Debian

Available patches from Ubuntu

To see Ubuntu differences wrt. to Debian, write down a grep-dctrl query identifying the packages you're interested in:
grep-dctrl -n -sPackage Sources.Debian
(e.g. -FPackage linux-ntfs or linux-ntfs)

Modified packages are listed below:

Debian ( Changelog | PTS | Bugs ) Ubuntu ( Changelog | txt | LP | Bugs ) | Diff from Ubuntu

Source: libzip

libzip (1.5.1-0ubuntu1) disco; urgency=medium * New upstream release (LP: #1674057) (Closes: #894813) - Removes custom AES implementation in favour of using standard crypto libs * Build with cmake, autotools support was dropped. * Bump debhelper to compat 11 * debian/control - Add Build-dep on libssl-dev and libbz2-dev * debian/libzip5.symbols: Update with new symbols * debian/rules: - Clean up Multi-arch support - set dh_missing to --fail-missing - Drop flags obsolete with dh 11 - Strip -Bsymbolic-functions link flag as it causes test failures * debian/libzip-dev.install: don't install static lib, its not built now * debian/libzip5.lintian-overrides: - override possible-gpl-code-linked-with-openssl, libzip is BSD licensed only the debian packaging is licensed under GPLv3 * debian/copyright: Update to reflect removed code -- Tim Lunn <tim@feathertop.org> Tue, 27 Nov 2018 10:51:36 +1000

Modifications :
  1. Download patch lib/zip_file_set_external_attributes.c

    --- 1.3.2-1/lib/zip_file_set_external_attributes.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_file_set_external_attributes.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -34,8 +34,7 @@ #include "zipint.h" ZIP_EXTERN int -zip_file_set_external_attributes(zip_t *za, zip_uint64_t idx, zip_flags_t flags, zip_uint8_t opsys, zip_uint32_t attributes) -{ +zip_file_set_external_attributes(zip_t *za, zip_uint64_t idx, zip_flags_t flags, zip_uint8_t opsys, zip_uint32_t attributes) { zip_entry_t *e; int changed; zip_uint8_t unchanged_opsys; @@ -49,23 +48,23 @@ zip_file_set_external_attributes(zip_t * return -1; } - e = za->entry+idx; + e = za->entry + idx; - unchanged_opsys = (e->orig ? (zip_uint8_t)(e->orig->version_madeby>>8) : (zip_uint8_t)ZIP_OPSYS_DEFAULT); + unchanged_opsys = (e->orig ? (zip_uint8_t)(e->orig->version_madeby >> 8) : (zip_uint8_t)ZIP_OPSYS_DEFAULT); unchanged_attributes = e->orig ? e->orig->ext_attrib : ZIP_EXT_ATTRIB_DEFAULT; changed = (opsys != unchanged_opsys || attributes != unchanged_attributes); if (changed) { - if (e->changes == NULL) { - if ((e->changes=_zip_dirent_clone(e->orig)) == NULL) { - zip_error_set(&za->error, ZIP_ER_MEMORY, 0); - return -1; - } - } - e->changes->version_madeby = (zip_uint16_t)((opsys << 8) | (e->changes->version_madeby & 0xff)); + if (e->changes == NULL) { + if ((e->changes = _zip_dirent_clone(e->orig)) == NULL) { + zip_error_set(&za->error, ZIP_ER_MEMORY, 0); + return -1; + } + } + e->changes->version_madeby = (zip_uint16_t)((opsys << 8) | (e->changes->version_madeby & 0xff)); e->changes->ext_attrib = attributes; - e->changes->changed |= ZIP_DIRENT_ATTRIBUTES; + e->changes->changed |= ZIP_DIRENT_ATTRIBUTES; } else if (e->changes) { e->changes->changed &= ~ZIP_DIRENT_ATTRIBUTES;
  2. Download patch lib/zip_fdopen.c

    --- 1.3.2-1/lib/zip_fdopen.c 2017-10-06 11:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_fdopen.c 2018-04-11 07:28:08.000000000 +0000 @@ -1,6 +1,6 @@ /* zip_fdopen.c -- open read-only archive from file descriptor - Copyright (C) 2009-2016 Dieter Baron and Thomas Klausner + Copyright (C) 2009-2017 Dieter Baron and Thomas Klausner This file is part of libzip, a library to manipulate ZIP archives. The authors can be contacted at <libzip@nih.at> @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -39,28 +39,27 @@ ZIP_EXTERN zip_t * -zip_fdopen(int fd_orig, int _flags, int *zep) -{ +zip_fdopen(int fd_orig, int _flags, int *zep) { int fd; FILE *fp; zip_t *za; zip_source_t *src; struct zip_error error; - if (_flags < 0 || (_flags & ~(ZIP_CHECKCONS|ZIP_RDONLY))) { + if (_flags < 0 || (_flags & ~(ZIP_CHECKCONS | ZIP_RDONLY))) { _zip_set_open_error(zep, NULL, ZIP_ER_INVAL); - return NULL; + return NULL; } - + /* We dup() here to avoid messing with the passed in fd. We could not restore it to the original state in case of error. */ - if ((fd=dup(fd_orig)) < 0) { + if ((fd = dup(fd_orig)) < 0) { _zip_set_open_error(zep, NULL, ZIP_ER_OPEN); return NULL; } - if ((fp=fdopen(fd, "rb")) == NULL) { + if ((fp = fdopen(fd, "rb")) == NULL) { close(fd); _zip_set_open_error(zep, NULL, ZIP_ER_OPEN); return NULL;
  3. Download patch lib/zip_error_get.c

    --- 1.3.2-1/lib/zip_error_get.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_error_get.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -37,21 +37,18 @@ ZIP_EXTERN void -zip_error_get(zip_t *za, int *zep, int *sep) -{ +zip_error_get(zip_t *za, int *zep, int *sep) { _zip_error_get(&za->error, zep, sep); } ZIP_EXTERN zip_error_t * -zip_get_error(zip_t *za) -{ +zip_get_error(zip_t *za) { return &za->error; } ZIP_EXTERN zip_error_t * -zip_file_get_error(zip_file_t *f) -{ +zip_file_get_error(zip_file_t *f) { return &f->error; }
  4. Download patch lib/gladman-fcrypt/aeskey.c
  5. Download patch lib/zip_crypto_gnutls.c

    --- 1.3.2-1/lib/zip_crypto_gnutls.c 1970-01-01 00:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_crypto_gnutls.c 2018-04-11 07:28:08.000000000 +0000 @@ -0,0 +1,140 @@ +/* + zip_crypto_gnutls.c -- GnuTLS wrapper. + Copyright (C) 2018 Dieter Baron and Thomas Klausner + + This file is part of libzip, a library to manipulate ZIP archives. + The authors can be contacted at <libzip@nih.at> + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + 3. The names of the authors may not be used to endorse or promote + products derived from this software without specific prior + written permission. + + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS + OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY + DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER + IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#include <stdlib.h> + +#include "zipint.h" +#include "zip_crypto.h" + +_zip_crypto_aes_t * +_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error) +{ + _zip_crypto_aes_t *aes; + + if ((aes = (_zip_crypto_aes_t *)malloc(sizeof(*aes))) == NULL) { + zip_error_set(error, ZIP_ER_MEMORY, 0); + return NULL; + } + + aes->key_size = key_size; + + switch (aes->key_size) { + case 128: + nettle_aes128_set_encrypt_key(&aes->ctx.ctx_128, key); + break; + case 192: + nettle_aes192_set_encrypt_key(&aes->ctx.ctx_192, key); + break; + case 256: + nettle_aes256_set_encrypt_key(&aes->ctx.ctx_256, key); + break; + default: + zip_error_set(error, ZIP_ER_INVAL, 0); + free(aes); + return NULL; + } + + return aes; +} + +bool +_zip_crypto_aes_encrypt_block(_zip_crypto_aes_t *aes, const zip_uint8_t *in, zip_uint8_t *out) +{ + switch (aes->key_size) { + case 128: + nettle_aes128_encrypt(&aes->ctx.ctx_128, ZIP_CRYPTO_AES_BLOCK_LENGTH, out, in); + break; + case 192: + nettle_aes192_encrypt(&aes->ctx.ctx_192, ZIP_CRYPTO_AES_BLOCK_LENGTH, out, in); + break; + case 256: + nettle_aes256_encrypt(&aes->ctx.ctx_256, ZIP_CRYPTO_AES_BLOCK_LENGTH, out, in); + break; + } + + return true; +} + +void +_zip_crypto_aes_free(_zip_crypto_aes_t *aes) +{ + if (aes == NULL) { + return; + } + + _zip_crypto_clear(aes, sizeof(*aes)); + free(aes); +} + + +_zip_crypto_hmac_t * +_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error) +{ + _zip_crypto_hmac_t *hmac; + int ret; + + if ((hmac = (_zip_crypto_hmac_t *)malloc(sizeof(*hmac))) == NULL) { + zip_error_set(error, ZIP_ER_MEMORY, 0); + return NULL; + } + + if ((ret = gnutls_hmac_init(hmac, GNUTLS_MAC_SHA1, secret, secret_length)) < 0) { + // TODO: set error + free(hmac); + return NULL; + } + + return hmac; +} + + +void +_zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac) +{ + zip_uint8_t buf[ZIP_CRYPTO_SHA1_LENGTH]; + + if (hmac == NULL) { + return; + } + + gnutls_hmac_deinit(*hmac, buf); + _zip_crypto_clear(hmac, sizeof(*hmac)); + free(hmac); +} + + +ZIP_EXTERN bool +zip_random(zip_uint8_t *buffer, zip_uint16_t length) { + return gnutls_rnd(GNUTLS_RND_KEY, buffer, length) == 0; +} +
  6. Download patch lib/gladman-fcrypt/Makefile.in
  7. Download patch debian/libzip-dev.install

    --- 1.3.2-1/debian/libzip-dev.install 2017-11-20 20:39:26.000000000 +0000 +++ 1.5.1-0ubuntu1/debian/libzip-dev.install 2018-04-03 10:51:36.000000000 +0000 @@ -1,6 +1,5 @@ usr/include/zip.h usr/include/zipconf.h -usr/lib/*/libzip.a usr/lib/*/libzip.so usr/lib/*/pkgconfig/libzip.pc usr/share/man/man3/*
  8. Download patch examples/in-memory.c

    --- 1.3.2-1/examples/in-memory.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/examples/in-memory.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -40,38 +40,38 @@ #include <zip.h> static int -get_data(void **datap, size_t *sizep, const char *archive) -{ +get_data(void **datap, size_t *sizep, const char *archive) { /* example implementation that reads data from file */ struct stat st; FILE *fp; - if (stat(archive, &st) < 0) { + if ((fp = fopen(archive, "r")) == NULL) { if (errno != ENOENT) { - fprintf(stderr, "can't stat %s: %s\n", archive, strerror(errno)); + fprintf(stderr, "can't open %s: %s\n", archive, strerror(errno)); return -1; } *datap = NULL; *sizep = 0; - + return 0; } - if ((*datap = malloc((size_t)st.st_size)) == NULL) { - fprintf(stderr, "can't allocate buffer\n"); + if (fstat(fileno(fp), &st) < 0) { + fprintf(stderr, "can't stat %s: %s\n", archive, strerror(errno)); + fclose(fp); return -1; } - if ((fp=fopen(archive, "r")) == NULL) { - free(*datap); - fprintf(stderr, "can't open %s: %s\n", archive, strerror(errno)); + if ((*datap = malloc((size_t)st.st_size)) == NULL) { + fprintf(stderr, "can't allocate buffer\n"); + fclose(fp); return -1; } - + if (fread(*datap, 1, (size_t)st.st_size, fp) < (size_t)st.st_size) { - free(*datap); fprintf(stderr, "can't read %s: %s\n", archive, strerror(errno)); + free(*datap); fclose(fp); return -1; } @@ -83,16 +83,14 @@ get_data(void **datap, size_t *sizep, co } static int -modify_archive(zip_t *za) -{ +modify_archive(zip_t *za) { /* modify the archive */ return 0; } static int -use_data(void *data, size_t size, const char *archive) -{ +use_data(void *data, size_t size, const char *archive) { /* example implementation that writes data to file */ FILE *fp; @@ -123,8 +121,7 @@ use_data(void *data, size_t size, const int -main(int argc, char *argv[]) -{ +main(int argc, char *argv[]) { const char *archive; zip_source_t *src; zip_t *za;
  9. Download patch lib/zip_file_set_mtime.c

    --- 1.3.2-1/lib/zip_file_set_mtime.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_file_set_mtime.c 2018-04-11 07:28:08.000000000 +0000 @@ -1,10 +1,10 @@ /* zip_file_set_mtime.c -- set modification time of entry. Copyright (C) 2014 Dieter Baron and Thomas Klausner - + This file is part of libzip, a library to manipulate ZIP archives. The authors can be contacted at <libzip@nih.at> - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -33,42 +33,42 @@ #include "zipint.h" -ZIP_EXTERN int zip_file_set_mtime(zip_t *za, zip_uint64_t idx, time_t mtime, zip_flags_t flags) -{ +ZIP_EXTERN int +zip_file_set_mtime(zip_t *za, zip_uint64_t idx, time_t mtime, zip_flags_t flags) { zip_entry_t *e; int changed; - + if (_zip_get_dirent(za, idx, 0, NULL) == NULL) - return -1; - + return -1; + if (ZIP_IS_RDONLY(za)) { - zip_error_set(&za->error, ZIP_ER_RDONLY, 0); - return -1; + zip_error_set(&za->error, ZIP_ER_RDONLY, 0); + return -1; } - - e = za->entry+idx; + + e = za->entry + idx; changed = e->orig == NULL || mtime != e->orig->last_mod; - + if (changed) { - if (e->changes == NULL) { - if ((e->changes=_zip_dirent_clone(e->orig)) == NULL) { - zip_error_set(&za->error, ZIP_ER_MEMORY, 0); - return -1; - } - } - e->changes->last_mod = mtime; - e->changes->changed |= ZIP_DIRENT_LAST_MOD; + if (e->changes == NULL) { + if ((e->changes = _zip_dirent_clone(e->orig)) == NULL) { + zip_error_set(&za->error, ZIP_ER_MEMORY, 0); + return -1; + } + } + e->changes->last_mod = mtime; + e->changes->changed |= ZIP_DIRENT_LAST_MOD; } else { - if (e->changes) { - e->changes->changed &= ~ZIP_DIRENT_LAST_MOD; - if (e->changes->changed == 0) { + if (e->changes) { + e->changes->changed &= ~ZIP_DIRENT_LAST_MOD; + if (e->changes->changed == 0) { _zip_dirent_free(e->changes); - e->changes = NULL; - } - } + e->changes = NULL; + } + } } - + return 0; }
  10. Download patch lib/zip_crypto_gnutls.h

    --- 1.3.2-1/lib/zip_crypto_gnutls.h 1970-01-01 00:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_crypto_gnutls.h 2018-04-11 07:28:08.000000000 +0000 @@ -0,0 +1,66 @@ +/* + zip_crypto_gnutls.h -- definitions for GnuTLS wrapper. + Copyright (C) 2018 Dieter Baron and Thomas Klausner + + This file is part of libzip, a library to manipulate ZIP archives. + The authors can be contacted at <libzip@nih.at> + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + 3. The names of the authors may not be used to endorse or promote + products derived from this software without specific prior + written permission. + + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS + OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY + DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER + IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef HAD_ZIP_CRYPTO_GNUTLS_H +#define HAD_ZIP_CRYPTO_GNUTLS_H + +#include <nettle/aes.h> +#include <nettle/pbkdf2.h> + +#include <gnutls/gnutls.h> +#include <gnutls/crypto.h> + +typedef struct { + union { + struct aes128_ctx ctx_128; + struct aes192_ctx ctx_192; + struct aes256_ctx ctx_256; + } ctx; + zip_uint16_t key_size; +} _zip_crypto_aes_t; + +#define _zip_crypto_hmac_t gnutls_hmac_hd_t + +void _zip_crypto_aes_free(_zip_crypto_aes_t *aes); +bool _zip_crypto_aes_encrypt_block(_zip_crypto_aes_t *aes, const zip_uint8_t *in, zip_uint8_t *out); +_zip_crypto_aes_t *_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error); + +#define _zip_crypto_hmac(hmac, data, length) (gnutls_hmac(*(hmac), (data), (length)) == 0) +void _zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac); +_zip_crypto_hmac_t *_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error); +#define _zip_crypto_hmac_output(hmac, data) (gnutls_hmac_output(*(hmac), (data)), true) + +#define _zip_crypto_pbkdf2(key, key_length, salt, salt_length, iterations, output, output_length) \ + (pbkdf2_hmac_sha1((key_length), (key), (iterations), (salt_length), (salt), (output_length), (output)), true) + +#endif /* HAD_ZIP_CRYPTO_GNUTLS_H */
  11. Download patch config.sub
  12. Download patch config.guess
  13. Download patch lib/zip_crypto_openssl.c

    --- 1.3.2-1/lib/zip_crypto_openssl.c 1970-01-01 00:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_crypto_openssl.c 2018-04-11 07:28:08.000000000 +0000 @@ -0,0 +1,142 @@ +/* + zip_crypto_openssl.c -- OpenSSL wrapper. + Copyright (C) 2018 Dieter Baron and Thomas Klausner + + This file is part of libzip, a library to manipulate ZIP archives. + The authors can be contacted at <libzip@nih.at> + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + 3. The names of the authors may not be used to endorse or promote + products derived from this software without specific prior + written permission. + + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS + OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY + DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER + IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#include <stdlib.h> + +#include "zipint.h" +#include "zip_crypto.h" + +#include <openssl/rand.h> + +#if OPENSSL_VERSION_NUMBER < 0x1010000fL || defined(LIBRESSL_VERSION_NUMBER) +#define USE_OPENSSL_1_0_API +#endif + + +_zip_crypto_aes_t * +_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error) +{ + _zip_crypto_aes_t *aes; + + if ((aes = (_zip_crypto_aes_t *)malloc(sizeof(*aes))) == NULL) { + zip_error_set(error, ZIP_ER_MEMORY, 0); + return NULL; + } + + AES_set_encrypt_key(key, key_size, aes); + + return aes; +} + +void +_zip_crypto_aes_free(_zip_crypto_aes_t *aes) +{ + if (aes == NULL) { + return; + } + + _zip_crypto_clear(aes, sizeof(*aes)); + free(aes); +} + + +_zip_crypto_hmac_t * +_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error) +{ + _zip_crypto_hmac_t *hmac; + + if (secret_length > INT_MAX) { + zip_error_set(error, ZIP_ER_INVAL, 0); + return NULL; + } + +#ifdef USE_OPENSSL_1_0_API + if ((hmac = (_zip_crypto_hmac_t *)malloc(sizeof(*hmac))) == NULL) { + zip_error_set(error, ZIP_ER_MEMORY, 0); + return NULL; + } + + HMAC_CTX_init(hmac); +#else + if ((hmac = HMAC_CTX_new()) == NULL) { + zip_error_set(error, ZIP_ER_MEMORY, 0); + return NULL; + } +#endif + + if (HMAC_Init_ex(hmac, secret, (int)secret_length, EVP_sha1(), NULL) != 1) { + zip_error_set(error, ZIP_ER_INTERNAL, 0); +#ifdef USE_OPENSSL_1_0_API + free(hmac); +#else + HMAC_CTX_free(hmac); +#endif + return NULL; + } + + return hmac; +} + + +void +_zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac) +{ + if (hmac == NULL) { + return; + } + +#ifdef USE_OPENSSL_1_0_API + HMAC_CTX_cleanup(hmac); + _zip_crypto_clear(hmac, sizeof(*hmac)); + free(hmac); +#else + HMAC_CTX_free(hmac); +#endif +} + + +bool +_zip_crypto_hmac_output(_zip_crypto_hmac_t *hmac, zip_uint8_t *data) +{ + unsigned int length; + + return HMAC_Final(hmac, data, &length) == 1; +} + + +ZIP_EXTERN bool +zip_random(zip_uint8_t *buffer, zip_uint16_t length) { + return RAND_bytes(buffer, length) == 1; +} + +
  14. Download patch lib/gladman-fcrypt/hmac.c

    --- 1.3.2-1/lib/gladman-fcrypt/hmac.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/gladman-fcrypt/hmac.c 1970-01-01 00:00:00.000000000 +0000 @@ -1,150 +0,0 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. - All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software in both source and binary - form is allowed (with or without changes) provided that: - - 1. distributions of this source code include the above copyright - notice, this list of conditions and the following disclaimer; - - 2. distributions in binary form include the above copyright - notice, this list of conditions and the following disclaimer - in the documentation and/or other associated materials; - - 3. the copyright holder's name is not used to endorse products - built using this software without specific written permission. - - ALTERNATIVELY, provided that this notice is retained in full, this product - may be distributed under the terms of the GNU General Public License (GPL), - in which case the provisions of the GPL apply INSTEAD OF those given above. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 24/01/2003 - - This is an implementation of HMAC, the FIPS standard keyed hash function -*/ - -#include "hmac.h" - -#if defined(__cplusplus) -extern "C" -{ -#endif - -/* initialise the HMAC context to zero */ -INTERNAL void hmac_sha1_begin(hmac_ctx cx[1]) -{ - memset(cx, 0, sizeof(hmac_ctx)); -} - -/* input the HMAC key (can be called multiple times) */ -INTERNAL int hmac_sha1_key(const unsigned char key[], unsigned int key_len, hmac_ctx cx[1]) -{ - if(cx->klen == HMAC_IN_DATA) /* error if further key input */ - return HMAC_BAD_MODE; /* is attempted in data mode */ - - if(cx->klen + key_len > IN_BLOCK_LENGTH) /* if the key has to be hashed */ - { - if(cx->klen <= IN_BLOCK_LENGTH) /* if the hash has not yet been */ - { /* started, initialise it and */ - sha1_begin(cx->ctx); /* hash stored key characters */ - sha1_hash(cx->key, cx->klen, cx->ctx); - } - - sha1_hash(key, key_len, cx->ctx); /* hash long key data into hash */ - } - else /* otherwise store key data */ - memcpy(cx->key + cx->klen, key, key_len); - - cx->klen += key_len; /* update the key length count */ - return HMAC_OK; -} - -/* input the HMAC data (can be called multiple times) - */ -/* note that this call terminates the key input phase */ -INTERNAL void hmac_sha1_data(const unsigned char data[], unsigned int data_len, hmac_ctx cx[1]) -{ unsigned int i; - - if(cx->klen != HMAC_IN_DATA) /* if not yet in data phase */ - { - if(cx->klen > IN_BLOCK_LENGTH) /* if key is being hashed */ - { /* complete the hash and */ - sha1_end(cx->key, cx->ctx); /* store the result as the */ - cx->klen = OUT_BLOCK_LENGTH; /* key and set new length */ - } - - /* pad the key if necessary */ - if (cx->klen < IN_BLOCK_LENGTH) - { - memset(cx->key + cx->klen, 0, IN_BLOCK_LENGTH - cx->klen); - } - - /* xor ipad into key value */ - for(i = 0; i < (IN_BLOCK_LENGTH >> 2); ++i) - ((sha1_32t*)cx->key)[i] ^= 0x36363636; - - /* and start hash operation */ - sha1_begin(cx->ctx); - sha1_hash(cx->key, IN_BLOCK_LENGTH, cx->ctx); - - /* mark as now in data mode */ - cx->klen = HMAC_IN_DATA; - } - - /* hash the data (if any) */ - if(data_len) - sha1_hash(data, data_len, cx->ctx); -} - -/* compute and output the MAC value */ -INTERNAL void hmac_sha1_end(unsigned char mac[], unsigned long mac_len, hmac_ctx cx[1]) -{ unsigned char dig[OUT_BLOCK_LENGTH]; - unsigned int i; - - /* if no data has been entered perform a null data phase */ - if(cx->klen != HMAC_IN_DATA) - hmac_sha1_data((const unsigned char*)0, 0, cx); - - sha1_end(dig, cx->ctx); /* complete the inner hash */ - - /* set outer key value using opad and removing ipad */ - for(i = 0; i < (IN_BLOCK_LENGTH >> 2); ++i) - ((sha1_32t*)cx->key)[i] ^= 0x36363636 ^ 0x5c5c5c5c; - - /* perform the outer hash operation */ - sha1_begin(cx->ctx); - sha1_hash(cx->key, IN_BLOCK_LENGTH, cx->ctx); - sha1_hash(dig, OUT_BLOCK_LENGTH, cx->ctx); - sha1_end(dig, cx->ctx); - - /* output the hash value */ - for(i = 0; i < mac_len; ++i) - mac[i] = dig[i]; -} - -#if 0 /* not used */ -/* 'do it all in one go' subroutine */ -INTERNAL void hmac_sha1(const unsigned char key[], unsigned int key_len, - const unsigned char data[], unsigned int data_len, - unsigned char mac[], unsigned int mac_len) -{ hmac_ctx cx[1]; - - hmac_sha1_begin(cx); - hmac_sha1_key(key, key_len, cx); - hmac_sha1_data(data, data_len, cx); - hmac_sha1_end(mac, mac_len, cx); -} -#endif - -#if defined(__cplusplus) -} -#endif
  15. Download patch lib/zip_error_to_str.c

    --- 1.3.2-1/lib/zip_error_to_str.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_error_to_str.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -41,28 +41,26 @@ ZIP_EXTERN int -zip_error_to_str(char *buf, zip_uint64_t len, int ze, int se) -{ +zip_error_to_str(char *buf, zip_uint64_t len, int ze, int se) { const char *zs, *ss; if (ze < 0 || ze >= _zip_nerr_str) return snprintf(buf, len, "Unknown error %d", ze); zs = _zip_err_str[ze]; - + switch (_zip_err_type[ze]) { case ZIP_ET_SYS: ss = strerror(se); break; - + case ZIP_ET_ZLIB: ss = zError(se); break; - + default: ss = NULL; } - return snprintf(buf, len, "%s%s%s", - zs, (ss ? ": " : ""), (ss ? ss : "")); + return snprintf(buf, len, "%s%s%s", zs, (ss ? ": " : ""), (ss ? ss : "")); }
  16. Download patch debian/rules

    --- 1.3.2-1/debian/rules 2017-11-20 20:39:26.000000000 +0000 +++ 1.5.1-0ubuntu1/debian/rules 2018-04-03 10:51:36.000000000 +0000 @@ -3,14 +3,20 @@ # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 -DEB_HOST_MULTIARCH ?=. +# Linking with -Bsymbolic-functions causes test failures +export DEB_LDFLAGS_MAINT_STRIP = -Wl,-Bsymbolic-functions + +DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) %: - dh $@ --parallel --list-missing --with autoreconf + dh $@ + +override_dh_auto_configure: + dh_auto_configure -- -DCMAKE_INSTALL_LIBDIR=/usr/lib/$(DEB_HOST_MULTIARCH) -override_dh_link: - install -d debian/libzip-dev/usr/include/${DEB_HOST_MULTIARCH} - dh_link override_dh_installchangelogs: dh_installchangelogs NEWS.md + +override_dh_missing: + dh_missing --fail-missing
  17. Download patch lib/zip_file_rename.c

    --- 1.3.2-1/lib/zip_file_rename.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_file_rename.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -38,11 +38,10 @@ ZIP_EXTERN int -zip_file_rename(zip_t *za, zip_uint64_t idx, const char *name, zip_flags_t flags) -{ +zip_file_rename(zip_t *za, zip_uint64_t idx, const char *name, zip_flags_t flags) { const char *old_name; int old_is_dir, new_is_dir; - + if (idx >= za->nentry || (name != NULL && strlen(name) > ZIP_UINT16_MAX)) { zip_error_set(&za->error, ZIP_ER_INVAL, 0); return -1; @@ -53,11 +52,11 @@ zip_file_rename(zip_t *za, zip_uint64_t return -1; } - if ((old_name=zip_get_name(za, idx, 0)) == NULL) + if ((old_name = zip_get_name(za, idx, 0)) == NULL) return -1; - - new_is_dir = (name != NULL && name[strlen(name)-1] == '/'); - old_is_dir = (old_name[strlen(old_name)-1] == '/'); + + new_is_dir = (name != NULL && name[strlen(name) - 1] == '/'); + old_is_dir = (old_name[strlen(old_name) - 1] == '/'); if (new_is_dir != old_is_dir) { zip_error_set(&za->error, ZIP_ER_INVAL, 0);
  18. Download patch lib/zip_dirent.c
  19. Download patch lib/zip_file_error_get.c

    --- 1.3.2-1/lib/zip_file_error_get.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_file_error_get.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -36,7 +36,6 @@ ZIP_EXTERN void -zip_file_error_get(zip_file_t *zf, int *zep, int *sep) -{ +zip_file_error_get(zip_file_t *zf, int *zep, int *sep) { _zip_error_get(&zf->error, zep, sep); }
  20. Download patch lib/zip_err_str.c

    --- 1.3.2-1/lib/zip_err_str.c 2017-11-13 10:27:59.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_err_str.c 2018-04-11 07:28:08.000000000 +0000 @@ -5,78 +5,16 @@ #include "zipint.h" -const char * const _zip_err_str[] = { - "No error", - "Multi-disk zip archives not supported", - "Renaming temporary file failed", - "Closing zip archive failed", - "Seek error", - "Read error", - "Write error", - "CRC error", - "Containing zip archive was closed", - "No such file", - "File already exists", - "Can't open file", - "Failure to create temporary file", - "Zlib error", - "Malloc failure", - "Entry has been changed", - "Compression method not supported", - "Premature end of file", - "Invalid argument", - "Not a zip archive", - "Internal error", - "Zip archive inconsistent", - "Can't remove file", - "Entry has been deleted", - "Encryption method not supported", - "Read-only archive", - "No password provided", - "Wrong password provided", - "Operation not supported", - "Resource still in use", - "Tell error", - "Compressed data invalid", +const char *const _zip_err_str[] = { + "No error", "Multi-disk zip archives not supported", "Renaming temporary file failed", "Closing zip archive failed", "Seek error", "Read error", "Write error", "CRC error", "Containing zip archive was closed", "No such file", "File already exists", "Can't open file", "Failure to create temporary file", "Zlib error", "Malloc failure", "Entry has been changed", "Compression method not supported", "Premature end of file", "Invalid argument", "Not a zip archive", "Internal error", "Zip archive inconsistent", "Can't remove file", "Entry has been deleted", "Encryption method not supported", "Read-only archive", "No password provided", "Wrong password provided", "Operation not supported", "Resource still in use", "Tell error", "Compressed data invalid", }; -const int _zip_nerr_str = sizeof(_zip_err_str)/sizeof(_zip_err_str[0]); +const int _zip_nerr_str = sizeof(_zip_err_str) / sizeof(_zip_err_str[0]); #define N ZIP_ET_NONE #define S ZIP_ET_SYS #define Z ZIP_ET_ZLIB const int _zip_err_type[] = { - N, - N, - S, - S, - S, - S, - S, - N, - N, - N, - N, - S, - S, - Z, - N, - N, - N, - N, - N, - N, - N, - N, - S, - N, - N, - N, - N, - N, - N, - N, - S, - N, + N, N, S, S, S, S, S, N, N, N, N, S, S, Z, N, N, N, N, N, N, N, N, S, N, N, N, N, N, N, N, S, N, };
  21. Download patch lib/zip_dir_add.c

    --- 1.3.2-1/lib/zip_dir_add.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_dir_add.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -41,8 +41,7 @@ /* NOTE: Signed due to -1 on error. See zip_add.c for more details. */ ZIP_EXTERN zip_int64_t -zip_dir_add(zip_t *za, const char *name, zip_flags_t flags) -{ +zip_dir_add(zip_t *za, const char *name, zip_flags_t flags) { size_t len; zip_int64_t idx; char *s; @@ -61,21 +60,21 @@ zip_dir_add(zip_t *za, const char *name, s = NULL; len = strlen(name); - if (name[len-1] != '/') { - if ((s=(char *)malloc(len+2)) == NULL) { + if (name[len - 1] != '/') { + if ((s = (char *)malloc(len + 2)) == NULL) { zip_error_set(&za->error, ZIP_ER_MEMORY, 0); return -1; } strcpy(s, name); s[len] = '/'; - s[len+1] = '\0'; + s[len + 1] = '\0'; } - if ((source=zip_source_buffer(za, NULL, 0, 0)) == NULL) { + if ((source = zip_source_buffer(za, NULL, 0, 0)) == NULL) { free(s); return -1; } - + idx = _zip_file_replace(za, ZIP_UINT64_MAX, s ? s : name, source, flags); free(s);
  22. Download patch lib/zip_add_dir.c

    --- 1.3.2-1/lib/zip_add_dir.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_add_dir.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -39,7 +39,6 @@ /* NOTE: Signed due to -1 on error. See zip_add.c for more details. */ ZIP_EXTERN zip_int64_t -zip_add_dir(zip_t *za, const char *name) -{ +zip_add_dir(zip_t *za, const char *name) { return zip_dir_add(za, name, 0); }
  23. Download patch lib/zip_crypto_openssl.h

    --- 1.3.2-1/lib/zip_crypto_openssl.h 1970-01-01 00:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_crypto_openssl.h 2018-04-11 07:28:08.000000000 +0000 @@ -0,0 +1,55 @@ +/* + zip_crypto_openssl.h -- definitions for OpenSSL wrapper. + Copyright (C) 2018 Dieter Baron and Thomas Klausner + + This file is part of libzip, a library to manipulate ZIP archives. + The authors can be contacted at <libzip@nih.at> + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + 3. The names of the authors may not be used to endorse or promote + products derived from this software without specific prior + written permission. + + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS + OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY + DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER + IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef HAD_ZIP_CRYPTO_OPENSSL_H +#define HAD_ZIP_CRYPTO_OPENSSL_H + +#include <openssl/aes.h> +#include <openssl/hmac.h> + +#define _zip_crypto_aes_t AES_KEY +#define _zip_crypto_hmac_t HMAC_CTX + +void _zip_crypto_aes_free(_zip_crypto_aes_t *aes); +#define _zip_crypto_aes_encrypt_block(aes, in, out) (AES_encrypt((in), (out), (aes)), true) +_zip_crypto_aes_t *_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error); + +#define _zip_crypto_hmac(hmac, data, length) (HMAC_Update((hmac), (data), (length)) == 1) +void _zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac); +_zip_crypto_hmac_t *_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error); +bool _zip_crypto_hmac_output(_zip_crypto_hmac_t *hmac, zip_uint8_t *data); + +#define _zip_crypto_pbkdf2(key, key_length, salt, salt_length, iterations, output, output_length) \ + (PKCS5_PBKDF2_HMAC_SHA1((const char *)(key), (key_length), (salt), (salt_length), (iterations), (output_length), (output))) + +#endif /* HAD_ZIP_CRYPTO_OPENSSL_H */
  24. Download patch lib/gladman-fcrypt/hmac.h

    --- 1.3.2-1/lib/gladman-fcrypt/hmac.h 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/gladman-fcrypt/hmac.h 1970-01-01 00:00:00.000000000 +0000 @@ -1,81 +0,0 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. - All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software in both source and binary - form is allowed (with or without changes) provided that: - - 1. distributions of this source code include the above copyright - notice, this list of conditions and the following disclaimer; - - 2. distributions in binary form include the above copyright - notice, this list of conditions and the following disclaimer - in the documentation and/or other associated materials; - - 3. the copyright holder's name is not used to endorse products - built using this software without specific written permission. - - ALTERNATIVELY, provided that this notice is retained in full, this product - may be distributed under the terms of the GNU General Public License (GPL), - in which case the provisions of the GPL apply INSTEAD OF those given above. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 24/01/2003 - - This is an implementation of HMAC, the FIPS standard keyed hash function -*/ - -#ifndef _HMAC_H -#define _HMAC_H - -#include <memory.h> - -#include "sha1.h" - -#define IN_BLOCK_LENGTH SHA1_BLOCK_SIZE -#define OUT_BLOCK_LENGTH SHA1_DIGEST_SIZE -#define HMAC_IN_DATA 0xffffffff - -#define HMAC_OK 0 -#define HMAC_BAD_MODE -1 - -#if defined(__cplusplus) -extern "C" -{ -#endif - -typedef struct -{ unsigned char key[IN_BLOCK_LENGTH]; - sha1_ctx ctx[1]; - unsigned int klen; -} hmac_ctx; - -#ifdef BUILDING_FCRYPT -INTERNAL void hmac_sha1_begin(hmac_ctx cx[1]); - -INTERNAL int hmac_sha1_key(const unsigned char key[], unsigned int key_len, hmac_ctx cx[1]); - -INTERNAL void hmac_sha1_data(const unsigned char data[], unsigned int data_len, hmac_ctx cx[1]); - -INTERNAL void hmac_sha1_end(unsigned char mac[], unsigned long mac_len, hmac_ctx cx[1]); -#endif - -#if 0 /* not used */ -INTERNAL void hmac_sha1(const unsigned char key[], unsigned int key_len, - const unsigned char data[], unsigned int data_len, - unsigned char mac[], unsigned int mac_len); -#endif - -#if defined(__cplusplus) -} -#endif - -#endif
  25. Download patch lib/gladman-fcrypt/aestab.c
  26. Download patch debian/compat

    --- 1.3.2-1/debian/compat 2017-11-20 20:39:26.000000000 +0000 +++ 1.5.1-0ubuntu1/debian/compat 2018-04-03 10:51:36.000000000 +0000 @@ -1 +1 @@ -9 +11
  27. Download patch lib/zip_crypto_commoncrypto.c

    --- 1.3.2-1/lib/zip_crypto_commoncrypto.c 1970-01-01 00:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_crypto_commoncrypto.c 2018-04-11 07:28:08.000000000 +0000 @@ -0,0 +1,133 @@ +/* + zip_crypto_commoncrypto.c -- CommonCrypto wrapper. + Copyright (C) 2018 Dieter Baron and Thomas Klausner + + This file is part of libzip, a library to manipulate ZIP archives. + The authors can be contacted at <libzip@nih.at> + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + 3. The names of the authors may not be used to endorse or promote + products derived from this software without specific prior + written permission. + + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS + OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY + DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER + IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#include <stdlib.h> + +#include "zipint.h" + +#include "zip_crypto.h" + +#include <fcntl.h> +#include <unistd.h> + +void +_zip_crypto_aes_free(_zip_crypto_aes_t *aes) +{ + if (aes == NULL) { + return; + } + + CCCryptorRelease(aes); +} + + +bool +_zip_crypto_aes_encrypt_block(_zip_crypto_aes_t *aes, const zip_uint8_t *in, zip_uint8_t *out) +{ + size_t len; + CCCryptorUpdate(aes, in, ZIP_CRYPTO_AES_BLOCK_LENGTH, out, ZIP_CRYPTO_AES_BLOCK_LENGTH, &len); + return true; +} + + +_zip_crypto_aes_t * +_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error) +{ + _zip_crypto_aes_t *aes; + CCCryptorStatus ret; + + ret = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES, kCCOptionECBMode, key, key_size / 8, NULL, &aes); + + switch (ret) { + case kCCSuccess: + return aes; + + case kCCMemoryFailure: + zip_error_set(error, ZIP_ER_MEMORY, 0); + return NULL; + + case kCCParamError: + zip_error_set(error, ZIP_ER_INVAL, 0); + return NULL; + + default: + zip_error_set(error, ZIP_ER_INTERNAL, 0); + return NULL; + } +} + + +void +_zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac) +{ + if (hmac == NULL) { + return; + } + + _zip_crypto_clear(hmac, sizeof(*hmac)); + free(hmac); +} + + +_zip_crypto_hmac_t * +_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error) +{ + _zip_crypto_hmac_t *hmac; + + if ((hmac = (_zip_crypto_hmac_t *)malloc(sizeof(*hmac))) == NULL) { + zip_error_set(error, ZIP_ER_MEMORY, 0); + return NULL; + } + + CCHmacInit(hmac, kCCHmacAlgSHA1, secret, secret_length); + + return hmac; +} + + +ZIP_EXTERN bool +zip_random(zip_uint8_t *buffer, zip_uint16_t length) { + int fd; + + if ((fd = open("/dev/urandom", O_RDONLY)) < 0) { + return false; + } + + if (read(fd, buffer, length) != length) { + close(fd); + return false; + } + + close(fd); + return true; +}
  28. Download patch lib/zip_discard.c

    --- 1.3.2-1/lib/zip_discard.c 2017-10-06 11:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_discard.c 2018-04-11 07:28:08.000000000 +0000 @@ -1,6 +1,6 @@ /* zip_discard.c -- discard and free struct zip - Copyright (C) 1999-2016 Dieter Baron and Thomas Klausner + Copyright (C) 1999-2017 Dieter Baron and Thomas Klausner This file is part of libzip, a library to manipulate ZIP archives. The authors can be contacted at <libzip@nih.at> @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -42,8 +42,7 @@ corresponding file. */ void -zip_discard(zip_t *za) -{ +zip_discard(zip_t *za) { zip_uint64_t i; if (za == NULL) @@ -61,12 +60,12 @@ zip_discard(zip_t *za) _zip_hash_free(za->names); if (za->entry) { - for (i=0; i<za->nentry; i++) - _zip_entry_finalize(za->entry+i); + for (i = 0; i < za->nentry; i++) + _zip_entry_finalize(za->entry + i); free(za->entry); } - for (i=0; i<za->nopen_source; i++) { + for (i = 0; i < za->nopen_source; i++) { _zip_source_invalidate(za->open_source[i]); } free(za->open_source); @@ -74,7 +73,7 @@ zip_discard(zip_t *za) _zip_progress_free(za->progress); zip_error_fini(&za->error); - + free(za); return;
  29. Download patch install-sh
  30. Download patch debian/control

    --- 1.3.2-1/debian/control 2017-11-20 20:39:26.000000000 +0000 +++ 1.5.1-0ubuntu1/debian/control 2018-11-27 00:40:30.000000000 +0000 @@ -1,9 +1,12 @@ Source: libzip Priority: optional -Maintainer: Stefan Schörghofer <amd1212@4md.gr> +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> +XSBC-Original-Maintainer: Stefan Schörghofer <amd1212@4md.gr> Uploaders: Ondřej Surý <ondrej@debian.org> -Build-Depends: debhelper (>= 9), - dh-autoreconf, +Build-Depends: cmake, + debhelper (>= 11), + libbz2-dev, + libssl-dev, unzip, zlib1g-dev, mandoc
  31. Download patch lib/zip_fclose.c

    --- 1.3.2-1/lib/zip_fclose.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_fclose.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -38,10 +38,9 @@ ZIP_EXTERN int -zip_fclose(zip_file_t *zf) -{ +zip_fclose(zip_file_t *zf) { int ret; - + if (zf->src) zip_source_free(zf->src);
  32. Download patch lib/zip_add_entry.c

    --- 1.3.2-1/lib/zip_add_entry.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_add_entry.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -40,11 +40,10 @@ /* NOTE: Signed due to -1 on error. See zip_add.c for more details. */ zip_int64_t -_zip_add_entry(zip_t *za) -{ +_zip_add_entry(zip_t *za) { zip_uint64_t idx; - if (za->nentry+1 >= za->nentry_alloc) { + if (za->nentry + 1 >= za->nentry_alloc) { zip_entry_t *rentries; zip_uint64_t nalloc = za->nentry_alloc; zip_uint64_t additional_entries = 2 * nalloc; @@ -75,7 +74,7 @@ _zip_add_entry(zip_t *za) idx = za->nentry++; - _zip_entry_init(za->entry+idx); + _zip_entry_init(za->entry + idx); return (zip_int64_t)idx; }
  33. Download patch lib/zip_file_set_comment.c

    --- 1.3.2-1/lib/zip_file_set_comment.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_file_set_comment.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -38,9 +38,7 @@ ZIP_EXTERN int -zip_file_set_comment(zip_t *za, zip_uint64_t idx, - const char *comment, zip_uint16_t len, zip_flags_t flags) -{ +zip_file_set_comment(zip_t *za, zip_uint64_t idx, const char *comment, zip_uint16_t len, zip_flags_t flags) { zip_entry_t *e; zip_string_t *cstr; int changed; @@ -59,7 +57,7 @@ zip_file_set_comment(zip_t *za, zip_uint } if (len > 0) { - if ((cstr=_zip_string_new((const zip_uint8_t *)comment, len, flags, &za->error)) == NULL) + if ((cstr = _zip_string_new((const zip_uint8_t *)comment, len, flags, &za->error)) == NULL) return -1; if ((flags & ZIP_FL_ENCODING_ALL) == ZIP_FL_ENC_GUESS && _zip_guess_encoding(cstr, ZIP_ENCODING_UNKNOWN) == ZIP_ENCODING_UTF8_GUESSED) cstr->encoding = ZIP_ENCODING_UTF8_KNOWN; @@ -67,7 +65,7 @@ zip_file_set_comment(zip_t *za, zip_uint else cstr = NULL; - e = za->entry+idx; + e = za->entry + idx; if (e->changes) { _zip_string_free(e->changes->comment); @@ -79,17 +77,17 @@ zip_file_set_comment(zip_t *za, zip_uint changed = !_zip_string_equal(e->orig->comment, cstr); else changed = (cstr != NULL); - + if (changed) { - if (e->changes == NULL) { - if ((e->changes=_zip_dirent_clone(e->orig)) == NULL) { - zip_error_set(&za->error, ZIP_ER_MEMORY, 0); + if (e->changes == NULL) { + if ((e->changes = _zip_dirent_clone(e->orig)) == NULL) { + zip_error_set(&za->error, ZIP_ER_MEMORY, 0); _zip_string_free(cstr); - return -1; - } - } - e->changes->comment = cstr; - e->changes->changed |= ZIP_DIRENT_COMMENT; + return -1; + } + } + e->changes->comment = cstr; + e->changes->changed |= ZIP_DIRENT_COMMENT; } else { _zip_string_free(cstr);
  34. Download patch lib/zip_crypto_commoncrypto.h

    --- 1.3.2-1/lib/zip_crypto_commoncrypto.h 1970-01-01 00:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_crypto_commoncrypto.h 2018-04-11 07:28:08.000000000 +0000 @@ -0,0 +1,54 @@ +/* + zip_crypto_commoncrypto.h -- definitions for CommonCrypto wrapper. + Copyright (C) 2018 Dieter Baron and Thomas Klausner + + This file is part of libzip, a library to manipulate ZIP archives. + The authors can be contacted at <libzip@nih.at> + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + 3. The names of the authors may not be used to endorse or promote + products derived from this software without specific prior + written permission. + + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS + OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY + DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER + IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef HAD_ZIP_CRYPTO_COMMONCRYPTO_H +#define HAD_ZIP_CRYPTO_COMMONCRYPTO_H + +#include <CommonCrypto/CommonCrypto.h> + +#define _zip_crypto_aes_t struct _CCCryptor +#define _zip_crypto_hmac_t CCHmacContext + +void _zip_crypto_aes_free(_zip_crypto_aes_t *aes); +bool _zip_crypto_aes_encrypt_block(_zip_crypto_aes_t *aes, const zip_uint8_t *in, zip_uint8_t *out); +_zip_crypto_aes_t *_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error); + +#define _zip_crypto_hmac(hmac, data, length) (CCHmacUpdate((hmac), (data), (length)), true) +void _zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac); +_zip_crypto_hmac_t *_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error); +#define _zip_crypto_hmac_output(hmac, data) (CCHmacFinal((hmac), (data)), true) + +#define _zip_crypto_pbkdf2(key, key_length, salt, salt_length, iterations, output, output_length) \ + (CCKeyDerivationPBKDF(kCCPBKDF2, (const char *)(key), (key_length), (salt), (salt_length), kCCPRFHmacAlgSHA1, (iterations), (output), (output_length)) == kCCSuccess) + +#endif /* HAD_ZIP_CRYPTO_COMMONCRYPTO_H */
  35. Download patch lib/Makefile.am

    --- 1.3.2-1/lib/Makefile.am 2017-10-06 12:40:42.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/Makefile.am 1970-01-01 00:00:00.000000000 +0000 @@ -1,158 +0,0 @@ -# for 'make dist' -SUBDIRS= gladman-fcrypt - -AM_CFLAGS= @CFLAG_VISIBILITY@ - -lib_LTLIBRARIES = libzip.la -noinst_HEADERS = zipint.h gladman-fcrypt.h -include_HEADERS = zip.h -nodist_include_HEADERS = zipconf.h - -# also update CMakeLists.txt when changing version -libzip_la_LDFLAGS=-no-undefined -version-info 5:0:0 -libzip_la_CPPFLAGS=-I$(srcdir)/gladman-fcrypt -libzip_la_LIBADD=@LTLIBOBJS@ - -if WIN32_HOST -OS_SOURCES=\ - zip_random_win32.c \ - zip_source_win32a.c \ - zip_source_win32handle.c \ - zip_source_win32utf8.c \ - zip_source_win32w.c -else -OS_SOURCES=\ - zip_random_unix.c \ - zip_source_file.c -endif - -libzip_la_SOURCES=\ - ${OS_SOURCES} \ - gladman-fcrypt.c \ - zip_add.c \ - zip_add_dir.c \ - zip_add_entry.c \ - zip_algorithm_bzip2.c \ - zip_algorithm_deflate.c \ - zip_buffer.c \ - zip_close.c \ - zip_delete.c \ - zip_dir_add.c \ - zip_dirent.c \ - zip_discard.c \ - zip_entry.c \ - zip_err_str.c \ - zip_error.c \ - zip_error_clear.c \ - zip_error_get.c \ - zip_error_get_sys_type.c \ - zip_error_strerror.c \ - zip_error_to_str.c \ - zip_extra_field.c \ - zip_extra_field_api.c \ - zip_fclose.c \ - zip_fdopen.c \ - zip_file_add.c \ - zip_file_error_clear.c \ - zip_file_error_get.c \ - zip_file_get_comment.c \ - zip_file_get_external_attributes.c \ - zip_file_get_offset.c \ - zip_file_rename.c \ - zip_file_replace.c \ - zip_file_set_comment.c \ - zip_file_set_encryption.c \ - zip_file_set_external_attributes.c \ - zip_file_set_mtime.c \ - zip_file_strerror.c \ - zip_filerange_crc.c \ - zip_fopen.c \ - zip_fopen_encrypted.c \ - zip_fopen_index.c \ - zip_fopen_index_encrypted.c \ - zip_fread.c \ - zip_fseek.c \ - zip_ftell.c \ - zip_get_archive_comment.c \ - zip_get_archive_flag.c \ - zip_get_encryption_implementation.c \ - zip_get_file_comment.c \ - zip_get_num_entries.c \ - zip_get_num_files.c \ - zip_get_name.c \ - zip_hash.c \ - zip_io_util.c \ - zip_libzip_version.c \ - zip_memdup.c \ - zip_name_locate.c \ - zip_new.c \ - zip_open.c \ - zip_progress.c \ - zip_rename.c \ - zip_replace.c \ - zip_set_archive_comment.c \ - zip_set_archive_flag.c \ - zip_set_default_password.c \ - zip_set_file_comment.c \ - zip_set_file_compression.c \ - zip_set_name.c \ - zip_source_begin_write.c \ - zip_source_buffer.c \ - zip_source_call.c \ - zip_source_close.c \ - zip_source_commit_write.c \ - zip_source_compress.c \ - zip_source_crc.c \ - zip_source_error.c \ - zip_source_filep.c \ - zip_source_free.c \ - zip_source_function.c \ - zip_source_get_compression_flags.c \ - zip_source_is_deleted.c \ - zip_source_layered.c \ - zip_source_open.c \ - zip_source_pkware.c \ - zip_source_read.c \ - zip_source_remove.c \ - zip_source_rollback_write.c \ - zip_source_seek.c \ - zip_source_seek_write.c \ - zip_source_stat.c \ - zip_source_supports.c \ - zip_source_tell.c \ - zip_source_tell_write.c \ - zip_source_window.c \ - zip_source_winzip_aes_decode.c \ - zip_source_winzip_aes_encode.c \ - zip_source_write.c \ - zip_source_zip.c \ - zip_source_zip_new.c \ - zip_stat.c \ - zip_stat_index.c \ - zip_stat_init.c \ - zip_strerror.c \ - zip_string.c \ - zip_unchange.c \ - zip_unchange_all.c \ - zip_unchange_archive.c \ - zip_unchange_data.c \ - zip_utf-8.c - -BUILT_SOURCES=zipconf.h -CLEANFILES= ${BUILT_SOURCES} - -EXTRA_DIST= CMakeLists.txt \ - compat.h \ - make_zip_err_str.sh \ - make_zipconf.sh \ - zip_source_win32a.c \ - zip_source_win32handle.c \ - zip_source_win32utf8.c \ - zip_source_win32w.c \ - zipwin32.h - -zip_err_str.c: zip.h make_zip_err_str.sh - sh $(srcdir)/make_zip_err_str.sh $(srcdir)/zip.h zip_err_str.c - -zipconf.h: ${top_builddir}/config.h make_zipconf.sh - sh ${srcdir}/make_zipconf.sh ${top_builddir}/config.h zipconf.h
  36. Download patch lib/zip_crypto.h

    --- 1.3.2-1/lib/zip_crypto.h 1970-01-01 00:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_crypto.h 2018-04-11 07:28:08.000000000 +0000 @@ -0,0 +1,50 @@ +/* + zip_crypto.h -- crypto definitions + Copyright (C) 2017 Dieter Baron and Thomas Klausner + + This file is part of libzip, a library to manipulate ZIP archives. + The authors can be contacted at <libzip@nih.at> + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + 3. The names of the authors may not be used to endorse or promote + products derived from this software without specific prior + written permission. + + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS + OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY + DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER + IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef HAD_ZIP_CRYPTO_H +#define HAD_ZIP_CRYPTO_H + +#define ZIP_CRYPTO_SHA1_LENGTH 20 +#define ZIP_CRYPTO_AES_BLOCK_LENGTH 16 + +#if defined(HAVE_OPENSSL) +#include "zip_crypto_openssl.h" +#elif defined(HAVE_GNUTLS) +#include "zip_crypto_gnutls.h" +#elif defined(HAVE_COMMONCRYPTO) +#include "zip_crypto_commoncrypto.h" +#else +#error "no crypto backend found" +#endif + +#endif /* HAD_ZIP_CRYPTO_H */
  37. Download patch configure.ac

    --- 1.3.2-1/configure.ac 2017-11-20 10:06:54.000000000 +0000 +++ 1.5.1-0ubuntu1/configure.ac 1970-01-01 00:00:00.000000000 +0000 @@ -1,164 +0,0 @@ -AC_PREREQ([2.60]) -AC_INIT([libzip],[1.3.2],[libzip@nih.at]) -AC_CONFIG_SRCDIR([lib/zip_add.c]) -AC_CONFIG_HEADERS([config.h]) -AC_CONFIG_MACRO_DIR([m4]) -AM_INIT_AUTOMAKE - -AC_CANONICAL_HOST -dnl Add rpath flags to installed pkg-config (.pc) file on systems that prefer it this way. -case $host_os in - *bsd*) - PKG_CONFIG_RPATH=-Wl,-R\${libdir};; - *) - PKG_CONFIG_RPATH=;; -esac -AC_SUBST(PKG_CONFIG_RPATH) - - -AC_PROG_CC -AC_SYS_LARGEFILE -AM_PROG_CC_C_O -AC_C_BIGENDIAN - -AC_ARG_WITH(zlib, - [ --with-zlib=PREFIX specify prefix for ZLIB library],, - with_zlib=yes) - -if test "$with_zlib" != "yes" -then - if test -f "$with_zlib"/zlib.h - then - # PREFIX is to uninstalled version in distribution directory - CFLAGS="$CFLAGS -I$with_zlib" - LDFLAGS="$LDFLAGS -L$with_zlib" - else if test -f "$with_zlib"/include/zlib.h - then - # PREFIX is installation prefix - CFLAGS="$CFLAGS -I$with_zlib/include" - LDFLAGS="$LDFLAGS -L$with_zlib/lib" - fi - fi -fi - -AC_CHECK_LIB(z, main) -AC_CACHE_CHECK(new ZLIB version, id_cv_lib_zlib_ok, - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <zlib.h>]], [[extern ZEXPORT int unzOpen (const char *path);]])],[id_cv_lib_zlib_ok=yes],[id_cv_lib_zlib_ok=no])) -if test "$id_cv_lib_zlib_ok" = "no" -then - AC_MSG_ERROR([ZLIB version too old, please install at least v1.1.2]) -fi - -AC_ARG_WITH(bzip2, - [ --with-bzip2=PREFIX specify prefix for bzip2 library],, - with_bzip2=yes) - -if test "$with_bzip2" != "yes" -then - if test -f "$with_bzip2"/bzlib.h - then - # PREFIX is to uninstalled version in distribution directory - CFLAGS="$CFLAGS -I$with_bzip2" - LDFLAGS="$LDFLAGS -L$with_bzip2" - else if test -f "$with_bzip2"/include/bzlib.h - then - # PREFIX is installation prefix - CFLAGS="$CFLAGS -I$with_bzip2/include" - LDFLAGS="$LDFLAGS -L$with_bzip2/lib" - fi - fi -fi -if test "$with_bzip2" != "no" -then - AC_CHECK_LIB(bz2, main) -fi - -AC_EXEEXT - -LT_INIT - -if test "$enable_shared" = "yes" -then - AC_DEFINE([HAVE_SHARED], [1], [Define when building shared libraries]) -fi - -AC_CHECK_FUNCS([_chmod _close _dup _fdopen _fileno _open _setmode _snprintf _strdup _stricmp _strtoi64 _strtoui64 _umask _unlink explicit_bzero explicit_memset fileno fseeko ftello getopt getprogname open setmode snprintf strcasecmp strdup stricmp strtoll strtoull]) -AC_CHECK_FUNCS([mkstemp], [], [AC_LIBOBJ(mkstemp)]) - -dnl assume dlsym in libc, but check in libdl -DLSYM_LIB= -AC_CHECK_LIB([dl], [dlsym], [DLSYM_LIB="-ldl"]) -AC_SUBST([DLSYM_LIB]) - -AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, - [ AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], - [[ extern char *__progname; printf("%s", __progname); ]])], - [ ac_cv_libc_defines___progname="yes" ], - [ ac_cv_libc_defines___progname="no" ]) - ]) -if test "x$ac_cv_libc_defines___progname" = "xyes" ; then - AC_DEFINE([HAVE___PROGNAME], [1], [Define if libc defines __progname]) -fi - -AC_CACHE_CHECK([whether we are building for a Win32 host], [ac_cv_win32_host], - AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#ifdef _WIN32 - choke me - #endif - ]])], - [ac_cv_win32_host=no], [ac_cv_win32_host=yes])) -AM_CONDITIONAL([WIN32_HOST], [test "x$ac_cv_win32_host" = "xyes"]) - -AC_CHECK_HEADERS([fts.h stdbool.h strings.h unistd.h]) - -AC_CHECK_TYPES([int8_t]) -AC_CHECK_TYPES([int16_t]) -AC_CHECK_TYPES([int32_t]) -AC_CHECK_TYPES([int64_t]) -AC_CHECK_TYPES([uint8_t]) -AC_CHECK_TYPES([uint16_t]) -AC_CHECK_TYPES([uint32_t]) -AC_CHECK_TYPES([uint64_t]) -AC_CHECK_TYPES([ssize_t]) - -AC_CHECK_SIZEOF([short]) -AC_CHECK_SIZEOF([int]) -AC_CHECK_SIZEOF([long]) -AC_CHECK_SIZEOF([long long]) -AC_CHECK_SIZEOF([off_t]) -AC_CHECK_SIZEOF([size_t]) - -AC_STRUCT_TIMEZONE - -case $host_os -in - *bsd*) MANFMT=mdoc;; - *) MANFMT=man;; -esac -AC_SUBST([MANFMT]) - -AH_BOTTOM([ -#ifndef HAVE_SSIZE_T -# if SIZEOF_SIZE_T == SIZEOF_INT -typedef int ssize_t; -# elif SIZEOF_SIZE_T == SIZEOF_LONG -typedef long ssize_t; -# elif SIZEOF_SIZE_T == SIZEOF_LONG_LONG -typedef long long ssize_t; -# else -#error no suitable type for ssize_t found -# endif -#endif -]) - -gl_VISIBILITY - -AC_CONFIG_FILES([Makefile - libzip.pc - libzip-uninstalled.pc - examples/Makefile - man/Makefile - lib/Makefile - lib/gladman-fcrypt/Makefile - regress/Makefile - src/Makefile]) -AC_OUTPUT
  38. Download patch cmake-zipconf.h.in

    --- 1.3.2-1/cmake-zipconf.h.in 2017-10-06 11:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/cmake-zipconf.h.in 2018-04-11 07:28:08.000000000 +0000 @@ -8,99 +8,23 @@ based on ../cmake-zipconf.h.in. */ -#cmakedefine HAVE_INTTYPES_H_LIBZIP -#cmakedefine HAVE_STDINT_H_LIBZIP -#cmakedefine HAVE_SYS_TYPES_H_LIBZIP -#cmakedefine HAVE___INT8_LIBZIP -#cmakedefine HAVE_INT8_T_LIBZIP -#cmakedefine HAVE_UINT8_T_LIBZIP -#cmakedefine HAVE___INT16_LIBZIP -#cmakedefine HAVE_INT16_T_LIBZIP -#cmakedefine HAVE_UINT16_T_LIBZIP -#cmakedefine HAVE___INT32_LIBZIP -#cmakedefine HAVE_INT32_T_LIBZIP -#cmakedefine HAVE_UINT32_T_LIBZIP -#cmakedefine HAVE___INT64_LIBZIP -#cmakedefine HAVE_INT64_T_LIBZIP -#cmakedefine HAVE_UINT64_T_LIBZIP -#cmakedefine HAVE_SSIZE_T_LIBZIP -#cmakedefine SHORT_LIBZIP ${SHORT_LIBZIP} -#cmakedefine INT_LIBZIP ${INT_LIBZIP} -#cmakedefine LONG_LIBZIP ${LONG_LIBZIP} -#cmakedefine LONG_LONG_LIBZIP ${LONG_LONG_LIBZIP} +#cmakedefine LIBZIP_VERSION "@PACKAGE_VERSION@" +#cmakedefine LIBZIP_VERSION_MAJOR @PACKAGE_VERSION_MAJOR@ +#cmakedefine LIBZIP_VERSION_MINOR @PACKAGE_VERSION_MINOR@ +#cmakedefine LIBZIP_VERSION_MICRO @PACKAGE_VERSION_MICRO@ -#if defined(HAVE_STDINT_H_LIBZIP) -#include <stdint.h> -#elif defined(HAVE_INTTYPES_H_LIBZIP) -#include <inttypes.h> -#elif defined(HAVE_SYS_TYPES_H_LIBZIP) -#include <sys/types.h> -#endif +#cmakedefine ZIP_STATIC -#if defined(HAVE_INT8_T_LIBZIP) -typedef int8_t zip_int8_t; -#elif defined(HAVE___INT8_LIBZIP) -typedef __int8 zip_int8_t; -#else -typedef signed char zip_int8_t; -#endif -#if defined(HAVE_UINT8_T_LIBZIP) -typedef uint8_t zip_uint8_t; -#elif defined(HAVE___INT8_LIBZIP) -typedef unsigned __int8 zip_uint8_t; -#else -typedef unsigned char zip_uint8_t; -#endif -#if defined(HAVE_INT16_T_LIBZIP) -typedef int16_t zip_int16_t; -#elif defined(HAVE___INT16_LIBZIP) -typedef __int16 zip_int16_t; -#elif defined(SHORT_LIBZIP) && SHORT_LIBZIP == 2 -typedef signed short zip_int16_t; -#endif -#if defined(HAVE_UINT16_T_LIBZIP) -typedef uint16_t zip_uint16_t; -#elif defined(HAVE___INT16_LIBZIP) -typedef unsigned __int16 zip_uint16_t; -#elif defined(SHORT_LIBZIP) && SHORT_LIBZIP == 2 -typedef unsigned short zip_uint16_t; -#endif -#if defined(HAVE_INT32_T_LIBZIP) -typedef int32_t zip_int32_t; -#elif defined(HAVE___INT32_LIBZIP) -typedef __int32 zip_int32_t; -#elif defined(INT_LIBZIP) && INT_LIBZIP == 4 -typedef signed int zip_int32_t; -#elif defined(LONG_LIBZIP) && LONG_LIBZIP == 4 -typedef signed long zip_int32_t; -#endif -#if defined(HAVE_UINT32_T_LIBZIP) -typedef uint32_t zip_uint32_t; -#elif defined(HAVE___INT32_LIBZIP) -typedef unsigned __int32 zip_uint32_t; -#elif defined(INT_LIBZIP) && INT_LIBZIP == 4 -typedef unsigned int zip_uint32_t; -#elif defined(LONG_LIBZIP) && LONG_LIBZIP == 4 -typedef unsigned long zip_uint32_t; -#endif -#if defined(HAVE_INT64_T_LIBZIP) -typedef int64_t zip_int64_t; -#elif defined(HAVE___INT64_LIBZIP) -typedef __int64 zip_int64_t; -#elif defined(LONG_LIBZIP) && LONG_LIBZIP == 8 -typedef signed long zip_int64_t; -#elif defined(LONG_LONG_LIBZIP) && LONG_LONG_LIBZIP == 8 -typedef signed long long zip_int64_t; -#endif -#if defined(HAVE_UINT64_T_LIBZIP) -typedef uint64_t zip_uint64_t; -#elif defined(HAVE___INT64_LIBZIP) -typedef unsigned __int64 zip_uint64_t; -#elif defined(LONG_LIBZIP) && LONG_LONG_LIBZIP == 8 -typedef unsigned long zip_uint64_t; -#elif defined(LONG_LONG_LIBZIP) && LONG_LONG_LIBZIP == 8 -typedef unsigned long long zip_uint64_t; -#endif +${LIBZIP_TYPES_INCLUDE} + +typedef ${ZIP_INT8_T} zip_int8_t; +typedef ${ZIP_UINT8_T} zip_uint8_t; +typedef ${ZIP_INT16_T} zip_int16_t; +typedef ${ZIP_UINT16_T} zip_uint16_t; +typedef ${ZIP_INT32_T} zip_int32_t; +typedef ${ZIP_UINT32_T} zip_uint32_t; +typedef ${ZIP_INT64_T} zip_int64_t; +typedef ${ZIP_UINT64_T} zip_uint64_t; #define ZIP_INT8_MIN (-ZIP_INT8_MAX-1) #define ZIP_INT8_MAX 0x7f
  39. Download patch lib/gladman-fcrypt/sha1.c
  40. Download patch lib/gladman-fcrypt/aesopt.h
  41. Download patch CMakeLists.txt
  42. Download patch lib/zip_extra_field.c
  43. Download patch lib/gladman-fcrypt/pwd2key.c

    --- 1.3.2-1/lib/gladman-fcrypt/pwd2key.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/gladman-fcrypt/pwd2key.c 1970-01-01 00:00:00.000000000 +0000 @@ -1,159 +0,0 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. - All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software in both source and binary - form is allowed (with or without changes) provided that: - - 1. distributions of this source code include the above copyright - notice, this list of conditions and the following disclaimer; - - 2. distributions in binary form include the above copyright - notice, this list of conditions and the following disclaimer - in the documentation and/or other associated materials; - - 3. the copyright holder's name is not used to endorse products - built using this software without specific written permission. - - ALTERNATIVELY, provided that this notice is retained in full, this product - may be distributed under the terms of the GNU General Public License (GPL), - in which case the provisions of the GPL apply INSTEAD OF those given above. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 24/01/2003 - - This is an implementation of RFC2898, which specifies key derivation from - a password and a salt value. -*/ - -#include <memory.h> -#include "hmac.h" - -#if defined(__cplusplus) -extern "C" -{ -#endif - -INTERNAL void derive_key(const unsigned char pwd[], /* the PASSWORD */ - unsigned int pwd_len, /* and its length */ - const unsigned char salt[], /* the SALT and its */ - unsigned int salt_len, /* length */ - unsigned int iter, /* the number of iterations */ - unsigned char key[], /* space for the output key */ - unsigned int key_len)/* and its required length */ -{ - unsigned int i, j, k, n_blk; - unsigned char uu[OUT_BLOCK_LENGTH], ux[OUT_BLOCK_LENGTH]; - hmac_ctx c1[1], c2[1], c3[1]; - - /* set HMAC context (c1) for password */ - hmac_sha1_begin(c1); - hmac_sha1_key(pwd, pwd_len, c1); - - /* set HMAC context (c2) for password and salt */ - memcpy(c2, c1, sizeof(hmac_ctx)); - hmac_sha1_data(salt, salt_len, c2); - - /* find the number of SHA blocks in the key */ - n_blk = 1 + (key_len - 1) / OUT_BLOCK_LENGTH; - - for(i = 0; i < n_blk; ++i) /* for each block in key */ - { - /* ux[] holds the running xor value */ - memset(ux, 0, OUT_BLOCK_LENGTH); - - /* set HMAC context (c3) for password and salt */ - memcpy(c3, c2, sizeof(hmac_ctx)); - - /* enter additional data for 1st block into uu */ - uu[0] = (unsigned char)((i + 1) >> 24); - uu[1] = (unsigned char)((i + 1) >> 16); - uu[2] = (unsigned char)((i + 1) >> 8); - uu[3] = (unsigned char)(i + 1); - - /* this is the key mixing iteration */ - for(j = 0, k = 4; j < iter; ++j) - { - /* add previous round data to HMAC */ - hmac_sha1_data(uu, k, c3); - - /* obtain HMAC for uu[] */ - hmac_sha1_end(uu, OUT_BLOCK_LENGTH, c3); - - /* xor into the running xor block */ - for(k = 0; k < OUT_BLOCK_LENGTH; ++k) - ux[k] ^= uu[k]; - - /* set HMAC context (c3) for password */ - memcpy(c3, c1, sizeof(hmac_ctx)); - } - - /* compile key blocks into the key output */ - j = 0; k = i * OUT_BLOCK_LENGTH; - while(j < OUT_BLOCK_LENGTH && k < key_len) - key[k++] = ux[j++]; - } -} - -#ifdef TEST - -#include <stdio.h> - -struct -{ unsigned int pwd_len; - unsigned int salt_len; - unsigned int it_count; - unsigned char *pwd; - unsigned char salt[32]; - unsigned char key[32]; -} tests[] = -{ - { 8, 4, 5, (unsigned char*)"password", - { 0x12, 0x34, 0x56, 0x78 }, - { 0x5c, 0x75, 0xce, 0xf0, 0x1a, 0x96, 0x0d, 0xf7, - 0x4c, 0xb6, 0xb4, 0x9b, 0x9e, 0x38, 0xe6, 0xb5 } /* ... */ - }, - { 8, 8, 5, (unsigned char*)"password", - { 0x12, 0x34, 0x56, 0x78, 0x78, 0x56, 0x34, 0x12 }, - { 0xd1, 0xda, 0xa7, 0x86, 0x15, 0xf2, 0x87, 0xe6, - 0xa1, 0xc8, 0xb1, 0x20, 0xd7, 0x06, 0x2a, 0x49 } /* ... */ - } -}; - -int main() -{ unsigned int i, j, key_len = 256; - unsigned char key[256]; - - printf("\nTest of RFC2898 Password Based Key Derivation"); - for(i = 0; i < 2; ++i) - { - derive_key(tests[i].pwd, tests[i].pwd_len, tests[i].salt, - tests[i].salt_len, tests[i].it_count, key, key_len); - - printf("\ntest %i: ", i + 1); - printf("key %s", memcmp(tests[i].key, key, 16) ? "is bad" : "is good"); - for(j = 0; j < key_len && j < 64; j += 4) - { - if(j % 16 == 0) - printf("\n"); - printf("0x%02x%02x%02x%02x ", key[j], key[j + 1], key[j + 2], key[j + 3]); - } - printf(j < key_len ? " ... \n" : "\n"); - } - printf("\n"); - return 0; -} - -#if defined(__cplusplus) -} -#endif - -#endif
  44. Download patch lib/gladman-fcrypt/sha1.h

    --- 1.3.2-1/lib/gladman-fcrypt/sha1.h 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/gladman-fcrypt/sha1.h 1970-01-01 00:00:00.000000000 +0000 @@ -1,79 +0,0 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. - All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software in both source and binary - form is allowed (with or without changes) provided that: - - 1. distributions of this source code include the above copyright - notice, this list of conditions and the following disclaimer; - - 2. distributions in binary form include the above copyright - notice, this list of conditions and the following disclaimer - in the documentation and/or other associated materials; - - 3. the copyright holder's name is not used to endorse products - built using this software without specific written permission. - - ALTERNATIVELY, provided that this notice is retained in full, this product - may be distributed under the terms of the GNU General Public License (GPL), - in which case the provisions of the GPL apply INSTEAD OF those given above. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 24/01/2003 - - This file contains the definitions needed for SHA1 -*/ - -#ifndef _SHA1_H -#define _SHA1_H - -#include <limits.h> - -#define SHA1_BLOCK_SIZE 64 -#define SHA1_DIGEST_SIZE 20 - -#if defined(__cplusplus) -extern "C" -{ -#endif - -/* define an unsigned 32-bit type */ - -#include "config.h" - -typedef zip_uint32_t sha1_32t; - -/* type to hold the SHA256 context */ - -typedef struct -{ sha1_32t count[2]; - sha1_32t hash[5]; - sha1_32t wbuf[16]; -} sha1_ctx; - -#ifdef BUILDING_FCRYPT -INTERNAL void sha1_compile(sha1_ctx ctx[1]); - -INTERNAL void sha1_begin(sha1_ctx ctx[1]); -INTERNAL void sha1_hash(const unsigned char data[], unsigned int len, sha1_ctx ctx[1]); -INTERNAL void sha1_end(unsigned char hval[], sha1_ctx ctx[1]); -#endif - -#if 0 /* not used */ -INTERNAL void sha1(unsigned char hval[], const unsigned char data[], unsigned int len); -#endif - -#if defined(__cplusplus) -} -#endif - -#endif
  45. Download patch API-CHANGES.md

    --- 1.3.2-1/API-CHANGES.md 1970-01-01 00:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/API-CHANGES.md 2018-04-11 07:28:08.000000000 +0000 @@ -0,0 +1,162 @@ +# libzip API changes + +This file describes changes in the libzip API and how to adapt your +code for them. + +You can define `ZIP_DISABLE_DEPRECATED` before including `<zip.h>` to hide +prototypes for deprecated functions, to find out about functions that +might be removed at some point. + +## Changed in libzip-1.0 + +### new type `zip_error_t` + +Error information is stored in the newly public type `zip_error_t`. Use +this to access information about an error, instead of the deprecated +functions that operated on two ints. + +deprecated functions: +- `zip_error_get_sys_type()` +- `zip_error_get()` +- `zip_error_to_str()` +- `zip_file_error_get()` + +See their man pages for instructions on how to replace them. + +The most common affected use is `zip_open`. The new recommended usage +is: + +```c +int err; +if ((za = zip_open(archive, flags, &err)) == NULL) { + zip_error_t error; + zip_error_init_with_code(&error, err); + fprintf(stderr, "can't open zip archive '%s': %s\n", archive, zip_error_strerror(&error)); + zip_error_fini(&error); +} +``` + +### more typedefs + +The following typedefs have been added for better readability: + +```c +typedef struct zip zip_t; +typedef struct zip_file zip_file_t; +typedef struct zip_source zip_source_t; +typedef struct zip_stat zip_stat_t; +``` + +This means you can use "`zip_t`" instead of "`struct zip`", etc. + + +### torrentzip support removed + +torrentzip depends on a particular zlib version which is by now quite +old. + +## Changed in libzip-0.11 + +### new type `zip_flags_t` + +The functions which have flags now use the `zip_flags_t` type for this. +All old flags fit; you need only to adapt code if you were saving flags in a +local variable. Use `zip_flags_t` for such a variable. +This affects: +- `zip_fopen()` +- `zip_fopen_encrypted()` +- `zip_fopen_index()` +- `zip_fopen_index_encrypted()` +- `zip_get_archive_comment()` +- `zip_get_archive_flag()` +- `zip_get_num_entries()` +- `zip_get_name()` +- `zip_name_locate()` +- `zip_set_archive_flag()` +- `zip_source_zip()` +- `zip_stat()` +- `zip_stat_index()` + +#### `ZIP_FL_*`, `ZIP_AFL_*`, `ZIP_STAT_*` are now unsigned constants + +To match the new `zip_flags_t` type. + +#### `zip_add()`, `zip_add_dir()` + +These functions were replaced with `zip_file_add()` and `zip_dir_add()`, respectively, +to add a flags argument. + +#### `zip_rename()`, `zip_replace()` + +These functions were replaced with `zip_file_rename()` and `zip_file_replace()`, +respectively, to add a flags argument. + +#### `zip_get_file_comment()` + +This function was replaced with `zip_file_get_comment()`; one argument was promoted from +`int` to `zip_uint32_t`, the other is now a `zip_flags_t`. + +#### `zip_set_file_comment()` + +This function was replaced with `zip_file_set_comment()`; an argument was promoted from +`int` to `zip_uint16_t`, and a `zip_flags_t` argument was added. + +### integer type size changes + +Some argument and return values were not the right size or sign. + +#### `zip_name_locate()` + +The return value was `int`, which can be too small. The function now returns `zip_int64_t`. + + +#### `zip_get_num_entries()` + +The return type is now signed, to allow signaling errors. + +#### `zip_set_archive_comment()` + +The last argument changed from `int` to `zip_uint16_t`. + +### extra field handling rewritten + +The `zip_get_file_extra()` and `zip_set_file_extra()` functions were removed. +They only worked on the whole extra field set. + +Instead, you can now set, get, count, and delete each extra field separately, +using the functions: +- `zip_file_extra_field_delete()` +- `zip_file_extra_field_delete_by_id()` +- `zip_file_extra_field_get()` +- `zip_file_extra_field_get_by_id()` +- `zip_file_extra_fields_count()` +- `zip_file_extra_fields_count_by_id()` +- `zip_file_extra_field_set()` + +Please read the corresponding man pages for details. + +### new functions + +#### `zip_discard()` + +The new `zip_discard()` function closes an archive without committing the +scheduled changes. + +#### `zip_set_file_compression()` + +The new `zip_set_file_compression()` function allows setting compression +levels for files. + +### argument changes + +#### file names + +File names arguments are now allowed to be `NULL` to have an empty file name. +This mostly affects `zip_file_add()`, `zip_dir_add()`, and `zip_file_rename()`. + +For `zip_get_name()`, `zip_file_get_comment()`, and `zip_get_archive_comment()`, if +the file name or comment is empty, a string of length 0 is returned. +`NULL` is returned for errors only. + +Previously, `NULL` was returned for empty/unset file names and comments and +errors, leaving no way to differentiate between the two.
  46. Download patch lib/gladman-fcrypt/fileenc.c

    --- 1.3.2-1/lib/gladman-fcrypt/fileenc.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/gladman-fcrypt/fileenc.c 1970-01-01 00:00:00.000000000 +0000 @@ -1,144 +0,0 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. - All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software in both source and binary - form is allowed (with or without changes) provided that: - - 1. distributions of this source code include the above copyright - notice, this list of conditions and the following disclaimer; - - 2. distributions in binary form include the above copyright - notice, this list of conditions and the following disclaimer - in the documentation and/or other associated materials; - - 3. the copyright holder's name is not used to endorse products - built using this software without specific written permission. - - ALTERNATIVELY, provided that this notice is retained in full, this product - may be distributed under the terms of the GNU General Public License (GPL), - in which case the provisions of the GPL apply INSTEAD OF those given above. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - ------------------------------------------------------------------------- - Issue Date: 24/01/2003 - - This file implements password based file encryption and authentication - using AES in CTR mode, HMAC-SHA1 authentication and RFC2898 password - based key derivation. - -*/ - -#include <memory.h> - -#include "fileenc.h" - -#if defined(__cplusplus) -extern "C" -{ -#endif - -/* subroutine for data encryption/decryption */ -/* this could be speeded up a lot by aligning */ -/* buffers and using 32 bit operations */ - -static void encr_data(unsigned char data[], unsigned long d_len, fcrypt_ctx cx[1]) - { unsigned long i = 0; - unsigned int pos = cx->encr_pos; - - while(i < d_len) - { - if(pos == BLOCK_SIZE) - { unsigned int j = 0; - /* increment encryption nonce */ - while(j < 8 && !++cx->nonce[j]) - ++j; - /* encrypt the nonce to form next xor buffer */ - aes_encrypt_block(cx->nonce, cx->encr_bfr, cx->encr_ctx); - pos = 0; - } - - data[i++] ^= cx->encr_bfr[pos++]; - } - - cx->encr_pos = pos; -} - -int _zip_fcrypt_init( - unsigned int mode, /* the mode to be used (input) */ - const unsigned char pwd[], /* the user specified password (input) */ - unsigned int pwd_len, /* the length of the password (input) */ - const unsigned char salt[], /* the salt (input) */ -#ifdef PASSWORD_VERIFIER - unsigned char pwd_ver[PWD_VER_LENGTH], /* 2 byte password verifier (output) */ -#endif - fcrypt_ctx cx[1]) /* the file encryption context (output) */ -{ unsigned char kbuf[2 * MAX_KEY_LENGTH + PWD_VER_LENGTH]; - - if(pwd_len > MAX_PWD_LENGTH) - return PASSWORD_TOO_LONG; - - if(mode < 1 || mode > 3) - return BAD_MODE; - - cx->mode = mode; - cx->pwd_len = pwd_len; - - /* derive the encryption and authetication keys and the password verifier */ - derive_key(pwd, pwd_len, salt, SALT_LENGTH(mode), KEYING_ITERATIONS, - kbuf, 2 * KEY_LENGTH(mode) + PWD_VER_LENGTH); - - /* initialise the encryption nonce and buffer pos */ - cx->encr_pos = BLOCK_SIZE; - /* if we need a random component in the encryption */ - /* nonce, this is where it would have to be set */ - memset(cx->nonce, 0, BLOCK_SIZE * sizeof(unsigned char)); - - /* initialise for encryption using key 1 */ - aes_set_encrypt_key(kbuf, KEY_LENGTH(mode), cx->encr_ctx); - - /* initialise for authentication using key 2 */ - hmac_sha1_begin(cx->auth_ctx); - hmac_sha1_key(kbuf + KEY_LENGTH(mode), KEY_LENGTH(mode), cx->auth_ctx); - -#ifdef PASSWORD_VERIFIER - memcpy(pwd_ver, kbuf + 2 * KEY_LENGTH(mode), PWD_VER_LENGTH); -#endif - - return GOOD_RETURN; -} - -/* perform 'in place' encryption and authentication */ - -void _zip_fcrypt_encrypt(unsigned char data[], unsigned int data_len, fcrypt_ctx cx[1]) -{ - encr_data(data, data_len, cx); - hmac_sha1_data(data, data_len, cx->auth_ctx); -} - -/* perform 'in place' authentication and decryption */ - -void _zip_fcrypt_decrypt(unsigned char data[], unsigned int data_len, fcrypt_ctx cx[1]) -{ - hmac_sha1_data(data, data_len, cx->auth_ctx); - encr_data(data, data_len, cx); -} - -/* close encryption/decryption and return the MAC value */ - -int _zip_fcrypt_end(unsigned char mac[], fcrypt_ctx cx[1]) -{ - hmac_sha1_end(mac, MAC_LENGTH(cx->mode), cx->auth_ctx); - return MAC_LENGTH(cx->mode); /* return MAC length in bytes */ -} - -#if defined(__cplusplus) -} -#endif
  47. Download patch lib/zip_file_strerror.c

    --- 1.3.2-1/lib/zip_file_strerror.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_file_strerror.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -36,7 +36,6 @@ ZIP_EXTERN const char * -zip_file_strerror(zip_file_t *zf) -{ +zip_file_strerror(zip_file_t *zf) { return zip_error_strerror(&zf->error); }
  48. Download patch lib/Makefile.in
  49. Download patch lib/CMakeLists.txt

    --- 1.3.2-1/lib/CMakeLists.txt 2017-10-06 12:27:24.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/CMakeLists.txt 2018-04-11 07:28:08.000000000 +0000 @@ -1,16 +1,17 @@ INCLUDE(CheckFunctionExists) -INSTALL(FILES zip.h DESTINATION include) +INSTALL(FILES zip.h DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}) + +SET(CMAKE_C_VISIBILITY_PRESET hidden) # from http://www.cmake.org/Wiki/CMakeMacroLibtoolFile MACRO(GET_TARGET_PROPERTY_WITH_DEFAULT _variable _target _property _default_value) + GET_TARGET_PROPERTY(${_variable} ${_target} ${_property}) + IF(${_variable} STREQUAL NOTFOUND) + SET(${_variable} ${_default_value}) + ENDIF() - GET_TARGET_PROPERTY (${_variable} ${_target} ${_property}) - IF (${_variable} STREQUAL NOTFOUND) - SET (${_variable} ${_default_value}) - ENDIF (${_variable} STREQUAL NOTFOUND) - -ENDMACRO (GET_TARGET_PROPERTY_WITH_DEFAULT) +ENDMACRO() MACRO(CREATE_LIBTOOL_FILE _target _install_DIR) GET_TARGET_PROPERTY(_target_location ${_target} LOCATION) @@ -48,16 +49,13 @@ MACRO(CREATE_LIBTOOL_FILE _target _insta FILE(APPEND ${_laname} "dlpreopen='${_target_dlpreopen}'\n") FILE(APPEND ${_laname} "# Directory that this library needs to be installed in:\n") FILE(APPEND ${_laname} "libdir='${CMAKE_INSTALL_PREFIX}/${_install_DIR}'\n") - INSTALL( FILES ${_laname} ${_soname} - DESTINATION ${CMAKE_INSTALL_PREFIX}${_install_DIR}) -ENDMACRO(CREATE_LIBTOOL_FILE) + INSTALL( FILES ${_laname} ${_soname} DESTINATION ${CMAKE_INSTALL_PREFIX}${_install_DIR}) +ENDMACRO() SET(LIBZIP_SOURCES - gladman-fcrypt.c zip_add.c zip_add_dir.c zip_add_entry.c - zip_algorithm_bzip2.c zip_algorithm_deflate.c zip_buffer.c zip_close.c @@ -122,6 +120,7 @@ SET(LIBZIP_SOURCES zip_set_file_compression.c zip_set_name.c zip_source_begin_write.c + zip_source_begin_write_cloning.c zip_source_buffer.c zip_source_call.c zip_source_close.c @@ -147,8 +146,6 @@ SET(LIBZIP_SOURCES zip_source_tell.c zip_source_tell_write.c zip_source_window.c - zip_source_winzip_aes_decode.c - zip_source_winzip_aes_encode.c zip_source_write.c zip_source_zip.c zip_source_zip_new.c @@ -166,41 +163,57 @@ SET(LIBZIP_SOURCES IF(WIN32) SET(LIBZIP_OPSYS_FILES - zip_random_win32.c - zip_source_win32a.c zip_source_win32handle.c zip_source_win32utf8.c zip_source_win32w.c ) + IF(CMAKE_SYSTEM_NAME MATCHES WindowsPhone OR CMAKE_SYSTEM_NAME MATCHES WindowsStore) + ELSE() + SET(LIBZIP_OPSYS_FILES "${LIBZIP_OPSYS_FILES}" + zip_source_win32a.c + ) + ENDIF() ELSE(WIN32) SET(LIBZIP_OPSYS_FILES - zip_random_unix.c zip_source_file.c ) ENDIF(WIN32) -INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR} - ${CMAKE_CURRENT_SOURCE_DIR}/gladman-fcrypt - ${CMAKE_CURRENT_BINARY_DIR}/..) - -# TODO: distribute instead? -#ADD_CUSTOM_COMMAND(OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/zip_err_str.c -# COMMAND sh ${CMAKE_CURRENT_SOURCE_DIR}/make_zip_err_str.sh -# ${CMAKE_CURRENT_SOURCE_DIR}/zip.h -# ${CMAKE_CURRENT_BINARY_DIR}/zip_err_str.c -# DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/zip.h -# ${CMAKE_CURRENT_SOURCE_DIR}/make_zip_err_str.sh -#) +INCLUDE_DIRECTORIES(BEFORE ${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_CURRENT_BINARY_DIR}/..) + +ADD_CUSTOM_TARGET(update_zip_err_str + COMMAND sh ${CMAKE_CURRENT_SOURCE_DIR}/make_zip_err_str.sh ${CMAKE_CURRENT_SOURCE_DIR}/zip.h ${CMAKE_CURRENT_SOURCE_DIR}/zip_err_str.c + DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/zip.h ${CMAKE_CURRENT_SOURCE_DIR}/make_zip_err_str.sh +) CHECK_FUNCTION_EXISTS(mkstemp HAVE_MKSTEMP) IF(NOT HAVE_MKSTEMP) SET(LIBZIP_EXTRA_FILES mkstemp.c) ENDIF(NOT HAVE_MKSTEMP) +IF(HAVE_LIBBZ2) + SET(LIBZIP_OPTIONAL_FILES zip_algorithm_bzip2.c) +ENDIF() + +IF(HAVE_COMMONCRYPTO) + SET(LIBZIP_OPTIONAL_FILES ${LIBZIP_OPTIONAL_FILES} zip_crypto_commoncrypto.c +) +ELSEIF(HAVE_GNUTLS) + SET(LIBZIP_OPTIONAL_FILES ${LIBZIP_OPTIONAL_FILES} zip_crypto_gnutls.c +) +ELSEIF(HAVE_OPENSSL) + SET(LIBZIP_OPTIONAL_FILES ${LIBZIP_OPTIONAL_FILES} zip_crypto_openssl.c +) +ENDIF() + +IF(HAVE_CRYPTO) + SET(LIBZIP_OPTIONAL_FILES ${LIBZIP_OPTIONAL_FILES} zip_winzip_aes.c zip_source_winzip_aes_decode.c zip_source_winzip_aes_encode.c +) +ENDIF() -ADD_LIBRARY(zip ${LIBZIP_SOURCES} ${LIBZIP_EXTRA_FILES} ${LIBZIP_OPSYS_FILES}) -SET_TARGET_PROPERTIES(zip PROPERTIES VERSION 3.0 SOVERSION 3 ) +ADD_LIBRARY(zip ${LIBZIP_SOURCES} ${LIBZIP_EXTRA_FILES} ${LIBZIP_OPTIONAL_FILES} ${LIBZIP_OPSYS_FILES}) +SET_TARGET_PROPERTIES(zip PROPERTIES VERSION 5.0 SOVERSION 5) TARGET_LINK_LIBRARIES(zip ${ZLIB_LIBRARY} ${OPTIONAL_LIBRARY}) INSTALL(TARGETS zip - RUNTIME DESTINATION bin - ARCHIVE DESTINATION lib - LIBRARY DESTINATION lib) + RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR} + ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR} + LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}) #CREATE_LIBTOOL_FILE(zip lib)
  50. Download patch lib/gladman-fcrypt/pwd2key.h

    --- 1.3.2-1/lib/gladman-fcrypt/pwd2key.h 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/gladman-fcrypt/pwd2key.h 1970-01-01 00:00:00.000000000 +0000 @@ -1,60 +0,0 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. - All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software in both source and binary - form is allowed (with or without changes) provided that: - - 1. distributions of this source code include the above copyright - notice, this list of conditions and the following disclaimer; - - 2. distributions in binary form include the above copyright - notice, this list of conditions and the following disclaimer - in the documentation and/or other associated materials; - - 3. the copyright holder's name is not used to endorse products - built using this software without specific written permission. - - ALTERNATIVELY, provided that this notice is retained in full, this product - may be distributed under the terms of the GNU General Public License (GPL), - in which case the provisions of the GPL apply INSTEAD OF those given above. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 24/01/2003 - - This is an implementation of RFC2898, which specifies key derivation from - a password and a salt value. -*/ - -#ifndef PWD2KEY_H -#define PWD2KEY_H - -#if defined(__cplusplus) -extern "C" -{ -#endif - -#ifdef BUILDING_FCRYPT -INTERNAL void derive_key( - const unsigned char pwd[], /* the PASSWORD, and */ - unsigned int pwd_len, /* its length */ - const unsigned char salt[], /* the SALT and its */ - unsigned int salt_len, /* length */ - unsigned int iter, /* the number of iterations */ - unsigned char key[], /* space for the output key */ - unsigned int key_len); /* and its required length */ -#endif - -#if defined(__cplusplus) -} -#endif - -#endif
  51. Download patch examples/windows-open.c

    --- 1.3.2-1/examples/windows-open.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/examples/windows-open.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -34,8 +34,7 @@ #include <zip.h> zip_t * -windows_open(const wchar_t *name, int flags) -{ +windows_open(const wchar_t *name, int flags) { zip_source_t *src; zip_t *za; zip_error_t error;
  52. Download patch configure
  53. Download patch lib/zip_file_add.c

    --- 1.3.2-1/lib/zip_file_add.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_file_add.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -36,18 +36,17 @@ /* NOTE: Return type is signed so we can return -1 on error. - The index can not be larger than ZIP_INT64_MAX since the size - of the central directory cannot be larger than - ZIP_UINT64_MAX, and each entry is larger than 2 bytes. + The index can not be larger than ZIP_INT64_MAX since the size + of the central directory cannot be larger than + ZIP_UINT64_MAX, and each entry is larger than 2 bytes. */ ZIP_EXTERN zip_int64_t -zip_file_add(zip_t *za, const char *name, zip_source_t *source, zip_flags_t flags) -{ +zip_file_add(zip_t *za, const char *name, zip_source_t *source, zip_flags_t flags) { if (name == NULL || source == NULL) { zip_error_set(&za->error, ZIP_ER_INVAL, 0); return -1; } - + return _zip_file_replace(za, ZIP_UINT64_MAX, name, source, flags); }
  54. Download patch debian/libzip5.symbols

    --- 1.3.2-1/debian/libzip5.symbols 2017-11-20 20:39:26.000000000 +0000 +++ 1.5.1-0ubuntu1/debian/libzip5.symbols 2018-04-03 10:51:36.000000000 +0000 @@ -1,5 +1,4 @@ libzip.so.5 libzip5 #MINVER# - zip_libzip_version@Base 1.3.2 zip_add@Base 0.10 zip_add_dir@Base 0.10 zip_close@Base 0.10 @@ -55,9 +54,11 @@ libzip.so.5 libzip5 #MINVER# zip_get_name@Base 0.10 zip_get_num_entries@Base 0.10 zip_get_num_files@Base 0.10 + zip_libzip_version@Base 1.5.0 zip_name_locate@Base 0.10 zip_open@Base 0.10 zip_open_from_source@Base 1.0 + zip_random@Base 1.5.0 zip_register_progress_callback@Base 1.3.0 zip_register_progress_callback_with_state@Base 1.3.0 zip_rename@Base 0.10 @@ -68,8 +69,11 @@ libzip.so.5 libzip5 #MINVER# zip_set_file_comment@Base 0.10 zip_set_file_compression@Base 0.11.2 zip_source_begin_write@Base 1.0 + zip_source_begin_write_cloning@Base 1.5.0 zip_source_buffer@Base 0.10 zip_source_buffer_create@Base 1.0 + zip_source_buffer_fragment@Base 1.5.0 + zip_source_buffer_fragment_create@Base 1.5.0 zip_source_close@Base 1.0 zip_source_commit_write@Base 1.0 zip_source_error@Base 1.0
  55. Download patch lib/zip_add.c

    --- 1.3.2-1/lib/zip_add.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_add.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -38,13 +38,12 @@ /* NOTE: Return type is signed so we can return -1 on error. - The index can not be larger than ZIP_INT64_MAX since the size - of the central directory cannot be larger than - ZIP_UINT64_MAX, and each entry is larger than 2 bytes. + The index can not be larger than ZIP_INT64_MAX since the size + of the central directory cannot be larger than + ZIP_UINT64_MAX, and each entry is larger than 2 bytes. */ ZIP_EXTERN zip_int64_t -zip_add(zip_t *za, const char *name, zip_source_t *source) -{ +zip_add(zip_t *za, const char *name, zip_source_t *source) { return zip_file_add(za, name, source, 0); }
  56. Download patch lib/gladman-fcrypt/fileenc.h

    --- 1.3.2-1/lib/gladman-fcrypt/fileenc.h 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/gladman-fcrypt/fileenc.h 1970-01-01 00:00:00.000000000 +0000 @@ -1,121 +0,0 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. - All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software in both source and binary - form is allowed (with or without changes) provided that: - - 1. distributions of this source code include the above copyright - notice, this list of conditions and the following disclaimer; - - 2. distributions in binary form include the above copyright - notice, this list of conditions and the following disclaimer - in the documentation and/or other associated materials; - - 3. the copyright holder's name is not used to endorse products - built using this software without specific written permission. - - ALTERNATIVELY, provided that this notice is retained in full, this product - may be distributed under the terms of the GNU General Public License (GPL), - in which case the provisions of the GPL apply INSTEAD OF those given above. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 24/01/2003 - - This file contains the header file for fileenc.c, which implements password - based file encryption and authentication using AES in CTR mode, HMAC-SHA1 - authentication and RFC2898 password based key derivation. -*/ - -#ifndef _FENC_H -#define _FENC_H - -#include "aes.h" -#include "hmac.h" -#include "pwd2key.h" - -#define PASSWORD_VERIFIER - -#define MAX_KEY_LENGTH 32 -#define MAX_PWD_LENGTH 128 -#define MAX_SALT_LENGTH 16 -#define KEYING_ITERATIONS 1000 - -#ifdef PASSWORD_VERIFIER -#define PWD_VER_LENGTH 2 -#else -#define PWD_VER_LENGTH 0 -#endif - -#define GOOD_RETURN 0 -#define PASSWORD_TOO_LONG -100 -#define BAD_MODE -101 - -/* - Field lengths (in bytes) versus File Encryption Mode (0 < mode < 4) - - Mode Key Salt MAC Overhead - 1 16 8 10 18 - 2 24 12 10 22 - 3 32 16 10 26 - - The following macros assume that the mode value is correct. -*/ - -#define KEY_LENGTH(mode) (8 * (mode & 3) + 8) -#define SALT_LENGTH(mode) (4 * (mode & 3) + 4) -#define MAC_LENGTH(mode) (10) - -/* the context for file encryption */ - -#if defined(__cplusplus) -extern "C" -{ -#endif - -typedef struct -{ unsigned char nonce[BLOCK_SIZE]; /* the CTR nonce */ - unsigned char encr_bfr[BLOCK_SIZE]; /* encrypt buffer */ - aes_ctx encr_ctx[1]; /* encryption context */ - hmac_ctx auth_ctx[1]; /* authentication context */ - unsigned int encr_pos; /* block position (enc) */ - unsigned int pwd_len; /* password length */ - unsigned int mode; /* File encryption mode */ -} fcrypt_ctx; - -/* initialise file encryption or decryption */ - -int _zip_fcrypt_init( - unsigned int mode, /* the mode to be used (input) */ - const unsigned char pwd[], /* the user specified password (input) */ - unsigned int pwd_len, /* the length of the password (input) */ - const unsigned char salt[], /* the salt (input) */ -#ifdef PASSWORD_VERIFIER - unsigned char pwd_ver[PWD_VER_LENGTH], /* 2 byte password verifier (output) */ -#endif - fcrypt_ctx cx[1]); /* the file encryption context (output) */ - -/* perform 'in place' encryption or decryption and authentication */ - -void _zip_fcrypt_encrypt(unsigned char data[], unsigned int data_len, fcrypt_ctx cx[1]); -void _zip_fcrypt_decrypt(unsigned char data[], unsigned int data_len, fcrypt_ctx cx[1]); - -/* close encryption/decryption and return the MAC value */ -/* the return value is the length of the MAC */ - -int _zip_fcrypt_end(unsigned char mac[], /* the MAC value (output) */ - fcrypt_ctx cx[1]); /* the context (input) */ - -#if defined(__cplusplus) -} -#endif - -#endif
  57. Download patch INSTALL
  58. Download patch .clang-format

    --- 1.3.2-1/.clang-format 1970-01-01 00:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/.clang-format 2018-04-11 07:28:08.000000000 +0000 @@ -0,0 +1,12 @@ +BasedOnStyle: LLVM +IndentWidth: 4 +ColumnLimit: 2000 +AlwaysBreakAfterReturnType: TopLevelDefinitions +KeepEmptyLinesAtTheStartOfBlocks: false +MaxEmptyLinesToKeep: 2 +BreakBeforeBraces: Custom +BraceWrapping: + BeforeElse: true +AlignEscapedNewlines: Left +UseTab: ForContinuationAndIndentation +#PPDirectiveIndentStyle: AfterHash
  59. Download patch lib/zip_extra_field_api.c
  60. Download patch lib/zip_delete.c

    --- 1.3.2-1/lib/zip_delete.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_delete.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -36,8 +36,7 @@ ZIP_EXTERN int -zip_delete(zip_t *za, zip_uint64_t idx) -{ +zip_delete(zip_t *za, zip_uint64_t idx) { const char *name; if (idx >= za->nentry) { @@ -50,7 +49,7 @@ zip_delete(zip_t *za, zip_uint64_t idx) return -1; } - if ((name=_zip_get_name(za, idx, 0, &za->error)) == NULL) { + if ((name = _zip_get_name(za, idx, 0, &za->error)) == NULL) { return -1; } @@ -67,4 +66,3 @@ zip_delete(zip_t *za, zip_uint64_t idx) return 0; } -
  61. Download patch examples/Makefile.am

    --- 1.3.2-1/examples/Makefile.am 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/examples/Makefile.am 1970-01-01 00:00:00.000000000 +0000 @@ -1,6 +0,0 @@ -noinst_PROGRAMS=in-memory - -in_memory_CPPFLAGS=-I${top_srcdir}/lib -I../lib -in_memory_LDADD=${top_builddir}/lib/libzip.la - -EXTRA_DIST= CMakeLists.txt windows-open.c
  62. Download patch cmake-config.h.in

    --- 1.3.2-1/cmake-config.h.in 2017-10-06 11:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/cmake-config.h.in 2018-04-11 07:28:08.000000000 +0000 @@ -19,12 +19,18 @@ #cmakedefine HAVE__STRTOUI64 #cmakedefine HAVE__UMASK #cmakedefine HAVE__UNLINK +#cmakedefine HAVE_CLONEFILE +#cmakedefine HAVE_COMMONCRYPTO +#cmakedefine HAVE_CRYPTO +#cmakedefine HAVE_FICLONERANGE #cmakedefine HAVE_FILENO #cmakedefine HAVE_FSEEKO #cmakedefine HAVE_FTELLO #cmakedefine HAVE_GETPROGNAME +#cmakedefine HAVE_GNUTLS #cmakedefine HAVE_LIBBZ2 #cmakedefine HAVE_OPEN +#cmakedefine HAVE_OPENSSL #cmakedefine HAVE_MKSTEMP #cmakedefine HAVE_SETMODE #cmakedefine HAVE_SNPRINTF @@ -50,14 +56,20 @@ #cmakedefine __INT64_LIBZIP ${__INT64_LIBZIP} #cmakedefine INT64_T_LIBZIP ${INT64_T_LIBZIP} #cmakedefine UINT64_T_LIBZIP ${UINT64_T_LIBZIP} +#cmakedefine SHORT_LIBZIP ${SHORT_LIBZIP} +#cmakedefine INT_LIBZIP ${INT_LIBZIP} +#cmakedefine LONG_LIBZIP ${LONG_LIBZIP} +#cmakedefine LONG_LONG_LIBZIP ${LONG_LONG_LIBZIP} #cmakedefine SIZEOF_OFF_T ${SIZEOF_OFF_T} #cmakedefine SIZE_T_LIBZIP ${SIZE_T_LIBZIP} #cmakedefine SSIZE_T_LIBZIP ${SSIZE_T_LIBZIP} #cmakedefine HAVE_DIRENT_H +#cmakedefine HAVE_FTS_H #cmakedefine HAVE_NDIR_H #cmakedefine HAVE_SYS_DIR_H #cmakedefine HAVE_SYS_NDIR_H #cmakedefine WORDS_BIGENDIAN +#cmakedefine HAVE_SHARED /* END DEFINES */ #define PACKAGE "@PACKAGE@" #define VERSION "@VERSION@"
  63. Download patch debian/patches/series

    --- 1.3.2-1/debian/patches/series 2017-11-20 20:39:26.000000000 +0000 +++ 1.5.1-0ubuntu1/debian/patches/series 2018-04-03 10:51:36.000000000 +0000 @@ -1 +0,0 @@ -# empty file
  64. Download patch debian/.gitignore

    --- 1.3.2-1/debian/.gitignore 2017-11-20 20:39:26.000000000 +0000 +++ 1.5.1-0ubuntu1/debian/.gitignore 1970-01-01 00:00:00.000000000 +0000 @@ -1,21 +0,0 @@ -autoreconf.after -autoreconf.before -files -libzip-dev.debhelper.log -libzip-dev.substvars -libzip-dev/ -libzip4.debhelper.log -libzip4.postinst.debhelper -libzip4.postrm.debhelper -libzip4.substvars -libzip4/ -tmp/ -zipcmp.debhelper.log -zipcmp.substvars -zipcmp/ -zipmerge.debhelper.log -zipmerge.substvars -zipmerge/ -ziptool.debhelper.log -ziptool.substvars -ziptool/
  65. Download patch lib/zip_fopen.c

    --- 1.3.2-1/lib/zip_fopen.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_fopen.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -36,11 +36,10 @@ ZIP_EXTERN zip_file_t * -zip_fopen(zip_t *za, const char *fname, zip_flags_t flags) -{ +zip_fopen(zip_t *za, const char *fname, zip_flags_t flags) { zip_int64_t idx; - if ((idx=zip_name_locate(za, fname, flags)) < 0) + if ((idx = zip_name_locate(za, fname, flags)) < 0) return NULL; return zip_fopen_index_encrypted(za, (zip_uint64_t)idx, flags, za->default_password);
  66. Download patch lib/zip_filerange_crc.c

    --- 1.3.2-1/lib/zip_filerange_crc.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_filerange_crc.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -37,10 +37,8 @@ #include "zipint.h" - int -_zip_filerange_crc(zip_source_t *src, zip_uint64_t start, zip_uint64_t len, uLong *crcp, zip_error_t *error) -{ +_zip_filerange_crc(zip_source_t *src, zip_uint64_t start, zip_uint64_t len, uLong *crcp, zip_error_t *error) { Bytef buf[BUFSIZE]; zip_int64_t n; @@ -55,7 +53,7 @@ _zip_filerange_crc(zip_source_t *src, zi _zip_error_set_from_source(error, src); return -1; } - + while (len > 0) { n = (zip_int64_t)(len > BUFSIZE ? BUFSIZE : len); if ((n = zip_source_read(src, buf, (zip_uint64_t)n)) < 0) {
  67. Download patch lib/gladman-fcrypt/aes.h

    --- 1.3.2-1/lib/gladman-fcrypt/aes.h 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/gladman-fcrypt/aes.h 1970-01-01 00:00:00.000000000 +0000 @@ -1,128 +0,0 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. - All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software in both source and binary - form is allowed (with or without changes) provided that: - - 1. distributions of this source code include the above copyright - notice, this list of conditions and the following disclaimer; - - 2. distributions in binary form include the above copyright - notice, this list of conditions and the following disclaimer - in the documentation and/or other associated materials; - - 3. the copyright holder's name is not used to endorse products - built using this software without specific written permission. - - ALTERNATIVELY, provided that this notice is retained in full, this product - may be distributed under the terms of the GNU General Public License (GPL), - in which case the provisions of the GPL apply INSTEAD OF those given above. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 24/01/2003 - - This file contains the definitions required to use AES and Rijndael in C. -*/ - -#ifndef _AES_H -#define _AES_H - -#if defined(__cplusplus) -extern "C" -{ -#if 0 -} -#endif -#endif - -/* If a table pointer is needed in the AES context, include the define */ -/* #define AES_TABLE_PTR */ - -#include "config.h" - -typedef zip_uint8_t aes_08t; -typedef zip_uint32_t aes_32t; - -/* This BLOCK_SIZE is in BYTES. It can have the values 16, 24, 32 or */ -/* undefined for use with aescrypt.c and aeskey.c, or 16, 20, 24, 28, */ -/* 32 or undefined for use with aescrypp.c and aeskeypp.c. When the */ -/* BLOCK_SIZE is left undefined a version that provides a dynamically */ -/* variable block size is produced but this is MUCH slower. */ - -#define BLOCK_SIZE 16 - -/* key schedule length (in 32-bit words) */ - -#if !defined(BLOCK_SIZE) -#define KS_LENGTH 128 -#else -#define KS_LENGTH (4 * BLOCK_SIZE) -#endif - -typedef unsigned int aes_fret; /* type for function return value */ -#define aes_bad 0 /* bad function return value */ -#define aes_good 1 /* good function return value */ -#ifndef AES_DLL /* implement normal or DLL functions */ -#define aes_rval aes_fret -#else -#define aes_rval aes_fret __declspec(dllexport) _stdcall -#endif - -typedef struct /* the AES context for encryption */ -{ aes_32t k_sch[KS_LENGTH]; /* the encryption key schedule */ - aes_32t n_rnd; /* the number of cipher rounds */ - aes_32t n_blk; /* the number of bytes in the state */ -#if defined(AES_TABLE_PTR) /* where global variables are not */ - void *t_ptr; /* available this pointer is used */ -#endif /* to point to the fixed tables */ -} aes_ctx; - -/* The block length (blen) is input in bytes when it is in the range */ -/* 16 <= blen <= 32 or in bits when in the range 128 <= blen <= 256 */ -/* Only 16 bytes (128 bits) is legal for AES but the files aescrypt.c */ -/* and aeskey.c provide support for 16, 24 and 32 byte (128, 192 and */ -/* 256 bit) blocks while aescrypp.c and aeskeypp.c provide support for */ -/* 16, 20, 24, 28 and 32 byte (128, 160, 192, 224 and 256 bit) blocks. */ -/* The value aes_good is returned if the requested block size is legal, */ -/* otherwise aes_bad is returned. */ - -#if !defined(BLOCK_SIZE) -INTERNAL aes_rval aes_set_block_size(unsigned int blen, aes_ctx cx[1]); -#endif - -/* The key length (klen) is input in bytes when it is in the range */ -/* 16 <= klen <= 32 or in bits when in the range 128 <= klen <= 256 */ -/* The files aescrypt.c and aeskey.c provide support for 16, 24 and */ -/* 32 byte (128, 192 and 256 bit) keys while aescrypp.c and aeskeypp.c */ -/* provide support for 16, 20, 24, 28 and 32 byte (128, 160, 192, 224 */ -/* and 256 bit) keys. The value aes_good is returned if the requested */ -/* key size is legal, otherwise aes_bad is returned. */ - -#ifdef BUILDING_FCRYPT -INTERNAL aes_rval aes_set_encrypt_key(const unsigned char in_key[], - unsigned int klen, aes_ctx cx[1]); -INTERNAL aes_rval aes_encrypt_block(const unsigned char in_blk[], - unsigned char out_blk[], const aes_ctx cx[1]); -#endif - -#if 0 /* not used */ -INTERNAL aes_rval aes_set_decrypt_key(const unsigned char in_key[], - unsigned int klen, aes_ctx cx[1]); -INTERNAL aes_rval aes_decrypt_block(const unsigned char in_blk[], - unsigned char out_blk[], const aes_ctx cx[1]); -#endif - -#if defined(__cplusplus) -} -#endif - -#endif
  68. Download patch lib/zip_buffer.c
  69. Download patch lib/zip_error_get_sys_type.c

    --- 1.3.2-1/lib/zip_error_get_sys_type.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_error_get_sys_type.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -36,8 +36,7 @@ ZIP_EXTERN int -zip_error_get_sys_type(int ze) -{ +zip_error_get_sys_type(int ze) { if (ze < 0 || ze >= _zip_nerr_str) return 0;
  70. Download patch lib/zip_file_error_clear.c

    --- 1.3.2-1/lib/zip_file_error_clear.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_file_error_clear.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -36,8 +36,7 @@ ZIP_EXTERN void -zip_file_error_clear(zip_file_t *zf) -{ +zip_file_error_clear(zip_file_t *zf) { if (zf == NULL) return;
  71. Download patch lib/zip_error_clear.c

    --- 1.3.2-1/lib/zip_error_clear.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_error_clear.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -36,8 +36,7 @@ ZIP_EXTERN void -zip_error_clear(zip_t *za) -{ +zip_error_clear(zip_t *za) { if (za == NULL) return;
  72. Download patch lib/gladman-fcrypt/aescrypt.c
  73. Download patch compile
  74. Download patch aclocal.m4
  75. Download patch lib/zip_file_replace.c

    --- 1.3.2-1/lib/zip_file_replace.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_file_replace.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -36,8 +36,7 @@ ZIP_EXTERN int -zip_file_replace(zip_t *za, zip_uint64_t idx, zip_source_t *source, zip_flags_t flags) -{ +zip_file_replace(zip_t *za, zip_uint64_t idx, zip_source_t *source, zip_flags_t flags) { if (idx >= za->nentry || source == NULL) { zip_error_set(&za->error, ZIP_ER_INVAL, 0); return -1; @@ -50,14 +49,12 @@ zip_file_replace(zip_t *za, zip_uint64_t } - /* NOTE: Signed due to -1 on error. See zip_add.c for more details. */ zip_int64_t -_zip_file_replace(zip_t *za, zip_uint64_t idx, const char *name, zip_source_t *source, zip_flags_t flags) -{ +_zip_file_replace(zip_t *za, zip_uint64_t idx, const char *name, zip_source_t *source, zip_flags_t flags) { zip_uint64_t za_nentry_prev; - + if (ZIP_IS_RDONLY(za)) { zip_error_set(&za->error, ZIP_ER_RDONLY, 0); return -1; @@ -66,21 +63,21 @@ _zip_file_replace(zip_t *za, zip_uint64_ za_nentry_prev = za->nentry; if (idx == ZIP_UINT64_MAX) { zip_int64_t i = -1; - + if (flags & ZIP_FL_OVERWRITE) i = _zip_name_locate(za, name, flags, NULL); if (i == -1) { /* create and use new entry, used by zip_add */ - if ((i=_zip_add_entry(za)) < 0) + if ((i = _zip_add_entry(za)) < 0) return -1; } idx = (zip_uint64_t)i; } - + if (name && _zip_set_name(za, idx, name, flags) != 0) { if (za->nentry != za_nentry_prev) { - _zip_entry_finalize(za->entry+idx); + _zip_entry_finalize(za->entry + idx); za->nentry = za_nentry_prev; } return -1; @@ -88,20 +85,20 @@ _zip_file_replace(zip_t *za, zip_uint64_ /* does not change any name related data, so we can do it here; * needed for a double add of the same file name */ - _zip_unchange_data(za->entry+idx); + _zip_unchange_data(za->entry + idx); if (za->entry[idx].orig != NULL && (za->entry[idx].changes == NULL || (za->entry[idx].changes->changed & ZIP_DIRENT_COMP_METHOD) == 0)) { - if (za->entry[idx].changes == NULL) { - if ((za->entry[idx].changes=_zip_dirent_clone(za->entry[idx].orig)) == NULL) { - zip_error_set(&za->error, ZIP_ER_MEMORY, 0); - return -1; - } - } + if (za->entry[idx].changes == NULL) { + if ((za->entry[idx].changes = _zip_dirent_clone(za->entry[idx].orig)) == NULL) { + zip_error_set(&za->error, ZIP_ER_MEMORY, 0); + return -1; + } + } - za->entry[idx].changes->comp_method = ZIP_CM_REPLACED_DEFAULT; - za->entry[idx].changes->changed |= ZIP_DIRENT_COMP_METHOD; + za->entry[idx].changes->comp_method = ZIP_CM_REPLACED_DEFAULT; + za->entry[idx].changes->changed |= ZIP_DIRENT_COMP_METHOD; } - + za->entry[idx].source = source; return (zip_int64_t)idx;
  76. Download patch debian/docs

    --- 1.3.2-1/debian/docs 2017-11-20 20:39:26.000000000 +0000 +++ 1.5.1-0ubuntu1/debian/docs 2018-04-03 10:51:36.000000000 +0000 @@ -1,3 +1,3 @@ -API-CHANGES +API-CHANGES.md README.md TODO.md
  77. Download patch lib/zip_file_get_external_attributes.c

    --- 1.3.2-1/lib/zip_file_get_external_attributes.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_file_get_external_attributes.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -34,11 +34,10 @@ #include "zipint.h" int -zip_file_get_external_attributes(zip_t *za, zip_uint64_t idx, zip_flags_t flags, zip_uint8_t *opsys, zip_uint32_t *attributes) -{ +zip_file_get_external_attributes(zip_t *za, zip_uint64_t idx, zip_flags_t flags, zip_uint8_t *opsys, zip_uint32_t *attributes) { zip_dirent_t *de; - if ((de=_zip_get_dirent(za, idx, flags, NULL)) == NULL) + if ((de = _zip_get_dirent(za, idx, flags, NULL)) == NULL) return -1; if (opsys)
  78. Download patch examples/Makefile.in
  79. Download patch lib/zip_error_strerror.c

    --- 1.3.2-1/lib/zip_error_strerror.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_error_strerror.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -40,8 +40,7 @@ ZIP_EXTERN const char * -zip_error_strerror(zip_error_t *err) -{ +zip_error_strerror(zip_error_t *err) { const char *zs, *ss; char buf[128], *s; @@ -54,7 +53,7 @@ zip_error_strerror(zip_error_t *err) } else { zs = _zip_err_str[err->zip_err]; - + switch (_zip_err_type[err->zip_err]) { case ZIP_ET_SYS: ss = strerror(err->sys_err); @@ -72,14 +71,10 @@ zip_error_strerror(zip_error_t *err) if (ss == NULL) return zs; else { - if ((s=(char *)malloc(strlen(ss) - + (zs ? strlen(zs)+2 : 0) + 1)) == NULL) + if ((s = (char *)malloc(strlen(ss) + (zs ? strlen(zs) + 2 : 0) + 1)) == NULL) return _zip_err_str[ZIP_ER_MEMORY]; - - sprintf(s, "%s%s%s", - (zs ? zs : ""), - (zs ? ": " : ""), - ss); + + sprintf(s, "%s%s%s", (zs ? zs : ""), (zs ? ": " : ""), ss); err->str = s; return s;
  80. Download patch lib/zip_entry.c

    --- 1.3.2-1/lib/zip_entry.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_entry.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -35,8 +35,7 @@ #include "zipint.h" void -_zip_entry_finalize(zip_entry_t *e) -{ +_zip_entry_finalize(zip_entry_t *e) { _zip_unchange_data(e); _zip_dirent_free(e->orig); _zip_dirent_free(e->changes); @@ -44,8 +43,7 @@ _zip_entry_finalize(zip_entry_t *e) void -_zip_entry_init(zip_entry_t *e) -{ +_zip_entry_init(zip_entry_t *e) { e->orig = NULL; e->changes = NULL; e->source = NULL;
  81. Download patch lib/zip_file_get_comment.c

    --- 1.3.2-1/lib/zip_file_get_comment.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_file_get_comment.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -37,16 +37,15 @@ /* lenp is 32 bit because converted comment can be longer than ZIP_UINT16_MAX */ ZIP_EXTERN const char * -zip_file_get_comment(zip_t *za, zip_uint64_t idx, zip_uint32_t *lenp, zip_flags_t flags) -{ +zip_file_get_comment(zip_t *za, zip_uint64_t idx, zip_uint32_t *lenp, zip_flags_t flags) { zip_dirent_t *de; zip_uint32_t len; const zip_uint8_t *str; - if ((de=_zip_get_dirent(za, idx, flags, NULL)) == NULL) + if ((de = _zip_get_dirent(za, idx, flags, NULL)) == NULL) return NULL; - if ((str=_zip_string_get(de->comment, &len, flags, &za->error)) == NULL) + if ((str = _zip_string_get(de->comment, &len, flags, &za->error)) == NULL) return NULL; if (lenp)
  82. Download patch lib/zip_close.c
  83. Download patch lib/compat.h

    --- 1.3.2-1/lib/compat.h 2017-10-06 11:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/compat.h 2018-04-11 07:28:08.000000000 +0000 @@ -3,7 +3,7 @@ /* compat.h -- compatibility defines. - Copyright (C) 1999-2016 Dieter Baron and Thomas Klausner + Copyright (C) 1999-2017 Dieter Baron and Thomas Klausner This file is part of libzip, a library to manipulate ZIP archives. The authors can be contacted at <libzip@nih.at> @@ -20,7 +20,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -34,6 +34,8 @@ IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include "zipconf.h" + #ifdef HAVE_CONFIG_H #include "config.h" #endif @@ -42,7 +44,11 @@ #define __STDC_LIMIT_MACROS #ifdef _WIN32 +#ifndef ZIP_EXTERN +#ifndef ZIP_STATIC #define ZIP_EXTERN __declspec(dllexport) +#endif +#endif /* for dup(), close(), etc. */ #include <io.h> #endif @@ -51,8 +57,8 @@ #include <stdbool.h> #else typedef char bool; -#define true 1 -#define false 0 +#define true 1 +#define false 0 #endif #include <errno.h> @@ -73,57 +79,57 @@ typedef char bool; #ifdef _WIN32 #if defined(HAVE__CHMOD) -#define chmod _chmod +#define chmod _chmod #endif #if defined(HAVE__CLOSE) -#define close _close +#define close _close #endif #if defined(HAVE__DUP) -#define dup _dup +#define dup _dup #endif /* crashes reported when using fdopen instead of _fdopen on Windows/Visual Studio 10/Win64 */ #if defined(HAVE__FDOPEN) -#define fdopen _fdopen +#define fdopen _fdopen #endif #if !defined(HAVE_FILENO) && defined(HAVE__FILENO) -#define fileno _fileno +#define fileno _fileno #endif /* Windows' open() doesn't understand Unix permissions */ #if defined(HAVE__OPEN) -#define open(a, b, c) _open((a), (b)) +#define open(a, b, c) _open((a), (b)) #endif #if defined(HAVE__SNPRINTF) -#define snprintf _snprintf +#define snprintf _snprintf #endif #if defined(HAVE__STRDUP) #if !defined(HAVE_STRDUP) || defined(_WIN32) #undef strdup -#define strdup _strdup +#define strdup _strdup #endif #endif #if !defined(HAVE__SETMODE) && defined(HAVE_SETMODE) -#define _setmode setmode +#define _setmode setmode #endif #if !defined(HAVE_STRTOLL) && defined(HAVE__STRTOI64) -#define strtoll _strtoi64 +#define strtoll _strtoi64 #endif #if !defined(HAVE_STRTOULL) && defined(HAVE__STRTOUI64) -#define strtoull _strtoui64 +#define strtoull _strtoui64 #endif #if defined(HAVE__UMASK) -#define umask _umask +#define umask _umask #endif #if defined(HAVE__UNLINK) -#define unlink _unlink +#define unlink _unlink #endif #endif #ifndef HAVE_FSEEKO -#define fseeko(s, o, w) (fseek((s), (long int)(o), (w))) +#define fseeko(s, o, w) (fseek((s), (long int)(o), (w))) #endif #ifndef HAVE_FTELLO -#define ftello(s) ((long)ftell((s))) +#define ftello(s) ((long)ftell((s))) #endif #ifndef HAVE_MKSTEMP @@ -133,9 +139,9 @@ int _zip_mkstemp(char *); #if !defined(HAVE_STRCASECMP) #if defined(HAVE__STRICMP) -#define strcasecmp _stricmp +#define strcasecmp _stricmp #elif defined(HAVE_STRICMP) -#define strcasecmp stricmp +#define strcasecmp stricmp #endif #endif @@ -190,7 +196,7 @@ int _zip_mkstemp(char *); #endif #ifndef S_ISDIR -#define S_ISDIR(mode) (((mode) & S_IFMT) == S_IFDIR) +#define S_ISDIR(mode) (((mode)&S_IFMT) == S_IFDIR) #endif #endif /* compat.h */
  84. Download patch appveyor.yml

    --- 1.3.2-1/appveyor.yml 1970-01-01 00:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/appveyor.yml 2018-04-11 07:28:08.000000000 +0000 @@ -0,0 +1,57 @@ +os: +- Visual Studio 2017 +environment: + matrix: + - GENERATOR: "Visual Studio 15 2017 Win64" + TRIPLET: x64-windows + CMAKE_OPTS: "-DBUILD_SHARED_LIBS=off" + - GENERATOR: "Visual Studio 15 2017" + TRIPLET: x86-windows + CMAKE_OPTS: "-DBUILD_SHARED_LIBS=off" + - GENERATOR: "Visual Studio 15 2017 ARM" + TRIPLET: arm-windows + CMAKE_OPTS: "-DENABLE_OPENSSL=off" + - GENERATOR: "Visual Studio 15 2017" + TRIPLET: x86-uwp + CMAKE_OPTS: "-DCMAKE_SYSTEM_NAME=WindowsStore" + - GENERATOR: "Visual Studio 15 2017 Win64" + TRIPLET: x64-uwp + CMAKE_OPTS: "-DCMAKE_SYSTEM_NAME=WindowsStore" + - GENERATOR: "Visual Studio 15 2017 ARM" + TRIPLET: arm-uwp + CMAKE_OPTS: "-DCMAKE_SYSTEM_NAME=WindowsStore -DENABLE_OPENSSL=off" + - GENERATOR: "Visual Studio 15 2017" + TRIPLET: arm64-windows + CMAKE_OPTS: "-AARM64 -DENABLE_OPENSSL=off" + - GENERATOR: "Visual Studio 15 2017" + TRIPLET: arm64-uwp + CMAKE_OPTS: "-AARM64 -DCMAKE_SYSTEM_NAME=WindowsStore -DENABLE_OPENSSL=off" +before_build: + cmd: >- + git clone https://github.com/Microsoft/vcpkg + + cd vcpkg + + .\bootstrap-vcpkg.bat + + .\vcpkg integrate install + + .\vcpkg install zlib:%TRIPLET% bzip2:%TRIPLET% + + cd .. + + mkdir build + + cd build + + cmake -DCMAKE_TOOLCHAIN_FILE=%cd%/../vcpkg/scripts/buildsystems/vcpkg.cmake .. -G "%GENERATOR%" %CMAKE_OPTS% + + appveyor PushArtifact config.h + + appveyor PushArtifact CMakeCache.txt + +build_script: + cmd: >- + cmake --build . --config Release --target INSTALL + + cmake --build . --config Debug --target INSTALL
  85. Download patch API-CHANGES

    --- 1.3.2-1/API-CHANGES 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/API-CHANGES 1970-01-01 00:00:00.000000000 +0000 @@ -1,159 +0,0 @@ -* libzip API changes - -This file describes changes in the libzip API and how to adapt your -code for them. - -You can define ZIP_DISABLE_DEPRECATED before including <zip.h> to hide -prototypes for deprecated functions, to find out about functions that -might be removed at some point. - -* 1.0 - -** new type zip_error_t - -Error information is stored in the newly public type zip_error_t. Use -this to access information about an error, instead of the deprecated -functions that operated on two ints. - -deprecated functions: zip_error_get_sys_type(), zip_error_get(), -zip_error_to_str(), zip_file_error_get() - -See their man pages for instructions on how to replace them. - -The most common affected use is zip_open. The new recommended usage -is: - -int err; -if ((za = zip_open(archive, flags, &err)) == NULL) { - zip_error_t error; - zip_error_init_with_code(&error, err); - fprintf(stderr, "can't open zip archive '%s': %s\n", archive, zip_error_strerror(&error)); - zip_error_fini(&error); -} - -** more typedefs - -The following typedefs have been added for better readability: - -typedef struct zip zip_t; -typedef struct zip_file zip_file_t; -typedef struct zip_source zip_source_t; -typedef struct zip_stat zip_stat_t; - -This means you can use "zip_t" instead of "struct zip", etc. - - -** torrentzip support removed - -torrentzip depends on a particular zlib version which is by now quite -old. - -* 0.11 - -** new type zip_flags_t - -The functions which have flags now use the zip_flags_t type for this. -All old flags fit; you need code only to adapt if you were saving flags in a -local variable. Use zip_flags_t for such a variable. -This affects: -zip_fopen() -zip_fopen_encrypted() -zip_fopen_index() -zip_fopen_index_encrypted() -zip_get_archive_comment() -zip_get_archive_flag() -zip_get_num_entries() -zip_get_name() -zip_name_locate() -zip_set_archive_flag() -zip_source_zip() -zip_stat() -zip_stat_index() - -*** ZIP_FL_*, ZIP_AFL_*, ZIP_STAT_* are now unsigned constants - -To match the new zip_flags_t type. - -*** zip_add(), zip_add_dir() - -These functions were replaced with zip_file_add() and zip_dir_add(), respectively, -to add a flags argument. - -*** zip_rename(), zip_replace() - -These functions were replaced with zip_file_rename() and zip_file_replace(), -respectively, to add a flags argument. - -*** zip_get_file_comment() - -This function was replaced with zip_file_get_comment(); one argument was promoted from -int to zip_uint32_t, the other is now a zip_flags_t. - -*** zip_set_file_comment() - -This function was replaced with zip_file_set_comment(); an argument was promoted from -int to zip_uint16_t, and a zip_flags_t argument was added. - -** integer type size changes - -Some argument and return values were not the right size or sign. - -*** zip_name_locate() - -The return value was int, which can be too small. The function now returns zip_int64_t. - - -*** zip_get_num_entries() - -The return type is now signed, to allow signaling errors. - -*** zip_set_archive_comment() - -The last argument changed from int to zip_uint16_t. - -** extra field handling rewritten - -The zip_get_file_extra() and zip_set_file_extra() functions were removed. -They only worked on the whole extra field set. - -Instead, you can now set, get, count, and delete each extra field separately, -using the functions: -zip_file_extra_field_delete() -zip_file_extra_field_delete_by_id() -zip_file_extra_field_get() -zip_file_extra_field_get_by_id() -zip_file_extra_fields_count() -zip_file_extra_fields_count_by_id() -zip_file_extra_field_set() -Please read the corresponding man pages for details. - -** new functions - -*** zip_discard() - -The new zip_discard() function closes an archive without committing the -scheduled changes. - -*** zip_set_file_compression() - -The new zip_set_file_compression() function allows setting compression -levels for files. - -** argument changes - -*** file names - -File names arguments are now allowed to be NULL to have an empty file name. -This mostly affects zip_file_add(), zip_dir_add(), and zip_file_rename(). - -For zip_get_name(), zip_file_get_comment(), and zip_get_archive_comment(), if -the file name or comment is empty, a string of length 0 is returned. -NULL is returned for errors only. - -Previously, NULL was returned for empty/unset file names and comments and -errors, leaving no way to differentiate between the two. - -/* Local Variables: */ -/* mode: org */ -/* End: */ -
  86. Download patch lib/zip_algorithm_deflate.c

    --- 1.3.2-1/lib/zip_algorithm_deflate.c 2017-04-02 09:36:06.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_algorithm_deflate.c 2018-04-11 07:28:08.000000000 +0000 @@ -157,7 +157,8 @@ end(void *ud) { } -static bool input(void *ud, zip_uint8_t *data, zip_uint64_t length) { +static bool +input(void *ud, zip_uint8_t *data, zip_uint64_t length) { struct ctx *ctx = (struct ctx *)ud; if (length > UINT_MAX || ctx->zstr.avail_in > 0) { @@ -172,7 +173,8 @@ static bool input(void *ud, zip_uint8_t } -static void end_of_input(void *ud) { +static void +end_of_input(void *ud) { struct ctx *ctx = (struct ctx *)ud; ctx->end_of_input = true; @@ -217,6 +219,7 @@ process(void *ud, zip_uint8_t *data, zip } } +// clang-format off zip_compression_algorithm_t zip_algorithm_deflate_compress = { compress_allocate, @@ -240,3 +243,5 @@ zip_compression_algorithm_t zip_algorith end_of_input, process }; + +// clang-format on
  87. Download patch lib/gladman-fcrypt.c

    --- 1.3.2-1/lib/gladman-fcrypt.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/gladman-fcrypt.c 1970-01-01 00:00:00.000000000 +0000 @@ -1,44 +0,0 @@ -/* - gladman-fcrypt.c -- wrapper functions for Dr Gladman's AES functions - Copyright (C) 2016 Dieter Baron and Thomas Klausner - - This file is part of libzip, a library to manipulate ZIP archives. - The authors can be contacted at <libzip@nih.at> - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions - are met: - 1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in - the documentation and/or other materials provided with the - distribution. - 3. The names of the authors may not be used to endorse or promote - products derived from this software without specific prior - written permission. - - THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS - OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY - DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE - GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER - IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN - IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -*/ - -#define BUILDING_FCRYPT - -#include "gladman-fcrypt.h" - -#include "gladman-fcrypt/aescrypt.c" -#include "gladman-fcrypt/aeskey.c" -#include "gladman-fcrypt/aestab.c" -#include "gladman-fcrypt/fileenc.c" -#include "gladman-fcrypt/hmac.c" -#include "gladman-fcrypt/pwd2key.c" -#include "gladman-fcrypt/sha1.c"
  88. Download patch FindNettle.cmake

    --- 1.3.2-1/FindNettle.cmake 1970-01-01 00:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/FindNettle.cmake 2018-04-11 07:28:08.000000000 +0000 @@ -0,0 +1,23 @@ +# - Find Nettle +# Find the Nettle include directory and library +# +# NETTLE_INCLUDE_DIR - where to find <nettle/sha.h>, etc. +# NETTLE_LIBRARIES - List of libraries when using libnettle. +# NETTLE_FOUND - True if libnettle found. + +IF (NETTLE_INCLUDE_DIR) + # Already in cache, be silent + SET(NETTLE_FIND_QUIETLY TRUE) +ENDIF (NETTLE_INCLUDE_DIR) + +FIND_PATH(NETTLE_INCLUDE_DIR nettle/md5.h nettle/ripemd160.h nettle/sha.h) +FIND_LIBRARY(NETTLE_LIBRARY NAMES nettle libnettle) + +# handle the QUIETLY and REQUIRED arguments and set NETTLE_FOUND to TRUE if +# all listed variables are TRUE +INCLUDE(FindPackageHandleStandardArgs) +FIND_PACKAGE_HANDLE_STANDARD_ARGS(NETTLE DEFAULT_MSG NETTLE_LIBRARY NETTLE_INCLUDE_DIR) + +IF(NETTLE_FOUND) + SET(NETTLE_LIBRARIES ${NETTLE_LIBRARY}) +ENDIF(NETTLE_FOUND)
  89. Download patch config.h.in
  90. Download patch lib/zip_error.c

    --- 1.3.2-1/lib/zip_error.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_error.c 2018-04-11 07:28:08.000000000 +0000 @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,24 +49,21 @@ zip_error_code_zip(const zip_error_t *er ZIP_EXTERN void -zip_error_fini(zip_error_t *err) -{ +zip_error_fini(zip_error_t *err) { free(err->str); err->str = NULL; } ZIP_EXTERN void -zip_error_init(zip_error_t *err) -{ +zip_error_init(zip_error_t *err) { err->zip_err = ZIP_ER_OK; err->sys_err = 0; err->str = NULL; } ZIP_EXTERN void -zip_error_init_with_code(zip_error_t *error, int ze) -{ +zip_error_init_with_code(zip_error_t *error, int ze) { zip_error_init(error); error->zip_err = ze; switch (zip_error_system_type(error)) { @@ -77,22 +74,21 @@ zip_error_init_with_code(zip_error_t *er default: error->sys_err = 0; break; - } + } } ZIP_EXTERN int zip_error_system_type(const zip_error_t *error) { if (error->zip_err < 0 || error->zip_err >= _zip_nerr_str) - return ZIP_ET_NONE; - + return ZIP_ET_NONE; + return _zip_err_type[error->zip_err]; } void -_zip_error_clear(zip_error_t *err) -{ +_zip_error_clear(zip_error_t *err) { if (err == NULL) return; @@ -102,16 +98,18 @@ _zip_error_clear(zip_error_t *err) void -_zip_error_copy(zip_error_t *dst, const zip_error_t *src) -{ +_zip_error_copy(zip_error_t *dst, const zip_error_t *src) { + if (dst == NULL) { + return; + } + dst->zip_err = src->zip_err; dst->sys_err = src->sys_err; } void -_zip_error_get(const zip_error_t *err, int *zep, int *sep) -{ +_zip_error_get(const zip_error_t *err, int *zep, int *sep) { if (zep) *zep = err->zip_err; if (sep) { @@ -124,8 +122,7 @@ _zip_error_get(const zip_error_t *err, i void -zip_error_set(zip_error_t *err, int ze, int se) -{ +zip_error_set(zip_error_t *err, int ze, int se) { if (err) { err->zip_err = ze; err->sys_err = se; @@ -134,22 +131,20 @@ zip_error_set(zip_error_t *err, int ze, void -_zip_error_set_from_source(zip_error_t *err, zip_source_t *src) -{ +_zip_error_set_from_source(zip_error_t *err, zip_source_t *src) { _zip_error_copy(err, zip_source_error(src)); } zip_int64_t -zip_error_to_data(const zip_error_t *error, void *data, zip_uint64_t length) -{ +zip_error_to_data(const zip_error_t *error, void *data, zip_uint64_t length) { int *e = (int *)data; - - if (length < sizeof(int)*2) { - return -1; + + if (length < sizeof(int) * 2) { + return -1; } - + e[0] = zip_error_code_zip(error); e[1] = zip_error_code_system(error); - return sizeof(int)*2; + return sizeof(int) * 2; }
  91. Download patch debian/libzip5.lintian-overrides

    --- 1.3.2-1/debian/libzip5.lintian-overrides 1970-01-01 00:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/debian/libzip5.lintian-overrides 2018-04-03 10:51:36.000000000 +0000 @@ -0,0 +1,2 @@ +#libzip is BSD licensed only the Debian packging is GPLv3 +libzip5: possible-gpl-code-linked-with-openssl
  92. Download patch lib/zip_file_set_encryption.c

    --- 1.3.2-1/lib/zip_file_set_encryption.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_file_set_encryption.c 2018-04-11 07:28:08.000000000 +0000 @@ -1,6 +1,6 @@ /* zip_file_set_encryption.c -- set encryption for file in archive - Copyright (C) 2016 Dieter Baron and Thomas Klausner + Copyright (C) 2016-2017 Dieter Baron and Thomas Klausner This file is part of libzip, a library to manipulate ZIP archives. The authors can be contacted at <libzip@nih.at> @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -38,8 +38,7 @@ #include <string.h> ZIP_EXTERN int -zip_file_set_encryption(zip_t *za, zip_uint64_t idx, zip_uint16_t method, const char *password) -{ +zip_file_set_encryption(zip_t *za, zip_uint64_t idx, zip_uint16_t method, const char *password) { zip_entry_t *e; zip_uint16_t old_method; @@ -58,10 +57,10 @@ zip_file_set_encryption(zip_t *za, zip_u return -1; } - e = za->entry+idx; - + e = za->entry + idx; + old_method = (e->orig == NULL ? ZIP_EM_NONE : e->orig->encryption_method); - + if (method == old_method && password == NULL) { if (e->changes) { if (e->changes->changed & ZIP_DIRENT_PASSWORD) { @@ -69,7 +68,7 @@ zip_file_set_encryption(zip_t *za, zip_u free(e->changes->password); e->changes->password = (e->orig == NULL ? NULL : e->orig->password); } - e->changes->changed &= ~(ZIP_DIRENT_ENCRYPTION_METHOD|ZIP_DIRENT_PASSWORD); + e->changes->changed &= ~(ZIP_DIRENT_ENCRYPTION_METHOD | ZIP_DIRENT_PASSWORD); if (e->changes->changed == 0) { _zip_dirent_free(e->changes); e->changes = NULL; @@ -85,20 +84,20 @@ zip_file_set_encryption(zip_t *za, zip_u return -1; } } - - if (e->changes == NULL) { - if ((e->changes=_zip_dirent_clone(e->orig)) == NULL) { + + if (e->changes == NULL) { + if ((e->changes = _zip_dirent_clone(e->orig)) == NULL) { if (our_password) { _zip_crypto_clear(our_password, strlen(our_password)); } free(our_password); - zip_error_set(&za->error, ZIP_ER_MEMORY, 0); - return -1; - } - } + zip_error_set(&za->error, ZIP_ER_MEMORY, 0); + return -1; + } + } - e->changes->encryption_method = method; - e->changes->changed |= ZIP_DIRENT_ENCRYPTION_METHOD; + e->changes->encryption_method = method; + e->changes->changed |= ZIP_DIRENT_ENCRYPTION_METHOD; if (password) { e->changes->password = our_password; e->changes->changed |= ZIP_DIRENT_PASSWORD; @@ -112,6 +111,6 @@ zip_file_set_encryption(zip_t *za, zip_u } } } - + return 0; }
  93. Download patch INSTALL.md

    --- 1.3.2-1/INSTALL.md 1970-01-01 00:00:00.000000000 +0000 +++ 1.5.1-0ubuntu1/INSTALL.md 2018-04-11 07:28:08.000000000 +0000 @@ -0,0 +1,43 @@ +libzip uses [cmake](https://cmake.org) to build. + +For running the tests, you need to have [perl](https://www.perl.org). + +You'll need [zlib](http://www.zlib.net/) (at least version 1.1.2). It +comes with most operating systems. + +For supporting bzip2-compressed zip archives, you need +[bzip2](http://bzip.org/). + +For AES (encryption) support, you need one of these cryptographic libraries, +listed in order of preference: + +- Apple's CommonCrypto (available on macOS and iOS) +- [OpenSSL](https://www.openssl.org/) +- [GnuTLS](https://www.gnutls.org/). + +If you don't want a library even if it is installed, you can +pass `-DENABLE_<LIBRARY>=OFF` to cmake, where `<LIBRARY>` is one of +`COMMONCRYPTO`, `OPENSSL`, or `GNUTLS`. + +The basic usage is +```sh +mkdir build +cd build +cmake .. +make +make test +make install +``` + +Some useful parameters you can pass to `cmake` with `-Dparameter=value`: + +- `BUILD_SHARED_LIBS`: set to `ON` or `OFF` to enable/disable building + of shared libraries, defaults to `ON` +- `CMAKE_INSTALL_PREFIX`: for setting the installation path +- `DOCUMENTATION_FORMAT`: choose one of 'man', 'mdoc', and 'html' for + the installed documentation (default: decided by cmake depending on + available tools) + +You can get verbose build output with by passing `VERBOSE=1` to `make`. + +You can also check the [cmake FAQ](https://cmake.org/Wiki/CMake_FAQ).
  94. Download patch debian/copyright
  95. Download patch lib/zip_file_get_offset.c

    --- 1.3.2-1/lib/zip_file_get_offset.c 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_file_get_offset.c 2018-04-11 07:28:08.000000000 +0000 @@ -1,6 +1,6 @@ /* zip_file_get_offset.c -- get offset of file data in archive. - Copyright (C) 1999-2016 Dieter Baron and Thomas Klausner + Copyright (C) 1999-2017 Dieter Baron and Thomas Klausner This file is part of libzip, a library to manipulate ZIP archives. The authors can be contacted at <libzip@nih.at> @@ -17,7 +17,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -35,8 +35,8 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> -#include <sys/types.h> #include <sys/stat.h> +#include <sys/types.h> #include "zipint.h" @@ -48,11 +48,15 @@ */ zip_uint64_t -_zip_file_get_offset(const zip_t *za, zip_uint64_t idx, zip_error_t *error) -{ +_zip_file_get_offset(const zip_t *za, zip_uint64_t idx, zip_error_t *error) { zip_uint64_t offset; zip_int32_t size; + if (za->entry[idx].orig == NULL) { + zip_error_set(error, ZIP_ER_INTERNAL, 0); + return 0; + } + offset = za->entry[idx].orig->offset; if (zip_source_seek(za->src, (zip_int64_t)offset, SEEK_SET) < 0) { @@ -61,13 +65,56 @@ _zip_file_get_offset(const zip_t *za, zi } /* TODO: cache? */ - if ((size=_zip_dirent_size(za->src, ZIP_EF_LOCAL, error)) < 0) + if ((size = _zip_dirent_size(za->src, ZIP_EF_LOCAL, error)) < 0) return 0; - if (offset+(zip_uint32_t)size > ZIP_INT64_MAX) { - zip_error_set(error, ZIP_ER_SEEK, EFBIG); - return 0; + if (offset + (zip_uint32_t)size > ZIP_INT64_MAX) { + zip_error_set(error, ZIP_ER_SEEK, EFBIG); + return 0; } - + return offset + (zip_uint32_t)size; } + +zip_uint64_t +_zip_file_get_end(const zip_t *za, zip_uint64_t index, zip_error_t *error) { + zip_uint64_t offset; + zip_dirent_t *entry; + + if ((offset = _zip_file_get_offset(za, index, error)) == 0) { + return 0; + } + + entry = za->entry[index].orig; + + if (offset + entry->comp_size < offset || offset + entry->comp_size > ZIP_INT64_MAX) { + zip_error_set(error, ZIP_ER_SEEK, EFBIG); + return 0; + } + offset += entry->comp_size; + + if (entry->bitflags & ZIP_GPBF_DATA_DESCRIPTOR) { + zip_uint8_t buf[4]; + if (zip_source_seek(za->src, (zip_int64_t)offset, SEEK_SET) < 0) { + _zip_error_set_from_source(error, za->src); + return 0; + } + if (zip_source_read(za->src, buf, 4) != 4) { + _zip_error_set_from_source(error, za->src); + return 0; + } + if (memcmp(buf, DATADES_MAGIC, 4) == 0) { + offset += 4; + } + offset += 12; + if (_zip_dirent_needs_zip64(entry, 0)) { + offset += 8; + } + if (offset > ZIP_INT64_MAX) { + zip_error_set(error, ZIP_ER_SEEK, EFBIG); + return 0; + } + } + + return offset; +}
  96. Download patch lib/gladman-fcrypt.h

    --- 1.3.2-1/lib/gladman-fcrypt.h 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/gladman-fcrypt.h 1970-01-01 00:00:00.000000000 +0000 @@ -1,49 +0,0 @@ -/* - gladman-fcrypt.h -- wrapper functions for Dr Gladman's AES functions - Copyright (C) 2016 Dieter Baron and Thomas Klausner - - This file is part of libzip, a library to manipulate ZIP archives. - The authors can be contacted at <libzip@nih.at> - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions - are met: - 1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in - the documentation and/or other materials provided with the - distribution. - 3. The names of the authors may not be used to endorse or promote - products derived from this software without specific prior - written permission. - - THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS - OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY - DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE - GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER - IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN - IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -*/ - -#ifndef HAD_GLADMAN_FCRYPT_H -#define HAD_GLADMAN_FCRYPT_H - -/* implementation fetched from - * http://173.254.28.24/~brgladma//oldsite/cryptography_technology/fileencrypt/files.zip - * - * Files dated 01-27-2004 except main.c dated 11-18-2008. - */ - -#include "zipint.h" - -#define INTERNAL static - -#include "fileenc.h" - -#endif /* HAD_GLADMAN_FCRYPT_H */
  97. Download patch lib/gladman-fcrypt/Makefile.am

    --- 1.3.2-1/lib/gladman-fcrypt/Makefile.am 2017-03-24 09:22:29.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/gladman-fcrypt/Makefile.am 1970-01-01 00:00:00.000000000 +0000 @@ -1,14 +0,0 @@ -EXTRA_DIST= \ - aes.h \ - aescrypt.c \ - aeskey.c \ - aesopt.h \ - aestab.c \ - fileenc.c \ - fileenc.h \ - hmac.c \ - hmac.h \ - pwd2key.c \ - pwd2key.h \ - sha1.c \ - sha1.h
  98. Download patch lib/mkstemp.c
  99. Download patch lib/zip_algorithm_bzip2.c

    --- 1.3.2-1/lib/zip_algorithm_bzip2.c 2017-04-02 09:38:42.000000000 +0000 +++ 1.5.1-0ubuntu1/lib/zip_algorithm_bzip2.c 2018-04-11 07:28:08.000000000 +0000 @@ -33,8 +33,6 @@ #include "zipint.h" -#if defined(HAVE_LIBBZ2) - #include <bzlib.h> #include <limits.h> #include <stdlib.h> @@ -128,7 +126,6 @@ map_error(int ret) { default: return ZIP_ER_INTERNAL; } - } static bool @@ -143,7 +140,6 @@ start(void *ud) { if (ctx->compress) { ret = BZ2_bzCompressInit(&ctx->zstr, ctx->compression_flags, 0, 30); - } else { ret = BZ2_bzDecompressInit(&ctx->zstr, 0, 0); @@ -179,7 +175,8 @@ end(void *ud) { } -static bool input(void *ud, zip_uint8_t *data, zip_uint64_t length) { +static bool +input(void *ud, zip_uint8_t *data, zip_uint64_t length) { struct ctx *ctx = (struct ctx *)ud; if (length > UINT_MAX || ctx->zstr.avail_in > 0) { @@ -194,7 +191,8 @@ static bool input(void *ud, zip_uint8_t } -static void end_of_input(void *ud) { +static void +end_of_input(void *ud) { struct ctx *ctx = (struct ctx *)ud; ctx->end_of_input = true; @@ -228,7 +226,7 @@ process(void *ud, zip_uint8_t *data, zip case BZ_FINISH_OK: /* compression */ return ZIP_COMPRESSION_OK; - case BZ_OK: /* decompression */ + case BZ_OK: /* decompression */ case BZ_RUN_OK: /* compression */ if (ctx->zstr.avail_in == 0) { return ZIP_COMPRESSION_NEED_DATA; @@ -244,6 +242,7 @@ process(void *ud, zip_uint8_t *data, zip } } +// clang-format off zip_compression_algorithm_t zip_algorithm_bzip2_compress = { compress_allocate, @@ -268,8 +267,4 @@ zip_compression_algorithm_t zip_algorith process }; -#else - -static int dummy; - -#endif /* HAVE_LIBBZ2 */ +// clang-format on
  100. Download patch depcomp
  101. ...
  1. libzip