rpms/cracklib
6
0
Fork 0
Code Issues Pull Requests Releases Activity

fix the python module to work with compressed dictionaries (#972542)

Browse Source 
- fix various dictionary lookup errors (#986400, #986401)
- make the library reentrant and fix compilation warnings
This commit is contained in:
Tomas Mraz 2013-08-21 15:36:05 +02:00
parent 93277b06b1
commit a483b3bf78
5 changed files with 924 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
cracklib-2.9.0-packlib-gztype.patch Normal file
View File

@ -0,0 +1,24 @@
diff -up cracklib-2.9.0/lib/packer.h.in.gztype cracklib-2.9.0/lib/packer.h.in
--- cracklib-2.9.0/lib/packer.h.in.gztype 2013-08-21 11:48:47.341631450 +0200
+++ cracklib-2.9.0/lib/packer.h.in 2013-08-21 11:47:52.948471397 +0200
@@ -44,7 +44,7 @@ struct pi_header
typedef struct
{
FILE *ifp;
- FILE *dfp;
+ void *dfp;
FILE *wfp;
uint32_t flags;
diff -up cracklib-2.9.0/lib/packlib.c.gztype cracklib-2.9.0/lib/packlib.c
--- cracklib-2.9.0/lib/packlib.c.gztype 2013-08-21 11:27:12.000000000 +0200
+++ cracklib-2.9.0/lib/packlib.c 2013-08-21 11:49:32.787600685 +0200
@@ -72,7 +72,7 @@ PWOpen(prefix, mode)
char iname[STRINGSIZE];
char dname[STRINGSIZE];
char wname[STRINGSIZE];
- FILE *dfp;
+ void *dfp;
FILE *ifp;
FILE *wfp;

101
cracklib-2.9.0-packlib-lookup.patch Normal file
View File

@ -0,0 +1,101 @@
diff -up cracklib-2.9.0/lib/packer.h.in.lookup cracklib-2.9.0/lib/packer.h.in
--- cracklib-2.9.0/lib/packer.h.in.lookup 2013-08-21 14:43:16.832990712 +0200
+++ cracklib-2.9.0/lib/packer.h.in 2013-08-21 14:43:16.835990775 +0200
@@ -60,6 +60,7 @@ typedef struct
int count;
char data_put[NUMWORDS][MAXWORDLEN];
char data_get[NUMWORDS][MAXWORDLEN];
+ uint32_t prevblock;
} PWDICT;
#define PW_WORDS(x) ((x)->header.pih_numwords)
diff -up cracklib-2.9.0/lib/packlib.c.lookup cracklib-2.9.0/lib/packlib.c
--- cracklib-2.9.0/lib/packlib.c.lookup 2013-06-01 16:47:13.000000000 +0200
+++ cracklib-2.9.0/lib/packlib.c 2013-08-21 14:44:12.325177107 +0200
@@ -84,6 +84,7 @@ PWOpen(prefix, mode)
memset(&pdesc, '\0', sizeof(pdesc));
memset(&pdesc64, '\0', sizeof(pdesc64));
+ pdesc.prevblock = 0xffffffff;
snprintf(iname, STRINGSIZE, "%s.pwi", prefix);
snprintf(dname, STRINGSIZE, "%s.pwd", prefix);
@@ -446,12 +447,11 @@ GetPW(pwp, number)
register char *nstr;
register char *bptr;
char buffer[NUMWORDS * MAXWORDLEN];
- static uint32_t prevblock = 0xffffffff;
uint32_t thisblock;
thisblock = number / NUMWORDS;
- if (prevblock == thisblock)
+ if (pwp->prevblock == thisblock)
{
#if DEBUG
fprintf(stderr, "returning (%s)\n", pwp->data_get[number % NUMWORDS]);
@@ -528,13 +528,16 @@ GetPW(pwp, number)
return ((char *) 0);
}
- prevblock = thisblock;
+ pwp->prevblock = thisblock;
bptr = buffer;
for (ostr = pwp->data_get[0]; (*(ostr++) = *(bptr++)); /* nothing */ );
ostr = pwp->data_get[0];
+#if DEBUG
+ fprintf(stderr, "data_get[0]: %s\n", ostr);
+#endif
for (i = 1; i < NUMWORDS; i++)
{
@@ -545,6 +548,9 @@ GetPW(pwp, number)
while ((*(ostr++) = *(bptr++)));
ostr = nstr;
+#if DEBUG
+ fprintf(stderr, "data_get[%d]: %s\n", i, ostr);
+#endif
}
return (pwp->data_get[number % NUMWORDS]);
@@ -623,21 +629,27 @@ fprintf(stderr, "look for (%s)\n", strin
return(middle);
}
- if (middle == hwm)
- {
+ if (cmp < 0)
+ {
+ if (middle == lwm)
+ {
#if DEBUG
- fprintf(stderr, "at terminal subdivision, stopping search\n");
+ fprintf(stderr, "at terminal subdivision from right, stopping search\n");
#endif
break;
- }
-
- if (cmp < 0)
- {
- hwm = middle;
+ }
+ hwm = middle - 1;
}
else if (cmp > 0)
{
- lwm = middle;
+ if (middle == hwm)
+ {
+#if DEBUG
+ fprintf(stderr, "at terminal subdivision from left, stopping search\n");
+#endif
+ break;
+ }
+ lwm = middle + 1;
}
}

677
cracklib-2.9.0-packlib-reentrant.patch Normal file
View File

@ -0,0 +1,677 @@
diff -up cracklib-2.9.0/lib/fascist.c.reentrant cracklib-2.9.0/lib/fascist.c
--- cracklib-2.9.0/lib/fascist.c.reentrant 2013-06-01 16:52:33.000000000 +0200
+++ cracklib-2.9.0/lib/fascist.c 2013-08-21 15:31:18.700090735 +0200
@@ -36,8 +36,8 @@ typedef unsigned short uint16_t;
#undef DEBUG
#undef DEBUG2
-extern char *Reverse(char *buf);
-extern char *Lowercase(char *buf);
+extern char *Reverse(char *buf, char *area);
+extern char *Lowercase(char *buf, char *area);
static char *r_destructors[] = {
":", /* noop - must do this to test raw word. */
@@ -439,6 +439,8 @@ GTry(rawtext, password)
int i;
int len;
char *mp;
+ char area[STRINGSIZE];
+ char revarea[STRINGSIZE];
/* use destructors to turn password into rawtext */
/* note use of Reverse() to save duplicating all rules */
@@ -447,7 +449,7 @@ GTry(rawtext, password)
for (i = 0; r_destructors[i]; i++)
{
- if (!(mp = Mangle(password, r_destructors[i])))
+ if (!(mp = Mangle(password, r_destructors[i], area)))
{
continue;
}
@@ -462,10 +464,10 @@ GTry(rawtext, password)
}
#ifdef DEBUG
- printf("%-16s = %-16s (destruct %s reversed)\n", Reverse(mp), rawtext, r_destructors[i]);
+ printf("%-16s = %-16s (destruct %s reversed)\n", Reverse(mp, revarea), rawtext, r_destructors[i]);
#endif
- if (!strncmp(Reverse(mp), rawtext, len))
+ if (!strncmp(Reverse(mp, revarea), rawtext, len))
{
return (1);
}
@@ -473,7 +475,7 @@ GTry(rawtext, password)
for (i = 0; r_constructors[i]; i++)
{
- if (!(mp = Mangle(rawtext, r_constructors[i])))
+ if (!(mp = Mangle(rawtext, r_constructors[i], area)))
{
continue;
}
@@ -520,7 +522,7 @@ FascistGecosUser(char *password, const c
strncpy(tbuffer, gecos, STRINGSIZE);
tbuffer[STRINGSIZE-1] = '\0';
- strcpy(gbuffer, Lowercase(tbuffer));
+ Lowercase(tbuffer, gbuffer);
wc = 0;
ptr = gbuffer;
@@ -695,6 +697,7 @@ FascistLookUser(PWDICT *pwp, char *instr
char junk[STRINGSIZE];
char *password;
char rpassword[STRINGSIZE];
+ char area[STRINGSIZE];
uint32_t notfound;
notfound = PW_WORDS(pwp);
@@ -731,7 +734,7 @@ FascistLookUser(PWDICT *pwp, char *instr
return _("it does not contain enough DIFFERENT characters");
}
- strcpy(password, (char *)Lowercase(password));
+ strcpy(password, (char *)Lowercase(password, area));
Trim(password);
@@ -787,7 +790,7 @@ FascistLookUser(PWDICT *pwp, char *instr
{
char *a;
- if (!(a = Mangle(password, r_destructors[i])))
+ if (!(a = Mangle(password, r_destructors[i], area)))
{
continue;
}
@@ -802,13 +805,13 @@ FascistLookUser(PWDICT *pwp, char *instr
}
}
- strcpy(password, (char *)Reverse(password));
+ strcpy(password, (char *)Reverse(password, area));
for (i = 0; r_destructors[i]; i++)
{
char *a;
- if (!(a = Mangle(password, r_destructors[i])))
+ if (!(a = Mangle(password, r_destructors[i], area)))
{
continue;
}
diff -up cracklib-2.9.0/lib/packer.h.in.reentrant cracklib-2.9.0/lib/packer.h.in
--- cracklib-2.9.0/lib/packer.h.in.reentrant 2013-08-21 15:29:24.245641356 +0200
+++ cracklib-2.9.0/lib/packer.h.in 2013-08-21 15:29:24.247641399 +0200
@@ -86,7 +86,7 @@ extern int PWClose(PWDICT *pwp);
extern unsigned int FindPW(PWDICT *pwp, char *string);
extern int PutPW(PWDICT *pwp, char *string);
extern int PMatch(char *control, char *string);
-extern char *Mangle(char *input, char *control);
+extern char *Mangle(char *input, char *control, char *area);
extern char Chop(char *string);
extern char *Trim(char *string);
extern char *FascistLook(PWDICT *pwp, char *instring);
diff -up cracklib-2.9.0/lib/packlib.c.reentrant cracklib-2.9.0/lib/packlib.c
--- cracklib-2.9.0/lib/packlib.c.reentrant 2013-08-21 15:29:24.245641356 +0200
+++ cracklib-2.9.0/lib/packlib.c 2013-08-21 15:29:24.247641399 +0200
@@ -67,8 +67,8 @@ PWOpen(prefix, mode)
char *mode;
{
int use64 = 0;
- static PWDICT pdesc;
- static PWDICT64 pdesc64;
+ PWDICT *pdesc;
+ PWDICT64 pdesc64;
char iname[STRINGSIZE];
char dname[STRINGSIZE];
char wname[STRINGSIZE];
@@ -76,15 +76,13 @@ PWOpen(prefix, mode)
FILE *ifp;
FILE *wfp;
- if (pdesc.header.pih_magic == PIH_MAGIC)
- {
- fprintf(stderr, "%s: another dictionary already open\n", prefix);
- return ((PWDICT *) 0);
- }
+ pdesc = malloc(sizeof(*pdesc));
+ if (pdesc == NULL)
+ return NULL;
- memset(&pdesc, '\0', sizeof(pdesc));
+ memset(pdesc, '\0', sizeof(*pdesc));
memset(&pdesc64, '\0', sizeof(pdesc64));
- pdesc.prevblock = 0xffffffff;
+ pdesc->prevblock = 0xffffffff;
snprintf(iname, STRINGSIZE, "%s.pwi", prefix);
snprintf(dname, STRINGSIZE, "%s.pwd", prefix);
@@ -92,77 +90,80 @@ PWOpen(prefix, mode)
if (mode[0] == 'r')
{
- pdesc.flags &= ~PFOR_USEZLIB;
+ pdesc->flags &= ~PFOR_USEZLIB;
/* first try the normal db file */
- if (!(pdesc.dfp = fopen(dname, mode)))
+ if (!(pdesc->dfp = fopen(dname, mode)))
{
#ifdef HAVE_ZLIB_H
- pdesc.flags |= PFOR_USEZLIB;
+ pdesc->flags |= PFOR_USEZLIB;
/* try extension .gz */
snprintf(dname, STRINGSIZE, "%s.pwd.gz", prefix);
- if (!(pdesc.dfp = gzopen(dname, mode)))
+ if (!(pdesc->dfp = gzopen(dname, mode)))
{
perror(dname);
+ free(pdesc);
return ((PWDICT *) 0);
}
#else
perror(dname);
+ free(pdesc);
return ((PWDICT *) 0);
#endif
}
}
else
{
- pdesc.flags &= ~PFOR_USEZLIB;
+ pdesc->flags &= ~PFOR_USEZLIB;
/* write mode: use fopen */
- if (!(pdesc.dfp = fopen(dname, mode)))
+ if (!(pdesc->dfp = fopen(dname, mode)))
{
perror(dname);
+ free(pdesc);
return ((PWDICT *) 0);
}
}
- if (!(pdesc.ifp = fopen(iname, mode)))
+ if (!(pdesc->ifp = fopen(iname, mode)))
{
#ifdef HAVE_ZLIB_H
- if(pdesc.flags & PFOR_USEZLIB)
- gzclose(pdesc.dfp);
+ if(pdesc->flags & PFOR_USEZLIB)
+ gzclose(pdesc->dfp);
else
#endif
- fclose(pdesc.dfp);
+ fclose(pdesc->dfp);
perror(iname);
+ free(pdesc);
return ((PWDICT *) 0);
}
- if ((pdesc.wfp = fopen(wname, mode)))
+ if ((pdesc->wfp = fopen(wname, mode)))
{
- pdesc.flags |= PFOR_USEHWMS;
+ pdesc->flags |= PFOR_USEHWMS;
}
- ifp = pdesc.ifp;
- dfp = pdesc.dfp;
- wfp = pdesc.wfp;
+ ifp = pdesc->ifp;
+ dfp = pdesc->dfp;
+ wfp = pdesc->wfp;
if (mode[0] == 'w')
{
- pdesc.flags |= PFOR_WRITE;
- pdesc.header.pih_magic = PIH_MAGIC;
- pdesc.header.pih_blocklen = NUMWORDS;
- pdesc.header.pih_numwords = 0;
+ pdesc->flags |= PFOR_WRITE;
+ pdesc->header.pih_magic = PIH_MAGIC;
+ pdesc->header.pih_blocklen = NUMWORDS;
+ pdesc->header.pih_numwords = 0;
- fwrite((char *) &pdesc.header, sizeof(pdesc.header), 1, ifp);
+ fwrite((char *) &pdesc->header, sizeof(pdesc->header), 1, ifp);
} else
{
- pdesc.flags &= ~PFOR_WRITE;
+ pdesc->flags &= ~PFOR_WRITE;
- if (!fread((char *) &pdesc.header, sizeof(pdesc.header), 1, ifp))
+ if (!fread((char *) &pdesc->header, sizeof(pdesc->header), 1, ifp))
{
fprintf(stderr, "%s: error reading header\n", prefix);
- pdesc.header.pih_magic = 0;
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if(pdesc.flags & PFOR_USEZLIB)
+ if(pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -171,21 +172,21 @@ PWOpen(prefix, mode)
{
fclose(wfp);
}
+ free(pdesc);
return ((PWDICT *) 0);
}
- if ((pdesc.header.pih_magic == 0) || (pdesc.header.pih_numwords == 0))
+ if ((pdesc->header.pih_magic == 0) || (pdesc->header.pih_numwords == 0))
{
/* uh-oh. either a broken "64-bit" file or a garbage file. */
rewind (ifp);
if (!fread((char *) &pdesc64.header, sizeof(pdesc64.header), 1, ifp))
{
fprintf(stderr, "%s: error reading header\n", prefix);
-
- pdesc.header.pih_magic = 0;
+
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if(pdesc.flags & PFOR_USEZLIB)
+ if(pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -194,17 +195,17 @@ PWOpen(prefix, mode)
{
fclose(wfp);
}
+ free(pdesc);
return ((PWDICT *) 0);
}
if (pdesc64.header.pih_magic != PIH_MAGIC)
{
/* nope, not "64-bit" after all */
fprintf(stderr, "%s: error reading header\n", prefix);
-
- pdesc.header.pih_magic = 0;
+
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if(pdesc.flags & PFOR_USEZLIB)
+ if(pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -214,23 +215,23 @@ PWOpen(prefix, mode)
{
fclose(wfp);
}
+ free(pdesc);
return ((PWDICT *) 0);
}
- pdesc.header.pih_magic = pdesc64.header.pih_magic;
- pdesc.header.pih_numwords = pdesc64.header.pih_numwords;
- pdesc.header.pih_blocklen = pdesc64.header.pih_blocklen;
- pdesc.header.pih_pad = pdesc64.header.pih_pad;
+ pdesc->header.pih_magic = pdesc64.header.pih_magic;
+ pdesc->header.pih_numwords = pdesc64.header.pih_numwords;
+ pdesc->header.pih_blocklen = pdesc64.header.pih_blocklen;
+ pdesc->header.pih_pad = pdesc64.header.pih_pad;
use64 = 1;
}
- if (pdesc.header.pih_magic != PIH_MAGIC)
+ if (pdesc->header.pih_magic != PIH_MAGIC)
{
fprintf(stderr, "%s: magic mismatch\n", prefix);
- pdesc.header.pih_magic = 0;
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if(pdesc.flags & PFOR_USEZLIB)
+ if(pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -240,17 +241,17 @@ PWOpen(prefix, mode)
{
fclose(wfp);
}
+ free(pdesc);
return ((PWDICT *) 0);
}
- if (pdesc.header.pih_numwords < 1)
+ if (pdesc->header.pih_numwords < 1)
{
fprintf(stderr, "%s: invalid word count\n", prefix);
- pdesc.header.pih_magic = 0;
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if(pdesc.flags & PFOR_USEZLIB)
+ if(pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -259,17 +260,17 @@ PWOpen(prefix, mode)
{
fclose(wfp);
}
+ free(pdesc);
return ((PWDICT *) 0);
}
- if (pdesc.header.pih_blocklen != NUMWORDS)
+ if (pdesc->header.pih_blocklen != NUMWORDS)
{
fprintf(stderr, "%s: size mismatch\n", prefix);
- pdesc.header.pih_magic = 0;
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if(pdesc.flags & PFOR_USEZLIB)
+ if(pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -278,10 +279,11 @@ PWOpen(prefix, mode)
{
fclose(wfp);
}
+ free(pdesc);
return ((PWDICT *) 0);
}
- if (pdesc.flags & PFOR_USEHWMS)
+ if (pdesc->flags & PFOR_USEHWMS)
{
int i;
@@ -289,27 +291,27 @@ PWOpen(prefix, mode)
{
if (fread(pdesc64.hwms, 1, sizeof(pdesc64.hwms), wfp) != sizeof(pdesc64.hwms))
{
- pdesc.flags &= ~PFOR_USEHWMS;
+ pdesc->flags &= ~PFOR_USEHWMS;
}
- for (i = 0; i < sizeof(pdesc.hwms) / sizeof(pdesc.hwms[0]); i++)
+ for (i = 0; i < sizeof(pdesc->hwms) / sizeof(pdesc->hwms[0]); i++)
{
- pdesc.hwms[i] = pdesc64.hwms[i];
+ pdesc->hwms[i] = pdesc64.hwms[i];
}
}
- else if (fread(pdesc.hwms, 1, sizeof(pdesc.hwms), wfp) != sizeof(pdesc.hwms))
+ else if (fread(pdesc->hwms, 1, sizeof(pdesc->hwms), wfp) != sizeof(pdesc->hwms))
{
- pdesc.flags &= ~PFOR_USEHWMS;
+ pdesc->flags &= ~PFOR_USEHWMS;
}
#if DEBUG
for (i=1; i<=0xff; i++)
{
- printf("hwm[%02x] = %d\n", i, pdesc.hwms[i]);
+ printf("hwm[%02x] = %d\n", i, pdesc->hwms[i]);
}
#endif
}
}
- return (&pdesc);
+ return (pdesc);
}
int
@@ -319,6 +321,7 @@ PWClose(pwp)
if (pwp->header.pih_magic != PIH_MAGIC)
{
fprintf(stderr, "PWClose: close magic mismatch\n");
+ /* we do not try to free memory that is probably corrupted */
return (-1);
}
@@ -330,12 +333,14 @@ PWClose(pwp)
if (fseek(pwp->ifp, 0L, 0))
{
fprintf(stderr, "index magic fseek failed\n");
+ free(pwp);
return (-1);
}
if (!fwrite((char *) &pwp->header, sizeof(pwp->header), 1, pwp->ifp))
{
fprintf(stderr, "index magic fwrite failed\n");
+ free(pwp);
return (-1);
}
@@ -369,6 +374,7 @@ PWClose(pwp)
}
pwp->header.pih_magic = 0;
+ free(pwp);
return (0);
}
diff -up cracklib-2.9.0/lib/rules.c.reentrant cracklib-2.9.0/lib/rules.c
--- cracklib-2.9.0/lib/rules.c.reentrant 2013-06-01 16:47:13.000000000 +0200
+++ cracklib-2.9.0/lib/rules.c 2013-08-21 15:29:24.247641399 +0200
@@ -82,12 +82,12 @@ Suffix(myword, suffix)
}
char *
-Reverse(str) /* return a pointer to a reversal */
+Reverse(str, area) /* return a pointer to a reversal */
register char *str;
+ char *area;
{
register int i;
register int j;
- static char area[STRINGSIZE];
j = i = strlen(str);
while (*str)
{
@@ -98,11 +98,11 @@ Reverse(str) /* return a pointer to a
}
char *
-Uppercase(str) /* return a pointer to an uppercase */
+Uppercase(str, area) /* return a pointer to an uppercase */
register char *str;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*str)
{
@@ -115,11 +115,11 @@ Uppercase(str) /* return a pointer to
}
char *
-Lowercase(str) /* return a pointer to an lowercase */
+Lowercase(str, area) /* return a pointer to an lowercase */
register char *str;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*str)
{
@@ -132,11 +132,11 @@ Lowercase(str) /* return a pointer to
}
char *
-Capitalise(str) /* return a pointer to an capitalised */
+Capitalise(str, area) /* return a pointer to an capitalised */
register char *str;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*str)
@@ -151,11 +151,11 @@ Capitalise(str) /* return a pointer to
}
char *
-Pluralise(string) /* returns a pointer to a plural */
+Pluralise(string, area) /* returns a pointer to a plural */
register char *string;
+ char *area;
{
register int length;
- static char area[STRINGSIZE];
length = strlen(string);
strcpy(area, string);
@@ -192,13 +192,13 @@ Pluralise(string) /* returns a pointer
}
char *
-Substitute(string, old, new) /* returns pointer to a swapped about copy */
+Substitute(string, old, new, area) /* returns pointer to a swapped about copy */
register char *string;
register char old;
register char new;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*string)
{
@@ -210,12 +210,12 @@ Substitute(string, old, new) /* returns
}
char *
-Purge(string, target) /* returns pointer to a purged copy */
+Purge(string, target, area) /* returns pointer to a purged copy */
register char *string;
register char target;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*string)
{
@@ -372,13 +372,13 @@ PolyStrchr(string, class)
}
char *
-PolySubst(string, class, new) /* returns pointer to a swapped about copy */
+PolySubst(string, class, new, area) /* returns pointer to a swapped about copy */
register char *string;
register char class;
register char new;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*string)
{
@@ -390,12 +390,12 @@ PolySubst(string, class, new) /* returns
}
char *
-PolyPurge(string, class) /* returns pointer to a purged copy */
+PolyPurge(string, class, area) /* returns pointer to a purged copy */
register char *string;
register char class;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*string)
{
@@ -428,40 +428,41 @@ Char2Int(character)
}
char *
-Mangle(input, control) /* returns a pointer to a controlled Mangle */
+Mangle(input, control, area) /* returns a pointer to a controlled Mangle */
char *input;
char *control;
+ char *area;
{
int limit;
register char *ptr;
- static char area[STRINGSIZE];
char area2[STRINGSIZE];
area[0] = '\0';
strcpy(area, input);
for (ptr = control; *ptr; ptr++)
{
+ strcpy(area2, area);
switch (*ptr)
{
case RULE_NOOP:
break;
case RULE_REVERSE:
- strcpy(area, Reverse(area));
+ Reverse(area2, area);
break;
case RULE_UPPERCASE:
- strcpy(area, Uppercase(area));
+ Uppercase(area2, area);
break;
case RULE_LOWERCASE:
- strcpy(area, Lowercase(area));
+ Lowercase(area2, area);
break;
case RULE_CAPITALISE:
- strcpy(area, Capitalise(area));
+ Capitalise(area2, area);
break;
case RULE_PLURALISE:
- strcpy(area, Pluralise(area));
+ Pluralise(area2, area);
break;
case RULE_REFLECT:
- strcat(area, Reverse(area));
+ strcat(area, Reverse(area, area2));
break;
case RULE_DUPLICATE:
strcpy(area2, area);
@@ -548,7 +549,6 @@ Mangle(input, control) /* returns a poi
Debug(1, "Mangle: extract: weird argument in '%s'\n", control);
return ((char *) 0);
}
- strcpy(area2, area);
for (i = 0; length-- && area2[start + i]; i++)
{
area[i] = area2[start + i];
@@ -619,10 +619,10 @@ Mangle(input, control) /* returns a poi
return ((char *) 0);
} else if (ptr[1] != RULE_CLASS)
{
- strcpy(area, Purge(area, *(++ptr)));
+ Purge(area2, *(++ptr), area);
} else
{
- strcpy(area, PolyPurge(area, ptr[2]));
+ PolyPurge(area2, ptr[2], area);
ptr += 2;
}
break;
@@ -633,11 +633,11 @@ Mangle(input, control) /* returns a poi
return ((char *) 0);
} else if (ptr[1] != RULE_CLASS)
{
- strcpy(area, Substitute(area, ptr[1], ptr[2]));
+ Substitute(area2, ptr[1], ptr[2], area);
ptr += 2;
} else
{
- strcpy(area, PolySubst(area, ptr[2], ptr[3]));
+ PolySubst(area2, ptr[2], ptr[3], area);
ptr += 3;
}
break;

104
cracklib-2.9.0-python-gzdicts.patch Normal file
View File

@ -0,0 +1,104 @@
diff -up cracklib-2.9.0/python/_cracklib.c.gzdicts cracklib-2.9.0/python/_cracklib.c
--- cracklib-2.9.0/python/_cracklib.c.gzdicts 2013-06-01 16:47:13.000000000 +0200
+++ cracklib-2.9.0/python/_cracklib.c 2013-08-20 12:37:32.028611493 +0200
@@ -23,6 +23,7 @@
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
+#include "config.h"
#ifdef PYTHON_H
#include PYTHON_H
#else
@@ -72,9 +73,8 @@ static char _cracklib_FascistCheck_doc [
static PyObject *
_cracklib_FascistCheck(PyObject *self, PyObject *args, PyObject *kwargs)
{
- char *candidate, *dict;
- char *defaultdict = NULL;
- const char *result;
+ char *candidate;
+ const char *result, *dict;
struct stat st;
char *keywords[] = {"pw", "dictpath", NULL};
char *dictfile;
@@ -103,44 +103,35 @@ _cracklib_FascistCheck(PyObject *self, P
"second argument was not an absolute path!");
return NULL;
}
- dictfile = malloc(strlen(dict) + sizeof(DICT_SUFFIX));
- if (dictfile == NULL)
- {
- PyErr_SetFromErrnoWithFilename(PyExc_OSError, dict);
- return NULL;
- }
- sprintf(dictfile, "%s" DICT_SUFFIX, dict);
- if (lstat(dictfile, &st) == -1)
- {
- PyErr_SetFromErrnoWithFilename(PyExc_OSError, dictfile);
- free(dictfile);
- return NULL;
- }
- free(dictfile);
} else
{
- defaultdict = strdup(GetDefaultCracklibDict());
- if (errno == ENOMEM) {
- PyErr_SetFromErrno(PyExc_OSError);
- return NULL;
- }
- dictfile = malloc(strlen(defaultdict) + sizeof(DICT_SUFFIX));
- if (dictfile == NULL)
- {
- PyErr_SetFromErrnoWithFilename(PyExc_OSError, defaultdict);
- free(defaultdict);
- return NULL;
- }
- sprintf(dictfile, "%s" DICT_SUFFIX, defaultdict);
+ /* No need to strdup() anything as this is a constant value */
+ dict = GetDefaultCracklibDict();
+ }
+
+ dictfile = malloc(strlen(dict) + sizeof(DICT_SUFFIX) + 3);
+ if (dictfile == NULL)
+ {
+ PyErr_SetFromErrnoWithFilename(PyExc_OSError, dict);
+ return NULL;
+ }
+ sprintf(dictfile, "%s" DICT_SUFFIX, dict);
+ if (lstat(dictfile, &st) == -1)
+ {
+#ifdef HAVE_ZLIB_H
+ sprintf(dictfile, "%s" DICT_SUFFIX ".gz", dict);
if (lstat(dictfile, &st) == -1)
{
+ sprintf(dictfile, "%s" DICT_SUFFIX, dict);
+#endif
PyErr_SetFromErrnoWithFilename(PyExc_OSError, dictfile);
- free(defaultdict);
free(dictfile);
return NULL;
+#ifdef HAVE_ZLIB_H
}
- free(dictfile);
+#endif
}
+ free(dictfile);
setlocale(LC_ALL, "");
#ifdef ENABLE_NLS
@@ -148,14 +139,9 @@ _cracklib_FascistCheck(PyObject *self, P
#endif
LOCK();
- result = FascistCheck(candidate, dict ? dict : defaultdict);
+ result = FascistCheck(candidate, dict);
UNLOCK();
- if (defaultdict != NULL)
- {
- free(defaultdict);
- }
-
if (result != NULL)
{
PyErr_SetString(PyExc_ValueError, result);

20
cracklib.spec
View File

@ -5,7 +5,7 @@
Summary: A password-checking library Summary: A password-checking library
Name: cracklib Name: cracklib
Version: 2.9.0 Version: 2.9.0
Release: 2%{?dist} Release: 3%{?dist}
Group: System Environment/Libraries Group: System Environment/Libraries
Source0: http://prdownloads.sourceforge.net/cracklib/cracklib-%{version}.tar.gz Source0: http://prdownloads.sourceforge.net/cracklib/cracklib-%{version}.tar.gz
@ -53,6 +53,10 @@ Source37: pass_file.gz
# https://bugzilla.redhat.com/attachment.cgi?id=386022 # https://bugzilla.redhat.com/attachment.cgi?id=386022
Source38: ry-threshold10.txt Source38: ry-threshold10.txt
Patch1: cracklib-2.8.15-inttypes.patch Patch1: cracklib-2.8.15-inttypes.patch
Patch2: cracklib-2.9.0-python-gzdicts.patch
Patch3: cracklib-2.9.0-packlib-lookup.patch
Patch4: cracklib-2.9.0-packlib-reentrant.patch
Patch5: cracklib-2.9.0-packlib-gztype.patch
URL: http://sourceforge.net/projects/cracklib/ URL: http://sourceforge.net/projects/cracklib/
License: LGPLv2+ License: LGPLv2+
Buildroot: %{_tmppath}/%{name}-%{version}-root Buildroot: %{_tmppath}/%{name}-%{version}-root
@ -115,11 +119,18 @@ If you are installing CrackLib, you should also install cracklib-dicts.
%prep %prep
%setup -q -a 2 %setup -q -a 2
cp lib/packer.h lib/packer.h.in cp lib/packer.h lib/packer.h.in
# Replace zn_CN.po with one that wasn't mis-transcoded at some point. # Replace zn_CN.po with one that wasn't mis-transcoded at some point.
grep '????????????????' po/zh_CN.po grep '????????????????' po/zh_CN.po
install -p -m 644 %{SOURCE3} po/zh_CN.po install -p -m 644 %{SOURCE3} po/zh_CN.po
%patch1 -p1 -b .inttypes %patch1 -p1 -b .inttypes
%patch2 -p1 -b .gzdicts
%patch3 -p1 -b .lookup
%patch4 -p1 -b .reentrant
%patch5 -p1 -b .gztype
autoreconf -f -i autoreconf -f -i
mkdir cracklib-dicts mkdir cracklib-dicts
for dict in %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} \ for dict in %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} \
@ -179,6 +190,7 @@ gzip -9v $RPM_BUILD_ROOT/%{_datadir}/cracklib/*.pwd
%find_lang %{name} %find_lang %{name}
%check %check
make test
# We want to check that the new library is able to open the new dictionaries, # We want to check that the new library is able to open the new dictionaries,
# using the new python module. # using the new python module.
LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_libdir} %{__python} 2>&1 << EOF LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_libdir} %{__python} 2>&1 << EOF
@ -233,7 +245,6 @@ EOF
%files dicts %files dicts
%defattr(-,root,root) %defattr(-,root,root)
%dir %{_datadir}/cracklib
%{_datadir}/cracklib/pw_dict.* %{_datadir}/cracklib/pw_dict.*
%{_datadir}/cracklib/cracklib-small.* %{_datadir}/cracklib/cracklib-small.*
%{_libdir}/cracklib_dict.* %{_libdir}/cracklib_dict.*
@ -246,6 +257,11 @@ EOF
%{_libdir}/../lib/python*/site-packages/*.py* %{_libdir}/../lib/python*/site-packages/*.py*
%changelog %changelog
* Wed Aug 21 2013 Tomáš Mráz <tmraz@redhat.com> - 2.9.0-3
- fix the python module to work with compressed dictionaries (#972542)
- fix various dictionary lookup errors (#986400, #986401)
- make the library reentrant and fix compilation warnings
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.9.0-2 * Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.9.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild