git » debian:kxd » commit 03dc3a9

diff --git a/debian/patches/upstream_scripts-Fix-kxd-add-client-key-missing-fi-and-wrong-.patch b/debian/patches/upstream_scripts-Fix-kxd-add-client-key-missing-fi-and-wrong-.patch
index be2f0cb..1f0a3ed 100644
--- a/debian/patches/upstream_scripts-Fix-kxd-add-client-key-missing-fi-and-wrong-.patch
+++ b/debian/patches/upstream_scripts-Fix-kxd-add-client-key-missing-fi-and-wrong-.patch
@@ -1,8 +1,6 @@
-From 65d281acfc99d0c67bfc2e7d5c1582f79f9dcb3a Mon Sep 17 00:00:00 2001
 From: Alberto Bertogli <albertito@blitiri.com.ar>
 Date: Sun, 13 Jul 2014 14:31:23 +0100
-Subject: [PATCH] scripts: Fix kxd-add-client-key missing "fi" and wrong
- variable
+Subject: scripts: Fix kxd-add-client-key missing "fi" and wrong variable
 
 Somehow, scripts/kxd-add-client-key is missing a "fi" to close the "if"
 statement, and uses $SERVER instead of $CLIENT in a couple of places.
@@ -40,6 +38,3 @@ index eff0d56..dbeb958 100755
  
  echo "Creating directory ($CONFIGPATH)"
  mkdir -p "$CONFIGPATH"
--- 
-2.0.1
-
diff --git a/debian/patches/upstream_tests-Use-LOGNAME-instead-of-os.getlogin.patch b/debian/patches/upstream_tests-Use-LOGNAME-instead-of-os.getlogin.patch
index f5e2689..eae8827 100644
--- a/debian/patches/upstream_tests-Use-LOGNAME-instead-of-os.getlogin.patch
+++ b/debian/patches/upstream_tests-Use-LOGNAME-instead-of-os.getlogin.patch
@@ -1,7 +1,6 @@
-From 2af6c0892cf34ca25e66cc7be328b75d6444970c Mon Sep 17 00:00:00 2001
 From: Alberto Bertogli <albertito@blitiri.com.ar>
 Date: Thu, 17 Jul 2014 23:38:40 +0100
-Subject: [PATCH] tests: Use $LOGNAME instead of os.getlogin()
+Subject: tests: Use $LOGNAME instead of os.getlogin()
 
 The tests use os.getlogin() to get the user they're running under, which is
 used just for informational names to make troubleshooting easier.
@@ -51,6 +50,3 @@ index a967b3e..23bfadf 100755
                       "-extensions", "v3_ca", "-nodes",
                       "-keyout", "cakey.pem",
                       "-out", "cacert.pem"],
--- 
-2.0.1
-
diff --git a/debian/patches/upstream_tests-assert-negociated b/debian/patches/upstream_tests-assert-negociated
index e35df05..e29acad 100644
--- a/debian/patches/upstream_tests-assert-negociated
+++ b/debian/patches/upstream_tests-assert-negociated
@@ -1,22 +1,23 @@
-commit a3195ebb69084ea7365324ef69f96ad17c5bd4ae
-Author: Alberto Bertogli <albertito@blitiri.com.ar>
-Date:   Sun Oct 5 21:45:13 2014 +0100
+From: Alberto Bertogli <albertito@blitiri.com.ar>
+Date: Tue, 23 Aug 2016 09:50:56 +0200
+Subject: tests: Assert negotiated cipher secret size >= 128 bits
 
-    tests: Assert negotiated cipher secret size >= 128 bits
-    
-    Currently, the tests assert that the negotiated cipher secret size is > 128
-    bits. Due to recent changes (probably in openssl), in Debian testing we end up
-    negotiating ECDHE-RSA-AES128-GCM-SHA256 which has a 128 bit key.
-    
-    That causes the test to fail.
-    
-    There's nothing wrong with 128 bit keys in this context, and probably the
-    original intention was to use >= but got stuck with > as it worked.
-    
-    While the value of this check is arguable, let's keep it for now, just
-    changing the check to >= so 128 bit secrets don't cause the test to fail.
-    
-    Signed-off-by: Alberto Bertogli <albertito@blitiri.com.ar>
+Currently, the tests assert that the negotiated cipher secret size is > 128
+bits. Due to recent changes (probably in openssl), in Debian testing we end up
+negotiating ECDHE-RSA-AES128-GCM-SHA256 which has a 128 bit key.
+
+That causes the test to fail.
+
+There's nothing wrong with 128 bit keys in this context, and probably the
+original intention was to use >= but got stuck with > as it worked.
+
+While the value of this check is arguable, let's keep it for now, just
+changing the check to >= so 128 bit secrets don't cause the test to fail.
+
+Signed-off-by: Alberto Bertogli <albertito@blitiri.com.ar>
+---
+ tests/run_tests | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
 
 diff --git a/tests/run_tests b/tests/run_tests
 index 23bfadf..85531ee 100755
diff --git a/debian/patches/upstream_tests_fix_ssl_validation_in_test_tricky b/debian/patches/upstream_tests_fix_ssl_validation_in_test_tricky
index 4204000..321dfa8 100644
--- a/debian/patches/upstream_tests_fix_ssl_validation_in_test_tricky
+++ b/debian/patches/upstream_tests_fix_ssl_validation_in_test_tricky
@@ -1,20 +1,21 @@
-commit e0d577c780ce7591040dc6b68b270cb80bc556b8
-Author: Alberto Bertogli <albertito@blitiri.com.ar>
-Date:   Thu Mar 12 20:08:30 2015 +0000
+From: Alberto Bertogli <albertito@blitiri.com.ar>
+Date: Tue, 23 Aug 2016 09:50:56 +0200
+Subject: tests: Fix SSL validation in test_tricky
 
-    tests: Fix SSL validation in test_tricky
-    
-    test_tricky uses httplib to create a client, which used to not validate the
-    server certificate.
-    
-    Python 2.7.9 changes that, and now the test fail because the client cannot
-    validate the server.
-    
-    The problem is that to fix this, we need to use the new "context" parameter
-    which is not backwards-compatible. So we have to add a little version-specific
-    code to work around this.
-    
-    Signed-off-by: Alberto Bertogli <albertito@blitiri.com.ar>
+test_tricky uses httplib to create a client, which used to not validate the
+server certificate.
+
+Python 2.7.9 changes that, and now the test fail because the client cannot
+validate the server.
+
+The problem is that to fix this, we need to use the new "context" parameter
+which is not backwards-compatible. So we have to add a little version-specific
+code to work around this.
+
+Signed-off-by: Alberto Bertogli <albertito@blitiri.com.ar>
+---
+ tests/run_tests | 23 +++++++++++++++++++----
+ 1 file changed, 19 insertions(+), 4 deletions(-)
 
 diff --git a/tests/run_tests b/tests/run_tests
 index 85531ee..81de253 100755