onak - Debian Package Tracker

general

source: onak (main)
version: 0.6.4-1
maintainer: Jonathan McDowell (DMD)
arch: any
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.6.1-1
oldstable: 0.6.2-1
stable: 0.6.3-1
testing: 0.6.4-1
unstable: 0.6.4-1

versioned links

0.6.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.6.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.6.3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.6.4-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

onak (1 bugs: 0, 1, 0, 0)

action needed

Depends on packages which need a new maintainer normal

The packages that onak depends on which need a new maintainer are:

db5.3 (#1055356)
- Depends: libdb5.3t64
db-defaults (#1055344)
- Suggests: db-util

Created: 2023-11-04 Last update: 2026-06-01 01:30

26 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 8d3e72630950fcb37d30eefa810210edd054581a
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sat May 30 17:48:56 2026 +0100

    Handle error reading updated key in keyd
    
    If we get an error reading the updated key to store from the client,
    don't try and store what we've got and return that there was a problem.

commit 10819fabd114dd6fd4a863f2942ce622f96c33ca
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sat May 30 16:00:43 2026 +0100

    Make new style config path match old path
    
    If XDG_CONFIG_HOME is not set we'd look for onak.conf in ~/.config/ but
    onak.in in ~/. We should use ~/.config/ for both.

commit 3870f04a92a8f205984c45d6be64b75b7a4af9b3
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sat May 30 15:58:14 2026 +0100

    Fix old style config parsing for sighash checks
    
    We need to check 14 characters, not 9. The full signature checks are
    what we do by default, and this is from old style configs, but fix for
    correctness.

commit 142780797282bccc1bb36a2e49ab1486d674d7b7
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sat May 30 11:12:51 2026 +0100

    Fix length calculation for dynamic DB init function
    
    We care about the type, not the name, here. The actual population was
    correct, just not how we worked out how long it might be. (Generally the
    name is longer than the type which is why a problem hasn't been seen in
    use.)

commit 9156b5929abb2b193260277bf8ee00b4add7d9f5
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sat May 30 11:07:54 2026 +0100

    Fix string marshalling
    
    string is a pointer already, we don't want to marshal the address of it.
    As this is a currently unused function this didn't actually cause
    problems at present.

commit 5bf78412984e9f04a14bd0b53848e97d691a665b
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sat May 30 11:04:47 2026 +0100

    Correctly return the number of keys iterated over for keyring backend
    
    This *should* just be privctx->count, but let's actually count the
    number of times we call iterfunc(). Previously we failed to increment
    count and always returned 0.

commit 8a482f70de5c0d96fba180e9951f22b0579bc40a
Author: Jonathan McDowell <noodles@earth.li>
Date:   Fri May 29 22:39:50 2026 +0100

    Ensure the file backend avoids stale key data
    
    We failed to use O_TRUNC when opening the key file for storing data,
    which meant if the new key file was smaller than the old one we'd have
    some stale data left at the end.

commit 2cde2e35b50f91082a70524469d6a201660ce952
Author: Jonathan McDowell <noodles@earth.li>
Date:   Fri May 29 20:10:52 2026 +0100

    Correctly close file after read in onak_read_openpgp_file()
    
    We opened the file, read it, then never closed it. Do so.

commit a9a2e1bdebf9f0f56d57a6e4498b2d58ca340d59
Author: Jonathan McDowell <noodles@earth.li>
Date:   Fri May 29 20:08:14 2026 +0100

    Fix EdDSA signature parsing when r < 249 bits long
    
    We have code that correctly shifts s when it's less than 249 bits long
    (i.e. takes up less than 32 bytes), but the code to do the same for r
    ended up overwriting s. This would have caused a signature to fail to
    validate. Correct the indexes.

commit 07e591bb4e3800fbf72814ea0d9719914c2159aa
Author: Jonathan McDowell <noodles@earth.li>
Date:   Fri May 29 20:03:28 2026 +0100

    Fix linked list object deletion
    
    The lldel() function only actually worked if the object was the first or
    second element of the list. Otherwise we'd end up in an infinite loop.
    It's not actually used anywhere in the code, but make it actually do
    what it's supposed to. Also add a comment about the fact we don't free
    the object itself.

commit e30119f8c65e5b085383346008a89f708acf902e
Author: Jonathan McDowell <noodles@earth.li>
Date:   Thu May 28 22:19:05 2026 +0100

    Correctly end transactions in the stacked backend
    
    Our backend stacking failed to end transactions, instead starting a new
    transaction again (and no doubt failing). Correct this cut&paste error.

commit c600f63019360ff49b437420c2e550f5bad3eabd
Author: Jonathan McDowell <noodles@earth.li>
Date:   Thu May 28 22:17:15 2026 +0100

    Fix RSA-SHA2-384 DER prefix
    
    There was a cut&paste error that had truncated the final byte, so it
    ended up as 0x3 instead of 0x30. This would have caused verification of
    RSA-SHA2-384 signatures to fail.

commit 9fbe40c3972bf0fa82a2eecc5e3755bf51b811fe
Author: Jonathan McDowell <noodles@earth.li>
Date:   Thu May 28 09:08:07 2026 +0100

    Fix unescape_url to prevent potential read beyond the end of the input
    
    If we hit a % escape at the last, or second last, character in the input
    string then we'll try to read beyond the end to decode the complete hex
    character. Check to make sure we have enough input characters left
    before we attempt the decode.

commit 8a945279e299ff273d3fcceb6d9d3ed28784030d
Author: Jonathan McDowell <noodles@earth.li>
Date:   Wed May 27 22:02:25 2026 +0100

    Fix up log formatting strings
    
    The GitHub code scanning tooling is complaining the calls to logthing()
    aren't always using the correct format strings. None of this looks
    critical - it's logging sizes - but fix it up anyway for correctness.

commit b20f9b41d2a1190150a964c3faa7642853190a1e
Author: Jonathan McDowell <noodles@earth.li>
Date:   Wed May 27 21:48:25 2026 +0100

    Try to fix GitHub workflow permissions
    
    Apparently we should limit the permissions of the workflow. All we're
    trying to do is test builds, so hopefully read permission does the
    trick.

commit 6e8fa9a074e763da766c676ac982e4c4164c3e8f
Author: Jonathan McDowell <noodles@earth.li>
Date:   Wed May 27 21:42:21 2026 +0100

    Drop spurious extra "return" in keyd code
    
    We've returned 2 lines earlier, so this is just dead code.

commit e149ff83f06a52acd538c3a32b0c24786572ca70
Author: Jonathan McDowell <noodles@earth.li>
Date:   Wed May 27 21:40:43 2026 +0100

    Switch from malloc to calloc to avoid potential overflow
    
    We shouldn't be dealing with values large enough here that we'll
    overflow a 32 bit calculation, but this is logically better so change
    over.

commit 79b5d20aa8771147eb3936c6b4e422bafa3f0085
Author: Jonathan McDowell <noodles@earth.li>
Date:   Wed May 27 21:38:01 2026 +0100

    Fix parsing of new config details for DB parameters
    
    We didn't put the hostname/username/password in the right structure
    elements. This is only going to have affected PostgreSQL (really need to
    get some automated testing of that) thankfully.

commit 86a182849b4315a80a04286dbddfa1ae74368c44
Author: Jonathan McDowell <noodles@earth.li>
Date:   Wed May 27 21:37:14 2026 +0100

    Fix migration of bools from old to new config style
    
    Correctly use the truth value, rather than the name, and avoid always
    setting these variables to true in a migration.

commit e7938547e48981b724356a509853302684f1e1d6
Author: Jonathan McDowell <noodles@earth.li>
Date:   Wed May 27 21:36:15 2026 +0100

    Fix decoding of v2/3 signature creation times
    
    We were resetting the creation details with each byte, rather than
    correctly adding and shifting. v2/3 key support should really be dead,
    but fix it anyway.

commit 2c35d9cfce27df8de1abde8d5a01ef01d64dd39a
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sun Nov 2 17:41:29 2025 +0000

    Handle failures in maxpath more gracefully
    
    If we don't have the initial seed key, or we can't find a max path to
    anywhere (e.g. just a single key is present), then detect that and
    output a suitable error rather than crashing.

commit d8014158df323cb419b7979dc4f744ae44de695c
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sun Nov 2 17:10:31 2025 +0000

    Fix sixdegrees parsing of keyids with high bit set
    
    Key IDs are 64-bit unsigned values, so use strtoull so we correctly
    parse keys that have their high bit set.

commit 9774af4358e653111ea37a331a93249aede3eb3d
Author: Jonathan McDowell <noodles@earth.li>
Date:   Fri Oct 31 19:05:59 2025 +0000

    Make DB4 backend quieter when num_keydb file is missing
    
    This file tells us how many DB4 files we're sharding across for actual
    key storage. If it's not found, we create it. Only log an error if it's
    not that the file doesn't exist.

commit 4dc6eae2858230e1ac89a08fc32b3c15c213f7ce
Author: Jonathan McDowell <noodles@earth.li>
Date:   Fri Oct 31 18:40:48 2025 +0000

    Add a generic key deletion test case
    
    Our existing deletion tests look for artefacts in the key database
    directory. We can also generically check that a key is no longer found
    after being deleted.

commit aa301e6537ef6ba67efd76b493779e9798f8ec42
Author: Jonathan McDowell <noodles@earth.li>
Date:   Fri Oct 31 15:22:49 2025 +0000

    Add a dummy skeleton keydb backend
    
    We want to add Lightning Memory-Mapped DB + SQLite3 backends, so let's
    start by added a skeleton we can work from.

commit 8fa7fc4f9494e30508152e14f657ffd0413ffe36
Author: Jonathan McDowell <noodles@earth.li>
Date:   Fri Oct 31 14:32:28 2025 +0000

    CMake: Configure to export compilation commands
    
    Create a compile_commands.json file listing the compilation commands,
    allowing for LSP tools like ccls to correctly navigate their way around
    the code.

Created: 2025-11-02 Last update: 2026-05-31 12:01

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.4 instead of 4.7.2).

Created: 2025-12-23 Last update: 2026-03-31 15:01

news

[rss feed]

[2025-09-14] onak 0.6.4-1 MIGRATED to testing (Debian testing watch)
[2025-09-07] Accepted onak 0.6.4-1 (source) into unstable (Jonathan McDowell)
[2023-10-12] onak 0.6.3-1 MIGRATED to testing (Debian testing watch)
[2023-10-01] Accepted onak 0.6.3-1 (source) into unstable (Jonathan McDowell)
[2022-12-08] onak 0.6.2-1 MIGRATED to testing (Debian testing watch)
[2022-11-27] Accepted onak 0.6.2-1 (source) into unstable (Jonathan McDowell)
[2020-09-23] onak 0.6.1-1 MIGRATED to testing (Debian testing watch)
[2020-09-13] Accepted onak 0.6.1-1 (source) into unstable (Jonathan McDowell)
[2016-09-08] onak 0.5.0-1 MIGRATED to testing (Debian testing watch)
[2016-08-28] Accepted onak 0.5.0-1 (source amd64) into unstable (Jonathan McDowell)
[2015-09-11] onak 0.4.6-1 MIGRATED to testing (Britney)
[2015-08-31] Accepted onak 0.4.6-1 (source amd64) into unstable (Jonathan McDowell)
[2014-10-16] onak 0.4.5-2 MIGRATED to testing (Britney)
[2014-10-05] Accepted onak 0.4.5-2 (source amd64) into unstable (Jonathan McDowell)
[2014-10-03] Accepted onak 0.4.5-1 (source amd64) into unstable (Jonathan McDowell)
[2014-09-30] Accepted onak 0.4.4-1 (source amd64) into unstable (Jonathan McDowell)
[2014-09-30] Accepted onak 0.4.3-1 (source amd64) into unstable (Jonathan McDowell)
[2013-10-12] onak 0.4.2-1 MIGRATED to testing (Debian testing watch)
[2013-10-01] Accepted onak 0.4.2-1 (source amd64) (Jonathan McDowell)
[2012-05-05] onak 0.4.1-1 MIGRATED to testing (Debian testing watch)
[2012-04-25] Accepted onak 0.4.1-1 (source amd64) (Jonathan McDowell)
[2011-04-30] onak 0.4.0-1 MIGRATED to testing (Debian testing watch)
[2011-04-20] Accepted onak 0.4.0-1 (source amd64) (Jonathan McDowell)
[2010-01-10] onak 0.3.8-1 MIGRATED to testing (Debian testing watch)
[2009-12-30] Accepted onak 0.3.8-1 (source amd64) (Jonathan McDowell)
[2009-06-27] Accepted onak 0.3.6-2 (source amd64) (Jonathan McDowell)
[2009-06-13] onak 0.3.7-1 MIGRATED to testing (Debian testing watch)
[2009-06-11] Accepted onak 0.3.6-2 (source amd64) (Jonathan McDowell)
[2009-06-02] Accepted onak 0.3.7-1 (source amd64) (Jonathan McDowell)
[2008-06-18] onak 0.3.6-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 2
RC: 0
I&N: 2
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian
buildd: logs, reproducibility, cross
popcon
browse source code
other distros
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.6.4-1build1
2 bugs