Your message dated Sat, 09 Jun 2012 19:11:19 +0000 with message-id <E1SdR4B-0008Hk-Vo@franck.debian.org> and subject line Bug#674598: fixed in ssl-cert 1.0.29 has caused the Debian Bug report #674598, regarding make-ssl-cert fails on long-named hosts to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 674598: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674598 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: make-ssl-cert fails on long-named hosts
- From: Ben Howard <ben.howard@ubuntu.com>
- Date: Fri, 25 May 2012 14:31:28 -0600
- Message-id: <4FBFEC20.6070401@ubuntu.com>
Package: ssl-cert
Version: 1.0.28
The 'make-ssl-cert' command fails on hosts with longer than 64-characters as the FQDN.
https://bugs.launchpad.net/ubuntu/+source/ssl-cert/+bug/1004682
ben@utlemming-
22a:~$ hostname -f
utlemming-22a.139cd93ba28 0479588e4157eac 561a0b. utlemming- 22a.525551751. uswest. internal. utlemmings- excellent- cloud.com ben@utlemming-
22a:~$ sudo make-ssl-cert generate- default- snakeoil
Could not create certificate. Openssl output was:
Generating a 2048 bit RSA private key
.............. ....... ..+++
.............. ....... ....... ....... ....... ....... +++
writing new private key to '/etc/ssl/private/ ssl-cert- snakeoil. key'
-----
problems making Certificate Request
139776384734880:error: 0D07A097: asn1 encoding routines: ASN1_mbstring_ ncopy:string too long:a_ mbstr.c: 154:maxsize= 64
The following is a patch submission that defaults to the short name if the FQDN is too long:
=== modified file 'make-ssl-cert'
--- make-ssl-cert 2009-11-01 12:14:55 +0000
+++ make-ssl-cert 2012-05-25 20:23:05 +0000
@@ -30,9 +30,9 @@
}
make_snakeoil() {
- if ! HostName="$(hostname -f)" ; then
+ if ! { HostName="$(hostname -f)" && [ ${#HostName} -lt 64 ]; }; then
HostName="$(hostname)"
- echo make-ssl-cert: Could not get FQDN, using \"$HostName\".
+ echo make-ssl-cert: Could not get or use FQDN, using \"$HostName\".
echo make-ssl-cert: You may want to fix your /etc/hosts and/or DNS setup and run
echo make-ssl-cert: 'make-ssl-cert generate-default-snakeoil --force-overwrite'
echo make-ssl-cert: again.
-- Ben Howard ben.howard@ubuntu.com Canonical GPG ID 0x5406A866
--- End Message ---
--- Begin Message ---
- To: 674598-close@bugs.debian.org
- Subject: Bug#674598: fixed in ssl-cert 1.0.29
- From: Stefan Fritsch <sf@debian.org>
- Date: Sat, 09 Jun 2012 19:11:19 +0000
- Message-id: <E1SdR4B-0008Hk-Vo@franck.debian.org>
Source: ssl-cert Source-Version: 1.0.29 We believe that the bug you reported is fixed in the latest version of ssl-cert, which is due to be installed in the Debian FTP archive: ssl-cert_1.0.29.dsc to main/s/ssl-cert/ssl-cert_1.0.29.dsc ssl-cert_1.0.29.tar.gz to main/s/ssl-cert/ssl-cert_1.0.29.tar.gz ssl-cert_1.0.29_all.deb to main/s/ssl-cert/ssl-cert_1.0.29_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 674598@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Stefan Fritsch <sf@debian.org> (supplier of updated ssl-cert package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 09 Jun 2012 20:33:07 +0200 Source: ssl-cert Binary: ssl-cert Architecture: source all Version: 1.0.29 Distribution: unstable Urgency: low Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org> Changed-By: Stefan Fritsch <sf@debian.org> Description: ssl-cert - simple debconf wrapper for OpenSSL Closes: 628373 645515 674598 Changes: ssl-cert (1.0.29) unstable; urgency=low . * Add support for subject alternative names. Thanks to Jonas Smedegaard for the patch. Closes: #645515 (Sorry to all translators for adding a template so close to the freeze.) * For "make-ssl-cert generate-default-snakeoil", if the FQDN is too long, put it in the SubjAltName and use the simple hostname as CN. Closes: #674598 * Add Catalan translation. Thanks to Innocent De Marchi. Closes: #628373 * Bump Standards-Version (no changes). * Switch VCS to git * Fix lintian warnings about build-arch/build-indep targets in debian/rules. Checksums-Sha1: 3277a1bb8667034b5bbdd3d3e58654f0c0e5fc6f 994 ssl-cert_1.0.29.dsc 644a3ffebb5f67c5e920b562ba042336b3f7c06e 23820 ssl-cert_1.0.29.tar.gz 6155bf5ec598796cbad0ec691c799f5a8f53536e 15594 ssl-cert_1.0.29_all.deb Checksums-Sha256: 9f45c7864a09bba08da12cd7249b715e540e33f4fc13e1790b13a1e902b028ab 994 ssl-cert_1.0.29.dsc 19c0e39f9deda84fb2814d89e40a00e59f69044405f2331e3756e7198658573e 23820 ssl-cert_1.0.29.tar.gz 4610e7a0653b7262a519f29f55a10b1aa8e6932e0d115d2e1ee1af75574bcc26 15594 ssl-cert_1.0.29_all.deb Files: 384286b2620ac35afb0bf4256e352387 994 utils optional ssl-cert_1.0.29.dsc 9d5d3d12cb1e799513530272cc630930 23820 utils optional ssl-cert_1.0.29.tar.gz acaa4122c9009d55a6f76208937e987b 15594 utils optional ssl-cert_1.0.29_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFP05xJbxelr8HyTqQRAh0gAJsEjNkYLXYKGEVqNhbr19KdIO0ZagCeItj9 OmzZHggM94TQyOj244Lv15w= =BgBI -----END PGP SIGNATURE-----
--- End Message ---