[Pkg-shadow-devel] Ubuntu shadow 1:4.1.1-5ubuntu2

Ubuntu Merge-o-Matic mom at ubuntu.com
Fri Nov 14 04:35:35 UTC 2008


This e-mail has been sent due to an upload to Ubuntu that contains Ubuntu
changes.  It contains the difference between the new version and the
previous version of the same source package in Ubuntu.
-------------- next part --------------
Format: 1.7
Date: Thu, 13 Nov 2008 16:43:48 -0800
Source: shadow
Binary: login passwd
Architecture: source
Version: 1:4.1.1-5ubuntu2
Distribution: jaunty
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Kees Cook <kees at ubuntu.com>
Description: 
 login      - system login tools
 passwd     - change and administer password and group data
Launchpad-Bugs-Fixed: 51551
Changes: 
 shadow (1:4.1.1-5ubuntu2) jaunty; urgency=low
 .
   * debian/login.defs: use SHA512 by default for password crypt routine
     (LP: #51551, currently Ubuntu specific).
   * debian/patches/stdout-encrypted-password.patch: allow chpasswd to report
     encrypted passwords to stdout for tools needing encrypted passwords
     (debian bug 505640).
   * debian/rules: regenerate autoconf to avoid libtool-caused FTBFS.
Files: 
 28ba465df2147173c0ce925f3b8b6511 1692 admin required shadow_4.1.1-5ubuntu2.dsc
 3527ea33aebb31b2366ac12e41c473d1 91872 admin required shadow_4.1.1-5ubuntu2.diff.gz
Original-Maintainer: Shadow package maintainers <pkg-shadow-devel at lists.alioth.debian.org>
-------------- next part --------------
diff -pruN 1:4.1.1-5ubuntu1/debian/changelog 1:4.1.1-5ubuntu2/debian/changelog
--- 1:4.1.1-5ubuntu1/debian/changelog	2008-11-14 04:21:06.000000000 +0000
+++ 1:4.1.1-5ubuntu2/debian/changelog	2008-11-14 04:21:05.000000000 +0000
@@ -1,3 +1,14 @@
+shadow (1:4.1.1-5ubuntu2) jaunty; urgency=low
+
+  * debian/login.defs: use SHA512 by default for password crypt routine
+    (LP: #51551, currently Ubuntu specific).
+  * debian/patches/stdout-encrypted-password.patch: allow chpasswd to report
+    encrypted passwords to stdout for tools needing encrypted passwords
+    (debian bug 505640).
+  * debian/rules: regenerate autoconf to avoid libtool-caused FTBFS.
+
+ -- Kees Cook <kees at ubuntu.com>  Thu, 13 Nov 2008 16:43:48 -0800
+
 shadow (1:4.1.1-5ubuntu1) jaunty; urgency=low
 
   * Merge from debian unstable, remaining changes:
diff -pruN 1:4.1.1-5ubuntu1/debian/login.defs 1:4.1.1-5ubuntu2/debian/login.defs
--- 1:4.1.1-5ubuntu1/debian/login.defs	2008-11-14 04:21:06.000000000 +0000
+++ 1:4.1.1-5ubuntu2/debian/login.defs	2008-11-14 04:21:05.000000000 +0000
@@ -286,7 +286,7 @@ USERGROUPS_ENAB yes
 # Note: It is recommended to use a value consistent with
 # the PAM modules configuration.
 #
-#ENCRYPT_METHOD DES
+ENCRYPT_METHOD SHA512
 
 #
 # Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
diff -pruN 1:4.1.1-5ubuntu1/debian/patches/495_stdout-encrypted-password 1:4.1.1-5ubuntu2/debian/patches/495_stdout-encrypted-password
--- 1:4.1.1-5ubuntu1/debian/patches/495_stdout-encrypted-password	1970-01-01 01:00:00.000000000 +0100
+++ 1:4.1.1-5ubuntu2/debian/patches/495_stdout-encrypted-password	2008-11-14 04:21:05.000000000 +0000
@@ -0,0 +1,118 @@
+Index: shadow-4.1.1/src/chpasswd.c
+===================================================================
+--- shadow-4.1.1.orig/src/chpasswd.c	2008-10-29 11:23:27.000000000 -0700
++++ shadow-4.1.1/src/chpasswd.c	2008-10-29 11:25:19.000000000 -0700
+@@ -54,6 +54,7 @@
+ static int eflg = 0;
+ static int md5flg = 0;
+ static int sflg = 0;
++static int use_stdout = 0;
+ 
+ static const char *crypt_method = NULL;
+ static long sha_rounds = 5000;
+@@ -83,6 +84,8 @@
+ 	                   "  -c, --crypt-method            the crypt method (one of %s)\n"
+ 	                   "  -e, --encrypted               supplied passwords are encrypted\n"
+ 	                   "  -h, --help                    display this help message and exit\n"
++	                   "  -S, --stdout                  report encrypted passwords to stdout\n"
++			   "                                instead of changing the passwd file\n"
+ 	                   "  -m, --md5                     encrypt the clear text password using\n"
+ 	                   "                                the MD5 algorithm\n"
+ 	                   "%s"
+@@ -113,6 +116,7 @@
+ 		{"encrypted", no_argument, NULL, 'e'},
+ 		{"help", no_argument, NULL, 'h'},
+ 		{"md5", no_argument, NULL, 'm'},
++		{"stdout", no_argument, NULL, 'S'},
+ #ifdef USE_SHA_CRYPT
+ 		{"sha-rounds", required_argument, NULL, 's'},
+ #endif
+@@ -121,9 +125,9 @@
+ 
+ 	while ((c = getopt_long (argc, argv,
+ #ifdef USE_SHA_CRYPT
+-	                         "c:ehms:",
++	                         "c:ehmSs:",
+ #else
+-	                         "c:ehm",
++	                         "c:ehmS",
+ #endif
+ 	                         long_options, &option_index)) != -1) {
+ 		switch (c) {
+@@ -140,6 +144,9 @@
+ 		case 'm':
+ 			md5flg = 1;
+ 			break;
++		case 'S':
++			use_stdout = 1;
++			break;
+ #ifdef USE_SHA_CRYPT
+ 		case 's':
+ 			sflg = 1;
+@@ -215,6 +222,7 @@
+  */
+ static void check_perms (void)
+ {
++	if (use_stdout) return;
+ #ifdef USE_PAM
+ 	int retval = PAM_SUCCESS;
+ 
+@@ -333,11 +341,13 @@
+ 
+ 	process_flags (argc, argv);
+ 
++	if (!use_stdout) {
+ 	check_perms ();
+ 
+ 	is_shadow_pwd = spw_file_present ();
+ 
+ 	open_files ();
++	}
+ 
+ 	/*
+ 	 * Read each line, separating the user name from the password. The
+@@ -398,6 +408,11 @@
+ 			                 crypt_make_salt(crypt_method, arg));
+ 		}
+ 
++		if (use_stdout) {
++			fprintf (stdout, "%s:%s\n", name, cp);
++			continue;
++		}
++
+ 		/*
+ 		 * Get the password file entry for this user. The user must
+ 		 * already exist.
+@@ -468,6 +483,7 @@
+ 		exit (1);
+ 	}
+ 
++	if (!use_stdout) {
+ 	close_files ();
+ 
+ 	nscd_flush_cache ("passwd");
+@@ -475,6 +491,7 @@
+ #ifdef USE_PAM
+ 	pam_end (pamh, PAM_SUCCESS);
+ #endif				/* USE_PAM */
++	}
+ 
+ 	return (0);
+ }
+Index: shadow-4.1.1/man/chpasswd.8.xml
+===================================================================
+--- shadow-4.1.1.orig/man/chpasswd.8.xml	2008-10-29 11:22:39.000000000 -0700
++++ shadow-4.1.1/man/chpasswd.8.xml	2008-10-29 11:23:27.000000000 -0700
+@@ -79,6 +79,12 @@
+ 	</listitem>
+       </varlistentry>
+       <varlistentry>
++	<term><option>-S</option>, <option>--stdout</option></term>
++	<listitem>
++	  <para>Report encrypted passwords to stdout instead of updating password file.</para>
++	</listitem>
++      </varlistentry>
++      <varlistentry>
+ 	<term><option>-h</option>, <option>--help</option></term>
+ 	<listitem>
+ 	  <para>Display help message and exit.</para>
diff -pruN 1:4.1.1-5ubuntu1/debian/patches/series 1:4.1.1-5ubuntu2/debian/patches/series
--- 1:4.1.1-5ubuntu1/debian/patches/series	2008-11-14 04:21:06.000000000 +0000
+++ 1:4.1.1-5ubuntu2/debian/patches/series	2008-11-14 04:21:05.000000000 +0000
@@ -34,3 +34,4 @@
 200_Czech_binary_translation
 494_passwd_lock-no_account_lock
 302_remove_non_translated_polish_manpages
+495_stdout-encrypted-password
diff -pruN 1:4.1.1-5ubuntu1/debian/rules 1:4.1.1-5ubuntu2/debian/rules
--- 1:4.1.1-5ubuntu1/debian/rules	2008-11-14 04:21:06.000000000 +0000
+++ 1:4.1.1-5ubuntu2/debian/rules	2008-11-14 04:21:05.000000000 +0000
@@ -21,6 +21,7 @@ include /usr/share/cdbs/1/class/autotool
 DEB_AUTO_UPDATE_ACLOCAL  = 1.9
 DEB_AUTO_UPDATE_AUTOCONF = 1.9
 DEB_AUTO_UPDATE_AUTOMAKE = 1.9
+DEB_AUTO_UPDATE_LIBTOOL = pre
 
 # Adds extra options when calling the configure script:
 DEB_CONFIGURE_EXTRA_FLAGS := --disable-shared --without-libcrack --without-audit --mandir=/usr/share/man --with-libpam --enable-shadowgrp --enable-man


More information about the Pkg-shadow-devel mailing list