diff --git a/.cvsignore b/.cvsignore index 67d6ea1..10c1b77 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -yp-tools-2.6.tar.bz2 +yp-tools-2.7.tar.bz2 diff --git a/sources b/sources index 0f7dc35..f1aabe4 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -3fa285adba6ec2e236d124fb02361303 yp-tools-2.6.tar.bz2 +8d8d2c1c8b4a7e2027215aebe086f651 yp-tools-2.7.tar.bz2 diff --git a/yp-tools-2.7-md5.patch b/yp-tools-2.7-md5.patch new file mode 100644 index 0000000..ccfd0b1 --- /dev/null +++ b/yp-tools-2.7-md5.patch @@ -0,0 +1,109 @@ +--- yp-tools-2.7/src/yppasswd.c.md5 Tue Jun 11 06:26:00 2002 ++++ yp-tools-2.7/src/yppasswd.c Tue Jun 11 06:30:18 2002 +@@ -49,6 +49,8 @@ + #include + #include + #include ++#include ++#include + #include + #include + #include +@@ -436,11 +438,44 @@ + + #endif + ++#define bin_to_ascii(c) ((c)>=38?((c)-38+'a'):(c)>=12?((c)-12+'A'):(c)+'.') ++ ++static void ++create_random_salt (char *salt, int num_chars) ++{ ++ int fd; ++ unsigned char c; ++ int i; ++ int res; ++ ++ fd = open("/dev/urandom", O_RDONLY); ++ ++ for (i = 0; i < num_chars; i++) ++ { ++ res = 0; ++ ++ if (fd != 0) ++ res = read (fd, &c, 1); ++ ++ if (res != 1) ++ c = random(); ++ ++ salt[i] = bin_to_ascii(c & 0x3f); ++ } ++ ++ salt[num_chars] = 0; ++ ++ if (fd != 0) ++ close (fd); ++} ++ ++ + int + main (int argc, char **argv) + { + char *s, *progname, *domainname = NULL, *user = NULL, *master = NULL; + int f_flag = 0, l_flag = 0, p_flag = 0, error, status; ++ int has_md5_passwd = 0; + struct yppasswd yppwd; + struct passwd *pwd; + CLIENT *clnt; +@@ -451,6 +486,8 @@ + bindtextdomain (PACKAGE, LOCALEDIR); + textdomain (PACKAGE); + ++ srandom (time (NULL)); ++ + if ((s = strrchr (argv[0], '/')) != NULL) + progname = s + 1; + else +@@ -642,6 +679,9 @@ + cp = stpcpy (hashpass, "##"); + strcpy (cp, pwd->pw_name); + ++ if (strncmp(pwd->pw_passwd, "$1$", 3) == 0) ++ has_md5_passwd = 1; ++ + /* We can't check the password with shadow passwords enabled. We + * leave the checking to yppasswdd */ + if (uid != 0 && strcmp (pwd->pw_passwd, "x") != 0 && +@@ -675,13 +715,11 @@ + + if (p_flag) + { +-#define bin_to_ascii(c) ((c)>=38?((c)-38+'a'):(c)>=12?((c)-12+'A'):(c)+'.') + #ifdef USE_CRACKLIB + char *error_msg; + #endif /* USE_CRACKLIB */ +- char *buf, salt[2], *p = NULL; ++ char *buf, salt[12], *p = NULL; + int tries = 0; +- time_t tm; + + buf = (char *) malloc (129); + +@@ -732,9 +770,15 @@ + } + } + +- time (&tm); +- salt[0] = bin_to_ascii (tm & 0x3f); +- salt[1] = bin_to_ascii ((tm >> 6) & 0x3f); ++ if (!has_md5_passwd) ++ create_random_salt (salt, 2); ++ else ++ { ++ /* The user already had a MD5 password, so it's safe to ++ * use a MD5 password again */ ++ strcpy (salt, "$1$"); ++ create_random_salt (salt+3, 8); ++ } + + yppwd.newpw.pw_passwd = strdup (crypt (buf, salt)); + } diff --git a/yp-tools.spec b/yp-tools.spec index a2dbeff..60fc5d9 100644 --- a/yp-tools.spec +++ b/yp-tools.spec @@ -1,12 +1,12 @@ Summary: NIS (or YP) client programs. Name: yp-tools -Version: 2.6 -Release: 4 +Version: 2.7 +Release: 1 License: GPL Group: System Environment/Base Source: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/yp-tools-%{version}.tar.bz2 Url: http://www-vt.uni-paderborn.de/~kukuk/linux/nis.html -Patch1: yp-tools-2.6-passwd.patch +Patch1: yp-tools-2.7-md5.patch Obsoletes: yppasswd, yp-clients Requires: ypbind Buildroot: %{_tmppath}/%{name}-%{version}-root @@ -59,6 +59,13 @@ rm -rf $RPM_BUILD_ROOT %dir /var/yp %changelog +* Tue Jun 11 2002 Alexander Larsson +- Update to 2.7 from upstream +- Updated yppasswd md5 patch + +* Thu May 23 2002 Tim Powers +- automated rebuild + * Mon Mar 25 2002 Alex Larsson 2.6-4 - Updated passwd patch with Nalins comments