Package init

2019-09-30 11:20:39 -04:00 · 2019-09-30 11:20:39 -04:00 · 3b60b9114d
commit 3b60b9114d
6 changed files with 192 additions and 0 deletions
--- a/v4.2.3.tar.gz
+++ b/v4.2.3.tar.gz
--- a/yp-tools-2.12-adjunct.patch
+++ b/yp-tools-2.12-adjunct.patch
@ -0,0 +1,11 @@
+diff -up yp-tools-2.12/src/yppasswd.c.adjunct yp-tools-2.12/src/yppasswd.c
+--- yp-tools-2.12/src/yppasswd.c.adjunct	2012-04-23 13:17:47.000988833 +0200
+++ yp-tools-2.12/src/yppasswd.c	2012-04-23 13:18:01.209802938 +0200
+@@ -774,6 +775,7 @@
+       /* We can't check the password with shadow passwords enabled. We
+        * leave the checking to yppasswdd */
+       if (uid != 0 && strcmp (pwd->pw_passwd, "x") != 0 &&
+	  0 != strncmp (pwd->pw_passwd, "##", 2) && /* don't check passwords using passwd.adjunct feature */
+ 	  strcmp (pwd->pw_passwd, hashpass ) != 0)
+ 	{
+ 	  int passwdlen = get_passwd_len (pwd->pw_passwd);
--- a/yp-tools-2.12-crypt.patch
+++ b/yp-tools-2.12-crypt.patch
@ -0,0 +1,44 @@
+diff -up yp-tools-2.12/src/yppasswd.c.crypt yp-tools-2.12/src/yppasswd.c
+--- yp-tools-2.12/src/yppasswd.c.crypt	2012-04-23 13:01:35.599721168 +0200
+++ yp-tools-2.12/src/yppasswd.c	2012-04-23 13:16:18.251261293 +0200
+@@ -772,9 +778,16 @@ main (int argc, char **argv)
+ 	{
+ 	  int passwdlen = get_passwd_len (pwd->pw_passwd);
+ 	  char *sane_passwd = alloca (passwdlen + 1);
+	  char *crypted;
+ 	  strncpy (sane_passwd, pwd->pw_passwd, passwdlen);
+ 	  sane_passwd[passwdlen] = 0;
+-	  if (strcmp (crypt (s, sane_passwd), sane_passwd))
+	  crypted = crypt (s, sane_passwd);
+	  if(crypted == NULL)
+	    {
+	      fprintf (stderr, _("Sorry - crypt() failed.\n"));
+	      return 1;
+	    }
+	  if (strcmp (crypted, sane_passwd))
+ 	    {
+ 	      fprintf (stderr, _("Sorry.\n"));
+ 	      return 1;
+@@ -789,6 +802,7 @@ main (int argc, char **argv)
+       char *error_msg;
+ #endif /* USE_CRACKLIB */
+       char *buf, salt[37], *p = NULL;
+      char *crypted;
+       int tries = 0;
+ 
+       buf = (char *) malloc (129);
+@@ -869,7 +883,13 @@ main (int argc, char **argv)
+ 	  break;
+ 	}
+ 
+-      yppwd.newpw.pw_passwd = strdup (crypt (buf, salt));
+      crypted = crypt (buf, salt);
+      if(crypted == NULL) {
+	fprintf (stderr, _("Sorry - crypt() failed.\n"));
+	return 1;
+      } else {
+	yppwd.newpw.pw_passwd = strdup (crypted);
+      }
+     }
+ 
+   if (f_flag)
--- a/yp-tools-2.12-hash.patch
+++ b/yp-tools-2.12-hash.patch
@ -0,0 +1,68 @@
+diff -up yp-tools-2.12/man/yppasswd.1.in.hash yp-tools-2.12/man/yppasswd.1.in
+--- yp-tools-2.12/man/yppasswd.1.in.hash	2011-09-09 16:18:49.469037058 +0200
+++ yp-tools-2.12/man/yppasswd.1.in	2011-09-09 16:20:19.101030930 +0200
+@@ -81,6 +81,12 @@ for authentication with the
+ .BR yppasswdd (8)
+ daemon. Subsequently, the
+ program prompts for the updated information:
+.P
+If we use shadowing passwords using passwd.adjunct, SHA-512 will be 
+used for hashing a new password by default. If we want to use MD5, 
+SHA_256 or older DES, we need to set the environment variable 
+YP_PASSWD_HASH. Possible values are "DES", "MD5", "SHA-256" and 
+"SHA-512" (value is case-insensitive).
+ .\"
+ .\"
+ .IP "\fByppasswd\fP or \fB-p\fP"
+diff -up yp-tools-2.12/src/yppasswd.c.hash yp-tools-2.12/src/yppasswd.c
+--- yp-tools-2.12/src/yppasswd.c.hash	2011-09-09 16:20:35.360029823 +0200
+++ yp-tools-2.12/src/yppasswd.c	2011-09-09 16:25:21.589010245 +0200
+@@ -514,6 +514,32 @@ create_random_salt (char *salt, int num_
+     close (fd);
+ }
+ 
+
+/*
+ * Reads environment variable YP_PASSWD_HASH and returns hash id.
+ * Possible values are MD5, SHA-256, SHA-512 and DES.
+ * If other value is set or it is not set at all, SHA-512 is used.
+ */ 
+static int
+get_env_hash_id()
+{
+  const char *v = getenv("YP_PASSWD_HASH");
+  if (!v)
+    return SHA_512;
+
+  if (!strcasecmp(v, "DES"))
+    return DES;
+
+  if (!strcasecmp(v, "SHA-256"))
+    return SHA_256;
+
+  if (!strcasecmp(v, "MD5"))
+    return MD5;
+
+  return SHA_512;
+}
+
+
+ int
+ main (int argc, char **argv)
+ {
+@@ -723,6 +749,15 @@ main (int argc, char **argv)
+ 
+       hash_id = get_hash_id (pwd->pw_passwd);
+ 
+      /* If we use passwd.adjunct, there is no magic value like $1$ in the 
+       * beginning of password, but ##username instead. Thus, SHA_512 will be 
+       * used for hashing a new password by default. If we want to use DES, 
+       * MD5 or SHA_256, we need to set the environment variable 
+       * YP_PASSWD_HASH (e.g. YP_PASSWD_HASH=DES).
+       */
+      if (strncmp(pwd->pw_passwd, "##", 2) == 0)
+        hash_id = get_env_hash_id();
+
+       /* Preserve 'rounds=<N>$' (if present) in case of SHA-2 */
+       if (hash_id == SHA_256 || hash_id == SHA_512)
+ 	{
--- a/yp-tools-4.2.2-strict-prototypes.patch
+++ b/yp-tools-4.2.2-strict-prototypes.patch
@ -0,0 +1,11 @@
+--- yp-tools-yp-tools-4.2.2/src/yppasswd.c.strict-protorypes	2017-02-21 15:51:03.452034055 +0100
+++ yp-tools-yp-tools-4.2.2/src/yppasswd.c	2017-02-21 15:51:14.996030455 +0100
+@@ -547,7 +547,7 @@ create_random_salt (char *salt, int num_
+  * If other value is set or it is not set at all, SHA-512 is used.
+  */ 
+ static int
+-get_env_hash_id()
+get_env_hash_id(void)
+ {
+   const char *v = getenv("YP_PASSWD_HASH");
+   if (!v)
--- a/yp-tools.spec
+++ b/yp-tools.spec
@ -0,0 +1,58 @@
+%global __filter_GLIBC_PRIVATE 1
+
+Name:		yp-tools
+Version:	4.2.3
+Release:        3
+Summary:	Network Information Service (YP) client utilities
+License:	GPLv2
+URL:		http://www.linux-nis.org/nis/yp-tools/index.html
+Source0:	https://github.com/thkukuk/yp-tools/archive/v%{version}.tar.gz
+Patch0: 	yp-tools-2.12-hash.patch
+Patch1: 	yp-tools-2.12-crypt.patch
+Patch2: 	yp-tools-2.12-adjunct.patch
+Patch3: 	yp-tools-4.2.2-strict-prototypes.patch
+
+BuildRequires:	git autoconf automake libtool
+BuildRequires:  gettext-devel libtirpc-devel libnsl2-devel
+Requires:	ypbind >= 3:2.4-2 glibc
+
+%description
+This package provides NIS client programs.NIS,Network Information
+Service,provides passwords,groupinformation and other network information
+to machines on a network.It is also known as Sun Yellow Pages.
+You need to install ypbind on machine which runs NIS programs.
+
+%package	help
+Summary: 	Doc files for yp-tools
+Buildarch:	noarch
+
+%description 	help
+The help package contains doc files for yp-tools.
+
+%prep
+%autosetup -n %{name}-%{version} -p1 -S git
+autoreconf -ifv
+
+%build
+export CFLAGS="$CFLAGS %{optflags} -Wno-cast-function-type"
+%configure --disable-domainname
+%make_build
+
+%install
+%make_install
+
+%find_lang %{name}
+
+%files -f %{name}.lang
+%doc COPYING AUTHORS THANKS etc/nsswitch.conf
+%{_sbindir}/*
+%{_bindir}/*
+/var/yp/nicknames
+
+%files help
+%doc README NEWS ChangeLog
+%{_mandir}/*/*
+
+%changelog
+* Fri Aug 30 2019 luhuaxin <luhuaxin@huawei.com> - 4.2.3-3
+- Package init