[med-svn] [ncbi-vdb] 06/07: More adaptations to Debian packaged libmbedx
Andreas Tille
tille at debian.org
Thu Oct 19 21:46:53 UTC 2017
This is an automated email from the git hooks/post-receive script.
tille pushed a commit to tag debian/2.8.2-2+dfsg-1
in repository ncbi-vdb.
commit 5066e454df52fde8258be49d23985ac2632f6401
Author: Andreas Tille <tille at debian.org>
Date: Thu Oct 19 23:39:52 2017 +0200
More adaptations to Debian packaged libmbedx
---
debian/patches/mbedtls_ssl_init.patch | 250 ++++++++++++++++++++++++++++++++++
1 file changed, 250 insertions(+)
diff --git a/debian/patches/mbedtls_ssl_init.patch b/debian/patches/mbedtls_ssl_init.patch
index 976e973..74e41a6 100644
--- a/debian/patches/mbedtls_ssl_init.patch
+++ b/debian/patches/mbedtls_ssl_init.patch
@@ -5,6 +5,240 @@ Description: Name change of function probably a consequence of using Debian
--- a/libs/kns/tls.c
+++ b/libs/kns/tls.c
+@@ -128,7 +128,7 @@ static
+ const char * mbedtls_strerror2 ( int err )
+ {
+ static char buffer [ 256 ];
+- vdb_mbedtls_strerror ( err, buffer, sizeof buffer );
++ mbedtls_strerror ( err, buffer, sizeof buffer );
+ return buffer;
+ }
+
+@@ -178,7 +178,7 @@ rc_t tlsg_seed_rng ( KTLSGlobals *self )
+
+ STATUS ( STAT_QA, "Seeding the random number generator\n" );
+
+- ret = vdb_mbedtls_ctr_drbg_seed ( &self -> ctr_drbg, vdb_mbedtls_entropy_func,
++ ret = mbedtls_ctr_drbg_seed ( &self -> ctr_drbg, mbedtls_entropy_func,
+ &self -> entropy, ( const unsigned char * ) pers, pers_size );
+
+ if ( ret != 0 )
+@@ -310,7 +310,7 @@ rc_t tlsg_init_certs ( KTLSGlobals *self
+ /* these guys take a length, so presumably the string is not NUL terminated.
+ yet, the first thing they do is see if the NUL is included in the length! */
+ STATUS ( STAT_GEEK, "Parsing text for node '%s' from CA root certificates\n", cert_name );
+- ret = vdb_mbedtls_x509_crt_parse ( &self -> cacert,
++ ret = mbedtls_x509_crt_parse ( &self -> cacert,
+ ( const unsigned char * ) cert_string -> addr, cert_string -> size + 1 );
+
+ StringWhack ( cert_string );
+@@ -350,7 +350,7 @@ rc_t tlsg_init_certs ( KTLSGlobals *self
+ if ( rc2 == 0 )
+ {
+ STATUS ( STAT_GEEK, "Parsing text from CA root certificate file '%S'\n", ca_crt_path );
+- ret = vdb_mbedtls_x509_crt_parse_file ( &self -> cacert, ca_crt_path -> addr );
++ ret = mbedtls_x509_crt_parse_file ( &self -> cacert, ca_crt_path -> addr );
+ if ( ret < 0 )
+ {
+ PLOGMSG ( klogWarn, ( klogWarn
+@@ -371,7 +371,7 @@ rc_t tlsg_init_certs ( KTLSGlobals *self
+ if ( num_certs == 0 )
+ {
+ STATUS ( STAT_QA, "Parsing text for default CA root certificates\n" );
+- ret = vdb_mbedtls_x509_crt_parse ( &self -> cacert,
++ ret = mbedtls_x509_crt_parse ( &self -> cacert,
+ ( const unsigned char * ) ca_crt_ncbi1, sizeof ca_crt_ncbi1 );
+
+ if ( ret < 0 )
+@@ -388,7 +388,7 @@ rc_t tlsg_init_certs ( KTLSGlobals *self
+ {
+ num_certs = 1;
+
+- ret = vdb_mbedtls_x509_crt_parse ( &self -> cacert,
++ ret = mbedtls_x509_crt_parse ( &self -> cacert,
+ ( const unsigned char * ) ca_crt_ncbi2, sizeof ca_crt_ncbi2 );
+
+ if ( ret >= 0 )
+@@ -416,7 +416,7 @@ rc_t tlsg_setup ( KTLSGlobals * self )
+
+ STATUS ( STAT_QA, "Configuring SSl defaults\n" );
+
+- ret = vdb_mbedtls_ssl_config_defaults ( &self -> config,
++ ret = mbedtls_ssl_config_defaults ( &self -> config,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_STREAM,
+ MBEDTLS_SSL_PRESET_DEFAULT );
+@@ -433,9 +433,9 @@ rc_t tlsg_setup ( KTLSGlobals * self )
+ return rc;
+ }
+
+- vdb_mbedtls_ssl_conf_authmode( &self -> config, MBEDTLS_SSL_VERIFY_REQUIRED );
+- vdb_mbedtls_ssl_conf_ca_chain( &self -> config, &self -> cacert, NULL );
+- vdb_mbedtls_ssl_conf_rng( &self -> config, vdb_mbedtls_ctr_drbg_random, &self -> ctr_drbg );
++ mbedtls_ssl_conf_authmode( &self -> config, MBEDTLS_SSL_VERIFY_REQUIRED );
++ mbedtls_ssl_conf_ca_chain( &self -> config, &self -> cacert, NULL );
++ mbedtls_ssl_conf_rng( &self -> config, mbedtls_ctr_drbg_random, &self -> ctr_drbg );
+
+ return 0;
+ }
+@@ -470,7 +470,7 @@ static int set_threshold ( const KConfig
+ }
+
+ if ( set )
+- vdb_mbedtls_debug_set_threshold ( threshold );
++ mbedtls_debug_set_threshold ( threshold );
+
+ return threshold;
+ }
+@@ -481,13 +481,13 @@ rc_t KTLSGlobalsInit ( KTLSGlobals * tls
+ {
+ rc_t rc;
+
+- vdb_mbedtls_x509_crt_init ( &tlsg -> cacert );
+- vdb_mbedtls_ctr_drbg_init ( &tlsg -> ctr_drbg );
+- vdb_mbedtls_entropy_init ( &tlsg -> entropy );
+- vdb_mbedtls_ssl_config_init ( &tlsg -> config );
++ mbedtls_x509_crt_init ( &tlsg -> cacert );
++ mbedtls_ctr_drbg_init ( &tlsg -> ctr_drbg );
++ mbedtls_entropy_init ( &tlsg -> entropy );
++ mbedtls_ssl_config_init ( &tlsg -> config );
+
+ if ( set_threshold ( kfg ) > 0 )
+- vdb_mbedtls_ssl_conf_dbg ( &tlsg -> config, ktls_ssl_dbg_print, tlsg );
++ mbedtls_ssl_conf_dbg ( &tlsg -> config, ktls_ssl_dbg_print, tlsg );
+
+ rc = tlsg_seed_rng ( tlsg );
+ if ( rc == 0 )
+@@ -504,10 +504,10 @@ rc_t KTLSGlobalsInit ( KTLSGlobals * tls
+ */
+ void KTLSGlobalsWhack ( KTLSGlobals * self )
+ {
+- vdb_mbedtls_ssl_config_free ( &self -> config );
+- vdb_mbedtls_entropy_free ( &self -> entropy );
+- vdb_mbedtls_ctr_drbg_free ( &self -> ctr_drbg );
+- vdb_mbedtls_x509_crt_free ( &self -> cacert );
++ mbedtls_ssl_config_free ( &self -> config );
++ mbedtls_entropy_free ( &self -> entropy );
++ mbedtls_ctr_drbg_free ( &self -> ctr_drbg );
++ mbedtls_x509_crt_free ( &self -> cacert );
+
+ memset ( self, 0, sizeof * self );
+ }
+@@ -541,8 +541,8 @@ static
+ void KTLSStreamDestroy ( KTLSStream *self )
+ {
+ /* tear down all of the stuff created during Make */
+- vdb_mbedtls_ssl_close_notify( &self -> ssl ); /* close connection - this might need to be elsewhere */
+- vdb_mbedtls_ssl_free ( &self -> ssl );
++ mbedtls_ssl_close_notify( &self -> ssl ); /* close connection - this might need to be elsewhere */
++ mbedtls_ssl_free ( &self -> ssl );
+
+ /* release the ciphertext object */
+ KStreamRelease ( self -> ciphertext );
+@@ -584,7 +584,7 @@ rc_t CC KTLSStreamRead ( const KTLSStrea
+ while ( 1 )
+ {
+ /* read through TLS library */
+- ret = vdb_mbedtls_ssl_read( &self -> ssl, buffer, bsize );
++ ret = mbedtls_ssl_read( &self -> ssl, buffer, bsize );
+
+ /* no error */
+ if ( ret >= 0 )
+@@ -614,7 +614,7 @@ rc_t CC KTLSStreamRead ( const KTLSStrea
+ {
+ /* The ret is anything other than the following 3, then the ssl context becomes
+ * becomes unusable and should either be freed or call
+- * vdb_mbedtls_ssl_session_reset () before a new connection; current connection
++ * mbedtls_ssl_session_reset () before a new connection; current connection
+ * must be closed
+ */
+ case MBEDTLS_ERR_SSL_WANT_READ:
+@@ -626,7 +626,7 @@ rc_t CC KTLSStreamRead ( const KTLSStrea
+ * is initiating a new connection using the same source port.
+ * You can either treat that as a connection close and wait
+ * for the client to resend a ClientHello, or directly
+- * continue with \c vdb_mbedtls_ssl_handshake() with the same
++ * continue with \c mbedtls_ssl_handshake() with the same
+ * context (as it has beeen reset internally). Either way, you
+ * should make sure this is seen by the application as a new
+ * connection: application state, if any, should be reset, and
+@@ -690,7 +690,7 @@ rc_t CC KTLSStreamWrite ( KTLSStream * s
+ * We expect to be called through KStreamWriteAll that will
+ * avoid the issue above.
+ */
+- ret = vdb_mbedtls_ssl_write ( &self -> ssl, buffer, size );
++ ret = mbedtls_ssl_write ( &self -> ssl, buffer, size );
+
+ /* no error */
+ if ( ret >= 0 )
+@@ -805,7 +805,7 @@ int CC ktls_net_send ( void *ctx, const
+ return ( int ) num_writ;
+ }
+
+-/* called by vdb_mbedtls_ssl_fetch_input */
++/* called by mbedtls_ssl_fetch_input */
+ static
+ int CC ktls_net_recv ( void *ctx, unsigned char *buf, size_t len )
+ {
+@@ -850,7 +850,7 @@ rc_t ktls_ssl_setup ( KTLSStream *self,
+ assert ( self -> mgr != NULL );
+ tlsg = & self -> mgr -> tlsg;
+
+- ret = vdb_mbedtls_ssl_setup( &self -> ssl, &tlsg -> config );
++ ret = mbedtls_ssl_setup( &self -> ssl, &tlsg -> config );
+ if ( ret != 0 )
+ {
+ rc_t rc = RC ( rcKrypto, rcSocket, rcFormatting, rcEncryption, rcFailed );
+@@ -891,7 +891,7 @@ rc_t ktls_ssl_setup ( KTLSStream *self,
+ return rc;
+ }
+
+- ret = vdb_mbedtls_ssl_set_hostname( &self -> ssl, hostz -> addr );
++ ret = mbedtls_ssl_set_hostname( &self -> ssl, hostz -> addr );
+
+ if ( hostz != host )
+ StringWhack ( hostz );
+@@ -909,7 +909,7 @@ rc_t ktls_ssl_setup ( KTLSStream *self,
+ }
+
+
+- vdb_mbedtls_ssl_set_bio( &self -> ssl, ( void * ) self, ktls_net_send, ktls_net_recv, NULL );
++ mbedtls_ssl_set_bio( &self -> ssl, ( void * ) self, ktls_net_send, ktls_net_recv, NULL );
+
+ return 0;
+ }
+@@ -921,7 +921,7 @@ rc_t ktls_handshake ( KTLSStream *self )
+
+ STATUS ( STAT_QA, "Performing SSL/TLS handshake...\n" );
+
+- ret = vdb_mbedtls_ssl_handshake( &self -> ssl );
++ ret = mbedtls_ssl_handshake( &self -> ssl );
+ while ( ret != 0 )
+ {
+ if ( ret != MBEDTLS_ERR_SSL_WANT_READ &&
+@@ -938,11 +938,11 @@ rc_t ktls_handshake ( KTLSStream *self )
+
+ if ( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
+ {
+- uint32_t flags = vdb_mbedtls_ssl_get_verify_result( &self -> ssl );
++ uint32_t flags = mbedtls_ssl_get_verify_result( &self -> ssl );
+ if ( flags != 0 )
+ {
+ char buf [ 4096 ];
+- vdb_mbedtls_x509_crt_verify_info ( buf, sizeof( buf ), " !! ", flags );
++ mbedtls_x509_crt_verify_info ( buf, sizeof( buf ), " !! ", flags );
+
+ PLOGMSG ( klogSys, ( klogSys
+ , "mbedtls_ssl_get_verify_result returned $(flags) ( $(info) )"
+@@ -955,7 +955,7 @@ rc_t ktls_handshake ( KTLSStream *self )
+
+ return rc;
+ }
+- ret = vdb_mbedtls_ssl_handshake( &self -> ssl );
++ ret = mbedtls_ssl_handshake( &self -> ssl );
+ }
+
+ return 0;
@@ -991,7 +991,7 @@ rc_t KTLSStreamMake ( KTLSStream ** objp
obj -> mgr = mgr;
@@ -14,3 +248,19 @@ Description: Name change of function probably a consequence of using Debian
* objp = obj;
return 0;
+@@ -1114,13 +1114,13 @@ LIB_EXPORT rc_t CC KTLSStreamVerifyCACer
+ rc = RC ( rcKrypto, rcToken, rcValidating, rcSelf, rcNull );
+ else
+ {
+- uint32_t flags = vdb_mbedtls_ssl_get_verify_result( &self -> ssl );
++ uint32_t flags = mbedtls_ssl_get_verify_result( &self -> ssl );
+ if ( flags != 0 )
+ {
+ char buf [ 4096 ];
+ rc_t rc = RC ( rcKrypto, rcToken, rcValidating, rcEncryption, rcFailed );
+
+- vdb_mbedtls_x509_crt_verify_info ( buf, sizeof( buf ), " ! ", flags );
++ mbedtls_x509_crt_verify_info ( buf, sizeof( buf ), " ! ", flags );
+
+ PLOGERR ( klogSys, ( klogSys, rc
+ , "mbedtls_ssl_get_verify_result returned $(flags) ( $(info) )"
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-med/ncbi-vdb.git
More information about the debian-med-commit
mailing list