[Pkg-kde-extras] Bug#931739: Bug#931739: quassel-core: key too small error after upgrade to buster

[Diederik de Haas]

On donderdag 18 juli 2019 20:11:46 CEST RedOmen wrote:
> I tried to use the instructions here:
> https://bugs.quassel-irc.org/projects/quassel-irc/wiki/Client-Core_SSL_suppo
> rt but could not get it to work.
> 
> I ended up having to remove all the /var/lib/quassel/ files and running
> dpkg-reconfigure quassel-core and manually recreating my accounts but
> that seems to have fixed it.

You were bitten by https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732728.
The command that you need(ed) is contained in the postinst script of the package.
You can view it by downloading the .deb file from 
https://packages.debian.org/buster/amd64/quassel-core/download (or find it in 
/var/cache/apt/archives/), open/extract it and then open/extract control.tar.xz in 
which you'll find the postinst file.

For completeness, here's the relevant part of postinst that generates the certificate:

# some variables
QUASSEL_GROUP=quassel
QUASSEL_USER=quasselcore
QUASSEL_HOME=/var/lib/quassel
QUASSEL_LOG=/var/log/quassel
QUASSEL_CERT=$QUASSEL_HOME/quasselCert.pem

if [ ! -e $QUASSEL_CERT ] ; then
  echo "Generating SSL certificate as $QUASSEL_CERT ..."
  ( umask 0027 && runuser -u $QUASSEL_USER -- openssl req -x509 -nodes -batch -days 680 -newkey rsa \
    -keyout $QUASSEL_CERT -out $QUASSEL_CERT )
fi


I know it's not important for you anymore, but in case others run into the 
same issue, they should now have enough to just regenerate the certificate.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://alioth-lists.debian.net/pipermail/pkg-kde-extras/attachments/20190718/5fd94207/attachment.sig>