kxd - Debian Package Tracker

general

source: kxd (main)
version: 0.17-1
maintainer: Maximiliano Curia (DMD) (LowNMU)
uploaders: Alberto Bertogli [DMD] [DM]
arch: any
std-ver: 4.7.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 0.15-2
stable: 0.15-4
testing: 0.17-1
unstable: 0.17-1

versioned links

0.15-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.15-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.17-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

kxc (1 bugs: 0, 1, 0, 0)
kxd
kxgencert (1 bugs: 0, 1, 0, 0)

action needed

Problems while searching for a new upstream version high

uscan had problems while searching for a new upstream version:

In debian/watch no matching files for watch line
  https://github.com/albertito/kxd/releases /albertito/kxd/archive/(.+)\.tar\.gz

Created: 2021-10-23 Last update: 2025-07-30 17:00

lintian reports 1 error and 7 warnings high

Lintian reports 1 error and 7 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2024-10-12 Last update: 2024-10-12 12:31

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2025-01-06 Last update: 2025-07-30 20:30

31 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit c266fcc98dd9b78d959dfb1bf4c27737869e50be
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Mon Sep 30 20:15:11 2024 +0100

    Update changelog for release 0.17-1

commit 0ad7c2eef92535a555162732289e0497061610ce
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Mon Sep 30 20:12:36 2024 +0100

    New upstream release (0.17)

commit 5bc247828ce458c56eed1f6344d54231fa922876
Merge: 35af1c6 4e671ba
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Mon Sep 30 20:12:22 2024 +0100

    Merge tag 'upstream/0.17'
    
    upstream/0.17

commit 4e671badc2929741c7191f9fa682070eedb7b361
Merge: f06cf13 d08f76c
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Mon Sep 30 20:11:19 2024 +0100

    New upstream version 0.17

commit d08f76c128de6eb0bda742764390afa89a4b4659
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Sun Sep 8 19:15:35 2024 +0100

    kxd: Simplify key path cleanup and checking
    
    The key path cleanup is unnecessary complex and it leaves some weird
    gaps. This patch simplifies it, makes it more streamline and direct, and
    also adds some tests.
    
    The tests are in Go because these conditions can't be reproduced end to
    end, the checks are for defense-in-depth.

commit e7b953e15713ca141059e5d683e4432ea619755c
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Sun Sep 8 11:13:22 2024 +0100

    kxd: Remove unnecessary function NameToString
    
    The function NameToString converts a pkix.Name to a human-friendly string,
    however the default .String method on it is already good enough, and
    very similar in practice to NameToString anyway.
    
    So this patch removes the NameToString function to simplify the code,
    replacing it with pkix.Name.String.

commit 8a9f6a3eb4decc556ea0d9ae36cf0d4b5435f41e
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Sun Sep 8 10:34:47 2024 +0100

    github: Rename default branch master -> main

commit 480b41fca9ff786871be49c828c787ec753640ce
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Fri Aug 16 01:41:41 2024 +0100

    tests: Add tests for sending emails via SMTP
    
    This patch adds basic tests for sending emails via SMTP. It is fairly
    crude, but works well enough to test basic functionality.

commit ccc0a2ab4f2520ce56769c550c58cb64738fab29
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Fri Aug 16 00:56:29 2024 +0100

    tests: Add tests to cover email_to file parsing

commit db33d9297d3b3d3cc6aaf10849189f83770ff3f6
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Fri Aug 16 00:31:24 2024 +0100

    tests: Add tests for some common error cases

commit 2e76d3ba23b9e67cc309837ff603b6d7d85efd6a
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Thu Aug 15 22:53:12 2024 +0100

    tests: Generate code coverage report
    
    This patch adds support to generate a code coverage report from the
    default tests.
    
    It also makes the Github CI do this, and upload the results to codecov.

commit 4492360ed497a8e06e13b76c419e178285c5fa82
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Thu Aug 15 22:35:47 2024 +0100

    Makefile: Add $GOFLAGS support
    
    This patch allows the use of the $GOFLAGS environment variable when
    building the binaries, to help with customization and scripting (e.g.
    for coverage analysis).

commit 32c43082d6b4d5a3b7bc4385c593b61105bc9991
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Thu Aug 15 22:11:11 2024 +0100

    tests: Add cases for specific hostnames, and 127.0.0.1
    
    Currently all tests use `localhost` for server and client certificate
    DNS names.
    
    This patch introduces two new tests to confirm that the validation on
    both server and client works as intended with different hostnames.

commit ff4f9eb720248191bdd3e08d852ee2b29183f0d3
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Thu Aug 15 21:44:53 2024 +0100

    kxc: Support server certs with DNSName=`*`
    
    In Go 1.23, the Go TLS library started to reject certificates with a
    DNSName of `*` (Go commit 375031d8dcec9ae74d2dbc437b201107dba3bb5f).
    
    Unfortunately, the certificates generated before kxgencert existed
    (using openssl to generate self-signed certs) defaulted to create them
    with DNSName `*`.
    
    To ensure that kxc can still talk to servers with those certificates, we
    need to adjust the validation logic to make it ignore the server hostname
    in cases where such a server certificate is expected.

commit 352c4ea43d9167acf1ada6199ce253197691955c
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Thu Aug 15 21:40:44 2024 +0100

    kxgencert: Default -host to `localhost` instead of `*`
    
    Certificates with a DNS name of `*` are invalid, so don't use them as the
    default, and instead default to `localhost`.
    
    Note that in practice the scripts used to generate the certs would have
    enforced an actual hostname.
    
    However, certificates generated before kxgencert existed did use `*`.

commit e35f950a4e904151eddbe071b6381aca7a950ebd
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Thu Aug 15 20:06:30 2024 +0100

    tests: Add tests for DNSNames='*'
    
    In kxd <= 0.16, by default kxgencert (and before than, the equivalent
    scripts) would generate certificates with DNSNames='*', and everything
    worked okay.
    
    But in Go 1.23, the Go TLS library started to reject such certificates
    (Go commit 375031d8dcec9ae74d2dbc437b201107dba3bb5f).
    
    We still want to make sure that the server can handle such certificates,
    as they might still be in use in the wild, so this patch adds an
    explicit test for that scenario.
    
    Note that the tests or the code hasn't been updated to fix the problem
    yet, but having this test will ensure that kxd can handle these certs
    after the fixes.

commit 30c1e2cc4e82f73f822568ec334a22c55575a3c8
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Thu Aug 15 22:13:22 2024 +0100

    Remove GitLab CI config
    
    We no longer use the GitLab CI, so remove its config.

commit 5227cd4759f40d1bbaff7abe6ea1e4aa578f33fa
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Thu Aug 15 10:34:02 2024 +0100

    Minimum supported Go version: 1.21
    
    Update the minimum supported Go version to 1.21 (which was released 1y
    ago), and update the GitHub Actions config accordingly.
    
    While we're not currently using any of the specific features right now,
    the current minimum version of Go 1.15 is a bit misleading since it's
    quite old and not really being tested against in practice.

commit 35af1c615ab767ee603f3b015fcadbc1104c4f23
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Sat Aug 10 17:46:57 2024 +0100

    Update changelog for release 0.16-1

commit 25647c1ffdd41e826b9e8c21af5719a49cf85d06
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Sat Aug 10 17:45:11 2024 +0100

    Standards-Version: 4.7.0

commit 45fe3f2261f90dbf8488fcd3ed58a88b2bb40241
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Sat Aug 10 17:39:17 2024 +0100

    debian/patches: Remove patches that are now upstream

commit ce9bd29d6e2c72477a5ca7f92a7a4ed7efc16457
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Sat Aug 10 17:37:59 2024 +0100

    New upstream release (0.16)

commit 6adead9e027b916a2a183471bf84416d522ec268
Merge: d48d95e f06cf13
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Sat Aug 10 17:37:20 2024 +0100

    Merge tag 'upstream/0.16'
    
    upstream/0.16

commit f06cf13603eef4cb733260c730d61c7aac2fe5c9
Merge: c0e5b3d 2e90543
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Sat Aug 10 17:34:43 2024 +0100

    New upstream version 0.16

commit 2e905432a71462daa90336320b9b5a76e4eba0ba
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Sat Aug 10 17:25:41 2024 +0100

    cryptsetup: Copy /etc/kxc into initramfs only if it exists
    
    Today, the initramfs hook that copies /etc/kxc does so unconditionally.
    
    That fails if the directory doesn't exist, for example if kxc was
    installed but not configured yet.
    
    This patch fixes the issue by only doing the copy if the directory
    exists.
    
    Thanks to Leandro Lucarella for reporting this bug:
    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063700

commit 26069a52958532d8ce481a26218556daf333fffa
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Sat Aug 10 17:17:45 2024 +0100

    tests: Update deprecated ssl.wrap_socket() call
    
    ssl.wrap_socket() has been deprecated and is no longer functional in
    Python 3.12: https://docs.python.org/3/whatsnew/3.12.html#ssl.
    
    This patch replaces it with the equivalent (in this context)
    ssl.SSLContext.

commit d8ed805afe4150b74697c67682a0390dd8317e95
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Wed Aug 23 22:21:35 2023 +0100

    test: Use GitHub actions to run automated tests

commit b3bd2528708d6d47b18f56f4b1b60a6df660cea3
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Wed Aug 23 22:15:21 2023 +0100

    Update auto-formatting calls
    
    This patch updates the auto-formatting calls: it makes gofmt simplify
    code, and makes black have a line limit.
    
    Code is auto-formatted with the new target.

commit ca7d96cc6088cddbdd9904cc8de8192b417a9340
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Wed Aug 23 22:09:55 2023 +0100

    tests: Update test_no_local_cert expected error code
    
    In newer versions of the TLS library, the error code returned when the
    server is requiring a local certificate has changed.
    
    This patch updates the tests accordingly.

commit 118686af2ef707c19a1e0578363e7f54a5226e46
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Mon Oct 25 12:49:04 2021 +0100

    test: Use GitLab CI instead of Travis
    
    Travis is shutting down its open source CI, so this patch moves kxd to
    GitLab CI.

commit e5b1abe3b5dc235b083953e8fba01a0acf53e484
Author: Alberto Bertogli <albertito@blitiri.com.ar>
Date:   Mon Oct 25 12:26:02 2021 +0100

    Add Go modules information
    
    Newer Go compilers need a main module to exist in order to build
    binaries, so this patch adds it.
    
    Since there are no external dependencies, there is no `go.sum` file.

Created: 2024-08-10 Last update: 2025-07-27 09:00

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.7.0).

Created: 2025-02-21 Last update: 2025-02-27 13:25

news

[rss feed]

[2024-10-17] kxd 0.17-1 MIGRATED to testing (Debian testing watch)
[2024-10-11] Accepted kxd 0.17-1 (source) into unstable (Alberto Bertogli)
[2024-08-16] kxd 0.16-1 MIGRATED to testing (Debian testing watch)
[2024-08-11] Accepted kxd 0.16-1 (source) into unstable (Alberto Bertogli) (signed by: Maximiliano Curia)
[2024-03-12] kxd REMOVED from testing (Debian testing watch)
[2023-08-29] kxd 0.15-4.1 MIGRATED to testing (Debian testing watch)
[2023-08-24] Accepted kxd 0.15-4.1 (source) into unstable (Shengjing Zhu)
[2022-09-06] kxd 0.15-4 MIGRATED to testing (Debian testing watch)
[2022-09-04] Accepted kxd 0.15-4 (source) into unstable (Alberto Bertogli) (signed by: Nilesh Patra)
[2021-11-26] kxd 0.15-3 MIGRATED to testing (Debian testing watch)
[2021-11-20] Accepted kxd 0.15-3 (source) into unstable (Alberto Bertogli) (signed by: Shengjing Zhu)
[2021-01-24] kxd 0.15-2 MIGRATED to testing (Debian testing watch)
[2021-01-19] Accepted kxd 0.15-2 (source) into unstable (Shengjing Zhu)
[2021-01-18] Accepted kxd 0.15-1 (source amd64) into unstable, unstable (Debian FTP Masters) (signed by: Shengjing Zhu)
[2020-11-12] kxd REMOVED from testing (Debian testing watch)
[2020-04-10] kxd 0.14-2 MIGRATED to testing (Debian testing watch)
[2020-04-05] Accepted kxd 0.14-2 (source) into unstable (Maximiliano Curia)
[2019-10-03] Accepted kxd 0.14-1 (source) into unstable (Maximiliano Curia)
[2017-08-07] kxd 0.13+git20170730.6182dc8-1 MIGRATED to testing (Debian testing watch)
[2017-08-02] Accepted kxd 0.13+git20170730.6182dc8-1 (source) into unstable (Maximiliano Curia)
[2015-04-27] kxd 0.12-4 MIGRATED to testing (Britney)
[2015-03-20] Accepted kxd 0.12-4 (source amd64) into unstable (Maximiliano Curia)
[2014-10-15] kxd 0.12-3 MIGRATED to testing (Britney)
[2014-10-06] Accepted kxd 0.12-3 (source amd64) into unstable (Maximiliano Curia)
[2014-07-24] kxd 0.12-2 MIGRATED to testing (Britney)
[2014-07-18] Accepted kxd 0.12-2 (source amd64) (Maximiliano Curia)

bugs [bug history graph]

all: 2
RC: 0
I&N: 2
M&W: 0
F&P: 0
patch: 2

links

homepage
lintian (1, 7)
buildd: logs, checks, reproducibility, cross
popcon
browse source code
edit tags
other distros
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.17-1
1 bug