Bug#1020592: marked as done (nodejs: Testsuite is using smoil keys)

Thu, 29 Sep 2022 07:57:16 -0700 

Your message dated Thu, 29 Sep 2022 14:55:55 +0000
with message-id <e1odux9-00fk1m...@fasolo.debian.org>
and subject line Bug#1020592: fixed in nodejs 18.10.0+dfsg-1
has caused the Debian Bug report #1020592,
regarding nodejs: Testsuite is using smoil keys
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1020592: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1020592
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: nodejs
Version: 8.7.0+dfsg-5
Severity: serious
control: tags -1 patch

The last OpenSSL upload moved the default security level from the
openssl.cnf file to build-time default so I don't have to fiddle with
the config file anymore.
Unfortunately nodejs is using smoil keys in its testsuite so the
testsuite fails now. Previously it didn't because it used the "default"
openssl.cnf which did not specify any of this so the security level was
never changed from its default - 1. Now it is 2 and nodejs needs either
to increase the default key size or lower security level via the config
file.
A patch for the latter has been attached.

Sebastian

From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc>
Date: Fri, 23 Sep 2022 22:39:50 +0200
Subject: [PATCH] Add a CipherString for nodejs

If the default security level is overwritten at build time of openssl
then it is needed to lower it again for nodejs in order to pass the
testsuite because it is using smoil keys.

Signed-off-by: Sebastian Andrzej Siewior <sebast...@breakpoint.cc>
---
 deps/openssl/openssl/apps/openssl.cnf | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/deps/openssl/openssl/apps/openssl.cnf b/deps/openssl/openssl/apps/openssl.cnf
index 03330e0120a2..65ae201e44aa 100644
--- a/deps/openssl/openssl/apps/openssl.cnf
+++ b/deps/openssl/openssl/apps/openssl.cnf
@@ -15,6 +15,7 @@ HOME			= .
 
  # Use this in order to automatically load providers.
 openssl_conf = openssl_init
+nodejs_conf = nodejs_init
 
 # Comment out the next line to ignore configuration errors
 config_diagnostics = 1
@@ -388,3 +389,12 @@ oldcert = $insta::certout # insta.cert.pem
 # Certificate revocation
 cmd = rr
 oldcert = $insta::certout # insta.cert.pem
+
+[nodejs_init]
+ssl_conf = ssl_sect
+
+[ssl_sect]
+system_default = system_default_sect
+
+[system_default_sect]
+CipherString = DEFAULT:@SECLEVEL=1
-- 
2.37.2

--- End Message ---
--- Begin Message --- 
Source: nodejs
Source-Version: 18.10.0+dfsg-1
Done: Jérémy Lal <kapo...@melix.org>

We believe that the bug you reported is fixed in the latest version of
nodejs, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1020...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jérémy Lal <kapo...@melix.org> (supplier of updated nodejs package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 29 Sep 2022 11:50:59 +0200
Source: nodejs
Architecture: source
Version: 18.10.0+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers 
<pkg-javascript-de...@alioth-lists.debian.net>
Changed-By: Jérémy Lal <kapo...@melix.org>
Closes: 1020592
Changes:
 nodejs (18.10.0+dfsg-1) unstable; urgency=medium
 .
   [ Yadd ]
   * Drop /usr/lib/nodejs support
 .
   [ Jérémy Lal ]
   * New upstream version 18.10.0+dfsg
   * Configurable builtins paths:
     + upstream patch implementing it
     + augment upstream patch to support acorn, acorn-walk
     + configure flags for acorn, undici, cjs-module-lexer
     + use pkgjs-ln for system-installed modules
     + exclude acorn, undici, cjs-module-lexer,
       they are all distributed and built in their own package
   * Allow custom flags to be set in /etc/defaults/nodejs
   * Patch openssl.conf used for tests to allow smoil keys,
     and disable some failing tests while waiting for upstream
     to upgrade their test keys. (Closes: #1020592)
   * Use shared ngtcp2, nghttp3
   * doc-generator:
     + fix node_modules setup using pkgjs-ln
     + update type-parser.mjs
Checksums-Sha1:
 059e2ff43cc079cf91de7930f983f0bb81f0eed8 4174 nodejs_18.10.0+dfsg-1.dsc
 d3a242e7edbc4f323db50d82c2f648dc8c3ecb3f 248560 
nodejs_18.10.0+dfsg.orig-types-node.tar.xz
 a7ef814992e81a7419c7cb42c5914e90cc48ea6d 25170560 
nodejs_18.10.0+dfsg.orig.tar.xz
 85f339e04d2782780d0453e4e80a15913c19fc1b 162532 
nodejs_18.10.0+dfsg-1.debian.tar.xz
 e8582961091e4684dd6428577543044ed2157a27 20373 
nodejs_18.10.0+dfsg-1_source.buildinfo
Checksums-Sha256:
 9e4aae9510422ec3044955e3824ba7e1b4698ef720ab1ba516d217833761269a 4174 
nodejs_18.10.0+dfsg-1.dsc
 53827b99ba832efd0b4fc4eb47123c65818c67856e60025fee9a0048aa4f750a 248560 
nodejs_18.10.0+dfsg.orig-types-node.tar.xz
 65b683ce14654c34efc8074b140030f194a38cdba01eb7a20c0e5b10897b9655 25170560 
nodejs_18.10.0+dfsg.orig.tar.xz
 e3d8d993e2c218251d497018b96c407883f53a501bd6d195fb3fac86bae2676d 162532 
nodejs_18.10.0+dfsg-1.debian.tar.xz
 5e141484ec78f2c9942914ed8ec601116522dc3a2b5194fd0434221d06c7f830 20373 
nodejs_18.10.0+dfsg-1_source.buildinfo
Files:
 7a1990d2bef01809d3105ae9ac632237 4174 javascript optional 
nodejs_18.10.0+dfsg-1.dsc
 1274c6e4d319d908fa7078729b451aea 248560 javascript optional 
nodejs_18.10.0+dfsg.orig-types-node.tar.xz
 7a6ec799c8660f69e0092f7f704c858b 25170560 javascript optional 
nodejs_18.10.0+dfsg.orig.tar.xz
 3c8f2e27d57dcf2f2b272b2ce136d591 162532 javascript optional 
nodejs_18.10.0+dfsg-1.debian.tar.xz
 c7a84b20630a00e4c4f75a1e70f6beec 20373 javascript optional 
nodejs_18.10.0+dfsg-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEEA8Tnq7iA9SQwbkgVZhHAXt0583QFAmM1qyoSHGthcG91ZXJA
bWVsaXgub3JnAAoJEGYRwF7dOfN0CB0QAKmkvCWQ7+o15gvDnT2RZWjwPgtjp+Ve
0/2bUbC6f2g3lj/ZnUJEcLTytzX9GWsqIkEqYk2ZAdiNfWMDGEdxtAaFJDDI51+q
iJ2/UrG5Vc/DWffIsPIt/dgcLtabFVbJaJUw6PtrZyE/4K/y56gJrG9mKcCXvtpT
RHjopypBHJ26ChgelEfLgxvG/QuEtjCOtFOWKEJE9+DM674gnB7FIuErmn7K50eb
naFyhYkB0ajmvPr6p3DBOteTpBrHYR2q3mlFyJuUo4qx7r/YfSqx3OMHcjSEplKO
1kmIiA1qDsE4DmRw1mQh4SA2jcN9BbNoWI3zULVik39zBM/Nhm+87xudX/9JlSKF
6dtt8sUsDtbDUDZhHzCjTt41qgnmmwPKgFTr1RrPXsgeDn2wUz45sifik4M6ypW7
RHmuiNpoWpOi9/1W2VxlsDldQ5D4SKkCCdXQ4ptijCX5NjSdBPRk/bEB6ZI/XoU7
UFVrg/3rX9sXqlI+B+gZf0vx7FagGr4sWFDJkUcoys/frZ76OB2BODRqK1kGrxH0
a9Lv3kibhSh7enW9rFz1uske0/cKB4VCNfrKSmlgWIs6TGbjoQ7fMGiSavyOAugg
3ErVkZT4v9itGc9Q8ZcI7LMHZEBMlSccK//itYSNhiIJfpH4rxg+VnXeC/XMHyxe
3rTgWFWT/qnk
=Th9v
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to