Bug#689588: Please unblock cracklib2/2.8.19-2

To: Niels Thykier <niels@thykier.net>
Cc: 689588@bugs.debian.org, Markus Wanner <markus@bluegap.ch>
Subject: Bug#689588: Please unblock cracklib2/2.8.19-2
From: Jan Dittberner <jandd@debian.org>
Date: Wed, 12 Dec 2012 23:13:02 +0100
Message-id: <[🔎] 20121212221302.GA15105@pneumantius.dittberner.home>
Reply-to: Jan Dittberner <jandd@debian.org>, 689588@bugs.debian.org
In-reply-to: <[🔎] 50C83F99.6020204@thykier.net>
References: <[🔎] 50C83A70.2000104@thykier.net> <[🔎] 50C83F99.6020204@thykier.net>

On Wed, Dec 12, 2012 at 09:26:01AM +0100, Niels Thykier wrote:
> On 2012-12-12 09:04, Niels Thykier wrote:
> > Control: tags -1 moreinfo
> > 
> > On 2012-12-08 12:25, Jan Dittberner wrote:
> >> please unblock cracklib2/2.8.19-2 that I uploaded to unstable. See the
> >> debdiff that is already attached to the bug. The change is minimal and
> >> backward compatible. The test suite runs without problems with all supported
> >> Python versions (2.6, 2.7, 3.2).
> >>
> >>
> >> Best regards
> >> Jan
> > 
> > I have to admit, I would have appreciated if this change had been
> > upstreamed.  Anyhow, I guess that will be your headache and not mine... :)
> > 
> > [...]
> 
> I just saw your original mail from Oct. 4th, so never mind the above
> comment.  I think the use of __DEBIAN_SPECIFIC__SafeFascistCheck will be
> okay for Wheezy (considering it avoids an API transition).
> 
> Sorry for the delay in getting back to you (on your mail from Oct.),

I just uploaded an updated package with Markus' updated patch
(cracklib2_2.8.19-3) to unstable. The debdiffs from the version in testing
(2.8.19-1) and the version you already looked at (2.8.19-2) are attached to
this mail.

Please unblock the new version.


Best regards
Jan

-- 
Jan Dittberner - Debian Developer
GPG-key: 4096R/558FB8DD 2009-05-10
         B2FF 1D95 CE8F 7A22 DF4C  F09B A73E 0055 558F B8DD
http://www.dittberner.info/

diff -Nru cracklib2-2.8.19/debian/changelog cracklib2-2.8.19/debian/changelog
--- cracklib2-2.8.19/debian/changelog	2012-05-20 01:24:15.000000000 +0200
+++ cracklib2-2.8.19/debian/changelog	2012-12-12 22:57:15.000000000 +0100
@@ -1,3 +1,20 @@
+cracklib2 (2.8.19-3) unstable; urgency=low
+
+  * update debian/patches/libcrack2-error-safer-check-variant.patch with
+    fixed version from http://bugs.debian.org/cgi-
+    bin/bugreport.cgi?bug=689588#29
+
+ -- Jan Dittberner <jandd@debian.org>  Wed, 12 Dec 2012 22:56:46 +0100
+
+cracklib2 (2.8.19-2) unstable; urgency=low
+
+  * add debian/patches/libcrack2-error-safer-check-variant.patch to provide
+    __DEBIAN_SPECIFIC__SafeFascistCheck that does not call exit (Closes:
+    #682735)
+  * add __DEBIAN_SPECIFIC__SafeFascistCheck to debian/libcrack2.symbols
+
+ -- Jan Dittberner <jandd@debian.org>  Tue, 02 Oct 2012 09:15:16 +0200
+
 cracklib2 (2.8.19-1) unstable; urgency=low
 
   * New upstream version
diff -Nru cracklib2-2.8.19/debian/libcrack2.symbols cracklib2-2.8.19/debian/libcrack2.symbols
--- cracklib2-2.8.19/debian/libcrack2.symbols	2012-05-20 01:24:15.000000000 +0200
+++ cracklib2-2.8.19/debian/libcrack2.symbols	2012-12-12 22:57:15.000000000 +0100
@@ -27,3 +27,4 @@
  Trim@Base 2.8.12
  Uppercase@Base 2.8.12
  GetDefaultCracklibDict@Base 2.8.14
+ __DEBIAN_SPECIFIC__SafeFascistCheck@Base 2.8.19-2~
diff -Nru cracklib2-2.8.19/debian/patches/libcrack2-error-safer-check-variant.patch cracklib2-2.8.19/debian/patches/libcrack2-error-safer-check-variant.patch
--- cracklib2-2.8.19/debian/patches/libcrack2-error-safer-check-variant.patch	1970-01-01 01:00:00.000000000 +0100
+++ cracklib2-2.8.19/debian/patches/libcrack2-error-safer-check-variant.patch	2012-12-12 22:57:15.000000000 +0100
@@ -0,0 +1,189 @@
+Subject: add a safer check variant
+Author: Markus Wanner <markus@bluegap.ch>
+Bug-Debian: http://bugs.debian.org/682735
+--- a/lib/fascist.c
++++ b/lib/fascist.c
+@@ -879,6 +879,48 @@
+     return res;
+ }
+ 
++/* This Debian specific method is a work-around for Debian #682735. Please
++   do not rely on it being available in future verisons of cracklib2. */
++int
++__DEBIAN_SPECIFIC__SafeFascistCheck(password, path, errstr)
++    const char *password;
++    const char *path;
++    char **errstr;
++{
++    PWDICT *pwp;
++    char pwtrunced[STRINGSIZE];
++
++    /* If passed null for the path, use a compiled-in default */
++    if ( ! path )
++    {
++	path = DEFAULT_CRACKLIB_DICT;
++    }
++
++    /* security problem: assume we may have been given a really long
++       password (buffer attack) and so truncate it to a workable size;
++       try to define workable size as something from which we cannot
++       extend a buffer beyond its limits in the rest of the code */
++
++    strncpy(pwtrunced, password, TRUNCSTRINGSIZE);
++    pwtrunced[TRUNCSTRINGSIZE - 1] = '\0'; /* enforce */
++
++    /* perhaps someone should put something here to check if password
++       is really long and syslog() a message denoting buffer attacks?  */
++
++    if (!(pwp = PWOpen(path, "r")))
++    {
++	return 0;
++    }
++
++    /* sure seems like we should close the database, since we're only likely to check one password */
++    *errstr = FascistLook(pwp, pwtrunced);
++
++    PWClose(pwp);
++    pwp = (PWDICT *)0;
++
++    return 1;
++}
++
+ const char *
+ GetDefaultCracklibDict()
+ {
+--- a/python/_cracklibmodule.c
++++ b/python/_cracklibmodule.c
+@@ -42,6 +42,7 @@
+ #ifdef HAVE_LIBINTL_H
+ #include <libintl.h>
+ #endif
++#include <errno.h>
+ 
+ #ifdef HAVE_PTHREAD_H
+ static pthread_mutex_t cracklib_mutex = PTHREAD_MUTEX_INITIALIZER;
+@@ -74,7 +75,8 @@
+ {
+     char *candidate, *dict;
+     char *defaultdict = NULL;
+-    const char *result;
++    int result;
++    char *errmsg;
+     struct stat st;
+     char *keywords[] = {"pw", "dictpath", NULL};
+     char *dictfile;
+@@ -148,7 +150,8 @@
+ #endif
+ 
+     LOCK();
+-    result = FascistCheck(candidate, dict ? dict : defaultdict);
++    result = __DEBIAN_SPECIFIC__SafeFascistCheck(candidate,
++		dict ? dict : defaultdict, &errmsg);
+     UNLOCK();
+ 
+     if (defaultdict != NULL)
+@@ -156,11 +159,26 @@
+         free(defaultdict);
+     }
+ 
+-    if (result != NULL)
++    if (result)
+     {
+-    	PyErr_SetString(PyExc_ValueError, result);
+-        return NULL;
++	if (errmsg != NULL)
++	{
++	    PyErr_SetString(PyExc_ValueError, errmsg);
++	    return NULL;
++	}
++    } else {
++	if (errno == 0)
++	{
++	    PyErr_SetString(PyExc_RuntimeError, "Unable to read cracklib dictionary.");
++	    return NULL;
++	}
++	else
++	{
++	    PyErr_SetFromErrnoWithFilename(PyExc_ValueError, "/var/cache/cracklib_dict.*");
++	    return NULL;
++	}
+     }
++
+     return Py_BuildValue("s", candidate);
+ }
+ 
+--- a/lib/crack.h
++++ b/lib/crack.h
+@@ -15,6 +15,14 @@
+ 
+ extern const char *FascistCheck(const char *pw, const char *dictpath);
+ 
++/* This Debian specific method is a work-around for Debian #682735. Please
++   do not rely on it being available in future verisons of cracklib2.
++   Returns 1 (true) for success and 0 (false) in case an error occurred
++   opening or reading the dictionary. In the later case, please check
++   errno. */
++extern int __DEBIAN_SPECIFIC__SafeFascistCheck(const char *pw,
++				const char *dictpath, char **errmsg);
++
+ /* This function returns the compiled in value for DEFAULT_CRACKLIB_DICT.
+  */
+ extern const char *GetDefaultCracklibDict(void);
+--- a/lib/packlib.c
++++ b/lib/packlib.c
+@@ -16,6 +16,7 @@
+ #ifdef HAVE_STDINT_H
+ #include <stdint.h>
+ #endif
++#include <errno.h>
+ #include "packer.h"
+ 
+ static const char vers_id[] = "packlib.c : v2.3p2 Alec Muffett 18 May 1993";
+@@ -156,6 +157,7 @@
+ 	if (!fread((char *) &pdesc.header, sizeof(pdesc.header), 1, ifp))
+ 	{
+ 	    fprintf(stderr, "%s: error reading header\n", prefix);
++	    errno = 0;
+ 
+ 	    pdesc.header.pih_magic = 0;
+ 	    fclose(ifp);
+@@ -179,6 +181,7 @@
+             if (!fread((char *) &pdesc64.header, sizeof(pdesc64.header), 1, ifp))
+             {
+                 fprintf(stderr, "%s: error reading header\n", prefix);
++                errno = 0;
+  
+                 pdesc.header.pih_magic = 0;
+                 fclose(ifp);
+@@ -198,6 +201,7 @@
+             {
+                 /* nope, not "64-bit" after all */
+                 fprintf(stderr, "%s: error reading header\n", prefix);
++                errno = 0;
+  
+                 pdesc.header.pih_magic = 0;
+                 fclose(ifp);
+@@ -224,6 +228,7 @@
+ 	if (pdesc.header.pih_magic != PIH_MAGIC)
+ 	{
+ 	    fprintf(stderr, "%s: magic mismatch\n", prefix);
++	    errno = 0;
+ 
+ 	    pdesc.header.pih_magic = 0;
+ 	    fclose(ifp);
+@@ -244,6 +249,7 @@
+         if (pdesc.header.pih_numwords < 1)
+         {
+             fprintf(stderr, "%s: invalid word count\n", prefix);
++            errno = 0;
+  
+             pdesc.header.pih_magic = 0;
+             fclose(ifp);
+@@ -263,6 +269,7 @@
+ 	if (pdesc.header.pih_blocklen != NUMWORDS)
+ 	{
+ 	    fprintf(stderr, "%s: size mismatch\n", prefix);
++	    errno = 0;
+ 
+ 	    pdesc.header.pih_magic = 0;
+ 	    fclose(ifp);
diff -Nru cracklib2-2.8.19/debian/patches/series cracklib2-2.8.19/debian/patches/series
--- cracklib2-2.8.19/debian/patches/series	2012-05-20 01:24:15.000000000 +0200
+++ cracklib2-2.8.19/debian/patches/series	2012-12-12 22:57:15.000000000 +0100
@@ -1,2 +1,3 @@
 install-debian-python-modules.patch
 pass-dict-to-cracklib-test.patch
+libcrack2-error-safer-check-variant.patch

diff -Nru cracklib2-2.8.19/debian/changelog cracklib2-2.8.19/debian/changelog
--- cracklib2-2.8.19/debian/changelog	2012-10-02 09:15:24.000000000 +0200
+++ cracklib2-2.8.19/debian/changelog	2012-12-12 22:57:15.000000000 +0100
@@ -1,3 +1,11 @@
+cracklib2 (2.8.19-3) unstable; urgency=low
+
+  * update debian/patches/libcrack2-error-safer-check-variant.patch with
+    fixed version from http://bugs.debian.org/cgi-
+    bin/bugreport.cgi?bug=689588#29
+
+ -- Jan Dittberner <jandd@debian.org>  Wed, 12 Dec 2012 22:56:46 +0100
+
 cracklib2 (2.8.19-2) unstable; urgency=low
 
   * add debian/patches/libcrack2-error-safer-check-variant.patch to provide
diff -Nru cracklib2-2.8.19/debian/patches/libcrack2-error-safer-check-variant.patch cracklib2-2.8.19/debian/patches/libcrack2-error-safer-check-variant.patch
--- cracklib2-2.8.19/debian/patches/libcrack2-error-safer-check-variant.patch	2012-10-02 09:15:24.000000000 +0200
+++ cracklib2-2.8.19/debian/patches/libcrack2-error-safer-check-variant.patch	2012-12-12 22:57:15.000000000 +0100
@@ -13,7 +13,7 @@
 +__DEBIAN_SPECIFIC__SafeFascistCheck(password, path, errstr)
 +    const char *password;
 +    const char *path;
-+    char *errstr;
++    char **errstr;
 +{
 +    PWDICT *pwp;
 +    char pwtrunced[STRINGSIZE];
@@ -41,7 +41,7 @@
 +    }
 +
 +    /* sure seems like we should close the database, since we're only likely to check one password */
-+    errstr = FascistLook(pwp, pwtrunced);
++    *errstr = FascistLook(pwp, pwtrunced);
 +
 +    PWClose(pwp);
 +    pwp = (PWDICT *)0;
@@ -78,7 +78,7 @@
      LOCK();
 -    result = FascistCheck(candidate, dict ? dict : defaultdict);
 +    result = __DEBIAN_SPECIFIC__SafeFascistCheck(candidate,
-+		dict ? dict : defaultdict, errmsg);
++		dict ? dict : defaultdict, &errmsg);
      UNLOCK();
  
      if (defaultdict != NULL)
@@ -124,7 +124,7 @@
 +   opening or reading the dictionary. In the later case, please check
 +   errno. */
 +extern int __DEBIAN_SPECIFIC__SafeFascistCheck(const char *pw,
-+					const char *dictpath, char *errmsg);
++				const char *dictpath, char **errmsg);
 +
  /* This function returns the compiled in value for DEFAULT_CRACKLIB_DICT.
   */

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- Bug#689588: Please unblock cracklib2/2.8.19-2
  - From: Niels Thykier <niels@thykier.net>
- Bug#689588: Please unblock cracklib2/2.8.19-2
  - From: Niels Thykier <niels@thykier.net>

Prev by Date: Bug#695808: RM: gnat-4.4/4.4.6-6
Next by Date: Bug#691115: unblock libdvdread/4.2.0+20120521-3
Previous by thread: Bug#689588: Please unblock cracklib2/2.8.19-2
Next by thread: Bug#689588: Please unblock cracklib2/2.8.19-2
Index(es):
- Date
- Thread