Bug#678818: marked as done (release.debian.org: pu: package bacula/5.0.2+dfsg-0+squeeze1)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Tue, 08 Jul 2014 20:00:27 +0100
with message-id <1404846027.2657.9.camel@jacala.jungle.funky-badger.org>
and subject line Re: Bug#678818: release.debian.org: pu: package bacula/5.0.2+dfsg-0+squeeze1
has caused the Debian Bug report #678818,
regarding release.debian.org: pu: package bacula/5.0.2+dfsg-0+squeeze1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
678818: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678818
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: release.debian.org: pu: package bacula/5.0.2+dfsg-0+squeeze1
• From: Luca Capello <luca@pca.it>
• Date: Sun, 24 Jun 2012 15:58:51 +0200
• Message-id: <87hau095gk.fsf@gismo.pca.it>

Package: release.debian.org
Severity: normal
User: luca@pca.it
Usertags: debian-packaging
User: release.debian.org@packages.debian.org
Usertags: pu

Hi there!

The latest Bacula upload (5.2.6+dfsg-1) fixed #658326, a bug about
sources not being DFSG-free.  Given that the bug was reported against
squeeze, I prepared an updated squeeze source package, debdiff attached.

The binary packages available at the APT repository below have been
successfully tested on three different machines (one director and two
File Daemon clients) and two different architectures (amd64 and i386):
=====
$ sudo cat >/etc/apt/sources.list.d/people.debian.org_gismo.list
# <http://upsilon.cc/~zack/blog/posts/2009/04/howto:_uploading_to_people.d.o_using_dput/>
deb http://people.debian.org/~gismo/debian
gismo-squeeze-proposed-updates/
deb-src http://people.debian.org/~gismo/debian
gismo-squeeze-proposed-updates/
$ sudo wget -O /etc/apt/trusted.gpg.d/luca.pca.it-keyring.gpg \
 http://people.debian.org/~gismo/debian/luca.pca.it-keyring.gpg
$ sudo apt-get -t gismo-squeeze-proposed-updates $DEB
=====

Thx, bye,
Gismo / Luca

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.3.0-trunk-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diffstat for bacula-5.0.2 bacula-5.0.2+dfsg

 debian/README.Debian                                |   21 
 debian/changelog                                    |   16 
 debian/patches/switch-nonfree-sha1-to-openssl.patch |   64 ++
 debian/rules                                        |    7 
 src/lib/sha1.c                                      |  510 --------------------
 src/lib/sha1.h                                      |  107 ----
 6 files changed, 107 insertions(+), 618 deletions(-)

diff -Nru bacula-5.0.2/debian/changelog bacula-5.0.2+dfsg/debian/changelog
--- bacula-5.0.2/debian/changelog	2012-06-15 23:41:26.000000000 +0200
+++ bacula-5.0.2+dfsg/debian/changelog	2012-06-15 23:41:27.000000000 +0200
@@ -1,3 +1,19 @@
+bacula (5.0.2+dfsg-0+squeeze1) squeeze-proposed-updates; urgency=high
+
+  [ Alexander Golovko ]
+  * debian/patches/switch-nonfree-sha1-to-openssl.patch
+    (Closes: #658326):
+    + switch from upstream nonfree SHA1 implementation to openssl
+
+  [ Luca Capello ]
+  * Urgency set to high because of a serious bug.
+  * debian/README.Debian:
+    + explain why upstream sources are not DFSG-free.
+  * debian/rules:
+    + apply/unapply Alexander's patch.
+
+ -- Luca Capello <luca@pca.it>  Fri, 15 Jun 2012 22:58:30 +0200
+
 bacula (5.0.2-2.2) unstable; urgency=low
 
   * Non-maintainer upload.
diff -Nru bacula-5.0.2/debian/patches/switch-nonfree-sha1-to-openssl.patch bacula-5.0.2+dfsg/debian/patches/switch-nonfree-sha1-to-openssl.patch
--- bacula-5.0.2/debian/patches/switch-nonfree-sha1-to-openssl.patch	1970-01-01 01:00:00.000000000 +0100
+++ bacula-5.0.2+dfsg/debian/patches/switch-nonfree-sha1-to-openssl.patch	2012-06-15 23:41:27.000000000 +0200
@@ -0,0 +1,64 @@
+Description: Switch from non-free SHA1 implementation to openssl
+Bug-Debian: 658326
+Bug: http://bugs.bacula.org/view.php?id=1869
+Origin: Debian, commit:6c562cfdaffd730c796518233f0d97da08a3891b
+Author: Alexander Golovko <alexandro@ankalagon.ru>
+Reviewed-by: Luca Capello <luca@pca.it>
+Last-Update: 2012-06-15
+
+diff -Nur a/src/lib/lib.h bacula-5.0.2/src/lib/lib.h
+--- a/src/lib/lib.h	2010-04-27 21:58:29.000000000 +0200
++++ b/src/lib/lib.h	2012-06-15 19:55:53.240076133 +0200
+@@ -60,7 +60,7 @@
+ #include "fnmatch.h"
+ #endif
+ #include "md5.h"
+-#include "sha1.h"
++#include "openssl/sha.h"
+ #include "tree.h"
+ #include "watchdog.h"
+ #include "btimers.h"
+diff -Nur a/src/lib/Makefile.in bacula-5.0.2/src/lib/Makefile.in
+--- a/src/lib/Makefile.in	2010-04-27 21:58:29.000000000 +0200
++++ b/src/lib/Makefile.in	2012-06-15 21:11:56.429692604 +0200
+@@ -46,7 +46,7 @@
+		fnmatch.h guid_to_name.h htable.h lex.h \
+		lib.h md5.h mem_pool.h message.h openssl.h \
+		plugins.h protos.h queue.h rblist.h \
+-		runscript.h rwlock.h serial.h sha1.h \
++		runscript.h rwlock.h serial.h \
+		smartall.h status.h tls.h tree.h var.h \
+		waitq.h watchdog.h workq.h \
+		parse_conf.h \
+@@ -62,7 +62,7 @@
+	      guid_to_name.c hmac.c jcr.c lex.c alist.c dlist.c \
+	      md5.c message.c mem_pool.c openssl.c \
+	      plugins.c priv.c queue.c bregex.c \
+-	      rwlock.c scan.c serial.c sha1.c \
++	      rwlock.c scan.c serial.c \
+	      signal.c smartall.c rblist.c tls.c tree.c \
+	      util.c var.c watchdog.c workq.c btimers.c \
+	      address_conf.c breg.c htable.c lockmgr.c
+@@ -171,13 +171,6 @@
+ 	rm -f md5.o
+ 	$(CXX) $(DEFS) $(DEBUG) -c $(CPPFLAGS) -I$(srcdir) -I$(basedir) $(DINCLUDE) $(CFLAGS) md5.c
+ 
+-sha1sum: Makefile sha1.o
+-	rm -f sha1.o
+-	$(CXX) -DSHA1_SUM $(DEFS) $(DEBUG) -c $(CPPFLAGS) -I$(srcdir) -I$(basedir) $(DINCLUDE)	$(CFLAGS) sha1.c
+-	$(LIBTOOL_LINK) $(CXX) $(LDFLAGS) -L. -o $@ sha1.o $(DLIB) -lbac -lm $(LIBS) $(OPENSSL_LIBS)
+-	rm -f sha1.o
+-	$(CXX) $(DEFS) $(DEBUG) -c $(CPPFLAGS) -I$(srcdir) -I$(basedir) $(DINCLUDE) $(CFLAGS) sha1.c
+-
+ bsnprintf: Makefile bsnprintf.o
+ 	rm -f bsnprintf.o
+ 	$(CXX) -DTEST_PROGRAM $(DEFS) $(DEBUG) -c $(CPPFLAGS) -I$(srcdir) -I$(basedir) $(DINCLUDE)  $(CFLAGS) bsnprintf.c
+@@ -218,7 +211,7 @@
+ 
+ clean:	libtool-clean
+ 	@$(RMF) core a.out *.o *.bak *.tex *.pdf *~ *.intpro *.extpro 1 2 3
+-	@$(RMF) rwlock_test md5sum sha1sum
++	@$(RMF) rwlock_test md5sum
+ 
+ realclean: clean
+ 	@$(RMF) tags
diff -Nru bacula-5.0.2/debian/README.Debian bacula-5.0.2+dfsg/debian/README.Debian
--- bacula-5.0.2/debian/README.Debian	2012-06-15 23:41:26.000000000 +0200
+++ bacula-5.0.2+dfsg/debian/README.Debian	2012-06-15 23:41:27.000000000 +0200
@@ -6,6 +6,25 @@
 for Bacula.  You can find Bacula READMEs and other documentation files
 there.
 
+DFSG-FREE PACKAGE
+-----------------
+
+The SHA-1 implementation in upstream sources (src/lib/sha1.{h,c}) is
+directly taken from RFC 3174 "US Secure Hash Algorithm 1 (SHA1)".
+Given that the Debian considers RFCs non-free according to the Debian
+Free Software Guidelines 3 and 6, the offending files were removed
+from the upstream sources.
+
+Please note that thanks to a patch by Alexander Golovko there was no
+loss of functionality: luckily, the SHA-1 implementation provided by
+the OpenSSL library is compatible with the own in Bacula.  The fact
+that Bacula is already linked with OpenSSL also means that nothing
+changed for the Debian package.
+
+Please see the following bug report for a complete explanation:
+
+  <http://bugs.debian.org/658326>
+
 BASIC INFORMATION
 -----------------
 
@@ -145,4 +164,4 @@
 
 based on a file by Jose Luis Tallon
 
- -- John Goerzen <jgoerzen@complete.org>, Mon,  1 Mar 2010 16:03:29 -0600
+ -- Luca Capello <luca@pca.it>, Fri, 15 Jun 2012 19:48:59 +0200
diff -Nru bacula-5.0.2/debian/rules bacula-5.0.2+dfsg/debian/rules
--- bacula-5.0.2/debian/rules	2012-06-15 23:41:26.000000000 +0200
+++ bacula-5.0.2+dfsg/debian/rules	2012-06-15 23:41:27.000000000 +0200
@@ -144,6 +144,10 @@
 
 	$(RM) *stamp*
 
+	# ugly trick to manually unapply the patch, no quilt here
+	mv -f src/lib/lib.h.orig src/lib/lib.h || true
+	mv -f src/lib/Makefile.in.orig src/lib/Makefile.in || true
+
 	dh_clean
 
 	$(RM) -r debian/tmp* debian/bacula-doc \
@@ -279,6 +283,9 @@
 		debian/patches/extract_here
 	chmod 755 debian/additions/bconsole
 
+	# manually apply the patch, no quilt here
+	patch -b -p1 <debian/patches/switch-nonfree-sha1-to-openssl.patch
+
 	touch patch-stamp
 
 # Build architecture-independent files here.
diff -Nru bacula-5.0.2/src/lib/sha1.c bacula-5.0.2+dfsg/src/lib/sha1.c
--- bacula-5.0.2/src/lib/sha1.c	2010-04-27 21:58:29.000000000 +0200
+++ bacula-5.0.2+dfsg/src/lib/sha1.c	1970-01-01 01:00:00.000000000 +0100
@@ -1,510 +0,0 @@
-/*
- *  sha1.c
- *
- *  Description:
- *      This file implements the Secure Hashing Algorithm 1 as
- *      defined in FIPS PUB 180-1 published April 17, 1995.
- *
- *      The SHA-1, produces a 160-bit message digest for a given
- *      data stream.  It should take about 2**n steps to find a
- *      message with the same digest as a given message and
- *      2**(n/2) to find any two messages with the same digest,
- *      when n is the digest size in bits.  Therefore, this
- *      algorithm can serve as a means of providing a
- *      "fingerprint" for a message.
- *
- *  Portability Issues:
- *      SHA-1 is defined in terms of 32-bit "words".  This code
- *      uses <stdint.h> (included via "sha1.h" to define 32 and 8
- *      bit unsigned integer types.  If your C compiler does not
- *      support 32 bit unsigned integers, this code is not
- *      appropriate.
- *
- *  Caveats:
- *      SHA-1 is designed to work with messages less than 2^64 bits
- *      long.  Although SHA-1 allows a message digest to be generated
- *      for messages of any number of bits less than 2^64, this
- *      implementation only works with messages with a length that is
- *      a multiple of the size of an 8-bit character.
- *
- *  See sha1.h for copyright
- */
-
-#include "sha1.h"
-
-/*
- *  Define the SHA1 circular left shift macro
- */
-#define SHA1CircularShift(bits,word) \
-                (((word) << (bits)) | ((word) >> (32-(bits))))
-
-/* Local Function Prototyptes */
-static void SHA1PadMessage(SHA1Context *);
-static void SHA1ProcessMessageBlock(SHA1Context *);
-
-/*
- *  SHA1Init
- *
- *  Description:
- *      This function will initialize the SHA1Context in preparation
- *      for computing a new SHA1 message digest.
- *
- *  Parameters:
- *      context: [in/out]
- *          The context to reset.
- *
- *  Returns:
- *      sha Error Code.
- *
- */
-int SHA1Init(SHA1Context *context)
-{
-    if (!context)
-    {
-        return shaNull;
-    }
-
-    context->Length_Low             = 0;
-    context->Length_High            = 0;
-    context->Message_Block_Index    = 0;
-
-    context->Intermediate_Hash[0]   = 0x67452301;
-    context->Intermediate_Hash[1]   = 0xEFCDAB89;
-    context->Intermediate_Hash[2]   = 0x98BADCFE;
-    context->Intermediate_Hash[3]   = 0x10325476;
-    context->Intermediate_Hash[4]   = 0xC3D2E1F0;
-
-    context->Computed   = 0;
-    context->Corrupted  = 0;
-
-    return shaSuccess;
-}
-
-/*
- *  SHA1Final
- *
- *  Description:
- *      This function will return the 160-bit message digest into the
- *      Message_Digest array  provided by the caller.
- *      NOTE: The first octet of hash is stored in the 0th element,
- *            the last octet of hash in the 19th element.
- *
- *  Parameters:
- *      context: [in/out]
- *          The context to use to calculate the SHA-1 hash.
- *      Message_Digest: [out]
- *          Where the digest is returned.
- *
- *  Returns:
- *      sha Error Code.
- *
- */
-int SHA1Final(SHA1Context *context,
-              uint8_t Message_Digest[SHA1HashSize])
-{
-    int i;
-
-    if (!context || !Message_Digest) {
-        return shaNull;
-    }
-
-    if (context->Corrupted) {
-        return context->Corrupted;
-    }
-
-    if (!context->Computed) {
-        SHA1PadMessage(context);
-        for(i=0; i<64; ++i) {
-            /* message may be sensitive, clear it out */
-            context->Message_Block[i] = 0;
-        }
-        context->Length_Low = 0;    /* and clear length */
-        context->Length_High = 0;
-        context->Computed = 1;
-
-    }
-
-    for(i = 0; i < SHA1HashSize; ++i) {
-        Message_Digest[i] = context->Intermediate_Hash[i>>2]
-                            >> 8 * ( 3 - ( i & 0x03 ) );
-    }
-
-    return shaSuccess;
-}
-
-/*
- *  SHA1Update
- *
- *  Description:
- *      This function accepts an array of octets as the next portion
- *      of the message.
- *
- *  Parameters:
- *      context: [in/out]
- *          The SHA context to update
- *      message_array: [in]
- *          An array of characters representing the next portion of
- *          the message.
- *      length: [in]
- *          The length of the message in message_array
- *
- *  Returns:
- *      sha Error Code.
- *
- */
-int SHA1Update(SHA1Context    *context,
-               const uint8_t  *message_array,
-               unsigned       length)
-{
-    if (!length) {
-        return shaSuccess;
-    }
-
-    if (!context || !message_array) {
-        return shaNull;
-    }
-
-    if (context->Computed) {
-        context->Corrupted = shaStateError;
-
-        return shaStateError;
-    }
-
-    if (context->Corrupted) {
-         return context->Corrupted;
-    }
-    while(length-- && !context->Corrupted) {
-       context->Message_Block[context->Message_Block_Index++] =
-                    (*message_array & 0xFF);
-
-       context->Length_Low += 8;
-       if (context->Length_Low == 0) {
-           context->Length_High++;
-           if (context->Length_High == 0) {
-               /* Message is too long */
-               context->Corrupted = 1;
-           }
-       }
-
-       if (context->Message_Block_Index == 64) {
-           SHA1ProcessMessageBlock(context);
-       }
-
-       message_array++;
-    }
-
-    return shaSuccess;
-}
-
-/*
- *  SHA1ProcessMessageBlock
- *
- *  Description:
- *      This function will process the next 512 bits of the message
- *      stored in the Message_Block array.
- *
- *  Parameters:
- *      None.
- *
- *  Returns:
- *      Nothing.
- *
- *  Comments:
-
- *      Many of the variable names in this code, especially the
- *      single character names, were used because those were the
- *      names used in the publication.
- *
- *
- */
-static void SHA1ProcessMessageBlock(SHA1Context *context)
-{
-    const uint32_t K[] =    {       /* Constants defined in SHA-1   */
-                            0x5A827999,
-                            0x6ED9EBA1,
-                            0x8F1BBCDC,
-                            0xCA62C1D6
-                            };
-    int           t;                 /* Loop counter                */
-    uint32_t      temp;              /* Temporary word value        */
-    uint32_t      W[80];             /* Word sequence               */
-    uint32_t      A, B, C, D, E;     /* Word buffers                */
-
-    /*
-     *  Initialize the first 16 words in the array W
-     */
-    for(t = 0; t < 16; t++) {
-        W[t] = context->Message_Block[t * 4] << 24;
-        W[t] |= context->Message_Block[t * 4 + 1] << 16;
-        W[t] |= context->Message_Block[t * 4 + 2] << 8;
-        W[t] |= context->Message_Block[t * 4 + 3];
-    }
-
-    for(t = 16; t < 80; t++) {
-       W[t] = SHA1CircularShift(1,W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16]);
-    }
-
-    A = context->Intermediate_Hash[0];
-    B = context->Intermediate_Hash[1];
-    C = context->Intermediate_Hash[2];
-    D = context->Intermediate_Hash[3];
-    E = context->Intermediate_Hash[4];
-
-    for(t = 0; t < 20; t++) {
-        temp =  SHA1CircularShift(5,A) +
-                ((B & C) | ((~B) & D)) + E + W[t] + K[0];
-        E = D;
-        D = C;
-        C = SHA1CircularShift(30,B);
-
-        B = A;
-        A = temp;
-    }
-
-    for(t = 20; t < 40; t++) {
-        temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[1];
-        E = D;
-        D = C;
-        C = SHA1CircularShift(30,B);
-        B = A;
-        A = temp;
-    }
-
-    for(t = 40; t < 60; t++) {
-        temp = SHA1CircularShift(5,A) +
-               ((B & C) | (B & D) | (C & D)) + E + W[t] + K[2];
-        E = D;
-        D = C;
-        C = SHA1CircularShift(30,B);
-        B = A;
-        A = temp;
-    }
-
-    for(t = 60; t < 80; t++) {
-        temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[3];
-        E = D;
-        D = C;
-        C = SHA1CircularShift(30,B);
-        B = A;
-        A = temp;
-    }
-
-    context->Intermediate_Hash[0] += A;
-    context->Intermediate_Hash[1] += B;
-    context->Intermediate_Hash[2] += C;
-    context->Intermediate_Hash[3] += D;
-    context->Intermediate_Hash[4] += E;
-
-    context->Message_Block_Index = 0;
-}
-
-/*
- *  SHA1PadMessage
- *
-
- *  Description:
- *      According to the standard, the message must be padded to an even
- *      512 bits.  The first padding bit must be a '1'.  The last 64
- *      bits represent the length of the original message.  All bits in
- *      between should be 0.  This function will pad the message
- *      according to those rules by filling the Message_Block array
- *      accordingly.  It will also call the ProcessMessageBlock function
- *      provided appropriately.  When it returns, it can be assumed that
- *      the message digest has been computed.
- *
- *  Parameters:
- *      context: [in/out]
- *          The context to pad
- *      ProcessMessageBlock: [in]
- *          The appropriate SHA*ProcessMessageBlock function
- *  Returns:
- *      Nothing.
- *
- */
-
-static void SHA1PadMessage(SHA1Context *context)
-{
-    /*
-     *  Check to see if the current message block is too small to hold
-     *  the initial padding bits and length.  If so, we will pad the
-     *  block, process it, and then continue padding into a second
-     *  block.
-     */
-    if (context->Message_Block_Index > 55) {
-        context->Message_Block[context->Message_Block_Index++] = 0x80;
-        while(context->Message_Block_Index < 64) {
-            context->Message_Block[context->Message_Block_Index++] = 0;
-        }
-
-        SHA1ProcessMessageBlock(context);
-
-        while(context->Message_Block_Index < 56) {
-            context->Message_Block[context->Message_Block_Index++] = 0;
-        }
-    } else {
-        context->Message_Block[context->Message_Block_Index++] = 0x80;
-        while(context->Message_Block_Index < 56) {
-
-            context->Message_Block[context->Message_Block_Index++] = 0;
-        }
-    }
-
-    /*
-     *  Store the message length as the last 8 octets
-     */
-    context->Message_Block[56] = context->Length_High >> 24;
-    context->Message_Block[57] = context->Length_High >> 16;
-    context->Message_Block[58] = context->Length_High >> 8;
-    context->Message_Block[59] = context->Length_High;
-    context->Message_Block[60] = context->Length_Low >> 24;
-    context->Message_Block[61] = context->Length_Low >> 16;
-    context->Message_Block[62] = context->Length_Low >> 8;
-    context->Message_Block[63] = context->Length_Low;
-
-    SHA1ProcessMessageBlock(context);
-}
-
-#ifdef TEST_DRIVER
-
-/*
- *  sha1test.c
- *
- *  Description:
- *      This file will exercise the SHA-1 code performing the three
- *      tests documented in FIPS PUB 180-1 plus one which calls
- *      SHA1Input with an exact multiple of 512 bits, plus a few
- *      error test checks.
- *
- *  Portability Issues:
- *      None.
- *
- */
-
-#include <stdint.h>
-#include <stdio.h>
-#include <string.h>
-#include "sha1.h"
-
-/*
- *  Define patterns for testing
- */
-#define TEST1   "abc"
-#define TEST2a  "abcdbcdecdefdefgefghfghighijhi"
-
-#define TEST2b  "jkijkljklmklmnlmnomnopnopq"
-#define TEST2   TEST2a TEST2b
-#define TEST3   "a"
-#define TEST4a  "01234567012345670123456701234567"
-#define TEST4b  "01234567012345670123456701234567"
-    /* an exact multiple of 512 bits */
-#define TEST4   TEST4a TEST4b
-char *testarray[4] =
-{
-    TEST1,
-    TEST2,
-    TEST3,
-    TEST4
-};
-long int repeatcount[4] = { 1, 1, 1000000, 10 };
-char *resultarray[4] =
-{
-    "A9 99 3E 36 47 06 81 6A BA 3E 25 71 78 50 C2 6C 9C D0 D8 9D",
-    "84 98 3E 44 1C 3B D2 6E BA AE 4A A1 F9 51 29 E5 E5 46 70 F1",
-    "34 AA 97 3C D4 C4 DA A4 F6 1E EB 2B DB AD 27 31 65 34 01 6F",
-    "DE A3 56 A2 CD DD 90 C7 A7 EC ED C5 EB B5 63 93 4F 46 04 52"
-};
-
-int main()
-{
-    SHA1Context sha;
-    int i, j, err;
-    uint8_t Message_Digest[20];
-
-    /*
-     *  Perform SHA-1 tests
-     */
-    for(j = 0; j < 4; ++j) {
-        printf( "\nTest %d: %d, '%s'\n",
-                j+1,
-                repeatcount[j],
-                testarray[j]);
-
-        err = SHA1Init(&sha);
-        if (err) {
-            fprintf(stderr, "SHA1Reset Error %d.\n", err );
-            break;    /* out of for j loop */
-        }
-
-        for(i = 0; i < repeatcount[j]; ++i) {
-
-            err = SHA1Input(&sha,
-                  (const unsigned char *) testarray[j],
-                  strlen(testarray[j]));
-            if (err) {
-                fprintf(stderr, "SHA1Input Error %d.\n", err );
-                break;    /* out of for i loop */
-            }
-        }
-
-        err = SHA1Final(&sha, Message_Digest);
-        if (err) {
-            fprintf(stderr,
-            "SHA1Result Error %d, could not compute message digest.\n",
-            err );
-        }
-        else
-        {
-            printf("\t");
-            for(i = 0; i < 20 ; ++i) {
-                printf("%02X ", Message_Digest[i]);
-            }
-            printf("\n");
-        }
-        printf("Should match:\n");
-        printf("\t%s\n", resultarray[j]);
-    }
-
-    /* Test some error returns */
-    err = SHA1Input(&sha,(const unsigned char *) testarray[1], 1);
-    printf ("\nError %d. Should be %d.\n", err, shaStateError );
-    err = SHA1Init(0);
-    printf ("\nError %d. Should be %d.\n", err, shaNull );
-    return 0;
-}
-
-#endif /* TEST_DRIVER */
-
-#ifdef SHA1_SUM
-/*
- * Reads a single ASCII file and prints the HEX sha1 sum.
- */
-#include <stdio.h>
-int main(int argc, char *argv[])
-{
-   FILE *fd;
-   SHA1Context ctx;
-   char buf[5000];
-   char signature[25];
-
-   if (argc < 1) {
-      printf("Must have filename\n");
-      exit(1);
-   }
-   fd = fopen(argv[1], "rb");
-   if (!fd) {
-      berrno be;
-      printf("Could not open %s: ERR=%s\n", argv[1], be.bstrerror(errno));
-      exit(1);
-   }
-   SHA1Init(&ctx);
-   while (fgets(buf, sizeof(buf), fd)) {
-      SHA1Update(&ctx, (unsigned char *)buf, strlen(buf));
-   }
-   SHA1Final(&ctx, (unsigned char *)signature);
-   for (int i=0; i < 20; i++) {
-      printf("%02x", signature[i]& 0xFF);
-   }
-   printf("  %s\n", argv[1]);
-   fclose(fd);
-}
-#endif
diff -Nru bacula-5.0.2/src/lib/sha1.h bacula-5.0.2+dfsg/src/lib/sha1.h
--- bacula-5.0.2/src/lib/sha1.h	2010-04-27 21:58:29.000000000 +0200
+++ bacula-5.0.2+dfsg/src/lib/sha1.h	1970-01-01 01:00:00.000000000 +0100
@@ -1,107 +0,0 @@
-/*
- *  sha1.h
- *
- *  Description:
- *      This is the header file for code which implements the Secure
- *      Hashing Algorithm 1 as defined in FIPS PUB 180-1 published
- *      April 17, 1995.
- *
- *      Many of the variable names in this code, especially the
- *      single character names, were used because those were the names
- *      used in the publication.
- *
- *      Please read the file sha1.c for more information.
- *
- * Full Copyright Statement
- *
- *    Copyright (C) The Internet Society (2001).  All Rights Reserved.
- *
- *    This document and translations of it may be copied and furnished to
- *    others, and derivative works that comment on or otherwise explain it
- *    or assist in its implementation may be prepared, copied, published
- *    and distributed, in whole or in part, without restriction of any
- *    kind, provided that the above copyright notice and this paragraph are
- *    included on all such copies and derivative works.  However, this
- *    document itself may not be modified in any way, such as by removing
- *    the copyright notice or references to the Internet Society or other
- *    Internet organizations, except as needed for the purpose of
- *    developing Internet standards in which case the procedures for
- *    copyrights defined in the Internet Standards process must be
- *    followed, or as required to translate it into languages other than
- *    English.
- *
- *    The limited permissions granted above are perpetual and will not be
- *    revoked by the Internet Society or its successors or assigns.
- *
- *    This document and the information contained herein is provided on an
- *    "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
- *    TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
- *    BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
- *    HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
- *    MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
- *
- * Acknowledgement
- *
- *    Funding for the RFC Editor function is currently provided by the
- *    Internet Society.
- *
- */
-
-#ifndef _SHA1_H_
-#define _SHA1_H_
-
-#include "bacula.h"
-
-/*
- * If you do not have the ISO standard stdint.h header file, then you
- * must typdef the following:
- *    name              meaning
- *  uint32_t         unsigned 32 bit integer
- *  uint8_t          unsigned 8 bit integer (i.e., unsigned char)
- *  int32_t          integer of 32 bits
- *
- */
-
-#ifndef _SHA_enum_
-#define _SHA_enum_
-enum
-{
-    shaSuccess = 0,
-    shaNull,            /* Null pointer parameter */
-    shaInputTooLong,    /* input data too long */
-    shaStateError       /* called Input after Result */
-};
-#endif
-#define SHA1HashSize 20
-
-/*
- *  This structure will hold context information for the SHA-1
- *  hashing operation
- */
-typedef struct SHA1Context
-{
-    uint32_t Intermediate_Hash[SHA1HashSize/4]; /* Message Digest  */
-
-    uint32_t Length_Low;            /* Message length in bits      */
-    uint32_t Length_High;           /* Message length in bits      */
-
-			       /* Index into message block array   */
-    int32_t Message_Block_Index;
-    uint8_t Message_Block[64];      /* 512-bit message blocks      */
-
-    int Computed;               /* Is the digest computed?         */
-    int Corrupted;             /* Is the message digest corrupted? */
-} SHA1Context;
-
-/*
- *  Function Prototypes
- */
-
-int SHA1Init(SHA1Context *);
-int SHA1Update(SHA1Context *,
-	       const uint8_t *,
-	       unsigned int);
-int SHA1Final(SHA1Context *,
-	       uint8_t Message_Digest[SHA1HashSize]);
-
-#endif

Attachment: pgply0F7EBjDE.pgp
Description: PGP signature

--- End Message ---

--- Begin Message ---

• To: Alexander Golovko <alexandro@ankalagon.ru>, 678818-done@bugs.debian.org
• Cc: Luca Capello <luca@pca.it>
• Subject: Re: Bug#678818: release.debian.org: pu: package bacula/5.0.2+dfsg-0+squeeze1
• From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
• Date: Tue, 08 Jul 2014 20:00:27 +0100
• Message-id: <1404846027.2657.9.camel@jacala.jungle.funky-badger.org>
• In-reply-to: <20121006023226.228b241f@klint>
• References: <20121006023226.228b241f@klint>

On Sat, 2012-10-06 at 02:32 +0400, Alexander Golovko wrote:
> Hi!
> 
> Due to prepared upload to security-master with security fix, please do
> not upload this package.
> We will prepare updated package, which will also include already
> uploaded changes.

There hasn't been any activity on this bug since the above message
nearly two years ago, and we're freezing the final point release for
squeeze in the next few days; on that basis, I'm afraid I'm going to
close this request now.

Regards,

Adam

--- End Message ---