Your message dated Wed, 12 Oct 2016 22:17:48 +0000
with message-id <e1burqo-00021l...@franck.debian.org>
and subject line Bug#839576: fixed in libio-socket-ssl-perl 2.002-2+deb8u2
has caused the Debian Bug report #839576,
regarding libio-socket-ssl-perl: Cannot use SSL_key_file with ACL permissions
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
839576: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839576
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libio-socket-ssl-perl
Version: 2.002-2+deb8u1
Severity: normal

Dear Maintainer,

I upgraded from wheezy to jessie. The issue did not occur before.

I am running a perl daemon as some non-root user that uses SSL_key_file with 
IO::Socket::SSL->start_SSL($client, SSL_server => 1, SSL_key_file => ..., ...).

The key file given is owned by root:root, but getfacl reports 
user:$daemonuser:r-- and using "sudo -u $daemonuser cat $SSL_key_file" works 
fine.

Though, the daemon does not longer accept clients writing to STDERR 
"SSL_key_file ... is not accessible at /usr/share/perl5/IO/Socket/SSL.pm line 
2010".

That source line reads like it is supposed to check readiblity of the key file 
given. I expect it to pass as the file is actually readable and start SSL 
communication with the client.

Regards,
M. Braun


-- System Information:
Debian Release: 8.6
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.2.1-040201-generic (SMP w/8 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to de_DE.utf8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libio-socket-ssl-perl depends on:
ii  libnet-ssleay-perl  1.65-1+deb8u1
ii  netbase             5.3
ii  perl                5.20.2-3+deb8u6

Versions of packages libio-socket-ssl-perl recommends:
ii  libio-socket-inet6-perl     2.72-1
ii  libsocket6-perl             0.25-1+b1
ii  liburi-perl                 1.64-1
ii  perl                        5.20.2-3+deb8u6
ii  perl-base [libsocket-perl]  5.20.2-3+deb8u6

Versions of packages libio-socket-ssl-perl suggests:
ii  ca-certificates  20141019+deb8u1

-- no debconf information

--- End Message ---
--- Begin Message ---
Source: libio-socket-ssl-perl
Source-Version: 2.002-2+deb8u2

We believe that the bug you reported is fixed in the latest version of
libio-socket-ssl-perl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 839...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso <car...@debian.org> (supplier of updated 
libio-socket-ssl-perl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 08 Oct 2016 17:26:51 +0200
Source: libio-socket-ssl-perl
Binary: libio-socket-ssl-perl
Architecture: all source
Version: 2.002-2+deb8u2
Distribution: jessie
Urgency: medium
Maintainer: Debian Perl Group <pkg-perl-maintain...@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <car...@debian.org>
Closes: 839576
Description: 
 libio-socket-ssl-perl - Perl module implementing object oriented interface to 
SSL sockets
Changes:
 libio-socket-ssl-perl (2.002-2+deb8u2) jessie; urgency=medium
 .
   * Add 0001-remove-r-for-checking-SSL_-cert-key-_file-since-this.patch.
     Removes the -r check for for checking SSL_{cert,key}_file since this
     will an usable error later anyway. Addresses "Cannot use SSL_key_file
     with ACL permissions".
     Thanks to Michael Braun and Steffen Ullrich. (Closes: #839576)
Checksums-Sha1: 
 503c417ab1a2df7611390506608edd1a876cb468 2775 
libio-socket-ssl-perl_2.002-2+deb8u2.dsc
 a0e1acc593b06297b2beaf5d13e1fe5a69843777 10364 
libio-socket-ssl-perl_2.002-2+deb8u2.debian.tar.xz
 758f0fdc5ecb66f2214074af87f06a17fb9e7b64 172362 
libio-socket-ssl-perl_2.002-2+deb8u2_all.deb
Checksums-Sha256: 
 fe941f11e3366ccf7c7869010376a80d6e4a91ea057a674a00ca4cecab1e333a 2775 
libio-socket-ssl-perl_2.002-2+deb8u2.dsc
 30d03b4f189a6fc1544285a74a394b19b1dd27df805a58120c69b776770ba7ae 10364 
libio-socket-ssl-perl_2.002-2+deb8u2.debian.tar.xz
 49bd80d5fb0e47c85a8a92a54c19116cbdcc6ff6d0120a97b214ac16028377db 172362 
libio-socket-ssl-perl_2.002-2+deb8u2_all.deb
Files: 
 cfab1dec4f0991adfc218d199dd5e554 2775 perl optional 
libio-socket-ssl-perl_2.002-2+deb8u2.dsc
 dbe27cdde64988b96f3067a0ec85206f 10364 perl optional 
libio-socket-ssl-perl_2.002-2+deb8u2.debian.tar.xz
 6b137d2c8abb5a618b5d735b96d172eb 172362 perl optional 
libio-socket-ssl-perl_2.002-2+deb8u2_all.deb

-----BEGIN PGP SIGNATURE-----

iQKPBAEBCgB5BQJX+dVEXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ0NjQ0NDA5ODA4QzE3MUUwNTUzMURERUUw
NTRDQjhGMzEzNDNDRjQ0EhxjYXJuaWxAZGViaWFuLm9yZwAKCRAFTLjzE0PPRIHV
D/9RtXXMPSjR8peR4dVFPsh2buWZP9LrcUMfGXEQMJsWJyviX5AJ6/MjO7DmVT/I
4nhm5U7dw32PFyTisJAegBoLpPINVHOedP424Qis0aKZ9SzQ6hc0+pyeZ6ka9+0p
29LhROMOMM3KKp6fq/8+u2H66Jk1jBlejw1lS0h42HptIYeMoMUrbOjkEnuZCAQ7
62Txmo1oIGwrvhsGHVzCDkM4VwM6MmJa/lNJWijlpICkait1E7lfBA2gIuI6/MMY
zmh70UKnBhUrSE3A3CYuF4RijgSuokjrMXYA8FBSaiUv6GF0s1iajYBYEYdzrORy
ggPJGEya0NZtM2f8KifjkqBRfTU+wDKhleT/JB2Q2b6T22qIJhq5lMCO/tT0pmFA
WrDbmH3wdZWpADJaKSU5U4rPFR4e3+xwoVsZ66RiW4Wk3/VQ0wWr9ws27nhx6MQF
VD4T/gPLvy0wDac2+2Lm3RdTCbwssUzXGqnmGDnZpvgzAWnc+4Yhx0p3lgiNBROf
WaycId8wa7+0M7JDIj0lBui87PdD35AwYthlP+JQDtOTcwKrhlKx0ywtDFgZTixS
LTbwGWOVuRJ9d1NDJLF75x/Z1OXGAlLoXp5XrVTMkPzqdozjDJ4zT7Zlr1pT2fh2
hRTDMdUoxYAFaIfh7eH6O2lyhYu0b2idMZk8fEOs6a11Tg==
=24rT
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to