Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package libcotp for openSUSE:Factory checked
in at 2023-01-05 15:01:30
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libcotp (Old)
and /work/SRC/openSUSE:Factory/.libcotp.new.1563 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libcotp"
Thu Jan 5 15:01:30 2023 rev:5 rq:1056146 version:1.2.7
Changes:
--------
--- /work/SRC/openSUSE:Factory/libcotp/libcotp.changes 2022-05-19
22:50:26.954421728 +0200
+++ /work/SRC/openSUSE:Factory/.libcotp.new.1563/libcotp.changes
2023-01-05 15:01:46.265339834 +0100
@@ -1,0 +2,6 @@
+Thu Jan 5 08:38:21 UTC 2023 - Paolo Stivanin <i...@paolostivanin.com>
+
+- Update to 1.2.7:
+ * check return value for gcrypt functions
+
+-------------------------------------------------------------------
Old:
----
v1.2.6.tar.gz
v1.2.6.tar.gz.asc
New:
----
v1.2.7.tar.gz
v1.2.7.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libcotp.spec ++++++
--- /var/tmp/diff_new_pack.PbOvLP/_old 2023-01-05 15:01:46.741343234 +0100
+++ /var/tmp/diff_new_pack.PbOvLP/_new 2023-01-05 15:01:46.745343263 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libcotp
#
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -21,14 +21,14 @@
%global debug_package %{nil}
%endif
Name: libcotp
-Version: 1.2.6
+Version: 1.2.7
Release: 0
Summary: C library for generating TOTP and HOTP
License: Apache-2.0
Group: Development/Libraries/C and C++
URL: https://github.com/paolostivanin/%{name}
Source0:
https://github.com/paolostivanin/%{name}/archive/v%{version}.tar.gz
-Source1:
https://github.com/paolostivanin/%{name}/archive/v%{version}.tar.gz.asc
+Source1:
https://github.com/paolostivanin/libcotp/releases/download/v%{version}/v%{version}.tar.gz.asc
BuildRequires: cmake
BuildRequires: gcc
BuildRequires: gcc-c++
++++++ v1.2.6.tar.gz -> v1.2.7.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcotp-1.2.6/CMakeLists.txt
new/libcotp-1.2.7/CMakeLists.txt
--- old/libcotp-1.2.6/CMakeLists.txt 2022-05-18 16:27:42.000000000 +0200
+++ new/libcotp-1.2.7/CMakeLists.txt 2023-01-04 17:02:55.000000000 +0100
@@ -7,7 +7,7 @@
find_package(PkgConfig REQUIRED)
find_package(Gcrypt 1.6.0 REQUIRED)
-pkg_check_modules(BASEENCODE REQUIRED baseencode>=1.0.5)
+pkg_check_modules(BASEENCODE REQUIRED baseencode>=1.0.14)
include_directories(${GCRYPT_INCLUDE_DIR} ${BASEENCODE_INCLUDE_DIRS})
@@ -19,7 +19,7 @@
# set up versioning.
set(BUILD_MAJOR "1")
set(BUILD_MINOR "2")
-set(BUILD_VERSION "6")
+set(BUILD_VERSION "7")
set(BUILD_VERSION ${BUILD_MAJOR}.${BUILD_MINOR}.${BUILD_VERSION})
set(CMAKE_C_STANDARD 11)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcotp-1.2.6/src/otp.c new/libcotp-1.2.7/src/otp.c
--- old/libcotp-1.2.6/src/otp.c 2022-05-18 16:27:42.000000000 +0200
+++ new/libcotp-1.2.7/src/otp.c 2023-01-04 17:02:55.000000000 +0100
@@ -106,7 +106,7 @@
compute_hmac(const char *K, long C, int algo)
{
baseencode_error_t err;
- size_t secret_len = (size_t) ((strlen(K) + 1.6 - 1) / 1.6);
+ size_t secret_len = (size_t)((strlen(K) + 1.6 - 1) / 1.6);
char *normalized_K = normalize_secret (K);
if (normalized_K == NULL) {
@@ -124,13 +124,24 @@
C_reverse_byte_order[i] = ((unsigned char *) &C)[j];
gcry_md_hd_t hd;
- gcry_md_open(&hd, algo, GCRY_MD_FLAG_HMAC);
- gcry_md_setkey(hd, secret, secret_len);
- gcry_md_write(hd, C_reverse_byte_order, sizeof(C_reverse_byte_order));
+ gpg_error_t gpg_err = gcry_md_open (&hd, algo, GCRY_MD_FLAG_HMAC);
+ if (gpg_err) {
+ printf("%s\n", "Error while opening the cipher handle.");
+ return NULL;
+ }
+ gpg_err = gcry_md_setkey (hd, secret, secret_len);
+ if (gpg_err) {
+ printf("%s\n", "Error while setting the cipher key.");
+ gcry_md_close (hd);
+ return NULL;
+ }
+ gcry_md_write (hd, C_reverse_byte_order, sizeof(C_reverse_byte_order));
gcry_md_final (hd);
- unsigned char *hmac = gcry_md_read(hd, algo);
+ unsigned char *hmac = gcry_md_read (hd, algo);
+
+ free (secret);
- free(secret);
+ gcry_md_close (hd);
return hmac;
}
