diff options
author | Petter Reinholdtsen <pere@debian.org> | 2016-12-19 13:13:41 +0000 |
---|---|---|
committer | Unit 193 <unit193@ubuntu.com> | 2019-12-05 16:35:27 -0500 |
commit | 116097cef16b8126d23d52c04be3501043de926d (patch) | |
tree | 26e25a9e57937e30fb43927d3984c84a1251900a | |
parent | 9af308140d75c08c5c9b8842484f2d7c745fe4bf (diff) | |
download | listadmin-116097cef16b8126d23d52c04be3501043de926d.tar.bz2 listadmin-116097cef16b8126d23d52c04be3501043de926d.tar.xz listadmin-116097cef16b8126d23d52c04be3501043de926d.tar.zst |
Import Debian changes 2.40-5.1debian/2.40-5.1
listadmin (2.40-5.1) unstable; urgency=low
* Non-maintainer upload with maintainer approval.
* Refreshed patches to avoid fuzzy application.
* Added selective-cert-checking.patch for more flexible SSL
certificate handling (Closes: #707787). Patch from Marius Halden.
-rw-r--r-- | debian/changelog | 9 | ||||
-rw-r--r-- | debian/patches/dont-write-logfile.patch | 8 | ||||
-rw-r--r-- | debian/patches/listadmin-discard.patch | 20 | ||||
-rw-r--r-- | debian/patches/listadmin-translation.patch | 12 | ||||
-rw-r--r-- | debian/patches/listadmin.patch | 10 | ||||
-rw-r--r-- | debian/patches/selective-cert-checking.patch | 125 | ||||
-rw-r--r-- | debian/patches/series | 1 |
7 files changed, 162 insertions, 23 deletions
diff --git a/debian/changelog b/debian/changelog index d5fff91..d843ba5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +listadmin (2.40-5.1) unstable; urgency=low + + * Non-maintainer upload with maintainer approval. + * Refreshed patches to avoid fuzzy application. + * Added selective-cert-checking.patch for more flexible SSL + certificate handling (Closes: #707787). Patch from Marius Halden. + + -- Petter Reinholdtsen <pere@debian.org> Mon, 19 Dec 2016 13:13:41 +0000 + listadmin (2.40-5) unstable; urgency=medium * debian/control updated Standards-Version, no change needed diff --git a/debian/patches/dont-write-logfile.patch b/debian/patches/dont-write-logfile.patch index adca435..6680728 100644 --- a/debian/patches/dont-write-logfile.patch +++ b/debian/patches/dont-write-logfile.patch @@ -4,11 +4,11 @@ Bug-Debian: https://bugs.debian.org/461210 Do not try to write bogus log file is none is defined -Index: listadmin-2.40/listadmin.pl +Index: listadmin/listadmin.pl =================================================================== ---- listadmin-2.40.orig/listadmin.pl 2010-03-25 22:32:48.000000000 +0100 -+++ listadmin-2.40/listadmin.pl 2010-03-25 22:32:52.000000000 +0100 -@@ -1635,8 +1635,8 @@ +--- listadmin.orig/listadmin.pl 2016-12-19 13:12:47.903719450 +0000 ++++ listadmin/listadmin.pl 2016-12-19 13:13:10.000000000 +0000 +@@ -1345,8 +1345,8 @@ my $params = mailman_params ($user, $pw); my $log = log_timestamp ($list); diff --git a/debian/patches/listadmin-discard.patch b/debian/patches/listadmin-discard.patch index b32738f..3287b89 100644 --- a/debian/patches/listadmin-discard.patch +++ b/debian/patches/listadmin-discard.patch @@ -4,11 +4,11 @@ Bug-Debian: https://bugs.debian.org/530385 add support for discarding subscription requests -diff --git a/listadmin.pl b/listadmin.pl -index 42b365c..71c7a08 100755 ---- a/listadmin.pl -+++ b/listadmin.pl -@@ -254,7 +254,7 @@ sub process_subscriptions { +Index: listadmin/listadmin.pl +=================================================================== +--- listadmin.orig/listadmin.pl 2016-12-19 13:12:47.883718771 +0000 ++++ listadmin/listadmin.pl 2016-12-19 13:13:11.000000000 +0000 +@@ -254,7 +254,7 @@ } my $count = keys (%subscribers); my $def = $config->{"subdefault"}; @@ -17,7 +17,7 @@ index 42b365c..71c7a08 100755 $prompt .= " [" . uc($def) . "]" if $def; $prompt .= " ? "; -@@ -281,6 +281,9 @@ sub process_subscriptions { +@@ -281,6 +281,9 @@ } elsif ($ans eq "a") { $change->{$id} = [ "sa" ]; last; @@ -27,7 +27,7 @@ index 42b365c..71c7a08 100755 } elsif ($ans eq "r") { my $r = prompt ("Why do you reject? [optional] "); unless (defined $r) { -@@ -295,6 +298,7 @@ and pressing Return. +@@ -295,6 +298,7 @@ a Accept -- allow the user to join the mailing list r Reject -- notify sender that the request was turned down @@ -35,7 +35,7 @@ index 42b365c..71c7a08 100755 s Skip -- do not decide now, leave it for later q Quit -- go on to approving messages -@@ -1377,6 +1381,7 @@ sub set_param_values { +@@ -1082,6 +1086,7 @@ "d" => 3, "sa" => 4, # subscribe approve "sr" => 2, # subscribe reject @@ -43,7 +43,7 @@ index 42b365c..71c7a08 100755 }; } else { $data->{"global"}{"actions"} = { "a" => 0, -@@ -1411,7 +1416,7 @@ sub read_config { +@@ -1116,7 +1121,7 @@ my %act = ("approve" => "a", "discard" => "d", "reject" => "r", "skip" => "s", "none" => ""); @@ -52,7 +52,7 @@ index 42b365c..71c7a08 100755 "reject" => "r", "skip" => "s", "none" => ""); return undef unless open (CONF, $file); -@@ -1641,7 +1646,7 @@ sub commit_changes { +@@ -1346,7 +1351,7 @@ for my $id (sort { $a <=> $b } keys %{$change}) { my ($what, $text) = @{$change->{$id}}; $params->{$id} = $action->{$what}; diff --git a/debian/patches/listadmin-translation.patch b/debian/patches/listadmin-translation.patch index 6e71990..e47e49a 100644 --- a/debian/patches/listadmin-translation.patch +++ b/debian/patches/listadmin-translation.patch @@ -1,8 +1,10 @@ added translation ---- listadmin-2.40.orig/listadmin.pl -+++ listadmin-2.40/listadmin.pl -@@ -829,42 +841,325 @@ +Index: listadmin/listadmin.pl +=================================================================== +--- listadmin.orig/listadmin.pl 2016-12-19 13:12:47.919719992 +0000 ++++ listadmin/listadmin.pl 2016-12-19 13:13:09.000000000 +0000 +@@ -833,42 +833,325 @@ # # Please send additions if you have them. @@ -58,7 +60,7 @@ + "vi" => "Xác th.*c", + "zh_CN" => "Authentication", + "zh_TW" => "論壇 壇主驗證", -+ }, + }, + # grep -r -A 1 'msgid "Subscription Requests"' messages/* + "subscriptions" => + { @@ -101,7 +103,7 @@ + "vi" => "Y.*u c.*u .*ng k.*", + "zh_CN" => "订阅请求", + "zh_TW" => "訂閱申請", - }, ++ }, + # grep -r -A 1 'msgid "Successfully \(subscribed\|Unsubscribed\|Removed\):"' messages/* "subscr_success" => { diff --git a/debian/patches/listadmin.patch b/debian/patches/listadmin.patch index 3c06bd5..a603163 100644 --- a/debian/patches/listadmin.patch +++ b/debian/patches/listadmin.patch @@ -1,8 +1,10 @@ ---- listadmin-2.40.orig/listadmin.pl -+++ listadmin-2.40/listadmin.pl -@@ -718,7 +718,7 @@ +Index: listadmin/listadmin.pl +=================================================================== +--- listadmin.orig/listadmin.pl 2016-12-19 13:12:47.931720400 +0000 ++++ listadmin/listadmin.pl 2016-12-19 13:13:08.000000000 +0000 +@@ -722,7 +722,7 @@ } my $data; @@ -11,7 +13,7 @@ my $parse_appr = HTML::TokeParser->new(\$page_appr) || die; $data = parse_pages_mm_2_1($mmver, $config, $parse, $parse_appr); } else { -@@ -764,14 +764,26 @@ +@@ -768,14 +768,26 @@ my %data = (); my $headline; diff --git a/debian/patches/selective-cert-checking.patch b/debian/patches/selective-cert-checking.patch new file mode 100644 index 0000000..446329e --- /dev/null +++ b/debian/patches/selective-cert-checking.patch @@ -0,0 +1,125 @@ +Description: Make SSL certificate checking optional and configurable + The attached patch adds support for the cafile and verify_peer options + in the configuration file. These lets you set CA-certificate and/or + disable certificate verification per list. +Author: Marius Halden <marius.h@lden.org> +Bug-Debian: https://bugs.debian.org/707787 +Forwarded: no +Reviewed-By: Petter Reinholdtsen <pere@hungry.com> +Last-Update: 2016-12-19 + +Index: listadmin/listadmin.man +=================================================================== +--- listadmin.orig/listadmin.man 2016-12-19 13:12:47.947720942 +0000 ++++ listadmin/listadmin.man 2016-12-19 13:12:47.947720942 +0000 +@@ -173,6 +173,13 @@ + to avoid clearing the list of meta members when manipulating the list + of ordinary members. \fINote: Requires additional Perl module + WWW::Mechanize\fP ++.IP "cafile \fI/path/to/CAcertificate\fP" ++Specify which CA certificate to use for all lists following. Setting ++cafile to NONE will use the default cafile. ++.IP "verify_peer \fIyes|no\fP" ++If set to no SSL certificate verification will be disabled for all lists ++following. ++ + + \" "dumpdir" is for developer use, so it isn't documented. + +Index: listadmin/listadmin.pl +=================================================================== +--- listadmin.orig/listadmin.pl 2016-12-19 13:12:47.947720942 +0000 ++++ listadmin/listadmin.pl 2016-12-19 13:12:47.947720942 +0000 +@@ -25,6 +25,7 @@ + use Encode; # appeared in perl 5.7.1 + use strict; + use English; ++use IO::Socket::SSL; + + my $rc = $ENV{"HOME"}."/.listadmin.ini"; + +@@ -93,6 +94,9 @@ + my $term; + my $term_encoding = langinfo(CODESET()); + ++my $default_ssl_cafile = $ua->ssl_opts("SSL_ca_file"); ++my $default_ssl_verify = IO::Socket::SSL::SSL_VERIFY_PEER; # This is the default for clients ++ + # the C and POSIX locale in Solaris uses the charset "646", but Perl + # doesn't support it. + $term_encoding = "ascii" if $term_encoding eq "646"; +@@ -131,10 +135,18 @@ + + my $subscribe_result; + if (@opt_add_member) { ++ $ua->ssl_opts("SSL_ca_file" => $config->{$list}->{"cafile"}); ++ $ua->ssl_opts("verify_hostname" => $config->{$list}->{"verify_hostname"}); ++ $ua->ssl_opts("SSL_verify_mode" => $config->{$list}->{"verify_peer"}); ++ + $subscribe_result = add_subscribers($list, $config->{$list}, $opt_mail, + @opt_add_member); + } + if (@opt_remove_member) { ++ $ua->ssl_opts("SSL_ca_file" => $config->{$list}->{"cafile"}); ++ $ua->ssl_opts("verify_hostname" => $config->{$list}->{"verify_hostname"}); ++ $ua->ssl_opts("SSL_verify_mode" => $config->{$list}->{"verify_peer"}); ++ + $subscribe_result = remove_subscribers($list, $config->{$list}, + @opt_remove_member); + } +@@ -150,6 +162,10 @@ + } + } + if (defined $opt_l) { ++ $ua->ssl_opts("SSL_ca_file" => $config->{$list}->{"cafile"}); ++ $ua->ssl_opts("verify_hostname" => $config->{$list}->{"verify_hostname"}); ++ $ua->ssl_opts("SSL_verify_mode" => $config->{$list}->{"verify_peer"}); ++ + my @subscribers = list_subscribers($list, $config->{$list}); + print join("\n", @subscribers, ""); + exit(@subscribers == 0); +@@ -163,6 +179,10 @@ + my $user = $config->{$list}{"user"}; + my $pw = $config->{$list}{"password"} || ""; + ++ $ua->ssl_opts("SSL_ca_file" => $config->{$list}->{"cafile"}); ++ $ua->ssl_opts("verify_hostname" => $config->{$list}->{"verify_hostname"}); ++ $ua->ssl_opts("SSL_verify_mode" => $config->{$list}->{"verify_peer"}); ++ + if (time > $time_limit) { + print "Time's up, skipping the remaining lists\n"; + last; +@@ -1408,6 +1428,9 @@ + $cur{user} = $cur{password} = $cur{action} = $cur{default} = ""; + $cur{confirm} = 1; + $cur{unprintable} = "questionmark"; ++ $cur{cafile} = $default_ssl_cafile; ++ $cur{verify_peer} = $default_ssl_verify; ++ $cur{verify_hostname} = 1; + + my $conf = {}; + my $line = ""; +@@ -1519,6 +1542,23 @@ + "unprintable characters: '$cur{unprintable}'\n"; + exit 1; + } ++ } elsif ($line =~ /^cafile\s+/i) { ++ $cur{cafile} = unquote($POSTMATCH); ++ $cur{cafile} = $default_ssl_cafile ++ if $cur{cafile} eq "NONE"; ++ } elsif ($line =~ /^verify_peer\s+/i) { ++ my $value = unquote($POSTMATCH); ++ if ($value eq "no") { ++ $cur{verify_peer} = IO::Socket::SSL::SSL_VERIFY_NONE; ++ $cur{verify_hostname} = 0; ++ } elsif ($value eq "yes") { ++ $cur{verify_peer} = $default_ssl_verify; ++ $cur{verify_hostname} = 1; ++ } else { ++ print STDERR "$file:$lineno: Illegal value: '$value\n"; ++ print STDERR "choose one of yes or no\n"; ++ exit 1; ++ } + } else { + print STDERR "$file:$lineno: Syntax error: '$line'\n"; + exit 1; diff --git a/debian/patches/series b/debian/patches/series index 9f7267b..3b59b73 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,3 +2,4 @@ listadmin-discard.patch dont-write-logfile.patch listadmin-translation.patch listadmin.patch +selective-cert-checking.patch |