Suppress the mbed TLS version check too (#1000358).

Rename debian/patches/suppress_gnutls_version_check to
suppress_tls_version_checks accordingly.

diff --git a/debian/changelog b/debian/changelog
index 5db07645d39881f45be739448eda98f2736f35de..39ce3e1dab188864b0e1adec789d35d3c6f57ae9 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -11,8 +11,11 @@ ncbi-blast+ (2.12.0+ds-1) UNRELEASED; urgency=medium
       should now be fine elsewhere.
   * Standards-Version: 4.6.0 (routine-update)
   * watch file standard 4 (routine-update)
+  * debian/patches/suppress_tls_version_checks (formerly
+    suppress_gnutls_version_check): Suppress the mbed TLS version check too.
+    (Closes: #1000358.)
 
- -- Aaron M. Ucko <ucko@debian.org>  Wed, 01 Dec 2021 21:49:05 -0500
+ -- Aaron M. Ucko <ucko@debian.org>  Wed, 01 Dec 2021 22:11:52 -0500
 
 ncbi-blast+ (2.11.0+ds-1) unstable; urgency=medium
 

diff --git a/debian/patches/series b/debian/patches/series
index a30023b7b545bd7dfbffe7abd86a40bdb29b2b24..8df54bb5e1bb6f429f38d9b19e00108a49432ee8 100644 (file)
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -7,7 +7,7 @@ use_pie_for_apps
 skip_services_unit_test
 fix_configure
 support_x32
-suppress_gnutls_version_check
+suppress_tls_version_checks
 optionally_keep_sequence
 fix_unit_tests
 system_mbedtls_only

diff --git a/debian/patches/suppress_gnutls_version_check b/debian/patches/suppress_gnutls_version_check
deleted file mode 100644 (file)
index 25ab480..0000000
--- a/debian/patches/suppress_gnutls_version_check
+++ /dev/null
@@ -1,25 +0,0 @@
-Author: Aaron M. Ucko <ucko@debian.org>
-Date:   Wed Dec 7 21:34:44 2016 -0500
-Description: suppress gnutls version check
-    
-    Prevent bailing when the exact compile-time and runtime GNU TLS versions
-    differ; trust dpkg to disallow combinations that are actually incompatible.
-
---- a/c++/src/connect/ncbi_gnutls.c
-+++ b/c++/src/connect/ncbi_gnutls.c
-@@ -665,6 +665,7 @@
- 
-     assert(!s_GnuTlsCredAnon);
- 
-+#if 0
-     version = gnutls_check_version(0);
-     if (strcasecmp(GNUTLS_VERSION, version) != 0) {
-         CORE_LOGF(eLOG_Critical,
-@@ -672,6 +673,7 @@
-                    GNUTLS_VERSION, version));
-         assert(0);
-     }
-+#endif
- 
-     if (!pull  ||  !push)
-         return eIO_InvalidArg;

diff --git a/debian/patches/suppress_tls_version_checks b/debian/patches/suppress_tls_version_checks
new file mode 100644 (file)
index 0000000..a49e0c6
--- /dev/null
+++ b/debian/patches/suppress_tls_version_checks
@@ -0,0 +1,43 @@
+Author: Aaron M. Ucko <ucko@debian.org>
+Date:   Wed, 01 Dec 2021 22:08:16 -0500
+Description: suppress gnu TLS and mbed TLS version checks
+    
+    Prevent bailing when the exact compile-time and runtime GNU TLS versions
+    differ; trust dpkg to disallow combinations that are actually incompatible.
+    Likewise for mbed TLS.
+
+--- a/c++/src/connect/ncbi_gnutls.c
++++ b/c++/src/connect/ncbi_gnutls.c
+@@ -692,6 +692,7 @@ static EIO_Status s_GnuTlsInit(FSSLPull
+ 
+     assert(!s_GnuTlsCredAnon);
+ 
++#if 0
+     version = gnutls_check_version(0);
+     if (strcasecmp(GNUTLS_VERSION, version) != 0) {
+         CORE_LOGF(eLOG_Critical,
+@@ -699,6 +700,7 @@ static EIO_Status s_GnuTlsInit(FSSLPull
+                    GNUTLS_VERSION, version));
+         assert(0);
+     }
++#endif
+ 
+     if (!pull  ||  !push)
+         return eIO_InvalidArg;
+--- a/c++/src/connect/ncbi_mbedtls.c
++++ b/c++/src/connect/ncbi_mbedtls.c
+@@ -665,12 +665,14 @@ static EIO_Status s_MbedTlsInit(FSSLPull
+     char buf[32];
+ 
+     mbedtls_version_get_string(version);
++#if 0
+     if (strcasecmp(MBEDTLS_VERSION_STRING, version) != 0) {
+         CORE_LOGF(eLOG_Critical,
+                   ("%s version mismatch: %s headers vs. %s runtime",
+                    kMbedTls, MBEDTLS_VERSION_STRING, version));
+         assert(0);
+     }
++#endif
+ 
+     if (!pull  ||  !push)
+         return eIO_InvalidArg;