summaryrefslogtreecommitdiffstats
path: root/source/n/yptools
diff options
context:
space:
mode:
Diffstat (limited to 'source/n/yptools')
-rw-r--r--source/n/yptools/yp-tools-2.12.tar.bz2.sign8
-rw-r--r--source/n/yptools/yp-tools-2.14-glibc217-crypt.diff86
-rw-r--r--source/n/yptools/ypbind-mt-1.32.tar.sign8
-rw-r--r--source/n/yptools/ypserv-2.24.tar.sign8
-rwxr-xr-xsource/n/yptools/yptools.SlackBuild11
5 files changed, 92 insertions, 29 deletions
diff --git a/source/n/yptools/yp-tools-2.12.tar.bz2.sign b/source/n/yptools/yp-tools-2.12.tar.bz2.sign
deleted file mode 100644
index a06fde67a..000000000
--- a/source/n/yptools/yp-tools-2.12.tar.bz2.sign
+++ /dev/null
@@ -1,8 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.9 (GNU/Linux)
-Comment: See http://www.kernel.org/signature.html for info
-
-iD8DBQBLzsykyGugalF9Dw4RAtmgAJ4sG0TJzmNkAz7Z+JJFfOjvGlbTGACgir1a
-+uaNv6XQNH7Vu+Saqy/OsL8=
-=EcSX
------END PGP SIGNATURE-----
diff --git a/source/n/yptools/yp-tools-2.14-glibc217-crypt.diff b/source/n/yptools/yp-tools-2.14-glibc217-crypt.diff
new file mode 100644
index 000000000..cce3ad44a
--- /dev/null
+++ b/source/n/yptools/yp-tools-2.14-glibc217-crypt.diff
@@ -0,0 +1,86 @@
+Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL
+(w/ NULL return) if the salt violates specifications. Additionally,
+on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords
+passed to crypt() fail with EPERM (w/ NULL return).
+
+If using glibc's crypt(), check return value to avoid a possible
+NULL pointer dereference.
+
+Author: mancha
+
+====
+
+--- yp-tools-2.14/src/yppasswd.c.orig 2010-04-21
++++ yp-tools-2.14/src/yppasswd.c 2013-05-22
+@@ -423,6 +423,7 @@ static int /* return values: 0 = not ok,
+ verifypassword (struct passwd *pwd, char *pwdstr, uid_t uid)
+ {
+ char *p, *q;
++ char *crypted_pass;
+ int ucase, lcase, other, r;
+ int passwdlen;
+
+@@ -448,12 +449,19 @@ verifypassword (struct passwd *pwd, char
+ }
+
+ passwdlen = get_passwd_len (pwd->pw_passwd);
+- if (pwd->pw_passwd[0]
+- && !strncmp (pwd->pw_passwd, crypt (pwdstr, pwd->pw_passwd), passwdlen)
+- && uid)
++ if (pwd->pw_passwd[0] && uid)
+ {
+- fputs (_("You cannot reuse the old password.\n"), stderr);
+- return 0;
++ crypted_pass = crypt (pwdstr, pwd->pw_passwd);
++ if (crypted_pass == NULL)
++ {
++ fputs (_("crypt() call failed.\n"), stderr);
++ return 0;
++ }
++ if (!strncmp (pwd->pw_passwd, crypted_pass, passwdlen))
++ {
++ fputs (_("You cannot reuse the old password.\n"), stderr);
++ return 0;
++ }
+ }
+
+ r = 0;
+@@ -517,6 +525,7 @@ int
+ main (int argc, char **argv)
+ {
+ char *s, *progname, *domainname = NULL, *user = NULL, *master = NULL;
++ char *crypted_pass;
+ int f_flag = 0, l_flag = 0, p_flag = 0, error, status;
+ int hash_id = DES;
+ char rounds[11] = "\0"; /* max length is '999999999$' */
+@@ -738,7 +747,13 @@ main (int argc, char **argv)
+ char *sane_passwd = alloca (passwdlen + 1);
+ strncpy (sane_passwd, pwd->pw_passwd, passwdlen);
+ sane_passwd[passwdlen] = 0;
+- if (strcmp (crypt (s, sane_passwd), sane_passwd))
++ crypted_pass = crypt (s, sane_passwd);
++ if (crypted_pass == NULL)
++ {
++ fprintf (stderr, _("crypt() call failed.\n"));
++ return 1;
++ }
++ if (strcmp (crypted_pass, sane_passwd))
+ {
+ fprintf (stderr, _("Sorry.\n"));
+ return 1;
+@@ -833,7 +848,14 @@ main (int argc, char **argv)
+ break;
+ }
+
+- yppwd.newpw.pw_passwd = strdup (crypt (buf, salt));
++ crypted_pass = crypt (buf, salt);
++ if (crypted_pass == NULL);
++ {
++ printf (_("crypt() call failed - password unchanged.\n"));
++ return 1;
++ }
++
++ yppwd.newpw.pw_passwd = strdup (crypted_pass);
+ }
+
+ if (f_flag)
diff --git a/source/n/yptools/ypbind-mt-1.32.tar.sign b/source/n/yptools/ypbind-mt-1.32.tar.sign
deleted file mode 100644
index 4db7167ee..000000000
--- a/source/n/yptools/ypbind-mt-1.32.tar.sign
+++ /dev/null
@@ -1,8 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.9 (GNU/Linux)
-Comment: See http://www.kernel.org/signature.html for info
-
-iD8DBQBMNHqQyGugalF9Dw4RAiHyAKCMjVXlCljwufPauK/O88jDzHZzsQCePyhN
-lqHDK8Fw5zaXPE4744ydtXY=
-=JpZO
------END PGP SIGNATURE-----
diff --git a/source/n/yptools/ypserv-2.24.tar.sign b/source/n/yptools/ypserv-2.24.tar.sign
deleted file mode 100644
index 061f09789..000000000
--- a/source/n/yptools/ypserv-2.24.tar.sign
+++ /dev/null
@@ -1,8 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.9 (GNU/Linux)
-Comment: See http://www.kernel.org/signature.html for info
-
-iD8DBQBMnHqzyGugalF9Dw4RAtUtAJ4gowJGR0cUlcNEhtLR1EOs6BDvcgCfRu0r
-yTGYZzi5YnUQctBC1d9qgs0=
-=r3GH
------END PGP SIGNATURE-----
diff --git a/source/n/yptools/yptools.SlackBuild b/source/n/yptools/yptools.SlackBuild
index 42d96a30b..7baeeb619 100755
--- a/source/n/yptools/yptools.SlackBuild
+++ b/source/n/yptools/yptools.SlackBuild
@@ -1,6 +1,6 @@
#!/bin/sh
-# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
@@ -22,13 +22,13 @@
# Package version number:
-VERSION=2.12
-BUILD=${BUILD:-3}
+VERSION=2.14
+BUILD=${BUILD:-2}
YPTOOLS=$VERSION
-YPBINDMT=1.32
+YPBINDMT=1.37.1
#YPMAKE=0.11
-YPSERV=2.24
+YPSERV=2.31
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
@@ -70,6 +70,7 @@ zcat $CWD/nsswitch.conf-nis.gz > $PKG/etc/nsswitch.conf-nis.new
rm -rf yp-tools-$YPTOOLS
tar xvf $CWD/yp-tools-$YPTOOLS.tar.bz2 || exit 1
cd yp-tools-$YPTOOLS || exit 1
+zcat $CWD/yp-tools-2.14-glibc217-crypt.diff.gz | patch -p1 --verbose || exit 1
./configure \
--prefix=/usr \
--libdir=/usr/lib${LIBDIRSUFFIX} \
generated by cgit v1.2.3 (git 2.26.2) at 2024-04-27 19:07:41 +0000