powerel9
/
cracklib
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

initial package creation 

Signed-off-by: Toshaan Bharvani <toshaan@powerel.org>
master
Toshaan Bharvani 3 years ago
commit
d9093c0eaa
10 changed files with 4924 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 104
      SOURCES/cracklib-2.9.0-python-gzdicts.patch
  2. 22
      SOURCES/cracklib-2.9.1-inttypes.patch
  3. 20
      SOURCES/cracklib-2.9.6-coverity.patch
  4. 144
      SOURCES/cracklib-2.9.6-cve-2016-6318.patch
  5. 60
      SOURCES/cracklib-2.9.6-lookup.patch
  6. 672
      SOURCES/cracklib-2.9.6-packlib-reentrant.patch
  7. 112
      SOURCES/cracklib-2.9.6-simplistic.patch
  8. 3084
      SOURCES/cracklib-2.9.6-translation-updates.patch
  9. 78
      SOURCES/cracklib.default.zh_CN.po
  10. 628
      SPECS/cracklib.spec

104
SOURCES/cracklib-2.9.0-python-gzdicts.patch
Unescape View File

@ -0,0 +1,104 @@ @@ -0,0 +1,104 @@
diff -up cracklib-2.9.0/python/_cracklib.c.gzdicts cracklib-2.9.0/python/_cracklib.c
--- cracklib-2.9.0/python/_cracklib.c.gzdicts 2013-06-01 16:47:13.000000000 +0200
+++ cracklib-2.9.0/python/_cracklib.c 2013-08-20 12:37:32.028611493 +0200
@@ -23,6 +23,7 @@
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
+#include "config.h"
#ifdef PYTHON_H
#include PYTHON_H
#else
@@ -72,9 +73,8 @@ static char _cracklib_FascistCheck_doc [
static PyObject *
_cracklib_FascistCheck(PyObject *self, PyObject *args, PyObject *kwargs)
{
- char *candidate, *dict;
- char *defaultdict = NULL;
- const char *result;
+ char *candidate;
+ const char *result, *dict;
struct stat st;
char *keywords[] = {"pw", "dictpath", NULL};
char *dictfile;
@@ -103,44 +103,35 @@ _cracklib_FascistCheck(PyObject *self, P
"second argument was not an absolute path!");
return NULL;
}
- dictfile = malloc(strlen(dict) + sizeof(DICT_SUFFIX));
- if (dictfile == NULL)
- {
- PyErr_SetFromErrnoWithFilename(PyExc_OSError, dict);
- return NULL;
- }
- sprintf(dictfile, "%s" DICT_SUFFIX, dict);
- if (lstat(dictfile, &st) == -1)
- {
- PyErr_SetFromErrnoWithFilename(PyExc_OSError, dictfile);
- free(dictfile);
- return NULL;
- }
- free(dictfile);
} else
{
- defaultdict = strdup(GetDefaultCracklibDict());
- if (errno == ENOMEM) {
- PyErr_SetFromErrno(PyExc_OSError);
- return NULL;
- }
- dictfile = malloc(strlen(defaultdict) + sizeof(DICT_SUFFIX));
- if (dictfile == NULL)
- {
- PyErr_SetFromErrnoWithFilename(PyExc_OSError, defaultdict);
- free(defaultdict);
- return NULL;
- }
- sprintf(dictfile, "%s" DICT_SUFFIX, defaultdict);
+ /* No need to strdup() anything as this is a constant value */
+ dict = GetDefaultCracklibDict();
+ }
+
+ dictfile = malloc(strlen(dict) + sizeof(DICT_SUFFIX) + 3);
+ if (dictfile == NULL)
+ {
+ PyErr_SetFromErrnoWithFilename(PyExc_OSError, dict);
+ return NULL;
+ }
+ sprintf(dictfile, "%s" DICT_SUFFIX, dict);
+ if (lstat(dictfile, &st) == -1)
+ {
+#ifdef HAVE_ZLIB_H
+ sprintf(dictfile, "%s" DICT_SUFFIX ".gz", dict);
if (lstat(dictfile, &st) == -1)
{
+ sprintf(dictfile, "%s" DICT_SUFFIX, dict);
+#endif
PyErr_SetFromErrnoWithFilename(PyExc_OSError, dictfile);
- free(defaultdict);
free(dictfile);
return NULL;
+#ifdef HAVE_ZLIB_H
}
- free(dictfile);
+#endif
}
+ free(dictfile);
setlocale(LC_ALL, "");
#ifdef ENABLE_NLS
@@ -148,14 +139,9 @@ _cracklib_FascistCheck(PyObject *self, P
#endif
LOCK();
- result = FascistCheck(candidate, dict ? dict : defaultdict);
+ result = FascistCheck(candidate, dict);
UNLOCK();
- if (defaultdict != NULL)
- {
- free(defaultdict);
- }
-
if (result != NULL)
{
PyErr_SetString(PyExc_ValueError, result);

22
SOURCES/cracklib-2.9.1-inttypes.patch
Unescape View File

@ -0,0 +1,22 @@ @@ -0,0 +1,22 @@
Do not depend on config.h in public header.
diff -up cracklib-2.9.1/lib/packer.h.inttypes cracklib-2.9.1/lib/packer.h
--- cracklib-2.9.1/lib/packer.h.inttypes 2013-12-03 15:00:15.000000000 +0100
+++ cracklib-2.9.1/lib/packer.h 2013-12-09 09:07:38.306394809 +0100
@@ -30,17 +30,7 @@
#define _(String) (String)
#endif
-#if defined(HAVE_INTTYPES_H)
-#include <inttypes.h>
-#else
-#if defined(HAVE_STDINT_H)
#include <stdint.h>
-#else
-typedef unsigned int uint32_t;
-typedef unsigned short uint16_t;
-#endif
-#endif
-
struct pi_header
{

20
SOURCES/cracklib-2.9.6-coverity.patch
Unescape View File

@ -0,0 +1,20 @@ @@ -0,0 +1,20 @@
diff -up cracklib-2.9.6/lib/rules.c.coverity cracklib-2.9.6/lib/rules.c
--- cracklib-2.9.6/lib/rules.c.coverity 2018-10-09 12:15:31.455187555 +0200
+++ cracklib-2.9.6/lib/rules.c 2018-10-10 14:28:43.472740618 +0200
@@ -774,6 +774,8 @@ Mangle(input, control, area) /* returns
}
}
}
+ break;
+
case RULE_MLAST:
if (!ptr[1] || (ptr[1] == RULE_CLASS && !ptr[2]))
{
@@ -809,6 +811,7 @@ Mangle(input, control, area) /* returns
}
}
}
+ break;
default:
Debug(1, "Mangle: unknown command %c in %s\n", *ptr, control);

144
SOURCES/cracklib-2.9.6-cve-2016-6318.patch
Unescape View File

@ -0,0 +1,144 @@ @@ -0,0 +1,144 @@
diff -up cracklib-2.9.6/lib/fascist.c.overflow cracklib-2.9.6/lib/fascist.c
--- cracklib-2.9.6/lib/fascist.c.overflow 2015-10-23 16:58:38.403319225 +0200
+++ cracklib-2.9.6/lib/fascist.c 2016-12-08 17:28:41.490101358 +0100
@@ -515,7 +515,7 @@ FascistGecosUser(char *password, const c
char gbuffer[STRINGSIZE];
char tbuffer[STRINGSIZE];
char *uwords[STRINGSIZE];
- char longbuffer[STRINGSIZE * 2];
+ char longbuffer[STRINGSIZE];
if (gecos == NULL)
gecos = "";
@@ -596,38 +596,47 @@ FascistGecosUser(char *password, const c
{
for (i = 0; i < j; i++)
{
- strcpy(longbuffer, uwords[i]);
- strcat(longbuffer, uwords[j]);
-
- if (GTry(longbuffer, password))
+ if (strlen(uwords[i]) + strlen(uwords[j]) < STRINGSIZE)
{
- return _("it is derived from your password entry");
- }
-
- strcpy(longbuffer, uwords[j]);
- strcat(longbuffer, uwords[i]);
+ strcpy(longbuffer, uwords[i]);
+ strcat(longbuffer, uwords[j]);
- if (GTry(longbuffer, password))
- {
- return _("it's derived from your password entry");
+ if (GTry(longbuffer, password))
+ {
+ return _("it is derived from your password entry");
+ }
+
+ strcpy(longbuffer, uwords[j]);
+ strcat(longbuffer, uwords[i]);
+
+ if (GTry(longbuffer, password))
+ {
+ return _("it's derived from your password entry");
+ }
}
- longbuffer[0] = uwords[i][0];
- longbuffer[1] = '\0';
- strcat(longbuffer, uwords[j]);
-
- if (GTry(longbuffer, password))
+ if (strlen(uwords[j]) < STRINGSIZE - 1)
{
- return _("it is derivable from your password entry");
+ longbuffer[0] = uwords[i][0];
+ longbuffer[1] = '\0';
+ strcat(longbuffer, uwords[j]);
+
+ if (GTry(longbuffer, password))
+ {
+ return _("it is derivable from your password entry");
+ }
}
- longbuffer[0] = uwords[j][0];
- longbuffer[1] = '\0';
- strcat(longbuffer, uwords[i]);
-
- if (GTry(longbuffer, password))
+ if (strlen(uwords[i]) < STRINGSIZE - 1)
{
- return _("it's derivable from your password entry");
+ longbuffer[0] = uwords[j][0];
+ longbuffer[1] = '\0';
+ strcat(longbuffer, uwords[i]);
+
+ if (GTry(longbuffer, password))
+ {
+ return _("it's derivable from your password entry");
+ }
}
}
}
diff -up cracklib-2.9.6/lib/rules.c.overflow cracklib-2.9.6/lib/rules.c
--- cracklib-2.9.6/lib/rules.c.overflow 2015-10-23 16:58:38.000000000 +0200
+++ cracklib-2.9.6/lib/rules.c 2016-12-08 18:03:27.041941297 +0100
@@ -158,6 +158,8 @@ Pluralise(string, area) /* returns a po
register int length;
length = strlen(string);
strcpy(area, string);
+ if (length > STRINGSIZE - 3) /* we add 2 characters at worst */
+ return (area);
if (!Suffix(string, "ch") ||
!Suffix(string, "ex") ||
@@ -462,11 +464,11 @@ Mangle(input, control, area) /* returns
Pluralise(area2, area);
break;
case RULE_REFLECT:
- strcat(area, Reverse(area, area2));
+ strncat(area, Reverse(area, area2), STRINGSIZE - strlen(area) - 1);
break;
case RULE_DUPLICATE:
strcpy(area2, area);
- strcat(area, area2);
+ strncat(area, area2, STRINGSIZE - strlen(area) - 1);
break;
case RULE_GT:
if (!ptr[1])
@@ -514,7 +516,8 @@ Mangle(input, control, area) /* returns
} else
{
area2[0] = *(++ptr);
- strcpy(area2 + 1, area);
+ strncpy(area2 + 1, area, STRINGSIZE - 2);
+ area2[STRINGSIZE - 1] = '\0';
strcpy(area, area2);
}
break;
@@ -528,8 +531,10 @@ Mangle(input, control, area) /* returns
register char *string;
string = area;
while (*(string++));
- string[-1] = *(++ptr);
- *string = '\0';
+ if (string < area + STRINGSIZE) {
+ string[-1] = *(++ptr);
+ *string = '\0';
+ }
}
break;
case RULE_EXTRACT:
@@ -600,6 +605,10 @@ Mangle(input, control, area) /* returns
}
p1 = area;
p2 = area2;
+ if (strlen(p1) > STRINGSIZE - 2) {
+ /* truncate */
+ p1[STRINGSIZE - 2] = '\0';
+ }
while (i && *p1)
{
i--;

60
SOURCES/cracklib-2.9.6-lookup.patch
Unescape View File

@ -0,0 +1,60 @@ @@ -0,0 +1,60 @@
diff -up cracklib-2.9.6/lib/packlib.c.lookup cracklib-2.9.6/lib/packlib.c
--- cracklib-2.9.6/lib/packlib.c.lookup 2018-10-10 14:19:06.988958835 +0200
+++ cracklib-2.9.6/lib/packlib.c 2018-11-26 16:04:34.648256614 +0100
@@ -585,12 +585,11 @@ fprintf(stderr, "look for (%s)\n", strin
fprintf(stderr, "---- %lu, %lu ----\n", lwm, hwm);
#endif
- middle = lwm + ((hwm - lwm + 1) / 2);
-
for (;;)
{
int cmp;
+ middle = lwm + ((hwm - lwm + 1) / 2);
#if DEBUG
fprintf(stderr, "lwm = %lu, middle = %lu, hwm = %lu\n", lwm, middle, hwm);
@@ -617,24 +616,28 @@ fprintf(stderr, "look for (%s)\n", strin
return(middle);
}
- if (middle == hwm)
- {
-#if DEBUG
- fprintf(stderr, "at terminal subdivision, stopping search\n");
-#endif
- break;
- }
-
if (cmp < 0)
{
- hwm = middle;
- middle = lwm + ((hwm - lwm ) / 2);
- }
+ if (middle == lwm)
+ {
+#if DEBUG
+ fprintf(stderr, "at terminal subdivision from right, stopping search\n");
+#endif
+ break;
+ }
+ hwm = middle - 1;
+ }
else if (cmp > 0)
{
- lwm = middle;
- middle = lwm + ((hwm - lwm + 1) / 2);
- }
+ if (middle == hwm)
+ {
+#if DEBUG
+ fprintf(stderr, "at terminal subdivision from left, stopping search\n");
+#endif
+ break;
+ }
+ lwm = middle + 1;
+ }
}
return (PW_WORDS(pwp));

672
SOURCES/cracklib-2.9.6-packlib-reentrant.patch
Unescape View File

@ -0,0 +1,672 @@ @@ -0,0 +1,672 @@
diff -up cracklib-2.9.6/lib/fascist.c.reentrant cracklib-2.9.6/lib/fascist.c
--- cracklib-2.9.6/lib/fascist.c.reentrant 2015-08-18 20:41:16.000000000 +0200
+++ cracklib-2.9.6/lib/fascist.c 2015-10-22 18:17:20.338290974 +0200
@@ -36,8 +36,8 @@ typedef unsigned short uint16_t;
#undef DEBUG
#undef DEBUG2
-extern char *Reverse(char *buf);
-extern char *Lowercase(char *buf);
+extern char *Reverse(char *buf, char *area);
+extern char *Lowercase(char *buf, char *area);
static char *r_destructors[] = {
":", /* noop - must do this to test raw word. */
@@ -439,6 +439,8 @@ GTry(rawtext, password)
int i;
int len;
char *mp;
+ char area[STRINGSIZE];
+ char revarea[STRINGSIZE];
/* use destructors to turn password into rawtext */
/* note use of Reverse() to save duplicating all rules */
@@ -447,7 +449,7 @@ GTry(rawtext, password)
for (i = 0; r_destructors[i]; i++)
{
- if (!(mp = Mangle(password, r_destructors[i])))
+ if (!(mp = Mangle(password, r_destructors[i], area)))
{
continue;
}
@@ -462,10 +464,10 @@ GTry(rawtext, password)
}
#ifdef DEBUG
- printf("%-16s = %-16s (destruct %s reversed)\n", Reverse(mp), rawtext, r_destructors[i]);
+ printf("%-16s = %-16s (destruct %s reversed)\n", Reverse(mp, revarea), rawtext, r_destructors[i]);
#endif
- if (!strncmp(Reverse(mp), rawtext, len))
+ if (!strncmp(Reverse(mp, revarea), rawtext, len))
{
return (1);
}
@@ -473,7 +475,7 @@ GTry(rawtext, password)
for (i = 0; r_constructors[i]; i++)
{
- if (!(mp = Mangle(rawtext, r_constructors[i])))
+ if (!(mp = Mangle(rawtext, r_constructors[i], area)))
{
continue;
}
@@ -520,7 +522,7 @@ FascistGecosUser(char *password, const c
strncpy(tbuffer, gecos, STRINGSIZE);
tbuffer[STRINGSIZE-1] = '\0';
- strcpy(gbuffer, Lowercase(tbuffer));
+ Lowercase(tbuffer, gbuffer);
wc = 0;
ptr = gbuffer;
@@ -695,6 +697,7 @@ FascistLookUser(PWDICT *pwp, char *instr
char junk[STRINGSIZE];
char *password;
char rpassword[STRINGSIZE];
+ char area[STRINGSIZE];
uint32_t notfound;
notfound = PW_WORDS(pwp);
@@ -731,7 +734,7 @@ FascistLookUser(PWDICT *pwp, char *instr
return _("it does not contain enough DIFFERENT characters");
}
- strcpy(password, (char *)Lowercase(password));
+ strcpy(password, (char *)Lowercase(password, area));
Trim(password);
@@ -787,7 +790,7 @@ FascistLookUser(PWDICT *pwp, char *instr
{
char *a;
- if (!(a = Mangle(password, r_destructors[i])))
+ if (!(a = Mangle(password, r_destructors[i], area)))
{
continue;
}
@@ -802,13 +805,13 @@ FascistLookUser(PWDICT *pwp, char *instr
}
}
- strcpy(password, (char *)Reverse(password));
+ strcpy(password, (char *)Reverse(password, area));
for (i = 0; r_destructors[i]; i++)
{
char *a;
- if (!(a = Mangle(password, r_destructors[i])))
+ if (!(a = Mangle(password, r_destructors[i], area)))
{
continue;
}
diff -up cracklib-2.9.6/lib/packer.h.reentrant cracklib-2.9.6/lib/packer.h
--- cracklib-2.9.6/lib/packer.h.reentrant 2015-10-22 18:17:20.335290902 +0200
+++ cracklib-2.9.6/lib/packer.h 2015-10-22 18:17:20.338290974 +0200
@@ -82,7 +82,7 @@ extern int PWClose(PWDICT *pwp);
extern unsigned int FindPW(PWDICT *pwp, char *string);
extern int PutPW(PWDICT *pwp, char *string);
extern int PMatch(char *control, char *string);
-extern char *Mangle(char *input, char *control);
+extern char *Mangle(char *input, char *control, char *area);
extern char Chop(char *string);
extern char *Trim(char *string);
extern char *FascistLook(PWDICT *pwp, char *instring);
diff -up cracklib-2.9.6/lib/packlib.c.reentrant cracklib-2.9.6/lib/packlib.c
--- cracklib-2.9.6/lib/packlib.c.reentrant 2015-08-18 20:41:16.000000000 +0200
+++ cracklib-2.9.6/lib/packlib.c 2015-10-22 18:19:52.154911451 +0200
@@ -67,8 +67,8 @@ PWOpen(prefix, mode)
char *mode;
{
int use64 = 0;
- static PWDICT pdesc;
- static PWDICT64 pdesc64;
+ PWDICT *pdesc;
+ PWDICT64 pdesc64;
char iname[STRINGSIZE];
char dname[STRINGSIZE];
char wname[STRINGSIZE];
@@ -76,13 +76,11 @@ PWOpen(prefix, mode)
void *ifp;
void *wfp;
- if (pdesc.header.pih_magic == PIH_MAGIC)
- {
- fprintf(stderr, "%s: another dictionary already open\n", prefix);
+ pdesc = malloc(sizeof(*pdesc));
+ if (pdesc == NULL)
return NULL;
- }
- memset(&pdesc, '\0', sizeof(pdesc));
+ memset(pdesc, '\0', sizeof(*pdesc));
memset(&pdesc64, '\0', sizeof(pdesc64));
snprintf(iname, STRINGSIZE, "%s.pwi", prefix);
@@ -91,77 +89,80 @@ PWOpen(prefix, mode)
if (mode[0] == 'r')
{
- pdesc.flags &= ~PFOR_USEZLIB;
+ pdesc->flags &= ~PFOR_USEZLIB;
/* first try the normal db file */
- if (!(pdesc.dfp = fopen(dname, mode)))
+ if (!(pdesc->dfp = fopen(dname, mode)))
{
#ifdef HAVE_ZLIB_H
- pdesc.flags |= PFOR_USEZLIB;
+ pdesc->flags |= PFOR_USEZLIB;
/* try extension .gz */
snprintf(dname, STRINGSIZE, "%s.pwd.gz", prefix);
- if (!(pdesc.dfp = gzopen(dname, mode)))
+ if (!(pdesc->dfp = gzopen(dname, mode)))
{
perror(dname);
+ free(pdesc);
return NULL;
}
#else
perror(dname);
+ free(pdesc);
return NULL;
#endif
}
}
else
{
- pdesc.flags &= ~PFOR_USEZLIB;
+ pdesc->flags &= ~PFOR_USEZLIB;
/* write mode: use fopen */
- if (!(pdesc.dfp = fopen(dname, mode)))
+ if (!(pdesc->dfp = fopen(dname, mode)))
{
perror(dname);
+ free(pdesc);
return NULL;
}
}
- if (!(pdesc.ifp = fopen(iname, mode)))
+ if (!(pdesc->ifp = fopen(iname, mode)))
{
#ifdef HAVE_ZLIB_H
- if (pdesc.flags & PFOR_USEZLIB)
- gzclose(pdesc.dfp);
+ if(pdesc->flags & PFOR_USEZLIB)
+ gzclose(pdesc->dfp);
else
#endif
- fclose(pdesc.dfp);
+ fclose(pdesc->dfp);
perror(iname);
+ free(pdesc);
return NULL;
}
- if ((pdesc.wfp = fopen(wname, mode)))
+ if ((pdesc->wfp = fopen(wname, mode)))
{
- pdesc.flags |= PFOR_USEHWMS;
+ pdesc->flags |= PFOR_USEHWMS;
}
- ifp = pdesc.ifp;
- dfp = pdesc.dfp;
- wfp = pdesc.wfp;
+ ifp = pdesc->ifp;
+ dfp = pdesc->dfp;
+ wfp = pdesc->wfp;
if (mode[0] == 'w')
{
- pdesc.flags |= PFOR_WRITE;
- pdesc.header.pih_magic = PIH_MAGIC;
- pdesc.header.pih_blocklen = NUMWORDS;
- pdesc.header.pih_numwords = 0;
+ pdesc->flags |= PFOR_WRITE;
+ pdesc->header.pih_magic = PIH_MAGIC;
+ pdesc->header.pih_blocklen = NUMWORDS;
+ pdesc->header.pih_numwords = 0;
- fwrite((char *) &pdesc.header, sizeof(pdesc.header), 1, ifp);
+ fwrite((char *) &pdesc->header, sizeof(pdesc->header), 1, ifp);
} else
{
- pdesc.flags &= ~PFOR_WRITE;
+ pdesc->flags &= ~PFOR_WRITE;
- if (!fread((char *) &pdesc.header, sizeof(pdesc.header), 1, ifp))
+ if (!fread((char *) &pdesc->header, sizeof(pdesc->header), 1, ifp))
{
fprintf(stderr, "%s: error reading header\n", prefix);
- pdesc.header.pih_magic = 0;
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if (pdesc.flags & PFOR_USEZLIB)
+ if(pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -170,10 +171,11 @@ PWOpen(prefix, mode)
{
fclose(wfp);
}
+ free(pdesc);
return NULL;
}
- if ((pdesc.header.pih_magic == 0) || (pdesc.header.pih_numwords == 0))
+ if ((pdesc->header.pih_magic == 0) || (pdesc->header.pih_numwords == 0))
{
/* uh-oh. either a broken "64-bit" file or a garbage file. */
rewind (ifp);
@@ -181,10 +183,9 @@ PWOpen(prefix, mode)
{
fprintf(stderr, "%s: error reading header\n", prefix);
- pdesc.header.pih_magic = 0;
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if (pdesc.flags & PFOR_USEZLIB)
+ if (pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -193,6 +194,7 @@ PWOpen(prefix, mode)
{
fclose(wfp);
}
+ free(pdesc);
return NULL;
}
if (pdesc64.header.pih_magic != PIH_MAGIC)
@@ -200,10 +202,9 @@ PWOpen(prefix, mode)
/* nope, not "64-bit" after all */
fprintf(stderr, "%s: error reading header\n", prefix);
- pdesc.header.pih_magic = 0;
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if (pdesc.flags & PFOR_USEZLIB)
+ if (pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -213,23 +214,23 @@ PWOpen(prefix, mode)
{
fclose(wfp);
}
+ free(pdesc);
return NULL;
}
- pdesc.header.pih_magic = pdesc64.header.pih_magic;
- pdesc.header.pih_numwords = pdesc64.header.pih_numwords;
- pdesc.header.pih_blocklen = pdesc64.header.pih_blocklen;
- pdesc.header.pih_pad = pdesc64.header.pih_pad;
+ pdesc->header.pih_magic = pdesc64.header.pih_magic;
+ pdesc->header.pih_numwords = pdesc64.header.pih_numwords;
+ pdesc->header.pih_blocklen = pdesc64.header.pih_blocklen;
+ pdesc->header.pih_pad = pdesc64.header.pih_pad;
use64 = 1;
}
- if (pdesc.header.pih_magic != PIH_MAGIC)
+ if (pdesc->header.pih_magic != PIH_MAGIC)
{
fprintf(stderr, "%s: magic mismatch\n", prefix);
- pdesc.header.pih_magic = 0;
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if (pdesc.flags & PFOR_USEZLIB)
+ if (pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -239,17 +240,17 @@ PWOpen(prefix, mode)
{
fclose(wfp);
}
+ free(pdesc);
return NULL;
}
- if (pdesc.header.pih_numwords < 1)
+ if (pdesc->header.pih_numwords < 1)
{
fprintf(stderr, "%s: invalid word count\n", prefix);
- pdesc.header.pih_magic = 0;
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if (pdesc.flags & PFOR_USEZLIB)
+ if (pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -258,17 +259,17 @@ PWOpen(prefix, mode)
{
fclose(wfp);
}
+ free(pdesc);
return NULL;
}
- if (pdesc.header.pih_blocklen != NUMWORDS)
+ if (pdesc->header.pih_blocklen != NUMWORDS)
{
fprintf(stderr, "%s: size mismatch\n", prefix);
- pdesc.header.pih_magic = 0;
fclose(ifp);
#ifdef HAVE_ZLIB_H
- if (pdesc.flags & PFOR_USEZLIB)
+ if (pdesc->flags & PFOR_USEZLIB)
gzclose(dfp);
else
#endif
@@ -277,10 +278,11 @@ PWOpen(prefix, mode)
{
fclose(wfp);
}
+ free(pdesc);
return NULL;
}
- if (pdesc.flags & PFOR_USEHWMS)
+ if (pdesc->flags & PFOR_USEHWMS)
{
int i;
@@ -288,27 +290,27 @@ PWOpen(prefix, mode)
{
if (fread(pdesc64.hwms, 1, sizeof(pdesc64.hwms), wfp) != sizeof(pdesc64.hwms))
{
- pdesc.flags &= ~PFOR_USEHWMS;
+ pdesc->flags &= ~PFOR_USEHWMS;
}
- for (i = 0; i < sizeof(pdesc.hwms) / sizeof(pdesc.hwms[0]); i++)
+ for (i = 0; i < sizeof(pdesc->hwms) / sizeof(pdesc->hwms[0]); i++)
{
- pdesc.hwms[i] = pdesc64.hwms[i];
+ pdesc->hwms[i] = pdesc64.hwms[i];
}
- }
- else if (fread(pdesc.hwms, 1, sizeof(pdesc.hwms), wfp) != sizeof(pdesc.hwms))
+ }
+ else if (fread(pdesc->hwms, 1, sizeof(pdesc->hwms), wfp) != sizeof(pdesc->hwms))
{
- pdesc.flags &= ~PFOR_USEHWMS;
+ pdesc->flags &= ~PFOR_USEHWMS;
}
#if DEBUG
for (i=1; i<=0xff; i++)
{
- printf("hwm[%02x] = %d\n", i, pdesc.hwms[i]);
+ printf("hwm[%02x] = %d\n", i, pdesc->hwms[i]);
}
#endif
}
}
- return (&pdesc);
+ return (pdesc);
}
int
@@ -318,6 +320,7 @@ PWClose(pwp)
if (pwp->header.pih_magic != PIH_MAGIC)
{
fprintf(stderr, "PWClose: close magic mismatch\n");
+ /* we do not try to free memory that is probably corrupted */
return (-1);
}
@@ -329,12 +332,14 @@ PWClose(pwp)
if (fseek(pwp->ifp, 0L, 0))
{
fprintf(stderr, "index magic fseek failed\n");
+ free(pwp);
return (-1);
}
if (!fwrite((char *) &pwp->header, sizeof(pwp->header), 1, pwp->ifp))
{
fprintf(stderr, "index magic fwrite failed\n");
+ free(pwp);
return (-1);
}
@@ -368,6 +373,7 @@ PWClose(pwp)
}
pwp->header.pih_magic = 0;
+ free(pwp);
return (0);
}
diff -up cracklib-2.9.6/lib/rules.c.reentrant cracklib-2.9.6/lib/rules.c
--- cracklib-2.9.6/lib/rules.c.reentrant 2015-08-18 20:41:16.000000000 +0200
+++ cracklib-2.9.6/lib/rules.c 2015-10-22 18:17:20.339290998 +0200
@@ -82,12 +82,12 @@ Suffix(myword, suffix)
}
char *
-Reverse(str) /* return a pointer to a reversal */
+Reverse(str, area) /* return a pointer to a reversal */
register char *str;
+ char *area;
{
register int i;
register int j;
- static char area[STRINGSIZE];
j = i = strlen(str);
while (*str)
{
@@ -98,11 +98,11 @@ Reverse(str) /* return a pointer to a
}
char *
-Uppercase(str) /* return a pointer to an uppercase */
+Uppercase(str, area) /* return a pointer to an uppercase */
register char *str;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*str)
{
@@ -115,11 +115,11 @@ Uppercase(str) /* return a pointer to
}
char *
-Lowercase(str) /* return a pointer to an lowercase */
+Lowercase(str, area) /* return a pointer to an lowercase */
register char *str;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*str)
{
@@ -132,11 +132,11 @@ Lowercase(str) /* return a pointer to
}
char *
-Capitalise(str) /* return a pointer to an capitalised */
+Capitalise(str, area) /* return a pointer to an capitalised */
register char *str;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*str)
@@ -151,11 +151,11 @@ Capitalise(str) /* return a pointer to
}
char *
-Pluralise(string) /* returns a pointer to a plural */
+Pluralise(string, area) /* returns a pointer to a plural */
register char *string;
+ char *area;
{
register int length;
- static char area[STRINGSIZE];
length = strlen(string);
strcpy(area, string);
@@ -192,13 +192,13 @@ Pluralise(string) /* returns a pointer
}
char *
-Substitute(string, old, new) /* returns pointer to a swapped about copy */
+Substitute(string, old, new, area) /* returns pointer to a swapped about copy */
register char *string;
register char old;
register char new;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*string)
{
@@ -210,12 +210,12 @@ Substitute(string, old, new) /* returns
}
char *
-Purge(string, target) /* returns pointer to a purged copy */
+Purge(string, target, area) /* returns pointer to a purged copy */
register char *string;
register char target;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*string)
{
@@ -372,13 +372,13 @@ PolyStrchr(string, class)
}
char *
-PolySubst(string, class, new) /* returns pointer to a swapped about copy */
+PolySubst(string, class, new, area) /* returns pointer to a swapped about copy */
register char *string;
register char class;
register char new;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*string)
{
@@ -390,12 +390,12 @@ PolySubst(string, class, new) /* returns
}
char *
-PolyPurge(string, class) /* returns pointer to a purged copy */
+PolyPurge(string, class, area) /* returns pointer to a purged copy */
register char *string;
register char class;
+ char *area;
{
register char *ptr;
- static char area[STRINGSIZE];
ptr = area;
while (*string)
{
@@ -428,40 +428,41 @@ Char2Int(character)
}
char *
-Mangle(input, control) /* returns a pointer to a controlled Mangle */
+Mangle(input, control, area) /* returns a pointer to a controlled Mangle */
char *input;
char *control;
+ char *area;
{
int limit;
register char *ptr;
- static char area[STRINGSIZE];
char area2[STRINGSIZE];
area[0] = '\0';
strcpy(area, input);
for (ptr = control; *ptr; ptr++)
{
+ strcpy(area2, area);
switch (*ptr)
{
case RULE_NOOP:
break;
case RULE_REVERSE:
- strcpy(area, Reverse(area));
+ Reverse(area2, area);
break;
case RULE_UPPERCASE:
- strcpy(area, Uppercase(area));
+ Uppercase(area2, area);
break;
case RULE_LOWERCASE:
- strcpy(area, Lowercase(area));
+ Lowercase(area2, area);
break;
case RULE_CAPITALISE:
- strcpy(area, Capitalise(area));
+ Capitalise(area2, area);
break;
case RULE_PLURALISE:
- strcpy(area, Pluralise(area));
+ Pluralise(area2, area);
break;
case RULE_REFLECT:
- strcat(area, Reverse(area));
+ strcat(area, Reverse(area, area2));
break;
case RULE_DUPLICATE:
strcpy(area2, area);
@@ -548,7 +549,6 @@ Mangle(input, control) /* returns a poi
Debug(1, "Mangle: extract: weird argument in '%s'\n", control);
return NULL;
}
- strcpy(area2, area);
for (i = 0; length-- && area2[start + i]; i++)
{
area[i] = area2[start + i];
@@ -619,10 +619,10 @@ Mangle(input, control) /* returns a poi
return NULL;
} else if (ptr[1] != RULE_CLASS)
{
- strcpy(area, Purge(area, *(++ptr)));
+ Purge(area2, *(++ptr), area);
} else
{
- strcpy(area, PolyPurge(area, ptr[2]));
+ PolyPurge(area2, ptr[2], area);
ptr += 2;
}
break;
@@ -633,11 +633,11 @@ Mangle(input, control) /* returns a poi
return NULL;
} else if (ptr[1] != RULE_CLASS)
{
- strcpy(area, Substitute(area, ptr[1], ptr[2]));
+ Substitute(area2, ptr[1], ptr[2], area);
ptr += 2;
} else
{
- strcpy(area, PolySubst(area, ptr[2], ptr[3]));
+ PolySubst(area2, ptr[2], ptr[3], area);
ptr += 3;
}
break;

112
SOURCES/cracklib-2.9.6-simplistic.patch
Unescape View File

@ -0,0 +1,112 @@ @@ -0,0 +1,112 @@
diff -up cracklib-2.9.6/lib/fascist.c.simplistic cracklib-2.9.6/lib/fascist.c
--- cracklib-2.9.6/lib/fascist.c.simplistic 2015-10-22 18:21:51.099748012 +0200
+++ cracklib-2.9.6/lib/fascist.c 2015-10-22 18:21:51.101748060 +0200
@@ -55,7 +55,6 @@ static char *r_destructors[] = {
"/?p@?p", /* purging out punctuation/symbols/junk */
"/?s@?s",
- "/?X@?X",
/* attempt reverse engineering of password strings */
@@ -454,6 +453,12 @@ GTry(rawtext, password)
continue;
}
+ if (len - strlen(mp) >= 3)
+ {
+ /* purged too much */
+ continue;
+ }
+
#ifdef DEBUG
printf("%-16s = %-16s (destruct %s)\n", mp, rawtext, r_destructors[i]);
#endif
@@ -480,6 +485,12 @@ GTry(rawtext, password)
continue;
}
+ if (len - strlen(mp) >= 3)
+ {
+ /* purged too much */
+ continue;
+ }
+
#ifdef DEBUG
printf("%-16s = %-16s (construct %s)\n", mp, password, r_constructors[i]);
#endif
@@ -699,6 +710,7 @@ FascistLookUser(PWDICT *pwp, char *instr
char rpassword[STRINGSIZE];
char area[STRINGSIZE];
uint32_t notfound;
+ int len;
notfound = PW_WORDS(pwp);
/* already truncated if from FascistCheck() */
@@ -748,6 +760,7 @@ FascistLookUser(PWDICT *pwp, char *instr
return _("it is all whitespace");
}
+ len = strlen(password);
i = 0;
ptr = password;
while (ptr[0] && ptr[1])
@@ -759,10 +772,9 @@ FascistLookUser(PWDICT *pwp, char *instr
ptr++;
}
- /* Change by Ben Karsin from ITS at University of Hawaii at Manoa. Static MAXSTEP
- would generate many false positives for long passwords. */
- maxrepeat = 3+(0.09*strlen(password));
- if (i > maxrepeat)
+ /* We were still generating false positives for long passwords.
+ Just count systematic double as a single character. */
+ if (len - i < MINLEN)
{
return _("it is too simplistic/systematic");
}
@@ -795,6 +807,12 @@ FascistLookUser(PWDICT *pwp, char *instr
continue;
}
+ if (len - strlen(a) >= 3)
+ {
+ /* purged too much */
+ continue;
+ }
+
#ifdef DEBUG
printf("%-16s (dict)\n", a);
#endif
@@ -815,6 +833,13 @@ FascistLookUser(PWDICT *pwp, char *instr
{
continue;
}
+
+ if (len - strlen(a) >= 3)
+ {
+ /* purged too much */
+ continue;
+ }
+
#ifdef DEBUG
printf("%-16s (reversed dict)\n", a);
#endif
diff -up cracklib-2.9.6/util/cracklib-format.simplistic cracklib-2.9.6/util/cracklib-format
--- cracklib-2.9.6/util/cracklib-format.simplistic 2015-10-22 18:21:51.101748060 +0200
+++ cracklib-2.9.6/util/cracklib-format 2014-07-09 17:24:45.000000000 +0200
@@ -3,8 +3,10 @@
# This preprocesses a set of word lists into a suitable form for input
# into cracklib-packer
#
+LC_ALL=C
+export LC_ALL
gzip -cdf "$@" |
- grep -v '^\(#\|$\)' |
- tr '[A-Z]' '[a-z]' |
- tr -cd '\012[a-z][0-9]' |
- env LC_ALL=C sort -u
+ grep -a -E -v '^.{32,}$' |
+ tr '[:upper:]' '[:lower:]' |
+ tr -cd '\n[:graph:]' |
+ sort -u

3084
SOURCES/cracklib-2.9.6-translation-updates.patch
View File

File diff suppressed because it is too large Load Diff

78
SOURCES/cracklib.default.zh_CN.po
Unescape View File

@ -0,0 +1,78 @@ @@ -0,0 +1,78 @@
# translation of cracklib.default.po to Wei Liu
# Copyright (C) 2010 Free Software Foundation, Inc.
# This file is distributed under the same license as the PACKAGE package.
#
# Leah Liu <lliu@redhat.com>, 2010.
msgid ""
msgstr ""
"Project-Id-Version: cracklib.default\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2010-03-02 21:00-0600\n"
"PO-Revision-Date: 2010-09-07 23:42+1000\n"
"Last-Translator: Leah Liu <lliu@redhat.com>\n"
"Language-Team: Wei Liu\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: KBabel 1.11.4\n"

#: lib/fascist.c:550
msgid "you are not registered in the password file"
msgstr "尚未在口令文件中注册"

#: lib/fascist.c:564
msgid "it is based on your username"
msgstr "它基于用户名"

#: lib/fascist.c:629
msgid "it is based upon your password entry"
msgstr "它基于输入的口令"

#: lib/fascist.c:649
msgid "it is derived from your password entry"
msgstr "它派生自输入的口令"

#: lib/fascist.c:662
msgid "it's derived from your password entry"
msgstr "它派生自输入的口令"

#: lib/fascist.c:676
msgid "it is derivable from your password entry"
msgstr "可从输入的口令推断"

#: lib/fascist.c:690
msgid "it's derivable from your password entry"
msgstr "可从输入的口令推断"

#: lib/fascist.c:726
msgid "it is WAY too short"
msgstr "WAY 过短"

#: lib/fascist.c:731
msgid "it is too short"
msgstr "过短"

#: lib/fascist.c:748
msgid "it does not contain enough DIFFERENT characters"
msgstr "它没有包含足够的不同字符"

#: lib/fascist.c:762
msgid "it is all whitespace"
msgstr "全是空格"

#: lib/fascist.c:781
msgid "it is too simplistic/systematic"
msgstr "过于简单化/系统化"

#: lib/fascist.c:786
msgid "it looks like a National Insurance number."
msgstr "看起来像国家保险号码。"

#: lib/fascist.c:813
msgid "it is based on a dictionary word"
msgstr "它基于字典单词"

#: lib/fascist.c:832
msgid "it is based on a (reversed) dictionary word"
msgstr "它基于(颠倒的)字典单词"

628
SPECS/cracklib.spec
Unescape View File

@ -0,0 +1,628 @@ @@ -0,0 +1,628 @@
# Reflects the values hard-coded in various Makefile.am's in the source tree.
%define dictdir %{_datadir}/cracklib
%define dictpath %{dictdir}/pw_dict

Summary: A password-checking library
Name: cracklib
Version: 2.9.6
Release: 27%{?dist}
Source0: https://github.com/cracklib/cracklib/releases/download/cracklib-%{version}/cracklib-%{version}.tar.gz
Source1: https://github.com/cracklib/cracklib/releases/download/cracklib-%{version}/cracklib-words-%{version}.gz

# For man pages.
Source2: http://ftp.us.debian.org/debian/pool/main/c/cracklib2/cracklib2_2.8.19-1.debian.tar.gz
Source40: http://ftp.us.debian.org/debian/pool/main/c/cracklib2/cracklib2_2.8.19-1.dsc

# From attachment to https://bugzilla.redhat.com/show_bug.cgi?id=627449
Source3: cracklib.default.zh_CN.po

# No upstream source for this, just words missing from the current cracklib-words
Source10: missing-words.gz

Patch1: cracklib-2.9.1-inttypes.patch
Patch2: cracklib-2.9.0-python-gzdicts.patch
Patch4: cracklib-2.9.6-packlib-reentrant.patch
Patch6: cracklib-2.9.6-simplistic.patch
Patch7: cracklib-2.9.6-translation-updates.patch
Patch8: cracklib-2.9.6-cve-2016-6318.patch
Patch9: cracklib-2.9.6-coverity.patch
Patch10: cracklib-2.9.6-lookup.patch
URL: http://sourceforge.net/projects/cracklib/
License: LGPLv2+
BuildRequires: gcc
BuildRequires: words, gettext
BuildRequires: gettext-autopoint
BuildRequires: zlib-devel
Conflicts: cracklib-dicts < 2.8
# The cracklib-format script calls gzip, but without a specific path.
Requires: gzip

%description
CrackLib tests passwords to determine whether they match certain
security-oriented characteristics, with the purpose of stopping users
from choosing passwords that are easy to guess. CrackLib performs
several tests on passwords: it tries to generate words from a username
and gecos entry and checks those words against the password; it checks
for simplistic patterns in passwords; and it checks for the password
in a dictionary.

CrackLib is actually a library containing a particular C function
which is used to check the password, as well as other C
functions. CrackLib is not a replacement for a passwd program; it must
be used in conjunction with an existing passwd program.

Install the cracklib package if you need a program to check users'
passwords to see if they are at least minimally secure. If you install
CrackLib, you will also want to install the cracklib-dicts package.

%package devel
Summary: Development files needed for building applications which use cracklib
Requires: %{name} = %{version}-%{release}

%description devel
The cracklib-devel package contains the header files and libraries needed
for compiling applications which use cracklib.

%package dicts
Summary: The standard CrackLib dictionaries
BuildRequires: words >= 2-13
BuildRequires: make
Requires: cracklib = %{version}-%{release}

%description dicts
The cracklib-dicts package includes the CrackLib dictionaries.
CrackLib will need to use the dictionary appropriate to your system,
which is normally put in /usr/share/dict/words. Cracklib-dicts also
contains the utilities necessary for the creation of new dictionaries.

If you are installing CrackLib, you should also install cracklib-dicts.

%prep
%setup -q -a 2

# Replace zn_CN.po with one that wasn't mis-transcoded at some point.
grep '????????????????' po/zh_CN.po
install -p -m 644 %{SOURCE3} po/zh_CN.po

%patch1 -p1 -b .inttypes
%patch2 -p1 -b .gzdicts
%patch4 -p1 -b .reentrant
%patch6 -p1 -b .simplistic
%patch7 -p1 -b .translations
%patch8 -p1 -b .overflow
%patch9 -p1 -b .coverity
%patch10 -p1 -b .lookup

mkdir cracklib-dicts
for dict in %{SOURCE10} %{SOURCE1}
do
cp -fv ${dict} cracklib-dicts/
done
chmod +x util/cracklib-format

%build
# Use the dictionary from the build to test
sed -i 's,util/cracklib-check <,util/cracklib-check $(DESTDIR)/$(DEFAULT_CRACKLIB_DICT) <,' Makefile.in
%configure --with-pic \
--without-python \
--with-default-dict=%{dictpath} --disable-static
make -C po update-gmo
make

%install
[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
%make_install 'pythondir=${pyexecdir}'
./util/cracklib-format cracklib-dicts/* | \
./util/cracklib-packer $RPM_BUILD_ROOT/%{dictpath}
./util/cracklib-format $RPM_BUILD_ROOT/%{dictdir}/cracklib-small | \
./util/cracklib-packer $RPM_BUILD_ROOT/%{dictdir}/cracklib-small
rm -f $RPM_BUILD_ROOT/%{dictdir}/cracklib-small
sed s,/usr/lib/cracklib_dict,%{dictpath},g lib/crack.h > $RPM_BUILD_ROOT/%{_includedir}/crack.h
ln -s cracklib-format $RPM_BUILD_ROOT/%{_sbindir}/mkdict
ln -s cracklib-packer $RPM_BUILD_ROOT/%{_sbindir}/packer
touch $RPM_BUILD_ROOT/top

toprelpath=..
touch $RPM_BUILD_ROOT/top
while ! test -f $RPM_BUILD_ROOT/%{_libdir}/$toprelpath/top ; do
toprelpath=../$toprelpath
done
rm -f $RPM_BUILD_ROOT/top
if test %{dictpath} != %{_libdir}/cracklib_dict ; then
ln -s $toprelpath%{dictpath}.hwm $RPM_BUILD_ROOT/%{_libdir}/cracklib_dict.hwm
ln -s $toprelpath%{dictpath}.pwd $RPM_BUILD_ROOT/%{_libdir}/cracklib_dict.pwd
ln -s $toprelpath%{dictpath}.pwi $RPM_BUILD_ROOT/%{_libdir}/cracklib_dict.pwi
fi
rm -f $RPM_BUILD_ROOT/%{_libdir}/python*/site-packages/_cracklib*.*a
rm -f $RPM_BUILD_ROOT/%{_libdir}/libcrack.la

mkdir -p $RPM_BUILD_ROOT/%{_mandir}/man{3,8}
install -p -m644 debian/*.3 $RPM_BUILD_ROOT/%{_mandir}/man3/
install -p -m644 debian/*.8 $RPM_BUILD_ROOT/%{_mandir}/man8/
if ! test -s $RPM_BUILD_ROOT/%{_mandir}/man8/cracklib-packer.8 ; then
echo .so man8/cracklib-format.8 > $RPM_BUILD_ROOT/%{_mandir}/man8/cracklib-packer.8
fi
if ! test -s $RPM_BUILD_ROOT/%{_mandir}/man8/cracklib-unpacker.8 ; then
echo .so man8/cracklib-format.8 > $RPM_BUILD_ROOT/%{_mandir}/man8/cracklib-unpacker.8
fi

%find_lang %{name}

%check
make test DESTDIR=$RPM_BUILD_ROOT

%ldconfig_scriptlets

%files -f %{name}.lang
%doc README README-WORDS NEWS README-LICENSE AUTHORS
%{!?_licensedir:%global license %%doc}
%license COPYING.LIB
%{_libdir}/libcrack.so.*
%dir %{_datadir}/cracklib
%{_datadir}/cracklib/cracklib.magic
%{_sbindir}/*cracklib*
%{_mandir}/man8/*

%files devel
%{_includedir}/*
%{_libdir}/libcrack.so
%{_mandir}/man3/*

%files dicts
%{_datadir}/cracklib/pw_dict.*
%{_datadir}/cracklib/cracklib-small.*
%{_libdir}/cracklib_dict.*
%{_sbindir}/mkdict
%{_sbindir}/packer

%changelog
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.9.6-27
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688

* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 2.9.6-26
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937

* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-25
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-24
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

* Mon Jul 13 2020 Tom Stellard <tstellar@redhat.com> - 2.9.6-23
- Use make macros
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro

* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-22
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild

* Fri Aug 9 2019 Tomáš Mráz <tmraz@redhat.com> - 2.9.6-21
- Drop Python 2 bindings completely

* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-20
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

* Mon Nov 26 2018 Tomáš Mráz <tmraz@redhat.com> - 2.9.6-18
- Fix regression in dictionary creation and lookup

* Wed Oct 10 2018 Tomáš Mráz <tmraz@redhat.com> - 2.9.6-17
- Fix minor bug found in the Coverity scan

* Tue Oct 9 2018 Tomáš Mráz <tmraz@redhat.com> - 2.9.6-16
- Updated translations

* Fri Jul 13 2018 Tomáš Mráz <tmraz@redhat.com> - 2.9.6-15
- The test must use the dictionary from the build

* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

* Wed Feb 21 2018 Tomáš Mráz <tmraz@redhat.com> - 2.9.6-13
- Drop Python 2 support in RHEL

* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

* Sat Feb 03 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 2.9.6-11
- Switch to %%ldconfig_scriptlets

* Wed Jan 03 2018 Iryna Shcherbina <ishcherb@redhat.com> - 2.9.6-10
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)

* Sun Aug 20 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 2.9.6-9
- Add Provides for the old name without %%_isa

* Sat Aug 19 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 2.9.6-8
- Python 2 binary package renamed to python2-cracklib
See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3

* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild

* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild

* Thu Dec 8 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.9.6-4
- fix CVE-2016-6318 - avoid overflows in GECOS handling and mangling password (#1364944)

* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.9.6-3
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages

* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

* Fri Oct 23 2015 Tomáš Mráz <tmraz@redhat.com> - 2.9.6-1
- new upstream release
- cleanup of the word lists

* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.9.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.9.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

* Fri Jul 11 2014 Tom Callaway <spot@fedoraproject.org> - 2.9.1-4
- fix license handling

* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.9.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

* Wed Feb 5 2014 Tomáš Mráz <tmraz@redhat.com> - 2.9.1-2
- move python files to libdir

* Mon Dec 9 2013 Tomáš Mráz <tmraz@redhat.com> - 2.9.1-1
- new upstream release

* Mon Dec 2 2013 Tomáš Mráz <tmraz@redhat.com> - 2.9.0-9
- update only .gmo files to avoid multilib conflicts (#1036305)

* Thu Nov 28 2013 Tomáš Mráz <tmraz@redhat.com> - 2.9.0-8
- updated translations

* Thu Oct 31 2013 Tomáš Mráz <tmraz@redhat.com> - 2.9.0-7
- do not remove any printable characters in cracklib-format

* Thu Oct 31 2013 Tomáš Mráz <tmraz@redhat.com> - 2.9.0-6
- fix the broken zh_CN translation

* Tue Sep 3 2013 Tomáš Mráz <tmraz@redhat.com> - 2.9.0-5
- make the simplistic check and the purging of special characters much
less aggressive (#1003624, #985378)

* Wed Aug 28 2013 Tomáš Mráz <tmraz@redhat.com> - 2.9.0-4
- revert compression of the dictionaries as the performance penalty is too big

* Wed Aug 21 2013 Tomáš Mráz <tmraz@redhat.com> - 2.9.0-3
- fix the python module to work with compressed dictionaries (#972542)
- fix various dictionary lookup errors (#986400, #986401)
- make the library reentrant and fix compilation warnings

* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.9.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

* Mon Jun 3 2013 Nalin Dahyabhai <nalin@redhat.com> - 2.9.0-1
- update to 2.9.0 (#970065)
- adds FascistCheckUser()
- go ahead and compress the main dictionary, since we're linking with zlib
anyway

* Tue Jan 29 2013 Nalin Dahyabhai <nalin@redhat.com> - 2.8.22-3
- point cracklib-packer and cracklib-unpacker man pages to cracklib-format
(internal tooling)

* Wed Dec 19 2012 Nalin Dahyabhai <nalin@redhat.com> - 2.8.22-2
- add missing buildrequires: on zlib-devel (#888876)

* Mon Dec 17 2012 Nalin Dahyabhai <nalin@redhat.com> - 2.8.22-1
- update to 2.8.22 (#887461), which now returns an error instead of exiting
when there's a failure opening the dictionary in FascistCheck()

* Thu Dec 13 2012 Nalin Dahyabhai <nalin@redhat.com> - 2.8.21-1
- update to 2.8.21

* Mon Dec 10 2012 Nalin Dahyabhai <nalin@redhat.com> - 2.8.20-1
- update to 2.8.20 (#885439)

* Tue Nov 20 2012 Nalin Dahyabhai <nalin@redhat.com> - 2.8.19-3
- update the copy of the debian source package to one that can currently be
retrieved using the URL we list for it

* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.8.19-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

* Fri May 18 2012 Nalin Dahyabhai <nalin@redhat.com> - 2.8.19-1
- update to 2.8.19

* Thu Jan 12 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.8.18-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.8.18-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

* Thu Jan 27 2011 Nalin Dahyabhai <nalin@redhat.com> - 2.8.18-1
- update to 2.8.18
- add man pages from Debian (#583932)
- replace zh_CN translation (related to #627449)

* Wed Jul 21 2010 David Malcolm <dmalcolm@redhat.com> - 2.8.16-4
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild

* Sat Jul 3 2010 Dan Horák <dan[at]danny.cz> - 2.8.16-3
- added gettext-autopoint as BR:

* Thu May 20 2010 Nalin Dahyabhai <nalin@redhat.com> - 2.8.16-2
- pull in changes to the Hindi translation (#589188)

* Tue Apr 20 2010 Nalin Dahyabhai <nalin@redhat.com> - 2.8.16-1
- update to 2.8.16

* Fri Jan 22 2010 Nalin Dahyabhai <nalin@redhat.com> - 2.8.15-3
- add passwords derived from rockyou breach data to the dictionaries (Matthew
Miller, #557592)

* Thu Jan 21 2010 Nalin Dahyabhai <nalin@redhat.com> - 2.8.15-2
- update license: tag
- include license file

* Tue Dec 1 2009 Nalin Dahyabhai <nalin@redhat.com> - 2.8.15-1
- update to 2.8.15
- update cracklib-words to the current version (2008-05-07)
- fixup URLs for various dictionary sources that we use
- fix freeing-an-uninitialized-pointer in the python module (SF#2907102)
- add a disttag

* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.8.13-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

* Mon May 18 2009 Nalin Dahyabhai <nalin@redhat.com> - 2.8.13-5
- add explicit dependency on gzip for the sake of cracklib-format (Daniel
Mach, #501278)

* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.8.13-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

* Thu Feb 19 2009 Nalin Dahyabhai <nalin@redhat.com> - 2.8.13-3
- drop trailing "." from the package description for the dicts
subpackage (#225659)

* Sat Nov 29 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm@gmail.com> - 2.8.13-2
- Rebuild for Python 2.6

* Tue Oct 28 2008 Nalin Dahyabhai <nalin@redhat.com> - 2.8.13-1
- update to 2.8.13, which overhauls the python bindings and revises
FascistCheck()'s behavior:
2.8.12 success: returns None, fail: returns error text, other: exceptions
2.8.13 success: returns candidate, fail: throws ValueError, other: exceptions

* Tue Oct 28 2008 Nalin Dahyabhai <nalin@redhat.com> - 2.8.12-3
- fix errors rebuilding with libtool that's newer than the one upstream
has (#467364)

* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 2.8.12-2
- Autorebuild for GCC 4.3

* Fri Jan 25 2008 Nalin Dahyabhai <nalin@redhat.com> - 2.8.12-1
- update to 2.8.12, which was relicensed to GPLv2
- package the now-bundled cracklib-small dictionary in cracklib-dicts

* Tue Aug 21 2007 Nalin Dahyabhai <nalin@redhat.com> - 2.8.10-3
- rebuild

* Mon Jul 23 2007 Nalin Dahyabhai <nalin@redhat.com>
- add a %%check script to catch things like #249210

* Mon Jul 23 2007 Nalin Dahyabhai <nalin@redhat.com> - 2.8.10-2
- work around non-executable util/cracklib-format giving us empty/garbage
dictionaries (#249210)

* Thu Jul 19 2007 Nalin Dahyabhai <nalin@redhat.com> - 2.8.10-1
- update to 2.8.10

* Wed Jun 20 2007 Nalin Dahyabhai <nalin@redhat.com> - 2.8.9-11
- improve reports of out-of-memory exceptions so that they don't include a
bogus filename
- improve reports of file-missing exceptions from the python module so that
they give the right filename (#225858)

* Mon Mar 12 2007 Nalin Dahyabhai <nalin@redhat.com> - 2.8.9-10
- explicitly include required headers from <packer.h> (#228698)
- attempt to provide doc strings in the python module

* Mon Feb 12 2007 Nalin Dahyabhai <nalin@redhat.com> - 2.8.9-9
- drop final "." from summaries (Jef Spaleta, #225659)
- drop static library from -devel subpackage (Jef Spaleta, #225659)
- note that the most recently-added wordlist came from bugzilla (#225659)
- remove explicit dependency on gzip, as it's implicit (Jef Spaleta, #225659)
- convert %%triggerpostun to not use a shell as an interpreter (#225659)

* Wed Jan 31 2007 Nalin Dahyabhai <nalin@redhat.com> - 2.8.9-8
- add word list from attachment #126053 (#185314)

* Thu Jan 25 2007 Nalin Dahyabhai <nalin@redhat.com> - 2.8.9-7
- fix check for the existence of dictionaries when the caller specifies a
location (#224347, upstream #1644628)

* Thu Dec 7 2006 Jeremy Katz <katzj@redhat.com> - 2.8.9-6
- rebuild against python 2.5

* Sun Oct 29 2006 Nalin Dahyabhai <nalin@redhat.com> - 2.8.9-5
- split out cracklib-python (#203327)

* Sun Oct 29 2006 Nalin Dahyabhai <nalin@redhat.com> - 2.8.9-4
- split out cracklib-devel (#203569)

* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2.8.9-3.1
- rebuild

* Mon Jun 12 2006 Jesse Keating <jkeating@redhat.com> - 2.8.9-3
- Add missing br, automake, libtool (#194738)

* Tue Apr 25 2006 Nalin Dahyabhai <nalin@redhat.com> - 2.8.9-2
- update to 2.8.9
- only create compat symlinks for the dictionaries if we aren't installing
them into the old locations

* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 2.8.6-1.2.1
- bump again for double-long bug on ppc(64)

* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 2.8.6-1.2
- rebuilt for new gcc4.1 snapshot and glibc changes

* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt

* Mon Nov 7 2005 Nalin Dahyabhai <nalin@redhat.com> 2.8.6-1
- update to 2.8.6
- remove .la file (#172632)

* Wed Sep 28 2005 Nalin Dahyabhai <nalin@redhat.com> 2.8.5-2
- update to 2.8.5

* Tue Sep 27 2005 Nalin Dahyabhai <nalin@redhat.com> 2.8.4-1
- update to 2.8.4
- build python module

* Fri May 13 2005 Nalin Dahyabhai <nalin@redhat.com> 2.8.3-1
- update to 2.8.3

* Thu Mar 17 2005 Nalin Dahyabhai <nalin@redhat.com> 2.8.2-1
- update to 2.8.2

* Wed Mar 16 2005 Nalin Dahyabhai <nalin@redhat.com> 2.8.1-1
- update to 2.8.1
- moves dictionary to new default location under %%{_datadir} -- the
dictionary format is the same across all architectures
- renames "packer" to "cracklib-packer"
- conflict with cracklib-dicts < 2.8, where the on-disk format was not
compatible on 64-bit arches due to now-fixed cleanliness bugs
- move binaries for manipulating and checking words against dictionaries
from -dicts into the main package

* Mon Jan 3 2005 Nalin Dahyabhai <nalin@redhat.com> 2.7-30
- rebuild

* Mon Jan 3 2005 Nalin Dahyabhai <nalin@redhat.com> 2.7-29
- correctly build on 64-bit systems (part of #143417)
- patch so that 32- and 64-bit libcrack can read dictionaries which were
incorrectly generated on 64-bit systems of the same endianness (more #143417)
- include a sample cracklib magic file
- stop using /usr/dict/* when building the dictionary
- list words as a build requirement, which it is, instead of a run-time
requirement
- provide a virtual arch-specific dep in cracklib-dicts, require it in
cracklib (part of #143417)

* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt

* Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt

* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt

* Wed Feb 4 2004 Nalin Dahyabhai <nalin@redhat.com> 2.7-26
- update URL (previous page moved) (#114894)

* Fri Jan 30 2004 Nalin Dahyabhai <nalin@redhat.com> 2.7-25
- fix ldconfig invocation in trigger for older versions which included the
soname symlink (#114620)

* Mon Dec 1 2003 Nalin Dahyabhai <nalin@redhat.com> 2.7-24
- include packer.h for reading dictionaries directly, since we already include
packer in the -dicts subpackage (#68339)
- don't include the soname symlink in the package, let ldconfig do its job

* Wed Jun 18 2003 Nalin Dahyabhai <nalin@redhat.com> 2.7-23
- rebuild

* Mon Jun 16 2003 Nalin Dahyabhai <nalin@redhat.com> 2.7-22
- rebuild

* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
- rebuilt

* Wed Apr 30 2003 Nalin Dahyabhai <nalin@redhat.com>
- update URL

* Tue Feb 04 2003 Florian La Roche <Florian.LaRoche@redhat.de>
- add symlink to shared libs

* Wed Jan 22 2003 Tim Powers <timp@redhat.com>
- rebuilt

* Wed Sep 25 2002 Nalin Dahyabhai <nalin@redhat.com> 2.7-19
- fix for builds on multilib systems (set DICTPATH properly)

* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
- automated rebuild

* Sun May 26 2002 Tim Powers <timp@redhat.com>
- automated rebuild

* Thu May 9 2002 Nalin Dahyabhai <nalin@redhat.com> 2.7-16
- rebuild in new environment

* Fri Feb 22 2002 Nalin Dahyabhai <nalin@redhat.com> 2.7-15
- rebuild

* Wed Jan 09 2002 Tim Powers <timp@redhat.com>
- automated rebuild

* Tue Oct 2 2001 Nalin Dahyabhai <nalin@redhat.com> 2.7-13
- use getpwuid_r instead of getpwuid

* Fri Aug 3 2001 Nalin Dahyabhai <nalin@redhat.com> 2.7-12
- remove cruft that ldconfig already knows how to manage
- don't explicitly strip anything -- the brp setup decides that
- tweak the header so that it can be used in C++ (#46685)
- buildprereq the words package

* Tue Jun 26 2001 Florian La Roche <Florian.LaRoche@redhat.de>
- add link from library major version number

* Sun Jun 24 2001 Elliot Lee <sopwith@redhat.com>
- Bump release + rebuild.

* Wed Jul 12 2000 Prospector <bugzilla@redhat.com>
- automatic rebuild

* Tue Jun 27 2000 Nalin Dahyabhai <nalin@redhat.com>
- FHS fixes
- fix undeclared function warnings from the new compiler
- fix URL

* Fri Apr 07 2000 Trond Eivind Glomsrød <teg@redhat.com>
- switched to use /usr/share/dict/words

* Tue Apr 06 1999 Preston Brown <pbrown@redhat.com>
- strip binaries

* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com>
- auto rebuild in the new build environment (release 4)

* Wed Jan 06 1999 Cristian Gafton <gafton@redhat.com>
- build for glibc 2.1

* Sat May 09 1998 Prospector System <bugs@redhat.com>
- translations modified for de, fr, tr

* Tue Mar 10 1998 Cristian Gafton <gafton@redhat.com>
- updated to 2.7
- build shared libraries

* Mon Nov 03 1997 Donnie Barnes <djb@redhat.com>
- added -fPIC

* Mon Oct 13 1997 Donnie Barnes <djb@redhat.com>
- basic spec file cleanups

* Mon Jun 02 1997 Erik Troan <ewt@redhat.com>
- built against glibc
Write Preview
Loading…
Cancel
Save