Message-Id: <email address hidden>
Date: Tue, 27 Jul 2004 02:32:05 -0400
From: Roland Bauerschmidt <email address hidden>
To: <email address hidden>
Subject: Bug#244827: fixed in openldap2 2.1.30-3
Source: openldap2
Source-Version: 2.1.30-3
We believe that the bug you reported is fixed in the latest version of
openldap2, which is due to be installed in the Debian FTP archive:
ldap-utils_2.1.30-3_i386.deb
to pool/main/o/openldap2/ldap-utils_2.1.30-3_i386.deb
libldap2-dev_2.1.30-3_i386.deb
to pool/main/o/openldap2/libldap2-dev_2.1.30-3_i386.deb
libldap2_2.1.30-3_i386.deb
to pool/main/o/openldap2/libldap2_2.1.30-3_i386.deb
libslapd2-dev_2.1.30-3_all.deb
to pool/main/o/openldap2/libslapd2-dev_2.1.30-3_all.deb
openldap2_2.1.30-3.diff.gz
to pool/main/o/openldap2/openldap2_2.1.30-3.diff.gz
openldap2_2.1.30-3.dsc
to pool/main/o/openldap2/openldap2_2.1.30-3.dsc
slapd_2.1.30-3_i386.deb
to pool/main/o/openldap2/slapd_2.1.30-3_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Roland Bauerschmidt <email address hidden> (supplier of updated openldap2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 26 Jul 2004 18:41:23 +0200
Source: openldap2
Binary: libslapd2-dev slapd libldap2 ldap-utils libldap2-dev
Architecture: source i386 all
Version: 2.1.30-3
Distribution: unstable
Urgency: high
Maintainer: Torsten Landschoff <email address hidden>
Changed-By: Roland Bauerschmidt <email address hidden>
Description:
ldap-utils - OpenLDAP utilities
libldap2 - OpenLDAP libraries
libldap2-dev - OpenLDAP development libraries
libslapd2-dev - OpenLDAP slapd back-end development headers
slapd - OpenLDAP server (slapd)
Closes: 244827
Changes:
openldap2 (2.1.30-3) unstable; urgency=high
.
* Urgeny high since previous releases were hardly usable (at least
with TLS).
* Roland Bauerschmidt <email address hidden>
+ libraries/libldap/gnutls.c, libraries/libldap/tls.c, include/ldap_pvt_gnutls.h: Use callback with gnutls_certificate_set_params_function to generate dh_params and
rsa_params (this is also the way, it's done with OpenSSL). We need
GNUTLS 1.0.9 for this. With the new version of libgcrypt, we also
need to initialize threading explicitly. The previous
segmentation faults resulted from the *global* param structure
being recreated and freed for every session. Many thanks to
Matthias Urlichs who helped debugging a lot and also packaged
GNUTLS 1.0.16 very quickly... Closes: #244827.
+ debian/control: Add build dependency to libgcrypt11-dev (we're
initializing it directly now) and change libgnutls10-dev to libgnutls11-dev.
+ libraries/libldap/gnutls.c: in tls_gnutls_need_{dh,rsa}_params
(formerly ldap_gnutls_need_...), create temp files more securely,
doing unlink before opening and opening them with O_EXCL. This is
necessary because under Linux 2.6 all threads have the same PID.
Thanks to Andrew Suffield for pointing this out.
+ debian/slapd.cron.daily: cron job to remove GNUTLS rsa_export and
dh param cache files every day.
+ debian/slapd.README.Debian: add note that we use GNUTLS rather
than OpenSSL.
Files:
368c4bee43faba970848f6a43a6a3a19 970 net optional openldap2_2.1.30-3.dsc
d43f270c6b7480c5fdcd3f954a1086b0 114367 net optional openldap2_2.1.30-3.diff.gz
497cbd88576c42e89457fa8c1594067f 941934 net optional slapd_2.1.30-3_i386.deb
01c409b7e225facf2056310fd70afdad 114684 net optional ldap-utils_2.1.30-3_i386.deb
9c68cfd009275e21532cd17368dc7705 289878 libs important libldap2_2.1.30-3_i386.deb
dcb1079af22407da018332f3260d0bc8 326164 libdevel extra libldap2-dev_2.1.30-3_i386.deb
d11e456199673b1f2b0f71ec7a1a6642 71828 libdevel extra libslapd2-dev_2.1.30-3_all.deb
Message-Id: <email address hidden>
Date: Tue, 27 Jul 2004 02:32:05 -0400
From: Roland Bauerschmidt <email address hidden>
To: <email address hidden>
Subject: Bug#244827: fixed in openldap2 2.1.30-3
Source: openldap2
Source-Version: 2.1.30-3
We believe that the bug you reported is fixed in the latest version of
openldap2, which is due to be installed in the Debian FTP archive:
ldap-utils_ 2.1.30- 3_i386. deb o/openldap2/ ldap-utils_ 2.1.30- 3_i386. deb dev_2.1. 30-3_i386. deb o/openldap2/ libldap2- dev_2.1. 30-3_i386. deb 2.1.30- 3_i386. deb o/openldap2/ libldap2_ 2.1.30- 3_i386. deb dev_2.1. 30-3_all. deb o/openldap2/ libslapd2- dev_2.1. 30-3_all. deb 2.1.30- 3.diff. gz o/openldap2/ openldap2_ 2.1.30- 3.diff. gz 2.1.30- 3.dsc o/openldap2/ openldap2_ 2.1.30- 3.dsc 1.30-3_ i386.deb o/openldap2/ slapd_2. 1.30-3_ i386.deb
to pool/main/
libldap2-
to pool/main/
libldap2_
to pool/main/
libslapd2-
to pool/main/
openldap2_
to pool/main/
openldap2_
to pool/main/
slapd_2.
to pool/main/
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Roland Bauerschmidt <email address hidden> (supplier of updated openldap2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7 libldap/ gnutls. c, libraries/ libldap/ tls.c,
include/ ldap_pvt_ gnutls. h: Use callback with
gnutls_ certificate_ set_params_ function to generate dh_params and
libgnutls11- dev. libldap/ gnutls. c: in tls_gnutls_ need_{dh, rsa}_params need_.. .), create temp files more securely, slapd.cron. daily: cron job to remove GNUTLS rsa_export and slapd.README. Debian: add note that we use GNUTLS rather 970848f6a43a6a3 a19 970 net optional openldap2_ 2.1.30- 3.dsc c5fdcd3f954a108 6b0 114367 net optional openldap2_ 2.1.30- 3.diff. gz e89457fa8c15940 67f 941934 net optional slapd_2. 1.30-3_ i386.deb cf2056310fd70af dad 114684 net optional ldap-utils_ 2.1.30- 3_i386. deb 21532cd17368dc7 705 289878 libs important libldap2_ 2.1.30- 3_i386. deb da018332f3260d0 bc8 326164 libdevel extra libldap2- dev_2.1. 30-3_i386. deb 1f2b0f71ec7a1a6 642 71828 libdevel extra libslapd2- dev_2.1. 30-3_all. deb
Date: Mon, 26 Jul 2004 18:41:23 +0200
Source: openldap2
Binary: libslapd2-dev slapd libldap2 ldap-utils libldap2-dev
Architecture: source i386 all
Version: 2.1.30-3
Distribution: unstable
Urgency: high
Maintainer: Torsten Landschoff <email address hidden>
Changed-By: Roland Bauerschmidt <email address hidden>
Description:
ldap-utils - OpenLDAP utilities
libldap2 - OpenLDAP libraries
libldap2-dev - OpenLDAP development libraries
libslapd2-dev - OpenLDAP slapd back-end development headers
slapd - OpenLDAP server (slapd)
Closes: 244827
Changes:
openldap2 (2.1.30-3) unstable; urgency=high
.
* Urgeny high since previous releases were hardly usable (at least
with TLS).
* Roland Bauerschmidt <email address hidden>
+ libraries/
rsa_params (this is also the way, it's done with OpenSSL). We need
GNUTLS 1.0.9 for this. With the new version of libgcrypt, we also
need to initialize threading explicitly. The previous
segmentation faults resulted from the *global* param structure
being recreated and freed for every session. Many thanks to
Matthias Urlichs who helped debugging a lot and also packaged
GNUTLS 1.0.16 very quickly... Closes: #244827.
+ debian/control: Add build dependency to libgcrypt11-dev (we're
initializing it directly now) and change libgnutls10-dev to
+ libraries/
(formerly ldap_gnutls_
doing unlink before opening and opening them with O_EXCL. This is
necessary because under Linux 2.6 all threads have the same PID.
Thanks to Andrew Suffield for pointing this out.
+ debian/
dh param cache files every day.
+ debian/
than OpenSSL.
Files:
368c4bee43faba
d43f270c6b7480
497cbd88576c42
01c409b7e225fa
9c68cfd009275e
dcb1079af22407
d11e456199673b
-----BEGIN PGP SIGNATURE-----
nNan6F/ 8RArriAJ9B7JcGG Ufdf3SpvEE/ 2o2aLWvyEgCgtjV e vsfBvwRE=
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBBfLADpX
GAKgjxJYyCgqBNM
=icq2
-----END PGP SIGNATURE-----