secnet 0.5.1 - build fixes, security-related make-secnet-sites fixes

Ian Jackson ijackson at chiark.greenend.org.uk
Fri Nov 22 23:26:17 GMT 2019 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

It is a mixed pleasure to announce secnet 0.5.1.

secnet 0.5.1 contains build fixes, including portability fixes for
GCC9 and fixes for make-secnet-sites's tests for various secnet
versions.  And it contains a fix to a bug with make-secnet-sites -P
option, which did not work properly in 0.5.0.

It also contains a currently mostly prophylactic change to the way
sites.conf is generated by make-secnet-sites.  Normal installations
should not see any trouble but abnormal ones may need to adjust their
config.

If you have already updated to 0.5.0 and it works for you there is no
particularly compelling reason to urgently upgrade to 0.5.1.  At some
point you will have to deal with the make-secnet-sites prefixing
change, but that can be done at your leisure.

If you have not yet updated to 0.5.0 (which contains a critical
security fix for make-secnet-sites, when that program is run with
untrusted input) then 0.5.1 is probably a better plan.

This release also contains a complete overhaul of the build systme.  I
think it is much improved but of course there may be new bugs, rather
than just removed old bugs.

I appreciate that these releases containing a mixture of substantial
overhauls and important fixes are not very convenient.  I would be
happy to support a volunteeer who wanted to do backports.

0.5.1 can be found here:
  https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git/secnet.git/
  https://www.chiark.greenend.org.uk/~secnet/release/0.5.1/

SHA-256 checksums are listed below.

The .deb is from Debian amd64 stretch (oldstable) and should work on
more recent versions of Debian.


secnet (0.5.1) unstable; urgency=medium

  POTENTIALLY INCOMPATIBLE CHANGE.  Some security implications.

  * make-secnet-sites: Prefix names when writing secnet sites.conf file.

    make-secnet-sites must copy names (vpn, location and site names) from
    the input sites file (which is not wholly trusted) to the secnet
    config file.  Prior to this release, naming a location or site the
    same as a secnet predefined name could generate a broken sites.conf
    which secnet would reject.  (With the existing featureset,
    malfunctions other than rejection, eg privilege escalation, are not
    possible.)

    make-secnet-sites now adds a prefix to these names when writing
    sites.conf.  This will not affect configurations which use the
    make-secnet-sites-provided `all-sites' key, as is usual.  Other
    configurations will break unless the references in the static part of
    the config are adjusted.

    Previous behaviour can be restored with the --no-conf-key-prefix
    option.  (Planned future enhancements to secnet are likely to make use
    of that option, with untrusted input, dangerously insecure.)

  other changes to make-secnet-sites:
  * Fix argument parsing.  Fixes a regression affecting -P in 0.5.0,
    and also fixes new facilities introduced in 0.5.0.
  * Sort the properties on output (and adjust the test case expected
    outputs).  Tests now pass on (at least) Python 2.7.13, 3.5.3, 3.7.5.
  * Delete some unused code.

  secnet:
  * Change one idiom to avoid a warning from GCC9.  No functional change.

  build system - MAJOR CHANGES:
  * Fix out-of-tree builds.  (Broken in 0.5.0)
  * Replace recursive make with use of the new subdirmk system.
    This represents a fairly comprehensive overhaul of the makefiles.
    Several bugs (esp. involving dependencies between files in different
    directories) are fixed.
  * Drop `make check' from `make all'.  (Otherwise there is no way
    to ask for `all' without `check'.)
  * Suppress two unhelpful new compiler warnings from GCC9.
  * Release checklist update.

  documentation:
  * Creit Mark Wooding properly in CREDITS.
  * Include DEVELOPER-CERTIFICATE.

  tests:
  * Locations now have different names to sites.
  * Somewhat better debugging output from mtest.
  * Do not run msgcode-test except with `make fullcheck'.
  * Other minor bugfixes and improvments.
  * stest: Suppress unhelpful -Wno-unused-result (needed for stretch).

 -- Ian Jackson <ijackson at chiark.greenend.org.uk>  Fri, 22 Nov 2019 23:13:14 +0000


71e4a9b408a9bc8b5bc8a850cd91085ea3a3ea3215af2abdb70763bcbe8a3fd5  secnet_0.5.1.dsc
e15e21e72f4989558ddadc0f05a4ca144025085fcf653fb685dca67fbd0cca9b  secnet_0.5.1.tar.gz
613322c94d6279c205d8735880093f3b1394e0b94a8f2d4860de878746de15d7  secnet-dbgsym_0.5.1_amd64.deb
8b0bc0d83619174e7758ad941a90aec954a9cad93305315e76f100f4894e3d68  secnet_0.5.1_amd64.buildinfo
26b6e1c7516dfe2bda4b3f1ac88579ca8cb963bfc73a4b7524ddb46fd8740a1c  secnet_0.5.1_amd64.deb
56aaedd6d3b43f4af4aab00cd0e1ed13d14f336d61d5664e167b5950f27c506c  secnet_0.5.1_multi.changes
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEVZrkbC1rbTJl58uh4+M5I0i1DTkFAl3YbjIACgkQ4+M5I0i1
DTkhHAgAjUfl1ziYsuXnV/6Q0xBfNQK/p0BelNAEviRAZcLgE/8nhbIWu8tJd9zj
vkHLBeRN/q5o9sVLnmtwY/hmPCJv3ZVIjVwr5WBGf2hLce8FEZ7qe7QGRKXZIlcc
4HoqtNRpWqhW7rBl/LHaoZJirt3AOPq0h02nJbAY/+g/29lYMc+AG6nFQDBFcw5q
33rRsL468FVg/zGhY004nSMVwQtKb+7d31jnxujXhdaMQNMNjVAcO4UkCMvcSEmU
0NsTrN43xtVBzI6KtphNbQqBNQSa8qDRQcOOIr5hi14zjc6JAwT88jd//0ss7YEp
ikkH+E4iY+AADmftwf/lbc2xqiarpA==
=mP6+
-----END PGP SIGNATURE-----

More information about the sgo-software-announce mailing list