Bug#781147: unblock: resiprocate/1.9.7-5
Package: release.debian.org
User: release.debian.org@packages.debian.org
UserTags: unblock
This is a proposed upload to unstable for jessie
The main reason for this unblock request:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780979
and also helps resolve:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780980
The main reason for fixing 780979 is that the assert() can lead to a
crash of the process, as described in the bug report.
These fixes come from the master branch upstream:
https://github.com/resiprocate/resiprocate/commits/master
diff -Nru resiprocate-1.9.7/debian/changelog resiprocate-1.9.7/debian/changelog
--- resiprocate-1.9.7/debian/changelog 2014-12-10 07:28:30.000000000 +0100
+++ resiprocate-1.9.7/debian/changelog 2015-03-22 20:02:23.000000000 +0100
@@ -1,3 +1,11 @@
+resiprocate (1:1.9.7-5) unstable; urgency=medium
+
+ * Make ensureWritable more tolerant. (Closes: #780979)
+ * Stop logging errors when TLS is shut down cleanly by peer.
+ (Closes: #780980)
+
+ -- Daniel Pocock <daniel@pocock.pro> Sun, 22 Mar 2015 19:30:31 +0100
+
resiprocate (1:1.9.7-4) unstable; urgency=medium
* Use SSLv23_method instead of TLSv1_method and
diff -Nru resiprocate-1.9.7/debian/patches/0003-log-tls-clean-shutdown.patch resiprocate-1.9.7/debian/patches/0003-log-tls-clean-shutdown.patch
--- resiprocate-1.9.7/debian/patches/0003-log-tls-clean-shutdown.patch 1970-01-01 01:00:00.000000000 +0100
+++ resiprocate-1.9.7/debian/patches/0003-log-tls-clean-shutdown.patch 2015-03-22 19:43:14.000000000 +0100
@@ -0,0 +1,30 @@
+diff --git a/resip/stack/ssl/TlsConnection.cxx b/resip/stack/ssl/TlsConnection.cxx
+index c3537aa..fb80323 100644
+--- a/resip/stack/ssl/TlsConnection.cxx
++++ b/resip/stack/ssl/TlsConnection.cxx
+@@ -445,6 +445,12 @@ TlsConnection::read(char* buf, int count )
+ return 0;
+ }
+ break;
++ case SSL_ERROR_ZERO_RETURN:
++ {
++ DebugLog( << "Got SSL_ERROR_ZERO_RETURN (TLS shutdown by peer)");
++ return -1;
++ }
++ break;
+ default:
+ {
+ handleOpenSSLErrorQueue(bytesRead, err, "SSL_read");
+@@ -532,6 +538,12 @@ TlsConnection::write( const char* buf, int count )
+ return 0;
+ }
+ break;
++ case SSL_ERROR_ZERO_RETURN:
++ {
++ DebugLog( << "Got SSL_ERROR_ZERO_RETURN (TLS shutdown by peer)");
++ return -1;
++ }
++ break;
+ default:
+ {
+ handleOpenSSLErrorQueue(ret, err, "SSL_write");
diff -Nru resiprocate-1.9.7/debian/patches/0004-make-ensureWritable-more-tolerant.patch resiprocate-1.9.7/debian/patches/0004-make-ensureWritable-more-tolerant.patch
--- resiprocate-1.9.7/debian/patches/0004-make-ensureWritable-more-tolerant.patch 1970-01-01 01:00:00.000000000 +0100
+++ resiprocate-1.9.7/debian/patches/0004-make-ensureWritable-more-tolerant.patch 2015-03-22 19:43:14.000000000 +0100
@@ -0,0 +1,55 @@
+diff --git a/resip/stack/Connection.cxx b/resip/stack/Connection.cxx
+index 567c105..1f01ecc 100644
+--- a/resip/stack/Connection.cxx
++++ b/resip/stack/Connection.cxx
+@@ -88,13 +88,35 @@ Connection::performWrite()
+ {
+ if(transportWrite())
+ {
+- assert(mInWritable);
+- getConnectionManager().removeFromWritable(this);
+- mInWritable = false;
+- return 0; // What does this transportWrite() mean?
++ // If we get here it means:
++ // a. on a previous invocation, SSL_do_handshake wanted to write
++ // (SSL_ERROR_WANT_WRITE)
++ // b. now the handshake is complete or it wants to read
++ if(mInWritable)
++ {
++ getConnectionManager().removeFromWritable(this);
++ mInWritable = false;
++ }
++ else
++ {
++ WarningLog(<<"performWrite invoked while not in write set");
++ }
++ return 0; // Q. What does this transportWrite() mean?
++ // A. It makes the TLS handshake move along after it
++ // was waiting in the write set.
++ }
++
++ // If the TLS handshake returned SSL_ERROR_WANT_WRITE again
++ // then we could get here without really having something to write
++ // so just return, remaining in the write set.
++ if(mOutstandingSends.empty())
++ {
++ // FIXME: this needs to be more elaborate with respect
++ // to TLS handshaking but it doesn't appear we can do that
++ // without ABI breakage.
++ return 0;
+ }
+
+- assert(!mOutstandingSends.empty());
+ switch(mOutstandingSends.front()->command)
+ {
+ case SendData::CloseConnection:
+@@ -272,7 +294,8 @@ Connection::ensureWritable()
+ {
+ if(!mInWritable)
+ {
+- assert(!mOutstandingSends.empty());
++ //assert(!mOutstandingSends.empty()); // empty during TLS handshake
++ // therefore must be careful to check mOutstandingSends later
+ getConnectionManager().addToWritable(this);
+ mInWritable = true;
+ }
diff -Nru resiprocate-1.9.7/debian/patches/series resiprocate-1.9.7/debian/patches/series
--- resiprocate-1.9.7/debian/patches/series 2014-12-09 11:33:48.000000000 +0100
+++ resiprocate-1.9.7/debian/patches/series 2015-03-22 19:43:14.000000000 +0100
@@ -1,2 +1,4 @@
0001-use-SSLv23_method.patch
0002-client-avoid-TLSv1_2.patch
+0003-log-tls-clean-shutdown.patch
+0004-make-ensureWritable-more-tolerant.patch
Reply to: