Bug#741663: linux-image-3.13-1-powerpc-smp: therm_windtunnel does not load correctly
Hi all > The PowerMac G5 users on this list are kindly asked to confirm the bug has >been fixed. Until then, I'll reopen it. I am running the latest version (5.10.0-6-sparc64-smp #1 SMP Debian 5.10.28-1 (2021-04-09) sparc64) from the ports repo and it runs ok on two G5 Thanks for the work guys Kind Regards, W. >> been fixed. Until then, I'll reopen it. > Makes perfect sense to me. > >>> Back then, that meant compiling your own kernel. These days, you can >>> just use any Debian-provided kernel from 4.19 onwards. >> I'm not sure how this is relevant to the question whether the bug was fixed >> or not in the Debian kernel package. > Not relevant. It was just to say that the tester's job has become much > easier meanwhile. > -- William Bonnet GPG : 7189 DC8E 15B9 B3E4 EA3E 902B 8EAC F0B9 25A5 9D48 https://forum.armwizard.org OpenPGP_signature Description: OpenPGP digital signature
Bug#974122: No network at Banana Pi M2 Ultra
Hi Bernhard, I would like to ask you a simple question about your email please. It is not about the M2 board itself, mostly about your checklist. I would like to know please if you did it "by hand" or used a tool to do the check ? Formatting output it self is not really difficult task, definition of relevant tests can be more tricky. I am looking for existing tools to automatically check board support by images and wrote my own ( https://github.com/wbonnet/sbit ) It is not checking everything :) but can be used to create hierarchical set of tests with ASCII output using simple script tests (bash or whatever). Since i would like not to "rediscover the wheel" i am asking about existing toolf this kind ;) this is likely to already exist with an extendable set (library) of tests. Thanks in advance I'll bee happy to share experience on this subject sine i start to write now board dedicated set of tests yo validate images i buils Kind regards William On 10/11/2020 11:07, Bernhard wrote: > Package: installation-reports > > Boot method: SD-Card > Image version: daily > Date: 2020-11-10 > > Machine: Banana Pi M2 Ultra > Processor: Allwinner R40 (ARMv7 Processor rev 5) > Memory: 2GB > Partitions: - > > Output of lspci -knn (or lspci -nn): - > > Base System Installation Checklist: > [O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it > > Initial boot: [O] > Detect network card:[E] > Configure network: [ ] > Detect media: [ ] > Load installer modules: [ ] > Detect hard drives: [ ] > Partition hard drives: [ ] > Install base system:[ ] > Clock/timezone setup: [ ] > User/password setup:[ ] > Install tasks: [ ] > Install boot loader:[ ] > Overall install:[ ] > > Comments/Problems: > > With the on-board LAN, there is no connection to my LAN is established. > With an attached USB-LAN interface, the connection to my LAN was successfully. > It seems, this is the same bug as described in my previous bug report #973369: > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973369 > > Hope, this bug will be fixed in Debian 11 :-) > > Best regards > Bernhard > -- William https://forum.armwizard.org
Bug#834129: pgadmin4 adopter wanted
Hi Christoph, First of all i do apologize for my late answer, something went wrong on my side with email delivery... :( > do you have experience with Debian packaging? You'll likely have to > work on packaging or updating Python module packages in Debian as well. Yes I do, I have often made packages either at office or as a hobby, i created a framework to automatically build Debian packages for kernel and uboot from upstream sources (https://github.com/wbonnet/dft). Since it's a different and long story i'll be happy to share and discuss about this, maybe in another email ;) I am not ( yet ;) ) a Debian maintainer, but i have been for several years a Solaris maintainer in OpenCSW and Blastwave for software like Firefox Thunder bird or Xfce, working with upstram communities and submitting portability patches to compile and work under solaris. Its a different platform and toolchain, but still a maintainer work. In short :) i know what i am doing by applying to maintain a PG tool package :) it is going to be a lot of work, and i have checked that enough free time time in the coming months to handle this. > Plus debugging the whole stack on older Debian/Ubuntu releases. I am running several builders and PG servers under different versions, i can easily adapt my infrastructure to test this and host different reference and test VMs. I was expecting to have this work to do and of course to with Ubuntu and Postgresql maintainers and community. I'll be really happy to collaborate with the other communities and share the effort. I propose to start on my side by upgrading your pckage to latest restarting from existing package definition and let you knwow and see how things are going. Let me know please what information you may need, and don't hesitate if you have advices on the steps to follow. I expect to start with upgrade and non regression tests. Kind regards, William PS: I'm sorry i hove to restart a new mail instead of a true reply, something went really bad on my email side :(
Bug#834129: pgadmin4 adopter wanted
Hi Christoph, Dropping this package is a question that really makes sens. If the decision is to keep it, and as a postgresql and pgadmin user i would like to volunteer to takeover. Il will certainly have many question,including about the takerover procedure since it is the first time i apply for this. > are prone to happen. I'm not extensively using the package myself, so > I'd be glad if someone else took over maintenance of it. > > Anyone interested? Otherwise I'd propose that we drop it. king regards, William
Bug#841528: ITA: sysbench -- Cross-platform and multi-threaded benchmark tool
Hi Is someone working on this package ? I am using it and interested in packaging it. If someone is working on it, please feel free to ask for some help. Cheers W. -- William BONNET CTO & Founder / The IT Makers william.bon...@theitmakers.com GSM +33 689 376 977 twitter @theitmakers
Bug#821436: libtasn1-6: missing build-dep dblatex
Hello > The error message is red herring, the build will fail on up-to-date sid > no matter whether dblatex is installed. The issue is in gtk-doc-tools, > reassiging. I experienced several weird compilation issues when rebuilding packages from sid on ppc64 arch. This bug was one of them (mostly issues when building packages with -j4 flag and reusing an environnement for several builds). This issue no longer happen with package currently in sid and a fresh environnement. Thus i propose to close this bug. No need to keep it open since i can now build. I will reopen it or recreate another if it happens again. Kind regards, -- William BONNET CTO & Founder / The IT Makers william.bon...@theitmakers.com GSM +33 689 376 977 twitter @theitmakers signature.asc Description: OpenPGP digital signature
Bug#821433: libgcrypt20: missing build-dep transfig
Hello, There was nothing special with my setup. Unless i build for PPC64, and the same environnement was used to build several packages (not at the same time). I have experienced some weird behavior when generating with the -j4 flag. Not only for this package. I tried to rebuild it into a fresh environnement and it worked with both -j1 and -j4 problem. I don't know where was the origin of the problem, but it was certainly coming from my environnement. Sorry for the noise :) On 23/04/2016 16:28, Andreas Metzler wrote: > Control: tags -1 unreproducible > > On 2016-04-18 Andreas Metzler <ametz...@bebt.de> wrote: >> On 2016-04-18 William Bonnet <wbon...@theitmakers.com> wrote: >>> Package: libgcrypt20 >>> Version: 1.6.5-2 >>> Severity: normal >>> transifg is missing fom the build dependencies for this package >>> I tried to build the libgcrypt20 inside a chroot created from buildd >>> targets (arch PPC64) with installing only fakeroot, devscripts and the >>> build-deps inside the chroot. >>> The package generation do not success unless installing also transfig >>> package >> Hello, >> transfig should not be necessary for a vanilla, unpatched build. Is >> there something special with your setup? e.g. the Debian autobuilder had >> no transfig installed and still succeeded. See >> https://buildd.debian.org/status/package.php?p=libgcrypt20=unstable >> (That is 1.7.0, but there should not be a difference.) > I have just retried on current sid (1.7.0-3) without transfig and still > did not see the error. > > cu Andreas > -- William BONNET CTO & Founder / The IT Makers william.bon...@theitmakers.com GSM +33 689 376 977 twitter @theitmakers signature.asc Description: OpenPGP digital signature
Bug#821447: libestr0: autoreconf has to be launched during build
Package: libestr0 Version: 0.1.10-1 Severity: normal Hi I recently had some issues when rebuilding your libestr0 packages on PPC64/sid. The file aclocal.m4 has been included in the source archive, and contains hardcoded version of aclocal. IIt seems to me that this file should not have been included, but generated locally with autoreconf. Otherwise, since it does exeists, it is not regenerated, nor the configure and Makefile files. Which leads to a debuild failure. A simple solution would be to run autoreconf during build, using dh features in debian/rules: dh $@ --with autoreconf Thanks for fixing it. Kind regards, William
Bug#821436: libtasn1-6: missing build-dep dblatex
Package: libtasn1-6 Version: 4.7-3 Severity: normal dblatex is missing fom the build dependencies for this package I tried to build the libtasn1-6 inside a chroot created from buildd targets (arch PPC64) with installing only fakeroot, devscripts and the build-deps inside the chroot. The package generation do not success unless installing also dblatex package Thanks for adding it Kind regards William
Bug#821433: libgcrypt20: missing build-dep transfig
Package: libgcrypt20 Version: 1.6.5-2 Severity: normal transifg is missing fom the build dependencies for this package I tried to build the libgcrypt20 inside a chroot created from buildd targets (arch PPC64) with installing only fakeroot, devscripts and the build-deps inside the chroot. The package generation do not success unless installing also transfig package Thanks for adding it Kind regards William
Bug#772047: RFH: pgpool2 -- connection pool server and replication proxy for PostgreSQL
Hi Christoph, Thanks for your answer. Is there some urgent things to do ? Any advice about what I should start with ? Maybe we can talk about this on IRC ? my Nick is _william_ on irc.debian.org (also on freenode). Cheers, W. -- William BONNET CTO & Founder / The IT Makers william.bon...@theitmakers.com GSM +33 689 376 977 twitter @theitmakers signature.asc Description: OpenPGP digital signature
Bug#811377: sysvinit maintenance
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, I am looking for a way to contribute more to Debian, getting involved in packages. As Simon I cannot guarantee to be full time, but I would really like to start helping on more technical stuff. Maybe Simon and I could start to help you Ben ? Kind Regards, - -- William BONNET CTO & Founder / The IT Makers william.bon...@theitmakers.com GSM +33 689 376 977 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJWxd5BAAoJEI6s8LklpZ1IOBQH/A6gSkBcE2CTSbJfh5L9cGUx +BSWWPiH5cttS9WPwCIUfdIYo9fP7b/XoL2oQRHWG5FHN/3pEEsHoCKZjm7QGZS8 H636WvMlw4JJSZblYwXGg13ijAGhWqM+NsJI7R2pxL/R+Ba/teNyyJvmHokEtL5f 2DaeFY+AICkZOpAR/NWWauwUtKkGxuoJMopLLff+YMHSc/FYX3+f9sWC+7c4BjWc kKsoLboldHY10wNjlmctRYFJN9VFTnSMi51+fxR9pIYl84gAw58M1qELAhYnRcff Srid9U6PnUmlcSd4ZHFRCZY756kZJR/GAFbodr7K89uTIFDXBiK7ahKPRGvWkSE= =x/vN -END PGP SIGNATURE-
Bug#784191: RFA: pgfouine - PostgreSQL log analyzer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi Luis, I am really interested in helping for this package. I am a PG user and i use pgfouine or pgbadger from time to time. Are you still looking for help ? Kind regards, - -- William BONNET CTO & Founder / The IT Makers william.bon...@theitmakers.com GSM +33 689 376 977 twitter @theitmakers -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJWxeuUAAoJEI6s8LklpZ1INgAIALlSEfCj9AH2O2MSVOh7qqLS //KUQPpjFpoGtoCPFdW+siV4hpNlkIo9jz/IoYxcGQ4nlAXvB5it+tKoekfuzotS czBItKaK4TjOftR56PPs3VkAkISO5QFdpQyP/LXd/uOilSdeO4uyQs8MyIp4KKeH SQlDCxtQS1jyAS9rIeasmSJriWU36SHTxyqHkI41wv2PA0tgohwW2Li1cusgnooc WdKwHeNAP6QqCrkjUbWz1++Uq6oXuZvdPtWe5+vGFVYrCSsqfrTnct39jBfhq9PG A9Io77Vzk7EbtyctZNwLu6alAnSOr3LUdaQDczHCg88/tnnwjtaOOhS06bxQMGk= =2Sxn -END PGP SIGNATURE-
Bug#772047: RFH: pgpool2 -- connection pool server and replication proxy for PostgreSQL
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi Christoph, I am really interested in helping for this package. I am a PG user and i use pgpool2 from time to time. Are you still looking for help ? Kind regards - -- William BONNET CTO & Founder / The IT Makers william.bon...@theitmakers.com GSM +33 689 376 977 twitter @theitmakers -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJWxeumAAoJEI6s8LklpZ1ICiQH/ioTnfmBbeK9z7cIIdR5Fnq7 1Ja8bmrtKA0lc19Gv24JOlfLxORLfefMS1h7ynX5ckmhVVmqkqrYP8qYtnGZ7GHp Ofh+6DWTWmKOnmw/bsgUzH5fQkTy3eAJzw+Qdl6eRdiUY2CVCMqtiwfgHxG2HYto YvSFGr2+AsqI5lz+5bhuguho/qN/c661oxDp/Dq9P+C3/qi9D93rFpP7GNysOKNE VvXPFwGvzY7vDT7vRAwpWkjZfvYED7OBP2lNb96LAx1pOzYZbKHko22aUfmsFRcu jVYGLzG3PddygCtO0JF5J+efEtq+7Qvi3fcPj3xS6QmfU7IqniIRpg2wYWc/q18= =rlLc -END PGP SIGNATURE-
Bug#811411: O: adduser -- add and remove users and groups
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, I am also interested in helping you to maintain these two packages. I am looking for an opportunity to get involved in more technical stuff within the community. So maybe Gage and I could help you ? Kind regards, - -- William BONNET CTO & Founder / The IT Makers william.bon...@theitmakers.com GSM +33 689 376 977 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJWxd8lAAoJEI6s8LklpZ1IEiwH/2oPmZtaS8xQTtvKO7UNIdMa KNjC0a9KJyD025vTPRoFpTvMkAAtBlSdNPvwEZroCD7P3kfazHR7X7e900muvJ26 sJQJT3HTadkoJrufhFmv7Iyl3fTtNLRKRtygM6fW+vAd6qhOraMxorejAzEhRbH1 j6uncP16inqOaW0Wp9SMzJBDc2UyByKMp5NeIbermj/1bepjuykrHVVxIDuL9hP0 0cz0Xn2mLLbmc/NUjZzf4T5m7T84WlS1vEUWJuHNGQg3I4y/t4l/yUW8LW4unK5G 7WhJ0GHlri9lgzigunoRlodVxf6IpCDXqouXwi0CBXJlOOFrnKmY+SQ2aKKT0yE= =HKQw -END PGP SIGNATURE-
Bug#540583: apachetop: ITA -> O
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, I am really interested in helping for this package. I am an Apache user and i use apachetop from time to time. Are you still looking for help ? Kind regards - -- William BONNET CTO & Founder / The IT Makers william.bon...@theitmakers.com GSM +33 689 376 977 twitter @theitmakers -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJWxeteAAoJEI6s8LklpZ1Ixl4H/2u/57X7gI8gAKRLGYJ8l5hO wSH/NNHwxxzJLrT6VzwOXJ2YMtRutlDEoCAy6mQ86tKYLm2Sg9MbMZ+jlGZTJQNa YGWOd86h8DyJ5LgDKHTSlOo34oMfRZXtAGVGBjIAVNCDTUDgsLQAK1CGQcEB7LRo gRef+TYs73ssRltTG9hY5cA6aOjbGxjHrLahHKxEFuOXT/ZlxS+FdtPgS5T2lpqm CqIpAAs7FysPg8gX+HCPCc3CN6bK0Oa91EgKhMnaN0koBs+UY7GcTolM2x5wUMQg cGVHxElDz9WNzAmHcRRi5mzGo/TsJIKGJXODbQHT7Yh0Wu1mdbsgaUijjO8gOnM= =vKwG -END PGP SIGNATURE-
Bug#332498: RFH: openssl -- Secure Socket Layer (SSL) binary and related cryptographic tools
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi Kurt I am really interested in helping on this package. Do you still need some help ? If yes please let me know. It is about one year without comments on this bug. Maybe you have found some people ? But it is still open :) You can get in touch with me either through the BT, or directly by email or irc _william_. So we can define how to help Thanks in advance Kind regards, - -- William BONNET CTO & Founder / The IT Makers william.bon...@theitmakers.com GSM +33 689 376 977 twitter @theitmakers -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJWxeD/AAoJEI6s8LklpZ1Id8MH/1si+BZMZObpvVquR28nqwme G5ZuT2lUdQ0vddfaaYcpPh4/A9NBbQi1s5odSKncH1rbPT5NhOJG09TV/CHWKF+C lsd2mSuZam1vgEq/NFBaPpgjFIPMK7dIoVKwnJ6AmEajUh1mCansUDoDszW8Fc6h LawF+L6gGUpJsTdRzRsTnHkWXfURVQoIJ/subHn67MdLy5vljW5YsQHt+1R3W021 dSXnsh/fgI29CFmp7osN5pWBFRidIipXukY+SL6UsgoGX7qL9haJtolyP5UzdVzh 6UpaQSb6LLmrQdsGnmgfUV60qhXD3hhHQjwvfeSJBoJzWNtF4LZ/aO1DltSvcyM= =H/HS -END PGP SIGNATURE-
Bug#704330: twitter-bootstrap: changing from ITA to O
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, I am really interested in helping for this package. Espcially since i am a bootstrap user. Are you still looking for help ? Kind regards - -- William BONNET CTO & Founder / The IT Makers william.bon...@theitmakers.com GSM +33 689 376 977 twitter @theitmakers -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJWxetKAAoJEI6s8LklpZ1IOfMIAJS8UBepstHeIiMkJ7ZBNFnp FOdGzMMqSp/pMDp2xjagAxR+CNKht2fN+kFXIvG7SxKTXCFCgnb0zBV/Dvfo74/W V859O83oFBQNhW/to6wVDFdpNhfCgK45wp++n8JubsCmwV95xukdflfuyi1zVOwe xAsP6UUBRfQW3JZJA5EITbz/8bfSo2VYwqm2Dj7vEcM70RC3/6/d4ZE4Tq42vur7 UfxKFcwC/aobBpgrNDF9Gbv3lc69eJSykVAIunuPZti5Gj6jFKGrI2k7SgHJ9SKT POJeoQMv9+HNWYS7SOrVf5wbk1wK6+tIKTDrAnvcvyTbn+Pbey1jQVe/1MH0h9o= =DCjY -END PGP SIGNATURE-
Bug#772903: O: wtop -- Like top for Apache web servers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi Mauro, I am really interested in helping for this package. I am an Apache user and i use wtop from time to time. Are you still looking for help ? Kind regards - -- William BONNET CTO & Founder / The IT Makers william.bon...@theitmakers.com GSM +33 689 376 977 twitter @theitmakers -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJWxeuEAAoJEI6s8LklpZ1I5AEH/24iqgiardsatH917zC3eOQg we2rewctM0WxG9sx/fGIDcuVI+BQmCzqVYeg+lai0GCHspQftIHMFr0H+FLJNCdM 1P/1s+LvbFaxslkR/KeS22ndr5ZqezHQDY6pR78eypyikqZiiYFlw0D3itNbiPTT NCRIICFH0HnoE9e+hChpB9UvK4viGid8vEufwmnfjU+ddy7+ZePpNsIMYYn7/Hm6 a5e+kh2oYUr51vrrV3fjARblvHk1zaL2hrjMsM+nZ8cGHvnpSZ24ovPDEYgwqdP/ 6camwQykdrLuUynQKIoTnpcZXQRJ5Rol2vQx+uT4fjX35yywEsYcjyi+uyc8t7k= =XJRP -END PGP SIGNATURE-
Bug#757770: RFH: pgadmin3 -- graphical administration tool for PostgreSQL
Hi, I would like to propose to help on this package. I am a pgadmin3 user and have the skills to patch the upstream code if needed. Please let me know if you are still looking for help Kind regards -- William BONNET CTO & Founder / The IT Makers william.bon...@theitmakers.com GSM +33 689 376 977 twitter @theitmakers
Bug#768681: nodejs: FTBFS in jessie: tests failures
Hi,
I would like to submit a patch to openssl in order to fix this issue. This
patch is fixing a missing error code in the EVP_DecryptFinal_ex function
which cause the failure of the NodeJS unit test.
During the latest Debian Bug Squashing Party i was working on NodeJS
packaging with Jean Baptiste Favre and trying to fix some issues. We noticed
a unit test failure (on NodeJS side) because of an unexpected openssl return
value.
Unit test is simple/test-crypto-stream, and is based on aes-128-cbc
encryption and decryption with two different keys. This test should fail
with the error code :
[TypeError: error:06065064:digital envelope
routines:EVP_DecryptFinal_ex:bad decrypt]
But the latest stable version of openssl returns
[TypeError: error::lib(0):func(0):reason(0)]
This seems to come from some modification made in the
EVP_DecryptFinal_ex function in the last version bump. When returning
padding_good,
the EVPerr is not called before returning zero, leading to an undefined error
code.
Here attached is a patch fixing this.
I hope this will help, don't hesitate to ask me for more information.
Please, as it is my first submission let me know if some is wrong in the way to
do it
Kind regards,
--
William http://www.wbonnet.net
http://france.debian.netAssociation Debian France
http://www.opencsw.org Community SoftWare for Solaris
diff -Nru openssl-1.0.1j/debian/changelog openssl-1.0.1j/debian/changelog
--- openssl-1.0.1j/debian/changelog 2014-10-15 19:42:52.0 +0200
+++ openssl-1.0.1j/debian/changelog 2014-11-16 13:49:49.0 +0100
@@ -1,3 +1,11 @@
+openssl (1.0.1j-2) UNRELEASED; urgency=medium
+
+ * Non-maintainer upload
+- Fix for missing Bad Decrypt error code in EVP_DecryptFinal_ex when padding is not good
+ (Closes #768681)
+
+ -- William Bonnet wllmb...@gmail.com Sun, 16 Nov 2014 13:46:13 +0100
+
openssl (1.0.1j-1) unstable; urgency=high
* New upstream release
diff -Nru openssl-1.0.1j/debian/patches/EVP_DecryptFinal_ex_missing_EVPerr_call.patch openssl-1.0.1j/debian/patches/EVP_DecryptFinal_ex_missing_EVPerr_call.patch
--- openssl-1.0.1j/debian/patches/EVP_DecryptFinal_ex_missing_EVPerr_call.patch 1970-01-01 01:00:00.0 +0100
+++ openssl-1.0.1j/debian/patches/EVP_DecryptFinal_ex_missing_EVPerr_call.patch 2014-11-16 13:55:32.0 +0100
@@ -0,0 +1,38 @@
+Description: Fix for missing Bad Decrypt error code in EVP_DecryptFinal_ex
+ EVP_DecryptFinal_ex function. When returning padding_good, the EVPerr is
+ not called before returning zero, leading to an undefined error code.
+ .
+ openssl (1.0.1j-2) UNRELEASED; urgency=medium
+ .
+ * Non-maintainer upload
+ - Fix for missing Bad Decrypt error code in EVP_DecryptFinal_ex when padding is not good
+ (Closes #768681)
+Author: William Bonnet wllmb...@gmail.com
+
+---
+The information above should follow the Patch Tagging Guidelines, please
+checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
+are templates for supplementary fields that you might want to add:
+
+Origin: other
+Bug-Debian: https://bugs.debian.org/768681
+
+--- openssl-1.0.1j.orig/crypto/evp/evp_enc.c
openssl-1.0.1j/crypto/evp/evp_enc.c
+@@ -555,6 +555,16 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *
+ out[i] = ctx-final[i] padding_good;
+ /* Safe cast: for a good padding, EVP_MAX_IV_LENGTH = b = pad */
+ *outl = padding_good ((unsigned char)(b - pad));
++
++ /*
++ * If the padding_good variable is 0 then a decryption problem occured
++ * and we have to call EVPerr before returning 0
++ */
++ if ((padding_good 1) == 0)
++ {
++EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
++ }
++
+ return padding_good 1;
+ }
+ else
diff -Nru openssl-1.0.1j/debian/patches/series openssl-1.0.1j/debian/patches/series
--- openssl-1.0.1j/debian/patches/series 2014-10-15 19:34:35.0 +0200
+++ openssl-1.0.1j/debian/patches/series 2014-11-16 13:53:21.0 +0100
@@ -22,3 +22,4 @@
openssl_fix_for_x32.patch
ppc64el.patch
+EVP_DecryptFinal_ex_missing_EVPerr_call.patch
signature.asc
Description: OpenPGP digital signature
Bug#768681: nodejs: FTBFS in jessie: tests failures
Hi Jérémy I'm pretty amazed the problem comes from openssl. So am i. But after analyzing the problem it really makes sense, let me try to be more clear. Did you check upstream openssl ? maybe it's a known bug, so the Origin field could link to it, ideally. I did checked upstream, and the problem exist in the current code. I also have submitted the same patch to the upstream project. After a quick analyze of the current code it seems to be a regression after commit 4aac102f75b517bdb56b1bcfd0a856052d559f6e in which the function EVP_DecryptFinal_ex has been partially rewritten to avoid timing leak attack. In the code of this function we can see that each time a 0 value is returned the EVPerr function is called to define the error code before returning 0. This happens in every case but one. The one failing for the given NodeJS unit test. In this case the value 0 is not explicitly given to the return call, but is computed with a mask on the padding_good variable. From my understanding this variable has value zero when padding is bad. This happen in case such as decryption with the wrong key (not the key for which the message has been encrypted), which is exactly the test case failing in NodeJS. NodeJs is expecting to have this test to fail, which is ok, but it is also checking for the failure reason. Since the EVPerr is not called before returning the computed zero value, openssl return an undefined failure reason. Making the nodejs unit test fail, and the package build fails also. If it is double-checked with upstream, then this bug report should be reassigned to openssl package. I'll do it as soon as upstream answer to my bug report. Kind regards, -- William http://www.wbonnet.net http://france.debian.netAssociation Debian France http://www.opencsw.org Community SoftWare for Solaris
Bug#768681: nodejs: FTBFS in jessie: tests failures
Hi Kurt I think not returning which error occurred is actually intentional, since you might leak that information and turn it into a padding oracle. But I'll check what the others thinks Thanks for the feedback. I have thought of the padding oracle attack, but since all others errors have a distinct return code, having no return code would be close to having the proper return code, since it can happen in only this case. Well at least that's my understanding, and since i'm not a crypto guy I'm really interested in the answer from the real experts :) Kind regards, -- William http://www.wbonnet.net http://france.debian.netAssociation Debian France http://www.opencsw.org Community SoftWare for Solaris -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
