upstream curl bug #1371: p12 client certificates code is broken

Requested nomination for stable release update from Ubuntu Bug Control at 2016-03-12T00:08.

The attachment "official libcurl patch from Daniel Stenberg" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

This is fixed in Wily. Subscribing ubuntu-sponsors.

The patch isn't really in sponsorable format yet as it is missing a debian/changelog and isn't a debdiff.

Brian, I was hoping for some community assistance on the changelog and debdiff area because I am absolutely not expert at creating and maintaining custom Debian and Ubuntu packaging related files. If there are some things I should do to create these items documentation is of course welcome.

1) go there https://launchpad.net/ubuntu/+source/curl
2) find the dsc link
3) dget -u https://launchpad.net/ubuntu/+archive/primary/+files/curl_7.35.0-1ubuntu2.6.dsc
4) wget your patch https://bugs.launchpad.net/ubuntu/+source/curl/+bug/1556330/+attachment/4596446/+files/libcurl_broken_pkcs12.patch
5) check if xenial is fixed (yes)
6) add-patch libcurl_broken_pkcs12.patch
7) explain changes in changelog
8) upload to ppa (dpkg-buildpackage -S -d && dput ppa:blah/blah-ppa filename_source.changes)
9) dput ubuntu filename_source.changes

I'm not a core-dev, so I can't do "9"
but I did instead:
10) debdiff curl_7.35.0-1ubuntu2.*.dsc > debdiff

and attached here

build ongoing here
https://launchpad.net/~costamagnagianfranco/+archive/ubuntu/locutusofborg-ppa/

I'll leave for you, testing my ppa, and fille the paperwork
please read this, and convert this bug to look an SRU bug
https://wiki.ubuntu.com/StableReleaseUpdates
(section 3.1, but read all).

thanks for the patch :)

unfortunately it doesn't seem to build.

> On Mar 12, 2016, at 8:55 AM, LocutusOfBorg <email address hidden> wrote:
>
> unfortunately it doesn't seem to build.

It built perfectly when I modified the source for 14.04 LTS.

Also thanks for the more detailed stable release diff procedures. I did read the stable release update page to write the original report but it didn't explain the commands to run as a community member. Who has access to add the additional procedures you wrote into the page? This would be very helpful for other technical users without knowledge of the special Debian and Ubuntu processes.

Matthew.

Thanks for the report, debdiff and update.

Quick comment, the upload should be to trusty-proposed, not trusty. The changelog would need to be adjusted accordingly once the FTBFS has been ironed out.

@Rolf, uploading the serie without "-proposed" is fine (that has been true for some years), on stable series uploads are automatically redirected

The debdiff looked fine, but needed fixing. Curl is a particular package as the last two patches get unapplied during the build to accommodate for different library backends. New patches need to get added earlier in the series file.

I've fixed the debdiff, made sure it builds properly, and have uploaded the package for processing by the SRU team.

Thanks!

thanks Marc!

How could I forget about the two quilt pop inside the rules file?

my memory is soooo bad :(

g.

Hello Matthew, or anyone else affected,

Accepted curl into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/curl/7.35.0-1ubuntu2.7 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Can somebody please provide more detailed test instructions?

Hello,

I am very sorry for the delay in testing this.

I noticed that the package libcurl4-doc is missing. I wasn't sure if it was obsolete, or a mistake, or not included in the test packages only.

Otherwise the package is working perfectly and is ready for release to Ubuntu 14.04 LTS.

Thanks for all of your help to make this fix possible.

Sincerely,
Matthew.

This bug was fixed in the package curl - 7.35.0-1ubuntu2.7

---------------
curl (7.35.0-1ubuntu2.7) trusty; urgency=medium

  [ Matthew Hall ]
  * debian/patches/libcurl_broken_pkcs12.patch:
    - fix p12 client certificates (LP: #1556330)

 -- Gianfranco Costamagna <email address hidden> Sat, 12 Mar 2016 17:22:33 +0100

The verification of the Stable Release Update for curl has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.