Ubuntu
libapache2-mod-auth-mellon package

Merge ~dmitriis/ubuntu/+source/libapache2-mod-auth-mellon:ubuntu/devel into ubuntu/+source/libapache2-mod-auth-mellon:ubuntu/devel

  1. Git
  2. lp:~dmitriis/ubuntu/+source/libapache2-mod-auth-mellon
  3. ubuntu/devel
  4. Merge into ubuntu/devel
Proposed by Dmitrii Shcherbakov
Status: Merged
Merge reported by: Andreas Hasenack
Merged at revision: 282af37fee2d2c566afc6f1844a6c3baa47f81aa
Proposed branch: ~dmitriis/ubuntu/+source/libapache2-mod-auth-mellon:ubuntu/devel
Merge into: ubuntu/+source/libapache2-mod-auth-mellon:ubuntu/devel
Diff against target: 27 lines (+8/-0)
2 files modified
debian/changelog (+6/-0)
debian/rules (+2/-0)
Reviewer Review Type Date Requested Status
Canonical Server Pending
git-ubuntu developers Pending
Review via email: mp+364984@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Hi, as discussed back then in IRC, this would need a feature freeze exception. Thanks for updating the bug in that regard.

It looks like this build-time option doesn't affect the service unless the diagnostic option is also enabled. I read the documentation and found no warnings about that, but I'm not familiar with this module. The only obvious warning was that the diagnostic output, if enabled, will contain security sensitive data.

Let's see what the FFe decision is.

Revision history for this message
Dmitrii Shcherbakov (dmitriis) wrote :

Yes, based on what I pasted in the [Installation] section in the bug description, unless MellonDiagnosticsEnable is explicitly enabled there is no effect on the module behavior.

The type of information dumped is described in this upstream commit: https://github.com/Uninett/mod_auth_mellon/commit/e8579f6387d9841ce619d836110050fb18117753

" - SP key" - this is probably the most obvious piece of information that is not public and is normally visible to the module only.

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

This was fixed in 0.14.2-1ubuntu1 in disco.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 2978d31..3d9b885 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,9 @@
6+libapache2-mod-auth-mellon (0.14.1-1ubuntu1) UNRELEASED; urgency=medium
7+
8+ * Build the module with --enable-diagnostics (LP: #1820279)
9+
10+ -- Dmitrii Shcherbakov <dmitrii.shcherbakov@canonical.com> Fri, 22 Mar 2019 22:27:25 +0300
11+
12 libapache2-mod-auth-mellon (0.14.1-1) unstable; urgency=medium
13
14 [ Thijs Kinkhorst ]
15diff --git a/debian/rules b/debian/rules
16index 5f81a8c..1c482e0 100755
17--- a/debian/rules
18+++ b/debian/rules
19@@ -7,6 +7,8 @@ export DEB_BUILD_MAINT_OPTIONS = hardening=+all
20
21 override_dh_auto_install:
22
23+override_dh_auto_configure:
24+ dh_auto_configure -- --enable-diagnostics
25 override_dh_fixperms:
26 dh_fixperms
27 chown www-data debian/libapache2-mod-auth-mellon/var/cache/apache2/mod_auth_mellon/

Subscribers

People subscribed via source and target branches