Package: release.debian.org Severity: normal Tags: bookworm User: release.debian....@packages.debian.org Usertags: pu X-Debbugs-Cc: slbackup-...@packages.debian.org, debian-...@lists.debian.org Control: affects -1 + src:slbackup-php
As part of the effort of getting Debian Edu 12 ready for release (whilst having all fixes/changes/features shipped in Debian 12) we have fixed the Skolelinux Backup Tools's PHP frontend. [ Reason ] slbackup-php 0.4.5-4 produces main warnings and failures when running under PHP 8.x. This upload fixes those problems. [ Impact ] slbackup / slbackup-php are mostly use on Debian Edu system. For Debian Edu, this fixes the (rather old) backup utility shipped on its main server installation. Not much impact for non-Debian-Edu users is to be expected. [ Tests ] Manual tests in webbrowser on a Debian Edu mainserver. [ Risks ] Not much risk for non-Debian-Edu users is to be expected. In Debian Edu, slbackup-php could be even more broken (stuff we haven't spotted). Of course, also regressions are possible. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] + [ Guido Berhörster ] + * debian/patches: + + Add 1007_log_remote_commands_to_stderr.patch in order to log to stderr. + + Add 1006_disable-ssh-known-hosts.patch disabling SSH known hosts files. + + Add 1005_fix-typo.patch fixing an exception on login. (Closes: #1042824). + + Add 1004_fix-php-warnings.patch fixing PHP warnings. + + Add 1003_php8-compat.patch fixing PHP 8 compatibility. + + Fix string splitting in 1002_php7-compat.patch. Use explode() instead of + preg_split(), the latter needs delimiters for the regex and returns false + if there was no match which breaks the existing code. [ Other info ] This p-u is part of the upcoming Debian Edu 12 release and is required to get Debian Edu fully functional in Debian 12.
diff -Nru slbackup-php-0.4.5/debian/changelog slbackup-php-0.4.5/debian/changelog --- slbackup-php-0.4.5/debian/changelog 2018-06-02 23:54:47.000000000 +0200 +++ slbackup-php-0.4.5/debian/changelog 2023-08-10 18:02:58.000000000 +0200 @@ -1,3 +1,18 @@ +slbackup-php (0.4.5-4+deb12u1) bookworm; urgency=medium + + [ Guido Berhörster ] + * debian/patches: + + Add 1007_log_remote_commands_to_stderr.patch in order to log to stderr. + + Add 1006_disable-ssh-known-hosts.patch disabling SSH known hosts files. + + Add 1005_fix-typo.patch fixing an exception on login. (Closes: #1042824). + + Add 1004_fix-php-warnings.patch fixing PHP warnings. + + Add 1003_php8-compat.patch fixing PHP 8 compatibility. + + Fix string splitting in 1002_php7-compat.patch. Use explode() instead of + preg_split(), the latter needs delimiters for the regex and returns false + if there was no match which breaks the existing code. + + -- Mike Gabriel <sunwea...@debian.org> Thu, 10 Aug 2023 18:02:58 +0200 + slbackup-php (0.4.5-4) unstable; urgency=medium * debian/watch: diff -Nru slbackup-php-0.4.5/debian/patches/1002_php7-compat.patch slbackup-php-0.4.5/debian/patches/1002_php7-compat.patch --- slbackup-php-0.4.5/debian/patches/1002_php7-compat.patch 2018-06-02 23:54:47.000000000 +0200 +++ slbackup-php-0.4.5/debian/patches/1002_php7-compat.patch 2023-08-10 18:02:58.000000000 +0200 @@ -1,4 +1,4 @@ -Description: Make slbackup-php PHP7 compatible (use preg_split instead of split) +Description: Make slbackup-php PHP7 compatible (use explode instead of split) Author: Wolfgang Schweer <wschw...@arcor.de> --- a/src/functions.php @@ -8,7 +8,7 @@ $lang_accept = explode (",", $_SERVER['HTTP_ACCEPT_LANGUAGE']); for ($i = 0 ; $i < count ($lang_accept) ; $i++ ) { - $lang_accept[$i] = split(";", $lang_accept[$i]) ; -+ $lang_accept[$i] = preg_split(';', $lang_accept[$i]) ; ++ $lang_accept[$i] = explode(';', $lang_accept[$i]) ; $lang_accept[$i] = $lang_accept[$i][0] ; } @@ -17,14 +17,14 @@ $locales_utf8 = array(); if (isset($found_locale) && !empty($lang_accept[0])) { - $found_locale_tuple = split('_', $found_locale); -+ $found_locale_tuple = preg_split('_', $found_locale); ++ $found_locale_tuple = explode('_', $found_locale); if (count($found_locale_tuple) > 1) { $locales[] = $found_locale; $locales_utf8[] = $found_locale.'.UTF-8'; } foreach ($lang_accept as $lang) { - $lang_tuple = split('-',$lang); -+ $lang_tuple = preg_split('-',$lang); ++ $lang_tuple = explode('-',$lang); if (count($lang_tuple) > 1) { $language = strtolower($lang_tuple[0]); $country = strtoupper($lang_tuple[1]); diff -Nru slbackup-php-0.4.5/debian/patches/1003_php8-compat.patch slbackup-php-0.4.5/debian/patches/1003_php8-compat.patch --- slbackup-php-0.4.5/debian/patches/1003_php8-compat.patch 1970-01-01 01:00:00.000000000 +0100 +++ slbackup-php-0.4.5/debian/patches/1003_php8-compat.patch 2023-08-10 18:02:58.000000000 +0200 @@ -0,0 +1,16 @@ +From: Guido Berhoerster <gu...@berhoerster.name> +Subject: Add compatibility with PHP 8 + +crypt() reuires a salt in PHP 8. + +--- slbackup-php.orig/src/index.php ++++ slbackup-php/src/index.php +@@ -695,7 +695,7 @@ if (empty ($config)) { + } + + if (empty($encrypt) || empty ($xorstring)) { +- $encrypt = crypt(strrev(sprintf (gettimeofday (true)))) ; ++ $encrypt = crypt('', strrev(sprintf (gettimeofday (true)))) ; + $_SESSION['encrypt'] = $encrypt ; + $xorstring = xorstring ($encrypt, $passwd) ; + } diff -Nru slbackup-php-0.4.5/debian/patches/1004_fix-php-warnings.patch slbackup-php-0.4.5/debian/patches/1004_fix-php-warnings.patch --- slbackup-php-0.4.5/debian/patches/1004_fix-php-warnings.patch 1970-01-01 01:00:00.000000000 +0100 +++ slbackup-php-0.4.5/debian/patches/1004_fix-php-warnings.patch 2023-08-10 18:02:58.000000000 +0200 @@ -0,0 +1,73 @@ +From: Guido Berhoerster <gu...@berhoerster.name> +Subject: Fix PHP warnings + +Fix use of uninitialized variables and non-existing array keys. + +--- + src/index.php | 3 +++ + 1 file changed, 3 insertions(+) + +--- slbackup-php.orig/src/index.php ++++ slbackup-php/src/index.php +@@ -475,6 +475,8 @@ global $backuphost, $backupuser, $backup + function readconf ($passwd) { + global $backuphost, $backupuser, $backupconf, $ssh_options, $ssh_askpass ; + ++ $config = array() ; ++ + $cmd = sprintf ("ssh %s %s@%s cat %s", + $ssh_options, $backupuser, + $backuphost, $backupconf) ; +@@ -556,7 +558,9 @@ global $backuphost, $backupuser, $logfil + fprintf ($pipes[0], "%s\n", $passwd) ; + fclose ($pipes[0]) ; + while ($line = fgets ($pipes[1], 1024)) { +- list ($timestamp, $info) = explode (" - ", trim($line)) ; ++ $parts = explode (" - ", trim($line)) ; ++ $timestamp = $parts[0]; ++ $info = $parts[1] ?? null; + if ($info == "Starting slbackup:") + $log["start"] = strtotime($timestamp) ; + elseif ($info == "Finished slbackup.") +@@ -611,6 +615,8 @@ foreach ($_COOKIE as $key => $value) { + } + + # Fetch arguments passed as the script is executed ++$nonhttps = '' ; ++$submit = ''; + foreach ($arguments as $key => $value) { + switch ($key) { + case "smarty_templ": +@@ -901,7 +907,7 @@ switch ($submit) { + case "restorelocation": + $smarty->assign ('loc', $loc) ; + $smarty->assign ('location', $newconf["location"]) ; +- $smarty->assign ('sub', $newconf["sub"]) ; ++ $smarty->assign ('sub', $newconf["sub"] ?? '') ; + case "restoreclient": + case "restore": + $clients = array_keys($config["clients"]) ; +@@ -916,7 +922,7 @@ switch ($submit) { + case "maint": + $clients = array_keys($config["clients"]) ; + $smarty->assign ('clients', $clients) ; +- $smarty->assign ('client', $client) ; ++ $smarty->assign ('client', $client ?? '') ; + $smarty->display ('maint.tpl') ; + break ; + case "config": +--- slbackup-php.orig/src/functions.php ++++ slbackup-php/src/functions.php +@@ -24,9 +24,9 @@ function loadConfig () { + + @include_once ("/etc/slbackup-php/config.php") ; + +- if (empty ($nonhttps)) $nonhttps = $_COOKIE ['nonhttps'] ; +- if (empty ($smarty_templ)) $smarty_templ = $_COOKIE ['smarty_templ'] ; +- if (empty ($smarty_compile)) $smarty_compile = $_COOKIE ['smarty_compile'] ; ++ $nonhttps ??= $_COOKIE ['nonhttps'] ?? '' ; ++ $smarty_templ ??= $_COOKIE ['smarty_templ'] ?? null ; ++ $smarty_compile ??= $_COOKIE ['smarty_compile'] ?? null ; + + if (empty ($backuphost)) $backuphost="localhost" ; + if (empty ($backupuser)) $backupuser="root" ; diff -Nru slbackup-php-0.4.5/debian/patches/1005_fix-typo.patch slbackup-php-0.4.5/debian/patches/1005_fix-typo.patch --- slbackup-php-0.4.5/debian/patches/1005_fix-typo.patch 1970-01-01 01:00:00.000000000 +0100 +++ slbackup-php-0.4.5/debian/patches/1005_fix-typo.patch 2023-08-10 18:02:58.000000000 +0200 @@ -0,0 +1,13 @@ +From: Guido Berhoerster <gu...@berhoerster.name> +Subject: Fix typo causing an exception with PHP 8 +--- slbackup-php.orig/src/index.php ++++ slbackup-php/src/index.php +@@ -45,7 +45,7 @@ global $backuphost, $backupuser, $ssh_op + proc_close ($proc) ; + } + foreach ($config["clients"] as $key => $value) { +- if ($key["type"] <> "local") { ++ if ($value["type"] <> "local") { + $out["clients"][$key]["ssh"] = "failed" ; + $cmd = sprintf ("ssh %s %s@%s 'ssh %s echo ssh ok \; rdiff-backup --version'", + $ssh_options, $backupuser, diff -Nru slbackup-php-0.4.5/debian/patches/1006_disable-ssh-known-hosts.patch slbackup-php-0.4.5/debian/patches/1006_disable-ssh-known-hosts.patch --- slbackup-php-0.4.5/debian/patches/1006_disable-ssh-known-hosts.patch 1970-01-01 01:00:00.000000000 +0100 +++ slbackup-php-0.4.5/debian/patches/1006_disable-ssh-known-hosts.patch 2023-08-10 18:02:58.000000000 +0200 @@ -0,0 +1,14 @@ +From: Guido Berhoerster <gu...@berhoerster.name> +Subject: Do not attempt to write a SSH KnownHosts file + +--- slbackup-php.orig/src/functions.php ++++ slbackup-php/src/functions.php +@@ -32,7 +32,7 @@ function loadConfig () { + if (empty ($backupuser)) $backupuser="root" ; + if (empty ($backupconf)) $backupconf="/etc/slbackup/slbackup.conf" ; + if (empty ($backupcron)) $backupcron="/etc/cron.d/slbackup" ; +- if (empty ($ssh_options)) $ssh_options="-o StrictHostKeyChecking=no" ; ++ if (empty ($ssh_options)) $ssh_options="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" ; + if (empty ($logfile)) $logfile="/var/log/slbackup/slbackup.log" ; + + switch ($nonhttps) { diff -Nru slbackup-php-0.4.5/debian/patches/1007_log_remote_commands_to_stderr.patch slbackup-php-0.4.5/debian/patches/1007_log_remote_commands_to_stderr.patch --- slbackup-php-0.4.5/debian/patches/1007_log_remote_commands_to_stderr.patch 1970-01-01 01:00:00.000000000 +0100 +++ slbackup-php-0.4.5/debian/patches/1007_log_remote_commands_to_stderr.patch 2023-08-10 18:02:58.000000000 +0200 @@ -0,0 +1,101 @@ +From: Guido Berhoerster <gu...@berhoerster.name> +Subject: Do not log to /tmp/error.log but stderr, the webserver error log + +--- slbackup-php.orig/src/index.php ++++ slbackup-php/src/index.php +@@ -25,7 +25,6 @@ global $backuphost, $backupuser, $ssh_op + $out = array () ; + $desc[0] = array ("pipe", "r") ; + $desc[1] = array ("pipe", "w") ; +- $desc[2] = array ("file", "/tmp/error.log", "a") ; + + $env = array ('SSH_ASKPASS' => $ssh_askpass, + 'DISPLAY' => ':nowhere') ; +@@ -78,7 +77,6 @@ global $backuphost, $backupuser, $ssh_op + $snapshots = array () ; + $desc[0] = array ("pipe", "r") ; + $desc[1] = array ("pipe", "w") ; +- $desc[2] = array ("file", "/tmp/error.log", "a") ; + + $env = array ('SSH_ASKPASS' => $ssh_askpass, + 'DISPLAY' => ':nowhere') ; +@@ -105,7 +103,6 @@ global $backuphost, $backupuser, $ssh_op + $snapshots = array () ; + $desc[0] = array ("pipe", "r") ; + $desc[1] = array ("pipe", "w") ; +- $desc[2] = array ("file", "/tmp/error.log", "a") ; + + $env = array ('SSH_ASKPASS' => $ssh_askpass, + 'DISPLAY' => ':nowhere') ; +@@ -132,7 +129,6 @@ global $backuphost, $backupuser, $ssh_op + + $desc[0] = array ("pipe", "r") ; + $desc[1] = array ("pipe", "w") ; +- $desc[2] = array ("file", "/tmp/error.log", "a") ; + + $env = array ('SSH_ASKPASS' => $ssh_askpass, + 'DISPLAY' => ':nowhere') ; +@@ -151,7 +147,6 @@ global $backuphost, $backupuser, $ssh_op + + $desc[0] = array ("pipe", "r") ; + $desc[1] = array ("pipe", "w") ; +- $desc[2] = array ("file", "/tmp/error.log", "a") ; + + $env = array ('SSH_ASKPASS' => $ssh_askpass, + 'DISPLAY' => ':nowhere') ; +@@ -209,7 +204,6 @@ global $backuphost, $backupuser, $ssh_op + + $desc[0] = array ("pipe", "r") ; + $desc[1] = array ("pipe", "w") ; +- $desc[2] = array ("file", "/tmp/error.log", "a") ; + + $env = array ('SSH_ASKPASS' => $ssh_askpass, + 'DISPLAY' => ':nowhere') ; +@@ -279,7 +273,6 @@ global $backuphost, $backupuser, $ssh_op + + $desc[0] = array ("pipe", "r") ; + $desc[1] = array ("pipe", "w") ; +- $desc[2] = array ("file", "/tmp/error.log", "a") ; + + $env = array ('SSH_ASKPASS' => $ssh_askpass, + 'DISPLAY' => ':nowhere') ; +@@ -377,7 +370,6 @@ global $backuphost, $backupuser, $backup + + $desc[0] = array ("pipe", "r") ; + $desc[1] = array ("pipe", "w") ; +- $desc[2] = array ("file", "/tmp/error.log", "a") ; + + $env = array ('SSH_ASKPASS' => $ssh_askpass, + 'DISPLAY' => ':nowhere') ; +@@ -402,7 +394,6 @@ global $backuphost, $backupuser, $backup + + $desc[0] = array ("pipe", "r") ; + $desc[1] = array ("pipe", "w") ; +- $desc[2] = array ("file", "/tmp/error.log", "a") ; + + $env = array ('SSH_ASKPASS' => $ssh_askpass, + 'DISPLAY' => ':nowhere') ; +@@ -458,7 +449,6 @@ global $backuphost, $backupuser, $backup + + $desc[0] = array ("pipe", "r") ; + $desc[1] = array ("pipe", "w") ; +- $desc[2] = array ("file", "/tmp/error.log", "a") ; + + $env = array ('SSH_ASKPASS' => $ssh_askpass, + 'DISPLAY' => ':nowhere') ; +@@ -483,7 +473,6 @@ global $backuphost, $backupuser, $backup + + $desc[0] = array ("pipe", "r") ; + $desc[1] = array ("pipe", "w") ; +- $desc[2] = array ("file", "/tmp/error.log", "a") ; + + $env = array ('SSH_ASKPASS' => $ssh_askpass, + 'DISPLAY' => ':nowhere') ; +@@ -549,7 +538,6 @@ global $backuphost, $backupuser, $logfil + + $desc[0] = array ("pipe", "r") ; + $desc[1] = array ("pipe", "w") ; +- $desc[2] = array ("file", "/tmp/error.log", "a") ; + + $env = array ('SSH_ASKPASS' => $ssh_askpass, + 'DISPLAY' => ':nowhere') ; diff -Nru slbackup-php-0.4.5/debian/patches/series slbackup-php-0.4.5/debian/patches/series --- slbackup-php-0.4.5/debian/patches/series 2018-06-02 23:54:47.000000000 +0200 +++ slbackup-php-0.4.5/debian/patches/series 2023-08-10 18:02:58.000000000 +0200 @@ -1,2 +1,7 @@ 1001_adapt-to-apache24.patch 1002_php7-compat.patch +1003_php8-compat.patch +1004_fix-php-warnings.patch +1005_fix-typo.patch +1006_disable-ssh-known-hosts.patch +1007_log_remote_commands_to_stderr.patch