Bug#777176: marked as done (pre-approval: unblock: phpldapadmin/1.2.2-5.2)

To: Ivo De Decker <ivodd@debian.org>
Subject: Bug#777176: marked as done (pre-approval: unblock: phpldapadmin/1.2.2-5.2)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sat, 14 Feb 2015 09:51:11 +0000
Message-id: <[🔎] handler.777176.D777176.14239074064534.ackdone@bugs.debian.org>
References: <20150214094957.GA28093@ugent.be> <[🔎] 20150205221959.3380.90549.reportbug@localhost>

Your message dated Sat, 14 Feb 2015 10:49:58 +0100
with message-id <20150214094957.GA28093@ugent.be>
and subject line Re: Bug#777176: pre-approval: unblock: phpldapadmin/1.2.2-5.2
has caused the Debian Bug report #777176,
regarding pre-approval: unblock: phpldapadmin/1.2.2-5.2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
777176: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777176
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: pre-approval: unblock: phpldapadmin/1.2.2-5.2
From: Mika Pflüger <debian@mikapflueger.de>
Date: Thu, 05 Feb 2015 23:19:59 +0100
Message-id: <[🔎] 20150205221959.3380.90549.reportbug@localhost>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Hi,

phpldapadmin has bug #761637, which I think is RC for phpldapadmin. The short version is: phpldapadmin is a frontend to manage ldap directories. As a regression from stable, the version in testing crashes if an entry in the managed ldap directory contains a password field. As it is /very/ common to have password fields in ldap entries, this renders the package unusable for a large portion of the user base.
Fortunately, the fix for this is small, as the issue is already partly fixed by version 1.2.2-5.1 which is already in testing. It was missing:
* A single line change in the code.
* An update of the config file
* A NEWS entry to explain users how to update their config.
I have prepared a package containing the fix, which can provisionally be found at https://mentors.debian.net/package/phpldapadmin . The meat of the debdiff is:

diff -Nru phpldapadmin-1.2.2/debian/changelog phpldapadmin-1.2.2/debian/changelog
--- phpldapadmin-1.2.2/debian/changelog	2014-05-02 04:30:44.000000000 +0200
+++ phpldapadmin-1.2.2/debian/changelog	2015-02-05 01:02:16.000000000 +0100
@@ -1,3 +1,11 @@
+phpldapadmin (1.2.2-5.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Update the php 5.5 compatibility patch for the password_hash_custom
+    setting (Closes: #761637).
+
+ -- Mika Pflüger <debian@mikapflueger.de>  Thu, 05 Feb 2015 00:41:07 +0100
+
 phpldapadmin (1.2.2-5.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru phpldapadmin-1.2.2/debian/patches/php-5.5-compat.patch phpldapadmin-1.2.2/debian/patches/php-5.5-compat.patch
--- phpldapadmin-1.2.2/debian/patches/php-5.5-compat.patch	2014-05-02 04:28:13.000000000 +0200
+++ phpldapadmin-1.2.2/debian/patches/php-5.5-compat.patch	2015-02-05 01:13:38.000000000 +0100
+Index: phpldapadmin-1.2.2/config/config.php.example
+===================================================================
+--- phpldapadmin-1.2.2.orig/config/config.php.example
++++ phpldapadmin-1.2.2/config/config.php.example
+@@ -379,7 +379,7 @@ $servers->setValue('server','name','My L
+ 
+ /* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
+    blowfish, crypt or leave blank for now default algorithm. */
+-// $servers->setValue('appearance','password_hash','md5');
++// $servers->setValue('appearance','password_hash_custom','md5');
+ 
+ /* If you specified 'cookie' or 'session' as the auth_type above, you can
+    optionally specify here an attribute to use when logging in. If you enter
+@@ -546,7 +546,7 @@ $servers->setValue('sasl','authz_id_rege
+ $servers->setValue('sasl','authz_id_replacement','$1');
+ $servers->setValue('sasl','props',null);
+ 
+-$servers->setValue('appearance','password_hash','md5');
++$servers->setValue('appearance','password_hash_custom','md5');
+ $servers->setValue('login','attr','dn');
+ $servers->setValue('login','fallback_dn',false);
+ $servers->setValue('login','class',null);
+Index: phpldapadmin-1.2.2/lib/TemplateRender.php
+===================================================================
+--- phpldapadmin-1.2.2.orig/lib/TemplateRender.php
++++ phpldapadmin-1.2.2/lib/TemplateRender.php
+@@ -2466,7 +2466,7 @@ function deleteAttribute(attrName,friend
+ 		if ($val = $attribute->getValue($i))
+ 			$default = get_enc_type($val);
+ 		else
+-			$default = $this->getServer()->getValue('appearance','password_hash');
++			$default = $this->getServer()->getValue('appearance','password_hash_custom');
+ 
+ 		if (! $attribute->getPostValue())
+ 			printf('<input type="hidden" name="post_value[%s][]" value="%s" />',$attribute->getName(),$i);

(the version currently at mentors has a slightly larger debdiff due to quilt refresh'ing of the php-5.5-compat.patch, but with no further real changes).

If you pre-approve the unblock request, I will write a NEWS entry, seek a sponsor and come back to you. I am using a fixed version at a reasonably busy site for two weeks now.

One thing to note is that the version currently in testing deviates from the upstream solution, possibly because it predates it. The setting which collides with a php-internal function name ('password_hash' in debian stable) was [incompletely, hence this bug] changed to 'password_hash_custom' in debian, but to 'pla_password_hash' in the 1.2.3 upstream version. That is clearly a suboptimal situation, as this will confuse users and will come back to bite us later. However, I guess changing 'password_hash_custom' to 'pla_password_hash' is a bit intrusive at this stage of the release cycle. If you disagree, I can also prepare a patch which aligns with upstream's choice of bike shed colour.

Cheers,

Mika

unblock phpldapadmin/1.2.2-5.2

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (650, 'testing'), (450, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

--- End Message ---

--- Begin Message ---

To: Niels Thykier <niels@thykier.net>, 777176-done@bugs.debian.org

Cc: Mika Pflüger <debian@mikapflueger.de>

Subject: Re: Bug#777176: pre-approval: unblock: phpldapadmin/1.2.2-5.2

From: Ivo De Decker <ivodd@debian.org>

Date: Sat, 14 Feb 2015 10:49:58 +0100

Message-id: <20150214094957.GA28093@ugent.be>

In-reply-to: <[🔎] 54D52F46.3030804@thykier.net>

References: <[🔎] 20150205221959.3380.90549.reportbug@localhost> <[🔎] 54D52F46.3030804@thykier.net>
Hi,

On Fri, Feb 06, 2015 at 10:16:54PM +0100, Niels Thykier wrote:
> I am inclined to agree that this is regression compared to Wheezy should
> be an RC bug.  Please go ahead with the proposed patch for Jessie.  It
> would make sense for Stretch to have the upstream version of the fix.

The fix was uploaded. Unblocked.

Cheers,

Ivo
--- End Message ---

Reply to:

References:
- Bug#777176: pre-approval: unblock: phpldapadmin/1.2.2-5.2
  - From: Mika Pflüger <debian@mikapflueger.de>

Prev by Date: Bug#777118: marked as done (pre-approval: geoip-database/<something>)
Next by Date: Processed: Re: Bug#778364: unblock: glibc/2.19-15
Previous by thread: Processed: Re: Bug#777176: pre-approval: unblock: phpldapadmin/1.2.2-5.2
Next by thread: Bug#777181: nmu: nmh_1.6-3
Index(es):
- Date
- Thread