--- adns-1.5.0~rc1.orig/.gitignore +++ adns-1.5.0~rc1/.gitignore @@ -38,3 +38,15 @@ src/Makefile src/config.h web + +build-stamp +debian/*.debhelper.log +debian/tmp +debian/adns-tools +debian/libadns1 +debian/libadns1-dev +debian/libadns1-dbg +debian/*.postinst.debhelper +debian/*.postrm.debhelper +debian/files +debian/*.substvars --- adns-1.5.0~rc1.orig/debian/README.Debian +++ adns-1.5.0~rc1/debian/README.Debian @@ -0,0 +1,59 @@ +adns for Debian +--------------- + +From the Homepage: + +Advanced, easy to use, asynchronous-capable DNS client library and utilities. +adns is a resolver library for C (and C++) programs, and a collection of useful +DNS resolver utilities. + +I'm (Ian) afraid there is no manual yet. However, competent C programmers should +be able to use the library based on the commented adns.h header file, and +the usage messages for the programs should be sufficient. + +adns also comes with a number of utility programs for use from the command +line and in scripts: + + * adnslogres is a much faster version of Apache's logresolv program. + + * adnsresfilter is a filter which copies its input to its output, + replacing IP addresses by the corresponding names, without unduly + delaying the output. For example, you can usefully pipe the + output of netstat -n, tcpdump -ln, and the like, into it. + + * adnshost is a general-purpose DNS lookup utility which can be used easily + in from the command line and from shell scripts to do simple lookups. + In a more advanced mode it can be used as a general-purpose DNS helper + program for scripting languages which can invoke and communicate with + subprocesses. See the adnshost usage message for a summary of its capabilities. + + -- Bernd Eckenfels Thu, 08 Dec 2005 01:23:19 +0100 + + +From the INSTALL file: + + SECURITY AND PERFORMANCE - AN IMPORTANT NOTE + + adns is not a `full-service resolver': it does no caching of responses + at all, and has no defence against bad nameservers or fake packets + which appear to come from your real nameservers. It relies on the + full-service resolvers listed in resolv.conf to handle these tasks. + + For secure and reasonable operation you MUST run a full-service + nameserver on the same system as your adns applications, or on the + same local, fully trusted network. You MUST only list such + nameservers in the adns configuration (eg resolv.conf). + + You MUST use a firewall or other means to block packets which appear + to come from these nameservers, but which were actually sent by other, + untrusted, entities. + + Furthermore, adns is not DNSSEC-aware in this version; it doesn't + understand even how to ask a DNSSEC-aware nameserver to perform the + DNSSEC cryptographic signature checking. + +In particular, adns does not randomize the query source port or transaction ID; +relevant advisories are CVE-2008-1447 and CVE-2008-4100. Since adns is a stub +resolver, the workarounds listed in DSA-1605-1 for glibc also apply to adns. + + -- Robert S. Edmonds Wed, 17 Sep 2008 10:49:45 -0400 --- adns-1.5.0~rc1.orig/debian/adns-tools.dirs +++ adns-1.5.0~rc1/debian/adns-tools.dirs @@ -0,0 +1,2 @@ +usr/share/doc +usr/bin --- adns-1.5.0~rc1.orig/debian/adns-tools.docs +++ adns-1.5.0~rc1/debian/adns-tools.docs @@ -0,0 +1,3 @@ +README.html +README +TODO --- adns-1.5.0~rc1.orig/debian/adns-tools.install +++ adns-1.5.0~rc1/debian/adns-tools.install @@ -0,0 +1,4 @@ +usr/bin/adnshost +usr/bin/adnsheloex +usr/bin/adnslogres +usr/bin/adnsresfilter --- adns-1.5.0~rc1.orig/debian/changelog +++ adns-1.5.0~rc1/debian/changelog @@ -0,0 +1,205 @@ +adns (1.5.0~rc1-1ubuntu1) vivid; urgency=medium + + * Cherry-pick from upstream, thanks to Ian Jackson: + - Fix for malicious optimisation of memcpy in test suite, which causes + failure with gcc-4.1.9 -O3. See Debian bug #772718. + + -- Colin Watson Thu, 18 Dec 2014 17:19:41 +0000 + +adns (1.5.0~rc1-1) unstable; urgency=medium + + * New upstream version. Closes:#411263. + There are now no changes to upstream code (other than .gitignore). + * Remove vbuf__append_quoted1035 from symbols file. + * Add missing Build-Dependency on `lynx' (for README). + + -- Ian Jackson Sun, 26 Oct 2014 13:58:28 +0000 + +adns (1.5.0~rc0-0~exp1) experimental; urgency=low + + * New upstream version. Closes: #392102, #384372. + * Not using upstream tarball because it contains some junk. + * Made myself the Maintainer. Closes: #765629. + * Delete spurious Makefile and src/config.h. + * Clarify and improve package Descriptions. + * In symbols file: ignore all symbols `adns__*' with a regex rule. + * Remove obsolete emacs local variables stanza from debian/changelog. + * Add dh and debian files to .gitignore. + * Add -dbg package. Closes: #489301. + * Remove values from rcsids, to remove diffs from upstream. + * Add ${misc:Depends} to quieten lintian (no change to the .debs). + * Support dpkg-buildflags (ie, build with hardening). + * Patch regress/Makefile.in to fix problem with .SECONDARY declaration. + * Add test case output and common.make to `make [dist]clean'. + + -- Ian Jackson Mon, 20 Oct 2014 17:27:18 +0100 + +adns (1.4-2) unstable; urgency=low + + * Acknowledge NMU. + * libadns1 'Recommends: libadns1-bin' to 'Suggests: adns-tools'; closes: + #435593, #491513. + * Document CVE-2008-1447 / CVE-2008-4100 poisoning vulnerability in + README.Debian; closes: #492698. + + -- Robert S. Edmonds Wed, 17 Sep 2008 10:37:36 -0400 + +adns (1.4-1.1) unstable; urgency=low + + * adns-tools Provides libadns1-bin. Closes: #492145. + + -- Ian Jackson Thu, 24 Jul 2008 20:32:36 +0100 + +adns (1.4-1) unstable; urgency=low + + * New maintainer; closes: #485995. + * Acknowledge NMU; closes: #361419. + * Rename libadns1-bin to adns-tools; closes: #91298, #349797. + + -- Robert S. Edmonds Sun, 15 Jun 2008 20:08:31 -0400 + +adns (1.4-0.1) unstable; urgency=low + + * New upstream version, in NMU by upstream, approved by Debian + maintainer (closes: #361419). Package is almost exactly upstream 1.4 + with .diff.gz from 1.1-4; all Debian changes outside debian/* have + been addressed upstream. Changes to debian/*: + - provision of libadns.so by debian/rules is no longer needed as this + is done by the upstream makefiles. + - new utility adnsheloex moved out of -dev package into -bin. + + -- Ian Jackson Tue, 17 Oct 2006 17:45:15 +0100 + +adns (1.1-4) unstable; urgency=low + + * re-applied missing hack to make regression tests work on hurd kernel + * make sure hcommon.c is rebuild on debian builds + + -- Bernd Eckenfels Sat, 10 Dec 2005 07:04:27 +0100 + +adns (1.1-3) unstable; urgency=low + + * yet another architecture problem: sparc requires ENOTSOCK which is + defined in regress/hcommon.c but not regress/hcommon.c.m4 + + -- Bernd Eckenfels Fri, 09 Dec 2005 05:40:23 +0100 + +adns (1.1-2) unstable; urgency=low + + * added int castings for len arg pointer arithmetic to printf + * removed some memleak details, cause this makes ALPHA and IA64 builds fail + + -- Bernd Eckenfels Fri, 09 Dec 2005 00:42:12 +0100 + +adns (1.1-1) unstable; urgency=low + + * new upstream version (Closes: #342491) + * not all patches took over (debian/todo-patches.txt) + works on sparc64 gcc4 + * new standards version (3.1 -> 3.6.1) no changes + * thanks to NMUs + + -- Bernd Eckenfels Thu, 08 Dec 2005 01:20:49 +0100 + +adns (1.0-8.3) unstable; urgency=low + + * NMU. + * Fix build failure when using gcc-3.4 (closes: #262511). + + -- Matthias Klose Tue, 3 May 2005 11:10:07 +0200 + +adns (1.0-8.2) unstable; urgency=low + + * NMU tweak + * Change libadns1-dev's section to libdevel to get it aligned with + the override file. + + -- Joshua Kwan Wed, 31 Mar 2004 11:18:30 -0500 + +adns (1.0-8.1) unstable; urgency=low + + * NMU to fix a RC bug. + * Build-depend on m4 to avoid problems with timestamp skew. + (Closes: #236243) + * Fix copyright file as per lintian (Author(s) -> Author, add reference + to common-licenses copy of the GPL.) + * Added versioned Build-Depends on debhelper (>= 3) because DH_COMPAT is + set to 3. + + -- Joshua Kwan Mon, 22 Mar 2004 16:35:25 -0800 + +adns (1.0-8) unstable; urgency=medium + + * thanks LaMont for the NMU, Closes bug: #152284 by adding + build dependency on netbase for /etc/protocols + + -- Bernd Eckenfels Mon, 09 Sep 2002 04:58:56 +0200 + +adns (1.0-7.1) unstable; urgency=low + * NMU + * Add Build-Depends: netbase. Closes: #152284. + + -- LaMont Jones Wed, 4 Sep 2002 08:09:28 -0600 + +adns (1.0-7) unstable; urgency=low + + * allow 0 flags by adding adns_if_none and adns_qf_none (Closes Bug: #148318) + * remove unsafe ldconfig and bump dh version to 3 (for dh_makeshlibs) + + -- Bernd Eckenfels Fri, 5 Jul 2002 20:00:35 +0200 + +adns (1.0-6) unstable; urgency=medium + + * fixed another architecture regression problem (Closes bug: #101116) + * added debhelper build depends + * removed dh_suidregister + * removed INSTALL doc file (make lintian and policy happy) + + -- Bernd Eckenfels Fri, 29 Jun 2001 06:30:29 +0200 + +adns (1.0-5) unstable; urgency=medium + + * some casting fixes + * ignore the memleak test till it gets fixed (Closes bug: #87763, #81379) + * a fix for shlibs dep of debhelper, seems to ignore libs by default, + which according to Paul breaks other non glibc platforms. + + -- Bernd Eckenfels Tue, 27 Feb 2001 01:54:02 +0100 + +adns (1.0-4) unstable; urgency=low + + * new upload since it does not show up in testing (Closes: #82710) + + -- Bernd Eckenfels Thu, 18 Jan 2001 05:03:23 +0100 + +adns (1.0-3) unstable; urgency=low + + * closes bug #70945 (fixed upstream) + + -- Bernd Eckenfels Tue, 7 Nov 2000 00:43:29 +0100 + +adns (1.0-2) unstable; urgency=low + + * Recommend libadns1-bin in libadns1 + + -- Bernd Eckenfels Fri, 22 Sep 2000 07:55:33 +0200 + +adns (1.0-1) unstable; urgency=low + + * new upstream version, added libadns-bin package + + -- Bernd Eckenfels Fri, 22 Sep 2000 05:46:37 +0200 + +adns (0.8-2) unstable; urgency=low + + * added libadns.so to -dev package, upload to master + + -- Bernd Eckenfels Tue, 16 May 2000 03:50:39 +0200 + +adns (0.8-1) unstable; urgency=low + + * Initial Release. + + -- Bernd Eckenfels Mon, 8 May 2000 02:57:02 +0200 + + --- adns-1.5.0~rc1.orig/debian/compat +++ adns-1.5.0~rc1/debian/compat @@ -0,0 +1 @@ +7 --- adns-1.5.0~rc1.orig/debian/control +++ adns-1.5.0~rc1/debian/control @@ -0,0 +1,66 @@ +Source: adns +Section: devel +Priority: optional +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Ian Jackson +Build-Depends: debhelper (>= 7), netbase, m4, lynx +Standards-Version: 3.8.0 +Homepage: http://www.chiark.greenend.org.uk/~ian/adns/ + +Package: libadns1-dev +Section: libdevel +Architecture: any +Depends: libadns1 (= ${binary:Version}), libc6-dev, ${misc:Depends} +Conflicts: libadns0 +Description: Asynchronous-capable DNS client library (development) + adns is a resolver library for C (and C++) programs. In contrast + with many existing interfaces, it can be used in an asynchronous, + non-blocking manner, and has a convenient interface which doesn't + require the application to handle any DNS data formats. Many queries + can be handled simultaneously. + . + This package contains the development files used for C/C++ programs. + +Package: adns-tools +Section: net +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Conflicts: libadns0, libadns1-bin +Replaces: libadns1-bin +Provides: libadns1-bin +Description: Asynchronous-capable DNS client utilities + adns is a DNS resolver. In contrast with many existing interfaces, + gethostbyname et al and libresolv, it can be used in an asynchronous, + non-blocking manner. Many queries can be handled simultaneously. + . + This package contains useful utilities for IP address resolving, + fast bulk logfile processing, and testing. + +Package: libadns1 +Section: libs +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Suggests: adns-tools +Description: Asynchronous-capable DNS client library + adns is a resolver library for C (and C++) programs. In contrast + with the existing interfaces, gethostbyname et al and libresolv, it + can be used in an asynchronous, non-blocking manner, and has a + convenient interface which doesn't require the application to handle + any DNS data formats. Many queries can be handled simultaneously. + . + This package contains the runtime library. + +Package: libadns1-dbg +Section: debug +Priority: extra +Architecture: any +Depends: libadns1 (= ${binary:Version}), ${misc:Depends} +Description: Asynchronous-capable DNS client library (debugging symbols) + adns is a resolver library for C (and C++) programs. In contrast + with the existing interfaces, gethostbyname et al and libresolv, it + can be used in an asynchronous, non-blocking manner, and has a + convenient interface which doesn't require the application to handle + any DNS data formats. Many queries can be handled simultaneously. + . + This package contains the debugging symbols associated with libadns1, + for debugging adns and programs that use it. --- adns-1.5.0~rc1.orig/debian/copyright +++ adns-1.5.0~rc1/debian/copyright @@ -0,0 +1,29 @@ +This package was first debianized by Bernd Eckenfels on +Mon, 8 May 2000 02:57:02 +0200. + +It was downloaded from http://www.chiark.greenend.org.uk/~ian/adns/ + +Upstream Author: Ian Jackson / ijackson@chiark.greenend.org.uk + +Copyright: + + adns is Copyright 1997-2000,2003,2006,2014 Ian Jackson, Copyright 2014 + Mark Wooding, Copyright 1999-2000,2003,2006 Tony Finch, and Copyright + (C) 1991 Massachusetts Institute of Technology. + + adns is free software; you can redistribute it and/or modify it under + the terms of the GNU General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + This program and documentation is distributed in the hope that it will + be useful, but without any warranty; without even the implied warranty + of merchantability or fitness for a particular purpose. See the [15]GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License along + with adns, or one should be available above; if not, write to the + Free Software Foundation or email ijackson@chiark.greenend.org.uk. + +On all Debian systems, a copy of the GNU General Public License version +3 can be found in `/usr/share/common-licenses/GPL-3'. --- adns-1.5.0~rc1.orig/debian/libadns1-dev.dirs +++ adns-1.5.0~rc1/debian/libadns1-dev.dirs @@ -0,0 +1,2 @@ +usr/lib +usr/include --- adns-1.5.0~rc1.orig/debian/libadns1-dev.docs +++ adns-1.5.0~rc1/debian/libadns1-dev.docs @@ -0,0 +1,4 @@ +GPL-vs-LGPL +README.html +README +TODO --- adns-1.5.0~rc1.orig/debian/libadns1-dev.install +++ adns-1.5.0~rc1/debian/libadns1-dev.install @@ -0,0 +1,3 @@ +usr/include/adns.h +usr/lib/libadns.a +usr/lib/libadns.so --- adns-1.5.0~rc1.orig/debian/libadns1.dirs +++ adns-1.5.0~rc1/debian/libadns1.dirs @@ -0,0 +1,2 @@ +usr/lib +usr/share/doc --- adns-1.5.0~rc1.orig/debian/libadns1.docs +++ adns-1.5.0~rc1/debian/libadns1.docs @@ -0,0 +1,3 @@ +GPL-vs-LGPL +README.html +README --- adns-1.5.0~rc1.orig/debian/libadns1.install +++ adns-1.5.0~rc1/debian/libadns1.install @@ -0,0 +1,2 @@ +usr/lib/libadns.so.1 +usr/lib/libadns.so.1.5 --- adns-1.5.0~rc1.orig/debian/libadns1.symbols +++ adns-1.5.0~rc1/debian/libadns1.symbols @@ -0,0 +1,35 @@ +libadns.so.1 libadns1 #MINVER# + (regex)"^adns__.*@Base$" 1.5.0~ + adns_afterpoll@Base 1.5.0~ + adns_afterselect@Base 1.5.0~ + adns_beforepoll@Base 1.5.0~ + adns_beforeselect@Base 1.5.0~ + adns_cancel@Base 1.5.0~ + adns_check@Base 1.5.0~ + adns_checkconsistency@Base 1.5.0~ + adns_errabbrev@Base 1.5.0~ + adns_errtypeabbrev@Base 1.5.0~ + adns_finish@Base 1.5.0~ + adns_firsttimeout@Base 1.5.0~ + adns_forallqueries_begin@Base 1.5.0~ + adns_forallqueries_next@Base 1.5.0~ + adns_globalsystemfailure@Base 1.5.0~ + adns_init@Base 1.5.0~ + adns_init_logfn@Base 1.5.0~ + adns_init_strcfg@Base 1.5.0~ + adns_processany@Base 1.5.0~ + adns_processexceptional@Base 1.5.0~ + adns_processreadable@Base 1.5.0~ + adns_processtimeouts@Base 1.5.0~ + adns_processwriteable@Base 1.5.0~ + adns_rr_info@Base 1.5.0~ + adns_strerror@Base 1.5.0~ + adns_submit@Base 1.5.0~0 + adns_submit_reverse@Base 1.5.0~ + adns_submit_reverse_any@Base 1.5.0~ + adns_synchronous@Base 1.5.0~0 + adns_wait@Base 1.5.0~ + adns_wait_poll@Base 1.5.0~ + adns_addr2text@Base 1.5.0~ + adns_text2addr@Base 1.5.0~ + data@Base 1.5.0~ --- adns-1.5.0~rc1.orig/debian/rules +++ adns-1.5.0~rc1/debian/rules @@ -0,0 +1,38 @@ +#!/usr/bin/make -f +#export DH_VERBOSE=1 + +export DH_OPTIONS += --dbg-package=libadns1-dbg + +export XCFLAGS= $(shell dpkg-buildflags --get CPPFLAGS) \ + $(shell dpkg-buildflags --get CFLAGS) +export XLDFLAGS=$(shell dpkg-buildflags --get LDFLAGS) + +%: + dh $@ + +build: build-stamp +build-stamp: + dh build --before configure + dh_auto_configure + dh_auto_build + make -C regress check + dh build --after test + touch $@ + +clean: + dh clean --before dh_auto_clean + -$(MAKE) distclean + -$(MAKE) -C regress distclean + rm -f regress/output-* + dh clean --after dh_auto_clean + +install: build + dh install --before dh_auto_install + $(MAKE) install prefix=`pwd`/debian/tmp/usr + dh install --after dh_auto_install + +binary-arch: build install + dh binary-arch + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install --- adns-1.5.0~rc1.orig/debian/shlibs.local +++ adns-1.5.0~rc1/debian/shlibs.local @@ -0,0 +1 @@ +libadns 1 libadns1 (>= 1.5.0~) --- adns-1.5.0~rc1.orig/debian/todo-patches.txt +++ adns-1.5.0~rc1/debian/todo-patches.txt @@ -0,0 +1,18 @@ +--- adns-1.0.orig/src/adns.h ++++ adns-1.0/src/adns.h +@@ -75,6 +75,7 @@ + typedef struct adns__query *adns_query; + + typedef enum { ++ adns_if_none= 0x0000, /* no flags */ + adns_if_noenv= 0x0001, /* do not look at environment */ + adns_if_noerrprint= 0x0002, /* never print output to stderr (_debug overrides) */ + adns_if_noserverwarn= 0x0004, /* do not warn to stderr about duff nameservers etc */ +@@ -88,6 +89,7 @@ + } adns_initflags; + + typedef enum { ++ adns_qf_none= 0x00000000, /* no flags */ + adns_qf_search= 0x00000001, /* use the searchlist */ + adns_qf_usevc= 0x00000002, /* use a virtual circuit (TCP connection) */ + adns_qf_owner= 0x00000004, /* fill in the owner field in the answer */ --- adns-1.5.0~rc1.orig/regress/hcommon.c +++ adns-1.5.0~rc1/regress/hcommon.c @@ -281,7 +281,7 @@ size_t osz; if (op) { oldnode= (void*)((char*)op - MALLOCHSZ); osz= oldnode->sz; } else { osz= 0; } np= Hmalloc(nsz); - memcpy(np,op, osz>nsz ? nsz : osz); + if (osz) memcpy(np,op, osz>nsz ? nsz : osz); Hfree(op); return np; } --- adns-1.5.0~rc1.orig/regress/hcommon.c.m4 +++ adns-1.5.0~rc1/regress/hcommon.c.m4 @@ -301,7 +301,7 @@ if (op) { oldnode= (void*)((char*)op - MALLOCHSZ); osz= oldnode->sz; } else { osz= 0; } np= Hmalloc(nsz); - memcpy(np,op, osz>nsz ? nsz : osz); + if (osz) memcpy(np,op, osz>nsz ? nsz : osz); Hfree(op); return np; }