Bug#688006: marked as done (unblock: krb5-sync/2.2-3)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Tue, 18 Sep 2012 13:19:16 +0100
with message-id <3471254a79363ed82e2a9ff2ab6d7b1e@mail.adsl.funky-badger.org>
and subject line Re: Bug#688006: unblock: krb5-sync/2.2-3
has caused the Debian Bug report #688006,
regarding unblock: krb5-sync/2.2-3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
688006: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688006
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: unblock: krb5-sync/2.2-3
• From: Russ Allbery <rra@debian.org>
• Date: Mon, 17 Sep 2012 20:39:50 -0700
• Message-id: <[🔎] 20120918033950.25296.70266.reportbug@windlord.stanford.edu>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package krb5-sync for the fix to RC bug #687346.
Changelog:

  * Apply upstream commit to silently ignore password changes with a NULL
    password, only new keys.  This represents a key randomization, such as
    from addprinc -randkey, which is outside the synchronization scope of
    this package.  Without this change, the plugin would segfault on that
    operation.  (Closes: #687346)

The debdiff adds a debian patch, the effect of which is to apply the
following patch:

--- a/plugin/mit.c
+++ b/plugin/mit.c
@@ -81,6 +81,15 @@ chpass(krb5_context ctx, kadm5_hook_modinfo *data, int stage,
     size_t length;
     int status = 0;
 
+    /*
+     * If password is NULL, we have a new key set but no password (meaning
+     * this is an operation such as addprinc -randkey).  We can't do anything
+     * without a password, so ignore these cases.
+     */
+    if (password == NULL)
+        return 0;
+
+    /* Dispatch to the appropriate function. */
     length = strlen(password);
     if (stage == KADM5_HOOK_STAGE_PRECOMMIT)
         status = pwupdate_precommit_password(data, princ, password, length,

unblock krb5-sync/2.2-3

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-3-686-pae (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

--- End Message ---

--- Begin Message ---

• To: Russ Allbery <rra@debian.org>, <688006-done@bugs.debian.org>
• Subject: Re: Bug#688006: unblock: krb5-sync/2.2-3
• From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
• Date: Tue, 18 Sep 2012 13:19:16 +0100
• Message-id: <3471254a79363ed82e2a9ff2ab6d7b1e@mail.adsl.funky-badger.org>
• In-reply-to: <[🔎] 20120918033950.25296.70266.reportbug@windlord.stanford.edu>
• References: <[🔎] 20120918033950.25296.70266.reportbug@windlord.stanford.edu>

On 18.09.2012 04:39, Russ Allbery wrote:

Please unblock package krb5-sync for the fix to RC bug #687346.
Changelog:

* Apply upstream commit to silently ignore password changes with a NULL password, only new keys. This represents a key randomization, such as from addprinc -randkey, which is outside the synchronization scope of this package. Without this change, the plugin would segfault on that

    operation.  (Closes: #687346)

Unblocked; thanks.

Regards,

Adam

--- End Message ---