* [gentoo-commits] repo/gentoo:master commit in: sys-libs/cracklib/, sys-libs/cracklib/files/
@ 2021-01-01 2:03 Michał Górny
0 siblings, 0 replies; 2+ messages in thread
From: Michał Górny @ 2021-01-01 2:03 UTC (permalink / raw
To: gentoo-commits
commit: 94556668d117a3c7d2e140da3d6e09f7af8c652d
Author: Michał Górny <mgorny <AT> gentoo <DOT> org>
AuthorDate: Fri Jan 1 01:59:19 2021 +0000
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org>
CommitDate: Fri Jan 1 01:59:19 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=94556668
sys-libs/cracklib: Remove old (py3.6)
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>
sys-libs/cracklib/Manifest | 1 -
sys-libs/cracklib/cracklib-2.9.6-r2.ebuild | 112 ---------------------
.../files/cracklib-2.9.6-CVE-2016-6318.patch | 108 --------------------
...acklib-2.9.6-fix-long-word-bufferoverflow.patch | 43 --------
4 files changed, 264 deletions(-)
diff --git a/sys-libs/cracklib/Manifest b/sys-libs/cracklib/Manifest
index 18189ac7299..a5075441267 100644
--- a/sys-libs/cracklib/Manifest
+++ b/sys-libs/cracklib/Manifest
@@ -1,2 +1 @@
-DIST cracklib-2.9.6.tar.gz 642402 BLAKE2B 4d7a0d12d1e7101c82d03f76e073407481078747c283fe3251f947542017fff03fbc5e98505c6a7a8987a2bbcea99dab558c15b1eb8fd16755859ce5a4440ed2 SHA512 2b09672e5b412d670e7ed911ebf0c0023fe2901ea05c9c02eefb7a58a13cddbc27a65d75bb20be9f8cebf4c90a9a56dfe1a3b656dff62b1d6048f5376e671786
DIST cracklib-2.9.7.tar.bz2 603630 BLAKE2B 81a45b2fb9f34da84d4fb864e1a9f67a4b22c246f1e4db1c599a555f79d560a04d95afb01a89cd3a2e0936f0e8fc51ff5ada26098c24d7af0777a94f51b82bbd SHA512 f6bf65ac092ba46ff78ddbc115692260fb76dc71219cd679d2ea935ebfb9e709fbb30259a7406743ed00dbdc415335b3ac9d9fcba1d204ea36d5eb96bf1333a2
diff --git a/sys-libs/cracklib/cracklib-2.9.6-r2.ebuild b/sys-libs/cracklib/cracklib-2.9.6-r2.ebuild
deleted file mode 100644
index d1882f16518..00000000000
--- a/sys-libs/cracklib/cracklib-2.9.6-r2.ebuild
+++ /dev/null
@@ -1,112 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-PYTHON_COMPAT=( python3_6 )
-DISTUTILS_OPTIONAL=1
-
-inherit distutils-r1 libtool multilib-minimal toolchain-funcs usr-ldscript
-
-MY_P=${P/_}
-DESCRIPTION="Password Checking Library"
-HOMEPAGE="https://github.com/cracklib/cracklib/"
-# source tarballs on GitHub lack pre-generated configure script.
-#SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
-SRC_URI="https://dev.gentoo.org/~polynomial-c/dist/${P}.tar.gz"
-
-LICENSE="LGPL-2.1"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos"
-IUSE="nls python static-libs zlib"
-REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
-
-RDEPEND="python? ( ${PYTHON_DEPS} )
- zlib? ( >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] )"
-DEPEND="${RDEPEND}
- python? (
- dev-python/setuptools[${PYTHON_USEDEP}]
- )"
-
-S="${WORKDIR}/${MY_P}"
-
-PATCHES=(
- "${FILESDIR}"/cracklib-2.9.6-CVE-2016-6318.patch
- "${FILESDIR}"/cracklib-2.9.6-fix-long-word-bufferoverflow.patch
-)
-
-do_python() {
- multilib_is_native_abi || return 0
- use python || return 0
- pushd python > /dev/null || die
- distutils-r1_src_${EBUILD_PHASE}
- popd > /dev/null
-}
-
-pkg_setup() {
- # workaround #195017
- if has unmerge-orphans ${FEATURES} && has_version "<${CATEGORY}/${PN}-2.8.10" ; then
- eerror "Upgrade path is broken with FEATURES=unmerge-orphans"
- eerror "Please run: FEATURES=-unmerge-orphans emerge cracklib"
- die "Please run: FEATURES=-unmerge-orphans emerge cracklib"
- fi
-}
-
-src_prepare() {
- eapply -p2 "${PATCHES[@]}"
- eapply_user
- elibtoolize #269003
- do_python
-}
-
-multilib_src_configure() {
- local myeconfargs=(
- # use /usr/lib so that the dictionary is shared between ABIs
- --with-default-dict='/usr/lib/cracklib_dict'
- --without-python
- $(use_enable nls)
- $(use_enable static-libs static)
- )
- export ac_cv_header_zlib_h=$(usex zlib)
- export ac_cv_search_gzopen=$(usex zlib -lz no)
- ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
- default
- do_python
-}
-
-multilib_src_test() {
- # Make sure we load the freshly built library
- LD_LIBRARY_PATH="${BUILD_DIR}/lib/.libs" do_python
-}
-
-python_test() {
- ${EPYTHON} -m unittest test_cracklib || die "Tests fail with ${EPYTHON}"
-}
-
-multilib_src_install() {
- default
- # move shared libs to /
- gen_usr_ldscript -a crack
-
- do_python
-}
-
-multilib_src_install_all() {
- einstalldocs
- find "${ED}" -name "*.la" -delete || die
- rm -r "${ED%/}"/usr/share/cracklib || die
-
- insinto /usr/share/dict
- doins dicts/cracklib-small
-}
-
-pkg_postinst() {
- if [[ ${ROOT} == "/" ]] ; then
- ebegin "Regenerating cracklib dictionary"
- create-cracklib-dict "${EPREFIX}"/usr/share/dict/* > /dev/null
- eend $?
- fi
-}
diff --git a/sys-libs/cracklib/files/cracklib-2.9.6-CVE-2016-6318.patch b/sys-libs/cracklib/files/cracklib-2.9.6-CVE-2016-6318.patch
deleted file mode 100644
index bc47734759e..00000000000
--- a/sys-libs/cracklib/files/cracklib-2.9.6-CVE-2016-6318.patch
+++ /dev/null
@@ -1,108 +0,0 @@
-From 47e5dec521ab6243c9b249dd65b93d232d90d6b1 Mon Sep 17 00:00:00 2001
-From: Jan Dittberner <jan@dittberner.info>
-Date: Thu, 25 Aug 2016 17:13:49 +0200
-Subject: [PATCH] Apply patch to fix CVE-2016-6318
-
-This patch fixes an issue with a stack-based buffer overflow whne
-parsing large GECOS field. See
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6318 and
-https://security-tracker.debian.org/tracker/CVE-2016-6318 for more
-information.
----
- src/NEWS | 1 +
- src/lib/fascist.c | 57 ++++++++++++++++++++++++++++++++-----------------------
- 2 files changed, 34 insertions(+), 24 deletions(-)
-
-diff --git a/src/NEWS b/src/NEWS
-index 26abeee..361a207 100644
---- a/src/NEWS
-+++ b/src/NEWS
-@@ -1,3 +1,4 @@
-+v2.9.x apply patch to fix CVE-2016-6318 Stack-based buffer overflow when parsing large GECOS field
- v2.9.6 updates to cracklib-words to add a bunch of other dictionary lists
- migration to github
- patch to add some particularly bad cases to the cracklib small dictionary (Matthew Miller)
-diff --git a/src/lib/fascist.c b/src/lib/fascist.c
-index a996509..d4deb15 100644
---- a/src/lib/fascist.c
-+++ b/src/lib/fascist.c
-@@ -502,7 +502,7 @@ FascistGecosUser(char *password, const char *user, const char *gecos)
- char gbuffer[STRINGSIZE];
- char tbuffer[STRINGSIZE];
- char *uwords[STRINGSIZE];
-- char longbuffer[STRINGSIZE * 2];
-+ char longbuffer[STRINGSIZE];
-
- if (gecos == NULL)
- gecos = "";
-@@ -583,38 +583,47 @@ FascistGecosUser(char *password, const char *user, const char *gecos)
- {
- for (i = 0; i < j; i++)
- {
-- strcpy(longbuffer, uwords[i]);
-- strcat(longbuffer, uwords[j]);
--
-- if (GTry(longbuffer, password))
-+ if (strlen(uwords[i]) + strlen(uwords[j]) < STRINGSIZE)
- {
-- return _("it is derived from your password entry");
-- }
-+ strcpy(longbuffer, uwords[i]);
-+ strcat(longbuffer, uwords[j]);
-
-- strcpy(longbuffer, uwords[j]);
-- strcat(longbuffer, uwords[i]);
-+ if (GTry(longbuffer, password))
-+ {
-+ return _("it is derived from your password entry");
-+ }
-
-- if (GTry(longbuffer, password))
-- {
-- return _("it's derived from your password entry");
-- }
-+ strcpy(longbuffer, uwords[j]);
-+ strcat(longbuffer, uwords[i]);
-
-- longbuffer[0] = uwords[i][0];
-- longbuffer[1] = '\0';
-- strcat(longbuffer, uwords[j]);
-+ if (GTry(longbuffer, password))
-+ {
-+ return _("it's derived from your password entry");
-+ }
-+ }
-
-- if (GTry(longbuffer, password))
-+ if (strlen(uwords[j]) < STRINGSIZE - 1)
- {
-- return _("it is derivable from your password entry");
-+ longbuffer[0] = uwords[i][0];
-+ longbuffer[1] = '\0';
-+ strcat(longbuffer, uwords[j]);
-+
-+ if (GTry(longbuffer, password))
-+ {
-+ return _("it is derivable from your password entry");
-+ }
- }
-
-- longbuffer[0] = uwords[j][0];
-- longbuffer[1] = '\0';
-- strcat(longbuffer, uwords[i]);
--
-- if (GTry(longbuffer, password))
-+ if (strlen(uwords[i]) < STRINGSIZE - 1)
- {
-- return _("it's derivable from your password entry");
-+ longbuffer[0] = uwords[j][0];
-+ longbuffer[1] = '\0';
-+ strcat(longbuffer, uwords[i]);
-+
-+ if (GTry(longbuffer, password))
-+ {
-+ return _("it's derivable from your password entry");
-+ }
- }
- }
- }
diff --git a/sys-libs/cracklib/files/cracklib-2.9.6-fix-long-word-bufferoverflow.patch b/sys-libs/cracklib/files/cracklib-2.9.6-fix-long-word-bufferoverflow.patch
deleted file mode 100644
index 59dc9e539eb..00000000000
--- a/sys-libs/cracklib/files/cracklib-2.9.6-fix-long-word-bufferoverflow.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 33d7fa4585247cd2247a1ffa032ad245836c6edb Mon Sep 17 00:00:00 2001
-From: Jan Dittberner <jan@dittberner.info>
-Date: Thu, 25 Aug 2016 17:17:53 +0200
-Subject: [PATCH] Fix a buffer overflow processing long words
-
-A buffer overflow processing long words has been discovered. This commit
-applies the patch from
-https://build.opensuse.org/package/view_file/Base:System/cracklib/0004-overflow-processing-long-words.patch
-by Howard Guo.
-
-See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835386 and
-http://www.openwall.com/lists/oss-security/2016/08/23/8
----
- src/NEWS | 1 +
- src/lib/rules.c | 5 ++---
- 2 files changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/src/NEWS b/src/NEWS
-index 361a207..f1df3b0 100644
---- a/src/NEWS
-+++ b/src/NEWS
-@@ -1,4 +1,5 @@
- v2.9.x apply patch to fix CVE-2016-6318 Stack-based buffer overflow when parsing large GECOS field
-+ fix a buffer overflow processing long words
- v2.9.6 updates to cracklib-words to add a bunch of other dictionary lists
- migration to github
- patch to add some particularly bad cases to the cracklib small dictionary (Matthew Miller)
-diff --git a/src/lib/rules.c b/src/lib/rules.c
-index d193cc0..3a2aa46 100644
---- a/src/lib/rules.c
-+++ b/src/lib/rules.c
-@@ -434,9 +434,8 @@ Mangle(input, control) /* returns a pointer to a controlled Mangle */
- {
- int limit;
- register char *ptr;
-- static char area[STRINGSIZE];
-- char area2[STRINGSIZE];
-- area[0] = '\0';
-+ static char area[STRINGSIZE * 2] = {0};
-+ char area2[STRINGSIZE * 2] = {0};
- strcpy(area, input);
-
- for (ptr = control; *ptr; ptr++)
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: sys-libs/cracklib/, sys-libs/cracklib/files/
@ 2024-05-09 11:33 Sam James
0 siblings, 0 replies; 2+ messages in thread
From: Sam James @ 2024-05-09 11:33 UTC (permalink / raw
To: gentoo-commits
commit: 4ef3f3e85bd7e2e8de70e76eb09c4c21f207eb16
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Thu May 9 11:30:20 2024 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Thu May 9 11:32:38 2024 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4ef3f3e8
sys-libs/cracklib: enable py3.12, set DISTUTILS_EXT=1
Closes: https://bugs.gentoo.org/929852
Signed-off-by: Sam James <sam <AT> gentoo.org>
sys-libs/cracklib/cracklib-2.9.11.ebuild | 10 ++-
.../files/cracklib-2.9.11-py3.12-tests.patch | 80 ++++++++++++++++++++++
2 files changed, 87 insertions(+), 3 deletions(-)
diff --git a/sys-libs/cracklib/cracklib-2.9.11.ebuild b/sys-libs/cracklib/cracklib-2.9.11.ebuild
index 8be12c0d3441..185419828d79 100644
--- a/sys-libs/cracklib/cracklib-2.9.11.ebuild
+++ b/sys-libs/cracklib/cracklib-2.9.11.ebuild
@@ -1,13 +1,13 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
# Note: ideally bump with sys-apps/cracklib-words
-
+DISTUTILS_EXT=1
DISTUTILS_OPTIONAL=1
DISTUTILS_USE_PEP517=setuptools
-PYTHON_COMPAT=( python3_{9..11} )
+PYTHON_COMPAT=( python3_{10..12} )
inherit distutils-r1 libtool multilib-minimal usr-ldscript
MY_P=${P/_}
@@ -35,6 +35,10 @@ BDEPEND="
python? ( ${DISTUTILS_DEPS} )
"
+PATCHES=(
+ "${FILESDIR}"/${P}-py3.12-tests.patch
+)
+
distutils_enable_tests unittest
pkg_setup() {
diff --git a/sys-libs/cracklib/files/cracklib-2.9.11-py3.12-tests.patch b/sys-libs/cracklib/files/cracklib-2.9.11-py3.12-tests.patch
new file mode 100644
index 000000000000..f0e1cd29a005
--- /dev/null
+++ b/sys-libs/cracklib/files/cracklib-2.9.11-py3.12-tests.patch
@@ -0,0 +1,80 @@
+https://github.com/cracklib/cracklib/commit/a77a392272df3677f71c68e81fcdad1bc722732e
+
+From a77a392272df3677f71c68e81fcdad1bc722732e Mon Sep 17 00:00:00 2001
+From: Olivier Gayot <olivier.gayot@canonical.com>
+Date: Thu, 30 Nov 2023 18:36:17 +0100
+Subject: [PATCH] Fix test-suite so it can run with Python 3.12
+
+The test suite still used the obsolete assertEquals() function which was
+a deprecated alias for assertEqual() (without the s) and got dropped
+from Python 3.12.
+
+Use the replacement instead so the test-suite can run with Python 3.12.
+
+Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
+--- a/python/test_cracklib.py
++++ b/python/test_cracklib.py
+@@ -69,52 +69,52 @@ def test_simple(self):
+ def test_simple_lower(self):
+ for passwd in ['t' * i for i in range(
+ cracklib.MIN_LENGTH - cracklib.LOW_CREDIT)]:
+- self.assertEquals(
++ self.assertEqual(
+ 1, cracklib.simple(passwd),
+ 'password {0} should be detected as too simple'.format(
+ passwd))
+- self.assertEquals(0, cracklib.simple(
++ self.assertEqual(0, cracklib.simple(
+ 't' * (cracklib.MIN_LENGTH - cracklib.LOW_CREDIT)))
+
+ def test_simple_upper(self):
+ for passwd in ['T' * i for i in range(
+ cracklib.MIN_LENGTH - cracklib.UP_CREDIT)]:
+- self.assertEquals(
++ self.assertEqual(
+ 1, cracklib.simple(passwd),
+ 'password {0} should be detected as too simple'.format(
+ passwd))
+- self.assertEquals(0, cracklib.simple(
++ self.assertEqual(0, cracklib.simple(
+ 'T' * (cracklib.MIN_LENGTH - cracklib.UP_CREDIT)))
+
+ def test_simple_digit(self):
+ for passwd in ['1' * i for i in range(
+ cracklib.MIN_LENGTH - cracklib.DIG_CREDIT)]:
+- self.assertEquals(
++ self.assertEqual(
+ 1, cracklib.simple(passwd),
+ 'password {0} should be detected as too simple'.format(
+ passwd))
+- self.assertEquals(0, cracklib.simple(
++ self.assertEqual(0, cracklib.simple(
+ '1' * (cracklib.MIN_LENGTH - cracklib.DIG_CREDIT)))
+
+ def test_simple_other(self):
+ for passwd in ['#' * i for i in range(
+ cracklib.MIN_LENGTH - cracklib.OTH_CREDIT)]:
+- self.assertEquals(
++ self.assertEqual(
+ 1, cracklib.simple(passwd),
+ 'password {0} should be detected as too simple'.format(
+ passwd))
+- self.assertEquals(0, cracklib.simple(
++ self.assertEqual(0, cracklib.simple(
+ '#' * (cracklib.MIN_LENGTH - cracklib.OTH_CREDIT)))
+
+ def test_simple_combinations(self):
+ testset = '#a' * (cracklib.MIN_LENGTH // 2)
+ for passwd in [testset[:i] for i in range(
+ cracklib.MIN_LENGTH - cracklib.LOW_CREDIT - cracklib.OTH_CREDIT)]:
+- self.assertEquals(
++ self.assertEqual(
+ 1, cracklib.simple(passwd),
+ 'password {0} should be detected as too simple'.format(
+ passwd))
+- self.assertEquals(0, cracklib.simple(
++ self.assertEqual(0, cracklib.simple(
+ testset[:(cracklib.MIN_LENGTH - cracklib.LOW_CREDIT -
+ cracklib.OTH_CREDIT)]))
+
+
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2024-05-09 11:33 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-05-09 11:33 [gentoo-commits] repo/gentoo:master commit in: sys-libs/cracklib/, sys-libs/cracklib/files/ Sam James
-- strict thread matches above, loose matches on Subject: below --
2021-01-01 2:03 Michał Górny
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox