Update gss-ntlmssp to 0.7.0 to correct sequence numbering mismatch

This is needed for Ubuntu 14.04, 16.04, 16.10, and zesty.

Status changed to 'Confirmed' because the bug affects multiple users.

On Fri, Dec 30, 2016 at 07:50:48PM -0000, Joshua R. Poulson wrote:

> gss-ntlmmssp sequence numbers are incorrect in 0.6.0. In 0.7.0 the
> following patch (which is most of the difference between the two
> versions) fixes sequence numbers. We discovered this testing OMI from
> Linux to Windows, but don't have a simpler test case we can provide.

> ./ntlm_crypto.c
> 564a565,592

Please provide this as a unified diff in attachment (the standard, robust
patch interchange format in the Linux world).

On Fri, Dec 30, 2016 at 07:56:30PM -0000, Joshua R. Poulson wrote:
> This is needed for Ubuntu 14.04, 16.04, 16.10, and zesty.

gss-ntlmssp was not shipped in Ubuntu 14.04.

this is the diffstat and shortlog between v0.6.0..v0.7.0, I'm ok with just backporting 0.7.0 plus the packaging fixes to actually make it work..

 src/gss_creds.c | 25 +++++++--
 src/gss_names.c | 9 +++
 src/gss_ntlmssp.h | 6 ++
 src/gss_sec_ctx.c | 139 ++++++++++++++++++++++++++++++++++++---------------
 src/gss_spi.c | 10 +++
 src/gssapi_ntlmssp.h | 9 +++
 src/ntlm.h | 14 +++++
 src/ntlm_crypto.c | 28 ++++++++++
 tests/ntlmssptest.c | 19 ++++++
 version.m4 | 2
 10 files changed, 214 insertions(+), 47 deletions(-)

8e4485ca11aabae (tag: v0.7.0, origin/upstream, upstream) Release 0.7.0
e4c38602e455700 Add context extension to reset crypto state
4139b9c68b4a307 Move setting seq numbers to a spearate function
1939c683413015b Check that we are actually asking for a known oid
6f4e960b36983ed Fix a regression in error handling
b7ff40d4e30e1ee Add placeholder inquire_name
160940319094d03 Add test for accept returning mech
a7572e70ad98c31 Return actual mech on accept context too
7f375b9fd126ada Fix gss_inquire_cred with no creds
58d3bedb1ba0b9f Add test to check actual_mech is actually returned
429fcc62a7222e5 Return the actual_mech_type when requested

That would be fine here.

any progress on this?

fixed in zesty, I'll prep sru for xenial & yakkety

Hello Joshua, or anyone else affected,

Accepted gss-ntlmssp into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/gss-ntlmssp/0.7.0-3~ubuntu0.16.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Joshua, or anyone else affected,

Accepted gss-ntlmssp into yakkety-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/gss-ntlmssp/0.7.0-3~ubuntu0.16.10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

I'll get on it this morning.

Thank you

Testing complete, and it works with our setup.

Did you test both Xenial and Yakkety or just one release? If just one, which one?

Both

This bug was fixed in the package gss-ntlmssp - 0.7.0-3~ubuntu0.16.04.1

---------------
gss-ntlmssp (0.7.0-3~ubuntu0.16.04.1) xenial; urgency=medium

  * Backport to xenial. (LP: #1653278)

gss-ntlmssp (0.7.0-3) unstable; urgency=medium

  * Install mech config file renamed so that it's actually used, and
    remove the old one on upgrade. Thanks, Steve Langasek!
    (Closes: #845399)

 -- Timo Aaltonen <email address hidden> Thu, 19 Jan 2017 17:58:16 +0200

The verification of the Stable Release Update for gss-ntlmssp has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package gss-ntlmssp - 0.7.0-3~ubuntu0.16.10.1

---------------
gss-ntlmssp (0.7.0-3~ubuntu0.16.10.1) yakkety; urgency=medium

  * Backport to yakkety. (LP: #1653278)

gss-ntlmssp (0.7.0-3) unstable; urgency=medium

  * Install mech config file renamed so that it's actually used, and
    remove the old one on upgrade. Thanks, Steve Langasek!
    (Closes: #845399)

 -- Timo Aaltonen <email address hidden> Thu, 19 Jan 2017 17:58:16 +0200