--- apg-2.2.3.dfsg.1.orig/debian/README.Debian +++ apg-2.2.3.dfsg.1/debian/README.Debian @@ -0,0 +1,2 @@ +The client/server version of apg has been deliberately omitted since +the passwords are sent over the network unencrypted. --- apg-2.2.3.dfsg.1.orig/debian/apg.conf +++ apg-2.2.3.dfsg.1/debian/apg.conf @@ -0,0 +1,4 @@ +# this file sets defaults for apg if apg is called without parameters + +APG_PARM="-M NCL -a 0 -s -m 8 -x 12 -t" + --- apg-2.2.3.dfsg.1.orig/debian/apg.dirs +++ apg-2.2.3.dfsg.1/debian/apg.dirs @@ -0,0 +1 @@ +usr/lib/apg --- apg-2.2.3.dfsg.1.orig/debian/apg.docs +++ apg-2.2.3.dfsg.1/debian/apg.docs @@ -0,0 +1,4 @@ +README +THANKS +TODO +doc/APG_TIPS --- apg-2.2.3.dfsg.1.orig/debian/apg.wrapper +++ apg-2.2.3.dfsg.1/debian/apg.wrapper @@ -0,0 +1,15 @@ +#!/bin/bash + +CONFFILE="/etc/apg.conf" + +# wrapper to give default parameters to apg if invoked without + +if [ -z "$*" ]; then + APG_PARM="-M NCL -a 0 -s -m 8 -x 12 -t" + if [ -e "$CONFFILE" ]; then + . $CONFFILE + fi + /usr/lib/apg/apg $APG_PARM +else + /usr/lib/apg/apg $@ +fi --- apg-2.2.3.dfsg.1.orig/debian/changelog +++ apg-2.2.3.dfsg.1/debian/changelog @@ -0,0 +1,110 @@ +apg (2.2.3.dfsg.1-2ubuntu1) trusty; urgency=medium + + * Support cross-building. + + -- Colin Watson Fri, 10 Jan 2014 14:14:15 +0000 + +apg (2.2.3.dfsg.1-2build1) quantal; urgency=low + + * Rebuild for new armel compiler default of ARMv5t. + + -- Colin Watson Mon, 01 Oct 2012 16:42:56 +0100 + +apg (2.2.3.dfsg.1-2) unstable; urgency=low + + * apply patch from Kaare Hviid to improve password quality on + 64bit arches. This should address #412618, but upsteam has not yet + commented. Thanks to Sami Liedes for spotting this. + + -- Marc Haber Wed, 20 Jun 2007 17:07:47 +0200 + +apg (2.2.3.dfsg.1-1) unstable; urgency=low + + * re-pack original sources, removing two RFC files. Closes: #393356 + * apply patch from Paul Martin. Closes: #337116 + * Standards-Version: 3.7.2.2 (no changes necessary) + + -- Marc Haber Tue, 17 Oct 2006 10:12:49 +0000 + +apg (2.2.3-4) unstable; urgency=low + + * add APG_TIPS file to package + * remove apgd from SEE ALSO in man pages, we don't ship apgd. Thanks + to Dr. Markus Waldeck. Closes: #319592. + * disable DEB_AUTO_UPDATE_DEBIAN_CONTROL + * Apply patch to read only as much from /dev/random as actually + needed. Thanks to Johannes Berg. Closes: #320307 + * Standards-Version: 3.6.2 (no changes needed). + + -- Marc Haber Sun, 2 Oct 2005 12:45:12 +0000 + +apg (2.2.3-3) unstable; urgency=low + + * use alternative watchfile syntax to make debian/watch work + * rebuild to fix build dependencies. Closes: #297118. + * convert repository to svn and debian-only layout. + * pull directly patched Makefile to debian/patches/02_Makefile + * remove dpatch from build-depends, cdbs now determines that by itself. + + -- Marc Haber Sun, 27 Feb 2005 11:37:14 +0000 + +apg (2.2.3-2) unstable; urgency=low + + * Add upstream URL to description. Closes: #247981. + * Add debian/watch which unfortunately had to stay disabled since + the upstream web site doesn't allow directory listings. + * drop wrong potato backporting comment from debian/rules. + * Convert package to cdbs. + * Make package use dpatch. + * Fix executeable path in index.php. Closes: #273438. + + -- Marc Haber Mon, 20 Dec 2004 12:25:13 +0000 + +apg (2.2.3-1) unstable; urgency=low + + * new upstream version + * set -t both in wrapper and default apg.conf + + -- Marc Haber Mon, 22 Sep 2003 12:43:10 +0000 + +apg (2.2.2-1) unstable; urgency=low + + * new upstream version, this time using pristine sources again + + -- Marc Haber Mon, 1 Sep 2003 14:41:05 +0000 + +apg (2.2.0-1) unstable; urgency=low + + * new upstream version + * .orig.tar.gz is not pristine since upstream tarball contains + read-only files and directories which debian tools cannot handle. + * Standards-Version: 3.6.1 + + -- Marc Haber Tue, 26 Aug 2003 07:30:43 +0000 + +apg (2.1.0-1) unstable; urgency=low + + * New upstream release (Closes: #162073). + * New upstream relases fixes manpage spelling errors (Closes: #126449). + * Standards-Version. + * Move to main. Package has been in non-US because it uses CAST and + SHA-1. Both of these algorithms are in libgcrypt1 as well, which is in + main, so apg should go into main as well. + * remove build-dependency on awk. + * activate SHA + * change default parameters from -M ncl to -M NCL + * wrapper doesn't barf any more if /etc/apg.conf isn't present + + -- Marc Haber Tue, 24 Sep 2002 15:13:13 +0000 + +apg (2.0.0b0-1) unstable; urgency=low + + * New upstream release + + -- Marc Haber Sun, 2 Sep 2001 19:51:55 +0000 + +apg (1.2.13-1) unstable; urgency=low + + * Initial Release. (closes: #92861) + + -- Marc Haber Fri, 1 Jun 2001 15:13:54 +0000 --- apg-2.2.3.dfsg.1.orig/debian/compat +++ apg-2.2.3.dfsg.1/debian/compat @@ -0,0 +1 @@ +4 --- apg-2.2.3.dfsg.1.orig/debian/control +++ apg-2.2.3.dfsg.1/debian/control @@ -0,0 +1,40 @@ +Source: apg +Section: admin +Priority: optional +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Marc Haber +Build-Depends: cdbs (>= 0.4.23-1.1), debhelper (>= 4.1.0), dpatch, patchutils +Standards-Version: 3.7.2.2 + +Package: apg +Architecture: any +Depends: ${shlibs:Depends} +Description: Automated Password Generator - Standalone version + APG (Automated Password Generator) is the tool set for random + password generation. It generates some random words of required type + and prints them to standard output. This binary package contains only + the standalone version of apg. + Advantages: + * Built-in ANSI X9.17 RNG (Random Number Generator)(CAST/SHA1) + * Built-in password quality checking system (now it has support for Bloom + filter for faster access) + * Two Password Generation Algorithms: + 1. Pronounceable Password Generation Algorithm (according to NIST + FIPS 181) + 2. Random Character Password Generation Algorithm with 35 + configurable modes of operation + * Configurable password length parameters + * Configurable amount of generated passwords + * Ability to initialize RNG with user string + * Support for /dev/random + * Ability to crypt() generated passwords and print them as additional output. + * Special parameters to use APG in script + * Ability to log password generation requests for network version + * Ability to control APG service access using tcpd + * Ability to use password generation service from any type of box (Mac, + WinXX, etc.) that connected to network + * Ability to enforce remote users to use only allowed type of password + generation + The client/server version of apg has been deliberately omitted. + . + Upstream URL: http://www.adel.nursat.kz/apg/download.shtml --- apg-2.2.3.dfsg.1.orig/debian/control.in +++ apg-2.2.3.dfsg.1/debian/control.in @@ -0,0 +1,40 @@ +Source: apg +Section: admin +Priority: optional +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Marc Haber +Build-Depends: @cdbs@ +Standards-Version: 3.6.1 + +Package: apg +Architecture: any +Depends: ${shlibs:Depends} +Description: Automated Password Generator - Standalone version + APG (Automated Password Generator) is the tool set for random + password generation. It generates some random words of required type + and prints them to standard output. This binary package contains only + the standalone version of apg. + Advantages: + * Built-in ANSI X9.17 RNG (Random Number Generator)(CAST/SHA1) + * Built-in password quality checking system (now it has support for Bloom + filter for faster access) + * Two Password Generation Algorithms: + 1. Pronounceable Password Generation Algorithm (according to NIST + FIPS 181) + 2. Random Character Password Generation Algorithm with 35 + configurable modes of operation + * Configurable password length parameters + * Configurable amount of generated passwords + * Ability to initialize RNG with user string + * Support for /dev/random + * Ability to crypt() generated passwords and print them as additional output. + * Special parameters to use APG in script + * Ability to log password generation requests for network version + * Ability to control APG service access using tcpd + * Ability to use password generation service from any type of box (Mac, + WinXX, etc.) that connected to network + * Ability to enforce remote users to use only allowed type of password + generation + The client/server version of apg has been deliberately omitted. + . + Upstream URL: http://www.adel.nursat.kz/apg/download.shtml --- apg-2.2.3.dfsg.1.orig/debian/copyright +++ apg-2.2.3.dfsg.1/debian/copyright @@ -0,0 +1,37 @@ +This package was debianized by Marc Haber on +Fri, 1 Jun 2001 15:13:54 +0000. + +It was downloaded from http://www.adel.nursat.kz/apg/ + +Upstream Author: Adel I. Mirzazhanov + +Copyright: + +Copyright (c) 1999, 2000, 2001 +Adel I. Mirzazhanov. All rights reserved + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above + copyright notice, this list of conditions and the following + disclaimer in the documentation and/or other materials provided + with the distribution. + 3. The name of the author may not be used to endorse or promote + products derived from this software without specific prior + written permission. + +THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS +OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY +DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE +GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --- apg-2.2.3.dfsg.1.orig/debian/patches/00list +++ apg-2.2.3.dfsg.1/debian/patches/00list @@ -0,0 +1,6 @@ +01_index.php_binary_path +02_Makefile +03_apgd_docs_remove +04_fix-excessive-random-usage +05_saltbuffer-337116 +10_prelim-412618 \ No newline at end of file --- apg-2.2.3.dfsg.1.orig/debian/patches/01_index.php_binary_path.dpatch +++ apg-2.2.3.dfsg.1/debian/patches/01_index.php_binary_path.dpatch @@ -0,0 +1,19 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 01_index.php_binary_path.dpatch by Marc Haber +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad apg/php/apgonline/index.php /tmp/dpep.Xgzj3Z/apg/php/apgonline/index.php +--- apg/php/apgonline/index.php 2002-09-13 08:10:49.000000000 +0000 ++++ /tmp/dpep.Xgzj3Z/apg/php/apgonline/index.php 2004-12-20 12:16:37.000000000 +0000 +@@ -7,7 +7,7 @@ + + $apg_title = "Automated Password Generator Online" ; + +- $generator = "/usr/local/bin/apg -q" ; # APG location ++ $generator = "/usr/bin/apg -q" ; # APG location + # + # Default options + # --- apg-2.2.3.dfsg.1.orig/debian/patches/02_Makefile.dpatch +++ apg-2.2.3.dfsg.1/debian/patches/02_Makefile.dpatch @@ -0,0 +1,39 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 02_Makefile.dpatch by Marc Haber +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad ./Makefile /tmp/dpep-work.B8bqpE/trunk/Makefile +--- ./Makefile 2003-08-07 15:40:30.000000000 +0000 ++++ /tmp/dpep-work.B8bqpE/trunk/Makefile 2005-02-27 11:36:49.781144504 +0000 +@@ -34,16 +34,16 @@ + # DO NOT EDIT THE LINE BELOW !!! + USE_SHA = APG_USE_SHA + # Coment this if you want to use PRNG X9.17 with SHA-1 +-USE_SHA = APG_DONOTUSE_SHA ++# USE_SHA = APG_DONOTUSE_SHA + + ################################################################## + # Directories + # Install dirs + INSTALL_PREFIX = /usr/local + APG_BIN_DIR = /bin +-APG_MAN_DIR = /man/man1 ++APG_MAN_DIR = /share/man/man1 + APGD_BIN_DIR = /sbin +-APGD_MAN_DIR = /man/man8 ++APGD_MAN_DIR = /share/man/man8 + + #################################################################### + # If you plan to install APG daemon you should look at lines below # +@@ -59,7 +59,7 @@ + # Linux + # + # Uncoment line below for LINUX +-#CS_LIBS = -lnsl ++CS_LIBS = -lnsl + + #################################################################### + # Solaris --- apg-2.2.3.dfsg.1.orig/debian/patches/03_apgd_docs_remove.dpatch +++ apg-2.2.3.dfsg.1/debian/patches/03_apgd_docs_remove.dpatch @@ -0,0 +1,31 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 03_apgd_docs_remove.dpatch by Marc Haber +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad --exclude=CVS --exclude=.svn ./doc/man/apg.1 /tmp/dpep-work.dFyQOr/apg/doc/man/apg.1 +--- ./doc/man/apg.1 2003-08-07 15:40:30.000000000 +0000 ++++ /tmp/dpep-work.dFyQOr/apg/doc/man/apg.1 2005-07-23 10:43:48.000000000 +0000 +@@ -272,7 +272,7 @@ + .B None. + If you've found one, please send bug description to the author. + .SH "SEE ALSO" +-\fBapgd\fP(8), \fBapgbfm\fP(1) ++\fBapgbfm\fP(1) + .SH "AUTHOR" + Adel I. Mirzazhanov, + .br +diff -urNad --exclude=CVS --exclude=.svn ./doc/man/apgbfm.1 /tmp/dpep-work.dFyQOr/apg/doc/man/apgbfm.1 +--- ./doc/man/apgbfm.1 2003-08-07 15:40:30.000000000 +0000 ++++ /tmp/dpep-work.dFyQOr/apg/doc/man/apgbfm.1 2005-07-23 10:43:42.000000000 +0000 +@@ -125,7 +125,7 @@ + .PP + This man page is Alpha too. + .SH "SEE ALSO" +-\fBapgd\fP(8), \fBapg\fP(1) ++\fBapg\fP(1) + .SH "AUTHOR" + Adel I. Mirzazhanov, + .br --- apg-2.2.3.dfsg.1.orig/debian/patches/04_fix-excessive-random-usage.dpatch +++ apg-2.2.3.dfsg.1/debian/patches/04_fix-excessive-random-usage.dpatch @@ -0,0 +1,57 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 04_fix-excessive-random-usage.dpatch by Marc Haber +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad --exclude=CVS --exclude=.svn ./rnd.c /tmp/dpep-work.HP9NDI/apg/rnd.c +--- ./rnd.c 2003-08-07 15:40:30.000000000 +0000 ++++ /tmp/dpep-work.HP9NDI/apg/rnd.c 2005-08-09 10:42:38.000000000 +0000 +@@ -36,6 +36,7 @@ + #include + #include + #include ++#include + #include "rnd.h" + + #ifndef APG_USE_SHA +@@ -176,25 +177,31 @@ + void + x917_setseed (UINT32 seed, int quiet) + { +- FILE * dr; ++ int fd; + UINT32 drs[2]; + UINT32 pid = 0; + + pid = (UINT32)getpid(); ++ ++ /* NOTE: this function intentionally does not use ++ * the regular API because fread may ++ * read much more data than requested (up to ++ * 4K), which is extremely bad with /dev/random ++ */ + +- if ( (dr = fopen(APG_DEVRANDOM, "r")) != NULL) ++ if ( (fd = open(APG_DEVRANDOM, O_RDONLY)) != -1) + { +- (void)fread( (void *)&drs[0], 8, 1, dr); ++ read(fd, (void *)&drs[0], 8); + __rnd_seed[0] = seed ^ drs[0]; + __rnd_seed[1] = seed ^ drs[1]; +- (void) fclose(dr); ++ close(fd); + } +- else if ( (dr = fopen(APG_DEVURANDOM, "r")) != NULL) ++ else if ( (fd = open(APG_DEVURANDOM, O_RDONLY)) != -1) + { +- (void)fread( (void *)&drs[0], 8, 1, dr); ++ read(fd, &drs[0], 8); + __rnd_seed[0] = seed ^ drs[0]; + __rnd_seed[1] = seed ^ drs[1]; +- (void) fclose(dr); ++ close(fd); + } + else + { --- apg-2.2.3.dfsg.1.orig/debian/patches/05_saltbuffer-337116.dpatch +++ apg-2.2.3.dfsg.1/debian/patches/05_saltbuffer-337116.dpatch @@ -0,0 +1,19 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 05_saltbuffer-337116.dpatch by Marc Haber +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Fix segfaults with -y option, #337116 + +@DPATCH@ +diff -urNad trunk~/apg.c trunk/apg.c +--- trunk~/apg.c 2003-09-12 17:46:27.000000000 +0000 ++++ trunk/apg.c 2006-10-17 10:07:54.000000000 +0000 +@@ -662,7 +662,7 @@ + */ + char * crypt_passstring (const char *p) + { +- char salt[10]; ++ char salt[11]; + gen_rand_pass (salt, 10, 10, S_SL|S_CL|S_NB); + return (crypt(p, salt)); + } --- apg-2.2.3.dfsg.1.orig/debian/patches/10_prelim-412618.dpatch +++ apg-2.2.3.dfsg.1/debian/patches/10_prelim-412618.dpatch @@ -0,0 +1,40 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 10_prelim-412618.dpatch by Marc Haber +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: preliminary patch to improve password quality on 64bit arches. +## DP: submitted by Kaare Hviid (BTS #412618) + +@DPATCH@ +diff -urNad trunk~/sha/sha.c trunk/sha/sha.c +--- trunk~/sha/sha.c 2003-08-07 17:40:30.000000000 +0200 ++++ trunk/sha/sha.c 2007-06-20 17:06:33.000000000 +0200 +@@ -13,6 +13,7 @@ + */ + + #include ++#include + #include "sha.h" + + /* The SHA f()-functions */ +@@ -39,7 +40,7 @@ + + /* 32-bit rotate - kludged with shifts */ + +-typedef unsigned long UL ; /* to save space */ ++typedef u_int32_t UL ; /* to save space */ + + #define S(n,X) ( ( ((UL)X) << n ) | ( ((UL)X) >> ( 32 - n ) ) ) + +diff -urNad trunk~/sha/sha.h trunk/sha/sha.h +--- trunk~/sha/sha.h 2003-08-07 17:40:30.000000000 +0200 ++++ trunk/sha/sha.h 2007-06-20 17:06:49.000000000 +0200 +@@ -16,7 +16,7 @@ + /* Useful defines/typedefs */ + + typedef unsigned char BYTE ; +-typedef unsigned long LONG ; ++typedef u_int32_t LONG ; + + /* The SHA block size and message digest sizes, in bytes */ + --- apg-2.2.3.dfsg.1.orig/debian/rules +++ apg-2.2.3.dfsg.1/debian/rules @@ -0,0 +1,30 @@ +#!/usr/bin/make -f + +# to re-generate debian/control, invoke +# fakeroot debian/rules debian/control DEB_AUTO_UPDATE_DEBIAN_CONTROL:=yes + +# automatic debian/control generation disabled, cdbs bug #311724. + +DEB_MAKE_CLEAN_TARGET := clean +DEB_MAKE_BUILD_TARGET := standalone +DEB_MAKE_INSTALL_TARGET := install INSTALL_PREFIX=$(CURDIR)/debian/apg/usr + +include /usr/share/cdbs/1/rules/debhelper.mk +include /usr/share/cdbs/1/rules/dpatch.mk +include /usr/share/cdbs/1/class/makefile.mk + +DEB_MAKE_EXTRA_ARGS := $(if $(cdbs_crossbuild),CC="$(DEB_HOST_GNU_TYPE)-gcc") + +cleanbuilddir/apg:: + rm -f build-stamp configure-stamp php.tar.gz + +install/apg:: + mv $(CURDIR)/debian/apg/usr/bin/apg $(CURDIR)/debian/apg/usr/lib/apg/apg + tar --create --gzip --file php.tar.gz --directory $(CURDIR)/php/apgonline/ . + install -D --mode=0644 php.tar.gz $(CURDIR)/debian/apg/usr/share/doc/apg/php.tar.gz + rm php.tar.gz + install -D --mode=0755 $(CURDIR)/debian/apg.wrapper $(CURDIR)/debian/apg/usr/bin/apg + install -D --mode=0644 $(CURDIR)/debian/apg.conf $(CURDIR)/debian/apg/etc/apg.conf + +# bug #284231 +unpatch: deapply-dpatches --- apg-2.2.3.dfsg.1.orig/debian/watch +++ apg-2.2.3.dfsg.1/debian/watch @@ -0,0 +1,3 @@ +version=2 + +http://www.adel.nursat.kz/apg/download.shtml download/apg-([^b]+)\.tar\.gz debian