diff -Nru libutempter-1.1.6/debian/changelog libutempter-1.1.6/debian/changelog --- libutempter-1.1.6/debian/changelog 2016-02-18 18:47:33.000000000 +0000 +++ libutempter-1.1.6/debian/changelog 2019-09-30 21:37:44.000000000 +0000 @@ -1,3 +1,24 @@ +libutempter (1.1.6-4) unstable; urgency=medium + + * Set myself as new maintainer (Closes: #879388) + * Update vcs fields accordingly + * Bump to compat level 12 + * Bump to std version 4.4.1 + * Enable all hardening options in d/rules + * Add autopkg testsuite + * Convert d/copyright to machine-readable format + * Add standard salsa-ci configuration, exclude reprotest for chown failures + * Remove unneeded ignore file for list-missing + * Explicit set Build-Depends-Package in d/libutempter0.symbols + * Explicit set Rules-Requires-Root to binary-targets + * Add C compiler -Wextra flag in d/rules + * Patches: + - Convert to gbp style + - add: Mark old interfaces as deprecated + - add: Validate given hostname (Closes: #689562) + + -- Christian Göttsche Mon, 30 Sep 2019 23:37:44 +0200 + libutempter (1.1.6-3) unstable; urgency=medium * Team upload. diff -Nru libutempter-1.1.6/debian/compat libutempter-1.1.6/debian/compat --- libutempter-1.1.6/debian/compat 2016-02-18 18:47:33.000000000 +0000 +++ libutempter-1.1.6/debian/compat 1970-01-01 00:00:00.000000000 +0000 @@ -1 +0,0 @@ -9 diff -Nru libutempter-1.1.6/debian/control libutempter-1.1.6/debian/control --- libutempter-1.1.6/debian/control 2016-02-18 18:47:33.000000000 +0000 +++ libutempter-1.1.6/debian/control 2019-09-30 21:37:44.000000000 +0000 @@ -1,13 +1,13 @@ Source: libutempter Priority: optional -Maintainer: Debian Krap Maintainers -Uploaders: Fathi Boudra -Build-Depends: debhelper (>= 9) -Standards-Version: 3.9.6 +Maintainer: Christian Göttsche +Build-Depends: debhelper-compat (= 12) +Standards-Version: 4.4.1 +Rules-Requires-Root: binary-targets Section: libs Homepage: http://git.altlinux.org/people/ldv/packages/?p=libutempter.git -Vcs-Git: https://anonscm.debian.org/git/pkg-kde/krap/libutempter.git -Vcs-Browser: https://anonscm.debian.org/cgit/pkg-kde/krap/libutempter.git/ +Vcs-Browser: https://salsa.debian.org/cgzones-guest/libutempter +Vcs-Git: https://salsa.debian.org/cgzones-guest/libutempter.git Package: libutempter-dev Section: libdevel diff -Nru libutempter-1.1.6/debian/copyright libutempter-1.1.6/debian/copyright --- libutempter-1.1.6/debian/copyright 2016-02-18 18:47:33.000000000 +0000 +++ libutempter-1.1.6/debian/copyright 2019-09-30 21:37:44.000000000 +0000 @@ -1,70 +1,37 @@ -This package was debianized by: - - Fathi Boudra on Tue, 11 Aug 2009 09:55:23 +0200. - -It was downloaded from: - - http://ftp.altlinux.org/pub/people/ldv/utempter/ - -Upstream Author: - - Dmitry V. Levin - -Copyright: - - Copyright (C) 2001-2010 Dmitry V. Levin - -License: - - This package is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - This package is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this package; if not, write to the Free Software - Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - -On Debian systems, the complete text of the GNU Lesser General -Public License can be found in: - `/usr/share/common-licenses/LGPL-2.1' - `/usr/share/common-licenses/LGPL-3' - -./utempter.3 is: - - Copyright (c) 2009 Ed Schouten - Copyright (c) 2010 Dmitry V. Levin - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions - are met: - 1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - SUCH DAMAGE. - -The Debian packaging is: - - Copyright (C) 2009-2010 Fathi Boudra - -and is licensed under the GPL version 2.1 or any later version, -see `/usr/share/common-licenses/GPL-3'. +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: libutempter +Upstream-Contact: Dmitry V. Levin +Source: http://ftp.altlinux.org/pub/people/ldv/utempter/ + +Files: * +Copyright: 2001-2010, Dmitry V. Levin +License: LGPL-2.1 + +Files: utempter.3 +Copyright: 2009, Ed Schouten + 2010, Dmitry V. Levin +License: LGPL-2.1 + +Files: debian/* +Copyright: 2009-2011, Fathi Boudra + 2015, Felix Geyer + 2019, Christian Göttsche +License: LGPL-2.1 + +License: LGPL-2.1 + This library is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, + or (at your option) any later version. + . + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + See the GNU Lesser General Public License for more details. + . + You should have received a copy of the GNU Lesser General Public License + along with this library; if not, write to the Free Software Foundation, + Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + . + On Debian systems, the full text of the GNU Lesser General Public License + version 2.1 can be found in the file `/usr/share/common-licenses/LGPL-2.1'. diff -Nru libutempter-1.1.6/debian/libutempter0.symbols libutempter-1.1.6/debian/libutempter0.symbols --- libutempter-1.1.6/debian/libutempter0.symbols 2016-02-18 18:47:33.000000000 +0000 +++ libutempter-1.1.6/debian/libutempter0.symbols 2019-09-30 21:37:44.000000000 +0000 @@ -1,4 +1,5 @@ libutempter.so.0 libutempter0 #MINVER# +* Build-Depends-Package: libutempter-dev UTEMPTER_1.1@UTEMPTER_1.1 1.1.5 addToUtmp@Base 1.1.5 removeFromUtmp@Base 1.1.5 diff -Nru libutempter-1.1.6/debian/not-installed libutempter-1.1.6/debian/not-installed --- libutempter-1.1.6/debian/not-installed 2016-02-18 18:47:33.000000000 +0000 +++ libutempter-1.1.6/debian/not-installed 1970-01-01 00:00:00.000000000 +0000 @@ -1,2 +0,0 @@ -# Avoid false positives in list-missing check -usr/share/man/ diff -Nru libutempter-1.1.6/debian/patches/filter_pie_shared_lib.diff libutempter-1.1.6/debian/patches/filter_pie_shared_lib.diff --- libutempter-1.1.6/debian/patches/filter_pie_shared_lib.diff 2016-02-18 18:47:33.000000000 +0000 +++ libutempter-1.1.6/debian/patches/filter_pie_shared_lib.diff 2019-09-30 21:37:44.000000000 +0000 @@ -1,9 +1,15 @@ -Description: Filter PIE flags when building the shared library. -Author: Felix Geyer +From: Felix Geyer +Subject: Filter PIE flags when building the shared library. +--- + Makefile | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/Makefile b/Makefile +index 1a6e133..e281b2c 100644 --- a/Makefile +++ b/Makefile -@@ -47,15 +47,15 @@ +@@ -49,15 +49,15 @@ LDLIBS = all: $(TARGETS) %.os: %.c diff -Nru libutempter-1.1.6/debian/patches/keep_env_build_flags.diff libutempter-1.1.6/debian/patches/keep_env_build_flags.diff --- libutempter-1.1.6/debian/patches/keep_env_build_flags.diff 2016-02-18 18:47:33.000000000 +0000 +++ libutempter-1.1.6/debian/patches/keep_env_build_flags.diff 2019-09-30 21:37:44.000000000 +0000 @@ -1,9 +1,15 @@ -Description: Don't overwrite build flags from the environment. -Author: Felix Geyer +From: Felix Geyer +Subject: Don't overwrite build flags from the environment. +--- + Makefile | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/Makefile b/Makefile +index 7bc605d..1a6e133 100644 --- a/Makefile +++ b/Makefile -@@ -42,8 +42,8 @@ +@@ -42,8 +42,8 @@ WARNINGS = -W -Wall -Waggregate-return -Wcast-align -Wconversion \ -Wmissing-format-attribute -Wmissing-noreturn \ -Wmissing-prototypes -Wpointer-arith -Wredundant-decls \ -Wshadow -Wstrict-prototypes -Wwrite-strings diff -Nru libutempter-1.1.6/debian/patches/Mark-old-interfaces-as-deprecated.patch libutempter-1.1.6/debian/patches/Mark-old-interfaces-as-deprecated.patch --- libutempter-1.1.6/debian/patches/Mark-old-interfaces-as-deprecated.patch 1970-01-01 00:00:00.000000000 +0000 +++ libutempter-1.1.6/debian/patches/Mark-old-interfaces-as-deprecated.patch 2019-09-30 21:37:44.000000000 +0000 @@ -0,0 +1,26 @@ +From: =?utf-8?q?Christian_G=C3=B6ttsche?= +Date: Sat, 21 Sep 2019 13:51:09 +0200 +Subject: Mark old interfaces as deprecated + +They require unused arguments and do not return a checkable result +--- + utempter.h | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/utempter.h b/utempter.h +index f1ceeef..66acd93 100644 +--- a/utempter.h ++++ b/utempter.h +@@ -35,9 +35,9 @@ extern void utempter_set_helper (const char *pathname); + + /* Old interface. */ + +-extern void addToUtmp (const char *pty, const char *hostname, int master_fd); +-extern void removeFromUtmp (void); +-extern void removeLineFromUtmp (const char *pty, int master_fd); ++extern void addToUtmp (const char *pty, const char *hostname, int master_fd) __attribute__((__deprecated__)); ++extern void removeFromUtmp (void) __attribute__((__deprecated__)); ++extern void removeLineFromUtmp (const char *pty, int master_fd) __attribute__((__deprecated__)); + + #ifdef __cplusplus + } diff -Nru libutempter-1.1.6/debian/patches/multiarch-location.diff libutempter-1.1.6/debian/patches/multiarch-location.diff --- libutempter-1.1.6/debian/patches/multiarch-location.diff 2016-02-18 18:47:33.000000000 +0000 +++ libutempter-1.1.6/debian/patches/multiarch-location.diff 2019-09-30 21:37:44.000000000 +0000 @@ -1,5 +1,12 @@ -Index: b/Makefile -=================================================================== +From: Debian Krap Maintainers +Subject: Support multiarch location + +--- + Makefile | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/Makefile b/Makefile +index e281b2c..c2bcfc6 100644 --- a/Makefile +++ b/Makefile @@ -30,8 +30,8 @@ MAP = lib$(PROJECT).map diff -Nru libutempter-1.1.6/debian/patches/series libutempter-1.1.6/debian/patches/series --- libutempter-1.1.6/debian/patches/series 2016-02-18 18:47:33.000000000 +0000 +++ libutempter-1.1.6/debian/patches/series 2019-09-30 21:37:44.000000000 +0000 @@ -1,3 +1,5 @@ keep_env_build_flags.diff filter_pie_shared_lib.diff multiarch-location.diff +Mark-old-interfaces-as-deprecated.patch +Validate-given-hostname.patch diff -Nru libutempter-1.1.6/debian/patches/Validate-given-hostname.patch libutempter-1.1.6/debian/patches/Validate-given-hostname.patch --- libutempter-1.1.6/debian/patches/Validate-given-hostname.patch 1970-01-01 00:00:00.000000000 +0000 +++ libutempter-1.1.6/debian/patches/Validate-given-hostname.patch 2019-09-30 21:37:44.000000000 +0000 @@ -0,0 +1,58 @@ +From: =?utf-8?q?Christian_G=C3=B6ttsche?= +Date: Sat, 21 Sep 2019 14:06:21 +0200 +Subject: Validate given hostname + +Reject suspicious hostnames, e.g. containing \n or \r, to avoid faking utmp entries when using who. +See #689562 +--- + utempter.c | 23 +++++++++++++++++++++++ + 1 file changed, 23 insertions(+) + +diff --git a/utempter.c b/utempter.c +index b79af97..3670836 100644 +--- a/utempter.c ++++ b/utempter.c +@@ -33,6 +33,7 @@ + #include + #include + #include ++#include + + #ifdef __GLIBC__ + # include +@@ -104,6 +105,27 @@ validate_device(const char *device) + } + } + ++static void validate_host(const char *host) ++{ ++ if (!host) ++ { ++ return; ++ } ++ ++ while (*host) ++ { ++ if (!isprint(*host)) ++ { ++#ifdef UTEMPTER_DEBUG ++ fprintf(stderr, "utempter: invalid character (%d) in hostname\n", ++ *host); ++#endif ++ exit(EXIT_FAILURE); ++ } ++ ++host; ++ } ++} ++ + static int + write_uwtmp_record(const char *user, const char *term, const char *host, + #ifdef __GLIBC__ +@@ -253,6 +275,7 @@ main(int argc, const char *argv[]) + } + + validate_device(device); ++ validate_host(host); + + return write_uwtmp_record(pw->pw_name, device + DEV_PREFIX_LEN, host, + #ifdef __GLIBC__ diff -Nru libutempter-1.1.6/debian/rules libutempter-1.1.6/debian/rules --- libutempter-1.1.6/debian/rules 2016-02-18 18:47:33.000000000 +0000 +++ libutempter-1.1.6/debian/rules 2019-09-30 21:37:44.000000000 +0000 @@ -1,13 +1,15 @@ #!/usr/bin/make -f -export DEB_BUILD_MAINT_OPTIONS = hardening=+pie,+bindnow +export DEB_BUILD_MAINT_OPTIONS = hardening=+all +export DEB_CFLAGS_MAINT_APPEND = -Wextra %: - dh $@ --parallel --list-missing + dh $@ override_dh_fixperms: dh_fixperms chown root:utmp debian/libutempter0/usr/lib/$(DEB_HOST_MULTIARCH)/utempter/utempter chmod 2755 debian/libutempter0/usr/lib/$(DEB_HOST_MULTIARCH)/utempter/utempter -.PHONY: override_dh_auto_test +override_dh_missing: + dh_missing --fail-missing diff -Nru libutempter-1.1.6/debian/salsa-ci.yml libutempter-1.1.6/debian/salsa-ci.yml --- libutempter-1.1.6/debian/salsa-ci.yml 1970-01-01 00:00:00.000000000 +0000 +++ libutempter-1.1.6/debian/salsa-ci.yml 2019-09-30 21:37:44.000000000 +0000 @@ -0,0 +1,8 @@ +--- +include: + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml + +# disable reprotest, cause chown fails (see #928921) +variables: + SALSA_CI_DISABLE_REPROTEST: 1 diff -Nru libutempter-1.1.6/debian/tests/control libutempter-1.1.6/debian/tests/control --- libutempter-1.1.6/debian/tests/control 1970-01-01 00:00:00.000000000 +0000 +++ libutempter-1.1.6/debian/tests/control 2019-09-30 21:37:44.000000000 +0000 @@ -0,0 +1,2 @@ +Tests: test-helper, test-library1, test-library2 +Depends: @, build-essential diff -Nru libutempter-1.1.6/debian/tests/test-helper libutempter-1.1.6/debian/tests/test-helper --- libutempter-1.1.6/debian/tests/test-helper 1970-01-01 00:00:00.000000000 +0000 +++ libutempter-1.1.6/debian/tests/test-helper 2019-09-30 21:37:44.000000000 +0000 @@ -0,0 +1,64 @@ +#!/bin/sh + +set -eu + +cat < test_helper_runner.c +#include +#include +#include +#include +#include + +#define _XOPEN_SOURCE 600 +#define __USE_XOPEN2KXSI +#define __USE_XOPEN_EXTENDED +#include + +#define CHECK(x) do { \ + int _ret = (x); \ + if (_ret != 0) { \ + printf(#x " returned %d: %s\n", _ret, strerror(errno)); \ + exit (1); \ + } \ + } while(0) + +int main() +{ + setbuf(stdout, NULL); + + const int i = posix_openpt(O_RDWR | O_NOCTTY); + printf("## open ptmx returned %d\n", i); + + CHECK(grantpt(i)); + CHECK(unlockpt(i)); + + printf("## ptsname: %s\n", ptsname(i)); + + dup2(i, 0); + + printf("## doing utempter add\n"); + CHECK(system("/usr/lib/$(dpkg-architecture --query DEB_HOST_MULTIARCH)/utempter/utempter add hostname_test_314159265359")); + + printf("## checking who\n"); + CHECK(system("who -a /run/utmp")); + + printf("## doing utempter del\n"); + CHECK(system("/usr/lib/$(dpkg-architecture --query DEB_HOST_MULTIARCH)/utempter/utempter del")); + + printf("## checking who\n"); + CHECK(system("who -a /run/utmp")); + + printf("## DONE\n"); + + return 0; +} +EOF + +cc -Wall -Wextra -Werror -O2 test_helper_runner.c -o test_helper_runner +./test_helper_runner +if [ $(./test_helper_runner | grep -c hostname_test_314159265359) -ne 1 ]; then + echo "inserted hostname not found" + exit 1 +else + echo "inserted hostname found" +fi diff -Nru libutempter-1.1.6/debian/tests/test-library1 libutempter-1.1.6/debian/tests/test-library1 --- libutempter-1.1.6/debian/tests/test-library1 1970-01-01 00:00:00.000000000 +0000 +++ libutempter-1.1.6/debian/tests/test-library1 2019-09-30 21:37:44.000000000 +0000 @@ -0,0 +1,62 @@ +#!/bin/sh + +set -eu + +cat < test_library1_runner.c +#include +#include +#include +#include +#include + +#include + +#define _XOPEN_SOURCE 600 +#define __USE_XOPEN2KXSI +#define __USE_XOPEN_EXTENDED +#include + +#define CHECK(x) do { \ + int _ret = (x); \ + if (_ret != 0) { \ + printf(#x " returned %d: %s\n", _ret, strerror(errno)); \ + exit (1); \ + } \ + } while(0) + +int main() +{ + setbuf(stdout, NULL); + + const int i = posix_openpt(O_RDWR | O_NOCTTY); + printf("## open ptmx returned %d\n", i); + + CHECK(grantpt(i)); + CHECK(unlockpt(i)); + + printf("## ptsname: %s\n", ptsname(i)); + + printf("## doing libutempter add\n"); + CHECK(!utempter_add_record(i, "hostname_test_27182818284590")); + + printf("## checking who\n"); + CHECK(system("who -a /run/utmp")); + + printf("## doing libutempter del\n"); + CHECK(!utempter_remove_record(i)); + + printf("## checking who\n"); + CHECK(system("who -a /run/utmp")); + + printf("## DONE\n"); +} +EOF + +cc -Wall -Wextra -Werror -O2 test_library1_runner.c -lutempter -o test_library1_runner +./test_library1_runner +if [ $(./test_library1_runner | grep -c hostname_test_27182818284590) -ne 1 ]; then + echo "inserted hostname not found" + exit 1 +else + echo "inserted hostname found" +fi diff -Nru libutempter-1.1.6/debian/tests/test-library2 libutempter-1.1.6/debian/tests/test-library2 --- libutempter-1.1.6/debian/tests/test-library2 1970-01-01 00:00:00.000000000 +0000 +++ libutempter-1.1.6/debian/tests/test-library2 2019-09-30 21:37:44.000000000 +0000 @@ -0,0 +1,62 @@ +#!/bin/sh + +set -eu + +cat < test_library2_runner.c +#include +#include +#include +#include +#include + +#include + +#define _XOPEN_SOURCE 600 +#define __USE_XOPEN2KXSI +#define __USE_XOPEN_EXTENDED +#include + +#define CHECK(x) do { \ + int _ret = (x); \ + if (_ret != 0) { \ + printf(#x " returned %d: %s\n", _ret, strerror(errno)); \ + exit (1); \ + } \ + } while(0) + +int main() +{ + setbuf(stdout, NULL); + + const int i = posix_openpt(O_RDWR | O_NOCTTY); + printf("## open ptmx returned %d\n", i); + + CHECK(grantpt(i)); + CHECK(unlockpt(i)); + + printf("## ptsname: %s\n", ptsname(i)); + + printf("## doing libutempter add\n"); + CHECK(!utempter_add_record(i, "hostname_test_161803398875")); + + printf("## checking who\n"); + CHECK(system("who -a /run/utmp")); + + printf("## doing libutempter del\n"); + CHECK(!utempter_remove_added_record()); + + printf("## checking who\n"); + CHECK(system("who -a /run/utmp")); + + printf("## DONE\n"); +} +EOF + +cc -Wall -Wextra -Werror -O2 test_library2_runner.c -lutempter -o test_library2_runner +./test_library2_runner +if [ $(./test_library2_runner | grep -c hostname_test_161803398875) -ne 1 ]; then + echo "inserted hostname not found" + exit 1 +else + echo "inserted hostname found" +fi