summaryrefslogtreecommitdiffstats
path: root/t/recipes/checks/binaries/obsolete
diff options
context:
space:
mode:
Diffstat (limited to 't/recipes/checks/binaries/obsolete')
-rw-r--r--t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/fill-values4
-rw-r--r--t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/Makefile52
-rw-r--r--t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/dummy.pod11
-rw-r--r--t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-encrypt.c30
-rw-r--r--t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-encrypt_r.c33
-rw-r--r--t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-fcrypt.c21
-rw-r--r--t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-setkey.c45
-rw-r--r--t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-setkey_r.c48
-rw-r--r--t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/eval/desc2
-rw-r--r--t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/eval/hints5
10 files changed, 251 insertions, 0 deletions
diff --git a/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/fill-values b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/fill-values
new file mode 100644
index 0000000..b7493a0
--- /dev/null
+++ b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/fill-values
@@ -0,0 +1,4 @@
+Skeleton: upload-native
+Testname: binaries-obsolete-des
+Description: Check detection of obsolete DES functions
+Package-Architecture: any
diff --git a/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/Makefile b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/Makefile
new file mode 100644
index 0000000..99409d2
--- /dev/null
+++ b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/Makefile
@@ -0,0 +1,52 @@
+# Makefile for the obsolete-des tests.
+
+# glibc 2.28 and greater try to prevent new programs from being linked
+# against the obsolete functions we're testing for. This can be worked
+# around, but we have to know the exact "symbol version" associated with
+# the obsolete functions, which has to be dug out of libcrypt.so with nm.
+
+LIBCRYPT_FILE := $(shell $(CC) $(CFLAGS) $(LDFLAGS) -print-file-name=libcrypt.so)
+
+SYMVER := $(shell nm --dynamic --with-symbol-versions $(LIBCRYPT_FILE) | \
+ grep ' setkey@' | cut -d@ -f2)
+
+# The output of the above nm | grep | cut pipeline will be the empty string
+# if it is possible to link programs against 'setkey' without special magic,
+# and a nonempty string if special magic is required. All five of the
+# functions we are testing were introduced in the same release of glibc and
+# disabled for new programs as a group in a single release of glibc, so it
+# is only necessary to check how one of them is handled.
+ifneq "$(SYMVER)" ""
+SYMVER_DEFINE := -DSYMVER=\"$(SYMVER)\"
+else
+SYMVER_DEFINE := -USYMVER
+endif
+
+CFLAGS := $(shell dpkg-buildflags --get CFLAGS)
+CPPFLAGS := $(shell dpkg-buildflags --get CPPFLAGS) $(SYMVER_DEFINE)
+LDFLAGS := $(shell dpkg-buildflags --get LDFLAGS)
+
+PROGRAMS := uses-fcrypt uses-encrypt uses-encrypt_r uses-setkey uses-setkey_r
+MANPAGES := $(PROGRAMS:=.1)
+
+all: $(PROGRAMS) $(MANPAGES)
+
+uses-%: uses-%.o
+ $(CC) $(CFLAGS) $(LDFLAGS) $< -o $@ -lcrypt
+
+%.1: dummy.pod
+ sed s/@NAME@/$(@F)/g < $< | \
+ pod2man --name $(@F) --section 1 > $@
+
+install: all
+ $(INSTALL) -d $(DESTDIR)/usr/bin
+ $(INSTALL) -d $(DESTDIR)/usr/share/man/man1
+ $(INSTALL) -m 755 $(PROGRAMS) $(DESTDIR)/usr/bin
+ $(INSTALL) -m 644 $(MANPAGES) $(DESTDIR)/usr/share/man/man1
+
+clean distclean:
+ -rm -f *.o $(PROGRAMS) $(MANPAGES)
+
+check test:
+
+.PRECIOUS: $(PROGRAMS:=.o)
diff --git a/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/dummy.pod b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/dummy.pod
new file mode 100644
index 0000000..224df4a
--- /dev/null
+++ b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/dummy.pod
@@ -0,0 +1,11 @@
+=head1 NAME
+
+@NAME@ -- binary that does something
+
+=head1 SYNOPSIS
+
+ @NAME@ [options]
+
+=head1 DESCRIPTION
+
+@NAME@ does something very useful.
diff --git a/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-encrypt.c b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-encrypt.c
new file mode 100644
index 0000000..b6ca062
--- /dev/null
+++ b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-encrypt.c
@@ -0,0 +1,30 @@
+/* This program uses the obsolete function 'encrypt', which performs
+ DES encryption. */
+
+#define _GNU_SOURCE 1
+#include <unistd.h>
+#include <string.h>
+#include <stdio.h>
+
+/* The prototype of 'encrypt' may already have been removed from
+ unistd.h. */
+extern void encrypt(char block[64], int edflag);
+
+/* It may already not be possible to link new programs that use
+ 'encrypt' without special magic. */
+#ifdef SYMVER
+__asm__ (".symver encrypt, encrypt@" SYMVER);
+#endif
+
+int
+main(void)
+{
+ char block[64];
+ memset(block, 0, sizeof block);
+ encrypt(block, 0);
+ for (size_t i = 0; i < sizeof block; i++) {
+ putchar(block[i] ? '1' : '0');
+ }
+ putchar('\n');
+ return 0;
+}
diff --git a/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-encrypt_r.c b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-encrypt_r.c
new file mode 100644
index 0000000..a382624
--- /dev/null
+++ b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-encrypt_r.c
@@ -0,0 +1,33 @@
+/* This program uses the obsolete function 'encrypt_r', which performs
+ DES encryption. */
+
+#define _GNU_SOURCE 1
+#include <crypt.h>
+#include <string.h>
+#include <stdio.h>
+
+/* The prototype of 'encrypt_r' may already have been removed from
+ crypt.h. */
+extern void encrypt_r(char block[64], int edflag, struct crypt_data *data);
+
+/* It may already not be possible to link new programs that use
+ 'encrypt_r' without special magic. */
+#ifdef SYMVER
+__asm__ (".symver encrypt_r, encrypt_r@" SYMVER);
+#endif
+
+int
+main(void)
+{
+ struct crypt_data data;
+ char block[64];
+
+ memset(&data, 0, sizeof data);
+ memset(block, 0, sizeof block);
+ encrypt_r(block, 0, &data);
+ for (size_t i = 0; i < sizeof block; i++) {
+ putchar(block[i] ? '1' : '0');
+ }
+ putchar('\n');
+ return 0;
+}
diff --git a/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-fcrypt.c b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-fcrypt.c
new file mode 100644
index 0000000..d71a837
--- /dev/null
+++ b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-fcrypt.c
@@ -0,0 +1,21 @@
+/* This program uses the obsolete function 'fcrypt',
+ which is an alias for 'crypt'. */
+
+#include <crypt.h>
+#include <stdio.h>
+
+/* The prototype may already have been removed from crypt.h. */
+extern char *fcrypt(const char *, const char *);
+
+/* It may already not be possible to link new programs that use
+ 'fcrypt' without special magic. */
+#ifdef SYMVER
+__asm__ (".symver fcrypt, fcrypt@" SYMVER);
+#endif
+
+int
+main(void)
+{
+ puts(fcrypt("password", "Dn"));
+ return 0;
+}
diff --git a/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-setkey.c b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-setkey.c
new file mode 100644
index 0000000..bdf70b0
--- /dev/null
+++ b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-setkey.c
@@ -0,0 +1,45 @@
+/* This program uses the obsolete function 'setkey', which sets a key for
+ DES encryption. */
+
+#define _GNU_SOURCE 1
+#include <stdlib.h>
+#include <errno.h>
+#include <stdio.h>
+
+/* The prototype of 'setkey' may already have been removed from
+ stdlib.h. */
+extern void setkey(const char *);
+
+
+/* It may already not be possible to link new programs that use
+ 'setkey' without special magic. */
+#ifdef SYMVER
+__asm__ (".symver setkey, setkey@" SYMVER);
+#endif
+
+/* setkey uses a 1-bit-per-byte representation of a DES key.
+ Yes, really. */
+const char key[64] = {
+ 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1,
+ 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1,
+ 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1,
+ 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1,
+};
+
+int
+main(void)
+{
+ /* The primary effects of calling 'setkey' are only visible by
+ calling 'encrypt', and we don't want to call 'encrypt' in this
+ program because we want to make sure Lintian detects programs
+ that call 'setkey' but not 'encrypt', even though that doesn't
+ make a whole lot of sense. So we just call it and then check
+ whether it changed errno, which is the documented way to check
+ whether it failed. */
+ errno = 0;
+ setkey(key);
+ if (errno) {
+ perror("setkey");
+ }
+ return 0;
+}
diff --git a/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-setkey_r.c b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-setkey_r.c
new file mode 100644
index 0000000..3ad3f35
--- /dev/null
+++ b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/build-spec/orig/uses-setkey_r.c
@@ -0,0 +1,48 @@
+/* This program uses the obsolete function 'setkey_r', which sets a key for
+ DES encryption. */
+
+#define _GNU_SOURCE 1
+#include <crypt.h>
+#include <errno.h>
+#include <stdio.h>
+#include <string.h>
+
+/* The prototype of 'setkey_r' may already have been removed from
+ crypt.h. */
+extern void setkey_r(const char *, struct crypt_data *);
+
+/* It may already not be possible to link new programs that use
+ 'setkey_r' without special magic. */
+#ifdef SYMVER
+__asm__ (".symver setkey_r, setkey_r@" SYMVER);
+#endif
+
+/* setkey_r uses a 1-bit-per-byte representation of a DES key.
+ Yes, really. */
+const char key[64] = {
+ 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1,
+ 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1,
+ 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1,
+ 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1,
+};
+
+int
+main(void)
+{
+ struct crypt_data data;
+ memset(&data, 0, sizeof data);
+
+ /* The primary effects of calling 'setkey_r' are only visible by
+ calling 'encrypt_r', and we don't want to call 'encrypt_r' in
+ this program because we want to make sure Lintian detects
+ programs that call 'setkey_r' but not 'encrypt_r', even though
+ that doesn't make a whole lot of sense. So we just call it and
+ then check whether it changed errno, which is the documented
+ way to check whether it failed. */
+ errno = 0;
+ setkey_r(key, &data);
+ if (errno) {
+ perror("setkey_r");
+ }
+ return 0;
+}
diff --git a/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/eval/desc b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/eval/desc
new file mode 100644
index 0000000..0ceced0
--- /dev/null
+++ b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/eval/desc
@@ -0,0 +1,2 @@
+Testname: binaries-obsolete-des
+Check: binaries/obsolete/crypt
diff --git a/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/eval/hints b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/eval/hints
new file mode 100644
index 0000000..a49c520
--- /dev/null
+++ b/t/recipes/checks/binaries/obsolete/crypt/binaries-obsolete-des/eval/hints
@@ -0,0 +1,5 @@
+binaries-obsolete-des (binary): obsolete-des-encryption setkey_r [usr/bin/uses-setkey_r]
+binaries-obsolete-des (binary): obsolete-des-encryption setkey [usr/bin/uses-setkey]
+binaries-obsolete-des (binary): obsolete-des-encryption encrypt_r [usr/bin/uses-encrypt_r]
+binaries-obsolete-des (binary): obsolete-des-encryption encrypt [usr/bin/uses-encrypt]
+binaries-obsolete-des (binary): obsolete-crypt-alias fcrypt [usr/bin/uses-fcrypt]
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-04 12:51:57 +0000