[Pkg-sympa-commits] [sympa] 03/04: Remove CA bundle check patch.
Stefan Hornburg (Racke)
racke at linuxia.de
Fri Dec 22 09:16:51 UTC 2017
This is an automated email from the git hooks/post-receive script.
racke pushed a commit to branch master
in repository sympa.
commit 5630adb7a40094f5efc872935ec0699c78ea69f7
Author: Stefan Hornburg (Racke) <racke at linuxia.de>
Date: Thu Dec 21 16:09:00 2017 +0100
Remove CA bundle check patch.
---
.../patches/2001_ca_bundle_check_as_warning.patch | 50 ----------------------
debian/patches/series | 1 -
2 files changed, 51 deletions(-)
diff --git a/debian/patches/2001_ca_bundle_check_as_warning.patch b/debian/patches/2001_ca_bundle_check_as_warning.patch
deleted file mode 100644
index 65dfbd4..0000000
--- a/debian/patches/2001_ca_bundle_check_as_warning.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-Description: Raise a warning instead of an error when the CA bundle file is not readable.
- For its internal usage (to make https request and verify smime mail signatures) Sympa
- needs access to the Certificates Authorities installed on the system.
-
- Certificates Authorities are available in the package ca-certificates and
- this package also provides a single file with all the CA concatenated.
- The location of this file is /etc/ssl/certs/ca-certificates.crt
-
- Sympa package provides a symlink from /usr/share/sympa/default/ca-bundle.crt
- to /etc/ssl/certs/ca-certificates.crt
-
- Recently, to fix bug #537051 the ca-certificates package maintainer has
- decided to replace the CA bundle generation
- (/etc/ssl/certs/ca-certificates.crt) in the postinst by a trigger.
-
- During installation of Sympa, if ca-certificates is not present, it is
- installed as a Sympa dependency but the sympa postinst will always be
- executed before the ca-certificates triggers.
- It means that Sympa start will fail with an error because
- /etc/ssl/certs/ca-certificates.crt does not exists (not yet generated by the
- ca-certificates trigger).
-
- The following patch tries to detect if the CA bundle configured in sympa is a
- symlink to /etc/ssl/certs/ca-certificates.crt. In that case, a warning raised
- instead of en error.
-
- This is a purely Debian specific fix, which is quite ugly but it works.
-
- A better patch will be very much appreciated.
-Author: Emmanuel Bouthenot <kolter at debian.org>
-Bug-Debian: http://bugs.debian.org/706965
-Forwarded: not-needed
-Last-Update: 2013-07-02
----
-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
---- a/src/lib/Conf.pm
-+++ b/src/lib/Conf.pm
-@@ -827,7 +827,11 @@
-
- ## Check cafile and capath access
- if (defined $Conf{'cafile'} && $Conf{'cafile'}) {
-- unless (-f $Conf{'cafile'} && -r $Conf{'cafile'}) {
-+ my $debian_ca_bundle = '/etc/ssl/certs/ca-certificates.crt';
-+ if (-l $Conf{'cafile'} && ! -r $Conf{'cafile'} && readlink($Conf{'cafile'}) == $debian_ca_bundle) {
-+ $log->syslog('info', 'cafile (%s) is a symlink to the Debian CA certificates bundle (%s) which is not yet installed yet (see #706965)', $Conf{'cafile'}, $debian_ca_bundle);
-+ }
-+ elsif (! -f $Conf{'cafile'} || ! -r $Conf{'cafile'}) {
- $log->syslog('err', 'Cannot access cafile %s', $Conf{'cafile'});
- $config_err++;
- }
diff --git a/debian/patches/series b/debian/patches/series
index eba88f3..c050059 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,2 @@
2003_sympa_wizard_mhonarc.patch
-2001_ca_bundle_check_as_warning.patch
2002_support_jquery3_using_migrate.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/collab-maint/sympa.git
More information about the Pkg-sympa-commits
mailing list