Hello community, here is the log from the commit of package john for openSUSE:Factory checked in at 2019-09-11 10:40:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/john (Old) and /work/SRC/openSUSE:Factory/.john.new.7948 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "john" Wed Sep 11 10:40:29 2019 rev:32 rq:729920 version:1.9.0 Changes: -------- --- /work/SRC/openSUSE:Factory/john/john.changes 2018-03-28 10:33:41.228070027 +0200 +++ /work/SRC/openSUSE:Factory/.john.new.7948/john.changes 2019-09-11 10:40:57.251214060 +0200 @@ -1,0 +2,104 @@ +Tue Sep 10 13:32:21 UTC 2019 - simmpho...@opensuse.org + +- Fixed build for ARM and PPC. CPU with AVX support at least is + only available for x86_64 architecture now. + +------------------------------------------------------------------- +Tue Sep 10 06:57:56 UTC 2019 - Jan Engelhardt <jeng...@inai.de> + +- Use noun phrase in summary. Reword description to avoid + unspecific "Unix password". + +------------------------------------------------------------------- +Mon Sep 9 19:29:28 UTC 2019 - simmpho...@opensuse.org + +- remove setBadness from rpmlintrc + +------------------------------------------------------------------- +Mon Sep 2 06:23:15 UTC 2019 - Christophe Giboudeaux <christo...@krop.fr> + +- Fix the sources URL. Use https. + +------------------------------------------------------------------- +Thu Jun 6 12:34:28 UTC 2019 - simmpho...@opensuse.org + +- spec-file changes + + add jumbo scripts and remove "env" from shebang + + remove patches. In upstream already: + + john-1.7.9-powerpc_BE_need_rhash_u32_swap_copy.patch + + ppc64le.patch + + reproducible.patch + + use configure to find dependenices and CPU architecture + + openCL support + + multicore support with fork option + + require CPU with AVX support at least + + root rights are no longer required + +- update to 1.9.0 + + Increased the interleaving for bcrypt on x86-64 from 2x to 3x for a major + speedup on CPUs without SMT. Unfortunately, this sometimes results in a minor + performance regression when running multiple threads on CPUs with SMT. + + Recognize the $2b$ bcrypt prefix. + + In the generic crypt(3) format, detect descrypt with valid vs. invalid salts + as separate id's for our heuristics on supported hash types. + + Introduced a number of optimizations for faster handling of large password + hash files, including loading, cracking, and "--show". Some of these use more + memory than before, yet in a more efficient manner. + + Benchmark using all-different candidate passwords of length 7 by default. + + Dropped undocumented special handling of "Mc" in 'c' and 'C' rule commands. + + Dropped undocumented limitation of the 'M' and 'Q' rule commands where they + would sometimes memorize/check only up to the current hash type's length limit + yet this optimization wouldn't necessarily be transparent (e.g., if a later + command would extract a substring from above the hash type's length limit and + bring it to within the limit). + + Implemented special-case handling of repeated rule commands '$', '^', '[', + ']', '{', and '}', as well as faster handling of the 'D' command. + + When built with "--fork" support, disallow session names with all-digit + suffixes since these clash with those produced by "--fork". + + Forward SIGTERM to --fork'ed children. + + Set stdout to line buffered (rather than potentially fully buffered), except + for "--stdout", "--show", and auxiliary programs such as "unshadow". + + On Windows, restore normal processing of Ctrl-C in case our parent (such as + Johnny the GUI) had disabled it. + + Added linux-x86*-avx512 and linux-x86*-avx2 make targets, which use + respectively AVX-512 and AVX2 for bitslice DES. + + Added linux-mic make target for Intel MIC (first generation Xeon Phi, aka + Knights Corner), which uses its 512-bit SIMD intrinsics for bitslice DES. + (For second generation Xeon Phi, aka Knights Landing, use linux-x86-64-avx512.) + + Added linux-arm64le, linux-arm32le-neon, and linux-arm32le make targets. + (The first two of these make use of ASIMD or NEON for bitslice DES.) + + Added linux-sparc64 make target. + + Made a minor optimization to MMX and SSE2 assembly code for LM hash. + + Dropped Ultrix and SCO support. + + Don't probe for alternate config file names (like john.ini when on Unix). + + "DokuWiki" external mode sample has been added to the default john.conf. + + Fixed operator precedence in the external mode compiler to be the same as C. + + Fixed an out of bounds write bug in the external mode virtual machine. + + Fixed a bug introduced in version 1.7.4 in the wordlist rules engine, where + some sequences of rule commands could overflow a word buffer. + + Fixed a bug where unaligned access SSE/AVX instructions would unnecessarily + be generated by GCC 4.6+ in the bitslice DES code in non-OpenMP builds. + + Fixed a bug where "Warning: no OpenMP support for this hash type" could be + printed in "--stdout" mode. + + Made assorted other bugfixes, portability and documentation enhancements. + +- version 1.7.9.8 + + Revised the incremental mode to let the current character counts grow for + each character position independently, with the aim to improve efficiency in + terms of successful guesses per candidate passwords tested. + + Revised the pre-defined incremental modes, as well as external mode filters + that are used to generate .chr files. + + Added makechr, a script to (re-)generate .chr files. + + Enhanced the status reporting to include four distinct speed metrics (g/s, + p/s, c/s, and C/s). + + Added the "--fork=N" and "--node=MIN[-MAX]/TOTAL" options for trivial + parallel and distributed processing. + + In the external mode compiler, treat character literals as unsigned. + + Renamed many of the formats. + + Updated the documentation. + + Relaxed the license for many source files to cut-down BSD. + + Relaxed the license for John the Ripper as a whole from GPLv2 (exact version) + to GPLv2 or newer with optional OpenSSL and unRAR exceptions. + + Assorted other changes have been made. + +------------------------------------------------------------------- Old: ---- john-1.7.9-jumbo-7.tar.bz2 john-1.7.9-jumbo-7.tar.bz2.sign john-1.7.9-powerpc_BE_need_rhash_u32_swap_copy.patch john-1.8.0.tar.xz john-1.8.0.tar.xz.sign ppc64le.patch reproducible.patch New: ---- john-1.9.0-jumbo-1.tar.xz john-1.9.0-jumbo-1.tar.xz.sign john-1.9.0.tar.xz john-1.9.0.tar.xz.sign ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ john.spec ++++++ --- /var/tmp/diff_new_pack.ZdiGzp/_old 2019-09-11 10:40:59.059213739 +0200 +++ /var/tmp/diff_new_pack.ZdiGzp/_new 2019-09-11 10:40:59.059213739 +0200 @@ -1,7 +1,7 @@ # # spec file for package john # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,144 +12,130 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # +%define johndir %{_datadir}/john +%define jumboversion john-1.9.0-jumbo-1 Name: john -Version: 1.8.0 +Version: 1.9.0 Release: 0 -Summary: Detects Weak Passwords -License: GPL-2.0+ +Summary: Utility to detect weak passwords +License: GPL-2.0-or-later Group: Productivity/Security -Url: http://www.openwall.com/john/ -Source: http://www.openwall.com/john/j/%{name}-%{version}.tar.xz -Source1: http://www.openwall.com/john/j/%{name}-%{version}.tar.xz.sign +URL: https://www.openwall.com/john/ +Source: https://www.openwall.com/john/k/%{name}-%{version}.tar.xz +Source1: https://www.openwall.com/john/k/%{name}-%{version}.tar.xz.sign Source2: %{name}.8.gz Source3: %{name}-rpmlintrc Source6: mailer.8 Source7: relbench.8 -%define jumboversion john-1.7.9-jumbo-7 -Source8: %{jumboversion}.tar.bz2 -Source9: %{jumboversion}.tar.bz2.sign -Patch0: john-1.7.9-powerpc_BE_need_rhash_u32_swap_copy.patch -Patch1: ppc64le.patch -# PATCH-FIX-UPSTREAM https://github.com/magnumripper/JohnTheRipper/pull/2560 -Patch2: reproducible.patch +Source8: https://www.openwall.com/john/k/%{jumboversion}.tar.xz +Source9: https://www.openwall.com/john/k/%{jumboversion}.tar.xz.sign +BuildRequires: dos2unix +BuildRequires: fdupes +BuildRequires: gmp-devel +BuildRequires: libpcap-devel +BuildRequires: libusb-devel +BuildRequires: opencl-headers +BuildRequires: pkgconfig +BuildRequires: pkgconfig(OpenCL) +BuildRequires: pkgconfig(bzip2) BuildRequires: pkgconfig(openssl) -BuildConflicts: pkgconfig(openssl) >= 1.1 -%if 0%{?suse_version} == 1110 -BuildRequires: xz -%endif BuildRoot: %{_tmppath}/%{name}-%{version}-build -%define johndir /var/lib/john -%define cflags CFLAGS="-c %{optflags} -DJOHN_SYSTEMWIDE=1 -finline-limit=2000 --param inline-unit-growth=2000" LDFLAGS="-lcrypto" -%ifarch x86_64 -%define cflags CFLAGS="-c %{optflags} -DJOHN_SYSTEMWIDE=1" LDFLAGS="-lcrypto" -%endif %description -John the Ripper is a fast password cracker (password security auditing -tool). Its primary purpose is to detect weak Unix passwords, but a -number of other hash types are supported as well. +John the Ripper is a password cracker (password security auditing +tool). Its primary purpose is to detect weak passwords, and a +number of other hash types are supported to that end. %prep %setup -q -a8 -%patch0 -p1 -%patch2 -p1 cd %{jumboversion} && cp -a ./* .. cd .. rm -r %{jumboversion} -%patch1 -p1 # adapt the configs perl -pi -e "s#Wordlist = (.*)#Wordlist = %{johndir}/password.lst#g" $RPM_BUILD_DIR/%{name}-%{version}/run/john.conf perl -pi -e 's#^(\#define JOHN_SYSTEMWIDE_EXEC)\s.+$#$1\t\"%{johndir}\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h perl -pi -e 's#^(\#define CFG_FULL_NAME)\s.+$#$1\t\"%{_sysconfdir}/john.conf\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h perl -pi -e 's#^(\#define CFG_ALT_NAME)\s.+$#$1\t\"%{_sysconfdir}/john.conf\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h perl -pi -e 's#^(\#define WORDLIST_NAME)\s.+$#$1\t\"%{johndir}/password.lst\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h -perl -pi -e 's#^(\#define LOG_NAME)\s.+$#$1\t\"/var/log/john.log\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h +perl -pi -e 's#^(\#define LOG_NAME)\s.+$#$1\t\"/var/log/john/john.log\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h perl -pi -e 's#^(\#define JOHN_SYSTEMWIDE_HOME)\s.+$#$1\t\"%{johndir}\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h %build -%ifarch alpha - TARGET=linux-alpha -%endif -%ifarch ia64 - TARGET=linux-ia64 -%endif -%ifarch %ix86 -%ifnarch i386 i486 - TARGET=linux-x86-mmx -%endif -%endif -%ifarch ppc - TARGET=linux-ppc32 -%endif -%ifarch ppc64 ppc64le - TARGET=linux-ppc64 -%endif -%ifarch sparc sparcv9 - TARGET=linux-sparc -%endif -%ifarch sparc64 - TARGET=solaris-sparc64-gcc -%endif +pushd src +%configure --with-systemwide \ + --disable-openmp \ + --enable-fuzz \ + --enable-experimental-code \ + --enable-pkg-config \ %ifarch x86_64 - TARGET=linux-x86-64 -%endif -%ifarch %arm aarch64 m68k - TARGET=generic -%endif -%ifarch %ix86 -if test -z "$TARGET"; then - TARGET=linux-x86-any -fi + --enable-simd=avx \ %endif -export TARGET -pushd src -make clean $TARGET %{cflags} LDFLAGS='-lcrypto -lm -lz -lssl' -popd - -%check -pushd src -make check + --disable-native-tests +make -s clean +make %{?_smp_mflags} popd +# fix shebang +sed -i 's|#!/usr/bin/env perl|#!/usr/bin/perl|' run/*.pl +sed -i 's|#! /usr/bin/env perl|#!/usr/bin/perl|' run/*.pl +sed -i 's|#!/usr/bin/env python|#!/usr/bin/python|' run/*.py +sed -i 's|#! /usr/bin/env python|#!/usr/bin/python|' run/*.py +sed -i 's|#!/usr/bin/env perl|#!/usr/bin/perl|' run/relbench %install -mkdir -p %{buildroot}{%{_bindir},%johndir,%{_sysconfdir},%{_mandir}/man8} +mkdir -p %{buildroot}{%{_bindir},%{johndir},%{johndir}/wordlists,%{_sysconfdir},%{_mandir}/man8} +mkdir -p %{buildroot}/var/log/john install -m 755 run/john %{buildroot}%{_bindir}/ -cp -r run/un* %{buildroot}%{_bindir}/ -install -m755 run/relbench %{buildroot}%{_bindir}/ -install -m 644 -p run/{password.lst,*.chr,d*.conf,*local.conf} %{buildroot}%johndir/ -install -m 644 -p run/john.conf %{buildroot}%{_sysconfdir}/ +install -m 755 run/*.py %{buildroot}%{_bindir}/ +install -m 755 run/*.pl %{buildroot}%{_bindir}/ +install -m 755 run/un* %{buildroot}%{_bindir}/ +install -m 755 run/*2john %{buildroot}%{_bindir}/ +install -m 755 run/base64conv %{buildroot}%{_bindir}/ +install -m 755 run/relbench %{buildroot}%{_bindir}/ install -m 755 -p run/mailer %{buildroot}%{_bindir}/ +install -m 644 -p run/{password.lst,*.chr,d*.conf,h*.conf,k*.conf,r*.conf} %{buildroot}%{johndir}/ +install -m 644 -p run/john.conf %{buildroot}%{_sysconfdir}/ +touch %{buildroot}%{johndir}/john.local.conf +mkdir -p %{buildroot}%{_datadir}/john/kernels +cp -r run/kernels/* %{buildroot}%{_datadir}/john/kernels/ +mkdir -p %{buildroot}%{_datadir}/john/rules +cp -r run/rules/* %{buildroot}%{_datadir}/john/rules/ # handle documentation - makes rpmlint happy mkdir -p %{buildroot}%{_defaultdocdir}/%{name} -cp README-jumbo doc/* %{buildroot}%{_defaultdocdir}/%{name}/ +cp README.md %{buildroot}%{_defaultdocdir}/%{name}/ +cp -r doc/* %{buildroot}%{_defaultdocdir}/%{name}/ rm %{buildroot}%{_defaultdocdir}/%{name}/INSTALL +rm %{buildroot}%{_defaultdocdir}/%{name}/README # install man pages install -m 644 -p %{SOURCE2} %{buildroot}%{_mandir}/man8/ install -Dm644 %{SOURCE6} %{buildroot}%{_mandir}/man8/mailer.8 install -Dm644 %{SOURCE7} %{buildroot}%{_mandir}/man8/relbench.8 - -%clean -rm -rf %{buildroot} +dos2unix %{buildroot}%{_defaultdocdir}/%{name}/README.krb5tgs-17-18-23.md +%fdupes %{buildroot} %files -%defattr(-,root,root) %doc %{_defaultdocdir}/%{name}/ -%doc %{_mandir}/man8/john.8* -%doc %{_mandir}/man8/mailer.8* -%doc %{_mandir}/man8/relbench.8* -%{_bindir}/un* -%{_bindir}/relbench +%{_mandir}/man8/john.8%{?ext_man} +%{_mandir}/man8/mailer.8%{?ext_man} +%{_mandir}/man8/relbench.8%{?ext_man} +%{_bindir}/* %dir %{johndir} -%attr(750,root,wheel) %{_bindir}/john -%{_bindir}/mailer -%attr(644,root,root) %johndir/password.lst -%attr(644,root,root) %johndir/*.chr -%attr(644,root,root) %johndir/d*.conf -%attr(644,root,root) %johndir/*local.conf +%dir %{johndir}/kernels/ +%{johndir}/kernels/* +%dir %{johndir}/rules/ +%{johndir}/rules/* +%dir %{johndir}/wordlists +%attr(644,root,root) %{johndir}/password.lst +%attr(644,root,root) %{johndir}/*.chr +%attr(644,root,root) %{johndir}/d*.conf +%attr(644,root,root) %{johndir}/h*.conf +%attr(644,root,root) %{johndir}/k*.conf +%attr(644,root,root) %{johndir}/r*.conf %config (noreplace) %{_sysconfdir}/john.conf +%config (noreplace) %{johndir}/john.local.conf +%attr(775,root,users) %dir /var/log/john %changelog ++++++ john-1.8.0.tar.xz -> john-1.9.0.tar.xz ++++++ /work/SRC/openSUSE:Factory/john/john-1.8.0.tar.xz /work/SRC/openSUSE:Factory/.john.new.7948/john-1.9.0.tar.xz differ: char 26, line 1 ++++++ john-rpmlintrc ++++++ --- /var/tmp/diff_new_pack.ZdiGzp/_old 2019-09-11 10:40:59.119213728 +0200 +++ /var/tmp/diff_new_pack.ZdiGzp/_new 2019-09-11 10:40:59.123213727 +0200 @@ -1,3 +1,2 @@ -# the password.lst contains some shebangs which are often -# used as passwords - so the rpmlint warning is a false positive -addFilter("non-executable-script.*/var/lib/john/password.lst") +addFilter("devel-file-in-non-devel-package") +addFilter("/usr/share/john/john.local.conf")