Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package libcotp for openSUSE:Factory checked
in at 2023-01-08 21:25:57
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libcotp (Old)
and /work/SRC/openSUSE:Factory/.libcotp.new.1563 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libcotp"
Sun Jan 8 21:25:57 2023 rev:6 rq:1056899 version:1.2.8
Changes:
--------
--- /work/SRC/openSUSE:Factory/libcotp/libcotp.changes 2023-01-05
15:01:46.265339834 +0100
+++ /work/SRC/openSUSE:Factory/.libcotp.new.1563/libcotp.changes
2023-01-08 21:26:01.319419084 +0100
@@ -1,0 +2,6 @@
+Sun Jan 8 14:45:11 UTC 2023 - Paolo Stivanin <i...@paolostivanin.com>
+
+- Update to 1.2.8:
+ * this release fixes a regression brought by v1.2.7.
+
+-------------------------------------------------------------------
Old:
----
v1.2.7.tar.gz
v1.2.7.tar.gz.asc
New:
----
libcotp.keyring
v1.2.8.tar.gz
v1.2.8.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libcotp.spec ++++++
--- /var/tmp/diff_new_pack.Kp1Djj/_old 2023-01-08 21:26:02.267424716 +0100
+++ /var/tmp/diff_new_pack.Kp1Djj/_new 2023-01-08 21:26:02.271424740 +0100
@@ -21,7 +21,7 @@
%global debug_package %{nil}
%endif
Name: libcotp
-Version: 1.2.7
+Version: 1.2.8
Release: 0
Summary: C library for generating TOTP and HOTP
License: Apache-2.0
@@ -29,6 +29,7 @@
URL: https://github.com/paolostivanin/%{name}
Source0:
https://github.com/paolostivanin/%{name}/archive/v%{version}.tar.gz
Source1:
https://github.com/paolostivanin/libcotp/releases/download/v%{version}/v%{version}.tar.gz.asc
+Source2: %{name}.keyring
BuildRequires: cmake
BuildRequires: gcc
BuildRequires: gcc-c++
++++++ v1.2.7.tar.gz -> v1.2.8.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcotp-1.2.7/.circleci/build_and_tests.sh
new/libcotp-1.2.8/.circleci/build_and_tests.sh
--- old/libcotp-1.2.7/.circleci/build_and_tests.sh 2023-01-04
17:02:55.000000000 +0100
+++ new/libcotp-1.2.8/.circleci/build_and_tests.sh 1970-01-01
01:00:00.000000000 +0100
@@ -1,7 +0,0 @@
-#!/bin/bash
-
-mkdir build && cd "$_"
-cmake .. -DCMAKE_INSTALL_PREFIX=/usr -DBUILD_TESTING=ON
-make
-make install
-./tests/test_all
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcotp-1.2.7/.circleci/build_only.sh
new/libcotp-1.2.8/.circleci/build_only.sh
--- old/libcotp-1.2.7/.circleci/build_only.sh 2023-01-04 17:02:55.000000000
+0100
+++ new/libcotp-1.2.8/.circleci/build_only.sh 1970-01-01 01:00:00.000000000
+0100
@@ -1,6 +0,0 @@
-#!/bin/bash
-
-mkdir build && cd "$_"
-cmake .. -DCMAKE_INSTALL_PREFIX=/usr
-make
-make install
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcotp-1.2.7/.circleci/config.yml
new/libcotp-1.2.8/.circleci/config.yml
--- old/libcotp-1.2.7/.circleci/config.yml 2023-01-04 17:02:55.000000000
+0100
+++ new/libcotp-1.2.8/.circleci/config.yml 2023-01-08 15:30:32.000000000
+0100
@@ -1,37 +1,36 @@
version: 2.0
jobs:
- debianLatestStable:
+ debian:
docker:
- - image: debian:latest
+ - image: debian:testing
steps:
- checkout
- - run: apt update && apt -y install git gcc clang cmake libcriterion-dev
libbaseencode-dev
- - run: chmod +x .circleci/build_and_tests.sh
+ - run:
+ command: |
+ apt update && apt -y install git gcc clang cmake libcriterion-dev
libbaseencode-dev libgcrypt20-dev
+ mkdir build && cd "$_"
+ cmake -DCMAKE_INSTALL_PREFIX=/usr -DBUILD_TESTING=ON ..
+ make && make install
+ ./tests/test_cotp
- fedoraLatestStable:
+ ubuntu:
docker:
- - image: fedora:latest
+ - image: ubuntu:latest
steps:
- checkout
- - run: dnf -y update && dnf -y install git gcc cmake make
libgcrypt-devel
- - run: chmod +x .circleci/install_deps.sh
- - run: chmod +x .circleci/build_only.sh
-
- archlinux:
- docker:
- - image: archlinux:latest
- steps:
- - checkout
- - run: pacman -Syu --noconfirm && pacman -S --noconfirm pkg-config git
gcc cmake make
- - run: chmod +x .circleci/install_deps.sh
- - run: chmod +x .circleci/build_only.sh
+ - run:
+ command: |
+ apt update && apt -y install git gcc clang cmake libcriterion-dev
libbaseencode-dev libgcrypt20-dev
+ mkdir build && cd "$_"
+ cmake -DCMAKE_INSTALL_PREFIX=/usr -DBUILD_TESTING=ON ..
+ make && make install
+ ./tests/test_cotp
workflows:
version: 2
build:
jobs:
- - debianLatestStable
- - fedoraLatestStable
- - archlinux
+ - debian
+ - ubuntu
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcotp-1.2.7/.circleci/install_deps.sh
new/libcotp-1.2.8/.circleci/install_deps.sh
--- old/libcotp-1.2.7/.circleci/install_deps.sh 2023-01-04 17:02:55.000000000
+0100
+++ new/libcotp-1.2.8/.circleci/install_deps.sh 1970-01-01 01:00:00.000000000
+0100
@@ -1,9 +0,0 @@
-set -e
-
-git clone https://github.com/paolostivanin/libbaseencode.git
-cd libbaseencode && mkdir build && cd "$_"
- cmake .. -DCMAKE_INSTALL_PREFIX=/usr
- make -j2
- make install
-cd ../..
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcotp-1.2.7/CMakeLists.txt
new/libcotp-1.2.8/CMakeLists.txt
--- old/libcotp-1.2.7/CMakeLists.txt 2023-01-04 17:02:55.000000000 +0100
+++ new/libcotp-1.2.8/CMakeLists.txt 2023-01-08 15:30:32.000000000 +0100
@@ -7,7 +7,7 @@
find_package(PkgConfig REQUIRED)
find_package(Gcrypt 1.6.0 REQUIRED)
-pkg_check_modules(BASEENCODE REQUIRED baseencode>=1.0.14)
+pkg_check_modules(BASEENCODE REQUIRED baseencode>=1.0.12)
include_directories(${GCRYPT_INCLUDE_DIR} ${BASEENCODE_INCLUDE_DIRS})
@@ -19,7 +19,7 @@
# set up versioning.
set(BUILD_MAJOR "1")
set(BUILD_MINOR "2")
-set(BUILD_VERSION "7")
+set(BUILD_VERSION "8")
set(BUILD_VERSION ${BUILD_MAJOR}.${BUILD_MINOR}.${BUILD_VERSION})
set(CMAKE_C_STANDARD 11)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcotp-1.2.7/src/otp.c new/libcotp-1.2.8/src/otp.c
--- old/libcotp-1.2.7/src/otp.c 2023-01-04 17:02:55.000000000 +0100
+++ new/libcotp-1.2.8/src/otp.c 2023-01-08 15:30:32.000000000 +0100
@@ -64,8 +64,8 @@
char code[6];
size_t steam_alphabet_len = strlen(steam_alphabet);
for (int i = 0; i < 5; i++) {
- int mod = bin_code % steam_alphabet_len;
- bin_code = bin_code / steam_alphabet_len;
+ int mod = (int)(bin_code % steam_alphabet_len);
+ bin_code = (int)(bin_code / steam_alphabet_len);
code[i] = steam_alphabet[mod];
}
code[5] = '\0';
@@ -78,25 +78,12 @@
truncate(unsigned const char *hmac, int digits_length, int algo)
{
// take the lower four bits of the last byte
- int offset = 0;
- switch (algo) {
- case SHA1:
- offset = (hmac[SHA1_DIGEST_SIZE-1] & 0x0f);
- break;
- case SHA256:
- offset = (hmac[SHA256_DIGEST_SIZE-1] & 0x0f);
- break;
- case SHA512:
- offset = (hmac[SHA512_DIGEST_SIZE-1] & 0x0f);
- break;
- default:
- break;
- }
+ int offset = hmac[gcry_md_get_algo_dlen (algo) - 1] & 0x0f;
// Starting from the offset, take the successive 4 bytes while stripping
the topmost bit to prevent it being handled as a signed integer
int bin_code = ((hmac[offset] & 0x7f) << 24) | ((hmac[offset + 1] & 0xff)
<< 16) | ((hmac[offset + 2] & 0xff) << 8) | ((hmac[offset + 3] & 0xff));
- int token = bin_code % DIGITS_POWER[digits_length];
+ int token = (int)(bin_code % DIGITS_POWER[digits_length]);
return token;
}
@@ -137,7 +124,22 @@
}
gcry_md_write (hd, C_reverse_byte_order, sizeof(C_reverse_byte_order));
gcry_md_final (hd);
- unsigned char *hmac = gcry_md_read (hd, algo);
+
+ unsigned char * hmac_tmp = gcry_md_read (hd, algo);
+ if (hmac_tmp == NULL) {
+ fprintf(stderr, "Error getting digest\n");
+ gcry_md_close (hd);
+ return NULL;
+ }
+
+ size_t dlen = gcry_md_get_algo_dlen(algo);
+ unsigned char *hmac = malloc (dlen);
+ if (hmac == NULL) {
+ perror("Error allocating memory");
+ gcry_md_close (hd);
+ return NULL;
+ }
+ memcpy (hmac, hmac_tmp, dlen);
free (secret);
@@ -226,8 +228,11 @@
*err_code = INVALID_B32_INPUT;
return NULL;
}
+
int tk = truncate(hmac, digits, algo);
char *token = finalize(digits, tk);
+
+ free(hmac);
return token;
}
@@ -300,7 +305,10 @@
return NULL;
}
- return get_steam_code(hmac);
+ char * totp = get_steam_code(hmac);
+
+ free(hmac);
+ return totp;
}
