Your message dated Sat, 08 Mar 2014 13:47:05 +0000 with message-id <[email protected]> and subject line Bug#738854: fixed in polarssl 1.2.9-1~deb7u2 has caused the Debian Bug report #738854, regarding polarssl: Fails to build from source due to test case failures to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 738854: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738854 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Source: polarssl Version: 1.2.9-1~deb7u1 Severity: important Hi Roland, polarssl FTBFS in stable (but compiles fine in sid): -------------------------------------------------- - test_suite_x509parse x509_certificate_verification_30_domain_matching_multi_certificate_ FAIL *** x509_certificate_verification_31_domain_not_matching_multi_certific FAIL *** FAILED TESTS test_suite_x509parse.c(2757): flags == ( BADCERT_NOT_TRUSTED ) test_suite_x509parse.c(2789): flags == ( BADCERT_CN_MISMATCH + BADCERT_NOT_TRUSTED ) FAILED (193/195 tests in 0.060000s) **** Failed *************** - test_suite_x509write PASSED (7/7 tests in 0.040000s) - test_suite_xtea PASSED (13/13 tests) - test_suite_version PASSED (2/2 tests) make[3]: *** [check] Error 1 make[3]: Leaving directory `/home/jmm/scratch/polarssl-1.2.9/tests' make[2]: *** [check] Error 2 make[2]: Leaving directory `/home/jmm/scratch/polarssl-1.2.9' make[1]: *** [override_dh_auto_build] Error 2 make[1]: Leaving directory `/home/jmm/scratch/polarssl-1.2.9' make: *** [build] Error 2 dpkg-buildpackage: error: debian/rules build gave error exit status 2 -------------------------------------------------- This has been fixed upstream in 1.3.4: | = PolarSSL 1.3.4 released on 2014-01-27 | (..) | * Replaced expired test certificate I'm attaching a patch which updates the affected certs to the versions in 1.3.4. It would be good to have that in a point release for Wheezy. Cheers, Moritzdiff -Naur polarssl-1.2.9.orig/debian/patches/series polarssl-1.2.9/debian/patches/series --- polarssl-1.2.9.orig/debian/patches/series 2011-12-23 18:32:26.000000000 +0100 +++ polarssl-1.2.9/debian/patches/series 2014-02-13 14:29:45.163903124 +0100 @@ -1,3 +1,4 @@ 01-config.patch 02-makefile-destdir-fix.patch 03-library-makefile-adjustments.patch +update-certs-in-testsuite.patch diff -Naur polarssl-1.2.9.orig/debian/patches/update-certs-in-testsuite.patch polarssl-1.2.9/debian/patches/update-certs-in-testsuite.patch --- polarssl-1.2.9.orig/debian/patches/update-certs-in-testsuite.patch 1970-01-01 01:00:00.000000000 +0100 +++ polarssl-1.2.9/debian/patches/update-certs-in-testsuite.patch 2014-02-13 14:30:26.928384119 +0100 @@ -0,0 +1,113 @@ +The test suite certificate is expired. This was fixed in 1.3.4, so +update the affected certs. + +--- polarssl-1.2.9.orig/tests/data_files/server1.crt ++++ polarssl-1.2.9/tests/data_files/server1.crt +@@ -1,60 +1,3 @@ +-Certificate: +- Data: +- Version: 3 (0x2) +- Serial Number: 1 (0x1) +- Signature Algorithm: sha1WithRSAEncryption +- Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA +- Validity +- Not Before: Feb 12 14:44:06 2011 GMT +- Not After : Feb 12 14:44:06 2021 GMT +- Subject: C=NL, O=PolarSSL, CN=PolarSSL Server 1 +- Subject Public Key Info: +- Public Key Algorithm: rsaEncryption +- RSA Public Key: (2048 bit) +- Modulus (2048 bit): +- 00:a9:02:1f:3d:40:6a:d5:55:53:8b:fd:36:ee:82: +- 65:2e:15:61:5e:89:bf:b8:e8:45:90:db:ee:88:16: +- 52:d3:f1:43:50:47:96:12:59:64:87:6b:fd:2b:e0: +- 46:f9:73:be:dd:cf:92:e1:91:5b:ed:66:a0:6f:89: +- 29:79:45:80:d0:83:6a:d5:41:43:77:5f:39:7c:09: +- 04:47:82:b0:57:39:70:ed:a3:ec:15:19:1e:a8:33: +- 08:47:c1:05:42:a9:fd:4c:c3:b4:df:dd:06:1f:4d: +- 10:51:40:67:73:13:0f:40:f8:6d:81:25:5f:0a:b1: +- 53:c6:30:7e:15:39:ac:f9:5a:ee:7f:92:9e:a6:05: +- 5b:e7:13:97:85:b5:23:92:d9:d4:24:06:d5:09:25: +- 89:75:07:dd:a6:1a:8f:3f:09:19:be:ad:65:2c:64: +- eb:95:9b:dc:fe:41:5e:17:a6:da:6c:5b:69:cc:02: +- ba:14:2c:16:24:9c:4a:dc:cd:d0:f7:52:67:73:f1: +- 2d:a0:23:fd:7e:f4:31:ca:2d:70:ca:89:0b:04:db: +- 2e:a6:4f:70:6e:9e:ce:bd:58:89:e2:53:59:9e:6e: +- 5a:92:65:e2:88:3f:0c:94:19:a3:dd:e5:e8:9d:95: +- 13:ed:29:db:ab:70:12:dc:5a:ca:6b:17:ab:52:82: +- 54:b1 +- Exponent: 65537 (0x10001) +- X509v3 extensions: +- X509v3 Basic Constraints: +- CA:FALSE +- X509v3 Subject Key Identifier: +- 1F:74:D6:3F:29:C1:74:74:45:3B:05:12:2C:3D:A8:BD:43:59:02:A6 +- X509v3 Authority Key Identifier: +- keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF +- +- Signature Algorithm: sha1WithRSAEncryption +- bd:cf:96:c1:95:1e:9a:c2:6e:d8:88:88:d8:2a:7a:96:20:3e: +- 50:0b:c8:c7:df:1d:41:ed:e4:66:cd:b3:02:81:7d:57:04:1b: +- 5d:c6:33:59:0f:c1:20:b9:23:34:89:8a:6c:f2:fd:c7:48:36: +- 8c:80:e7:e1:9b:c6:60:5c:b0:33:02:0e:fd:df:be:61:bc:18: +- 89:0c:38:db:fb:fb:46:23:32:f7:8c:c1:3e:7c:de:1e:2f:3a: +- 77:2f:f4:8e:93:8e:25:4c:77:21:74:6c:18:b7:72:8d:bf:f5: +- 4f:5d:64:95:c1:6a:1a:70:11:88:af:bc:55:8a:25:30:f3:fa: +- 69:f2:af:2d:75:fb:2b:89:22:52:9b:05:42:15:29:13:95:5e: +- 33:9a:55:d4:c7:22:d8:44:ce:25:ab:b6:70:ee:34:14:9b:c8: +- fc:2f:56:ff:04:7e:18:00:2b:31:ac:36:7f:11:bb:ec:4d:e5: +- 69:a6:b4:2c:03:a5:7b:13:3a:03:82:8e:6f:97:f9:70:64:cc: +- e4:88:7a:b4:41:79:15:5a:b7:ff:db:f3:34:86:0c:6b:51:6a: +- cd:a7:01:2d:91:7c:cd:21:d8:2c:48:a6:5c:17:73:8c:1a:0d: +- e2:a0:d4:fd:6c:d1:c9:84:41:46:30:08:e3:d9:b3:1d:7e:ab: +- 6a:57:aa:9f + -----BEGIN CERTIFICATE----- + MIIDPzCCAiegAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER + MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +--- polarssl-1.2.9.orig/tests/data_files/cert_example_multi_nocn.crt ++++ polarssl-1.2.9/tests/data_files/cert_example_multi_nocn.crt +@@ -1,33 +1,13 @@ + -----BEGIN CERTIFICATE----- +-MIIFiTCCA3GgAwIBAgIDC0EHMA0GCSqGSIb3DQEBBQUAMHkxEDAOBgNVBAoTB1Jv +-b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ +-Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y +-dEBjYWNlcnQub3JnMB4XDTEyMDEyMjEzMzEzNFoXDTE0MDEyMTEzMzEzNFowADCC +-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKdnVW27pPxX6JD8XER1w2P/ +-8E8g44KtOtgIFIMnaoUAwNOePDvo8HfGo06AVCRntCPfGHJu5t5EmuudQjvC7gcL +-Of1/LIFXFhe59f8yH5peGV8rPKyyNNV3YCIAn1WmuaP9a/Yk7YEvYOBntFVTIFvN +-s0x7jmyCz7A51WApun91Z6Qz2muiUDb9mmfX/INR63p1TDG9PeGzUIaZFFZt8BYH +-NTyu95cxpUOTBCFi4pOj/WBuF2MPUv7RRYOHfBOnAS3h7+8eOX/oNu9YUhneVbuE +-Zqs47lbITTi6tmpYnZQ8gQdJQrfDLI/taw6oIRXhH1U/P1NYlGcz8/BbC33FOA0C +-AwEAAaOCAZEwggGNMAwGA1UdEwEB/wQCMAAwNAYDVR0lBC0wKwYIKwYBBQUHAwIG +-CCsGAQUFBwMBBglghkgBhvhCBAEGCisGAQQBgjcKAwMwCwYDVR0PBAQDAgWgMDMG +-CCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9y +-Zy8wggEDBgNVHREEgfswgfiCHHd3dy5zaG90b2thbi1icmF1bnNjaHdlaWcuZGWg +-KgYIKwYBBQUHCAWgHgwcd3d3LnNob3Rva2FuLWJyYXVuc2Nod2VpZy5kZYIUd3d3 +-Lm1hc3NpbW8tYWJhdGUuZXWgIgYIKwYBBQUHCAWgFgwUd3d3Lm1hc3NpbW8tYWJh +-dGUuZXWCFHd3dy5tYXNzaW1vLWFiYXRlLmRloCIGCCsGAQUFBwgFoBYMFHd3dy5t +-YXNzaW1vLWFiYXRlLmRlghR3d3cubWFzc2ltby1hYmF0ZS5pdKAiBggrBgEFBQcI +-BaAWDBR3d3cubWFzc2ltby1hYmF0ZS5pdDANBgkqhkiG9w0BAQUFAAOCAgEAT8uP +-gDouHoXj4iMF0iqJTGp27zyaBajKZ3Lkxjks/YsH/vJfqLTFtVqr5EWTQHbOelZf +-Ijpagiv2Qz/wfKSK9Bi9oEiB1WiTxtfI5nX5bWtWcLk44OaxMFpEQUflgvbqQqLV +-+YCUgXf2fKDtGmXF6edE6luEN0UGC29lYW5DF7KHRkM3Eu/7KZG9PfJO5evhb7Os +-LMsEWl3ESJjFDzgkfrWFqKOXO2sRfzRaagPgeZMVxFMDgtvarRU0aumOTftcX1yD +-ayc5a71i03cbo7p1UhfcivQ30d3wfhVOdmsr99agPLolqKQaxGs5INf7T9v98Obf +-1Ax8jrT5VcH/74MCReBbE6wwr8CiSrHVyzFLK828jeStw9vNqlUh/Ny6pf4au2C3 +-vmFTlEd0riCvvRQYRa/qQSwLD36rfFd8grdvD4Brw0gJkRjmkEy37bM35op0mZFu +-6eaWURasEUgG6IFBtAGRvZFxSHCbM6o6KMNbTsaCYMfHszCJwzSSCYo1n1qqgE2r +-JITT2l/XA/KBwKnH+XpKPe4ffpfkCFUdm2phxe41HBLcbLdPjvvrDfU1IcdSAVVR +-4swr+Kd3S044WL660s1h4xpFkWc0KG9ghe4vOUlmwqV7mO8EhLyu4ustyep2Jv2e +-91oCC+CDllr3qfAUQOUcqlSPWogMZ9tTDx58ids= ++MIIB/TCCAWagAwIBAgIJAPfGf/jpqWP5MA0GCSqGSIb3DQEBBQUAMA0xCzAJBgNV ++BAYTAk5MMB4XDTE0MDEyMjEwMDQzM1oXDTI0MDEyMjEwMDQzM1owDTELMAkGA1UE ++BhMCTkwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2pt ++WZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNz ++UnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ ++81kybdHg6G3eUu1mtKkL2kCVAgMBAAGjZTBjMAkGA1UdEwQCMAAwCwYDVR0PBAQD ++AgXgMEkGA1UdEQRCMECCHHd3dy5zaG90b2thbi1icmF1bnNjaHdlaWcuZGWCFHd3 ++dy5tYXNzaW1vLWFiYXRlLmV1hwTAqAEBhwTAqEWQMA0GCSqGSIb3DQEBBQUAA4GB ++ABjx1ytrqCyFC5/0cjWnbLK9vsvLny2ZikDewfRxqJ5zAxGWLqHOr1SmUmu2DrvB ++bkT9g5z19+iMhPnzJz1x7Q2m7WTIJTuUPK+hKZJATDLNhZ86h5Nkw8k9YzKcOrPm ++EIqsy55CSgLU0ntljqSBvSb4ifrF1NnIWej2lSfN6r+3 + -----END CERTIFICATE----- +-
--- End Message ---
--- Begin Message ---Source: polarssl Source-Version: 1.2.9-1~deb7u2 We believe that the bug you reported is fixed in the latest version of polarssl, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Roland Stigge <[email protected]> (supplier of updated polarssl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 16 Feb 2014 12:14:50 +0100 Source: polarssl Binary: libpolarssl-dev libpolarssl-runtime libpolarssl0 Architecture: source amd64 Version: 1.2.9-1~deb7u2 Distribution: stable-proposed-updates Urgency: medium Maintainer: Roland Stigge <[email protected]> Changed-By: Roland Stigge <[email protected]> Description: libpolarssl-dev - lightweight crypto and SSL/TLS library libpolarssl-runtime - lightweight crypto and SSL/TLS library libpolarssl0 - lightweight crypto and SSL/TLS library Closes: 738854 Changes: polarssl (1.2.9-1~deb7u2) stable-proposed-updates; urgency=medium . * Fix FTBFS bug due to expired certificates, backport from upstream 1.3.4, thanks to Moritz Mühlenhoff (Closes: #738854) Checksums-Sha1: 15efca6cae6fddb1771c8c68e17f4495a0c38b78 1196 polarssl_1.2.9-1~deb7u2.dsc 6e518793fb8214d37225cb6fc457a07686f20ba1 8483 polarssl_1.2.9-1~deb7u2.debian.tar.gz 411a64253c5124c470df030518fb1ca4915734b9 275616 libpolarssl-dev_1.2.9-1~deb7u2_amd64.deb be897f246dd2f859d0fd566ae44dc4a73be39c3a 2785886 libpolarssl-runtime_1.2.9-1~deb7u2_amd64.deb 7cbd144084f20b878bed978f4607080f348f25db 185814 libpolarssl0_1.2.9-1~deb7u2_amd64.deb Checksums-Sha256: 149899afaa73d00d394c6fd096a3ceda2429e1e91c37cb4ca83702b50028a8fa 1196 polarssl_1.2.9-1~deb7u2.dsc dfdad0671fcbb0eac60afb9229b9bf404b7ed61cc0bad48bd9b136fe9d036c88 8483 polarssl_1.2.9-1~deb7u2.debian.tar.gz a57ebebbca79074d06c4739816d6203fa24deb739cc4d5c0a9d5dfd9dca8fa2c 275616 libpolarssl-dev_1.2.9-1~deb7u2_amd64.deb f8080d419c0266b6ecea064fbb20e287aa9c29dbf03cf07a0258baf8a44c8d6e 2785886 libpolarssl-runtime_1.2.9-1~deb7u2_amd64.deb f663ae159252408d5a31dc91f882d694ea0de192c5308bb7cfaa103e096d0de5 185814 libpolarssl0_1.2.9-1~deb7u2_amd64.deb Files: 0ea93eee7071d046327acdf58a367902 1196 libs optional polarssl_1.2.9-1~deb7u2.dsc e31a2d156cfca0447e92fac5bc94963a 8483 libs optional polarssl_1.2.9-1~deb7u2.debian.tar.gz 5236b12c117ce26cdc1152c0d9929910 275616 libdevel optional libpolarssl-dev_1.2.9-1~deb7u2_amd64.deb e212403fe0d3e279f0f7a9c5e27a5a82 2785886 libdevel optional libpolarssl-runtime_1.2.9-1~deb7u2_amd64.deb aa3813209ffed70d5654dd304188cf18 185814 libs optional libpolarssl0_1.2.9-1~deb7u2_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iD8DBQFTDPPfcaH/YBv43g8RApAEAJ9xlFltQWdXwoqQ5d/GSPFuF6d5mACcD1pa M3Ys3bg6ZrjyihsautoDcqQ= =dmLV -----END PGP SIGNATURE-----
--- End Message ---
