packages/libpwquality
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:903e8e119bd4984d65a67f444d72f7ae40f6a1a4
Branches Tags
packages:main
..
compare: packages:c046d1dfe42ffea83fe0aafd9f42cb1c8d86866f
Branches Tags
packages:main

No commits in common. "903e8e119bd4984d65a67f444d72f7ae40f6a1a4" and "c046d1dfe42ffea83fe0aafd9f42cb1c8d86866f" have entirely different histories.
903e8e119b ... c046d1dfe4

5 changed files with 1 additions and 147 deletions
Show Stats Expand all files Collapse all files

28
backport-Make-maxclassrepeat-1-behavior-consistent-with-docs.patch
View File

@ -1,28 +0,0 @@
From 2f6cd189bde18f5e73ed0a24c731681b085fc874 Mon Sep 17 00:00:00 2001
From: fdub <fdub@users.noreply.github.com>
Date: Wed, 1 Nov 2023 15:29:32 +0100
Subject: [PATCH] Make maxclassrepeat=1 behavior consistent with docs
When setting maxclassrepeat=1, the rule would be inactive and allow passwords containing 2 consecutive characters from the same class. Only when setting maxclassrepeat>=2, the rule would behave as expected.
This issue was already addressed in pam_cracklib many years ago: https://github.com/linux-pam/linux-pam/pull/9
---
src/check.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/check.c b/src/check.c
index d24bebc..79d4c9c 100644
--- a/src/check.c
+++ b/src/check.c
@@ -238,7 +238,7 @@ simple(pwquality_settings_t *pwq, const char *new, void **auxerror)
} else
sameclass++;
}
- if (pwq->max_class_repeat > 1 && sameclass > pwq->max_class_repeat) {
+ if (pwq->max_class_repeat > 0 && sameclass > pwq->max_class_repeat) {
if (auxerror)
*auxerror = (void *)(long)pwq->max_class_repeat;
return PWQ_ERROR_MAX_CLASS_REPEAT;
--
2.33.0

81
fix-doc-about-difok.patch
View File

@ -1,81 +0,0 @@
From 950ef20f494efad610dcd150db8c8b004c2b1c0d Mon Sep 17 00:00:00 2001
From: yixiangzhike <yixiangzhike007@163.com>
Date: Wed, 10 Aug 2022 15:34:03 +0800
Subject: [PATCH] fix doc about difok
---
doc/man/pam_pwquality.8.pod | 2 +-
doc/man/pam_pwquality.8 | 2 +-
doc/man/pwquality.conf.5.pod | 2 +-
doc/man/pwquality.conf.5 | 2 +-
src/pwquality.conf | 2 +-
5 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/doc/man/pam_pwquality.8.pod b/doc/man/pam_pwquality.8.pod
index 7a74b48..4734a24 100644
--- a/doc/man/pam_pwquality.8.pod
+++ b/doc/man/pam_pwquality.8.pod
@@ -102,7 +102,7 @@ I<1>.
=item B<difok=>I<N>
-This argument will change the default of I<1> for the number of changes in
+This argument will change the default of I<5> for the number of changes in
the new password from the old password.
The special value of I<0> disables all checks of similarity of the new password
diff --git a/doc/man/pam_pwquality.8 b/doc/man/pam_pwquality.8
index 030223d..670d562 100644
--- a/doc/man/pam_pwquality.8
+++ b/doc/man/pam_pwquality.8
@@ -156,7 +156,7 @@ Prompt user at most \fIN\fR times before returning with error. The default is
\&\fI1\fR.
.IP "\fBdifok=\fR\fIN\fR" 4
.IX Item "difok=N"
-This argument will change the default of \fI1\fR for the number of changes in
+This argument will change the default of \fI5\fR for the number of changes in
the new password from the old password.
.Sp
The special value of \fI0\fR disables all checks of similarity of the new password
diff --git a/doc/man/pwquality.conf.5.pod b/doc/man/pwquality.conf.5.pod
index ada22d0..c7c44cb 100644
--- a/doc/man/pwquality.conf.5.pod
+++ b/doc/man/pwquality.conf.5.pod
@@ -34,7 +34,7 @@ The possible options in the file are:
=item B<difok>
Number of characters in the new password that must not be present in the
-old password. (default 1)
+old password. (default 5)
The special value of 0 disables all checks of similarity of the new password
with the old password except the new password being exactly the same as
diff --git a/doc/man/pwquality.conf.5 b/doc/man/pwquality.conf.5
index 1093aeb..7ed1992 100644
--- a/doc/man/pwquality.conf.5
+++ b/doc/man/pwquality.conf.5
@@ -103,7 +103,7 @@ The possible options in the file are:
.IP "\fBdifok\fR" 4
.IX Item "difok"
Number of characters in the new password that must not be present in the
-old password. (default 1)
+old password. (default 5)
.Sp
The special value of 0 disables all checks of similarity of the new password
with the old password except the new password being exactly the same as
diff --git a/src/pwquality.conf b/src/pwquality.conf
index ace3d5f..cb3e99c 100644
--- a/src/pwquality.conf
+++ b/src/pwquality.conf
@@ -3,7 +3,7 @@
#
# Number of characters in the new password that must not be present in the
# old password.
-# difok = 1
+# difok = 5
#
# Minimum acceptable size for the new password (plus one if
# credits are not disabled which is the default). (See pam_cracklib manual.)
--
2.27.0

BIN
libpwquality-1.4.4.tar.bz2 Normal file
View File

Binary file not shown.

BIN
libpwquality-1.4.5.tar.bz2
View File

Binary file not shown.

39
libpwquality.spec
View File

@ -2,7 +2,7 @@
%define _secconfdir %{_sysconfdir}/security %define _secconfdir %{_sysconfdir}/security
Name: libpwquality Name: libpwquality
Version: 1.4.5 Version: 1.4.4
Release: 2 Release: 2
Summary: Library for password quality checking and generating random passwords. Summary: Library for password quality checking and generating random passwords.
License: BSD or GPLv2+ License: BSD or GPLv2+
@ -11,8 +11,6 @@ Source0: https://github.com/libpwquality/libpwquality/releases/download/libpwqua
Patch0: modify-pwquality_conf.patch Patch0: modify-pwquality_conf.patch
Patch1: fix-password-similarity.patch Patch1: fix-password-similarity.patch
Patch2: fix-doc-about-difok.patch
Patch3: backport-Make-maxclassrepeat-1-behavior-consistent-with-docs.patch
BuildRequires: gcc cracklib-devel gettext pam-devel BuildRequires: gcc cracklib-devel gettext pam-devel
BuildRequires: python3-devel BuildRequires: python3-devel
@ -56,11 +54,6 @@ This package provides Python3 bindings for the libpwquality library.
%make_build %make_build
%install %install
# python-setuptools >= v60.0.0 changes the SETUPTOOLS_USE_DISTUTILS default value to local,
# it does't use Python's standard library distutils default.
# As a result, failed to build libpwquality.
# Now, set SETUPTOOLS_USE_DISTUTILS value to stdlib
export SETUPTOOLS_USE_DISTUTILS=stdlib
%make_install %make_install
rm -f %{buildroot}%{_libdir}/*.la rm -f %{buildroot}%{_libdir}/*.la
@ -100,36 +93,6 @@ mkdir %{buildroot}%{_secconfdir}/pwquality.conf.d
%{_mandir}/man8/* %{_mandir}/man8/*
%changelog %changelog
* Tue Jul 2 2024 yixiangzhike <yixiangzhike007@163.com> - 1.4.5-2
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:backport upstream patch to fix maxclassrepeat=1
* Wed Dec 28 2022 yixiangzhike <yixiangzhike007@163.com> - 1.4.5-1
- Type:enhancement
- ID:NA
- SUG:NA
- DESC:update to 1.4.5
* Tue Aug 23 2022 yixiangzhike <yixiangzhike007@163.com> - 1.4.4-5
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:change the files order in patch file fix-doc-about-difok.patch
* Wed Aug 10 2022 yixiangzhike <yixiangzhike007@163.com> - 1.4.4-4
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:fix doc about difok
* Tue Jul 26 2022 yixiangzhike <yixiangzhike007@163.com> - 1.4.4-3
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:fix the libpwquality build failure issue
* Tue Apr 26 2022 zhangruifang2020 <zhangruifang1@h-partners.com> - 1.4.4-2 * Tue Apr 26 2022 zhangruifang2020 <zhangruifang1@h-partners.com> - 1.4.4-2
- Type:bugfix - Type:bugfix
- ID:NA - ID:NA