packages/cracklib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix problem of error messages about simplistic password

Browse Source
This commit is contained in:
guoxiaoqi 2020-01-18 16:46:18 +08:00
parent 9a4bd70a7b
commit 13ab4e670c
2 changed files with 131 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cracklib.spec
View File

@ -3,13 +3,14 @@
Name: cracklib Name: cracklib
Version: 2.9.7 Version: 2.9.7
Release: 1 Release: 2
Summary: A password-checking library Summary: A password-checking library
License: LGPLv2+ License: LGPLv2+
URL: http://sourceforge.net/projects/cracklib/ URL: http://sourceforge.net/projects/cracklib/
Source0: https://github.com/cracklib/cracklib/releases/download/cracklib-%{version}/cracklib-%{version}.tar.gz Source0: https://github.com/cracklib/cracklib/releases/download/cracklib-%{version}/cracklib-%{version}.tar.gz
Source1: https://github.com/cracklib/cracklib/releases/download/cracklib-%{version}/cracklib-words-%{version}.gz Source1: https://github.com/cracklib/cracklib/releases/download/cracklib-%{version}/cracklib-words-%{version}.gz
Patch9000: fix-problem-of-error-message-about-simplistic-passwo.patch
BuildRequires: gcc, words, gettext, gettext-autopoint, zlib-devel BuildRequires: gcc, words, gettext, gettext-autopoint, zlib-devel
BuildRequires: python2-devel BuildRequires: python2-devel
@ -129,6 +130,9 @@ make test
%{_libdir}/python*/site-packages/*.py* %{_libdir}/python*/site-packages/*.py*
%changelog %changelog
* Sat Jan 18 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.9.7-2
- fix problem of error message about simplistic password
* Fri Jan 10 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.9.7-1 * Fri Jan 10 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.9.7-1
- clean code - clean code

126
fix-problem-of-error-message-about-simplistic-passwo.patch Normal file
View File

@ -0,0 +1,126 @@
From e97dc89876ffd790aed93cc18c13c16bd2263f68 Mon Sep 17 00:00:00 2001
From: openEuler Buildteam <buildteam@openeuler.org>
Date: Sat, 18 Jan 2020 14:08:23 +0800
Subject: [PATCH] fix problem of error message about simplistic password
Signed-off-by: openEuler Buildteam <buildteam@openeuler.org>
---
lib/fascist.c | 33 ++++++++++++++++++++++++++++-----
util/cracklib-format | 10 ++++++----
2 files changed, 34 insertions(+), 9 deletions(-)
diff --git a/lib/fascist.c b/lib/fascist.c
index c5a018c..a1a8564 100644
--- a/lib/fascist.c
+++ b/lib/fascist.c
@@ -55,7 +55,6 @@ static char *r_destructors[] = {
"/?p@?p", /* purging out punctuation/symbols/junk */
"/?s@?s",
- "/?X@?X",
/* attempt reverse engineering of password strings */
@@ -452,6 +451,12 @@ GTry(rawtext, password)
continue;
}
+ if (len - strlen(mp) >= 3)
+ {
+ /* purged too much */
+ continue;
+ }
+
#ifdef DEBUG
printf("%-16s = %-16s (destruct %s)\n", mp, rawtext, r_destructors[i]);
#endif
@@ -478,6 +483,12 @@ GTry(rawtext, password)
continue;
}
+ if (len - strlen(mp) >= 3)
+ {
+ /* purged too much */
+ continue;
+ }
+
#ifdef DEBUG
printf("%-16s = %-16s (construct %s)\n", mp, password, r_constructors[i]);
#endif
@@ -705,6 +716,7 @@ FascistLookUser(PWDICT *pwp, char *instring,
char *password;
char rpassword[STRINGSIZE];
uint32_t notfound;
+ int len;
notfound = PW_WORDS(pwp);
/* already truncated if from FascistCheck() */
@@ -754,6 +766,7 @@ FascistLookUser(PWDICT *pwp, char *instring,
return _("it is all whitespace");
}
+ len = strlen(password);
i = 0;
ptr = password;
while (ptr[0] && ptr[1])
@@ -765,10 +778,7 @@ FascistLookUser(PWDICT *pwp, char *instring,
ptr++;
}
- /* Change by Ben Karsin from ITS at University of Hawaii at Manoa. Static MAXSTEP
- would generate many false positives for long passwords. */
- maxrepeat = 3+(0.09*strlen(password));
- if (i > maxrepeat)
+ if (len - i < MINLEN)
{
return _("it is too simplistic/systematic");
}
@@ -801,6 +811,12 @@ FascistLookUser(PWDICT *pwp, char *instring,
continue;
}
+ if (len - strlen(a) >= 3)
+ {
+ /* purged too much */
+ continue;
+ }
+
#ifdef DEBUG
printf("%-16s (dict)\n", a);
#endif
@@ -821,6 +837,13 @@ FascistLookUser(PWDICT *pwp, char *instring,
{
continue;
}
+
+ if (len - strlen(a) >= 3)
+ {
+ /* purged too much */
+ continue;
+ }
+
#ifdef DEBUG
printf("%-16s (reversed dict)\n", a);
#endif
diff --git a/util/cracklib-format b/util/cracklib-format
index 1d7be5b..360d109 100755
--- a/util/cracklib-format
+++ b/util/cracklib-format
@@ -3,8 +3,10 @@
# This preprocesses a set of word lists into a suitable form for input
# into cracklib-packer
#
+LC_ALL=C
+export LC_ALL
gzip -cdf "$@" |
- grep -v '^\(#\|$\)' |
- tr '[A-Z]' '[a-z]' |
- tr -cd '\012[a-z][0-9]' |
- env LC_ALL=C sort -u
+ grep -a -E -v '^.{30,}$' |
+ tr '[:upper:]' '[:lower:]' |
+ sed s/[[:space:]]//g |
+ sort -u
--
1.8.3.1