[med-svn] [fis-gtm] 03/03: Updated for FIS GT.M V6.3-000A

Wed Dec 7 00:27:30 UTC 2016

This is an automated email from the git hooks/post-receive script.

tuskentower-guest pushed a commit to branch master
in repository fis-gtm.

commit 6cc8ec136793a8279f065f36cf9004e9114e6e7a
Author: Amul Shah <amul.shah at fisglobal.com>
Date:   Fri Oct 28 12:00:14 2016 -0400

    Updated for FIS GT.M V6.3-000A
    
    In addition to merging in the updated upstream source the following
    changed were made.
    - Applied fixes for OpenSSL 1.1.0 compatibilty and undo the temporary
      hack to work around #828300
    - Patches refreshed as needed
    - Removed old patches
---
 debian/changelog                                   |   7 +
 debian/control                                     |   4 +-
 .../patches/correct_rundown_state_definition.patch |  37 -----
 debian/patches/series                              |   3 +-
 .../upstream_donot_deploy_all_encryption_libs      |  40 +-----
 .../upstream_encryption_libs_openssl110_compatible | 154 +++++++++++++++++++++
 debian/patches/upstream_fix_speeling_errors        |  19 ---
 7 files changed, 167 insertions(+), 97 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index e85662c..5987db5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+fis-gtm (6.3-000A-1) UNRELEASED; urgency=low
+
+  [ Amul Shah ]
+  * Update to fis-gtm V6.3-000A
+
+ -- Amul Shah <Amul.Shah at fisglobal.com>  Fri, 28 Oct 2016 11:56:29 -0400
+
 fis-gtm (6.3-000-3) unstable; urgency=medium
 
   [ Amul Shah ]
diff --git a/debian/control b/debian/control
index c5439a6..b64f7bb 100644
--- a/debian/control
+++ b/debian/control
@@ -31,7 +31,7 @@ Homepage: http://sourceforge.net/projects/fis-gtm
 Package: fis-gtm
 Architecture: all
 Depends: ${misc:Depends},
-         fis-gtm-6.3-000
+         fis-gtm-6.3-000a
 Provides: mumps
 Description: metapackage for the latest version of FIS-GT.M database
  GT.M is a database engine with scalability proven in large real-time
@@ -62,7 +62,7 @@ Description: metapackage for the latest version of FIS-GT.M database
  .
  This metapackage always depends from the default fis-gtm version.
 
-Package: fis-gtm-6.3-000
+Package: fis-gtm-6.3-000a
 Architecture: amd64 i386
 Multi-Arch: same
 Depends: ${shlibs:Depends},
diff --git a/debian/patches/correct_rundown_state_definition.patch b/debian/patches/correct_rundown_state_definition.patch
deleted file mode 100644
index 514569d..0000000
--- a/debian/patches/correct_rundown_state_definition.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-Description: Define the rundown_state enum before it is used
-Author: Gert Wollny <gw.fossdev at gmail.com>
-Bug: https://bugs.debian.org/818861
-
---- a/sr_unix/gtm_exit_handler.c
-+++ b/sr_unix/gtm_exit_handler.c
-@@ -58,6 +58,15 @@
- GBLREF	boolean_t		skip_exit_handler;
- GBLREF 	boolean_t		is_tracing_on;
- 
-+enum rundown_state
-+{
-+	rundown_state_mprof,
-+	rundown_state_lock,
-+	rundown_state_db,
-+	rundown_state_io,
-+	rundown_state_last
-+};
-+
- static	enum rundown_state	attempting;
- 
- #ifdef DEBUG
-@@ -142,14 +151,6 @@
- error_def(ERR_LKRUNDOWN);
- error_def(ERR_MPROFRUNDOWN);
- 
--enum rundown_state
--{
--	rundown_state_mprof,
--	rundown_state_lock,
--	rundown_state_db,
--	rundown_state_io,
--	rundown_state_last
--};
- 
- /* Function that is invoked at process exit time to do cleanup.
-  * The general flow here is to do various types of rundowns (e.g. db rundown, lock rundown, io rundown etc.).
diff --git a/debian/patches/series b/debian/patches/series
index 9f68b86..e6023c4 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,6 +1,5 @@
 
 upstream_disable_autorelink
-upstream_fix_speeling_errors
 upstream_donot_deploy_all_encryption_libs
-correct_rundown_state_definition.patch
 upstream_fix_locale_setting_error
+upstream_encryption_libs_openssl110_compatible
diff --git a/debian/patches/upstream_donot_deploy_all_encryption_libs b/debian/patches/upstream_donot_deploy_all_encryption_libs
index fc98ae5..ee2cf26 100644
--- a/debian/patches/upstream_donot_deploy_all_encryption_libs
+++ b/debian/patches/upstream_donot_deploy_all_encryption_libs
@@ -11,16 +11,7 @@ Last-Update: 2015-01-11
 
 --- a/CMakeLists.txt
 +++ b/CMakeLists.txt
-@@ -467,6 +467,8 @@
- add_dependencies(libgtmshr gen_export)
- add_dependencies(mumps libgtmshr)
- 
-+# FIXME: Temporarily disable building of encryption plugin libraries
-+if (0) 
- # Iterate over the list of GPG related libraries
- foreach(gpglib gpg-error gpgme gcrypt config)
-   # For each library, we need a new CMake variable, hence GPGLIB_${gpglib}
-@@ -519,7 +521,7 @@
+@@ -519,7 +519,7 @@
    )
  target_link_libraries(libgtmcrypt_openssl_AES256CFB ${GPG_LIBRARIES} ${TLS_LIBRARIES})
  add_dependencies(libgtmcrypt_openssl_AES256CFB gen_gtm_threadgbl_deftypes)
@@ -29,7 +20,7 @@ Last-Update: 2015-01-11
  
  # Library=OPENSSL Algorithm=BLOWFISHCFB
  add_library(libgtmcrypt_openssl_BLOWFISHCFB MODULE ${libgtmcrypt_SOURCES})
-@@ -530,7 +532,7 @@
+@@ -530,7 +530,7 @@
    )
  target_link_libraries(libgtmcrypt_openssl_BLOWFISHCFB ${GPG_LIBRARIES} ${TLS_LIBRARIES})
  add_dependencies(libgtmcrypt_openssl_BLOWFISHCFB gen_gtm_threadgbl_deftypes)
@@ -38,7 +29,7 @@ Last-Update: 2015-01-11
  
  add_library(libgtmtls MODULE ${libgtmtls_SOURCES})
  set_target_properties(libgtmtls PROPERTIES
-@@ -540,7 +542,7 @@
+@@ -540,7 +540,7 @@
    )
  target_link_libraries(libgtmtls ${TLS_LIBRARIES})
  add_dependencies(libgtmtls gen_gtm_threadgbl_deftypes)
@@ -47,31 +38,6 @@ Last-Update: 2015-01-11
  
  add_executable(maskpass ${maskpass_SOURCES})
  target_link_libraries(maskpass ${GPG_LIBRARIES} ${TLS_LIBRARIES})
-@@ -549,6 +551,7 @@
-   RUNTIME_OUTPUT_DIRECTORY ${GTM_BINARY_DIR}/plugin/gtmcrypt
-   )
- install(TARGETS maskpass DESTINATION ${GTM_INSTALL_DIR}/plugin/gtmcrypt)
-+endif(0)
- 
- # Always copy files into the plugin directory
- foreach(f
-@@ -768,14 +771,14 @@
-   STRING(REGEX REPLACE "\n" ";" locale_list "${locale_list}")
-   foreach(lc ${locale_list})
-     string(TOLOWER "${lc}" lc_lower)
--    if("x${lc_lower}" MATCHES "^xen_us\\.?utf-?8")
-+    if("x${lc_lower}" MATCHES "^x[a-zA-Z_]+\\.?utf-?8")
-       set(LC_ALL ${lc})
-       message("-- Setting locale to ${LC_ALL}")
-       break()
-     endif()
-   endforeach(lc)
-   if("${LC_ALL}" STREQUAL "")
--    message("Locale undefined. Expect to see NONUTF8LOCALE during MUMPS routine compilation\n")
-+    message("Locale undefined. Expect to see NONUTF8LOCALE during MUMPS routine compilation: ${locale_list}\n")
-   endif()
- else()
-   message(FATAL_ERROR "Unable to find 'locale'.  Set LOCALECFG in CMake cache.")
 --- a/sr_unix/configure.gtc
 +++ b/sr_unix/configure.gtc
 @@ -544,6 +544,7 @@
diff --git a/debian/patches/upstream_encryption_libs_openssl110_compatible b/debian/patches/upstream_encryption_libs_openssl110_compatible
new file mode 100644
index 0000000..eee1492
--- /dev/null
+++ b/debian/patches/upstream_encryption_libs_openssl110_compatible
@@ -0,0 +1,154 @@
+From: Amul Shah <Amul.Shah at fisglobal.com>
+Forwarded: not-needed
+Summary: Update encryption plugin for OpenSSL 1.1.0
+Description: #828300 resulted in a FTBFS for fis-gtm with openssl 1.1.0. These
+  changes adapt the upstream fixes for OpenSSL 1.1.0 to V63000A
+Applied-Upstream: V6.3-001
+Last-Update: 2016-12-06
+
+--- a/sr_unix/gtm_tls_impl.c
++++ b/sr_unix/gtm_tls_impl.c
+@@ -1675,7 +1675,13 @@
+ 			if (NULL != peer)
+ 			{
+ 				pubkey = X509_get_pubkey(peer);
+-				SNPRINTF(conn_info->cert_algo, SIZEOF(conn_info->cert_algo), "%s", OBJ_nid2ln(pubkey->type));
++#				if OPENSSL_VERSION_NUMBER >= 0x10000001L
++				SNPRINTF(conn_info->cert_algo, SIZEOF(conn_info->cert_algo), "%s",
++						OBJ_nid2ln(EVP_PKEY_base_id(pubkey)));
++#				else
++				SNPRINTF(conn_info->cert_algo, SIZEOF(conn_info->cert_algo), "%s",
++						OBJ_nid2ln(pubkey->type));
++#				endif
+ 			} else
+ 				conn_info->cert_algo[0] = '\0';
+ 			/* Is Secure Renegotiation Supported? */
+--- a/sr_unix/gtmcrypt_dbk_ref.c
++++ b/sr_unix/gtmcrypt_dbk_ref.c
+@@ -770,7 +770,7 @@
+ int keystore_new_cipher_ctx(gtm_keystore_t *entry, char *iv, int length, int action)
+ {
+ 	int			rv;
+-	crypt_key_t		handle;
++	crypt_key_t		handle = NULL;
+ 	gtm_cipher_ctx_t	*ctx;
+ 	unsigned char		iv_array[GTMCRYPT_IV_LEN];
+ 
+@@ -809,8 +809,7 @@
+ 
+ 	assert(NULL != ctx);
+ 	status = 0;
+-	if (-1 == gc_sym_destroy_cipher_handle(ctx->handle))
+-		status = -1;
++	gc_sym_destroy_cipher_handle(ctx->handle);
+ 	next = ctx->next;
+ 	prev = ctx->prev;
+ 	if (NULL != prev)
+@@ -888,8 +887,7 @@
+ 	while (NULL != curr)
+ 	{
+ 		temp = curr->next;
+-		if (-1 == gc_sym_destroy_cipher_handle(curr->handle))
+-			status = -1;
++		gc_sym_destroy_cipher_handle(curr->handle);
+ 		FREE(curr);
+ 		curr = temp;
+ 	}
+--- a/sr_unix/gtmcrypt_dbk_ref.h
++++ b/sr_unix/gtmcrypt_dbk_ref.h
+@@ -151,7 +151,7 @@
+ 	struct gtm_keystore_unres_key_link_struct	*next;				/* Pointer to next element. */
+ } gtm_keystore_unres_key_link_t;
+ 
+-STATICFNDEF int			keystore_refresh();
++STATICFNDEF int			keystore_refresh(void);
+ STATICFNDEF int 		read_files_section(config_t *cfgp);
+ STATICFNDEF int 		read_database_section(config_t *cfgp);
+ STATICFNDEF int			gtm_keystore_cleanup_node(gtm_keystore_t *);
+--- a/sr_unix/gtmcrypt_ref.h
++++ b/sr_unix/gtmcrypt_ref.h
+@@ -16,7 +16,7 @@
+ # include <openssl/sha.h>
+ # include <openssl/evp.h>
+ # include <openssl/err.h>
+-typedef EVP_CIPHER_CTX		crypt_key_t;
++typedef EVP_CIPHER_CTX		*crypt_key_t;
+ #else
+ # include <gcrypt.h>
+ typedef gcry_cipher_hd_t	crypt_key_t;
+--- a/sr_unix/gtmcrypt_sym_ref.c
++++ b/sr_unix/gtmcrypt_sym_ref.c
+@@ -67,22 +67,18 @@
+  *
+  * Arguments:	handle	Encryption / decryption state object to destroy.
+  *
+- * Returns:	1 if the cipher handle was successfully destroyed; -1 otherwise.
++ * Returns:	N/A neither OpenSSL nor GCrypt destructors return a status.
+  */
+-int gc_sym_destroy_cipher_handle(crypt_key_t handle)
++void gc_sym_destroy_cipher_handle(crypt_key_t handle)
+ {
+-#	ifdef USE_OPENSSL
+-	if (!EVP_CIPHER_CTX_cleanup(&handle))
+-	{
+-		GC_APPEND_OPENSSL_ERROR("Failed to destroy encryption key handle.");
+-		return -1;
+-	}
+-#	endif
+-#	ifdef USE_GCRYPT
+-	if (handle)
++	if (NULL != handle)
++#ifdef USE_OPENSSL
++		EVP_CIPHER_CTX_free(handle);
++#elif defined(USE_GCRYPT)
+ 		gcry_cipher_close(handle);
+-#	endif
+-	return 0;
++#else
++	error Encryption library not defined, please use either -DUSE_OPENSSL or -DUSE_GCRYPT
++#endif
+ }
+ 
+ /*
+@@ -103,11 +99,13 @@
+ 	int rv, plain_text_length;
+ 
+ #	ifdef USE_OPENSSL
+-	if (!reuse)
++	if (NULL == *handle)
++		*handle = EVP_CIPHER_CTX_new();
++	else if (!reuse)
+ 	{
+-		EVP_CIPHER_CTX_init(handle);
++		EVP_CIPHER_CTX_init(*handle);
+ 	}
+-	if (!EVP_CipherInit_ex(handle, ALGO, NULL, raw_key, iv, direction))
++	if (!EVP_CipherInit_ex(*handle, ALGO, NULL, raw_key, iv, direction))
+ 	{
+ 		GC_APPEND_OPENSSL_ERROR("Failed to initialize encryption key handle.");
+ 		return -1;
+@@ -168,12 +166,12 @@
+ 	}
+ #	endif
+ #	ifdef USE_OPENSSL
+-	if (!EVP_CipherUpdate(key, out_block, &out_block_len, in_block, in_block_len))
++	if (!EVP_CipherUpdate(*key, out_block, &out_block_len, in_block, in_block_len))
+ 	{
+ 		GC_APPEND_OPENSSL_ERROR("OpenSSL function 'EVP_CipherUpdate' failed.")
+ 		return -1;
+ 	}
+-	if (!EVP_CipherFinal_ex(key, out_block + out_block_len, &tmp_len))
++	if (!EVP_CipherFinal_ex(*key, out_block + out_block_len, &tmp_len))
+ 	{
+ 		GC_APPEND_OPENSSL_ERROR("OpenSSL function 'EVP_CipherFinal_ex' failed.")
+ 		return -1;
+--- a/sr_unix/gtmcrypt_sym_ref.h
++++ b/sr_unix/gtmcrypt_sym_ref.h
+@@ -45,6 +45,6 @@
+ #endif
+ int gc_sym_destroy_key_handles(gtm_keystore_t *entry);
+ int gc_sym_create_cipher_handle(unsigned char *raw_key, unsigned char *iv, crypt_key_t *handle, int direction, int reuse);
+-int gc_sym_destroy_cipher_handle(crypt_key_t handle);
++void gc_sym_destroy_cipher_handle(crypt_key_t handle);
+ int gc_sym_encrypt_decrypt(crypt_key_t *key, unsigned char *in_block, int in_block_len, unsigned char *out_block, int flag);
+ #endif /* GTMCRYPT_SYM_REF_H */
diff --git a/debian/patches/upstream_fix_speeling_errors b/debian/patches/upstream_fix_speeling_errors
deleted file mode 100644
index 8e2b249..0000000
--- a/debian/patches/upstream_fix_speeling_errors
+++ /dev/null
@@ -1,19 +0,0 @@
-From: Amul Shah <Amul.Shah at fisglobal.com>
-Forwarded: not-needed
-Summary: Fix spelling errors in MUMPS source routines
-Description: Comments in two MUMPS routines contained spelling errors. These
-  are now fixed to avoid the lintian warning spelling-error-in-binary.
-Applied-Upstream: V6.3-001
-Last-Update: 2016-03-30
-
---- a/sr_unix/gtmthreadgblasm.m
-+++ b/sr_unix/gtmthreadgblasm.m
-@@ -132,7 +132,7 @@
- ; Routine to take a line of input from the gtm_threadgbl_asm_access.txt file and syntax check it. We allow the following:
- ;
- ;   - trailing white space
--;   - trailing comments preceeded by a '#' character potentially preceeded by white space
-+;   - trailing comments preceded by a '#' character potentially preceded by white space
- ;
- ; In either of the above conditions, the input line (passed by reference) is stripped of its trailing junk so only the
- ; variable name itself is left when we return.

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-med/fis-gtm.git

