[Pkg-gridengine-commits] [pkg-gridengine] 01/04: Fix FTBFS with openssl 1.1
Afif Elghraoui
afif at moszumanska.debian.org
Sun Nov 19 05:20:42 UTC 2017
This is an automated email from the git hooks/post-receive script.
afif pushed a commit to branch master
in repository pkg-gridengine.
commit 4fd69b379ab14d694986591707cadd4754036254
Author: Afif Elghraoui <afif at debian.org>
Date: Sat Nov 18 23:37:29 2017 -0500
Fix FTBFS with openssl 1.1
Closes: #827076
Thanks: Mark Hymers for the patches
---
debian/control | 2 +-
debian/patches/openssl-1.1.patch | 202 +++++++++++++++++++++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 204 insertions(+), 1 deletion(-)
diff --git a/debian/control b/debian/control
index 566547a..5496d88 100644
--- a/debian/control
+++ b/debian/control
@@ -12,7 +12,7 @@ Build-Depends:
autotools-dev,
tcsh | c-shell,
libdb-dev,
- libssl1.0-dev,
+ libssl-dev,
libncurses5-dev,
libpam0g-dev,
libxt-dev,
diff --git a/debian/patches/openssl-1.1.patch b/debian/patches/openssl-1.1.patch
new file mode 100644
index 0000000..88d431d
--- /dev/null
+++ b/debian/patches/openssl-1.1.patch
@@ -0,0 +1,202 @@
+Description: fix package build with openssl 1.1
+Author: Mark Hymers <mhy at debian.org>
+Bug: https://arc.liv.ac.uk/trac/SGE/ticket/1572
+Bug-Debian: https://bugs.debian.org/827076
+Applied-Upstream: https://gitlab.com/loveshack/sge/commit/0b6d6e0dc5f3bb3ad8176141938d6db0935de3b9
+Last-Update: 2017-01-07
+--- pkg-gridengine.orig/source/libs/comm/cl_ssl_framework.c
++++ pkg-gridengine/source/libs/comm/cl_ssl_framework.c
+@@ -484,7 +484,7 @@
+ static int ssl_callback_SSLVerify_CRL(int ok, X509_STORE_CTX *ctx, cl_com_ssl_private_t* private) {
+ X509 *cert = NULL;
+ X509_LOOKUP *lookup = NULL;
+- X509_STORE_CTX verify_ctx;
++ X509_STORE_CTX *verify_ctx = NULL;
+ int err;
+ int is_ok = true;
+ SGE_STRUCT_STAT stat_buffer;
+@@ -499,6 +499,8 @@
+ return true;
+ }
+
++ verify_ctx = X509_STORE_CTX_new();
++
+ /* create the cert store and set the verify callback */
+ if (private->ssl_crl_data->store == NULL || stat_buffer.st_mtime != private->ssl_crl_data->last_modified) {
+ CL_LOG(CL_LOG_WARNING, "creating new crl store context");
+@@ -545,20 +547,20 @@
+ cert = X509_STORE_CTX_get_current_cert(ctx);
+ if (is_ok == true && cert != NULL) {
+ /* X509_STORE_CTX_init did not return an error condition in prior versions */
+- if (X509_STORE_CTX_init(&verify_ctx, private->ssl_crl_data->store, cert, NULL) != 1) {
++ if (X509_STORE_CTX_init(verify_ctx, private->ssl_crl_data->store, cert, NULL) != 1) {
+ CL_LOG(CL_LOG_ERROR, "Error initializing verification context");
+ is_ok = false;
+ } else {
+ /* verify the certificate */
+- if (X509_verify_cert(&verify_ctx) != 1) {
++ if (X509_verify_cert(verify_ctx) != 1) {
+ is_ok = false;
+ }
+ }
+ if (is_ok == false) {
+- err = X509_STORE_CTX_get_error(&verify_ctx);
++ err = X509_STORE_CTX_get_error(verify_ctx);
+ X509_STORE_CTX_set_error(ctx, err);
+ }
+- X509_STORE_CTX_cleanup(&verify_ctx);
++ X509_STORE_CTX_cleanup(verify_ctx);
+ } else {
+ if (is_ok == false) {
+ CL_LOG(CL_LOG_ERROR,"X509 store is not valid");
+@@ -569,6 +571,8 @@
+ is_ok = false;
+ }
+
++ X509_STORE_CTX_free(verify_ctx);
++
+ return is_ok;
+ }
+
+--- pkg-gridengine.orig/source/utilbin/sge_passwd.c
++++ pkg-gridengine/source/utilbin/sge_passwd.c
+@@ -280,7 +280,7 @@
+ size_t *buffer_out_length)
+ {
+ unsigned int ebuflen;
+- EVP_CIPHER_CTX ectx;
++ EVP_CIPHER_CTX *ectx = NULL;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ unsigned char *ekey[1];
+ int ekeylen=0, net_ekeylen=0;
+@@ -315,6 +315,8 @@
+ ret = sge_ssl_rand_load_file(rand_file, sizeof(rand_file));
+
+ if(ret <= 0) {
++ sge_free(&(ekey[0]));
++ EVP_PKEY_free(pubKey[0]);
+ snprintf(err_str, MAX_STRING_SIZE, MSG_PWD_CANTLOADRANDFILE_SSS,
+ "sgepasswd", rand_file, MSG_PWD_NO_SSL_ERR);
+
+@@ -325,11 +327,22 @@
+ return;
+ }
+
++ /* Initialise cipher context */
++ ectx = EVP_CIPHER_CTX_new();
++ if (!ectx) {
++ sge_free(&(ekey[0]));
++ EVP_PKEY_free(pubKey[0]);
++ fprintf(stderr, MSG_PWD_MALLOC_SS, SGE_PASSWD_PROG_NAME, MSG_PWD_NO_SSL_ERR);
++ fprintf(stderr, "\n");
++ DEXIT;
++ exit(1);
++ }
++
+ memset(iv, '\0', sizeof(iv));
+ #if 0
+- ret = EVP_SealInit(&ectx, EVP_des_ede3_cbc(), ekey, &ekeylen, iv, pubKey, 1);
++ ret = EVP_SealInit(ectx, EVP_des_ede3_cbc(), ekey, &ekeylen, iv, pubKey, 1);
+ #else
+- ret = EVP_SealInit(&ectx, EVP_rc4(), ekey, &ekeylen, iv, pubKey, 1);
++ ret = EVP_SealInit(ectx, EVP_rc4(), ekey, &ekeylen, iv, pubKey, 1);
+ #endif
+ if(ret == 0) {
+ printf("---> EVP_SealInit\n");
+@@ -352,7 +365,7 @@
+ buffer_append(buffer_out, buffer_out_size, buffer_out_length,
+ (char*)iv, sizeof(iv));
+
+- EVP_SealUpdate(&ectx, (unsigned char*)ebuf,
++ EVP_SealUpdate(ectx, (unsigned char*)ebuf,
+ (int*)&ebuflen,
+ (const unsigned char *) buffer_in,
+ buffer_in_length);
+@@ -360,11 +373,12 @@
+ buffer_append(buffer_out, buffer_out_size, buffer_out_length,
+ ebuf, ebuflen);
+
+- EVP_SealFinal(&ectx, (unsigned char *)ebuf, (int*)&ebuflen);
++ EVP_SealFinal(ectx, (unsigned char *)ebuf, (int*)&ebuflen);
+
+ buffer_append(buffer_out, buffer_out_size, buffer_out_length,
+ ebuf, ebuflen);
+
++ EVP_CIPHER_CTX_free(ectx);
+ EVP_PKEY_free(pubKey[0]);
+ sge_free(&(ekey[0]));
+ DEXIT;
+@@ -379,7 +393,7 @@
+ char buf[520];
+ char ebuf[512];
+ unsigned int buflen;
+- EVP_CIPHER_CTX ectx;
++ EVP_CIPHER_CTX *ectx = NULL;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ unsigned char *encryptKey;
+ unsigned int ekeylen;
+@@ -455,6 +469,16 @@
+ return 1;
+ }
+
++ /* Initialise cipher context */
++ ectx = EVP_CIPHER_CTX_new();
++ if (!ectx) {
++ sge_free(&encryptKey);
++ fprintf(stderr, MSG_PWD_MALLOC_SS, SGE_PASSWD_PROG_NAME, MSG_PWD_NO_SSL_ERR);
++ fprintf(stderr, "\n");
++ DEXIT;
++ exit(1);
++ }
++
+ memcpy(encryptKey, curr_ptr, ekeylen);
+ curr_ptr += ekeylen;
+ buffer_in_length -= ekeylen;
+@@ -462,9 +486,9 @@
+ curr_ptr += sizeof(iv);
+ buffer_in_length -= sizeof(iv);
+ #if 0
+- ret = EVP_OpenInit(&ectx, EVP_des_ede3_cbc(), encryptKey, ekeylen, iv, privateKey);
++ ret = EVP_OpenInit(ectx, EVP_des_ede3_cbc(), encryptKey, ekeylen, iv, privateKey);
+ #else
+- ret = EVP_OpenInit(&ectx, EVP_rc4(), encryptKey, ekeylen, iv, privateKey);
++ ret = EVP_OpenInit(ectx, EVP_rc4(), encryptKey, ekeylen, iv, privateKey);
+ #endif
+ if(ret == 0) {
+ printf("----> EVP_OpenInit\n");
+@@ -484,12 +508,13 @@
+ readlen = sizeof(ebuf);
+ }
+
+- ret = EVP_OpenUpdate(&ectx, (unsigned char *)buf,
++ ret = EVP_OpenUpdate(ectx, (unsigned char *)buf,
+ (int*)&buflen,
+ (const unsigned char *)ebuf, readlen);
+ if (ret == 0) {
+ error_code = ERR_get_error();
+ ERR_error_string(error_code, err_msg);
++ EVP_CIPHER_CTX_free(ectx);
+ snprintf(err_str, lstr, MSG_PWD_SSL_ERR_MSG_SS, SGE_PASSWD_PROG_NAME, err_msg);
+ #ifdef DEFINE_SGE_PASSWD_MAIN
+ fprintf(stderr, "%s\n", err_str);
+@@ -502,10 +527,11 @@
+ buf, buflen);
+ }
+
+- ret = EVP_OpenFinal(&ectx, (unsigned char *)buf, (int*)&buflen);
++ ret = EVP_OpenFinal(ectx, (unsigned char *)buf, (int*)&buflen);
+ if (ret == 0) {
+ error_code = ERR_get_error();
+ ERR_error_string(error_code, err_msg);
++ EVP_CIPHER_CTX_free(ectx);
+ snprintf(err_str, lstr, MSG_PWD_SSL_ERR_MSG_SS, SGE_PASSWD_PROG_NAME, err_msg);
+ #ifdef DEFINE_SGE_PASSWD_MAIN
+ fprintf(stderr, "%s\n", err_str);
+@@ -516,6 +542,7 @@
+ buffer_append(buffer_out, buffer_out_size, buffer_out_length,
+ buf, buflen);
+
++ EVP_CIPHER_CTX_free(ectx);
+ EVP_PKEY_free(privateKey);
+ sge_free(&encryptKey);
+ error_code = ERR_get_error();
diff --git a/debian/patches/series b/debian/patches/series
index 9b39b90..a53c4b0 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,3 +4,4 @@ m32_m64.patch
java-paths.patch
x32.patch
source-dependencies.patch
+openssl-1.1.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gridengine/pkg-gridengine.git
More information about the Pkg-gridengine-commits
mailing list