[Pkg-gtkpod-devel] Bug#851139: libimobiledevice6: Broken pairing records may have been generated with some GnuTLS versions

Tino Mettler tino.mettler+debbugs at tikei.de
Thu Jan 12 11:29:15 UTC 2017 

Package: libimobiledevice6
Version: 1.2.0+dfsg-3
Severity: important
Tags: patch

According to https://github.com/libimobiledevice/libimobiledevice/issues/413#issuecomment-258321151
broken pairing records may be generated and living in /var/lib/lockdown
even after the upgrade to a fixed version, causing connection failures.

The reason for the failure is hard to find by the user and manual
steps will be needed to fix it. Therefore I suggest to remove the broken
pairing entries during the upgrade.

The attached patch does exactly this, plus a notification about the
issue via debconf. My patch is based on the NMU provided by Nathan
Kennedy in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840931#17

Regards,
Tino

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.8.12 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages libimobiledevice6 depends on:
ii  libc6        2.24-8
ii  libgcrypt20  1.7.5-2
ii  libgnutls30  3.5.8-1
ii  libplist3    1.12-3.1
ii  libtasn1-6   4.9-4
ii  libusbmuxd4  1.0.10-3

Versions of packages libimobiledevice6 recommends:
ii  usbmuxd  1.1.0-2+b1

Versions of packages libimobiledevice6 suggests:
pn  libusbmuxd-tools  <none>

-- debconf-show failed
-------------- next part --------------
diff -Nru libimobiledevice-1.2.0+dfsg/debian/changelog libimobiledevice-1.2.0+dfsg-fixed/debian/changelog
--- libimobiledevice-1.2.0+dfsg/debian/changelog	2017-01-12 09:37:57.737556397 +0100
+++ libimobiledevice-1.2.0+dfsg-fixed/debian/changelog	2017-01-12 12:04:34.356931096 +0100
@@ -1,3 +1,12 @@
+libimobiledevice (1.2.0+dfsg-3.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Remove broken pairing entries.
+  * Remove obsolete DM-Upload-Allowed entry
+  * Bump standards version
+
+ -- Tino Mettler <tino+debian at tikei.de>  Thu, 12 Jan 2017 12:04:32 +0100
+
 libimobiledevice (1.2.0+dfsg-3.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru libimobiledevice-1.2.0+dfsg/debian/control libimobiledevice-1.2.0+dfsg-fixed/debian/control
--- libimobiledevice-1.2.0+dfsg/debian/control	2016-06-02 18:55:15.000000000 +0200
+++ libimobiledevice-1.2.0+dfsg-fixed/debian/control	2017-01-12 12:01:52.450894212 +0100
@@ -3,7 +3,7 @@
 Priority: optional
 Maintainer: gtkpod Maintainers <pkg-gtkpod-devel at lists.alioth.debian.org>
 Uploaders: Julien Lavergne <julien.lavergne at gmail.com>
-Standards-Version: 3.9.6
+Standards-Version: 3.9.8
 Build-Depends: debhelper (>= 9),
                dh-python,
                libgnutls28-dev,
@@ -23,7 +23,6 @@
 Homepage: http://libimobiledevice.org/
 Vcs-Git: git://git.debian.org/git/pkg-gtkpod/packages/libimobiledevice.git
 Vcs-Browser: http://git.debian.org/?p=pkg-gtkpod/packages/libimobiledevice.git
-DM-Upload-Allowed: yes
 
 Package: libimobiledevice6
 Architecture: any
@@ -31,6 +30,8 @@
 Pre-Depends: ${misc:Pre-Depends}
 Depends: ${shlibs:Depends},
          ${misc:Depends},
+         libxml2-utils,
+         debconf
 Recommends: usbmuxd
 Suggests: libusbmuxd-tools
 Conflicts: libiphone0
diff -Nru libimobiledevice-1.2.0+dfsg/debian/libimobiledevice6.config libimobiledevice-1.2.0+dfsg-fixed/debian/libimobiledevice6.config
--- libimobiledevice-1.2.0+dfsg/debian/libimobiledevice6.config	1970-01-01 01:00:00.000000000 +0100
+++ libimobiledevice-1.2.0+dfsg-fixed/debian/libimobiledevice6.config	2017-01-12 10:05:41.535637213 +0100
@@ -0,0 +1,7 @@
+#!/bin/sh -e
+
+# Source debconf library.
+. /usr/share/debconf/confmodule
+
+db_input medium libimobiledevice6/broken_pairing_entries || true
+db_go
diff -Nru libimobiledevice-1.2.0+dfsg/debian/libimobiledevice6.postinst libimobiledevice-1.2.0+dfsg-fixed/debian/libimobiledevice6.postinst
--- libimobiledevice-1.2.0+dfsg/debian/libimobiledevice6.postinst	1970-01-01 01:00:00.000000000 +0100
+++ libimobiledevice-1.2.0+dfsg-fixed/debian/libimobiledevice6.postinst	2017-01-12 12:07:23.282835414 +0100
@@ -0,0 +1,13 @@
+#!/bin/sh -e
+
+ACTION="$1"
+
+if [ "$ACTION" = "configure" ]; then
+	for i in /var/lib/lockdown/[a-f0-9]*.plist ; do
+		if test -e "$i" && test -z "$(xmllint --nowarning --nonet --xpath 'normalize-space(/plist/dict/key[.="DeviceCertificate"]/following-sibling::data[1]/text())' "$i")"; then
+			rm -f "$i"
+		fi
+	done
+fi
+
+#DEBHELPER#
diff -Nru libimobiledevice-1.2.0+dfsg/debian/libimobiledevice6.templates libimobiledevice-1.2.0+dfsg-fixed/debian/libimobiledevice6.templates
--- libimobiledevice-1.2.0+dfsg/debian/libimobiledevice6.templates	1970-01-01 01:00:00.000000000 +0100
+++ libimobiledevice-1.2.0+dfsg-fixed/debian/libimobiledevice6.templates	2017-01-12 12:16:23.723306791 +0100
@@ -0,0 +1,8 @@
+Template: libimobiledevice6/broken_pairing_entries
+Type: note
+_Description: Removal of broken pairing entries
+ There was an incompatibility with some GnuTLS versions that may have caused
+ the generation of broken pairing entries in /var/lib/lockdown. They will be
+ autodetected and removed during the upgrade. A new pairing process will be
+ started next time the device is connected.
+
diff -Nru libimobiledevice-1.2.0+dfsg/debian/po/POTFILES.in libimobiledevice-1.2.0+dfsg-fixed/debian/po/POTFILES.in
--- libimobiledevice-1.2.0+dfsg/debian/po/POTFILES.in	1970-01-01 01:00:00.000000000 +0100
+++ libimobiledevice-1.2.0+dfsg-fixed/debian/po/POTFILES.in	2017-01-12 10:14:48.766410673 +0100
@@ -0,0 +1 @@
+[type: gettext/rfc822deb] libimobiledevice6.templates
diff -Nru libimobiledevice-1.2.0+dfsg/debian/po/templates.pot libimobiledevice-1.2.0+dfsg-fixed/debian/po/templates.pot
--- libimobiledevice-1.2.0+dfsg/debian/po/templates.pot	1970-01-01 01:00:00.000000000 +0100
+++ libimobiledevice-1.2.0+dfsg-fixed/debian/po/templates.pot	2017-01-12 12:18:17.239324469 +0100
@@ -0,0 +1,34 @@
+# templates.pot for libimobiledevice
+# Copyright (C) 2017 Tino Mettler
+# This file is distributed under the same license as the libimobiledevice package.
+# Tino Mettler <tino+debian at tikei.de>, 2017.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: libimobiledevice\n"
+"Report-Msgid-Bugs-To: libimobiledevice at packages.debian.org\n"
+"POT-Creation-Date: 2017-01-12 12:16+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL at ADDRESS>\n"
+"Language-Team: LANGUAGE <LL at li.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=CHARSET\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: note
+#. Description
+#: ../libimobiledevice6.templates:1001
+msgid "Removal of broken pairing entries"
+msgstr ""
+
+#. Type: note
+#. Description
+#: ../libimobiledevice6.templates:1001
+msgid ""
+"There was an incompatibility with some GnuTLS versions that may have caused "
+"the generation of broken pairing entries in /var/lib/lockdown. They will be "
+"autodetected and removed during the upgrade. A new pairing process will be "
+"started next time the device is connected."
+msgstr ""

More information about the Pkg-gtkpod-devel mailing list