Bug#1024385: marked as done (bullseye-pu: package openvpn-auth-radius/2.1-7+deb11u1)

Sat, 17 Dec 2022 03:09:10 -0800 

Your message dated Sat, 17 Dec 2022 10:57:10 +0000
with message-id 
<03e9b90cf2f149b9e2835590c9ec0ccb048b744d.ca...@adam-barratt.org.uk>
and subject line Closing p-u requests for fixes included in 11.6
has caused the Debian Bug report #1024385,
regarding bullseye-pu: package openvpn-auth-radius/2.1-7+deb11u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1024385: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024385
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: bullseye
User: [email protected]
Usertags: pu
X-Debbugs-Cc: [email protected]

[ Reason ]

Fix #954264: Support for verify-client-cert openvpn 2.4 directive.

[ Impact ]
The current version doesn't work with openvpn version (2.5.1) in stable.
The old workaround only works for openvpn 2.4.

[ Tests ]
On #954264, one reporter is someone I know and trust, and he has verified on
his vpn server.
But I don't have a openvpn server with radius, so I only reviewed the code.

[ Risks ]
The patch is trivial and easy to review.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]

+                                         if (param == "verify-client-cert")
+                                         {
+                                                 this->deletechars(&line);
+                                                 if (line != 
"verify-client-certrequired")
+                                                 {
+                                                         
this->clientcertnotrequired=true;
+                                                 }
+                                         }

Add a new check for directive "verify-client-cert".

[ Other info ]
No.

diff -Nru openvpn-auth-radius-2.1/debian/changelog 
openvpn-auth-radius-2.1/debian/changelog
--- openvpn-auth-radius-2.1/debian/changelog    2018-10-28 20:10:22.000000000 
+0800
+++ openvpn-auth-radius-2.1/debian/changelog    2022-11-19 00:59:14.000000000 
+0800
@@ -1,3 +1,10 @@
+openvpn-auth-radius (2.1-7+deb11u1) bullseye; urgency=medium
+
+  * Add patch to support verify-client-cert directive in openvpn 2.4
+    (Closes: #954264)
+
+ -- Shengjing Zhu <[email protected]>  Sat, 19 Nov 2022 00:59:14 +0800
+
 openvpn-auth-radius (2.1-7) unstable; urgency=low
 
   * QA upload.
diff -Nru 
openvpn-auth-radius-2.1/debian/patches/0006-Support-verify-client-cert-directive-in-openvpn-2.4.patch
 
openvpn-auth-radius-2.1/debian/patches/0006-Support-verify-client-cert-directive-in-openvpn-2.4.patch
--- 
openvpn-auth-radius-2.1/debian/patches/0006-Support-verify-client-cert-directive-in-openvpn-2.4.patch
       1970-01-01 08:00:00.000000000 +0800
+++ 
openvpn-auth-radius-2.1/debian/patches/0006-Support-verify-client-cert-directive-in-openvpn-2.4.patch
       2022-11-19 00:59:14.000000000 +0800
@@ -0,0 +1,29 @@
+From: Shengjing Zhu <[email protected]>
+Date: Sat, 12 Nov 2022 19:25:57 +0800
+Subject: Support verify-client-cert directive in openvpn 2.4
+
+Bug-Debian: #954264
+Forwarded: no
+---
+ Config.cpp | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/Config.cpp b/Config.cpp
+index b600fab..d914818 100644
+--- a/Config.cpp
++++ b/Config.cpp
+@@ -180,6 +180,14 @@ int Config::parseConfigFile(const char * configfile)
+                                                         
this->clientcertnotrequired=true;
+                                                 }
+                                         }
++                                        if (param == "verify-client-cert")
++                                        {
++                                                this->deletechars(&line);
++                                                if (line != 
"verify-client-certrequired")
++                                                {
++                                                        
this->clientcertnotrequired=true;
++                                                }
++                                        }
+                                         if (param == 
"username-as-common-name")
+                                         {
+                                                 this->deletechars(&line);
diff -Nru openvpn-auth-radius-2.1/debian/patches/series 
openvpn-auth-radius-2.1/debian/patches/series
--- openvpn-auth-radius-2.1/debian/patches/series       2018-10-28 
18:45:40.000000000 +0800
+++ openvpn-auth-radius-2.1/debian/patches/series       2022-11-19 
00:59:14.000000000 +0800
@@ -3,3 +3,4 @@
 30_build-with-debug-symbols.diff
 35_verbose_built.diff
 40_use_cppflags.diff
+0006-Support-verify-client-cert-directive-in-openvpn-2.4.patch

--- End Message ---
--- Begin Message --- 
Package: release.debian.org
Version: 11.6

Hi,

Each of the updates referred to in these requests was included in this
morning's 11.6 point release.

Regards,

Adam

--- End Message ---

Reply via email to