Hello community,
here is the log from the commit of package s3backer for openSUSE:Factory
checked in at 2013-07-17 09:32:08
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/s3backer (Old)
and /work/SRC/openSUSE:Factory/.s3backer.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "s3backer"
Changes:
--------
--- /work/SRC/openSUSE:Factory/s3backer/s3backer.changes 2013-06-05
14:24:47.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.s3backer.new/s3backer.changes 2013-07-17
09:32:10.000000000 +0200
@@ -1,0 +2,7 @@
+Tue Jul 16 16:42:11 UTC 2013 - arc...@dellroad.org
+
+- Update to version 1.3.6
+ + Fix use of MAX_HOST_NAME in http_io.c (issue #42)
+ + Fix encryption key generation bug (on some systems)
+
+-------------------------------------------------------------------
Old:
----
s3backer-1.3.5.tar.gz
New:
----
s3backer-1.3.6.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ s3backer.spec ++++++
--- /var/tmp/diff_new_pack.xjwTLb/_old 2013-07-17 09:32:11.000000000 +0200
+++ /var/tmp/diff_new_pack.xjwTLb/_new 2013-07-17 09:32:11.000000000 +0200
@@ -18,7 +18,7 @@
Name: s3backer
-Version: 1.3.5
+Version: 1.3.6
Release: 0
Summary: FUSE-based single file backing store via Amazon S3
License: GPL-2.0+
++++++ s3backer-1.3.5.tar.gz -> s3backer-1.3.6.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/s3backer-1.3.5/CHANGES new/s3backer-1.3.6/CHANGES
--- old/s3backer-1.3.5/CHANGES 2013-05-29 19:43:01.000000000 +0200
+++ new/s3backer-1.3.6/CHANGES 2013-07-16 18:34:12.000000000 +0200
@@ -1,3 +1,9 @@
+
+Version 1.3.6 (r493) released 16 July 2013
+
+ - Fix use of MAX_HOST_NAME in http_io.c (issue #42)
+ - Fix encryption key generation bug (on some systems)
+
Version 1.3.5 (r485) released 29 May 2013
- Check for duplicate mount at startup (issue #10)
@@ -138,4 +144,4 @@
Version 1.0.0 released 19 June 2008
-$Id: CHANGES 485 2013-05-29 17:42:59Z archie.cobbs $
+$Id: CHANGES 493 2013-07-16 16:34:11Z archie.cobbs $
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/s3backer-1.3.5/configure new/s3backer-1.3.6/configure
--- old/s3backer-1.3.5/configure 2013-05-29 19:43:26.000000000 +0200
+++ new/s3backer-1.3.6/configure 2013-07-16 18:34:31.000000000 +0200
@@ -1,7 +1,7 @@
#! /bin/sh
-# From configure.ac Id: configure.ac 477 2013-04-03 01:57:08Z archie.cobbs .
+# From configure.ac Id: configure.ac 487 2013-05-29 17:47:17Z archie.cobbs .
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for s3backer FUSE filesystem backed by Amazon
S3 1.3.5.
+# Generated by GNU Autoconf 2.69 for s3backer FUSE filesystem backed by Amazon
S3 1.3.6.
#
# Report bugs to <http://s3backer.googlecode.com/>.
#
@@ -581,8 +581,8 @@
# Identity of this package.
PACKAGE_NAME='s3backer FUSE filesystem backed by Amazon S3'
PACKAGE_TARNAME='s3backer'
-PACKAGE_VERSION='1.3.5'
-PACKAGE_STRING='s3backer FUSE filesystem backed by Amazon S3 1.3.5'
+PACKAGE_VERSION='1.3.6'
+PACKAGE_STRING='s3backer FUSE filesystem backed by Amazon S3 1.3.6'
PACKAGE_BUGREPORT='http://s3backer.googlecode.com/'
PACKAGE_URL=''
@@ -1275,7 +1275,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures s3backer FUSE filesystem backed by Amazon S3 1.3.5 to
adapt to many kinds of systems.
+\`configure' configures s3backer FUSE filesystem backed by Amazon S3 1.3.6 to
adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1341,7 +1341,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of s3backer FUSE filesystem
backed by Amazon S3 1.3.5:";;
+ short | recursive ) echo "Configuration of s3backer FUSE filesystem
backed by Amazon S3 1.3.6:";;
esac
cat <<\_ACEOF
@@ -1440,7 +1440,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-s3backer FUSE filesystem backed by Amazon S3 configure 1.3.5
+s3backer FUSE filesystem backed by Amazon S3 configure 1.3.6
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1788,7 +1788,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by s3backer FUSE filesystem backed by Amazon S3 $as_me 1.3.5,
which was
+It was created by s3backer FUSE filesystem backed by Amazon S3 $as_me 1.3.6,
which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -2612,7 +2612,7 @@
# Define the identity of the package.
PACKAGE='s3backer'
- VERSION='1.3.5'
+ VERSION='1.3.6'
cat >>confdefs.h <<_ACEOF
@@ -5335,7 +5335,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by s3backer FUSE filesystem backed by Amazon S3 $as_me
1.3.5, which was
+This file was extended by s3backer FUSE filesystem backed by Amazon S3 $as_me
1.3.6, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -5401,7 +5401,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //;
s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-s3backer FUSE filesystem backed by Amazon S3 config.status 1.3.5
+s3backer FUSE filesystem backed by Amazon S3 config.status 1.3.6
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/s3backer-1.3.5/configure.ac
new/s3backer-1.3.6/configure.ac
--- old/s3backer-1.3.5/configure.ac 2013-04-03 03:57:11.000000000 +0200
+++ new/s3backer-1.3.6/configure.ac 2013-05-29 19:47:18.000000000 +0200
@@ -18,15 +18,15 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
# 02110-1301, USA.
#
-# $Id: configure.ac 477 2013-04-03 01:57:08Z archie.cobbs $
+# $Id: configure.ac 487 2013-05-29 17:47:17Z archie.cobbs $
#
-AC_INIT([s3backer FUSE filesystem backed by Amazon S3], [1.3.5],
[http://s3backer.googlecode.com/], [s3backer])
+AC_INIT([s3backer FUSE filesystem backed by Amazon S3], [1.3.6],
[http://s3backer.googlecode.com/], [s3backer])
AC_CONFIG_AUX_DIR(scripts)
AM_INIT_AUTOMAKE
dnl AM_MAINTAINER_MODE
AC_PREREQ(2.59)
-AC_REVISION($Id: configure.ac 477 2013-04-03 01:57:08Z archie.cobbs $)
+AC_REVISION($Id: configure.ac 487 2013-05-29 17:47:17Z archie.cobbs $)
AC_PREFIX_DEFAULT(/usr)
AC_PROG_MAKE_SET
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/s3backer-1.3.5/erase.c new/s3backer-1.3.6/erase.c
--- old/s3backer-1.3.5/erase.c 2013-05-11 19:07:54.000000000 +0200
+++ new/s3backer-1.3.6/erase.c 2013-07-16 18:15:46.000000000 +0200
@@ -19,7 +19,7 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*
- * $Id: erase.c 482 2013-05-11 17:07:49Z archie.cobbs $
+ * $Id: erase.c 491 2013-07-16 16:15:46Z archie.cobbs $
*/
#include "s3backer.h"
@@ -68,9 +68,10 @@
warnx("`--erase' flag given: erasing all blocks in %s",
config->description);
fprintf(stderr, "s3backer: is this correct? [y/N] ");
*response = '\0';
- fgets(response, sizeof(response), stdin);
- while (*response && isspace(response[strlen(response) - 1]))
- response[strlen(response) - 1] = '\0';
+ if (fgets(response, sizeof(response), stdin) != NULL) {
+ while (*response && isspace(response[strlen(response) - 1]))
+ response[strlen(response) - 1] = '\0';
+ }
if (strcasecmp(response, "y") != 0 && strcasecmp(response, "yes") !=
0) {
warnx("not confirmed");
goto fail0;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/s3backer-1.3.5/http_io.c new/s3backer-1.3.6/http_io.c
--- old/s3backer-1.3.5/http_io.c 2013-05-11 19:07:54.000000000 +0200
+++ new/s3backer-1.3.6/http_io.c 2013-07-16 18:28:35.000000000 +0200
@@ -19,7 +19,7 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*
- * $Id: http_io.c 482 2013-05-11 17:07:49Z archie.cobbs $
+ * $Id: http_io.c 492 2013-07-16 16:28:35Z archie.cobbs $
*/
#include "s3backer.h"
@@ -91,6 +91,9 @@
/* PBKDF2 key generation iterations */
#define PBKDF2_ITERATIONS 5000
+/* Enable to debug encryption key stuff */
+#define DEBUG_ENCRYPTION 0
+
/* Misc */
#define WHITESPACE " \t\v\f\r\n"
@@ -116,6 +119,7 @@
/* Encryption info */
const EVP_CIPHER *cipher;
+ u_int keylen; // length of
key and ivkey
u_char key[EVP_MAX_KEY_LENGTH]; // key used to
encrypt data
u_char ivkey[EVP_MAX_KEY_LENGTH]; // key used to
encrypt block number to get IV for data
};
@@ -310,23 +314,40 @@
r = EINVAL;
goto fail4;
}
+ priv->keylen = EVP_CIPHER_key_length(priv->cipher);
+ if (priv->keylen <= 0 || priv->keylen > sizeof(priv->key)) {
+ (*config->log)(LOG_ERR, "cipher `%s' key length %d is out of
range", config->encryption, priv->keylen);
+ r = EINVAL;
+ goto fail4;
+ }
/* Hash password to get bulk data encryption key */
snprintf(saltbuf, sizeof(saltbuf), "%s/%s", config->bucket,
config->prefix);
if ((r = PKCS5_PBKDF2_HMAC_SHA1(config->password,
strlen(config->password),
- (u_char *)saltbuf, strlen(saltbuf), PBKDF2_ITERATIONS,
sizeof(priv->key), priv->key)) != 1) {
+ (u_char *)saltbuf, strlen(saltbuf), PBKDF2_ITERATIONS, priv->keylen,
priv->key)) != 1) {
(*config->log)(LOG_ERR, "failed to create encryption key");
r = EINVAL;
goto fail4;
}
/* Hash the bulk encryption key to get the IV encryption key */
- if ((r = PKCS5_PBKDF2_HMAC_SHA1((char *)priv->key, sizeof(priv->key),
- priv->key, sizeof(priv->key), PBKDF2_ITERATIONS,
sizeof(priv->ivkey), priv->ivkey)) != 1) {
+ if ((r = PKCS5_PBKDF2_HMAC_SHA1((char *)priv->key, priv->keylen,
+ priv->key, priv->keylen, PBKDF2_ITERATIONS, priv->keylen,
priv->ivkey)) != 1) {
(*config->log)(LOG_ERR, "failed to create encryption key");
r = EINVAL;
goto fail4;
}
+
+ /* Encryption debug */
+#if DEBUG_ENCRYPTION
+ {
+ char keybuf[priv->keylen * 2 + 1];
+ char ivkeybuf[priv->keylen * 2 + 1];
+ http_io_prhex(keybuf, priv->key, priv->keylen);
+ http_io_prhex(ivkeybuf, priv->ivkey, priv->keylen);
+ (*config->log)(LOG_DEBUG, "ENCRYPTION INIT: cipher=\"%s\" pass=\"%s\"
salt=\"%s\" key=0x%s ivkey=0x%s", config->encryption, config->password,
saltbuf, keybuf, ivkeybuf);
+ }
+#endif
}
/* Initialize cURL */
@@ -756,7 +777,7 @@
if (new_value != -1) {
u_char md5[MD5_DIGEST_LENGTH];
char md5buf[MD5_DIGEST_LENGTH * 2 + 1];
- char content[HOST_NAME_MAX + 64];
+ char content[_POSIX_HOST_NAME_MAX + 64];
MD5_CTX ctx;
/* Reset I/O info */
@@ -1993,6 +2014,16 @@
assert(r == 1 && clen >= 0);
total_len += (u_int)clen;
+ /* Encryption debug */
+#if DEBUG_ENCRYPTION
+{
+ struct http_io_conf *const config = priv->config;
+ char ivecbuf[sizeof(ivec) * 2 + 1];
+ http_io_prhex(ivecbuf, ivec, sizeof(ivec));
+ (*config->log)(LOG_DEBUG, "%sCRYPT: block=%s ivec=0x%s len: %d -> %d",
(enc ? "EN" : "DE"), blockbuf, ivecbuf, len, total_len);
+}
+#endif
+
/* Done */
EVP_CIPHER_CTX_cleanup(&ctx);
return total_len;
@@ -2009,7 +2040,7 @@
/* Sign the block number, the name of the encryption algorithm, and the
block data */
snprintf(blockbuf, sizeof(blockbuf), "%0*jx", S3B_BLOCK_NUM_DIGITS,
(uintmax_t)block_num);
HMAC_CTX_init(&ctx);
- HMAC_Init_ex(&ctx, (const u_char *)priv->key, sizeof(priv->key),
EVP_sha1(), NULL);
+ HMAC_Init_ex(&ctx, (const u_char *)priv->key, priv->keylen, EVP_sha1(),
NULL);
HMAC_Update(&ctx, (const u_char *)blockbuf, strlen(blockbuf));
HMAC_Update(&ctx, (const u_char *)ciphername, strlen(ciphername));
HMAC_Update(&ctx, (const u_char *)src, len);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/s3backer-1.3.5/s3backer.spec
new/s3backer-1.3.6/s3backer.spec
--- old/s3backer-1.3.5/s3backer.spec 2013-05-29 19:43:31.000000000 +0200
+++ new/s3backer-1.3.6/s3backer.spec 2013-07-16 18:34:37.000000000 +0200
@@ -17,7 +17,7 @@
#
Name: s3backer
-Version: 1.3.5
+Version: 1.3.6
Release: 1
License: GNU General Public License, Version 2
Summary: FUSE-based single file backing store via Amazon S3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/s3backer-1.3.5/svnrev.c new/s3backer-1.3.6/svnrev.c
--- old/s3backer-1.3.5/svnrev.c 2013-05-29 19:43:32.000000000 +0200
+++ new/s3backer-1.3.6/svnrev.c 2013-07-16 18:34:37.000000000 +0200
@@ -1 +1 @@
-const int s3backer_svnrev = 485;
+const int s3backer_svnrev = 493;
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
