Bug#703650: marked as done (unblock: resiprocate - added missing error message, more sane TLS config)

To: Jonathan Wiltshire <jmw@debian.org>
Subject: Bug#703650: marked as done (unblock: resiprocate - added missing error message, more sane TLS config)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sun, 24 Mar 2013 10:51:08 +0000
Message-id: <[🔎] handler.703650.D703650.136412218622691.ackdone@bugs.debian.org>
References: <20130324104935.GC5608@ernie.home.powdarrmonkey.net> <[🔎] 514B6FE4.7020504@pocock.com.au>

Your message dated Sun, 24 Mar 2013 10:49:35 +0000
with message-id <20130324104935.GC5608@ernie.home.powdarrmonkey.net>
and subject line Re: Bug#703650: unblock: resiprocate - added missing error message, more sane TLS config
has caused the Debian Bug report #703650,
regarding unblock: resiprocate - added missing error message, more sane TLS config
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
703650: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703650
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org
Subject: unblock: resiprocate - added missing error message, more sane TLS config
From: Daniel Pocock <daniel@pocock.com.au>
Date: Thu, 21 Mar 2013 21:39:00 +0100
Message-id: <[🔎] 514B6FE4.7020504@pocock.com.au>

Package: release.debian.org
Severity: normal

A user reported a problem with the default TLS config upstream, it is
fixed by this debdiff

diff -Nru resiprocate-1.8.5/debian/changelog resiprocate-1.8.5/debian/changelog
--- resiprocate-1.8.5/debian/changelog	2013-03-17 12:33:44.000000000 +0100
+++ resiprocate-1.8.5/debian/changelog	2013-03-21 20:31:23.000000000 +0100
@@ -1,3 +1,9 @@
+resiprocate (1.8.5-3) unstable; urgency=low
+
+  * log an error if TLS mappings file missing (Closes: #703644)
+
+ -- Daniel Pocock <daniel@pocock.com.au>  Thu, 21 Mar 2013 20:12:33 +0100
+
 resiprocate (1.8.5-2) unstable; urgency=low
 
   * Remove proxy-auth headers after validating them (Closes: #697341)
diff -Nru resiprocate-1.8.5/debian/conf/repro.config resiprocate-1.8.5/debian/conf/repro.config
--- resiprocate-1.8.5/debian/conf/repro.config	2012-08-08 15:13:05.000000000 +0200
+++ resiprocate-1.8.5/debian/conf/repro.config	2013-03-21 20:10:58.000000000 +0100
@@ -429,6 +429,9 @@
 # the holder of a particular certificate to use any of the `mapped'
 # `From:' addresses specified in the mappings file
 #
+# Default: there is no default value: if this filename is not specified,
+#          repro will not look for it
+#
 # File format:
 # common name<TAB><mapping>,<mapping>,...
 #
@@ -436,7 +439,7 @@
 #        <TAB> is exactly one tab
 #        <mapping> is `user@domain' or just `domain'
 #
-CommonNameMappings = /etc/repro/tlsUserMappings.txt
+#CommonNameMappings = /etc/repro/tlsUserMappings.txt
 
 
 ########################################################
diff -Nru resiprocate-1.8.5/debian/patches/0003-log-an-error-if-TLS-mappings-file-missing.patch resiprocate-1.8.5/debian/patches/0003-log-an-error-if-TLS-mappings-file-missing.patch
--- resiprocate-1.8.5/debian/patches/0003-log-an-error-if-TLS-mappings-file-missing.patch	1970-01-01 01:00:00.000000000 +0100
+++ resiprocate-1.8.5/debian/patches/0003-log-an-error-if-TLS-mappings-file-missing.patch	2013-03-21 20:11:27.000000000 +0100
@@ -0,0 +1,20 @@
+From: Daniel Pocock <daniel@pocock.com.au>
+Date: Thu, 21 Mar 2013 20:09:05 +0100
+Subject: log an error if TLS mappings file missing
+
+---
+ repro/ReproRunner.cxx |    1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/repro/ReproRunner.cxx b/repro/ReproRunner.cxx
+index 8aaa7c3..9a77e6e 100644
+--- a/repro/ReproRunner.cxx
++++ b/repro/ReproRunner.cxx
+@@ -1248,6 +1248,7 @@ ReproRunner::loadCommonNameMappings()
+    ifstream mappingsFile(mappingsFileName.c_str());
+    if(!mappingsFile)
+    {
++      ErrLog(<< "failed to open mappings file: " << mappingsFileName << ", aborting");
+       throw std::runtime_error("Error opening/reading mappings file");
+    }
+ 
diff -Nru resiprocate-1.8.5/debian/patches/series resiprocate-1.8.5/debian/patches/series
--- resiprocate-1.8.5/debian/patches/series	2013-03-17 12:28:37.000000000 +0100
+++ resiprocate-1.8.5/debian/patches/series	2013-03-21 20:11:27.000000000 +0100
@@ -1,2 +1,3 @@
 0001-remove-Proxy-Authorization-headers-for-successful-Di.patch
 0002-discard-repeated-requests-received-over-reliable-tra.patch
+0003-log-an-error-if-TLS-mappings-file-missing.patch

--- End Message ---

--- Begin Message ---

To: Daniel Pocock <daniel@pocock.com.au>, 703650-done@bugs.debian.org
Subject: Re: Bug#703650: unblock: resiprocate - added missing error message, more sane TLS config
From: Jonathan Wiltshire <jmw@debian.org>
Date: Sun, 24 Mar 2013 10:49:35 +0000
Message-id: <20130324104935.GC5608@ernie.home.powdarrmonkey.net>
In-reply-to: <[🔎] 514B86D0.4050200@pocock.com.au>
References: <[🔎] 514B6FE4.7020504@pocock.com.au> <[🔎] 20130321210728.GW4854@ernie.home.powdarrmonkey.net> <[🔎] 514B86D0.4050200@pocock.com.au>

On Thu, Mar 21, 2013 at 11:16:48PM +0100, Daniel Pocock wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> 
> 
> On 21/03/13 22:07, Jonathan Wiltshire wrote:
> > Control: tag -1 + moreinfo
> > 
> > On Thu, Mar 21, 2013 at 09:39:00PM +0100, Daniel Pocock wrote:
> >> Package: release.debian.org Severity: normal
> >> 
> >> A user reported a problem with the default TLS config upstream,
> >> it is fixed by this debdiff
> > 
> > In accordance with the tightening freeze policy, we are no longer
> > accepting fixes for bugs of severity 'important' without a very
> > good reason.
> > 
> 
> This was found by a user following the popular RTCquickstart.org
> instructions (which are aimed at Debian users):
> http://list.resiprocate.org/archive/repro-users/msg00455.html
> 
> and every other user following that guide is likely to encounter the
> same bug.
> 
> Any user who enables TLS will find repro refuses to start and has to
> turn on debugging to find out why, but even then it doesn't give them
> an error, just a clue in the last line of log output.
> 
> The fix itself is very trivial (1 line of code to log a helpful error,
> and 1 line to make the default config valid)

Well, you leave us with very little choice since you could not wait for the
unblocked -2 of resiprocate to reach testing before uploading this fix in
-3. It's therefore now blocking an RC fix and I don't appreciate being held
hostage in this way.

Unblocked, but if you really thought it worth a freeze exception you should
have made it RC (if you considered it so) or waited until the path was
clear before uploading.

-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

<directhex> i have six years of solaris sysadmin experience, from
            8->10. i am well qualified to say it is made from bonghits
			layered on top of bonghits

Attachment: signature.asc
Description: Digital signature

--- End Message ---

Reply to:

References:
- Bug#703650: unblock: resiprocate - added missing error message, more sane TLS config
  - From: Daniel Pocock <daniel@pocock.com.au>

Prev by Date: Bug#702911: unblock: almanah/0.9.1-1
Next by Date: Bug#703801: tpu: gunicorn/0.14.5-3+deb7u1
Previous by thread: Processed: Re: Bug#703650: unblock: resiprocate - added missing error message, more sane TLS config
Next by thread: Bug#690461: marked as done (RM: freecad/0.12.5284-dfsg-7)
Index(es):
- Date
- Thread