From e8b686171bcdf97bc14b0cce11c0586875326510 Mon Sep 17 00:00:00 2001 From: Iker Pedrosa Date: Tue, 5 Nov 2024 12:53:43 +0100 Subject: [PATCH] salt: adapt patch correctly Resolves: RHEL-58978 Signed-off-by: Iker Pedrosa --- shadow-4.9-salt-remove-rounds.patch | 30 +++++++++++++++++++---------- shadow-utils.spec | 5 +++-- 2 files changed, 23 insertions(+), 12 deletions(-) diff --git a/shadow-4.9-salt-remove-rounds.patch b/shadow-4.9-salt-remove-rounds.patch index 27c8986..eca3de9 100644 --- a/shadow-4.9-salt-remove-rounds.patch +++ b/shadow-4.9-salt-remove-rounds.patch @@ -1,14 +1,24 @@ -diff -up shadow-4.9/libmisc/salt.c.salt-remove-rounds shadow-4.9/libmisc/salt.c ---- shadow-4.9/libmisc/salt.c.salt-remove-rounds 2024-11-04 10:36:46.063856730 +0100 -+++ shadow-4.9/libmisc/salt.c 2024-11-04 10:40:40.890708080 +0100 -@@ -528,6 +528,10 @@ static /*@observer@*/const char *gensalt - result[salt_len] = '\0'; +diff --git a/libmisc/salt.c b/libmisc/salt.c +index efef4e59..823b093d 100644 +--- a/libmisc/salt.c ++++ b/libmisc/salt.c +@@ -439,6 +439,19 @@ static /*@observer@*/const char *gensalt (size_t salt_size) + exit (1); } -+ if (strstr(result, "rounds=") != NULL) { -+ result[3] = '\0'; ++ char *pos = strstr(retval, "$rounds="); ++ if (pos != NULL) { ++ char str[128]; ++ int len; ++ int ret; ++ ++ ret = sprintf(str, "%lu", rounds); ++ if (ret > 0) { ++ len = strlen("$rounds=") + strlen(str); ++ memmove(pos, pos + len, strlen(pos + len) + 1); ++ } + } + - char *retval = crypt_gensalt (result, rounds, NULL, 0); - - /* Should not happen, but... */ + return retval; + #else /* USE_XCRYPT_GENSALT */ + /* Check if the result buffer is long enough. */ diff --git a/shadow-utils.spec b/shadow-utils.spec index e3a3a83..243ecc0 100644 --- a/shadow-utils.spec +++ b/shadow-utils.spec @@ -1,7 +1,7 @@ Summary: Utilities for managing accounts and shadow password files Name: shadow-utils Version: 4.9 -Release: 11%{?dist} +Release: 12%{?dist} Epoch: 2 License: BSD and GPLv2+ URL: https://github.com/shadow-maint/shadow @@ -82,6 +82,7 @@ Patch29: shadow-4.9-skip-over-reserved-ids.patch Patch30: shadow-4.9-gpasswd-fix-password-leak.patch # Downstream only patch Patch31: shadow-4.9-disable-sssd.patch +# Downstream only patch Patch32: shadow-4.9-salt-remove-rounds.patch ### Dependencies ### @@ -346,7 +347,7 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.la %{_libdir}/libsubid.so %changelog -* Mon Nov 4 2024 Iker Pedrosa - 2:4.9-11 +* Mon Nov 4 2024 Iker Pedrosa - 2:4.9-12 - salt: remove rounds from salt string. Resolves: RHEL-58978 * Fri Sep 13 2024 Iker Pedrosa - 2:4.9-10