<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html>
<head>
<meta name="Generator" content="Zarafa WebApp v7.2.1-51998">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>RE: [Pkg-giraffe-discuss] [Pkg-giraffe-maintainers] Bug#812969: libvmime: FTBFS: net_tls_TLSSession.cpp:120:38: error: 'gnutls_certificate_type_set_priority' was not declared in this scope</title>
</head>
<body>
<p style="padding: 0; margin: 0;"><span style="font-size: 10pt; font-family: tahoma, arial, helvetica, sans-serif;">Hmmm, that would be pushing an e-mail to e.g. postfix right?<br />I might be mistaking but I thought we don't use tls for that, just plain text. Because it is supposed to be localhost.</span></p>
<p style="padding: 0; margin: 0;"><span style="font-size: 10pt; font-family: tahoma, arial, helvetica, sans-serif;">@kromer agreed?</span></p>
<p style="padding: 0; margin: 0;"><span style="font-size: 10pt; font-family: tahoma, arial, helvetica, sans-serif;"><br /></span></p>
<p style="padding: 0; margin: 0;"><span style="font-size: 10pt; font-family: tahoma, arial, helvetica, sans-serif;"><br /></span></p>
<blockquote style="border-left: 2px solid #325FBA; padding-left: 5px; margin: 0px 5px;"><span style="font-family: tahoma,arial,helvetica,sans-serif; font-size: 10pt;">-----Original message-----<br /><span><strong>From:</strong> Carsten Schoenert <c.schoenert@t-online.de></span><br /><span><strong>Sent:</strong> Friday 29th January 2016 15:55</span><br /><span><strong>To:</strong> pkg-giraffe-discuss@lists.alioth.debian.org</span><br /><span><strong>Subject:</strong> Re: [Pkg-giraffe-discuss] [Pkg-giraffe-maintainers] Bug#812969: libvmime: FTBFS: net_tls_TLSSession.cpp:120:38: error: 'gnutls_certificate_type_set_priority' was not declared in this scope</span><br /><br /></span>
<div>
<pre style="white-space: pre-wrap; word-wrap: break-word;">Hello,<br /><br />as maybe someone has noted the libvime package is currently failing to<br />build from source. See the bug opened mail by Chris Lamb at the end of<br />this email.<br /><br />The upstream GnuTLS team has now switched of some of the already<br />deprecated marked functions with version 3.4.0 (and above) which has now<br />entered sid/unstable with version 3.4.8. Because of this the latest<br />builds of libvime are now failing.<br /><br />I looked at the issue and figured out that some functions in<br />src/net/tls/TLSSession.cpp are not available any longer and replaced by<br />a function named gnutls_priority_set_direct() as proposed at [1].<br /><br />These old functions are:<br /><br /> gnutls_certificate_type_set_priority()<br /> gnutls_protocol_set_priority()<br /> gnutls_cipher_set_priority()<br /> gnutls_mac_set_priority()<br /> gnutls_compression_set_priority()<br /><br />I reworked the code in src/net/tls/TLSSession.cpp based on the upgrading<br />description on [2] and created the patch that's appended to this email.<br />The libvime package is building again after this changes.<br /><br />As I'm not a security expert I would like to ask the Zarafa guys if you<br />agree with these changes from the security point of view? Have you<br />already seen this issue?<br /><br />[1] http://www.gnutls.org/manual/html_node/Core-TLS-API.html<br />[2]<br />http://www.gnutls.org/manual/html_node/Upgrading-from-previous-versions.html#Upgrading-from-previous-versions<br /><br />Am 28.01.2016 um 08:36 schrieb Chris Lamb:<br />> Source: libvmime<br />> Version: 0.9.1-4<br />> Severity: serious<br />> Justification: fails to build from source<br />> User: reproducible-builds@lists.alioth.debian.org<br />> Usertags: ftbfs<br />> X-Debbugs-Cc: reproducible-builds@lists.alioth.debian.org<br />> <br />> Dear Maintainer,<br />> <br />> libvmime fails to build from source in unstable/amd64:<br />> <br />> [..]<br />> <br />> <br />> net_tls_TLSSession.cpp: In constructor 'vmime::net::tls::TLSSession::TLSSession(vmime::utility::ref<vmime::security::cert::certificateVerifier>)':<br />> net_tls_TLSSession.cpp:105:24: warning: 'gnutls_session' is deprecated [-Wdeprecated-declarations]<br />> m_gnutlsSession = new gnutls_session;<br />> ˆ<br />> In file included from /usr/include/gnutls/gnutls.h:2594:0,<br />> from net_tls_TLSSession.cpp:24:<br />> /usr/include/gnutls/compat.h:78:26: note: declared here<br />> typedef gnutls_session_t gnutls_session _GNUTLS_GCC_ATTR_DEPRECATED;<br />> ˆ<br />> net_tls_TLSSession.cpp:120:38: error: 'gnutls_certificate_type_set_priority' was not declared in this scope<br />> (*m_gnutlsSession, certTypePriority);<br />> ˆ<br />> net_tls_TLSSession.cpp:131:68: error: 'gnutls_protocol_set_priority' was not declared in this scope<br />> res = gnutls_protocol_set_priority(*m_gnutlsSession, protoPriority);<br />> ˆ<br />> net_tls_TLSSession.cpp:152:61: error: 'gnutls_cipher_set_priority' was not declared in this scope<br />> gnutls_cipher_set_priority(*m_gnutlsSession, cipherPriority);<br />> ˆ<br />> net_tls_TLSSession.cpp:157:55: error: 'gnutls_mac_set_priority' was not declared in this scope<br />> gnutls_mac_set_priority(*m_gnutlsSession, macPriority);<br />> ˆ<br />> net_tls_TLSSession.cpp:173:53: error: 'gnutls_kx_set_priority' was not declared in this scope<br />> gnutls_kx_set_priority(*m_gnutlsSession, kxPriority);<br />> ˆ<br />> net_tls_TLSSession.cpp:184:71: error: 'gnutls_compression_set_priority' was not declared in this scope<br />> gnutls_compression_set_priority(*m_gnutlsSession, compressionPriority);<br />> ˆ<br />> Makefile:657: recipe for target 'net_tls_TLSSession.lo' failed<br />> make[3]: *** [net_tls_TLSSession.lo] Error 1<br />> make[3]: *** Waiting for unfinished jobs....<br />> libtool: compile: x86_64-linux-gnu-g++ -DHAVE_CONFIG_H -I. -I.. -I/usr/include -I.. -D_REENTRANT=1 -D_THREAD_SAFE=1 -I/usr/include/p11-kit-1 -fPIC -DPIC -ansi -pedantic -W -Wall -Wpointer-arith -Wold-style-cast -Wconversion -Wdate-time -D_FORTIFY_SOURCE=2 -O2 -c security_sasl_builtinSASLMechanism.cpp -o security_sasl_builtinSASLMechanism.o >/dev/null 2>&1<br />> libtool: compile: x86_64-linux-gnu-g++ -DHAVE_CONFIG_H -I. -I.. -I/usr/include -I.. -D_REENTRANT=1 -D_THREAD_SAFE=1 -I/usr/include/p11-kit-1 -fPIC -DPIC -ansi -pedantic -W -Wall -Wpointer-arith -Wold-style-cast -Wconversion -Wdate-time -D_FORTIFY_SOURCE=2 -O2 -c security_sasl_defaultSASLAuthenticator.cpp -o security_sasl_defaultSASLAuthenticator.o >/dev/null 2>&1<br />> In file included from net_tls_TLSSocket.cpp:27:0:<br />> ../vmime/net/tls/TLSSocket.hpp:99:88: warning: 'gnutls_transport_ptr' is deprecated [-Wdeprecated-declarations]<br />> static ssize_t gnutlsPushFunc(gnutls_transport_ptr trspt, const void* data, size_t len);<br />> ˆ<br />> ../vmime/net/tls/TLSSocket.hpp:100:82: warning: 'gnutls_transport_ptr' is deprecated [-Wdeprecated-declarations]<br />> static ssize_t gnutlsPullFunc(gnutls_transport_ptr trspt, void* data, size_t len);<br />> ˆ<br />> In file included from net_tls_TLSSocket.cpp:28:0:<br />> ../vmime/net/tls/TLSSession.hpp:80:18: warning: 'gnutls_session' is deprecated [-Wdeprecated-declarations]<br />> gnutls_session* m_gnutlsSession;<br />> ˆ<br />> In file included from /usr/include/gnutls/gnutls.h:2594:0,<br />> from net_tls_TLSSocket.cpp:24:<br />> /usr/include/gnutls/compat.h:78:26: note: declared here<br />> typedef gnutls_session_t gnutls_session _GNUTLS_GCC_ATTR_DEPRECATED;<br />> ˆ<br />> net_tls_TLSSocket.cpp: In member function 'virtual void vmime::net::tls::TLSSocket::send(const string&)':<br />> net_tls_TLSSocket.cpp:108:40: warning: conversion to 'vmime::net::socket::size_type {aka int}' from 'std::__cxx11::basic_string<char>::size_type {aka long unsigned int}' may alter its value [-Wconversion]<br />> sendRaw(buffer.data(), buffer.length());<br />> ˆ<br />> net_tls_TLSSocket.cpp: In member function 'virtual vmime::net::socket::size_type vmime::net::tls::TLSSocket::receiveRaw(char*, vmime::net::socket::size_type)':<br />> net_tls_TLSSocket.cpp:126:58: warning: conversion to 'int' from 'ssize_t {aka long int}' may alter its value [-Wconversion]<br />> TLSSession::throwTLSException("gnutls_record_recv", ret);<br />> ˆ<br />> net_tls_TLSSocket.cpp: At global scope:<br />> net_tls_TLSSocket.cpp:206:59: warning: 'gnutls_transport_ptr' is deprecated [-Wdeprecated-declarations]<br />> (gnutls_transport_ptr trspt, const void* data, size_t len)<br />> ˆ<br />> net_tls_TLSSocket.cpp:228:53: warning: 'gnutls_transport_ptr' is deprecated [-Wdeprecated-declarations]<br />> (gnutls_transport_ptr trspt, void* data, size_t len)<br />> ˆ<br />> net_tls_TLSSocket.cpp: In member function 'vmime::utility::ref<vmime::security::cert::certificateChain> vmime::net::tls::TLSSocket::getPeerCertificates() const':<br />> net_tls_TLSSocket.cpp:292:22: warning: 'gnutls_datum' is deprecated [-Wdeprecated-declarations]<br />> const gnutls_datum* rawData = gnutls_certificate_get_peers<br />> ˆ<br />> In file included from /usr/include/gnutls/gnutls.h:2594:0,<br />> from net_tls_TLSSocket.cpp:24:<br />> /usr/include/gnutls/compat.h:112:24: note: declared here<br />> typedef gnutls_datum_t gnutls_datum _GNUTLS_GCC_ATTR_DEPRECATED;<br />> ˆ<br />> net_tls_TLSSocket.cpp:299:19: warning: 'gnutls_x509_crt' is deprecated [-Wdeprecated-declarations]<br />> gnutls_x509_crt* x509Certs = new gnutls_x509_crt[certCount];<br />> ˆ<br />> In file included from /usr/include/gnutls/gnutls.h:2594:0,<br />> from net_tls_TLSSocket.cpp:24:<br />> /usr/include/gnutls/compat.h:89:27: note: declared here<br />> typedef gnutls_x509_crt_t gnutls_x509_crt _GNUTLS_GCC_ATTR_DEPRECATED;<br />> ˆ<br />> net_tls_TLSSocket.cpp:299:60: warning: 'gnutls_x509_crt' is deprecated [-Wdeprecated-declarations]<br />> gnutls_x509_crt* x509Certs = new gnutls_x509_crt[certCount];<br />> ˆ<br />> In file included from /usr/include/gnutls/gnutls.h:2594:0,<br />> from net_tls_TLSSocket.cpp:24:<br />> /usr/include/gnutls/compat.h:89:27: note: declared here<br />> typedef gnutls_x509_crt_t gnutls_x509_crt _GNUTLS_GCC_ATTR_DEPRECATED;<br />> ˆ<br />> net_tls_TLSSocket.cpp:333:63: warning: conversion to 'unsigned int' from 'size_t {aka long unsigned int}' may alter its value [-Wconversion]<br />> security::cert::X509Certificate::import(&data[0], dataSize);<br />> ˆ<br />> libtool: compile: x86_64-linux-gnu-g++ -DHAVE_CONFIG_H -I. -I.. -I/usr/include -I.. -D_REENTRANT=1 -D_THREAD_SAFE=1 -I/usr/include/p11-kit-1 -fPIC -DPIC -ansi -pedantic -W -Wall -Wpointer-arith -Wold-style-cast -Wconversion -Wdate-time -D_FORTIFY_SOURCE=2 -O2 -c net_tls_TLSSocket.cpp -o net_tls_TLSSocket.o >/dev/null 2>&1<br />> make[3]: Leaving directory '/home/lamby/temp/cdt.20160128083412.bSSdKcTq8D/libvmime-0.9.1/src'<br />> Makefile:474: recipe for target 'all-recursive' failed<br />> make[2]: *** [all-recursive] Error 1<br />> make[2]: Leaving directory '/home/lamby/temp/cdt.20160128083412.bSSdKcTq8D/libvmime-0.9.1'<br />> Makefile:362: recipe for target 'all' failed<br />> make[1]: *** [all] Error 2<br />> make[1]: Leaving directory '/home/lamby/temp/cdt.20160128083412.bSSdKcTq8D/libvmime-0.9.1'<br />> dh_auto_build: make -j9 returned exit code 2<br />> debian/rules:29: recipe for target 'build' failed<br />> make: *** [build] Error 2<br />> <br />> [..]<br />> <br />> The full build log is attached.<br />> <br />> <br />> Regards,<br />> <br />> <br />> <br />> _______________________________________________<br />> Pkg-giraffe-maintainers mailing list<br />> Pkg-giraffe-maintainers@lists.alioth.debian.org<br />> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-giraffe-maintainers<br />> <br /><br />-- <br />Regards<br />Carsten Schoenert<br />_______________________________________________<br />Pkg-giraffe-discuss mailing list<br />Pkg-giraffe-discuss@lists.alioth.debian.org<br />http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-giraffe-discuss</pre>
</div>
</blockquote>
</body>
</html>