!18 [sync] PR-16: add haveged requires and optimize random number function replacement patch

From: @openeuler-sync-bot Reviewed-by: @open-bot Signed-off-by: @open-bot
add haveged requires and optimize random number function replacement patch
2024-05-10 03:10:51 +00:00 · 2024-05-10 10:15:51 +08:00 · 2022-07-01 02:28:28 +00:00 · 2022-06-20 12:18:34 +08:00 · 2021-08-25 11:48:09 +00:00 · 2021-08-25 18:37:13 +08:00
2 changed files with 98 additions and 8 deletions
--- a/fix-to-replace-random-with-RAND_priv_bytes.patch
+++ b/fix-to-replace-random-with-RAND_priv_bytes.patch
@ -0,0 +1,65 @@
 From ff6cffa3feaaee11b1a9d27a7eada02fbd9890da Mon Sep 17 00:00:00 2001
 From: xingwei<xingwei14@h-partners.com>
 Date: Fri, 27 Aug 2021 17:27:24 +0800
 Subject: [PATCH] replace random with RAND_priv_bytes
 ---
 src/yppasswd.c | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)
 diff --git a/src/yppasswd.c b/src/yppasswd.c
 index aa7c8a1..ae356ad 100644
 --- a/src/yppasswd.c
 +++ b/src/yppasswd.c
@@ -44,6 +44,7 @@
 #include <rpcsvc/yp_prot.h>
 #include <rpcsvc/ypclnt.h>
 #include <rpcsvc/yppasswd.h>
 +#include <openssl/rand.h>
 #ifndef _
 #define _(String) gettext (String)
@@ -517,10 +518,11 @@ create_random_salt (char *salt, int num_chars)
 {
   int fd;
   unsigned char c;
 +  unsigned char buf;
   int i;
   int res;
 -  fd = open ("/dev/urandom", O_RDONLY);
 +  fd = open ("/dev/random", O_RDONLY);
   for (i = 0; i < num_chars; i++)
     {
@@ -529,7 +531,18 @@ create_random_salt (char *salt, int num_chars)
         res = read (fd, &c, 1);
       if (res != 1)
 -        c = random ();
 +        {
 +             while (!RAND_status ())
 +               {
 +                   RAND_seed (&buf, sizeof (buf));   
 +               }
 +             if (RAND_priv_bytes (&buf, sizeof (buf)) != 1)
 +               {
 +                   printf ( _("Failed to generate a random number.\n"));
 +                   break;
 +               }
 +             c = buf;
 +        }
       salt[i] = bin_to_ascii (c & 0x3f);
     }
@@ -571,7 +584,7 @@ main (int argc, char **argv)
 {
   char *s, *progname, *domainname = NULL, *user = NULL, *master = NULL;
   int f_flag = 0, l_flag = 0, p_flag = 0, error, status;
 -  int hash_id = DES;
 +  int hash_id = SHA_512;
   char rounds[11] = "\0"; /* max length is '999999999$' */
   struct yppasswd yppwd;
   struct passwd *pwd;
 -- 
 2.27.0
--- a/yp-tools.spec
+++ b/yp-tools.spec
@ -2,19 +2,20 @@
 Name:		yp-tools
 Version:	4.2.3
-Release:        4
+Release:        9
 Summary:	Network Information Service (YP) client utilities
-License:	GPLv2
+License:	GPL-2.0-or-later
-URL:		http://www.linux-nis.org/nis/yp-tools/index.html
+URL:		https://github.com/thkukuk/yp-tools
 Source0:	https://github.com/thkukuk/yp-tools/archive/v%{version}.tar.gz
 Patch0: 	yp-tools-2.12-hash.patch
 Patch1: 	yp-tools-2.12-crypt.patch
 Patch2: 	yp-tools-2.12-adjunct.patch
 Patch3: 	yp-tools-4.2.2-strict-prototypes.patch
 Patch4:		fix-to-replace-random-with-RAND_priv_bytes.patch
-BuildRequires:	git autoconf automake libtool
+BuildRequires:	autoconf automake libtool
-BuildRequires:  gettext-devel libtirpc-devel libnsl2-devel
+BuildRequires:  gettext-devel libtirpc-devel libnsl2-devel openssl-devel
-Requires:	ypbind >= 3:2.4-2 glibc
+Requires:	ypbind >= 3:2.4-2 glibc openssl-libs haveged
 %description
 This package provides NIS client programs.NIS,Network Information
@ -30,11 +31,11 @@ Buildarch:	noarch
 The help package contains doc files for yp-tools.
 %prep
-%autosetup -n %{name}-%{version} -p1 -S git
+%autosetup -n %{name}-%{version} -p1
 autoreconf -ifv
 %build
-export CFLAGS="$CFLAGS %{optflags} -Wno-cast-function-type"
+export CFLAGS="$CFLAGS %{optflags} -Wno-cast-function-type -lcrypto"
 %configure --disable-domainname
 %make_build
@ -54,6 +55,30 @@ export CFLAGS="$CFLAGS %{optflags} -Wno-cast-function-type"
 %{_mandir}/*/*
 %changelog
 * Sun Feb 04 2024 xingwei <xingwei14@h-partners.com> - 4.2.3-9
 - Type:bugfix
 - CVE:NA
 - SUG:NA
 - DESC:add haveged requires and optimize random number function replacement patch
 * Mon Jun 20 2022 liukuo <liukuo@kylinos.cn> - 4.2.3-8
 - License compliance rectification
 * Wed Aug 25 2021 heyaohua<heyaohua1@huawei.com> - 4.2.3-7
 - Type:bugfix
 - ID:NA
 - SUG:NA
 - DESC:replace random with RAND_priv_bytes
 * Fri Jul 30 2021 chenyanpanHW <chenyanpan@huawei.com> - 4.2.3-6
 - DESC: delete -S git from %autosetup, and delete BuildRequires git
 * Tue Dec 15 2020 xihaochen <xihaochen@huawei.com> - 4.2.3-5
 - Type:requirement
 - ID:NA
 - SUG:NA
 - DESC:update url
 * Thu Nov 7 2019 openEuler Buildteam <buildteam@openeuler.org> - 4.2.3-4
 - Type:enhancement
 - Id:NA
Author	SHA1	Message	Date
openeuler-ci-bot	267f42c0cb	!18 [sync] PR-16: add haveged requires and optimize random number function replacement patch From: @openeuler-sync-bot Reviewed-by: @open-bot Signed-off-by: @open-bot	2024-05-10 03:10:51 +00:00
xingwei	30a3d3be17	add haveged requires and optimize random number function replacement patch (cherry picked from commit c034218be93620f3b052a7bfa6339c61008da292)	2024-05-10 10:15:51 +08:00
openeuler-ci-bot	256318b754	!8 License compliance rectification From: @lauk001 Reviewed-by: @dwl301 Signed-off-by: @dwl301	2022-07-01 02:28:28 +00:00
lauk001	043c0d9e6b	License compliance rectification	2022-06-20 12:18:34 +08:00
openeuler-ci-bot	c9e08e7d11	!5 替换不安全函数/dev/urandom From: @hwx1054416 Reviewed-by: @zengwefeng,@wangxp006 Signed-off-by: @zengwefeng,@wangxp006	2021-08-25 11:48:09 +00:00
hwx1054416	5a8ab21e71	replace random with RAND_priv_bytes	2021-08-25 18:37:13 +08:00
openeuler-ci-bot	126175c886	!3 yp-tools delete -S git from %autosetup, and delete BuildRequires git From: @chenyanpanHW Reviewed-by: @small_leek Signed-off-by: @small_leek	2021-08-13 08:50:43 +00:00
chenyanpanHW	dc29b6d5d4	delete -S git from %autosetup, and delete BuildRequires git	2021-07-30 23:41:28 +08:00
openeuler-ci-bot	123fccb5fa	!2 update url From: @haochenstar Reviewed-by: @orange-snn Signed-off-by: @orange-snn	2020-12-16 14:26:11 +08:00
haochenstar	399db1158b	update url	2020-12-15 18:30:36 +08:00