On Tue, Dec 20, 2016 at 03:14:49PM +0100, Markus Koschany wrote: > On Mon, 28 Nov 2016 13:45:38 +0200 Peter Pentchev <[email protected]> wrote: > [...] > > So, what do you think about the attached series of patches? > > - the first three are actually meant to bring the Git repository in line > > with what was uploaded as libtorrent-0.13.6-1 > > - the next one starts a changelog entry just to have one, I'm not trying > > to take over libtorrent or to force myself into any kind of maintainer > > team or anything > > - then there are a couple of fixes, with the changelog entries split out > > into separate commits so that you can pick and choose as you wish > > > Hello Peter, > > thanks for your patches. I am willing to sponsor your fixes for > libtorrent.
Hi, Thanks a lot for your interest in this! > However please provide a debdiff against the release in > unstable next time. This makes it far easier to review your proposed > changes. Also it would be better to split the release critical parts > from the non-release critical parts but it's ok this time. Well, to be fair, the patches I attached to my message were addressed to the maintainer, so I made it easy for him to import them into the package's Git repository. However, it looks like it might be time to call a maintainer timeout; I have access to the collab-maint repository, so if you're willing to sponsor an upload with the debdiff I'm attaching now (just to fix the FTBFS and this RC bug), then I can commit it there (and also, before that, the three commits to bring the repo up to date with what's already in unstable). So, yeah, see below. > I would like you to ask to get in contact with libtorrent's upstream > first. Since this is a security sensitive patch, getting their approval > is preferable. Unera filed issue 517 a while ago but it got almost > immediately closed. > > https://github.com/rakshasa/rtorrent/issues/517 > > Please reopen it or file a new issue. As soon as upstream confirms that > your patch is correct, please ping me again for the upload. I've decided to file a new issue against libtorrent itself, and marked the patch as forwarded to https://github.com/rakshasa/libtorrent/pull/143 I'll get back to you when the upstream author responds. Thanks again! G'luck, Peter -- Peter Pentchev [email protected] [email protected] [email protected] PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13
diff -Nru libtorrent-0.13.6/debian/changelog libtorrent-0.13.6/debian/changelog --- libtorrent-0.13.6/debian/changelog 2015-09-30 07:03:36.000000000 +0300 +++ libtorrent-0.13.6/debian/changelog 2016-12-21 22:57:46.000000000 +0200 @@ -1,3 +1,14 @@ +libtorrent (0.13.6-2) unstable; urgency=medium + + * Team upload. + * Explicitly add zlib to the build dependencies now that OpenSSL + no longer depends on it. + * Add the dh-openssl-1.1 patch to fix the compilation with OpenSSL 1.1 by + using an accessor function to store the generated DH parameters. + Closes: #828414 + + -- Peter Pentchev <[email protected]> Wed, 21 Dec 2016 22:57:46 +0200 + libtorrent (0.13.6-1) unstable; urgency=medium [ Jonathan McDowell ] diff -Nru libtorrent-0.13.6/debian/control libtorrent-0.13.6/debian/control --- libtorrent-0.13.6/debian/control 2015-09-30 07:03:36.000000000 +0300 +++ libtorrent-0.13.6/debian/control 2016-12-21 22:41:22.000000000 +0200 @@ -12,7 +12,8 @@ libcppunit-dev, libcurl4-openssl-dev, libsigc++-2.0-dev, - libssl-dev + libssl-dev, + zlib1g-dev Standards-Version: 3.9.6 Vcs-git: git://git.debian.org/git/collab-maint/libtorrent.git Vcs-browser: http://git.debian.org/?p=collab-maint/libtorrent.git;a=summary diff -Nru libtorrent-0.13.6/debian/patches/dh-openssl-1.1.patch libtorrent-0.13.6/debian/patches/dh-openssl-1.1.patch --- libtorrent-0.13.6/debian/patches/dh-openssl-1.1.patch 1970-01-01 02:00:00.000000000 +0200 +++ libtorrent-0.13.6/debian/patches/dh-openssl-1.1.patch 2016-12-21 22:57:45.000000000 +0200 @@ -0,0 +1,50 @@ +Description: Fix the DH parameters generation with OpenSSL 1.1. + The DH structure is now opaque, so the parameters must be stored there + through an accessor function. +Bug-Debian: https://bugs.debian.org/828414 +Forwarded: https://github.com/rakshasa/libtorrent/pull/143 +Author: Peter Pentchev <[email protected]> +Last-Update: 2016-11-28 + +--- a/src/utils/diffie_hellman.cc ++++ b/src/utils/diffie_hellman.cc +@@ -54,8 +54,11 @@ + + #ifdef USE_OPENSSL + m_dh = DH_new(); +- m_dh->p = BN_bin2bn(prime, primeLength, NULL); +- m_dh->g = BN_bin2bn(generator, generatorLength, NULL); ++ BIGNUM * const dh_p = BN_bin2bn(prime, primeLength, NULL); ++ BIGNUM * const dh_g = BN_bin2bn(generator, generatorLength, NULL); ++ if (dh_p == NULL || dh_g == NULL || ++ !DH_set0_pqg(m_dh, dh_p, NULL, dh_g)) ++ throw internal_error("Could not generate Diffie-Hellman parameters"); + + DH_generate_key(m_dh); + #else +@@ -73,7 +76,11 @@ + bool + DiffieHellman::is_valid() const { + #ifdef USE_OPENSSL +- return m_dh != NULL && m_dh->pub_key != NULL; ++ if (m_dh == NULL) ++ return false; ++ const BIGNUM *pub_key; ++ DH_get0_key(m_dh, &pub_key, NULL); ++ return pub_key != NULL; + #else + return false; + #endif +@@ -102,8 +109,10 @@ + #ifdef USE_OPENSSL + std::memset(dest, 0, length); + +- if ((int)length >= BN_num_bytes(m_dh->pub_key)) +- BN_bn2bin(m_dh->pub_key, dest + length - BN_num_bytes(m_dh->pub_key)); ++ const BIGNUM *pub_key; ++ DH_get0_key(m_dh, &pub_key, NULL); ++ if ((int)length >= BN_num_bytes(pub_key)) ++ BN_bn2bin(pub_key, dest + length - BN_num_bytes(pub_key)); + #endif + } + diff -Nru libtorrent-0.13.6/debian/patches/series libtorrent-0.13.6/debian/patches/series --- libtorrent-0.13.6/debian/patches/series 1970-01-01 02:00:00.000000000 +0200 +++ libtorrent-0.13.6/debian/patches/series 2016-12-21 22:41:22.000000000 +0200 @@ -0,0 +1 @@ +dh-openssl-1.1.patch
signature.asc
Description: PGP signature
