Comment 1 Jeroen Roovers (RETIRED) 2008-10-28 07:10:35 UTC

This requires a currently ~arch version of sys-devel/autoconf to go stable.

Comment 2 Michael Hammer (RETIRED) 2008-10-28 07:17:14 UTC

bug #217647 is closed and therefore autoconf-2.62 is going to be stable soon. It would be nice to stabalize heimdal with it because the actual stable is really old and there are a lot of issues with it.

thx, mueli

Comment 3 Torsten Veller (RETIRED) 2008-10-29 10:53:40 UTC

So we have to change the dependency in the stable ebuild 0.7.2-r3 to:
|| ( ( >sys-libs/e2fsprogs-libs-1.40.11 ) ( sys-libs/com_err sys-libs/ss ) )
until we can stabilize -1.2.1-r1.

Comment 4 Michael Hammer (RETIRED) 2008-10-29 11:34:03 UTC

I can change this - but I have to test first if heimdal-0.7.2 compiles with stable e2fsprogs-libs.

one moment ...

heimdal 1.2 compiles fine with e2fsprogs-libs.

are you sure, that it is necessary to let 0.7 depend on e2fsprogs-libs? i assume that most people have already replaced their ss/com-err installation with e2fsprogs-libs without any problems. a stabilized heimdal 1.2 can introduce the dependency on e2fsprogs-libs.

Comment 6 Michael Hammer (RETIRED) 2008-10-30 07:48:01 UTC

See bug #244511 and bug #234907 to get a feeling for all the noise produced atm because of stable packages depending on com_err and ss.

Comment 7 Jeremy Olexa (darkside) (RETIRED) 2008-10-31 14:16:08 UTC

(In reply to comment #6)
> See bug #244511 and bug #234907 to get a feeling for all the noise produced atm
> because of stable packages depending on com_err and ss.
> 

So, what is the status *currently* ? thx =)

Comment 8 Michael Hammer (RETIRED) 2008-10-31 14:48:57 UTC

See dependency - I've now opened a STABLEREQ for autoconf-2.62 to continue this stabalization.

g, mueli

Comment 9 Jeremy Olexa (darkside) (RETIRED) 2008-12-08 00:04:56 UTC

Well, I guess there is nothing to do here until autoconf-2.62 is stabled. Removing arches for now, please add them back when ready. Thanks.

Comment 10 Michael Hammer (RETIRED) 2009-01-09 07:39:25 UTC

Please stabalize

greets, mueli

Comment 11 Brent Baude (RETIRED) 2009-01-09 14:42:37 UTC

I'm getting a test failure with this.  Anyone similar?

Load database for mit-pkinit-20070607
Doing database check
kdc replay
processing request from IPv4:141.211.133.26, 192 bytes
processing request from IPv4:141.211.133.26, 2100 bytes
2009-01-09T08:19:17 label: default
2009-01-09T08:19:17     dbname: ../../tests/can/current-db
2009-01-09T08:19:17     mkey_file: ../../tests/can/mkey.file
2009-01-09T08:19:17     acl_file: /var/heimdal/kadmind.acl
2009-01-09T08:19:17 AS-REQ aglo@HEIMDAL.CITI.UMICH.EDU from IPv4:141.211.133.26 
for krbtgt/HEIMDAL.CITI.UMICH.EDU@HEIMDAL.CITI.UMICH.EDU
2009-01-09T08:19:17 No preauth found, returning PREAUTH-REQUIRED -- aglo@HEIMDAL
.CITI.UMICH.EDU
2009-01-09T08:19:17 AS-REQ aglo@HEIMDAL.CITI.UMICH.EDU from IPv4:141.211.133.26 for krbtgt/HEIMDAL.CITI.UMICH.EDU@HEIMDAL.CITI.UMICH.EDU
2009-01-09T08:19:17 Client sent patypes: PK-INIT(win2k), 132
2009-01-09T08:19:17 Looking for ENC-TS pa-data -- aglo@HEIMDAL.CITI.UMICH.EDU
2009-01-09T08:19:17 No preauth found, returning PREAUTH-REQUIRED -- aglo@HEIMDAL.CITI.UMICH.EDU
2009-01-09T08:19:17 tag mismatch
FAIL: check-can
=====================================
1 of 1 test failed
Please report to heimdal-bugs@h5l.org
=====================================

Comment 12 Markus Meier 2009-01-10 10:22:53 UTC

Created attachment 177949 [details]
app-crypt:heimdal-1.2.1-r1:20090110-100251.log

fails here on amd64/x86, attaching x86 log.

Have waited 2 seconds
Getting client initial tickets user1
Getting client initial tickets user2
starting uu server (using user1)
trying to contact server with client (using user2)
checking if server got the right message
killing kdc uu_server (16121 )
PASS: check-uu
=====================================
3 of 9 tests failed
(1 test was not run)
Please report to heimdal-bugs@h5l.org
=====================================
make[3]: *** [check-TESTS] Error 1
make[3]: Leaving directory `/var/tmp/portage/app-crypt/heimdal-1.2.1-r1/work/heimdal-1.2.1/tests/kdc'
make[2]: *** [check-am] Error 2
make[2]: Leaving directory `/var/tmp/portage/app-crypt/heimdal-1.2.1-r1/work/heimdal-1.2.1/tests/kdc'
make[1]: *** [check-recursive] Error 1
make[1]: Leaving directory `/var/tmp/portage/app-crypt/heimdal-1.2.1-r1/work/heimdal-1.2.1/tests'
make: *** [check-recursive] Error 1
 * 
 * ERROR: app-crypt/heimdal-1.2.1-r1 failed.
 * Call stack:
 *               ebuild.sh, line   49:  Called src_test
 *             environment, line 2912:  Called die
 * The specific snippet of code:
 *           KRB5_CONFIG="${S}"/krb5.conf Xmake check || die;
 *  The die message:
 *   (no error message)

app-crypt/heimdal-1.2.1-r1  USE="X berkdb ipv6 ssl -afs -hdb-ldap -otp -pkinit -threads"

Portage 2.1.6.4 (default/linux/x86/2008.0/desktop, gcc-4.1.2, glibc-2.6.1-r0, 2.6.27.10 i686)
=================================================================
System uname: Linux-2.6.27.10-i686-Intel-R-_Core-TM-2_Duo_CPU_T8300_@_2.40GHz-with-glibc2.0
Timestamp of tree: Sat, 10 Jan 2009 08:05:01 +0000
app-shells/bash:     3.2_p39
dev-java/java-config: 1.3.7-r1, 2.1.6-r1
dev-lang/python:     2.4.4-r14, 2.5.2-r7
dev-python/pycrypto: 2.0.1-r6
dev-util/cmake:      2.4.6-r1
sys-apps/baselayout: 1.12.11.1
sys-apps/sandbox:    1.2.18.1-r2
sys-devel/autoconf:  2.13, 2.63
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2
sys-devel/binutils:  2.18-r3
sys-devel/gcc-config: 1.4.0-r4
sys-devel/libtool:   1.5.26
virtual/os-headers:  2.6.27-r2
ACCEPT_KEYWORDS="x86"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=i686 -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /opt/openfire/resources/security/ /opt/openjms/config /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/lib/fax /usr/share/config /var/bind /var/lib/hsqldb /var/qmail/alias /var/qmail/control /var/spool/fax/etc /var/spool/torque"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d"
CXXFLAGS="-O2 -march=i686 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="collision-protect distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict test unmerge-orphans userfetch userpriv usersandbox"
GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo"
LDFLAGS="-Wl,-O1"
LINGUAS="en en_GB de"
MAKEOPTS="-j2"
PKGDIR="/mnt/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="X acl acpi alsa apache2 avahi berkdb bluetooth branding bzip2 cairo cdr cli cracklib crypt cups dbus dri dvd dvdr dvdread eds emboss encode esd evo examples fam firefox fortran gdbm gif gnome gpm gstreamer gtk hal iconv ipv6 isdnlog jpeg kde ldap libnotify mad midi mikmod mp3 mpeg mudflap ncurses nls nptl nptlonly ogg opengl openmp pam pcre pdf perl png ppds pppd python qt3 qt3support qt4 quicktime readline reflection sdl session source spell spl ssl startup-notification svg sysfs tcpd test tiff truetype unicode usb vorbis win32codecs x86 xml xorg xulrunner xv zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_GB de" USERLAND="GNU" VIDEO_CARDS="fbdev glint i810 intel mach64 mga neomagic nv r128 radeon savage sis tdfx trident vesa vga via vmware voodoo"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

Comment 13 Jeroen Roovers (RETIRED) 2009-01-11 16:05:02 UTC

Stable for HPPA.

I'm getting test failures for test_ca and test_windows:

make[4]: Entering directory `/dev/shm/portage/app-crypt/heimdal-1.2.1-r1/work/heimdal-1.2.1/lib/hx50
9'
create certificate request
issue certificate
./test_ca: line 62:  9349 Terminated              ${hxtool} issue-certificate --ca-certificate=FILE:
$srcdir/data/ca.crt,$srcdir/data/ca.key --subject="cn=foo" --req="PKCS10:pkcs10-request.der" --certi
ficate="FILE:cert-ee.pem"
FAIL: test_ca


Create trust anchor
./test_windows: line 58: 11898 Terminated              ${hxtool} issue-certificate --self-signed --i
ssue-ca --generate-key=rsa --subject="CN=Windows-CA,DC=heimdal,DC=pki" --lifetime=10years --certific
ate="FILE:wca.pem"
FAIL: test_windows

This is mainly because either I or the kernel kills a runaway `hxtool' process which uses up all RAM, which is kind of odd - it probably hasn't been ported.

Comment 14 Michael Hammer (RETIRED) 2009-01-12 08:54:52 UTC

hmm - ok test does not work. Should I disable it? The problem is that the actual stable heimdal release has a lot of security issues and it would be advisable to get a newer version stable. If heimdal-1.2.1-r1 is compiling without tests I'd consider that's better to go stable with a package which doesn't fit all unit tests but has (probably) less security related bugs.

greets, mueli

p.S.: On the other hand it's strange why I was able to run the tests on my machine ... I've to admit that I've done the tests a longer time ago.

Comment 15 Markus Meier 2009-01-15 21:54:45 UTC

(In reply to comment #14)
> hmm - ok test does not work. Should I disable it? The problem is that the
> actual stable heimdal release has a lot of security issues and it would be
> advisable to get a newer version stable. If heimdal-1.2.1-r1 is compiling
> without tests I'd consider that's better to go stable with a package which
> doesn't fit all unit tests but has (probably) less security related bugs.
> 
> greets, mueli
> 
> p.S.: On the other hand it's strange why I was able to run the tests on my
> machine ... I've to admit that I've done the tests a longer time ago.

IMHO if possible, disable known failing tests. if this is not possible, and the tests are known to fail, it's better to RESTRICT them. (or you could tell us to stabilize it as it is...)

Comment 16 Michael Hammer (RETIRED) 2009-01-16 14:56:46 UTC

I've restricted the test - I'd say you can go stable.

Thx in advance, greets

mueli

Comment 17 Tobias Klausmann (RETIRED) 2009-01-18 11:51:10 UTC

Stable on alpha.

Comment 18 Markus Meier 2009-01-18 14:56:23 UTC

amd64/x86 stable

Comment 19 nixnut (RETIRED) 2009-01-24 12:18:35 UTC

ppc stable

Comment 20 Robert Buchholz (RETIRED) 2009-02-12 18:53:15 UTC

sparc, ppc64, please stabilize.

Comment 21 Raúl Porcel (RETIRED) 2009-02-20 08:56:28 UTC

arm/ia64/s390/sh/sparc stable

Comment 22 Pierre-Yves Rofes (RETIRED) 2009-03-07 21:51:12 UTC

(In reply to comment #20)
> sparc, ppc64, please stabilize.
> 

this should read "It's a bump to fix security bug #199207", so ppc64, please stabilise.

Comment 23 Brent Baude (RETIRED) 2009-03-15 13:56:21 UTC

ppc64 stable, closing