From d5486e497db0582d9b30ecdf8b34e4b2d33b6d37 Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex.kanavin@gmail.com>
Date: Tue, 2 Nov 2021 09:42:59 +0100
Subject: cracklib: update 2.9.5 -> 2.9.7

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 .../0001-Apply-patch-to-fix-CVE-2016-6318.patch    | 105 ---------------------
 ...c-support-dictionary-byte-order-dependent.patch |  12 +--
 ...02-craklib-fix-testnum-and-teststr-failed.patch |  10 +-
 meta/recipes-extended/cracklib/cracklib_2.9.5.bb   |  30 ------
 meta/recipes-extended/cracklib/cracklib_2.9.7.bb   |  33 +++++++
 5 files changed, 44 insertions(+), 146 deletions(-)
 delete mode 100644 meta/recipes-extended/cracklib/cracklib/0001-Apply-patch-to-fix-CVE-2016-6318.patch
 delete mode 100644 meta/recipes-extended/cracklib/cracklib_2.9.5.bb
 create mode 100644 meta/recipes-extended/cracklib/cracklib_2.9.7.bb

diff --git a/meta/recipes-extended/cracklib/cracklib/0001-Apply-patch-to-fix-CVE-2016-6318.patch b/meta/recipes-extended/cracklib/cracklib/0001-Apply-patch-to-fix-CVE-2016-6318.patch
deleted file mode 100644
index b251ac9056..0000000000
--- a/meta/recipes-extended/cracklib/cracklib/0001-Apply-patch-to-fix-CVE-2016-6318.patch
+++ /dev/null
@@ -1,105 +0,0 @@
-From 47e5dec521ab6243c9b249dd65b93d232d90d6b1 Mon Sep 17 00:00:00 2001
-From: Jan Dittberner <jan@dittberner.info>
-Date: Thu, 25 Aug 2016 17:13:49 +0200
-Subject: [PATCH] Apply patch to fix CVE-2016-6318
-
-This patch fixes an issue with a stack-based buffer overflow when
-parsing large GECOS field. See
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6318 and
-https://security-tracker.debian.org/tracker/CVE-2016-6318 for more
-information.
-
-Upstream-Status: Backport [https://github.com/cracklib/cracklib/commit/47e5dec521ab6243c9b249dd65b93d232d90d6b1]
-CVE: CVE-2016-6318
-Signed-off-by: Dengke Du <dengke.du@windriver.com>
----
- lib/fascist.c | 57 ++++++++++++++++++++++++++++++++-----------------------
- 1 file changed, 33 insertions(+), 24 deletions(-)
-
-diff --git a/lib/fascist.c b/lib/fascist.c
-index a996509..d4deb15 100644
---- a/lib/fascist.c
-+++ b/lib/fascist.c
-@@ -502,7 +502,7 @@ FascistGecosUser(char *password, const char *user, const char *gecos)
-     char gbuffer[STRINGSIZE];
-     char tbuffer[STRINGSIZE];
-     char *uwords[STRINGSIZE];
--    char longbuffer[STRINGSIZE * 2];
-+    char longbuffer[STRINGSIZE];
- 
-     if (gecos == NULL)
- 	gecos = "";
-@@ -583,38 +583,47 @@ FascistGecosUser(char *password, const char *user, const char *gecos)
-     {
- 	for (i = 0; i < j; i++)
- 	{
--	    strcpy(longbuffer, uwords[i]);
--	    strcat(longbuffer, uwords[j]);
--
--	    if (GTry(longbuffer, password))
-+	    if (strlen(uwords[i]) + strlen(uwords[j]) < STRINGSIZE)
- 	    {
--		return _("it is derived from your password entry");
--	    }
-+		strcpy(longbuffer, uwords[i]);
-+		strcat(longbuffer, uwords[j]);
- 
--	    strcpy(longbuffer, uwords[j]);
--	    strcat(longbuffer, uwords[i]);
-+		if (GTry(longbuffer, password))
-+		{
-+		    return _("it is derived from your password entry");
-+		}
- 
--	    if (GTry(longbuffer, password))
--	    {
--		return _("it's derived from your password entry");
--	    }
-+		strcpy(longbuffer, uwords[j]);
-+		strcat(longbuffer, uwords[i]);
- 
--	    longbuffer[0] = uwords[i][0];
--	    longbuffer[1] = '\0';
--	    strcat(longbuffer, uwords[j]);
-+		if (GTry(longbuffer, password))
-+		{
-+		   return _("it's derived from your password entry");
-+		}
-+	    }
- 
--	    if (GTry(longbuffer, password))
-+	    if (strlen(uwords[j]) < STRINGSIZE - 1)
- 	    {
--		return _("it is derivable from your password entry");
-+		longbuffer[0] = uwords[i][0];
-+		longbuffer[1] = '\0';
-+		strcat(longbuffer, uwords[j]);
-+
-+		if (GTry(longbuffer, password))
-+		{
-+		    return _("it is derivable from your password entry");
-+		}
- 	    }
- 
--	    longbuffer[0] = uwords[j][0];
--	    longbuffer[1] = '\0';
--	    strcat(longbuffer, uwords[i]);
--
--	    if (GTry(longbuffer, password))
-+	    if (strlen(uwords[i]) < STRINGSIZE - 1)
- 	    {
--		return _("it's derivable from your password entry");
-+		longbuffer[0] = uwords[j][0];
-+		longbuffer[1] = '\0';
-+		strcat(longbuffer, uwords[i]);
-+
-+		if (GTry(longbuffer, password))
-+		{
-+		    return _("it's derivable from your password entry");
-+		}
- 	    }
- 	}
-     }
--- 
-2.8.1
-
diff --git a/meta/recipes-extended/cracklib/cracklib/0001-packlib.c-support-dictionary-byte-order-dependent.patch b/meta/recipes-extended/cracklib/cracklib/0001-packlib.c-support-dictionary-byte-order-dependent.patch
index adbe7dfff4..082933e471 100644
--- a/meta/recipes-extended/cracklib/cracklib/0001-packlib.c-support-dictionary-byte-order-dependent.patch
+++ b/meta/recipes-extended/cracklib/cracklib/0001-packlib.c-support-dictionary-byte-order-dependent.patch
@@ -1,7 +1,7 @@
-From 8a6e43726ad0ae41bd1cc2c248d91deb31459357 Mon Sep 17 00:00:00 2001
+From aae03b7e626d5f62ab929d51d11352a5a2ff6b2d Mon Sep 17 00:00:00 2001
 From: Lei Maohui <leimaohui@cn.fujitsu.com>
 Date: Tue, 9 Jun 2015 11:11:48 +0900
-Subject: [PATCH] packlib.c: support dictionary byte order dependent
+Subject: [PATCH 1/2] packlib.c: support dictionary byte order dependent
 
 The previous dict files are NOT byte-order independent, in fact they are
 probably ARCHITECTURE SPECIFIC.
@@ -22,11 +22,11 @@ Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
 
 Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
 ---
- lib/packlib.c | 214 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
+ lib/packlib.c | 214 +++++++++++++++++++++++++++++++++++++++++++++-
  1 file changed, 210 insertions(+), 4 deletions(-)
 
 diff --git a/lib/packlib.c b/lib/packlib.c
-index f851424..3aac805 100644
+index 8acb7be..a9d8750 100644
 --- a/lib/packlib.c
 +++ b/lib/packlib.c
 @@ -16,6 +16,12 @@
@@ -317,7 +317,7 @@ index f851424..3aac805 100644
 +	fwrite((char *) &tmpdatum, sizeof(tmpdatum), 1, pwp->ifp);
  
  	fputs(pwp->data_put[0], pwp->dfp);
- 	putc(0, pwp->dfp);
+ 	putc(0, (FILE*) pwp->dfp);
 @@ -464,6 +668,7 @@ GetPW(pwp, number)
             perror("(index fread failed)");
             return NULL;
@@ -335,5 +335,5 @@ index f851424..3aac805 100644
  
  	int r = 1;
 -- 
-1.8.4.2
+2.20.1
 
diff --git a/meta/recipes-extended/cracklib/cracklib/0002-craklib-fix-testnum-and-teststr-failed.patch b/meta/recipes-extended/cracklib/cracklib/0002-craklib-fix-testnum-and-teststr-failed.patch
index 6210e82121..27a4fcbec2 100644
--- a/meta/recipes-extended/cracklib/cracklib/0002-craklib-fix-testnum-and-teststr-failed.patch
+++ b/meta/recipes-extended/cracklib/cracklib/0002-craklib-fix-testnum-and-teststr-failed.patch
@@ -1,7 +1,7 @@
-From 06f9a88b5dd5597f9198ea0cb34f5e96f180e6e3 Mon Sep 17 00:00:00 2001
+From 7250328d7f77069726603ef7132826c9260d3c92 Mon Sep 17 00:00:00 2001
 From: Hongxu Jia <hongxu.jia@windriver.com>
 Date: Sat, 27 Apr 2013 16:02:30 +0800
-Subject: [PATCH] craklib:fix testnum and teststr failed
+Subject: [PATCH 2/2] craklib:fix testnum and teststr failed
 
 Error log:
 ...
@@ -18,8 +18,8 @@ Set DEFAULT_CRACKLIB_DICT as the path of  PWOpen
 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
 Upstream-Status: Pending
 ---
- util/testnum.c |    2 +-
- util/teststr.c |    2 +-
+ util/testnum.c | 2 +-
+ util/teststr.c | 2 +-
  2 files changed, 2 insertions(+), 2 deletions(-)
 
 diff --git a/util/testnum.c b/util/testnum.c
@@ -49,5 +49,5 @@ index 2a31fa4..9fb9cda 100644
  	perror ("PWOpen");
  	return (-1);
 -- 
-1.7.10.4
+2.20.1
 
diff --git a/meta/recipes-extended/cracklib/cracklib_2.9.5.bb b/meta/recipes-extended/cracklib/cracklib_2.9.5.bb
deleted file mode 100644
index c2677184b4..0000000000
--- a/meta/recipes-extended/cracklib/cracklib_2.9.5.bb
+++ /dev/null
@@ -1,30 +0,0 @@
-SUMMARY = "Password strength checker library"
-HOMEPAGE = "https://github.com/cracklib/cracklib"
-DESCRIPTION = "${SUMMARY}"
-
-LICENSE = "LGPLv2.1+"
-LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=e3eda01d9815f8d24aae2dbd89b68b06"
-
-DEPENDS = "cracklib-native zlib"
-
-EXTRA_OECONF = "--without-python --libdir=${base_libdir}"
-
-SRC_URI = "${SOURCEFORGE_MIRROR}/cracklib/cracklib-${PV}.tar.gz \
-           file://0001-packlib.c-support-dictionary-byte-order-dependent.patch \
-           file://0001-Apply-patch-to-fix-CVE-2016-6318.patch \
-           file://0002-craklib-fix-testnum-and-teststr-failed.patch"
-
-SRC_URI[md5sum] = "376790a95c1fb645e59e6e9803c78582"
-SRC_URI[sha256sum] = "59ab0138bc8cf90cccb8509b6969a024d5e58d2d02bcbdccbb9ba9b88be3fa33"
-
-UPSTREAM_CHECK_URI = "http://sourceforge.net/projects/cracklib/files/cracklib/"
-UPSTREAM_CHECK_REGEX = "/cracklib/(?P<pver>(\d+[\.\-_]*)+)/"
-
-inherit autotools gettext
-
-do_install:append:class-target() {
-	create-cracklib-dict -o ${D}${datadir}/cracklib/pw_dict ${D}${datadir}/cracklib/cracklib-small
-}
-
-BBCLASSEXTEND = "native nativesdk"
-
diff --git a/meta/recipes-extended/cracklib/cracklib_2.9.7.bb b/meta/recipes-extended/cracklib/cracklib_2.9.7.bb
new file mode 100644
index 0000000000..2537962336
--- /dev/null
+++ b/meta/recipes-extended/cracklib/cracklib_2.9.7.bb
@@ -0,0 +1,33 @@
+SUMMARY = "Password strength checker library"
+HOMEPAGE = "https://github.com/cracklib/cracklib"
+DESCRIPTION = "${SUMMARY}"
+
+LICENSE = "LGPLv2.1+"
+LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=e3eda01d9815f8d24aae2dbd89b68b06"
+
+DEPENDS = "cracklib-native zlib"
+
+EXTRA_OECONF = "--without-python --libdir=${base_libdir}"
+
+SRC_URI = "git://github.com/cracklib/cracklib;protocol=https;branch=master \
+           file://0001-packlib.c-support-dictionary-byte-order-dependent.patch \
+           file://0002-craklib-fix-testnum-and-teststr-failed.patch"
+
+SRCREV = "f83934cf3cced0c9600c7d81332f4169f122a2cf"
+S = "${WORKDIR}/git/src"
+
+inherit autotools gettext
+
+# This is custom stuff from upstream's autogen.sh
+do_configure:prepend() {
+    mkdir -p ${S}/m4
+    echo EXTRA_DIST = *.m4 > ${S}/m4/Makefile.am
+    touch ${S}/ABOUT-NLS
+}
+
+do_install:append:class-target() {
+	create-cracklib-dict -o ${D}${datadir}/cracklib/pw_dict ${D}${datadir}/cracklib/cracklib-small
+}
+
+BBCLASSEXTEND = "native nativesdk"
+
-- 
cgit 1.2.3-korg