Bug 992800

Summary: tqsllib: FTBFS in rawhide
Product: [Fedora] Fedora Reporter: Dennis Gilmore <dennis>
Component: tqsllibAssignee: Lucian Langa <lucilanga>
Status: CLOSED EOL QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 20CC: bugs.michael, hobbes1069, i, lucilanga, opensource
Target Milestone: ---Keywords: Reopened
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-06-30 00:41:07 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 913825, 991858    
Attachments:
Description Flags
Patch for newer OpenSSL none

Description Dennis Gilmore 2013-08-05 06:35:31 UTC 
Your package tqsllib failed to build from source in current rawhide.

http://koji.fedoraproject.org/koji/taskinfo?taskID=5749831

Build logs:
root.log: http://kojipkgs.fedoraproject.org/work/tasks/9831/5749831/root.log
build.log: http://kojipkgs.fedoraproject.org/work/tasks/9831/5749831/build.log
state.log: http://kojipkgs.fedoraproject.org/work/tasks/9831/5749831/state.log
NOTE: build logs are cleaned up after 1 week

For details on mass rebuild see https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
Comment 1 Christopher Meng 2013-08-31 01:42:07 UTC 
*** Bug 914550 has been marked as a duplicate of this bug. ***
Comment 2 Christopher Meng 2013-08-31 01:57:49 UTC 
Error output:

+ make
make  all-am
make[1]: Entering directory `/home/rpmaker/rpmbuild/BUILD/tqsllib-2.2'
/bin/sh ./libtool --tag=CXX --mode=compile g++ -DHAVE_CONFIG_H -I. -I. -I. -I/usr/include -I/usr/include -I/usr/include   -g3 -O -Wall   -DCONFDIR=\"/usr/share/tqsl\" -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches  -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -c -o tqsllib.lo tqsllib.cpp
libtool: compile:  g++ -DHAVE_CONFIG_H -I. -I. -I. -I/usr/include -I/usr/include -I/usr/include -g3 -O -Wall -DCONFDIR=\"/usr/share/tqsl\" -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -c tqsllib.cpp  -fPIC -DPIC -o .libs/tqsllib.o
/bin/sh ./libtool --tag=CXX --mode=compile g++ -DHAVE_CONFIG_H -I. -I. -I. -I/usr/include -I/usr/include -I/usr/include   -g3 -O -Wall   -DCONFDIR=\"/usr/share/tqsl\" -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches  -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -c -o openssl_cert.lo openssl_cert.cpp
libtool: compile:  g++ -DHAVE_CONFIG_H -I. -I. -I. -I/usr/include -I/usr/include -I/usr/include -g3 -O -Wall -DCONFDIR=\"/usr/share/tqsl\" -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -c openssl_cert.cpp  -fPIC -DPIC -o .libs/openssl_cert.o
In file included from /usr/include/openssl/crypto.h:129:0,
                 from /usr/include/openssl/bio.h:69,
                 from /usr/include/openssl/evp.h:75,
                 from /usr/include/openssl/x509.h:73,
                 from openssl_cert.h:48,
                 from openssl_cert.cpp:172:
openssl_cert.cpp: In function 'int tqsl_exportPKCS12File(tQSL_Cert, const char*, const char*)':
openssl_cert.cpp:1587:2: error: invalid conversion from 'void*' to 'stack_st_OPENSSL_BLOCK*' [-fpermissive]
  ASN1_seq_pack_PKCS7(safes, (int(*)(PKCS7*, unsigned char**))i2d_PKCS7, &(p12)->authsafes->d.data->data,
  ^
In file included from /usr/include/openssl/objects.h:960:0,
                 from /usr/include/openssl/evp.h:98,
                 from /usr/include/openssl/x509.h:73,
                 from openssl_cert.h:48,
                 from openssl_cert.cpp:172:
/usr/include/openssl/asn1.h:1054:16: error:   initializing argument 1 of 'unsigned char* ASN1_seq_pack(stack_st_OPENSSL_BLOCK*, int (*)(void*, unsigned char**), unsigned char**, int*)' [-fpermissive]
 unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
                ^
make[1]: *** [openssl_cert.lo] Error 1
make[1]: Leaving directory `/home/rpmaker/rpmbuild/BUILD/tqsllib-2.2'
make: *** [all] Error 2
error: Bad exit status from /var/tmp/rpm-tmp.VV1QQC (%build)


RPM build errors:
    Bad exit status from /var/tmp/rpm-tmp.VV1QQC (%build)

===============================================================================

And I found something:


/* Ugly workaround for Openssl 1.0 bug per:
 * http://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=2123
 */
#if (OPENSSL_VERSION_NUMBER & 0xfffff000) == 0x10000000L
#define i2d_ASN1_SET i2d_ASN1_SET_buggy
#define d2i_ASN1_SET d2i_ASN1_SET_buggy
#define ASN1_seq_unpack ASN1_seq_unpack_buggy
#define ASN1_seq_pack ASN1_seq_pack_buggy
#include <openssl/asn1.h>
#undef i2d_ASN1_SET
#undef d2i_ASN1_SET
#undef ASN1_seq_unpack
#undef ASN1_seq_pack

#ifdef __cplusplus
extern "C" {
#endif

===============================================================================
It seems the tqsllib has openssl version limit.

So patch attached.
Comment 3 Christopher Meng 2013-08-31 02:00:00 UTC 
Created attachment 792355 [details]
Patch for newer OpenSSL

This patch increase the openssl version limit.
Comment 4 Till Maas 2013-08-31 06:51:26 UTC 
(In reply to Christopher Meng from comment #3)
> Created attachment 792355 [details]
> Patch for newer OpenSSL
> 
> This patch increase the openssl version limit.

Can you please submit the patch upstream?
Comment 5 Christopher Meng 2013-08-31 07:15:05 UTC 
(In reply to Till Maas from comment #4)
> (In reply to Christopher Meng from comment #3)
> > Created attachment 792355 [details]
> > Patch for newer OpenSSL
> > 
> > This patch increase the openssl version limit.
> 
> Can you please submit the patch upstream?

Sent.
Comment 6 Lucian Langa 2013-08-31 09:42:19 UTC 
Please note there is a new version of the upstream package (TrustedQSL), that this library provides dependency for.
Among other things it seems tqsllib is bundled with the main package and developement goes in there - I wasn't able to find new versions of tqslib.
Unfortunately to this date I wasn't able to fully package the new version of trustedqsl, mainly because of build system change and use rpaths.
According to documentation it might be possible to build with external tqsllib.
Comment 7 Fedora End Of Life 2013-09-16 16:51:23 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora 20 development cycle.
Changing version to '20'.

More information and reason for this action is here:
https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora20
Comment 8 Richard Shaw 2013-12-20 14:31:36 UTC 
Yes, the new version (since 1.14.3) includes tqsllib with the binary. tqsllib as a separate package is obsolete. I'm not on the acl for tqsllib so if someone could take care of obsoleting it that would be great.
Comment 9 Christopher Meng 2013-12-21 02:24:58 UTC 
(In reply to Richard Shaw from comment #8)
> Yes, the new version (since 1.14.3) includes tqsllib with the binary.
> tqsllib as a separate package is obsolete. I'm not on the acl for tqsllib so
> if someone could take care of obsoleting it that would be great.

Just a question.

If TrustedQSL doesn't need it anymore and bundle it as internal into itself, I can obsolete it. Otherwise I think the TrustedQSL packaging violates the guidelines.
Comment 10 Richard Shaw 2013-12-21 03:40:26 UTC 
It's not bundled per-se because it is upstream for both the library and the binary. They kept the versioning separate which is annoying but I worked around that and got the package(s) building properly.
Comment 11 Christopher Meng 2013-12-21 04:02:17 UTC 
(In reply to Richard Shaw from comment #10)
> It's not bundled per-se because it is upstream for both the library and the
> binary. They kept the versioning separate which is annoying but I worked
> around that and got the package(s) building properly.

So...

1. I retire this package

2. You add proper obsolete lines for this package?

Right?
Comment 12 Richard Shaw 2013-12-21 13:27:00 UTC 
Since there was no real path to updating the stand alone tqsl library I went ahead and added the appropriate Obsoletes to the current 1.14.3 package so it should be safe to retire this one now. I've also got 2.0.1 working it's way though bodhi for F19+.
Comment 13 Michael Schwendt 2013-12-21 13:41:13 UTC 
The Obsoletes/Provides for "tqsllib" and "tqsllib-devel" are superfluous, because trustedqsl builds subpackages with exactly the same names _and_ a higher version.
Comment 14 Christopher Meng 2013-12-27 13:08:32 UTC 
Remarks from upstream months ago:

"That's part of the TrustedQSL package. If it hasn't been updated in 3
years, then it's far behind the current source."

"Whomever is responsible for maintaining those packages (tqsllib and
tqsl) needs to merge the changes in the current Git repository on
sourceforge.
I'm not the maintainer and don't have any idea how to push the updates."

So it's trivial to update this package anymore, I've retired it.
Comment 15 Christopher Meng 2013-12-27 13:11:01 UTC 
Sorry for the last sentence:

s/I've /Please /
Comment 16 Richard Shaw 2014-05-08 20:48:12 UTC 
Does the old tqsllib package still need to be retired or can we close this bug?
Comment 17 Michael Schwendt 2014-05-08 20:52:56 UTC 
https://fedoraproject.org/wiki/How_to_remove_a_package_at_end_of_life

Please do retire it properly using the fedpkg tool. Nowadays that automates several steps at once, and it's especially important to make the package a "dead.package", so no automated rebuilds reintroduce new builds (that would break the Obsoletes tags).
Comment 18 Fedora End Of Life 2015-05-29 09:16:22 UTC 
This message is a reminder that Fedora 20 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 20. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as EOL if it remains open with a Fedora  'version'
of '20'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 20 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.
Comment 19 Fedora End Of Life 2015-06-30 00:41:07 UTC 
Fedora 20 changed to end-of-life (EOL) status on 2015-06-23. Fedora 20 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.