Your message dated Wed, 30 May 2018 11:49:56 +0000 with message-id <[email protected]> and subject line Bug#886737: fixed in easy-rsa 3.0.4-1 has caused the Debian Bug report #886737, regarding easy-rsa: pkitool doesn't allow subject alternate names to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 886737: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886737 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: easy-rsa Version: 2.2.2-1 Severity: normal The patch applied to allow for subject alternate names doesn't work because of an argument number check right before it (and it also uses tabs for identation). The culprit are lines 291 up to 303 where the script exits if the amount of arguments is not equal to 1 (lines 291 to 294) if [ $# -ne 1 ]; then usage exit 1 else and immediately bellow, the script handles additional arguments as alternate host names. KEY_CN="$1" KEY_ALTNAMES="DNS:$1" shift while [ "x$1" != "x" ] do KEY_ALTNAMES="${KEY_ALTNAMES},DNS:$1" shift done By replacing the argument check with one that only fails when the number of arguments is less than 1, everything should work just fine if [ $# -lt 1 ]; then usage exit 1 else I'd include a patch but I the above mentioned functionality is already provided by a patch. -- System Information: Debian Release: 8.9 APT prefers oldstable-updates APT policy: (500, 'oldstable-updates'), (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages easy-rsa depends on: ii openssl 1.0.1t-1+deb8u6 Versions of packages easy-rsa recommends: ii opensc 0.14.0-2 easy-rsa suggests no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: easy-rsa Source-Version: 3.0.4-1 We believe that the bug you reported is fixed in the latest version of easy-rsa, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Pierre-Elliott Bécue <[email protected]> (supplier of updated easy-rsa package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 30 May 2018 13:01:34 +0200 Source: easy-rsa Binary: easy-rsa Architecture: source Version: 3.0.4-1 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <[email protected]> Changed-By: Pierre-Elliott Bécue <[email protected]> Description: easy-rsa - Simple shell based CA utility Closes: 796185 817786 851059 869193 872922 886737 Changes: easy-rsa (3.0.4-1) unstable; urgency=medium . * QA upload * New upstream release (Closes: #869193) Bug-fixing changes: - All scripts disappeared and grouped under one only script (Closes: #851059, #872922) - Support for subjectAltName (Closes: #886737, LP: #1346776) - easyrsa has a gen-crl feature (Closes: #796185) - easyrsa revoke command is less error-prone (LP: #1621112) - Updated vars file (Closes: #817786) * d/make-cadir updated accordingly * d/easy-rsa.{install,docs} updated accordingly * d/easy-rsa.dirs removed (not mandatory here) * d/control: - Set QA team as maintainer (See bug #877913) - Bump debhelper build level dependency to 11~ - Bump standards version to 4.1.4 - Set priority from extra to optional - Add Vcs- links - Fix home page - Mark easy-rsa as Multi-Arch: foreign - Add Rules-Require-Root field, set to no * d/compat: - Bump level to 11 * d/copyright: - Add myself + update + HTTPS * d/watch: - Updated to github, and tweaked a little * d/upstream/signing-key.asc: - Add OpenVPN's GPG key + Eric F Christ's one * d/NEWS: breaking changes imply a NEWS file. Checksums-Sha1: e36f59d9ec7ee84f6da200ff2ae3c77e3396eabd 2072 easy-rsa_3.0.4-1.dsc 7355bb076317b052014086dea5aed212152d0bec 37721 easy-rsa_3.0.4.orig.tar.gz f54c8f4fba5fe053cabfd40d63d747eb97630827 494 easy-rsa_3.0.4.orig.tar.gz.asc d5088565927b57dc2354c8421de00232b5c3bcdc 96828 easy-rsa_3.0.4-1.debian.tar.xz d6dfd3344cf15bad7676b3a58262f1f5336d9924 5464 easy-rsa_3.0.4-1_amd64.buildinfo Checksums-Sha256: 647822bac1053b3f37b0db829c98fcc70008de499dbc15470de35b9c5e5d474b 2072 easy-rsa_3.0.4-1.dsc 472167f976c6cb7c860cec6150a5616e163ae20365c81f179811d6ee0779ec5a 37721 easy-rsa_3.0.4.orig.tar.gz 4c1230671c77a4e6616bdc8dc05a8d4c1bbe91bfe24a47564cda0d5728a560d2 494 easy-rsa_3.0.4.orig.tar.gz.asc dce95d2ecadbde91694a0a6d1159744944e3e181fa9545853c4b3e037d85dfbc 96828 easy-rsa_3.0.4-1.debian.tar.xz 353eabbe96ed4d098090e8444c023dc3b78f130501064789e0b219eea58f1445 5464 easy-rsa_3.0.4-1_amd64.buildinfo Files: 426845fab3a4a8cbfa35e06676588603 2072 utils optional easy-rsa_3.0.4-1.dsc d163f0681b4b2067f107badeb9151629 37721 utils optional easy-rsa_3.0.4.orig.tar.gz 1d7a06741dd806d85c08df6f256c8249 494 utils optional easy-rsa_3.0.4.orig.tar.gz.asc bc0d708c9d300cd9975b73fcfa71ae09 96828 utils optional easy-rsa_3.0.4-1.debian.tar.xz 57c959361321dacbc501d456a3c63b5b 5464 utils optional easy-rsa_3.0.4-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAlsOhrcACgkQCBa54Yx2 K61NTw/9ERrOJMbg912/LBwjP68M+uuxIKlhSopa44CBtWrWf1Uo9qHh+SAO/4qm 7FSVfe+ExFkqQrAZABvhXLjuhiJdYGA5hVjzT2RChg/9FgkFnE0Cai3w4a/uVKGF 00EJB4p19YVywyxFxRXBdNN7rJzO+3M2cVUUy1r+t/syDyuUZDXrZqrzc7ix8vuL QK+I3qV1Vrfsef7ExUzc8EbJjvSaDf2SY3FBMqMOmotWuZAUixsdpSzNi8Eh1Ek+ mQf0E/YmIOr8nWpv74AlcIaPi2ibbkwtbcAMziZF9As/bnFsL5DQr1M26dAWGKId SdVY2XA7uIKPI+KADZjOg+IfEiyAQ+R6SQVBk1Bo21nhxv0XUopygDZbPlo1HP/+ xqmUY9BValQFEhKHT60dWbd0K8aXm8CbKHc8VVvKo8K1QizgBIcB1dSq002Dza07 otRp6RSjcJvO00VtaW60DRfVdnzhAYYKxGZT6x7rQloDJfM9j9tGq28ke9UcqF2o CFz4vBodySxxWDCxgYZbVbE2OYp0vJDaub2wc+GTJ0UcVwiFOmLzyWqvxrrAimfE 9WIAGc19sgKqSKvimSU2nSAAeFtKdaiZx/NS0eMNMKSVQV/yVnL67AH0NIeyPE6m uaPMpw2uUFq5azYZ5xF3TnkNfLx3XDryH7cVDb2ZFrFndthN48M= =mhcP -----END PGP SIGNATURE-----
--- End Message ---

