Compare commits

...

No commits in common. "c8" and "c10s" have entirely different histories.
c8 ... c10s

17 changed files with 383 additions and 3675 deletions

View File

@ -1,5 +0,0 @@
9199e7b8830717565a844430653f5a90a04fcd65 SOURCES/cracklib-2.9.6.tar.gz
b0739c990431a0971545dff347b50f922604c1cd SOURCES/cracklib-words-2.9.6.gz
b3b701e951362b23c8abb948936e8534d0c9b9a2 SOURCES/cracklib2_2.8.19-1.debian.tar.gz
d5941a3aa514245922433978a7d07c749d76d000 SOURCES/cracklib2_2.8.19-1.dsc
9b407fa41faaf4138e875f168158e5f4568ea33e SOURCES/missing-words.gz

1
.fmf/version Normal file
View File

@ -0,0 +1 @@
1

67
.gitignore vendored
View File

@ -1,5 +1,62 @@
SOURCES/cracklib-2.9.6.tar.gz ASSurnames.gz
SOURCES/cracklib-words-2.9.6.gz Congress.gz
SOURCES/cracklib2_2.8.19-1.debian.tar.gz Domains.gz
SOURCES/cracklib2_2.8.19-1.dsc Dosref.gz
SOURCES/missing-words.gz Family-Names.gz
Ftpsites.gz
Given-Names.gz
Jargon.gz
LCarrol.gz
Movies.gz
Paradise.Lost.gz
Python.gz
Trek.gz
cartoon.gz
common-passwords.txt.gz
cracklib,2.7.tgz
etc-hosts.gz
famous.gz
fast-names.gz
female-names.gz
male-names.gz
myths-legends.gz
names.french.gz
names.hp.gz
other-names.gz
sf.gz
shakespeare.gz
surnames.finnish.gz
cracklib-words.gz
cracklib-2.8.1.tar.gz
cracklib-2.8.2.tar.gz
cracklib-2.8.3.tar.gz
cracklib-2.8.4.tar.gz
cracklib-2.8.5.tar.gz
cracklib-2.8.6.tar.gz
cracklib-2.8.9.tar.gz
pass_file.gz
cracklib-2.8.10.tar.gz
cracklib-2.8.12.tar.gz
cracklib-2.8.13.tar.gz
cracklib-2.8.15.tar.gz
cracklib-words-20080507.gz
cracklib-2.8.16.tar.gz
/cracklib2_2.8.18-1.debian.tar.gz
/cracklib-2.8.18.tar.gz
/cracklib-2.8.19.tar.gz
/cracklib2_2.8.19-1.debian.tar.gz
/cracklib2_2.8.19-1.dsc
/cracklib-2.8.20.tar.gz
/cracklib-2.8.21.tar.gz
/cracklib-2.8.22.tar.gz
/cracklib-2.9.0.tar.gz
/cracklib-2.9.1.tar.gz
/cracklib-2.9.6.tar.gz
/cracklib-words-2.9.6.gz
/missing-words.gz
/cracklib-2.9.7.tar.gz
/cracklib-words-2.9.7.gz
/cracklib2_2.9.2-1.debian.tar.xz
/cracklib2_2.9.2-1.dsc
/cracklib-2.9.11.tar.gz
/cracklib-words-2.9.11.gz

View File

@ -1,104 +0,0 @@
diff -up cracklib-2.9.0/python/_cracklib.c.gzdicts cracklib-2.9.0/python/_cracklib.c
--- cracklib-2.9.0/python/_cracklib.c.gzdicts 2013-06-01 16:47:13.000000000 +0200
+++ cracklib-2.9.0/python/_cracklib.c 2013-08-20 12:37:32.028611493 +0200
@@ -23,6 +23,7 @@
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
+#include "config.h"
#ifdef PYTHON_H
#include PYTHON_H
#else
@@ -72,9 +73,8 @@ static char _cracklib_FascistCheck_doc [
static PyObject *
_cracklib_FascistCheck(PyObject *self, PyObject *args, PyObject *kwargs)
{
- char *candidate, *dict;
- char *defaultdict = NULL;
- const char *result;
+ char *candidate;
+ const char *result, *dict;
struct stat st;
char *keywords[] = {"pw", "dictpath", NULL};
char *dictfile;
@@ -103,44 +103,35 @@ _cracklib_FascistCheck(PyObject *self, P
"second argument was not an absolute path!");
return NULL;
}
- dictfile = malloc(strlen(dict) + sizeof(DICT_SUFFIX));
- if (dictfile == NULL)
- {
- PyErr_SetFromErrnoWithFilename(PyExc_OSError, dict);
- return NULL;
- }
- sprintf(dictfile, "%s" DICT_SUFFIX, dict);
- if (lstat(dictfile, &st) == -1)
- {
- PyErr_SetFromErrnoWithFilename(PyExc_OSError, dictfile);
- free(dictfile);
- return NULL;
- }
- free(dictfile);
} else
{
- defaultdict = strdup(GetDefaultCracklibDict());
- if (errno == ENOMEM) {
- PyErr_SetFromErrno(PyExc_OSError);
- return NULL;
- }
- dictfile = malloc(strlen(defaultdict) + sizeof(DICT_SUFFIX));
- if (dictfile == NULL)
- {
- PyErr_SetFromErrnoWithFilename(PyExc_OSError, defaultdict);
- free(defaultdict);
- return NULL;
- }
- sprintf(dictfile, "%s" DICT_SUFFIX, defaultdict);
+ /* No need to strdup() anything as this is a constant value */
+ dict = GetDefaultCracklibDict();
+ }
+
+ dictfile = malloc(strlen(dict) + sizeof(DICT_SUFFIX) + 3);
+ if (dictfile == NULL)
+ {
+ PyErr_SetFromErrnoWithFilename(PyExc_OSError, dict);
+ return NULL;
+ }
+ sprintf(dictfile, "%s" DICT_SUFFIX, dict);
+ if (lstat(dictfile, &st) == -1)
+ {
+#ifdef HAVE_ZLIB_H
+ sprintf(dictfile, "%s" DICT_SUFFIX ".gz", dict);
if (lstat(dictfile, &st) == -1)
{
+ sprintf(dictfile, "%s" DICT_SUFFIX, dict);
+#endif
PyErr_SetFromErrnoWithFilename(PyExc_OSError, dictfile);
- free(defaultdict);
free(dictfile);
return NULL;
+#ifdef HAVE_ZLIB_H
}
- free(dictfile);
+#endif
}
+ free(dictfile);
setlocale(LC_ALL, "");
#ifdef ENABLE_NLS
@@ -148,14 +139,9 @@ _cracklib_FascistCheck(PyObject *self, P
#endif
LOCK();
- result = FascistCheck(candidate, dict ? dict : defaultdict);
+ result = FascistCheck(candidate, dict);
UNLOCK();
- if (defaultdict != NULL)
- {
- free(defaultdict);
- }
-
if (result != NULL)
{
PyErr_SetString(PyExc_ValueError, result);

View File

@ -1,22 +0,0 @@
Do not depend on config.h in public header.
diff -up cracklib-2.9.1/lib/packer.h.inttypes cracklib-2.9.1/lib/packer.h
--- cracklib-2.9.1/lib/packer.h.inttypes 2013-12-03 15:00:15.000000000 +0100
+++ cracklib-2.9.1/lib/packer.h 2013-12-09 09:07:38.306394809 +0100
@@ -30,17 +30,7 @@
#define _(String) (String)
#endif
-#if defined(HAVE_INTTYPES_H)
-#include <inttypes.h>
-#else
-#if defined(HAVE_STDINT_H)
#include <stdint.h>
-#else
-typedef unsigned int uint32_t;
-typedef unsigned short uint16_t;
-#endif
-#endif
-
struct pi_header
{

View File

@ -1,144 +0,0 @@
diff -up cracklib-2.9.6/lib/fascist.c.overflow cracklib-2.9.6/lib/fascist.c
--- cracklib-2.9.6/lib/fascist.c.overflow 2015-10-23 16:58:38.403319225 +0200
+++ cracklib-2.9.6/lib/fascist.c 2016-12-08 17:28:41.490101358 +0100
@@ -515,7 +515,7 @@ FascistGecosUser(char *password, const c
char gbuffer[STRINGSIZE];
char tbuffer[STRINGSIZE];
char *uwords[STRINGSIZE];
- char longbuffer[STRINGSIZE * 2];
+ char longbuffer[STRINGSIZE];
if (gecos == NULL)
gecos = "";
@@ -596,38 +596,47 @@ FascistGecosUser(char *password, const c
{
for (i = 0; i < j; i++)
{
- strcpy(longbuffer, uwords[i]);
- strcat(longbuffer, uwords[j]);
-
- if (GTry(longbuffer, password))
+ if (strlen(uwords[i]) + strlen(uwords[j]) < STRINGSIZE)
{
- return _("it is derived from your password entry");
- }
-
- strcpy(longbuffer, uwords[j]);
- strcat(longbuffer, uwords[i]);
+ strcpy(longbuffer, uwords[i]);
+ strcat(longbuffer, uwords[j]);
- if (GTry(longbuffer, password))
- {
- return _("it's derived from your password entry");
+ if (GTry(longbuffer, password))
+ {
+ return _("it is derived from your password entry");
+ }
+
+ strcpy(longbuffer, uwords[j]);
+ strcat(longbuffer, uwords[i]);
+
+ if (GTry(longbuffer, password))
+ {
+ return _("it's derived from your password entry");
+ }
}
- longbuffer[0] = uwords[i][0];
- longbuffer[1] = '\0';
- strcat(longbuffer, uwords[j]);
-
- if (GTry(longbuffer, password))
+ if (strlen(uwords[j]) < STRINGSIZE - 1)
{
- return _("it is derivable from your password entry");
+ longbuffer[0] = uwords[i][0];
+ longbuffer[1] = '\0';
+ strcat(longbuffer, uwords[j]);
+
+ if (GTry(longbuffer, password))
+ {
+ return _("it is derivable from your password entry");
+ }
}
- longbuffer[0] = uwords[j][0];
- longbuffer[1] = '\0';
- strcat(longbuffer, uwords[i]);
-
- if (GTry(longbuffer, password))
+ if (strlen(uwords[i]) < STRINGSIZE - 1)
{
- return _("it's derivable from your password entry");
+ longbuffer[0] = uwords[j][0];
+ longbuffer[1] = '\0';
+ strcat(longbuffer, uwords[i]);
+
+ if (GTry(longbuffer, password))
+ {
+ return _("it's derivable from your password entry");
+ }
}
}
}
diff -up cracklib-2.9.6/lib/rules.c.overflow cracklib-2.9.6/lib/rules.c
--- cracklib-2.9.6/lib/rules.c.overflow 2015-10-23 16:58:38.000000000 +0200
+++ cracklib-2.9.6/lib/rules.c 2016-12-08 18:03:27.041941297 +0100
@@ -158,6 +158,8 @@ Pluralise(string, area) /* returns a po
register int length;
length = strlen(string);
strcpy(area, string);
+ if (length > STRINGSIZE - 3) /* we add 2 characters at worst */
+ return (area);
if (!Suffix(string, "ch") ||
!Suffix(string, "ex") ||
@@ -462,11 +464,11 @@ Mangle(input, control, area) /* returns
Pluralise(area2, area);
break;
case RULE_REFLECT:
- strcat(area, Reverse(area, area2));
+ strncat(area, Reverse(area, area2), STRINGSIZE - strlen(area) - 1);
break;
case RULE_DUPLICATE:
strcpy(area2, area);
- strcat(area, area2);
+ strncat(area, area2, STRINGSIZE - strlen(area) - 1);
break;
case RULE_GT:
if (!ptr[1])
@@ -514,7 +516,8 @@ Mangle(input, control, area) /* returns
} else
{
area2[0] = *(++ptr);
- strcpy(area2 + 1, area);
+ strncpy(area2 + 1, area, STRINGSIZE - 2);
+ area2[STRINGSIZE - 1] = '\0';
strcpy(area, area2);
}
break;
@@ -528,8 +531,10 @@ Mangle(input, control, area) /* returns
register char *string;
string = area;
while (*(string++));
- string[-1] = *(++ptr);
- *string = '\0';
+ if (string < area + STRINGSIZE) {
+ string[-1] = *(++ptr);
+ *string = '\0';
+ }
}
break;
case RULE_EXTRACT:
@@ -600,6 +605,10 @@ Mangle(input, control, area) /* returns
}
p1 = area;
p2 = area2;
+ if (strlen(p1) > STRINGSIZE - 2) {
+ /* truncate */
+ p1[STRINGSIZE - 2] = '\0';
+ }
while (i && *p1)
{
i--;

View File

@ -1,60 +0,0 @@
diff -up cracklib-2.9.6/lib/packlib.c.lookup cracklib-2.9.6/lib/packlib.c
--- cracklib-2.9.6/lib/packlib.c.lookup 2018-10-10 14:19:06.988958835 +0200
+++ cracklib-2.9.6/lib/packlib.c 2018-11-26 16:04:34.648256614 +0100
@@ -585,12 +585,11 @@ fprintf(stderr, "look for (%s)\n", strin
fprintf(stderr, "---- %lu, %lu ----\n", lwm, hwm);
#endif
- middle = lwm + ((hwm - lwm + 1) / 2);
-
for (;;)
{
int cmp;
+ middle = lwm + ((hwm - lwm + 1) / 2);
#if DEBUG
fprintf(stderr, "lwm = %lu, middle = %lu, hwm = %lu\n", lwm, middle, hwm);
@@ -617,24 +616,28 @@ fprintf(stderr, "look for (%s)\n", strin
return(middle);
}
- if (middle == hwm)
- {
-#if DEBUG
- fprintf(stderr, "at terminal subdivision, stopping search\n");
-#endif
- break;
- }
-
if (cmp < 0)
{
- hwm = middle;
- middle = lwm + ((hwm - lwm ) / 2);
- }
+ if (middle == lwm)
+ {
+#if DEBUG
+ fprintf(stderr, "at terminal subdivision from right, stopping search\n");
+#endif
+ break;
+ }
+ hwm = middle - 1;
+ }
else if (cmp > 0)
{
- lwm = middle;
- middle = lwm + ((hwm - lwm + 1) / 2);
- }
+ if (middle == hwm)
+ {
+#if DEBUG
+ fprintf(stderr, "at terminal subdivision from left, stopping search\n");
+#endif
+ break;
+ }
+ lwm = middle + 1;
+ }
}
return (PW_WORDS(pwp));

File diff suppressed because it is too large Load Diff

1
ci.fmf Normal file
View File

@ -0,0 +1 @@
resultsdb-testcase: separate

41
cracklib-2.9.11-man.patch Normal file
View File

@ -0,0 +1,41 @@
diff --git a/src/doc/Makefile.am b/src/doc/Makefile.am
index e597b38..e13b910 100644
--- cracklib-2.9.11/doc/Makefile.am
+++ cracklib-2.9.11/doc/Makefile.am
@@ -4,4 +4,5 @@ dist_man_MANS = \
cracklib-check.8 \
cracklib-format.8 \
cracklib-update.8 \
+ create-cracklib-dict.8 \
FascistCheck.3
\ No newline at end of file
diff --git a/src/doc/create-cracklib-dict.8 b/src/doc/create-cracklib-dict.8
new file mode 100644
index 0000000..c386e78
--- /dev/null
+++ cracklib-2.9.11/doc/create-cracklib-dict.8
@@ -0,0 +1,24 @@
+.TH create\-cracklib\-dict 8 "Sat Jun 21 22:45:42 CEST 2008" "Jan Dittberner"
+.SH NAME
+create\-cracklib\-dict \- Check passwords using libcrack2
+.SH SYNOPSIS
+.B create\-cracklib\-dict wordlist ...
+.br
+
+.SH DESCRIPTION
+.B create\-cracklib\-dict
+takes one or more word list files as arguments and converts them into
+cracklib dictionaries for use by password checking programs. The
+results are placed in the default compiled-in dictionary location.
+
+If you wish to store the dictionary in a different location, use the
+cracklib-format and cracklib-packer commands directly.
+
+.SH SEE ALSO
+.BR cracklib\-format (8),
+.BR cracklib\-packer (8),
+.BR cracklib\-check (8),
+
+.SH AUTHOR
+This man page was written by Jan Dittberner <jandd@debian.org> for
+the Debian GNU/Linux System (but may be used by others).

View File

@ -1,7 +1,7 @@
diff -up cracklib-2.9.6/lib/fascist.c.reentrant cracklib-2.9.6/lib/fascist.c diff -Naur cracklib-2.9.11-orig/lib/fascist.c cracklib-2.9.11/lib/fascist.c
--- cracklib-2.9.6/lib/fascist.c.reentrant 2015-08-18 20:41:16.000000000 +0200 --- cracklib-2.9.11-orig/lib/fascist.c 2019-02-13 20:54:41.000000000 -0500
+++ cracklib-2.9.6/lib/fascist.c 2015-10-22 18:17:20.338290974 +0200 +++ cracklib-2.9.11/lib/fascist.c 2023-07-07 18:20:42.239904964 -0400
@@ -36,8 +36,8 @@ typedef unsigned short uint16_t; @@ -36,8 +36,8 @@
#undef DEBUG #undef DEBUG
#undef DEBUG2 #undef DEBUG2
@ -12,7 +12,7 @@ diff -up cracklib-2.9.6/lib/fascist.c.reentrant cracklib-2.9.6/lib/fascist.c
static char *r_destructors[] = { static char *r_destructors[] = {
":", /* noop - must do this to test raw word. */ ":", /* noop - must do this to test raw word. */
@@ -439,6 +439,8 @@ GTry(rawtext, password) @@ -439,6 +439,8 @@
int i; int i;
int len; int len;
char *mp; char *mp;
@ -21,7 +21,7 @@ diff -up cracklib-2.9.6/lib/fascist.c.reentrant cracklib-2.9.6/lib/fascist.c
/* use destructors to turn password into rawtext */ /* use destructors to turn password into rawtext */
/* note use of Reverse() to save duplicating all rules */ /* note use of Reverse() to save duplicating all rules */
@@ -447,7 +449,7 @@ GTry(rawtext, password) @@ -447,7 +449,7 @@
for (i = 0; r_destructors[i]; i++) for (i = 0; r_destructors[i]; i++)
{ {
@ -30,7 +30,7 @@ diff -up cracklib-2.9.6/lib/fascist.c.reentrant cracklib-2.9.6/lib/fascist.c
{ {
continue; continue;
} }
@@ -462,10 +464,10 @@ GTry(rawtext, password) @@ -462,10 +464,10 @@
} }
#ifdef DEBUG #ifdef DEBUG
@ -43,7 +43,7 @@ diff -up cracklib-2.9.6/lib/fascist.c.reentrant cracklib-2.9.6/lib/fascist.c
{ {
return (1); return (1);
} }
@@ -473,7 +475,7 @@ GTry(rawtext, password) @@ -473,7 +475,7 @@
for (i = 0; r_constructors[i]; i++) for (i = 0; r_constructors[i]; i++)
{ {
@ -52,7 +52,7 @@ diff -up cracklib-2.9.6/lib/fascist.c.reentrant cracklib-2.9.6/lib/fascist.c
{ {
continue; continue;
} }
@@ -520,7 +522,7 @@ FascistGecosUser(char *password, const c @@ -520,7 +522,7 @@
strncpy(tbuffer, gecos, STRINGSIZE); strncpy(tbuffer, gecos, STRINGSIZE);
tbuffer[STRINGSIZE-1] = '\0'; tbuffer[STRINGSIZE-1] = '\0';
@ -61,7 +61,7 @@ diff -up cracklib-2.9.6/lib/fascist.c.reentrant cracklib-2.9.6/lib/fascist.c
wc = 0; wc = 0;
ptr = gbuffer; ptr = gbuffer;
@@ -695,6 +697,7 @@ FascistLookUser(PWDICT *pwp, char *instr @@ -704,6 +706,7 @@
char junk[STRINGSIZE]; char junk[STRINGSIZE];
char *password; char *password;
char rpassword[STRINGSIZE]; char rpassword[STRINGSIZE];
@ -69,7 +69,7 @@ diff -up cracklib-2.9.6/lib/fascist.c.reentrant cracklib-2.9.6/lib/fascist.c
uint32_t notfound; uint32_t notfound;
notfound = PW_WORDS(pwp); notfound = PW_WORDS(pwp);
@@ -731,7 +734,7 @@ FascistLookUser(PWDICT *pwp, char *instr @@ -740,7 +743,7 @@
return _("it does not contain enough DIFFERENT characters"); return _("it does not contain enough DIFFERENT characters");
} }
@ -78,7 +78,7 @@ diff -up cracklib-2.9.6/lib/fascist.c.reentrant cracklib-2.9.6/lib/fascist.c
Trim(password); Trim(password);
@@ -787,7 +790,7 @@ FascistLookUser(PWDICT *pwp, char *instr @@ -796,7 +799,7 @@
{ {
char *a; char *a;
@ -87,7 +87,7 @@ diff -up cracklib-2.9.6/lib/fascist.c.reentrant cracklib-2.9.6/lib/fascist.c
{ {
continue; continue;
} }
@@ -802,13 +805,13 @@ FascistLookUser(PWDICT *pwp, char *instr @@ -811,13 +814,13 @@
} }
} }
@ -103,10 +103,10 @@ diff -up cracklib-2.9.6/lib/fascist.c.reentrant cracklib-2.9.6/lib/fascist.c
{ {
continue; continue;
} }
diff -up cracklib-2.9.6/lib/packer.h.reentrant cracklib-2.9.6/lib/packer.h diff -Naur cracklib-2.9.11-orig/lib/packer.h cracklib-2.9.11/lib/packer.h
--- cracklib-2.9.6/lib/packer.h.reentrant 2015-10-22 18:17:20.335290902 +0200 --- cracklib-2.9.11-orig/lib/packer.h 2023-03-04 11:00:49.000000000 -0500
+++ cracklib-2.9.6/lib/packer.h 2015-10-22 18:17:20.338290974 +0200 +++ cracklib-2.9.11/lib/packer.h 2023-07-07 18:21:04.315119032 -0400
@@ -82,7 +82,7 @@ extern int PWClose(PWDICT *pwp); @@ -82,7 +82,7 @@
extern unsigned int FindPW(PWDICT *pwp, char *string); extern unsigned int FindPW(PWDICT *pwp, char *string);
extern int PutPW(PWDICT *pwp, char *string); extern int PutPW(PWDICT *pwp, char *string);
extern int PMatch(char *control, char *string); extern int PMatch(char *control, char *string);
@ -115,10 +115,10 @@ diff -up cracklib-2.9.6/lib/packer.h.reentrant cracklib-2.9.6/lib/packer.h
extern char Chop(char *string); extern char Chop(char *string);
extern char *Trim(char *string); extern char *Trim(char *string);
extern char *FascistLook(PWDICT *pwp, char *instring); extern char *FascistLook(PWDICT *pwp, char *instring);
diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c diff -Naur cracklib-2.9.11-orig/lib/packlib.c cracklib-2.9.11/lib/packlib.c
--- cracklib-2.9.6/lib/packlib.c.reentrant 2015-08-18 20:41:16.000000000 +0200 --- cracklib-2.9.11-orig/lib/packlib.c 2023-03-04 11:00:49.000000000 -0500
+++ cracklib-2.9.6/lib/packlib.c 2015-10-22 18:19:52.154911451 +0200 +++ cracklib-2.9.11/lib/packlib.c 2023-07-07 18:44:55.183214284 -0400
@@ -67,8 +67,8 @@ PWOpen(prefix, mode) @@ -65,8 +65,8 @@
char *mode; char *mode;
{ {
int use64 = 0; int use64 = 0;
@ -129,7 +129,7 @@ diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c
char iname[STRINGSIZE]; char iname[STRINGSIZE];
char dname[STRINGSIZE]; char dname[STRINGSIZE];
char wname[STRINGSIZE]; char wname[STRINGSIZE];
@@ -76,13 +76,11 @@ PWOpen(prefix, mode) @@ -74,13 +74,11 @@
void *ifp; void *ifp;
void *wfp; void *wfp;
@ -146,7 +146,7 @@ diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c
memset(&pdesc64, '\0', sizeof(pdesc64)); memset(&pdesc64, '\0', sizeof(pdesc64));
snprintf(iname, STRINGSIZE, "%s.pwi", prefix); snprintf(iname, STRINGSIZE, "%s.pwi", prefix);
@@ -91,77 +89,80 @@ PWOpen(prefix, mode) @@ -89,77 +87,80 @@
if (mode[0] == 'r') if (mode[0] == 'r')
{ {
@ -195,7 +195,7 @@ diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c
#ifdef HAVE_ZLIB_H #ifdef HAVE_ZLIB_H
- if (pdesc.flags & PFOR_USEZLIB) - if (pdesc.flags & PFOR_USEZLIB)
- gzclose(pdesc.dfp); - gzclose(pdesc.dfp);
+ if(pdesc->flags & PFOR_USEZLIB) + if (pdesc->flags & PFOR_USEZLIB)
+ gzclose(pdesc->dfp); + gzclose(pdesc->dfp);
else else
#endif #endif
@ -247,11 +247,11 @@ diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c
fclose(ifp); fclose(ifp);
#ifdef HAVE_ZLIB_H #ifdef HAVE_ZLIB_H
- if (pdesc.flags & PFOR_USEZLIB) - if (pdesc.flags & PFOR_USEZLIB)
+ if(pdesc->flags & PFOR_USEZLIB) + if (pdesc->flags & PFOR_USEZLIB)
gzclose(dfp); gzclose(dfp);
else else
#endif #endif
@@ -170,10 +171,11 @@ PWOpen(prefix, mode) @@ -168,10 +169,11 @@
{ {
fclose(wfp); fclose(wfp);
} }
@ -264,7 +264,7 @@ diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c
{ {
/* uh-oh. either a broken "64-bit" file or a garbage file. */ /* uh-oh. either a broken "64-bit" file or a garbage file. */
rewind (ifp); rewind (ifp);
@@ -181,10 +183,9 @@ PWOpen(prefix, mode) @@ -179,10 +181,9 @@
{ {
fprintf(stderr, "%s: error reading header\n", prefix); fprintf(stderr, "%s: error reading header\n", prefix);
@ -276,15 +276,15 @@ diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c
gzclose(dfp); gzclose(dfp);
else else
#endif #endif
@@ -193,6 +194,7 @@ PWOpen(prefix, mode) @@ -191,6 +192,7 @@
{ {
fclose(wfp); fclose(wfp);
} }
+ free(pdesc); + free(pdesc);
return NULL; return NULL;
} }
if (pdesc64.header.pih_magic != PIH_MAGIC) if (pdesc64.header.pih_magic != PIH_MAGIC)
@@ -200,10 +202,9 @@ PWOpen(prefix, mode) @@ -198,10 +200,9 @@
/* nope, not "64-bit" after all */ /* nope, not "64-bit" after all */
fprintf(stderr, "%s: error reading header\n", prefix); fprintf(stderr, "%s: error reading header\n", prefix);
@ -296,11 +296,11 @@ diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c
gzclose(dfp); gzclose(dfp);
else else
#endif #endif
@@ -213,23 +214,23 @@ PWOpen(prefix, mode) @@ -211,23 +212,23 @@
{ {
fclose(wfp); fclose(wfp);
} }
+ free(pdesc); + free(pdesc);
return NULL; return NULL;
} }
- pdesc.header.pih_magic = pdesc64.header.pih_magic; - pdesc.header.pih_magic = pdesc64.header.pih_magic;
@ -327,7 +327,7 @@ diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c
gzclose(dfp); gzclose(dfp);
else else
#endif #endif
@@ -239,17 +240,17 @@ PWOpen(prefix, mode) @@ -237,17 +238,17 @@
{ {
fclose(wfp); fclose(wfp);
} }
@ -348,7 +348,7 @@ diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c
gzclose(dfp); gzclose(dfp);
else else
#endif #endif
@@ -258,17 +259,17 @@ PWOpen(prefix, mode) @@ -256,17 +257,17 @@
{ {
fclose(wfp); fclose(wfp);
} }
@ -369,7 +369,7 @@ diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c
gzclose(dfp); gzclose(dfp);
else else
#endif #endif
@@ -277,10 +278,11 @@ PWOpen(prefix, mode) @@ -275,10 +276,11 @@
{ {
fclose(wfp); fclose(wfp);
} }
@ -382,7 +382,7 @@ diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c
{ {
int i; int i;
@@ -288,27 +290,27 @@ PWOpen(prefix, mode) @@ -286,27 +288,27 @@
{ {
if (fread(pdesc64.hwms, 1, sizeof(pdesc64.hwms), wfp) != sizeof(pdesc64.hwms)) if (fread(pdesc64.hwms, 1, sizeof(pdesc64.hwms), wfp) != sizeof(pdesc64.hwms))
{ {
@ -395,9 +395,8 @@ diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c
- pdesc.hwms[i] = pdesc64.hwms[i]; - pdesc.hwms[i] = pdesc64.hwms[i];
+ pdesc->hwms[i] = pdesc64.hwms[i]; + pdesc->hwms[i] = pdesc64.hwms[i];
} }
- } }
- else if (fread(pdesc.hwms, 1, sizeof(pdesc.hwms), wfp) != sizeof(pdesc.hwms)) - else if (fread(pdesc.hwms, 1, sizeof(pdesc.hwms), wfp) != sizeof(pdesc.hwms))
+ }
+ else if (fread(pdesc->hwms, 1, sizeof(pdesc->hwms), wfp) != sizeof(pdesc->hwms)) + else if (fread(pdesc->hwms, 1, sizeof(pdesc->hwms), wfp) != sizeof(pdesc->hwms))
{ {
- pdesc.flags &= ~PFOR_USEHWMS; - pdesc.flags &= ~PFOR_USEHWMS;
@ -418,15 +417,7 @@ diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c
} }
int int
@@ -318,6 +320,7 @@ PWClose(pwp) @@ -327,12 +329,14 @@
if (pwp->header.pih_magic != PIH_MAGIC)
{
fprintf(stderr, "PWClose: close magic mismatch\n");
+ /* we do not try to free memory that is probably corrupted */
return (-1);
}
@@ -329,12 +332,14 @@ PWClose(pwp)
if (fseek(pwp->ifp, 0L, 0)) if (fseek(pwp->ifp, 0L, 0))
{ {
fprintf(stderr, "index magic fseek failed\n"); fprintf(stderr, "index magic fseek failed\n");
@ -437,11 +428,11 @@ diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c
if (!fwrite((char *) &pwp->header, sizeof(pwp->header), 1, pwp->ifp)) if (!fwrite((char *) &pwp->header, sizeof(pwp->header), 1, pwp->ifp))
{ {
fprintf(stderr, "index magic fwrite failed\n"); fprintf(stderr, "index magic fwrite failed\n");
+ free(pwp); + free(pwp);
return (-1); return (-1);
} }
@@ -368,6 +373,7 @@ PWClose(pwp) @@ -366,6 +370,7 @@
} }
pwp->header.pih_magic = 0; pwp->header.pih_magic = 0;
@ -449,143 +440,143 @@ diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c
return (0); return (0);
} }
diff -up cracklib-2.9.6/lib/rules.c.reentrant cracklib-2.9.6/lib/rules.c diff -Naur cracklib-2.9.11-orig/lib/rules.c cracklib-2.9.11/lib/rules.c
--- cracklib-2.9.6/lib/rules.c.reentrant 2015-08-18 20:41:16.000000000 +0200 --- cracklib-2.9.11-orig/lib/rules.c 2023-04-02 14:15:05.000000000 -0400
+++ cracklib-2.9.6/lib/rules.c 2015-10-22 18:17:20.339290998 +0200 +++ cracklib-2.9.11/lib/rules.c 2023-07-07 18:58:04.892943574 -0400
@@ -82,12 +82,12 @@ Suffix(myword, suffix) @@ -80,12 +80,12 @@
} }
char * char *
-Reverse(str) /* return a pointer to a reversal */ -Reverse(str) /* return a pointer to a reversal */
+Reverse(str, area) /* return a pointer to a reversal */ +Reverse(str, area) /* return a pointer to a reversal */
register char *str; char *str;
+ char *area; + char *area;
{ {
register int i; int i;
register int j; int j;
- static char area[STRINGSIZE]; - static char area[STRINGSIZE];
j = i = strlen(str); j = i = strlen(str);
while (*str) while (*str)
{ {
@@ -98,11 +98,11 @@ Reverse(str) /* return a pointer to a @@ -96,11 +96,11 @@
} }
char * char *
-Uppercase(str) /* return a pointer to an uppercase */ -Uppercase(str) /* return a pointer to an uppercase */
+Uppercase(str, area) /* return a pointer to an uppercase */ +Uppercase(str, area) /* return a pointer to an uppercase */
register char *str; char *str;
+ char *area; + char *area;
{ {
register char *ptr; char *ptr;
- static char area[STRINGSIZE]; - static char area[STRINGSIZE];
ptr = area; ptr = area;
while (*str) while (*str)
{ {
@@ -115,11 +115,11 @@ Uppercase(str) /* return a pointer to @@ -113,11 +113,11 @@
} }
char * char *
-Lowercase(str) /* return a pointer to an lowercase */ -Lowercase(str) /* return a pointer to an lowercase */
+Lowercase(str, area) /* return a pointer to an lowercase */ +Lowercase(str, area) /* return a pointer to an lowercase */
register char *str; char *str;
+ char *area; + char *area;
{ {
register char *ptr; char *ptr;
- static char area[STRINGSIZE]; - static char area[STRINGSIZE];
ptr = area; ptr = area;
while (*str) while (*str)
{ {
@@ -132,11 +132,11 @@ Lowercase(str) /* return a pointer to @@ -130,11 +130,11 @@
} }
char * char *
-Capitalise(str) /* return a pointer to an capitalised */ -Capitalise(str) /* return a pointer to an capitalised */
+Capitalise(str, area) /* return a pointer to an capitalised */ +Capitalise(str, area) /* return a pointer to an capitalised */
register char *str; char *str;
+ char *area; + char *area;
{ {
register char *ptr; char *ptr;
- static char area[STRINGSIZE]; - static char area[STRINGSIZE];
ptr = area; ptr = area;
while (*str) while (*str)
@@ -151,11 +151,11 @@ Capitalise(str) /* return a pointer to @@ -149,11 +149,11 @@
} }
char * char *
-Pluralise(string) /* returns a pointer to a plural */ -Pluralise(string) /* returns a pointer to a plural */
+Pluralise(string, area) /* returns a pointer to a plural */ +Pluralise(string, area) /* returns a pointer to a plural */
register char *string; char *string;
+ char *area; + char *area;
{ {
register int length; int length;
- static char area[STRINGSIZE]; - static char area[STRINGSIZE];
length = strlen(string); length = strlen(string);
strcpy(area, string); strcpy(area, string);
@@ -192,13 +192,13 @@ Pluralise(string) /* returns a pointer @@ -190,13 +190,13 @@
} }
char * char *
-Substitute(string, old, new) /* returns pointer to a swapped about copy */ -Substitute(string, old, new) /* returns pointer to a swapped about copy */
+Substitute(string, old, new, area) /* returns pointer to a swapped about copy */ +Substitute(string, old, new, area) /* returns pointer to a swapped about copy */
register char *string; char *string;
register char old; char old;
register char new; char new;
+ char *area; + char *area;
{ {
register char *ptr; char *ptr;
- static char area[STRINGSIZE]; - static char area[STRINGSIZE];
ptr = area; ptr = area;
while (*string) while (*string)
{ {
@@ -210,12 +210,12 @@ Substitute(string, old, new) /* returns @@ -208,12 +208,12 @@
} }
char * char *
-Purge(string, target) /* returns pointer to a purged copy */ -Purge(string, target) /* returns pointer to a purged copy */
+Purge(string, target, area) /* returns pointer to a purged copy */ +Purge(string, target, area) /* returns pointer to a purged copy */
register char *string; char *string;
register char target; char target;
+ char *area; + char *area;
{ {
register char *ptr; char *ptr;
- static char area[STRINGSIZE]; - static char area[STRINGSIZE];
ptr = area; ptr = area;
while (*string) while (*string)
{ {
@@ -372,13 +372,13 @@ PolyStrchr(string, class) @@ -370,13 +370,13 @@
} }
char * char *
-PolySubst(string, class, new) /* returns pointer to a swapped about copy */ -PolySubst(string, class, new) /* returns pointer to a swapped about copy */
+PolySubst(string, class, new, area) /* returns pointer to a swapped about copy */ +PolySubst(string, class, new, area) /* returns pointer to a swapped about copy */
register char *string; char *string;
register char class; char class;
register char new; char new;
+ char *area; + char *area;
{ {
register char *ptr; char *ptr;
- static char area[STRINGSIZE]; - static char area[STRINGSIZE];
ptr = area; ptr = area;
while (*string) while (*string)
{ {
@@ -390,12 +390,12 @@ PolySubst(string, class, new) /* returns @@ -388,12 +388,12 @@
} }
char * char *
-PolyPurge(string, class) /* returns pointer to a purged copy */ -PolyPurge(string, class) /* returns pointer to a purged copy */
+PolyPurge(string, class, area) /* returns pointer to a purged copy */ +PolyPurge(string, class, area) /* returns pointer to a purged copy */
register char *string; char *string;
register char class; char class;
+ char *area; + char *area;
{ {
register char *ptr; char *ptr;
- static char area[STRINGSIZE]; - static char area[STRINGSIZE];
ptr = area; ptr = area;
while (*string) while (*string)
{ {
@@ -428,40 +428,41 @@ Char2Int(character) @@ -426,39 +426,40 @@
} }
char * char *
@ -596,10 +587,9 @@ diff -up cracklib-2.9.6/lib/rules.c.reentrant cracklib-2.9.6/lib/rules.c
+ char *area; + char *area;
{ {
int limit; int limit;
register char *ptr; char *ptr;
- static char area[STRINGSIZE]; - static char area[STRINGSIZE * 2] = {0};
char area2[STRINGSIZE]; char area2[STRINGSIZE * 2] = {0};
area[0] = '\0';
strcpy(area, input); strcpy(area, input);
for (ptr = control; *ptr; ptr++) for (ptr = control; *ptr; ptr++)
@ -635,7 +625,7 @@ diff -up cracklib-2.9.6/lib/rules.c.reentrant cracklib-2.9.6/lib/rules.c
break; break;
case RULE_DUPLICATE: case RULE_DUPLICATE:
strcpy(area2, area); strcpy(area2, area);
@@ -548,7 +549,6 @@ Mangle(input, control) /* returns a poi @@ -545,7 +546,6 @@
Debug(1, "Mangle: extract: weird argument in '%s'\n", control); Debug(1, "Mangle: extract: weird argument in '%s'\n", control);
return NULL; return NULL;
} }
@ -643,7 +633,7 @@ diff -up cracklib-2.9.6/lib/rules.c.reentrant cracklib-2.9.6/lib/rules.c
for (i = 0; length-- && area2[start + i]; i++) for (i = 0; length-- && area2[start + i]; i++)
{ {
area[i] = area2[start + i]; area[i] = area2[start + i];
@@ -619,10 +619,10 @@ Mangle(input, control) /* returns a poi @@ -616,10 +616,10 @@
return NULL; return NULL;
} else if (ptr[1] != RULE_CLASS) } else if (ptr[1] != RULE_CLASS)
{ {
@ -656,7 +646,7 @@ diff -up cracklib-2.9.6/lib/rules.c.reentrant cracklib-2.9.6/lib/rules.c
ptr += 2; ptr += 2;
} }
break; break;
@@ -633,11 +633,11 @@ Mangle(input, control) /* returns a poi @@ -630,11 +630,11 @@
return NULL; return NULL;
} else if (ptr[1] != RULE_CLASS) } else if (ptr[1] != RULE_CLASS)
{ {

View File

@ -1,7 +1,7 @@
diff -up cracklib-2.9.6/lib/fascist.c.simplistic cracklib-2.9.6/lib/fascist.c diff -Naur cracklib-2.9.11-orig/lib/fascist.c cracklib-2.9.11/lib/fascist.c
--- cracklib-2.9.6/lib/fascist.c.simplistic 2015-10-22 18:21:51.099748012 +0200 --- cracklib-2.9.11-orig/lib/fascist.c 2023-07-07 21:18:25.582821076 -0400
+++ cracklib-2.9.6/lib/fascist.c 2015-10-22 18:21:51.101748060 +0200 +++ cracklib-2.9.11/lib/fascist.c 2023-07-07 21:19:55.130234075 -0400
@@ -55,7 +55,6 @@ static char *r_destructors[] = { @@ -55,7 +55,6 @@
"/?p@?p", /* purging out punctuation/symbols/junk */ "/?p@?p", /* purging out punctuation/symbols/junk */
"/?s@?s", "/?s@?s",
@ -9,33 +9,33 @@ diff -up cracklib-2.9.6/lib/fascist.c.simplistic cracklib-2.9.6/lib/fascist.c
/* attempt reverse engineering of password strings */ /* attempt reverse engineering of password strings */
@@ -454,6 +453,12 @@ GTry(rawtext, password) @@ -454,6 +453,12 @@
continue; continue;
} }
+ if (len - strlen(mp) >= 3) + if (len - strlen(mp) >= 3)
+ { + {
+ /* purged too much */ + /* purged too much */
+ continue; + continue;
+ } + }
+ +
#ifdef DEBUG #ifdef DEBUG
printf("%-16s = %-16s (destruct %s)\n", mp, rawtext, r_destructors[i]); printf("%-16s = %-16s (destruct %s)\n", mp, rawtext, r_destructors[i]);
#endif #endif
@@ -480,6 +485,12 @@ GTry(rawtext, password) @@ -480,6 +485,12 @@
continue; continue;
} }
+ if (len - strlen(mp) >= 3) + if (len - strlen(mp) >= 3)
+ { + {
+ /* purged too much */ + /* purged too much */
+ continue; + continue;
+ } + }
+ +
#ifdef DEBUG #ifdef DEBUG
printf("%-16s = %-16s (construct %s)\n", mp, password, r_constructors[i]); printf("%-16s = %-16s (construct %s)\n", mp, password, r_constructors[i]);
#endif #endif
@@ -699,6 +710,7 @@ FascistLookUser(PWDICT *pwp, char *instr @@ -708,6 +719,7 @@
char rpassword[STRINGSIZE]; char rpassword[STRINGSIZE];
char area[STRINGSIZE]; char area[STRINGSIZE];
uint32_t notfound; uint32_t notfound;
@ -43,7 +43,7 @@ diff -up cracklib-2.9.6/lib/fascist.c.simplistic cracklib-2.9.6/lib/fascist.c
notfound = PW_WORDS(pwp); notfound = PW_WORDS(pwp);
/* already truncated if from FascistCheck() */ /* already truncated if from FascistCheck() */
@@ -748,6 +760,7 @@ FascistLookUser(PWDICT *pwp, char *instr @@ -757,6 +769,7 @@
return _("it is all whitespace"); return _("it is all whitespace");
} }
@ -51,7 +51,7 @@ diff -up cracklib-2.9.6/lib/fascist.c.simplistic cracklib-2.9.6/lib/fascist.c
i = 0; i = 0;
ptr = password; ptr = password;
while (ptr[0] && ptr[1]) while (ptr[0] && ptr[1])
@@ -759,10 +772,9 @@ FascistLookUser(PWDICT *pwp, char *instr @@ -768,10 +781,9 @@
ptr++; ptr++;
} }
@ -60,53 +60,53 @@ diff -up cracklib-2.9.6/lib/fascist.c.simplistic cracklib-2.9.6/lib/fascist.c
- maxrepeat = 3+(0.09*strlen(password)); - maxrepeat = 3+(0.09*strlen(password));
- if (i > maxrepeat) - if (i > maxrepeat)
+ /* We were still generating false positives for long passwords. + /* We were still generating false positives for long passwords.
+ Just count systematic double as a single character. */ + Just count systematic double as a single character. */
+ if (len - i < MINLEN) + if (len - i < MINLEN)
{ {
return _("it is too simplistic/systematic"); return _("it is too simplistic/systematic");
} }
@@ -795,6 +807,12 @@ FascistLookUser(PWDICT *pwp, char *instr @@ -804,6 +816,12 @@
continue; continue;
} }
+ if (len - strlen(a) >= 3) + if (len - strlen(a) >= 3)
+ { + {
+ /* purged too much */ + /* purged too much */
+ continue; + continue;
+ } + }
+ +
#ifdef DEBUG #ifdef DEBUG
printf("%-16s (dict)\n", a); printf("%-16s (dict)\n", a);
#endif #endif
@@ -815,6 +833,13 @@ FascistLookUser(PWDICT *pwp, char *instr @@ -824,6 +842,13 @@
{ {
continue; continue;
} }
+ +
+ if (len - strlen(a) >= 3) + if (len - strlen(a) >= 3)
+ { + {
+ /* purged too much */ + /* purged too much */
+ continue; + continue;
+ } + }
+ +
#ifdef DEBUG #ifdef DEBUG
printf("%-16s (reversed dict)\n", a); printf("%-16s (reversed dict)\n", a);
#endif #endif
diff -up cracklib-2.9.6/util/cracklib-format.simplistic cracklib-2.9.6/util/cracklib-format diff -Naur cracklib-2.9.11-orig/util/cracklib-format cracklib-2.9.11/util/cracklib-format
--- cracklib-2.9.6/util/cracklib-format.simplistic 2015-10-22 18:21:51.101748060 +0200 --- cracklib-2.9.11-orig/util/cracklib-format 2024-07-30 10:14:59.364641602 +0200
+++ cracklib-2.9.6/util/cracklib-format 2014-07-09 17:24:45.000000000 +0200 +++ cracklib-2.9.11/util/cracklib-format 2024-07-30 10:15:34.208982313 +0200
@@ -3,8 +3,10 @@ @@ -10,10 +10,12 @@
# This preprocesses a set of word lists into a suitable form for input # lines (possibly introduced by earlier parts of the pipeline) as
# into cracklib-packer # cracklib-packer will generate "skipping line" warnings otherwise.
# #
+LC_ALL=C +LC_ALL=C
+export LC_ALL +export LC_ALL
gzip -cdf "$@" | gzip -cdf "$@" |
- grep -v '^\(#\|$\)' | grep -a -v '^#' |
- tr '[A-Z]' '[a-z]' | tr '[A-Z]' '[a-z]' |
- tr -cd '\012[a-z][0-9]' | - tr -cd '\012[a-z][0-9]' |
- env LC_ALL=C sort -u
+ grep -a -E -v '^.{32,}$' |
+ tr '[:upper:]' '[:lower:]' |
+ tr -cd '\n[:graph:]' | + tr -cd '\n[:graph:]' |
cut -c 1-1022 |
grep -v '^$' |
- env LC_ALL=C sort -u
+ sort -u + sort -u

View File

@ -4,39 +4,27 @@
Summary: A password-checking library Summary: A password-checking library
Name: cracklib Name: cracklib
Version: 2.9.6 Version: 2.9.11
Release: 15%{?dist} Release: 8%{?dist}
Group: System Environment/Libraries URL: https://github.com/cracklib/cracklib
Source0: https://github.com/cracklib/cracklib/releases/download/cracklib-%{version}/cracklib-%{version}.tar.gz License: LGPL-2.1-or-later
Source1: https://github.com/cracklib/cracklib/releases/download/cracklib-%{version}/cracklib-words-%{version}.gz
# For man pages.
Source2: http://ftp.us.debian.org/debian/pool/main/c/cracklib2/cracklib2_2.8.19-1.debian.tar.gz
Source40: http://ftp.us.debian.org/debian/pool/main/c/cracklib2/cracklib2_2.8.19-1.dsc
Source0: https://github.com/cracklib/cracklib/releases/download/v%{version}/cracklib-%{version}.tar.gz
Source1: https://github.com/cracklib/cracklib/releases/download/v%{version}/cracklib-words-%{version}.gz
# From attachment to https://bugzilla.redhat.com/show_bug.cgi?id=627449 # From attachment to https://bugzilla.redhat.com/show_bug.cgi?id=627449
Source3: cracklib.default.zh_CN.po Source2: cracklib.default.zh_CN.po
# No upstream source for this, just words missing from the current cracklib-words # No upstream source for this, just words missing from the current cracklib-words
Source10: missing-words.gz Source3: missing-words.gz
Patch1: cracklib-2.9.1-inttypes.patch Patch: cracklib-2.9.11-packlib-reentrant.patch
Patch2: cracklib-2.9.0-python-gzdicts.patch Patch: cracklib-2.9.11-simplistic.patch
Patch4: cracklib-2.9.6-packlib-reentrant.patch # https://github.com/cracklib/cracklib/pull/92
Patch6: cracklib-2.9.6-simplistic.patch Patch: cracklib-2.9.11-man.patch
Patch7: cracklib-2.9.6-translation-updates.patch
Patch8: cracklib-2.9.6-cve-2016-6318.patch BuildRequires: gcc autoconf automake libtool
Patch9: cracklib-2.9.6-lookup.patch
URL: http://sourceforge.net/projects/cracklib/
License: LGPLv2+
Buildroot: %{_tmppath}/%{name}-%{version}-root
BuildRequires: gcc
BuildRequires: words, gettext BuildRequires: words, gettext
BuildRequires: gettext-autopoint BuildRequires: gettext-autopoint
BuildRequires: zlib-devel BuildRequires: zlib-devel
%if 0%{?rhel} == 0
BuildRequires: python2-devel
%endif
Conflicts: cracklib-dicts < 2.8 Conflicts: cracklib-dicts < 2.8
# The cracklib-format script calls gzip, but without a specific path. # The cracklib-format script calls gzip, but without a specific path.
Requires: gzip Requires: gzip
@ -61,33 +49,16 @@ CrackLib, you will also want to install the cracklib-dicts package.
%package devel %package devel
Summary: Development files needed for building applications which use cracklib Summary: Development files needed for building applications which use cracklib
Group: Development/Libraries Requires: %{name}%{?_isa} = %{version}-%{release}
Requires: %{name} = %{version}-%{release}
%description devel %description devel
The cracklib-devel package contains the header files and libraries needed The cracklib-devel package contains the header files and libraries needed
for compiling applications which use cracklib. for compiling applications which use cracklib.
%if 0%{?rhel} == 0
%package -n python2-cracklib
Summary: Python bindings for applications which use cracklib
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}
%{?python_provide:%python_provide python2-cracklib}
# Remove before F30
Provides: %{name}-python = %{version}-%{release}
Provides: %{name}-python%{?_isa} = %{version}-%{release}
Obsoletes: %{name}-python < %{version}-%{release}
%description -n python2-cracklib
The cracklib-python package contains a module which permits applications
written in the Python programming language to use cracklib.
%endif
%package dicts %package dicts
Summary: The standard CrackLib dictionaries Summary: The standard CrackLib dictionaries
Group: System Environment/Libraries
BuildRequires: words >= 2-13 BuildRequires: words >= 2-13
BuildRequires: make
Requires: cracklib = %{version}-%{release} Requires: cracklib = %{version}-%{release}
%description dicts %description dicts
@ -99,116 +70,75 @@ contains the utilities necessary for the creation of new dictionaries.
If you are installing CrackLib, you should also install cracklib-dicts. If you are installing CrackLib, you should also install cracklib-dicts.
%prep %prep
%setup -q -a 2 %autosetup -p 1
# Replace zn_CN.po with one that wasn't mis-transcoded at some point. # Replace zn_CN.po with one that wasn't mis-transcoded at some point.
grep '????????????????' po/zh_CN.po install -p -m 644 %{SOURCE2} po/zh_CN.po
install -p -m 644 %{SOURCE3} po/zh_CN.po
%patch1 -p1 -b .inttypes
%patch2 -p1 -b .gzdicts
%patch4 -p1 -b .reentrant
%patch6 -p1 -b .simplistic
%patch7 -p1 -b .translations
%patch8 -p1 -b .overflow
%patch9 -p1 -b .lookup
mkdir cracklib-dicts mkdir cracklib-dicts
for dict in %{SOURCE10} %{SOURCE1} for dict in %{SOURCE3} %{SOURCE1}
do do
cp -fv ${dict} cracklib-dicts/ cp -fv ${dict} cracklib-dicts/
done done
chmod +x util/cracklib-format chmod +x util/cracklib-format
%build %build
# Makefile.am was changed by patch for adding man page
autoreconf -fvi
# Use the dictionary from the build to test # Use the dictionary from the build to test
sed -i 's,util/cracklib-check <,util/cracklib-check $(DESTDIR)/$(DEFAULT_CRACKLIB_DICT) <,' Makefile.in sed -i 's,util/cracklib-check <,util/cracklib-check $(DESTDIR)/$(DEFAULT_CRACKLIB_DICT) <,' Makefile.in
%configure --with-pic \ %configure --with-pic \
%if 0%{?rhel} == 0
--with-python \
%else
--without-python \ --without-python \
%endif
--with-default-dict=%{dictpath} --disable-static --with-default-dict=%{dictpath} --disable-static
make -C po update-gmo make -C po update-gmo
make make
%install %install
[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT %make_install 'pythondir=${pyexecdir}'
make install DESTDIR=$RPM_BUILD_ROOT 'pythondir=${pyexecdir}'
./util/cracklib-format cracklib-dicts/* | \ ./util/cracklib-format cracklib-dicts/* | \
./util/cracklib-packer $RPM_BUILD_ROOT/%{dictpath} ./util/cracklib-packer %{buildroot}%{dictpath}
./util/cracklib-format $RPM_BUILD_ROOT/%{dictdir}/cracklib-small | \ ./util/cracklib-format %{buildroot}%{dictdir}/cracklib-small | \
./util/cracklib-packer $RPM_BUILD_ROOT/%{dictdir}/cracklib-small ./util/cracklib-packer %{buildroot}%{dictdir}/cracklib-small
rm -f $RPM_BUILD_ROOT/%{dictdir}/cracklib-small rm -f %{buildroot}%{dictdir}/cracklib-small
sed s,/usr/lib/cracklib_dict,%{dictpath},g lib/crack.h > $RPM_BUILD_ROOT/%{_includedir}/crack.h sed s,/usr/lib/cracklib_dict,%{dictpath},g lib/crack.h > %{buildroot}%{_includedir}/crack.h
ln -s cracklib-format $RPM_BUILD_ROOT/%{_sbindir}/mkdict ln -s cracklib-format %{buildroot}%{_sbindir}/mkdict
ln -s cracklib-packer $RPM_BUILD_ROOT/%{_sbindir}/packer # packer link removed as it clashes with hashicorp's packer binary.
touch $RPM_BUILD_ROOT/top #ln -s cracklib-packer %{buildroot}/%{_sbindir}/packer
touch %{buildroot}/top
toprelpath=.. toprelpath=..
touch $RPM_BUILD_ROOT/top touch %{buildroot}/top
while ! test -f $RPM_BUILD_ROOT/%{_libdir}/$toprelpath/top ; do while ! test -f %{buildroot}%{_libdir}/$toprelpath/top ; do
toprelpath=../$toprelpath toprelpath=../$toprelpath
done done
rm -f $RPM_BUILD_ROOT/top rm -f %{buildroot}/top
if test %{dictpath} != %{_libdir}/cracklib_dict ; then if test %{dictpath} != %{_libdir}/cracklib_dict ; then
ln -s $toprelpath%{dictpath}.hwm $RPM_BUILD_ROOT/%{_libdir}/cracklib_dict.hwm ln -s $toprelpath%{dictpath}.hwm %{buildroot}%{_libdir}/cracklib_dict.hwm
ln -s $toprelpath%{dictpath}.pwd $RPM_BUILD_ROOT/%{_libdir}/cracklib_dict.pwd ln -s $toprelpath%{dictpath}.pwd %{buildroot}%{_libdir}/cracklib_dict.pwd
ln -s $toprelpath%{dictpath}.pwi $RPM_BUILD_ROOT/%{_libdir}/cracklib_dict.pwi ln -s $toprelpath%{dictpath}.pwi %{buildroot}%{_libdir}/cracklib_dict.pwi
fi fi
rm -f $RPM_BUILD_ROOT/%{_libdir}/python*/site-packages/_cracklib*.*a rm -f %{buildroot}%{_libdir}/python*/site-packages/_cracklib*.*a
rm -f $RPM_BUILD_ROOT/%{_libdir}/libcrack.la rm -f %{buildroot}%{_libdir}/libcrack.la
mkdir -p $RPM_BUILD_ROOT/%{_mandir}/man{3,8} mkdir -p %{buildroot}%{_mandir}/man{3,8}
install -p -m644 debian/*.3 $RPM_BUILD_ROOT/%{_mandir}/man3/ install -p -m644 doc/*.3 %{buildroot}%{_mandir}/man3/
install -p -m644 debian/*.8 $RPM_BUILD_ROOT/%{_mandir}/man8/ install -p -m644 doc/*.8 %{buildroot}%{_mandir}/man8/
if ! test -s $RPM_BUILD_ROOT/%{_mandir}/man8/cracklib-packer.8 ; then if ! test -s %{buildroot}%{_mandir}/man8/cracklib-packer.8 ; then
echo .so man8/cracklib-format.8 > $RPM_BUILD_ROOT/%{_mandir}/man8/cracklib-packer.8 echo .so man8/cracklib-format.8 > %{buildroot}%{_mandir}/man8/cracklib-packer.8
fi fi
if ! test -s $RPM_BUILD_ROOT/%{_mandir}/man8/cracklib-unpacker.8 ; then if ! test -s %{buildroot}%{_mandir}/man8/cracklib-unpacker.8 ; then
echo .so man8/cracklib-format.8 > $RPM_BUILD_ROOT/%{_mandir}/man8/cracklib-unpacker.8 echo .so man8/cracklib-format.8 > %{buildroot}%{_mandir}/man8/cracklib-unpacker.8
fi fi
%find_lang %{name} %find_lang %{name}
%check %check
make test DESTDIR=$RPM_BUILD_ROOT make test DESTDIR=%{buildroot}
%if 0%{?rhel} == 0
# We want to check that the new library is able to open the new dictionaries,
# using the new python module.
LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_libdir} %{__python2} 2>&1 << EOF
import string, sys
# Prepend buildroot-specific variations of the python path to the python path.
syspath2=[]
for element in sys.path:
syspath2.append("$RPM_BUILD_ROOT/" + element)
syspath2.reverse()
for element in syspath2:
sys.path.insert(0,element)
# Now actually do the test. If we get a different result, or throw an
# exception, the script will end with the error.
import cracklib
try:
s = cracklib.FascistCheck("cracklib", "$RPM_BUILD_ROOT/%{dictpath}")
except ValueError, message:
expected = "it is based on a dictionary word"
if message != expected:
print "Got unexpected result \"%s\"," % messgae,
print "instead of expected value of \"%s\"." % expected
sys.exit(1)
print "Got expected result \"%s\"," % message
sys.exit(0)
finally:
sys.exit(0)
EOF
%endif
%ldconfig_scriptlets %ldconfig_scriptlets
%files -f %{name}.lang %files -f %{name}.lang
%doc README README-WORDS NEWS README-LICENSE AUTHORS %doc README README-WORDS NEWS README-LICENSE AUTHORS
%{!?_licensedir:%global license %%doc}
%license COPYING.LIB %license COPYING.LIB
%{_libdir}/libcrack.so.* %{_libdir}/libcrack.so.*
%dir %{_datadir}/cracklib %dir %{_datadir}/cracklib
@ -226,21 +156,92 @@ EOF
%{_datadir}/cracklib/cracklib-small.* %{_datadir}/cracklib/cracklib-small.*
%{_libdir}/cracklib_dict.* %{_libdir}/cracklib_dict.*
%{_sbindir}/mkdict %{_sbindir}/mkdict
%{_sbindir}/packer
%if 0%{?rhel} == 0
%files -n python2-cracklib
%{_libdir}/python*/site-packages/_cracklib*.so
%{_libdir}/python*/site-packages/*.py*
%endif
%changelog %changelog
* Mon Nov 26 2018 Tomáš Mráz <tmraz@redhat.com> - 2.9.6-15 * Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 2.9.11-8
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
* Tue Jul 30 2024 Veronika Hanulikova <vhanulik@redhat.com> - 2.9.11-7
- Add missing man page for create-cracklib-dict (RHEL-39972)
- Preserve special characters in cracklib-format (RHEL-39972)
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 2.9.11-6
- Bump release for June 2024 mass rebuild
* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.11-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.11-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Aug 04 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 2.9.11-3
- migrated to SPDX license
* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Fri Jul 07 2023 Paul Wouters <paul.wouters@aiven.io - 2.9.11-1
- Resolves: rhbz#2123955 cracklib-2.9.11 is available
- Remove old patches, port remaining patches to 2.9.11
- Use man pages from doc/ instead of pulling them from debian
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.7-31
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Tue Aug 30 2022 Parag Nemade <pnemade AT redhat DOT com> - 2.9.7-30
- As -dicts subpackage installs files under %%{_libdir} path it should not be noarch
- this fixes FTBFS on F37+
* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.7-29
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-28
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Mon Aug 30 2021 Paul Wouters <paul.wouters@aiven.io> - 2.9.6-27
- Resolves: rhbz#1994196 Remove /usr/bin/packer symbolic link
* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-26
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-25
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-24
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon Jul 13 2020 Tom Stellard <tstellar@redhat.com> - 2.9.6-23
- Use make macros
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-22
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Fri Aug 9 2019 Tomáš Mráz <tmraz@redhat.com> - 2.9.6-21
- Drop Python 2 bindings completely
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-20
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Nov 26 2018 Tomáš Mráz <tmraz@redhat.com> - 2.9.6-18
- Fix regression in dictionary creation and lookup - Fix regression in dictionary creation and lookup
* Tue Oct 9 2018 Tomáš Mráz <tmraz@redhat.com> - 2.9.6-14 * Wed Oct 10 2018 Tomáš Mráz <tmraz@redhat.com> - 2.9.6-17
- Fix minor bug found in the Coverity scan
* Tue Oct 9 2018 Tomáš Mráz <tmraz@redhat.com> - 2.9.6-16
- Updated translations - Updated translations
* Fri Jul 13 2018 Tomáš Mráz <tmraz@redhat.com> - 2.9.6-15
- The test must use the dictionary from the build
* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Feb 21 2018 Tomáš Mráz <tmraz@redhat.com> - 2.9.6-13 * Wed Feb 21 2018 Tomáš Mráz <tmraz@redhat.com> - 2.9.6-13
- Drop Python 2 support in RHEL - Drop Python 2 support in RHEL

7
gating.yaml Normal file
View File

@ -0,0 +1,7 @@
--- !Policy
product_versions:
- rhel-10
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: osci.brew-build./plans/ci/fips-disabled-buildroot-disabled.functional}
- !PassingTestCaseRule {test_case_name: osci.brew-build./plans/ci/fips-disabled-buildroot-enabled.functional}

26
plans/ci.fmf Normal file
View File

@ -0,0 +1,26 @@
/fips-disabled-buildroot-disabled:
plan:
import:
url: https://pkgs.devel.redhat.com/git/tests/cracklib
name: /plans/ci/fips-disabled-buildroot-disabled
/fips-disabled-buildroot-enabled:
plan:
import:
url: https://pkgs.devel.redhat.com/git/tests/cracklib
name: /plans/ci/fips-disabled-buildroot-enabled
/fips-enabled-buildroot-disabled:
plan:
import:
url: https://pkgs.devel.redhat.com/git/tests/cracklib
name: /plans/ci/fips-enabled-buildroot-disabled
/fips-enabled-buildroot-enabled:
plan:
import:
url: https://pkgs.devel.redhat.com/git/tests/cracklib
name: /plans/ci/fips-enabled-buildroot-enabled

3
sources Normal file
View File

@ -0,0 +1,3 @@
SHA512 (cracklib-2.9.11.tar.gz) = 9e73a715c8f82723abc36b08906e212aaf79a7f6dfa560c6a98963b1e63aa21f7b612f285a639a41ec9eec7025aa2c16f702aad934cd30bc995f470d62ee4bc3
SHA512 (cracklib-words-2.9.11.gz) = d1983e8e8fcb9abee4701581d66008eda2d7ad6ee8d017b7fed225b71bd333fa6199338f37fd120c1c6bf1c8a75025692f4118d97e8c384e578000bed59c6aed
SHA512 (missing-words.gz) = 50afb5538ddd15de997883f5ff6925d9084117851cfdcfc02f05c28304d6c17b46ea669fe626ad819e732b6f291f308194300c9db9b110a5c15a4e5d97ca6caa