rpms/cracklib
7
0
Fork 0
Code Issues Pull Requests Releases Activity

update to 2.9.7

Browse Source 
Mostly a security fix release for CVE 2016-6318 which
was already fixed in Fedora.
This commit is contained in:
Paul Wouters 2022-03-07 20:04:01 -05:00
parent bd42e8f9cf
commit 620dc687b7
No known key found for this signature in database
GPG Key ID: DB48D2E5122468BF
4 changed files with 1009 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

671
cracklib-2.9.7-packlib-reentrant.patch Normal file
View File

@ -0,0 +1,671 @@
diff -Naur cracklib-2.9.7-orig/lib/fascist.c cracklib-2.9.7/lib/fascist.c
--- cracklib-2.9.7-orig/lib/fascist.c 2019-02-13 20:54:41.000000000 -0500
+++ cracklib-2.9.7/lib/fascist.c 2022-03-07 14:48:53.348146748 -0500
@@ -36,8 +36,8 @@
#undef DEBUG
#undef DEBUG2
-extern char *Reverse(char *buf);
-extern char *Lowercase(char *buf);
+extern char *Reverse(char *buf, char *area);
+extern char *Lowercase(char *buf, char *area);
static char *r_destructors[] = {
":", /* noop - must do this to test raw word. */
@@ -439,6 +439,8 @@
int i;
int len;
char *mp;
+ char area[STRINGSIZE];
+ char revarea[STRINGSIZE];
/* use destructors to turn password into rawtext */
/* note use of Reverse() to save duplicating all rules */
@@ -447,7 +449,7 @@
for (i = 0; r_destructors[i]; i++)
{
- if (!(mp = Mangle(password, r_destructors[i])))
+ if (!(mp = Mangle(password, r_destructors[i], area)))
{
continue;
}
@@ -462,10 +464,10 @@
}
#ifdef DEBUG
- printf("%-16s = %-16s (destruct %s reversed)\n", Reverse(mp), rawtext, r_destructors[i]);
+ printf("%-16s = %-16s (destruct %s reversed)\n", Reverse(mp, revarea), rawtext, r_destructors[i]);
#endif
- if (!strncmp(Reverse(mp), rawtext, len))
+ if (!strncmp(Reverse(mp, revarea), rawtext, len))
{
return (1);
}
@@ -473,7 +475,7 @@
for (i = 0; r_constructors[i]; i++)
{
- if (!(mp = Mangle(rawtext, r_constructors[i])))
+ if (!(mp = Mangle(rawtext, r_constructors[i], area)))
{
continue;
}
@@ -520,7 +522,7 @@
strncpy(tbuffer, gecos, STRINGSIZE);
tbuffer[STRINGSIZE-1] = '\0';
- strcpy(gbuffer, Lowercase(tbuffer));
+ Lowercase(tbuffer, gbuffer);
wc = 0;
ptr = gbuffer;
@@ -704,6 +706,7 @@
char junk[STRINGSIZE];
char *password;
char rpassword[STRINGSIZE];
+ char area[STRINGSIZE];
uint32_t notfound;
notfound = PW_WORDS(pwp);
@@ -740,7 +743,7 @@
return _("it does not contain enough DIFFERENT characters");
}
- strcpy(password, (char *)Lowercase(password));
+ strcpy(password, (char *)Lowercase(password, area));
Trim(password);
@@ -796,7 +799,7 @@
{
char *a;
- if (!(a = Mangle(password, r_destructors[i])))
+ if (!(a = Mangle(password, r_destructors[i], area)))
{
continue;
}
@@ -811,13 +814,13 @@
}
}
- strcpy(password, (char *)Reverse(password));
+ strcpy(password, (char *)Reverse(password, area));
for (i = 0; r_destructors[i]; i++)
{
char *a;
- if (!(a = Mangle(password, r_destructors[i])))
+ if (!(a = Mangle(password, r_destructors[i], area)))
{
continue;
}
diff -Naur cracklib-2.9.7-orig/lib/packer.h cracklib-2.9.7/lib/packer.h
--- cracklib-2.9.7-orig/lib/packer.h 2022-03-07 14:47:42.224763853 -0500
+++ cracklib-2.9.7/lib/packer.h 2022-03-07 14:48:53.349146753 -0500
@@ -82,7 +82,7 @@
extern unsigned int FindPW(PWDICT *pwp, char *string);
extern int PutPW(PWDICT *pwp, char *string);
extern int PMatch(char *control, char *string);
-extern char *Mangle(char *input, char *control);
+extern char *Mangle(char *input, char *control, char *area);
extern char Chop(char *string);
extern char *Trim(char *string);
extern char *FascistLook(PWDICT *pwp, char *instring);
diff -Naur cracklib-2.9.7-orig/lib/packlib.c cracklib-2.9.7/lib/packlib.c
--- cracklib-2.9.7-orig/lib/packlib.c 2019-02-13 20:54:41.000000000 -0500
+++ cracklib-2.9.7/lib/packlib.c 2022-03-07 14:48:53.349146753 -0500
@@ -67,8 +67,8 @@
char *mode;
{
int use64 = 0;
- static PWDICT pdesc;
- static PWDICT64 pdesc64;
+ PWDICT *pdesc;
+ PWDICT64 pdesc64;
char iname[STRINGSIZE];
char dname[STRINGSIZE];
char wname[STRINGSIZE];
@@ -76,13 +76,11 @@
void *ifp;
void *wfp;
- if (pdesc.header.pih_magic == PIH_MAGIC)
- {
- fprintf(stderr, "%s: another dictionary already open\n", prefix);
+ pdesc = malloc(sizeof(*pdesc));
+ if (pdesc == NULL)
return NULL;
- }
- memset(&pdesc, '\0', sizeof(pdesc));
+ memset(pdesc, '\0', sizeof(*pdesc));
memset(&pdesc64, '\0', sizeof(pdesc64));
snprintf(iname, STRINGSIZE, "%s.pwi", prefix);
@@ -91,77 +89,80 @@
if (mode[0] == 'r')
{
- pdesc.flags &= ~PFOR_USEZLIB;
+ pdesc->flags &= ~PFOR_USEZLIB;
/* first try the normal db file */
- if (!(pdesc.dfp = fopen(dname, mode)))
+ if (!(pdesc->dfp = fopen(dname, mode)))
{
#ifdef HAVE_ZLIB_H
- pdesc.flags |= PFOR_USEZLIB;
+ pdesc->flags |= PFOR_USEZLIB;
/* try extension .gz */
snprintf(dname, STRINGSIZE, "%s.pwd.gz", prefix);
- if (!(pdesc.dfp = gzopen(dname, mode)))
+ if (!(pdesc->dfp = gzopen(dname, mode)))
{
perror(dname);
+ free(pdesc);
return NULL;
}
#else
perror(dname);
+ free(pdesc);
return NULL;
#endif
}
}
else
{
- pdesc.flags &= ~PFOR_USEZLIB;
+ pdesc->flags &= ~PFOR_USEZLIB;
/* write mode: use fopen */
- if (!(pdesc.dfp = fopen(dname, mode)))
+ if (!(pdesc->dfp = fopen(dname, mode)))
{
perror(dname);
+ free(pdesc);
return NULL;
}
}
- if (!(pdesc.ifp = fopen(iname, mode)))
+ if (!(pdesc->ifp = fopen(iname, mode)))
{
#ifdef HAVE_ZLIB_H
- if (pdesc.flags & PFOR_USEZLIB)
- gzclose(pdesc.dfp);
+ if(pdesc->flags & PFOR_USEZLIB)
+ gzclose(pdesc->dfp);
else
#endif
- fclose(pdesc.dfp);
+ fclose(pdesc->dfp);
perror(iname);
+ free(pdesc);
return NULL;
}
- if ((pdesc.wfp = fopen(wname, mode)))
+ if ((pdesc->wfp = fopen(wname, mode)))
{
- pdesc.flags |= PFOR_USEHWMS;
+ pdesc->flags |= PFOR_USEHWMS;
}
- ifp = pdesc.ifp;
- dfp = pdesc.dfp;
- wfp = pdesc.wfp;
+ ifp = pdesc->ifp;
+ dfp = pdesc->dfp;
+ wfp = pdesc->wfp;
if (mode[0] == 'w')
{
- pdesc.flags |= PFOR_WRITE;
- pdesc.header.pih_magic = PIH_MAGIC;
- pdesc.header.pih_blocklen = NUMWORDS;
- pdesc.header.pih_numwords = 0;
+ pdesc->flags |= PFOR_WRITE;
+ pdesc->header.pih_magic = PIH_MAGIC;
+ pdesc->header.pih_blocklen = NUMWORDS;
+ pdesc->header.pih_numwords = 0;
- fwrite((char *) &pdesc.header, sizeof(pdesc.header), 1, ifp);
+ fwrite((char *) &pdesc->header, sizeof(pdesc->header), 1, ifp);
} else
{
- pdesc.flags &= ~PFOR_WRITE;
+ pdesc->flags &= ~PFOR_WRITE;
- if (!fread((char *) &pdesc.header, sizeof(pdesc.header), 1, ifp))
+ if (!fread((char *) &pdesc->header, sizeof(pdesc->header), 1, ifp))
{
fprintf(stderr, "%s: error reading header\n", prefix);
- pdesc.header.pih_magic = 0;
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if (pdesc.flags & PFOR_USEZLIB)
+ if(pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -170,10 +171,11 @@
{
fclose(wfp);
}
+ free(pdesc);
return NULL;
}
- if ((pdesc.header.pih_magic == 0) || (pdesc.header.pih_numwords == 0))
+ if ((pdesc->header.pih_magic == 0) || (pdesc->header.pih_numwords == 0))
{
/* uh-oh. either a broken "64-bit" file or a garbage file. */
rewind (ifp);
@@ -181,10 +183,9 @@
{
fprintf(stderr, "%s: error reading header\n", prefix);
- pdesc.header.pih_magic = 0;
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if (pdesc.flags & PFOR_USEZLIB)
+ if (pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -193,6 +194,7 @@
{
fclose(wfp);
}
+ free(pdesc);
return NULL;
}
if (pdesc64.header.pih_magic != PIH_MAGIC)
@@ -200,10 +202,9 @@
/* nope, not "64-bit" after all */
fprintf(stderr, "%s: error reading header\n", prefix);
- pdesc.header.pih_magic = 0;
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if (pdesc.flags & PFOR_USEZLIB)
+ if (pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -213,23 +214,23 @@
{
fclose(wfp);
}
+ free(pdesc);
return NULL;
}
- pdesc.header.pih_magic = pdesc64.header.pih_magic;
- pdesc.header.pih_numwords = pdesc64.header.pih_numwords;
- pdesc.header.pih_blocklen = pdesc64.header.pih_blocklen;
- pdesc.header.pih_pad = pdesc64.header.pih_pad;
+ pdesc->header.pih_magic = pdesc64.header.pih_magic;
+ pdesc->header.pih_numwords = pdesc64.header.pih_numwords;
+ pdesc->header.pih_blocklen = pdesc64.header.pih_blocklen;
+ pdesc->header.pih_pad = pdesc64.header.pih_pad;
use64 = 1;
}
- if (pdesc.header.pih_magic != PIH_MAGIC)
+ if (pdesc->header.pih_magic != PIH_MAGIC)
{
fprintf(stderr, "%s: magic mismatch\n", prefix);
- pdesc.header.pih_magic = 0;
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if (pdesc.flags & PFOR_USEZLIB)
+ if (pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -239,17 +240,17 @@
{
fclose(wfp);
}
+ free(pdesc);
return NULL;
}
- if (pdesc.header.pih_numwords < 1)
+ if (pdesc->header.pih_numwords < 1)
{
fprintf(stderr, "%s: invalid word count\n", prefix);
- pdesc.header.pih_magic = 0;
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if (pdesc.flags & PFOR_USEZLIB)
+ if (pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -258,17 +259,17 @@
{
fclose(wfp);
}
+ free(pdesc);
return NULL;
}
- if (pdesc.header.pih_blocklen != NUMWORDS)
+ if (pdesc->header.pih_blocklen != NUMWORDS)
{
fprintf(stderr, "%s: size mismatch\n", prefix);
- pdesc.header.pih_magic = 0;
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if (pdesc.flags & PFOR_USEZLIB)
+ if (pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -277,10 +278,11 @@
{
fclose(wfp);
}
+ free(pdesc);
return NULL;
}
- if (pdesc.flags & PFOR_USEHWMS)
+ if (pdesc->flags & PFOR_USEHWMS)
{
int i;
@@ -288,27 +290,27 @@
{
if (fread(pdesc64.hwms, 1, sizeof(pdesc64.hwms), wfp) != sizeof(pdesc64.hwms))
{
- pdesc.flags &= ~PFOR_USEHWMS;
+ pdesc->flags &= ~PFOR_USEHWMS;
}
- for (i = 0; i < sizeof(pdesc.hwms) / sizeof(pdesc.hwms[0]); i++)
+ for (i = 0; i < sizeof(pdesc->hwms) / sizeof(pdesc->hwms[0]); i++)
{
- pdesc.hwms[i] = pdesc64.hwms[i];
+ pdesc->hwms[i] = pdesc64.hwms[i];
}
- }
- else if (fread(pdesc.hwms, 1, sizeof(pdesc.hwms), wfp) != sizeof(pdesc.hwms))
+ }
+ else if (fread(pdesc->hwms, 1, sizeof(pdesc->hwms), wfp) != sizeof(pdesc->hwms))
{
- pdesc.flags &= ~PFOR_USEHWMS;
+ pdesc->flags &= ~PFOR_USEHWMS;
}
#if DEBUG
for (i=1; i<=0xff; i++)
{
- printf("hwm[%02x] = %d\n", i, pdesc.hwms[i]);
+ printf("hwm[%02x] = %d\n", i, pdesc->hwms[i]);
}
#endif
}
}
- return (&pdesc);
+ return (pdesc);
}
int
@@ -318,6 +320,7 @@
if (pwp->header.pih_magic != PIH_MAGIC)
{
fprintf(stderr, "PWClose: close magic mismatch\n");
+ /* we do not try to free memory that is probably corrupted */
return (-1);
}
@@ -329,12 +332,14 @@
if (fseek(pwp->ifp, 0L, 0))
{
fprintf(stderr, "index magic fseek failed\n");
+ free(pwp);
return (-1);
}
if (!fwrite((char *) &pwp->header, sizeof(pwp->header), 1, pwp->ifp))
{
fprintf(stderr, "index magic fwrite failed\n");
+ free(pwp);
return (-1);
}
@@ -368,6 +373,7 @@
}
pwp->header.pih_magic = 0;
+ free(pwp);
return (0);
}
diff -Naur cracklib-2.9.7-orig/lib/rules.c cracklib-2.9.7/lib/rules.c
--- cracklib-2.9.7-orig/lib/rules.c 2019-02-13 20:54:41.000000000 -0500
+++ cracklib-2.9.7/lib/rules.c 2022-03-07 15:11:48.271298263 -0500
@@ -82,12 +82,12 @@
}
char *
-Reverse(str) /* return a pointer to a reversal */
+Reverse(str, area) /* return a pointer to a reversal */
register char *str;
+ char *area;
{
register int i;
register int j;
- static char area[STRINGSIZE];
j = i = strlen(str);
while (*str)
{
@@ -98,11 +98,11 @@
}
char *
-Uppercase(str) /* return a pointer to an uppercase */
+Uppercase(str, area) /* return a pointer to an uppercase */
register char *str;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*str)
{
@@ -115,11 +115,11 @@
}
char *
-Lowercase(str) /* return a pointer to an lowercase */
+Lowercase(str, area) /* return a pointer to an lowercase */
register char *str;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*str)
{
@@ -132,11 +132,11 @@
}
char *
-Capitalise(str) /* return a pointer to an capitalised */
+Capitalise(str, area) /* return a pointer to an capitalised */
register char *str;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*str)
@@ -151,11 +151,11 @@
}
char *
-Pluralise(string) /* returns a pointer to a plural */
+Pluralise(string, area) /* returns a pointer to a plural */
register char *string;
+ char *area;
{
register int length;
- static char area[STRINGSIZE];
length = strlen(string);
strcpy(area, string);
@@ -192,13 +192,13 @@
}
char *
-Substitute(string, old, new) /* returns pointer to a swapped about copy */
+Substitute(string, old, new, area) /* returns pointer to a swapped about copy */
register char *string;
register char old;
register char new;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*string)
{
@@ -210,12 +210,12 @@
}
char *
-Purge(string, target) /* returns pointer to a purged copy */
+Purge(string, target, area) /* returns pointer to a purged copy */
register char *string;
register char target;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*string)
{
@@ -372,13 +372,13 @@
}
char *
-PolySubst(string, class, new) /* returns pointer to a swapped about copy */
+PolySubst(string, class, new, area) /* returns pointer to a swapped about copy */
register char *string;
register char class;
register char new;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*string)
{
@@ -390,12 +390,12 @@
}
char *
-PolyPurge(string, class) /* returns pointer to a purged copy */
+PolyPurge(string, class, area) /* returns pointer to a purged copy */
register char *string;
register char class;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*string)
{
@@ -428,39 +428,40 @@
}
char *
-Mangle(input, control) /* returns a pointer to a controlled Mangle */
+Mangle(input, control, area) /* returns a pointer to a controlled Mangle */
char *input;
char *control;
+ char *area;
{
int limit;
register char *ptr;
- static char area[STRINGSIZE * 2] = {0};
char area2[STRINGSIZE * 2] = {0};
strcpy(area, input);
for (ptr = control; *ptr; ptr++)
{
+ strcpy(area2, area);
switch (*ptr)
{
case RULE_NOOP:
break;
case RULE_REVERSE:
- strcpy(area, Reverse(area));
+ Reverse(area2, area);
break;
case RULE_UPPERCASE:
- strcpy(area, Uppercase(area));
+ Uppercase(area2, area);
break;
case RULE_LOWERCASE:
- strcpy(area, Lowercase(area));
+ Lowercase(area2, area);
break;
case RULE_CAPITALISE:
- strcpy(area, Capitalise(area));
+ Capitalise(area2, area);
break;
case RULE_PLURALISE:
- strcpy(area, Pluralise(area));
+ Pluralise(area2, area);
break;
case RULE_REFLECT:
- strcat(area, Reverse(area));
+ strcat(area, Reverse(area, area2));
break;
case RULE_DUPLICATE:
strcpy(area2, area);
@@ -547,7 +548,6 @@
Debug(1, "Mangle: extract: weird argument in '%s'\n", control);
return NULL;
}
- strcpy(area2, area);
for (i = 0; length-- && area2[start + i]; i++)
{
area[i] = area2[start + i];
@@ -618,10 +618,10 @@
return NULL;
} else if (ptr[1] != RULE_CLASS)
{
- strcpy(area, Purge(area, *(++ptr)));
+ Purge(area2, *(++ptr), area);
} else
{
- strcpy(area, PolyPurge(area, ptr[2]));
+ PolyPurge(area2, ptr[2], area);
ptr += 2;
}
break;
@@ -632,11 +632,11 @@
return NULL;
} else if (ptr[1] != RULE_CLASS)
{
- strcpy(area, Substitute(area, ptr[1], ptr[2]));
+ Substitute(area2, ptr[1], ptr[2], area);
ptr += 2;
} else
{
- strcpy(area, PolySubst(area, ptr[2], ptr[3]));
+ PolySubst(area2, ptr[2], ptr[3], area);
ptr += 3;
}
break;

217
cracklib-2.9.7-simplistic.patch Normal file
View File

@ -0,0 +1,217 @@
diff -Naur cracklib-2.9.7-orig/lib/fascist.c cracklib-2.9.7/lib/fascist.c
--- cracklib-2.9.7-orig/lib/fascist.c 2022-03-07 15:16:11.722225350 -0500
+++ cracklib-2.9.7/lib/fascist.c 2022-03-07 15:17:54.598692721 -0500
@@ -55,7 +55,6 @@
"/?p@?p", /* purging out punctuation/symbols/junk */
"/?s@?s",
- "/?X@?X",
/* attempt reverse engineering of password strings */
@@ -454,6 +453,12 @@
continue;
}
+ if (len - strlen(mp) >= 3)
+ {
+ /* purged too much */
+ continue;
+ }
+
#ifdef DEBUG
printf("%-16s = %-16s (destruct %s)\n", mp, rawtext, r_destructors[i]);
#endif
@@ -480,6 +485,12 @@
continue;
}
+ if (len - strlen(mp) >= 3)
+ {
+ /* purged too much */
+ continue;
+ }
+
#ifdef DEBUG
printf("%-16s = %-16s (construct %s)\n", mp, password, r_constructors[i]);
#endif
@@ -708,6 +719,7 @@
char rpassword[STRINGSIZE];
char area[STRINGSIZE];
uint32_t notfound;
+ int len;
notfound = PW_WORDS(pwp);
/* already truncated if from FascistCheck() */
@@ -757,6 +769,7 @@
return _("it is all whitespace");
}
+ len = strlen(password);
i = 0;
ptr = password;
while (ptr[0] && ptr[1])
@@ -768,10 +781,9 @@
ptr++;
}
- /* Change by Ben Karsin from ITS at University of Hawaii at Manoa. Static MAXSTEP
- would generate many false positives for long passwords. */
- maxrepeat = 3+(0.09*strlen(password));
- if (i > maxrepeat)
+ /* We were still generating false positives for long passwords.
+ Just count systematic double as a single character. */
+ if (len - i < MINLEN)
{
return _("it is too simplistic/systematic");
}
@@ -804,6 +816,12 @@
continue;
}
+ if (len - strlen(a) >= 3)
+ {
+ /* purged too much */
+ continue;
+ }
+
#ifdef DEBUG
printf("%-16s (dict)\n", a);
#endif
@@ -824,6 +842,13 @@
{
continue;
}
+
+ if (len - strlen(a) >= 3)
+ {
+ /* purged too much */
+ continue;
+ }
+
#ifdef DEBUG
printf("%-16s (reversed dict)\n", a);
#endif
diff -Naur cracklib-2.9.7-orig/lib/fascist.c.orig cracklib-2.9.7/lib/fascist.c.orig
--- cracklib-2.9.7-orig/lib/fascist.c.orig 2022-03-07 15:16:11.722225350 -0500
+++ cracklib-2.9.7/lib/fascist.c.orig 2022-03-07 15:16:11.722225350 -0500
@@ -36,8 +36,8 @@
#undef DEBUG
#undef DEBUG2
-extern char *Reverse(char *buf);
-extern char *Lowercase(char *buf);
+extern char *Reverse(char *buf, char *area);
+extern char *Lowercase(char *buf, char *area);
static char *r_destructors[] = {
":", /* noop - must do this to test raw word. */
@@ -439,6 +439,8 @@
int i;
int len;
char *mp;
+ char area[STRINGSIZE];
+ char revarea[STRINGSIZE];
/* use destructors to turn password into rawtext */
/* note use of Reverse() to save duplicating all rules */
@@ -447,7 +449,7 @@
for (i = 0; r_destructors[i]; i++)
{
- if (!(mp = Mangle(password, r_destructors[i])))
+ if (!(mp = Mangle(password, r_destructors[i], area)))
{
continue;
}
@@ -462,10 +464,10 @@
}
#ifdef DEBUG
- printf("%-16s = %-16s (destruct %s reversed)\n", Reverse(mp), rawtext, r_destructors[i]);
+ printf("%-16s = %-16s (destruct %s reversed)\n", Reverse(mp, revarea), rawtext, r_destructors[i]);
#endif
- if (!strncmp(Reverse(mp), rawtext, len))
+ if (!strncmp(Reverse(mp, revarea), rawtext, len))
{
return (1);
}
@@ -473,7 +475,7 @@
for (i = 0; r_constructors[i]; i++)
{
- if (!(mp = Mangle(rawtext, r_constructors[i])))
+ if (!(mp = Mangle(rawtext, r_constructors[i], area)))
{
continue;
}
@@ -520,7 +522,7 @@
strncpy(tbuffer, gecos, STRINGSIZE);
tbuffer[STRINGSIZE-1] = '\0';
- strcpy(gbuffer, Lowercase(tbuffer));
+ Lowercase(tbuffer, gbuffer);
wc = 0;
ptr = gbuffer;
@@ -704,6 +706,7 @@
char junk[STRINGSIZE];
char *password;
char rpassword[STRINGSIZE];
+ char area[STRINGSIZE];
uint32_t notfound;
notfound = PW_WORDS(pwp);
@@ -740,7 +743,7 @@
return _("it does not contain enough DIFFERENT characters");
}
- strcpy(password, (char *)Lowercase(password));
+ strcpy(password, (char *)Lowercase(password, area));
Trim(password);
@@ -796,7 +799,7 @@
{
char *a;
- if (!(a = Mangle(password, r_destructors[i])))
+ if (!(a = Mangle(password, r_destructors[i], area)))
{
continue;
}
@@ -811,13 +814,13 @@
}
}
- strcpy(password, (char *)Reverse(password));
+ strcpy(password, (char *)Reverse(password, area));
for (i = 0; r_destructors[i]; i++)
{
char *a;
- if (!(a = Mangle(password, r_destructors[i])))
+ if (!(a = Mangle(password, r_destructors[i], area)))
{
continue;
}
diff -Naur cracklib-2.9.7-orig/util/cracklib-format cracklib-2.9.7/util/cracklib-format
--- cracklib-2.9.7-orig/util/cracklib-format 2019-02-13 20:54:41.000000000 -0500
+++ cracklib-2.9.7/util/cracklib-format 2022-03-07 15:17:54.599692726 -0500
@@ -3,8 +3,10 @@
# This preprocesses a set of word lists into a suitable form for input
# into cracklib-packer
#
+LC_ALL=C
+export LC_ALL
gzip -cdf "$@" |
- grep -v '^\(#\|$\)' |
- tr '[A-Z]' '[a-z]' |
- tr -cd '\012[a-z][0-9]' |
- env LC_ALL=C sort -u
+ grep -a -E -v '^.{32,}$' |
+ tr '[:upper:]' '[:lower:]' |
+ tr -cd '\n[:graph:]' |
+ sort -u

118
cracklib-2.9.7-translation-updates.patch Normal file
View File

@ -0,0 +1,118 @@
diff -Naur cracklib-2.9.7-orig/po/as.po cracklib-2.9.7/po/as.po
--- cracklib-2.9.7-orig/po/as.po 2019-03-03 12:49:42.000000000 -0500
+++ cracklib-2.9.7/po/as.po 2022-03-07 15:22:59.631245123 -0500
@@ -76,7 +76,7 @@
#: lib/fascist.c:874
msgid "error loading dictionary"
-msgstr ""
+msgstr "শব্দকোষ ল'ড কৰোতে ত্ৰুটি"
#~ msgid "it's derived from your password entry"
#~ msgstr "ইয়াক আপোনাৰ গুপ্তশব্দৰ নিবেশৰ পৰা পোৱা হৈছে"
diff -Naur cracklib-2.9.7-orig/po/gu.po cracklib-2.9.7/po/gu.po
--- cracklib-2.9.7-orig/po/gu.po 2019-03-03 12:49:42.000000000 -0500
+++ cracklib-2.9.7/po/gu.po 2022-03-07 15:32:12.444115364 -0500
@@ -77,7 +77,7 @@
#: lib/fascist.c:874
msgid "error loading dictionary"
-msgstr ""
+msgstr "શબ્દકોષને લાવી રહ્યા હોય ત્યારે ભૂલ"
#~ msgid "it's derived from your password entry"
#~ msgstr "તમારા પાસવર્ડ પ્રવેશમાંથી તારવવામાં આવેલ છે"
diff -Naur cracklib-2.9.7-orig/po/hi.po cracklib-2.9.7/po/hi.po
--- cracklib-2.9.7-orig/po/hi.po 2019-03-03 12:49:42.000000000 -0500
+++ cracklib-2.9.7/po/hi.po 2022-03-07 15:33:31.445561126 -0500
@@ -78,7 +78,7 @@
#: lib/fascist.c:874
msgid "error loading dictionary"
-msgstr ""
+msgstr "शब्दकोश लोड करने में त्रुटि"
#~ msgid "it's derived from your password entry"
#~ msgstr "यह आपकी कूटशब्द प्रविष्टि से निकला हुआ है"
diff -Naur cracklib-2.9.7-orig/po/kn.po cracklib-2.9.7/po/kn.po
--- cracklib-2.9.7-orig/po/kn.po 2019-03-03 12:49:42.000000000 -0500
+++ cracklib-2.9.7/po/kn.po 2022-03-07 15:36:06.001428084 -0500
@@ -77,7 +77,7 @@
#: lib/fascist.c:874
msgid "error loading dictionary"
-msgstr ""
+msgstr "ಕೋಶವನ್ನು ಲೋಡ್ ಮಾಡುವಲ್ಲಿ ದೋಷ"
#~ msgid "it's derived from your password entry"
#~ msgstr "ಇದು ನಿಮ್ಮ ಗುಪ್ತಪದ ನಮೂದಿನಿಂದ ತೆಗೆದುಕೊಳ್ಳಲ್ಪಟ್ಟಿದೆ"
diff -Naur cracklib-2.9.7-orig/po/ml.po cracklib-2.9.7/po/ml.po
--- cracklib-2.9.7-orig/po/ml.po 2019-03-03 12:49:42.000000000 -0500
+++ cracklib-2.9.7/po/ml.po 2022-03-07 15:37:59.048062855 -0500
@@ -76,7 +76,7 @@
#: lib/fascist.c:874
msgid "error loading dictionary"
-msgstr ""
+msgstr "നിഘണ്ടു ലഭ്യമാക്കുന്നതില്<200d> പിശക്"
#~ msgid "it's derived from your password entry"
#~ msgstr "നിങ്ങളുടെ രഹസ്യവാക്കില്‍ നിന്നും ലഭ്യമാക്കുന്നു"
diff -Naur cracklib-2.9.7-orig/po/mr.po cracklib-2.9.7/po/mr.po
--- cracklib-2.9.7-orig/po/mr.po 2019-03-03 12:49:42.000000000 -0500
+++ cracklib-2.9.7/po/mr.po 2022-03-07 15:38:30.812241798 -0500
@@ -77,7 +77,7 @@
#: lib/fascist.c:874
msgid "error loading dictionary"
-msgstr ""
+msgstr "शब्दकोष लोड करतेवेळी त्रुटी"
#~ msgid "it's derived from your password entry"
#~ msgstr "तुमच्या पासवर्ड नोंद पासून प्राप्त"
diff -Naur cracklib-2.9.7-orig/po/or.po cracklib-2.9.7/po/or.po
--- cracklib-2.9.7-orig/po/or.po 2019-03-03 12:49:42.000000000 -0500
+++ cracklib-2.9.7/po/or.po 2022-03-07 15:39:56.858728487 -0500
@@ -77,7 +77,7 @@
#: lib/fascist.c:874
msgid "error loading dictionary"
-msgstr ""
+msgstr "ଅଭିଧାନ ଧାରଣ କରିବାରେ ତ୍ରୁଟି"
#~ msgid "it's derived from your password entry"
#~ msgstr "ଏହା ଆପଣଙ୍କର ପ୍ରବେଶ ସଂକେତ ଭରଣରୁ ଉତ୍ପନ୍ନ କରାହୋଇଥାଏ"
diff -Naur cracklib-2.9.7-orig/po/ta.po cracklib-2.9.7/po/ta.po
--- cracklib-2.9.7-orig/po/ta.po 2019-03-03 12:49:42.000000000 -0500
+++ cracklib-2.9.7/po/ta.po 2022-03-07 15:44:53.857740705 -0500
@@ -77,7 +77,7 @@
#: lib/fascist.c:874
msgid "error loading dictionary"
-msgstr ""
+msgstr "அகராதியை ஏற்றுவதில் பிழை"
#~ msgid "it's derived from your password entry"
#~ msgstr "இது உங்கள் கடவுச்சொல் உள்ளீடிலிருந்து வரையறுக்கப்பட்டது"
diff -Naur cracklib-2.9.7-orig/po/te.po cracklib-2.9.7/po/te.po
--- cracklib-2.9.7-orig/po/te.po 2019-03-03 12:49:42.000000000 -0500
+++ cracklib-2.9.7/po/te.po 2022-03-07 15:45:23.810936770 -0500
@@ -77,7 +77,7 @@
#: lib/fascist.c:874
msgid "error loading dictionary"
-msgstr ""
+msgstr "నిఘంటువును లోడు చేయుటలో దోషం"
#~ msgid "it's derived from your password entry"
#~ msgstr "ఇది మీ సంకేతపదము ప్రవేశమునుండి ఉత్పాదించబడింది"
diff -Naur cracklib-2.9.7-orig/po/zh_CN.po cracklib-2.9.7/po/zh_CN.po
--- cracklib-2.9.7-orig/po/zh_CN.po 2021-08-17 11:56:42.000000000 -0400
+++ cracklib-2.9.7/po/zh_CN.po 2022-03-07 15:48:56.407302640 -0500
@@ -76,3 +76,6 @@
msgid "it is based on a (reversed) dictionary word"
msgstr "它基于(颠倒的)字典单词"
+#: lib/fascist.c:865
+msgid "error loading dictionary"
+msgstr "加载字典错误"

8
cracklib.spec
View File

@ -21,10 +21,9 @@ Source10: missing-words.gz
Patch1: cracklib-2.9.1-inttypes.patch
Patch2: cracklib-2.9.0-python-gzdicts.patch
Patch4: cracklib-2.9.6-packlib-reentrant.patch
Patch6: cracklib-2.9.6-simplistic.patch
Patch7: cracklib-2.9.6-translation-updates.patch
Patch8: cracklib-2.9.6-cve-2016-6318.patch
Patch4: cracklib-2.9.7-packlib-reentrant.patch
Patch6: cracklib-2.9.7-simplistic.patch
Patch7: cracklib-2.9.7-translation-updates.patch
Patch9: cracklib-2.9.6-coverity.patch
Patch10: cracklib-2.9.6-lookup.patch
URL: http://sourceforge.net/projects/cracklib/
@ -89,7 +88,6 @@ install -p -m 644 %{SOURCE3} po/zh_CN.po
%patch4 -p1 -b .reentrant
%patch6 -p1 -b .simplistic
%patch7 -p1 -b .translations
%patch8 -p1 -b .overflow
%patch9 -p1 -b .coverity
%patch10 -p1 -b .lookup