Re: tlsa for smtp to @bugs.debian.org
> "SG" == Stephen Gran writes: SG> You've confirmed that postfix can talk to postfix, at least. I SG> suppose that's a start. The debian.org MXs are different machines SG> to lists, and they run exim. Yeah. I noticed that after I sent the first note. I had checked the @deb MXs, but forgot to check @lists.deb until I saw the log. @lists's mx doesn't have a tlsa, but is signed by the deb ca (and presents that cert when sending mail, just like my outgoing box does.) Whereas the @bugs and @deb MXs have tlsa, are not signed by deb's ca, and -- according to their certs -- hang out with Luggage et alia. :) -JimC -- James Cloos OpenPGP: 1024D/ED7DAEA6 -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/m3zjrh4z90@carbon.jhcloos.org
Re: tlsa for smtp to @bugs.debian.org
> "TFH" == Tollef Fog Heen writes: TFH> It's usually a good idea to mail the people who actually run the TFH> debian.org systems if you want help debugging problems like this. The first note, as I wrote, was an attempt to confirm whether the problem was limited to @bugs's MX. Given the first, it seemed only polite to explain that the issue wasn't what I thought it were. >> It turned out that buxtehude's exim doesn't like the (cacert-signed, >> wildcard) cert my box offers when sending mail. TFH> 2013-09-12 02:35:44 TLS error on connection from ore.jhcloos.com [198.147.23.85] (gnutls_handshake): The signature algorithm is not supported. TFH> I'm not entirely sure why that happens, though, given we run very TFH> similar configurations on buxthehude and the other mail-receiving hosts. Testing with: :; gnutls-cli --verbose --verbose --debug=1 --dane --local-dns \ --no-ca-verification --starttls --port 25 \ --x509certfile=/etc/ssl/certs/my_wild_cacert.pem \ --x509keyfile=my_wild.key \ buxtehude.debian.org. works fine: - Server's trusted authorities: [0]: C=NA,ST=NA,L=Ankh Morpork,O=Debian SMTP,OU=Debian SMTP CA,CN=Debian SMTP CA,EMAIL=hostmas...@puppet.debian.org [1]: C=NA,ST=NA,L=Ankh Morpork,O=Debian SMTP,OU=Debian SMTP CA,CN=Debian SMTP CA,EMAIL=hostmas...@puppet.debian.org - Successfully sent 1 certificate(s) to server. - Description: (TLS1.2-PKIX)-(RSA)-(AES-128-CBC)-(SHA1) - Session ID: D3:62:75:6A:ED:FC:C5:1C:61:12:F8:1B:06:4F:DD:81:B7:0F:9C:25:36:0C:AA:56:72:CE:9F:02:9C:E1:2C:BF - Version: TLS1.2 - Key Exchange: RSA - Client Signature: RSA-SHA256 - Cipher: AES-128-CBC - MAC: SHA1 - Compression: NULL - Channel binding 'tls-unique': 1eb70f592718d20b6721e52f Also, openssl can connect with: :; openssl s_client -CAfile /etc/ssl/certs/ca-certificates.crt \ -starttls smtp -showcerts -debug -state -crlf -tlsextdebug \ -status -msg -connect buxtehude.debian.org:25 but if I add: -key my_wild.key -cert /etc/ssl/certs/my_wild_cacert.pem it fails. The result is the same if I use a non-wild cert. But it works if I use the commercial cert I use for my https site. A cert with the same RSA size and sha1 sig hash as the cacert. So this does seem to be an openssl vs gnutls issue. I'll try to trigger it on a cloud server with debugging turned up and get a more detailed debug log. Which release does buxtehude run? Wheezy? -JimC -- James Cloos OpenPGP: 1024D/ED7DAEA6 -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/m3txhp4xtl@carbon.jhcloos.org
Bug#722626: ITP: libafs-pag-perl -- Perl bindings for AFS PAG manipulation
Package: wnpp Severity: wishlist Owner: Russ Allbery * Package name: libafs-pag-perl Version : 1.00 Upstream Author : Russ Allbery * URL : http://www.eyrie.org/~eagle/software/afs-pag/ [1] * License : MIT Programming Lang: Perl, C Description : Perl bindings for AFS PAG manipulation AFS::PAG provides the standard PAG and token manipulation functions setpag and unlog to Perl programs as a native module. It also provides the hasafs and haspag functions to detect whether AFS is running and whether the current process is in a PAG. [1] Upstream URL not yet available but will be by the time I upload packages. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130912212318.14667.99902.report...@windlord.stanford.edu
Re: tlsa for smtp to @bugs.debian.org
]] James Cloos No need to Cc me. [...] > Which release does buxtehude run? Wheezy? Yes. -- Tollef Fog Heen UNIX is user friendly, it's just picky about who its friends are -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/m2eh8tu4c0@rahvafeir.err.no
Bug#722631: ITP: libevdev -- wrapper library for evdev devices
Package: wnpp Severity: wishlist Owner: Stephen Kitt * Package name: libevdev Version : 0.3 Upstream Author : Peter Hutterer * URL : http://www.freedesktop.org/wiki/Software/libevdev/ * License : MIT/X Programming Lang: C Description : wrapper library for evdev devices libevdev is a wrapper library for evdev devices. It provides functions covering the common tasks when dealing with evdev devices, thus avoiding erroneous ioctls and other errors. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130912230557.21456.22114.report...@heffalump.sk2.org
Work-needing packages report for Sep 13, 2013
The following is a listing of packages for which help has been requested through the WNPP (Work-Needing and Prospective Packages) system in the last week. Total number of orphaned packages: 535 (new: 2) Total number of packages offered up for adoption: 145 (new: 1) Total number of packages requested help for: 58 (new: 0) Please refer to http://www.debian.org/devel/wnpp/ for more information. The following packages have been orphaned: driconf (#721967), orphaned 6 days ago Description: DRI configuration applet Installations reported by Popcon: 917 imlib2 (#722197), orphaned 4 days ago Description: powerful image loading and rendering library Reverse Depends: amora-applet amora-cli awesome caca-utils conky-all conky-std eterm fbdesk feh fluxbox (37 more omitted) Installations reported by Popcon: 21213 533 older packages have been omitted from this listing, see http://www.debian.org/devel/wnpp/orphaned for a complete list. The following packages have been given up for adoption: bangarang (#722182), offered 4 days ago Description: Multimedia player with a lightweight interface for KDE Installations reported by Popcon: 226 144 older packages have been omitted from this listing, see http://www.debian.org/devel/wnpp/rfa_bypackage for a complete list. For the following packages help is requested: apt-xapian-index (#567955), requested 1319 days ago Description: maintenance tools for a Xapian index of Debian packages Reverse Depends: ept-cache fuss-launcher goplay packagesearch Installations reported by Popcon: 75386 asymptote (#517342), requested 1658 days ago Description: script-based vector graphics language inspired by MetaPost Installations reported by Popcon: 4037 athcool (#278442), requested 3243 days ago Description: Enable powersaving mode for Athlon/Duron processors Installations reported by Popcon: 58 balsa (#642906), requested 718 days ago Description: An e-mail client for GNOME Reverse Depends: balsa-dbg Installations reported by Popcon: 886 cardstories (#624100), requested 871 days ago Description: Find out a card using a sentence made up by another player Installations reported by Popcon: 10 chromium-browser (#583826), requested 1201 days ago Description: Chromium browser Reverse Depends: chromium chromium-dbg chromium-l10n mozplugger Installations reported by Popcon: 20312 cups (#532097), requested 1559 days ago Description: Common UNIX Printing System Reverse Depends: bluez-cups chromium cups cups-backend-bjnp cups-browsed cups-bsd cups-client cups-daemon cups-dbg cups-filters (60 more omitted) Installations reported by Popcon: 124836 debtags (#567954), requested 1319 days ago Description: Enables support for package tags Reverse Depends: goplay packagesearch Installations reported by Popcon: 2428 fbcat (#565156), requested 1338 days ago Description: framebuffer grabber Installations reported by Popcon: 142 flightgear (#487388), requested 1909 days ago Description: Flight Gear Flight Simulator Installations reported by Popcon: 497 freeipmi (#628062), requested 840 days ago Description: GNU implementation of the IPMI protocol Reverse Depends: freeipmi freeipmi-bmc-watchdog freeipmi-ipmidetect freeipmi-tools libfreeipmi-dev libfreeipmi12 libipmiconsole-dev libipmiconsole2 libipmidetect-dev libipmidetect0 (3 more omitted) Installations reported by Popcon: 3612 gnat-4.4 (#539633), requested 1976 days ago Description: backport bug fixes from trunk (GCC 4.5) Reverse Depends: ghdl gnat-4.4 libgnat-4.4 libgnat-4.4-dbg libgnatprj-dev libgnatprj4.4 libgnatprj4.4-dbg libgnatprj4.4-dev libgnatvsn-dev libgnatvsn4.4 (2 more omitted) Installations reported by Popcon: 1123 gnat-gps (#496905), requested 1841 days ago Description: co-maintainer needed Reverse Depends: gnat-gps gnat-gps-dbg Installations reported by Popcon: 503 gnokii (#677750), requested 453 days ago Description: Datasuite for mobile phone management Reverse Depends: gnokii gnokii-cli gnokii-smsd gnokii-smsd-mysql gnokii-smsd-pgsql gnome-phone-manager libgnokii-dev libgnokii6 xgnokii Installations reported by Popcon: 1930 gnupg (#660685), requested 570 days ago Description: GNU privacy guard - a free PGP replacement Reverse Depends: apt bootstrap-base cdebootstrap cdebootstrap-static cdebootstrap-udeb clamav-unofficial-sigs cloud-utils debian-archive-keyring debian-edu-archive-keyring debian-ports-archive-keyring (50 more omitted)
Bug#722651: ITP: r-cran-minqa -- GNU R package for quadratic optimisation without derivatives
Package: wnpp Owner: Dirk Eddelbuettel Severity: wishlist * Package name: r-cran-minqa Version : 1.2.1-1 Upstream Author : Douglas Bates, Katharine M. Mullen, John C. Nash, Ravi Varadhan * URL or Web page : http://cran.r-project.org/package=minqa * License : GPL-2 Description : GNU R package for quadratic optimisation without derivatives This package is now a Build-Depends: of the existing package r-cran-lme4 (with source 'lme4') which has been in Debian since 2004. Dirk -- Dirk Eddelbuettel | e...@debian.org | http://dirk.eddelbuettel.com -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87y571bh58@max.nulle.part
Bug#722652: ITP: r-cran-rcppeigen -- GNU R package for Eigen templated linear algebra
Package: wnpp Owner: Dirk Eddelbuettel Severity: wishlist * Package name: r-cran-rcppeigen Version : 0.3.1.2.1-1 Upstream Author : Douglas Bates, Romain Francois and Dirk Eddelbuettel * URL or Web page : http://cran.r-project.org/package=RcppEigen * License : GPL-2 Description : GNU R package for Eigen templated linear algebra This package is now a Build-Depends: of the existing package r-cran-lme4 (with source 'lme4') which has been in Debian since 2004. Dirk -- Dirk Eddelbuettel | e...@debian.org | http://dirk.eddelbuettel.com -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87vc25bh2i@max.nulle.part
