Hello community, here is the log from the commit of package yast2-ldap-client for openSUSE:Factory checked in at 2013-01-08 09:30:30 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-ldap-client (Old) and /work/SRC/openSUSE:Factory/.yast2-ldap-client.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-ldap-client", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-ldap-client/yast2-ldap-client.changes 2012-10-12 14:55:15.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.yast2-ldap-client.new/yast2-ldap-client.changes 2013-01-08 09:30:32.000000000 +0100 @@ -1,0 +2,6 @@ +Thu Jan 3 16:01:07 CET 2013 - [email protected] + +- added simple check for certificates (bnc#792413) +- 2.23.2 + +------------------------------------------------------------------- Old: ---- yast2-ldap-client-2.23.1.tar.bz2 New: ---- yast2-ldap-client-2.23.2.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-ldap-client.spec ++++++ --- /var/tmp/diff_new_pack.LavXhp/_old 2013-01-08 09:30:33.000000000 +0100 +++ /var/tmp/diff_new_pack.LavXhp/_new 2013-01-08 09:30:33.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package yast2-ldap-client # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: yast2-ldap-client -Version: 2.23.1 +Version: 2.23.2 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build ++++++ yast2-ldap-client-2.23.1.tar.bz2 -> yast2-ldap-client-2.23.2.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-ldap-client-2.23.1/VERSION new/yast2-ldap-client-2.23.2/VERSION --- old/yast2-ldap-client-2.23.1/VERSION 2012-10-11 10:32:28.000000000 +0200 +++ new/yast2-ldap-client-2.23.2/VERSION 2013-01-03 16:01:42.000000000 +0100 @@ -1 +1 @@ -2.23.1 +2.23.2 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-ldap-client-2.23.1/configure new/yast2-ldap-client-2.23.2/configure --- old/yast2-ldap-client-2.23.1/configure 2012-10-10 15:33:38.000000000 +0200 +++ new/yast2-ldap-client-2.23.2/configure 2012-10-19 15:39:45.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for yast2-ldap-client 2.23.0. +# Generated by GNU Autoconf 2.69 for yast2-ldap-client 2.23.1. # # Report bugs to <http://bugs.opensuse.org/>. # @@ -579,8 +579,8 @@ # Identity of this package. PACKAGE_NAME='yast2-ldap-client' PACKAGE_TARNAME='yast2-ldap-client' -PACKAGE_VERSION='2.23.0' -PACKAGE_STRING='yast2-ldap-client 2.23.0' +PACKAGE_VERSION='2.23.1' +PACKAGE_STRING='yast2-ldap-client 2.23.1' PACKAGE_BUGREPORT='http://bugs.opensuse.org/' PACKAGE_URL='' @@ -1247,7 +1247,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures yast2-ldap-client 2.23.0 to adapt to many kinds of systems. +\`configure' configures yast2-ldap-client 2.23.1 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1319,7 +1319,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of yast2-ldap-client 2.23.0:";; + short | recursive ) echo "Configuration of yast2-ldap-client 2.23.1:";; esac cat <<\_ACEOF @@ -1399,7 +1399,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -yast2-ldap-client configure 2.23.0 +yast2-ldap-client configure 2.23.1 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1416,7 +1416,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by yast2-ldap-client $as_me 2.23.0, which was +It was created by yast2-ldap-client $as_me 2.23.1, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2355,7 +2355,7 @@ # Define the identity of the package. PACKAGE='yast2-ldap-client' - VERSION='2.23.0' + VERSION='2.23.1' cat >>confdefs.h <<_ACEOF @@ -2478,7 +2478,7 @@ -VERSION="2.23.0" +VERSION="2.23.1" RPMNAME="yast2-ldap-client" MAINTAINER="Jiri Suchomel <[email protected]>" @@ -3404,7 +3404,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by yast2-ldap-client $as_me 2.23.0, which was +This file was extended by yast2-ldap-client $as_me 2.23.1, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -3457,7 +3457,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -yast2-ldap-client config.status 2.23.0 +yast2-ldap-client config.status 2.23.1 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-ldap-client-2.23.1/configure.in new/yast2-ldap-client-2.23.2/configure.in --- old/yast2-ldap-client-2.23.1/configure.in 2012-10-10 15:33:30.000000000 +0200 +++ new/yast2-ldap-client-2.23.2/configure.in 2012-10-19 15:39:42.000000000 +0200 @@ -3,7 +3,7 @@ dnl -- This file is generated by y2autoconf 2.23.0 - DO NOT EDIT! -- dnl (edit configure.in.in instead) -AC_INIT(yast2-ldap-client, 2.23.0, http://bugs.opensuse.org/, yast2-ldap-client) +AC_INIT(yast2-ldap-client, 2.23.1, http://bugs.opensuse.org/, yast2-ldap-client) dnl Check for presence of file 'RPMNAME' AC_CONFIG_SRCDIR([RPMNAME]) @@ -18,7 +18,7 @@ AM_INIT_AUTOMAKE(tar-ustar -Wno-portability) dnl Important YaST2 variables -VERSION="2.23.0" +VERSION="2.23.1" RPMNAME="yast2-ldap-client" MAINTAINER="Jiri Suchomel <[email protected]>" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-ldap-client-2.23.1/src/ui.ycp new/yast2-ldap-client-2.23.2/src/ui.ycp --- old/yast2-ldap-client-2.23.1/src/ui.ycp 2012-10-05 13:44:21.000000000 +0200 +++ new/yast2-ldap-client-2.23.2/src/ui.ycp 2013-01-04 10:52:52.000000000 +0100 @@ -179,6 +179,33 @@ } /** + * Try to check if certificate file has a valid format (bnc#792413) + * (Just a simple check, for a warning that something might be wrong) + * Return the check result + */ + boolean check_certificate (string file) { + + // first, check for DER encoded certificate + if (FileUtils::Exists ("/usr/bin/openssl") && + SCR::Execute (.target.bash, sformat ("/usr/bin/openssl x509 -in %1 -inform der", file)) == 0 + ) + { + return true; + } + + // check the contents of possible plain text certificates + map out = (map) SCR::Execute (.target.bash_output, sformat ( + "grep -I '\\-----BEGIN CERTIFICATE' %1 && grep -I '\\-----END CERTIFICATE' %1", file)); + if (out["exit"]:1 != 0) + { + // warning popup + Popup::Warning (_("The certificate file does not seem to have valid format.")); + return false; + } + return true; + } + + /** * Popup for TLS/SSL related stuff */ boolean SSLConfiguration () { @@ -250,6 +277,7 @@ _("Choose the certificate file")); if (file != nil) { + check_certificate (file); tls_cacertfile = file; UI::ChangeWidget (`id (`tls_cacertfile), `Value, file); } @@ -277,7 +305,7 @@ // error message Popup::Error (_("Could not download the certificate file from specified URL.")); } - else if (FileUtils::CheckAndCreatePath (dir)) + else if (FileUtils::CheckAndCreatePath (dir) && check_certificate (certTmpFile)) { list <string> l = splitstring (cert_url, "/"); name = l[size(l) - 1]:"downloaded-by-yast2-ldap-client.pem"; -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
