--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package openvpn-auth-ldap
The version in squeeze and wheezy has a critical bug that makes the
package inoperable after some time. The bug is:
#692936: "No remote address supplied" after a while
... and the 2.0.3-4 upload was performed only for that purpose.
Here's the magic stanza:
unblock openvpn-auth-ldap/2.0.3-4
Here's the debdiff:
diff -Nru openvpn-auth-ldap-2.0.3/debian/changelog openvpn-auth-ldap-2.0.3/debian/changelog
--- openvpn-auth-ldap-2.0.3/debian/changelog 2012-06-05 09:59:11.000000000 -0400
+++ openvpn-auth-ldap-2.0.3/debian/changelog 2012-11-12 05:36:50.000000000 -0500
@@ -1,3 +1,10 @@
+openvpn-auth-ldap (2.0.3-4) unstable; urgency=low
+
+ * Add patch from Antoine Beaupré to fix "No remote address
+ supplied" error. (Closes: #692936)
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Mon, 12 Nov 2012 11:35:43 +0100
+
openvpn-auth-ldap (2.0.3-3) unstable; urgency=low
* Acknowledge Matthias Klose's NMU. Thanks!
diff -Nru openvpn-auth-ldap-2.0.3/debian/patches/openvpn_ldap_simpler_add_handler_4 openvpn-auth-ldap-2.0.3/debian/patches/openvpn_ldap_simpler_add_handler_4
--- openvpn-auth-ldap-2.0.3/debian/patches/openvpn_ldap_simpler_add_handler_4 1969-12-31 19:00:00.000000000 -0500
+++ openvpn-auth-ldap-2.0.3/debian/patches/openvpn_ldap_simpler_add_handler_4 2012-11-12 04:40:39.000000000 -0500
@@ -0,0 +1,50 @@
+Description: move address checks further down to avoid certain failures
+ this tries to avoid certain failures with the LDAP plugin where it
+ doesn't get passed the remoteAddress in certain cases. since we do
+ may not care about this address, we fail only when really necessary.
+
+Author: Antoine Beaupr�anarcat@debian.org>
+
+Origin: vendor
+Bug: https://code.google.com/p/openvpn-auth-ldap/issues/detail?id=4
+Bug-Debian: http://bugs.debian.org/692936
+Forwarded: yes
+Last-Update: 2012-11-10
+
+--- openvpn-auth-ldap-2.0.3.orig/src/auth-ldap.m
++++ openvpn-auth-ldap-2.0.3/src/auth-ldap.m
+@@ -533,7 +533,10 @@ static int handle_client_connect_disconn
+ }
+
+ if (tableName)
+- if (!pf_client_connect_disconnect(ctx, tableName, remoteAddress, connecting))
++ if (!remoteAddress) {
++ [TRLog debug: "No remote address supplied to OpenVPN LDAP Plugin (OPENVPN_PLUGIN_CLIENT_CONNECT)."];
++ ret = OPENVPN_PLUGIN_FUNC_ERROR;
++ } else if (!pf_client_connect_disconnect(ctx, tableName, remoteAddress, connecting))
+ return OPENVPN_PLUGIN_FUNC_ERROR;
+ #endif /* HAVE_PF */
+
+@@ -587,20 +590,10 @@ openvpn_plugin_func_v1(openvpn_plugin_ha
+ break;
+ /* New connection established */
+ case OPENVPN_PLUGIN_CLIENT_CONNECT:
+- if (!remoteAddress) {
+- [TRLog debug: "No remote address supplied to OpenVPN LDAP Plugin (OPENVPN_PLUGIN_CLIENT_CONNECT)."];
+- ret = OPENVPN_PLUGIN_FUNC_ERROR;
+- } else {
+- ret = handle_client_connect_disconnect(ctx, ldap, ldapUser, remoteAddress, YES);
+- }
++ ret = handle_client_connect_disconnect(ctx, ldap, ldapUser, remoteAddress, YES);
+ break;
+ case OPENVPN_PLUGIN_CLIENT_DISCONNECT:
+- if (!remoteAddress) {
+- [TRLog debug: "No remote address supplied to OpenVPN LDAP Plugin (OPENVPN_PLUGIN_CLIENT_DISCONNECT)."];
+- ret = OPENVPN_PLUGIN_FUNC_ERROR;
+- } else {
+- ret = handle_client_connect_disconnect(ctx, ldap, ldapUser, remoteAddress, NO);
+- }
++ ret = handle_client_connect_disconnect(ctx, ldap, ldapUser, remoteAddress, NO);
+ break;
+ default:
+ [TRLog debug: "Unhandled plugin type in OpenVPN LDAP Plugin (type=%d)", type];
diff -Nru openvpn-auth-ldap-2.0.3/debian/patches/series openvpn-auth-ldap-2.0.3/debian/patches/series
--- openvpn-auth-ldap-2.0.3/debian/patches/series 2012-06-05 07:31:33.000000000 -0400
+++ openvpn-auth-ldap-2.0.3/debian/patches/series 2012-11-12 04:43:28.000000000 -0500
@@ -1,2 +1,3 @@
STARTTLS_before_auth.patch
gobjc_4.7_runtime.patch
+openvpn_ldap_simpler_add_handler_4
Thanks,
A.
PS: maybe this could be considered for a squeeze update too?
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to fr_CA.UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
On Wed, 2012-11-28 at 12:33 -0500, anarcat wrote:
> After running through the autobuilders, we have found a FTBFS error in
> the -4 package, so please:
>
> unblock openvpn-auth-ldap/2.0.3-5
>
> ... as that patch is actually the correct one. :(
Definitely? ;-)
Hint updated; thanks.
Regards,
Adam
--- End Message ---