commit: 94556668d117a3c7d2e140da3d6e09f7af8c652d
Author: Michał Górny <mgorny <AT> gentoo <DOT> org>
AuthorDate: Fri Jan 1 01:59:19 2021 +0000
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org>
CommitDate: Fri Jan 1 01:59:19 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=94556668
sys-libs/cracklib: Remove old (py3.6)
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>
sys-libs/cracklib/Manifest | 1 -
sys-libs/cracklib/cracklib-2.9.6-r2.ebuild | 112 ---------------------
.../files/cracklib-2.9.6-CVE-2016-6318.patch | 108 --------------------
...acklib-2.9.6-fix-long-word-bufferoverflow.patch | 43 --------
4 files changed, 264 deletions(-)
diff --git a/sys-libs/cracklib/Manifest b/sys-libs/cracklib/Manifest
index 18189ac7299..a5075441267 100644
--- a/sys-libs/cracklib/Manifest
+++ b/sys-libs/cracklib/Manifest
@@ -1,2 +1 @@
-DIST cracklib-2.9.6.tar.gz 642402 BLAKE2B
4d7a0d12d1e7101c82d03f76e073407481078747c283fe3251f947542017fff03fbc5e98505c6a7a8987a2bbcea99dab558c15b1eb8fd16755859ce5a4440ed2
SHA512
2b09672e5b412d670e7ed911ebf0c0023fe2901ea05c9c02eefb7a58a13cddbc27a65d75bb20be9f8cebf4c90a9a56dfe1a3b656dff62b1d6048f5376e671786
DIST cracklib-2.9.7.tar.bz2 603630 BLAKE2B
81a45b2fb9f34da84d4fb864e1a9f67a4b22c246f1e4db1c599a555f79d560a04d95afb01a89cd3a2e0936f0e8fc51ff5ada26098c24d7af0777a94f51b82bbd
SHA512
f6bf65ac092ba46ff78ddbc115692260fb76dc71219cd679d2ea935ebfb9e709fbb30259a7406743ed00dbdc415335b3ac9d9fcba1d204ea36d5eb96bf1333a2
diff --git a/sys-libs/cracklib/cracklib-2.9.6-r2.ebuild
b/sys-libs/cracklib/cracklib-2.9.6-r2.ebuild
deleted file mode 100644
index d1882f16518..00000000000
--- a/sys-libs/cracklib/cracklib-2.9.6-r2.ebuild
+++ /dev/null
@@ -1,112 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-PYTHON_COMPAT=( python3_6 )
-DISTUTILS_OPTIONAL=1
-
-inherit distutils-r1 libtool multilib-minimal toolchain-funcs usr-ldscript
-
-MY_P=${P/_}
-DESCRIPTION="Password Checking Library"
-HOMEPAGE="https://github.com/cracklib/cracklib/";
-# source tarballs on GitHub lack pre-generated configure script.
-#SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
-SRC_URI="https://dev.gentoo.org/~polynomial-c/dist/${P}.tar.gz";
-
-LICENSE="LGPL-2.1"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 s390 sparc
x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos"
-IUSE="nls python static-libs zlib"
-REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
-
-RDEPEND="python? ( ${PYTHON_DEPS} )
- zlib? ( >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] )"
-DEPEND="${RDEPEND}
- python? (
- dev-python/setuptools[${PYTHON_USEDEP}]
- )"
-
-S="${WORKDIR}/${MY_P}"
-
-PATCHES=(
- "${FILESDIR}"/cracklib-2.9.6-CVE-2016-6318.patch
- "${FILESDIR}"/cracklib-2.9.6-fix-long-word-bufferoverflow.patch
-)
-
-do_python() {
- multilib_is_native_abi || return 0
- use python || return 0
- pushd python > /dev/null || die
- distutils-r1_src_${EBUILD_PHASE}
- popd > /dev/null
-}
-
-pkg_setup() {
- # workaround #195017
- if has unmerge-orphans ${FEATURES} && has_version
"<${CATEGORY}/${PN}-2.8.10" ; then
- eerror "Upgrade path is broken with FEATURES=unmerge-orphans"
- eerror "Please run: FEATURES=-unmerge-orphans emerge cracklib"
- die "Please run: FEATURES=-unmerge-orphans emerge cracklib"
- fi
-}
-
-src_prepare() {
- eapply -p2 "${PATCHES[@]}"
- eapply_user
- elibtoolize #269003
- do_python
-}
-
-multilib_src_configure() {
- local myeconfargs=(
- # use /usr/lib so that the dictionary is shared between ABIs
- --with-default-dict='/usr/lib/cracklib_dict'
- --without-python
- $(use_enable nls)
- $(use_enable static-libs static)
- )
- export ac_cv_header_zlib_h=$(usex zlib)
- export ac_cv_search_gzopen=$(usex zlib -lz no)
- ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
- default
- do_python
-}
-
-multilib_src_test() {
- # Make sure we load the freshly built library
- LD_LIBRARY_PATH="${BUILD_DIR}/lib/.libs" do_python
-}
-
-python_test() {
- ${EPYTHON} -m unittest test_cracklib || die "Tests fail with ${EPYTHON}"
-}
-
-multilib_src_install() {
- default
- # move shared libs to /
- gen_usr_ldscript -a crack
-
- do_python
-}
-
-multilib_src_install_all() {
- einstalldocs
- find "${ED}" -name "*.la" -delete || die
- rm -r "${ED%/}"/usr/share/cracklib || die
-
- insinto /usr/share/dict
- doins dicts/cracklib-small
-}
-
-pkg_postinst() {
- if [[ ${ROOT} == "/" ]] ; then
- ebegin "Regenerating cracklib dictionary"
- create-cracklib-dict "${EPREFIX}"/usr/share/dict/* > /dev/null
- eend $?
- fi
-}
diff --git a/sys-libs/cracklib/files/cracklib-2.9.6-CVE-2016-6318.patch
b/sys-libs/cracklib/files/cracklib-2.9.6-CVE-2016-6318.patch
deleted file mode 100644
index bc47734759e..00000000000
--- a/sys-libs/cracklib/files/cracklib-2.9.6-CVE-2016-6318.patch
+++ /dev/null
@@ -1,108 +0,0 @@
-From 47e5dec521ab6243c9b249dd65b93d232d90d6b1 Mon Sep 17 00:00:00 2001
-From: Jan Dittberner <j...@dittberner.info>
-Date: Thu, 25 Aug 2016 17:13:49 +0200
-Subject: [PATCH] Apply patch to fix CVE-2016-6318
-
-This patch fixes an issue with a stack-based buffer overflow whne
-parsing large GECOS field. See
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6318 and
-https://security-tracker.debian.org/tracker/CVE-2016-6318 for more
-information.
----
- src/NEWS | 1 +
- src/lib/fascist.c | 57 ++++++++++++++++++++++++++++++++-----------------------
- 2 files changed, 34 insertions(+), 24 deletions(-)
-
-diff --git a/src/NEWS b/src/NEWS
-index 26abeee..361a207 100644
---- a/src/NEWS
-+++ b/src/NEWS
-@@ -1,3 +1,4 @@
-+v2.9.x apply patch to fix CVE-2016-6318 Stack-based buffer overflow when
parsing large GECOS field
- v2.9.6 updates to cracklib-words to add a bunch of other dictionary lists
- migration to github
- patch to add some particularly bad cases to the cracklib small
dictionary (Matthew Miller)
-diff --git a/src/lib/fascist.c b/src/lib/fascist.c
-index a996509..d4deb15 100644
---- a/src/lib/fascist.c
-+++ b/src/lib/fascist.c
-@@ -502,7 +502,7 @@ FascistGecosUser(char *password, const char *user, const
char *gecos)
- char gbuffer[STRINGSIZE];
- char tbuffer[STRINGSIZE];
- char *uwords[STRINGSIZE];
-- char longbuffer[STRINGSIZE * 2];
-+ char longbuffer[STRINGSIZE];
-
- if (gecos == NULL)
- gecos = "";
-@@ -583,38 +583,47 @@ FascistGecosUser(char *password, const char *user, const
char *gecos)
- {
- for (i = 0; i < j; i++)
- {
-- strcpy(longbuffer, uwords[i]);
-- strcat(longbuffer, uwords[j]);
--
-- if (GTry(longbuffer, password))
-+ if (strlen(uwords[i]) + strlen(uwords[j]) < STRINGSIZE)
- {
-- return _("it is derived from your password entry");
-- }
-+ strcpy(longbuffer, uwords[i]);
-+ strcat(longbuffer, uwords[j]);
-
-- strcpy(longbuffer, uwords[j]);
-- strcat(longbuffer, uwords[i]);
-+ if (GTry(longbuffer, password))
-+ {
-+ return _("it is derived from your password entry");
-+ }
-
-- if (GTry(longbuffer, password))
-- {
-- return _("it's derived from your password entry");
-- }
-+ strcpy(longbuffer, uwords[j]);
-+ strcat(longbuffer, uwords[i]);
-
-- longbuffer[0] = uwords[i][0];
-- longbuffer[1] = '\0';
-- strcat(longbuffer, uwords[j]);
-+ if (GTry(longbuffer, password))
-+ {
-+ return _("it's derived from your password entry");
-+ }
-+ }
-
-- if (GTry(longbuffer, password))
-+ if (strlen(uwords[j]) < STRINGSIZE - 1)
- {
-- return _("it is derivable from your password entry");
-+ longbuffer[0] = uwords[i][0];
-+ longbuffer[1] = '\0';
-+ strcat(longbuffer, uwords[j]);
-+
-+ if (GTry(longbuffer, password))
-+ {
-+ return _("it is derivable from your password entry");
-+ }
- }
-
-- longbuffer[0] = uwords[j][0];
-- longbuffer[1] = '\0';
-- strcat(longbuffer, uwords[i]);
--
-- if (GTry(longbuffer, password))
-+ if (strlen(uwords[i]) < STRINGSIZE - 1)
- {
-- return _("it's derivable from your password entry");
-+ longbuffer[0] = uwords[j][0];
-+ longbuffer[1] = '\0';
-+ strcat(longbuffer, uwords[i]);
-+
-+ if (GTry(longbuffer, password))
-+ {
-+ return _("it's derivable from your password entry");
-+ }
- }
- }
- }
diff --git
a/sys-libs/cracklib/files/cracklib-2.9.6-fix-long-word-bufferoverflow.patch
b/sys-libs/cracklib/files/cracklib-2.9.6-fix-long-word-bufferoverflow.patch
deleted file mode 100644
index 59dc9e539eb..00000000000
--- a/sys-libs/cracklib/files/cracklib-2.9.6-fix-long-word-bufferoverflow.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 33d7fa4585247cd2247a1ffa032ad245836c6edb Mon Sep 17 00:00:00 2001
-From: Jan Dittberner <j...@dittberner.info>
-Date: Thu, 25 Aug 2016 17:17:53 +0200
-Subject: [PATCH] Fix a buffer overflow processing long words
-
-A buffer overflow processing long words has been discovered. This commit
-applies the patch from
-https://build.opensuse.org/package/view_file/Base:System/cracklib/0004-overflow-processing-long-words.patch
-by Howard Guo.
-
-See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835386 and
-http://www.openwall.com/lists/oss-security/2016/08/23/8
----
- src/NEWS | 1 +
- src/lib/rules.c | 5 ++---
- 2 files changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/src/NEWS b/src/NEWS
-index 361a207..f1df3b0 100644
---- a/src/NEWS
-+++ b/src/NEWS
-@@ -1,4 +1,5 @@
- v2.9.x apply patch to fix CVE-2016-6318 Stack-based buffer overflow when
parsing large GECOS field
-+ fix a buffer overflow processing long words
- v2.9.6 updates to cracklib-words to add a bunch of other dictionary lists
- migration to github
- patch to add some particularly bad cases to the cracklib small
dictionary (Matthew Miller)
-diff --git a/src/lib/rules.c b/src/lib/rules.c
-index d193cc0..3a2aa46 100644
---- a/src/lib/rules.c
-+++ b/src/lib/rules.c
-@@ -434,9 +434,8 @@ Mangle(input, control) /* returns a pointer to
a controlled Mangle */
- {
- int limit;
- register char *ptr;
-- static char area[STRINGSIZE];
-- char area2[STRINGSIZE];
-- area[0] = '\0';
-+ static char area[STRINGSIZE * 2] = {0};
-+ char area2[STRINGSIZE * 2] = {0};
- strcpy(area, input);
-
- for (ptr = control; *ptr; ptr++)
