[pkg-bacula-commits] [SCM] Bacula, a network backup, recovery and verification program branch, master, updated. debian/5.0.3-1-33-gc3210ed
Luca Capello
luca at pca.it
Fri May 18 17:46:32 UTC 2012
The following commit has been merged in the master branch:
commit c3210edc58801872b4a9a2aedf032ebff3e2a0a8
Author: Luca Capello <luca at pca.it>
Date: Fri May 18 19:45:09 2012 +0200
debian/*: adapt to upstream/5.0.3+dfsgreal
diff --git a/debian/README.Debian b/debian/README.Debian
index 233e78f..046d434 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -6,6 +6,25 @@ The 'bacula-common' package provides some of the common infrastructure
for Bacula. You can find Bacula READMEs and other documentation files
there.
+DFSG-FREE PACKAGE
+-----------------
+
+The SHA-1 implementation in upstream sources (src/lib/sha1.{h,c}) is
+directly taken from RFC 3174 "US Secure Hash Algorithm 1 (SHA1)".
+Given that the Debian considers RFCs non-free according to the Debian
+Free Software Guidelines 3 and 6, the offending files were removed
+from the upstream sources.
+
+Please note that thanks to a patch by Alexander Golovko there was no
+loss of functionality: luckily, the SHA-1 implementation provided by
+the OpenSSL library is compatible with the own in Bacula. The fact
+that Bacula is already linked with OpenSSL also means that nothing
+changed for the Debian package.
+
+Please see the following bug report for a complete explanation:
+
+ <http://bugs.debian.org/658326>
+
BASIC INFORMATION
-----------------
@@ -145,4 +164,4 @@ http://www.bacula.org.
based on a file by Jose Luis Tallon
- -- John Goerzen <jgoerzen at complete.org>, Mon, 1 Mar 2010 16:03:29 -0600
+ -- Luca Capello <luca at pca.it>, Fri, 18 May 2012 19:08:00 +0200
diff --git a/debian/changelog b/debian/changelog
index d264048..738f8a6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-bacula (5.0.3-2) UNRELEASED; urgency=low
+bacula (5.0.3+dfsgreal-1) UNRELEASED; urgency=low
[ Alexander Golovko ]
* debian/patches/switch-nonfree-sha1-to-openssl.patch
@@ -41,6 +41,8 @@ bacula (5.0.3-2) UNRELEASED; urgency=low
thanks to Sven Joachim <svenjoac at gmx.de> (Closes: #646730).
* debian/patches/upstream-1623_debian-591293___file_jpfid_idx.patch:
+ import from Git commit:fc7990a.
+ * debian/README.Debian:
+ + explain why upstream sources are not DFSG-free.
[ Martin Pitt ]
* debian/control (Closes: #639466):
diff --git a/debian/patches/switch-nonfree-sha1-to-openssl.patch b/debian/patches/switch-nonfree-sha1-to-openssl.patch
index 8d77b85..2ab121e 100644
--- a/debian/patches/switch-nonfree-sha1-to-openssl.patch
+++ b/debian/patches/switch-nonfree-sha1-to-openssl.patch
@@ -3,7 +3,7 @@ Bug-Debian: 658326
Bug: http://bugs.bacula.org/view.php?id=1869
Author: Alexander Golovko <alexandro at ankalagon.ru>
Reviewed-by: Luca Capello <luca at pca.it>
-Last-Update: 2012-05-17
+Last-Update: 2012-05-18
diff -Nur a/src/lib/lib.h bacula-5.0.2/src/lib/lib.h
--- a/src/lib/lib.h 2012-05-10 01:23:02.083871937 +0400
@@ -61,628 +61,3 @@ diff -Nur a/src/lib/Makefile.in bacula-5.0.2/src/lib/Makefile.in
realclean: clean
@$(RMF) tags
-diff -Nur a/src/lib/sha1.c bacula-5.0.2/src/lib/sha1.c
---- a/src/lib/sha1.c 2012-05-10 01:23:02.079873605 +0400
-+++ b/src/lib/sha1.c 1970-01-01 03:00:00.000000000 +0300
-@@ -1,510 +0,0 @@
--/*
-- * sha1.c
-- *
-- * Description:
-- * This file implements the Secure Hashing Algorithm 1 as
-- * defined in FIPS PUB 180-1 published April 17, 1995.
-- *
-- * The SHA-1, produces a 160-bit message digest for a given
-- * data stream. It should take about 2**n steps to find a
-- * message with the same digest as a given message and
-- * 2**(n/2) to find any two messages with the same digest,
-- * when n is the digest size in bits. Therefore, this
-- * algorithm can serve as a means of providing a
-- * "fingerprint" for a message.
-- *
-- * Portability Issues:
-- * SHA-1 is defined in terms of 32-bit "words". This code
-- * uses <stdint.h> (included via "sha1.h" to define 32 and 8
-- * bit unsigned integer types. If your C compiler does not
-- * support 32 bit unsigned integers, this code is not
-- * appropriate.
-- *
-- * Caveats:
-- * SHA-1 is designed to work with messages less than 2^64 bits
-- * long. Although SHA-1 allows a message digest to be generated
-- * for messages of any number of bits less than 2^64, this
-- * implementation only works with messages with a length that is
-- * a multiple of the size of an 8-bit character.
-- *
-- * See sha1.h for copyright
-- */
--
--#include "sha1.h"
--
--/*
-- * Define the SHA1 circular left shift macro
-- */
--#define SHA1CircularShift(bits,word) \
-- (((word) << (bits)) | ((word) >> (32-(bits))))
--
--/* Local Function Prototyptes */
--static void SHA1PadMessage(SHA1Context *);
--static void SHA1ProcessMessageBlock(SHA1Context *);
--
--/*
-- * SHA1Init
-- *
-- * Description:
-- * This function will initialize the SHA1Context in preparation
-- * for computing a new SHA1 message digest.
-- *
-- * Parameters:
-- * context: [in/out]
-- * The context to reset.
-- *
-- * Returns:
-- * sha Error Code.
-- *
-- */
--int SHA1Init(SHA1Context *context)
--{
-- if (!context)
-- {
-- return shaNull;
-- }
--
-- context->Length_Low = 0;
-- context->Length_High = 0;
-- context->Message_Block_Index = 0;
--
-- context->Intermediate_Hash[0] = 0x67452301;
-- context->Intermediate_Hash[1] = 0xEFCDAB89;
-- context->Intermediate_Hash[2] = 0x98BADCFE;
-- context->Intermediate_Hash[3] = 0x10325476;
-- context->Intermediate_Hash[4] = 0xC3D2E1F0;
--
-- context->Computed = 0;
-- context->Corrupted = 0;
--
-- return shaSuccess;
--}
--
--/*
-- * SHA1Final
-- *
-- * Description:
-- * This function will return the 160-bit message digest into the
-- * Message_Digest array provided by the caller.
-- * NOTE: The first octet of hash is stored in the 0th element,
-- * the last octet of hash in the 19th element.
-- *
-- * Parameters:
-- * context: [in/out]
-- * The context to use to calculate the SHA-1 hash.
-- * Message_Digest: [out]
-- * Where the digest is returned.
-- *
-- * Returns:
-- * sha Error Code.
-- *
-- */
--int SHA1Final(SHA1Context *context,
-- uint8_t Message_Digest[SHA1HashSize])
--{
-- int i;
--
-- if (!context || !Message_Digest) {
-- return shaNull;
-- }
--
-- if (context->Corrupted) {
-- return context->Corrupted;
-- }
--
-- if (!context->Computed) {
-- SHA1PadMessage(context);
-- for(i=0; i<64; ++i) {
-- /* message may be sensitive, clear it out */
-- context->Message_Block[i] = 0;
-- }
-- context->Length_Low = 0; /* and clear length */
-- context->Length_High = 0;
-- context->Computed = 1;
--
-- }
--
-- for(i = 0; i < SHA1HashSize; ++i) {
-- Message_Digest[i] = context->Intermediate_Hash[i>>2]
-- >> 8 * ( 3 - ( i & 0x03 ) );
-- }
--
-- return shaSuccess;
--}
--
--/*
-- * SHA1Update
-- *
-- * Description:
-- * This function accepts an array of octets as the next portion
-- * of the message.
-- *
-- * Parameters:
-- * context: [in/out]
-- * The SHA context to update
-- * message_array: [in]
-- * An array of characters representing the next portion of
-- * the message.
-- * length: [in]
-- * The length of the message in message_array
-- *
-- * Returns:
-- * sha Error Code.
-- *
-- */
--int SHA1Update(SHA1Context *context,
-- const uint8_t *message_array,
-- unsigned length)
--{
-- if (!length) {
-- return shaSuccess;
-- }
--
-- if (!context || !message_array) {
-- return shaNull;
-- }
--
-- if (context->Computed) {
-- context->Corrupted = shaStateError;
--
-- return shaStateError;
-- }
--
-- if (context->Corrupted) {
-- return context->Corrupted;
-- }
-- while(length-- && !context->Corrupted) {
-- context->Message_Block[context->Message_Block_Index++] =
-- (*message_array & 0xFF);
--
-- context->Length_Low += 8;
-- if (context->Length_Low == 0) {
-- context->Length_High++;
-- if (context->Length_High == 0) {
-- /* Message is too long */
-- context->Corrupted = 1;
-- }
-- }
--
-- if (context->Message_Block_Index == 64) {
-- SHA1ProcessMessageBlock(context);
-- }
--
-- message_array++;
-- }
--
-- return shaSuccess;
--}
--
--/*
-- * SHA1ProcessMessageBlock
-- *
-- * Description:
-- * This function will process the next 512 bits of the message
-- * stored in the Message_Block array.
-- *
-- * Parameters:
-- * None.
-- *
-- * Returns:
-- * Nothing.
-- *
-- * Comments:
--
-- * Many of the variable names in this code, especially the
-- * single character names, were used because those were the
-- * names used in the publication.
-- *
-- *
-- */
--static void SHA1ProcessMessageBlock(SHA1Context *context)
--{
-- const uint32_t K[] = { /* Constants defined in SHA-1 */
-- 0x5A827999,
-- 0x6ED9EBA1,
-- 0x8F1BBCDC,
-- 0xCA62C1D6
-- };
-- int t; /* Loop counter */
-- uint32_t temp; /* Temporary word value */
-- uint32_t W[80]; /* Word sequence */
-- uint32_t A, B, C, D, E; /* Word buffers */
--
-- /*
-- * Initialize the first 16 words in the array W
-- */
-- for(t = 0; t < 16; t++) {
-- W[t] = context->Message_Block[t * 4] << 24;
-- W[t] |= context->Message_Block[t * 4 + 1] << 16;
-- W[t] |= context->Message_Block[t * 4 + 2] << 8;
-- W[t] |= context->Message_Block[t * 4 + 3];
-- }
--
-- for(t = 16; t < 80; t++) {
-- W[t] = SHA1CircularShift(1,W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16]);
-- }
--
-- A = context->Intermediate_Hash[0];
-- B = context->Intermediate_Hash[1];
-- C = context->Intermediate_Hash[2];
-- D = context->Intermediate_Hash[3];
-- E = context->Intermediate_Hash[4];
--
-- for(t = 0; t < 20; t++) {
-- temp = SHA1CircularShift(5,A) +
-- ((B & C) | ((~B) & D)) + E + W[t] + K[0];
-- E = D;
-- D = C;
-- C = SHA1CircularShift(30,B);
--
-- B = A;
-- A = temp;
-- }
--
-- for(t = 20; t < 40; t++) {
-- temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[1];
-- E = D;
-- D = C;
-- C = SHA1CircularShift(30,B);
-- B = A;
-- A = temp;
-- }
--
-- for(t = 40; t < 60; t++) {
-- temp = SHA1CircularShift(5,A) +
-- ((B & C) | (B & D) | (C & D)) + E + W[t] + K[2];
-- E = D;
-- D = C;
-- C = SHA1CircularShift(30,B);
-- B = A;
-- A = temp;
-- }
--
-- for(t = 60; t < 80; t++) {
-- temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[3];
-- E = D;
-- D = C;
-- C = SHA1CircularShift(30,B);
-- B = A;
-- A = temp;
-- }
--
-- context->Intermediate_Hash[0] += A;
-- context->Intermediate_Hash[1] += B;
-- context->Intermediate_Hash[2] += C;
-- context->Intermediate_Hash[3] += D;
-- context->Intermediate_Hash[4] += E;
--
-- context->Message_Block_Index = 0;
--}
--
--/*
-- * SHA1PadMessage
-- *
--
-- * Description:
-- * According to the standard, the message must be padded to an even
-- * 512 bits. The first padding bit must be a '1'. The last 64
-- * bits represent the length of the original message. All bits in
-- * between should be 0. This function will pad the message
-- * according to those rules by filling the Message_Block array
-- * accordingly. It will also call the ProcessMessageBlock function
-- * provided appropriately. When it returns, it can be assumed that
-- * the message digest has been computed.
-- *
-- * Parameters:
-- * context: [in/out]
-- * The context to pad
-- * ProcessMessageBlock: [in]
-- * The appropriate SHA*ProcessMessageBlock function
-- * Returns:
-- * Nothing.
-- *
-- */
--
--static void SHA1PadMessage(SHA1Context *context)
--{
-- /*
-- * Check to see if the current message block is too small to hold
-- * the initial padding bits and length. If so, we will pad the
-- * block, process it, and then continue padding into a second
-- * block.
-- */
-- if (context->Message_Block_Index > 55) {
-- context->Message_Block[context->Message_Block_Index++] = 0x80;
-- while(context->Message_Block_Index < 64) {
-- context->Message_Block[context->Message_Block_Index++] = 0;
-- }
--
-- SHA1ProcessMessageBlock(context);
--
-- while(context->Message_Block_Index < 56) {
-- context->Message_Block[context->Message_Block_Index++] = 0;
-- }
-- } else {
-- context->Message_Block[context->Message_Block_Index++] = 0x80;
-- while(context->Message_Block_Index < 56) {
--
-- context->Message_Block[context->Message_Block_Index++] = 0;
-- }
-- }
--
-- /*
-- * Store the message length as the last 8 octets
-- */
-- context->Message_Block[56] = context->Length_High >> 24;
-- context->Message_Block[57] = context->Length_High >> 16;
-- context->Message_Block[58] = context->Length_High >> 8;
-- context->Message_Block[59] = context->Length_High;
-- context->Message_Block[60] = context->Length_Low >> 24;
-- context->Message_Block[61] = context->Length_Low >> 16;
-- context->Message_Block[62] = context->Length_Low >> 8;
-- context->Message_Block[63] = context->Length_Low;
--
-- SHA1ProcessMessageBlock(context);
--}
--
--#ifdef TEST_DRIVER
--
--/*
-- * sha1test.c
-- *
-- * Description:
-- * This file will exercise the SHA-1 code performing the three
-- * tests documented in FIPS PUB 180-1 plus one which calls
-- * SHA1Input with an exact multiple of 512 bits, plus a few
-- * error test checks.
-- *
-- * Portability Issues:
-- * None.
-- *
-- */
--
--#include <stdint.h>
--#include <stdio.h>
--#include <string.h>
--#include "sha1.h"
--
--/*
-- * Define patterns for testing
-- */
--#define TEST1 "abc"
--#define TEST2a "abcdbcdecdefdefgefghfghighijhi"
--
--#define TEST2b "jkijkljklmklmnlmnomnopnopq"
--#define TEST2 TEST2a TEST2b
--#define TEST3 "a"
--#define TEST4a "01234567012345670123456701234567"
--#define TEST4b "01234567012345670123456701234567"
-- /* an exact multiple of 512 bits */
--#define TEST4 TEST4a TEST4b
--char *testarray[4] =
--{
-- TEST1,
-- TEST2,
-- TEST3,
-- TEST4
--};
--long int repeatcount[4] = { 1, 1, 1000000, 10 };
--char *resultarray[4] =
--{
-- "A9 99 3E 36 47 06 81 6A BA 3E 25 71 78 50 C2 6C 9C D0 D8 9D",
-- "84 98 3E 44 1C 3B D2 6E BA AE 4A A1 F9 51 29 E5 E5 46 70 F1",
-- "34 AA 97 3C D4 C4 DA A4 F6 1E EB 2B DB AD 27 31 65 34 01 6F",
-- "DE A3 56 A2 CD DD 90 C7 A7 EC ED C5 EB B5 63 93 4F 46 04 52"
--};
--
--int main()
--{
-- SHA1Context sha;
-- int i, j, err;
-- uint8_t Message_Digest[20];
--
-- /*
-- * Perform SHA-1 tests
-- */
-- for(j = 0; j < 4; ++j) {
-- printf( "\nTest %d: %d, '%s'\n",
-- j+1,
-- repeatcount[j],
-- testarray[j]);
--
-- err = SHA1Init(&sha);
-- if (err) {
-- fprintf(stderr, "SHA1Reset Error %d.\n", err );
-- break; /* out of for j loop */
-- }
--
-- for(i = 0; i < repeatcount[j]; ++i) {
--
-- err = SHA1Input(&sha,
-- (const unsigned char *) testarray[j],
-- strlen(testarray[j]));
-- if (err) {
-- fprintf(stderr, "SHA1Input Error %d.\n", err );
-- break; /* out of for i loop */
-- }
-- }
--
-- err = SHA1Final(&sha, Message_Digest);
-- if (err) {
-- fprintf(stderr,
-- "SHA1Result Error %d, could not compute message digest.\n",
-- err );
-- }
-- else
-- {
-- printf("\t");
-- for(i = 0; i < 20 ; ++i) {
-- printf("%02X ", Message_Digest[i]);
-- }
-- printf("\n");
-- }
-- printf("Should match:\n");
-- printf("\t%s\n", resultarray[j]);
-- }
--
-- /* Test some error returns */
-- err = SHA1Input(&sha,(const unsigned char *) testarray[1], 1);
-- printf ("\nError %d. Should be %d.\n", err, shaStateError );
-- err = SHA1Init(0);
-- printf ("\nError %d. Should be %d.\n", err, shaNull );
-- return 0;
--}
--
--#endif /* TEST_DRIVER */
--
--#ifdef SHA1_SUM
--/*
-- * Reads a single ASCII file and prints the HEX sha1 sum.
-- */
--#include <stdio.h>
--int main(int argc, char *argv[])
--{
-- FILE *fd;
-- SHA1Context ctx;
-- char buf[5000];
-- char signature[25];
--
-- if (argc < 1) {
-- printf("Must have filename\n");
-- exit(1);
-- }
-- fd = fopen(argv[1], "rb");
-- if (!fd) {
-- berrno be;
-- printf("Could not open %s: ERR=%s\n", argv[1], be.bstrerror(errno));
-- exit(1);
-- }
-- SHA1Init(&ctx);
-- while (fgets(buf, sizeof(buf), fd)) {
-- SHA1Update(&ctx, (unsigned char *)buf, strlen(buf));
-- }
-- SHA1Final(&ctx, (unsigned char *)signature);
-- for (int i=0; i < 20; i++) {
-- printf("%02x", signature[i]& 0xFF);
-- }
-- printf(" %s\n", argv[1]);
-- fclose(fd);
--}
--#endif
-diff -Nur a/src/lib/sha1.h bacula-5.0.2/src/lib/sha1.h
---- a/src/lib/sha1.h 2012-05-10 01:23:02.079873605 +0400
-+++ b/src/lib/sha1.h 1970-01-01 03:00:00.000000000 +0300
-@@ -1,107 +0,0 @@
--/*
-- * sha1.h
-- *
-- * Description:
-- * This is the header file for code which implements the Secure
-- * Hashing Algorithm 1 as defined in FIPS PUB 180-1 published
-- * April 17, 1995.
-- *
-- * Many of the variable names in this code, especially the
-- * single character names, were used because those were the names
-- * used in the publication.
-- *
-- * Please read the file sha1.c for more information.
-- *
-- * Full Copyright Statement
-- *
-- * Copyright (C) The Internet Society (2001). All Rights Reserved.
-- *
-- * This document and translations of it may be copied and furnished to
-- * others, and derivative works that comment on or otherwise explain it
-- * or assist in its implementation may be prepared, copied, published
-- * and distributed, in whole or in part, without restriction of any
-- * kind, provided that the above copyright notice and this paragraph are
-- * included on all such copies and derivative works. However, this
-- * document itself may not be modified in any way, such as by removing
-- * the copyright notice or references to the Internet Society or other
-- * Internet organizations, except as needed for the purpose of
-- * developing Internet standards in which case the procedures for
-- * copyrights defined in the Internet Standards process must be
-- * followed, or as required to translate it into languages other than
-- * English.
-- *
-- * The limited permissions granted above are perpetual and will not be
-- * revoked by the Internet Society or its successors or assigns.
-- *
-- * This document and the information contained herein is provided on an
-- * "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
-- * TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
-- * BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
-- * HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
-- * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-- *
-- * Acknowledgement
-- *
-- * Funding for the RFC Editor function is currently provided by the
-- * Internet Society.
-- *
-- */
--
--#ifndef _SHA1_H_
--#define _SHA1_H_
--
--#include "bacula.h"
--
--/*
-- * If you do not have the ISO standard stdint.h header file, then you
-- * must typdef the following:
-- * name meaning
-- * uint32_t unsigned 32 bit integer
-- * uint8_t unsigned 8 bit integer (i.e., unsigned char)
-- * int32_t integer of 32 bits
-- *
-- */
--
--#ifndef _SHA_enum_
--#define _SHA_enum_
--enum
--{
-- shaSuccess = 0,
-- shaNull, /* Null pointer parameter */
-- shaInputTooLong, /* input data too long */
-- shaStateError /* called Input after Result */
--};
--#endif
--#define SHA1HashSize 20
--
--/*
-- * This structure will hold context information for the SHA-1
-- * hashing operation
-- */
--typedef struct SHA1Context
--{
-- uint32_t Intermediate_Hash[SHA1HashSize/4]; /* Message Digest */
--
-- uint32_t Length_Low; /* Message length in bits */
-- uint32_t Length_High; /* Message length in bits */
--
-- /* Index into message block array */
-- int32_t Message_Block_Index;
-- uint8_t Message_Block[64]; /* 512-bit message blocks */
--
-- int Computed; /* Is the digest computed? */
-- int Corrupted; /* Is the message digest corrupted? */
--} SHA1Context;
--
--/*
-- * Function Prototypes
-- */
--
--int SHA1Init(SHA1Context *);
--int SHA1Update(SHA1Context *,
-- const uint8_t *,
-- unsigned int);
--int SHA1Final(SHA1Context *,
-- uint8_t Message_Digest[SHA1HashSize]);
--
--#endif
--
Bacula, a network backup, recovery and verification program
More information about the pkg-bacula-commits
mailing list