Imported Debian patch 3.13.0+dfsg-1

debian/changelog

@@ -1,3 +1,39 @@
+wolfssl (3.13.0+dfsg-1) unstable; urgency=medium
+
+  * New upstream release
+  * Fixes "robot attack" CVE-2017-13099 (Closes: #884235)
+  * New major number 15
+  * Set Standards-Version: 4.1.2
+  * Improved clean target for repeated builds
+
+ -- Felix Lechner <felix.lechner@lease-up.com>  Thu, 21 Dec 2017 15:43:45 -0800
+
+wolfssl (3.12.2+dfsg-1) unstable; urgency=medium
+
+  * New upstream release
+  * New major number 14
+  * Updated symbols file
+  * Updated watch file
+  * Replaced upstream signing key with 0xEBC80E415CA29677
+  * Updated Standard-Versions: to 4.1.1
+
+ -- Felix Lechner <felix.lechner@lease-up.com>  Sat, 25 Nov 2017 21:30:15 -0800
+
+wolfssl (3.12.0+dfsg-1) unstable; urgency=medium
+
+  * New upstream release
+  * Shared object version is now 12
+  * CVE-2017-2800 was fixed in 3.11.0 (Closes: #862154)
+  * CVE-2017-8855 was fixed in 3.11.0 (Closes: #870170)
+  * Removed "--with-sha224" from rules; now included in "--enable-distro"
+  * Cannot override lintian for missing upstream signature; source was
+    repackaged (DFSG)
+  * Removed unnecessary Build-Depends: dh-autoreconf
+  * Removed unnecessary Build-Depends: autotools-dev
+  * Updated to Standards-Version: 4.0.0
+
+ -- Felix Lechner <felix.lechner@lease-up.com>  Sun, 13 Aug 2017 21:00:54 -0700
+
 wolfssl (3.10.2+dfsg-2) unstable; urgency=medium
 
   * Updated debian/copyright (Closes: #860046)

debian/control

@@ -3,15 +3,13 @@ Priority: optional
 Maintainer: Felix Lechner <felix.lechner@lease-up.com>
 Build-Depends:
  debhelper (>= 10),
- autotools-dev,
- dh-autoreconf,
  libpcap0.8-dev,
  openssl
-Standards-Version: 3.9.8
+Standards-Version: 4.1.2
 Section: libs
 Homepage: http://www.wolfssl.com/yaSSL/Products-wolfssl.html
 
-Package: libwolfssl10
+Package: libwolfssl15
 Architecture: any
 Multi-Arch: same
 Pre-Depends: ${misc:Pre-Depends}
@@ -37,7 +35,7 @@ Section: libdevel
 Architecture: any
 Multi-Arch: same
 Depends:
- libwolfssl10 (= ${binary:Version}),
+ libwolfssl15 (= ${binary:Version}),
  ${misc:Depends}
 Description: Development files for the wolfSSL encryption library
  wolfSSL is a small, portable, embedded SSL/TLS programming library

debian/patches/dfsg.patch

@@ -3,7 +3,7 @@ Forwarded: no
 From: Felix Lechner <felix.lechner@lease-up.com>
 --- a/Makefile.am
 +++ b/Makefile.am
-@@ -101,25 +101,6 @@ include tests/include.am
+@@ -113,25 +113,6 @@ include tests/include.am
  include sslSniffer/sslSnifferTest/include.am
  include rpm/include.am
  

debian/patches/disable-crl-monitor.patch

@@ -7,7 +7,7 @@ Last-Update: 2017-04-22
 This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
 --- a/configure.ac
 +++ b/configure.ac
-@@ -175,7 +175,6 @@ then
+@@ -194,7 +194,6 @@ then
      enable_ocspstapling=yes
      enable_ocspstapling2=yes
      enable_crl=yes

debian/patches/fix-hurd-i386-flags.patch

@@ -7,7 +7,7 @@ Last-Update: 2017-04-22
 This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
 --- a/wolfssl/test.h
 +++ b/wolfssl/test.h
-@@ -152,7 +152,7 @@
+@@ -160,7 +160,7 @@
  #endif
  #endif /* WOLFSSL_SOCKET_IS_INVALID */
  

debian/patches/improve-clean-target.patch

@@ -0,0 +1,14 @@
+Description: Fix clean target for repeated builds
+Author: Felix Lechner <felix.lechner@lease-up.com>
+Forwarded: no
+Last-Update: 2017-12-18
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/cyassl/include.am
++++ b/cyassl/include.am
+@@ -29,3 +29,5 @@ noinst_HEADERS+=         cyassl/options.
+ else
+ nobase_include_HEADERS+= cyassl/options.h
+ endif
++
++CLEANFILES+=cyassl/options.h

debian/patches/series

@@ -1,3 +1,4 @@
+improve-clean-target.patch
 dfsg.patch
 fix-hurd-i386-flags.patch
 turn-off-fastmath-for-amd64.patch

debian/patches/turn-off-fastmath-for-amd64.patch

@@ -8,7 +8,7 @@ Last-Update: 2017-04-22
 This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
 --- a/configure.ac
 +++ b/configure.ac
-@@ -2481,10 +2481,6 @@ fi
+@@ -3036,10 +3036,6 @@ fi
  # set fastmath default
  FASTMATH_DEFAULT=no
  

debian/rules

@@ -1,21 +1,24 @@
 #!/usr/bin/make -f
 # -*- makefile -*-
 
+include /usr/share/dpkg/pkg-info.mk
+
 # Uncomment this to turn on verbose mode.
 #export DH_VERBOSE=1
 
 # Uncomment this to change the hardening options
 export DEB_BUILD_MAINT_OPTIONS = hardening=+all
 
-VERSION=$(shell dpkg-parsechangelog |grep ^Version:|cut -d ' ' -f 2)
+#VERSION=$(shell dpkg-parsechangelog |grep ^Version:|cut -d ' ' -f 2)
+# following is to avoid a lintian warning, but untested
+#VERSION=$(shell echo $DEB_VERSION |cut -d ' ' -f 2)
 
 %:
-	dh $@ --with autotools-dev
-#	dh $@ --with autotools-dev --with autoreconf --with dkms
+	dh $@
+#	dh $@ --with dkms
 
 override_dh_auto_configure:
 	dh_auto_configure -- \
-		--enable-sha224 \
 		--enable-distro \
 		--disable-examples \
 		--disable-silent-rules

debian/upstream/signing-key.asc

@@ -1,62 +1,37 @@
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 
-mQINBFgOZbcBEADjkJV/djCggvVI0oG3NPQpsswhzmuJ6pXfQWvX0lX9b8iFYtxf
-ZYtkZgrF4FG9+iGUDqb7m0y9UIMMqFvVtnt75GINTaV3m7M0H7AiJOyKhTx4fqsq
-YghU7qpV/27gPssWghcvsOva3tFq9J/3u57+6BDiMe5pb9QnF2N2/xn6LWlQkEVO
-CeekUdt/nd3HqwsGxPKBmLjV8U9ph9Q3bfqmwaMkBLxtkarAtBDrm9SkEx49XWRR
-mT3TRMZYJsogkSAc34bhp2pQFJ0aIKlJ4vWsvuToFxf9998z3zddLlUKG6BS10FY
-ZgaNxyc9/F0gHytmS6ZOW9Jbdiu+ZZm1cxtcJh6y7rOj/rMg1oFnGfDtJ/VOY2Zv
-WfCdMU+AKWRJS2mpNhGG6rXJ0y/4mTj9bW/SAMr++x7aPe8oczNLKSAez/bce8iL
-BlRgI4swbPkkfW+FbfzO2yxUAzQTUWKBMFGoHnWo12iOnP/IlM9c8wSInCTVtTYG
-dm0L60zOCTjxWLR9VhEBX9c68GkXWQikcNu+1c0eqURQqrRX5Q2zwIxDrQ2MPlcR
-rtLJe2ZCrou4OSiG8AhXTLxuksJxe/KbowkABtyQOC6Ary4Un53mbLeylT/eSGpZ
-wKNBLpygu3fYxdqNE/tObWu68qN2oCgwxkTuE0kTiMyteJlNh46x/9rnqQARAQAB
-tCpEYXZpZCBHYXJza2UgKHdvbGZTU0wpIDxkYXZpZEB3b2xmc3NsLmNvbT6JAj0E
-EwEKACcFAlgOZbcCGwMFCQeGH4AFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQ
-XZ9A0Zcor+qlNhAAyFVWANK+j7bmh6BvXb5IM2ECP3N2ZeQ4vuY0iKnU30d+CzXL
-+hLc8NOSTHzQ10A9izIZRHsPoWf2v4RMhUGUdy0IG9T0yzyuoWndsP5B5tyFihKZ
-h2b3FkS+vleR+KtjN16m4ZVlb8mTC16n6rc0O58U1VNhqTPl6+X5/Sk6JyZThmul
-u4Kf0tZiGYSUlU2KpLL2xR/DtpFShwqeg05fMizxMKyhQKyLsN+i2G9Cm5YThrcQ
-UucRZxfYcgz+KfzztBvj8ipw7vFYV7lJsmqTXMgVVTCEVVLvruiUQTtQcf8Jw2X/
-LYGjYubJa1sUAhjd6qEAeIlsRYBYTyPuQGMP1bio5hXdMJNXMZvMPfFmCqMQcnYH
-dLMK505ET4VMMbSWzPYLktUCJ7n8gHF+RrdNcIKaxXRMzMYzFvvpRx0t6ZiJD8TL
-sxFbDpNUhnkoeExDnplgn+2+HfzwLyffAn95GkL5OGv5cLaKLciNj3opwFXxv5YZ
-oI5i9RsAZxWGtIyDAnv1Qf8ObjFV6R8j5T0B8gH11PDrAnSJM7+SHq78UgM58Tc0
-GNgh1ijdA0Ai4bvjYCxhRVoDzLJjYzY453VcTDaaj2IZOdv4V6qe9jt+4C7mGSmV
-Lida/EUCjue8UPIACUT3xcdZs1fdMMiRQ8qNGlhVz6qvTuSrLdTrZST9xwGJAhwE
-EAEKAAYFAlgXiWoACgkQrFipTxFhjuBdGw/+LnpN1XO9SEYdng4gRSp79qVc0QgH
-XozHDvuPw8gce0+yQH3aDcJXyMiZKuRkdr7/JZHclv5wWkFLSdTyuQho8E4RA48Y
-Agq5TGiGPzLRr0GSLdekFPXtMTfz2B6v0UYqDpk3JPRiFDwIZrysDMKsWBuIRPH8
-ZRZVSQhSWFBB6rQdQdEUE1QAaX2h9r+AbNlSmnHpRqvkK4mBNKqcT9FWrKArTlv0
-gzAcqa6JSYdSPqBDbADBib1gXLMoRr10p4/3dkM0QQ/x4JeSjx3p95nIVFuaF7zd
-ypQ4+57E8XhJfByBQf2t/DbzHFQNutMkxeOzICybd/azoafvo9YcNXmfCKgeSoR6
-LL3DHT4yBNJ3HDpw6w8UATi0XX+vAyzXq2gtVnH56c88KpeLJ/r/dcbpBkB85gRK
-g1lSq54W7CTwjoJ1JvrRCn49XuINOsn6SudPW0rWRJR5me81eFwphy4RYZvbnkJD
-xLTz9fLt3Ydiaf442n3ETIri1+ZvPPoEnoric9/+WZbXPUBQeipEIyLmC3o1Tgwf
-5Af3FZl7Bd+0R1oZos8Jr6xfTkHUcewGSnB72O/C+aZvBibsgtKyVv/ksouzRxk0
-6cmsiMRknWK65HDhA3ia9RxHN8mZq4aWREbGjPqIan9Z3MLyODPfDRdBAN9VKlFM
-RvqGcwLokqaGHBO5Ag0EWA5ltwEQANH0tG5DqRRF888zGHr/x9nbvPOTPmh4USXE
-Pds8pqe6/dB6EdGrDtn9a0/y5tgg7pQijlNI8yZZ77Eh8aHhaGpXJoHbOAl9wAB2
-IZKSWnkx/+ps6FC74mu/Ku0GCosm81nj9esaC2YNBQ3NvPxrcftWYR+0PCfoFPtF
-F8N+1d7HasLYycllREiH/5lTP2ZyOmKVNaVxs8QosA+gQkMwBegiruXCGQzNYfZX
-zG49ikEDzcJ1Sjj6JfVdKb1gQ0O8tpqxnuE175jZMrDVhT7FRNf76eEfoP8fLvcM
-YkaJtZ/pTh/ummzorBMNKcxw3RfSMfi+ciAaWz5duWlI3xyOHMsgccu1Nwg3TbCd
-EnapDtGJ9Vihp4vuipf7Spcy/7XPcVXs6EAzLzgUzbpJYiIB12QhHZmoVyy4shle
-vSrvDbAhWwwBODb9JMbHqYgNmt76rEzNoEfeOEyj5Qh0OHbhquAeIzQpn99JTeyY
-91/RqyAWB/wvoghiag/Unce0KFPUytblIUyrWa5TNNAvUMPfkfvgPo/sltmef1MT
-E1IUf0sQPnH3X4kqmubZtNs0onemmIR9SoWxRuJKhU4ceoB/RWFkzLnCq2gpK8F3
-bPW2xt6mjLQHanLRjRux/dAoUVVdMyKZt9zRjMhyhviU0+CFQr4CyesA1Rvcu7Fb
-0HT8byRHABEBAAGJAiUEGAEKAA8FAlgOZbcCGwwFCQeGH4AACgkQXZ9A0Zcor+og
-4BAAkKQwmQrHoEqymqPt7EKIyH0gx3/pdtC/4gK9Folu+jPp5YWxLgqOXa9Px7KJ
-Z7ZHtAqq9GF2zFLgH1Uv6rksOVxOovlnHLgVLQwCFXDfxVkD5Y8D37I+qrSd0vbW
-2SDhD/WggD5wjwUl/NlFj5NRgsx5tqsCgocCYs/Xq27H4AZs3I1u5+VR/WJa2Yhn
-wbE0nyq5rPIfnYCzUzBMgWN0wytBMKMwmBR6cvOljvJRiKJmCu0TrsOW/LyNNL6+
-Kr60n9yfnKCi+CqoYcSnJCFvUzu3yq3cgo1NgcbZRIY6I0Kd3oXohrxcfqe7i2XT
-jl2SacB0vkGdnO2qOoVPDjvr7gygStddVtVL2OGb4oTOCBzkDdBGTIxOMsIJcmi1
-Hn32uCAMj45qQIGWPJ1vqjSBx+7rvDapEoQ+ViJ5mu58AmmWzscp9s8dEym6JazC
-oJOmcLGX/5cZn3o7gO8U5d8WJBDg7Pn6WxZaTtD919K3aUpVUu5BmqpmkYdnbboL
-iVd8ZtrYpFVtuTfPo47DpyB4HoJljGPmyT27PBvJMBUE6rz4EV6pyw6EIUjL5Rst
-pMpUEw1tl+YGewGIPUU2ZqtqXRo48vFpaJJfttLecCR9JFcS/n0CIi+mZa+r8Slw
-cnKBfbsahMnub6gY49ZdvHTuGcadMNtMxvRFsJ4pYBOIdeA=
-=RxMm
+mQENBFS0RN8BCADHW/seLuKGtSFkzHjYguo6lASp3HjVpVKNetvafxbFIYB5xV3K
+0kDoGta9r/2kYRzxv5XSbOTjKfUHXLOLL8212DQcA4sAzhVXUkBynhrkLtg73NAG
+HKI0huQeHXlIS5fHpmKjy+feAS5YNdAR3IuekQqMG/l2ezZHJhpj8y8bjbZbczhi
+pjJbihNya0Zr2kfdfQvm2q4vcN1LR3TeePSgoK1n8ZtJNN3pcGKgpyG3TMGCFj9w
+19b1m8tNlJgeniIC5+4+Y6Y0AQp9ewrxayJAzDlfgE7KFIw4gY28/GJ3RVps5QPa
+/+B9yp3TqWCL6S0U6KHdjrGPxZIMHpEBWCPrABEBAAG0HHdvbGZTU0wgPHNlY3Vy
+ZUB3b2xmc3NsLmNvbT6JAUIEEwEIACwCGwMFCQsPp/YHCwkIBwMCAQYVCAIJCgsE
+FgIDAQIeAQIXgAUCWD8gqAIZAQAKCRDryA5BXKKWdy1OB/0aqSQaeiiNNixYcrdD
+2zpYgS/3Qe4B3S4Fa51wyjL9vrAIeN7kY9/b1aG5SN+5wxD7lEjXGchz/z+hKNdA
+D4jbfnbgjLtMzViwp99CdvFkhHtyO4sOOfft//sGxxRgKFzpuHdewWQSX5/wJ60b
+IFdUae0hKUtZbPq2DPNCsuvAhEQHB0sXmDtBspasOE1rZE/JitNcvYCYIVw2pz6y
+0NWVgFSV0Qj6TKDHWrSEOOW4wHiko1MT6UvvI9coRu0F4ceQKaeF5V7GTkTs0fSB
+dGgwV2uykW9wNQXC18ksANln7IOyc1/bpWMiDeYrbnlEMP1RL6sCg1dmROKrsoqY
+cWDqtC9KYWNvYiBCYXJ0aGVsbWVoICh3b2xmU1NMKSA8c2VjdXJlQHdvbGZzc2wu
+Y29tPokBPgQTAQIAKAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFCQsPp/YF
+Alg/IKgACgkQ68gOQVyilncQcgf7BF2rZY2ZyoWuwcqAUYlkLUW2arzkiHXcBFoJ
+/EiG9PjFamJdXgElkiUz/uLuoX15gC8CF6FWkFu8mOEubTBtFYCffDiVi/Kf+l3A
+VBRAqfOQWlLeWdU0UDe+8oyr8xEpBkTY071WHsexApEvxuA9WP3nJb1EhH31ubxB
+Up/3JfBgce/1xY52gqEwnXv531Cd4z2umnRJsx4RhRZdeIZsXJFcLHC/i4Um+CbQ
+ntO9/ST/2Eo4M97++qYxnvS/Yz9WxxIk23+a1frwgR18yQ5GRsUZ1tJFhWRdFVl8
+ZYUAUwAnOC1QvNr/LcA4IeSksQBk4BL11KpdiMez0xF3hz7WgLkBDQRUtETfAQgA
+xTEERDbyB4WS1kreiBxQcmlKomv4/hrXxL38hyL6H62QEw1bhk4HM7UcZzX40so+
+mBptAY3+hBfz/GxGvuGHzVI8iRTnyFaYzuNQp1xwoSVgLMcHR3wrbjXFtuHDBzXz
+58iO7EEezEa0hTu/SDZ6y/dZFO9u1A6mOgUFoPNz0sHcoNpZPyQEeTRmlePqlzWL
+bdxlFwGUcZJrKaIQkl1IFFlQCKXQhwWV+TjbSw/XCvm/eegJL6hDTlcwFyQ2tp5k
+sqToGoRN7J1JlOFx00IkIop4DsLY+i9ySWE2SFTSc0NWNeaWWtLOmroUg90lXXD8
+Po02a3I0xHCDhR/3w6n2DwARAQABiQElBBgBAgAPAhsMBQJYPx9kBQkLD6h/AAoJ
+EOvIDkFcopZ3pD0H/1wGzXcBEkL9vlvMhFkZBdqtyhq0KA3oOE21k9YnngyngdBa
+hip8kTRl9AYeVPpH7+HEr4XfG1vdB2BZLyTuGjmJbB5Z2zvKO0CwSSeMJ89MQXMv
+IOKTpa0S9Y3VnebKUnC5raI9z6R5515YBCzminomI9MrHZoo8InJsNZvCUDItNnv
+p+9bFQAnKY0YzoXb+6wCvkv+Rd9h/bhkmpd53Wni6wVWfmyzqtdRHm9pHkaSefJ1
+6SKhrNkQMvGrWvRBwzbk8JOJVe7UDhhiDxmnPApc4VJzoXVeUP25YdkhKGNm7jSd
+bFXIj6t934uC8gx2SBF9PGzG4zpdU4kKm/P6TKE=
+=xdfp
 -----END PGP PUBLIC KEY BLOCK-----

debian/watch

@@ -2,7 +2,8 @@ version=4
 
 opts=\
 dversionmangle=s/\+dfsg$//,\
-filenamemangle=s/.+\/v?(\d\S*)\.tar\.gz/wolfssl-$1\.tar\.gz/,\
+filenamemangle=s/.+\/v?(\d\S+)-stable\.tar\.gz/wolfssl-$1\.tar\.gz/,\
 pgpsigurlmangle=s/archive\/v(\d\S+)\.tar\.gz/releases\/download\/v$1\/wolfssl-$1\.tar\.gz\.asc/,\
 repacksuffix=+dfsg \
-  https://github.com/wolfSSL/wolfssl/releases .*/v(\d\S*)-stable\.tar\.gz
+  https://github.com/wolfSSL/wolfssl/releases .*/v(\d\S+)-stable\.tar\.gz
+