Package: release.debian.org Severity: normal Tags: bookworm User: release.debian....@packages.debian.org Usertags: pu
Dear stable release managers, Please consider lastpass-cli (1.3.7-1+deb12u1) for bookworm: lastpass-cli (1.3.7-1+deb12u1) bookworm; urgency=medium . * Upload latest upstream version to fix compatability with Lastpass's SSL keys. (Closes: #1055876) Currently, lastpass-cli is completely non-functioning in bookworm, so it should either be updated or removed. The full debdiff is attached. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
diff --git a/debian/changelog b/debian/changelog index 800751f..68e0043 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,42 @@ +lastpass-cli (1.3.7-1+deb12u1) bookworm; urgency=medium + + * Upload latest upstream version to fix compatability with Lastpass's + SSL keys. (Closes: #1055876) + + -- Chris Lamb <la...@debian.org> Mon, 20 Nov 2023 10:14:54 +0000 + +lastpass-cli (1.3.7-1) unstable; urgency=medium + + * New upstream release. (Closes: #1055876) + * Drop 0001-Fix-FTBFS-with-GCC-10.0.patch; applied upstream. + + -- Chris Lamb <la...@debian.org> Mon, 13 Nov 2023 12:40:41 +0000 + +lastpass-cli (1.3.6-1) unstable; urgency=medium + + * New upstream release. + * Refresh patches. + + -- Chris Lamb <la...@debian.org> Sat, 09 Sep 2023 09:52:20 -0700 + +lastpass-cli (1.3.5-2) unstable; urgency=medium + + * Always use the Debian version number. (Closes: #1051218) + + -- Chris Lamb <la...@debian.org> Tue, 05 Sep 2023 10:12:30 -0700 + +lastpass-cli (1.3.5-1) unstable; urgency=medium + + * New upstream release. (Closes: #1050973) + + -- Chris Lamb <la...@debian.org> Thu, 31 Aug 2023 16:37:52 -0700 + +lastpass-cli (1.3.4-2) unstable; urgency=medium + + * Also clean test/.lpass directory. (Closes: #1048723) + + -- Chris Lamb <la...@debian.org> Tue, 22 Aug 2023 13:44:44 -0700 + lastpass-cli (1.3.4-1) unstable; urgency=medium * New upstream release. diff --git a/.gitignore b/.gitignore index 495a746..9383e25 100644 --- a/.gitignore +++ b/.gitignore @@ -12,3 +12,4 @@ version.h # IDE /.idea +/.vs diff --git a/CHANGELOG.md b/CHANGELOG.md index 21c854d..e953cee 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,13 @@ +# Vesion 1.3.7 +* Add support for reading encrypted URLs (Tibor Komlossy) +* Fix GCC 10 compatibility issue #532 (Tibor Komlossy) + +# Version 1.3.6 +* Fix version (Béla Ormos) + +# Version 1.3.5 +* Updating certificate hashes (Béla Ormos) + # Version 1.3.4 * Updating post parameter (Gergely Der) diff --git a/LASTPASS-VERSION-GEN b/LASTPASS-VERSION-GEN index d9b0f48..8f75701 100755 --- a/LASTPASS-VERSION-GEN +++ b/LASTPASS-VERSION-GEN @@ -4,7 +4,7 @@ # You can find the original at https://github.com/git/git/blob/master/GIT-VERSION-GEN LPVF=version.h -DEF_VER=v1.3.4.GIT +DEF_VER=v1.3.7.GIT LF=' ' diff --git a/blob.c b/blob.c index 69d9f44..f95305f 100644 --- a/blob.c +++ b/blob.c @@ -104,6 +104,7 @@ void account_free_contents(struct account *account) free(account->note); free(account->name_encrypted); free(account->group_encrypted); + free(account->url_encrypted); free(account->username_encrypted); free(account->password_encrypted); free(account->note_encrypted); @@ -320,6 +321,10 @@ static int read_boolean(struct chunk *chunk) return item.data[0] == '1'; } +static bool check_next_entry_encrypted(struct chunk *chunk) { + return (chunk->data + sizeof(uint32_t))[0] == '!'; +} + #define entry_plain_at(base, var) do { \ char *__entry_val__ = read_plain_string(chunk); \ if (!__entry_val__) \ @@ -360,6 +365,9 @@ static struct account *account_parse(struct chunk *chunk, const unsigned char ke entry_plain(id); entry_crypt(name); entry_crypt(group); + if (check_next_entry_encrypted(chunk)) + entry_crypt(url); + else entry_hex(url); entry_crypt(note); entry_boolean(fav); diff --git a/blob.h b/blob.h index d6c480a..ab6c32d 100644 --- a/blob.h +++ b/blob.h @@ -59,7 +59,7 @@ struct account { char *name, *name_encrypted; char *group, *group_encrypted; char *fullname; - char *url; + char *url, *url_encrypted; char *username, *username_encrypted; char *password, *password_encrypted; char *note, *note_encrypted; diff --git a/debian/control b/debian/control index 64bb52d..5440be8 100644 --- a/debian/control +++ b/debian/control @@ -13,7 +13,7 @@ Build-Depends: libxml2-dev, pkg-config, xsltproc, -Standards-Version: 4.6.1 +Standards-Version: 4.6.2 Homepage: https://github.com/lastpass/lastpass-cli Vcs-Git: https://salsa.debian.org/lamby/pkg-lastpass-cli.git Vcs-Browser: https://salsa.debian.org/lamby/pkg-lastpass-cli diff --git a/debian/patches/0001-Fix-FTBFS-with-GCC-10.0.patch b/debian/patches/0001-Fix-FTBFS-with-GCC-10.0.patch deleted file mode 100644 index 4cef68b..0000000 --- a/debian/patches/0001-Fix-FTBFS-with-GCC-10.0.patch +++ /dev/null @@ -1,72 +0,0 @@ -From: Chris Lamb <la...@debian.org> -Date: Wed, 22 Jul 2020 11:07:36 +0100 -Subject: Fix FTBFS with GCC 10.0 - -Forwarded: https://github.com/lastpass/lastpass-cli/pull/535 ---- - globals.c | 40 ++++++++++++++++++++++++++++++++++++++++ - process.h | 4 ++-- - 2 files changed, 42 insertions(+), 2 deletions(-) - create mode 100644 globals.c - -diff --git a/globals.c b/globals.c -new file mode 100644 -index 0000000..59e9c30 ---- /dev/null -+++ b/globals.c -@@ -0,0 +1,40 @@ -+/* -+ * -+ * Copyright (C) 2014-2018 LastPass. -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License along -+ * with this program; if not, write to the Free Software Foundation, Inc., -+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -+ * -+ * In addition, as a special exception, the copyright holders give -+ * permission to link the code of portions of this program with the -+ * OpenSSL library under certain conditions as described in each -+ * individual source file, and distribute linked combinations -+ * including the two. -+ * -+ * You must obey the GNU General Public License in all respects -+ * for all of the code used other than OpenSSL. If you modify -+ * file(s) with this exception, you may extend this exception to your -+ * version of the file(s), but you are not obligated to do so. If you -+ * do not wish to do so, delete this exception statement from your -+ * version. If you delete this exception statement from all source -+ * files in the program, then also delete it here. -+ * -+ * See LICENSE.OpenSSL for more details regarding this exception. -+ */ -+ -+#include "process.h" -+ -+/* Globals */ -+int ARGC; -+char **ARGV; -diff --git a/process.h b/process.h -index 58c2480..4cc2cf4 100644 ---- a/process.h -+++ b/process.h -@@ -4,8 +4,8 @@ - #include <stdbool.h> - #include <sys/types.h> - --int ARGC; --char **ARGV; -+extern int ARGC; -+extern char **ARGV; - - void process_set_name(const char *name); - void process_disable_ptrace(void); diff --git a/debian/patches/0002-Always-use-the-Debian-version-number.patch b/debian/patches/0002-Always-use-the-Debian-version-number.patch new file mode 100644 index 0000000..74bdfd0 --- /dev/null +++ b/debian/patches/0002-Always-use-the-Debian-version-number.patch @@ -0,0 +1,21 @@ +From: Chris Lamb <la...@debian.org> +Date: Tue, 5 Sep 2023 10:05:21 -0700 +Subject: Always use the Debian version number. + +Forwarded: not-needed +--- + LASTPASS-VERSION-GEN | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/LASTPASS-VERSION-GEN b/LASTPASS-VERSION-GEN +index 752d607..fb302e1 100755 +--- a/LASTPASS-VERSION-GEN ++++ b/LASTPASS-VERSION-GEN +@@ -1,4 +1,7 @@ + #!/bin/sh ++echo "#define LASTPASS_CLI_VERSION \"$(dpkg-parsechangelog -SVersion)\"" > version.h ++echo "#define LASTPASS_CLI_USERAGENT \"LastPass-CLI/\" LASTPASS_CLI_VERSION" >> version.h ++exit + + # This file has been adopted from the git project + # You can find the original at https://github.com/git/git/blob/master/GIT-VERSION-GEN diff --git a/debian/patches/series b/debian/patches/series index da4eddc..6915873 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1 @@ -0001-Fix-FTBFS-with-GCC-10.0.patch +0002-Always-use-the-Debian-version-number.patch diff --git a/debian/rules b/debian/rules index 1f5e9c8..1a2274f 100755 --- a/debian/rules +++ b/debian/rules @@ -17,7 +17,7 @@ override_dh_auto_build: override_dh_auto_clean: dh_auto_clean - rm -f version.h + rm -rf version.h test/.lpass override_dh_auto_install: dh_auto_install diff --git a/debian/source/lintian-overrides b/debian/source/lintian-overrides index 4bc3425..8ca50cf 100644 --- a/debian/source/lintian-overrides +++ b/debian/source/lintian-overrides @@ -1,2 +1,2 @@ # Upstream do not provide signed tarballs. -lastpass-cli source: debian-watch-does-not-check-gpg-signature +lastpass-cli source: debian-watch-does-not-check-openpgp-signature diff --git a/pins.h b/pins.h index 7455574..0d5780a 100644 --- a/pins.h +++ b/pins.h @@ -1,23 +1,17 @@ #ifndef PINS_H #define PINS_H const char *PK_PINS[] = { - /* current lastpass.com primary (Thawte) */ - "HXXQgxueCIU5TTLHob/bPbwcKOKw6DkfsTWYHbxbqTY=", - /* current lastpass.eu primary (AddTrust) */ - "lCppFqbkrlJ3EcVFAkeip0+44VaoJUymbnOaEUk7tEU=", /* future lastpass root CA (GlobalSign R1) */ "K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q=", /* future lastpass root CA (GlobalSign R2) */ "iie1VXtL7HzAMF+/PVPR9xzT80kQxdZeJ+zduCB3uj0=", /* future lastpass root CA (GlobalSign R3) */ "cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A=", - /* future lastpass.com primary (leaf) */ - "0hkr5YW/WE6Nq5hNTcApxpuaiwlwy5HUFiOt3Qd9VBc=", - /* future lastpass.com backup (leaf) */ - "8CzY4qWQKZjFDwHXTOIpsVfWkiVnrhQOJEM4Q2b2Ar4=", - /* future lastpass.eu primary (leaf) */ - "SQAWwwYXoceSd8VNbiyxspGXEjFndkklEO2XzLMts10=", - /* future lastpass.eu backup (leaf) */ - "qr2VCNpUi0PK80PfRyF7lFBIEU1Gzz931k03hrD+xGQ=", + /* current lastpass.com primary (leaf) */ + "YDjIAXSYj+mh+25FGifAiKN4oNOAj+as6gQv4naQG0M=", + /* current lastpass.eu primary (leaf) */ + "SjMnNhjAyVM5Yv6O5JaQgNygBTU0wdb8Jz3mfQfTc28=", + /* GlobalSign ECC OV SSL CA 2018 intermediate CA */ + "OD/WDbD3VsfMwwNzzy9MWd9JXppKB77Vb3ST2wn9meg=" }; #endif diff --git a/process.c b/process.c index 59bdf10..8ccbf34 100644 --- a/process.c +++ b/process.c @@ -127,6 +127,9 @@ out: #error "Please provide a pid_to_cmd for your platform" #endif +int ARGC; +char **ARGV; + void process_set_name(const char *name) { size_t argslen = 0; diff --git a/process.h b/process.h index 58c2480..4cc2cf4 100644 --- a/process.h +++ b/process.h @@ -4,8 +4,8 @@ #include <stdbool.h> #include <sys/types.h> -int ARGC; -char **ARGV; +extern int ARGC; +extern char **ARGV; void process_set_name(const char *name); void process_disable_ptrace(void);