Bug#881974: [dehydrated] Old LICENSE specification prevents letsencrypt account creation
On Sat, Nov 18, 2017 at 04:25:38PM +0100, Jan Wagner wrote: > > I'll see about getting > > https://anonscm.debian.org/git/letsencrypt/dehydrated.git/commit/?h=debian/stretch=5ae0ba0674a4913bcd27e16d02bacf486e570c83 > > in the next point release. > > I think this is NOT the best idea, cause this will just only help until > the next LICENSE is published and this has to be fixed again. That's right. But I fear for stretch (and jessie-backports) we will have to live with having to update the agreements URL whenever LE decides to update them (till now it seemed to be ~yearly, so it's not really a problem). > > AFAIK 0.4.0 is not affected because it downloads the last agreements at > > registration time, and therefore doesn't hardcode this URL. > > No, it's fixed there. How is this different from what I wrote? > The issue for this is > https://github.com/lukas2511/dehydrated/issues/346 and it was fixed in > https://github.com/lukas2511/dehydrated/commit/6a32f20e004b9d835cd02de9d78300be02784cf1. Yes, but it's something too big for my testes, and it also includes a behavioural change which is not acceptable for a stable update. stretch-backports contains 0.4.0 which of course contains the commit you linked. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. more about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#881974: [Letsencrypt-devel] Bug#881974: [dehydrated] Old LICENSE specification prevents letsencrypt account creation
Hi Mattia, thanks for caring! Am 18.11.17 um 14:04 schrieb Mattia Rizzolo: >>> I guess, that it would be sufficient (and proper) to update the default >>> value for LICENCE in /usr/bin/dehydrated. >> >> a fix for this was implemented with >> https://gist.github.com/waja/8df78afb09691e4f383d818685f48885/revisions#diff-e259eb2e20fc5f6c60769b3f2919953a >> and is included in version 0.4.0 > > Not sure how anything in that gist is related to this issue, tbh. Oh sorry .. that was an copy'n'paste error from my side. >> Indeed, I would welcome to get backported this to stable, as is some >> kind of regression. > > I'll see about getting > https://anonscm.debian.org/git/letsencrypt/dehydrated.git/commit/?h=debian/stretch=5ae0ba0674a4913bcd27e16d02bacf486e570c83 > in the next point release. I think this is NOT the best idea, cause this will just only help until the next LICENSE is published and this has to be fixed again. > AFAIK 0.4.0 is not affected because it downloads the last agreements at > registration time, and therefore doesn't hardcode this URL. No, it's fixed there. The issue for this is https://github.com/lukas2511/dehydrated/issues/346 and it was fixed in https://github.com/lukas2511/dehydrated/commit/6a32f20e004b9d835cd02de9d78300be02784cf1. Best wishes, Jan. -- Never write mail to, you have been warned! -BEGIN GEEK CODE BLOCK- Version: 3.12 GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y --END GEEK CODE BLOCK-- signature.asc Description: OpenPGP digital signature
Bug#881974: [Letsencrypt-devel] Bug#881974: [dehydrated] Old LICENSE specification prevents letsencrypt account creation
Control: severity -1 important Control: fixed -1 0.4.0-1 On Fri, Nov 17, 2017 at 09:24:45AM +0100, Jan Wagner wrote: > Am 17.11.17 um 04:10 schrieb Lars Kruse: > > I was able to work around this by adding the following line to > > /etc/dehydrated/config: > > > > > > LICENSE="https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf; > > > > I guess, that it would be sufficient (and proper) to update the default > > value for LICENCE in /usr/bin/dehydrated. > > a fix for this was implemented with > https://gist.github.com/waja/8df78afb09691e4f383d818685f48885/revisions#diff-e259eb2e20fc5f6c60769b3f2919953a > and is included in version 0.4.0 Not sure how anything in that gist is related to this issue, tbh. > Indeed, I would welcome to get backported this to stable, as is some > kind of regression. I'll see about getting https://anonscm.debian.org/git/letsencrypt/dehydrated.git/commit/?h=debian/stretch=5ae0ba0674a4913bcd27e16d02bacf486e570c83 in the next point release. AFAIK 0.4.0 is not affected because it downloads the last agreements at registration time, and therefore doesn't hardcode this URL. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. more about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#881974: [dehydrated] Old LICENSE specification prevents letsencrypt account creation
Hi Lars, Am 17.11.17 um 04:10 schrieb Lars Kruse: > I was able to work around this by adding the following line to > /etc/dehydrated/config: > > LICENSE="https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf; > > I guess, that it would be sufficient (and proper) to update the default > value for LICENCE in /usr/bin/dehydrated. a fix for this was implemented with https://gist.github.com/waja/8df78afb09691e4f383d818685f48885/revisions#diff-e259eb2e20fc5f6c60769b3f2919953a and is included in version 0.4.0 Indeed, I would welcome to get backported this to stable, as is some kind of regression. Thanks, Jan. -- Never write mail to, you have been warned! -BEGIN GEEK CODE BLOCK- Version: 3.12 GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y --END GEEK CODE BLOCK-- signature.asc Description: OpenPGP digital signature
Bug#881974: [dehydrated] Old LICENSE specification prevents letsencrypt account creation
Package: dehydrated Version: 0.3.1-3 Severity: normal --- Please enter the report below this line. --- Hello, after installing dehydrated, I failed to generate an account for letsencrypt, since the current package contains a reference to a usage agreement (LICENCE), that was updated two days ago (thus it is outdated). (see the output below) I was able to work around this by adding the following line to /etc/dehydrated/config: LICENSE="https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf; I guess, that it would be sufficient (and proper) to update the default value for LICENCE in /usr/bin/dehydrated. Cheers, Lars # dehydrated --cron # INFO: Using main config file /etc/dehydrated/config # INFO: Using additional config file /etc/dehydrated/conf.d/local-hook.sh + Generating account key... + Registering account key with ACME server... + ERROR: An error occurred while sending post-request to https://acme-v01.api.letsencrypt.org/acme/new-reg (Status 400) Details: { "type": "urn:acme:error:malformed", "detail": "Provided agreement URL [https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf] does not match current agreement URL [https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf];, "status": 400 } Error registering account key. See message above for more information.