from:"Joshua Judson Rosen"

Bug#381484: emacs21-common: ldap.el fails to parse literal values in ldapsearch output

2006-08-04 Thread Joshua Judson Rosen

Package: emacs21-common
Version: 21.4a-3
Severity: normal
Tags: patch

ldap.el's ldap-search-internal function invokes the ldapsearch command
with a "-t" option and expects /all/ values to be written to
temp-files, but "-t" diverts only values containing /unprintable/
characters to temp-files. Many values are included literally in the
ldapsearch output, and ldap.el mistakenly treats these values as the
names of temp-files to open, and just fails.

Here's a patch:

--- ldap.el.distrib	2001-12-28 01:28:32.0 -0500
+++ ldap.el	2006-08-04 14:53:00.0 -0400
@@ -528,7 +528,7 @@
 	(sizelimit (plist-get search-plist 'sizelimit))
 	(withdn (plist-get search-plist 'withdn))
 	(numres 0)
-	arglist dn name value record result)
+	arglist dn name value value-file record result)
 (if (or (null filter)
 	(equal "" filter))
 	(error "No search filter"))
@@ -586,13 +586,15 @@
 	  (forward-line 1)
 	  (while (looking-at "^\\(\\w*\\)[=:\t ]+\\(<[\t ]*file://\\)?\\(.*\\)$")
 	(setq name (match-string 1)
-		  value (match-string 3))
-	(save-excursion
-	  (set-buffer bufval)
-	  (erase-buffer)
-	  (insert-file-contents-literally value)
-	  (delete-file value)
-	  (setq value (buffer-substring (point-min) (point-max
+		  value (match-string 3)
+		  value-file (match-string 2))
+	(when value-file
+	  (save-excursion
+	 	(set-buffer bufval)
+	(erase-buffer)
+		(insert-file-contents-literally value)
+	  	(delete-file value)
+	  	(setq value (buffer-substring (point-min) (point-max)
 	(setq record (cons (list name value)
 			   record))
 	(forward-line 1))

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-2-686-smp
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages emacs21-common depends on:
ii  dpkg  1.13.21package maintenance system for Deb
ii  emacsen-common1.4.17 Common facilities for all emacsen

emacs21-common recommends no packages.

-- no debconf information

Bug#430549: gnome-dictionary: cannot enter slashes

2007-06-25 Thread Joshua Judson Rosen

Package: gnome-utils
Version: 2.14.0.dfsg-5
Severity: important

The slash-key brings up the `Find' dialogue unconditionally;
this makes it impossible to enter "/" characters into the `Look up' field,
so it's impossible to look up terms like "input/output".

It's also impossible to enter slashes into the Find dialogue once it appears.

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages gnome-utils depends on:
ii  e2fslibs 1.39+1.40-WIP-2006.11.14+dfsg-2 ext2 filesystem libraries
ii  gconf2   2.16.1-1GNOME configuration database syste
ii  libart-2 2.3.17-1Library of functions for 2D graphi
ii  libatk1. 1.12.4-3The ATK accessibility toolkit
ii  libaudio 0.2.6-6 Open-source version of SGI's audio
ii  libavahi 0.6.16-3etch1   Avahi client library
ii  libavahi 0.6.16-3etch1   Avahi common library
ii  libavahi 0.6.16-3etch1   Avahi glib integration library
ii  libbonob 2.14.0-3Bonobo CORBA interfaces library
ii  libbonob 2.14.0-5The Bonobo UI library
ii  libc62.3.6.ds1-13GNU C Library: Shared libraries
ii  libcairo 1.2.4-4 The Cairo 2D vector graphics libra
ii  libdbus- 1.0.2-1 simple interprocess messaging syst
ii  libesd-a 0.2.36-3Enlightened Sound Daemon (ALSA) - 
ii  libfontc 2.4.2-1.2   generic font configuration library
ii  libfreet 2.2.1-5 FreeType 2 font engine, shared lib
ii  libgconf 2.16.1-1GNOME configuration database syste
ii  libgcryp 1.2.3-2 LGPL Crypto library - runtime libr
ii  libglade 1:2.6.0-4   library to load .glade files at ru
ii  libglib2 2.12.4-2The GLib library of C routines
ii  libgnome 2.14.3-2Utility library for loading .deskt
ii  libgnome 0.6.0-3 GNOME keyring services library
ii  libgnome 2.16.0-2The GNOME 2 library - runtime file
ii  libgnome 2.14.0-2A powerful object-oriented display
ii  libgnome 2.12.1-7The GNOME 2.2 print architecture -
ii  libgnome 2.12.1-4GNOME 2.2 print architecture User 
ii  libgnome 2.14.1-2The GNOME 2 libraries (User Interf
ii  libgnome 1:2.14.2-7  GNOME virtual file-system (runtime
ii  libgnutl 1.4.4-3 the GNU TLS library - runtime libr
ii  libgpg-e 1.4-1   library for common error values an
ii  libgtk2. 2.8.20-7The GTK+ graphical user interface 
ii  libhal1  0.5.8.1-9   Hardware Abstraction Layer - share
ii  libice6  1:1.0.1-2   X11 Inter-Client Exchange library
ii  libjpeg6 6b-13   The Independent JPEG Group's JPEG 
ii  liborbit 1:2.14.3-0.1libraries for ORBit2 - a CORBA ORB
ii  libpanel 2.14.3-5library for GNOME 2 panel applets
ii  libpango 1.14.8-5Layout and rendering of internatio
ii  libpng12 1.2.15~beta5-1  PNG library - runtime
ii  libpopt0 1.10-3  lib for parsing cmdline parameters
ii  libsm6   1:1.0.1-3   X11 Session Management library
ii  libstart 0.8-2   library for program launch feedbac
ii  libtasn1 0.3.6-2 Manage ASN.1 structures (runtime)
ii  libx11-6 2:1.0.3-7   X11 client-side library
ii  libxcurs 1.1.7-4 X cursor management library
ii  libxext6 1:1.0.1-2   X11 miscellaneous extension librar
ii  libxfixe 1:4.0.1-5   X11 miscellaneous 'fixes' extensio
ii  libxi6   1:1.0.1-4   X11 Input extension library
ii  libxiner 1:1.0.1-4.1 X11 Xinerama extension library
ii  libxml2  2.6.27.dfsg-1   GNOME XML library
ii  libxrand 2:1.1.0.2-5 X11 RandR extension library
ii  libxrend 1:0.9.1-3   X Rendering Extension client libra
ii  scrollke 0.3.14-13   A free electronic cataloging syste
ii  zlib1g   1:1.2.3-13  compression library - runtime

Versions of packages gnome-utils recommends:
ii  gksu  2.0.0-1graphical frontend to su

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#321642: Bug #321642 is back as of udev 0.100-2

2006-10-17 Thread Joshua Judson Rosen

Package: udev
Version: 0.100-2
Tags: patch
Followup-For: Bug #321642

I've addressed this issue on my system with the attached patch.

-- Package-specific info:
-- /etc/udev/rules.d/:
/etc/udev/rules.d/:
total 8
lrwxrwxrwx 1 root root 20 2006-08-01 07:01 020_permissions.rules -> 
../permissions.rules
lrwxrwxrwx 1 root root 19 2006-08-10 13:55 025_libgphoto2.rules -> 
../libgphoto2.rules
lrwxrwxrwx 1 root root 16 2006-08-01 08:30 030_ifplugd.rules -> 
../ifplugd.rules
lrwxrwxrwx 1 root root 13 2006-08-01 07:01 udev.rules -> ../udev.rules
lrwxrwxrwx 1 root root 25 2006-08-01 08:27 z20_persistent-input.rules -> 
../persistent-input.rules
lrwxrwxrwx 1 root root 19 2006-08-01 07:01 z20_persistent.rules -> 
../persistent.rules
-rw-r--r-- 1 root root699 2006-09-22 13:56 z25_persistent-cd.rules
-rw-r--r-- 1 root joshuar 448 2006-09-22 14:49 z25_persistent-net.rules
lrwxrwxrwx 1 root root 33 2006-08-01 08:27 
z45_persistent-net-generator.rules -> ../persistent-net-generator.rules
lrwxrwxrwx 1 root root 12 2006-08-01 07:01 z50_run.rules -> ../run.rules
lrwxrwxrwx 1 root root 16 2006-08-01 07:01 z55_hotplug.rules -> 
../hotplug.rules
lrwxrwxrwx 1 root root 19 2006-09-05 14:20 z60_alsa-utils.rules -> 
../alsa-utils.rules
lrwxrwxrwx 1 root root 33 2006-08-01 08:28 
z60_xserver-xorg-input-wacom.rules -> ../xserver-xorg-input-wacom.rules
lrwxrwxrwx 1 root joshuar  29 2006-09-19 13:56 z75_cd-aliases-generator.rules 
-> ../cd-aliases-generator.rules
lrwxrwxrwx 1 root root 12 2006-10-16 10:07 z99_hal.rules -> ../hal.rules

-- /sys/:
/sys/block/hda/dev
/sys/block/loop0/dev
/sys/block/loop1/dev
/sys/block/loop2/dev
/sys/block/loop3/dev
/sys/block/loop4/dev
/sys/block/loop5/dev
/sys/block/loop6/dev
/sys/block/loop7/dev
/sys/block/ram0/dev
/sys/block/ram10/dev
/sys/block/ram11/dev
/sys/block/ram12/dev
/sys/block/ram13/dev
/sys/block/ram14/dev
/sys/block/ram15/dev
/sys/block/ram1/dev
/sys/block/ram2/dev
/sys/block/ram3/dev
/sys/block/ram4/dev
/sys/block/ram5/dev
/sys/block/ram6/dev
/sys/block/ram7/dev
/sys/block/ram8/dev
/sys/block/ram9/dev
/sys/block/sda/dev
/sys/block/sda/sda1/dev
/sys/block/sda/sda2/dev
/sys/block/sdb/dev
/sys/block/sdb/sdb1/dev
/sys/block/sdb/sdb2/dev
/sys/class/input/input13/event0/dev
/sys/class/input/input14/event1/dev
/sys/class/input/input14/mouse0/dev
/sys/class/input/input14/ts0/dev
/sys/class/input/input15/event2/dev
/sys/class/input/input16/event3/dev
/sys/class/input/input8/event4/dev
/sys/class/input/mice/dev
/sys/class/misc/agpgart/dev
/sys/class/misc/device-mapper/dev
/sys/class/misc/hpet/dev
/sys/class/misc/hw_random/dev
/sys/class/misc/psaux/dev
/sys/class/misc/rtc/dev
/sys/class/misc/watchdog/dev
/sys/class/ppdev/parport0/dev
/sys/class/printer/lp0/dev
/sys/class/sound/audio/dev
/sys/class/sound/controlC0/dev
/sys/class/sound/dsp/dev
/sys/class/sound/mixer/dev
/sys/class/sound/pcmC0D0c/dev
/sys/class/sound/pcmC0D0p/dev
/sys/class/sound/timer/dev
/sys/class/usb_device/usbdev1.1/dev
/sys/class/usb_device/usbdev2.1/dev
/sys/class/usb_device/usbdev3.1/dev
/sys/class/usb_device/usbdev3.3/dev
/sys/class/usb_device/usbdev4.1/dev
/sys/class/usb_device/usbdev5.11/dev
/sys/class/usb_device/usbdev5.1/dev

-- Kernel configuration:


-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-2-686-smp
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages udev depends on:
ii  libc62.3.6.ds1-4 GNU C Library: Shared libraries
ii  libselinux1  1.30.28-2   SELinux shared libraries
ii  libvolume-id00.100-2 libvolume_id shared library
ii  lsb-base 3.1-15  Linux Standard Base 3.1 init scrip

udev recommends no packages.

-- no debconf information
--- /etc/udev/permissions.rules.distrib 2006-10-17 10:13:54.0 -0400
+++ /etc/udev/permissions.rules 2006-10-17 10:16:44.0 -0400
@@ -11,7 +11,7 @@
 
 # default permissions for block devices
 SUBSYSTEM=="block",GROUP="disk"
-SUBSYSTEM=="block", ATTR{removable}=="1",  GROUP="floppy"
+SUBSYSTEM=="block", ATTRS{removable}=="1", GROUP="floppy"
 
 # IDE devices
 KERNEL=="hd[a-z]|pcd[0-9]*",   DRIVERS=="ide-cdrom|pcd", \

Bug#321642: back as of udev 0.100-2

2006-10-18 Thread Joshua Judson Rosen

[EMAIL PROTECTED] (Marco d'Itri) writes:
>
> On Oct 17, Joshua Judson Rosen <[EMAIL PROTECTED]> wrote:
>
> > I've addressed this issue on my system with the attached patch.
>
> Please report the output of udevinfo -a -n for the device which fails to
> get the expected owner.


Udevinfo starts with the device specified by the devpath and then
walks up the chain of parent devices. It prints for every device
found, all possible attributes in the udev rules key format.
A rule to match, can be composed by the attributes of the device
and the attributes from one single parent device.

  looking at device '/block/sdb/sdb2':
KERNEL=="sdb2"
SUBSYSTEM=="block"
DRIVER==""
ATTR{stat}==" 424  74922"
ATTR{size}=="116985330"
ATTR{start}=="224910"
ATTR{dev}=="8:18"

  looking at parent device '/block/sdb':
KERNELS=="sdb"
SUBSYSTEMS=="block"
DRIVERS==""
ATTRS{stat}=="  68  787 1299 228811
2 22320 4168 4520"
ATTRS{size}=="117210240"
ATTRS{removable}=="1"
ATTRS{range}=="16"
ATTRS{dev}=="8:16"

  looking at parent device 
'/devices/pci:00/:00:1d.7/usb5/5-7/5-7:1.0/host9/target9:0:0/9:0:0:0':
KERNELS=="9:0:0:0"
SUBSYSTEMS=="scsi"
DRIVERS=="sd"
ATTRS{ioerr_cnt}=="0x0"
ATTRS{iodone_cnt}=="0xdc"
ATTRS{iorequest_cnt}=="0xdc"
ATTRS{iocounterbits}=="32"
ATTRS{timeout}=="30"
ATTRS{state}=="running"
ATTRS{rev}=="1.62"
ATTRS{model}=="iPod"
ATTRS{vendor}=="Apple   "
ATTRS{scsi_level}=="3"
ATTRS{type}=="0"
ATTRS{queue_type}=="none"
ATTRS{queue_depth}=="1"
ATTRS{device_blocked}=="0"
ATTRS{max_sectors}=="240"

  looking at parent device 
'/devices/pci:00/:00:1d.7/usb5/5-7/5-7:1.0/host9/target9:0:0':
KERNELS=="target9:0:0"
SUBSYSTEMS==""
DRIVERS==""

  looking at parent device 
'/devices/pci:00/:00:1d.7/usb5/5-7/5-7:1.0/host9':
KERNELS=="host9"
SUBSYSTEMS==""
DRIVERS==""

  looking at parent device '/devices/pci:00/:00:1d.7/usb5/5-7/5-7:1.0':
KERNELS=="5-7:1.0"
SUBSYSTEMS=="usb"
DRIVERS=="usb-storage"
ATTRS{modalias}=="usb:v05ACp1209d0001dc00dsc00dp00ic08isc06ip50"
ATTRS{bInterfaceProtocol}=="50"
ATTRS{bInterfaceSubClass}=="06"
ATTRS{bInterfaceClass}=="08"
ATTRS{bNumEndpoints}=="02"
ATTRS{bAlternateSetting}==" 0"
ATTRS{bInterfaceNumber}=="00"

  looking at parent device '/devices/pci:00/:00:1d.7/usb5/5-7':
KERNELS=="5-7"
SUBSYSTEMS=="usb"
DRIVERS=="usb"
ATTRS{configuration}==""
ATTRS{serial}=="000A2700158E29AB"
ATTRS{product}=="iPod"
ATTRS{manufacturer}=="Apple"
ATTRS{maxchild}=="0"
ATTRS{version}==" 2.00"
ATTRS{devnum}=="12"
ATTRS{speed}=="480"
ATTRS{bMaxPacketSize0}=="64"
ATTRS{bNumConfigurations}=="1"
ATTRS{bDeviceProtocol}=="00"
ATTRS{bDeviceSubClass}=="00"
ATTRS{bDeviceClass}=="00"
ATTRS{bcdDevice}=="0001"
ATTRS{idProduct}=="1209"
ATTRS{idVendor}=="05ac"
ATTRS{bMaxPower}=="500mA"
ATTRS{bmAttributes}=="c0"
ATTRS{bConfigurationValue}=="1"
ATTRS{bNumInterfaces}==" 1"

  looking at parent device '/devices/pci:00/:00:1d.7/usb5':
KERNELS=="usb5"
SUBSYSTEMS=="usb"
DRIVERS=="usb"
ATTRS{configuration}==""
ATTRS{serial}==":00:1d.7"
ATTRS{product}=="EHCI Host Controller"
ATTRS{manufacturer}=="Linux 2.6.16-2-686-smp ehci_hcd"
ATTRS{maxchild}=="8"
ATTRS{version}==" 2.00"
ATTRS{devnum}=="1"
ATTRS{speed}=="480"
ATTRS{bMaxPacketSize0}=="64"
ATTRS{bNumConfigurations}=="1"
ATTRS{bDeviceProtocol}=="01"
ATTRS{bDeviceSubClass}=="00"
ATTRS{bDeviceClass}=="09"
ATTRS{bcdDevice}=="0206"
ATTRS{idProduct}==""
ATTRS{idVendor}==""
ATTRS{bMaxPower}=="  0mA"
ATTRS{bmAttributes}=="c0"
ATTRS{bConfigurationValue}=="1"
ATTRS{bNumInterfaces}==" 1"

  looking at parent device '/devices/pci:00/:00:1d.7':
KERNELS==":00:1d.7"
SUBSYSTEMS=="pci"
DRIVERS=="ehci_hcd"
ATTRS{modalias}=="pci:v8086d27CCsv103Csd3010bc0Csc03i20"
ATTRS{local_cpus}=="ff"
ATTRS{irq}=="225"
ATTRS{class}=="0x0c0320"
ATTRS{subsystem_device}=="0x3010"
ATTRS{subsystem_vendor}=="0x103c"
ATTRS{device}=="0x27cc"
ATTRS{vendor}=="0x8086"

  looking at parent device '/devices/pci:00':
KERNELS=="pci:00"
SUBSYSTEMS==""
DRIVERS==""


-- 
Don't be afraid to ask (Lf.((Lx.xx) (Lr.f(rr.

Bug#440985: apf-server: support certficated-based auth

2007-09-05 Thread Joshua Judson Rosen

Package: apf-server
Version: 0.8.2-1
Severity: wishlist

It would be nice if afserver could authorise/deny clients 
based on whether the client provided a valid SSL certificate.

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-5-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages apf-server depends on:
ii  libc6  2.3.6.ds1-13etch2 GNU C Library: Shared libraries
ii  libssl0.9.80.9.8c-4  SSL shared libraries
ii  zlib1g 1:1.2.3-13compression library - runtime

apf-server recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#440985: patch to add certificate-based authentication to apf

2007-09-21 Thread Joshua Judson Rosen

Tags: patch

I've added certificate-based authentication to APF:

It required adding a "cerfile" option to afclient, and "cacerfile",
"cerdepth" options to afserver (I've added both command-line switches
and configuration-file options); several struct-members and related
accessor-functions have been added to this end.

Since I've separated the CA certificate from the server certificate,
I've rename the server's certificate-file from "cacert.pem" to
"server-cert.pem".

I also had to replace a call to SSL_clear() with an complete
destruction and re-creation of the SSL object, because, otherwise, the
authentication-failure gets `stuck' in the object and all connections
reusing the object fail to authenticate.

diff -ru --exclude='*.in' --exclude='config*' apf-0.8.2/doc/afclient.1 patched/apf-0.8.2/doc/afclient.1
--- apf-0.8.2/doc/afclient.1	2006-09-13 06:37:54.0 -0400
+++ patched/apf-0.8.2/doc/afclient.1	2007-09-21 10:34:06.0 -0400
@@ -72,6 +72,9 @@
 .B -k, --keyfile FILE
   the name of the file with RSA key (default: client.rsa)
 
+.B -c, --cerfile
+  the name of the file with certificate (default: no certificate used)
+
 .B -f, --cfgfile FILE
   the name of the file with the configuration for the
 .I afclient
@@ -334,7 +337,7 @@
 
 .SH CONTRIBUTIONS
 
-Alex Dyatlov , Simon , Ilia Perevezentsev  and Marco Solari 
+Alex Dyatlov , Simon , Ilia Perevezentsev , Marco Solari , and Joshua Judson Rosen 
 
 .SH LICENSE
 
diff -ru --exclude='*.in' --exclude='config*' apf-0.8.2/doc/afserver.1 patched/apf-0.8.2/doc/afserver.1
--- apf-0.8.2/doc/afserver.1	2006-09-13 06:37:54.0 -0400
+++ patched/apf-0.8.2/doc/afserver.1	2007-09-21 10:34:23.0 -0400
@@ -51,7 +51,13 @@
 .I Configuration
 
 .B -c, --cerfile FILE
-  the name of the file with certificate (default: cacert.pem)
+  the name of the file with certificate (default: server-cert.pem)
+
+.B -A, --cacerfile FILE
+  the name of the file with CA certificates (if used, require clients to have valid certificates)
+
+.B -d, --cerdepth
+  the maximum depth of valid certificate-chains
 
 .B -k, --keyfile FILE
   the name of the file with RSA key (default: server.rsa)
@@ -236,7 +242,7 @@
 
 .SH CONTRIBUTIONS
 
-Alex Dyatlov , Simon , Ilia Perevezentsev  and Marco Solari 
+Alex Dyatlov , Simon , Ilia Perevezentsev  Marco Solari , and Joshua Judson Rosen 
 
 .SH LICENSE
 
Only in patched/apf-0.8.2/modules: .deps
Only in patched/apf-0.8.2/modules: Makefile
diff -ru --exclude='*.in' --exclude='config*' apf-0.8.2/src/afclient.c patched/apf-0.8.2/src/afclient.c
--- apf-0.8.2/src/afclient.c	2006-04-06 17:34:51.0 -0400
+++ patched/apf-0.8.2/src/afclient.c	2007-09-07 18:26:06.0 -0400
@@ -32,6 +32,7 @@
   {"portnum", 1, 0, 'p'},
   {"verbose", 0, 0, 'v'},
   {"keyfile", 1, 0, 'k'},
+  {"cerfile", 1, 0, 'c'},
   {"storefile", 1, 0, 's'},
   {"cfgfile", 1, 0, 'f'},
   {"log", 1, 0, 'o'},
@@ -107,6 +108,7 @@
   char* localPort = NULL;
   char* localDestinationName = NULL;
   char* keys = NULL;
+  char* certif = NULL;
   char* store = NULL;
   char* dateformat = NULL;
   char* kaTimeout = NULL;
@@ -180,7 +182,7 @@
   
   while ((n = getopt_long(argc, argv,
   GETOPT_LONG_LIBDL(GETOPT_LONG_LIBPTHREAD(
-  GETOPT_LONG_AF_INET6("huUn:m:d:p:vk:s:o:i:D:rP:X:VK:A:T:f:")))
+  GETOPT_LONG_AF_INET6("huUn:m:d:p:vk:c:s:o:i:D:rP:X:VK:A:T:f:")))
   , long_options, 0)) != -1) {
 switch (n) {
   case 'h': {
@@ -250,6 +252,10 @@
 keys = optarg;
 break;
   }
+  case 'c': {
+certif = optarg;
+break;
+  }
   case 's': {
 store = optarg;
 break;
@@ -385,6 +391,9 @@
   else {
 ClientConfiguration_set_keysFile(cconfig, keys);
   }
+  if (certif != NULL) {
+ClientConfiguration_set_certificateFile(cconfig, certif);
+  }
   if (store == NULL) {
 if (ClientConfiguration_get_storeFile(cconfig) == NULL) {
   ClientConfiguration_set_storeFile(cconfig, "known_hosts");
@@ -486,6 +495,7 @@
   exit(1);
 }
 ClientConfiguration_set_keysFile(cconfig, keys);
+ClientConfiguration_set_certificateFile(cconfig, certif);
 ClientConfiguration_set_storeFile(cconfig, store);
 ClientConfiguration_set_dateFormat(cconfig, dateformat);
 ClientConfiguration_set_realmsNumber(cconfig, 1);
@@ -695,7 +705,16 @@
   "Setting rsa key failed (%s)... exiting", keys);
   exit(1);
 }
-
+
+certif = ClientConfiguration_get_certificateFile(cconfig);
+if (certif) {
+  if (SSL_CTX_use_certificate_file(ctx, certif, SSL_FILETYPE_PEM) != 1) {
+

Bug#440985: [Fwd: Bug#440985: patch to add certificate-based authentication to apf]

2007-09-24 Thread Joshua Judson Rosen

"Juan A. Diaz" <[EMAIL PROTECTED]> writes:
>
> Bug description: afserver can authorise/deny clients based on whether
> the client provided a valid SSL certificate or not, 
>
> [0] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440985
>
> The attached patch was sent to me for that specifically. If you want to
> add this patch in a new relese please let me know so that I can
> re-package it.

My apologies--I seem to have a minor bug in my patch; where the patch reads:

--- apf-0.8.2/src/server_configuration_struct.c	2006-01-25 17:46:48.0 -0500
+++ patched/apf-0.8.2/src/server_configuration_struct.c	2007-09-20 15:53:50.0 -0400
@@ -66,6 +66,14 @@
 free((*sc)->certificateFile);
 (*sc)->certificateFile = NULL;
   }
+  if ((*sc)->cacertificateFile) {
+free((*sc)->cacertificateFile);
+(*sc)->cacertificateFile = NULL;
+  }
+  if ((*sc)->cacertificateFile) {
+free((*sc)->cacertificatePath);
+(*sc)->cacertificateFile = NULL;
+  }
   if ((*sc)->keysFile) {
 free((*sc)->keysFile);
 (*sc)->keysFile = NULL;

... it should read:

--- apf-0.8.2/src/server_configuration_struct.c	2006-01-25 17:46:48.0 -0500
+++ patched/apf-0.8.2/src/server_configuration_struct.c	2007-09-20 15:53:50.0 -0400
@@ -66,6 +66,14 @@
 free((*sc)->certificateFile);
 (*sc)->certificateFile = NULL;
   }
+  if ((*sc)->cacertificateFile) {
+free((*sc)->cacertificateFile);
+(*sc)->cacertificateFile = NULL;
+  }
+  if ((*sc)->cacertificatePath) {
+free((*sc)->cacertificatePath);
+(*sc)->cacertificatePath = NULL;
+  }
   if ((*sc)->keysFile) {
 free((*sc)->keysFile);
 (*sc)->keysFile = NULL;

-- 
Don't be afraid to ask (Lf.((Lx.xx) (Lr.f(rr.

Bug#381484: Bug #381484

2006-10-26 Thread Joshua Judson Rosen

Jérôme Marant <[EMAIL PROTECTED]> writes:
>
> Could you please test if this upstream version would work for you?
> http://cvs.savannah.gnu.org/viewcvs/*checkout*/emacs/emacs/lisp/net/ldap.el?rev=1.24
>
> Otherwise, I'll send your changes upstream.

Yes, that works fine for me--it looks like upstream is addressing the
problem by just adding a second "-t" flag to ldapsearch. I didn't know
that I could do that--it wasn't documented in the ldapsearch manpage.

Thanks.

-- 
Don't be afraid to ask (Lf.((Lx.xx) (Lr.f(rr.

Bug#381484: emacs21-common: ldap.el fails to parse literal values in ldapsearch output

Bug#430549: gnome-dictionary: cannot enter slashes

Bug#321642: Bug #321642 is back as of udev 0.100-2

Bug#321642: back as of udev 0.100-2

Bug#440985: apf-server: support certficated-based auth

Bug#440985: patch to add certificate-based authentication to apf

Bug#440985: [Fwd: Bug#440985: patch to add certificate-based authentication to apf]

Bug#381484: Bug #381484

8 matches

Site Navigation

Mail list logo

Footer information