add haveged requires and optimize random number function replacement patch

(cherry picked from commit c034218be93620f3b052a7bfa6339c61008da292)

fix-to-replace-random-with-RAND_priv_bytes.patch

@@ -1,14 +1,14 @@
-From 43974c5f3054c152cc424b16684829c19ae8dd6a Mon Sep 17 00:00:00 2001
+From ff6cffa3feaaee11b1a9d27a7eada02fbd9890da Mon Sep 17 00:00:00 2001
-From: hwx1054416 <heyaohua1@huawei.com>
+From: xingwei<xingwei14@h-partners.com>
-Date: Wed, 25 Aug 2021 17:35:39 +0800
+Date: Fri, 27 Aug 2021 17:27:24 +0800
 Subject: [PATCH] replace random with RAND_priv_bytes
 
 ---
- src/yppasswd.c | 15 +++++++++++++--
+ src/yppasswd.c | 19 ++++++++++++++++---
- 1 file changed, 13 insertions(+), 2 deletions(-)
+ 1 file changed, 16 insertions(+), 3 deletions(-)
 
 diff --git a/src/yppasswd.c b/src/yppasswd.c
-index 04d041b..15b25e3 100644
+index aa7c8a1..ae356ad 100644
 --- a/src/yppasswd.c
 +++ b/src/yppasswd.c
 @@ -44,6 +44,7 @@
@@ -32,24 +32,34 @@ index 04d041b..15b25e3 100644
  
    for (i = 0; i < num_chars; i++)
      {
-@@ -529,7 +531,16 @@ create_random_salt (char *salt, int num_chars)
+@@ -529,7 +531,18 @@ create_random_salt (char *salt, int num_chars)
          res = read (fd, &c, 1);
  
        if (res != 1)
 -        c = random ();
 +        {
 +             while (!RAND_status ())
-+                  RAND_seed (&buf, sizeof (buf));
++               {
++                   RAND_seed (&buf, sizeof (buf));   
++               }
 +             if (RAND_priv_bytes (&buf, sizeof (buf)) != 1)
 +               {
-+                    printf ( _("Failed to generate a number.\n"));
++                   printf ( _("Failed to generate a random number.\n"));
-+                    break;
++                   break;
 +               }
 +             c = buf;
 +        }
  
        salt[i] = bin_to_ascii (c & 0x3f);
      }
+@@ -571,7 +584,7 @@ main (int argc, char **argv)
+ {
+   char *s, *progname, *domainname = NULL, *user = NULL, *master = NULL;
+   int f_flag = 0, l_flag = 0, p_flag = 0, error, status;
+-  int hash_id = DES;
++  int hash_id = SHA_512;
+   char rounds[11] = "\0"; /* max length is '999999999$' */
+   struct yppasswd yppwd;
+   struct passwd *pwd;
 -- 
-1.8.3.1
+2.27.0
-

yp-tools.spec

@@ -2,7 +2,7 @@
 
 Name:		yp-tools
 Version:	4.2.3
-Release:        8
+Release:        9
 Summary:	Network Information Service (YP) client utilities
 License:	GPL-2.0-or-later
 URL:		https://github.com/thkukuk/yp-tools
@@ -11,11 +11,11 @@ Patch0: 	yp-tools-2.12-hash.patch
 Patch1: 	yp-tools-2.12-crypt.patch
 Patch2: 	yp-tools-2.12-adjunct.patch
 Patch3: 	yp-tools-4.2.2-strict-prototypes.patch
-Patch9000:      huawei-replace-random-with-RAND_priv_bytes.patch
+Patch4:		fix-to-replace-random-with-RAND_priv_bytes.patch
 
 BuildRequires:	autoconf automake libtool
 BuildRequires:  gettext-devel libtirpc-devel libnsl2-devel openssl-devel
-Requires:	ypbind >= 3:2.4-2 glibc openssl-libs
+Requires:	ypbind >= 3:2.4-2 glibc openssl-libs haveged
 
 %description
 This package provides NIS client programs.NIS,Network Information
@@ -55,6 +55,12 @@ export CFLAGS="$CFLAGS %{optflags} -Wno-cast-function-type -lcrypto"
 %{_mandir}/*/*
 
 %changelog
+* Sun Feb 04 2024 xingwei <xingwei14@h-partners.com> - 4.2.3-9
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:add haveged requires and optimize random number function replacement patch
+
 * Mon Jun 20 2022 liukuo <liukuo@kylinos.cn> - 4.2.3-8
 - License compliance rectification