1.0-2
  - From: Julien Cristau <jcristau@debian.org>
- Processed: Re: Bug#767916: unblock: libotr/4.1.0-2
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#767916: marked as done (unblock: libotr/4.1.0-2)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#767912: unblock: libghemical/3.0.0-4
Next by Date: Bug#767910: marked as done (release.debian.org: unblock: glabels/3.0.1-4.1)
Previous by thread: Bug#767912: marked as done (unblock: libghemical/3.0.0-4)
Next by thread: Bug#767916: unblock: libotr/4.1.0-2
Index(es):
- Date
- Thread