Debian Bug report logs - #702233
/usr/bin/tinyca2: tinyca won't open saved CA, possibly related to openssl upgrade

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Mateusz Kijowski <mateusz.kijowski@gmail.com>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: /usr/bin/tinyca2: tinyca won't open saved CA, possibly related to openssl upgrade

Date: Mon, 04 Mar 2013 12:31:21 +0100

Package: tinyca
Version: 0.7.5-3
Severity: important
File: /usr/bin/tinyca2
Tags: upstream


When trying to open a previously saved CA tinyca errors with:

Use of uninitialized value in split at /usr/share/tinyca/OpenSSL.pm line 601.
Use of uninitialized value $dn in substitution (s///) at /usr/share/tinyca/HELPERS.pm line 107.
Use of uninitialized value $dn in split at /usr/share/tinyca/HELPERS.pm line 109.
Use of uninitialized value $dn in substitution (s///) at /usr/share/tinyca/HELPERS.pm line 107.
Use of uninitialized value $dn in split at /usr/share/tinyca/HELPERS.pm line 109.
Use of uninitialized value $string in substitution (s///) at /usr/share/tinyca/OpenSSL.pm line 1043, <GEN11> line 3.
Use of uninitialized value $string in split at /usr/share/tinyca/OpenSSL.pm line 1045, <GEN11> line 3.
Use of uninitialized value in split at /usr/share/tinyca/OpenSSL.pm line 1046, <GEN11> line 3.
Use of uninitialized value $m in string eq at /usr/share/tinyca/OpenSSL.pm line 1074, <GEN11> line 3.
Use of uninitialized value $m in string eq at /usr/share/tinyca/OpenSSL.pm line 1074, <GEN11> line 3.
Use of uninitialized value $m in string eq at /usr/share/tinyca/OpenSSL.pm line 1074, <GEN11> line 3.
Use of uninitialized value $m in string eq at /usr/share/tinyca/OpenSSL.pm line 1074, <GEN11> line 3.
Use of uninitialized value $m in string eq at /usr/share/tinyca/OpenSSL.pm line 1074, <GEN11> line 3.
Use of uninitialized value $m in string eq at /usr/share/tinyca/OpenSSL.pm line 1074, <GEN11> line 3.
Use of uninitialized value $m in string eq at /usr/share/tinyca/OpenSSL.pm line 1074, <GEN11> line 3.
Use of uninitialized value $m in string eq at /usr/share/tinyca/OpenSSL.pm line 1074, <GEN11> line 3.
Use of uninitialized value $m in string eq at /usr/share/tinyca/OpenSSL.pm line 1074, <GEN11> line 3.
Use of uninitialized value $m in string eq at /usr/share/tinyca/OpenSSL.pm line 1074, <GEN11> line 3.
Use of uninitialized value $m in string eq at /usr/share/tinyca/OpenSSL.pm line 1074, <GEN11> line 3.
Use of uninitialized value $m in string eq at /usr/share/tinyca/OpenSSL.pm line 1074, <GEN11> line 3.
Use of uninitialized value $year in numeric ge (>=) at /usr/share/perl/5.14/Time/Local.pm line 100, <GEN11> line 3.
Use of uninitialized value $year in numeric lt (<) at /usr/share/perl/5.14/Time/Local.pm line 103, <GEN11> line 3.
Use of uninitialized value $year in numeric ge (>=) at /usr/share/perl/5.14/Time/Local.pm line 103, <GEN11> line 3.
Use of uninitialized value $year in numeric gt (>) at /usr/share/perl/5.14/Time/Local.pm line 104, <GEN11> line 3.
Use of uninitialized value $month in numeric gt (>) at /usr/share/perl/5.14/Time/Local.pm line 108, <GEN11> line 3.
Use of uninitialized value $month in numeric lt (<) at /usr/share/perl/5.14/Time/Local.pm line 108, <GEN11> line 3.
Use of uninitialized value $month in array element at /usr/share/perl/5.14/Time/Local.pm line 112, <GEN11> line 3.
Use of uninitialized value $month in numeric eq (==) at /usr/share/perl/5.14/Time/Local.pm line 113, <GEN11> line 3.
Use of uninitialized value $mday in numeric gt (>) at /usr/share/perl/5.14/Time/Local.pm line 116, <GEN11> line 3.
Use of uninitialized value $mday in numeric lt (<) at /usr/share/perl/5.14/Time/Local.pm line 116, <GEN11> line 3.
Use of uninitialized value $mday in concatenation (.) or string at /usr/share/perl/5.14/Time/Local.pm line 116, <GEN11> line 3.
*** unhandled exception in callback:
***   Day '' out of range 1..31 at /usr/share/tinyca/OpenSSL.pm line 1050
***  ignoring at /usr/bin/tinyca2 line 121.


It seems that this is related to a recent upgrade of the openssl package, I upgraded it from 1.0.1c-4 to 1.0.1e-1. Perhaps it is an openssl bug?


-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages tinyca depends on:
ii  libgtk2-perl            2:1.244-1
ii  liblocale-gettext-perl  1.05-7+b1
ii  openssl                 1.0.1e-1

Versions of packages tinyca recommends:
ii  zip  3.0-6

tinyca suggests no packages.

-- no debconf information

Message #10 received at 702233@bugs.debian.org (full text, mbox, reply):

From: Mateusz Kijowski <mateusz.kijowski@gmail.com>

To: 702233@bugs.debian.org

Subject: Re: Bug#702233: /usr/bin/tinyca2: tinyca won't open saved CA, possibly related to openssl upgrade

Date: Mon, 4 Mar 2013 13:22:59 +0100

I have just tested with a new CA, created with the TinyCA GUI and I
get the same error.

Message #15 received at 702233@bugs.debian.org (full text, mbox, reply):

From: François Cerbelle <francois@cerbelle.net>

To: Debian Bug Tracking System <702233@bugs.debian.org>

Subject: tinyca: GUI remains empty

Date: Mon, 04 Mar 2013 22:54:54 +0100

Package: tinyca
Followup-For: Bug #702233

Dear Maintainer,

   * What led up to the situation?

   stable + testing in sourcelist
   apt.conf :
    APT::Default-Release "wheezy";
    APT::Cache-Limit 500000000;
    Acquire::Languages en;
   Worked perfectly until recently (I dont use it everyday !)

   Should you need more information from my environment's config, just
   ask.


-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'testing-proposed-updates'), (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages tinyca depends on:
ii  libgtk2-perl            2:1.244-1
ii  liblocale-gettext-perl  1.05-7+b1
ii  openssl                 1.0.1e-1

Versions of packages tinyca recommends:
ii  zip  3.0-6

tinyca suggests no packages.

-- no debconf information

Message #20 received at 702233@bugs.debian.org (full text, mbox, reply):

From: Mateusz Kijowski <mateusz.kijowski@gmail.com>

To: 702233@bugs.debian.org

Subject: Re: Bug#702233: Acknowledgement (/usr/bin/tinyca2: tinyca won't open saved CA, possibly related to openssl upgrade)

Date: Tue, 5 Mar 2013 00:20:42 +0100

[Message part 1 (text/plain, inline)]

It seems that openvpn -text -noout does not work the same way it did
earlier (save the human readable text output to a file). The attached
patch works around the issue and works for me, but YMMV.

[tinyca2.patch (application/octet-stream, attachment)]

Message #25 received at 702233@bugs.debian.org (full text, mbox, reply):

From: Laurent Desarmes <laurent.desarmes@u-picardie.fr>

To: 702233@bugs.debian.org

Subject: /usr/bin/tinyca2: tinyca won't open saved CA, possibly related to openssl upgrade

Date: Tue, 05 Mar 2013 16:06:34 +0100

[Message part 1 (text/plain, inline)]

Hi,

There's also an issue with the serial, it's now displaying in hex form
with openssl 1.0.1e-1

Attached is a patched for tinyca 0.7.5-3 that fixes both the issues
for me.

[Message part 2 (application/pgp-signature, inline)]

[tinyca-0.7.5-3.patch (text/x-diff, inline)]

--- /usr/share/tinyca/OpenSSL.pm.orig	2013-03-05 15:57:46.332286060 +0100
+++ /usr/share/tinyca/OpenSSL.pm	2013-03-05 15:57:53.408466038 +0100
@@ -605,6 +605,8 @@
          # dirty fix (incompleted) --curly
          $i = sprintf( "%x", $1);
          $tmp->{'SERIAL'} = length($i)%2?"0".uc($i):uc($i);
+      } elsif ($_ =~ /^\s*([da-f]{2}:\w{2}:\w{2}:\w{2}:\w{2}:\w{2}:\w{2}:\w{2})\s*$/i) {
+	$tmp->{'SERIAL'} = $1;
       } elsif ($_ =~ /Signature Algorithm.*: (\w+)/i) {
          $tmp->{'SIG_ALGORITHM'} = $1;
       } elsif ($_ =~ /Issuer: (.+)/i) {
@@ -823,10 +825,10 @@
    $cmd = "$self->{'bin'} $opts->{'cmd'}";
    $cmd .= " -config $opts->{'config'}" if(defined($opts->{'config'}));
    $cmd .= " -inform $opts->{'inform'}";
-   $cmd .= " -out \"$file\"";
    if($opts->{'outform'} eq 'TEXT') {
       $cmd .= " -text -noout";
    } else {
+      $cmd .= " -out \"$file\"";
       $cmd .= " -outform $opts->{'outform'}";
    }
 
@@ -859,13 +861,17 @@
       }
    }
 
-   open(IN, $file) || do {
-      my $t = sprintf(_("Can't open file %s: %s"), $file, $!);
-      GUI::HELPERS::print_warning($t);
-      return;
-   };
-   $tmp .= $_ while(<IN>);
-   close(IN);
+   if ($opts->{'outform'} eq 'TEXT') {
+      $tmp = $ext;
+   } else {
+      open(IN, $file) || do {
+         my $t = sprintf(_("Can't open file %s: %s"), $file, $!);
+         GUI::HELPERS::print_warning($t);
+         return;
+      };
+      $tmp .= $_ while(<IN>);
+      close(IN);
+   }
 
    unlink($file);
 

[Message part 4 (text/plain, inline)]

-- 
Laurent

Message #38 received at 702233@bugs.debian.org (full text, mbox, reply):

From: Martin Zobel-Helas <zobel@debian.org>

To: 702233@bugs.debian.org

Subject: upload planed.

Date: Tue, 12 Mar 2013 21:04:18 +0100

Hi,

i plan to upload a fixed tinyca package before the weekend.

Cheers,
Martin
-- 
 Martin Zobel-Helas <zobel@debian.org>    Debian System Administrator
 Debian & GNU/Linux Developer                       Debian Listmaster
 http://about.me/zobel                               Debian Webmaster
 GPG Fingerprint:  6B18 5642 8E41 EC89 3D5D  BDBB 53B1 AC6D B11B 627B 

Message #43 received at 702233@bugs.debian.org (full text, mbox, reply):

From: Christoph Ulrich Scholler <scholler@fnb.tu-darmstadt.de>

To: 702233@bugs.debian.org

Subject: Patches so far

Date: Fri, 15 Mar 2013 00:57:03 +0100

Hi,

The two patches submitted so far do not address the root of the problem,
that is the botched process handling in tinyca. I am working on a better
solution to this issue, which I intend to upload next week. Please bear
with me.

Cheers

Uli

🔗 View this message in rfc822 format

From: Christoph Ulrich Scholler <scholler@fnb.tu-darmstadt.de>

To: Laurent Desarmes <laurent.desarmes@u-picardie.fr>

Cc: 702233@bugs.debian.org

Subject: Bug#702233: /usr/bin/tinyca2: tinyca won't open saved CA, possibly related to openssl upgrade

Date: Fri, 15 Mar 2013 01:01:51 +0100

Hi,

Laurent Desarmes <laurent.desarmes@u-picardie.fr> writes:
> There's also an issue with the serial, it's now displaying in hex form
> with openssl 1.0.1e-1

I don't believe there is an issue with the serial number. In TinyCA it
has always been shown in hex and openssl puts both hex and decimal
representations into its -text output (tried with 0.9.8o and 1.0.1e).

Cheers

Uli

Message #56 received at 702233@bugs.debian.org (full text, mbox, reply):

From: Michael Gilbert <mgilbert@debian.org>

To: 702233@bugs.debian.org

Subject: re: tinyca won't open saved CA

Date: Sun, 17 Mar 2013 16:38:02 -0400

control: tag -1 -patch

Removing tag since it looks like there is more work to be done.

Best wishes,
Mike

Message #61 received at 702233@bugs.debian.org (full text, mbox, reply):

From: Serafeim Zanikolas <sez@debian.org>

To: Christoph Ulrich Scholler <scholler@fnb.tu-darmstadt.de>, 702233@bugs.debian.org

Subject: Re: Patches so far

Date: Sat, 23 Mar 2013 14:18:54 +0100

Hi Uli,

Any progress on the upload that you were preparing for this past week?

cheers,
sez

-- 
Every great idea is worthless without someone to do the work. --Neil Williams

Message #66 received at 702233@bugs.debian.org (full text, mbox, reply):

From: Christoph Ulrich Scholler <scholler@fnb.tu-darmstadt.de>

To: Serafeim Zanikolas <sez@debian.org>

Cc: 702233@bugs.debian.org

Subject: Re: Bug#702233: Patches so far

Date: Sat, 23 Mar 2013 18:22:13 +0100

Hi Sez,

I have prepared a patch and I'm planning on having it uploaded tomorrow.

Cheers

Uli

Message #71 received at 702233-close@bugs.debian.org (full text, mbox, reply):

From: Christoph Ulrich Scholler <scholler@fnb.tu-darmstadt.de>

To: 702233-close@bugs.debian.org

Subject: Bug#702233: fixed in tinyca 0.7.5-4

Date: Mon, 25 Mar 2013 08:47:43 +0000

Source: tinyca
Source-Version: 0.7.5-4

We believe that the bug you reported is fixed in the latest version of
tinyca, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 702233@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christoph Ulrich Scholler <scholler@fnb.tu-darmstadt.de> (supplier of updated tinyca package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 25 Mar 2013 02:25:09 +0100
Source: tinyca
Binary: tinyca
Architecture: source all
Version: 0.7.5-4
Distribution: unstable
Urgency: medium
Maintainer: Christoph Ulrich Scholler <scholler@fnb.tu-darmstadt.de>
Changed-By: Christoph Ulrich Scholler <scholler@fnb.tu-darmstadt.de>
Description: 
 tinyca     - simple graphical program for certification authority management
Closes: 702233 702433
Changes: 
 tinyca (0.7.5-4) unstable; urgency=medium
 .
   * Ensured compatibility with openssl 1.0.1 (Closes: #702233). Thanks to
     Mateusz Kijowski for the bug report.
   * Fixed deprecation warning form perl about use of qw() without
     parentheses (Closes: 702433). Thanks to Jörgen Hägg for the patch.
Checksums-Sha1: 
 f45d4a6830301d1a639bb10b109e1c1527cc9aaa 1709 tinyca_0.7.5-4.dsc
 165ba4e2a6460dcf8d8e416085593c28096bf23b 9431 tinyca_0.7.5-4.diff.gz
 62c603b5afb0a244a432b8eec304b547db8fba7f 130092 tinyca_0.7.5-4_all.deb
Checksums-Sha256: 
 b7b441ff14cec88b06cb3489ed6e2d9bc6bc9e00a091f2e2d15b0335ff8e7ee9 1709 tinyca_0.7.5-4.dsc
 77372d88a9b0c7a35ab9720a94f9632eeca399971d0aa2bc2c0d03cbcf94d56c 9431 tinyca_0.7.5-4.diff.gz
 bea7d7ee3a66913b3955d045097dccc269c7b80a0c97cb33a3656c62a0851e82 130092 tinyca_0.7.5-4_all.deb
Files: 
 d355e38d9246931340363b9fc7ad7548 1709 utils optional tinyca_0.7.5-4.dsc
 8fd9c1281ac99fefe1948a7661ff3c72 9431 utils optional tinyca_0.7.5-4.diff.gz
 8ac5c524da5f66120e62b6dda6b44da4 130092 utils optional tinyca_0.7.5-4_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJRUAUEAAoJEFOxrG2xG2J7OhkP/i84rCrZhNI6csaXYs1GoRiP
/lJoVtVUCrp+pI12a5inDcd2ZZS4Ore1NSayIh4YNDf+NdwmOkCR40NbltluZNvj
sI03WiPW2n7HVLKK+kA82iU4TAR8QSEg1eGHUb7/Il2cSv85ZLG3kT0Z5XuNYY6A
qTdJuF6IG0aa4uB2UE4E7pZRhqAD/DT1vhGEQnUpVZpnhNVrdWND/XYTXu9Tf1uV
D3hbiPCJ0FOOnOJE8JBT/w5R+5KV8y9QQoFHY9/6wPR0PozAKrymgRAgWIahlKt0
G52vYbua2hX7IuxpQSP6jj1/PLQDAn+Xe9vBAcznHowZdCtCWydC3QRoAwp5iEm4
SO2Ori5sGR22HJ4bnQ0UW4FXBfTJyKlI0MS3VuBd2oX1zVGv/Dhrpp33g7EhnSgE
tZwgj/5g/wrHV3EhKtUl76mfl/wy5sRbmyIhtaJSZfkzcC8vGprRLrFb9c7SJjDj
zabM95sAaGcbt7wIWC4iEIXK5uoN/RhXWTYNk5qUinVfwNpKq+ane04PSfYleMoQ
kOEwkUbt1EgPD1NYUWUxh/WXrK9yziy3wv3nUWVD2ozPOM+3NqDGjZbGJhIzvGr5
ZrTQq2NWoXbwM3eLIQAv98qd996fOdCRJN7GqWt5Si9R4rl4R1H2wBnxXsKuXz1q
ujMe42o8o8crp7RZT014
=Us4M
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.