diff --git a/backport-Added-control-character-check.patch b/backport-Added-control-character-check.patch deleted file mode 100644 index 79d074e..0000000 --- a/backport-Added-control-character-check.patch +++ /dev/null @@ -1,45 +0,0 @@ -From e5905c4b84d4fb90aefcd96ee618411ebfac663d Mon Sep 17 00:00:00 2001 -From: tomspiderlabs <128755403+tomspiderlabs@users.noreply.github.com> -Date: Thu, 23 Mar 2023 23:39:38 +0000 -Subject: [PATCH] Added control character check - -Added control character check, returning -1 (to "err") if control characters are present. ---- - lib/fields.c | 11 +++++++---- - 1 file changed, 7 insertions(+), 4 deletions(-) - -diff --git a/lib/fields.c b/lib/fields.c -index 640be931..fb51b582 100644 ---- a/lib/fields.c -+++ b/lib/fields.c -@@ -21,9 +21,9 @@ - * - * The supplied field is scanned for non-printable and other illegal - * characters. -- * + -1 is returned if an illegal character is present. -- * + 1 is returned if no illegal characters are present, but the field -- * contains a non-printable character. -+ * + -1 is returned if an illegal or control character is present. -+ * + 1 is returned if no illegal or control characters are present, -+ * but the field contains a non-printable character. - * + 0 is returned otherwise. - */ - int valid_field (const char *field, const char *illegal) -@@ -45,10 +45,13 @@ int valid_field (const char *field, const char *illegal) - } - - if (0 == err) { -- /* Search if there are some non-printable characters */ -+ /* Search if there are non-printable or control characters */ - for (cp = field; '\0' != *cp; cp++) { - if (!isprint (*cp)) { - err = 1; -+ } -+ if (!iscntrl (*cp)) { -+ err = -1; - break; - } - } --- -2.27.0 - diff --git a/backport-Correctly-handle-illegal-system-file-in-tz.patch b/backport-Correctly-handle-illegal-system-file-in-tz.patch deleted file mode 100644 index 5355ec7..0000000 --- a/backport-Correctly-handle-illegal-system-file-in-tz.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 37ae2320809cb16afa9dacd8e5ea317ae216ee36 Mon Sep 17 00:00:00 2001 -From: Samanta Navarro -Date: Fri, 27 Jan 2023 11:57:51 +0000 -Subject: [PATCH] Correctly handle illegal system file in tz - -If the file referenced by ENV_TZ has a zero length string, then an out -of boundary write occurs. Also the result can be wrong because it is -assumed that the file will always end with a newline. - -Only override a newline character with '\0' to avoid these cases. - -This cannot be considered to be security relevant because login.defs -and its contained references to system files should be trusted to begin -with. - -Proof of Concept: - -1. Compile shadow's su with address sanitizer and --without-libpam - -2. Setup your /etc/login.defs to contain ENV_TZ=/etc/tzname - -3. Prepare /etc/tzname to contain a '\0' byte at the beginning - -`python -c "print('\x00')" > /etc/tzname` - -4. Use su - -`su -l` - -You can see the following output: - -`tz.c:45:8: runtime error: index 18446744073709551615 out of bounds for type 'char [8192]'` - -Signed-off-by: Samanta Navarro ---- - libmisc/tz.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/libmisc/tz.c b/libmisc/tz.c -index f3f5733e..9f3a41f2 100644 ---- a/libmisc/tz.c -+++ b/libmisc/tz.c -@@ -42,7 +42,8 @@ - - strcpy (tzbuf, def_tz); - } else { -- tzbuf[strlen (tzbuf) - 1] = '\0'; -+ /* Remove optional trailing '\n'. */ -+ tzbuf[strcspn (tzbuf, "\n")] = '\0'; - } - - if (NULL != fp) { --- -2.27.0 - diff --git a/backport-Explicitly-override-only-newlines.patch b/backport-Explicitly-override-only-newlines.patch deleted file mode 100644 index a1fc8c6..0000000 --- a/backport-Explicitly-override-only-newlines.patch +++ /dev/null @@ -1,55 +0,0 @@ -From ffc480c2e93f05266e4b130229877ad13f71a8c0 Mon Sep 17 00:00:00 2001 -From: Samanta Navarro -Date: Mon, 30 Jan 2023 11:53:47 +0000 -Subject: [PATCH] Explicitly override only newlines - -Override only newlines with '\0' to avoid undesired truncation of -actual line content. - -Signed-off-by: Samanta Navarro ---- - lib/port.c | 6 +++--- - libmisc/console.c | 3 ++- - 2 files changed, 5 insertions(+), 4 deletions(-) - -diff --git a/lib/port.c b/lib/port.c -index 0bea2ef4..90eb1498 100644 ---- a/lib/port.c -+++ b/lib/port.c -@@ -130,8 +130,8 @@ static struct port *getportent (void) - again: - - /* -- * Get the next line and remove the last character, which -- * is a '\n'. Lines which begin with '#' are all ignored. -+ * Get the next line and remove optional trailing '\n'. -+ * Lines which begin with '#' are all ignored. - */ - - if (fgets (buf, (int) sizeof buf, ports) == 0) { -@@ -149,7 +149,7 @@ static struct port *getportent (void) - * TTY devices. - */ - -- buf[strlen (buf) - 1] = 0; -+ buf[strcspn (buf, "\n")] = 0; - - port.pt_names = ttys; - for (cp = buf, j = 0; j < PORT_TTY; j++) { -diff --git a/libmisc/console.c b/libmisc/console.c -index bc024eba..63d3ceb3 100644 ---- a/libmisc/console.c -+++ b/libmisc/console.c -@@ -71,7 +71,8 @@ static bool is_listed (const char *cfgin, const char *tty, bool def) - */ - - while (fgets (buf, (int) sizeof (buf), fp) != NULL) { -- buf[strlen (buf) - 1] = '\0'; -+ /* Remove optional trailing '\n'. */ -+ buf[strcspn (buf, "\n")] = '\0'; - if (strcmp (buf, tty) == 0) { - (void) fclose (fp); - return true; --- -2.27.0 - diff --git a/backport-Fix-off-by-one-mistakes.patch b/backport-Fix-off-by-one-mistakes.patch deleted file mode 100644 index fe11716..0000000 --- a/backport-Fix-off-by-one-mistakes.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 587ce83e3ff4bea64ac028149ac9b66df37f688c Mon Sep 17 00:00:00 2001 -From: Alejandro Colomar -Date: Fri, 16 Dec 2022 00:52:27 +0100 -Subject: [PATCH] Fix off-by-one mistakes - -The buffers have a size of 512 (see xmalloc() above), which is what -snprintf(3) expects. - -Link: -Signed-off-by: Alejandro Colomar ---- - src/groupmod.c | 16 ++++++++-------- - 1 file changed, 8 insertions(+), 8 deletions(-) - -diff --git a/src/groupmod.c b/src/groupmod.c -index 006eca1c..828c7c0b 100644 ---- a/src/groupmod.c -+++ b/src/groupmod.c -@@ -554,13 +554,13 @@ static void prepare_failure_reports (void) - #endif - info_passwd.audit_msg = xmalloc (512); - -- (void) snprintf (info_group.audit_msg, 511, -+ (void) snprintf (info_group.audit_msg, 512, - "changing %s; ", gr_dbname ()); - #ifdef SHADOWGRP -- (void) snprintf (info_gshadow.audit_msg, 511, -+ (void) snprintf (info_gshadow.audit_msg, 512, - "changing %s; ", sgr_dbname ()); - #endif -- (void) snprintf (info_passwd.audit_msg, 511, -+ (void) snprintf (info_passwd.audit_msg, 512, - "changing %s; ", pw_dbname ()); - - info_group.action = info_group.audit_msg -@@ -573,16 +573,16 @@ static void prepare_failure_reports (void) - + strlen (info_passwd.audit_msg); - - (void) snprintf (info_group.action, -- 511 - strlen (info_group.audit_msg), -+ 512 - strlen (info_group.audit_msg), - "group %s/%lu", - group_name, (unsigned long int) group_id); - #ifdef SHADOWGRP - (void) snprintf (info_gshadow.action, -- 511 - strlen (info_group.audit_msg), -+ 512 - strlen (info_group.audit_msg), - "group %s", group_name); - #endif - (void) snprintf (info_passwd.action, -- 511 - strlen (info_group.audit_msg), -+ 512 - strlen (info_group.audit_msg), - "group %s/%lu", - group_name, (unsigned long int) group_id); - -@@ -617,13 +617,13 @@ static void prepare_failure_reports (void) - strncat (info_group.action, ", new gid: ", - 511 - strlen (info_group.audit_msg)); - (void) snprintf (info_group.action+strlen (info_group.action), -- 511 - strlen (info_group.audit_msg), -+ 512 - strlen (info_group.audit_msg), - "%lu", (unsigned long int) group_newid); - - strncat (info_passwd.action, ", new gid: ", - 511 - strlen (info_passwd.audit_msg)); - (void) snprintf (info_passwd.action+strlen (info_passwd.action), -- 511 - strlen (info_passwd.audit_msg), -+ 512 - strlen (info_passwd.audit_msg), - "%lu", (unsigned long int) group_newid); - } - info_group.audit_msg[511] = '\0'; --- -2.27.0 - diff --git a/backport-Fix-typos-in-length-calculations.patch b/backport-Fix-typos-in-length-calculations.patch deleted file mode 100644 index 8d339ad..0000000 --- a/backport-Fix-typos-in-length-calculations.patch +++ /dev/null @@ -1,32 +0,0 @@ -From ed69feaaff3c86745390c9839ecfc4b8f9706075 Mon Sep 17 00:00:00 2001 -From: Alejandro Colomar -Date: Fri, 16 Dec 2022 01:08:12 +0100 -Subject: [PATCH] Fix typos in length calculations - -Link: -Signed-off-by: Alejandro Colomar ---- - src/groupmod.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/groupmod.c b/src/groupmod.c -index 7802e5b1..8c219194 100644 ---- a/src/groupmod.c -+++ b/src/groupmod.c -@@ -578,11 +578,11 @@ static void prepare_failure_reports (void) - group_name, (unsigned long int) group_id); - #ifdef SHADOWGRP - (void) snprintf (info_gshadow.action, -- 512 - strlen (info_group.audit_msg), -+ 512 - strlen (info_gshadow.audit_msg), - "group %s", group_name); - #endif - (void) snprintf (info_passwd.action, -- 512 - strlen (info_group.audit_msg), -+ 512 - strlen (info_passwd.audit_msg), - "group %s/%lu", - group_name, (unsigned long int) group_id); - --- -2.27.0 - diff --git a/backport-Overhaul-valid_field.patch b/backport-Overhaul-valid_field.patch deleted file mode 100644 index 7573d17..0000000 --- a/backport-Overhaul-valid_field.patch +++ /dev/null @@ -1,61 +0,0 @@ -From 2eaea70111f65b16d55998386e4ceb4273c19eb4 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Fri, 31 Mar 2023 14:46:50 +0200 -Subject: [PATCH] Overhaul valid_field() - -e5905c4b ("Added control character check") introduced checking for -control characters but had the logic inverted, so it rejects all -characters that are not control ones. - -Cast the character to `unsigned char` before passing to the character -checking functions to avoid UB. - -Use strpbrk(3) for the illegal character test and return early. ---- - lib/fields.c | 24 ++++++++++-------------- - 1 file changed, 10 insertions(+), 14 deletions(-) - -diff --git a/lib/fields.c b/lib/fields.c -index fb51b582..53929248 100644 ---- a/lib/fields.c -+++ b/lib/fields.c -@@ -37,26 +37,22 @@ int valid_field (const char *field, const char *illegal) - - /* For each character of field, search if it appears in the list - * of illegal characters. */ -+ if (illegal && NULL != strpbrk (field, illegal)) { -+ return -1; -+ } -+ -+ /* Search if there are non-printable or control characters */ - for (cp = field; '\0' != *cp; cp++) { -- if (strchr (illegal, *cp) != NULL) { -+ unsigned char c = *cp; -+ if (!isprint (c)) { -+ err = 1; -+ } -+ if (iscntrl (c)) { - err = -1; - break; - } - } - -- if (0 == err) { -- /* Search if there are non-printable or control characters */ -- for (cp = field; '\0' != *cp; cp++) { -- if (!isprint (*cp)) { -- err = 1; -- } -- if (!iscntrl (*cp)) { -- err = -1; -- break; -- } -- } -- } -- - return err; - } - --- -2.27.0 - diff --git a/backport-Prevent-out-of-boundary-access.patch b/backport-Prevent-out-of-boundary-access.patch deleted file mode 100644 index 321b616..0000000 --- a/backport-Prevent-out-of-boundary-access.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 8e0ad48c21bd7d5506ff44eb4c04f796b80045ce Mon Sep 17 00:00:00 2001 -From: Samanta Navarro -Date: Mon, 30 Jan 2023 11:54:49 +0000 -Subject: [PATCH] Prevent out of boundary access - -If lines start with '\0' then it is possible to trigger out of -boundary accesses. - -Check if indices are valid before accessing them. - -Signed-off-by: Samanta Navarro ---- - src/login_nopam.c | 4 ++-- - src/suauth.c | 3 ++- - 2 files changed, 4 insertions(+), 3 deletions(-) - -diff --git a/src/login_nopam.c b/src/login_nopam.c -index b09cffe4..18072a43 100644 ---- a/src/login_nopam.c -+++ b/src/login_nopam.c -@@ -100,7 +100,7 @@ int login_access (const char *user, const char *from) - int end; - lineno++; - end = (int) strlen (line) - 1; -- if (line[end] != '\n') { -+ if (line[0] == '\0' || line[end] != '\n') { - SYSLOG ((LOG_ERR, - "%s: line %d: missing newline or line too long", - TABLE, lineno)); -@@ -320,7 +320,7 @@ static bool from_match (const char *tok, const char *string) - if (strchr (string, '.') == NULL) { - return true; - } -- } else if ( (tok[(tok_len = strlen (tok)) - 1] == '.') /* network */ -+ } else if ( (tok[0] != '\0' && tok[(tok_len = strlen (tok)) - 1] == '.') /* network */ - && (strncmp (tok, resolve_hostname (string), tok_len) == 0)) { - return true; - } -diff --git a/src/suauth.c b/src/suauth.c -index 2641d334..d68a3340 100644 ---- a/src/suauth.c -+++ b/src/suauth.c -@@ -68,8 +68,9 @@ int check_su_auth (const char *actual_id, - - while (fgets (temp, sizeof (temp), authfile_fd) != NULL) { - lines++; -+ endline = strlen(temp) - 1; - -- if (temp[endline = strlen (temp) - 1] != '\n') { -+ if (temp[0] == '\0' || temp[endline] != '\n') { - SYSLOG ((LOG_ERR, - "%s, line %d: line too long or missing newline", - SUAUTHFILE, lines)); --- -2.27.0 - diff --git a/backport-Read-whole-line-in-yes_or_no.patch b/backport-Read-whole-line-in-yes_or_no.patch deleted file mode 100644 index c70a8b8..0000000 --- a/backport-Read-whole-line-in-yes_or_no.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 0c83b981053b65c9bab4f1c2e60d004e920f8faf Mon Sep 17 00:00:00 2001 -From: Samanta Navarro -Date: Fri, 27 Jan 2023 11:53:57 +0000 -Subject: [PATCH] Read whole line in yes_or_no - -Do not stop after 79 characters. Read the complete line to avoid -arbitrary limitations. - -Proof of Concept: - -``` -cat > passwd-poc << EOF -root:x:0:0:root:/root:/bin/bash -root:x:0:0:root:/root:/bin/bash -root:x:0:0:root:/root:/bin/bash -EOF -python -c "print(80*'y')" | pwck passwd-poc -``` - -Two lines should still be within the file because we agreed only once -to remove a duplicated line. - -Signed-off-by: Samanta Navarro -Reviewed-by: Alejandro Colomar -Reviewed-by: Serge Hallyn - -Conflict: NA -Reference: https://github.com/shadow-maint/shadow/commit/0c83b981053b65c9bab4f1c2e60d004e920f8faf ---- - libmisc/yesno.c | 13 ++++++++----- - 1 file changed, 8 insertions(+), 5 deletions(-) - -diff --git a/libmisc/yesno.c b/libmisc/yesno.c -index 1a1a3714..d8847e40 100644 ---- a/libmisc/yesno.c -+++ b/libmisc/yesno.c -@@ -28,7 +28,8 @@ - */ - bool yes_or_no (bool read_only) - { -- char buf[80]; -+ int c; -+ bool result; - - /* - * In read-only mode all questions are answered "no". -@@ -46,11 +47,13 @@ bool yes_or_no (bool read_only) - /* - * Get a line and see what the first character is. - */ -+ c = fgetc(stdin); - /* TODO: use gettext */ -- if (fgets (buf, (int) sizeof buf, stdin) == buf) { -- return buf[0] == 'y' || buf[0] == 'Y'; -- } -+ result = (c == 'y' || c == 'Y'); -+ -+ while (c != '\n' && c != EOF) -+ c = fgetc(stdin); - -- return false; -+ return result; - } - --- -2.27.0 - diff --git a/backport-chgpasswd-fix-segfault-in-command-line-options.patch b/backport-chgpasswd-fix-segfault-in-command-line-options.patch deleted file mode 100644 index db47426..0000000 --- a/backport-chgpasswd-fix-segfault-in-command-line-options.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 53a17c1742a4b5fcf9280fd6dd85fc77588535c2 Mon Sep 17 00:00:00 2001 -From: Jeffrey Bencteux -Date: Wed, 21 Jun 2023 15:12:43 +0200 -Subject: [PATCH] chgpasswd: fix segfault in command-line options - -Using the --sha-rounds option without first giving a crypt method via the --crypt-method option results in comparisons with a NULL pointer and thus make chgpasswd segfault: - -$ chgpasswd -s 1 -zsh: segmentation fault chgpasswd -s 1 - -Current patch add a sanity check before these comparisons to ensure there is a defined encryption method. ---- - src/chgpasswd.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/src/chgpasswd.c b/src/chgpasswd.c -index fe4055d8..7b773e2f 100644 ---- a/src/chgpasswd.c -+++ b/src/chgpasswd.c -@@ -186,6 +186,13 @@ static void process_flags (int argc, char **argv) - case 's': - sflg = true; - bad_s = 0; -+ -+ if (!crypt_method) { -+ fprintf (stderr, -+ _("%s: no crypt method defined\n"), -+ Prog); -+ usage (E_USAGE); -+ } - #if defined(USE_SHA_CRYPT) - if ( ( ((0 == strcmp (crypt_method, "SHA256")) || (0 == strcmp (crypt_method, "SHA512"))) - && (0 == getlong(optarg, &sha_rounds)))) { --- -2.20.1 - diff --git a/backport-commonio-free-removed-database-entries.patch b/backport-commonio-free-removed-database-entries.patch deleted file mode 100644 index 13322f7..0000000 --- a/backport-commonio-free-removed-database-entries.patch +++ /dev/null @@ -1,39 +0,0 @@ -From a8dd8ce6c9a5f6e69ed4e9fa7b0c0976bb4ba332 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Sat, 1 Apr 2023 13:36:51 +0200 -Subject: [PATCH] commonio: free removed database entries - -Free the actual struct of the removed entry. - -Example userdel report: - - Direct leak of 40 byte(s) in 1 object(s) allocated from: - #0 0x55b230efe857 in reallocarray (./src/userdel+0xda857) - #1 0x55b230f6041f in mallocarray ./lib/./alloc.h:97:9 - #2 0x55b230f6041f in commonio_open ./lib/commonio.c:563:7 - #3 0x55b230f39098 in open_files ./src/userdel.c:555:6 - #4 0x55b230f39098 in main ./src/userdel.c:1189:2 - #5 0x7f9b48c64189 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16 - -Conflict: NA -Reference: https://github.com/shadow-maint/shadow/commit/a8dd8ce6c9a5f6e69ed4e9fa7b0c0976bb4ba332 ---- - lib/commonio.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/lib/commonio.c b/lib/commonio.c -index 40e62298..a0449c83 100644 ---- a/lib/commonio.c -+++ b/lib/commonio.c -@@ -1060,6 +1060,8 @@ int commonio_remove (struct commonio_db *db, const char *name) - db->ops->free (p->eptr); - } - -+ free(p); -+ - return 1; - } - --- -2.27.0 - diff --git a/backport-run_parts-for-groupadd-and-groupdel.patch b/backport-run_parts-for-groupadd-and-groupdel.patch deleted file mode 100644 index 43c175b..0000000 --- a/backport-run_parts-for-groupadd-and-groupdel.patch +++ /dev/null @@ -1,127 +0,0 @@ -From 4e1f674c41724dd96ad2c3a0c02ac9f6666697ba Mon Sep 17 00:00:00 2001 -From: ed neville -Date: Mon, 27 Mar 2023 20:23:03 +0100 -Subject: [PATCH] run_parts for groupadd and groupdel - -run_parts currently exists in useradd and userdel, this commit mirrors -the functionality with groupadd and groupdel - -Hook for group{add,del} to include killing processes that have group -membership that would no longer exist to avoid membership ID reuse. - -Conflict: NA -Reference: https://github.com/shadow-maint/shadow/commit/4e1f674c41724dd96ad2c3a0c02ac9f6666697ba ---- - .../groupdel-pre.d/01-kill_group_procs.sh | 26 +++++++++++++++++++ - src/groupadd.c | 11 ++++++++ - src/groupdel.c | 11 ++++++++ - 3 files changed, 48 insertions(+) - create mode 100644 etc/shadow-maint/groupdel-pre.d/01-kill_group_procs.sh - -diff --git a/etc/shadow-maint/groupdel-pre.d/01-kill_group_procs.sh b/etc/shadow-maint/groupdel-pre.d/01-kill_group_procs.sh -new file mode 100644 -index 00000000..10db5279 ---- /dev/null -+++ b/etc/shadow-maint/groupdel-pre.d/01-kill_group_procs.sh -@@ -0,0 +1,26 @@ -+#!/bin/sh -+ -+PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" -+GROUPID=`awk -F: '$1 == "'"${SUBJECT}"'" { print $3 }' /etc/group` -+ -+if [ "${GROUPID}" = "" ]; then -+ exit 0 -+fi -+ -+for status in /proc/*/status; do -+ # either this isn't a process or its already dead since expanding the list -+ [ -f "$status" ] || continue -+ -+ tbuf=${status%/status} -+ pid=${tbuf#/proc/} -+ case "$pid" in -+ "$$") continue;; -+ [0-9]*) :;; -+ *) continue -+ esac -+ -+ grep -q '^Groups:.*\b'"${GROUPID}"'\b.*' "/proc/$pid/status" || continue -+ -+ kill -9 "$pid" || echo "cannot kill $pid" 1>&2 -+done -+ -diff --git a/src/groupadd.c b/src/groupadd.c -index 31142101..2eda1c68 100644 ---- a/src/groupadd.c -+++ b/src/groupadd.c -@@ -34,6 +34,7 @@ - #include "sgroupio.h" - #endif - #include "shadowlog.h" -+#include "run_part.h" - - /* - * exit status values -@@ -603,6 +604,11 @@ int main (int argc, char **argv) - - check_perms (); - -+ if (run_parts ("/etc/shadow-maint/groupadd-pre.d", group_name, -+ "groupadd")) { -+ exit(1); -+ } -+ - #ifdef SHADOWGRP - is_shadow_grp = sgr_file_present (); - #endif -@@ -621,6 +627,11 @@ int main (int argc, char **argv) - - grp_update (); - close_files (); -+ if (run_parts ("/etc/shadow-maint/groupadd-post.d", group_name, -+ "groupadd")) { -+ exit(1); -+ } -+ - - nscd_flush_cache ("group"); - sssd_flush_cache (SSSD_DB_GROUP); -diff --git a/src/groupdel.c b/src/groupdel.c -index fdccf5e1..bae4367b 100644 ---- a/src/groupdel.c -+++ b/src/groupdel.c -@@ -32,6 +32,7 @@ - #include "sgroupio.h" - #endif - #include "shadowlog.h" -+#include "run_part.h" - /* - * Global variables - */ -@@ -461,6 +462,11 @@ int main (int argc, char **argv) - group_busy (group_id); - } - -+ if (run_parts ("/etc/shadow-maint/groupdel-pre.d", group_name, -+ "groupdel")) { -+ exit(1); -+ } -+ - /* - * Do the hard stuff - open the files, delete the group entries, - * then close and update the files. -@@ -471,6 +477,11 @@ int main (int argc, char **argv) - - close_files (); - -+ if (run_parts ("/etc/shadow-maint/groupdel-post.d", group_name, -+ "groupdel")) { -+ exit(1); -+ } -+ - nscd_flush_cache ("group"); - sssd_flush_cache (SSSD_DB_GROUP); - --- -2.27.0 - diff --git a/backport-semanage-disconnect-to-free-libsemanage-internals.patch b/backport-semanage-disconnect-to-free-libsemanage-internals.patch deleted file mode 100644 index 94a0722..0000000 --- a/backport-semanage-disconnect-to-free-libsemanage-internals.patch +++ /dev/null @@ -1,76 +0,0 @@ -From 7078ed1e0b8a197aa9e5103986bce927abef87a4 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Sat, 1 Apr 2023 14:11:06 +0200 -Subject: [PATCH] semanage: disconnect to free libsemanage internals - -Destroying the handle does not actually disconnect, see [1]. -Also free the key on user removal. - -[1]: https://github.com/SELinuxProject/selinux/blob/e9072e7d45f4559887d11b518099135cbe564163/libsemanage/src/direct_api.c#L330 - -Example adduser leak: - - Direct leak of 1008 byte(s) in 14 object(s) allocated from: - #0 0x5638f2e782ae in __interceptor_malloc (./src/useradd+0xee2ae) - #1 0x7fb5cfffad09 in dbase_file_init src/database_file.c:170:45 - - Direct leak of 392 byte(s) in 7 object(s) allocated from: - #0 0x5638f2e782ae in __interceptor_malloc (./src/useradd+0xee2ae) - #1 0x7fb5cfffc929 in dbase_policydb_init src/database_policydb.c:187:27 - - Direct leak of 144 byte(s) in 2 object(s) allocated from: - #0 0x5638f2e782ae in __interceptor_malloc (./src/useradd+0xee2ae) - #1 0x7fb5cfffb519 in dbase_join_init src/database_join.c:249:28 - - [...] - -Conflict: NA -Reference: https://github.com/shadow-maint/shadow/commit/7078ed1e0b8a197aa9e5103986bce927abef87a4 ---- - lib/semanage.c | 9 ++++++++- - 1 file changed, 8 insertions(+), 1 deletion(-) - -diff --git a/lib/semanage.c b/lib/semanage.c -index 5d336b08..d412186c 100644 ---- a/lib/semanage.c -+++ b/lib/semanage.c -@@ -97,6 +97,8 @@ static semanage_handle_t *semanage_init (void) - return handle; - - fail: -+ if (handle) -+ semanage_disconnect (handle); - semanage_handle_destroy (handle); - return NULL; - } -@@ -156,7 +158,7 @@ done: - - - static int semanage_user_add (semanage_handle_t *handle, -- semanage_seuser_key_t *key, -+ const semanage_seuser_key_t *key, - const char *login_name, - const char *seuser_name) - { -@@ -279,6 +281,8 @@ int set_seuser (const char *login_name, const char *seuser_name) - - done: - semanage_seuser_key_free (key); -+ if (handle) -+ semanage_disconnect (handle); - semanage_handle_destroy (handle); - return ret; - } -@@ -353,6 +357,9 @@ int del_seuser (const char *login_name) - - ret = 0; - done: -+ semanage_seuser_key_free (key); -+ if (handle) -+ semanage_disconnect (handle); - semanage_handle_destroy (handle); - return ret; - } --- -2.27.0 - diff --git a/backport-useradd-check-if-subid-range-exists-for-user.patch b/backport-useradd-check-if-subid-range-exists-for-user.patch deleted file mode 100644 index 62c172f..0000000 --- a/backport-useradd-check-if-subid-range-exists-for-user.patch +++ /dev/null @@ -1,41 +0,0 @@ -From e0524e813a3bae2891b33a66f35876841c11cee7 Mon Sep 17 00:00:00 2001 -From: Iker Pedrosa -Date: Mon, 24 Oct 2022 10:46:36 +0200 -Subject: [PATCH 1/4] useradd: check if subid range exists for user - -Check if a user already has a subid range before assigning one. - -Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2012929 - -Signed-off-by: Iker Pedrosa - -Reference: https://github.com/shadow-maint/shadow/commit/e0524e813a3bae2891b33a66f35876841c11cee7 -Conflict: NA ---- - src/useradd.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/useradd.c b/src/useradd.c -index 7ea0a9c4..e784d602 100644 ---- a/src/useradd.c -+++ b/src/useradd.c -@@ -2188,14 +2188,14 @@ static void usr_update (unsigned long subuid_count, unsigned long subgid_count) - fail_exit (E_PW_UPDATE); - } - #ifdef ENABLE_SUBIDS -- if (is_sub_uid && -+ if (is_sub_uid && !local_sub_uid_assigned(user_name) && - (sub_uid_add(user_name, sub_uid_start, subuid_count) == 0)) { - fprintf (stderr, - _("%s: failed to prepare the new %s entry\n"), - Prog, sub_uid_dbname ()); - fail_exit (E_SUB_UID_UPDATE); - } -- if (is_sub_gid && -+ if (is_sub_gid && !local_sub_gid_assigned(user_name) && - (sub_gid_add(user_name, sub_gid_start, subgid_count) == 0)) { - fprintf (stderr, - _("%s: failed to prepare the new %s entry\n"), --- -2.12.3 - diff --git a/shadow-4.13.tar.xz b/shadow-4.13.tar.xz deleted file mode 100644 index 38cdecf..0000000 Binary files a/shadow-4.13.tar.xz and /dev/null differ diff --git a/shadow-4.14.3.tar.xz b/shadow-4.14.3.tar.xz new file mode 100644 index 0000000..3795345 Binary files /dev/null and b/shadow-4.14.3.tar.xz differ diff --git a/shadow-Remove-encrypted-passwd-for-useradd-gr.patch b/shadow-Remove-encrypted-passwd-for-useradd-gr.patch index 07b29c1..9b8a258 100644 --- a/shadow-Remove-encrypted-passwd-for-useradd-gr.patch +++ b/shadow-Remove-encrypted-passwd-for-useradd-gr.patch @@ -17,10 +17,10 @@ Signed-off-by: xiongshenglan 4 files changed, 16 insertions(+) diff --git a/src/groupadd.c b/src/groupadd.c -index d7f68b1..9b7a521 100644 +index 2eda1c6..d9b920f 100644 --- a/src/groupadd.c +++ b/src/groupadd.c -@@ -125,7 +125,9 @@ static /*@noreturn@*/void usage (int status) +@@ -105,7 +105,9 @@ usage (int status) (void) fputs (_(" -K, --key KEY=VALUE override /etc/login.defs defaults\n"), usageout); (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n" " (non-unique) GID\n"), usageout); @@ -29,8 +29,8 @@ index d7f68b1..9b7a521 100644 +#endif (void) fputs (_(" -r, --system create a system account\n"), usageout); (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); - (void) fputs (_(" -P, --prefix PREFIX_DI directory prefix\n"), usageout); -@@ -459,10 +461,12 @@ static void process_flags (int argc, char **argv) + (void) fputs (_(" -P, --prefix PREFIX_DIR directory prefix\n"), usageout); +@@ -435,10 +437,12 @@ static void process_flags (int argc, char **argv) case 'o': oflg = true; break; @@ -44,10 +44,10 @@ index d7f68b1..9b7a521 100644 rflg = true; break; diff --git a/src/groupmod.c b/src/groupmod.c -index acd6f35..f9dcabd 100644 +index 7fd02d6..522b65e 100644 --- a/src/groupmod.c +++ b/src/groupmod.c -@@ -139,8 +139,10 @@ static void usage (int status) +@@ -121,8 +121,10 @@ static void usage (int status) (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); (void) fputs (_(" -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"), usageout); (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), usageout); @@ -58,7 +58,7 @@ index acd6f35..f9dcabd 100644 (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); (void) fputs (_(" -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); (void) fputs (_(" -U, --users USERS list of user members of this group\n"), usageout); -@@ -449,10 +451,12 @@ static void process_flags (int argc, char **argv) +@@ -431,10 +433,12 @@ static void process_flags (int argc, char **argv) case 'o': oflg = true; break; @@ -72,10 +72,10 @@ index acd6f35..f9dcabd 100644 break; case 'P': /* no-op, handled in process_prefix_flag () */ diff --git a/src/useradd.c b/src/useradd.c -index 89abd5e..e5ba3dd 100644 +index 677ea5a..209ab9c 100644 --- a/src/useradd.c +++ b/src/useradd.c -@@ -907,7 +907,9 @@ static void usage (int status) +@@ -970,7 +970,9 @@ static void usage (int status) " the user\n"), usageout); (void) fputs (_(" -o, --non-unique allow to create users with duplicate\n" " (non-unique) UID\n"), usageout); @@ -85,7 +85,7 @@ index 89abd5e..e5ba3dd 100644 (void) fputs (_(" -r, --system create a system account\n"), usageout); (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); (void) fputs (_(" -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); -@@ -1366,6 +1368,7 @@ static void process_flags (int argc, char **argv) +@@ -1442,6 +1444,7 @@ static void process_flags (int argc, char **argv) case 'o': oflg = true; break; @@ -93,7 +93,7 @@ index 89abd5e..e5ba3dd 100644 case 'p': /* set encrypted password */ if (!VALID (optarg)) { fprintf (stderr, -@@ -1375,6 +1378,7 @@ static void process_flags (int argc, char **argv) +@@ -1451,6 +1454,7 @@ static void process_flags (int argc, char **argv) } user_pass = optarg; break; @@ -102,10 +102,10 @@ index 89abd5e..e5ba3dd 100644 rflg = true; break; diff --git a/src/usermod.c b/src/usermod.c -index ca8db92..509a50b 100644 +index 0a18709..b40b569 100644 --- a/src/usermod.c +++ b/src/usermod.c -@@ -384,7 +384,9 @@ static /*@noreturn@*/void usage (int status) +@@ -393,7 +393,9 @@ usage (int status) (void) fputs (_(" -m, --move-home move contents of the home directory to the\n" " new location (use only with -d)\n"), usageout); (void) fputs (_(" -o, --non-unique allow using duplicate (non-unique) UID\n"), usageout); @@ -115,7 +115,7 @@ index ca8db92..509a50b 100644 (void) fputs (_(" -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); (void) fputs (_(" -r, --remove remove the user from only the supplemental GROUPS\n" " mentioned by the -G option without removing\n" -@@ -1121,10 +1123,12 @@ static void process_flags (int argc, char **argv) +@@ -1128,10 +1130,12 @@ static void process_flags (int argc, char **argv) case 'o': oflg = true; break; @@ -129,5 +129,5 @@ index ca8db92..509a50b 100644 rflg = true; break; -- -2.12.3 +2.27.0 diff --git a/shadow-add-sm3-crypt-support.patch b/shadow-add-sm3-crypt-support.patch index bfb5184..8b1e98a 100644 --- a/shadow-add-sm3-crypt-support.patch +++ b/shadow-add-sm3-crypt-support.patch @@ -4,23 +4,23 @@ Date: Wed, 29 Dec 2021 16:05:56 +0800 Subject: [PATCH] shadow add sm3 crypt support --- - configure.ac | 9 ++++ - etc/login.defs | 17 ++++++++ - lib/encrypt.c | 3 ++ - lib/getdef.c | 4 ++ - libmisc/obscure.c | 3 ++ - libmisc/salt.c | 106 +++++++++++++++++++++++++++++++++++++++++++--- - src/chgpasswd.c | 48 +++++++++++++++------ - src/chpasswd.c | 46 ++++++++++++++------ - src/newusers.c | 61 +++++++++++++++++++------- - src/passwd.c | 7 ++- - 10 files changed, 254 insertions(+), 50 deletions(-) + configure.ac | 9 +++++ + etc/login.defs | 17 +++++++++ + lib/encrypt.c | 3 ++ + lib/getdef.c | 4 ++ + lib/obscure.c | 3 ++ + lib/salt.c | 98 ++++++++++++++++++++++++++++++++++++++++++++++++- + src/chgpasswd.c | 48 +++++++++++++++++------- + src/chpasswd.c | 44 ++++++++++++++++------ + src/newusers.c | 59 +++++++++++++++++++++-------- + src/passwd.c | 7 +++- + 10 files changed, 248 insertions(+), 44 deletions(-) diff --git a/configure.ac b/configure.ac -index 924254a..dde1de8 100644 +index 5dcd22e..c9cbbf7 100644 --- a/configure.ac +++ b/configure.ac -@@ -274,6 +274,9 @@ AC_ARG_WITH(libcrack, +@@ -249,6 +249,9 @@ AC_ARG_WITH(libcrack, AC_ARG_WITH(sha-crypt, [AS_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])], [with_sha_crypt=$withval], [with_sha_crypt=yes]) @@ -30,7 +30,7 @@ index 924254a..dde1de8 100644 AC_ARG_WITH(bcrypt, [AS_HELP_STRING([--with-bcrypt], [allow the bcrypt password encryption algorithm @<:@default=no@:>@])], [with_bcrypt=$withval], [with_bcrypt=no]) -@@ -307,6 +310,11 @@ if test "$with_sha_crypt" = "yes"; then +@@ -285,6 +288,11 @@ if test "$with_sha_crypt" = "yes"; then AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms]) fi @@ -42,7 +42,7 @@ index 924254a..dde1de8 100644 AM_CONDITIONAL(USE_BCRYPT, test "x$with_bcrypt" = "xyes") if test "$with_bcrypt" = "yes"; then AC_DEFINE(USE_BCRYPT, 1, [Define to allow the bcrypt password encryption algorithm]) -@@ -752,6 +760,7 @@ echo " tcb support (incomplete): $with_tcb" +@@ -782,6 +790,7 @@ echo " tcb support (incomplete): $with_tcb" echo " shadow group support: $enable_shadowgrp" echo " S/Key support: $with_skey" echo " SHA passwords encryption: $with_sha_crypt" @@ -93,10 +93,10 @@ index c84a255..11b301b 100644 method = "YESCRYPT"; break; diff --git a/lib/getdef.c b/lib/getdef.c -index dcd1fe7..9a8089a 100644 +index 7fe6cef..7314399 100644 --- a/lib/getdef.c +++ b/lib/getdef.c -@@ -102,6 +102,10 @@ static struct itemdef def_table[] = { +@@ -106,6 +106,10 @@ static struct itemdef def_table[] = { {"SHA_CRYPT_MAX_ROUNDS", NULL}, {"SHA_CRYPT_MIN_ROUNDS", NULL}, #endif @@ -107,11 +107,11 @@ index dcd1fe7..9a8089a 100644 #ifdef USE_BCRYPT {"BCRYPT_MAX_ROUNDS", NULL}, {"BCRYPT_MIN_ROUNDS", NULL}, -diff --git a/libmisc/obscure.c b/libmisc/obscure.c -index 3daaa95..644259d 100644 ---- a/libmisc/obscure.c -+++ b/libmisc/obscure.c -@@ -246,6 +246,9 @@ static /*@observer@*//*@null@*/const char *obscure_msg ( +diff --git a/lib/obscure.c b/lib/obscure.c +index 88a8773..b452092 100644 +--- a/lib/obscure.c ++++ b/lib/obscure.c +@@ -198,6 +198,9 @@ static /*@observer@*//*@null@*/const char *obscure_msg ( || (strcmp (result, "SHA256") == 0) || (strcmp (result, "SHA512") == 0) #endif @@ -121,11 +121,11 @@ index 3daaa95..644259d 100644 #ifdef USE_BCRYPT || (strcmp (result, "BCRYPT") == 0) #endif -diff --git a/libmisc/salt.c b/libmisc/salt.c -index e5f633a..df4b328 100644 ---- a/libmisc/salt.c -+++ b/libmisc/salt.c -@@ -63,6 +63,17 @@ +diff --git a/lib/salt.c b/lib/salt.c +index dc242ff..e584cc1 100644 +--- a/lib/salt.c ++++ b/lib/salt.c +@@ -58,6 +58,17 @@ #define SHA_ROUNDS_MAX 999999999 #endif @@ -143,16 +143,7 @@ index e5f633a..df4b328 100644 #ifdef USE_YESCRYPT /* * Default number of base64 characters used for the salt. -@@ -95,13 +106,17 @@ static long read_random_bytes (void); - #if !USE_XCRYPT_GENSALT - static /*@observer@*/const char *gensalt (size_t salt_size); - #endif /* !USE_XCRYPT_GENSALT */ --#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) -+#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_SM3_CRYPT) - static long shadow_random (long min, long max); --#endif /* USE_SHA_CRYPT || USE_BCRYPT */ -+#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_SM3_CRYPT*/ - #ifdef USE_SHA_CRYPT +@@ -93,6 +104,10 @@ static /*@observer@*/const char *gensalt (size_t salt_size); static /*@observer@*/unsigned long SHA_get_salt_rounds (/*@null@*/const int *prefered_rounds); static /*@observer@*/void SHA_salt_rounds_to_buf (char *buf, unsigned long rounds); #endif /* USE_SHA_CRYPT */ @@ -163,25 +154,7 @@ index e5f633a..df4b328 100644 #ifdef USE_BCRYPT static /*@observer@*/unsigned long BCRYPT_get_salt_rounds (/*@null@*/const int *prefered_rounds); static /*@observer@*/void BCRYPT_salt_rounds_to_buf (char *buf, unsigned long rounds); -@@ -195,7 +210,7 @@ end: - return randval; - } - --#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) -+#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_SM3_CRYPT) - /* - * Return a random number between min and max (both included). - * -@@ -217,7 +232,7 @@ static long shadow_random (long min, long max) - } - return ret; - } --#endif /* USE_SHA_CRYPT || USE_BCRYPT */ -+#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_SM3_CRYPT*/ - - #ifdef USE_SHA_CRYPT - /* Return the the rounds number for the SHA crypt methods. */ -@@ -293,6 +308,80 @@ static /*@observer@*/void SHA_salt_rounds_to_buf (char *buf, unsigned long round +@@ -177,6 +192,80 @@ static /*@observer@*/void SHA_salt_rounds_to_buf (char *buf, unsigned long round } #endif /* USE_SHA_CRYPT */ @@ -211,7 +184,7 @@ index e5f633a..df4b328 100644 + max_rounds = min_rounds; + } + -+ rounds = (unsigned long) shadow_random (min_rounds, max_rounds); ++ rounds = (unsigned long) csrand_interval (min_rounds, max_rounds); + } + } else if (0 == *prefered_rounds) { + rounds = SM3_ROUNDS_DEFAULT; @@ -262,7 +235,7 @@ index e5f633a..df4b328 100644 #ifdef USE_BCRYPT /* Return the the rounds number for the BCRYPT method. */ static /*@observer@*/unsigned long BCRYPT_get_salt_rounds (/*@null@*/const int *prefered_rounds) -@@ -463,7 +552,7 @@ static /*@observer@*/const char *gensalt (size_t salt_size) +@@ -347,7 +436,7 @@ static /*@observer@*/const char *gensalt (size_t salt_size) * which can both be set inside the login.defs file. * * If meth is specified, an additional parameter can be provided. @@ -271,8 +244,8 @@ index e5f633a..df4b328 100644 * (if not NULL). * * For the YESCRYPT method, this specifies the cost factor (if not NULL). */ -@@ -515,6 +604,13 @@ static /*@observer@*/const char *gensalt (size_t salt_size) - rounds = SHA_get_salt_rounds ((int *) arg); +@@ -399,6 +488,13 @@ static /*@observer@*/const char *gensalt (size_t salt_size) + rounds = SHA_get_salt_rounds (arg); SHA_salt_rounds_to_buf (result, rounds); #endif /* USE_SHA_CRYPT */ +#ifdef USE_SM3_CRYPT @@ -286,7 +259,7 @@ index e5f633a..df4b328 100644 fprintf (log_get_logfd(), _("Invalid ENCRYPT_METHOD value: '%s'.\n" diff --git a/src/chgpasswd.c b/src/chgpasswd.c -index d17acb6..9b00520 100644 +index 7b773e2..a751dda 100644 --- a/src/chgpasswd.c +++ b/src/chgpasswd.c @@ -39,15 +39,18 @@ @@ -310,7 +283,7 @@ index d17acb6..9b00520 100644 #ifdef USE_BCRYPT static long bcrypt_rounds = 13; #endif -@@ -119,6 +122,9 @@ static /*@noreturn@*/void usage (int status) +@@ -121,6 +124,9 @@ usage (int status) #if defined(USE_YESCRYPT) " YESCRYPT" #endif @@ -320,7 +293,7 @@ index d17acb6..9b00520 100644 ); (void) fputs (_(" -e, --encrypted supplied passwords are encrypted\n"), usageout); (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); -@@ -126,11 +132,11 @@ static /*@noreturn@*/void usage (int status) +@@ -128,11 +134,11 @@ usage (int status) " the MD5 algorithm\n"), usageout); (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); @@ -335,7 +308,7 @@ index d17acb6..9b00520 100644 (void) fputs ("\n", usageout); exit (status); -@@ -144,22 +150,22 @@ static /*@noreturn@*/void usage (int status) +@@ -146,22 +152,22 @@ usage (int status) static void process_flags (int argc, char **argv) { int c; @@ -363,7 +336,7 @@ index d17acb6..9b00520 100644 "c:ehmR:s:", #else "c:ehmR:", -@@ -180,7 +186,7 @@ static void process_flags (int argc, char **argv) +@@ -182,7 +188,7 @@ static void process_flags (int argc, char **argv) break; case 'R': /* no-op, handled in process_root_flag () */ break; @@ -372,7 +345,7 @@ index d17acb6..9b00520 100644 case 's': sflg = true; bad_s = 0; -@@ -202,6 +208,12 @@ static void process_flags (int argc, char **argv) +@@ -211,6 +217,12 @@ static void process_flags (int argc, char **argv) bad_s = 1; } #endif /* USE_YESCRYPT */ @@ -385,7 +358,7 @@ index d17acb6..9b00520 100644 if (bad_s != 0) { fprintf (stderr, _("%s: invalid numeric argument '%s'\n"), -@@ -209,7 +221,7 @@ static void process_flags (int argc, char **argv) +@@ -218,7 +230,7 @@ static void process_flags (int argc, char **argv) usage (E_USAGE); } break; @@ -394,7 +367,7 @@ index d17acb6..9b00520 100644 default: usage (E_USAGE); -@@ -228,7 +240,7 @@ static void process_flags (int argc, char **argv) +@@ -237,7 +249,7 @@ static void process_flags (int argc, char **argv) */ static void check_flags (void) { @@ -403,7 +376,7 @@ index d17acb6..9b00520 100644 if (sflg && !cflg) { fprintf (stderr, _("%s: %s flag is only allowed with the %s flag\n"), -@@ -259,6 +271,9 @@ static void check_flags (void) +@@ -268,6 +280,9 @@ static void check_flags (void) #ifdef USE_YESCRYPT && (0 != strcmp (crypt_method, "YESCRYPT")) #endif /* USE_YESCRYPT */ @@ -413,7 +386,7 @@ index d17acb6..9b00520 100644 ) { fprintf (stderr, _("%s: unsupported crypt method: %s\n"), -@@ -483,7 +498,7 @@ int main (int argc, char **argv) +@@ -498,7 +513,7 @@ int main (int argc, char **argv) if (md5flg) { crypt_method = "MD5"; } @@ -422,7 +395,7 @@ index d17acb6..9b00520 100644 if (sflg) { #if defined(USE_SHA_CRYPT) if ( (0 == strcmp (crypt_method, "SHA256")) -@@ -501,6 +516,11 @@ int main (int argc, char **argv) +@@ -516,6 +531,11 @@ int main (int argc, char **argv) arg = &yescrypt_cost; } #endif /* USE_YESCRYPT */ @@ -435,7 +408,7 @@ index d17acb6..9b00520 100644 #endif salt = crypt_make_salt (crypt_method, arg); diff --git a/src/chpasswd.c b/src/chpasswd.c -index 48d5178..9003c18 100644 +index 1a1a5d5..a2b6e9e 100644 --- a/src/chpasswd.c +++ b/src/chpasswd.c @@ -38,7 +38,7 @@ @@ -457,7 +430,7 @@ index 48d5178..9003c18 100644 #ifdef USE_BCRYPT static long bcrypt_rounds = 13; #endif -@@ -113,6 +116,9 @@ static /*@noreturn@*/void usage (int status) +@@ -117,6 +120,9 @@ usage (int status) #endif #if defined(USE_YESCRYPT) " YESCRYPT" @@ -467,22 +440,18 @@ index 48d5178..9003c18 100644 #endif ); (void) fputs (_(" -e, --encrypted supplied passwords are encrypted\n"), usageout); -@@ -121,11 +127,11 @@ static /*@noreturn@*/void usage (int status) - " the MD5 algorithm\n"), +@@ -126,8 +132,8 @@ usage (int status) usageout); (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); + (void) fputs (_(" -P, --prefix PREFIX_DIR directory prefix\n"), usageout); -#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) - (void) fputs (_(" -s, --sha-rounds number of rounds for the SHA, BCRYPT\n" +#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT) + (void) fputs (_(" -s, --sha-rounds number of rounds for the SHA, BCRYPT, SM3\n" " or YESCRYPT crypt algorithms\n"), usageout); --#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */ -+#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT || USE_SM3_CRYPT */ - (void) fputs ("\n", usageout); - - exit (status); -@@ -139,23 +145,23 @@ static /*@noreturn@*/void usage (int status) + #endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */ +@@ -144,9 +150,9 @@ usage (int status) static void process_flags (int argc, char **argv) { int c; @@ -494,9 +463,10 @@ index 48d5178..9003c18 100644 static struct option long_options[] = { {"crypt-method", required_argument, NULL, 'c'}, {"encrypted", no_argument, NULL, 'e'}, - {"help", no_argument, NULL, 'h'}, +@@ -154,14 +160,14 @@ static void process_flags (int argc, char **argv) {"md5", no_argument, NULL, 'm'}, {"root", required_argument, NULL, 'R'}, + {"prefix", required_argument, NULL, 'P'}, -#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) +#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT) {"sha-rounds", required_argument, NULL, 's'}, @@ -508,19 +478,19 @@ index 48d5178..9003c18 100644 while ((c = getopt_long (argc, argv, -#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) +#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT) - "c:ehmR:s:", + "c:ehmR:P:s:", #else - "c:ehmR:", -@@ -176,7 +182,7 @@ static void process_flags (int argc, char **argv) + "c:ehmR:P:", +@@ -184,7 +190,7 @@ static void process_flags (int argc, char **argv) break; - case 'R': /* no-op, handled in process_root_flag () */ + case 'P': /* no-op, handled in process_prefix_flag () */ break; -#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) +#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT) case 's': sflg = true; bad_s = 0; -@@ -198,14 +204,20 @@ static void process_flags (int argc, char **argv) +@@ -206,14 +212,20 @@ static void process_flags (int argc, char **argv) bad_s = 1; } #endif /* USE_YESCRYPT */ @@ -543,7 +513,7 @@ index 48d5178..9003c18 100644 default: usage (E_USAGE); -@@ -224,7 +236,7 @@ static void process_flags (int argc, char **argv) +@@ -232,7 +244,7 @@ static void process_flags (int argc, char **argv) */ static void check_flags (void) { @@ -552,7 +522,7 @@ index 48d5178..9003c18 100644 if (sflg && !cflg) { fprintf (stderr, _("%s: %s flag is only allowed with the %s flag\n"), -@@ -249,6 +261,9 @@ static void check_flags (void) +@@ -257,6 +269,9 @@ static void check_flags (void) &&(!IS_CRYPT_METHOD("SHA256")) &&(!IS_CRYPT_METHOD("SHA512")) #endif /* USE_SHA_CRYPT */ @@ -562,7 +532,7 @@ index 48d5178..9003c18 100644 #ifdef USE_BCRYPT &&(!IS_CRYPT_METHOD("BCRYPT")) #endif /* USE_BCRYPT */ -@@ -422,6 +437,11 @@ static const char *get_salt(void) +@@ -430,6 +445,11 @@ static const char *get_salt(void) arg = &yescrypt_cost; } #endif /* USE_YESCRYPT */ @@ -575,15 +545,15 @@ index 48d5178..9003c18 100644 #endif return crypt_make_salt (crypt_method, arg); diff --git a/src/newusers.c b/src/newusers.c -index deeb361..149670e 100644 +index 08f7979..6effa82 100644 --- a/src/newusers.c +++ b/src/newusers.c -@@ -58,12 +58,15 @@ static bool rflg = false; /* create a system account */ +@@ -60,12 +60,15 @@ static bool rflg = false; /* create a system account */ #ifndef USE_PAM static /*@null@*//*@observer@*/char *crypt_method = NULL; #define cflg (NULL != crypt_method) --#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) -+#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_SM3_CRYPT) +-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) ++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT) static bool sflg = false; #endif #ifdef USE_SHA_CRYPT @@ -591,11 +561,11 @@ index deeb361..149670e 100644 #endif /* USE_SHA_CRYPT */ +#ifdef USE_SM3_CRYPT +static long sm3_rounds = 5000; -+#endif /* USE_SM3_CRYPT */ ++#endif #ifdef USE_BCRYPT static long bcrypt_rounds = 13; #endif /* USE_BCRYPT */ -@@ -129,6 +132,9 @@ static void usage (int status) +@@ -131,6 +134,9 @@ static void usage (int status) #endif #if defined(USE_YESCRYPT) " YESCRYPT" @@ -605,7 +575,7 @@ index deeb361..149670e 100644 #endif ); #endif /* !USE_PAM */ -@@ -136,11 +142,11 @@ static void usage (int status) +@@ -138,11 +144,11 @@ static void usage (int status) (void) fputs (_(" -r, --system create system accounts\n"), usageout); (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); #ifndef USE_PAM @@ -695,21 +665,20 @@ index deeb361..149670e 100644 case 's': sflg = true; bad_s = 0; -@@ -680,14 +700,20 @@ static void process_flags (int argc, char **argv) +@@ -687,6 +707,12 @@ static void process_flags (int argc, char **argv) bad_s = 1; } #endif /* USE_YESCRYPT */ -- if (bad_s != 0) { +#if defined(USE_SM3_CRYPT) + if (( (0 == strcmp (crypt_method, "SM3")) + && (0 == getlong(optarg, &sm3_rounds)))) { + bad_s = 1; + } +#endif /* USE_SM3_CRYPT */ -+ if (bad_s != 0) { + if (bad_s != 0) { fprintf (stderr, _("%s: invalid numeric argument '%s'\n"), - Prog, optarg); +@@ -694,7 +720,7 @@ static void process_flags (int argc, char **argv) usage (EXIT_FAILURE); } break; @@ -718,7 +687,7 @@ index deeb361..149670e 100644 #endif /* !USE_PAM */ default: usage (EXIT_FAILURE); -@@ -721,14 +747,14 @@ static void process_flags (int argc, char **argv) +@@ -728,14 +754,14 @@ static void process_flags (int argc, char **argv) static void check_flags (void) { #ifndef USE_PAM @@ -735,7 +704,7 @@ index deeb361..149670e 100644 if (cflg) { if ( (0 != strcmp (crypt_method, "DES")) -@@ -738,6 +764,9 @@ static void check_flags (void) +@@ -745,6 +771,9 @@ static void check_flags (void) && (0 != strcmp (crypt_method, "SHA256")) && (0 != strcmp (crypt_method, "SHA512")) #endif /* USE_SHA_CRYPT */ @@ -746,11 +715,11 @@ index deeb361..149670e 100644 && (0 != strcmp (crypt_method, "BCRYPT")) #endif /* USE_BCRYPT */ diff --git a/src/passwd.c b/src/passwd.c -index 8c6f81a..00711da 100644 +index 5d59e8c..20284c6 100644 --- a/src/passwd.c +++ b/src/passwd.c -@@ -84,7 +84,7 @@ static bool spw_locked = false; - #ifndef USE_PAM +@@ -90,7 +90,7 @@ static bool spw_locked = false; + /* * Size of the biggest passwd: - * $6$ 3 @@ -758,7 +727,7 @@ index 8c6f81a..00711da 100644 * rounds= 7 * 999999999 9 * $ 1 -@@ -93,7 +93,7 @@ static bool spw_locked = false; +@@ -99,7 +99,7 @@ static bool spw_locked = false; * SHA512 123 * nul 1 * @@ -767,7 +736,7 @@ index 8c6f81a..00711da 100644 */ static char crypt_passwd[256]; static bool do_update_pwd = false; -@@ -263,6 +263,9 @@ static int new_password (const struct passwd *pw) +@@ -268,6 +268,9 @@ static int new_password (const struct passwd *pw) #ifdef USE_YESCRYPT || (strcmp (method, "YESCRYPT") == 0) #endif /* USE_YESCRYPT*/ diff --git a/shadow.spec b/shadow.spec index e1a7176..6552942 100644 --- a/shadow.spec +++ b/shadow.spec @@ -1,6 +1,6 @@ Name: shadow -Version: 4.13 -Release: 7 +Version: 4.14.3 +Release: 1 Epoch: 2 License: BSD and GPLv2+ Summary: Tools for managing accounts and shadow password files @@ -17,21 +17,8 @@ Source7: newusers # fix unknown item 'LASTLOG_MAX_UID' Patch0: usermod-unlock.patch -Patch1: backport-useradd-check-if-subid-range-exists-for-user.patch -Patch2: shadow-add-sm3-crypt-support.patch -Patch3: backport-Fix-off-by-one-mistakes.patch -Patch4: backport-Fix-typos-in-length-calculations.patch -Patch5: backport-Correctly-handle-illegal-system-file-in-tz.patch -Patch6: backport-Explicitly-override-only-newlines.patch -Patch7: backport-Prevent-out-of-boundary-access.patch -Patch8: backport-Added-control-character-check.patch -Patch9: backport-Overhaul-valid_field.patch -Patch10: backport-Read-whole-line-in-yes_or_no.patch -Patch11: backport-commonio-free-removed-database-entries.patch -Patch12: backport-semanage-disconnect-to-free-libsemanage-internals.patch -Patch13: backport-run_parts-for-groupadd-and-groupdel.patch -Patch14: shadow-Remove-encrypted-passwd-for-useradd-gr.patch -Patch15: backport-chgpasswd-fix-segfault-in-command-line-options.patch +Patch1: shadow-add-sm3-crypt-support.patch +Patch2: shadow-Remove-encrypted-passwd-for-useradd-gr.patch BuildRequires: gcc, libselinux-devel, audit-libs-devel, libsemanage-devel BuildRequires: libacl-devel, libattr-devel @@ -82,7 +69,9 @@ autoreconf -fiv --with-selinux \ --without-libcrack \ --with-libpam \ + --without-libbsd \ --enable-shared \ + --enable-lastlog \ --with-group-name-max-length=32 %make_build @@ -199,6 +188,13 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.{la,a} %{_mandir}/*/* %changelog +* Thu Feb 1 2024 zhengxiaoxiao - 2:4.14.3-1 +- update version to 4.14.3 + -Avoid null pointer dereference + -Update utmp at an initial login + -Merge libshadow and libmisc into a single libshadow + -Adding the userdel and groupdel hooks to release tarball + * Wed Sep 20 2023 lvgenggeng - 2:4.13-7 - backport patches from upstream diff --git a/usermod-unlock.patch b/usermod-unlock.patch index ff9602d..a26afe3 100644 --- a/usermod-unlock.patch +++ b/usermod-unlock.patch @@ -2,14 +2,13 @@ Index: shadow-4.5/src/usermod.c =================================================================== --- a/src/usermod.c +++ b/src/usermod.c -@@ -466,14 +466,17 @@ static char *new_pw_passwd (char *pw_pass) +@@ -434,12 +434,17 @@ static char *new_pw_passwd (char *pw_pass) strcat (buf, pw_pass); pw_pass = buf; } else if (Uflg && pw_pass[0] == '!') { -- char *s; -+ char *s = pw_pass; - - if (pw_pass[1] == '\0') { ++ char *s = pw_pass; ++ + while ('!' == *s) + ++s; + @@ -23,16 +22,9 @@ Index: shadow-4.5/src/usermod.c } #ifdef WITH_AUDIT -@@ -482,12 +485,15 @@ static char *new_pw_passwd (char *pw_pass) - user_newname, (unsigned int) user_newid, 0); - #endif +@@ -449,6 +454,13 @@ static char *new_pw_passwd (char *pw_pass) SYSLOG ((LOG_INFO, "unlock user '%s' password", user_newname)); -- s = pw_pass; -- while ('\0' != *s) { -- *s = *(s + 1); -- s++; -- } -+ memmove (pw_pass, s, strlen (s) + 1); + memmove(pw_pass, pw_pass + 1, strlen(pw_pass)); } else if (pflg) { + if (strchr (user_pass, ':') != NULL) { + fprintf (stderr, @@ -43,8 +35,8 @@ Index: shadow-4.5/src/usermod.c + } #ifdef WITH_AUDIT audit_logger (AUDIT_USER_CHAUTHTOK, Prog, - "changing password", -@@ -536,6 +542,8 @@ static void new_pwent (struct passwd *pwent) + "changing password", user_newname, user_newid, 1); +@@ -495,6 +507,8 @@ static void new_pwent (struct passwd *pwent) if ( (!is_shadow_pwd) || (strcmp (pwent->pw_passwd, SHADOW_PASSWD_STRING) != 0)) { pwent->pw_passwd = new_pw_passwd (pwent->pw_passwd); @@ -53,7 +45,7 @@ Index: shadow-4.5/src/usermod.c } if (uflg) { -@@ -650,6 +658,8 @@ static void new_spent (struct spwd *spent) +@@ -611,6 +625,8 @@ static void new_spent (struct spwd *spent) * + aging has been requested */ spent->sp_pwdp = new_pw_passwd (spent->sp_pwdp); @@ -61,5 +53,5 @@ Index: shadow-4.5/src/usermod.c + fail_exit(E_PW_UPDATE); if (pflg) { - spent->sp_lstchg = (long) gettime () / SCALE; + spent->sp_lstchg = gettime () / SCALE;