Upstream here: Keep in mind that 'if [ -e /dev/urandom ] ; then ./RandomPrime > DwRandPrime.h ; fi' is a rule in the middle of a Makefile and only runs when DwRandPrime.h is not there. The reason to have a fallback DwRandPrime.h is so operating systems without /dev/urandom (yes, there is a Windows port of this critter) can still have this file and compile Deadwood.
The reason this is dynamically generated is to keep the hash function random (the code has been there since 2007, over four years before hash bucket collision attacks were common knowledge); in 2010, I made the hash function random at runtime also (so people using precompiled binaries are not vulnerable to hash bucket collision attacks). - Sam On Mon, Feb 24, 2014 at 11:08 PM, coldtobi <t...@coldtobi.de> wrote: > Source: maradns > Severity: minor > Tags: patch > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Hi Dariusz, > > when reviewing the package I found that a rule in the Makefile for deadwood is > wrong and not generating DwRandPrime.h if not present. > > As this issue was introduced by a patch already in your package, I attach the > *complete* patch for your convenience. This is the diff on the patch: > > - --- a/debian/patches/deadwood_makefile.patch > +++ b/debian/patches/deadwood_makefile.patch > @@ -2,7 +2,7 @@ Author: Nicholas Bamber <nicho...@periapt.co.uk> > Subject: deadwood source code corrupted during build > Also we don't like binaries with a capital in the name. > Forwarded: not-needed > - -Last-Update: 2012-02-12 > +Last-Update: 2014-02-25 > --- a/deadwood-3.2.05/src/Makefile > +++ b/deadwood-3.2.05/src/Makefile > @@ -20,7 +20,7 @@ > @@ -34,7 +34,7 @@ Last-Update: 2012-02-12 > > DwRandPrime.h: RandomPrime > - if [ -e /dev/urandom ] ; then ./RandomPrime > DwRandPrime.h ; fi > - -+ if [ -e /dev/urandom -a -f DwRandPrime.h ] ; then mv -f > DwRandPrime.h DwRandPrime.h.bak ; ./RandomPrime > DwRandPrime.h ; fi > ++ if [ -e /dev/urandom -a -f DwRandPrime.h ] ; then mv -f DwRandPrime.h > DwRandPrime.h.bak ; fi ; ./RandomPrime > DwRandPrime.h > > note that the only change is to move the "fi" to the left to unconditionally > run ./RandomPrime, and not only if if has been there before. > > (With that patch applied, the current hack in d/rules (copying the backup > d/DwRandPrime.h over the generated file in the clean target) can be replaced > by > just deleting the file in d/clean. d/rules would just be more "cleaner" this > way) > > Thanks! > > - -- > Tobias Frost > > - -- System Information: > Debian Release: jessie/sid > APT prefers unstable > APT policy: (500, 'unstable'), (500, 'testing') > Architecture: amd64 (x86_64) > Foreign Architectures: i386 > > Kernel: Linux 3.12-1-amd64 (SMP w/4 CPU cores) > Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQIcBAEBCAAGBQJTDEFUAAoJEJFk+h0XvV02RCQP/2Y6fnYuOmhHaF7JQ2GN2SDW > tuaDoEs/znztZhXoQdhBf5j+PViRbNBjo3buYILRsWnUafNSbfmPxMS1ioKPR/UX > yslb5IUY7GTazvZc+JlNNXNuWqY1fzfla0dFI7zYScZKfz0cOY7GOAwMd+i2dr7o > Jaqffg850tnGBz0g2BmLdebcPk59UUunq8rs+vGqzrJRQj432gpGeF6g6p98pH6h > ouukZ0h6QLX7PKSFagKhSqRvA247qswOxiuCwjDab6f6zb53fvDe7hyg3erFySp4 > t51U9Skj8I5L0KVenZGtlTptEteK56G85MmeIttSlbfCwHXq1Z5tbm/CvrOJ2IOL > CDtl+sTQ7KElOL2FnZ36CwE05uyxSebNAdR1jFHOYoboIBWrkwR+opnhv4DGaZcR > Aw7f4LfJbSmZpCeaKNJLJ98mH7Zy6pT0l1sauGqMQ1eLIx3ALBJFzhpyAjdBuO63 > xNlCeXTwFJlwNNM1zxOoPxK/Fcep3MTPi9Cy8zMf0lojZXBw456cy53w5HZrELWy > PP/yO6oXnDY79HkUNJ/IuwZzMSzMfBODLBsTkOpiab2GRk+NJ7AnqZBq//gpaTB7 > eP6p4yNKnaRE1/Eu40O654qp0gdw8Rdm5TriAGvpJKJCh8X47zHW2sG3v6E0pR2x > 1ffMu6Y/5qpKqgniIJ7s > =/R1/ > -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
