Compare commits
58 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
96414c8d51 | ||
|
ca8a641b1a | ||
|
07357a4c99 | ||
|
d05a692008 | ||
|
e93c24ac81 | ||
|
0e60ba4c41 | ||
|
9399460d6a | ||
|
027424d77b | ||
|
8c3df02286 | ||
|
8cbc5e0761 | ||
|
4f79a55d9d | ||
|
f1b5fbef42 | ||
|
e5ff945d65 | ||
|
2f1f7e4262 | ||
|
6b4c7dfb86 | ||
|
876215746b | ||
|
7fe6b961d5 | ||
|
dbeb79db34 | ||
|
4536be56fa | ||
|
9d87276f7b | ||
|
dcf95b732f | ||
|
f583cba4c3 | ||
|
996e4bef29 | ||
|
57c1a16e87 | ||
|
68801fc7e2 | ||
|
3542e5e4c7 | ||
|
3503e8edf7 | ||
|
9110c6134e | ||
|
eed06f2621 | ||
|
74c8a1f39c | ||
|
0ce13aa758 | ||
|
029be6a36f | ||
|
6311e5981a | ||
|
b945156ea7 | ||
|
d844e8318c | ||
|
491df991d4 | ||
|
61384f5443 | ||
|
96c24da63b | ||
|
c04606903b | ||
|
b8eaf28911 | ||
|
1604bf4577 | ||
|
379be8cd72 | ||
|
5ca6eb3ac2 | ||
|
0bf6befb28 | ||
|
ba4fef6209 | ||
|
79b5fd34e0 | ||
|
2291a74e85 | ||
|
fcbd95e824 | ||
|
301b438db1 | ||
|
ec87306b29 | ||
|
ecaa219e35 | ||
|
53ee8b67a3 | ||
|
7f15ce4c18 | ||
|
6c1fe3cd27 | ||
|
69a8fd30b6 | ||
|
c4a077df2a | ||
|
ba62c391b2 | ||
|
ead9eea402 |
8
.gitignore
vendored
8
.gitignore
vendored
@ -1 +1,7 @@
|
||||
yp-tools-2.9.tar.bz2
|
||||
yp-tools-2.11.tar.bz2
|
||||
/yp-tools-2.12.tar.bz2
|
||||
/yp-tools-2.14.tar.bz2
|
||||
/yp-tools-3.0.1.tar.bz2
|
||||
/yp-tools-3.3.tar.bz2
|
||||
/yp-tools-yp-tools-4.2.2.tar.gz
|
||||
/v4.2.3.tar.gz
|
||||
|
2
sources
2
sources
@ -1 +1 @@
|
||||
19de06a04129ec26773f9198e086fcd4 yp-tools-2.9.tar.bz2
|
||||
SHA512 (v4.2.3.tar.gz) = 2fcdaaeb8af4c3f62aa571a488c04561356681fc18b919ef728cfc1941578870cce74b136959f49e4ab04f988a79252163c1abe30b357788cb0b5faca7b5d147
|
||||
|
@ -1,226 +0,0 @@
|
||||
diff -up yp-tools-2.10/src/yppasswd.c.passwords yp-tools-2.10/src/yppasswd.c
|
||||
--- yp-tools-2.10/src/yppasswd.c.passwords 2004-06-21 14:12:24.000000000 +0200
|
||||
+++ yp-tools-2.10/src/yppasswd.c 2010-04-16 11:32:58.931877499 +0200
|
||||
@@ -50,6 +50,8 @@
|
||||
#include <libintl.h>
|
||||
#include <sys/param.h>
|
||||
#include <sys/stat.h>
|
||||
+#include <sys/types.h>
|
||||
+#include <fcntl.h>
|
||||
#include <rpcsvc/yp_prot.h>
|
||||
#include <rpcsvc/ypclnt.h>
|
||||
#ifdef HAVE_RPC_CLNT_SOC_H
|
||||
@@ -368,6 +370,49 @@ getfield (char *gecos, char *field, int
|
||||
return sp;
|
||||
}
|
||||
|
||||
+#define DES 0
|
||||
+#define MD5 1
|
||||
+#define SHA_256 5
|
||||
+#define SHA_512 6
|
||||
+
|
||||
+static int
|
||||
+get_hash_id (const char *passwd)
|
||||
+{
|
||||
+ int hash_id = DES;
|
||||
+ if (strncmp(passwd, "$1$", 3) == 0)
|
||||
+ hash_id = MD5;
|
||||
+ else if (strncmp(passwd, "$5$", 3) == 0)
|
||||
+ hash_id = SHA_256;
|
||||
+ else if (strncmp(passwd, "$6$", 3) == 0)
|
||||
+ hash_id = SHA_512;
|
||||
+ return hash_id;
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+get_passwd_len (const char *passwd)
|
||||
+{
|
||||
+ static const char *allowed_chars =
|
||||
+ "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./";
|
||||
+ int passwdlen = strlen (passwd);
|
||||
+ int hash_id = get_hash_id (passwd);
|
||||
+
|
||||
+ /* Some systems (HPU/X) store the password aging info after
|
||||
+ * the password (with a comma to separate it). To support
|
||||
+ * this we cut the password after the first invalid char
|
||||
+ * after the normal 13 ones - in the case of MD5 and DES.
|
||||
+ * We can't cut at the first invalid char, since MD5
|
||||
+ * uses $ in the first char. In case of SHA-2 we are looking
|
||||
+ * for first invalid char after the 38 ones.
|
||||
+ */
|
||||
+ if (passwdlen > 13 && (hash_id == DES || hash_id == MD5))
|
||||
+ passwdlen = 13 + strspn (passwd + 13, allowed_chars);
|
||||
+
|
||||
+ if (passwdlen > 38 && (hash_id == SHA_256 || hash_id == SHA_512))
|
||||
+ passwdlen = 38 + strspn (passwd + 38, allowed_chars);
|
||||
+
|
||||
+ return passwdlen;
|
||||
+}
|
||||
+
|
||||
#if ! defined(USE_CRACKLIB) || defined(USE_CRACKLIB_STRICT)
|
||||
/* this function will verify the user's password
|
||||
* for some silly things. If we're using cracklib, then
|
||||
@@ -379,6 +424,7 @@ verifypassword (struct passwd *pwd, char
|
||||
{
|
||||
char *p, *q;
|
||||
int ucase, lcase, other, r;
|
||||
+ int passwdlen;
|
||||
|
||||
if ((strlen (pwdstr) < 6) && uid)
|
||||
{
|
||||
@@ -401,8 +447,9 @@ verifypassword (struct passwd *pwd, char
|
||||
return 0;
|
||||
}
|
||||
|
||||
+ passwdlen = get_passwd_len (pwd->pw_passwd);
|
||||
if (pwd->pw_passwd[0]
|
||||
- && !strncmp (pwd->pw_passwd, crypt (pwdstr, pwd->pw_passwd), 13)
|
||||
+ && !strncmp (pwd->pw_passwd, crypt (pwdstr, pwd->pw_passwd), passwdlen)
|
||||
&& uid)
|
||||
{
|
||||
fputs (_("You cannot reuse the old password.\n"), stderr);
|
||||
@@ -436,11 +483,43 @@ verifypassword (struct passwd *pwd, char
|
||||
|
||||
#endif
|
||||
|
||||
+#define bin_to_ascii(c) ((c)>=38?((c)-38+'a'):(c)>=12?((c)-12+'A'):(c)+'.')
|
||||
+
|
||||
+static void
|
||||
+create_random_salt (char *salt, int num_chars)
|
||||
+{
|
||||
+ int fd;
|
||||
+ unsigned char c;
|
||||
+ int i;
|
||||
+ int res;
|
||||
+
|
||||
+ fd = open ("/dev/urandom", O_RDONLY);
|
||||
+
|
||||
+ for (i = 0; i < num_chars; i++)
|
||||
+ {
|
||||
+ res = 0;
|
||||
+ if (fd != 0)
|
||||
+ res = read (fd, &c, 1);
|
||||
+
|
||||
+ if (res != 1)
|
||||
+ c = random ();
|
||||
+
|
||||
+ salt[i] = bin_to_ascii (c & 0x3f);
|
||||
+ }
|
||||
+
|
||||
+ salt[num_chars] = 0;
|
||||
+
|
||||
+ if (fd != 0)
|
||||
+ close (fd);
|
||||
+}
|
||||
+
|
||||
int
|
||||
main (int argc, char **argv)
|
||||
{
|
||||
char *s, *progname, *domainname = NULL, *user = NULL, *master = NULL;
|
||||
int f_flag = 0, l_flag = 0, p_flag = 0, error, status;
|
||||
+ int hash_id = DES;
|
||||
+ char rounds[11] = "\0"; /* max length is '999999999$' */
|
||||
struct yppasswd yppwd;
|
||||
struct passwd *pwd;
|
||||
CLIENT *clnt;
|
||||
@@ -451,6 +530,8 @@ main (int argc, char **argv)
|
||||
bindtextdomain (PACKAGE, LOCALEDIR);
|
||||
textdomain (PACKAGE);
|
||||
|
||||
+ srandom (time (NULL));
|
||||
+
|
||||
if ((s = strrchr (argv[0], '/')) != NULL)
|
||||
progname = s + 1;
|
||||
else
|
||||
@@ -642,27 +723,22 @@ main (int argc, char **argv)
|
||||
cp = stpcpy (hashpass, "##");
|
||||
strcpy (cp, pwd->pw_name);
|
||||
|
||||
+ hash_id = get_hash_id (pwd->pw_passwd);
|
||||
+
|
||||
+ /* Preserve 'rounds=<N>$' (if present) in case of SHA-2 */
|
||||
+ if (hash_id == SHA_256 || hash_id == SHA_512)
|
||||
+ {
|
||||
+ if (strncmp (pwd->pw_passwd + 3, "rounds=", 7) == 0)
|
||||
+ strncpy (rounds, pwd->pw_passwd + 10, strcspn (pwd->pw_passwd + 10, "$") + 1);
|
||||
+ }
|
||||
+
|
||||
/* We can't check the password with shadow passwords enabled. We
|
||||
* leave the checking to yppasswdd */
|
||||
if (uid != 0 && strcmp (pwd->pw_passwd, "x") != 0 &&
|
||||
strcmp (pwd->pw_passwd, hashpass ) != 0)
|
||||
{
|
||||
- int passwdlen;
|
||||
- char *sane_passwd;
|
||||
- passwdlen = strlen (pwd->pw_passwd);
|
||||
- /* Some systems (HPU/X) store the password aging info after
|
||||
- * the password (with a comma to separate it). To support
|
||||
- * this we cut the password after the first invalid char
|
||||
- * after the normal 13 ones. We can't cut at the first
|
||||
- * invalid char, since MD5 uses $ in the first char.
|
||||
- */
|
||||
- if (passwdlen > 13)
|
||||
- passwdlen = 13 + strspn(pwd->pw_passwd + 13,
|
||||
- "abcdefghijklmnopqrstuvwxyz"
|
||||
- "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
|
||||
- "0123456789./");
|
||||
-
|
||||
- sane_passwd = alloca (passwdlen + 1);
|
||||
+ int passwdlen = get_passwd_len (pwd->pw_passwd);
|
||||
+ char *sane_passwd = alloca (passwdlen + 1);
|
||||
strncpy (sane_passwd, pwd->pw_passwd, passwdlen);
|
||||
sane_passwd[passwdlen] = 0;
|
||||
if (strcmp (crypt (s, sane_passwd), sane_passwd))
|
||||
@@ -676,13 +752,11 @@ main (int argc, char **argv)
|
||||
|
||||
if (p_flag)
|
||||
{
|
||||
-#define bin_to_ascii(c) ((c)>=38?((c)-38+'a'):(c)>=12?((c)-12+'A'):(c)+'.')
|
||||
#ifdef USE_CRACKLIB
|
||||
char *error_msg;
|
||||
#endif /* USE_CRACKLIB */
|
||||
- char *buf, salt[2], *p = NULL;
|
||||
+ char *buf, salt[37], *p = NULL;
|
||||
int tries = 0;
|
||||
- time_t tm;
|
||||
|
||||
buf = (char *) malloc (129);
|
||||
|
||||
@@ -733,9 +807,34 @@ main (int argc, char **argv)
|
||||
}
|
||||
}
|
||||
|
||||
- time (&tm);
|
||||
- salt[0] = bin_to_ascii (tm & 0x3f);
|
||||
- salt[1] = bin_to_ascii ((tm >> 6) & 0x3f);
|
||||
+ switch (hash_id)
|
||||
+ {
|
||||
+ case DES:
|
||||
+ create_random_salt (salt, 2);
|
||||
+ break;
|
||||
+
|
||||
+ case MD5:
|
||||
+ /* The user already had a MD5 password, so it's safe to
|
||||
+ * use a MD5 password again */
|
||||
+ strcpy (salt, "$1$");
|
||||
+ create_random_salt (salt + 3, 8);
|
||||
+ break;
|
||||
+
|
||||
+ case SHA_256:
|
||||
+ case SHA_512:
|
||||
+ /* The user already had a SHA-2 password, so it's safe to
|
||||
+ * use a SHA-2 password again */
|
||||
+ snprintf (salt, 4, "$%d$", hash_id);
|
||||
+ if (strlen (rounds) != 0)
|
||||
+ {
|
||||
+ strcpy (salt + 3, "rounds=");
|
||||
+ strcpy (salt + 3 + 7, rounds);
|
||||
+ create_random_salt (salt + 3 + 7 + strlen (rounds), 16);
|
||||
+ }
|
||||
+ else
|
||||
+ create_random_salt (salt + 3, 16);
|
||||
+ break;
|
||||
+ }
|
||||
|
||||
yppwd.newpw.pw_passwd = strdup (crypt (buf, salt));
|
||||
}
|
@ -1,11 +0,0 @@
|
||||
diff -up yp-tools-2.11/src/yppasswd.c.shadow yp-tools-2.11/src/yppasswd.c
|
||||
--- yp-tools-2.11/src/yppasswd.c.shadow 2010-04-20 15:31:59.000000000 +0200
|
||||
+++ yp-tools-2.11/src/yppasswd.c 2010-11-19 18:37:14.931766315 +0100
|
||||
@@ -449,6 +449,7 @@ verifypassword (struct passwd *pwd, char
|
||||
|
||||
passwdlen = get_passwd_len (pwd->pw_passwd);
|
||||
if (pwd->pw_passwd[0]
|
||||
+ && 0 != strcmp (pwd->pw_passwd, "x") /* don't check shadow passwords */
|
||||
&& !strncmp (pwd->pw_passwd, crypt (pwdstr, pwd->pw_passwd), passwdlen)
|
||||
&& uid)
|
||||
{
|
11
yp-tools-2.12-adjunct.patch
Normal file
11
yp-tools-2.12-adjunct.patch
Normal file
@ -0,0 +1,11 @@
|
||||
diff -up yp-tools-2.12/src/yppasswd.c.adjunct yp-tools-2.12/src/yppasswd.c
|
||||
--- yp-tools-2.12/src/yppasswd.c.adjunct 2012-04-23 13:17:47.000988833 +0200
|
||||
+++ yp-tools-2.12/src/yppasswd.c 2012-04-23 13:18:01.209802938 +0200
|
||||
@@ -774,6 +775,7 @@
|
||||
/* We can't check the password with shadow passwords enabled. We
|
||||
* leave the checking to yppasswdd */
|
||||
if (uid != 0 && strcmp (pwd->pw_passwd, "x") != 0 &&
|
||||
+ 0 != strncmp (pwd->pw_passwd, "##", 2) && /* don't check passwords using passwd.adjunct feature */
|
||||
strcmp (pwd->pw_passwd, hashpass ) != 0)
|
||||
{
|
||||
int passwdlen = get_passwd_len (pwd->pw_passwd);
|
44
yp-tools-2.12-crypt.patch
Normal file
44
yp-tools-2.12-crypt.patch
Normal file
@ -0,0 +1,44 @@
|
||||
diff -up yp-tools-2.12/src/yppasswd.c.crypt yp-tools-2.12/src/yppasswd.c
|
||||
--- yp-tools-2.12/src/yppasswd.c.crypt 2012-04-23 13:01:35.599721168 +0200
|
||||
+++ yp-tools-2.12/src/yppasswd.c 2012-04-23 13:16:18.251261293 +0200
|
||||
@@ -772,9 +778,16 @@ main (int argc, char **argv)
|
||||
{
|
||||
int passwdlen = get_passwd_len (pwd->pw_passwd);
|
||||
char *sane_passwd = alloca (passwdlen + 1);
|
||||
+ char *crypted;
|
||||
strncpy (sane_passwd, pwd->pw_passwd, passwdlen);
|
||||
sane_passwd[passwdlen] = 0;
|
||||
- if (strcmp (crypt (s, sane_passwd), sane_passwd))
|
||||
+ crypted = crypt (s, sane_passwd);
|
||||
+ if(crypted == NULL)
|
||||
+ {
|
||||
+ fprintf (stderr, _("Sorry - crypt() failed.\n"));
|
||||
+ return 1;
|
||||
+ }
|
||||
+ if (strcmp (crypted, sane_passwd))
|
||||
{
|
||||
fprintf (stderr, _("Sorry.\n"));
|
||||
return 1;
|
||||
@@ -789,6 +802,7 @@ main (int argc, char **argv)
|
||||
char *error_msg;
|
||||
#endif /* USE_CRACKLIB */
|
||||
char *buf, salt[37], *p = NULL;
|
||||
+ char *crypted;
|
||||
int tries = 0;
|
||||
|
||||
buf = (char *) malloc (129);
|
||||
@@ -869,7 +883,13 @@ main (int argc, char **argv)
|
||||
break;
|
||||
}
|
||||
|
||||
- yppwd.newpw.pw_passwd = strdup (crypt (buf, salt));
|
||||
+ crypted = crypt (buf, salt);
|
||||
+ if(crypted == NULL) {
|
||||
+ fprintf (stderr, _("Sorry - crypt() failed.\n"));
|
||||
+ return 1;
|
||||
+ } else {
|
||||
+ yppwd.newpw.pw_passwd = strdup (crypted);
|
||||
+ }
|
||||
}
|
||||
|
||||
if (f_flag)
|
68
yp-tools-2.12-hash.patch
Normal file
68
yp-tools-2.12-hash.patch
Normal file
@ -0,0 +1,68 @@
|
||||
diff -up yp-tools-2.12/man/yppasswd.1.in.hash yp-tools-2.12/man/yppasswd.1.in
|
||||
--- yp-tools-2.12/man/yppasswd.1.in.hash 2011-09-09 16:18:49.469037058 +0200
|
||||
+++ yp-tools-2.12/man/yppasswd.1.in 2011-09-09 16:20:19.101030930 +0200
|
||||
@@ -81,6 +81,12 @@ for authentication with the
|
||||
.BR yppasswdd (8)
|
||||
daemon. Subsequently, the
|
||||
program prompts for the updated information:
|
||||
+.P
|
||||
+If we use shadowing passwords using passwd.adjunct, SHA-512 will be
|
||||
+used for hashing a new password by default. If we want to use MD5,
|
||||
+SHA_256 or older DES, we need to set the environment variable
|
||||
+YP_PASSWD_HASH. Possible values are "DES", "MD5", "SHA-256" and
|
||||
+"SHA-512" (value is case-insensitive).
|
||||
.\"
|
||||
.\"
|
||||
.IP "\fByppasswd\fP or \fB-p\fP"
|
||||
diff -up yp-tools-2.12/src/yppasswd.c.hash yp-tools-2.12/src/yppasswd.c
|
||||
--- yp-tools-2.12/src/yppasswd.c.hash 2011-09-09 16:20:35.360029823 +0200
|
||||
+++ yp-tools-2.12/src/yppasswd.c 2011-09-09 16:25:21.589010245 +0200
|
||||
@@ -514,6 +514,32 @@ create_random_salt (char *salt, int num_
|
||||
close (fd);
|
||||
}
|
||||
|
||||
+
|
||||
+/*
|
||||
+ * Reads environment variable YP_PASSWD_HASH and returns hash id.
|
||||
+ * Possible values are MD5, SHA-256, SHA-512 and DES.
|
||||
+ * If other value is set or it is not set at all, SHA-512 is used.
|
||||
+ */
|
||||
+static int
|
||||
+get_env_hash_id()
|
||||
+{
|
||||
+ const char *v = getenv("YP_PASSWD_HASH");
|
||||
+ if (!v)
|
||||
+ return SHA_512;
|
||||
+
|
||||
+ if (!strcasecmp(v, "DES"))
|
||||
+ return DES;
|
||||
+
|
||||
+ if (!strcasecmp(v, "SHA-256"))
|
||||
+ return SHA_256;
|
||||
+
|
||||
+ if (!strcasecmp(v, "MD5"))
|
||||
+ return MD5;
|
||||
+
|
||||
+ return SHA_512;
|
||||
+}
|
||||
+
|
||||
+
|
||||
int
|
||||
main (int argc, char **argv)
|
||||
{
|
||||
@@ -723,6 +749,15 @@ main (int argc, char **argv)
|
||||
|
||||
hash_id = get_hash_id (pwd->pw_passwd);
|
||||
|
||||
+ /* If we use passwd.adjunct, there is no magic value like $1$ in the
|
||||
+ * beginning of password, but ##username instead. Thus, SHA_512 will be
|
||||
+ * used for hashing a new password by default. If we want to use DES,
|
||||
+ * MD5 or SHA_256, we need to set the environment variable
|
||||
+ * YP_PASSWD_HASH (e.g. YP_PASSWD_HASH=DES).
|
||||
+ */
|
||||
+ if (strncmp(pwd->pw_passwd, "##", 2) == 0)
|
||||
+ hash_id = get_env_hash_id();
|
||||
+
|
||||
/* Preserve 'rounds=<N>$' (if present) in case of SHA-2 */
|
||||
if (hash_id == SHA_256 || hash_id == SHA_512)
|
||||
{
|
24
yp-tools-3.3-no-nss-nis6.patch
Normal file
24
yp-tools-3.3-no-nss-nis6.patch
Normal file
@ -0,0 +1,24 @@
|
||||
diff -ru yp-tools-3.3-orig/Makefile.am yp-tools-3.3/Makefile.am
|
||||
--- yp-tools-3.3-orig/Makefile.am 2014-10-29 15:28:02.000000000 +0100
|
||||
+++ yp-tools-3.3/Makefile.am 2014-12-10 18:47:11.864137423 +0100
|
||||
@@ -5,7 +5,7 @@
|
||||
#
|
||||
AUTOMAKE_OPTIONS = 1.5 gnits dist-bzip2
|
||||
#
|
||||
-SUBDIRS = lib src nss_nis6 po man etc
|
||||
+SUBDIRS = lib src po man etc
|
||||
|
||||
CLEANFILES = *~
|
||||
|
||||
diff -ru yp-tools-3.3-orig/Makefile.in yp-tools-3.3/Makefile.in
|
||||
--- yp-tools-3.3-orig/Makefile.in 2014-12-05 12:44:37.000000000 +0100
|
||||
+++ yp-tools-3.3/Makefile.in 2014-12-10 18:16:20.996550012 +0100
|
||||
@@ -382,7 +382,7 @@
|
||||
#
|
||||
AUTOMAKE_OPTIONS = 1.5 gnits dist-bzip2
|
||||
#
|
||||
-SUBDIRS = lib src nss_nis6 po man etc
|
||||
+SUBDIRS = lib src po man etc
|
||||
CLEANFILES = *~
|
||||
ACLOCAL_AMFLAGS = -I m4
|
||||
M4_FILES = m4/getline.m4
|
11
yp-tools-4.2.2-strict-prototypes.patch
Normal file
11
yp-tools-4.2.2-strict-prototypes.patch
Normal file
@ -0,0 +1,11 @@
|
||||
--- yp-tools-yp-tools-4.2.2/src/yppasswd.c.strict-protorypes 2017-02-21 15:51:03.452034055 +0100
|
||||
+++ yp-tools-yp-tools-4.2.2/src/yppasswd.c 2017-02-21 15:51:14.996030455 +0100
|
||||
@@ -547,7 +547,7 @@ create_random_salt (char *salt, int num_
|
||||
* If other value is set or it is not set at all, SHA-512 is used.
|
||||
*/
|
||||
static int
|
||||
-get_env_hash_id()
|
||||
+get_env_hash_id(void)
|
||||
{
|
||||
const char *v = getenv("YP_PASSWD_HASH");
|
||||
if (!v)
|
19
yp-tools-4.2.3-yppasswd.patch
Normal file
19
yp-tools-4.2.3-yppasswd.patch
Normal file
@ -0,0 +1,19 @@
|
||||
author Filip Januš (fjanus@redhat.com)
|
||||
date 29. 10. 2019
|
||||
|
||||
|
||||
diff -ur yp-tools-4.2.3/src/yppasswd.c yp-tools-master/src/yppasswd.c
|
||||
--- yp-tools-4.2.3/src/yppasswd.c 2018-03-27 15:47:48.000000000 +0200
|
||||
+++ yp-tools-master/src/yppasswd.c 2019-10-29 12:00:29.000000000 +0100
|
||||
@@ -281,6 +281,11 @@
|
||||
CLIENT *clnt;
|
||||
|
||||
clnt = clnt_create (master, YPPROG, YPVERS, "udp");
|
||||
+
|
||||
+ /* clnt_create can return NULL in some cases */
|
||||
+ if (clnt == NULL)
|
||||
+ return NULL;
|
||||
+
|
||||
clnt->cl_auth = authunix_create_default ();
|
||||
|
||||
if (name == NULL)
|
219
yp-tools.spec
219
yp-tools.spec
@ -1,20 +1,25 @@
|
||||
Summary: NIS (or YP) client programs.
|
||||
Summary: NIS (or YP) client programs
|
||||
Name: yp-tools
|
||||
Version: 2.9
|
||||
Release: 10%{?dist}
|
||||
Version: 4.2.3
|
||||
Release: 13%{?dist}
|
||||
License: GPLv2
|
||||
Group: System Environment/Base
|
||||
Source: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/yp-tools-%{version}.tar.bz2
|
||||
Source: https://github.com/thkukuk/yp-tools/archive/v%{version}.tar.gz
|
||||
Patch1: yp-tools-2.12-hash.patch
|
||||
Patch2: yp-tools-2.12-crypt.patch
|
||||
Patch3: yp-tools-2.12-adjunct.patch
|
||||
Patch4: yp-tools-4.2.2-strict-prototypes.patch
|
||||
Patch5: yp-tools-4.2.3-yppasswd.patch
|
||||
Url: http://www.linux-nis.org/nis/yp-tools/index.html
|
||||
Patch0: yp-tools-2.10-passwords.patch
|
||||
Patch1: yp-tools-2.11-shadow.patch
|
||||
Obsoletes: yppasswd, yp-clients
|
||||
Requires: ypbind
|
||||
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
BuildRequires: make
|
||||
BuildRequires: autoconf, automake, gettext-devel, libtool, libtirpc-devel, libnsl2-devel
|
||||
Requires: ypbind >= 3:2.4-2
|
||||
Requires: glibc
|
||||
|
||||
%global __filter_GLIBC_PRIVATE 1
|
||||
|
||||
%description
|
||||
The Network Information Service (NIS) is a system which provides
|
||||
network information (login names, passwords, home directories, group
|
||||
network information (login names, passwords, home directories, groupinformation) to all of the machines on a network. NIS can enable
|
||||
information) to all of the machines on a network. NIS can enable
|
||||
users to login on any machine on the network, as long as the machine
|
||||
has the NIS client programs running and the user's password is
|
||||
@ -32,44 +37,206 @@ on your network. You will also need to install the ypbind package on
|
||||
every machine running NIS client programs. If you need an NIS server,
|
||||
you'll need to install the ypserv package on one machine on the network.
|
||||
|
||||
%package devel
|
||||
Summary: NIS (or YP) client programs
|
||||
Requires: yp-tools
|
||||
|
||||
%description devel
|
||||
Install yp-tools-devel package for developing applications that use yp-tools
|
||||
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1 -b .passwords
|
||||
%patch1 -p1 -b .shadow
|
||||
%setup -q -n %{name}-%{version}
|
||||
%patch1 -p1 -b .hash
|
||||
%patch2 -p1 -b .crypt
|
||||
%patch3 -p1 -b .adjunct
|
||||
%patch4 -p1 -b .strict-prototypes
|
||||
%patch5 -p1
|
||||
|
||||
|
||||
autoreconf -i -f -v
|
||||
|
||||
%build
|
||||
|
||||
export CFLAGS="$CFLAGS %{optflags} -Wno-cast-function-type"
|
||||
|
||||
%configure --disable-domainname
|
||||
make
|
||||
|
||||
%make_build
|
||||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
make DESTDIR="$RPM_BUILD_ROOT" INSTALL_PROGRAM=install install
|
||||
|
||||
%find_lang %name
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%files -f %{name}.lang
|
||||
%defattr(-,root,root)
|
||||
%doc AUTHORS COPYING README ChangeLog NEWS etc/nsswitch.conf
|
||||
%doc THANKS TODO
|
||||
/usr/bin/*
|
||||
%doc THANKS
|
||||
%{_bindir}/*
|
||||
|
||||
|
||||
%{_mandir}/*/*
|
||||
/usr/sbin/*
|
||||
%{_sbindir}/*
|
||||
/var/yp/nicknames
|
||||
%dir /var/yp
|
||||
|
||||
%changelog
|
||||
* Fri Nov 19 2010 Karel Klic <kklic@redhat.com> - 2.9-10
|
||||
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.3-13
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
|
||||
|
||||
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.3-12
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
|
||||
|
||||
* Fri Nov 12 2021 Björn Esser <besser82@fedoraproject.org> - 4.2.3-11
|
||||
- Rebuild(libnsl2)
|
||||
|
||||
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.3-10
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
|
||||
|
||||
* Thu Jan 28 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.3-9
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||
|
||||
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.3-8
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.3-7
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||
|
||||
* Tue Oct 29 2019 Filip Januš <fjanus@redhat.com> - 4.2.3-6
|
||||
- Add yppasswd patch
|
||||
- Bug https://bugzilla.redhat.com/show_bug.cgi?id=1671452
|
||||
- Pull request https://github.com/thkukuk/yp-tools/pull/7
|
||||
|
||||
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.3-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||
|
||||
* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.3-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||
|
||||
* Mon Jan 14 2019 Björn Esser <besser82@fedoraproject.org> - 4.2.3-3
|
||||
- Rebuilt for libcrypt.so.2 (#1666033)
|
||||
|
||||
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.3-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
|
||||
* Thu Apr 19 2018 Petr Kubat <pkubat@redhat.com> - 4.2.3-1
|
||||
- Update to version 4.2.3
|
||||
|
||||
* Thu Mar 15 2018 Matej Mužila <mmuzila@redhat.com> - 4.2.2-7
|
||||
- Disable cast-function-type warning
|
||||
|
||||
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.2-6
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||
|
||||
* Sat Jan 20 2018 Björn Esser <besser82@fedoraproject.org> - 4.2.2-5
|
||||
- Rebuilt for switch to libxcrypt
|
||||
|
||||
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.2-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||
|
||||
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 4.2.2-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
||||
|
||||
* Mon May 29 2017 Matej Mužila <mmuzila@redhat.com> - 4.2.2-2
|
||||
- Require ypbind >= 3:2.4-2
|
||||
|
||||
* Fri May 19 2017 Matej Mužila <mmuzila@redhat.com> - 4.2.2-1
|
||||
- Update to version 4.2.2 supporting IPv6
|
||||
|
||||
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.14-8
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||
|
||||
* Mon Nov 28 2016 Petr Kubat <pkubat@redhat.com> - 2.14-7
|
||||
- Modified passwd.adjunct patch by Gilbert E. Detillieux (#1297955)
|
||||
|
||||
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.14-6
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||
|
||||
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.14-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
||||
|
||||
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.14-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||
|
||||
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.14-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
||||
|
||||
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.14-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
||||
|
||||
* Mon May 06 2013 Honza Horak <hhorak@redhat.com> - 2.14-1
|
||||
- New upstream version 2.14
|
||||
|
||||
* Mon Mar 25 2013 Honza Horak <hhorak@redhat.com> - 2.12-13
|
||||
- Fix build for aarch64
|
||||
|
||||
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12-12
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
|
||||
|
||||
* Mon Sep 24 2012 Honza Horak <hhorak@redhat.com> - 2.12-12
|
||||
- Minor spec file fixes
|
||||
|
||||
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12-11
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
||||
|
||||
* Wed Jul 11 2012 Honza Horak <hhorak@redhat.com> - 2.12-10
|
||||
- Minor spec file fixes
|
||||
|
||||
* Mon Apr 23 2012 Honza Horak <hhorak@redhat.com> - 2.12-9
|
||||
- Do not check old passwords using passwd.adjunct feature
|
||||
- Patch from Paul Wouters to handle crypt() returning NULL
|
||||
Resolves: #814803
|
||||
|
||||
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12-8
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
||||
|
||||
* Fri Sep 09 2011 Honza Horak <hhorak@redhat.com> - 2.12-7
|
||||
- Added YP_PASSWD_HASH environment variable to set default
|
||||
algorithm for hashing a new password
|
||||
Resolves: #699666
|
||||
|
||||
* Wed May 04 2011 Honza Horak <hhorak@redhat.com> - 2.12-6
|
||||
- Applied -gethost patch to check return value
|
||||
(rhbz#698619)
|
||||
|
||||
* Fri Mar 18 2011 Honza Horak <hhorak@redhat.com> - 2.12-5
|
||||
- Applied -typo patch to fix a grammar mistake
|
||||
(rhbz#668743)
|
||||
|
||||
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
||||
|
||||
* Tue Nov 23 2010 Karel Klic <kklic@redhat.com> - 2.12-3
|
||||
- Reverted previous change
|
||||
|
||||
* Tue Nov 23 2010 Karel Klic <kklic@redhat.com> - 2.12-2
|
||||
- Added patch that removes ypclnt.c from being compiled into
|
||||
ypmatch (rhbz#546149)
|
||||
|
||||
* Fri Nov 19 2010 Karel Klic <kklic@redhat.com> - 2.12-1
|
||||
- New upstream version
|
||||
|
||||
* Fri Nov 19 2010 Karel Klic <kklic@redhat.com> - 2.11-2
|
||||
- Added patch to fix yppasswd utility when used with shadow
|
||||
passwords (rhbz#653921)
|
||||
- Removed %%clean section
|
||||
|
||||
* Thu Apr 15 2010 Karel Klic <kklic@redhat.com> - 2.9-9
|
||||
* Tue Apr 20 2010 Karel Klic <kklic@redhat.com> - 2.11-1
|
||||
- New upstream release
|
||||
- MD5, SHA-2 passwords patch merged by upstream
|
||||
- Removed BuildRoot tag
|
||||
|
||||
* Thu Apr 15 2010 Karel Klic <kklic@redhat.com> - 2.10-3
|
||||
- Added a new patch -passwords, which merges -md5 and -sha-2 patches
|
||||
together, and adds proper MD5/SHA support to verifypassword()
|
||||
#514061
|
||||
|
||||
* Mon Mar 01 2010 Karel Klic <kklic@redhat.com> - 2.10-2
|
||||
- /var/yp is owned by the filesystem package (#569383)
|
||||
|
||||
* Thu Dec 10 2009 Karel Klic <kklic@redhat.com> - 2.10-1
|
||||
- Updated to new version
|
||||
- Removed unnecessary obsoletes
|
||||
|
||||
* Mon Aug 10 2009 Ville Skyttä <ville.skytta@iki.fi> - 2.9-8
|
||||
- Convert specfile to UTF-8.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user