Bug#1043440: bookworm-pu: package slbackup-php/0.4.5-4+deb12u1
Mike Gabriel
sunweaver at debian.org
Fri Aug 11 08:07:46 BST 2023
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian.org at packages.debian.org
Usertags: pu
X-Debbugs-Cc: slbackup-php at packages.debian.org, debian-edu at lists.debian.org
Control: affects -1 + src:slbackup-php
As part of the effort of getting Debian Edu 12 ready for release (whilst
having all fixes/changes/features shipped in Debian 12) we have fixed the
Skolelinux Backup Tools's PHP frontend.
[ Reason ]
slbackup-php 0.4.5-4 produces main warnings and failures when running under
PHP 8.x. This upload fixes those problems.
[ Impact ]
slbackup / slbackup-php are mostly use on Debian Edu system. For Debian
Edu, this fixes the (rather old) backup utility shipped on its main
server installation.
Not much impact for non-Debian-Edu users is to be expected.
[ Tests ]
Manual tests in webbrowser on a Debian Edu mainserver.
[ Risks ]
Not much risk for non-Debian-Edu users is to be expected.
In Debian Edu, slbackup-php could be even more broken (stuff we haven't
spotted). Of course, also regressions are possible.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
[ Changes ]
+ [ Guido Berhörster ]
+ * debian/patches:
+ + Add 1007_log_remote_commands_to_stderr.patch in order to log to stderr.
+ + Add 1006_disable-ssh-known-hosts.patch disabling SSH known hosts files.
+ + Add 1005_fix-typo.patch fixing an exception on login. (Closes: #1042824).
+ + Add 1004_fix-php-warnings.patch fixing PHP warnings.
+ + Add 1003_php8-compat.patch fixing PHP 8 compatibility.
+ + Fix string splitting in 1002_php7-compat.patch. Use explode() instead of
+ preg_split(), the latter needs delimiters for the regex and returns false
+ if there was no match which breaks the existing code.
[ Other info ]
This p-u is part of the upcoming Debian Edu 12 release and is required to get
Debian Edu fully functional in Debian 12.
-------------- next part --------------
diff -Nru slbackup-php-0.4.5/debian/changelog slbackup-php-0.4.5/debian/changelog
--- slbackup-php-0.4.5/debian/changelog 2018-06-02 23:54:47.000000000 +0200
+++ slbackup-php-0.4.5/debian/changelog 2023-08-10 18:02:58.000000000 +0200
@@ -1,3 +1,18 @@
+slbackup-php (0.4.5-4+deb12u1) bookworm; urgency=medium
+
+ [ Guido Berhörster ]
+ * debian/patches:
+ + Add 1007_log_remote_commands_to_stderr.patch in order to log to stderr.
+ + Add 1006_disable-ssh-known-hosts.patch disabling SSH known hosts files.
+ + Add 1005_fix-typo.patch fixing an exception on login. (Closes: #1042824).
+ + Add 1004_fix-php-warnings.patch fixing PHP warnings.
+ + Add 1003_php8-compat.patch fixing PHP 8 compatibility.
+ + Fix string splitting in 1002_php7-compat.patch. Use explode() instead of
+ preg_split(), the latter needs delimiters for the regex and returns false
+ if there was no match which breaks the existing code.
+
+ -- Mike Gabriel <sunweaver at debian.org> Thu, 10 Aug 2023 18:02:58 +0200
+
slbackup-php (0.4.5-4) unstable; urgency=medium
* debian/watch:
diff -Nru slbackup-php-0.4.5/debian/patches/1002_php7-compat.patch slbackup-php-0.4.5/debian/patches/1002_php7-compat.patch
--- slbackup-php-0.4.5/debian/patches/1002_php7-compat.patch 2018-06-02 23:54:47.000000000 +0200
+++ slbackup-php-0.4.5/debian/patches/1002_php7-compat.patch 2023-08-10 18:02:58.000000000 +0200
@@ -1,4 +1,4 @@
-Description: Make slbackup-php PHP7 compatible (use preg_split instead of split)
+Description: Make slbackup-php PHP7 compatible (use explode instead of split)
Author: Wolfgang Schweer <wschweer at arcor.de>
--- a/src/functions.php
@@ -8,7 +8,7 @@
$lang_accept = explode (",", $_SERVER['HTTP_ACCEPT_LANGUAGE']);
for ($i = 0 ; $i < count ($lang_accept) ; $i++ ) {
- $lang_accept[$i] = split(";", $lang_accept[$i]) ;
-+ $lang_accept[$i] = preg_split(';', $lang_accept[$i]) ;
++ $lang_accept[$i] = explode(';', $lang_accept[$i]) ;
$lang_accept[$i] = $lang_accept[$i][0] ;
}
@@ -17,14 +17,14 @@
$locales_utf8 = array();
if (isset($found_locale) && !empty($lang_accept[0])) {
- $found_locale_tuple = split('_', $found_locale);
-+ $found_locale_tuple = preg_split('_', $found_locale);
++ $found_locale_tuple = explode('_', $found_locale);
if (count($found_locale_tuple) > 1) {
$locales[] = $found_locale;
$locales_utf8[] = $found_locale.'.UTF-8';
}
foreach ($lang_accept as $lang) {
- $lang_tuple = split('-',$lang);
-+ $lang_tuple = preg_split('-',$lang);
++ $lang_tuple = explode('-',$lang);
if (count($lang_tuple) > 1) {
$language = strtolower($lang_tuple[0]);
$country = strtoupper($lang_tuple[1]);
diff -Nru slbackup-php-0.4.5/debian/patches/1003_php8-compat.patch slbackup-php-0.4.5/debian/patches/1003_php8-compat.patch
--- slbackup-php-0.4.5/debian/patches/1003_php8-compat.patch 1970-01-01 01:00:00.000000000 +0100
+++ slbackup-php-0.4.5/debian/patches/1003_php8-compat.patch 2023-08-10 18:02:58.000000000 +0200
@@ -0,0 +1,16 @@
+From: Guido Berhoerster <guido at berhoerster.name>
+Subject: Add compatibility with PHP 8
+
+crypt() reuires a salt in PHP 8.
+
+--- slbackup-php.orig/src/index.php
++++ slbackup-php/src/index.php
+@@ -695,7 +695,7 @@ if (empty ($config)) {
+ }
+
+ if (empty($encrypt) || empty ($xorstring)) {
+- $encrypt = crypt(strrev(sprintf (gettimeofday (true)))) ;
++ $encrypt = crypt('', strrev(sprintf (gettimeofday (true)))) ;
+ $_SESSION['encrypt'] = $encrypt ;
+ $xorstring = xorstring ($encrypt, $passwd) ;
+ }
diff -Nru slbackup-php-0.4.5/debian/patches/1004_fix-php-warnings.patch slbackup-php-0.4.5/debian/patches/1004_fix-php-warnings.patch
--- slbackup-php-0.4.5/debian/patches/1004_fix-php-warnings.patch 1970-01-01 01:00:00.000000000 +0100
+++ slbackup-php-0.4.5/debian/patches/1004_fix-php-warnings.patch 2023-08-10 18:02:58.000000000 +0200
@@ -0,0 +1,73 @@
+From: Guido Berhoerster <guido at berhoerster.name>
+Subject: Fix PHP warnings
+
+Fix use of uninitialized variables and non-existing array keys.
+
+---
+ src/index.php | 3 +++
+ 1 file changed, 3 insertions(+)
+
+--- slbackup-php.orig/src/index.php
++++ slbackup-php/src/index.php
+@@ -475,6 +475,8 @@ global $backuphost, $backupuser, $backup
+ function readconf ($passwd) {
+ global $backuphost, $backupuser, $backupconf, $ssh_options, $ssh_askpass ;
+
++ $config = array() ;
++
+ $cmd = sprintf ("ssh %s %s@%s cat %s",
+ $ssh_options, $backupuser,
+ $backuphost, $backupconf) ;
+@@ -556,7 +558,9 @@ global $backuphost, $backupuser, $logfil
+ fprintf ($pipes[0], "%s\n", $passwd) ;
+ fclose ($pipes[0]) ;
+ while ($line = fgets ($pipes[1], 1024)) {
+- list ($timestamp, $info) = explode (" - ", trim($line)) ;
++ $parts = explode (" - ", trim($line)) ;
++ $timestamp = $parts[0];
++ $info = $parts[1] ?? null;
+ if ($info == "Starting slbackup:")
+ $log["start"] = strtotime($timestamp) ;
+ elseif ($info == "Finished slbackup.")
+@@ -611,6 +615,8 @@ foreach ($_COOKIE as $key => $value) {
+ }
+
+ # Fetch arguments passed as the script is executed
++$nonhttps = '' ;
++$submit = '';
+ foreach ($arguments as $key => $value) {
+ switch ($key) {
+ case "smarty_templ":
+@@ -901,7 +907,7 @@ switch ($submit) {
+ case "restorelocation":
+ $smarty->assign ('loc', $loc) ;
+ $smarty->assign ('location', $newconf["location"]) ;
+- $smarty->assign ('sub', $newconf["sub"]) ;
++ $smarty->assign ('sub', $newconf["sub"] ?? '') ;
+ case "restoreclient":
+ case "restore":
+ $clients = array_keys($config["clients"]) ;
+@@ -916,7 +922,7 @@ switch ($submit) {
+ case "maint":
+ $clients = array_keys($config["clients"]) ;
+ $smarty->assign ('clients', $clients) ;
+- $smarty->assign ('client', $client) ;
++ $smarty->assign ('client', $client ?? '') ;
+ $smarty->display ('maint.tpl') ;
+ break ;
+ case "config":
+--- slbackup-php.orig/src/functions.php
++++ slbackup-php/src/functions.php
+@@ -24,9 +24,9 @@ function loadConfig () {
+
+ @include_once ("/etc/slbackup-php/config.php") ;
+
+- if (empty ($nonhttps)) $nonhttps = $_COOKIE ['nonhttps'] ;
+- if (empty ($smarty_templ)) $smarty_templ = $_COOKIE ['smarty_templ'] ;
+- if (empty ($smarty_compile)) $smarty_compile = $_COOKIE ['smarty_compile'] ;
++ $nonhttps ??= $_COOKIE ['nonhttps'] ?? '' ;
++ $smarty_templ ??= $_COOKIE ['smarty_templ'] ?? null ;
++ $smarty_compile ??= $_COOKIE ['smarty_compile'] ?? null ;
+
+ if (empty ($backuphost)) $backuphost="localhost" ;
+ if (empty ($backupuser)) $backupuser="root" ;
diff -Nru slbackup-php-0.4.5/debian/patches/1005_fix-typo.patch slbackup-php-0.4.5/debian/patches/1005_fix-typo.patch
--- slbackup-php-0.4.5/debian/patches/1005_fix-typo.patch 1970-01-01 01:00:00.000000000 +0100
+++ slbackup-php-0.4.5/debian/patches/1005_fix-typo.patch 2023-08-10 18:02:58.000000000 +0200
@@ -0,0 +1,13 @@
+From: Guido Berhoerster <guido at berhoerster.name>
+Subject: Fix typo causing an exception with PHP 8
+--- slbackup-php.orig/src/index.php
++++ slbackup-php/src/index.php
+@@ -45,7 +45,7 @@ global $backuphost, $backupuser, $ssh_op
+ proc_close ($proc) ;
+ }
+ foreach ($config["clients"] as $key => $value) {
+- if ($key["type"] <> "local") {
++ if ($value["type"] <> "local") {
+ $out["clients"][$key]["ssh"] = "failed" ;
+ $cmd = sprintf ("ssh %s %s@%s 'ssh %s echo ssh ok \; rdiff-backup --version'",
+ $ssh_options, $backupuser,
diff -Nru slbackup-php-0.4.5/debian/patches/1006_disable-ssh-known-hosts.patch slbackup-php-0.4.5/debian/patches/1006_disable-ssh-known-hosts.patch
--- slbackup-php-0.4.5/debian/patches/1006_disable-ssh-known-hosts.patch 1970-01-01 01:00:00.000000000 +0100
+++ slbackup-php-0.4.5/debian/patches/1006_disable-ssh-known-hosts.patch 2023-08-10 18:02:58.000000000 +0200
@@ -0,0 +1,14 @@
+From: Guido Berhoerster <guido at berhoerster.name>
+Subject: Do not attempt to write a SSH KnownHosts file
+
+--- slbackup-php.orig/src/functions.php
++++ slbackup-php/src/functions.php
+@@ -32,7 +32,7 @@ function loadConfig () {
+ if (empty ($backupuser)) $backupuser="root" ;
+ if (empty ($backupconf)) $backupconf="/etc/slbackup/slbackup.conf" ;
+ if (empty ($backupcron)) $backupcron="/etc/cron.d/slbackup" ;
+- if (empty ($ssh_options)) $ssh_options="-o StrictHostKeyChecking=no" ;
++ if (empty ($ssh_options)) $ssh_options="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" ;
+ if (empty ($logfile)) $logfile="/var/log/slbackup/slbackup.log" ;
+
+ switch ($nonhttps) {
diff -Nru slbackup-php-0.4.5/debian/patches/1007_log_remote_commands_to_stderr.patch slbackup-php-0.4.5/debian/patches/1007_log_remote_commands_to_stderr.patch
--- slbackup-php-0.4.5/debian/patches/1007_log_remote_commands_to_stderr.patch 1970-01-01 01:00:00.000000000 +0100
+++ slbackup-php-0.4.5/debian/patches/1007_log_remote_commands_to_stderr.patch 2023-08-10 18:02:58.000000000 +0200
@@ -0,0 +1,101 @@
+From: Guido Berhoerster <guido at berhoerster.name>
+Subject: Do not log to /tmp/error.log but stderr, the webserver error log
+
+--- slbackup-php.orig/src/index.php
++++ slbackup-php/src/index.php
+@@ -25,7 +25,6 @@ global $backuphost, $backupuser, $ssh_op
+ $out = array () ;
+ $desc[0] = array ("pipe", "r") ;
+ $desc[1] = array ("pipe", "w") ;
+- $desc[2] = array ("file", "/tmp/error.log", "a") ;
+
+ $env = array ('SSH_ASKPASS' => $ssh_askpass,
+ 'DISPLAY' => ':nowhere') ;
+@@ -78,7 +77,6 @@ global $backuphost, $backupuser, $ssh_op
+ $snapshots = array () ;
+ $desc[0] = array ("pipe", "r") ;
+ $desc[1] = array ("pipe", "w") ;
+- $desc[2] = array ("file", "/tmp/error.log", "a") ;
+
+ $env = array ('SSH_ASKPASS' => $ssh_askpass,
+ 'DISPLAY' => ':nowhere') ;
+@@ -105,7 +103,6 @@ global $backuphost, $backupuser, $ssh_op
+ $snapshots = array () ;
+ $desc[0] = array ("pipe", "r") ;
+ $desc[1] = array ("pipe", "w") ;
+- $desc[2] = array ("file", "/tmp/error.log", "a") ;
+
+ $env = array ('SSH_ASKPASS' => $ssh_askpass,
+ 'DISPLAY' => ':nowhere') ;
+@@ -132,7 +129,6 @@ global $backuphost, $backupuser, $ssh_op
+
+ $desc[0] = array ("pipe", "r") ;
+ $desc[1] = array ("pipe", "w") ;
+- $desc[2] = array ("file", "/tmp/error.log", "a") ;
+
+ $env = array ('SSH_ASKPASS' => $ssh_askpass,
+ 'DISPLAY' => ':nowhere') ;
+@@ -151,7 +147,6 @@ global $backuphost, $backupuser, $ssh_op
+
+ $desc[0] = array ("pipe", "r") ;
+ $desc[1] = array ("pipe", "w") ;
+- $desc[2] = array ("file", "/tmp/error.log", "a") ;
+
+ $env = array ('SSH_ASKPASS' => $ssh_askpass,
+ 'DISPLAY' => ':nowhere') ;
+@@ -209,7 +204,6 @@ global $backuphost, $backupuser, $ssh_op
+
+ $desc[0] = array ("pipe", "r") ;
+ $desc[1] = array ("pipe", "w") ;
+- $desc[2] = array ("file", "/tmp/error.log", "a") ;
+
+ $env = array ('SSH_ASKPASS' => $ssh_askpass,
+ 'DISPLAY' => ':nowhere') ;
+@@ -279,7 +273,6 @@ global $backuphost, $backupuser, $ssh_op
+
+ $desc[0] = array ("pipe", "r") ;
+ $desc[1] = array ("pipe", "w") ;
+- $desc[2] = array ("file", "/tmp/error.log", "a") ;
+
+ $env = array ('SSH_ASKPASS' => $ssh_askpass,
+ 'DISPLAY' => ':nowhere') ;
+@@ -377,7 +370,6 @@ global $backuphost, $backupuser, $backup
+
+ $desc[0] = array ("pipe", "r") ;
+ $desc[1] = array ("pipe", "w") ;
+- $desc[2] = array ("file", "/tmp/error.log", "a") ;
+
+ $env = array ('SSH_ASKPASS' => $ssh_askpass,
+ 'DISPLAY' => ':nowhere') ;
+@@ -402,7 +394,6 @@ global $backuphost, $backupuser, $backup
+
+ $desc[0] = array ("pipe", "r") ;
+ $desc[1] = array ("pipe", "w") ;
+- $desc[2] = array ("file", "/tmp/error.log", "a") ;
+
+ $env = array ('SSH_ASKPASS' => $ssh_askpass,
+ 'DISPLAY' => ':nowhere') ;
+@@ -458,7 +449,6 @@ global $backuphost, $backupuser, $backup
+
+ $desc[0] = array ("pipe", "r") ;
+ $desc[1] = array ("pipe", "w") ;
+- $desc[2] = array ("file", "/tmp/error.log", "a") ;
+
+ $env = array ('SSH_ASKPASS' => $ssh_askpass,
+ 'DISPLAY' => ':nowhere') ;
+@@ -483,7 +473,6 @@ global $backuphost, $backupuser, $backup
+
+ $desc[0] = array ("pipe", "r") ;
+ $desc[1] = array ("pipe", "w") ;
+- $desc[2] = array ("file", "/tmp/error.log", "a") ;
+
+ $env = array ('SSH_ASKPASS' => $ssh_askpass,
+ 'DISPLAY' => ':nowhere') ;
+@@ -549,7 +538,6 @@ global $backuphost, $backupuser, $logfil
+
+ $desc[0] = array ("pipe", "r") ;
+ $desc[1] = array ("pipe", "w") ;
+- $desc[2] = array ("file", "/tmp/error.log", "a") ;
+
+ $env = array ('SSH_ASKPASS' => $ssh_askpass,
+ 'DISPLAY' => ':nowhere') ;
diff -Nru slbackup-php-0.4.5/debian/patches/series slbackup-php-0.4.5/debian/patches/series
--- slbackup-php-0.4.5/debian/patches/series 2018-06-02 23:54:47.000000000 +0200
+++ slbackup-php-0.4.5/debian/patches/series 2023-08-10 18:02:58.000000000 +0200
@@ -1,2 +1,7 @@
1001_adapt-to-apache24.patch
1002_php7-compat.patch
+1003_php8-compat.patch
+1004_fix-php-warnings.patch
+1005_fix-typo.patch
+1006_disable-ssh-known-hosts.patch
+1007_log_remote_commands_to_stderr.patch
More information about the Debian-edu-pkg-team
mailing list