Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock

Please unblock package openvpn-auth-ldap

The version in squeeze and wheezy has a critical bug that makes the
package inoperable after some time. The bug is:

#692936: "No remote address supplied" after a while

... and the 2.0.3-4 upload was performed only for that purpose.

Here's the magic stanza:

unblock openvpn-auth-ldap/2.0.3-4

Here's the debdiff:

diff -Nru openvpn-auth-ldap-2.0.3/debian/changelog 
openvpn-auth-ldap-2.0.3/debian/changelog
--- openvpn-auth-ldap-2.0.3/debian/changelog    2012-06-05 09:59:11.000000000 
-0400
+++ openvpn-auth-ldap-2.0.3/debian/changelog    2012-11-12 05:36:50.000000000 
-0500
@@ -1,3 +1,10 @@
+openvpn-auth-ldap (2.0.3-4) unstable; urgency=low
+
+  * Add patch from Antoine Beaupré to fix "No remote address
+    supplied" error. (Closes: #692936)
+
+ -- Alberto Gonzalez Iniesta <[email protected]>  Mon, 12 Nov 2012 11:35:43 
+0100
+
 openvpn-auth-ldap (2.0.3-3) unstable; urgency=low
 
   * Acknowledge Matthias Klose's NMU. Thanks!
diff -Nru 
openvpn-auth-ldap-2.0.3/debian/patches/openvpn_ldap_simpler_add_handler_4 
openvpn-auth-ldap-2.0.3/debian/patches/openvpn_ldap_simpler_add_handler_4
--- openvpn-auth-ldap-2.0.3/debian/patches/openvpn_ldap_simpler_add_handler_4   
1969-12-31 19:00:00.000000000 -0500
+++ openvpn-auth-ldap-2.0.3/debian/patches/openvpn_ldap_simpler_add_handler_4   
2012-11-12 04:40:39.000000000 -0500
@@ -0,0 +1,50 @@
+Description: move address checks further down to avoid certain failures
+ this tries to avoid certain failures with the LDAP plugin where it
+ doesn't get passed the remoteAddress in certain cases. since we do
+ may not care about this address, we fail only when really necessary.
+
+Author: Antoine Beaupr� <[email protected]>
+
+Origin: vendor
+Bug: https://code.google.com/p/openvpn-auth-ldap/issues/detail?id=4
+Bug-Debian: http://bugs.debian.org/692936
+Forwarded: yes
+Last-Update: 2012-11-10
+
+--- openvpn-auth-ldap-2.0.3.orig/src/auth-ldap.m
++++ openvpn-auth-ldap-2.0.3/src/auth-ldap.m
+@@ -533,7 +533,10 @@ static int handle_client_connect_disconn
+       }
+ 
+       if (tableName)
+-              if (!pf_client_connect_disconnect(ctx, tableName, 
remoteAddress, connecting))
++              if (!remoteAddress) {
++                      [TRLog debug: "No remote address supplied to OpenVPN 
LDAP Plugin (OPENVPN_PLUGIN_CLIENT_CONNECT)."];
++                      ret = OPENVPN_PLUGIN_FUNC_ERROR;
++              } else if (!pf_client_connect_disconnect(ctx, tableName, 
remoteAddress, connecting))
+                       return OPENVPN_PLUGIN_FUNC_ERROR;
+ #endif /* HAVE_PF */
+ 
+@@ -587,20 +590,10 @@ openvpn_plugin_func_v1(openvpn_plugin_ha
+                       break;
+               /* New connection established */
+               case OPENVPN_PLUGIN_CLIENT_CONNECT:
+-                      if (!remoteAddress) {
+-                              [TRLog debug: "No remote address supplied to 
OpenVPN LDAP Plugin (OPENVPN_PLUGIN_CLIENT_CONNECT)."];
+-                              ret = OPENVPN_PLUGIN_FUNC_ERROR;
+-                      } else {
+-                              ret = handle_client_connect_disconnect(ctx, 
ldap, ldapUser, remoteAddress, YES);
+-                      }
++                      ret = handle_client_connect_disconnect(ctx, ldap, 
ldapUser, remoteAddress, YES);
+                       break;
+               case OPENVPN_PLUGIN_CLIENT_DISCONNECT:
+-                      if (!remoteAddress) {
+-                              [TRLog debug: "No remote address supplied to 
OpenVPN LDAP Plugin (OPENVPN_PLUGIN_CLIENT_DISCONNECT)."];
+-                              ret = OPENVPN_PLUGIN_FUNC_ERROR;
+-                      } else {
+-                              ret = handle_client_connect_disconnect(ctx, 
ldap, ldapUser, remoteAddress, NO);
+-                      }
++                      ret = handle_client_connect_disconnect(ctx, ldap, 
ldapUser, remoteAddress, NO);
+                       break;
+               default:
+                       [TRLog debug: "Unhandled plugin type in OpenVPN LDAP 
Plugin (type=%d)", type];
diff -Nru openvpn-auth-ldap-2.0.3/debian/patches/series 
openvpn-auth-ldap-2.0.3/debian/patches/series
--- openvpn-auth-ldap-2.0.3/debian/patches/series       2012-06-05 
07:31:33.000000000 -0400
+++ openvpn-auth-ldap-2.0.3/debian/patches/series       2012-11-12 
04:43:28.000000000 -0500
@@ -1,2 +1,3 @@
 STARTTLS_before_auth.patch
 gobjc_4.7_runtime.patch
+openvpn_ldap_simpler_add_handler_4

Thanks,

A.

PS: maybe this could be considered for a squeeze update too?

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to fr_CA.UTF-8)
Shell: /bin/sh linked to /bin/dash


--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: 
http://lists.debian.org/[email protected]

Reply via email to