[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#781147: marked as done (unblock: resiprocate/1.9.7-5)



Your message dated Sat, 28 Mar 2015 20:20:41 +0100
with message-id <5516FF09.7010404@thykier.net>
and subject line Re: Bug#781147: unblock: resiprocate/1.9.7-5
has caused the Debian Bug report #781147,
regarding unblock: resiprocate/1.9.7-5
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
781147: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781147
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
User: release.debian.org@packages.debian.org
UserTags: unblock


This is a proposed upload to unstable for jessie

The main reason for this unblock request:

  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780979

and also helps resolve:

  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780980


The main reason for fixing 780979 is that the assert() can lead to a
crash of the process, as described in the bug report.

These fixes come from the master branch upstream:

https://github.com/resiprocate/resiprocate/commits/master
diff -Nru resiprocate-1.9.7/debian/changelog resiprocate-1.9.7/debian/changelog
--- resiprocate-1.9.7/debian/changelog	2014-12-10 07:28:30.000000000 +0100
+++ resiprocate-1.9.7/debian/changelog	2015-03-22 20:02:23.000000000 +0100
@@ -1,3 +1,11 @@
+resiprocate (1:1.9.7-5) unstable; urgency=medium
+
+  * Make ensureWritable more tolerant. (Closes: #780979)
+  * Stop logging errors when TLS is shut down cleanly by peer.
+    (Closes: #780980)
+
+ -- Daniel Pocock <daniel@pocock.pro>  Sun, 22 Mar 2015 19:30:31 +0100
+
 resiprocate (1:1.9.7-4) unstable; urgency=medium
 
   * Use SSLv23_method instead of TLSv1_method and
diff -Nru resiprocate-1.9.7/debian/patches/0003-log-tls-clean-shutdown.patch resiprocate-1.9.7/debian/patches/0003-log-tls-clean-shutdown.patch
--- resiprocate-1.9.7/debian/patches/0003-log-tls-clean-shutdown.patch	1970-01-01 01:00:00.000000000 +0100
+++ resiprocate-1.9.7/debian/patches/0003-log-tls-clean-shutdown.patch	2015-03-22 19:43:14.000000000 +0100
@@ -0,0 +1,30 @@
+diff --git a/resip/stack/ssl/TlsConnection.cxx b/resip/stack/ssl/TlsConnection.cxx
+index c3537aa..fb80323 100644
+--- a/resip/stack/ssl/TlsConnection.cxx
++++ b/resip/stack/ssl/TlsConnection.cxx
+@@ -445,6 +445,12 @@ TlsConnection::read(char* buf, int count )
+             return 0;
+          }
+          break;
++         case SSL_ERROR_ZERO_RETURN:
++         {
++            DebugLog( << "Got SSL_ERROR_ZERO_RETURN (TLS shutdown by peer)");
++            return -1;
++         }
++         break;
+          default:
+          {
+             handleOpenSSLErrorQueue(bytesRead, err, "SSL_read");
+@@ -532,6 +538,12 @@ TlsConnection::write( const char* buf, int count )
+             return 0;
+          }
+          break;
++         case SSL_ERROR_ZERO_RETURN:
++         {
++            DebugLog( << "Got SSL_ERROR_ZERO_RETURN (TLS shutdown by peer)");
++            return -1;
++         }
++         break;
+          default:
+          {
+             handleOpenSSLErrorQueue(ret, err, "SSL_write");
diff -Nru resiprocate-1.9.7/debian/patches/0004-make-ensureWritable-more-tolerant.patch resiprocate-1.9.7/debian/patches/0004-make-ensureWritable-more-tolerant.patch
--- resiprocate-1.9.7/debian/patches/0004-make-ensureWritable-more-tolerant.patch	1970-01-01 01:00:00.000000000 +0100
+++ resiprocate-1.9.7/debian/patches/0004-make-ensureWritable-more-tolerant.patch	2015-03-22 19:43:14.000000000 +0100
@@ -0,0 +1,55 @@
+diff --git a/resip/stack/Connection.cxx b/resip/stack/Connection.cxx
+index 567c105..1f01ecc 100644
+--- a/resip/stack/Connection.cxx
++++ b/resip/stack/Connection.cxx
+@@ -88,13 +88,35 @@ Connection::performWrite()
+ {
+    if(transportWrite())
+    {
+-      assert(mInWritable);
+-      getConnectionManager().removeFromWritable(this);
+-      mInWritable = false;
+-      return 0; // What does this transportWrite() mean?
++      // If we get here it means:
++      // a. on a previous invocation, SSL_do_handshake wanted to write
++      //         (SSL_ERROR_WANT_WRITE)
++      // b. now the handshake is complete or it wants to read
++      if(mInWritable)
++      {
++         getConnectionManager().removeFromWritable(this);
++         mInWritable = false;
++      }
++      else
++      {
++         WarningLog(<<"performWrite invoked while not in write set");
++      }
++      return 0; // Q. What does this transportWrite() mean?
++                // A. It makes the TLS handshake move along after it
++                //    was waiting in the write set.
++   }
++
++   // If the TLS handshake returned SSL_ERROR_WANT_WRITE again
++   // then we could get here without really having something to write
++   // so just return, remaining in the write set.
++   if(mOutstandingSends.empty())
++   {
++      // FIXME: this needs to be more elaborate with respect
++      // to TLS handshaking but it doesn't appear we can do that
++      // without ABI breakage.
++      return 0;
+    }
+ 
+-   assert(!mOutstandingSends.empty());
+    switch(mOutstandingSends.front()->command)
+    {
+    case SendData::CloseConnection:
+@@ -272,7 +294,8 @@ Connection::ensureWritable()
+ {
+    if(!mInWritable)
+    {
+-      assert(!mOutstandingSends.empty());
++      //assert(!mOutstandingSends.empty()); // empty during TLS handshake
++      // therefore must be careful to check mOutstandingSends later
+       getConnectionManager().addToWritable(this);
+       mInWritable = true;
+    }
diff -Nru resiprocate-1.9.7/debian/patches/series resiprocate-1.9.7/debian/patches/series
--- resiprocate-1.9.7/debian/patches/series	2014-12-09 11:33:48.000000000 +0100
+++ resiprocate-1.9.7/debian/patches/series	2015-03-22 19:43:14.000000000 +0100
@@ -1,2 +1,4 @@
 0001-use-SSLv23_method.patch
 0002-client-avoid-TLSv1_2.patch
+0003-log-tls-clean-shutdown.patch
+0004-make-ensureWritable-more-tolerant.patch

--- End Message ---
--- Begin Message ---
On 2015-03-25 22:40, Daniel Pocock wrote:
> [...]
> 
> 
> Thanks, uploaded and accepted
> 
> 

Unblocked, thanks.

~Niels

--- End Message ---

Reply to: