[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#688793: marked as done (unblock: obnam/1.1-1.1)

Your message dated Tue, 25 Sep 2012 18:54:39 +0100
with message-id <1348595679.15010.3.camel@jacala.jungle.funky-badger.org>
and subject line Re: Bug#688793: unblock: obnam/1.1-1.1
has caused the Debian Bug report #688793,
regarding unblock: obnam/1.1-1.1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
688793: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688793
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package obnam

The NMU uploaded to unstable fixes an RC bug. The patch is taken from
the upstream bazaar repository. There are no other changes beside this
bugfix and upstream test case verifying the bugfix passes.

Thanks Gaudenz

unblock obnam/1.1-1.1

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (800, 'testing'), (700, 'unstable'), (50, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.5-trunk-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_CH.UTF-8, LC_CTYPE=de_CH.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

only in patch2:
unchanged:
--- obnam-1.1.orig/tests/encryption-replaces-key.script
+++ obnam-1.1/tests/encryption-replaces-key.script
@@ -0,0 +1,41 @@
+#!/bin/sh
+# Copyright 2011  Lars Wirzenius
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+set -eu
+
+gpgkey='3B1802F81B321347'
+fingerprint='4E2AF28A3D824CF2B3F1FE733B1802F81B321347'
+gpgkey2='DF3D13AA11E69900'
+
+# Make a backup with the default key ($gpgkey).
+$SRCDIR/tests/backup --encrypt-with="$gpgkey"
+
+# Add new key. "rainyday" is the name of the client.
+$SRCDIR/tests/obnam --encrypt-with="$gpgkey" add-key --keyid="$gpgkey2" \
+    rainyday
+
+# Remove the old key.
+$SRCDIR/tests/obnam --encrypt-with="$gpgkey2" remove-key --keyid="$gpgkey" \
+    rainyday
+
+# Remove the old key from the gpg keyring.
+export GNUPGHOME="$DATADIR/gpg"
+gpg --batch --delete-secret-key "$fingerprint"
+
+# Verify that the backup is still readable, now with the new key.
+$SRCDIR/tests/restore --encrypt-with="$gpgkey2"
+$SRCDIR/tests/verify
+
only in patch2:
unchanged:
--- obnam-1.1.orig/obnamlib/plugins/encryption_plugin.py
+++ obnam-1.1/obnamlib/plugins/encryption_plugin.py
@@ -161,6 +161,12 @@
             logging.debug('unable to remove key %s from %s (not there)' %
                           (keyid, toplevel))
 
+    def rewrite_symmetric_key(self, repo, toplevel):
+        symmetric_key = self.get_symmetric_key(repo, toplevel)
+        userkeys = self.read_keyring(repo, toplevel)
+        encrypted = obnamlib.encrypt_with_keyring(symmetric_key, userkeys)
+        self._overwrite_file(repo, os.path.join(toplevel, 'key'), encrypted)
+
     def add_client(self, clientlist, client_name):
         clientlist.set_client_keyid(client_name, self.keyid)
 
@@ -233,6 +239,7 @@
         clients = self._find_clientdirs(repo, args)
         for toplevel in self._shared + clients:
             self.add_to_userkeys(repo, toplevel, key)
+            self.rewrite_symmetric_key(repo, toplevel)
 
     def remove_key(self, args):
         '''Remove a key from the repository.'''
@@ -244,6 +251,7 @@
         clients = self._find_clientdirs(repo, args)
         for toplevel in self._shared + clients:
             self.remove_from_userkeys(repo, toplevel, keyid)
+            self.rewrite_symmetric_key(repo, toplevel)
 
     def remove_client(self, args):
         '''Remove client and its key from repository.'''
only in patch2:
unchanged:
--- obnam-1.1.orig/debian/changelog
+++ obnam-1.1/debian/changelog
@@ -1,3 +1,10 @@
+obnam (1.1-1.1) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Fix encription key handling (Closes: #680670)
+
+ -- Gaudenz Steinlin <gaudenz@debian.org>  Thu, 20 Sep 2012 16:22:16 +0200
+
 obnam (1.1-1) unstable; urgency=low
 
   * New upstream version.
only in patch2:
unchanged:
--- obnam-1.1.orig/debian/rules
+++ obnam-1.1/debian/rules
@@ -3,6 +3,8 @@
 	dh $@ --with=python2 --with-buildsystem=python_distutils
 
 override_dh_auto_test:
+	# fix test permission due to diff not representing permissions
+	chmod 755 tests/encryption-replaces-key.script
 	python setup.py build_ext -i
 	rm -rf build
 	cp -a test-gpghome temp.gpghome

--- End Message ---
--- Begin Message --- 
On Tue, 2012-09-25 at 19:22 +0200, Gaudenz Steinlin wrote:
> Please unblock package obnam
> 
> The NMU uploaded to unstable fixes an RC bug. The patch is taken from
> the upstream bazaar repository. There are no other changes beside this
> bugfix and upstream test case verifying the bugfix passes.

Unblocked; thanks.

Regards,

Adam

--- End Message ---
Reply to: