Package: prayer
Version: 1.3.5-dfsg1-5
Severity: important
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu disco ubuntu-patch
Hi Magnus,
In Ubuntu, we found that the prayer packages is failing to build from source
with the following error:
[...]
gcc -g -O2 -fdebug-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong
-Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -I../lib -c
-DACCOUNTD_PAM_ENABLE=1 authenticate.c
authenticate.c:99:14: error: conflicting types for ‘crypt’
extern char *crypt(char *password, char *salt);
^~~~~
In file included from accountd.h:14,
from authenticate.c:9:
/usr/include/unistd.h:1124:14: note: previous declaration of ‘crypt’ was here
extern char *crypt (const char *__key, const char *__salt)
^~~~~
[...]
(https://launchpad.net/ubuntu/+source/prayer/1.3.5-dfsg1-5/+build/15633911)
This is because glibc 2.28 provides a tightened prototype for crypt(), and
the local prototype in authenticate.c is not compatible.
The local prototype should just be dropped in favor of the system one,
considering the comments in the code claim it was added in the first place
for Linux, where we know it is not needed.
I have uploaded the attached patch to Ubuntu to fix this build failure;
please consider applying it in Debian as well.
Thanks,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru prayer-1.3.5-dfsg1/debian/patches/glibc-2.28.patch
prayer-1.3.5-dfsg1/debian/patches/glibc-2.28.patch
--- prayer-1.3.5-dfsg1/debian/patches/glibc-2.28.patch 1969-12-31
16:00:00.000000000 -0800
+++ prayer-1.3.5-dfsg1/debian/patches/glibc-2.28.patch 2018-11-15
14:34:02.000000000 -0800
@@ -0,0 +1,23 @@
+Description: drop wrong prototype for crypt()
+ The code provides its own protoype for crypt, claiming that Linux doesn't
+ have one in its system headers. Not only is that wrong, but the local
+ prototype is now incorrect, causing a build failure.
+Author: Steve Langasek <steve.langa...@ubuntu.com>
+Last-Modified: 2018-11-15
+
+Index: prayer-1.3.5-dfsg1/accountd/authenticate.c
+===================================================================
+--- prayer-1.3.5-dfsg1.orig/accountd/authenticate.c
++++ prayer-1.3.5-dfsg1/accountd/authenticate.c
+@@ -94,11 +94,6 @@
+ /* Definies a whole series of different authentication methods, including
+ * PAM if PAM support configured in ../Config */
+
+-/* No prototype for crypt, at least on Linux */
+-#if HAVE_SHADOW
+-extern char *crypt(char *password, char *salt);
+-#endif
+-
+ /* ====================================================================== */
+
+ #ifdef ACCOUNTD_PAM_ENABLE
diff -Nru prayer-1.3.5-dfsg1/debian/patches/no-referrer.patch
prayer-1.3.5-dfsg1/debian/patches/no-referrer.patch
--- prayer-1.3.5-dfsg1/debian/patches/no-referrer.patch 2018-10-27
10:58:34.000000000 -0700
+++ prayer-1.3.5-dfsg1/debian/patches/no-referrer.patch 2018-11-15
14:32:53.000000000 -0800
@@ -2,8 +2,10 @@
Description: Add no-referrer meta header to templates.
* CVE-2018-18655
---- a/templates/cam/header.t
-+++ b/templates/cam/header.t
+Index: prayer-1.3.5-dfsg1/templates/cam/header.t
+===================================================================
+--- prayer-1.3.5-dfsg1.orig/templates/cam/header.t
++++ prayer-1.3.5-dfsg1/templates/cam/header.t
@@ -11,6 +11,7 @@
% ENDIF
<meta name="robots" content="none" />
@@ -12,8 +14,10 @@
<link rel="stylesheet" href="/static/layout.css"
type="text/css" media="all" />
<link rel="stylesheet" href="/static/print.css"
---- a/templates/old/header.t
-+++ b/templates/old/header.t
+Index: prayer-1.3.5-dfsg1/templates/old/header.t
+===================================================================
+--- prayer-1.3.5-dfsg1.orig/templates/old/header.t
++++ prayer-1.3.5-dfsg1/templates/old/header.t
@@ -11,6 +11,7 @@
% ENDIF
<meta name="robots" content="none" />
diff -Nru prayer-1.3.5-dfsg1/debian/patches/series
prayer-1.3.5-dfsg1/debian/patches/series
--- prayer-1.3.5-dfsg1/debian/patches/series 2018-10-27 10:58:34.000000000
-0700
+++ prayer-1.3.5-dfsg1/debian/patches/series 2018-11-15 14:32:59.000000000
-0800
@@ -9,3 +9,4 @@
disable_ssl3.patch
openssl1.1.patch
no-referrer.patch
+glibc-2.28.patch
