diff --git a/.gitignore b/.gitignore index 2d152ff..f9ff01d 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ passwd-0.78.tar.bz2 /passwd-0.78.99.tar.bz2 /passwd-0.79.tar.bz2 +/passwd-0.80.tar.bz2 diff --git a/passwd-0.79-stdin-length.patch b/passwd-0.79-stdin-length.patch deleted file mode 100644 index 0d9f77e..0000000 --- a/passwd-0.79-stdin-length.patch +++ /dev/null @@ -1,40 +0,0 @@ -Support passwords up to PAM_MAX_RESP_SIZE - 1 with --stdin - -diff -r a3adceb0d42d -r 41908bb68e45 passwd.c ---- a/passwd.c Sat May 23 06:52:54 2015 +0200 -+++ b/passwd.c Mon Nov 02 19:20:24 2015 +0100 -@@ -479,17 +479,32 @@ - /* If we need to read the new password from stdin, read it and switch - * to the really-quiet stdin conversation function. */ - if (passwd_flags & PASSWD_STDIN) { -- char *ptr, newPassword[80]; -+ /* PAM's documentation says that PAM_MAX_RESP_SIZE is the -+ * maximum supported length of the password, but in practice -+ * the code (including examples in the OSF RFC) often truncates -+ * data at PAM_MAX_RESP_SIZE - 1. So, refuse to use anything -+ * longer than PAM_MAX_RESP_SIZE - 1, to prevent users from -+ * setting a password they won't be able to use to log in. */ -+ char *ptr, newPassword[PAM_MAX_RESP_SIZE]; - int i; - - i = read(STDIN_FILENO, newPassword, -- sizeof(newPassword) - 1); -+ sizeof(newPassword)); - if (i < 0) { - fprintf(stderr, - _("%s: error reading from stdin: %s\n"), progname, - strerror(errno)); - exit(1); - } -+ if (i == sizeof(newPassword)) { -+ if (newPassword[i - 1] != '\n') { -+ fprintf(stderr, -+ _("%s: password too long, maximum is %zu"), -+ progname, sizeof(newPassword) - 1); -+ exit(1); -+ } -+ i--; -+ } - - newPassword[i] = '\0'; - ptr = strchr(newPassword, '\n'); diff --git a/passwd.spec b/passwd.spec index b6a4407..b1453ef 100644 --- a/passwd.spec +++ b/passwd.spec @@ -6,20 +6,24 @@ %endif Summary: An utility for setting or changing passwords using PAM Name: passwd -Version: 0.79 -Release: 15%{?dist} +Version: 0.80 +Release: 1%{?dist} License: BSD or GPL+ Group: System Environment/Base URL: https://pagure.io/passwd Source: https://releases.pagure.org/passwd/passwd-%{version}.tar.bz2 -# Upstream changeset ca46cac76757082322d19f736a88cbf81bd70063 -Patch0: passwd-0.79-stdin-length.patch Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: pam >= 1.0.90, /etc/pam.d/system-auth %if %{WITH_SELINUX} Requires: libselinux >= 2.1.6-3 BuildRequires: libselinux-devel >= 2.1.6-3 %endif +# Provides autoreconf +BuildRequires: autoconf +# Provides autopoint +BuildRequires: gettext-devel +# Provides aclocal +BuildRequires: automake # https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/IJFYI5Q2BYZKIGDFS2WLOBDUSEGWHIKV/ BuildRequires: gcc BuildRequires: glib2-devel, libuser-devel, pam-devel, libuser >= 0.53-1 @@ -36,7 +40,7 @@ Modules) library. %prep %setup -q -n %{name}-%{version} -%patch0 -p1 -b .stdin-length +autoreconf -fis -Wall %build %configure \ @@ -76,6 +80,10 @@ done %{_mandir}/man1/passwd.1* %changelog +* Thu Mar 29 2018 Jiri Kucera - 0.80-1 +- Update to passwd-0.80 + Resolves: #1293929 + * Thu Mar 29 2018 Jiri Kucera - 0.79-15 - Mercurial changeset ID changed to the corresponding Git changeset ID diff --git a/sources b/sources index a24fb77..fa7be4d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -529f7ab99ef4bcde410936477b680c5c passwd-0.79.tar.bz2 +SHA512 (passwd-0.80.tar.bz2) = 95e16e740bb245a055d3872e9d080f951e4a378e450fa4fd7f7033573f348c9aa3ce6be256e2db32cd7d2d181faca7efff4c2f3f64ec1fb7cd411f5176eed0b4