diff --git a/cracklib.spec b/cracklib.spec index 15b7c07d27e1e620073330be398dfcae984299f1..952ba1fa5762e7b8d92c1f68ca85a66dc613eb70 100644 --- a/cracklib.spec +++ b/cracklib.spec @@ -3,13 +3,14 @@ Name: cracklib Version: 2.9.7 -Release: 1 +Release: 2 Summary: A password-checking library License: LGPLv2+ URL: http://sourceforge.net/projects/cracklib/ Source0: https://github.com/cracklib/cracklib/releases/download/cracklib-%{version}/cracklib-%{version}.tar.gz Source1: https://github.com/cracklib/cracklib/releases/download/cracklib-%{version}/cracklib-words-%{version}.gz +Patch9000: fix-problem-of-error-message-about-simplistic-passwo.patch BuildRequires: gcc, words, gettext, gettext-autopoint, zlib-devel BuildRequires: python2-devel @@ -129,6 +130,9 @@ make test %{_libdir}/python*/site-packages/*.py* %changelog +* Sat Jan 18 2020 openEuler Buildteam - 2.9.7-2 +- fix problem of error message about simplistic password + * Fri Jan 10 2020 openEuler Buildteam - 2.9.7-1 - clean code diff --git a/fix-problem-of-error-message-about-simplistic-passwo.patch b/fix-problem-of-error-message-about-simplistic-passwo.patch new file mode 100644 index 0000000000000000000000000000000000000000..986a6484f688d676b2137dc8c5edd3d6077f7307 --- /dev/null +++ b/fix-problem-of-error-message-about-simplistic-passwo.patch @@ -0,0 +1,126 @@ +From e97dc89876ffd790aed93cc18c13c16bd2263f68 Mon Sep 17 00:00:00 2001 +From: openEuler Buildteam +Date: Sat, 18 Jan 2020 14:08:23 +0800 +Subject: [PATCH] fix problem of error message about simplistic password + +Signed-off-by: openEuler Buildteam +--- + lib/fascist.c | 33 ++++++++++++++++++++++++++++----- + util/cracklib-format | 10 ++++++---- + 2 files changed, 34 insertions(+), 9 deletions(-) + +diff --git a/lib/fascist.c b/lib/fascist.c +index c5a018c..a1a8564 100644 +--- a/lib/fascist.c ++++ b/lib/fascist.c +@@ -55,7 +55,6 @@ static char *r_destructors[] = { + + "/?p@?p", /* purging out punctuation/symbols/junk */ + "/?s@?s", +- "/?X@?X", + + /* attempt reverse engineering of password strings */ + +@@ -452,6 +451,12 @@ GTry(rawtext, password) + continue; + } + ++ if (len - strlen(mp) >= 3) ++ { ++ /* purged too much */ ++ continue; ++ } ++ + #ifdef DEBUG + printf("%-16s = %-16s (destruct %s)\n", mp, rawtext, r_destructors[i]); + #endif +@@ -478,6 +483,12 @@ GTry(rawtext, password) + continue; + } + ++ if (len - strlen(mp) >= 3) ++ { ++ /* purged too much */ ++ continue; ++ } ++ + #ifdef DEBUG + printf("%-16s = %-16s (construct %s)\n", mp, password, r_constructors[i]); + #endif +@@ -705,6 +716,7 @@ FascistLookUser(PWDICT *pwp, char *instring, + char *password; + char rpassword[STRINGSIZE]; + uint32_t notfound; ++ int len; + + notfound = PW_WORDS(pwp); + /* already truncated if from FascistCheck() */ +@@ -754,6 +766,7 @@ FascistLookUser(PWDICT *pwp, char *instring, + return _("it is all whitespace"); + } + ++ len = strlen(password); + i = 0; + ptr = password; + while (ptr[0] && ptr[1]) +@@ -765,10 +778,7 @@ FascistLookUser(PWDICT *pwp, char *instring, + ptr++; + } + +- /* Change by Ben Karsin from ITS at University of Hawaii at Manoa. Static MAXSTEP +- would generate many false positives for long passwords. */ +- maxrepeat = 3+(0.09*strlen(password)); +- if (i > maxrepeat) ++ if (len - i < MINLEN) + { + return _("it is too simplistic/systematic"); + } +@@ -801,6 +811,12 @@ FascistLookUser(PWDICT *pwp, char *instring, + continue; + } + ++ if (len - strlen(a) >= 3) ++ { ++ /* purged too much */ ++ continue; ++ } ++ + #ifdef DEBUG + printf("%-16s (dict)\n", a); + #endif +@@ -821,6 +837,13 @@ FascistLookUser(PWDICT *pwp, char *instring, + { + continue; + } ++ ++ if (len - strlen(a) >= 3) ++ { ++ /* purged too much */ ++ continue; ++ } ++ + #ifdef DEBUG + printf("%-16s (reversed dict)\n", a); + #endif +diff --git a/util/cracklib-format b/util/cracklib-format +index 1d7be5b..360d109 100755 +--- a/util/cracklib-format ++++ b/util/cracklib-format +@@ -3,8 +3,10 @@ + # This preprocesses a set of word lists into a suitable form for input + # into cracklib-packer + # ++LC_ALL=C ++export LC_ALL + gzip -cdf "$@" | +- grep -v '^\(#\|$\)' | +- tr '[A-Z]' '[a-z]' | +- tr -cd '\012[a-z][0-9]' | +- env LC_ALL=C sort -u ++ grep -a -E -v '^.{30,}$' | ++ tr '[:upper:]' '[:lower:]' | ++ sed s/[[:space:]]//g | ++ sort -u +-- +1.8.3.1 +