Bug#1053483: hash-slinger: diff for NMU version 3.1-1.2

2023-10-05 Thread Antoine Beaupré 
On 2023-10-05 16:46:01, Ondřej Surý wrote:
> Go ahead and add yourself to maintainers and do a proper release if you care 
> about the packages. It would be appreciated 

Right now I'm about 4 yaks down in this stack, so adding myself to
maintainers is not part of my priorities right now.

As of all packages we use at torproject.org however, we will try to fix
issues like this when we find them. :) We can't, unfortunately, add
ourselves as maintainers for them any time we fix one of those issues.

Sorry!

A.

PS: should I understand I shouldn't delay the upload any further, otherwise?

-- 
If builders built houses the way programmers built programs,
The first woodpecker to come along would destroy civilization.
- Gerald Weinberg

Bug#1053483: hash-slinger: diff for NMU version 3.1-1.2

2023-10-05 Thread Ondřej Surý 
Go ahead and add yourself to maintainers and do a proper release if you care 
about the packages. It would be appreciated 
--
Ondřej Surý  (He/Him)

> On 5. 10. 2023, at 16:43, anar...@debian.org wrote:
> 
> Control: tags 1053483 + pending
> 
> Dear maintainer,
> 
> I've prepared an NMU for hash-slinger (versioned as 3.1-1.2) and
> uploaded it to DELAYED/10. Please feel free to tell me if I
> should delay it longer.
> 
> I didn't find a recent copy of the source code on Salsa as well,
> otherwise I would have submitted this as a MR there as well.
> 
> I also plan on issuing a stable release update for this once the NMU
> lands in testing. Let me know if I should delay this as well.
> 
> My work on this issue is tracked in this bug report and our internal
> tracker here as well:
> 
> https://gitlab.torproject.org/tpo/tpa/team/-/issues/41350
> 
> Regards.
> 
> 
> --
>

Bug#1053483: hash-slinger: diff for NMU version 3.1-1.2

2023-10-05 Thread anarcat 
Control: tags 1053483 + pending

Dear maintainer,

I've prepared an NMU for hash-slinger (versioned as 3.1-1.2) and
uploaded it to DELAYED/10. Please feel free to tell me if I
should delay it longer.

I didn't find a recent copy of the source code on Salsa as well,
otherwise I would have submitted this as a MR there as well.

I also plan on issuing a stable release update for this once the NMU
lands in testing. Let me know if I should delay this as well.

My work on this issue is tracked in this bug report and our internal
tracker here as well:

https://gitlab.torproject.org/tpo/tpa/team/-/issues/41350

Regards.


-- 
diff -Nru hash-slinger-3.1/debian/changelog hash-slinger-3.1/debian/changelog
--- hash-slinger-3.1/debian/changelog	2022-02-10 01:03:46.0 -0500
+++ hash-slinger-3.1/debian/changelog	2023-10-05 10:37:58.0 -0400
@@ -1,3 +1,10 @@
+hash-slinger (3.1-1.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Bug fix: "tlsa can produce invalid records" (Closes: #1053483)
+
+ -- Antoine Beaupré   Thu, 05 Oct 2023 10:37:58 -0400
+
 hash-slinger (3.1-1.1) unstable; urgency=low
 
   * Non-maintainer upload.
diff -Nru hash-slinger-3.1/debian/patches/0001-fix-generic-TLSA-record-generation.patch hash-slinger-3.1/debian/patches/0001-fix-generic-TLSA-record-generation.patch
--- hash-slinger-3.1/debian/patches/0001-fix-generic-TLSA-record-generation.patch	1969-12-31 19:00:00.0 -0500
+++ hash-slinger-3.1/debian/patches/0001-fix-generic-TLSA-record-generation.patch	2023-10-05 10:36:07.0 -0400
@@ -0,0 +1,34 @@
+From e3bec6e2a6b1bda7c52b4c585474fd7cc23ab643 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=A9r=C3=B4me=20Charaoui?= 
+Date: Wed, 4 Oct 2023 22:05:26 -0400
+Subject: [PATCH] fix generic TLSA record generation
+Applied-Upstream: https://github.com/letoams/hash-slinger/commit/0bb0dba91c51d367d9a37297f13e07f33c01bfdc
+
+It seems like the calculation for the TLSA record never really worked,
+as we're doing float division here on the `len()` field. In our case,
+that field returned `35.0` which is not valid in our environment.
+
+Doing an integer division gives the correct result in most cases, I
+believe.
+
+Closes: #45
+---
+ tlsa | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tlsa b/tlsa
+index cea7230..ec97150 100755
+--- a/tlsa
 b/tlsa
+@@ -513,7 +513,7 @@ class TLSARecord:
+ 	def getRecord(self, generic=False):
+ 		"""Returns the RR string of this TLSARecord, either in rfc (default) or generic format"""
+ 		if generic:
+-			return '%s IN TYPE52 \# %s %s%s%s%s' % (self.name, (len(self.cert)/2)+3 , self._toHex(self.usage), self._toHex(self.selector), self._toHex(self.mtype), self.cert)
++			return '%s IN TYPE52 \# %s %s%s%s%s' % (self.name, (len(self.cert)//2)+3 , self._toHex(self.usage), self._toHex(self.selector), self._toHex(self.mtype), self.cert)
+ 		return '%s IN TLSA %s %s %s %s' % (self.name, self.usage, self.selector, self.mtype, self.cert)
+ 
+ 	def _toHex(self, val):
+-- 
+2.39.2
+
diff -Nru hash-slinger-3.1/debian/patches/series hash-slinger-3.1/debian/patches/series
--- hash-slinger-3.1/debian/patches/series	2021-02-14 11:40:02.0 -0500
+++ hash-slinger-3.1/debian/patches/series	2023-10-05 10:36:07.0 -0400
@@ -1 +1,2 @@
 0001-Debian-default-root.key-resides-in-usr-share-dns-roo.patch
+0001-fix-generic-TLSA-record-generation.patch


signature.asc
Description: PGP signature