Bug#713364: libewf transition and #713364
Andreas Moog
andreas.moog at warperbbs.de
Sat Nov 9 22:10:04 UTC 2013
On 08.11.2013 22:35, Niels Thykier wrote:
> However, sleuthkit suffers from #713364 which is a FTBFS bug, so I
> have no reason to believe a binNMU will be successful.
[...]
> Comments welcome, a fix for #713364 in sid (or deferred) even more so.
I have taken the 2 patches from upstream that I mailed in September to
the bugreport and made a debdiff for a NMU upload. I don't have upload
rights though so I would need a sponsor to actually upload to Debian.
--
Andreas Moog, Berliner Str. 29, 36205 Sontra/Germany
Ubuntu Developer
PGP-encrypted mails preferred (Key-ID: 74DE6624)
PGP Fingerprint: 74CD D9FE 5BCB FE0D 13EE 8EEA 61F3 4426 74DE 6624
-------------- next part --------------
diff -Nru sleuthkit-3.2.3/debian/changelog sleuthkit-3.2.3/debian/changelog
--- sleuthkit-3.2.3/debian/changelog 2011-10-14 19:52:37.000000000 +0200
+++ sleuthkit-3.2.3/debian/changelog 2013-11-09 22:58:23.000000000 +0100
@@ -1,3 +1,12 @@
+sleuthkit (3.2.3-2.1) unstable; urgency=low
+
+ * Non-maintainer upload
+ * d/patches/95_fix-libewf2-detection.patch, 96_fix_build_libewf2.patch:
+ - Add 2 patches from upstream git to fix detection and build against
+ libewf2 (Closes: #713364)
+
+ -- Andreas Moog <amoog at ubuntu.com> Sat, 09 Nov 2013 22:55:04 +0100
+
sleuthkit (3.2.3-2) unstable; urgency=low
* Team upload.
diff -Nru sleuthkit-3.2.3/debian/patches/95_fix-libewf2-detection.patch sleuthkit-3.2.3/debian/patches/95_fix-libewf2-detection.patch
--- sleuthkit-3.2.3/debian/patches/95_fix-libewf2-detection.patch 1970-01-01 01:00:00.000000000 +0100
+++ sleuthkit-3.2.3/debian/patches/95_fix-libewf2-detection.patch 2013-11-09 22:54:25.000000000 +0100
@@ -0,0 +1,17 @@
+Description: Fix detection of libewf v2 API.
+Author: Joachim Metz
+Origin: upstream, https://github.com/sleuthkit/sleuthkit/commit/ee5515215c1f618bf966d175ace1270fea7c5d4b
+Bug: http://sourceforge.net/p/sleuthkit/bugs/208/
+Last-Update: <2013-08-29>
+
+--- sleuthkit-3.2.3.orig/configure.ac
++++ sleuthkit-3.2.3/configure.ac
+@@ -121,7 +121,7 @@ AS_IF([test "x$with_libewf" != "xno"],
+ )]
+ # Check for the header file first to make sure they have the dev install
+ [AC_CHECK_HEADERS([libewf.h],
+- [AC_CHECK_LIB([ewf], [libewf_open],[
++ [AC_CHECK_LIB([ewf], [libewf_get_version],[
+ AC_SUBST([LIBEWF_LIBS],["-lewf"])
+ AC_DEFINE([HAVE_LIBEWF],[1],[Define to have libewf header included.])
+ ])]
diff -Nru sleuthkit-3.2.3/debian/patches/96_fix_build_libewf2.patch sleuthkit-3.2.3/debian/patches/96_fix_build_libewf2.patch
--- sleuthkit-3.2.3/debian/patches/96_fix_build_libewf2.patch 1970-01-01 01:00:00.000000000 +0100
+++ sleuthkit-3.2.3/debian/patches/96_fix_build_libewf2.patch 2013-11-09 22:54:25.000000000 +0100
@@ -0,0 +1,840 @@
+Description: Fix build with libewf2
+Author: Omar Choudary
+Origin: upstream, https://github.com/sleuthkit/sleuthkit/commit/7dcf7863b449f6058952489b0367cf0c1fbd0964
+Bug: http://sourceforge.net/p/sleuthkit/feature-requests/73/
+Last-Update: <2013-08-30>
+
+Index: sleuthkit-3.2.3/tsk3/img/ewf.c
+===================================================================
+--- sleuthkit-3.2.3.orig/tsk3/img/ewf.c 2013-08-31 10:13:21.397922919 +0000
++++ sleuthkit-3.2.3/tsk3/img/ewf.c 2013-08-31 11:05:10.793936030 +0000
+@@ -14,67 +14,160 @@
+ #include "tsk_img_i.h"
+
+ #if HAVE_LIBEWF
++
+ #include "ewf.h"
+
+-static ssize_t
+-ewf_image_read(TSK_IMG_INFO * img_info, TSK_OFF_T offset, char *buf,
+- size_t len)
++#define TSK_EWF_ERROR_STRING_SIZE 512
++
++static \
++ssize_t ewf_image_read(
++ TSK_IMG_INFO *img_info,
++ TSK_OFF_T offset,
++ char *buffer,
++ size_t size )
+ {
+- ssize_t cnt;
+- IMG_EWF_INFO *ewf_info = (IMG_EWF_INFO *) img_info;
++#if defined( HAVE_LIBEWF_V2_API )
++ char error_string[ TSK_EWF_ERROR_STRING_SIZE ];
+
+- if (tsk_verbose)
+- tsk_fprintf(stderr,
+- "ewf_read: byte offset: %" PRIuOFF " len: %" PRIuSIZE "\n",
+- offset, len);
+-
+- if (offset > img_info->size) {
+- tsk_error_reset();
+- tsk_errno = TSK_ERR_IMG_READ_OFF;
+- snprintf(tsk_errstr, TSK_ERRSTR_L,
+- "split_read - %" PRIuOFF, offset);
+- return -1;
+- }
++ libewf_error_t *ewf_error = NULL;
++#endif
+
+- cnt = libewf_read_random(ewf_info->handle, buf, len, offset);
+- if (cnt < 0) {
+- tsk_error_reset();
+- // @@@ Add more specific error message
+- tsk_error_reset();
+- tsk_errno = TSK_ERR_IMG_READ;
+- snprintf(tsk_errstr, TSK_ERRSTR_L,
+- "ewf_read - offset: %" PRIuOFF " - len: %" PRIuSIZE " - %s",
+- offset, len, strerror(errno));
+- return -1;
+- }
++ IMG_EWF_INFO *ewf_info = (IMG_EWF_INFO *) img_info;
++ ssize_t read_count = 0;
++ if( tsk_verbose != 0 )
++ {
++ tsk_fprintf(
++ stderr,
++ "ewf_read: byte offset: %" PRIuOFF " len: %" PRIuSIZE "\n",
++ offset,
++ size );
++ }
++ if( offset > img_info->size )
++ {
++ tsk_error_reset();
++
++ tsk_errno = TSK_ERR_IMG_READ_OFF;
++
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "split_read - %" PRIuOFF,
++ offset );
++
++ return( -1 );
++ }
++#if defined( HAVE_LIBEWF_V2_API )
++ read_count = libewf_handle_read_random(
++ ewf_info->handle,
++ buffer,
++ size,
++ offset,
++ &ewf_error );
++
++ if( read_count < 0 )
++ {
++ tsk_error_reset();
++
++ tsk_errno = TSK_ERR_IMG_READ;
++
++ if( libewf_error_backtrace_sprint(
++ ewf_error,
++ error_string,
++ TSK_EWF_ERROR_STRING_SIZE ) == -1 )
++ {
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "ewf_read - offset: %" PRIuOFF " - len: %" PRIuSIZE " - %s",
++ offset,
++ size,
++ strerror( errno ) );
++ }
++ else
++ {
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "ewf_read - offset: %" PRIuOFF " - len: %" PRIuSIZE "\n%s",
++ offset,
++ size,
++ error_string );
++ }
++ libewf_error_free(
++ &ewf_error );
+
+- return cnt;
++ return( -1 );
++ }
++#else
++ read_count = libewf_read_random(
++ ewf_info->handle,
++ buffer,
++ size,
++ offset );
++
++ if( read_count < 0 )
++ {
++ tsk_error_reset();
++
++ tsk_errno = TSK_ERR_IMG_READ;
++
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "ewf_read - offset: %" PRIuOFF " - len: %" PRIuSIZE " - %s",
++ offset,
++ size,
++ strerror( errno ) );
++
++ return( -1 );
++ }
++#endif
++ return( read_count );
+ }
+
+-static void
+-ewf_image_imgstat(TSK_IMG_INFO * img_info, FILE * hFile)
++static \
++void ewf_image_imgstat(
++ TSK_IMG_INFO *img_info,
++ FILE * hFile )
+ {
+ IMG_EWF_INFO *ewf_info = (IMG_EWF_INFO *) img_info;
+
+- tsk_fprintf(hFile, "IMAGE FILE INFORMATION\n");
+- tsk_fprintf(hFile, "--------------------------------------------\n");
+- tsk_fprintf(hFile, "Image Type:\t\tewf\n");
+- tsk_fprintf(hFile, "\nSize of data in bytes:\t%" PRIuOFF "\n",
+- img_info->size);
+-
+- if (ewf_info->md5hash_isset == 1) {
+- tsk_fprintf(hFile, "MD5 hash of data:\t%s\n", ewf_info->md5hash);
+- }
+- return;
++ tsk_fprintf(
++ hFile,
++ "IMAGE FILE INFORMATION\n"
++ "--------------------------------------------\n"
++ "Image Type:\t\tewf\n"
++ "\nSize of data in bytes:\t%" PRIuOFF "\n",
++ img_info->size );
++
++ if( ewf_info->md5hash_isset == 1 )
++ {
++ tsk_fprintf(
++ hFile,
++ "MD5 hash of data:\t%s\n",
++ ewf_info->md5hash );
++ }
++ return;
+ }
+
+-static void
+-ewf_image_close(TSK_IMG_INFO * img_info)
++static \
++void ewf_image_close(
++ TSK_IMG_INFO *img_info )
+ {
+ int i;
+ IMG_EWF_INFO *ewf_info = (IMG_EWF_INFO *) img_info;
+
+- libewf_close(ewf_info->handle);
++#if defined( HAVE_LIBEWF_V2_API )
++ libewf_handle_close(
++ ewf_info->handle,
++ NULL );
++ libewf_handle_free(
++ &( ewf_info->handle ),
++ NULL );
++#else
++ libewf_close(
++ ewf_info->handle );
++#endif
+ for (i = 0; i < ewf_info->num_imgs; i++) {
+ free(ewf_info->images[i]);
+ }
+@@ -82,197 +175,413 @@
+ free(img_info);
+ }
+
+-/* Tests if the image file header against the
+- * header (magic) signature specified.
+- * Returns a 0 on no match and a 1 on a match, and -1 on error.
+- */
+-#if 0
+-static int
+-img_file_header_signature_ncmp(const char *filename,
+- const char *file_header_signature, int size_of_signature)
++TSK_IMG_INFO *ewf_open(
++ int num_img,
++ const TSK_TCHAR * const images[],
++ unsigned int a_ssize )
+ {
+- int match;
+- ssize_t read_count = 0;
+- char header[512];
+- int fd;
++#if defined( HAVE_LIBEWF_V2_API )
++ char error_string[ TSK_EWF_ERROR_STRING_SIZE ];
+
+- if ((filename == NULL) || (file_header_signature == NULL)) {
+- return (0);
+- }
+- if (size_of_signature <= 0) {
+- return (0);
+- }
++ libewf_error_t *ewf_error = NULL;
++ int result = 0;
+
+- if ((fd = open(filename, O_RDONLY | O_BINARY)) < 0) {
+- tsk_error_reset();
+- tsk_errno = TSK_ERR_IMG_OPEN;
+- snprintf(tsk_errstr, TSK_ERRSTR_L, "ewf magic testing: %s",
+- filename);
+- return -1;
+- }
+- read_count = read(fd, header, 512);
++#elif !defined( LIBEWF_STRING_DIGEST_HASH_LENGTH_MD5 )
++ uint8_t md5_hash[ 16 ];
++#endif
+
+- if (read_count != 512) {
+- tsk_error_reset();
+- tsk_errno = TSK_ERR_IMG_READ;
+- snprintf(tsk_errstr, TSK_ERRSTR_L, "ewf magic testing: %s",
+- filename);
+- return -1;
+- }
+- close(fd);
++ IMG_EWF_INFO *ewf_info = NULL;
++ TSK_IMG_INFO *img_info = NULL;
+
+- match = strncmp(file_header_signature, header, size_of_signature) == 0;
++ ewf_info = (IMG_EWF_INFO *) tsk_malloc(
++ sizeof( IMG_EWF_INFO ) );
+
+- return (match);
+-}
++ if( ewf_info == NULL )
++ {
++ return NULL;
++ }
++ img_info = (TSK_IMG_INFO *) ewf_info;
++
++ /* Check the file signature before we call the library open
++ */
++#if defined( HAVE_LIBEWF_V2_API )
++#if defined( TSK_WIN32 )
++ if( libewf_check_file_signature_wide(
++ images[ 0 ],
++ &ewf_error ) != 1 )
++#else
++ if( libewf_check_file_signature(
++ images[ 0 ],
++ &ewf_error ) != 1 )
+ #endif
++ {
++ tsk_error_reset();
+
++ tsk_errno = TSK_ERR_IMG_MAGIC;
+
+-TSK_IMG_INFO *
+-ewf_open(int a_num_img, const TSK_TCHAR * const a_images[],
+- unsigned int a_ssize)
+-{
+- IMG_EWF_INFO *ewf_info;
+- TSK_IMG_INFO *img_info;
+-#if !defined( LIBEWF_STRING_DIGEST_HASH_LENGTH_MD5 )
+- uint8_t md5_hash[16];
++ if( libewf_error_backtrace_sprint(
++ ewf_error,
++ error_string,
++ TSK_EWF_ERROR_STRING_SIZE ) == -1 )
++ {
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "ewf_open: Not an EWF file" );
++ }
++ else
++ {
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "ewf_open: Not an EWF file\n%s",
++ error_string );
++ }
++ libewf_error_free(
++ &ewf_error );
++
++ free(
++ ewf_info );
++
++ if(tsk_verbose != 0 )
++ {
++ tsk_fprintf(
++ stderr,
++ "Not an EWF file\n" );
++ }
++ return( NULL );
++ }
++ if( libewf_handle_initialize(
++ &( ewf_info->handle ),
++ &ewf_error ) != 1 )
++ {
++ tsk_error_reset();
++
++ tsk_errno = TSK_ERR_IMG_OPEN;
++
++ if( libewf_error_backtrace_sprint(
++ ewf_error,
++ error_string,
++ TSK_EWF_ERROR_STRING_SIZE ) == -1 )
++ {
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "ewf_open file: %" PRIttocTSK ": Error opening",
++ images[ 0 ] );
++ }
++ else
++ {
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "ewf_open file: %" PRIttocTSK ": Error opening\n%s",
++ images[ 0 ],
++ error_string );
++ }
++ free(
++ ewf_info);
++
++ if( tsk_verbose != 0 )
++ {
++ tsk_fprintf(
++ stderr,
++ "Unable to create EWF handle\n" );
++ }
++ return( NULL );
++ }
++#if defined( TSK_WIN32 )
++ if( libewf_handle_open_wide(
++ ewf_info->handle,
++ (wchar_t * const *) images,
++ num_img,
++ LIBEWF_OPEN_READ,
++ &ewf_error ) != 1 )
++#else
++ if( libewf_handle_open(
++ ewf_info->handle,
++ (char * const *) images,
++ num_img,
++ LIBEWF_OPEN_READ,
++ &ewf_error ) != 1 )
+ #endif
++ {
++ tsk_error_reset();
+
+- if ((ewf_info =
+- (IMG_EWF_INFO *) tsk_malloc(sizeof(IMG_EWF_INFO))) == NULL) {
+- return NULL;
+- }
+-
+- img_info = (TSK_IMG_INFO *) ewf_info;
++ tsk_errno = TSK_ERR_IMG_OPEN;
+
+-
+- // See if they specified only the first of the set...
+- if (a_num_img == 1) {
+- if ((ewf_info->images =
+- tsk_img_findFiles(a_images[0],
+- &ewf_info->num_imgs)) == NULL) {
+- free(ewf_info);
+- return NULL;
+- }
+- }
+- else {
+- int i;
+- ewf_info->num_imgs = a_num_img;
+- if ((ewf_info->images =
+- (TSK_TCHAR **) tsk_malloc(a_num_img *
+- sizeof(TSK_TCHAR *))) == NULL) {
+- free(ewf_info);
+- return NULL;
+- }
+- for (i = 0; i < a_num_img; i++) {
+- if ((ewf_info->images[i] =
+- (TSK_TCHAR *) tsk_malloc((TSTRLEN(a_images[i]) +
+- 1) * sizeof(TSK_TCHAR))) == NULL) {
+- free(ewf_info);
+- return NULL;
+- }
+- TSTRNCPY(ewf_info->images[i], a_images[i],
+- TSTRLEN(a_images[i]) + 1);
+- }
+- }
+-
+-
+-
+- /* check the magic before we call the library open */
+- //if (img_file_header_signature_ncmp(images[0],
+- // "\x45\x56\x46\x09\x0d\x0a\xff\x00", 8) != 1) {
+-#if defined (TSK_WIN32)
+- if (libewf_check_file_signature_wide(ewf_info->images[0]) == 0) {
++ if( libewf_error_backtrace_sprint(
++ ewf_error,
++ error_string,
++ TSK_EWF_ERROR_STRING_SIZE ) == -1 )
++ {
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "ewf_open file: %" PRIttocTSK ": Error opening",
++ images[ 0 ] );
++ }
++ else
++ {
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "ewf_open file: %" PRIttocTSK ": Error opening\n%s",
++ images[ 0 ],
++ error_string );
++ }
++ libewf_error_free(
++ &ewf_error );
++
++ free(
++ ewf_info );
++
++ if( tsk_verbose != 0 )
++ {
++ tsk_fprintf(
++ stderr,
++ "Error opening EWF file\n" );
++ }
++ return( NULL );
++ }
++ if( libewf_handle_get_media_size(
++ ewf_info->handle,
++ (size64_t *) &( img_info->size ),
++ &ewf_error ) != 1 )
++ {
++ tsk_error_reset();
++
++ tsk_errno = TSK_ERR_IMG_OPEN;
++
++ if( libewf_error_backtrace_sprint(
++ ewf_error,
++ error_string,
++ TSK_EWF_ERROR_STRING_SIZE ) == -1 )
++ {
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "ewf_open file: %" PRIttocTSK ": Error getting size of image",
++ images[ 0 ] );
++ }
++ else
++ {
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "ewf_open file: %" PRIttocTSK ": Error getting size of image\n%s",
++ images[ 0 ],
++ error_string );
++ }
++ libewf_error_free(
++ &ewf_error );
++
++ free(
++ ewf_info );
++
++ if( tsk_verbose != 0 )
++ {
++ tsk_fprintf(
++ stderr,
++ "Error getting size of EWF file\n" );
++ }
++ return( NULL );
++ }
++ result = libewf_handle_get_utf8_hash_value_md5(
++ ewf_info->handle,
++ (uint8_t *) ewf_info->md5hash,
++ 33,
++ &ewf_error );
++
++ if( result == -1 )
++ {
++ tsk_error_reset();
++
++ tsk_errno = TSK_ERR_IMG_OPEN;
++
++ if( libewf_error_backtrace_sprint(
++ ewf_error,
++ error_string,
++ TSK_EWF_ERROR_STRING_SIZE ) == -1 )
++ {
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "ewf_open file: %" PRIttocTSK ": Error getting MD5 of image",
++ images[ 0 ] );
++ }
++ else
++ {
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "ewf_open file: %" PRIttocTSK ": Error getting MD5 of image\n%s",
++ images[ 0 ],
++ error_string );
++ }
++ libewf_error_free(
++ &ewf_error );
++
++ free(
++ ewf_info );
++
++ if( tsk_verbose != 0 )
++ {
++ tsk_fprintf(
++ stderr,
++ "Error getting size of EWF file\n" );
++ }
++ return( NULL );
++ }
++ ewf_info->md5hash_isset = result;
+ #else
+- if (libewf_check_file_signature(ewf_info->images[0]) == 0) {
++#if defined( TSK_WIN32 )
++ if( libewf_check_file_signature_wide(
++ images[ 0 ] ) != 1 )
++#else
++ if( libewf_check_file_signature(
++ images[ 0 ] ) != 1 )
+ #endif
+- tsk_error_reset();
+- tsk_errno = TSK_ERR_IMG_MAGIC;
+- snprintf(tsk_errstr, TSK_ERRSTR_L, "ewf_open: Not an EWF file");
+- free(ewf_info);
+- if (tsk_verbose)
+- tsk_fprintf(stderr, "Not an EWF file\n");
+-
+- return NULL;
+- }
+-
+-#if defined (TSK_WIN32)
+- ewf_info->handle =
+- libewf_open_wide((wchar_t * const *) ewf_info->images,
+- ewf_info->num_imgs, LIBEWF_OPEN_READ);
++ {
++ tsk_error_reset();
++ tsk_errno = TSK_ERR_IMG_MAGIC;
++
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "ewf_open: Not an EWF file" );
++
++ free(
++ ewf_info );
++
++ if(tsk_verbose != 0 )
++ {
++ tsk_fprintf(
++ stderr,
++ "Not an EWF file\n" );
++ }
++ return( NULL );
++ }
++#if defined( TSK_WIN32 )
++ ewf_info->handle = libewf_open_wide(
++ (wchar_t * const *) images,
++ num_img,
++ LIBEWF_OPEN_READ );
+ #else
+- ewf_info->handle =
+- libewf_open((char *const *) ewf_info->images, ewf_info->num_imgs,
+- LIBEWF_OPEN_READ);
++ ewf_info->handle = libewf_open(
++ (char * const *) images,
++ num_img,
++ LIBEWF_OPEN_READ );
+ #endif
+- if (ewf_info->handle == NULL) {
+- tsk_error_reset();
+- tsk_errno = TSK_ERR_IMG_OPEN;
+- snprintf(tsk_errstr, TSK_ERRSTR_L,
+- "ewf_open file: %" PRIttocTSK ": Error opening",
+- ewf_info->images[0]);
+- free(ewf_info);
+- if (tsk_verbose) {
+- tsk_fprintf(stderr, "Error opening EWF file\n");
+- }
+- return NULL;
+- }
++ if( ewf_info->handle == NULL )
++ {
++ tsk_error_reset();
++
++ tsk_errno = TSK_ERR_IMG_OPEN;
++
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "ewf_open file: %" PRIttocTSK ": Error opening",
++ images[ 0 ] );
++
++ free(
++ ewf_info );
++
++ if( tsk_verbose != 0 )
++ {
++ tsk_fprintf(
++ stderr,
++ "Error opening EWF file\n" );
++ }
++ return( NULL );
++ }
+
+- // 2007 version
+ #if defined( LIBEWF_STRING_DIGEST_HASH_LENGTH_MD5 )
+- img_info->size = libewf_get_media_size(ewf_info->handle);
+- ewf_info->md5hash_isset = libewf_get_stored_md5_hash(ewf_info->handle,
+- ewf_info->md5hash, LIBEWF_STRING_DIGEST_HASH_LENGTH_MD5);
+-// libewf-20080322 version
++ // 2007 version
++ img_info->size = libewf_get_media_size(
++ ewf_info->handle );
++
++ ewf_info->md5hash_isset = libewf_get_stored_md5_hash(
++ ewf_info->handle,
++ ewf_info->md5hash,
++ LIBEWF_STRING_DIGEST_HASH_LENGTH_MD5 );
+ #else
+- if (libewf_get_media_size(ewf_info->handle,
+- (size64_t *) & (img_info->size))
+- != 1) {
+- tsk_error_reset();
+- tsk_errno = TSK_ERR_IMG_OPEN;
+- snprintf(tsk_errstr, TSK_ERRSTR_L,
+- "ewf_open file: %" PRIttocTSK ": Error getting size of image",
+- ewf_info->images[0]);
+- free(ewf_info);
+- if (tsk_verbose) {
+- tsk_fprintf(stderr, "Error getting size of EWF file\n");
+- }
+- return NULL;
+- }
+-
+- if (libewf_get_md5_hash(ewf_info->handle, md5_hash, 16) == 1) {
+- int md5_string_iterator = 0;
+- int md5_hash_iterator;
+- for (md5_hash_iterator = 0; md5_hash_iterator < 16;
+- md5_hash_iterator++) {
+- int digit = md5_hash[md5_hash_iterator] / 16;
+- if (digit <= 9)
+- ewf_info->md5hash[md5_string_iterator++] = (char)
+- ('0' + digit);
+- else
+- ewf_info->md5hash[md5_string_iterator++] = (char) ('a' +
+- (digit - 10));
+- digit = md5_hash[md5_hash_iterator] % 16;
+- if (digit <= 9)
+- ewf_info->md5hash[md5_string_iterator++] =
+- (char) ('0' + digit);
+- else
+- ewf_info->md5hash[md5_string_iterator++] = (char) ('a' +
+- (digit - 10));
+- }
+- ewf_info->md5hash_isset = 1;
+- }
+-#endif
+- img_info->sector_size = 512;
+- if (a_ssize)
+- img_info->sector_size = a_ssize;
+-
+-
+- img_info->itype = TSK_IMG_TYPE_EWF_EWF;
+- img_info->read = ewf_image_read;
+- img_info->close = ewf_image_close;
+- img_info->imgstat = ewf_image_imgstat;
+-
++ // libewf-20080322 version
++ if( libewf_get_media_size(
++ ewf_info->handle,
++ (size64_t *) &( img_info->size ) ) != 1 )
++ {
++ tsk_error_reset();
++
++ tsk_errno = TSK_ERR_IMG_OPEN;
++
++ snprintf(
++ tsk_errstr,
++ TSK_ERRSTR_L,
++ "ewf_open file: %" PRIttocTSK ": Error getting size of image",
++ images[ 0 ] );
++
++ free(
++ ewf_info );
++
++ if( tsk_verbose != 0 )
++ {
++ tsk_fprintf(
++ stderr,
++ "Error getting size of EWF file\n" );
++ }
++ return( NULL );
++ }
++ if( libewf_get_md5_hash(
++ ewf_info->handle,
++ md5_hash,
++ 16 ) == 1 )
++ {
++ int md5_string_iterator = 0;
++ int md5_hash_iterator = 0;
++
++ for( md5_hash_iterator = 0;
++ md5_hash_iterator < 16;
++ md5_hash_iterator++ )
++ {
++ int digit = md5_hash[ md5_hash_iterator ] / 16;
++
++ if( digit <= 9 )
++ {
++ ewf_info->md5hash[ md5_string_iterator++ ] = '0' + (char) digit;
++ }
++ else
++ {
++ ewf_info->md5hash[ md5_string_iterator++ ] = 'a' + (char) ( digit - 10 );
++ }
++ digit = md5_hash[md5_hash_iterator] % 16;
++
++ if( digit <= 9 )
++ {
++ ewf_info->md5hash[ md5_string_iterator++ ] = '0' + (char) digit;
++ }
++ else
++ {
++ ewf_info->md5hash[ md5_string_iterator++ ] = 'a' + (char) ( digit - 10 );
++ }
++ }
++ ewf_info->md5hash_isset = 1;
++ }
++#endif /* defined( LIBEWF_STRING_DIGEST_HASH_LENGTH_MD5 ) */
++#endif /* defined( HAVE_LIBEWF_V2_API ) */
++ if( a_ssize != 0 )
++ {
++ img_info->sector_size = a_ssize;
++ }
++ else
++ {
++ img_info->sector_size = 512;
++ }
++ img_info->itype = TSK_IMG_TYPE_EWF_EWF;
++ img_info->read = &ewf_image_read;
++ img_info->close = &ewf_image_close;
++ img_info->imgstat = &ewf_image_imgstat;
+ return img_info;
+ }
+ #endif
+Index: sleuthkit-3.2.3/tsk3/img/ewf.h
+===================================================================
+--- sleuthkit-3.2.3.orig/tsk3/img/ewf.h 2013-08-31 10:13:21.425922919 +0000
++++ sleuthkit-3.2.3/tsk3/img/ewf.h 2013-08-31 11:00:28.329934838 +0000
+@@ -13,8 +13,8 @@
+ * Header files for EWF-specific data structures and functions.
+ */
+
+-#ifndef _EWF_H
+-#define _EWF_H
++#if !defined( _TSK_IMG_EWF_H )
++#define _TSK_IMG_EWF_H
+
+ #if HAVE_LIBEWF
+
+@@ -25,6 +25,14 @@
+
+ #include <libewf.h>
+
++#if !defined( LIBEWF_HANDLE )
++
++/* libewf version 2 no longer defines LIBEWF_HANDLE
++ */
++#define HAVE_LIBEWF_V2_API
++#endif
++
++
+ #ifdef __cplusplus
+ extern "C" {
+ #endif
+@@ -34,7 +42,7 @@
+
+ typedef struct {
+ TSK_IMG_INFO img_info;
+- LIBEWF_HANDLE *handle;
++ libewf_handle_t *handle;
+ char md5hash[33];
+ int md5hash_isset;
+ TSK_TCHAR **images;
diff -Nru sleuthkit-3.2.3/debian/patches/series sleuthkit-3.2.3/debian/patches/series
--- sleuthkit-3.2.3/debian/patches/series 2011-10-14 19:52:37.000000000 +0200
+++ sleuthkit-3.2.3/debian/patches/series 2013-11-09 22:54:56.000000000 +0100
@@ -2,4 +2,6 @@
30_fix-manpages.diff
40_fix-typo.diff
90_fix_ldflags.diff
+95_fix-libewf2-detection.patch
+96_fix_build_libewf2.patch
99_no_static_ldflags.diff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/forensics-devel/attachments/20131109/4b59b552/attachment-0003.sig>
More information about the forensics-devel
mailing list