Your message dated Sun, 18 Sep 2011 08:50:25 +0000
with message-id <[email protected]>
and subject line Bug#414941: fixed in libnet-ssleay-perl 1.38-1
has caused the Debian Bug report #414941,
regarding Patch to add access to peer certificate fingerprints
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
414941: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414941
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libnet-ssleay-perl
Version: 1.30-1
Severity: wishlist
Tags: patch
Hello,
(Patch submitted on behalf of Thierry Walrant)
Here is a small patch to add the possibility for a Perl script to
check the peer certificate fingerprints e.g. in a similar way
fetchmail does.
This adds the capability to strongly authenticate the peer when
using Net::SSLeay
Phil.
-- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-686
Locale: LANG=fr_BE@euro, LC_CTYPE=fr_BE@euro (charmap=ISO-8859-15)
Versions of packages libnet-ssleay-perl depends on:
ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries
ii libssl0.9.8 0.9.8c-4 SSL shared libraries
ii perl 5.8.8-7 Larry Wall's Practical Extraction
ii perl-base [perlapi-5.8.7] 5.8.8-7 The Pathologically Eclectic Rubbis
libnet-ssleay-perl recommends no packages.
-- no debconf information
--- libnet-ssleay-perl-1.30/SSLeay.xs 2005-12-15 18:06:54.000000000 +0100
+++ libnet-ssleay-perl-1.30/SSLeay.xs 2007-03-14 14:46:03.000000000 +0100
@@ -2506,6 +2506,46 @@
int idx
void
+X509_get_fingerprint(cert,type)
+ X509 * cert
+ char * type
+ PREINIT:
+ const EVP_MD *digest_tp = NULL;
+ unsigned char digest[EVP_MAX_MD_SIZE];
+ unsigned int dsz, k = 0;
+ char text[EVP_MAX_MD_SIZE * 3 + 1];
+ CODE:
+ if (!k && !stricmp(type,"md5")) {
+ k = 1; digest_tp = EVP_md5();
+ }
+ if (!k && !stricmp(type,"sha1")) {
+ k = 1; digest_tp = EVP_sha1();
+ }
+ if (!k && !stricmp(type,"sha256")) {
+ k = 1; digest_tp = EVP_sha256();
+ }
+ if (!k && !stricmp(type,"ripemd160")) {
+ k = 1; digest_tp = EVP_ripemd160();
+ }
+ if (!k) /* Default digest */
+ digest_tp = EVP_sha1();
+ if ( digest_tp == NULL ) {
+ /* Out of memory */
+ XSRETURN_UNDEF;
+ }
+ if (!X509_digest(cert, digest_tp, digest, &dsz)) {
+ /* Out of memory */
+ XSRETURN_UNDEF;
+ }
+ text[0] = '\0';
+ for(k=0; k<dsz; k++) {
+ sprintf(&text[strlen(text)], "%02X:", digest[k]);
+ }
+ text[strlen(text)-1] = '\0';
+ ST(0) = sv_newmortal(); /* Undefined to start with */
+ sv_setpvn( ST(0), text, strlen(text));
+
+void
X509_get_subjectAltNames(cert)
X509 * cert
PPCODE:
--- End Message ---
--- Begin Message ---
Source: libnet-ssleay-perl
Source-Version: 1.38-1
We believe that the bug you reported is fixed in the latest version of
libnet-ssleay-perl, which is due to be installed in the Debian FTP archive:
libnet-ssleay-perl_1.38-1.debian.tar.gz
to main/libn/libnet-ssleay-perl/libnet-ssleay-perl_1.38-1.debian.tar.gz
libnet-ssleay-perl_1.38-1.dsc
to main/libn/libnet-ssleay-perl/libnet-ssleay-perl_1.38-1.dsc
libnet-ssleay-perl_1.38-1_amd64.deb
to main/libn/libnet-ssleay-perl/libnet-ssleay-perl_1.38-1_amd64.deb
libnet-ssleay-perl_1.38.orig.tar.gz
to main/libn/libnet-ssleay-perl/libnet-ssleay-perl_1.38.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ansgar Burchardt <[email protected]> (supplier of updated libnet-ssleay-perl
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 18 Sep 2011 10:26:00 +0200
Source: libnet-ssleay-perl
Binary: libnet-ssleay-perl
Architecture: amd64 source
Version: 1.38-1
Distribution: unstable
Urgency: low
Maintainer: Debian Perl Group <[email protected]>
Changed-By: Ansgar Burchardt <[email protected]>
Closes: 414941
Description:
libnet-ssleay-perl - Perl module for Secure Sockets Layer (SSL)
Changes:
libnet-ssleay-perl (1.38-1) unstable; urgency=low
.
* Team upload.
.
[ Ansgar Burchardt ]
* New upstream release.
- Added X509_get_fingerprint. (Closes: #414941)
* Drop patch no_sslv2.patch: applied upstream.
* debian/copyright: Update years of copyright for inc/Module/*.
* debian/control: Convert Vcs-* fields to Git.
* debian/rules: Use find -exec instead of find | xargs.
.
[ Salvatore Bonaccorso ]
* debian/copyright: Replace DEP5 Format-Specification URL from
svn.debian.org to anonscm.debian.org URL.
5e00a0996e9df60f44cd8e660c2c9f79f6959d32c78a7bff3a8a75bd2bf61ec6 1274
libnet-ssleay-perl_1.38-1.dsc
3f0a05aab0ba9cf8aa1abd45a0fa4c7b389ebd78dd9082a2c5c7456ba4f311a4 151687
libnet-ssleay-perl_1.38.orig.tar.gz
a6657d2cc2f126bd3354a719e1bee3decc3842ae1d25a7d4d1f198f4c5da1e4b 8042
libnet-ssleay-perl_1.38-1.debian.tar.gz
Checksums-Sha1:
7300b56cceb4fc5e03cc40767c4cc0ddcb1d8932 2160 libnet-ssleay-perl_1.38-1.dsc
8dcd7fb642faa2e2c7b208c9059e4bf0252bcb5a 151687
libnet-ssleay-perl_1.38.orig.tar.gz
9608f984f310486b20e2026340674e5bc8e05e6a 8042
libnet-ssleay-perl_1.38-1.debian.tar.gz
28098108366bf17abea187709c799f10cbd599f5 228220
libnet-ssleay-perl_1.38-1_amd64.deb
Checksums-Sha256:
549f84219ce9dd552eecda2df2931c5429ab3d3d18192c82ed9854f33bb3f3f0 2160
libnet-ssleay-perl_1.38-1.dsc
3f0a05aab0ba9cf8aa1abd45a0fa4c7b389ebd78dd9082a2c5c7456ba4f311a4 151687
libnet-ssleay-perl_1.38.orig.tar.gz
a6657d2cc2f126bd3354a719e1bee3decc3842ae1d25a7d4d1f198f4c5da1e4b 8042
libnet-ssleay-perl_1.38-1.debian.tar.gz
31e7e9640c06d07d35bf9a726bed2334711d59dec55d863b0296573e895f9135 228220
libnet-ssleay-perl_1.38-1_amd64.deb
Files:
19478bae51fc868c1dd8c181aaef4618 2160 perl optional
libnet-ssleay-perl_1.38-1.dsc
b64d0167fe6497493e331f121a57fb52 151687 perl optional
libnet-ssleay-perl_1.38.orig.tar.gz
d5e19e0eaf29dd9180889588103bdb40 8042 perl optional
libnet-ssleay-perl_1.38-1.debian.tar.gz
b5bd242142c8016af552837fc629b0c7 228220 perl optional
libnet-ssleay-perl_1.38-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJOda+kAAoJEIATJTTdNH3IL6IP/32GjEj2bWDhJb8FmOyE+eTT
/BSETxFVKFdbRw9nMFxHhktHXrhy/e4xacwVN0sBN/gdknOLHEAreCghWHt0/FtQ
YMb6UnS4Pj4R2dzrw4iVngA5PRLUzu8iT+kobe3fD3K0dZ4N8YHesmD+VYhKkISP
gwbEzm9B81ABFGT3mTEmCEpCaaEyHw2ye7mIGVVbbznT1wLQfD5LVNPPPgrnjMpo
A99VNV1vl8YDfmFIp4ENixokSfAAnjOnAwMIcUXj0clcFdUkvWFb/deVBukmvgnL
ZYMsYEVUV3EOr8T7zXBH1szy8LVvRtGf3Jr1etO17rB1U4WVE8XGQ8WM/eyiTd/m
U+rzKmXqyu1Al6pTt8BZtmAlF5sXTvavvY3Vp0YlzJ4bEm7hoCzQxp4UmOJw15aY
tk+HTE4L26noihK+LUsvpheJiHD6gbRa5uVTuN6Neymazxpr88jyPLzFJW7wRUWk
R4IqgiJprn3L8VymSomlFuCI0OFhZ1rR0CE9Vfio6m44ukS/DPv9UzQEtnVjijgj
HqzHucOIMBl/JKukArewuetVdP97Y3Bszz13MFnSMmDFh/aSEL5/ARZJCO6txOlW
3z1iTAWi5Etpp/63EnMOObzTLDgOiGIilNowQE1woiPnDm0lZRwer3zRSadnJP7r
rmOKKtHAxGwa2hhtlS8x
=Z7QY
-----END PGP SIGNATURE-----
--- End Message ---
