[Pkg-voip-commits] [kamailio] 01/02: tls: fix init checks (Closes: #844548)

Fri Mar 31 14:14:09 UTC 2017

This is an automated email from the git hooks/post-receive script.

vseva pushed a commit to branch master
in repository kamailio.

commit 5e65291a180bd314c962cbd9457e3670019bd504
Author: Victor Seva <vseva at debian.org>
Date:   Fri Mar 31 15:42:25 2017 +0200

    tls: fix init checks (Closes: #844548)
---
 debian/patches/series                              |  3 ++
 ...eros-and-zlib-init-checks-only-for-libssl.patch | 57 ++++++++++++++++++++++
 2 files changed, 60 insertions(+)

diff --git a/debian/patches/series b/debian/patches/series
index 9de40e1..951331e 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,6 @@
+# upstream fixes
+upstream/tls-do-kerberos-and-zlib-init-checks-only-for-libssl.patch
+#
 no_lib64_on_64_bits.patch
 no_INSTALL_file.patch
 fix_export.patch
diff --git a/debian/patches/upstream/tls-do-kerberos-and-zlib-init-checks-only-for-libssl.patch b/debian/patches/upstream/tls-do-kerberos-and-zlib-init-checks-only-for-libssl.patch
new file mode 100644
index 0000000..92550a8
--- /dev/null
+++ b/debian/patches/upstream/tls-do-kerberos-and-zlib-init-checks-only-for-libssl.patch
@@ -0,0 +1,57 @@
+From 406c02f7b76ada56d6e1f73e763fecb05c1f51c5 Mon Sep 17 00:00:00 2001
+From: Daniel-Constantin Mierla <miconda at gmail.com>
+Date: Fri, 31 Mar 2017 12:56:52 +0200
+Subject: [PATCH] tls: do kerberos and zlib init checks only for libssl < 1.1.0
+
+- using string matching inside libssl compile flags is no longer
+  reliable
+- reported by GH #1050
+
+(cherry picked from commit e59fa823b7b9513d3d1adb958d5e8ec055082d83)
+(cherry picked from commit b12ac4ea9efae41b83a2664ea4f25b1d59bc2032)
+---
+ modules/tls/tls_init.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/modules/tls/tls_init.c b/modules/tls/tls_init.c
+index af2d4c54e..133bc7fc8 100644
+--- a/modules/tls/tls_init.c
++++ b/modules/tls/tls_init.c
+@@ -563,11 +563,13 @@ int init_tls_h(void)
+ {
+ 	/*struct socket_info* si;*/
+ 	long ssl_version;
++#if OPENSSL_VERSION_NUMBER < 0x010100000L
+ 	int lib_kerberos;
+ 	int lib_zlib;
+ 	int kerberos_support;
+ 	int comp_support;
+ 	const char* lib_cflags;
++#endif
+ 	int low_mem_threshold1;
+ 	int low_mem_threshold2;
+ 	str tls_grp;
+@@ -603,6 +605,10 @@ int init_tls_h(void)
+ 		else
+ 			return -1; /* safer to exit */
+ 	}
++
++/* check kerberos support using compile flags only for version < 1.1.0 */
++#if OPENSSL_VERSION_NUMBER < 0x010100000L
++
+ #ifdef TLS_KERBEROS_SUPPORT
+ 	kerberos_support=1;
+ #else
+@@ -672,6 +678,9 @@ int init_tls_h(void)
+ 			" kerberos support will be disabled...\n");
+ 	}
+ 	#endif
++
++#endif /* libssl version < 1.1.0 (OPENSSL_VERSION_NUMBER < 0x010100000L) */
++
+ 	/* set free memory threshold for openssl bug #1491 workaround */
+ 	low_mem_threshold1 = cfg_get(tls, tls_cfg, low_mem_threshold1);
+ 	low_mem_threshold2 = cfg_get(tls, tls_cfg, low_mem_threshold2);
+-- 
+2.11.0
+

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-voip/kamailio.git

