[Pkg-e-devel] Bug#782469: efl: FTBFS against gnutls 3.4.0
peter green
plugwash at p10link.net
Sun Jan 31 17:54:36 UTC 2016
tags 782469 +patch
thanks
I took a look at the code in conjunction with the migration instructions
that were linked in the bug report (thanks for linking to those).
The results of the call to gnutls_pubkey_get_verify_algorithm are
discarded, the code only checks if it succeeds or not. I guess it was
intended as some sort of sanity check. I replaced it with a call to
gnutls_x509_crt_get_signature_algorithm
I replaced the call to gnutls_pubkey_verify_hash with a call to
gnutls_pubkey_verify_hash2 filling in the new "algo" parameter with the
result of gnutls_x509_crt_get_signature_algorithm
The code now compiles and I don't think it's any more broken than it was
before but I have concerns about the code in general. It seems to have
been written on the assumption that the certificate signature algorithm
would always be sha1. I also have no idea how to test the package.
I have uploaded my changes to raspbian stretch-staging, debdiff attached
no intent to NMU in Debian.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: efl.debdiff
URL: <http://lists.alioth.debian.org/pipermail/pkg-e-devel/attachments/20160131/26cd6a17/attachment.ksh>
More information about the Pkg-e-devel
mailing list