Bug#1056307: bookworm-pu: package lastpass-cli/1.3.7-1+deb12u1

To: submit@bugs.debian.org
Subject: Bug#1056307: bookworm-pu: package lastpass-cli/1.3.7-1+deb12u1
From: "Chris Lamb" <lamby@debian.org>
Date: Mon, 20 Nov 2023 10:17:46 +0000
Message-id: <[🔎] 170047541311.2322831.4768791350225863356@copycat>
Reply-to: "Chris Lamb" <lamby@debian.org>, 1056307@bugs.debian.org

Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian.org@packages.debian.org
Usertags: pu

Dear stable release managers,

Please consider lastpass-cli (1.3.7-1+deb12u1) for bookworm:
  
  lastpass-cli (1.3.7-1+deb12u1) bookworm; urgency=medium
  .
    * Upload latest upstream version to fix compatability with Lastpass's
      SSL keys. (Closes: #1055876)


Currently, lastpass-cli is completely non-functioning in bookworm, so
it should either be updated or removed.

The full debdiff is attached.


Regards,

-- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

diff --git a/debian/changelog b/debian/changelog
index 800751f..68e0043 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,42 @@
+lastpass-cli (1.3.7-1+deb12u1) bookworm; urgency=medium
+
+  * Upload latest upstream version to fix compatability with Lastpass's
+    SSL keys. (Closes: #1055876)
+
+ -- Chris Lamb <lamby@debian.org>  Mon, 20 Nov 2023 10:14:54 +0000
+
+lastpass-cli (1.3.7-1) unstable; urgency=medium
+
+  * New upstream release. (Closes: #1055876)
+  * Drop 0001-Fix-FTBFS-with-GCC-10.0.patch; applied upstream.
+
+ -- Chris Lamb <lamby@debian.org>  Mon, 13 Nov 2023 12:40:41 +0000
+
+lastpass-cli (1.3.6-1) unstable; urgency=medium
+
+  * New upstream release.
+  * Refresh patches.
+
+ -- Chris Lamb <lamby@debian.org>  Sat, 09 Sep 2023 09:52:20 -0700
+
+lastpass-cli (1.3.5-2) unstable; urgency=medium
+
+  * Always use the Debian version number. (Closes: #1051218)
+
+ -- Chris Lamb <lamby@debian.org>  Tue, 05 Sep 2023 10:12:30 -0700
+
+lastpass-cli (1.3.5-1) unstable; urgency=medium
+
+  * New upstream release. (Closes: #1050973)
+
+ -- Chris Lamb <lamby@debian.org>  Thu, 31 Aug 2023 16:37:52 -0700
+
+lastpass-cli (1.3.4-2) unstable; urgency=medium
+
+  * Also clean test/.lpass directory. (Closes: #1048723)
+
+ -- Chris Lamb <lamby@debian.org>  Tue, 22 Aug 2023 13:44:44 -0700
+
 lastpass-cli (1.3.4-1) unstable; urgency=medium
 
   * New upstream release.
diff --git a/.gitignore b/.gitignore
index 495a746..9383e25 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,3 +12,4 @@ version.h
 
 # IDE
 /.idea
+/.vs
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 21c854d..e953cee 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,13 @@
+# Vesion 1.3.7
+* Add support for reading encrypted URLs (Tibor Komlossy)
+* Fix GCC 10 compatibility issue #532 (Tibor Komlossy)
+
+# Version 1.3.6
+* Fix version (Béla Ormos)
+
+# Version 1.3.5
+* Updating certificate hashes (Béla Ormos)
+
 # Version 1.3.4
 * Updating post parameter (Gergely Der)
 
diff --git a/LASTPASS-VERSION-GEN b/LASTPASS-VERSION-GEN
index d9b0f48..8f75701 100755
--- a/LASTPASS-VERSION-GEN
+++ b/LASTPASS-VERSION-GEN
@@ -4,7 +4,7 @@
 # You can find the original at https://github.com/git/git/blob/master/GIT-VERSION-GEN
 
 LPVF=version.h
-DEF_VER=v1.3.4.GIT
+DEF_VER=v1.3.7.GIT
 
 LF='
 '
diff --git a/blob.c b/blob.c
index 69d9f44..f95305f 100644
--- a/blob.c
+++ b/blob.c
@@ -104,6 +104,7 @@ void account_free_contents(struct account *account)
 	free(account->note);
 	free(account->name_encrypted);
 	free(account->group_encrypted);
+	free(account->url_encrypted);
 	free(account->username_encrypted);
 	free(account->password_encrypted);
 	free(account->note_encrypted);
@@ -320,6 +321,10 @@ static int read_boolean(struct chunk *chunk)
 	return item.data[0] == '1';
 }
 
+static bool check_next_entry_encrypted(struct chunk *chunk) {
+	return (chunk->data + sizeof(uint32_t))[0] == '!';
+}
+
 #define entry_plain_at(base, var) do { \
 	char *__entry_val__ = read_plain_string(chunk); \
 	if (!__entry_val__) \
@@ -360,6 +365,9 @@ static struct account *account_parse(struct chunk *chunk, const unsigned char ke
 	entry_plain(id);
 	entry_crypt(name);
 	entry_crypt(group);
+ 	if (check_next_entry_encrypted(chunk))
+		entry_crypt(url);
+	else
 	entry_hex(url);
 	entry_crypt(note);
 	entry_boolean(fav);
diff --git a/blob.h b/blob.h
index d6c480a..ab6c32d 100644
--- a/blob.h
+++ b/blob.h
@@ -59,7 +59,7 @@ struct account {
 	char *name, *name_encrypted;
 	char *group, *group_encrypted;
 	char *fullname;
-	char *url;
+	char *url, *url_encrypted;
 	char *username, *username_encrypted;
 	char *password, *password_encrypted;
 	char *note, *note_encrypted;
diff --git a/debian/control b/debian/control
index 64bb52d..5440be8 100644
--- a/debian/control
+++ b/debian/control
@@ -13,7 +13,7 @@ Build-Depends:
  libxml2-dev,
  pkg-config,
  xsltproc,
-Standards-Version: 4.6.1
+Standards-Version: 4.6.2
 Homepage: https://github.com/lastpass/lastpass-cli
 Vcs-Git: https://salsa.debian.org/lamby/pkg-lastpass-cli.git
 Vcs-Browser: https://salsa.debian.org/lamby/pkg-lastpass-cli
diff --git a/debian/patches/0001-Fix-FTBFS-with-GCC-10.0.patch b/debian/patches/0001-Fix-FTBFS-with-GCC-10.0.patch
deleted file mode 100644
index 4cef68b..0000000
--- a/debian/patches/0001-Fix-FTBFS-with-GCC-10.0.patch
+++ /dev/null
@@ -1,72 +0,0 @@
-From: Chris Lamb <lamby@debian.org>
-Date: Wed, 22 Jul 2020 11:07:36 +0100
-Subject: Fix FTBFS with GCC 10.0
-
-Forwarded: https://github.com/lastpass/lastpass-cli/pull/535
----
- globals.c | 40 ++++++++++++++++++++++++++++++++++++++++
- process.h |  4 ++--
- 2 files changed, 42 insertions(+), 2 deletions(-)
- create mode 100644 globals.c
-
-diff --git a/globals.c b/globals.c
-new file mode 100644
-index 0000000..59e9c30
---- /dev/null
-+++ b/globals.c
-@@ -0,0 +1,40 @@
-+/*
-+ *
-+ * Copyright (C) 2014-2018 LastPass.
-+ *
-+ * This program is free software; you can redistribute it and/or modify
-+ * it under the terms of the GNU General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or
-+ * (at your option) any later version.
-+ *
-+ * This program is distributed in the hope that it will be useful,
-+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-+ * GNU General Public License for more details.
-+ *
-+ * You should have received a copy of the GNU General Public License along
-+ * with this program; if not, write to the Free Software Foundation, Inc.,
-+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-+ *
-+ * In addition, as a special exception, the copyright holders give
-+ * permission to link the code of portions of this program with the
-+ * OpenSSL library under certain conditions as described in each
-+ * individual source file, and distribute linked combinations
-+ * including the two.
-+ *
-+ * You must obey the GNU General Public License in all respects
-+ * for all of the code used other than OpenSSL.  If you modify
-+ * file(s) with this exception, you may extend this exception to your
-+ * version of the file(s), but you are not obligated to do so.  If you
-+ * do not wish to do so, delete this exception statement from your
-+ * version.  If you delete this exception statement from all source
-+ * files in the program, then also delete it here.
-+ *
-+ * See LICENSE.OpenSSL for more details regarding this exception.
-+ */
-+
-+#include "process.h"
-+
-+/* Globals */
-+int ARGC;
-+char **ARGV;
-diff --git a/process.h b/process.h
-index 58c2480..4cc2cf4 100644
---- a/process.h
-+++ b/process.h
-@@ -4,8 +4,8 @@
- #include <stdbool.h>
- #include <sys/types.h>
- 
--int ARGC;
--char **ARGV;
-+extern int ARGC;
-+extern char **ARGV;
- 
- void process_set_name(const char *name);
- void process_disable_ptrace(void);
diff --git a/debian/patches/0002-Always-use-the-Debian-version-number.patch b/debian/patches/0002-Always-use-the-Debian-version-number.patch
new file mode 100644
index 0000000..74bdfd0
--- /dev/null
+++ b/debian/patches/0002-Always-use-the-Debian-version-number.patch
@@ -0,0 +1,21 @@
+From: Chris Lamb <lamby@debian.org>
+Date: Tue, 5 Sep 2023 10:05:21 -0700
+Subject: Always use the Debian version number.
+
+Forwarded: not-needed
+---
+ LASTPASS-VERSION-GEN | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/LASTPASS-VERSION-GEN b/LASTPASS-VERSION-GEN
+index 752d607..fb302e1 100755
+--- a/LASTPASS-VERSION-GEN
++++ b/LASTPASS-VERSION-GEN
+@@ -1,4 +1,7 @@
+ #!/bin/sh
++echo "#define LASTPASS_CLI_VERSION \"$(dpkg-parsechangelog -SVersion)\"" > version.h
++echo "#define LASTPASS_CLI_USERAGENT \"LastPass-CLI/\" LASTPASS_CLI_VERSION" >> version.h
++exit
+ 
+ # This file has been adopted from the git project
+ # You can find the original at https://github.com/git/git/blob/master/GIT-VERSION-GEN
diff --git a/debian/patches/series b/debian/patches/series
index da4eddc..6915873 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1 @@
-0001-Fix-FTBFS-with-GCC-10.0.patch
+0002-Always-use-the-Debian-version-number.patch
diff --git a/debian/rules b/debian/rules
index 1f5e9c8..1a2274f 100755
--- a/debian/rules
+++ b/debian/rules
@@ -17,7 +17,7 @@ override_dh_auto_build:
 
 override_dh_auto_clean:
 	dh_auto_clean
-	rm -f version.h
+	rm -rf version.h test/.lpass
 
 override_dh_auto_install:
 	dh_auto_install
diff --git a/debian/source/lintian-overrides b/debian/source/lintian-overrides
index 4bc3425..8ca50cf 100644
--- a/debian/source/lintian-overrides
+++ b/debian/source/lintian-overrides
@@ -1,2 +1,2 @@
 # Upstream do not provide signed tarballs.
-lastpass-cli source: debian-watch-does-not-check-gpg-signature
+lastpass-cli source: debian-watch-does-not-check-openpgp-signature
diff --git a/pins.h b/pins.h
index 7455574..0d5780a 100644
--- a/pins.h
+++ b/pins.h
@@ -1,23 +1,17 @@
 #ifndef PINS_H
 #define PINS_H
 const char *PK_PINS[] = {
-	/* current lastpass.com primary (Thawte) */
-	"HXXQgxueCIU5TTLHob/bPbwcKOKw6DkfsTWYHbxbqTY=",
-	/* current lastpass.eu primary (AddTrust) */
-	"lCppFqbkrlJ3EcVFAkeip0+44VaoJUymbnOaEUk7tEU=",
 	/* future lastpass root CA (GlobalSign R1) */
 	"K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q=",
 	/* future lastpass root CA (GlobalSign R2) */
 	"iie1VXtL7HzAMF+/PVPR9xzT80kQxdZeJ+zduCB3uj0=",
 	/* future lastpass root CA (GlobalSign R3) */
 	"cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A=",
-	/* future lastpass.com primary (leaf) */
-	"0hkr5YW/WE6Nq5hNTcApxpuaiwlwy5HUFiOt3Qd9VBc=",
-	/* future lastpass.com backup (leaf) */
-	"8CzY4qWQKZjFDwHXTOIpsVfWkiVnrhQOJEM4Q2b2Ar4=",
-	/* future lastpass.eu primary (leaf) */
-	"SQAWwwYXoceSd8VNbiyxspGXEjFndkklEO2XzLMts10=",
-	/* future lastpass.eu backup (leaf) */
-	"qr2VCNpUi0PK80PfRyF7lFBIEU1Gzz931k03hrD+xGQ=",
+	/* current lastpass.com primary (leaf) */
+	"YDjIAXSYj+mh+25FGifAiKN4oNOAj+as6gQv4naQG0M=",
+	/* current lastpass.eu primary (leaf) */
+	"SjMnNhjAyVM5Yv6O5JaQgNygBTU0wdb8Jz3mfQfTc28=",
+	/* GlobalSign ECC OV SSL CA 2018 intermediate CA */
+	"OD/WDbD3VsfMwwNzzy9MWd9JXppKB77Vb3ST2wn9meg="
 };
 #endif
diff --git a/process.c b/process.c
index 59bdf10..8ccbf34 100644
--- a/process.c
+++ b/process.c
@@ -127,6 +127,9 @@ out:
 #error "Please provide a pid_to_cmd for your platform"
 #endif
 
+int ARGC;
+char **ARGV;
+
 void process_set_name(const char *name)
 {
 	size_t argslen = 0;
diff --git a/process.h b/process.h
index 58c2480..4cc2cf4 100644
--- a/process.h
+++ b/process.h
@@ -4,8 +4,8 @@
 #include <stdbool.h>
 #include <sys/types.h>
 
-int ARGC;
-char **ARGV;
+extern int ARGC;
+extern char **ARGV;
 
 void process_set_name(const char *name);
 void process_disable_ptrace(void);

Reply to:

Follow-Ups:
- Processed: Re: Bug#1056307: bookworm-pu: package lastpass-cli/1.3.7-1+deb12u1
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>
- Bug#1056307: bookworm-pu: package lastpass-cli/1.3.7-1+deb12u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Bug#1056204: nmu: texlive-bin_2023.20230311.66589-7
Next by Date: Processed: Re: bookworm-pu: package lastpass-cli/1.3.7-1+deb12u1
Previous by thread: Processed: Re: Bug#1056304: lualatex needs to be rebuilt against zlib 1.3
Next by thread: Processed: Re: Bug#1056307: bookworm-pu: package lastpass-cli/1.3.7-1+deb12u1
Index(es):
- Date
- Thread