Commit 3cc7d8d5f9bbc39bf8de147944cb1696349fa40e - erlang-p1-tls

Added upstream patch to fix FTBFS with OpenSSL 1.1.0 (Closes: #828297) Philipp Huebner 7 years ago

4 changed file(s) with 235 addition(s) and 1 deletion(s). Raw diff Collapse all Expand all

-1

debian/control less more

10	10	Package: erlang-p1-tls
11	11	Architecture: any
12	12	Depends: ${shlibs:Depends}, ${misc:Depends}, erlang-base \| ${erlang-abi:Depends},
13		${erlang:Depends}
	13	${erlang:Depends}, erlang-p1-utils (>= 1.0.3)
14	14	Description: native TLS / SSL driver for Erlang / Elixir
15	15	Fast TSL is a native TLS / SSL driver for Erlang / Elixir.
16	16	It is based on OpenSSL, a proven and efficient TLS implementation.

+25

-0

debian/patches/erlang-version.patch less more

	0	From 643aee2cef8e5bed4979bc47bcc520910f95b5fa Mon Sep 17 00:00:00 2001
	1	From: =?UTF-8?q?Pawe=C5=82=20Chmielowski?= <pchmielowski@process-one.net>
	2	Date: Fri, 24 Jun 2016 15:32:51 +0200
	3	Subject: [PATCH] Improve check for erlang version
	4
	5	---
	6	rebar.config.script \| 5 ++++-
	7	1 file changed, 4 insertions(+), 1 deletion(-)
	8
	9	diff --git a/rebar.config.script b/rebar.config.script
	10	index 33e07b1..f4b0339 100644
	11	--- a/rebar.config.script
	12	+++ b/rebar.config.script
	13	@@ -47,7 +47,10 @@ ModCfg = fun(Cfg, Keys, Op, Default) -> ModCfg0(ModCfg0, Cfg, Keys, Op, Default)
	14	ModCfgS = fun(Cfg, Keys, Val) -> ModCfg0(ModCfg0, Cfg, Keys, fun(_V) -> Val end, "") end.
	15
	16
	17	-ExitFlag = case erlang:system_info(version) >= "7.3" of true -> "-DHAS_ERTS_EXIT"; _ -> "" end.
	18	+SysVersion = lists:map(fun erlang:list_to_integer/1,
	19	+ string:tokens(erlang:system_info(version), ".")),
	20	+
	21	+ExitFlag = case SysVersion >= [7, 3] of true -> "-DHAS_ERTS_EXIT"; _ -> "" end.
	22
	23	Cfg0 = ModCfg(CONFIG, [port_env, "CFLAGS"], fun(V) -> V ++ " " ++ ExitFlag ++ " " ++ CfgCFlags end, "$CFLAGS"),
	24	Cfg00 = ModCfg(Cfg0, [port_env, "LDFLAGS"], fun(V) -> V ++ " " ++ CfgLDFlags end, "$LDFLAGS"),

+207

-0

debian/patches/fix-openssl.patch less more

	0	From 3d09f86171e455c8ee8b64a5b33f1f28022b7f2d Mon Sep 17 00:00:00 2001
	1	From: =?UTF-8?q?Pawe=C5=82=20Chmielowski?= <pchmielowski@process-one.net>
	2	Date: Mon, 27 Jun 2016 12:55:23 +0200
	3	Subject: [PATCH] Make compatible with openssl 1.1.0
	4
	5	This fixes issue #6
	6	---
	7	c_src/fast_tls_drv.c \| 62 ++++++++++++++++++++++++++++++++++------------------
	8	configure \| 10 +++++++++
	9	configure.ac \| 5 +++++
	10	3 files changed, 56 insertions(+), 21 deletions(-)
	11
	12	diff --git a/c_src/fast_tls_drv.c b/c_src/fast_tls_drv.c
	13	index 11cd956..976485e 100644
	14	--- a/c_src/fast_tls_drv.c
	15	+++ b/c_src/fast_tls_drv.c
	16	@@ -20,11 +20,16 @@
	17	#include <erl_driver.h>
	18	#include <openssl/err.h>
	19	#include <openssl/ssl.h>
	20	+#include <openssl/opensslv.h>
	21	#include <sys/types.h>
	22	#include <sys/stat.h>
	23	#include <stdint.h>
	24	#include "options.h"
	25
	26	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
	27	+#define DH_set0_pqg(dh, dh_p, NULL, dh_g) (dh)->p = dh_p; (dh)->g = dh_g
	28	+#endif
	29	+
	30	#define BUF_SIZE 1024
	31
	32	typedef struct {
	33	@@ -103,7 +108,7 @@ ErlDrvBinary ftls_realloc_binary(ErlDrvBinary bin, ErlDrvSizeT size) {
	34	/**
	35	* Prepare the SSL options flag.
	36	**/
	37	-static int set_option_flag(const char opt, long flag)
	38	+static int set_option_flag(const char opt, unsigned long flag)
	39	{
	40	ssl_option_t *p;
	41	for (p = ssl_options; p->name; p++) {
	42	@@ -450,12 +455,16 @@ static int setup_dh(SSL_CTX ctx, char dh_file)
	43	return 0;
	44	}
	45
	46	- dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
	47	- dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
	48	- if (dh->p == NULL \|\| dh->g == NULL) {
	49	- DH_free(dh);
	50	- return 0;
	51	- }
	52	+ BIGNUM *dh_p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
	53	+ BIGNUM *dh_g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
	54	+ if (dh_p == NULL \|\| dh_g == NULL) {
	55	+ BN_free(dh_p);
	56	+ BN_free(dh_g);
	57	+ DH_free(dh);
	58	+ return 0;
	59	+ }
	60	+
	61	+ DH_set0_pqg(dh, dh_p, NULL, dh_g);
	62	}
	63
	64	SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE);
	65	@@ -468,17 +477,14 @@ static int setup_dh(SSL_CTX ctx, char dh_file)
	66
	67	static void ssl_info_callback(const SSL *s, int where, int ret)
	68	{
	69	- if (where == SSL_CB_ACCEPT_LOOP) {
	70	- int state = SSL_get_state(s);
	71	- if (state == SSL3_ST_SR_CLNT_HELLO_A \|\|
	72	- state == SSL23_ST_SR_CLNT_HELLO_A) {
	73	- tls_data d = (tls_data )SSL_get_ex_data(s, ssl_index);
	74	- d->handshakes++;
	75	- }
	76	+ tls_data d = (tls_data )SSL_get_ex_data(s, ssl_index);
	77	+ if ((where & SSL_CB_HANDSHAKE_START) && d->handshakes) {
	78	+ d->handshakes++;
	79	+ } else if ((where & SSL_CB_HANDSHAKE_DONE) && !d->handshakes) {
	80	+ d->handshakes++;
	81	}
	82	}
	83
	84	-
	85	#define SET_CERTIFICATE_FILE_ACCEPT 1
	86	#define SET_CERTIFICATE_FILE_CONNECT 2
	87	#define SET_ENCRYPTED_INPUT 3
	88	@@ -591,7 +597,7 @@ static ErlDrvSSizeT tls_drv_control(ErlDrvData handle,
	89	protocol_options_len +
	90	dh_file_len +
	91	ca_file_len + 1);
	92	- long options = 0L;
	93	+ unsigned long options = 0L;
	94
	95	if (protocol_options_len != 0) {
	96	char *po = strdup(protocol_options), delim[] = "\|";
	97	@@ -801,9 +807,9 @@ static ErlDrvSSizeT tls_drv_control(ErlDrvData handle,
	98
	99	if (len == 4)
	100	{
	101	- unsigned char b = (unsigned char )buf;
	102	+ unsigned char b2 = (unsigned char )buf;
	103	req_size =
	104	- (b[0] << 24) \| (b[1] << 16) \| (b[2] << 8) \| b[3];
	105	+ (b2[0] << 24) \| (b2[1] << 16) \| (b2[2] << 8) \| b2[3];
	106	}
	107	size = BUF_SIZE + 1;
	108	rlen = 1;
	109	@@ -925,15 +931,29 @@ ErlDrvEntry tls_driver_entry = {
	110	NULL, /* process_exit */
	111	NULL /* stop_select */
	112	};
	113	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
	114	+#define our_alloc driver_alloc
	115	+#define our_realloc driver_realloc
	116	+#define our_free driver_free
	117	+#else
	118	+static void our_alloc(size_t size, const char file, int line) {
	119	+ return driver_alloc(size);
	120	+}
	121	+static void * our_realloc(void ptr, size_t size, const char file, int line) {
	122	+ return driver_realloc(ptr, size);
	123	+}
	124	+
	125	+static void our_free(void ptr, const char file, int line) {
	126	+ driver_free(ptr);
	127	+}
	128	+#endif
	129
	130	DRIVER_INIT(fast_tls_drv) /* must match name in driver_entry */
	131	{
	132	- CRYPTO_set_mem_functions(driver_alloc, driver_realloc, driver_free);
	133	+ CRYPTO_set_mem_functions(our_alloc, our_realloc, our_free);
	134	OpenSSL_add_ssl_algorithms();
	135	SSL_load_error_strings();
	136	init_hash_table();
	137	ssl_index = SSL_get_ex_new_index(0, "ssl index", NULL, NULL, NULL);
	138	return &tls_driver_entry;
	139	}
	140	-
	141	-
	142	diff --git a/configure b/configure
	143	index 0540a78..ca463fe 100755
	144	--- a/configure
	145	+++ b/configure
	146	@@ -3838,6 +3838,12 @@ if test "x$ac_cv_header_openssl_sha_h" = xyes; then :
	147	fi
	148
	149
	150	+ac_fn_c_check_header_mongrel "$LINENO" "openssl/opensslv.h" "ac_cv_header_openssl_opensslv_h" "$ac_includes_default"
	151	+if test "x$ac_cv_header_openssl_opensslv_h" = xyes; then :
	152	+ OPENSSLV_HEADER=yes
	153	+fi
	154	+
	155	+
	156
	157	if test "x$SSL_LIB" = "x"; then
	158	as_fn_error $? "OpenSSL 'ssl' library was not found" "$LINENO" 5
	159	@@ -3859,6 +3865,10 @@ if test "x$SHA_HEADER" = "x"; then
	160	as_fn_error $? "OpenSSL header file \"openssl/sha.h\" was not found" "$LINENO" 5
	161	fi
	162
	163	+if test "x$OPENSSLV_HEADER" = "x"; then
	164	+ as_fn_error $? "OpenSSL header file \"openssl/opensslv.h\" was not found" "$LINENO" 5
	165	+fi
	166	+
	167	# Check whether --enable-gcov was given.
	168	if test "${enable_gcov+set}" = set; then :
	169	enableval=$enable_gcov; case "${enableval}" in
	170	diff --git a/configure.ac b/configure.ac
	171	index 56f36f9..62b6edf 100644
	172	--- a/configure.ac
	173	+++ b/configure.ac
	174	@@ -33,6 +33,7 @@ AC_CHECK_LIB(crypto, SHA1_Init, [CRYPTO_LIB=yes], [], [])
	175	AC_CHECK_HEADER(openssl/ssl.h, [SSL_HEADER=yes], [], [])
	176	AC_CHECK_HEADER(openssl/err.h, [ERR_HEADER=yes], [], [])
	177	AC_CHECK_HEADER(openssl/sha.h, [SHA_HEADER=yes], [], [])
	178	+AC_CHECK_HEADER(openssl/opensslv.h, [OPENSSLV_HEADER=yes], [], [])
	179
	180	if test "x$SSL_LIB" = "x"; then
	181	AC_MSG_ERROR([OpenSSL 'ssl' library was not found])
	182	@@ -54,6 +55,10 @@ if test "x$SHA_HEADER" = "x"; then
	183	AC_MSG_ERROR([OpenSSL header file "openssl/sha.h" was not found])
	184	fi
	185
	186	+if test "x$OPENSSLV_HEADER" = "x"; then
	187	+ AC_MSG_ERROR([OpenSSL header file "openssl/opensslv.h" was not found])
	188	+fi
	189	+
	190	AC_ARG_ENABLE(gcov,
	191	[AC_HELP_STRING([--enable-gcov], [compile with gcov enabled (default: no)])],
	192	[case "${enableval}" in
	193	diff --git a/c_src/fast_tls_drv.c b/c_src/fast_tls_drv.c
	194	index 976485e..8183957 100644
	195	--- a/c_src/fast_tls_drv.c
	196	+++ b/c_src/fast_tls_drv.c
	197	@@ -346,6 +346,9 @@ static void tls_drv_finish()
	198	}
	199
	200	driver_free(ht.buckets);
	201	+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
	202	+ OPENSSL_cleanup();
	203	+#endif
	204	}
	205
	206	static int is_modified(char file, time_t known_mtime)

-0

debian/patches/series less more

0	0	remove-deps.diff
	1	erlang-version.patch
	2	fix-openssl.patch