Your message dated Sat, 04 Feb 2017 11:56:00 +0000
with message-id <[email protected]>
and subject line Re: Bug#851742: unblock: libhttp-daemon-ssl-perl/1.04-3.1
has caused the Debian Bug report #851742,
regarding unblock: libhttp-daemon-ssl-perl/1.04-3.1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
851742: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851742
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
Please unblock package libhttp-daemon-ssl-perl.
I only realized after X-mas, that argonaut migration was actually getting
blocked by this package having an RC bug (#711628) caused by some SSL
issue in the unit test scripts.
Unfortunately, my NMU was too late for the migration to testing.
The consequence at the moment is that Debian stretch will ship with a
very old version of argonaut (a deployment tool underneath Fusion
Directory).
Is it possible to make an exception for this package (and then also for
argonaut)?
The libhttp-daemon-ssl-perl_1.04-3_1.04-3.1.debdiff is attached.
Thanks!
Mike
```
libhttp-daemon-ssl-perl (1.04-3.1) unstable; urgency=medium
* Non-maintainer upload.
* debian/{control,compat}: Bump to DH version level 9.
* debian/patches: Add testmodule.diff. Fix FTBFS during unit testing
due to incompatibility with latest SSL libs. (Closes: #711628).
This patch amongst other things regenerate the test certificates at
build time.
* debian/rules: Save upstream's certificate files, so that the package
build stays idempotent.
-- Mike Gabriel <[email protected]> Tue, 27 Dec 2016 13:34:04 +0100
libhttp-daemon-ssl-perl (1.04-3) unstable; urgency=low
* Prepare for libwww-perl 6; thanks to Nicholas Bamber. Closes: #620485.
- Depend on libhttp-daemon-perl | libwww-perl (<< 6).
- Suggest libhttp-message-perl for HTTP::Status.
* Use new 3.0 (quilt) source format.
* Switch to debhelper 8.
* debian/patches/pod-errors.diff: Fix missing POD markup,
<http://rt.cpan.org/Ticket/Display.html?id=46038>.
* debian/control: Add Homepage field.
* debian/control: Drop versioned dependency on perl (>= 5.6.0-16)
(a no-op since woody).
* Conforms to Standards version 3.9.1.
-- Matej Vela <[email protected]> Sat, 02 Apr 2011 15:27:02 +0200
[...]
```
unblock libhttp-daemon-ssl-perl/1.04-3.1
-- System Information:
Debian Release: 8.6
APT prefers stable
APT policy: (990, 'stable'), (500, 'stable-updates'), (500,
'proposed-updates')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.8.0-0.bpo.2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru libhttp-daemon-ssl-perl-1.04/debian/changelog libhttp-daemon-ssl-perl-1.04/debian/changelog
--- libhttp-daemon-ssl-perl-1.04/debian/changelog 2011-04-02 15:27:02.000000000 +0200
+++ libhttp-daemon-ssl-perl-1.04/debian/changelog 2016-12-27 14:22:24.000000000 +0100
@@ -1,3 +1,16 @@
+libhttp-daemon-ssl-perl (1.04-3.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * debian/{control,compat}: Bump to DH version level 9.
+ * debian/patches: Add testmodule.diff. Fix FTBFS during unit testing
+ due to incompatibility with latest SSL libs. (Closes: #711628).
+ This patch amongst other things regenerate the test certificates at
+ build time.
+ * debian/rules: Save upstream's certificate files, so that the package
+ build stays idempotent.
+
+ -- Mike Gabriel <[email protected]> Tue, 27 Dec 2016 13:34:04 +0100
+
libhttp-daemon-ssl-perl (1.04-3) unstable; urgency=low
* Prepare for libwww-perl 6; thanks to Nicholas Bamber. Closes: #620485.
diff -Nru libhttp-daemon-ssl-perl-1.04/debian/compat libhttp-daemon-ssl-perl-1.04/debian/compat
--- libhttp-daemon-ssl-perl-1.04/debian/compat 2011-04-02 13:25:46.000000000 +0200
+++ libhttp-daemon-ssl-perl-1.04/debian/compat 2016-12-27 13:45:51.000000000 +0100
@@ -1 +1 @@
-8
+9
diff -Nru libhttp-daemon-ssl-perl-1.04/debian/control libhttp-daemon-ssl-perl-1.04/debian/control
--- libhttp-daemon-ssl-perl-1.04/debian/control 2011-04-02 13:59:37.000000000 +0200
+++ libhttp-daemon-ssl-perl-1.04/debian/control 2016-12-27 13:45:46.000000000 +0100
@@ -1,7 +1,7 @@
Source: libhttp-daemon-ssl-perl
Section: perl
Priority: extra
-Build-Depends: debhelper (>= 8)
+Build-Depends: debhelper (>= 9)
Build-Depends-Indep: perl, libio-socket-ssl-perl, libhttp-daemon-perl | libwww-perl (<< 6)
Maintainer: Matej Vela <[email protected]>
Standards-Version: 3.9.1
diff -Nru libhttp-daemon-ssl-perl-1.04/debian/patches/series libhttp-daemon-ssl-perl-1.04/debian/patches/series
--- libhttp-daemon-ssl-perl-1.04/debian/patches/series 2011-04-02 14:09:39.000000000 +0200
+++ libhttp-daemon-ssl-perl-1.04/debian/patches/series 2016-12-27 13:32:50.000000000 +0100
@@ -1 +1,2 @@
pod-errors.diff
+testmodule.diff
diff -Nru libhttp-daemon-ssl-perl-1.04/debian/patches/testmodule.diff libhttp-daemon-ssl-perl-1.04/debian/patches/testmodule.diff
--- libhttp-daemon-ssl-perl-1.04/debian/patches/testmodule.diff 1970-01-01 01:00:00.000000000 +0100
+++ libhttp-daemon-ssl-perl-1.04/debian/patches/testmodule.diff 2016-12-27 14:13:36.000000000 +0100
@@ -0,0 +1,94 @@
+From 2b728bdd6df8968d1dae92856ac5ebed85d71d2a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <[email protected]>
+Date: Wed, 14 May 2014 10:36:50 +0200
+Subject: [PATCH] Generate keys and certificates at test-time
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This fixes <https://rt.cpan.org/Public/Bug/Display.html?id=88998>.
+
+Signed-off-by: Petr Písař <[email protected]>
+---
+ Makefile.PL | 2 ++
+ t/testmodule.t | 38 +++++++++++++++++++++++++++++++++++++-
+ 2 files changed, 39 insertions(+), 1 deletion(-)
+
+--- a/Makefile.PL
++++ b/Makefile.PL
+@@ -10,5 +10,7 @@
+ 'VERSION_FROM' => 'SSL.pm',
+ 'DISTNAME' => 'HTTP-Daemon-SSL',
+ 'PREREQ_PM' => { 'HTTP::Daemon' => 1.0, 'IO::Socket::SSL' => 0.93 },
++ 'BUILD_REQUIRES' => { 'HTTP::Daemon' => 1.0, 'IO::Socket::SSL' => 0.93,
++ 'IO::Socket::SSL::Utils' => 0 },
+ 'dist' => { COMPRESS => 'gzip', SUFFIX => 'gz', },
+ );
+--- a/t/testmodule.t
++++ b/t/testmodule.t
+@@ -4,10 +4,11 @@
+
+ use HTTP::Daemon::SSL;
+ use HTTP::Status;
++use IO::Socket::SSL::Utils;
+ eval {require "t/ssl_settings.req";} ||
+ eval {require "ssl_settings.req";};
+
+-$numtests = 9;
++$numtests = 14;
+ $|=1;
+ $SIG{PIPE}='IGNORE';
+
+@@ -22,6 +23,41 @@
+
+ $test = 0;
+
++my ($ca_cert, $ca_key) = CERT_create(
++ subject => { commonName => 'Dummy IO::Socket::SSL Certificate Authority' },
++ CA => 1,
++);
++(defined $ca_cert and defined $ca_key) || print 'not ';
++&ok('authority certificate generated');
++
++my ($server_cert, $server_key) = CERT_create(
++ subject => { commonName => 'IO::Socket::SSL Dummy Server Certificate' },
++ CA => 0,
++ issuer_cert => $ca_cert,
++ issuer_key => $ca_key,
++);
++(defined $server_cert and defined $server_key) || print 'not ';
++&ok('server certificate generated');
++
++eval { PEM_cert2file($ca_cert, 'certs/test-ca.pem') };
++(!$@ and -s 'certs/test-ca.pem') || print 'not ';
++&ok('authority certificate saved');
++
++PEM_cert2file($server_cert, 'certs/server-cert.pem');
++(!$@ and -s 'certs/server-cert.pem') || print 'not ';
++&ok('server certificate saved');
++
++PEM_key2file($server_key, 'certs/server-key.pem');
++(!$@ and -s 'certs/server-key.pem') || print 'not ';
++&ok('server key saved');
++
++# freeing fails now <https://bugzilla.redhat.com/show_bug.cgi?id=1097640>
++#CERT_free($ca_cert);
++#KEY_free($ca_key);
++#CERT_free($server_cert);
++#KEY_free($server_key);
++
++
+ unless (fork) {
+ sleep 1;
+
+@@ -57,8 +93,10 @@
+ Listen => 5,
+ Timeout => 30,
+ ReuseAddr => 1,
++ SSL_cipher_list => 'ALL:!LOW',
+ SSL_verify_mode => 0x00,
+ SSL_ca_file => "certs/test-ca.pem",
++ SSL_key_file => "certs/server-key.pem",
+ SSL_cert_file => "certs/server-cert.pem");
+
+ if (!$server) {
diff -Nru libhttp-daemon-ssl-perl-1.04/debian/rules libhttp-daemon-ssl-perl-1.04/debian/rules
--- libhttp-daemon-ssl-perl-1.04/debian/rules 2011-04-02 13:24:32.000000000 +0200
+++ libhttp-daemon-ssl-perl-1.04/debian/rules 2016-12-27 14:19:12.000000000 +0100
@@ -2,3 +2,16 @@
%:
dh $@
+
+override_dh_auto_build:
+ cp certs/server-cert.pem certs/server-cert.pem.orig
+ cp certs/server-key.pem certs/server-key.pem.orig
+ cp certs/test-ca.pem certs/test-ca.pem.orig
+ dh_auto_build
+
+override_dh_auto_clean:
+ dh_auto_clean
+ -mv certs/server-cert.pem.orig certs/server-cert.pem
+ -mv certs/server-key.pem.orig certs/server-key.pem
+ -mv certs/test-ca.pem.orig certs/test-ca.pem
+
--- End Message ---
--- Begin Message ---
Mike Gabriel:
> Hi Jonathan,
>
> On So 29 Jan 2017 12:01:35 CET, Jonathan Wiltshire wrote:
>
>> Control: tag -1 moreinfo
>>
>> Hi,
>>
>> On Wed, Jan 18, 2017 at 12:28:03PM +0100, Mike Gabriel wrote:
>>> Please unblock package libhttp-daemon-ssl-perl.
>>
>> I'm not wild about it. What is the impact on Fusion Directory?
>
> Thanks for even considering an unblock. The impact on FD is that Debian
> 9 will ship an old Argonaut version. I have Cc:ed upstream via our
> maintenance mailing list and leave it to Benoit giving a detailed answer
> to your question.
>
> In general, Fusion Directory and Argonaut development happens hand in
> hand in the same upstream context. For projects being co-developed in
> such a way, my overall experience is to always ship the versions that
> have been released together. For FD/Argonaut as of now, this is: FD
> 1.0.19 + Argonaut 1.0.
>
> Expecting an answer given in more technical depth from Benoit (Fusion
> Directoy / Argonaut upstream lead).
>
> Greets,
> Mike
>
I had a chat with Mike and have agreed to grant this one exception for
missing the 5th of Jan deadline provided he keeps an eye on
libhttp-daemon-ssl-perl.
I stress this is an one off exception for bringing a package into
testing that missed the 5th of Jan deadline and Mike agreed to that.
Thanks,
~Niels
signature.asc
Description: OpenPGP digital signature
--- End Message ---
