Control: tags 994672 + patch
Control: tags 994672 + pending
Dear maintainer,
I've prepared an NMU for open-isns (versioned as 0.101-0.1) and
uploaded it to DELAYED/7. Please feel free to tell me if I
should delay it longer.
Cheers
--
Sebastian Ramacher
diff -Nru open-isns-0.100/ChangeLog open-isns-0.101/ChangeLog
--- open-isns-0.100/ChangeLog 2020-01-23 22:02:36.000000000 +0100
+++ open-isns-0.101/ChangeLog 2021-02-01 18:27:33.000000000 +0100
@@ -1,3 +1,28 @@
+* Changes v0.100 to v0.101:
+
+Dmitry Bogdanov (1):
+ Fix parsing of GetNextRsp
+
+Lee Duncan (10):
+ Ignore common build files
+ Fix compiler issue when not in security mode
+ Do not ignore write() return value.
+ Fix 586 compile issue and remove -Werror
+ Added a TODO: 'make depend' not worrking
+ Update version string to "0.100".
+ Fix broken server authentication initialization.
+ Add man page for isnssetup.
+ Added TODO to test "isnsd --init"
+ Preparing for version 0.101
+
+Leo (1):
+ socket.c: include poll.h instead of sys/poll.h for POSIX compatibility
+
+Rosen Penev (2):
+ fix compilation without deprecated OpenSSL APIs
+ libisns: remove sighold and sigrelse
+
+
* Changes v0.99 to v0.100:
Chris Leech (1):
diff -Nru open-isns-0.100/client.c open-isns-0.101/client.c
--- open-isns-0.100/client.c 2020-01-23 22:02:36.000000000 +0100
+++ open-isns-0.101/client.c 2021-02-01 18:27:33.000000000 +0100
@@ -122,22 +122,17 @@
/*
* Create a security context
*/
+#ifdef WITH_SECURITY
static isns_security_t *
__create_security_context(const char *name, const char *auth_key,
const char *server_key)
{
-#ifdef WITH_SECURITY
isns_security_t *ctx;
isns_principal_t *princ;
-#endif /* WITH_SECURITY */
if (!isns_config.ic_security)
return NULL;
-#ifndef WITH_SECURITY
- isns_error("Cannot create security context: security disabled at build time\n");
- return NULL;
-#else /* WITH_SECURITY */
ctx = isns_create_dsa_context();
if (ctx == NULL)
isns_fatal("Unable to create security context\n");
@@ -174,8 +169,19 @@
}
return ctx;
-#endif /* WITH_SECURITY */
}
+#else /* WITH_SECURITY */
+static isns_security_t *
+__create_security_context(__attribute__((unused))const char *name,
+ __attribute__((unused))const char *auth_key,
+ __attribute__((unused))const char *server_key)
+{
+ if (!isns_config.ic_security)
+ return NULL;
+ isns_error("Cannot create security context: security disabled at build time\n");
+ return NULL;
+}
+#endif /* WITH_SECURITY */
/*
* Create the default security context
diff -Nru open-isns-0.100/configure open-isns-0.101/configure
--- open-isns-0.100/configure 2020-01-23 22:02:36.000000000 +0100
+++ open-isns-0.101/configure 2021-02-01 18:27:33.000000000 +0100
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for open-isns 0.100.
+# Generated by GNU Autoconf 2.69 for open-isns 0.101.
#
#
# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@@ -577,8 +577,8 @@
# Identity of this package.
PACKAGE_NAME='open-isns'
PACKAGE_TARNAME='open-isns'
-PACKAGE_VERSION='0.100'
-PACKAGE_STRING='open-isns 0.100'
+PACKAGE_VERSION='0.101'
+PACKAGE_STRING='open-isns 0.101'
PACKAGE_BUGREPORT=''
PACKAGE_URL=''
@@ -1250,7 +1250,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures open-isns 0.100 to adapt to many kinds of systems.
+\`configure' configures open-isns 0.101 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1315,7 +1315,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of open-isns 0.100:";;
+ short | recursive ) echo "Configuration of open-isns 0.101:";;
esac
cat <<\_ACEOF
@@ -1410,7 +1410,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-open-isns configure 0.100
+open-isns configure 0.101
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1775,7 +1775,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by open-isns $as_me 0.100, which was
+It was created by open-isns $as_me 0.101, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -3996,7 +3996,7 @@
esac
if test "$GCC" = "yes"; then
- CFLAGS="-Wall -Werror -Wextra $CFLAGS"
+ CFLAGS="-Wall -Wextra $CFLAGS"
CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE"
fi
@@ -4985,7 +4985,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by open-isns $as_me 0.100, which was
+This file was extended by open-isns $as_me 0.101, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -5047,7 +5047,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-open-isns config.status 0.100
+open-isns config.status 0.101
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -Nru open-isns-0.100/configure.ac open-isns-0.101/configure.ac
--- open-isns-0.100/configure.ac 2020-01-23 22:02:36.000000000 +0100
+++ open-isns-0.101/configure.ac 2021-02-01 18:27:33.000000000 +0100
@@ -1,4 +1,4 @@
-AC_INIT(open-isns, [0.100])
+AC_INIT(open-isns, [0.101])
AC_CONFIG_SRCDIR([isnsd.c])
AC_CONFIG_AUX_DIR([aclocal])
@@ -17,7 +17,7 @@
dnl C Compiler features
AC_C_INLINE
if test "$GCC" = "yes"; then
- CFLAGS="-Wall -Werror -Wextra $CFLAGS"
+ CFLAGS="-Wall -Wextra $CFLAGS"
CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE"
fi
diff -Nru open-isns-0.100/db-policy.c open-isns-0.101/db-policy.c
--- open-isns-0.100/db-policy.c 2020-01-23 22:02:36.000000000 +0100
+++ open-isns-0.101/db-policy.c 2021-02-01 18:27:33.000000000 +0100
@@ -52,11 +52,11 @@
/*
* Load a DSA key from the DB store
*/
+#ifdef WITH_SECURITY
static EVP_PKEY *
__isns_db_keystore_find(isns_keystore_t *store_base,
const char *name, size_t namelen)
{
-#ifdef WITH_SECURITY
isns_db_keystore_t *store = (isns_db_keystore_t *) store_base;
isns_object_t *obj;
const void *key_data;
@@ -71,10 +71,16 @@
return NULL;
return isns_dsa_decode_public(key_data, key_size);
-#else
+}
+#else /* WITH_SECURITY */
+static EVP_PKEY *
+__isns_db_keystore_find(__attribute__((unused))isns_keystore_t *store_base,
+ __attribute__((unused))const char *name,
+ __attribute__((unused))size_t namelen)
+{
return NULL;
-#endif
}
+#endif /* WITH_SECURITY */
/*
* Retrieve policy from database
diff -Nru open-isns-0.100/debian/changelog open-isns-0.101/debian/changelog
--- open-isns-0.100/debian/changelog 2020-12-07 09:33:56.000000000 +0100
+++ open-isns-0.101/debian/changelog 2022-05-18 00:25:21.000000000 +0200
@@ -1,9 +1,24 @@
+open-isns (0.101-0.1) unstable; urgency=medium
+
+ * New upstream release
+ - Fix build with OpenSSL 3
+ - Fix use of deprecated functions (Closes: #994672)
+ * debian/patches: Remove patches integrated upstream
+
+ -- Sebastian Ramacher <[email protected]> Wed, 18 May 2022 00:25:21 +0200
+
open-isns (0.100-3) unstable; urgency=medium
* Add patch from upstream to fix broken server auth initializaiton
-- Ritesh Raj Sarraf <[email protected]> Mon, 07 Dec 2020 14:03:56 +0530
+open-isns (0.100-2ubuntu1) hirsute; urgency=medium
+
+ * Build without -Werror to fix FTBFS.
+
+ -- Dimitri John Ledkov <[email protected]> Tue, 24 Nov 2020 10:40:31 +0000
+
open-isns (0.100-2) unstable; urgency=medium
* Fix different signedness integer expression comparison
diff -Nru open-isns-0.100/debian/patches/0001-Do-not-ignore-write-return-value.patch open-isns-0.101/debian/patches/0001-Do-not-ignore-write-return-value.patch
--- open-isns-0.100/debian/patches/0001-Do-not-ignore-write-return-value.patch 2020-12-07 09:33:02.000000000 +0100
+++ open-isns-0.101/debian/patches/0001-Do-not-ignore-write-return-value.patch 1970-01-01 01:00:00.000000000 +0100
@@ -1,87 +0,0 @@
-From: Ritesh Raj Sarraf <[email protected]>
-Date: Thu, 19 Nov 2020 15:13:32 +0530
-Subject: Do not ignore write() return value
-
-Some distros set the warn_unused_result attribute for the write()
-system call, so check the return value
-
-Patch cherry-picked from upstream commit: 4c39cb09735a494099fba0474d25ff26800de952
----
- pki.c | 37 ++++++++++++++++++++++++++++++++-----
- 1 file changed, 32 insertions(+), 5 deletions(-)
-
-diff --git a/pki.c b/pki.c
-index 486d9bb..57ea664 100644
---- a/pki.c
-+++ b/pki.c
-@@ -9,12 +9,13 @@
- #include <unistd.h>
- #include <limits.h>
- #include "config.h"
-+#include <fcntl.h>
-+#include <assert.h>
- #ifdef WITH_SECURITY
- #include <openssl/pem.h>
- #include <openssl/err.h>
- #include <openssl/evp.h>
- #endif
--#include <fcntl.h>
- #include <libisns/isns.h>
- #include "security.h"
- #include <libisns/util.h>
-@@ -431,17 +432,43 @@ isns_dsa_load_params(const char *filename)
- return dsa;
- }
-
-+/*
-+ * write one 'status' character to stdout
-+ */
-+static void
-+write_status_byte(int ch)
-+{
-+ static int stdout_fd = 1; /* fileno(stdout) */
-+ char buf[2];
-+ int res;
-+
-+ /*
-+ * We don't actually care about the return value here, since
-+ * we are just dumping a status byte to stdout, but
-+ * some linux distrubutions set the warn_unused_result attribute
-+ * for the write() API, so we might as well use the return value
-+ * to make sure the write command isn't broken.
-+ */
-+ assert(ch);
-+ buf[0] = ch;
-+ buf[1] = '\0';
-+ res = write(stdout_fd, buf, 1);
-+ assert(res == 1);
-+}
-+
- static int
- isns_dsa_param_gen_callback(int stage,
- __attribute__((unused))int index,
- __attribute__((unused))void *dummy)
- {
- if (stage == 0)
-- write(1, "+", 1);
-+ write_status_byte('+');
- else if (stage == 1)
-- write(1, ".", 1);
-+ write_status_byte('.');
- else if (stage == 2)
-- write(1, "/", 1);
-+ write_status_byte('/');
-+
-+ /* as a callback, we must return a value, so just return success */
- return 0;
- }
-
-@@ -478,7 +505,7 @@ isns_dsa_init_params(const char *filename)
- dsa = DSA_generate_parameters(dsa_key_bits, NULL, 0,
- NULL, NULL, isns_dsa_param_gen_callback, NULL);
- #endif
-- write(1, "\n", 1);
-+ write_status_byte('\n');
-
- if (dsa == NULL) {
- isns_dsasig_report_errors("Error generating DSA parameters",
diff -Nru open-isns-0.100/debian/patches/0002-Fix-different-signedness-integer-expression-comparis.patch open-isns-0.101/debian/patches/0002-Fix-different-signedness-integer-expression-comparis.patch
--- open-isns-0.100/debian/patches/0002-Fix-different-signedness-integer-expression-comparis.patch 2020-12-07 09:33:02.000000000 +0100
+++ open-isns-0.101/debian/patches/0002-Fix-different-signedness-integer-expression-comparis.patch 1970-01-01 01:00:00.000000000 +0100
@@ -1,22 +0,0 @@
-From: Ritesh Raj Sarraf <[email protected]>
-Date: Mon, 23 Nov 2020 22:35:57 +0530
-Subject: Fix different signedness integer expression comparison error
-
-Issue commonly seen on 32 bit systems
----
- isnsdd.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/isnsdd.c b/isnsdd.c
-index 58825cc..9cedb9f 100644
---- a/isnsdd.c
-+++ b/isnsdd.c
-@@ -401,7 +401,7 @@ check_portal_registration(__attribute__((unused))void *ptr)
- continue;
-
- last_modified = isns_object_last_modified(obj);
-- if (last_modified + 2 * interval > now) {
-+ if ((time_t)(last_modified + 2 * interval) > now) {
- good_portals++;
- continue;
- }
diff -Nru open-isns-0.100/debian/patches/0003-Fix-broken-server-authentication-initialization.patch open-isns-0.101/debian/patches/0003-Fix-broken-server-authentication-initialization.patch
--- open-isns-0.100/debian/patches/0003-Fix-broken-server-authentication-initialization.patch 2020-12-07 09:33:02.000000000 +0100
+++ open-isns-0.101/debian/patches/0003-Fix-broken-server-authentication-initialization.patch 1970-01-01 01:00:00.000000000 +0100
@@ -1,55 +0,0 @@
-From: Lee Duncan <[email protected]>
-Date: Fri, 4 Dec 2020 09:14:18 -0800
-Subject: Fix broken server authentication initialization.
-
-Commit 86bf736873ed cleaned up a bunch of compiler complaints,
-and was supposed to have no effect on functionality. But the change
-to isns_dsa_param_gen_callback() from void to returning an
-integer (zero) broke "isnsd --init", causing the error message:
-
-> Generating DSA parameters; this may take a while
-> +
-> Warning: Error generating DSA parameters - OpenSSL errors follow:
-
-This commit changes isns_dsa_param_gen_callback() back to a void
-function, and fixes the compiler problem by properly declaring
-the callback, and using the proper openssl macro to set the
-callback.
-
-Fixes: 86bf736873ed General cleanup for the compiler.
----
- pki.c | 7 ++-----
- 1 file changed, 2 insertions(+), 5 deletions(-)
-
-diff --git a/pki.c b/pki.c
-index 57ea664..315b56b 100644
---- a/pki.c
-+++ b/pki.c
-@@ -456,7 +456,7 @@ write_status_byte(int ch)
- assert(res == 1);
- }
-
--static int
-+static void
- isns_dsa_param_gen_callback(int stage,
- __attribute__((unused))int index,
- __attribute__((unused))void *dummy)
-@@ -467,9 +467,6 @@ isns_dsa_param_gen_callback(int stage,
- write_status_byte('.');
- else if (stage == 2)
- write_status_byte('/');
--
-- /* as a callback, we must return a value, so just return success */
-- return 0;
- }
-
- int
-@@ -494,7 +491,7 @@ isns_dsa_init_params(const char *filename)
- isns_notice("Generating DSA parameters; this may take a while\n");
- #if OPENSSL_VERSION_NUMBER >= 0x10002000L
- cb = BN_GENCB_new();
-- BN_GENCB_set(cb, (int (*)(int, int, BN_GENCB *)) isns_dsa_param_gen_callback, NULL);
-+ BN_GENCB_set_old(cb, (void (*)(int, int, void *)) isns_dsa_param_gen_callback, NULL);
- dsa = DSA_new();
- if (!DSA_generate_parameters_ex(dsa, dsa_key_bits, NULL, 0, NULL, NULL, cb)) {
- DSA_free(dsa);
diff -Nru open-isns-0.100/debian/patches/series open-isns-0.101/debian/patches/series
--- open-isns-0.100/debian/patches/series 2020-12-07 09:33:02.000000000 +0100
+++ open-isns-0.101/debian/patches/series 1970-01-01 01:00:00.000000000 +0100
@@ -1,3 +0,0 @@
-0001-Do-not-ignore-write-return-value.patch
-0002-Fix-different-signedness-integer-expression-comparis.patch
-0003-Fix-broken-server-authentication-initialization.patch
diff -Nru open-isns-0.100/doc/isnssetup.8 open-isns-0.101/doc/isnssetup.8
--- open-isns-0.100/doc/isnssetup.8 1970-01-01 01:00:00.000000000 +0100
+++ open-isns-0.101/doc/isnssetup.8 2021-02-01 18:27:33.000000000 +0100
@@ -0,0 +1,64 @@
+'\" t
+.TH ISNSSETUP 8 "4 Dec 2020"
+.SH NAME
+isnssetup \- a simple script to bootstrap an iSNS server, including security
+.SH SYNOPSIS
+.B isnssetup
+.SH DESCRIPTION
+.B isnssetup
+is a command line utility for for bootstrapping your iSNS
+installation. It sets up the authentication credentials,
+sets up the
+.B ServerAddress
+to be
+.IR localhost ,
+and registers the appropriate values in the
+.B iSNS
+database. The
+.B isnssetup
+script does not take any options.
+.PP
+Running this script performs the following steps:
+.TP
+.B \(bu
+Set
+.B ServerAddress
+to
+.I localhost
+and
+.B Security
+to
+.I 1
+for
+.B isnsadmin.conf
+and
+.BR isnsdd.conf .
+.TP
+.B \(bu
+Initialize security files by running
+.BR "isnsd --init" ,
+copying the public key to the server key, then restarting
+the
+.B isnsd
+daemon, so that it sees the new authorization files.
+.TP
+.B \(bu
+Registering the control node policy, the control node itself, and
+lastly registering the server policy.
+.PP
+Note that this script is supplied as an example, although you should
+be able to use it directly if you wish. You have to be
+.B root
+to run this script successfully.
+.SH BUGS
+This script does not take
+.B systemd
+into account, so you may have to modify it to get it to work on
+a modern system.
+.SH SEE ALSO
+RFC 4171,
+.BR isnsadm (8),
+.BR isnsd (8),
+.BR isns_config (5).
+.SH AUTHORS
+Olaf Kirch <[email protected]>
diff -Nru open-isns-0.100/getnext.c open-isns-0.101/getnext.c
--- open-isns-0.100/getnext.c 2020-01-23 22:02:36.000000000 +0100
+++ open-isns-0.101/getnext.c 2021-02-01 18:27:33.000000000 +0100
@@ -244,7 +244,7 @@
{
isns_object_template_t *tmpl;
- tmpl = isns_object_template_for_key_attrs(&qry->is_operating_attrs);
+ tmpl = isns_object_template_for_key_attrs(&qry->is_message_attrs);
if (tmpl == NULL) {
isns_error("Cannot determine object type in GetNext response\n");
return ISNS_ATTRIBUTE_NOT_IMPLEMENTED;
diff -Nru open-isns-0.100/.gitignore open-isns-0.101/.gitignore
--- open-isns-0.100/.gitignore 2020-01-23 22:02:36.000000000 +0100
+++ open-isns-0.101/.gitignore 2021-02-01 18:27:33.000000000 +0100
@@ -7,3 +7,8 @@
isnsdd
libisns.a
libisns*.so.?
+Makefile
+config.h
+config.log
+config.status
+autom4te.cache
diff -Nru open-isns-0.100/include/libisns/.gitignore open-isns-0.101/include/libisns/.gitignore
--- open-isns-0.100/include/libisns/.gitignore 1970-01-01 01:00:00.000000000 +0100
+++ open-isns-0.101/include/libisns/.gitignore 2021-02-01 18:27:33.000000000 +0100
@@ -0,0 +1 @@
+paths.h
diff -Nru open-isns-0.100/include/libisns/paths.h.in open-isns-0.101/include/libisns/paths.h.in
--- open-isns-0.100/include/libisns/paths.h.in 2020-01-23 22:02:36.000000000 +0100
+++ open-isns-0.101/include/libisns/paths.h.in 2021-02-01 18:27:33.000000000 +0100
@@ -9,8 +9,8 @@
#define ISNS_CONFIG_H
#define __OPENISNS_MKVERSION(maj, min) (((maj) << 8) + (min))
-#define OPENISNS_VERSION __OPENISNS_MKVERSION(0, 99);
-#define OPENISNS_VERSION_STRING "0.99"
+#define OPENISNS_VERSION __OPENISNS_MKVERSION(0, 101);
+#define OPENISNS_VERSION_STRING "0.101"
#define ISNS_ETCDIR "/etc/isns"
#define ISNS_RUNDIR "@RUNDIR@"
diff -Nru open-isns-0.100/include/libisns/util.h open-isns-0.101/include/libisns/util.h
--- open-isns-0.100/include/libisns/util.h 2020-01-23 22:02:36.000000000 +0100
+++ open-isns-0.101/include/libisns/util.h 2021-02-01 18:27:33.000000000 +0100
@@ -14,6 +14,7 @@
#include <string.h> // for strdup
#include <signal.h>
#include <libisns/types.h>
+#include <stdlib.h>
#define array_num_elements(a) (sizeof(a) / sizeof((a)[0]))
@@ -40,14 +41,22 @@
*/
static inline void signals_hold(void)
{
- sighold(SIGTERM);
- sighold(SIGINT);
+ sigset_t s;
+
+ sigemptyset(&s);
+ sigaddset(&s, SIGTERM);
+ sigaddset(&s, SIGINT);
+ sigprocmask(SIG_BLOCK, &s, 0);
}
static inline void signals_release(void)
{
- sigrelse(SIGTERM);
- sigrelse(SIGINT);
+ sigset_t s;
+
+ sigemptyset(&s);
+ sigaddset(&s, SIGTERM);
+ sigaddset(&s, SIGINT);
+ sigprocmask(SIG_UNBLOCK, &s, 0);
}
/*
diff -Nru open-isns-0.100/isnsadm.c open-isns-0.101/isnsadm.c
--- open-isns-0.100/isnsadm.c 2020-01-23 22:02:36.000000000 +0100
+++ open-isns-0.101/isnsadm.c 2021-02-01 18:27:33.000000000 +0100
@@ -1162,7 +1162,7 @@
}
isns_attr_t *
-load_key_callback(const char *pathname)
+load_key_callback(__attribute__((unused))const char *pathname)
{
isns_fatal("Authentication disabled in this build\n");
return NULL;
diff -Nru open-isns-0.100/isnsdd.c open-isns-0.101/isnsdd.c
--- open-isns-0.100/isnsdd.c 2020-01-23 22:02:36.000000000 +0100
+++ open-isns-0.101/isnsdd.c 2021-02-01 18:27:33.000000000 +0100
@@ -401,7 +401,7 @@
continue;
last_modified = isns_object_last_modified(obj);
- if (last_modified + 2 * interval > now) {
+ if ((time_t)(last_modified + 2 * interval) > now) {
good_portals++;
continue;
}
diff -Nru open-isns-0.100/Makefile.in open-isns-0.101/Makefile.in
--- open-isns-0.100/Makefile.in 2020-01-23 22:02:36.000000000 +0100
+++ open-isns-0.101/Makefile.in 2021-02-01 18:27:33.000000000 +0100
@@ -118,6 +118,7 @@
$(INSTALL) -m 644 $(srcdir)/doc/isnsd.8 $(MANDIR)/man8
$(INSTALL) -m 644 $(srcdir)/doc/isnsdd.8 $(MANDIR)/man8
$(INSTALL) -m 644 $(srcdir)/doc/isnsadm.8 $(MANDIR)/man8
+ $(INSTALL) -m 644 $(srcdir)/doc/isnssetup.8 $(MANDIR)/man8
$(INSTALL) -m 644 $(srcdir)/doc/isns_config.5 $(MANDIR)/man5
$(INSTALL) -m 644 $(srcdir)/isnsd.service $(SYSTEMDDIR)
$(INSTALL) -m 644 $(srcdir)/isnsd.socket $(SYSTEMDDIR)
diff -Nru open-isns-0.100/pki.c open-isns-0.101/pki.c
--- open-isns-0.100/pki.c 2020-01-23 22:02:36.000000000 +0100
+++ open-isns-0.101/pki.c 2021-02-01 18:27:33.000000000 +0100
@@ -9,12 +9,15 @@
#include <unistd.h>
#include <limits.h>
#include "config.h"
+#include <fcntl.h>
+#include <assert.h>
#ifdef WITH_SECURITY
#include <openssl/pem.h>
#include <openssl/err.h>
#include <openssl/evp.h>
+#include <openssl/dsa.h>
+#include <openssl/bn.h>
#endif
-#include <fcntl.h>
#include <libisns/isns.h>
#include "security.h"
#include <libisns/util.h>
@@ -96,13 +99,11 @@
isns_security_t *ctx;
if (!isns_openssl_init) {
- ERR_load_crypto_strings();
#if OPENSSL_API_COMPAT < 0x10100000L
+ ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
-#else
- OPENSSL_init_crypto();
#endif
isns_openssl_init = 1;
}
@@ -431,18 +432,41 @@
return dsa;
}
-static int
+/*
+ * write one 'status' character to stdout
+ */
+static void
+write_status_byte(int ch)
+{
+ static int stdout_fd = 1; /* fileno(stdout) */
+ char buf[2];
+ int res;
+
+ /*
+ * We don't actually care about the return value here, since
+ * we are just dumping a status byte to stdout, but
+ * some linux distrubutions set the warn_unused_result attribute
+ * for the write() API, so we might as well use the return value
+ * to make sure the write command isn't broken.
+ */
+ assert(ch);
+ buf[0] = ch;
+ buf[1] = '\0';
+ res = write(stdout_fd, buf, 1);
+ assert(res == 1);
+}
+
+static void
isns_dsa_param_gen_callback(int stage,
__attribute__((unused))int index,
__attribute__((unused))void *dummy)
{
if (stage == 0)
- write(1, "+", 1);
+ write_status_byte('+');
else if (stage == 1)
- write(1, ".", 1);
+ write_status_byte('.');
else if (stage == 2)
- write(1, "/", 1);
- return 0;
+ write_status_byte('/');
}
int
@@ -467,7 +491,7 @@
isns_notice("Generating DSA parameters; this may take a while\n");
#if OPENSSL_VERSION_NUMBER >= 0x10002000L
cb = BN_GENCB_new();
- BN_GENCB_set(cb, (int (*)(int, int, BN_GENCB *)) isns_dsa_param_gen_callback, NULL);
+ BN_GENCB_set_old(cb, (void (*)(int, int, void *)) isns_dsa_param_gen_callback, NULL);
dsa = DSA_new();
if (!DSA_generate_parameters_ex(dsa, dsa_key_bits, NULL, 0, NULL, NULL, cb)) {
DSA_free(dsa);
@@ -478,7 +502,7 @@
dsa = DSA_generate_parameters(dsa_key_bits, NULL, 0,
NULL, NULL, isns_dsa_param_gen_callback, NULL);
#endif
- write(1, "\n", 1);
+ write_status_byte('\n');
if (dsa == NULL) {
isns_dsasig_report_errors("Error generating DSA parameters",
diff -Nru open-isns-0.100/security.c open-isns-0.101/security.c
--- open-isns-0.100/security.c 2020-01-23 22:02:36.000000000 +0100
+++ open-isns-0.101/security.c 2021-02-01 18:27:33.000000000 +0100
@@ -408,32 +408,34 @@
}
isns_keystore_t *
-isns_create_keystore(const char *spec)
+isns_create_keystore(__attribute__((unused))const char *spec)
{
isns_no_security();
return NULL;
}
void
-isns_security_set_keystore(isns_security_t *ctx,
- isns_keystore_t *ks)
+isns_security_set_keystore(__attribute__((unused))isns_security_t *ctx,
+ __attribute__((unused))isns_keystore_t *ks)
{
isns_no_security();
}
void
-isns_principal_free(isns_principal_t *peer)
+isns_principal_free(__attribute__((unused))isns_principal_t *peer)
{
}
isns_principal_t *
-isns_get_principal(isns_security_t *ctx, const char *spi, size_t spi_len)
+isns_get_principal(__attribute__((unused))isns_security_t *ctx,
+ __attribute__((unused))const char *spi,
+ __attribute__((unused))size_t spi_len)
{
return NULL;
}
const char *
-isns_principal_name(const isns_principal_t *princ)
+isns_principal_name(__attribute__((unused))const isns_principal_t *princ)
{
return NULL;
}
diff -Nru open-isns-0.100/socket.c open-isns-0.101/socket.c
--- open-isns-0.100/socket.c 2020-01-23 22:02:36.000000000 +0100
+++ open-isns-0.101/socket.c 2021-02-01 18:27:33.000000000 +0100
@@ -5,7 +5,7 @@
*/
#include <sys/socket.h>
-#include <sys/poll.h>
+#include <poll.h>
#include <sys/time.h>
#include <sys/un.h>
#include <string.h>
@@ -322,8 +322,9 @@
}
#else /* WITH_SECURITY */
static int
-isns_pdu_authenticate(isns_security_t *sec,
- struct isns_partial_msg *msg, buf_t *bp)
+isns_pdu_authenticate(__attribute__((unused))isns_security_t *sec,
+ __attribute__((unused))struct isns_partial_msg *msg,
+ __attribute__((unused))buf_t *bp)
{
return 0;
}
diff -Nru open-isns-0.100/TODO open-isns-0.101/TODO
--- open-isns-0.100/TODO 2020-01-23 22:02:36.000000000 +0100
+++ open-isns-0.101/TODO 2021-02-01 18:27:33.000000000 +0100
@@ -7,6 +7,7 @@
- make PGs children of the iSCSI storage node they're associated
with?
- Implement missing functions
+ - Add test for "isnsd --init", to make sure it works correctly.
isnsadm:
- support iSNS server discovery through DNS SRV
@@ -27,6 +28,10 @@
we registered for ESI are seeing the server's
ESI messages.
+isnssetup:
+- Update to support systemd, and perhaps have
+ a few options?
+
DevAttrReg:
- Refuse registration of nodes inside the CONTROL
entity, unless it's a control node.
@@ -98,3 +103,6 @@
Socket code:
- impose upper limit on the reassembly buffer
+
+Compilation:
+ - 'make depend' does not work
