Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package yast2-registration for
openSUSE:Factory checked in at 2022-05-09 18:43:36
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/yast2-registration (Old)
and /work/SRC/openSUSE:Factory/.yast2-registration.new.1538 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-registration"
Mon May 9 18:43:36 2022 rev:89 rq:975338 version:4.5.3
Changes:
--------
--- /work/SRC/openSUSE:Factory/yast2-registration/yast2-registration.changes
2022-04-23 19:45:24.546943579 +0200
+++
/work/SRC/openSUSE:Factory/.yast2-registration.new.1538/yast2-registration.changes
2022-05-09 18:43:51.204189876 +0200
@@ -1,0 +2,14 @@
+Fri May 6 07:14:08 UTC 2022 - Ladislav Slez??k <lsle...@suse.cz>
+
+- Import the SSL certificate from the <reg_server_cert> AutoYaST
+ data also in the self-update step (bsc#1199091)
+- 4.5.3
+
+-------------------------------------------------------------------
+Thu May 5 06:04:55 UTC 2022 - Ladislav Slez??k <lsle...@suse.cz>
+
+- Fixed importing SSL certificates (bsc#1195220)
+ (by jacek.tomas...@gmail.com)
+- 4.5.2
+
+-------------------------------------------------------------------
Old:
----
yast2-registration-4.5.1.tar.bz2
New:
----
yast2-registration-4.5.3.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ yast2-registration.spec ++++++
--- /var/tmp/diff_new_pack.ySzLbH/_old 2022-05-09 18:43:51.928190725 +0200
+++ /var/tmp/diff_new_pack.ySzLbH/_new 2022-05-09 18:43:51.932190730 +0200
@@ -17,7 +17,7 @@
Name: yast2-registration
-Version: 4.5.1
+Version: 4.5.3
Release: 0
Summary: YaST2 - Registration Module
License: GPL-2.0-only
++++++ yast2-registration-4.5.1.tar.bz2 -> yast2-registration-4.5.3.tar.bz2
++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-registration-4.5.1/package/yast2-registration.changes
new/yast2-registration-4.5.3/package/yast2-registration.changes
--- old/yast2-registration-4.5.1/package/yast2-registration.changes
2022-04-22 16:07:22.000000000 +0200
+++ new/yast2-registration-4.5.3/package/yast2-registration.changes
2022-05-06 09:47:44.000000000 +0200
@@ -1,4 +1,18 @@
-------------------------------------------------------------------
+Fri May 6 07:14:08 UTC 2022 - Ladislav Slez??k <lsle...@suse.cz>
+
+- Import the SSL certificate from the <reg_server_cert> AutoYaST
+ data also in the self-update step (bsc#1199091)
+- 4.5.3
+
+-------------------------------------------------------------------
+Thu May 5 06:04:55 UTC 2022 - Ladislav Slez??k <lsle...@suse.cz>
+
+- Fixed importing SSL certificates (bsc#1195220)
+ (by jacek.tomas...@gmail.com)
+- 4.5.2
+
+-------------------------------------------------------------------
Fri Apr 22 10:32:15 UTC 2022 - Ladislav Slez??k <lsle...@suse.cz>
- Reload the SUSEConnect cache after importing a SSL certificate
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-registration-4.5.1/package/yast2-registration.spec
new/yast2-registration-4.5.3/package/yast2-registration.spec
--- old/yast2-registration-4.5.1/package/yast2-registration.spec
2022-04-22 16:07:22.000000000 +0200
+++ new/yast2-registration-4.5.3/package/yast2-registration.spec
2022-05-06 09:47:44.000000000 +0200
@@ -17,7 +17,7 @@
Name: yast2-registration
-Version: 4.5.1
+Version: 4.5.3
Release: 0
Summary: YaST2 - Registration Module
License: GPL-2.0-only
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-registration-4.5.1/src/lib/registration/connect_helpers.rb
new/yast2-registration-4.5.3/src/lib/registration/connect_helpers.rb
--- old/yast2-registration-4.5.1/src/lib/registration/connect_helpers.rb
2022-04-22 16:07:22.000000000 +0200
+++ new/yast2-registration-4.5.3/src/lib/registration/connect_helpers.rb
2022-05-06 09:47:44.000000000 +0200
@@ -228,6 +228,18 @@
Yast::Report.Error(_("Received SSL Certificate does not match " \
"the expected certificate."))
end
+ elsif Yast::Mode.autoinst && Storage::Config.instance.reg_server_cert &&
+ !Storage::Config.instance.reg_server_cert.empty?
+
+ # try just once to avoid endless loop
+ if !certificate_imported
+ cert_url = Storage::Config.instance.reg_server_cert
+ log.info "Importing certificate from #{cert_url}..."
+ cert = SslCertificate.download(cert_url)
+ return true if cert.import
+ end
+
+ report_ssl_error(error.message, cert, error_code)
else
report_ssl_error(error.message, cert, error_code)
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-registration-4.5.1/src/lib/registration/ssl_certificate.rb
new/yast2-registration-4.5.3/src/lib/registration/ssl_certificate.rb
--- old/yast2-registration-4.5.1/src/lib/registration/ssl_certificate.rb
2022-04-22 16:07:22.000000000 +0200
+++ new/yast2-registration-4.5.3/src/lib/registration/ssl_certificate.rb
2022-05-06 09:47:44.000000000 +0200
@@ -83,26 +83,32 @@
# @see CA_CERTS_DIR
# @see TMP_CA_CERTS_DIR
def self.update_instsys_ca
- # Update database
- Yast::Execute.locally("trust", "extract", "--format=openssl-directory",
"--filter=ca-anchors",
- "--overwrite", TMP_CA_CERTS_DIR)
+ FileUtils.mkdir_p(TMP_CA_CERTS_DIR)
+ # Extract system certs in openssl and pem formats
+ Yast::Execute.locally("trust", "extract", "--format=openssl-directory",
+ "--filter=ca-anchors", "--overwrite", File.join(TMP_CA_CERTS_DIR,
"openssl"))
+ Yast::Execute.locally("trust", "extract", "--format=pem-directory-hash",
+ "--filter=ca-anchors", "--overwrite", File.join(TMP_CA_CERTS_DIR,
"pem"))
# Copy certificates/links
- files = Dir[File.join(TMP_CA_CERTS_DIR, "*")]
- return false if files.empty?
- targets = ["pem", "openssl"].map { |d| File.join(CA_CERTS_DIR, d) }
- new_files = targets.each_with_object([]) do |subdir, memo|
+ new_files = []
+ ["pem", "openssl"].each do |subdir|
+ files = Dir[File.join(TMP_CA_CERTS_DIR, subdir, "*")]
+ next if files.empty?
+ subdir = File.join(CA_CERTS_DIR, subdir)
FileUtils.mkdir_p(subdir) unless Dir.exist?(subdir)
files.each do |file|
# FileUtils.cp does not seem to allow copying the links without
dereferencing them.
Yast::Execute.locally("cp", "--no-dereference", "--preserve=links",
file, subdir)
- memo << File.join(subdir, File.basename(file))
+ new_files << File.join(subdir, File.basename(file))
end
end
# Cleanup
FileUtils.rm_rf(TMP_CA_CERTS_DIR)
+ return false if new_files.empty?
+
# Reload SUSEConnect internal cert pool (suseconnect-ng only)
SUSE::Connect::SSLCertificate.reload if
SUSE::Connect::SSLCertificate.respond_to?(:reload)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-registration-4.5.1/test/fixtures/anchors/YaST_Team.pem
new/yast2-registration-4.5.3/test/fixtures/anchors/YaST_Team.pem
--- old/yast2-registration-4.5.1/test/fixtures/anchors/YaST_Team.pem
2022-04-22 16:07:22.000000000 +0200
+++ new/yast2-registration-4.5.3/test/fixtures/anchors/YaST_Team.pem
1970-01-01 01:00:00.000000000 +0100
@@ -1,23 +0,0 @@
------BEGIN TRUSTED CERTIFICATE-----
-MIIDvzCCAqegAwIBAgIJAJNA85YnEsdeMA0GCSqGSIb3DQEBBQUAMHYxCzAJBgNV
-BAYTAkVTMRMwEQYDVQQIDApMYXMgUGFsbWFzMSMwIQYDVQQHDBpMYXMgUGFsbWFz
-IGRlIEdyYW4gQ2FuYXJpYTEZMBcGA1UECgwQU1VTRSBMSU5VWCwgR21iSDESMBAG
-A1UECwwJWWFTVCBUZWFtMB4XDTE2MDcyOTA3NDIyNloXDTE2MDgyODA3NDIyNlow
-djELMAkGA1UEBhMCRVMxEzARBgNVBAgMCkxhcyBQYWxtYXMxIzAhBgNVBAcMGkxh
-cyBQYWxtYXMgZGUgR3JhbiBDYW5hcmlhMRkwFwYDVQQKDBBTVVNFIExJTlVYLCBH
-bWJIMRIwEAYDVQQLDAlZYVNUIFRlYW0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQC/1CmF0hSYw6lQhmR26fT4iW5mOueoRHkuCOqp5zFCB3b0/8kgNUQm
-/BXBrrBgYML9CvRXXNFsUj7BQuEE78eJBvcLnQdpoJZOjcZa5QC/cmzRbouDvfaV
-dIJGBhvG1QlExnmXf2eHArtwq3xIkjAUUuhiL2uhOsH5TV0USHrJK5mhcdHB1ZsF
-USW9joptWUC1LtcSt95X2B1PUn3UnSKVeU4V16w3Z/TRGjUxBl6iXnDVMNVXCMFN
-MTRMDnY1BYv++XXy9jhxXgX5wqQ99sRx3b6LSXeNAF1ek/6nuHyfj5qXhPigE7TX
-2nnVGQP9ZoDzfdQSU57TwamG/LdU5L6vAgMBAAGjUDBOMB0GA1UdDgQWBBRrNGbo
-10cn76hsFWokfWxEFvXWLTAfBgNVHSMEGDAWgBRrNGbo10cn76hsFWokfWxEFvXW
-LTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAGIGnaWbrIWdNvxZWI
-Gc/knvytBB7zwhk7zyijQMKiZY4LRqv/B4B1BSWmoYs/VBWYULLzMRcX1QttOVpr
-6zP/SdxSFmRTa8ZhrHWOfxHVS1Jp9IWe9s5xmt5tr34L+i2mGd6wTwUmaWZFqICO
-N6mhaOvpeMZEowdQWsoqklbXJrQ1COHm0ogpcODWDKwr2plJa29FMwecZEmfaZeX
-X6yUCim0ASV9Eh7rQi6iNLFyGnqAXtRnm83Sf/xKinIjHUFXvjjRvZS1wOSElSYS
-WjG2xs4u+6+lrCJ1H5ZgII8EFfxPf53e1f8zl058RVvAMA+SGYjN0fhl3KBcIJqu
-62cNMAsMCVlhU1QgVGVhbQ==
------END TRUSTED CERTIFICATE-----
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-registration-4.5.1/test/fixtures/anchors/openssl/YaST_Team.pem
new/yast2-registration-4.5.3/test/fixtures/anchors/openssl/YaST_Team.pem
--- old/yast2-registration-4.5.1/test/fixtures/anchors/openssl/YaST_Team.pem
1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-registration-4.5.3/test/fixtures/anchors/openssl/YaST_Team.pem
2022-05-06 09:47:44.000000000 +0200
@@ -0,0 +1,23 @@
+-----BEGIN TRUSTED CERTIFICATE-----
+MIIDvzCCAqegAwIBAgIJAJNA85YnEsdeMA0GCSqGSIb3DQEBBQUAMHYxCzAJBgNV
+BAYTAkVTMRMwEQYDVQQIDApMYXMgUGFsbWFzMSMwIQYDVQQHDBpMYXMgUGFsbWFz
+IGRlIEdyYW4gQ2FuYXJpYTEZMBcGA1UECgwQU1VTRSBMSU5VWCwgR21iSDESMBAG
+A1UECwwJWWFTVCBUZWFtMB4XDTE2MDcyOTA3NDIyNloXDTE2MDgyODA3NDIyNlow
+djELMAkGA1UEBhMCRVMxEzARBgNVBAgMCkxhcyBQYWxtYXMxIzAhBgNVBAcMGkxh
+cyBQYWxtYXMgZGUgR3JhbiBDYW5hcmlhMRkwFwYDVQQKDBBTVVNFIExJTlVYLCBH
+bWJIMRIwEAYDVQQLDAlZYVNUIFRlYW0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQC/1CmF0hSYw6lQhmR26fT4iW5mOueoRHkuCOqp5zFCB3b0/8kgNUQm
+/BXBrrBgYML9CvRXXNFsUj7BQuEE78eJBvcLnQdpoJZOjcZa5QC/cmzRbouDvfaV
+dIJGBhvG1QlExnmXf2eHArtwq3xIkjAUUuhiL2uhOsH5TV0USHrJK5mhcdHB1ZsF
+USW9joptWUC1LtcSt95X2B1PUn3UnSKVeU4V16w3Z/TRGjUxBl6iXnDVMNVXCMFN
+MTRMDnY1BYv++XXy9jhxXgX5wqQ99sRx3b6LSXeNAF1ek/6nuHyfj5qXhPigE7TX
+2nnVGQP9ZoDzfdQSU57TwamG/LdU5L6vAgMBAAGjUDBOMB0GA1UdDgQWBBRrNGbo
+10cn76hsFWokfWxEFvXWLTAfBgNVHSMEGDAWgBRrNGbo10cn76hsFWokfWxEFvXW
+LTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAGIGnaWbrIWdNvxZWI
+Gc/knvytBB7zwhk7zyijQMKiZY4LRqv/B4B1BSWmoYs/VBWYULLzMRcX1QttOVpr
+6zP/SdxSFmRTa8ZhrHWOfxHVS1Jp9IWe9s5xmt5tr34L+i2mGd6wTwUmaWZFqICO
+N6mhaOvpeMZEowdQWsoqklbXJrQ1COHm0ogpcODWDKwr2plJa29FMwecZEmfaZeX
+X6yUCim0ASV9Eh7rQi6iNLFyGnqAXtRnm83Sf/xKinIjHUFXvjjRvZS1wOSElSYS
+WjG2xs4u+6+lrCJ1H5ZgII8EFfxPf53e1f8zl058RVvAMA+SGYjN0fhl3KBcIJqu
+62cNMAsMCVlhU1QgVGVhbQ==
+-----END TRUSTED CERTIFICATE-----
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-registration-4.5.1/test/fixtures/anchors/pem/YaST_Team.pem
new/yast2-registration-4.5.3/test/fixtures/anchors/pem/YaST_Team.pem
--- old/yast2-registration-4.5.1/test/fixtures/anchors/pem/YaST_Team.pem
1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-registration-4.5.3/test/fixtures/anchors/pem/YaST_Team.pem
2022-05-06 09:47:44.000000000 +0200
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDvzCCAqegAwIBAgIJAJNA85YnEsdeMA0GCSqGSIb3DQEBBQUAMHYxCzAJBgNV
+BAYTAkVTMRMwEQYDVQQIDApMYXMgUGFsbWFzMSMwIQYDVQQHDBpMYXMgUGFsbWFz
+IGRlIEdyYW4gQ2FuYXJpYTEZMBcGA1UECgwQU1VTRSBMSU5VWCwgR21iSDESMBAG
+A1UECwwJWWFTVCBUZWFtMB4XDTE2MDcyOTA3NDIyNloXDTE2MDgyODA3NDIyNlow
+djELMAkGA1UEBhMCRVMxEzARBgNVBAgMCkxhcyBQYWxtYXMxIzAhBgNVBAcMGkxh
+cyBQYWxtYXMgZGUgR3JhbiBDYW5hcmlhMRkwFwYDVQQKDBBTVVNFIExJTlVYLCBH
+bWJIMRIwEAYDVQQLDAlZYVNUIFRlYW0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQC/1CmF0hSYw6lQhmR26fT4iW5mOueoRHkuCOqp5zFCB3b0/8kgNUQm
+/BXBrrBgYML9CvRXXNFsUj7BQuEE78eJBvcLnQdpoJZOjcZa5QC/cmzRbouDvfaV
+dIJGBhvG1QlExnmXf2eHArtwq3xIkjAUUuhiL2uhOsH5TV0USHrJK5mhcdHB1ZsF
+USW9joptWUC1LtcSt95X2B1PUn3UnSKVeU4V16w3Z/TRGjUxBl6iXnDVMNVXCMFN
+MTRMDnY1BYv++XXy9jhxXgX5wqQ99sRx3b6LSXeNAF1ek/6nuHyfj5qXhPigE7TX
+2nnVGQP9ZoDzfdQSU57TwamG/LdU5L6vAgMBAAGjUDBOMB0GA1UdDgQWBBRrNGbo
+10cn76hsFWokfWxEFvXWLTAfBgNVHSMEGDAWgBRrNGbo10cn76hsFWokfWxEFvXW
+LTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAGIGnaWbrIWdNvxZWI
+Gc/knvytBB7zwhk7zyijQMKiZY4LRqv/B4B1BSWmoYs/VBWYULLzMRcX1QttOVpr
+6zP/SdxSFmRTa8ZhrHWOfxHVS1Jp9IWe9s5xmt5tr34L+i2mGd6wTwUmaWZFqICO
+N6mhaOvpeMZEowdQWsoqklbXJrQ1COHm0ogpcODWDKwr2plJa29FMwecZEmfaZeX
+X6yUCim0ASV9Eh7rQi6iNLFyGnqAXtRnm83Sf/xKinIjHUFXvjjRvZS1wOSElSYS
+WjG2xs4u+6+lrCJ1H5ZgII8EFfxPf53e1f8zl058RVvAMA+SGYjN0fhl3KBcIJqu
+62cN
+-----END CERTIFICATE-----
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-registration-4.5.1/test/ssl_certificate_spec.rb
new/yast2-registration-4.5.3/test/ssl_certificate_spec.rb
--- old/yast2-registration-4.5.1/test/ssl_certificate_spec.rb 2022-04-22
16:07:22.000000000 +0200
+++ new/yast2-registration-4.5.3/test/ssl_certificate_spec.rb 2022-05-06
09:47:44.000000000 +0200
@@ -55,7 +55,12 @@
stub_const("Registration::SslCertificate::CA_CERTS_DIR", ca_dir.to_s)
allow(Yast::Execute).to receive(:locally).and_call_original
allow(FileUtils).to receive(:rm_rf).and_call_original
- CERT_LINKS.each { |l| FileUtils.ln_sf(tmp_ca_dir.join(CERT_NAME),
tmp_ca_dir.join(l)) }
+ ["openssl", "pem"].each do |d|
+ FileUtils.mkdir_p(tmp_ca_dir.join(d))
+ CERT_LINKS.each do |l|
+ FileUtils.ln_sf(tmp_ca_dir.join(d, CERT_NAME), tmp_ca_dir.join(d, l))
+ end
+ end
end
after do
@@ -66,7 +71,12 @@
it "adds new certs under anchors to system CA certificates" do
expect(Yast::Execute).to receive(:locally).with("trust", "extract",
- "--format=openssl-directory", "--filter=ca-anchors", "--overwrite",
tmp_ca_dir.to_s)
+ "--format=openssl-directory", "--filter=ca-anchors", "--overwrite",
+ tmp_ca_dir.join("openssl").to_s)
+ .and_return(true)
+ expect(Yast::Execute).to receive(:locally).with("trust", "extract",
+ "--format=pem-directory-hash", "--filter=ca-anchors", "--overwrite",
+ tmp_ca_dir.join("pem").to_s)
.and_return(true)
expect(FileUtils).to receive(:rm_rf).with(tmp_ca_dir.to_s)
.and_return(Dir[tmp_ca_dir.join("*")])
