Bug#1001503: marked as done (ITP: tlswrapper -- TLS encryption wrapper)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Sun, 15 Jan 2023 10:00:15 +0000
with message-id <E1pGzoF-009MNM-L5@fasolo.debian.org>
and subject line Bug#1001503: fixed in tlswrapper 0~20221229-1
has caused the Debian Bug report #1001503,
regarding ITP: tlswrapper -- TLS encryption wrapper
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1001503: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001503
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: ITP: tlswrapper -- TLS encryption wrapper
• From: Jan Mojzis <jan.mojzis@gmail.com>
• Date: Sat, 11 Dec 2021 09:17:04 +0100
• Message-id: <029686D9-E1BD-4973-9797-8F3638D07A1E@gmail.com>

Package: wnpp
Severity: wishlist
Owner: Jan Mojzis <jan.mojzis@gmail.com>

* Package name    : tlswrapper
  Version         : 20211210
  Upstream Author : Name <jan.mojzis@gmail.com>
* URL             : https://github.com/janmojzis/tlswrapper
* License         : public-domain
  Programming Lang: C
  Description     : TLS encryption wrapper

The tlswrapper is an TLS encryption wrapper between remote client and
local program prog.
.
Internet <--> tcpserver/inetd/systemd.socket/... <--> tlswrapper <--> prog
.
Separate process for every connection
.
The tlswrapper is executed from systemd.socket/inetd/tcpserver/... which
runs separate instance of tlswrapper for each TLS connection.
It ensures that a vulnerability in the code (e.g. bug in the TLS library)
can't be used to compromise the memory of another connection.
.
Separate process for network connection and for secret-key operation
.
To protect against secret-information leaks to the network connection
(such Heartbleed) tlswrapper runs two independent processes for every
TLS connection. One process holds secret-keys and runs secret-keys operations
and second talks to the network. Processes communicate with each other through
unix pipes.
.
Privilege separation, filesystem isolation, limits
.
The tlswrapper processes run  under dedicated non-zero uid to prohibit kill,
ptrace, etc. Is chrooted into an empty, unwritable directory to prohibit
filesystem access. Sets ulimits to prohibit new files, sockets, etc.
Sets ulimits to prohibit forks.
.
TLS library
.
The tlswrapper is using BearSSL library which implements only secure
versions of TLS protocol (TLS1.0 - TLS1.2). And implements safe and
constant-time algorithms.

I'm using this software and I'm going to maintain using https://salsa.debian.org/
Currently is the Debian package maintained here https://salsa.debian.org/janmojzis/tlswrapper,
I would need to create a https://salsa.debian.org/debian/tlswrapper repository before uploading.
I need sponsor.

--- End Message ---

--- Begin Message ---

• To: 1001503-close@bugs.debian.org
• Subject: Bug#1001503: fixed in tlswrapper 0~20221229-1
• From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
• Date: Sun, 15 Jan 2023 10:00:15 +0000
• Message-id: <E1pGzoF-009MNM-L5@fasolo.debian.org>
• Reply-to: Jan Mojžíš <jan.mojzis@gmail.com>

Source: tlswrapper
Source-Version: 0~20221229-1
Done: Jan Mojžíš <jan.mojzis@gmail.com>

We believe that the bug you reported is fixed in the latest version of
tlswrapper, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1001503@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jan Mojžíš <jan.mojzis@gmail.com> (supplier of updated tlswrapper package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 29 Dec 2022 18:46:43 +0100
Source: tlswrapper
Binary: tlswrapper tlswrapper-dbgsym
Architecture: source amd64
Version: 0~20221229-1
Distribution: unstable
Urgency: medium
Maintainer: Jan Mojžíš <jan.mojzis@gmail.com>
Changed-By: Jan Mojžíš <jan.mojzis@gmail.com>
Description:
 tlswrapper - TLS encryption wrapper
Closes: 1001503
Changes:
 tlswrapper (0~20221229-1) unstable; urgency=medium
 .
   * Initial release. (Closes: #1001503)
Checksums-Sha1:
 8f385a1a48318a15e18b6780e1e2634032d122b2 2339 tlswrapper_0~20221229-1.dsc
 80527c2fb38b3f6ef03ef5468ef829b790bbb81d 251573 tlswrapper_0~20221229.orig.tar.gz
 e26f0de6d242e7d8cb69fab4cf428ae89c3b6dda 833 tlswrapper_0~20221229.orig.tar.gz.asc
 a370cf8ae0338e0b896d4f355deb442b6c5553ea 13456 tlswrapper_0~20221229-1.debian.tar.xz
 5f0a4e483d60839bb8511975b7071ac7a5aaca99 120092 tlswrapper-dbgsym_0~20221229-1_amd64.deb
 c9433ac282878321bcbabef502f9e80ec33ef033 6808 tlswrapper_0~20221229-1_amd64.buildinfo
 21cbc2aba3d447d91c4a3151aaf0820164f489c3 56420 tlswrapper_0~20221229-1_amd64.deb
Checksums-Sha256:
 9d07baf04e5e85484be3c1ab580de6aecf54b7e4b61d5554f9c2d66c6611387f 2339 tlswrapper_0~20221229-1.dsc
 dcf0f47fdba79e9424edc668232c780ed223038e1446692538a2b292fd9e9411 251573 tlswrapper_0~20221229.orig.tar.gz
 872481184cc9d074c410027d8114d8a576d09e3a8bd5b33e7d06e13fd12d418b 833 tlswrapper_0~20221229.orig.tar.gz.asc
 8dad919f7c64fc92b2f2c96b93865aeefe0e962a78433c08f3ba4cf742c0c070 13456 tlswrapper_0~20221229-1.debian.tar.xz
 93471dda9870be96fb8e6e504cab1206503d82f657dabce22c5f4f93f41cfe5c 120092 tlswrapper-dbgsym_0~20221229-1_amd64.deb
 003febb3e73d0846733c2c0ed7e47afbda3942b867888986ac3fa455f1b93dd7 6808 tlswrapper_0~20221229-1_amd64.buildinfo
 3fb55b51c4b85222cdd184c665a5b9e51aff4a26c487eb196e82dae055576d64 56420 tlswrapper_0~20221229-1_amd64.deb
Files:
 3862962fa895f7eddb23450f0076ba5b 2339 net optional tlswrapper_0~20221229-1.dsc
 e4307a548c49a4132600feb3f3e6d7d8 251573 net optional tlswrapper_0~20221229.orig.tar.gz
 3598108e5f05e0dea9777b32b8bff7d5 833 net optional tlswrapper_0~20221229.orig.tar.gz.asc
 5fd3fe9424495d107e7a1b50ab369c01 13456 net optional tlswrapper_0~20221229-1.debian.tar.xz
 f742fd8976dc22f57856594f40d426d4 120092 debug optional tlswrapper-dbgsym_0~20221229-1_amd64.deb
 745369ccbd5598b9b422e2aa774bb94e 6808 net optional tlswrapper_0~20221229-1_amd64.buildinfo
 e2853a8a5ab47c72f480fe0b23354c3c 56420 net optional tlswrapper_0~20221229-1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEEA8Tnq7iA9SQwbkgVZhHAXt0583QFAmOt2mISHGthcG91ZXJA
bWVsaXgub3JnAAoJEGYRwF7dOfN0OGAQAJibbIip/PIwRBbDyrDWI5bJY5wwqWEf
FZRW5wFfnAmDrLWrxkOHdkycNoTWlLci6MdtY3YDXVDcvWqMJ1f9NRAEzG28bZD0
QgY6AuTXE03viP05tAg4Fy6AzoYhU/kZOpALf2Yrz18cL+gQ/2b0/a+xmt3lEGKw
cE42vc8QfQ7AgeqipK4emBVFNhMxN7fG7EBNHnfumUP4OUn+xOwOwPmZ1Re6L0cx
WJKZaUI3IigcR6IuhJC/N6WVwDFZmYP5ypvlMcATaM0VJvu/7F+t5etaytvxGweD
UjF1gnTMsBbfO3FU5AD6ErOyqfr3zC34GjFEq9+yHPymtoyk+k9wcjRPj/qyQr43
GnxlRFCYk0qBfGoKTMtMEpUCWD4evvZH/PLur2PjF0/FGcp7ZhX2OH/v09MYfIqP
qIEG+sqyeNT/7j7tSe+x6Ho6+vURQ+XY033qRRK3OfuXGhbQqgopjrZ4WwHHU4v0
cL83LWLdKjtLMQirr4Cko27/dZKCYvG9Pyj94VWb8LTiHK+i8xGEQb3H51ixRWHn
nXQK+KFkX/PDtAg9LJ4qbza1EcXpPzo3SZRdynpIYZDwwY/ZSjmDa1lmnwvQ4h/r
yEfVZ27WDWwFkpJzQXlNtwzGDyyiuxFvxY8SH4rUElRmNFTVwBUmkHeJNgI7dnxG
M3TaF6EMkZOI
=6uaW
-----END PGP SIGNATURE-----

--- End Message ---