Bug#617919: pu: package pdftk/1.41+dfsg-10+squeeze

[Johann Felix Soden <johfel@gmx.de>]

Package: release.debian.org
Severity: wishlist
Tags: squeeze
User: release.debian.org@packages.debian.org
Usertags: pu

I'd like to upload pdftk 1.41+dfsg-10+squeeze1 to stable to fix two
bugs:

pdftk (1.41+dfsg-10+squeeze1) stable; urgency=low

  * Support PROMPT for user_pw and owner_pw simultaneously.
    (Closes: #614071)
  * Backport from 1.43: Support filenames starting with the keywords  'odd',
    'even', 'end'. (Closes: #609471)

The first fixed bug (#614071) has some security relation since without
the patch the user is forced to give passwords via the command line if
user password and owner password should be set both in the output pdf
file.

The second bug (#609471) frustrates user if they choose "wrong" file
names. At first view, the fix from upstream is not that clear but it
works nicely.

Both patches should be tested well with the identical 
pdftk 1.41+dfsg-11 which is already in testing for about a month.

Attached are the whole diff for the planned upload and additionally both
patches separately.

Best regards, 
 Johann Felix Soden





diff -Nru pdftk-1.41+dfsg/debian/changelog pdftk-1.41+dfsg/debian/changelog
--- pdftk-1.41+dfsg/debian/changelog	2011-03-01 18:37:48.000000000 +0100
+++ pdftk-1.41+dfsg/debian/changelog	2011-03-12 16:10:13.000000000 +0100
@@ -1,3 +1,12 @@
+pdftk (1.41+dfsg-10+squeeze1) stable; urgency=low
+
+  * Support PROMPT for user_pw and owner_pw simultaneously.
+    (Closes: #614071)
+  * Backport from 1.43: Support filenames starting with the keywords 'odd',
+    'even', 'end'. (Closes: #609471)
+
+ -- Johann Felix Soden <johfel@gmx.de>  Sat, 12 Mar 2011 16:09:23 +0100
+
 pdftk (1.41+dfsg-10) unstable; urgency=high
 
   * Do not create a random owner password if only user password should
diff -Nru pdftk-1.41+dfsg/debian/patches/backport_keyword_starting_filenames pdftk-1.41+dfsg/debian/patches/backport_keyword_starting_filenames
--- pdftk-1.41+dfsg/debian/patches/backport_keyword_starting_filenames	1970-01-01 01:00:00.000000000 +0100
+++ pdftk-1.41+dfsg/debian/patches/backport_keyword_starting_filenames	2011-03-12 15:08:59.000000000 +0100
@@ -0,0 +1,22 @@
+Description: Do not detect filenames starting with end,even,odd as keywords
+Origin: upstream, version 1.43
+Forwarded: not-needed
+
+--- a/pdftk/pdftk.cc
++++ b/pdftk/pdftk.cc
+@@ -1073,6 +1073,15 @@
+     int keyword_len= 0;
+     keyword arg_keyword= is_keyword( argv[ii], &keyword_len );
+ 
++		// these keywords can be false hits because of their loose matching requirements;
++		// since they are suffixes to page ranges, their appearance here is most likely a false match;
++		if( arg_keyword== end_k ||
++				arg_keyword== even_k ||
++				arg_keyword== odd_k )
++			{
++				arg_keyword= none_k;
++			}
++
+     switch( arg_state ) {
+ 
+     case input_files_e: 
diff -Nru pdftk-1.41+dfsg/debian/patches/fix_double_pw_prompt_bug pdftk-1.41+dfsg/debian/patches/fix_double_pw_prompt_bug
--- pdftk-1.41+dfsg/debian/patches/fix_double_pw_prompt_bug	1970-01-01 01:00:00.000000000 +0100
+++ pdftk-1.41+dfsg/debian/patches/fix_double_pw_prompt_bug	2011-03-12 15:08:59.000000000 +0100
@@ -0,0 +1,47 @@
+Description: Support PROMPT for user_pw and owner_pw simultaneously
+ The check if user_pw is not equal to owner_pw should be after prompting for them.
+Author: Johann Felix Soden <johfel@gmx.de>
+Bug-Debian: http://bugs.debian.org/614071
+
+
+
+--- a/pdftk/pdftk.cc
++++ b/pdftk/pdftk.cc
+@@ -1841,7 +1841,7 @@
+ 
+ 		case output_owner_pw_e: {
+ 			if( m_output_owner_pw.empty() ) {
+-				if( m_output_user_pw!= argv[ii] ) {
++				if( m_output_user_pw!= argv[ii] || strcmp(argv[ii], "PROMPT")== 0 ) {
+ 					m_output_owner_pw= argv[ii];
+ 				}
+ 				else { // error: identical user and owner password
+@@ -1872,7 +1872,7 @@
+ 
+ 		case output_user_pw_e: {
+ 			if( m_output_user_pw.empty() ) {
+-				if( m_output_owner_pw!= argv[ii] ) {
++				if( m_output_owner_pw!= argv[ii] || strcmp( argv[ii], "PROMPT" )== 0 ) {
+ 					m_output_user_pw= argv[ii];
+ 				}
+ 				else { // error: identical user and owner password
+@@ -2193,6 +2193,19 @@
+ 			prompt_for_password( "user", "the output PDF", m_output_user_pw );
+ 		}
+ 
++		if( !m_output_user_pw.empty() && m_output_user_pw== m_output_owner_pw ) {
++			// error: identical user and owner password
++			// are interpreted by Acrobat (per the spec.) that
++			// the doc has no owner password
++			cerr << "Error: The user and owner passwords are the same." << endl;
++			cerr << "   PDF Viewers interpret this to mean your PDF has" << endl;
++			cerr << "   no owner password, so they must be different." << endl;
++			cerr << "   Or, supply no owner password to pdftk if this is" << endl;
++			cerr << "   what you desire." << endl;
++			cerr << "Exiting." << endl;
++			return false;
++		}
++
+ 		if( m_output_owner_pw.empty() && !m_output_user_pw.empty() ) {
+ 			m_output_owner_pw= m_output_user_pw;
+ 		}
diff -Nru pdftk-1.41+dfsg/debian/patches/series pdftk-1.41+dfsg/debian/patches/series
--- pdftk-1.41+dfsg/debian/patches/series	2011-03-01 18:37:48.000000000 +0100
+++ pdftk-1.41+dfsg/debian/patches/series	2011-03-12 15:08:59.000000000 +0100
@@ -15,3 +15,5 @@
 improve_error_message_on_invalid_pdf
 fix_return_code
 fix_random_owner_pw
+fix_double_pw_prompt_bug
+backport_keyword_starting_filenames

Description: Support PROMPT for user_pw and owner_pw simultaneously
 The check if user_pw is not equal to owner_pw should be after prompting for them.
Author: Johann Felix Soden <johfel@gmx.de>
Bug-Debian: http://bugs.debian.org/614071



--- a/pdftk/pdftk.cc
+++ b/pdftk/pdftk.cc
@@ -1841,7 +1841,7 @@
 
 		case output_owner_pw_e: {
 			if( m_output_owner_pw.empty() ) {
-				if( m_output_user_pw!= argv[ii] ) {
+				if( m_output_user_pw!= argv[ii] || strcmp(argv[ii], "PROMPT")== 0 ) {
 					m_output_owner_pw= argv[ii];
 				}
 				else { // error: identical user and owner password
@@ -1872,7 +1872,7 @@
 
 		case output_user_pw_e: {
 			if( m_output_user_pw.empty() ) {
-				if( m_output_owner_pw!= argv[ii] ) {
+				if( m_output_owner_pw!= argv[ii] || strcmp( argv[ii], "PROMPT" )== 0 ) {
 					m_output_user_pw= argv[ii];
 				}
 				else { // error: identical user and owner password
@@ -2193,6 +2193,19 @@
 			prompt_for_password( "user", "the output PDF", m_output_user_pw );
 		}
 
+		if( !m_output_user_pw.empty() && m_output_user_pw== m_output_owner_pw ) {
+			// error: identical user and owner password
+			// are interpreted by Acrobat (per the spec.) that
+			// the doc has no owner password
+			cerr << "Error: The user and owner passwords are the same." << endl;
+			cerr << "   PDF Viewers interpret this to mean your PDF has" << endl;
+			cerr << "   no owner password, so they must be different." << endl;
+			cerr << "   Or, supply no owner password to pdftk if this is" << endl;
+			cerr << "   what you desire." << endl;
+			cerr << "Exiting." << endl;
+			return false;
+		}
+
 		if( m_output_owner_pw.empty() && !m_output_user_pw.empty() ) {
 			m_output_owner_pw= m_output_user_pw;
 		}

Description: Do not detect filenames starting with end,even,odd as keywords
Origin: upstream, version 1.43
Forwarded: not-needed

--- a/pdftk/pdftk.cc
+++ b/pdftk/pdftk.cc
@@ -1073,6 +1073,15 @@
     int keyword_len= 0;
     keyword arg_keyword= is_keyword( argv[ii], &keyword_len );
 
+		// these keywords can be false hits because of their loose matching requirements;
+		// since they are suffixes to page ranges, their appearance here is most likely a false match;
+		if( arg_keyword== end_k ||
+				arg_keyword== even_k ||
+				arg_keyword== odd_k )
+			{
+				arg_keyword= none_k;
+			}
+
     switch( arg_state ) {
 
     case input_files_e: