| ... | ... | @@ -1758,14 +1758,16 @@ avoid confusion. |
|
|
|
|
|
|
|
### userdir-ldap fork status
|
|
|
|
|
|
|
|
Our diff in `userdir-ldap` is much smaller:
|
|
|
|
Our diff in `userdir-ldap` used to be much smaller (in 2021):
|
|
|
|
|
|
|
|
6 files changed, 46 insertions(+), 19 deletions(-)
|
|
|
|
|
|
|
|
We have 4 patches there, and a handful were merged upstream. The
|
|
|
|
We had 4 patches there, and a handful were merged upstream. The
|
|
|
|
remaining patches could probably live as configuration files in
|
|
|
|
Puppet, reducing the diff to nil.
|
|
|
|
|
|
|
|
#### 2023 update
|
|
|
|
|
|
|
|
Update, 2023-05-10: some patches were merged, some weren't, and we had
|
|
|
|
to roll new ones. We have the following diff now:
|
|
|
|
|
| ... | ... | @@ -1870,6 +1872,86 @@ micah's patch (in |
|
|
|
https://gitlab.torproject.org/tpo/tpa/team/-/issues/41166), so we
|
|
|
|
added an extra branch in there.
|
|
|
|
|
|
|
|
#### 2024 update
|
|
|
|
|
|
|
|
As of 2024-06-03, the situation has not improved:
|
|
|
|
|
|
|
|
```
|
|
|
|
anarcat@angela:userdir-ldap$ git diff dsa/master --stat
|
|
|
|
.gitlab-ci.yml | 18 ------------------
|
|
|
|
debian/changelog | 22 ++++++++++++++++++++++
|
|
|
|
debian/rules | 2 +-
|
|
|
|
debian/ud-replicate.cron.d | 2 +-
|
|
|
|
misc/ud-update-sudopasswords | 4 ++--
|
|
|
|
templates/passwd-changed | 2 +-
|
|
|
|
templates/welcome-message | 41 ++++++++++++++++++++++++++++-------------
|
|
|
|
test/test_pass.py | 10 ++++++++++
|
|
|
|
ud-mailgate | 14 ++++++++------
|
|
|
|
ud-replicate | 4 ++--
|
|
|
|
userdir-ldap.conf | 2 +-
|
|
|
|
userdir_ldap/generate.py | 49 ++++++++++++++++++++++++++++++++++++++-----------
|
|
|
|
12 files changed, 114 insertions(+), 56 deletions(-)
|
|
|
|
```
|
|
|
|
|
|
|
|
We seem incapable of getting our changes merged upstream at this
|
|
|
|
point. Numerous patches were sent to DSA only to be either ignored,
|
|
|
|
rewritten, or replaced without attribution. It has become such a
|
|
|
|
problem that we have effectively given up on merging the two
|
|
|
|
code bases.
|
|
|
|
|
|
|
|
We should acknowledge that *some* patches were actually merged, but
|
|
|
|
the patches that weren't were so demotivating that it seems easier to
|
|
|
|
just track this as a non-collaborating upstream, with our code as a
|
|
|
|
friendly fork, than pretending there's real collaboration happening.
|
|
|
|
|
|
|
|
Our patch set is currently:
|
|
|
|
|
|
|
|
* `tpo-scrub-0.3.104` (unchanged, possibly unmergeable):
|
|
|
|
* `43c67a3` fix URL in passwd-changed template to torproject.org
|
|
|
|
* `f9f9a67` Set emailappend to torproject.org
|
|
|
|
* `c77a70b` Use https:// in welcome email
|
|
|
|
* `6966895` Re-apply tpo changes to Debian's repo
|
|
|
|
* `mailpassword-generate-0.3.104` (patch rewritten upstream, unclear
|
|
|
|
if still needed)
|
|
|
|
* `hashpass-test-0.3.104` (unchanged)
|
|
|
|
* 7ceb72b (add tests for ldap.HashPass, 2021-10-27 15:29:30 -0400)
|
|
|
|
* `fix-crash-without-exim-0.3.104` (new)
|
|
|
|
- 51716ed (ud-replicate: fix crash when exim is not installed, 2023-05-11 13:53:33 -0400)
|
|
|
|
* `paramiko-workaround-0.3.104-dff949b` (new, not sent upstream
|
|
|
|
considering `ssh-openssh-87` was rejected)
|
|
|
|
- 6233f8e (workaround SSH host key lookup bug in paramiko, 2023-11-21 14:49:46 -0500)
|
|
|
|
* `sshfp-openssh-87` (new, rejected)
|
|
|
|
- 651f280 (disable SSHFP record for initramfs keys, 2023-05-10 14:38:56 -0400)
|
|
|
|
* `py3_allowed_hosts_unicode-0.3.104)` (new, rewritten upstream, conflicting)
|
|
|
|
- 88bb60d (LDAP now returns bytes, fix another comparison in ud-mailgate, 2023-10-12 10:23:53 -0400)
|
|
|
|
|
|
|
|
The following patches were actually merged:
|
|
|
|
|
|
|
|
* `bookworm-build-0.3.104`:
|
|
|
|
* d0740a9 (fix implicit int to str cast that broke in bookworm (bullseye?) upgrade, 2023-09-13)
|
|
|
|
* `25d89bd` fix warning about chown(1) call in bookworm
|
|
|
|
* `9c49a4a` fix Depends to support python3-only installs
|
|
|
|
* `1ece069` bump dh compat to 7
|
|
|
|
* `90ef120` make this build without python2
|
|
|
|
* `install-restore-crash-0.3.104`:
|
|
|
|
* 4ab5d83 (fix crash: LDAP returns a string, cast it to an integer, 2023-09-14 10:28:41 -0400)
|
|
|
|
* `procmail-0.3.104-pre-dd7f9a3`:
|
|
|
|
* 661875e (drop procmail from userdir-ldap dependencies, 2022-02-28 21:15:41 -0500)
|
|
|
|
|
|
|
|
Two patches are still in development:
|
|
|
|
|
|
|
|
* `ssh-sk-0.3.104`
|
|
|
|
* a722f6f Add support for security key generated ssh public keys
|
|
|
|
(sk- prefix).
|
|
|
|
* `thunderbird-pgp`
|
|
|
|
* d026f0f (replace my email address with example one, 2024-06-03)
|
|
|
|
* 8aca3fc (extract multipart mime message content correctly, 2024-06-03)
|
|
|
|
* 90882c5 (fix sequoia signature parsing, 2024-06-03)
|
|
|
|
* a395279 (fix TB signing test failure, 2024-06-03)
|
|
|
|
* 618d55f (add testcase for thunderbird pgp mail, 2024-06-03)
|
|
|
|
|
|
|
|
Patches were not resent or rebased.
|
|
|
|
|
|
|
|
## Monitoring and testing
|
|
|
|
|
|
|
|
Nagios checks the `/var/lib/misc/thishost/last_update.trace` timestamp
|
| ... | ... | |
