Bug#787998: perdition: FTBFS with openssl 1.1.0

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Bug#787998: perdition: FTBFS with openssl 1.1.0

Simon Horman
tags 828494 +pending
thanks

This problem should be resolved by the following patch:

# HG changeset patch
# User Simon Horman <[hidden email]>
# Date 1477918609 -3600
#      Mon Oct 31 13:56:49 2016 +0100
# Node ID 798cc9df07879d58db9096456b43948159c2825b
# Parent  96a24b495d6bac69e5fb450718163e741da7f147
Allow compilation against OpenSSL 1.1

diff -r 96a24b495d6b -r 798cc9df0787 debian/changelog
--- a/debian/changelog Thu May 12 16:56:30 2016 +0900
+++ b/debian/changelog Mon Oct 31 13:56:49 2016 +0100
@@ -4,8 +4,10 @@
     (closes: #765867)
   * Make builds reproducible
     (closes: #787998)
+  * Allow compilation against OpenSSL 1.1
+    (closes: #828494)
 
- -- Simon Horman <[hidden email]>  Sat, 13 Jun 2015 09:05:34 +0900
+ -- Simon Horman <[hidden email]>  Mon, 31 Oct 2016 13:55:18 +0100
 
 perdition (2.1-2) unstable; urgency=medium
 
diff -r 96a24b495d6b -r 798cc9df0787 perdition/ssl.c
--- a/perdition/ssl.c Thu May 12 16:56:30 2016 +0900
+++ b/perdition/ssl.c Mon Oct 31 13:56:49 2016 +0100
@@ -262,10 +262,9 @@
  return 0;
  }
 
- if (__perdition_verify_result(ctx->error, cert)
- == X509_V_OK) {
+ if (__perdition_verify_result(X509_STORE_CTX_get_error(ctx),
+      cert) == X509_V_OK)
  return 1;
- }
 
  return ok;
 }
@@ -910,7 +909,6 @@
 __perdition_ssl_check_common_name(X509 *cert, const char *key)
 {
  int i;
- X509_NAME_ENTRY *e;
  X509_NAME *name;
 
  name = X509_get_subject_name(cert);
@@ -922,6 +920,9 @@
 
  i = -1;
  while (1) {
+ X509_NAME_ENTRY *e;
+ ASN1_STRING *data;
+
  i = X509_NAME_get_index_by_NID(name, NID_commonName, i);
  if (i == -1)
  break;
@@ -933,8 +934,14 @@
  return -1;
  }
 
- if (!__perdition_ssl_compare_key(key, e->value->data,
- e->value->length))
+ data = X509_NAME_ENTRY_get_data(e);
+ if (!data) {
+ VANESSA_LOGGER_DEBUG_RAW_UNSAFE("warning: could not "
+ "extract data for name entry %d", i);
+ return -1;
+ }
+
+ if (!__perdition_ssl_compare_key(key, data->data, data->length))
  return 0;
  }