--- mysql-ocaml-1.0.4.orig/debian/libmysql-ocaml-dev.docs +++ mysql-ocaml-1.0.4/debian/libmysql-ocaml-dev.docs @@ -0,0 +1,2 @@ +README +doc/html --- mysql-ocaml-1.0.4.orig/debian/svn-deblayout +++ mysql-ocaml-1.0.4/debian/svn-deblayout @@ -0,0 +1,3 @@ +origDir=../upstream +origUrl=svn+ssh://svn.debian.org/svn/pkg-ocaml-maint/trunk/packages/mysql-ocaml/upstream +tagsUrl=svn+ssh://svn.debian.org/svn/pkg-ocaml-maint/tags/packages/mysql-ocaml --- mysql-ocaml-1.0.4.orig/debian/compat +++ mysql-ocaml-1.0.4/debian/compat @@ -0,0 +1 @@ +4 --- mysql-ocaml-1.0.4.orig/debian/libmysql-ocaml-dev.doc-base +++ mysql-ocaml-1.0.4/debian/libmysql-ocaml-dev.doc-base @@ -0,0 +1,9 @@ +Document: libmysql-ocaml-dev +Title: OCaml MySql Module Documentation +Author: Shawn Wagner +Abstract: OCaml MySql module documentation +Section: Apps/Programming + +Format: HTML +Index: /usr/share/doc/libmysql-ocaml-dev/html/index.html +Files: /usr/share/doc/libmysql-ocaml-dev/html/* --- mysql-ocaml-1.0.4.orig/debian/control +++ mysql-ocaml-1.0.4/debian/control @@ -0,0 +1,29 @@ +Source: mysql-ocaml +Section: devel +Priority: optional +Maintainer: Samuel Mimram +Build-Depends: debhelper (>= 4.0.0), libmysqlclient15-dev, ocaml-nox (>= 3.09.1), camlp4, ocaml-findlib, dpatch +Standards-Version: 3.7.2 +XS-Vcs-Svn: svn://svn.debian.org/svn/pkg-ocaml-maint/trunk/packages/mysql-ocaml +XS-Vcs-Browser: http://svn.debian.org/wsvn/pkg-ocaml-maint/trunk/packages/mysql-ocaml/trunk/ + +Package: libmysql-ocaml +Section: libs +Architecture: any +Depends: ocaml-base-nox-${F:OCamlABI}, ${shlibs:Depends} +Description: OCaml bindings for MySql + This OCaml library interfaces the MySql C library. It can be used to access + and modify MySql databases from OCaml programs. + . + This package contains only the shared runtime stub libraries. + +Package: libmysql-ocaml-dev +Section: libdevel +Architecture: any +Depends: ocaml-nox-${F:OCamlABI}, libmysqlclient15-dev, libmysql-ocaml (= ${binary:Version}) +Description: OCaml bindings for MySql + This OCaml library interfaces the MySql C library. It can be used to access + and modify MySql databases from OCaml programs. + . + This package contains all the development stuff you need to use + OCaml MySql in your programs. --- mysql-ocaml-1.0.4.orig/debian/libmysql-ocaml-dev.install.in +++ mysql-ocaml-1.0.4/debian/libmysql-ocaml-dev.install.in @@ -0,0 +1,4 @@ +usr/lib/ocaml/@OCamlABI@/mysql/META +usr/lib/ocaml/@OCamlABI@/mysql/*.a +usr/lib/ocaml/@OCamlABI@/mysql/*.cm* +usr/lib/ocaml/@OCamlABI@/mysql/*.ml* --- mysql-ocaml-1.0.4.orig/debian/libmysql-ocaml-dev.examples +++ mysql-ocaml-1.0.4/debian/libmysql-ocaml-dev.examples @@ -0,0 +1 @@ +demo.ml --- mysql-ocaml-1.0.4.orig/debian/libmysql-ocaml.install.in +++ mysql-ocaml-1.0.4/debian/libmysql-ocaml.install.in @@ -0,0 +1 @@ +usr/lib/ocaml/@OCamlABI@/mysql/dllmysql_stubs.so usr/lib/ocaml/@OCamlABI@/stublibs/ --- mysql-ocaml-1.0.4.orig/debian/patches/00list +++ mysql-ocaml-1.0.4/debian/patches/00list @@ -0,0 +1,2 @@ +shtool_tempfile +real_escape --- mysql-ocaml-1.0.4.orig/debian/patches/real_escape.dpatch +++ mysql-ocaml-1.0.4/debian/patches/real_escape.dpatch @@ -0,0 +1,116 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## real_escape.dpatch by Mehdi Dogguy +## +## DP: Add a binding for mysql_real_escape_string. + +@DPATCH@ +diff -urNad mysql-ocaml~/mysql.ml mysql-ocaml/mysql.ml +--- mysql-ocaml~/mysql.ml 2009-10-01 22:56:38.000000000 +0200 ++++ mysql-ocaml/mysql.ml 2009-10-07 23:59:24.000000000 +0200 +@@ -333,6 +333,7 @@ + external real_status : dbd -> int = "db_status" + external errmsg : dbd -> string option = "db_errmsg" + external escape : string -> string = "db_escape" ++external real_escape: dbd -> string -> string = "db_real_escape" + external fetch : result -> string option array option = "db_fetch" + external to_row : result -> int64 -> unit = "db_to_row" + external size : result -> int64 = "db_size" +@@ -516,7 +517,9 @@ + the corresponding type *) + + let ml2str str = "'" ^ escape str ^ "'" ++let ml2rstr conn str = "'" ^ real_escape conn str ^ "'" + let ml2blob = ml2str ++let ml2rblob = ml2rstr + let ml2int x = string_of_int x + let ml2decimal x = x + let ml322int x = Int32.to_string x +@@ -524,12 +527,15 @@ + let mlnative2int x = Nativeint.to_string x + let ml2float x = string_of_float x + let ml2enum x = escape x +-let ml2set x = let rec loop arg = match arg with +- | [] -> "" +- | [x] -> escape x +- | x::y::ys -> escape x ^ "," ^ loop (y::ys) +- in +- loop x ++let ml2renum x = real_escape x ++let ml2set_filter f x = ++ let rec loop f = function ++ | [] -> "" ++ | [x] -> f x ++ | x::y::ys -> f x ^ "," ^ loop f (y::ys) ++ in loop f x ++let ml2set x = ml2set_filter escape x ++let ml2rset conn x = ml2set_filter (real_escape conn) x + + let ml2datetimel ~year ~month ~day ~hour ~min ~sec = + Printf.sprintf "'%04d-%02d-%02d %02d:%02d:%02d'" +diff -urNad mysql-ocaml~/mysql.mli mysql-ocaml/mysql.mli +--- mysql-ocaml~/mysql.mli 2009-10-01 22:56:38.000000000 +0200 ++++ mysql-ocaml/mysql.mli 2009-10-07 23:59:24.000000000 +0200 +@@ -230,6 +230,7 @@ + (** [escape str] returns the same string as [str] in MySQL syntax with + special characters quoted to not confuse the MySQL parser *) + val escape : string -> string ++val real_escape : dbd -> string -> string + + (** [xxx2ml str] decodes a MySQL value of type xxx into a corresponding + OCaml value *) +@@ -277,14 +278,18 @@ + (** [ml2xxx v] encodes [v] into MySQL syntax. *) + + val ml2str : string -> string ++val ml2rstr : dbd -> string -> string + val ml2blob : string -> string ++val ml2rblob : dbd -> string -> string + val ml2int : int -> string + val ml2decimal : string -> string + val ml322int : int32 -> string + val ml642int : int64 -> string + val ml2float : float -> string + val ml2enum : string -> string ++val ml2renum : dbd -> string -> string + val ml2set : string list -> string ++val ml2rset : dbd -> string list -> string + val ml2datetime : int * int * int * int * int * int -> string + val ml2datetimel : year:int -> month:int -> day:int -> hour:int -> min:int -> sec:int -> string + val ml2date : int * int * int -> string +diff -urNad mysql-ocaml~/mysql_stubs.c mysql-ocaml/mysql_stubs.c +--- mysql-ocaml~/mysql_stubs.c 2009-10-01 22:56:38.000000000 +0200 ++++ mysql-ocaml/mysql_stubs.c 2009-10-07 23:59:24.000000000 +0200 +@@ -472,6 +472,33 @@ + CAMLreturn(res); + } + ++EXTERNAL value ++db_real_escape(value dbd, value str) ++{ ++ CAMLparam2(dbd, str); ++ char *s; ++ char *buf; ++ int len, esclen; ++ MYSQL *mysql; ++ CAMLlocal1(res); ++ ++ check_dbd(dbd, "escape"); ++ mysql = DBDmysql(dbd); ++ ++ s = String_val(str); ++ len = string_length(str); ++ buf = (char*) stat_alloc(2*len+1); ++ caml_enter_blocking_section(); ++ esclen = mysql_real_escape_string(mysql,buf,s,len); ++ caml_leave_blocking_section(); ++ ++ res = alloc_string(esclen); ++ memcpy(String_val(res), buf, esclen); ++ stat_free(buf); ++ ++ CAMLreturn(res); ++} ++ + /* + * db_size -- returns the size of the current result (number of rows). + */ --- mysql-ocaml-1.0.4.orig/debian/patches/shtool_tempfile.dpatch +++ mysql-ocaml-1.0.4/debian/patches/shtool_tempfile.dpatch @@ -0,0 +1,28 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## shtool_tempfile.dpatch by Samuel Mimram +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: shtool creates temporary files in an insecure manner, which can be +## DP: exploited through symlink attacks. Please see these URLs for details: +## DP: http://www.zataz.net/adviso/shtool-05252005.txt +## DP: http://bugs.gentoo.org/show_bug.cgi?id=93782 + +@DPATCH@ +diff -urNad --exclude=CVS --exclude=.svn ./etc/shtool /tmp/dpep-work.f6mb29/mysql-ocaml-1.0.3/etc/shtool +--- ./etc/shtool 2004-01-27 20:46:36.000000000 +0100 ++++ /tmp/dpep-work.f6mb29/mysql-ocaml-1.0.3/etc/shtool 2005-07-18 23:52:08.000000000 +0200 +@@ -378,7 +378,13 @@ + tmpdir="$TEMPDIR" + fi + fi +- tmpfile="$tmpdir/.shtool.$$" ++ if mkdir "$tmpdir/.shtool.$$"; then ++ tmpfile="$tmpdir/.shtool.$$/shtool.tmp" ++ else ++ echo "$msgprefix:Error: failed to create temporary file" 1>&2 ++ exit 1 ++ fi ++ tmpfile="$tmpdir/.shtool.$$/shtool.tmp" + rm -f $tmpfile >/dev/null 2>&1 + touch $tmpfile + fi --- mysql-ocaml-1.0.4.orig/debian/copyright +++ mysql-ocaml-1.0.4/debian/copyright @@ -0,0 +1,16 @@ +This package was debianized by Samuel Mimram on +Sun, 16 Nov 2003 22:44:10 +0100. + +It was downloaded from http://raevnos.pennmush.org/code/ocaml.html + +Upstream Author: Shawn Wagner + +Copyright (C) 1999-2004 by Shawn Wagner. + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + +On Debian systems, you can find a copy of that license in +/usr/share/common-licenses/LGPL-2.1. --- mysql-ocaml-1.0.4.orig/debian/changelog +++ mysql-ocaml-1.0.4/debian/changelog @@ -0,0 +1,137 @@ +mysql-ocaml (1.0.4-4+lenny1build0.8.04.1) hardy-security; urgency=low + + * fake sync from Debian + + -- Jamie Strandboge Sat, 12 Dec 2009 09:41:01 -0600 + +mysql-ocaml (1.0.4-4+lenny1) stable-security; urgency=high + + * Non-maintainer upload to fix a security bug. + * Add a patch to add a binding to mysql_real_escape whose name is + real_escape (CVE-2009-2942). + + -- Mehdi Dogguy Thu, 08 Oct 2009 00:07:29 +0200 + +mysql-ocaml (1.0.4-4) unstable; urgency=low + + * Upload to unstable. + + -- Samuel Mimram Sat, 08 Sep 2007 01:14:37 +0200 + +mysql-ocaml (1.0.4-3) experimental; urgency=low + + * Rebuild with OCaml 3.10. + * Added a build-dependency on camlp4. + * Drop the now obsolete Source-Version in favour of binary:Version in + debian/control. + + -- Samuel Mimram Sun, 15 Jul 2007 22:42:53 +0000 + +mysql-ocaml (1.0.4-2) unstable; urgency=low + + * Rebuild with OCaml 3.09.2. + * Updated standards version to 3.7.2, no changes needed. + + -- Samuel Mimram Thu, 18 May 2006 22:54:37 +0000 + +mysql-ocaml (1.0.4-1) unstable; urgency=low + + * New upstream release. + * Acknowledge NMU (thanks Christian Hammers), closes: #353902. + + -- Samuel Mimram Tue, 18 Apr 2006 08:11:57 +0200 + +mysql-ocaml (1.0.3-9.1) unstable; urgency=medium + + * Non-maintainer upload with permission of the the maintainer. + * Rebuild against libmysqlclient15-dev instead of libmysqlclient14-dev, + closes: #353902. + + -- Christian Hammers Tue, 21 Feb 2006 22:25:13 +0100 + +mysql-ocaml (1.0.3-9) unstable; urgency=low + + * Rebuild with OCaml 3.09.1. + * Hanlding OCaml's ABI changes. + + -- Samuel Mimram Sun, 8 Jan 2006 19:24:16 +0100 + +mysql-ocaml (1.0.3-8) unstable; urgency=low + + * Updated to OCaml 3.09.0. + + -- Samuel Mimram Wed, 9 Nov 2005 20:05:57 +0100 + +mysql-ocaml (1.0.3-7) unstable; urgency=low + + * Rebuilding with libmysqlclient14 in order to be installable together with + mysql-server-4.1, closes: #326858. + + -- Samuel Mimram Wed, 7 Sep 2005 15:24:50 +0200 + +mysql-ocaml (1.0.3-6) unstable; urgency=low + + * Patched shtool's vulnerability CAN-2005-1751, closes: #314464. + * Using dpatch to handle patches. + * Updated standards version to 3.6.2. + + -- Samuel Mimram Mon, 18 Jul 2005 23:27:28 +0200 + +mysql-ocaml (1.0.3-5) unstable; urgency=medium + + * Updated to OCaml 3.08.3. + + -- Samuel Mimram Thu, 24 Mar 2005 19:12:05 +0100 + +mysql-ocaml (1.0.3-4) unstable; urgency=low + + * I forgot to update the depends to libmysqlclient12-dev for the -dev package. + + -- Samuel Mimram Sun, 30 Jan 2005 15:07:13 +0100 + +mysql-ocaml (1.0.3-3) unstable; urgency=low + + * Depending on libmysqlclient12 instead of libmysqlclient10, closes: #292615. + * Updated Standards-Version to 3.6.1.1. + * Changed my email since I'm a DD now. + + -- Samuel Mimram Fri, 28 Jan 2005 15:02:09 +0100 + +mysql-ocaml (1.0.3-2) unstable; urgency=low + + * Build with OCaml 3.08. + * Depends on -nox versions of ocaml packages. + + -- Samuel Mimram Wed, 21 Jul 2004 18:45:26 +0200 + +mysql-ocaml (1.0.3-1) unstable; urgency=low + + * New upstream release. + + -- Samuel Mimram Mon, 2 Feb 2004 19:36:02 +0100 + +mysql-ocaml (1.0.2-4) unstable; urgency=low + + * Modified buggy makefile (was always trying to install mysql.a). + + -- Samuel Mimram Wed, 14 Jan 2004 21:25:50 +0100 + +mysql-ocaml (1.0.2-3) unstable; urgency=low + + * Byte-code only should really work now. + + -- Samuel Mimram Wed, 14 Jan 2004 20:49:19 +0100 + +mysql-ocaml (1.0.2-2) unstable; urgency=low + + * Building native-code library only if ocamlopt is present. + * Added -fPIC to gcc options. + + -- Samuel Mimram Wed, 7 Jan 2004 11:16:56 +0100 + +mysql-ocaml (1.0.2-1) unstable; urgency=low + + * Initial Release. + + -- Samuel Mimram Sun, 16 Nov 2003 22:44:10 +0100 + --- mysql-ocaml-1.0.4.orig/debian/watch +++ mysql-ocaml-1.0.4/debian/watch @@ -0,0 +1,2 @@ +version=2 +http://raevnos.pennmush.org/code/ocaml-mysql/ocaml-mysql-(.*)\.tar\.gz debian uupdate --- mysql-ocaml-1.0.4.orig/debian/rules +++ mysql-ocaml-1.0.4/debian/rules @@ -0,0 +1,86 @@ +#!/usr/bin/make -f + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +# We want to use dpatch +include /usr/share/dpatch/dpatch.make + +OCAMLABI := $(shell ocamlc -version) +OFILES := $(patsubst %.in,%,$(wildcard debian/*.in)) + +OCAML_LIB_DIR = $(shell ocamlc -where) +DESTDIR = $(CURDIR)/debian/tmp$(OCAML_LIB_DIR) + +CFLAGS = -Wall -g -fPIC + +ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O0 +else + CFLAGS += -O2 +endif +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + INSTALL_PROGRAM += -s +endif + +ocamlinit: + for f in $(OFILES); do sed -e 's/@OCamlABI@/$(OCAMLABI)/g' $$f.in > $$f; done + +config.status: configure + dh_testdir + CFLAGS="$(CFLAGS)" ./configure --prefix=/usr \ + --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info + +build: ocamlinit patch-stamp build-stamp +build-stamp: config.status + dh_testdir + + $(MAKE) + if [ -x /usr/bin/ocamlopt ]; then $(MAKE) opt; fi + + touch build-stamp + +clean: unpatch + dh_testdir + dh_testroot + rm -f build-stamp + + [ ! -f Makefile ] || $(MAKE) clean + rm -f config.log config.status + + dh_clean + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + mkdir -p $(DESTDIR) + $(MAKE) install OCAMLFIND_DESTDIR=$(DESTDIR) OCAMLFIND_LDCONF=ignore + +# Build architecture-independent files here. +binary-indep: build install + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir + dh_testroot + dh_installchangelogs CHANGES + dh_installdocs + dh_installexamples + dh_install --sourcedir=debian/tmp --list-missing + dh_installman + dh_link + dh_strip + dh_compress + dh_fixperms + dh_makeshlibs + dh_installdeb + dh_shlibdeps + dh_gencontrol -- -VF:OCamlABI="$(OCAMLABI)" + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install ocamlinit