commit bfbf8dfb73d1a6dd5b7a710d582f68c5eb815aef Author: Geert Stappers <stappers@debian.org> Date: Sat Nov 19 20:07:08 2022 +0100 About to release 2.19 modified: debian/changelog commit 8e32c4a713cdc6e0a9a96009fdd3ca3513e5b7c3 Author: Geert Stappers <stappers@debian.org> Date: Sat Nov 19 20:05:03 2022 +0100 Deb helper version 10 As adviced by Lintian modified: debian/changelog modified: debian/control commit b5cc3ed62ecabe7c298763434811d344c3cbe9b1 Author: Geert Stappers <stappers@debian.org> Date: Sat Nov 19 18:00:38 2022 +0100 tar --strip-components=1 -xf ../radvd_2.19.orig.tar.xz Reverts some deletes of commit 6e3143fb191387cd7d7413 new file: .gitignore new file: compile new file: redhat/SysV/radvd.spec new file: redhat/systemd/radvd.spec new file: test-driver Now is `sbuild` happy again. ( Now only lintian reports W: radvd source: no-versioned-debhelper-prerequisite 10 ) commit fa3c12bf4aad54f068c85cd6cf7ee71be1dae77f Author: Geert Stappers <stappers@debian.org> Date: Sat Nov 19 17:52:08 2022 +0100 New debian/watch file, supports sign. verification $ uscan uscan: Newest version of radvd on remote site is 2.19, local version is 2.something uscan: => Newer package available from: => https://github.com/radvd-project/radvd/releases/download/v2.19/radvd-2.19.tar.xz gpgv: Signature made do 21 jan 2021 01:00:44 CET gpgv: using RSA key BDEBB6A52F156FDF3168D91119395F23C58826C4 gpgv: Good signature from "Robin Hugh Johnson <robin.johnson@bc.libraries.coop>" Leaving ../radvd_2.19.orig.tar.xz where it is. $ commit 6e3143fb191387cd7d7413ac285ebe4f08f76f1e Author: Geert Stappers <stappers@debian.org> Date: Sat Nov 19 15:21:07 2022 +0100 Removed what is NOT in the tar ball To make `sbuild` it possible. deleted: Makefile.in deleted: aclocal.m4 deleted: compile deleted: config.guess deleted: config.h.in deleted: config.sub deleted: configure deleted: depcomp deleted: install-sh deleted: missing deleted: redhat/SysV/radvd.spec deleted: redhat/systemd/radvd.spec deleted: test-driver deleted: ylwrap commit ebaf8cabb5663a031fc25cb4bccd31539ccd0836 Author: Geert Stappers <stappers@debian.org> Date: Sun Apr 10 22:12:28 2022 +0200 Start working on 2.19 release Nothing new for us. Need to remove a debian patch commit dc73c2c3b1bec3133bd043226f7cfc6d0c7e376c Author: Geert Stappers <stappers@debian.org> Date: Fri Apr 8 18:29:19 2022 +0200 The signing key story continues 17:27 < stappers> In other words: radvd is signed by robin.johnson@bc.libraries.coop, not robbat2@gentoo.org 17:28 < stappers> Please correct me if I'm wrong 17:58 < robbat2> stappers: signatures are made by a specific key, and the key has zero or more emails 17:58 < robbat2> if you do: gpg --list-keys BDEBB6A52F156FDF3168D91119395F23C58826C4 |grep uid 17:59 < robbat2> you'll see 6 active emails for that primary key 18:28 < stappers> With the pubkey I fetch from key server: 18:28 < stappers> $ gpg --list-keys BDEBB6A52F156FDF3168D91119395F23C58826C4 |grep uid 18:28 < stappers> uid [ unknown] Robin Hugh Johnson <robin.johnson@bc.libraries.coop> 18:28 < stappers> 18:28 < stappers> only 1 uid commit 7c6cf00dd3111f4ea1d955f8910c4c714222f81e Merge: 4ea66df 0ec7e6f Author: Geert Stappers <stappers@debian.org> Date: Fri Apr 8 18:05:01 2022 +0200 Update upstream source from tag 'upstream/2.19' Update to upstream version '2.19' with Debian dir 893ca33bb110b7392ada61c7d2d70b5b2a35b552 commit 0ec7e6f359ab9aa8f78875202cb52138d0d6557c Author: Geert Stappers <stappers@debian.org> Date: Fri Apr 8 18:05:00 2022 +0200 New upstream version 2.19 commit 4ea66df9ec13d53ebbae0b7d2054afa9f0a10a80 Author: Geert Stappers <stappers@debian.org> Date: Fri Apr 8 18:01:21 2022 +0200 retitled this branch commit 31baeea235c57ed801dd64d704d8d78822e4cf36 Author: Geert Stappers <stappers@debian.org> Date: Fri Apr 8 17:59:40 2022 +0200 Dropped the debian directory from this branch named "upstream". commit 3f29277bf49c726462181b860f563650726edd50 Author: Geert Stappers <stappers@debian.org> Date: Fri Apr 8 17:41:48 2022 +0200 Got `uscan` working again, finaly. commit 884cb66cf2e47aeb4030d4ba3a14feb3b96e9ccc Author: Geert Stappers <stappers@debian.org> Date: Fri Apr 8 17:17:03 2022 +0200 Other signing key from upstream sh| stappers@trancilo:~/src/radvd sh| $ LANG=C uscan sh| uscan: Newest version of radvd on remote site is 2.19, local version is 2.18 sh| uscan: => Newer package available from: sh| => https://github.com/radvd-project/radvd/releases/download/v2.19/radvd-2.19.tar.xz sh| gpgv: Signature made Thu Jan 21 01:00:44 2021 CET sh| gpgv: using RSA key BDEBB6A52F156FDF3168D91119395F23C58826C4 sh| gpgv: Can't check signature: No public key sh| uscan die: OpenPGP signature did not verify. at /usr/share/perl5/Devscripts/Uscan/Output.pm line 60. sh| stappers@trancilo:~/src/radvd sh| $ cd debian/upstream/ sh| stappers@trancilo:~/src/radvd/debian/upstream sh| $ wget -O signing-key.asc https://keys.openpgp.org/vks/v1/by-fingerprint/BDEBB6A52F156FDF3168D91119395F23C58826C4 sh| --2022-04-08 17:10:37-- https://keys.openpgp.org/vks/v1/by-fingerprint/BDEBB6A52F156FDF3168D91119395F23C58826C4 sh| Herleiden van keys.openpgp.org (keys.openpgp.org)... 2a00:c6c0:0:154:1::1, 37.218.245.50 sh| Verbinding maken met keys.openpgp.org (keys.openpgp.org)|2a00:c6c0:0:154:1::1|:443... verbonden. sh| HTTP-verzoek is verzonden; wachten op antwoord... 200 OK sh| Lengte: 22383 (22K) [application/pgp-keys] sh| Wordt opgeslagen als: ‘signing-key.asc’ sh| sh| signing-key.asc 100%[=======================================================>] 21,86K --.-KB/s in 0,002s sh| sh| 2022-04-08 17:10:38 (10,5 MB/s) - '‘signing-key.asc’' opgeslagen [22383/22383] sh| sh| stappers@trancilo:~/src/radvd/debian/upstream sh| $ cd - sh| /home/stappers/src/radvd sh| stappers@trancilo:~/src/radvd sh| $ uscan sh| uscan: Newest version of radvd on remote site is 2.19, local version is 2.18 sh| uscan: => Newer package available from: sh| => https://github.com/radvd-project/radvd/releases/download/v2.19/radvd-2.19.tar.xz sh| gpgv: Signature made do 21 jan 2021 01:00:44 CET sh| gpgv: using RSA key BDEBB6A52F156FDF3168D91119395F23C58826C4 sh| gpgv: Good signature from "Robin Hugh Johnson <robin.johnson@bc.libraries.coop>" sh| Successfully symlinked ../radvd-2.19.tar.xz to ../radvd_2.19.orig.tar.xz. sh| stappers@trancilo:~/src/radvd sh| $ IRC| Day changed to 07 apr 2022 IRC| 19:16 < stappers> $ gpg --search robbat2@gentoo.org IRC| 19:16 < stappers> gpg: error searching keyserver: Server indicated a failure IRC| 19:16 < stappers> gpg: keyserver search failed: Server indicated a failure IRC| 19:17 < stappers> robbat2: Where to get the public key that you are using for signing radvd releases? IRC| 19:21 < robbat2> what keyserver are you using? since the end of SKS, it's harder in many cases IRC| 19:22 < robbat2> https://keys.openpgp.org/search?q=robbat2%40gentoo.org IRC| 19:22 < robbat2> should work fine for you IRC| 19:27 * stappers got signing-key.asc thanks IRC| Day changed to 08 apr 2022 IRC| 17:26 -!- Irssi: Pasting 7 lines to #radvd. Press Ctrl-K if you wish to do this or Ctrl-C to cancel. IRC| 17:26 < stappers> | $ uscan IRC| 17:26 < stappers> | uscan: Newest version of radvd on remote site is 2.19, local version is 2.18 IRC| 17:26 < stappers> | uscan: => Newer package available from: IRC| 17:26 < stappers> | => https://github.com/radvd-project/radvd/releases/download/v2.19/radvd-2.19.tar.xz IRC| 17:26 < stappers> | gpgv: Signature made do 21 jan 2021 01:00:44 CET IRC| 17:26 < stappers> | gpgv: using RSA key BDEBB6A52F156FDF3168D91119395F23C58826C4 IRC| 17:26 < stappers> | gpgv: Good signature from "Robin Hugh Johnson <robin.johnson@bc.libraries.coop>" IRC| 17:27 < stappers> In other words: radvd is signed by robin.johnson@bc.libraries.coop, not robbat2@gentoo.org IRC| 17:28 < stappers> Please correct me if I'm wrong commit 205537e114886c9604ebc48cd3cee1460dfc6ffa Author: Geert Stappers <stappers@debian.org> Date: Thu Apr 7 20:11:05 2022 +0200 New signing key IRC-log: 19:16 < stappers> $ gpg --search robbat2@gentoo.org 19:16 < stappers> gpg: error searching keyserver: Server indicated a failure 19:16 < stappers> gpg: keyserver search failed: Server indicated a failure 19:17 < stappers> robbat2: Where to get the public key that you are using for signing radvd releases? 19:21 < robbat2> what keyserver are you using? since the end of SKS, it's harder in many cases 19:22 < robbat2> https://keys.openpgp.org/search?q=robbat2%40gentoo.org 19:22 < robbat2> should work fine for you Did visit the URL and next $ wget -O signing-key.asc https://keys.openpgp.org/vks/v1/by-fingerprint/11ACBA4F4778E3F6E4EDF38EB27B944E34884E85 commit c4bb0a57d06dc134aa3363b512e43bee80473c27 Author: Geert Stappers <stappers@debian.org> Date: Wed Apr 6 15:07:11 2022 +0200 uscan github.com upstream moved to github.com (signature of upstream has still to be changed) commit ae03f93862bf853f80dbd3238948b5b1d37e6d0b Author: Geert Stappers <stappers@debian.org> Date: Fri Feb 5 22:22:22 2021 +0100 Support /etc/default/radvd Incase there is a /etc/default/radvd do source it. To make it possible that user can have configuration, that wouldn't be overwritten with by an `apt` upgrade. commit 4e762f020101bb407e755b12ad83c284bf1d94ad Author: Geert Stappers <stappers@debian.org> Date: Mon Dec 7 08:14:10 2020 +0100 2.18-3 Correct install of radvd.service #976694
Among the 4 debian patches available in version 1:2.19-1 of the package, we noticed the following issues: