[Pkg-giraffe-discuss] [Pkg-giraffe-maintainers] Bug#812969: libvmime: FTBFS: net_tls_TLSSession.cpp:120:38: error: 'gnutls_certificate_type_set_priority' was not declared in this scope
Jelle van der Waa
j.vanderwaa at zarafa.com
Mon Feb 1 21:09:38 UTC 2016
> as maybe someone has noted the libvime package is currently failing to
> build from source. See the bug opened mail by Chris Lamb at the end of
> this email.
I always wondered why I didn't have this issue on Arch, turns out we use Zarafa's snapshot of libvmime
and somehow the libvmime version is named 0.9.2. [1]
Which raises some concerns here, since we ship a different vmime then Debian will :-(
I ran a diff between the two mentioned files and it still fails to compile, since the patch takes the harder approach to #ifdef everything between old and new it might be that your patch actually was already correct.
I can check your patch later, but I don't have that time now and just wanted to clarify the situation :)
[1] https://download.zarafa.com/community/final/7.1/7.1.7-42779/sourcecode/libvmime-0.9.2%2Bsvn603.tar.bz2
P.S. I think we (as Zarafa) have to be make contact with the libvmime guys and help them get a new release even if it's just some patches on top of 0.9.1. (Since now we run a snapshot + 10 custom patches..)
Hope this helps ;)
Jelle
>
> The upstream GnuTLS team has now switched of some of the already
> deprecated marked functions with version 3.4.0 (and above) which has now
> entered sid/unstable with version 3.4.8. Because of this the latest
> builds of libvime are now failing.
>
> I looked at the issue and figured out that some functions in
> src/net/tls/TLSSession.cpp are not available any longer and replaced by
> a function named gnutls_priority_set_direct() as proposed at [1].
>
> These old functions are:
>
> gnutls_certificate_type_set_priority()
> gnutls_protocol_set_priority()
> gnutls_cipher_set_priority()
> gnutls_mac_set_priority()
> gnutls_compression_set_priority()
>
> I reworked the code in src/net/tls/TLSSession.cpp based on the upgrading
> description on [2] and created the patch that's appended to this email.
> The libvime package is building again after this changes.
>
> As I'm not a security expert I would like to ask the Zarafa guys if you
> agree with these changes from the security point of view? Have you
> already seen this issue?
>
> [1] http://www.gnutls.org/manual/html_node/Core-TLS-API.html
> [2]
> http://www.gnutls.org/manual/html_node/Upgrading-from-previous-versions.html#Upgrading-from-previous-versions
>
> Am 28.01.2016 um 08:36 schrieb Chris Lamb:
> > Source: libvmime
> > Version: 0.9.1-4
> > Severity: serious
> > Justification: fails to build from source
> > User: reproducible-builds at lists.alioth.debian.org
> > Usertags: ftbfs
> > X-Debbugs-Cc: reproducible-builds at lists.alioth.debian.org
> >
> > Dear Maintainer,
> >
> > libvmime fails to build from source in unstable/amd64:
> >
> > [..]
> >
> >
> > net_tls_TLSSession.cpp: In constructor 'vmime::net::tls::TLSSession::TLSSession(vmime::utility::ref<vmime::security::cert::certificateVerifier>)':
> > net_tls_TLSSession.cpp:105:24: warning: 'gnutls_session' is deprecated [-Wdeprecated-declarations]
> > m_gnutlsSession = new gnutls_session;
> > ^
> > In file included from /usr/include/gnutls/gnutls.h:2594:0,
> > from net_tls_TLSSession.cpp:24:
> > /usr/include/gnutls/compat.h:78:26: note: declared here
> > typedef gnutls_session_t gnutls_session _GNUTLS_GCC_ATTR_DEPRECATED;
> > ^
> > net_tls_TLSSession.cpp:120:38: error: 'gnutls_certificate_type_set_priority' was not declared in this scope
> > (*m_gnutlsSession, certTypePriority);
> > ^
> > net_tls_TLSSession.cpp:131:68: error: 'gnutls_protocol_set_priority' was not declared in this scope
> > res = gnutls_protocol_set_priority(*m_gnutlsSession, protoPriority);
> > ^
> > net_tls_TLSSession.cpp:152:61: error: 'gnutls_cipher_set_priority' was not declared in this scope
> > gnutls_cipher_set_priority(*m_gnutlsSession, cipherPriority);
> > ^
> > net_tls_TLSSession.cpp:157:55: error: 'gnutls_mac_set_priority' was not declared in this scope
> > gnutls_mac_set_priority(*m_gnutlsSession, macPriority);
> > ^
> > net_tls_TLSSession.cpp:173:53: error: 'gnutls_kx_set_priority' was not declared in this scope
> > gnutls_kx_set_priority(*m_gnutlsSession, kxPriority);
> > ^
> > net_tls_TLSSession.cpp:184:71: error: 'gnutls_compression_set_priority' was not declared in this scope
> > gnutls_compression_set_priority(*m_gnutlsSession, compressionPriority);
> > ^
> > Makefile:657: recipe for target 'net_tls_TLSSession.lo' failed
> > make[3]: *** [net_tls_TLSSession.lo] Error 1
> > make[3]: *** Waiting for unfinished jobs....
> > libtool: compile: x86_64-linux-gnu-g++ -DHAVE_CONFIG_H -I. -I.. -I/usr/include -I.. -D_REENTRANT=1 -D_THREAD_SAFE=1 -I/usr/include/p11-kit-1 -fPIC -DPIC -ansi -pedantic -W -Wall -Wpointer-arith -Wold-style-cast -Wconversion -Wdate-time -D_FORTIFY_SOURCE=2 -O2 -c security_sasl_builtinSASLMechanism.cpp -o security_sasl_builtinSASLMechanism.o >/dev/null 2>&1
> > libtool: compile: x86_64-linux-gnu-g++ -DHAVE_CONFIG_H -I. -I.. -I/usr/include -I.. -D_REENTRANT=1 -D_THREAD_SAFE=1 -I/usr/include/p11-kit-1 -fPIC -DPIC -ansi -pedantic -W -Wall -Wpointer-arith -Wold-style-cast -Wconversion -Wdate-time -D_FORTIFY_SOURCE=2 -O2 -c security_sasl_defaultSASLAuthenticator.cpp -o security_sasl_defaultSASLAuthenticator.o >/dev/null 2>&1
> > In file included from net_tls_TLSSocket.cpp:27:0:
> > ../vmime/net/tls/TLSSocket.hpp:99:88: warning: 'gnutls_transport_ptr' is deprecated [-Wdeprecated-declarations]
> > static ssize_t gnutlsPushFunc(gnutls_transport_ptr trspt, const void* data, size_t len);
> > ^
> > ../vmime/net/tls/TLSSocket.hpp:100:82: warning: 'gnutls_transport_ptr' is deprecated [-Wdeprecated-declarations]
> > static ssize_t gnutlsPullFunc(gnutls_transport_ptr trspt, void* data, size_t len);
> > ^
> > In file included from net_tls_TLSSocket.cpp:28:0:
> > ../vmime/net/tls/TLSSession.hpp:80:18: warning: 'gnutls_session' is deprecated [-Wdeprecated-declarations]
> > gnutls_session* m_gnutlsSession;
> > ^
> > In file included from /usr/include/gnutls/gnutls.h:2594:0,
> > from net_tls_TLSSocket.cpp:24:
> > /usr/include/gnutls/compat.h:78:26: note: declared here
> > typedef gnutls_session_t gnutls_session _GNUTLS_GCC_ATTR_DEPRECATED;
> > ^
> > net_tls_TLSSocket.cpp: In member function 'virtual void vmime::net::tls::TLSSocket::send(const string&)':
> > net_tls_TLSSocket.cpp:108:40: warning: conversion to 'vmime::net::socket::size_type {aka int}' from 'std::__cxx11::basic_string<char>::size_type {aka long unsigned int}' may alter its value [-Wconversion]
> > sendRaw(buffer.data(), buffer.length());
> > ^
> > net_tls_TLSSocket.cpp: In member function 'virtual vmime::net::socket::size_type vmime::net::tls::TLSSocket::receiveRaw(char*, vmime::net::socket::size_type)':
> > net_tls_TLSSocket.cpp:126:58: warning: conversion to 'int' from 'ssize_t {aka long int}' may alter its value [-Wconversion]
> > TLSSession::throwTLSException("gnutls_record_recv", ret);
> > ^
> > net_tls_TLSSocket.cpp: At global scope:
> > net_tls_TLSSocket.cpp:206:59: warning: 'gnutls_transport_ptr' is deprecated [-Wdeprecated-declarations]
> > (gnutls_transport_ptr trspt, const void* data, size_t len)
> > ^
> > net_tls_TLSSocket.cpp:228:53: warning: 'gnutls_transport_ptr' is deprecated [-Wdeprecated-declarations]
> > (gnutls_transport_ptr trspt, void* data, size_t len)
> > ^
> > net_tls_TLSSocket.cpp: In member function 'vmime::utility::ref<vmime::security::cert::certificateChain> vmime::net::tls::TLSSocket::getPeerCertificates() const':
> > net_tls_TLSSocket.cpp:292:22: warning: 'gnutls_datum' is deprecated [-Wdeprecated-declarations]
> > const gnutls_datum* rawData = gnutls_certificate_get_peers
> > ^
> > In file included from /usr/include/gnutls/gnutls.h:2594:0,
> > from net_tls_TLSSocket.cpp:24:
> > /usr/include/gnutls/compat.h:112:24: note: declared here
> > typedef gnutls_datum_t gnutls_datum _GNUTLS_GCC_ATTR_DEPRECATED;
> > ^
> > net_tls_TLSSocket.cpp:299:19: warning: 'gnutls_x509_crt' is deprecated [-Wdeprecated-declarations]
> > gnutls_x509_crt* x509Certs = new gnutls_x509_crt[certCount];
> > ^
> > In file included from /usr/include/gnutls/gnutls.h:2594:0,
> > from net_tls_TLSSocket.cpp:24:
> > /usr/include/gnutls/compat.h:89:27: note: declared here
> > typedef gnutls_x509_crt_t gnutls_x509_crt _GNUTLS_GCC_ATTR_DEPRECATED;
> > ^
> > net_tls_TLSSocket.cpp:299:60: warning: 'gnutls_x509_crt' is deprecated [-Wdeprecated-declarations]
> > gnutls_x509_crt* x509Certs = new gnutls_x509_crt[certCount];
> > ^
> > In file included from /usr/include/gnutls/gnutls.h:2594:0,
> > from net_tls_TLSSocket.cpp:24:
> > /usr/include/gnutls/compat.h:89:27: note: declared here
> > typedef gnutls_x509_crt_t gnutls_x509_crt _GNUTLS_GCC_ATTR_DEPRECATED;
> > ^
> > net_tls_TLSSocket.cpp:333:63: warning: conversion to 'unsigned int' from 'size_t {aka long unsigned int}' may alter its value [-Wconversion]
> > security::cert::X509Certificate::import(&data[0], dataSize);
> > ^
> > libtool: compile: x86_64-linux-gnu-g++ -DHAVE_CONFIG_H -I. -I.. -I/usr/include -I.. -D_REENTRANT=1 -D_THREAD_SAFE=1 -I/usr/include/p11-kit-1 -fPIC -DPIC -ansi -pedantic -W -Wall -Wpointer-arith -Wold-style-cast -Wconversion -Wdate-time -D_FORTIFY_SOURCE=2 -O2 -c net_tls_TLSSocket.cpp -o net_tls_TLSSocket.o >/dev/null 2>&1
> > make[3]: Leaving directory '/home/lamby/temp/cdt.20160128083412.bSSdKcTq8D/libvmime-0.9.1/src'
> > Makefile:474: recipe for target 'all-recursive' failed
> > make[2]: *** [all-recursive] Error 1
> > make[2]: Leaving directory '/home/lamby/temp/cdt.20160128083412.bSSdKcTq8D/libvmime-0.9.1'
> > Makefile:362: recipe for target 'all' failed
> > make[1]: *** [all] Error 2
> > make[1]: Leaving directory '/home/lamby/temp/cdt.20160128083412.bSSdKcTq8D/libvmime-0.9.1'
> > dh_auto_build: make -j9 returned exit code 2
> > debian/rules:29: recipe for target 'build' failed
> > make: *** [build] Error 2
> >
> > [..]
> >
> > The full build log is attached.
> >
> >
> > Regards,
> >
> >
> >
> > _______________________________________________
> > Pkg-giraffe-maintainers mailing list
> > Pkg-giraffe-maintainers at lists.alioth.debian.org
> > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-giraffe-maintainers
> >
>
> --
> Regards
> Carsten Schoenert
> _______________________________________________
> Pkg-giraffe-discuss mailing list
> Pkg-giraffe-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-giraffe-discuss
-------------- next part --------------
A non-text attachment was scrubbed...
Name: libvmime_0.9.2.patch
Type: text/x-patch
Size: 6588 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-giraffe-discuss/attachments/20160201/fdaf7dcc/attachment.bin>
More information about the Pkg-giraffe-discuss
mailing list