Bug#987157: marked as done (unblock: winetricks/0.0+20210206-2)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Mon, 19 Apr 2021 14:56:15 +0200
with message-id <CAM8zJQvrHAUFFS3jLt54CcR-7onjiuS5StNdDRRUP5ROSobFrA@mail.gmail.com>
and subject line Re: Bug#987157: unblock: winetricks/0.0+20210206-2
has caused the Debian Bug report #987157,
regarding unblock: winetricks/0.0+20210206-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
987157: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987157
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: unblock: winetricks/0.0+20210206-2
• From: Jens Reyer <jre.winesim@gmail.com>
• Date: Sun, 18 Apr 2021 17:42:22 +0200
• Message-id: <[🔎] d23be625-3518-9210-ee9f-721390ccf745@gmail.com>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock



Please unblock package winetricks


[ Reason ]
One of the main purposes of Winetricks is to download Windows software
and install them in the users Wine prefix (basically a Windows
installation in the user's home directory).  Downloaded files are
verified against a hardcoded sha256sum.  Since some software still
receive frequent updates some of these hashsums get outdated quite fast.

#986376 is about updating the hashsum of vcrun2019, which is required by
quite many Windows applications to run.

I updated the hashsum to fix this for now.

I also followed upstream suggestion to cherrypick a change which extends
the existing option "--force" to ignore hashsums, in order to give an
easy general longterm workaround for this issue.


[ Impact if the unblock isn't granted ]
Adjusting only the hashsums via stable-updates is not an option due too
the number of changes and the delay until a user may use Winetricks as
expected again.

Without the "--force"-workaround the usability of our winetricks package
will degrade during Bullseye's lifetime.  (Which will still happen to
some lesser degree with this fix because download URLs will change.)


[ Tests ]
Upstream runs an automatic test suite which downloads and installs each
known software.

I manually tested
- 0.0+20210206-1 does not install vcrun2019
- 0.0+20210206-2 installs vcrun2019
- 0.0+20210206-2 with force accepts invalid hashsums.


[ Risks ]
The hashsum update is trivial.

The extension of the "--force" option is
- quite simple (in posix shell)
- in a specific function (no unexpected things expected)
- authored by upstream
- trivially cherrypicked.

Winetricks is a leaf package in contrib.

The best alternative for users is to install Winetricks (one shell
script) from upstream and use their autoupdate instead.
For this they may opt-in directly from the debian package
(sudo winetricks --self-update).


[ Checklist ]
  [X] all changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing


[ Other info ]
Thanks for your work!

Greets
jre


unblock winetricks/0.0+20210206-2

diff -Nru winetricks-0.0+20210206/debian/changelog winetricks-0.0+20210206/debian/changelog
--- winetricks-0.0+20210206/debian/changelog	2021-02-07 01:18:11.000000000 +0100
+++ winetricks-0.0+20210206/debian/changelog	2021-04-13 22:05:56.000000000 +0200
@@ -1,3 +1,10 @@
+winetricks (0.0+20210206-2) unstable; urgency=medium
+
+  * Add patch to update vcrun2019 hashes. (Closes: #986376)
+  * Add upstream patch allowing using --force to ignore the sha256sum check.
+
+ -- Jens Reyer <jre.winesim@gmail.com>  Tue, 13 Apr 2021 22:05:56 +0200
+
 winetricks (0.0+20210206-1) unstable; urgency=medium
 
   * New upstream release 20210206. (Closes: #961205, #981660)
diff -Nru winetricks-0.0+20210206/debian/patches/allow-using-force-to-ignore-the-sha256sum-check.patch winetricks-0.0+20210206/debian/patches/allow-using-force-to-ignore-the-sha256sum-check.patch
--- winetricks-0.0+20210206/debian/patches/allow-using-force-to-ignore-the-sha256sum-check.patch	1970-01-01 01:00:00.000000000 +0100
+++ winetricks-0.0+20210206/debian/patches/allow-using-force-to-ignore-the-sha256sum-check.patch	2021-04-13 22:03:58.000000000 +0200
@@ -0,0 +1,27 @@
+From: Austin English <austinenglish@gmail.com>
+Subject: w_verify_sha256sum: allow using --force to ignore the check 
+Origin: upstream, https://github.com/Winetricks/winetricks/commit/fb824722d731cd8dfad6610d6449746e763d81ad
+Bug-Debian: https://bugs.debian.org/986376
+
+
+--- a/src/winetricks
++++ b/src/winetricks
+@@ -1352,13 +1352,17 @@ w_download_to()
+                         ;;
+                 esac
+ 
+-                if test ! "${WINETRICKS_CONTINUE_DOWNLOAD}" ; then
++                if test "${WINETRICKS_FORCE}" != 1; then
+                     case ${LANG} in
+                         pl*) w_warn "Niezgodność sum kontrolnych dla ${_W_cache}/${_W_file}, pobieram ponownie" ;;
+                         ru*) w_warn "Контрольная сумма файла ${_W_cache}/${_W_file} не совпадает, попытка повторной загрузки" ;;
+                         *) w_warn "Checksum for ${_W_cache}/${_W_file} did not match, retrying download" ;;
+                     esac
+                     mv -f "${_W_cache}/${_W_file}" "${_W_cache}/${_W_file}".bak
++                else
++                    w_warn "Checksum for ${_W_cache}/${_W_file} did not match, but --force was used, so ignoring and trying anyway."
++                    checksum_ok=1
++                    break
+                 fi
+             else
+                 # file exists, no checksum known, declare success and exit loop
diff -Nru winetricks-0.0+20210206/debian/patches/series winetricks-0.0+20210206/debian/patches/series
--- winetricks-0.0+20210206/debian/patches/series	2021-02-07 00:33:32.000000000 +0100
+++ winetricks-0.0+20210206/debian/patches/series	2021-04-13 22:03:20.000000000 +0200
@@ -1 +1,3 @@
 disable-automatic-selfupdate.patch
+vcrun2019-update-hashes.patch
+allow-using-force-to-ignore-the-sha256sum-check.patch
diff -Nru winetricks-0.0+20210206/debian/patches/vcrun2019-update-hashes.patch winetricks-0.0+20210206/debian/patches/vcrun2019-update-hashes.patch
--- winetricks-0.0+20210206/debian/patches/vcrun2019-update-hashes.patch	1970-01-01 01:00:00.000000000 +0100
+++ winetricks-0.0+20210206/debian/patches/vcrun2019-update-hashes.patch	2021-04-13 21:45:24.000000000 +0200
@@ -0,0 +1,33 @@
+From: Jens Reyer <jre.winesim@gmail.com>
+Subject: vcrun2019: update hashes
+Origin: https://github.com/Winetricks/winetricks/commit/c472c9a365b3da0a7cc3decd399060eab8f21f96
+Bug: https://github.com/Winetricks/winetricks/pull/1744
+Bug-Debian: https://bugs.debian.org/986376
+
+
+--- a/src/winetricks
++++ b/src/winetricks
+@@ -12870,7 +12870,8 @@ load_vcrun2019()
+     # 2020/08/05: b4d433e2f66b30b478c0d080ccd5217ca2a963c16e90caf10b1e0592b7d8d519
+     # 2020/10/03: caa38fd474164a38ab47ac1755c8ccca5ccfacfa9a874f62609e6439924e87ec
+     # 2020/11/13: 50a3e92ade4c2d8f310a2812d46322459104039b9deadbd7fdd483b5c697c0c8
+-    w_download https://aka.ms/vs/16/release/vc_redist.x86.exe 50a3e92ade4c2d8f310a2812d46322459104039b9deadbd7fdd483b5c697c0c8
++    # 2021/04/13: 14563755ac24a874241935ef2c22c5fce973acb001f99e524145113b2dc638c1
++    w_download https://aka.ms/vs/16/release/vc_redist.x86.exe 14563755ac24a874241935ef2c22c5fce973acb001f99e524145113b2dc638c1
+ 
+     w_override_dlls native,builtin api-ms-win-crt-private-l1-1-0 api-ms-win-crt-conio-l1-1-0 api-ms-win-crt-heap-l1-1-0 api-ms-win-crt-locale-l1-1-0 api-ms-win-crt-math-l1-1-0 api-ms-win-crt-runtime-l1-1-0 api-ms-win-crt-stdio-l1-1-0 api-ms-win-crt-time-l1-1-0 atl140 concrt140 msvcp140 msvcp140_1 msvcp140_2 msvcr140 ucrtbase vcomp140 vcruntime140
+ 
+@@ -12893,11 +12894,12 @@ load_vcrun2019()
+             # 2020/08/05: 952a0c6cb4a3dd14c3666ef05bb1982c5ff7f87b7103c2ba896354f00651e358
+             # 2020/10/03: 4b5890eb1aefdf8dfa3234b5032147eb90f050c5758a80901b201ae969780107
+             # 2020/11/13: b1a32c71a6b7d5978904fb223763263ea5a7eb23b2c44a0d60e90d234ad99178
++            # 2021/04/13: 52b196bbe9016488c735e7b41805b651261ffa5d7aa86eb6a1d0095be83687b2
+ 
+             # vcruntime140_1 is only shipped on x64:
+             w_override_dlls native,builtin vcruntime140_1
+ 
+-            w_download https://aka.ms/vs/16/release/vc_redist.x64.exe b1a32c71a6b7d5978904fb223763263ea5a7eb23b2c44a0d60e90d234ad99178
++            w_download https://aka.ms/vs/16/release/vc_redist.x64.exe 52b196bbe9016488c735e7b41805b651261ffa5d7aa86eb6a1d0095be83687b2
+             w_try "${WINE}" vc_redist.x64.exe ${W_OPT_UNATTENDED:+/q}
+             ;;
+     esac

--- End Message ---

--- Begin Message ---

• To: Jens Reyer <jre.winesim@gmail.com>, 987157-done@bugs.debian.org
• Subject: Re: Bug#987157: unblock: winetricks/0.0+20210206-2
• From: Graham Inggs <ginggs@debian.org>
• Date: Mon, 19 Apr 2021 14:56:15 +0200
• Message-id: <CAM8zJQvrHAUFFS3jLt54CcR-7onjiuS5StNdDRRUP5ROSobFrA@mail.gmail.com>
• In-reply-to: <[🔎] d23be625-3518-9210-ee9f-721390ccf745@gmail.com>
• References: <[🔎] d23be625-3518-9210-ee9f-721390ccf745@gmail.com>

Unblocked.

--- End Message ---