diff --git a/cracklib-2.9.7-simplistic.patch b/0001-PATCH-cracklib-2.9.8-simplistic.patch similarity index 78% rename from cracklib-2.9.7-simplistic.patch rename to 0001-PATCH-cracklib-2.9.8-simplistic.patch index 00fd8576290c827cfd02168ed67bf5fcff1cbd3a..f54dc36f7c1f9f9cce0dacb1ca76067d0b3d9d74 100644 --- a/cracklib-2.9.7-simplistic.patch +++ b/0001-PATCH-cracklib-2.9.8-simplistic.patch @@ -1,5 +1,5 @@ diff --git a/lib/fascist.c b/lib/fascist.c -index c5a018c..dc74ca9 100644 +index c5a018c..a1a8564 100644 --- a/lib/fascist.c +++ b/lib/fascist.c @@ -55,7 +55,6 @@ static char *r_destructors[] = { @@ -52,7 +52,7 @@ index c5a018c..dc74ca9 100644 i = 0; ptr = password; while (ptr[0] && ptr[1]) -@@ -765,10 +778,9 @@ FascistLookUser(PWDICT *pwp, char *instring, +@@ -765,10 +778,7 @@ FascistLookUser(PWDICT *pwp, char *instring, ptr++; } @@ -60,13 +60,11 @@ index c5a018c..dc74ca9 100644 - would generate many false positives for long passwords. */ - maxrepeat = 3+(0.09*strlen(password)); - if (i > maxrepeat) -+ /* We were still generating false positives for long passwords. -+ Just count systematic double as a single character. */ + if (len - i < MINLEN) { return _("it is too simplistic/systematic"); } -@@ -801,6 +813,12 @@ FascistLookUser(PWDICT *pwp, char *instring, +@@ -801,6 +811,12 @@ FascistLookUser(PWDICT *pwp, char *instring, continue; } @@ -79,7 +77,7 @@ index c5a018c..dc74ca9 100644 #ifdef DEBUG printf("%-16s (dict)\n", a); #endif -@@ -821,6 +839,13 @@ FascistLookUser(PWDICT *pwp, char *instring, +@@ -821,6 +837,13 @@ FascistLookUser(PWDICT *pwp, char *instring, { continue; } @@ -94,24 +92,32 @@ index c5a018c..dc74ca9 100644 printf("%-16s (reversed dict)\n", a); #endif diff --git a/util/cracklib-format b/util/cracklib-format -index 1d7be5b..0a2caa5 100644 +index c133d75..360d109 100755 --- a/util/cracklib-format +++ b/util/cracklib-format -@@ -3,8 +3,10 @@ +@@ -3,17 +3,10 @@ # This preprocesses a set of word lists into a suitable form for input # into cracklib-packer # +-# Truncates lines longer than 1022 characters long as cracklib-packer +-# does not handle them correctly. +-# +-# The last part of the pipeline uses 'grep -v' to remove any blank +-# lines (possibly introduced by earlier parts of the pipeline) as +-# cracklib-packer will generate "skipping line" warnings otherwise. +-# +LC_ALL=C +export LC_ALL gzip -cdf "$@" | -- grep -v '^\(#\|$\)' | +- grep -a -v '^#' | - tr '[A-Z]' '[a-z]' | - tr -cd '\012[a-z][0-9]' | +- cut -c 1-1022 | +- grep -v '^$' | - env LC_ALL=C sort -u + grep -a -E -v '^.{32,}$' | + tr '[:upper:]' '[:lower:]' | + tr -cd '\n[:graph:]' | + sort -u -- -2.34.1 - +2.34.1 \ No newline at end of file diff --git a/0002-PATCH-fix-truncating-dict-file-without-input-data.patch b/0002-PATCH-fix-truncating-dict-file-without-input-data.patch new file mode 100644 index 0000000000000000000000000000000000000000..e7c92662e1b9c7cc1f7c2bedb3768188bbb8e472 --- /dev/null +++ b/0002-PATCH-fix-truncating-dict-file-without-input-data.patch @@ -0,0 +1,54 @@ +diff --git a/util/packer.c b/util/packer.c +index e3f9500..4867641 100644 +--- a/util/packer.c ++++ b/util/packer.c +@@ -22,6 +22,7 @@ main(argc, argv) + PWDICT *pwp; + char buffer[STRINGSIZE], prev[STRINGSIZE]; + char *file; ++ char opened = 0; + + if (argc <= 1) + { +@@ -39,12 +40,6 @@ main(argc, argv) + return (-1); + } + +- if (!(pwp = PWOpen(file, "w"))) +- { +- perror(file); +- return (-1); +- } +- + wrote = 0; + prev[0] = '\0'; + +@@ -62,6 +57,16 @@ main(argc, argv) + continue; + } + ++ if (!opened) ++ { ++ if (!(pwp = PWOpen(file, "w"))) ++ { ++ perror(file); ++ return (-1); ++ } ++ opened = 1; ++ } ++ + /* + * If this happens, strcmp() in FindPW() in packlib.c will be unhappy. + */ +@@ -79,7 +84,8 @@ main(argc, argv) + wrote++; + } + +- PWClose(pwp); ++ if (opened) ++ PWClose(pwp); + + printf("%lu %lu\n", readed, wrote); + +-- +2.33.0 \ No newline at end of file diff --git a/cracklib-2.9.7.tar.bz2 b/cracklib-2.9.7.tar.bz2 deleted file mode 100644 index 04e0a9072b58ed4af418336e83a163d117df76f4..0000000000000000000000000000000000000000 Binary files a/cracklib-2.9.7.tar.bz2 and /dev/null differ diff --git a/cracklib-2.9.8.tar.gz b/cracklib-2.9.8.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..f97200c5d07cf6efc51019bee73f2212e9a4e89a Binary files /dev/null and b/cracklib-2.9.8.tar.gz differ diff --git a/cracklib-words-2.9.7.bz2 b/cracklib-words-2.9.8.gz similarity index 40% rename from cracklib-words-2.9.7.bz2 rename to cracklib-words-2.9.8.gz index b29dbf1ae58e566f3beb5ac80cf5555eec350c37..edef8b20ed5b97dbe507ef0f22dcc33249c5d169 100644 Binary files a/cracklib-words-2.9.7.bz2 and b/cracklib-words-2.9.8.gz differ diff --git a/cracklib.spec b/cracklib.spec index 419554772ed873404d1c3583d27ba6bd389d289a..09f1cb636a1e630c7d0b9273af37c3e683f604e3 100644 --- a/cracklib.spec +++ b/cracklib.spec @@ -1,19 +1,20 @@ -%define anolis_release 2 +%define anolis_release 1 %bcond_without python3 %define dictdir %{_datadir}/cracklib %define dictpath %{dictdir}/pw_dict -Name: cracklib -Version: 2.9.7 -Release: %{anolis_release}%{?dist} -Summary: A password-checking library +Name: cracklib +Version: 2.9.8 +Release: %{anolis_release}%{?dist} +Summary: A password-checking library +License: LGPLv2+ +URL: https://github.com/cracklib/cracklib/ +Source0: https://github.com/cracklib/cracklib/releases/download/v%{version}/cracklib-%{version}.tar.gz +Source1: https://github.com/cracklib/cracklib/releases/download/v%{version}/cracklib-words-%{version}.gz -License: LGPLv2+ -URL: http://sourceforge.net/projects/cracklib/ -Source0: https://github.com/cracklib/cracklib/releases/download/v%{version}/cracklib-%{version}.tar.bz2 -Source1: https://github.com/cracklib/cracklib/releases/download/v%{version}/cracklib-words-%{version}.bz2 -Patch1: cracklib-2.9.7-simplistic.patch +Patch1: 0001-PATCH-cracklib-2.9.8-simplistic.patch +Patch2: 0002-PATCH-fix-truncating-dict-file-without-input-data.patch BuildRequires: gcc, words, gettext, gettext-autopoint, zlib-devel %if %{with python3} @@ -22,10 +23,10 @@ BuildRequires: python3-devel Conflicts: cracklib-dicts < 2.8 Requires: gzip -Provides: cracklib-dicts +Provides: cracklib-dicts = %{version}-%{release} Provides: %{name}-python = %{version}-%{release} Provides: %{name}-python%{?_isa} = %{version}-%{release} -Obsoletes: cracklib-dicts +Obsoletes: cracklib-dicts < %{version}-%{release} Obsoletes: %{name}-python < %{version}-%{release} %description @@ -57,13 +58,21 @@ The python3-cracklib package contains a module which permits applications written in the Python 3 programming language to use cracklib. %endif +%package doc +Summary: Documentation files for %{name} +Requires: %{name} = %{version}-%{release} +BuildArch: noarch + +%description doc +The %{name}-doc package contains documentation files for %{name}. + %prep %autosetup -n %{name}-%{version} -p1 mkdir cracklib-dicts for dict in %{SOURCE1} do - cp -fv ${dict} cracklib-dicts/ + cp -fv ${dict} cracklib-dicts/ done chmod +x util/cracklib-format @@ -115,7 +124,9 @@ ln -s $toprelpath%{dictpath}.pwi $RPM_BUILD_ROOT/%{_libdir}/cracklib_dict.pwi fi rm -f $RPM_BUILD_ROOT/%{_libdir}/python*/site-packages/_cracklib*.*a rm -f $RPM_BUILD_ROOT/%{_libdir}/libcrack.la - + +%generate_compatibility_deps + %find_lang %{name} %check @@ -125,12 +136,14 @@ make test %files -f %{name}.lang %defattr(-,root,root) -%doc README-LICENSE AUTHORS %license COPYING.LIB +%dir %{abidir} %{_sbindir}/*cracklib* %{_sbindir}/mkdict %{_sbindir}/packer +%{abidir}/*cracklib*-option.list %{_libdir}/libcrack.so.* +%{abidir}/libcrack.dump %{_libdir}/cracklib_dict.* %dir %{_datadir}/cracklib %config(noreplace) %{_datadir}/cracklib/pw_dict.* @@ -144,11 +157,18 @@ make test %if %{with python3} %files -n python3-cracklib %{_libdir}/python3*/site-packages/_cracklib*.so +%{abidir}/_cracklib.dump %{_libdir}/python3*/site-packages/*.py* %{_libdir}/python3*/site-packages/__pycache__/* %endif +%files doc +%doc README-LICENSE AUTHORS + %changelog +* Mon Jan 9 2023 Guyu Wang - 2.9.8-1 +- Update to 2.9.8 + * Mon Aug 15 2022 Chunmei Xu - 2.9.7-2 - fix cracklib dicts