[Pkg-dns-devel] Bug#848339: missing fake_dsa symbol makes reverse dependencies FTBFS
Helmut Grohne
helmut at subdivi.de
Sun Dec 18 05:40:37 UTC 2016
Control: tags -1 + patch
On Sat, Dec 17, 2016 at 08:15:44AM +0100, Helmut Grohne wrote:
> This bug makes gnutls28 fail to build from source (it detects unbound as
> missing and fails installing its dane components). Raising severity to
> prevent testing migration and warn others.
It turns out that the fake_dsa symbol (whose name is too generic to be
used in a shared library imo) is only defined when HAVE_SSL is defined
(because it works around limitations in openssl >= 1.1). The only
remaining place that uses it unconditionally is the configuration
parser. Thus fixing that one, fixes the problem. Please consider
applying the attached patch. I'd appreciate a timely solution as this
bug breaks architecture bootstrap qa.
Helmut
-------------- next part --------------
diff --minimal -Nru unbound-1.6.0/debian/changelog unbound-1.6.0/debian/changelog
--- unbound-1.6.0/debian/changelog 2016-12-15 21:26:15.000000000 +0100
+++ unbound-1.6.0/debian/changelog 2016-12-18 06:27:37.000000000 +0100
@@ -1,3 +1,10 @@
+unbound (1.6.0-1.1) UNRELEASED; urgency=medium
+
+ * Non-maintainer upload.
+ * Fix FTBFS: only use fake_dsa when HAVE_SSL is defined (Closes: #848339)
+
+ -- Helmut Grohne <helmut at subdivi.de> Sun, 18 Dec 2016 06:27:37 +0100
+
unbound (1.6.0-1) unstable; urgency=medium
[ Robert Edmonds ]
diff --minimal -Nru unbound-1.6.0/debian/patches/debian-changes unbound-1.6.0/debian/patches/debian-changes
--- unbound-1.6.0/debian/patches/debian-changes 2016-12-15 21:26:15.000000000 +0100
+++ unbound-1.6.0/debian/patches/debian-changes 2016-12-18 06:27:37.000000000 +0100
@@ -85,3 +85,25 @@
cfg->control_ifs = NULL;
cfg->control_port = UNBOUND_CONTROL_PORT;
cfg->remote_control_use_cert = 1;
+--- unbound-1.6.0.orig/util/configparser.y
++++ unbound-1.6.0/util/configparser.y
+@@ -1201,9 +1201,16 @@ server_fake_dsa: VAR_FAKE_DSA STRING_ARG
+ OUTYY(("P(server_fake_dsa:%s)\n", $2));
+ if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
+ yyerror("expected yes or no.");
+- else fake_dsa = (strcmp($2, "yes")==0);
+- if(fake_dsa)
+- log_warn("test option fake_dsa is enabled");
++ else {
++ int fake_dsa_val = strcmp($2, "yes")==0;
++ if(fake_dsa_val)
++#ifdef HAVE_SSL
++ log_warn("test option fake_dsa is enabled");
++ fake_dsa = fake_dsa_val;
++#else
++ log_warn("test option fake_dsa is ignored");
++#endif
++ }
+ free($2);
+ }
+ ;
More information about the pkg-dns-devel
mailing list