[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#932448: marked as done (buster-pu: package dehydrated/0.6.2-2+deb10u1)



Your message dated Sat, 07 Sep 2019 14:34:49 +0100
with message-id <[🔎] f49e2985d8466065c49c03185c24465a32228fb5.camel@adam-barratt.org.uk>
and subject line Closing bugs for fixes including in 10.1 point release
has caused the Debian Bug report #932448,
regarding buster-pu: package dehydrated/0.6.2-2+deb10u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
932448: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932448
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
User: release.debian.org@packages.debian.org
Tags: buster
Usertags: pu

Dear SRM,

I'm seeking approval to do this update in buster.
The goal is fixing a set of bugs stemming from upcoming changes on the
Let's Encrypt API.
See:
https://github.com/lukas2511/dehydrated/pull/648
https://github.com/lukas2511/dehydrated/issues/650
https://github.com/lukas2511/dehydrated/issues/647
https://github.com/lukas2511/dehydrated/issues/652

The original fix caused a couple of regression, so it's splitted in 3
commits (→ 3 patch files).
The changes are already in bullseye.

Thank you for your attention.

-- 
regards,
                        Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540      .''`.
more about me:  https://mapreri.org                             : :'  :
Launchpad user: https://launchpad.net/~mapreri                  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-
diffstat for dehydrated-0.6.2 dehydrated-0.6.2

 changelog                                                               |    9 +
 gbp.conf                                                                |    2 
 patches/Fixes-559-when-HTTP-2-is-used-header-names-are-lower-case.patch |    2 
 patches/fixed-fetching-of-account-information-fixes-652-fixes-647.patch |   30 +++++
 patches/release-0.6.4-fixed-account-id-handling-again.patch             |   57 ++++++++++
 patches/release-0.6.5-fixed-apiv1-compatibility.patch                   |   45 +++++++
 patches/series                                                          |    3 
 7 files changed, 146 insertions(+), 2 deletions(-)

diff -Nru dehydrated-0.6.2/debian/changelog dehydrated-0.6.2/debian/changelog
--- dehydrated-0.6.2/debian/changelog	2019-03-11 16:25:53.000000000 +0100
+++ dehydrated-0.6.2/debian/changelog	2019-07-19 14:59:11.000000000 +0200
@@ -1,3 +1,12 @@
+dehydrated (0.6.2-2+deb10u1) buster; urgency=medium
+
+  * Add three more patches from upstream.
+    Fixing the following bug:
+     + Fixed fetching of account information.
+     + Followup fixes for account ID handling, and APIv1 compatibility.
+
+ -- Mattia Rizzolo <mattia@debian.org>  Fri, 19 Jul 2019 14:59:11 +0200
+
 dehydrated (0.6.2-2) unstable; urgency=medium
 
   * Add a number of patches from upstream.
diff -Nru dehydrated-0.6.2/debian/gbp.conf dehydrated-0.6.2/debian/gbp.conf
--- dehydrated-0.6.2/debian/gbp.conf	2018-05-08 12:08:48.000000000 +0200
+++ dehydrated-0.6.2/debian/gbp.conf	2019-07-19 14:58:48.000000000 +0200
@@ -1,6 +1,6 @@
 [DEFAULT]
 upstream-branch = upstream/master
-debian-branch = debian/master
+debian-branch = debian/buster
 upstream-tag = v%(version)s
 pristine-tar = True
 pristine-tar-commit = True
diff -Nru dehydrated-0.6.2/debian/patches/fixed-fetching-of-account-information-fixes-652-fixes-647.patch dehydrated-0.6.2/debian/patches/fixed-fetching-of-account-information-fixes-652-fixes-647.patch
--- dehydrated-0.6.2/debian/patches/fixed-fetching-of-account-information-fixes-652-fixes-647.patch	1970-01-01 01:00:00.000000000 +0100
+++ dehydrated-0.6.2/debian/patches/fixed-fetching-of-account-information-fixes-652-fixes-647.patch	2019-07-19 14:52:44.000000000 +0200
@@ -0,0 +1,30 @@
+From: Lukas Schauer <lukas@schauer.so>
+Date: Tue, 25 Jun 2019 12:19:20 +0200
+Subject: fixed fetching of account information (fixes #652, fixes #647,
+ fixes #650, closes #648)
+
+---
+ dehydrated | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/dehydrated b/dehydrated
+index 69057e7..a29910b 100755
+--- a/dehydrated
++++ b/dehydrated
+@@ -396,7 +396,16 @@ init_system() {
+ 
+   # Read account information or request from CA if missing
+   if [[ -e "${ACCOUNT_KEY_JSON}" ]]; then
++    if [[ -z "$(cat "${ACCOUNT_KEY_JSON}" | get_json_int_value id)" ]]; then
++      echo "+ Fetching account information..."
++      ACCOUNT_URL="$(signed_request "${CA_NEW_ACCOUNT}" '{"onlyReturnExisting": true}' 4>&1 | grep -i ^Location: | awk '{print $2}' | tr -d '\r\n')"
++      ACCOUNT_INFO="$(signed_request "${ACCOUNT_URL}" '{}')"
++      echo "${ACCOUNT_INFO}" > "${ACCOUNT_KEY_JSON}"
++    fi
+     ACCOUNT_ID="$(cat "${ACCOUNT_KEY_JSON}" | get_json_int_value id)"
++    if [[ -z "${ACCOUNT_ID}" ]]; then
++      _exiterr "Unknown error on fetching account information"
++    fi
+     if [[ ${API} -eq 1 ]]; then
+       ACCOUNT_URL="${CA_REG}/${ACCOUNT_ID}"
+     else
diff -Nru dehydrated-0.6.2/debian/patches/Fixes-559-when-HTTP-2-is-used-header-names-are-lower-case.patch dehydrated-0.6.2/debian/patches/Fixes-559-when-HTTP-2-is-used-header-names-are-lower-case.patch
--- dehydrated-0.6.2/debian/patches/Fixes-559-when-HTTP-2-is-used-header-names-are-lower-case.patch	2019-03-11 16:21:33.000000000 +0100
+++ dehydrated-0.6.2/debian/patches/Fixes-559-when-HTTP-2-is-used-header-names-are-lower-case.patch	2019-07-19 14:52:44.000000000 +0200
@@ -1,4 +1,4 @@
-From: Florent <>
+From: Florent <fake@mail>
 Date: Wed, 9 May 2018 19:29:21 +0200
 Subject: Fixes #559 : when HTTP/2 is used,
  header names are lower case. So adding ignore case option (-i) to grep's.
diff -Nru dehydrated-0.6.2/debian/patches/release-0.6.4-fixed-account-id-handling-again.patch dehydrated-0.6.2/debian/patches/release-0.6.4-fixed-account-id-handling-again.patch
--- dehydrated-0.6.2/debian/patches/release-0.6.4-fixed-account-id-handling-again.patch	1970-01-01 01:00:00.000000000 +0100
+++ dehydrated-0.6.2/debian/patches/release-0.6.4-fixed-account-id-handling-again.patch	2019-07-19 14:52:44.000000000 +0200
@@ -0,0 +1,57 @@
+From: Lukas Schauer <lukas@schauer.so>
+Date: Tue, 25 Jun 2019 15:28:09 +0200
+Subject: release 0.6.4 (fixed account id handling, again)
+
+---
+ dehydrated | 15 +++++++++------
+ 1 file changed, 9 insertions(+), 6 deletions(-)
+
+diff --git a/dehydrated b/dehydrated
+index a29910b..c066d27 100755
+--- a/dehydrated
++++ b/dehydrated
+@@ -243,6 +243,7 @@ load_config() {
+   [[ -f "${ACCOUNTDIR}/${CAHASH}/config" ]] && . "${ACCOUNTDIR}/${CAHASH}/config"
+   ACCOUNT_KEY="${ACCOUNTDIR}/${CAHASH}/account_key.pem"
+   ACCOUNT_KEY_JSON="${ACCOUNTDIR}/${CAHASH}/registration_info.json"
++  ACCOUNT_ID_JSON="${ACCOUNTDIR}/${CAHASH}/account_id.json"
+ 
+   if [[ -f "${BASEDIR}/private_key.pem" ]] && [[ ! -f "${ACCOUNT_KEY}" ]]; then
+     echo "! Moving private_key.pem to ${ACCOUNT_KEY}"
+@@ -328,6 +329,7 @@ init_system() {
+     echo "Using private key ${PARAM_ACCOUNT_KEY} instead of account key"
+     ACCOUNT_KEY="${PARAM_ACCOUNT_KEY}"
+     ACCOUNT_KEY_JSON="${PARAM_ACCOUNT_KEY}.json"
++    ACCOUNT_ID_JSON="${PARAM_ACCOUNT_KEY}_id.json"
+     [ "${COMMAND:-}" = "register" ] && register_new_key="yes"
+   else
+     # Check if private account key exists, if it doesn't exist yet generate a new one (rsa key)
+@@ -396,13 +398,14 @@ init_system() {
+ 
+   # Read account information or request from CA if missing
+   if [[ -e "${ACCOUNT_KEY_JSON}" ]]; then
+-    if [[ -z "$(cat "${ACCOUNT_KEY_JSON}" | get_json_int_value id)" ]]; then
+-      echo "+ Fetching account information..."
++    if [[ ! -e "${ACCOUNT_ID_JSON}" ]]; then
++      echo "+ Fetching account ID..."
+       ACCOUNT_URL="$(signed_request "${CA_NEW_ACCOUNT}" '{"onlyReturnExisting": true}' 4>&1 | grep -i ^Location: | awk '{print $2}' | tr -d '\r\n')"
+-      ACCOUNT_INFO="$(signed_request "${ACCOUNT_URL}" '{}')"
+-      echo "${ACCOUNT_INFO}" > "${ACCOUNT_KEY_JSON}"
++      ACCOUNT_ID="${ACCOUNT_URL##*/}"
++      echo '{"id": "'"${ACCOUNT_ID}"'"}' > "${ACCOUNT_ID_JSON}"
++    else
++      ACCOUNT_ID="$(cat "${ACCOUNT_ID_JSON}" | get_json_string_value id)"
+     fi
+-    ACCOUNT_ID="$(cat "${ACCOUNT_KEY_JSON}" | get_json_int_value id)"
+     if [[ -z "${ACCOUNT_ID}" ]]; then
+       _exiterr "Unknown error on fetching account information"
+     fi
+@@ -1525,7 +1528,7 @@ command_help() {
+ command_env() {
+   echo "# dehydrated configuration"
+   load_config
+-  typeset -p CA CERTDIR CHALLENGETYPE DOMAINS_D DOMAINS_TXT HOOK HOOK_CHAIN RENEW_DAYS ACCOUNT_KEY ACCOUNT_KEY_JSON KEYSIZE WELLKNOWN PRIVATE_KEY_RENEW OPENSSL_CNF CONTACT_EMAIL LOCKFILE
++  typeset -p CA CERTDIR CHALLENGETYPE DOMAINS_D DOMAINS_TXT HOOK HOOK_CHAIN RENEW_DAYS ACCOUNT_KEY ACCOUNT_KEY_JSON ACCOUNT_ID_JSON KEYSIZE WELLKNOWN PRIVATE_KEY_RENEW OPENSSL_CNF CONTACT_EMAIL LOCKFILE
+ }
+ 
+ # Main method (parses script arguments and calls command_* methods)
diff -Nru dehydrated-0.6.2/debian/patches/release-0.6.5-fixed-apiv1-compatibility.patch dehydrated-0.6.2/debian/patches/release-0.6.5-fixed-apiv1-compatibility.patch
--- dehydrated-0.6.2/debian/patches/release-0.6.5-fixed-apiv1-compatibility.patch	1970-01-01 01:00:00.000000000 +0100
+++ dehydrated-0.6.2/debian/patches/release-0.6.5-fixed-apiv1-compatibility.patch	2019-07-19 14:52:44.000000000 +0200
@@ -0,0 +1,45 @@
+From: Lukas Schauer <lukas@schauer.so>
+Date: Wed, 26 Jun 2019 12:29:39 +0200
+Subject: release 0.6.5 (fixed apiv1 compatibility...)
+
+---
+ dehydrated | 23 ++++++++++++-----------
+ 1 file changed, 12 insertions(+), 11 deletions(-)
+
+diff --git a/dehydrated b/dehydrated
+index c066d27..41c7fdf 100755
+--- a/dehydrated
++++ b/dehydrated
+@@ -398,20 +398,21 @@ init_system() {
+ 
+   # Read account information or request from CA if missing
+   if [[ -e "${ACCOUNT_KEY_JSON}" ]]; then
+-    if [[ ! -e "${ACCOUNT_ID_JSON}" ]]; then
+-      echo "+ Fetching account ID..."
+-      ACCOUNT_URL="$(signed_request "${CA_NEW_ACCOUNT}" '{"onlyReturnExisting": true}' 4>&1 | grep -i ^Location: | awk '{print $2}' | tr -d '\r\n')"
+-      ACCOUNT_ID="${ACCOUNT_URL##*/}"
+-      echo '{"id": "'"${ACCOUNT_ID}"'"}' > "${ACCOUNT_ID_JSON}"
+-    else
+-      ACCOUNT_ID="$(cat "${ACCOUNT_ID_JSON}" | get_json_string_value id)"
+-    fi
+-    if [[ -z "${ACCOUNT_ID}" ]]; then
+-      _exiterr "Unknown error on fetching account information"
+-    fi
+     if [[ ${API} -eq 1 ]]; then
++      ACCOUNT_ID="$(cat "${ACCOUNT_KEY_JSON}" | get_json_int_value id)"
+       ACCOUNT_URL="${CA_REG}/${ACCOUNT_ID}"
+     else
++      if [[ -e "${ACCOUNT_ID_JSON}" ]]; then
++        ACCOUNT_ID="$(cat "${ACCOUNT_ID_JSON}" | get_json_string_value id)"
++      else
++        echo "+ Fetching account ID..."
++        ACCOUNT_URL="$(signed_request "${CA_NEW_ACCOUNT}" '{"onlyReturnExisting": true}' 4>&1 | grep -i ^Location: | awk '{print $2}' | tr -d '\r\n')"
++        ACCOUNT_ID="${ACCOUNT_URL##*/}"
++        if [[ -z "${ACCOUNT_ID}" ]]; then
++          _exiterr "Unknown error on fetching account information"
++        fi
++        echo '{"id": "'"${ACCOUNT_ID}"'"}' > "${ACCOUNT_ID_JSON}"
++      fi
+       ACCOUNT_URL="${CA_ACCOUNT}/${ACCOUNT_ID}"
+     fi
+   else
diff -Nru dehydrated-0.6.2/debian/patches/series dehydrated-0.6.2/debian/patches/series
--- dehydrated-0.6.2/debian/patches/series	2019-03-11 16:21:33.000000000 +0100
+++ dehydrated-0.6.2/debian/patches/series	2019-07-19 14:52:44.000000000 +0200
@@ -4,3 +4,6 @@
 document-DOMAINS_D-parameter-in-example-config-fixes-575-.patch
 implement-POST-as-GET-closes-626.patch
 tiny-documentation-fix-per-certificate-config-can-overrid.patch
+fixed-fetching-of-account-information-fixes-652-fixes-647.patch
+release-0.6.4-fixed-account-id-handling-again.patch
+release-0.6.5-fixed-apiv1-compatibility.patch

Attachment: signature.asc
Description: PGP signature


--- End Message ---
--- Begin Message ---
Version: 10.1

Hi,

The fixes referenced by each of these bugs were included in today's
buster point release.

Regards,

Adam

--- End Message ---

Reply to: