Bug#886146: stretch-pu: package sqlcipher/3.2.0-2+deb9u1
Control: tags -1 + confirmed On Wed, 2018-04-18 at 14:29 +0200, Gianfranco Costamagna wrote: > > Can you please also describe what if any testing was done on the > > proposed update, and why this breakage wasn't caught before > > release? > > this has been explained in this bug, message 29, do you think it is > enough or > do you want any more testing? (also testing has been performed in > 863530#25 ) Well, it's not exactly extensive testing for regressions, which is what we're more interested in for cases such as this. On the presumption that no issues have been reported since the relevant unstable upload, please go ahead. Regards, Adam
Bug#886146: stretch-pu: package sqlcipher/3.2.0-2+deb9u1
It now has been more than four months since the last reply by anyone. PLEASE, is there anything I can to to push this through? It can not be that hard! Problem: The package is completely broken and unusable. History: * 2017/11/15: First mention of this issue in my post to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863530 * 2017/12/01: I submitted a patch for the problem to #863530 * 2018/01/02: This issue was opened to fix the problem against release.debian.org It now has been EIGHT months since the patch was initially submitted.
Bug#886146: stretch-pu: package sqlcipher/3.2.0-2+deb9u1
It now has been more than two months since the last reply by anyone. PLEASE, is there anything I can to to push this through? It can not be that hard! Problem: The package is completely broken and unusable. History: * 2017/11/15: First mention of this issue in my post to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863530 * 2017/12/01: I submitted a patch for the problem to #863530 * 2018/01/02: This issue was opened to fix the problem against release.debian.org It now has been 6 and 1/2 months since the patch was initially submitted.
Bug#886146: stretch-pu: package sqlcipher/3.2.0-2+deb9u1
> It'd be better for it to be fixed with a version, rather than imply it's > invalid. Changed that to reflect that the version that fixed it is: 3.4.1-1 > > Can you please also describe what if any testing was done on the > proposed update, and why this breakage wasn't caught before release? this has been explained in this bug, message 29, do you think it is enough or do you want any more testing? (also testing has been performed in 863530#25 ) maybe the bug hasn't been caught before release because people using sql stuff prefer to use stable and not testing? :) thanks! Gianfranco
Bug#886146: stretch-pu: package sqlcipher/3.2.0-2+deb9u1
On Thu, Mar 15, 2018 at 16:01:49 +0100, Gianfranco Costamagna wrote: > Control: tag -1 - moreinfo > On Sat, 10 Feb 2018 11:48:12 +0100 Julien Cristauwrote: > > Control: tag -1 moreinfo > > > > On Tue, Jan 2, 2018 at 17:59:07 +0100, Gianfranco Costamagna wrote: > > > > > +sqlcipher (3.2.0-2+deb9u1) stretch; urgency=medium > > > + > > > + [ Philipp Berger ] > > > + * Fixup previous patch, to avoid a crash when opening file > > > +(Closes: #863530) > > > + > > > > That bug is still open, implying it still affects sid? > > > > I closed it, that patch comes from the new release, actually part of > sid/buster > > sorry for not closing it in advance > It'd be better for it to be fixed with a version, rather than imply it's invalid. Can you please also describe what if any testing was done on the proposed update, and why this breakage wasn't caught before release? Cheers, Julien
Bug#886146: stretch-pu: package sqlcipher/3.2.0-2+deb9u1
Control: tag -1 - moreinfo On Sat, 10 Feb 2018 11:48:12 +0100 Julien Cristauwrote: > Control: tag -1 moreinfo > > On Tue, Jan 2, 2018 at 17:59:07 +0100, Gianfranco Costamagna wrote: > > > +sqlcipher (3.2.0-2+deb9u1) stretch; urgency=medium > > + > > + [ Philipp Berger ] > > + * Fixup previous patch, to avoid a crash when opening file > > +(Closes: #863530) > > + > > That bug is still open, implying it still affects sid? > I closed it, that patch comes from the new release, actually part of sid/buster sorry for not closing it in advance G. signature.asc Description: OpenPGP digital signature
Bug#886146: stretch-pu: package sqlcipher/3.2.0-2+deb9u1
Control: tag -1 moreinfo On Tue, Jan 2, 2018 at 17:59:07 +0100, Gianfranco Costamagna wrote: > +sqlcipher (3.2.0-2+deb9u1) stretch; urgency=medium > + > + [ Philipp Berger ] > + * Fixup previous patch, to avoid a crash when opening file > +(Closes: #863530) > + That bug is still open, implying it still affects sid? Cheers, Julien
Bug#886146: stretch-pu: package sqlcipher/3.2.0-2+deb9u1
Package: release.debian.org User: release.debian@packages.debian.org Usertags: pu Tags: stretch Severity: normal Hello, I request an update to fix segfaults for sqlcipher, due to wrong/incomplete openssl patch summary of the changes is here (and debdiff attached) +sqlcipher (3.2.0-2+deb9u1) stretch; urgency=medium + + [ Philipp Berger ] + * Fixup previous patch, to avoid a crash when opening file +(Closes: #863530) + + -- Gianfranco CostamagnaSat, 02 Dec 2017 11:24:26 +0100 + thanks! Gianfranco diff -Nru sqlcipher-3.2.0/debian/changelog sqlcipher-3.2.0/debian/changelog --- sqlcipher-3.2.0/debian/changelog2016-12-23 11:00:19.0 +0100 +++ sqlcipher-3.2.0/debian/changelog2017-12-02 11:24:26.0 +0100 @@ -1,3 +1,11 @@ +sqlcipher (3.2.0-2+deb9u1) stretch; urgency=medium + + [ Philipp Berger ] + * Fixup previous patch, to avoid a crash when opening file +(Closes: #863530) + + -- Gianfranco Costamagna Sat, 02 Dec 2017 11:24:26 +0100 + sqlcipher (3.2.0-2) unstable; urgency=medium * support building with openssl 1.1 (Closes: #828555) diff -Nru sqlcipher-3.2.0/debian/patches/33-openssl_1.1.patch sqlcipher-3.2.0/debian/patches/33-openssl_1.1.patch --- sqlcipher-3.2.0/debian/patches/33-openssl_1.1.patch 2016-12-23 10:59:43.0 +0100 +++ sqlcipher-3.2.0/debian/patches/33-openssl_1.1.patch 2017-12-02 11:24:15.0 +0100 @@ -1,14 +1,23 @@ --- a/src/crypto_openssl.c +++ b/src/crypto_openssl.c -@@ -155,14 +155,24 @@ +@@ -109,6 +109,8 @@ +is called by SQLCipher internally. This should prevent SQLCipher from +"cleaning up" openssl when it was initialized externally by the program */ + EVP_cleanup(); ++} else { ++ openssl_external_init = 0; + } + #ifndef SQLCIPHER_OPENSSL_NO_MUTEX_RAND + sqlite3_mutex_free(openssl_rand_mutex); +@@ -143,14 +145,24 @@ } static int sqlcipher_openssl_hmac(void *ctx, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out) { - HMAC_CTX hctx; unsigned int outlen; +#if OPENSSL_VERSION_NUMBER >= 0x1011L -+ HMAC_CTX *hctx; -+ hctx = HMAC_CTX_new(); ++ HMAC_CTX* hctx = HMAC_CTX_new(); ++ if(hctx == NULL) return SQLITE_ERROR; + HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha1(), NULL); + HMAC_Update(hctx, in, in_sz); + HMAC_Update(hctx, in2, in2_sz); @@ -26,7 +35,7 @@ return SQLITE_OK; } -@@ -172,9 +182,23 @@ +@@ -160,9 +172,23 @@ } static int sqlcipher_openssl_cipher(void *ctx, int mode, unsigned char *key, int key_sz, unsigned char *iv, unsigned char *in, int in_sz, unsigned char *out) { @@ -34,15 +43,15 @@ int tmp_csz, csz; +#if OPENSSL_VERSION_NUMBER >= 0x1011L -+ EVP_CIPHER_CTX *ectx; -+ ectx = EVP_CIPHER_CTX_new(); -+ EVP_CipherInit(ectx, ((openssl_ctx *)ctx)->evp_cipher, NULL, NULL, mode); ++ EVP_CIPHER_CTX* ectx = EVP_CIPHER_CTX_new(); ++ if(ectx == NULL) return SQLITE_ERROR; ++ EVP_CipherInit_ex(ectx, ((openssl_ctx *)ctx)->evp_cipher, NULL, NULL, NULL, mode); + EVP_CIPHER_CTX_set_padding(ectx, 0); // no padding -+ EVP_CipherInit(ectx, NULL, key, iv, mode); ++ EVP_CipherInit_ex(ectx, NULL, NULL, key, iv, mode); + EVP_CipherUpdate(ectx, out, _csz, in, in_sz); + csz = tmp_csz; + out += tmp_csz; -+ EVP_CipherFinal(ectx, out, _csz); ++ EVP_CipherFinal_ex(ectx, out, _csz); + csz += tmp_csz; + EVP_CIPHER_CTX_free(ectx); + @@ -51,7 +60,7 @@ EVP_CipherInit(, ((openssl_ctx *)ctx)->evp_cipher, NULL, NULL, mode); EVP_CIPHER_CTX_set_padding(, 0); // no padding EVP_CipherInit(, NULL, key, iv, mode); -@@ -184,7 +208,9 @@ +@@ -172,14 +198,19 @@ EVP_CipherFinal(, out, _csz); csz += tmp_csz; EVP_CIPHER_CTX_cleanup(); @@ -61,3 +70,15 @@ return SQLITE_OK; } + static int sqlcipher_openssl_set_cipher(void *ctx, const char *cipher_name) { + openssl_ctx *o_ctx = (openssl_ctx *)ctx; +- o_ctx->evp_cipher = (EVP_CIPHER *) EVP_get_cipherbyname(cipher_name); +- return SQLITE_OK; ++ EVP_CIPHER* cipher = (EVP_CIPHER *) EVP_get_cipherbyname(cipher_name); ++ if(cipher != NULL) { ++o_ctx->evp_cipher = cipher; ++ } ++ return cipher != NULL ? SQLITE_OK : SQLITE_ERROR; + } + + static const char* sqlcipher_openssl_get_cipher(void *ctx) { signature.asc Description: OpenPGP digital signature