[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1041272: marked as done (bookworm-pu: package transmission/3.00-2.1+deb12u1)

Your message dated Sat, 07 Oct 2023 09:59:38 +0000
with message-id <E1qp45y-00A4Ab-NH@coccia.debian.org>
and subject line Released with 12.2
has caused the Debian Bug report #1041272,
regarding bookworm-pu: package transmission/3.00-2.1+deb12u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1041272: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041272
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: transmission@packages.debian.org
Control: affects -1 + src:transmission

[ Reason ]
transmission in bookworm suffers from a memory leak in bookworm (see
#1015003). This issue was fixed in unstable in the new upstream
releaase.

[ Impact ]
A memory issue remains in a long running daemon.

[ Tests ]
The patch was used in gentoo. Build-time tests pass. As I have no
interest in transmission itself and users reported that the new patch is
supposed to work, I didn't perform any other tests.

[ Risks ]
New patch looks sane enough to load the legacy openssl provider. So I
don't expect any major risks.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]
The patch from Ubuntu for OpenSSL compatibility is exchanged with the
one from Gentoo.

Cheers
-- 
Sebastian Ramacher

diff -Nru transmission-3.00/debian/changelog transmission-3.00/debian/changelog
--- transmission-3.00/debian/changelog	2022-05-21 09:22:10.000000000 +0200
+++ transmission-3.00/debian/changelog	2023-07-16 19:09:31.000000000 +0200
@@ -1,3 +1,10 @@
+transmission (3.00-2.1+deb12u1) bookworm; urgency=medium
+
+  * debian/patches/: Replace openssl3 compat patch to fix memory leak.
+    (Closes: #1015003)
+
+ -- Sebastian Ramacher <sramacher@debian.org>  Sun, 16 Jul 2023 19:09:31 +0200
+
 transmission (3.00-2.1) unstable; urgency=low
 
   [ Steve Langasek ]
diff -Nru transmission-3.00/debian/patches/openssl3-compat.patch transmission-3.00/debian/patches/openssl3-compat.patch
--- transmission-3.00/debian/patches/openssl3-compat.patch	2022-05-21 09:21:15.000000000 +0200
+++ transmission-3.00/debian/patches/openssl3-compat.patch	2023-07-16 19:09:29.000000000 +0200
@@ -1,130 +1,37 @@
-Description: Compatibility with OpenSSL 3
- We rely on RC4 because of the torrent protocol we're implementing, but this
- is no longer available in the default provider.
-Author: Steve Langasek <steve.langasek@ubuntu.com>
-Bug-Ubuntu: https://bugs.launchpad.net/bugs/1946215
-Last-Update: 2021-12-13
-Forwarded: no
+From 6ee128b95bacaff20746538dc97c2b8e2b9fcc29 Mon Sep 17 00:00:00 2001
+From: Mike Gilbert <floppym@gentoo.org>
+Date: Sun, 15 May 2022 10:54:38 -0400
+Subject: [PATCH] openssl: load "legacy" provider for RC4
 
-Index: transmission-3.00/libtransmission/crypto-utils-openssl.c
-===================================================================
---- transmission-3.00.orig/libtransmission/crypto-utils-openssl.c
-+++ transmission-3.00/libtransmission/crypto-utils-openssl.c
+---
+ libtransmission/crypto-utils-openssl.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/libtransmission/crypto-utils-openssl.c b/libtransmission/crypto-utils-openssl.c
+index 45fd71913..14d680654 100644
+--- a/libtransmission/crypto-utils-openssl.c
++++ b/libtransmission/crypto-utils-openssl.c
 @@ -20,6 +20,9 @@
  #include <openssl/rand.h>
  #include <openssl/ssl.h>
  #include <openssl/x509.h>
-+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++#if OPENSSL_VERSION_MAJOR >= 3
 +#include <openssl/provider.h>
 +#endif
  
  #include "transmission.h"
  #include "crypto-utils.h"
-@@ -182,46 +185,86 @@
- 
- #endif
+@@ -184,6 +187,10 @@ static void openssl_evp_cipher_context_free(EVP_CIPHER_CTX* handle)
  
-+typedef struct tr_rc4_ctx {
-+    EVP_CIPHER_CTX *cipher_ctx;
-+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-+    OSSL_LIB_CTX *lib_ctx;
-+#endif
-+} tr_rc4_ctx;
-+
  tr_rc4_ctx_t tr_rc4_new(void)
  {
--    EVP_CIPHER_CTX* handle = EVP_CIPHER_CTX_new();
-+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-+    OSSL_PROVIDER *legacy_provider = NULL;
-+    OSSL_PROVIDER *default_provider = NULL;
-+#endif
-+    const EVP_CIPHER *cipher;
- 
--    if (check_result(EVP_CipherInit_ex(handle, EVP_rc4(), NULL, NULL, NULL, -1)))
-+    tr_rc4_ctx *handle = malloc(sizeof(tr_rc4_ctx));
-+
-+    handle->cipher_ctx = EVP_CIPHER_CTX_new();
-+
-+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-+    handle->lib_ctx = OSSL_LIB_CTX_new();
-+    TR_ASSERT(handle->lib_ctx);
-+    legacy_provider = OSSL_PROVIDER_load(handle->lib_ctx, "legacy");
-+    TR_ASSERT(legacy_provider);
-+    default_provider = OSSL_PROVIDER_load(handle->lib_ctx, "default");
-+    TR_ASSERT(default_provider);
-+    
-+    cipher = EVP_CIPHER_fetch(handle->lib_ctx, "RC4", NULL);
-+#else
-+    cipher = EVP_rc4();
-+#endif
-+
-+    if (check_result(EVP_CipherInit_ex(handle->cipher_ctx, cipher, NULL, NULL,
-+                                       NULL, -1)))
-     {
-         return handle;
-     }
- 
--    EVP_CIPHER_CTX_free(handle);
-+    EVP_CIPHER_CTX_free(handle->cipher_ctx);
-+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-+    OSSL_LIB_CTX_free(handle->lib_ctx);
-+#endif
-     return NULL;
- }
- 
--void tr_rc4_free(tr_rc4_ctx_t handle)
-+void tr_rc4_free(tr_rc4_ctx_t h)
- {
--    if (handle == NULL)
-+    if (h == NULL)
-     {
-         return;
-     }
- 
--    EVP_CIPHER_CTX_free(handle);
-+    tr_rc4_ctx *handle = (tr_rc4_ctx *)h;
-+
-+    EVP_CIPHER_CTX_free(handle->cipher_ctx);
-+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-+    OSSL_LIB_CTX_free(handle->lib_ctx);
-+#endif
-+    free(handle);
- }
- 
--void tr_rc4_set_key(tr_rc4_ctx_t handle, uint8_t const* key, size_t key_length)
-+void tr_rc4_set_key(tr_rc4_ctx_t h, uint8_t const* key, size_t key_length)
- {
--    TR_ASSERT(handle != NULL);
-+    TR_ASSERT(h != NULL);
-     TR_ASSERT(key != NULL);
- 
--    if (!check_result(EVP_CIPHER_CTX_set_key_length(handle, key_length)))
-+    tr_rc4_ctx *handle = (tr_rc4_ctx *)h;
-+    if (!check_result(EVP_CIPHER_CTX_set_key_length(handle->cipher_ctx, key_length)))
-     {
-         return;
-     }
- 
--    check_result(EVP_CipherInit_ex(handle, NULL, NULL, key, NULL, -1));
-+    check_result(EVP_CipherInit_ex(handle->cipher_ctx, NULL, NULL, key, NULL, -1));
- }
- 
--void tr_rc4_process(tr_rc4_ctx_t handle, void const* input, void* output, size_t length)
-+void tr_rc4_process(tr_rc4_ctx_t h, void const* input, void* output, size_t length)
- {
--    TR_ASSERT(handle != NULL);
-+    TR_ASSERT(h != NULL);
- 
-+    tr_rc4_ctx *handle = (tr_rc4_ctx *)h;
-     if (length == 0)
-     {
-         return;
-@@ -232,7 +275,7 @@
- 
-     int output_length;
- 
--    check_result(EVP_CipherUpdate(handle, output, &output_length, input, length));
-+    check_result(EVP_CipherUpdate(handle->cipher_ctx, output, &output_length, input, length));
- }
- 
- /***
++#if OPENSSL_VERSION_MAJOR >= 3
++    OSSL_PROVIDER_load(NULL, "default");
++    OSSL_PROVIDER_load(NULL, "legacy");
++#endif
+     EVP_CIPHER_CTX* handle = EVP_CIPHER_CTX_new();
+ 
+     if (check_result(EVP_CipherInit_ex(handle, EVP_rc4(), NULL, NULL, NULL, -1)))
+-- 
+2.35.1
+

--- End Message ---
--- Begin Message --- 
Version: 12.2

The upload requested in this bug has been released as part of 12.2.

--- End Message ---
Reply to: