import yp-tools-4.2.3-1.el8

2019-05-07 03:18:29 -04:00 · 2019-05-07 03:18:29 -04:00 · 23caff05ea
commit 23caff05ea
7 changed files with 488 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+SOURCES/v4.2.3.tar.gz
--- a/.yp-tools.metadata
+++ b/.yp-tools.metadata
@ -0,0 +1 @@
+cc4a69be612195ccd5ddcc9bc39f01d4e1a8041b SOURCES/v4.2.3.tar.gz
--- a/SOURCES/yp-tools-2.12-adjunct.patch
+++ b/SOURCES/yp-tools-2.12-adjunct.patch
@ -0,0 +1,11 @@
+diff -up yp-tools-2.12/src/yppasswd.c.adjunct yp-tools-2.12/src/yppasswd.c
+--- yp-tools-2.12/src/yppasswd.c.adjunct	2012-04-23 13:17:47.000988833 +0200
+++ yp-tools-2.12/src/yppasswd.c	2012-04-23 13:18:01.209802938 +0200
+@@ -774,6 +775,7 @@
+       /* We can't check the password with shadow passwords enabled. We
+        * leave the checking to yppasswdd */
+       if (uid != 0 && strcmp (pwd->pw_passwd, "x") != 0 &&
+	  0 != strncmp (pwd->pw_passwd, "##", 2) && /* don't check passwords using passwd.adjunct feature */
+ 	  strcmp (pwd->pw_passwd, hashpass ) != 0)
+ 	{
+ 	  int passwdlen = get_passwd_len (pwd->pw_passwd);
--- a/SOURCES/yp-tools-2.12-crypt.patch
+++ b/SOURCES/yp-tools-2.12-crypt.patch
@ -0,0 +1,44 @@
+diff -up yp-tools-2.12/src/yppasswd.c.crypt yp-tools-2.12/src/yppasswd.c
+--- yp-tools-2.12/src/yppasswd.c.crypt	2012-04-23 13:01:35.599721168 +0200
+++ yp-tools-2.12/src/yppasswd.c	2012-04-23 13:16:18.251261293 +0200
+@@ -772,9 +778,16 @@ main (int argc, char **argv)
+ 	{
+ 	  int passwdlen = get_passwd_len (pwd->pw_passwd);
+ 	  char *sane_passwd = alloca (passwdlen + 1);
+	  char *crypted;
+ 	  strncpy (sane_passwd, pwd->pw_passwd, passwdlen);
+ 	  sane_passwd[passwdlen] = 0;
+-	  if (strcmp (crypt (s, sane_passwd), sane_passwd))
+	  crypted = crypt (s, sane_passwd);
+	  if(crypted == NULL)
+	    {
+	      fprintf (stderr, _("Sorry - crypt() failed.\n"));
+	      return 1;
+	    }
+	  if (strcmp (crypted, sane_passwd))
+ 	    {
+ 	      fprintf (stderr, _("Sorry.\n"));
+ 	      return 1;
+@@ -789,6 +802,7 @@ main (int argc, char **argv)
+       char *error_msg;
+ #endif /* USE_CRACKLIB */
+       char *buf, salt[37], *p = NULL;
+      char *crypted;
+       int tries = 0;
+ 
+       buf = (char *) malloc (129);
+@@ -869,7 +883,13 @@ main (int argc, char **argv)
+ 	  break;
+ 	}
+ 
+-      yppwd.newpw.pw_passwd = strdup (crypt (buf, salt));
+      crypted = crypt (buf, salt);
+      if(crypted == NULL) {
+	fprintf (stderr, _("Sorry - crypt() failed.\n"));
+	return 1;
+      } else {
+	yppwd.newpw.pw_passwd = strdup (crypted);
+      }
+     }
+ 
+   if (f_flag)
--- a/SOURCES/yp-tools-2.12-hash.patch
+++ b/SOURCES/yp-tools-2.12-hash.patch
@ -0,0 +1,68 @@
+diff -up yp-tools-2.12/man/yppasswd.1.in.hash yp-tools-2.12/man/yppasswd.1.in
+--- yp-tools-2.12/man/yppasswd.1.in.hash	2011-09-09 16:18:49.469037058 +0200
+++ yp-tools-2.12/man/yppasswd.1.in	2011-09-09 16:20:19.101030930 +0200
+@@ -81,6 +81,12 @@ for authentication with the
+ .BR yppasswdd (8)
+ daemon. Subsequently, the
+ program prompts for the updated information:
+.P
+If we use shadowing passwords using passwd.adjunct, SHA-512 will be 
+used for hashing a new password by default. If we want to use MD5, 
+SHA_256 or older DES, we need to set the environment variable 
+YP_PASSWD_HASH. Possible values are "DES", "MD5", "SHA-256" and 
+"SHA-512" (value is case-insensitive).
+ .\"
+ .\"
+ .IP "\fByppasswd\fP or \fB-p\fP"
+diff -up yp-tools-2.12/src/yppasswd.c.hash yp-tools-2.12/src/yppasswd.c
+--- yp-tools-2.12/src/yppasswd.c.hash	2011-09-09 16:20:35.360029823 +0200
+++ yp-tools-2.12/src/yppasswd.c	2011-09-09 16:25:21.589010245 +0200
+@@ -514,6 +514,32 @@ create_random_salt (char *salt, int num_
+     close (fd);
+ }
+ 
+
+/*
+ * Reads environment variable YP_PASSWD_HASH and returns hash id.
+ * Possible values are MD5, SHA-256, SHA-512 and DES.
+ * If other value is set or it is not set at all, SHA-512 is used.
+ */ 
+static int
+get_env_hash_id()
+{
+  const char *v = getenv("YP_PASSWD_HASH");
+  if (!v)
+    return SHA_512;
+
+  if (!strcasecmp(v, "DES"))
+    return DES;
+
+  if (!strcasecmp(v, "SHA-256"))
+    return SHA_256;
+
+  if (!strcasecmp(v, "MD5"))
+    return MD5;
+
+  return SHA_512;
+}
+
+
+ int
+ main (int argc, char **argv)
+ {
+@@ -723,6 +749,15 @@ main (int argc, char **argv)
+ 
+       hash_id = get_hash_id (pwd->pw_passwd);
+ 
+      /* If we use passwd.adjunct, there is no magic value like $1$ in the 
+       * beginning of password, but ##username instead. Thus, SHA_512 will be 
+       * used for hashing a new password by default. If we want to use DES, 
+       * MD5 or SHA_256, we need to set the environment variable 
+       * YP_PASSWD_HASH (e.g. YP_PASSWD_HASH=DES).
+       */
+      if (strncmp(pwd->pw_passwd, "##", 2) == 0)
+        hash_id = get_env_hash_id();
+
+       /* Preserve 'rounds=<N>$' (if present) in case of SHA-2 */
+       if (hash_id == SHA_256 || hash_id == SHA_512)
+ 	{
--- a/SOURCES/yp-tools-4.2.2-strict-prototypes.patch
+++ b/SOURCES/yp-tools-4.2.2-strict-prototypes.patch
@ -0,0 +1,11 @@
+--- yp-tools-yp-tools-4.2.2/src/yppasswd.c.strict-protorypes	2017-02-21 15:51:03.452034055 +0100
+++ yp-tools-yp-tools-4.2.2/src/yppasswd.c	2017-02-21 15:51:14.996030455 +0100
+@@ -547,7 +547,7 @@ create_random_salt (char *salt, int num_
+  * If other value is set or it is not set at all, SHA-512 is used.
+  */ 
+ static int
+-get_env_hash_id()
+get_env_hash_id(void)
+ {
+   const char *v = getenv("YP_PASSWD_HASH");
+   if (!v)
--- a/SPECS/yp-tools.spec
+++ b/SPECS/yp-tools.spec
@ -0,0 +1,352 @@
+Summary: NIS (or YP) client programs
+Name: yp-tools
+Version: 4.2.3
+Release: 1%{?dist}
+License: GPLv2
+Group: System Environment/Base
+Source: https://github.com/thkukuk/yp-tools/archive/v%{version}.tar.gz
+Patch1: yp-tools-2.12-hash.patch
+Patch2: yp-tools-2.12-crypt.patch
+Patch3: yp-tools-2.12-adjunct.patch
+Patch4: yp-tools-4.2.2-strict-prototypes.patch
+Url: http://www.linux-nis.org/nis/yp-tools/index.html
+BuildRequires: autoconf, automake, gettext-devel, libtool, libtirpc-devel, libnsl2-devel
+Requires: ypbind >= 3:2.4-2
+Requires: glibc
+
+%global __filter_GLIBC_PRIVATE 1
+
+%description
+The Network Information Service (NIS) is a system which provides
+network information (login names, passwords, home directories, groupinformation) to all of the machines on a network.  NIS can enable
+information) to all of the machines on a network.  NIS can enable
+users to login on any machine on the network, as long as the machine
+has the NIS client programs running and the user's password is
+recorded in the NIS passwd database.  NIS was formerly known as Sun
+Yellow Pages (YP).
+
+This package's NIS implementation is based on FreeBSD's YP and is a
+special port for glibc 2.x and libc versions 5.4.21 and later.  This
+package only provides the NIS client programs.  In order to use the
+clients, you'll need to already have an NIS server running on your
+network. An NIS server is provided in the ypserv package.
+
+Install the yp-tools package if you need NIS client programs for machines
+on your network.  You will also need to install the ypbind package on
+every machine running NIS client programs.  If you need an NIS server,
+you'll need to install the ypserv package on one machine on the network.
+
+%package devel
+Summary: NIS (or YP) client programs
+Group: System Environment/Base
+Requires: yp-tools
+
+%description devel
+Install yp-tools-devel package for developing applications that use yp-tools
+
+
+%prep
+%setup -q -n %{name}-%{version}
+%patch1 -p1 -b .hash
+%patch2 -p1 -b .crypt
+%patch3 -p1 -b .adjunct
+%patch4 -p1 -b .strict-prototypes
+
+
+autoreconf -i -f -v
+
+%build
+
+export CFLAGS="$CFLAGS %{optflags} -Wno-cast-function-type"
+
+%configure --disable-domainname
+
+%make_build
+
+%install
+make DESTDIR="$RPM_BUILD_ROOT" INSTALL_PROGRAM=install install
+
+%find_lang %name
+
+%files -f %{name}.lang
+%doc AUTHORS COPYING README ChangeLog NEWS etc/nsswitch.conf
+%doc THANKS
+%{_bindir}/*
+
+
+%{_mandir}/*/*
+%{_sbindir}/*
+/var/yp/nicknames
+
+%changelog
+* Thu Apr 19 2018 Petr Kubat <pkubat@redhat.com> - 4.2.3-1
+- Update to version 4.2.3
+
+* Thu Mar 15 2018 Matej Mužila <mmuzila@redhat.com> - 4.2.2-7
+- Disable cast-function-type warning
+
+* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.2-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Sat Jan 20 2018 Björn Esser <besser82@fedoraproject.org> - 4.2.2-5
+- Rebuilt for switch to libxcrypt
+
+* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.2-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.2-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Mon May 29 2017 Matej Mužila <mmuzila@redhat.com> - 4.2.2-2
+- Require ypbind >= 3:2.4-2
+
+* Fri May 19 2017 Matej Mužila <mmuzila@redhat.com> - 4.2.2-1
+- Update to version 4.2.2 supporting IPv6
+
+* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.14-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Mon Nov 28 2016 Petr Kubat <pkubat@redhat.com> - 2.14-7
+- Modified passwd.adjunct patch by Gilbert E. Detillieux (#1297955)
+
+* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.14-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.14-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.14-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.14-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.14-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Mon May 06 2013 Honza Horak <hhorak@redhat.com> - 2.14-1
+- New upstream version 2.14
+
+* Mon Mar 25 2013 Honza Horak <hhorak@redhat.com> - 2.12-13
+- Fix build for aarch64
+
+* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12-12
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Mon Sep 24 2012 Honza Horak <hhorak@redhat.com> - 2.12-12
+- Minor spec file fixes
+
+* Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Wed Jul 11 2012 Honza Horak <hhorak@redhat.com> - 2.12-10
+- Minor spec file fixes
+
+* Mon Apr 23 2012 Honza Horak <hhorak@redhat.com> - 2.12-9
+- Do not check old passwords using passwd.adjunct feature
+- Patch from Paul Wouters to handle crypt() returning NULL
+  Resolves: #814803
+
+* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Fri Sep 09 2011 Honza Horak <hhorak@redhat.com> - 2.12-7
+- Added YP_PASSWD_HASH environment variable to set default
+  algorithm for hashing a new password
+  Resolves: #699666
+
+* Wed May 04 2011 Honza Horak <hhorak@redhat.com> - 2.12-6
+- Applied -gethost patch to check return value
+  (rhbz#698619)
+
+* Fri Mar 18 2011 Honza Horak <hhorak@redhat.com> - 2.12-5
+- Applied -typo patch to fix a grammar mistake
+  (rhbz#668743)
+
+* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Tue Nov 23 2010 Karel Klic <kklic@redhat.com> - 2.12-3
+- Reverted previous change
+
+* Tue Nov 23 2010 Karel Klic <kklic@redhat.com> - 2.12-2
+- Added patch that removes ypclnt.c from being compiled into
+  ypmatch (rhbz#546149)
+
+* Fri Nov 19 2010 Karel Klic <kklic@redhat.com> - 2.12-1
+- New upstream version
+
+* Fri Nov 19 2010 Karel Klic <kklic@redhat.com> - 2.11-2
+- Added patch to fix yppasswd utility when used with shadow
+  passwords (rhbz#653921)
+- Removed %%clean section
+
+* Tue Apr 20 2010 Karel Klic <kklic@redhat.com> - 2.11-1
+- New upstream release
+- MD5, SHA-2 passwords patch merged by upstream
+- Removed BuildRoot tag
+
+* Thu Apr 15 2010 Karel Klic <kklic@redhat.com> - 2.10-3
+- Added a new patch -passwords, which merges -md5 and -sha-2 patches
+  together, and adds proper MD5/SHA support to verifypassword()
+  #514061
+
+* Mon Mar 01 2010 Karel Klic <kklic@redhat.com> - 2.10-2
+- /var/yp is owned by the filesystem package (#569383)
+
+* Thu Dec 10 2009 Karel Klic <kklic@redhat.com> - 2.10-1
+- Updated to new version
+- Removed unnecessary obsoletes
+
+* Mon Aug 10 2009 Ville Skyttä <ville.skytta@iki.fi> - 2.9-8
+- Convert specfile to UTF-8.
+
+* Mon Jul 27 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.9-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Wed Mar  4 2009 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.9-6
+- Add SHA-2 password hashes support
+  Resolves: #487607
+
+* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.9-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Mon Aug 11 2008 Jason L Tibbitts III <tibbs@math.uh.edu> - 2.9-4
+- Fix license tag.
+
+* Mon Feb 11 2008 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.9-3
+- Fix Buildroot
+
+* Tue Jul 31 2007 Steve Dickson <steved@redhat.com> 2.9-1
+- Changed install process to create an useful debuginfo package (bz 249961) 
+
+* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2.9-0.1
+- rebuild
+
+* Mon Feb 13 2006 Chris Feist <cfeist@redhat.com> - 2.9-0
+- bump again for double-long bug on ppc(64)
+
+* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 2.8-8.2
+- rebuilt for new gcc4.1 snapshot and glibc changes
+
+* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
+- rebuilt
+
+* Fri Jun 18 2004 Alan Cox <alan@redhat.com>
+- Fix buffer overflow (non security) thanks to D Binderman
+
+* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
+- rebuilt
+
+* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
+- rebuilt
+
+* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
+- rebuilt
+
+* Wed Apr 23 2003 Steve Dickson <SteveD@RedHat.com>
+- Update to 2.7 from upstream
+- Updated yppasswd md5 patch
+
+* Wed Jan 22 2003 Tim Powers <timp@redhat.com>
+- rebuilt
+
+* Mon Nov 18 2002 Tim Powers <timp@redhat.com>
+- rebuild on all arches
+
+* Wed Aug 28 2002 Nalin Dahyabhai <nalin@redhat.com> 2.7-3
+- properly terminate an alloca'ed string in yppasswd which would lead to
+  improper rejection of the request if the user's pw_passwd was visible
+
+* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
+- automated rebuild
+
+* Tue Jun 11 2002 Alexander Larsson <alexl@redhat.com>
+- Update to 2.7 from upstream
+- Updated yppasswd md5 patch
+
+* Thu May 23 2002 Tim Powers <timp@redhat.com>
+- automated rebuild
+
+* Mon Mar 25 2002 Alex Larsson <alexl@redhat.com> 2.6-4
+- Updated passwd patch with Nalins comments
+
+* Fri Mar 22 2002 Alex Larsson <alexl@redhat.com> 2.6-3
+- Add patch that handles MD5 passwords and HPU/X password aging.
+- This should hopefully fix #19045 and #22667
+
+* Wed Jan 09 2002 Tim Powers <timp@redhat.com>
+- automated rebuild
+
+* Tue Jul 24 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- own /var/yp
+
+* Sun Jun 24 2001 Elliot Lee <sopwith@redhat.com>
+- Bump release + rebuild.
+
+* Mon Feb 26 2001 Trond Eivind Glomsrød <teg@redhat.com>
+- langify
+
+* Wed Sep 27 2000 Florian La Roche <Florian.LaRoche@redhat.de>
+- add another security patch
+
+* Sun Aug 20 2000 Florian La Roche <Florian.LaRoche@redhat.com>
+- allow passwords up to 128 characters
+
+* Tue Aug 15 2000 Nalin Dahyabhai <nalin@redhat.com>
+- change License from GNU to GPL
+- fix handling of defaults in ypchfn (#13830)
+
+* Thu Jul 13 2000 Prospector <bugzilla@redhat.com>
+- automatic rebuild
+
+* Sun Jun 18 2000 Matt Wilson <msw@redhat.com>
+- use %%{_mandir}
+
+* Thu Feb 03 2000 Cristian Gafton <gafton@redhat.com>
+- man pages are compressed
+- version 2.4
+
+* Tue Oct 26 1999 Bill Nottingham <notting@redhat.com>
+- get rid of bogus messages.
+
+* Fri Aug 27 1999 Preston Brown <pbrown@redhat.com>
+- patched /var/yp/nicknames so that hosts resolves to hosts.byname,
+- not hosts.byaddr (bug # 2389)
+
+* Sun May 30 1999 Jeff Johnson <jbj@redhat.com>
+- update to 2.3.
+
+* Fri Apr 16 1999 Cristian Gafton <gafton@redhat.com>
+- version 2.2
+- make it obsolete older yp-clients package
+
+* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com> 
+- auto rebuild in the new build environment (release 3)
+
+* Thu Dec 17 1998 Cristian Gafton <gafton@redhat.com>
+- build for glibc 2/1
+- version 2.1
+- require ypbind
+
+* Fri Jun 12 1998 Aron Griffis <agriffis@coat.com>
+- upgraded to 2.0
+
+* Thu May 07 1998 Prospector System <bugs@redhat.com>
+- translations modified for de, fr, tr
+
+* Mon Apr 13 1998 Cristian Gafton <gafton@redhat.com>
+- upgraded to 1.4.1
+
+* Thu Dec 04 1997 Cristian Gafton <gafton@redhat.com>
+- put yppasswd again in the package, 'cause it is the right thing to do
+  (sorry djb!)
+- obsoletes old, unmaintained yppasswd package
+
+* Sat Nov 01 1997 Donnie Barnes <djb@redhat.com>
+- removed yppasswd from this package.
+
+* Fri Oct 31 1997 Donnie Barnes <djb@redhat.com>
+- pulled from contrib into distribution (got fresh sources).  Thanks
+  to Thorsten Kukuk <kukuk@vt.uni-paderborn.de> for the original.
+- used fresh sources
				`@ -0,0 +1 @@`
				`cc4a69be612195ccd5ddcc9bc39f01d4e1a8041b SOURCES/v4.2.3.tar.gz`