[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#693060: marked as done (unblock: openvpn-auth-ldap/2.0.3-4)

Your message dated Wed, 28 Nov 2012 17:55:24 +0000
with message-id <1354125324.9783.25.camel@jacala.jungle.funky-badger.org>
and subject line Re: Bug#693060: oups: please unblock openvpn-auth-ldap/2.0.3-5 instead
has caused the Debian Bug report #693060,
regarding unblock: openvpn-auth-ldap/2.0.3-4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
693060: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693060
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package openvpn-auth-ldap

The version in squeeze and wheezy has a critical bug that makes the
package inoperable after some time. The bug is:

#692936: "No remote address supplied" after a while

... and the 2.0.3-4 upload was performed only for that purpose.

Here's the magic stanza:

unblock openvpn-auth-ldap/2.0.3-4

Here's the debdiff:

diff -Nru openvpn-auth-ldap-2.0.3/debian/changelog openvpn-auth-ldap-2.0.3/debian/changelog
--- openvpn-auth-ldap-2.0.3/debian/changelog	2012-06-05 09:59:11.000000000 -0400
+++ openvpn-auth-ldap-2.0.3/debian/changelog	2012-11-12 05:36:50.000000000 -0500
@@ -1,3 +1,10 @@
+openvpn-auth-ldap (2.0.3-4) unstable; urgency=low
+
+  * Add patch from Antoine Beaupré to fix "No remote address
+    supplied" error. (Closes: #692936)
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org>  Mon, 12 Nov 2012 11:35:43 +0100
+
 openvpn-auth-ldap (2.0.3-3) unstable; urgency=low
 
   * Acknowledge Matthias Klose's NMU. Thanks!
diff -Nru openvpn-auth-ldap-2.0.3/debian/patches/openvpn_ldap_simpler_add_handler_4 openvpn-auth-ldap-2.0.3/debian/patches/openvpn_ldap_simpler_add_handler_4
--- openvpn-auth-ldap-2.0.3/debian/patches/openvpn_ldap_simpler_add_handler_4	1969-12-31 19:00:00.000000000 -0500
+++ openvpn-auth-ldap-2.0.3/debian/patches/openvpn_ldap_simpler_add_handler_4	2012-11-12 04:40:39.000000000 -0500
@@ -0,0 +1,50 @@
+Description: move address checks further down to avoid certain failures
+ this tries to avoid certain failures with the LDAP plugin where it
+ doesn't get passed the remoteAddress in certain cases. since we do
+ may not care about this address, we fail only when really necessary.
+
+Author: Antoine Beaupr�anarcat@debian.org>
+
+Origin: vendor
+Bug: https://code.google.com/p/openvpn-auth-ldap/issues/detail?id=4
+Bug-Debian: http://bugs.debian.org/692936
+Forwarded: yes
+Last-Update: 2012-11-10
+
+--- openvpn-auth-ldap-2.0.3.orig/src/auth-ldap.m
++++ openvpn-auth-ldap-2.0.3/src/auth-ldap.m
+@@ -533,7 +533,10 @@ static int handle_client_connect_disconn
+ 	}
+ 
+ 	if (tableName)
+-		if (!pf_client_connect_disconnect(ctx, tableName, remoteAddress, connecting))
++        	if (!remoteAddress) {
++			[TRLog debug: "No remote address supplied to OpenVPN LDAP Plugin (OPENVPN_PLUGIN_CLIENT_CONNECT)."];
++			ret = OPENVPN_PLUGIN_FUNC_ERROR;
++		} else if (!pf_client_connect_disconnect(ctx, tableName, remoteAddress, connecting))
+ 			return OPENVPN_PLUGIN_FUNC_ERROR;
+ #endif /* HAVE_PF */
+ 
+@@ -587,20 +590,10 @@ openvpn_plugin_func_v1(openvpn_plugin_ha
+ 			break;
+ 		/* New connection established */
+ 		case OPENVPN_PLUGIN_CLIENT_CONNECT:
+-			if (!remoteAddress) {
+-				[TRLog debug: "No remote address supplied to OpenVPN LDAP Plugin (OPENVPN_PLUGIN_CLIENT_CONNECT)."];
+-				ret = OPENVPN_PLUGIN_FUNC_ERROR;
+-			} else {
+-				ret = handle_client_connect_disconnect(ctx, ldap, ldapUser, remoteAddress, YES);
+-			}
++			ret = handle_client_connect_disconnect(ctx, ldap, ldapUser, remoteAddress, YES);
+ 			break;
+ 		case OPENVPN_PLUGIN_CLIENT_DISCONNECT:
+-			if (!remoteAddress) {
+-				[TRLog debug: "No remote address supplied to OpenVPN LDAP Plugin (OPENVPN_PLUGIN_CLIENT_DISCONNECT)."];
+-				ret = OPENVPN_PLUGIN_FUNC_ERROR;
+-			} else {
+-				ret = handle_client_connect_disconnect(ctx, ldap, ldapUser, remoteAddress, NO);
+-			}
++			ret = handle_client_connect_disconnect(ctx, ldap, ldapUser, remoteAddress, NO);
+ 			break;
+ 		default:
+ 			[TRLog debug: "Unhandled plugin type in OpenVPN LDAP Plugin (type=%d)", type];
diff -Nru openvpn-auth-ldap-2.0.3/debian/patches/series openvpn-auth-ldap-2.0.3/debian/patches/series
--- openvpn-auth-ldap-2.0.3/debian/patches/series	2012-06-05 07:31:33.000000000 -0400
+++ openvpn-auth-ldap-2.0.3/debian/patches/series	2012-11-12 04:43:28.000000000 -0500
@@ -1,2 +1,3 @@
 STARTTLS_before_auth.patch
 gobjc_4.7_runtime.patch
+openvpn_ldap_simpler_add_handler_4

Thanks,

A.

PS: maybe this could be considered for a squeeze update too?

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to fr_CA.UTF-8)
Shell: /bin/sh linked to /bin/dash

--- End Message ---
--- Begin Message --- 
On Wed, 2012-11-28 at 12:33 -0500, anarcat wrote:
> After running through the autobuilders, we have found a FTBFS error in
> the -4 package, so please:
> 
> unblock openvpn-auth-ldap/2.0.3-5
> 
> ... as that patch is actually the correct one. :(

Definitely? ;-)

Hint updated; thanks.

Regards,

Adam

--- End Message ---
Reply to: