[Pkg-voip-commits] [kamailio] 01/02: tls: fix init checks (Closes: #844548)
Victor Seva
vseva at moszumanska.debian.org
Fri Mar 31 14:14:09 UTC 2017
This is an automated email from the git hooks/post-receive script.
vseva pushed a commit to branch master
in repository kamailio.
commit 5e65291a180bd314c962cbd9457e3670019bd504
Author: Victor Seva <vseva at debian.org>
Date: Fri Mar 31 15:42:25 2017 +0200
tls: fix init checks (Closes: #844548)
---
debian/patches/series | 3 ++
...eros-and-zlib-init-checks-only-for-libssl.patch | 57 ++++++++++++++++++++++
2 files changed, 60 insertions(+)
diff --git a/debian/patches/series b/debian/patches/series
index 9de40e1..951331e 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,6 @@
+# upstream fixes
+upstream/tls-do-kerberos-and-zlib-init-checks-only-for-libssl.patch
+#
no_lib64_on_64_bits.patch
no_INSTALL_file.patch
fix_export.patch
diff --git a/debian/patches/upstream/tls-do-kerberos-and-zlib-init-checks-only-for-libssl.patch b/debian/patches/upstream/tls-do-kerberos-and-zlib-init-checks-only-for-libssl.patch
new file mode 100644
index 0000000..92550a8
--- /dev/null
+++ b/debian/patches/upstream/tls-do-kerberos-and-zlib-init-checks-only-for-libssl.patch
@@ -0,0 +1,57 @@
+From 406c02f7b76ada56d6e1f73e763fecb05c1f51c5 Mon Sep 17 00:00:00 2001
+From: Daniel-Constantin Mierla <miconda at gmail.com>
+Date: Fri, 31 Mar 2017 12:56:52 +0200
+Subject: [PATCH] tls: do kerberos and zlib init checks only for libssl < 1.1.0
+
+- using string matching inside libssl compile flags is no longer
+ reliable
+- reported by GH #1050
+
+(cherry picked from commit e59fa823b7b9513d3d1adb958d5e8ec055082d83)
+(cherry picked from commit b12ac4ea9efae41b83a2664ea4f25b1d59bc2032)
+---
+ modules/tls/tls_init.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/modules/tls/tls_init.c b/modules/tls/tls_init.c
+index af2d4c54e..133bc7fc8 100644
+--- a/modules/tls/tls_init.c
++++ b/modules/tls/tls_init.c
+@@ -563,11 +563,13 @@ int init_tls_h(void)
+ {
+ /*struct socket_info* si;*/
+ long ssl_version;
++#if OPENSSL_VERSION_NUMBER < 0x010100000L
+ int lib_kerberos;
+ int lib_zlib;
+ int kerberos_support;
+ int comp_support;
+ const char* lib_cflags;
++#endif
+ int low_mem_threshold1;
+ int low_mem_threshold2;
+ str tls_grp;
+@@ -603,6 +605,10 @@ int init_tls_h(void)
+ else
+ return -1; /* safer to exit */
+ }
++
++/* check kerberos support using compile flags only for version < 1.1.0 */
++#if OPENSSL_VERSION_NUMBER < 0x010100000L
++
+ #ifdef TLS_KERBEROS_SUPPORT
+ kerberos_support=1;
+ #else
+@@ -672,6 +678,9 @@ int init_tls_h(void)
+ " kerberos support will be disabled...\n");
+ }
+ #endif
++
++#endif /* libssl version < 1.1.0 (OPENSSL_VERSION_NUMBER < 0x010100000L) */
++
+ /* set free memory threshold for openssl bug #1491 workaround */
+ low_mem_threshold1 = cfg_get(tls, tls_cfg, low_mem_threshold1);
+ low_mem_threshold2 = cfg_get(tls, tls_cfg, low_mem_threshold2);
+--
+2.11.0
+
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-voip/kamailio.git
More information about the Pkg-voip-commits
mailing list