Bug#912889: tinyca: Depends on libgtk2-perl, that won't be part of Bullseye
It appears that porting TinyCA to Gtk3 is doable and I have a working version. Before publishing the code on Salsa I'd like to clean it up a bit, though. I hope to get that done in the next week.
Bug#839575: hangs waiting for openssl
Hi Stefan, Stefan Bühlerwrites: > tinyca hangs due to a regression in openssl, fixed in: > > > https://github.com/openssl/openssl/commit/888adbe064556ff5ab2f1d16a223b0548696614c Thank you very much for this piece of information. I had already implemented (but not uploaded) a ugly workaround for this issue, but it is of course best addressed in OpenSSL itself. I will reassign this issue to the openssl package. > * it builds strings to execute with /bin/sh -c "...", and quotes > filenames using \"$filename\" in perl. It should pass the command > and arguments as list instead - it's not that complicated. I'll look into that. > * trying to respond to the openssl interactive mode seems a very bad > idea. Agreed. Fixing it amounts to an almost complete rewrite of the non-GUI code, though... > * when I close tinyca (working on an existing setup) perl crashes with > a segfault (no idea who to blame for this, see attached > tinyca-perl-valgrind.txt) See #843568. It doesn't happen on Jessie, even with the current version of tinyca. Regards Uli
Bug#724586: tinyca2: options set with radio buttons when creating a new certificate are mixed up
Hi Mateusz, Mateusz Kijowski mateusz.kijow...@gmail.com writes: After perl and/or gtk2-perl update tyinyca started to sometimes generate certificates with options other than specified in the new certificate window. I have not been able to reproduce this issue. Can you please provide more details how to reproduce it? You say that you get certificates with options different from those you selected, but only sometimes. Does it depend on your inputs in the certificate generation dialog? Is it random? After some investigation it turned out that the callback bound to 'toggled' signal was firing twice (presumably one for unchecking and one for checking the radio button) resulting in a race condition. That is the normal behavior of many GUI toolkits. I can see this leading to race conditions only when multi-threading has gone wrong. Tinyca uses only one thread, which is the same thread as that where the GUI main loop runs. The attached test program exercises a radio button group and the callbacks in one thread. The test is run by starting the program, then toggling the radio buttons with the mouse or by pressing and holding the right (or left) key and, after a little playing, clicking on the print button. The resulting output (in the console) shows the recorded 'toggled' signals. In all my tests the pattern of activations and deactivations was absolutely regular with no deactivation signal processed before the corresponding activation signal. #!/usr/bin/perl -w use strict; use Time::HiRes qw( usleep ); use Glib qw/TRUE FALSE/; use Gtk2 -init; my $window = Gtk2::Window-new ('toplevel'); $window-signal_connect (delete_event = sub { Gtk2-main_quit }); my $box = Gtk2::HBox-new(FALSE, 2); my @radio_changes = []; my $countA = 0; my $countB = 0; my $radio1 = Gtk2::RadioButton-new(undef, A); $radio1-signal_connect('toggled' = sub{$countA++;\record_change($radio1, $countA, \@radio_changes)}); my $radio2 = Gtk2::RadioButton-new($radio1, B); $radio2-signal_connect('toggled' = sub{$countB++;\record_change($radio2, $countB, \@radio_changes)}); my $rb_group = $radio1-get_group(); my $button_print = Gtk2::Button-new(Print); $button_print-signal_connect('button-release-event', \print_state, \@radio_changes); $box-pack_start($radio1, FALSE, FALSE, 5); $box-pack_start($radio2, FALSE, FALSE, 5); $box-pack_start($button_print, FALSE, FALSE, 5); $window-add($box); $window-show_all(); Gtk2-main(); sub print_state { my ($widget, $event, $parameter) = @_; print STDOUT $widget, received , $event, : , $parameter; print STDOUT \n; foreach my $change (@$parameter) { print STDOUT $change, \n; } @$parameter = []; return FALSE; } sub record_change { my ($widget, $count, $changes) = @_; usleep(5); # Wait for the race? my $change = $widget-get_active() ? Activated : Deactivated; push @$changes, $change. .$widget-get_label().$count; return FALSE; } The attached patch checks if the radio button is being set to active before assigning value to certificate options. Since GUI::_fill_radiobox() seems to be generic this might result in mangling other options controlled via radio buttons as well. I doubt that your patch will mangle other radio button-controlled options. But before I apply it I'd like to understand why it solves your issue. Regards Uli
Bug#702233: Patches so far
Hi Sez, I have prepared a patch and I'm planning on having it uploaded tomorrow. Cheers Uli -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702233: Patches so far
Hi, The two patches submitted so far do not address the root of the problem, that is the botched process handling in tinyca. I am working on a better solution to this issue, which I intend to upload next week. Please bear with me. Cheers Uli -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#702233: /usr/bin/tinyca2: tinyca won't open saved CA, possibly related to openssl upgrade
Hi, Laurent Desarmes laurent.desar...@u-picardie.fr writes: There's also an issue with the serial, it's now displaying in hex form with openssl 1.0.1e-1 I don't believe there is an issue with the serial number. In TinyCA it has always been shown in hex and openssl puts both hex and decimal representations into its -text output (tried with 0.9.8o and 1.0.1e). Cheers Uli -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#322602: postfix: trivial-rewrite crashes with signal 11
Do you by any chance have a debug_peer_list statement in your main.cf? If so, this might be related to #311804. uLI -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#323124: tinyca: crashes on startup
On 18.08. 14:07, Jasper Spaans wrote: index.txt has contents which seem to be OK. Have you created this CA in TinyCA or did you import it from somewhere else? Does TinyCA crash when you start it with no previously existing .TinyCA/? uLI -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#308879: Patches not sufficient
The reason for the breakage is that something in the behaviour of openssl has changed between versions 0.9.7e-3, which is part of Sarge, and 0.9.7g-1 and newer. This leads not only to an infinite loop at startup (which is fixed by at least one of the submitted patches) but also to a problem dealing with CRLs: Revoked certificates remain valid in the TinyCA UI, although they are in fact revoked. I will soon prepare a package for TinyCA 0.7.0 which thoroughly fixes this bug. uLI -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#320192: ethereal: Multiple problems in protocol dissectors
Package: ethereal Version: 0.10.11 Severity: grave Justification: user security hole Multiple problems in Ethereal's protocol dissectors have been discovered. It may be possible to make Ethereal crash, use up available memory, or run arbitrary code by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Versions affected: 0.8.5 up to and including 0.10.11 There is an advisory at http://www.ethereal.com/appnotes/enpa-sa-00020.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#308879: endless loop on startup
If I start tinyca it creates the main window and then proceeds to output this line endlessly: Use of uninitialized value in pattern match (m//) at /usr/lib/tinyca/OpenSSL.pm line 502. I can not reproduce this on Sarge. I noticed that the version of openssl in unstable is 0.9.7g, whereas Sarge has 0.9.7e. Maybe this causes the bug? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]