From 0da47a56bd8432d2657b188621398c5a7ef85f84 Mon Sep 17 00:00:00 2001 From: zhengruoqin Date: Tue, 28 Dec 2021 07:17:49 +0800 Subject: shadow: upgrade 4.9 -> 4.10 0001-Fix-out-of-tree-builds-with-respect-to-libsubid-incl.patch 0001-libmisc-fix-default-value-in-SHA_get_salt_rounds.patch 0001-libsubid-link-to-PAM-libraries.patch removed since they're included in 4.10 License-Update: Delete the space at the end of the sentence. Changelog: ========== * libsubid fixes * Rename the test program list_subid_ranges to getsubids, write a manpage, so distros can ship it. (Iker Pedrosa) * Add libeconf dep for new*idmap * Allow all group types with usermod -G * Avoid useradd generating empty subid range * Handle NULL pw_passwd * Fix default value SHA_get_salt_rounds * Use https where possible in README * Update content and format of README * Translation updates * Switch from xml2po to itstool in 'make dist' * Fix double frees * Add LOG_INIT configurable to useradd * Add CREATE_MAIL_SPOOL documentation * Create a security.md * Fix su never being SIGKILLd when trapping TERM * Fix wrong SELinux labels in several possible cases * Fix missing chmod in chadowtb_move * Handle malformed hushlogins entries * Fix groupdel segv when passwd does not exist * Fix covscan-found newgrp segfault * Remove trailing slash on hoedir * Fix passwd -l message - it does not change expirey * Fix SIGCHLD handling bugs in su and vipw * Remove special case for "" in usermod * Implement usermod -rG to remove a specific group * call pam_end() after fork in child path for su and login * useradd: In absence of /etc/passwd, assume 0 == root * lib: check NULL before freeing data * Fix pwck segfault (From OE-Core rev: b7215993cf00f668d7e33b7fbc98fb4d8636edac) Signed-off-by: Zheng Ruoqin Signed-off-by: Richard Purdie --- ...-fix-default-value-in-SHA_get_salt_rounds.patch | 64 ---------------------- 1 file changed, 64 deletions(-) delete mode 100644 meta/recipes-extended/shadow/files/0001-libmisc-fix-default-value-in-SHA_get_salt_rounds.patch (limited to 'meta/recipes-extended/shadow/files/0001-libmisc-fix-default-value-in-SHA_get_salt_rounds.patch') diff --git a/meta/recipes-extended/shadow/files/0001-libmisc-fix-default-value-in-SHA_get_salt_rounds.patch b/meta/recipes-extended/shadow/files/0001-libmisc-fix-default-value-in-SHA_get_salt_rounds.patch deleted file mode 100644 index 2c9b1d06cd..0000000000 --- a/meta/recipes-extended/shadow/files/0001-libmisc-fix-default-value-in-SHA_get_salt_rounds.patch +++ /dev/null @@ -1,64 +0,0 @@ -From 234e8fa7b134d1ebabfdad980a3ae5b63c046c62 Mon Sep 17 00:00:00 2001 -From: Mike Gilbert -Date: Sat, 14 Aug 2021 13:24:34 -0400 -Subject: [PATCH] libmisc: fix default value in SHA_get_salt_rounds() - -If SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS are both unspecified, -use SHA_ROUNDS_DEFAULT. - -Previously, the code fell through, calling shadow_random(-1, -1). This -ultimately set rounds = (unsigned long) -1, which ends up being a very -large number! This then got capped to SHA_ROUNDS_MAX later in the -function. - -The new behavior matches BCRYPT_get_salt_rounds(). - -Bug: https://bugs.gentoo.org/808195 -Fixes: https://github.com/shadow-maint/shadow/issues/393 - -Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/234e8fa7b134d1ebabfdad980a3ae5b63c046c62] - -Signed-off-by: Mingli Yu ---- - libmisc/salt.c | 21 +++++++++++---------- - 1 file changed, 11 insertions(+), 10 deletions(-) - -diff --git a/libmisc/salt.c b/libmisc/salt.c -index 91d528fd..30eefb9c 100644 ---- a/libmisc/salt.c -+++ b/libmisc/salt.c -@@ -223,20 +223,21 @@ static /*@observer@*/const unsigned long SHA_get_salt_rounds (/*@null@*/int *pre - if ((-1 == min_rounds) && (-1 == max_rounds)) { - rounds = SHA_ROUNDS_DEFAULT; - } -+ else { -+ if (-1 == min_rounds) { -+ min_rounds = max_rounds; -+ } - -- if (-1 == min_rounds) { -- min_rounds = max_rounds; -- } -+ if (-1 == max_rounds) { -+ max_rounds = min_rounds; -+ } - -- if (-1 == max_rounds) { -- max_rounds = min_rounds; -- } -+ if (min_rounds > max_rounds) { -+ max_rounds = min_rounds; -+ } - -- if (min_rounds > max_rounds) { -- max_rounds = min_rounds; -+ rounds = (unsigned long) shadow_random (min_rounds, max_rounds); - } -- -- rounds = (unsigned long) shadow_random (min_rounds, max_rounds); - } else if (0 == *prefered_rounds) { - rounds = SHA_ROUNDS_DEFAULT; - } else { --- -2.17.1 - -- cgit v1.2.3-54-g00ecf