Your message dated Tue, 17 Aug 2021 05:34:08 +0000
with message-id <[email protected]>
and subject line Bug#979726: fixed in opensc 0.22.0-1
has caused the Debian Bug report #979726,
regarding opensc-pkcs11 0.21.0 breaks my vpn setup. Downgrading to 0.20.0
fixes the problem.
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
979726: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979726
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: opensc-pkcs11
Version: 0.21.0-1
Severity: normal
Tags: upstream
My entreprose vpn setup use a PKI token that when 0.21.0-1 is mo more usable.
I looked at the pcks11 options used to start openvpn in the systemd service file
If I use opensc 0.21.0, the PKI led blinks and is accessed but no pkcs11-id are
displayed :
openvpn --pkcs11-providers p11-kit-proxy.so --show-pkcs11-ids
The following objects are available for use.
Each object shown below may be used as parameter to
--pkcs11-id option please remember to use single quote mark.
Downgrading to opensc 0.20.0 I get (stuff removed for confidentiality reasons)
openvpn --pkcs11-providers p11-kit-proxy.so --show-pkcs11-ids
The following objects are available for use.
Each object shown below may be used as parameter to
--pkcs11-id option please remember to use single quote mark.
Certificate
DN: xxxxxxxxxxxxxxxxxxx
Serial: xxxxxxxxxxxxxxxxxxx
Serialized id: xxxxxxxxxxxxxxxxxxx
Certificate
DN: xxxxxxxxxxxxxxxxxxx
Serial: xxxxxxxxxxxxxxxxxxx
Serialized id: xxxxxxxxxxxxxxxxxxx
Certificate
DN: xxxxxxxxxxxxxxxxxxx
Serial: xxxxxxxxxxxxxxxxxxx
Serialized id: xxxxxxxxxxxxxxxxxxx
Certificate
DN: xxxxxxxxxxxxxxxxxxx
Serial: xxxxxxxxxxxxxxxxxxx
Serialized id: xxxxxxxxxxxxxxxxxxx
p11-kit list-modules
p11-kit-trust: p11-kit-trust.so
library-description: PKCS#11 Kit Trust Module
library-manufacturer: PKCS#11 Kit
library-version: 0.23
token: System Trust
manufacturer: PKCS#11 Kit
model: p11-kit-trust
serial-number: 1
hardware-version: 0.23
flags:
write-protected
token-initialized
opensc-pkcs11: opensc-pkcs11.so
library-description: OpenSC smartcard framework
library-manufacturer: OpenSC Project
library-version: 0.21
orange-dongle-aladdin: /usr/lib/libeToken.so
library-description: SafeNet eToken PKCS#11
library-manufacturer: SafeNet, Inc.
library-version: 10.7
With the 0.20.0 modules
pkcs11-tool --module p11-kit-proxy.so -O
Using slot 1 with a present token (0x12)
With 0.21.0 modules
pkcs11-tool --module p11-kit-proxy.so -O
error: PKCS11 function C_GetSlotInfo failed: rv = CKR_FUNCTION_NOT_SUPPORTED
(0x54)
Abortin
Many colleage have been hit by the bug. I opened it upstream at
https://github.com/OpenSC/OpenSC/issues/2199
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.6 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=fr_FR.UTF8, LC_CTYPE=fr_FR.UTF8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/bash
Init: systemd (via /run/systemd/system)
Versions of packages opensc-pkcs11 depends on:
ii libc6 2.31-9
ii libglib2.0-0 2.67.1-1
ii libssl1.1 1.1.1i-1
ii zlib1g 1:1.2.11.dfsg-2
opensc-pkcs11 recommends no packages.
opensc-pkcs11 suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: opensc
Source-Version: 0.22.0-1
Done: Eric Dorland <[email protected]>
We believe that the bug you reported is fixed in the latest version of
opensc, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Eric Dorland <[email protected]> (supplier of updated opensc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 17 Aug 2021 00:48:15 -0400
Source: opensc
Architecture: source
Version: 0.22.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSC Maintainers <[email protected]>
Changed-By: Eric Dorland <[email protected]>
Closes: 979726 987817
Changes:
opensc (0.22.0-1) unstable; urgency=medium
.
* New upstream release (Closes: 979726)
* Standards-Version to 4.5.1.1
* debhelper to v13
* Add upstream metadata file
* Install html docs
* Install NEWS file
* Remove opensc.docs, install via opensc.install
* Install pkcs11-register.desktop
* Add not-installed file (Closes: 987817)
Checksums-Sha1:
bbade588c3fd5c3a24f15f77fef82c573d63be2e 2150 opensc_0.22.0-1.dsc
31bcd760daa14b458a35c2d0d2002ea85777706b 1789287 opensc_0.22.0.orig.tar.gz
9a7a3351ee558dcb533861ad79a5cf557879ac9c 13600 opensc_0.22.0-1.debian.tar.xz
40144882ba10b6fce6c605e452b392df4336decc 8787 opensc_0.22.0-1_amd64.buildinfo
Checksums-Sha256:
acfd52c0e2b61c260e602b0d5dbf5c564ee8a17faac2bfa10ac09ff7c6dc9803 2150
opensc_0.22.0-1.dsc
138acf5724573d68bdfaf988bb05c00391edbfe262e69835813ed6bd00748c7a 1789287
opensc_0.22.0.orig.tar.gz
333b09a42e5322e9bf72a11350f6410991c31398a031545cada6d893b164c81c 13600
opensc_0.22.0-1.debian.tar.xz
e8e507e7b1586919a24efabbe3baa46a0121b5ff3a52afbb37e9adca8d281eaf 8787
opensc_0.22.0-1_amd64.buildinfo
Files:
276bb4940aa8fb2e0779c5453459cd5a 2150 utils optional opensc_0.22.0-1.dsc
c21c0dc0654c80cbaa17c59196b94990 1789287 utils optional
opensc_0.22.0.orig.tar.gz
ec3be52ca26841dc56283c15fc7b3c25 13600 utils optional
opensc_0.22.0-1.debian.tar.xz
8cc1c85b3925e6a0bcd8b9746b62cd99 8787 utils optional
opensc_0.22.0-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEQ88SKPcm/VtHTOliwlb71QAiHpMFAmEbRiAACgkQwlb71QAi
HpPjKA/8CoxuvHmvYhjG+IxQL/FQyF09SeMldEQ7eLFiLXjyCU5KqZpzpnt33N0f
oOCLsbgZ15FP4qc/GlLJCSdumFvMyl+diN0QETULGJHxWycIZeNYDI5Pi+3s/z0g
+H7VIbPzU4vb1qE0ZUHLChhAvk2VhgQKMUwl5NJ++zGqzry0pGRnyndE+YrnvtAs
+0avqvM9iB6t6I9ANrUs8yNBTeFoh2dn+FqXU5dyr8S2mly1bbw9g9jysqxtndLd
KZHTo9bicfNKiJltSWpaWYPD81D/GnH72UOEz35YqzcppnmQ+fjLcXW8PasPrMBH
ue4MOcai8D+xjefNmSqWKB4BzRUZuQgty8pHrqLGIvKmA3QlH2jVwY9OgKUySY32
2nuTLKojni6epCKDynbVuKCCxZWgHpOwbdX4PkRaVk5ikMGDcK3JdDsiLE9Qne8l
bA9PwAL01+UhZvRqoz9pWpOYdDTOyJ9l70+y2vKM/uaZ6gOvi3HHcMtKFN5GaEd0
WeidFB4Z4794+Udi8v1Qw2wRIwgnVk+6rNEzj34WLmGce8Y1K9NjK1JAxK9r0Pl9
+75Wwogi47DCzRBxZxWXo7W01ai33cqiBzPJBDJisyE++of6C50j5cWgsKzkYqfd
dN+R1ypsHXW+OmFfHMNvtsHu06zxccqXav5Qa6hAjwI/WszriWg=
=jVov
-----END PGP SIGNATURE-----
--- End Message ---
