diffstat for nagios-nrpe-3.2.0 nagios-nrpe-3.2.0

 changelog                          |   41 +++++++++++++++
 control                            |    3 -
 patches/11_reproducible_dh.h.patch |   98 ++++++++++++++++---------------------
 rules                              |    3 -
 4 files changed, 90 insertions(+), 55 deletions(-)

diff -Nru nagios-nrpe-3.2.0/debian/changelog nagios-nrpe-3.2.0/debian/changelog
--- nagios-nrpe-3.2.0/debian/changelog	2017-07-14 14:51:12.000000000 +0000
+++ nagios-nrpe-3.2.0/debian/changelog	2017-09-05 14:26:58.000000000 +0000
@@ -1,3 +1,27 @@
+nagios-nrpe (3.2.0-4ubuntu2) artful; urgency=medium
+
+  * Update 11_reproducible_dh.h.patch to build with libssl 1.0.x
+    (LP: #1715167)
+
+ -- Balint Reczey <rbalint@ubuntu.com>  Tue, 05 Sep 2017 14:26:58 +0000
+
+nagios-nrpe (3.2.0-4ubuntu1) artful; urgency=medium
+
+  * Merge with Debian unstable. Remaining changes:
+    - debian/rules : Add "--enable-command-args". (LP #1555258) This
+      update enables the command-args support in nrpe by not ignoring
+      option "dont_blame_nrpe=1". By default, the option is set as
+      follow : "dont_blame_nrpe=0", which has the same effect of having
+      the command-args support disabled at compile time like Debian
+      does.  Ubuntu has decided to deviate from Debian upstream for that
+      particular case to allow/unblock the Ubuntu users of nrpe to make
+      the choice for themselves whether to accept the security risks
+      that the feature involve by manually enabling command-args in
+      nrpe.cfg or not.  For more details as of why Debian has decided to
+      disable the feature can be found in debian/NEWS. (closes #756479)
+
+ -- Nishanth Aravamudan <nish.aravamudan@canonical.com>  Thu, 10 Aug 2017 16:51:24 -0700
+
 nagios-nrpe (3.2.0-4) unstable; urgency=medium
 
   * Add upstream patch to turn seteuid errors into warnings.
@@ -65,6 +89,23 @@
 
  -- Bas Couwenberg <sebastic@debian.org>  Wed, 19 Apr 2017 19:28:05 +0200
 
+nagios-nrpe (3.0.1-3ubuntu1) artful; urgency=medium
+
+  * debian/rules : Add "--enable-command-args". (LP: #1555258)
+    This update enables the command-args support in nrpe 
+    by not ignoring option "dont_blame_nrpe=1". By default, 
+    the option is set as follow : "dont_blame_nrpe=0", which 
+    has the same effect of having the command-args support 
+    disabled at compile time like Debian does. Ubuntu has decided 
+    to deviate from Debian upstream for that particular case to 
+    allow/unblock the Ubuntu users of nrpe to make the choice for 
+    themselves whether to accept the security risks that the feature 
+    involve by manually enabling command-args in nrpe.cfg or not. 
+    For more details as of why Debian has decided to disable the 
+    feature can be found in debian/NEWS. (closes: #756479)
+
+ -- Eric Desrochers <eric.desrochers@canonical.com>  Tue, 02 May 2017 08:32:36 -0400
+
 nagios-nrpe (3.0.1-3) unstable; urgency=medium
 
   * Add reload command to systemd service file.
diff -Nru nagios-nrpe-3.2.0/debian/control nagios-nrpe-3.2.0/debian/control
--- nagios-nrpe-3.2.0/debian/control	2017-07-14 14:50:19.000000000 +0000
+++ nagios-nrpe-3.2.0/debian/control	2017-08-10 23:51:24.000000000 +0000
@@ -1,5 +1,6 @@
 Source: nagios-nrpe
-Maintainer: Debian Nagios Maintainer Group <pkg-nagios-devel@lists.alioth.debian.org>
+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
+XSBC-Original-Maintainer: Debian Nagios Maintainer Group <pkg-nagios-devel@lists.alioth.debian.org>
 Uploaders: Bas Couwenberg <sebastic@debian.org>
 Section: net
 Priority: optional
diff -Nru nagios-nrpe-3.2.0/debian/patches/11_reproducible_dh.h.patch nagios-nrpe-3.2.0/debian/patches/11_reproducible_dh.h.patch
--- nagios-nrpe-3.2.0/debian/patches/11_reproducible_dh.h.patch	2017-07-08 16:53:03.000000000 +0000
+++ nagios-nrpe-3.2.0/debian/patches/11_reproducible_dh.h.patch	2017-09-05 14:26:58.000000000 +0000
@@ -3,64 +3,56 @@
 Bug-Debian: https://bugs.debian.org/834857
 Forwarded: not-needed
 
+Index: nagios-nrpe-3.2.0/include/dh.h
+===================================================================
 --- /dev/null
-+++ b/include/dh.h
-@@ -0,0 +1,53 @@
++++ nagios-nrpe-3.2.0/include/dh.h
+@@ -0,0 +1,41 @@
 +#ifndef HEADER_DH_H
-+# include <openssl/dh.h>
++#include <openssl/dh.h>
 +#endif
-+
 +DH *get_dh2048()
-+{
-+    static unsigned char dhp_2048[] = {
-+	0xD0, 0x0A, 0x1E, 0x0E, 0x73, 0xE5, 0x51, 0xC3, 0x6C, 0xAA, 
-+	0x7F, 0x6B, 0x9C, 0x9D, 0x47, 0x26, 0xAA, 0x25, 0x2B, 0x73, 
-+	0xCD, 0x93, 0x94, 0xA2, 0xEA, 0x56, 0x14, 0xD4, 0x42, 0x48, 
-+	0x21, 0x61, 0xF9, 0xA1, 0xB7, 0x88, 0xA7, 0xDA, 0x8B, 0xD8, 
-+	0xFF, 0x12, 0x8D, 0x50, 0x2D, 0x1D, 0x40, 0xAB, 0xFD, 0x97, 
-+	0x89, 0x18, 0x1D, 0x57, 0x69, 0xD3, 0x68, 0xBF, 0x68, 0xA1, 
-+	0x20, 0xAD, 0x80, 0xFF, 0xB4, 0xE3, 0xC6, 0xC9, 0x5A, 0x62, 
-+	0x23, 0x39, 0x45, 0x79, 0x8D, 0x03, 0x45, 0x55, 0xEB, 0xCA, 
-+	0x34, 0x37, 0x44, 0x4B, 0x9C, 0xFF, 0x3B, 0xA7, 0xA4, 0xD3, 
-+	0x2A, 0xD6, 0x96, 0x41, 0x6C, 0x58, 0x19, 0x9E, 0x89, 0xD3, 
-+	0xB9, 0x36, 0xB0, 0x07, 0xD2, 0x9C, 0xFE, 0xFD, 0x3E, 0x4E, 
-+	0x38, 0x71, 0x2C, 0xB2, 0xE8, 0x54, 0x83, 0x8A, 0xFA, 0x57, 
-+	0xE2, 0x2B, 0x62, 0xD6, 0x0D, 0x66, 0x01, 0xE2, 0x46, 0xAD, 
-+	0x64, 0x5B, 0x57, 0x5C, 0xED, 0x43, 0x97, 0x58, 0xA9, 0x93, 
-+	0x4C, 0xCA, 0xAC, 0x4C, 0xB1, 0xBB, 0xD0, 0xDC, 0xF8, 0xEC, 
-+	0x4A, 0x5A, 0xBB, 0xF5, 0x44, 0x70, 0x69, 0xC4, 0x51, 0xA8, 
-+	0x0D, 0x47, 0x59, 0x19, 0x57, 0x7A, 0x71, 0x3D, 0x65, 0xB7, 
-+	0x55, 0x27, 0x87, 0x44, 0xC0, 0x45, 0x87, 0xA7, 0x0B, 0x73, 
-+	0x8D, 0x31, 0xFD, 0xE5, 0xA2, 0xDA, 0x99, 0x6D, 0xC0, 0x51, 
-+	0xA3, 0x63, 0x73, 0x76, 0x91, 0x38, 0x5C, 0x57, 0x0B, 0x26, 
-+	0x08, 0xC1, 0x66, 0x9F, 0x2D, 0xBE, 0x86, 0x44, 0x1B, 0xD2, 
-+	0x40, 0x07, 0xB5, 0x7D, 0x15, 0x4A, 0xDA, 0x5F, 0x89, 0xE9, 
-+	0xE7, 0x48, 0xDE, 0x0E, 0x3A, 0xA9, 0xF5, 0x60, 0x3C, 0x32, 
-+	0x08, 0x40, 0xAF, 0xF0, 0x83, 0x74, 0xB3, 0x97, 0x44, 0x2E, 
-+	0x2F, 0xE8, 0x67, 0x70, 0xA2, 0xAC, 0x94, 0xD9, 0x75, 0xBF, 
-+	0x4F, 0x75, 0x8B, 0x2A, 0x1B, 0x1B
-+    };
-+    static unsigned char dhg_2048[] = {
-+	0x02
-+    };
-+    DH *dh = DH_new();
-+    BIGNUM *dhp_bn, *dhg_bn;
++	{
++	static unsigned char dh2048_p[]={
++		0xA1,0x10,0x06,0x50,0xA0,0x71,0xCB,0xB6,0x29,0x55,0x9C,0xB1,
++		0xB6,0x63,0x53,0x08,0x25,0xA7,0x56,0x87,0x76,0x28,0xAA,0x56,
++		0x5E,0x9A,0x26,0xF7,0x5B,0x32,0x1D,0x8B,0x70,0xA8,0x2C,0xCE,
++		0x01,0xA6,0xCC,0x40,0x47,0xA7,0xFF,0x0C,0x86,0x96,0x23,0x45,
++		0xC4,0xE7,0xBF,0xF6,0xBB,0x1B,0x52,0xAF,0x57,0x45,0x22,0x2D,
++		0x80,0x9E,0x8E,0xEA,0x55,0x42,0x2F,0xD6,0x95,0xD7,0x72,0x07,
++		0xD3,0x42,0x23,0x83,0x6E,0x40,0x7B,0x92,0xFF,0xAA,0x8C,0x71,
++		0xFA,0xE0,0x1A,0xAF,0xC2,0x66,0x1E,0x63,0x02,0x5B,0x68,0x03,
++		0xEB,0xBE,0xF3,0xAE,0x67,0xDC,0x44,0x0C,0x44,0xF5,0x31,0x16,
++		0x14,0x9E,0x39,0x26,0x45,0xBA,0xDA,0x93,0x60,0x74,0xA9,0x44,
++		0xEB,0x00,0x97,0x84,0xF0,0xAF,0xDC,0x0A,0x45,0x7B,0x92,0x0B,
++		0xB1,0x03,0x4B,0x80,0x74,0x3D,0x67,0x12,0x36,0x7D,0xDB,0xF4,
++		0x23,0x1D,0x7E,0x83,0xF7,0x8B,0x2B,0xC5,0xE1,0x52,0xD4,0x5D,
++		0xAA,0x16,0x93,0x00,0xAD,0x6B,0x0E,0xFB,0xDE,0x0B,0xEC,0x50,
++		0xF5,0x7F,0x98,0x6C,0x1A,0xC1,0x79,0xE9,0x47,0xD9,0xB9,0x0B,
++		0xB2,0xFA,0x16,0x54,0xE4,0xA9,0x24,0x6F,0x62,0x45,0x07,0x6F,
++		0x6E,0x45,0x1F,0x4D,0xF9,0x75,0x43,0x61,0xCA,0x4D,0xD8,0x93,
++		0xE0,0x86,0x5F,0x70,0x1F,0x8A,0xFA,0xE1,0x84,0xB1,0x19,0x79,
++		0x98,0xFA,0x3C,0xDD,0x1A,0xD9,0x4F,0x63,0xE4,0x44,0x06,0x57,
++		0x14,0x20,0xB3,0x62,0x2F,0x88,0xA6,0x8E,0x95,0xB4,0xA3,0xAF,
++		0x13,0xBD,0x04,0xE7,0x4F,0x58,0x9C,0x9C,0x3D,0xE7,0x8C,0x60,
++		0xE4,0xF4,0xE9,0x23,
++		};
++	static unsigned char dh2048_g[]={
++		0x02,
++		};
++	DH *dh;
 +
-+    if (dh == NULL)
-+        return NULL;
-+    dhp_bn = BN_bin2bn(dhp_2048, sizeof (dhp_2048), NULL);
-+    dhg_bn = BN_bin2bn(dhg_2048, sizeof (dhg_2048), NULL);
-+    if (dhp_bn == NULL || dhg_bn == NULL
-+            || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
-+        DH_free(dh);
-+        BN_free(dhp_bn);
-+        BN_free(dhg_bn);
-+        return NULL;
-+    }
-+    return dh;
-+}
---- a/macros/ax_nagios_get_ssl
-+++ b/macros/ax_nagios_get_ssl
++	if ((dh=DH_new()) == NULL) return(NULL);
++	dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
++	dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
++	if ((dh->p == NULL) || (dh->g == NULL))
++		{ DH_free(dh); return(NULL); }
++	return(dh);
++	}
+Index: nagios-nrpe-3.2.0/macros/ax_nagios_get_ssl
+===================================================================
+--- nagios-nrpe-3.2.0.orig/macros/ax_nagios_get_ssl
++++ nagios-nrpe-3.2.0/macros/ax_nagios_get_ssl
 @@ -288,15 +288,7 @@ if test x$SSL_TYPE != xNONE; then
  		# Find the openssl program
  
diff -Nru nagios-nrpe-3.2.0/debian/rules nagios-nrpe-3.2.0/debian/rules
--- nagios-nrpe-3.2.0/debian/rules	2017-07-12 05:18:51.000000000 +0000
+++ nagios-nrpe-3.2.0/debian/rules	2017-08-10 23:49:53.000000000 +0000
@@ -23,7 +23,8 @@
 		--enable-ssl \
 		--with-logdir=/var/log \
 		--with-ssl-lib=/usr/lib/$(DEB_HOST_MULTIARCH) \
-		--with-piddir=/var/run/nagios
+		--with-piddir=/var/run/nagios \
+		--enable-command-args
 
 override_dh_auto_build:
 	dh_auto_build -- all