Bug#851776: marked as done ([www.debian.org] submit_vendor.pl fails when checking URLs with HTTPS (e.g. LetsEncrypt Certs))

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Sat, 20 May 2017 10:57:31 +0200
with message-id <ce33f82a-58d6-50a2-6a5b-59c5b9ee82d9@debian.org>
and subject line submit_vendor.pl fails when checking URLs with HTTPS (e.g. LetsEncrypt Certs)
has caused the Debian Bug report #851776,
regarding [www.debian.org] submit_vendor.pl fails when checking URLs with HTTPS (e.g. LetsEncrypt Certs)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
851776: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851776
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: submit@bugs.debian.org
• Cc: anoe@debian.org, cdvendors@debian.org
• Subject: [www.debian.org] submit_vendor.pl fails when checking URLs with HTTPS (e.g. LetsEncrypt Certs)
• From: Laura Arjona Reina <larjona@debian.org>
• Date: Wed, 18 Jan 2017 18:05:55 +0100
• Message-id: <62d1d0c8-0926-003a-0d72-fc9655568748@debian.org>
• Reply-to: larjona@debian.org

Package: www.debian.org
Severity: normal
User: debian-www@lists.debian.org
Usertags: cgi.debian.org



Alexander Delanoe reported (in
https://lists.debian.org/debian-www/2017/01/msg00080.html )that submit
CD vendors using the form in the website fails for certain HTTPS URL.

The script fails with:

The following entries were submitted:
Submission-Type: new
Vendor: Test vendor
URL: https://france.debian.net
The specified web site (https://france.debian.net) cannot be accessed.
The error message returned was: 500 Can't connect to
france.debian.net:443 (certificate verify failed)
If you don't understand this error message, please contact us.
Entry not submitted!

Paul Wise pointed me to https://wiki.debian.org/ServicesSSL which
explains that the machines administered by DSA have a custom setup for
SSL verification, and shows a workaround for scripts using Perl.

I'm submitting also a patch for the submit_cdvendor.pl

I've mad a small script (attached) to test the relevant code, and it
seems to work as intended.

I'm not sure how to handle this bug. My understanding:

* Wait some days for other people to review, and then commit the patch
into git.debian.org/git/debwww/cgi.git

* After that, add the following tags:

User: debian-admin@lists.debian.org
Usertags: needed-by-DSA-Team ssl

And forward to DSA for deployment, I guess, but how? Creating an RT
ticket and pointing to this bug? or are the usertags enough?

* When the website is fixed, I'll edit
https://wiki.debian.org/ServicesSSL to add the script in the "users"
section.

Please correct me if there is a better way.

Thanks
-- 
Laura Arjona Reina
https://wiki.debian.org/LauraArjona

--- End Message ---

--- Begin Message ---

• To: 851776-done@bugs.debian.org
• Subject: submit_vendor.pl fails when checking URLs with HTTPS (e.g. LetsEncrypt Certs)
• From: Laura Arjona Reina <larjona@debian.org>
• Date: Sat, 20 May 2017 10:57:31 +0200
• Message-id: <ce33f82a-58d6-50a2-6a5b-59c5b9ee82d9@debian.org>
• Reply-to: larjona@debian.org

It's working now.
Closing this bug report.
Cheers
-- 
Laura Arjona Reina
https://wiki.debian.org/LauraArjona

--- End Message ---