Your message dated Tue, 25 Sep 2012 18:54:39 +0100
with message-id <[email protected]>
and subject line Re: Bug#688793: unblock: obnam/1.1-1.1
has caused the Debian Bug report #688793,
regarding unblock: obnam/1.1-1.1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
688793: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688793
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
Please unblock package obnam
The NMU uploaded to unstable fixes an RC bug. The patch is taken from
the upstream bazaar repository. There are no other changes beside this
bugfix and upstream test case verifying the bugfix passes.
Thanks Gaudenz
unblock obnam/1.1-1.1
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (800, 'testing'), (700, 'unstable'), (50, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.5-trunk-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_CH.UTF-8, LC_CTYPE=de_CH.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
only in patch2:
unchanged:
--- obnam-1.1.orig/tests/encryption-replaces-key.script
+++ obnam-1.1/tests/encryption-replaces-key.script
@@ -0,0 +1,41 @@
+#!/bin/sh
+# Copyright 2011 Lars Wirzenius
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+set -eu
+
+gpgkey='3B1802F81B321347'
+fingerprint='4E2AF28A3D824CF2B3F1FE733B1802F81B321347'
+gpgkey2='DF3D13AA11E69900'
+
+# Make a backup with the default key ($gpgkey).
+$SRCDIR/tests/backup --encrypt-with="$gpgkey"
+
+# Add new key. "rainyday" is the name of the client.
+$SRCDIR/tests/obnam --encrypt-with="$gpgkey" add-key --keyid="$gpgkey2" \
+ rainyday
+
+# Remove the old key.
+$SRCDIR/tests/obnam --encrypt-with="$gpgkey2" remove-key --keyid="$gpgkey" \
+ rainyday
+
+# Remove the old key from the gpg keyring.
+export GNUPGHOME="$DATADIR/gpg"
+gpg --batch --delete-secret-key "$fingerprint"
+
+# Verify that the backup is still readable, now with the new key.
+$SRCDIR/tests/restore --encrypt-with="$gpgkey2"
+$SRCDIR/tests/verify
+
only in patch2:
unchanged:
--- obnam-1.1.orig/obnamlib/plugins/encryption_plugin.py
+++ obnam-1.1/obnamlib/plugins/encryption_plugin.py
@@ -161,6 +161,12 @@
logging.debug('unable to remove key %s from %s (not there)' %
(keyid, toplevel))
+ def rewrite_symmetric_key(self, repo, toplevel):
+ symmetric_key = self.get_symmetric_key(repo, toplevel)
+ userkeys = self.read_keyring(repo, toplevel)
+ encrypted = obnamlib.encrypt_with_keyring(symmetric_key, userkeys)
+ self._overwrite_file(repo, os.path.join(toplevel, 'key'), encrypted)
+
def add_client(self, clientlist, client_name):
clientlist.set_client_keyid(client_name, self.keyid)
@@ -233,6 +239,7 @@
clients = self._find_clientdirs(repo, args)
for toplevel in self._shared + clients:
self.add_to_userkeys(repo, toplevel, key)
+ self.rewrite_symmetric_key(repo, toplevel)
def remove_key(self, args):
'''Remove a key from the repository.'''
@@ -244,6 +251,7 @@
clients = self._find_clientdirs(repo, args)
for toplevel in self._shared + clients:
self.remove_from_userkeys(repo, toplevel, keyid)
+ self.rewrite_symmetric_key(repo, toplevel)
def remove_client(self, args):
'''Remove client and its key from repository.'''
only in patch2:
unchanged:
--- obnam-1.1.orig/debian/changelog
+++ obnam-1.1/debian/changelog
@@ -1,3 +1,10 @@
+obnam (1.1-1.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Fix encription key handling (Closes: #680670)
+
+ -- Gaudenz Steinlin <[email protected]> Thu, 20 Sep 2012 16:22:16 +0200
+
obnam (1.1-1) unstable; urgency=low
* New upstream version.
only in patch2:
unchanged:
--- obnam-1.1.orig/debian/rules
+++ obnam-1.1/debian/rules
@@ -3,6 +3,8 @@
dh $@ --with=python2 --with-buildsystem=python_distutils
override_dh_auto_test:
+ # fix test permission due to diff not representing permissions
+ chmod 755 tests/encryption-replaces-key.script
python setup.py build_ext -i
rm -rf build
cp -a test-gpghome temp.gpghome
--- End Message ---
--- Begin Message ---
On Tue, 2012-09-25 at 19:22 +0200, Gaudenz Steinlin wrote:
> Please unblock package obnam
>
> The NMU uploaded to unstable fixes an RC bug. The patch is taken from
> the upstream bazaar repository. There are no other changes beside this
> bugfix and upstream test case verifying the bugfix passes.
Unblocked; thanks.
Regards,
Adam
--- End Message ---
