Package: keyutils / 1.5.9-9

Metadata

Package Version Patches format
keyutils 1.5.9-9 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
cifs.patch | (download)

request-key.conf | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

 added 2 cifs helpers to request-key.conf

For CIFS DFS support

cflags.patch | (download)

Makefile | 2 0 + 2 - 0 !
1 file changed, 2 deletions(-)

 avoid setting intel architecture specific cflags

Bug-Debian: http://bugs.debian.org/638925
hardening.patch | (download)

Makefile | 12 8 + 4 - 0 !
1 file changed, 8 insertions(+), 4 deletions(-)

 use build flags from environment (dpkg-buildflags)

Necessary for hardening flags. Also strip -pie/-fPIE from CFLAGS/LDFLAGS when
used to link libraries. It conflicts with -fPIC.

Bug-Debian: http://bugs.debian.org/661393
tests directories.patch | (download)

tests/runtest.sh | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 use change-directory instead of push- and pop-directory

 Bug-Debian: http://bugs.debian.org/659297
man page syntax fixes.patch | (download)

man/find_key_by_type_and_name.3 | 2 1 + 1 - 0 !
man/key.dns_resolver.8 | 2 1 + 1 - 0 !
man/keyctl.1 | 40 20 + 20 - 0 !
man/persistent-keyring.7 | 4 2 + 2 - 0 !
man/process-keyring.7 | 4 2 + 2 - 0 !
man/recursive_key_scan.3 | 2 1 + 1 - 0 !
man/session-keyring.7 | 4 2 + 2 - 0 !
man/thread-keyring.7 | 4 2 + 2 - 0 !
man/user-keyring.7 | 4 2 + 2 - 0 !
man/user-session-keyring.7 | 4 2 + 2 - 0 !
10 files changed, 35 insertions(+), 35 deletions(-)

 man page syntax fixes

Use bash to execute the tests.patch | (download)

tests/prepare.inc.sh | 2 1 + 1 - 0 !
tests/runtest.sh | 2 1 + 1 - 0 !
2 files changed, 2 insertions(+), 2 deletions(-)

 use bash to execute the tests

The test fixtures are full of bashisms. Getting rid of them should be discussed
with upstream first.

enable skipping tests req root.patch | (download)

tests/keyctl/padd/useradd/runtest.sh | 59 33 + 26 - 0 !
tests/prepare.inc.sh | 8 8 + 0 - 0 !
2 files changed, 41 insertions(+), 26 deletions(-)

 enable skipping tests requiring root

We don't have root privileges at build time.

Disable some tests.patch | (download)

tests/bugzillas/bz1031154/runtest.sh | 87 0 + 87 - 0 !
1 file changed, 87 deletions(-)

 disable some tests

Some tests do not properly check whether features they need are available.
These will be fixed in the next upstream release.

Remove RHEL specific feature test.patch | (download)

tests/keyctl/session/valid/runtest.sh | 15 0 + 15 - 0 !
1 file changed, 15 deletions(-)

 remove rhel-specific feature test

The release number comparison breaks  with sid's release number of "unstable".

Enable skipping test requiring installation.patch | (download)

tests/keyctl/requesting/bad-args/runtest.sh | 9 9 + 0 - 0 !
tests/keyctl/requesting/noargs/runtest.sh | 9 9 + 0 - 0 !
tests/keyctl/requesting/piped/runtest.sh | 9 9 + 0 - 0 !
tests/keyctl/requesting/valid/runtest.sh | 10 10 + 0 - 0 !
tests/prepare.inc.sh | 8 8 + 0 - 0 !
5 files changed, 45 insertions(+)

 enable skipping test requiring installation

Tests for request2 and prequest2 subcommands require /sbin/request-key to be
present. The kernel looks for this in the actual root (outside of any chroot),
which means we cannot test subcommands at build time.

Conditionalize tests based on kernel version.patch | (download)

tests/keyctl/invalidate/bad-args/runtest.sh | 9 9 + 0 - 0 !
tests/keyctl/invalidate/noargs/runtest.sh | 9 9 + 0 - 0 !
tests/keyctl/invalidate/valid/runtest.sh | 9 9 + 0 - 0 !
tests/keyctl/padd/useradd/runtest.sh | 25 14 + 11 - 0 !
4 files changed, 41 insertions(+), 11 deletions(-)

 conditionalize tests based on kernel version

Check the kernel version before running some tests to make sure that the
currently running kernel supports the features they require.

Insert delay in key invalidation test.patch | (download)

tests/keyctl/invalidate/valid/runtest.sh | 3 3 + 0 - 0 !
1 file changed, 3 insertions(+)

 test: insert a delay in the key invalidation test to allow for gc
 delays

The key invalidation test may fail because the check for a key having been
invalidated may occur too quickly after the call to invalidate the key.

The problem is that whilst the key is marked invalidated immediately, the
subsequent process of garbage collecting the invalidated key isn't synchronous
and may be delayed as the keyrings gc is merely scheduled to be run at some
later time.

Stick a small delay in there to give the gc a chance to run.

Bug-Redhat: illa-entry: https://bugzilla.redhat.com/show_bug.cgi?id=1072798
Make testcase aware of a kernel behaviour change.patch | (download)

tests/keyctl/timeout/valid/runtest.sh | 16 14 + 2 - 0 !
1 file changed, 14 insertions(+), 2 deletions(-)

 test: make search/valid aware that the behaviour of the kernel changed

The kernel changed referred to also affected timeout/valid, which had
previously been affected by another change. All in all, between 3.8 and 3.12,
kernel returned ENOKEY instead of EKEYEXPIRED.

Bug-Debian: https://bugs.debian.org/768905
Disable tests hitting bug in MIPS kernel 3.19.patch | (download)

tests/keyctl/add/bad-args/runtest.sh | 15 11 + 4 - 0 !
tests/keyctl/newring/bad-args/runtest.sh | 15 11 + 4 - 0 !
tests/keyctl/padd/bad-args/runtest.sh | 15 11 + 4 - 0 !
tests/keyctl/requesting/bad-args/runtest.sh | 15 11 + 4 - 0 !
tests/keyctl/search/bad-args/runtest.sh | 21 14 + 7 - 0 !
tests/keyctl/session/bad-args/runtest.sh | 15 11 + 4 - 0 !
6 files changed, 69 insertions(+), 27 deletions(-)

 mips: fix strnlen_user() return value in case of overlong strings.

This patch disables the problematic tests on MIPS kernels older than 3.19.

Bug-Debian: https://bugs.debian.org/779351
Include limits.h for UINT_MAX.patch | (download)

key.dns_resolver.c | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 include <limits.h> for uint_max

Fixes building with musl libc.

Make build reproducible.patch | (download)

Makefile | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

 make build reproducible

Make the build reproducible by making it possible to set the build date,
instead of embedding the current date.

Drop tests requiring CONFIG_BIG_KEYS.patch | (download)

tests/keyctl/padd/useradd/runtest.sh | 15 0 + 15 - 0 !
1 file changed, 15 deletions(-)

 drop tests requiring config_big_keys

The Debian kernel is not built with CONFIG_BIG_KEYS.

Adjust tests for 3.18 kernel change.patch | (download)

tests/toolbox.inc.sh | 19 14 + 5 - 0 !
1 file changed, 14 insertions(+), 5 deletions(-)

 adjust tests for 3.18 kernel change

Backport a fix from upstream which addresses a change in the maximum
description size (4095 plus a NULL) in the upstream kernel from v3.18
onwards.