Bug#854311: marked as done (unblock: lcmaps-plugins-jobrep/1.5.3-4)

To: Jonathan Wiltshire <jmw@debian.org>
Subject: Bug#854311: marked as done (unblock: lcmaps-plugins-jobrep/1.5.3-4)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Tue, 07 Feb 2017 18:21:06 +0000
Message-id: <[🔎] handler.854311.D854311.14864916475527.ackdone@bugs.debian.org>
References: <20170207182045.4ejimue2ods5jqdt@powdarrmonkey.net> <[🔎] 20170205220354.12726.68243.reportbug@rowlf>

Your message dated Tue, 7 Feb 2017 18:20:45 +0000
with message-id <20170207182045.4ejimue2ods5jqdt@powdarrmonkey.net>
and subject line Re: Bug#854311: unblock: lcmaps-plugins-jobrep/1.5.3-4
has caused the Debian Bug report #854311,
regarding unblock: lcmaps-plugins-jobrep/1.5.3-4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
854311: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854311
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: unblock: lcmaps-plugins-jobrep/1.5.3-4
From: Dennis van Dok <dennisvd@nikhef.nl>
Date: Sun, 05 Feb 2017 23:03:54 +0100
Message-id: <[🔎] 20170205220354.12726.68243.reportbug@rowlf>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package lcmaps-plugins-jobrep

Package no longer FTBFS with the introduction of OpenSSL 1.1.


diff -Nru lcmaps-plugins-jobrep-1.5.3/debian/changelog lcmaps-plugins-jobrep-1.5.3/debian/changelog
--- lcmaps-plugins-jobrep-1.5.3/debian/changelog	2016-12-19 12:12:50.000000000 +0100
+++ lcmaps-plugins-jobrep-1.5.3/debian/changelog	2017-01-27 12:33:38.000000000 +0100
@@ -1,3 +1,9 @@
+lcmaps-plugins-jobrep (1.5.3-4) unstable; urgency=medium
+
+  * Update to build against OpenSSL 1.1
+
+ -- Dennis van Dok <dennisvd@nikhef.nl>  Fri, 27 Jan 2017 12:33:38 +0100
+
 lcmaps-plugins-jobrep (1.5.3-3) unstable; urgency=medium
 
   * Update dependency of lcmaps-plugins-jobrep-admin to
diff -Nru lcmaps-plugins-jobrep-1.5.3/debian/control lcmaps-plugins-jobrep-1.5.3/debian/control
--- lcmaps-plugins-jobrep-1.5.3/debian/control	2016-12-19 12:11:24.000000000 +0100
+++ lcmaps-plugins-jobrep-1.5.3/debian/control	2017-01-27 12:33:38.000000000 +0100
@@ -5,7 +5,7 @@
 Uploaders: Mischa Salle <msalle@nikhef.nl>
 Build-Depends: cdbs, debhelper (>= 7.0.50~), dh-autoreconf, autotools-dev,
  lcmaps-basic-interface, unixodbc-dev, libssl-dev, pkg-config
-Standards-Version: 3.9.5
+Standards-Version: 3.9.8
 Homepage: https://wiki.nikhef.nl/grid/LCMAPS
 Vcs-Svn: https://ndpfsvn.nikhef.nl/repos/mwsec/packaging/debian/trunk/lcmaps-plugins-jobrep
 Vcs-Browser: http://ndpfsvn.nikhef.nl/viewvc/mwsec/packaging/debian/trunk/lcmaps-plugins-jobrep
diff -Nru lcmaps-plugins-jobrep-1.5.3/debian/patches/openssl1.1.patch lcmaps-plugins-jobrep-1.5.3/debian/patches/openssl1.1.patch
--- lcmaps-plugins-jobrep-1.5.3/debian/patches/openssl1.1.patch	1970-01-01 01:00:00.000000000 +0100
+++ lcmaps-plugins-jobrep-1.5.3/debian/patches/openssl1.1.patch	2017-01-27 12:33:38.000000000 +0100
@@ -0,0 +1,111 @@
+From: Micha Sallé <msalle@nikhef.nl>
+Subject: Fixes for compatibility with OpenSSL 1.1
+
+--- a/src/jobrep/jobrep_data_handling.c
++++ b/src/jobrep/jobrep_data_handling.c
+@@ -1134,7 +1134,7 @@
+     char    *subject_DN = NULL, *issuer_DN = NULL, *not_before_str = NULL, *not_after_str = NULL;
+     time_t   not_before = 0, not_after = 0;
+     X509    *cert = NULL;
+-    unsigned char *serialnr = NULL;
++    char *serialnr = NULL;
+ 
+     if ((db_handle == NULL) || (px509_chain == NULL)) {
+         return -1;
+@@ -1231,27 +1231,25 @@
+     return -1;
+ }
+ 
+-unsigned char *
++char *
+ jobrep_get_serialnumber_as_string(X509 *cert) {
+-    ASN1_INTEGER   *cert_Serial = NULL;
+-    unsigned char  *serialNumberDER = NULL, *temp = NULL, *serialStr = NULL;
++    ASN1_INTEGER   *serial = NULL;
+     char           *subject_DN = NULL;
+-    size_t          len;
+-    int             j,serialLen;
++    BIGNUM         *bn_serial;
++    char           *serialStr = NULL;
+ 
+     if (cert == NULL)
+         return NULL;
+ 
+-    cert_Serial = X509_get_serialNumber(cert);
+-    if (cert_Serial == NULL) {
++    if ( (serial = X509_get_serialNumber(cert)) == NULL) {
+         /* For debugging purposes extract the Subject DN */
+         subject_DN = X509_NAME_oneline(X509_get_subject_name(cert),NULL,0);
+         if (subject_DN) {
+-            lcmaps_log(LOG_DEBUG, "%s: certificate passed with subject DN \"%s\" didn't contain a serial number.\n",
++            lcmaps_log(LOG_WARNING, "%s: certificate passed with subject DN \"%s\" didn't contain a serial number.\n",
+                        __func__, subject_DN);
+             free(subject_DN);
+         } else {
+-            lcmaps_log(LOG_DEBUG, "%s: certificate passed doesn't have a serialnumber and also lacks a subject DN. " \
++            lcmaps_log(LOG_WARNING, "%s: certificate passed doesn't have a serialnumber and also lacks a subject DN. " \
+                                   "This is completely weird and doesn't even look like a certificate. " \
+                                   "Are you a waiter because you seem to be feeding me soup?\n",
+                                   __func__);
+@@ -1259,44 +1257,15 @@
+         return NULL;
+     }
+ 
+-    serialLen = i2c_ASN1_INTEGER(cert_Serial, NULL);
+-    if (serialLen <= 0) {
+-        lcmaps_log(LOG_INFO, "%s: Conversion of a certificate serial number from ASN1_INTEGER to DER failed\n",
+-                             __func__);
+-        return NULL;
+-    }
+-
+-    /* Note: serialLen is int and >0 */
+-    temp = serialNumberDER = malloc((size_t)serialLen);
+-    if (serialNumberDER == NULL) {
+-        lcmaps_log(LOG_DEBUG, "%s: Could not allocate %d bytes\n", serialLen);
+-        return NULL;
+-    }
+-    /* Warning, the temp variable will be displaced, use the serialNumberDER instead. */
+-    serialLen = i2c_ASN1_INTEGER(cert_Serial, &temp);
+-
+-    /* Allocate as a Hex decimal + null-terminator */
+-    len = (size_t)serialLen * 2 + 1;
+-    serialStr = malloc(len);
+-    if (serialStr == NULL) {
+-        lcmaps_log(LOG_DEBUG, "%s: Could not allocate %d bytes\n", len);
+-        goto cleanup;
+-    }
+-
+-    /* Write the DER encoded serial code in Hex to the serialStr */
+-    temp = serialStr;
+-    for (j = 0; j < serialLen; j++) {
+-        snprintf((char *)temp, len, "%02X", serialNumberDER[j] );
+-        temp = &(temp[2]);
++    if ( (bn_serial = ASN1_INTEGER_to_BN(serial, NULL)) == NULL ||
++	 (serialStr = BN_bn2hex(bn_serial)) == NULL )
++    {
++	lcmaps_log(LOG_WARNING, "%s: Cannot convert ASN1_INTEGER serial to char *", __func__);
++	return NULL;
+     }
+ 
+-    /* Done */
+-    free(serialNumberDER);
++    BN_clear_free(bn_serial);
+     return serialStr;
+-cleanup:
+-    if (serialNumberDER) free(serialNumberDER);
+-    if (serialStr) free(serialStr);
+-    return NULL;
+ }
+ 
+ 
+--- a/src/jobrep/jobrep_data_handling.h
++++ b/src/jobrep/jobrep_data_handling.h
+@@ -55,7 +55,7 @@
+ long jobrep_push_unix_cred(struct jr_db_handle_s *db_handle);
+ int jobrep_push_certificates(struct jr_db_handle_s *db_handle, STACK_OF(X509) *px509_chain);
+ 
+-unsigned char *jobrep_get_serialnumber_as_string(X509 *cert);
++char *jobrep_get_serialnumber_as_string(X509 *cert);
+ char *jobrep_time_to_string(time_t some_time);
+ time_t jobrep_asn1TimeToTimeT(unsigned char *asn1time, size_t len);
+ 
diff -Nru lcmaps-plugins-jobrep-1.5.3/debian/patches/series lcmaps-plugins-jobrep-1.5.3/debian/patches/series
--- lcmaps-plugins-jobrep-1.5.3/debian/patches/series	2014-01-14 13:39:46.000000000 +0100
+++ lcmaps-plugins-jobrep-1.5.3/debian/patches/series	2017-01-27 12:33:38.000000000 +0100
@@ -1 +1 @@
-
+openssl1.1.patch


unblock lcmaps-plugins-jobrep/1.5.3-4

-- System Information:
Debian Release: 8.7
  APT prefers stable
  APT policy: (990, 'stable'), (50, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-dvdrt-amd64 (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=nl_NL.utf8, LC_CTYPE=nl_NL.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

--- End Message ---

--- Begin Message ---

To: Dennis van Dok <dennisvd@nikhef.nl>, 854311-done@bugs.debian.org

Subject: Re: Bug#854311: unblock: lcmaps-plugins-jobrep/1.5.3-4

From: Jonathan Wiltshire <jmw@debian.org>

Date: Tue, 7 Feb 2017 18:20:45 +0000

Message-id: <20170207182045.4ejimue2ods5jqdt@powdarrmonkey.net>

In-reply-to: <[🔎] 20170205220354.12726.68243.reportbug@rowlf>

References: <[🔎] 20170205220354.12726.68243.reportbug@rowlf>
On Sun, Feb 05, 2017 at 11:03:54PM +0100, Dennis van Dok wrote:
> Please unblock package lcmaps-plugins-jobrep
> 
> Package no longer FTBFS with the introduction of OpenSSL 1.1.

Unblocked, thanks.

-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
--- End Message ---

Reply to:

References:
- Bug#854311: unblock: lcmaps-plugins-jobrep/1.5.3-4
  - From: Dennis van Dok <dennisvd@nikhef.nl>

Prev by Date: Processed: Re: Bug#854415: unblock: ndisc6/1.0.3-3
Next by Date: Bug#854491: marked as done (unblock: irssi-plugin-robustirc/0.6-3)
Previous by thread: Bug#854311: unblock: lcmaps-plugins-jobrep/1.5.3-4
Next by thread: Bug#854316: unblock: pgplot5/5.2.2-19.3
Index(es):
- Date
- Thread