From 5715d8a22aa61368b4349afcc6d85f2d9cd6c0a7c7201b9a7bb6016c91759bbc Mon Sep 17 00:00:00 2001 From: Lars Vogdt Date: Sat, 15 Jun 2019 14:56:35 +0000 Subject: [PATCH 1/6] Accepting request 708923 from home:Simmphonie - spec-file changes + add jumbo scripts and remove "env" from shebang + remove patches. In upstream already + use configure to find dependenices and CPU architecture + openCL support + multicore support with fork option + require CPU with AVX support at least + root rights are no longer required - update to 1.9.0 + Increased the interleaving for bcrypt on x86-64 from 2x to 3x for a major speedup on CPUs without SMT. Unfortunately, this sometimes results in a minor performance regression when running multiple threads on CPUs with SMT. + Recognize the $2b$ bcrypt prefix. + In the generic crypt(3) format, detect descrypt with valid vs. invalid salts as separate id's for our heuristics on supported hash types. + Introduced a number of optimizations for faster handling of large password hash files, including loading, cracking, and "--show". Some of these use more memory than before, yet in a more efficient manner. + Benchmark using all-different candidate passwords of length 7 by default. + Dropped undocumented special handling of "Mc" in 'c' and 'C' rule commands. + Dropped undocumented limitation of the 'M' and 'Q' rule commands where they would sometimes memorize/check only up to the current hash type's length limit yet this optimization wouldn't necessarily be transparent (e.g., if a later command would extract a substring from above the hash type's length limit and bring it to within the limit). + Implemented special-case handling of repeated rule commands '$', '^', '[', ']', '{', and '}', as well as faster handling of the 'D' command. + When built with "--fork" support, disallow session names with all-digit suffixes since these clash with those produced by "--fork". + Forward SIGTERM to --fork'ed children. + Set stdout to line buffered (rather than potentially fully buffered), except for "--stdout", "--show", and auxiliary programs such as "unshadow". + On Windows, restore normal processing of Ctrl-C in case our parent (such as Johnny the GUI) had disabled it. + Added linux-x86*-avx512 and linux-x86*-avx2 make targets, which use respectively AVX-512 and AVX2 for bitslice DES. + Added linux-mic make target for Intel MIC (first generation Xeon Phi, aka Knights Corner), which uses its 512-bit SIMD intrinsics for bitslice DES. (For second generation Xeon Phi, aka Knights Landing, use linux-x86-64-avx512.) + Added linux-arm64le, linux-arm32le-neon, and linux-arm32le make targets. (The first two of these make use of ASIMD or NEON for bitslice DES.) + Added linux-sparc64 make target. + Made a minor optimization to MMX and SSE2 assembly code for LM hash. + Dropped Ultrix and SCO support. + Don't probe for alternate config file names (like john.ini when on Unix). + "DokuWiki" external mode sample has been added to the default john.conf. + Fixed operator precedence in the external mode compiler to be the same as C. + Fixed an out of bounds write bug in the external mode virtual machine. + Fixed a bug introduced in version 1.7.4 in the wordlist rules engine, where some sequences of rule commands could overflow a word buffer. + Fixed a bug where unaligned access SSE/AVX instructions would unnecessarily be generated by GCC 4.6+ in the bitslice DES code in non-OpenMP builds. + Fixed a bug where "Warning: no OpenMP support for this hash type" could be printed in "--stdout" mode. + Made assorted other bugfixes, portability and documentation enhancements. - version 1.7.9.8 + Revised the incremental mode to let the current character counts grow for each character position independently, with the aim to improve efficiency in terms of successful guesses per candidate passwords tested. + Revised the pre-defined incremental modes, as well as external mode filters that are used to generate .chr files. + Added makechr, a script to (re-)generate .chr files. + Enhanced the status reporting to include four distinct speed metrics (g/s, p/s, c/s, and C/s). + Added the "--fork=N" and "--node=MIN[-MAX]/TOTAL" options for trivial parallel and distributed processing. + In the external mode compiler, treat character literals as unsigned. + Renamed many of the formats. + Updated the documentation. + Relaxed the license for many source files to cut-down BSD. + Relaxed the license for John the Ripper as a whole from GPLv2 (exact version) to GPLv2 or newer with optional OpenSSL and unRAR exceptions. + Assorted other changes have been made. OBS-URL: https://build.opensuse.org/request/show/708923 OBS-URL: https://build.opensuse.org/package/show/security/john?expand=0&rev=55 --- john-1.7.9-jumbo-7.tar.bz2 | 3 - john-1.7.9-jumbo-7.tar.bz2.sign | 10 -- ...-powerpc_BE_need_rhash_u32_swap_copy.patch | 27 ---- john-1.8.0.tar.xz | 3 - john-1.8.0.tar.xz.sign | 10 -- john-1.9.0-jumbo-1.tar.xz | 3 + john-1.9.0-jumbo-1.tar.xz.sign | 16 ++ john-1.9.0.tar.xz | 3 + john-1.9.0.tar.xz.sign | 16 ++ john-rpmlintrc | 4 +- john.changes | 79 +++++++++ john.spec | 152 ++++++++---------- ppc64le.patch | 16 -- reproducible.patch | 13 -- 14 files changed, 185 insertions(+), 170 deletions(-) delete mode 100644 john-1.7.9-jumbo-7.tar.bz2 delete mode 100644 john-1.7.9-jumbo-7.tar.bz2.sign delete mode 100644 john-1.7.9-powerpc_BE_need_rhash_u32_swap_copy.patch delete mode 100644 john-1.8.0.tar.xz delete mode 100644 john-1.8.0.tar.xz.sign create mode 100644 john-1.9.0-jumbo-1.tar.xz create mode 100644 john-1.9.0-jumbo-1.tar.xz.sign create mode 100644 john-1.9.0.tar.xz create mode 100644 john-1.9.0.tar.xz.sign delete mode 100644 ppc64le.patch delete mode 100644 reproducible.patch diff --git a/john-1.7.9-jumbo-7.tar.bz2 b/john-1.7.9-jumbo-7.tar.bz2 deleted file mode 100644 index 31953b8..0000000 --- a/john-1.7.9-jumbo-7.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:fa7e5a1a31e61d516a97318fac27758ca40b1a626f4dbf353ecece8a41f54d32 -size 1595514 diff --git a/john-1.7.9-jumbo-7.tar.bz2.sign b/john-1.7.9-jumbo-7.tar.bz2.sign deleted file mode 100644 index 9d2719a..0000000 --- a/john-1.7.9-jumbo-7.tar.bz2.sign +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.10 (GNU/Linux) -Comment: http://www.openwall.com/signatures/ - -iQCVAwUAUFs5Y3K5fbEpUCnxAQLmvwP8CN8NBfzF+8cMVfFb0i630IuHiijE7NAZ -RAbvL1Vyn9uBfuZJ+tKIpsvxwUqeopOygKZip1imQdxKbwKduziLf9qE76ufT+BN -h8ZRMDmhgJ/0aFk/gb5a3kkgyD/eHI9q9h+KB4yYXwxPqF0tEq1aSLZOLAMqMqzn -xF8aXLEir/A= -=DE4E ------END PGP SIGNATURE----- diff --git a/john-1.7.9-powerpc_BE_need_rhash_u32_swap_copy.patch b/john-1.7.9-powerpc_BE_need_rhash_u32_swap_copy.patch deleted file mode 100644 index 75ecdf6..0000000 --- a/john-1.7.9-powerpc_BE_need_rhash_u32_swap_copy.patch +++ /dev/null @@ -1,27 +0,0 @@ -From: Michel Normand -Subject: john-1.7.9-powerpc BE need rhash u32 swap copy -Date: Mon, 15 Feb 2016 17:56:13 +0100 - -rhash_u32_swap_copy needs to be defined for CPU_BIG_ENDIAN -patch required when 1.7.9 jumbo patch is applied -as suggested in uptream ML -http://www.openwall.com/lists/john-dev/2013/02/06/2 - -Signed-off-by: Michel Normand ---- - john-1.7.9-jumbo-7/src/gost_plug.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -Index: john-1.8.0/john-1.7.9-jumbo-7/src/gost_plug.c -=================================================================== ---- john-1.8.0.orig/john-1.7.9-jumbo-7/src/gost_plug.c -+++ john-1.8.0/john-1.7.9-jumbo-7/src/gost_plug.c -@@ -531,7 +531,7 @@ int main() - } - #endif - --#ifndef __GLIBC__ -+#ifdef CPU_BIG_ENDIAN - void rhash_u32_swap_copy(void* to, int index, const void* from, size_t length) { - size_t i; - unsigned int *pO, *pI; diff --git a/john-1.8.0.tar.xz b/john-1.8.0.tar.xz deleted file mode 100644 index 05d3bca..0000000 --- a/john-1.8.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:952cf68369fb5b27f2d112ce7ca1eb16b975c85cbce8c658abb8bc5a20e1b266 -size 4468704 diff --git a/john-1.8.0.tar.xz.sign b/john-1.8.0.tar.xz.sign deleted file mode 100644 index 9323346..0000000 --- a/john-1.8.0.tar.xz.sign +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.13 (GNU/Linux) -Comment: http://www.openwall.com/signatures/ - -iQCVAwUAUabVcHK5fbEpUCnxAQKnHwP+ObhRe4Bv0pUzL8ZFGIRzXxdVnFpQvhLs -luQYjDFwFtc2i7XKkfC80/eLUBfQAnUW1pvmroSdooUi9zx4LIZi/nE2z4035hAD -ZBQZ+gYw8ETS4UhY/SU3/mOQmep5G4xgXBjgtEV1LGCkSiuQSLfPEXk6hiTOaY7X -IXJDXhcyZBk= -=EgdW ------END PGP SIGNATURE----- diff --git a/john-1.9.0-jumbo-1.tar.xz b/john-1.9.0-jumbo-1.tar.xz new file mode 100644 index 0000000..8e65bc0 --- /dev/null +++ b/john-1.9.0-jumbo-1.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f5d123f82983c53d8cc598e174394b074be7a77756f5fb5ed8515918c81e7f3b +size 33638768 diff --git a/john-1.9.0-jumbo-1.tar.xz.sign b/john-1.9.0-jumbo-1.tar.xz.sign new file mode 100644 index 0000000..546a479 --- /dev/null +++ b/john-1.9.0-jumbo-1.tar.xz.sign @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIcBAABAgAGBQJc2vkxAAoJEAXAJ/1L3BNuEb0P/0lN/i9/Ub1V+rva0H9/eo7w +sar0GVYafRUPH/J7j8klMXIyIY0UiiwOdMlkokktC5kAn2OqjuirFaMQgUMulaMm ++gioQUEvn+oDpBEOWF9lrc+OqlVhXkc0xWOAvZ5/suTeAcJN5zNVtWf2q6oWzUmr +tFlWddsXSjfdY5veuSo9KgmialScJjAA04f+bc4A8foXfTZaB3wmEIc6w4aVM9Ut +yhFZCIvODo13L6DmUTf2LFseQdLoWLdS23NtGj/jBdBeGV5JCad0nDcTleU1xZJo +dWsQTuNOOiNDlRzAzu9dXsrXJJ+Z2BX0C1j3QjlWVTBZtGpSacN+LnQFZWXI2KCr +t1zpMtDm4JkcGNxmPG+syzcLBuHsGMoGBIHGRyL3oBFwPb3ulqYjUAeUE6LtkjLh +DHu2RCgsvD2cHG+rvOkVzsuRdpyt1EPfQ2FboxBk++ELNU9mjC9Vk97Zx1TBJVZ3 +If4r0l3zCAU4dQcfStxS/cL7UqbFU65GDXfoiQ2K6aPMnq0FOcRBWKbCZdLKQZ9b +AsQpGs0ZFuebxB3yhgUN0w1G9+lUT+PwRU9bOC8VEqreuwocSSVMMNRMkOt9W/ix +xpXKWKe32tJa8AjnXEWQyNJU4m9ZyVYcca8Dj0BjCJZXYJna+IBGlDK9M7cDOVQS +WNJsF9JLh1o/FA5Ndd0l +=z3gD +-----END PGP SIGNATURE----- diff --git a/john-1.9.0.tar.xz b/john-1.9.0.tar.xz new file mode 100644 index 0000000..8b1c92c --- /dev/null +++ b/john-1.9.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:0b266adcfef8c11eed690187e71494baea539efbd632fe221181063ba09508df +size 8944932 diff --git a/john-1.9.0.tar.xz.sign b/john-1.9.0.tar.xz.sign new file mode 100644 index 0000000..994a525 --- /dev/null +++ b/john-1.9.0.tar.xz.sign @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIcBAABAgAGBQJcsNXEAAoJEAXAJ/1L3BNuPJkQAJzeiz/1MbK2gl3oAJdx22ak +Mf/5cPkZ70oDii9KTCLapecRMcUzxluFmVSEjrQPN/r31ES8a9E28uDzEXS1GbqG +uZcWh5hCWLlt8HIWZzxsZ0lB9QeNIDe4M2YV6og0YpTwdATEw/eiTJVgU3lEPTxE +eNgLU6p1dJG8I6mnmq0+UXB9CcV5TrgP7r+Pqa4LiSM4AOft0HakK+yLIpEDin1t +s61HKOfbK+TsGHAtX82LDvalMk/z5GpRgctXjm/bQfrswqrXgI0TOJMDPGEKDSjO +bNK3Ps75MLXtmOWzflrpm5YzKIBNWzxfcg3W/9yT4w/N1IrDOKS7LFkRHfp/Z/F5 +9FQPIV4zne7dkwiAiME7IT0vJuFW8klVcJSBpYk05Pw2TWgxkIXHo0MAUgJSuqbW +nunHu11YJiTMXj5hD8deaR6lyk8EetAvfv8gRfTamDCecOo8sKBD4+v1Rj5/M2ZQ +xqblXwl6U/7R0IB21i+vX4QQ4SGPGF/mWm27Uva8sMr+arI7rm2MnGkszWJXK8W5 +/70X2VAyZ8dBWOmotqSBy1yVhZ0FWO6S+5VkHLmzhvzG3tJmSG1W5Abbzl0rkUaL +LEswqtOZF7NPWXjk4vscYJrHBGJZtULoUKIm8+wcr+b0Ayxg7EL4ekRv+Jr/uS4h +CDKaPKIg7eoj2jdDcs7Y +=C+ny +-----END PGP SIGNATURE----- diff --git a/john-rpmlintrc b/john-rpmlintrc index 6022fd1..e4a43ee 100644 --- a/john-rpmlintrc +++ b/john-rpmlintrc @@ -1,3 +1,5 @@ # the password.lst contains some shebangs which are often # used as passwords - so the rpmlint warning is a false positive -addFilter("non-executable-script.*/var/lib/john/password.lst") +setBadness('devel-file-in-non-devel-package', 0) +addFilter("devel-file-in-non-devel-package") +addFilter("/usr/share/john/john.local.conf") diff --git a/john.changes b/john.changes index cab9c8c..a14fd5b 100644 --- a/john.changes +++ b/john.changes @@ -1,3 +1,82 @@ +------------------------------------------------------------------- +Thu Jun 6 12:34:28 UTC 2019 - simmphonie@opensuse.org + +- spec-file changes + + add jumbo scripts and remove "env" from shebang + + remove patches. In upstream already + + use configure to find dependenices and CPU architecture + + openCL support + + multicore support with fork option + + require CPU with AVX support at least + + root rights are no longer required + +- update to 1.9.0 + + Increased the interleaving for bcrypt on x86-64 from 2x to 3x for a major + speedup on CPUs without SMT. Unfortunately, this sometimes results in a minor + performance regression when running multiple threads on CPUs with SMT. + + Recognize the $2b$ bcrypt prefix. + + In the generic crypt(3) format, detect descrypt with valid vs. invalid salts + as separate id's for our heuristics on supported hash types. + + Introduced a number of optimizations for faster handling of large password + hash files, including loading, cracking, and "--show". Some of these use more + memory than before, yet in a more efficient manner. + + Benchmark using all-different candidate passwords of length 7 by default. + + Dropped undocumented special handling of "Mc" in 'c' and 'C' rule commands. + + Dropped undocumented limitation of the 'M' and 'Q' rule commands where they + would sometimes memorize/check only up to the current hash type's length limit + yet this optimization wouldn't necessarily be transparent (e.g., if a later + command would extract a substring from above the hash type's length limit and + bring it to within the limit). + + Implemented special-case handling of repeated rule commands '$', '^', '[', + ']', '{', and '}', as well as faster handling of the 'D' command. + + When built with "--fork" support, disallow session names with all-digit + suffixes since these clash with those produced by "--fork". + + Forward SIGTERM to --fork'ed children. + + Set stdout to line buffered (rather than potentially fully buffered), except + for "--stdout", "--show", and auxiliary programs such as "unshadow". + + On Windows, restore normal processing of Ctrl-C in case our parent (such as + Johnny the GUI) had disabled it. + + Added linux-x86*-avx512 and linux-x86*-avx2 make targets, which use + respectively AVX-512 and AVX2 for bitslice DES. + + Added linux-mic make target for Intel MIC (first generation Xeon Phi, aka + Knights Corner), which uses its 512-bit SIMD intrinsics for bitslice DES. + (For second generation Xeon Phi, aka Knights Landing, use linux-x86-64-avx512.) + + Added linux-arm64le, linux-arm32le-neon, and linux-arm32le make targets. + (The first two of these make use of ASIMD or NEON for bitslice DES.) + + Added linux-sparc64 make target. + + Made a minor optimization to MMX and SSE2 assembly code for LM hash. + + Dropped Ultrix and SCO support. + + Don't probe for alternate config file names (like john.ini when on Unix). + + "DokuWiki" external mode sample has been added to the default john.conf. + + Fixed operator precedence in the external mode compiler to be the same as C. + + Fixed an out of bounds write bug in the external mode virtual machine. + + Fixed a bug introduced in version 1.7.4 in the wordlist rules engine, where + some sequences of rule commands could overflow a word buffer. + + Fixed a bug where unaligned access SSE/AVX instructions would unnecessarily + be generated by GCC 4.6+ in the bitslice DES code in non-OpenMP builds. + + Fixed a bug where "Warning: no OpenMP support for this hash type" could be + printed in "--stdout" mode. + + Made assorted other bugfixes, portability and documentation enhancements. + +- version 1.7.9.8 + + Revised the incremental mode to let the current character counts grow for + each character position independently, with the aim to improve efficiency in + terms of successful guesses per candidate passwords tested. + + Revised the pre-defined incremental modes, as well as external mode filters + that are used to generate .chr files. + + Added makechr, a script to (re-)generate .chr files. + + Enhanced the status reporting to include four distinct speed metrics (g/s, + p/s, c/s, and C/s). + + Added the "--fork=N" and "--node=MIN[-MAX]/TOTAL" options for trivial + parallel and distributed processing. + + In the external mode compiler, treat character literals as unsigned. + + Renamed many of the formats. + + Updated the documentation. + + Relaxed the license for many source files to cut-down BSD. + + Relaxed the license for John the Ripper as a whole from GPLv2 (exact version) + to GPLv2 or newer with optional OpenSSL and unRAR exceptions. + + Assorted other changes have been made. + ------------------------------------------------------------------- Tue Mar 27 11:10:16 UTC 2018 - dimstar@opensuse.org diff --git a/john.spec b/john.spec index dfc3980..b2b43f4 100644 --- a/john.spec +++ b/john.spec @@ -1,7 +1,7 @@ # # spec file for package john # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,41 +12,37 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # +%define johndir %{_datadir}/john +%define jumboversion john-1.9.0-jumbo-1 Name: john -Version: 1.8.0 +Version: 1.9.0 Release: 0 Summary: Detects Weak Passwords -License: GPL-2.0+ +License: GPL-2.0-or-later Group: Productivity/Security -Url: http://www.openwall.com/john/ +URL: http://www.openwall.com/john/ Source: http://www.openwall.com/john/j/%{name}-%{version}.tar.xz Source1: http://www.openwall.com/john/j/%{name}-%{version}.tar.xz.sign Source2: %{name}.8.gz Source3: %{name}-rpmlintrc Source6: mailer.8 Source7: relbench.8 -%define jumboversion john-1.7.9-jumbo-7 -Source8: %{jumboversion}.tar.bz2 -Source9: %{jumboversion}.tar.bz2.sign -Patch0: john-1.7.9-powerpc_BE_need_rhash_u32_swap_copy.patch -Patch1: ppc64le.patch -# PATCH-FIX-UPSTREAM https://github.com/magnumripper/JohnTheRipper/pull/2560 -Patch2: reproducible.patch +Source8: https://www.openwall.com/john/k/%{jumboversion}.tar.xz +Source9: https://www.openwall.com/john/k/%{jumboversion}.tar.xz.sign +BuildRequires: dos2unix +BuildRequires: fdupes +BuildRequires: gmp-devel +BuildRequires: libpcap-devel +BuildRequires: libusb-devel +BuildRequires: opencl-headers +BuildRequires: pkgconfig +BuildRequires: pkgconfig(OpenCL) +BuildRequires: pkgconfig(bzip2) BuildRequires: pkgconfig(openssl) -BuildConflicts: pkgconfig(openssl) >= 1.1 -%if 0%{?suse_version} == 1110 -BuildRequires: xz -%endif -BuildRoot: %{_tmppath}/%{name}-%{version}-build -%define johndir /var/lib/john -%define cflags CFLAGS="-c %{optflags} -DJOHN_SYSTEMWIDE=1 -finline-limit=2000 --param inline-unit-growth=2000" LDFLAGS="-lcrypto" -%ifarch x86_64 -%define cflags CFLAGS="-c %{optflags} -DJOHN_SYSTEMWIDE=1" LDFLAGS="-lcrypto" -%endif %description John the Ripper is a fast password cracker (password security auditing @@ -55,101 +51,83 @@ number of other hash types are supported as well. %prep %setup -q -a8 -%patch0 -p1 -%patch2 -p1 cd %{jumboversion} && cp -a ./* .. cd .. rm -r %{jumboversion} -%patch1 -p1 # adapt the configs perl -pi -e "s#Wordlist = (.*)#Wordlist = %{johndir}/password.lst#g" $RPM_BUILD_DIR/%{name}-%{version}/run/john.conf perl -pi -e 's#^(\#define JOHN_SYSTEMWIDE_EXEC)\s.+$#$1\t\"%{johndir}\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h perl -pi -e 's#^(\#define CFG_FULL_NAME)\s.+$#$1\t\"%{_sysconfdir}/john.conf\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h perl -pi -e 's#^(\#define CFG_ALT_NAME)\s.+$#$1\t\"%{_sysconfdir}/john.conf\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h perl -pi -e 's#^(\#define WORDLIST_NAME)\s.+$#$1\t\"%{johndir}/password.lst\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h -perl -pi -e 's#^(\#define LOG_NAME)\s.+$#$1\t\"/var/log/john.log\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h +perl -pi -e 's#^(\#define LOG_NAME)\s.+$#$1\t\"/var/log/john/john.log\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h perl -pi -e 's#^(\#define JOHN_SYSTEMWIDE_HOME)\s.+$#$1\t\"%{johndir}\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h %build -%ifarch alpha - TARGET=linux-alpha -%endif -%ifarch ia64 - TARGET=linux-ia64 -%endif -%ifarch %ix86 -%ifnarch i386 i486 - TARGET=linux-x86-mmx -%endif -%endif -%ifarch ppc - TARGET=linux-ppc32 -%endif -%ifarch ppc64 ppc64le - TARGET=linux-ppc64 -%endif -%ifarch sparc sparcv9 - TARGET=linux-sparc -%endif -%ifarch sparc64 - TARGET=solaris-sparc64-gcc -%endif -%ifarch x86_64 - TARGET=linux-x86-64 -%endif -%ifarch %arm aarch64 m68k - TARGET=generic -%endif -%ifarch %ix86 -if test -z "$TARGET"; then - TARGET=linux-x86-any -fi -%endif -export TARGET pushd src -make clean $TARGET %{cflags} LDFLAGS='-lcrypto -lm -lz -lssl' -popd - -%check -pushd src -make check +%configure --with-systemwide --disable-openmp --enable-fuzz --enable-experimental-code --enable-pkg-config --disable-native-tests --enable-simd=avx +make -s clean +make %{?_smp_mflags} popd +# fix shebang +sed -i 's|#!/usr/bin/env perl|#!/usr/bin/perl|' run/*.pl +sed -i 's|#! /usr/bin/env perl|#!/usr/bin/perl|' run/*.pl +sed -i 's|#!/usr/bin/env python|#!/usr/bin/python|' run/*.py +sed -i 's|#! /usr/bin/env python|#!/usr/bin/python|' run/*.py +sed -i 's|#!/usr/bin/env perl|#!/usr/bin/perl|' run/relbench %install -mkdir -p %{buildroot}{%{_bindir},%johndir,%{_sysconfdir},%{_mandir}/man8} +mkdir -p %{buildroot}{%{_bindir},%{johndir},%{johndir}/wordlists,%{_sysconfdir},%{_mandir}/man8} +mkdir -p %{buildroot}/var/log/john install -m 755 run/john %{buildroot}%{_bindir}/ -cp -r run/un* %{buildroot}%{_bindir}/ -install -m755 run/relbench %{buildroot}%{_bindir}/ -install -m 644 -p run/{password.lst,*.chr,d*.conf,*local.conf} %{buildroot}%johndir/ -install -m 644 -p run/john.conf %{buildroot}%{_sysconfdir}/ +install -m 755 run/*.py %{buildroot}%{_bindir}/ +install -m 755 run/*.pl %{buildroot}%{_bindir}/ +install -m 755 run/un* %{buildroot}%{_bindir}/ +install -m 755 run/*2john %{buildroot}%{_bindir}/ +install -m 755 run/base64conv %{buildroot}%{_bindir}/ +install -m 755 run/relbench %{buildroot}%{_bindir}/ install -m 755 -p run/mailer %{buildroot}%{_bindir}/ +install -m 644 -p run/{password.lst,*.chr,d*.conf,h*.conf,k*.conf,r*.conf} %{buildroot}%{johndir}/ +install -m 644 -p run/john.conf %{buildroot}%{_sysconfdir}/ +touch %{buildroot}%{johndir}/john.local.conf +mkdir -p %{buildroot}%{_datadir}/john/kernels +cp -r run/kernels/* %{buildroot}%{_datadir}/john/kernels/ +mkdir -p %{buildroot}%{_datadir}/john/rules +cp -r run/rules/* %{buildroot}%{_datadir}/john/rules/ # handle documentation - makes rpmlint happy mkdir -p %{buildroot}%{_defaultdocdir}/%{name} -cp README-jumbo doc/* %{buildroot}%{_defaultdocdir}/%{name}/ +cp README.md %{buildroot}%{_defaultdocdir}/%{name}/ +cp -r doc/* %{buildroot}%{_defaultdocdir}/%{name}/ rm %{buildroot}%{_defaultdocdir}/%{name}/INSTALL +rm %{buildroot}%{_defaultdocdir}/%{name}/README # install man pages install -m 644 -p %{SOURCE2} %{buildroot}%{_mandir}/man8/ install -Dm644 %{SOURCE6} %{buildroot}%{_mandir}/man8/mailer.8 install -Dm644 %{SOURCE7} %{buildroot}%{_mandir}/man8/relbench.8 - -%clean -rm -rf %{buildroot} +dos2unix %{buildroot}%{_defaultdocdir}/%{name}/README.krb5tgs-17-18-23.md +%fdupes %{buildroot} %files %defattr(-,root,root) %doc %{_defaultdocdir}/%{name}/ -%doc %{_mandir}/man8/john.8* -%doc %{_mandir}/man8/mailer.8* -%doc %{_mandir}/man8/relbench.8* -%{_bindir}/un* -%{_bindir}/relbench +%{_mandir}/man8/john.8%{?ext_man} +%{_mandir}/man8/mailer.8%{?ext_man} +%{_mandir}/man8/relbench.8%{?ext_man} +%{_bindir}/* %dir %{johndir} -%attr(750,root,wheel) %{_bindir}/john -%{_bindir}/mailer -%attr(644,root,root) %johndir/password.lst -%attr(644,root,root) %johndir/*.chr -%attr(644,root,root) %johndir/d*.conf -%attr(644,root,root) %johndir/*local.conf +%dir %{johndir}/kernels/ +%{johndir}/kernels/* +%dir %{johndir}/rules/ +%{johndir}/rules/* +%dir %{johndir}/wordlists +%attr(644,root,root) %{johndir}/password.lst +%attr(644,root,root) %{johndir}/*.chr +%attr(644,root,root) %{johndir}/d*.conf +%attr(644,root,root) %{johndir}/h*.conf +%attr(644,root,root) %{johndir}/k*.conf +%attr(644,root,root) %{johndir}/r*.conf %config (noreplace) %{_sysconfdir}/john.conf +%config (noreplace) %{johndir}/john.local.conf +%attr(775,root,users) %dir /var/log/john %changelog diff --git a/ppc64le.patch b/ppc64le.patch deleted file mode 100644 index abe9f49..0000000 --- a/ppc64le.patch +++ /dev/null @@ -1,16 +0,0 @@ -Index: john-1.8.0/src/ppc64.h -=================================================================== ---- john-1.8.0.orig/src/ppc64.h -+++ john-1.8.0/src/ppc64.h -@@ -20,7 +20,11 @@ - #define ARCH_BITS 64 - #define ARCH_BITS_LOG 6 - #define ARCH_BITS_STR "64" -+#if defined(__LITTLE_ENDIAN__) -+#define ARCH_LITTLE_ENDIAN 1 -+#else - #define ARCH_LITTLE_ENDIAN 0 -+#endif - #define ARCH_INT_GT_32 0 - #define ARCH_ALLOWS_UNALIGNED 0 - #define ARCH_INDEX(x) ((unsigned int)(unsigned char)(x)) diff --git a/reproducible.patch b/reproducible.patch deleted file mode 100644 index 87072ec..0000000 --- a/reproducible.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: john-1.8.0/john-1.7.9-jumbo-7/src/Makefile -=================================================================== ---- john-1.8.0.orig/john-1.7.9-jumbo-7/src/Makefile -+++ john-1.8.0/john-1.7.9-jumbo-7/src/Makefile -@@ -72,7 +72,7 @@ OPT_INLINE = -Os -funroll-loops -finline - - # Works with Solaris make, and GNU make - PLUGFORMATS_SRCS: sh =echo *_plug.c --PLUGFORMATS_SRCS += $(wildcard *_plug.c) -+PLUGFORMATS_SRCS += $(sort $(wildcard *_plug.c)) - PLUGFORMATS_OBJS = $(PLUGFORMATS_SRCS:.c=.o) - - JOHN_OBJS = \ From 1b701ee89d42cf255b35bb9a0a14f060a26e9570821cc9a13ac3e41eb69e0fa5 Mon Sep 17 00:00:00 2001 From: Lars Vogdt Date: Sat, 15 Jun 2019 17:02:28 +0000 Subject: [PATCH 2/6] + remove patches. In upstream already: + john-1.7.9-powerpc_BE_need_rhash_u32_swap_copy.patch + ppc64le.patch + reproducible.patch OBS-URL: https://build.opensuse.org/package/show/security/john?expand=0&rev=56 --- john.changes | 5 ++++- john.spec | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/john.changes b/john.changes index a14fd5b..a652848 100644 --- a/john.changes +++ b/john.changes @@ -3,7 +3,10 @@ Thu Jun 6 12:34:28 UTC 2019 - simmphonie@opensuse.org - spec-file changes + add jumbo scripts and remove "env" from shebang - + remove patches. In upstream already + + remove patches. In upstream already: + + john-1.7.9-powerpc_BE_need_rhash_u32_swap_copy.patch + + ppc64le.patch + + reproducible.patch + use configure to find dependenices and CPU architecture + openCL support + multicore support with fork option diff --git a/john.spec b/john.spec index b2b43f4..161d299 100644 --- a/john.spec +++ b/john.spec @@ -43,6 +43,7 @@ BuildRequires: pkgconfig BuildRequires: pkgconfig(OpenCL) BuildRequires: pkgconfig(bzip2) BuildRequires: pkgconfig(openssl) +BuildRoot: %{_tmppath}/%{name}-%{version}-build %description John the Ripper is a fast password cracker (password security auditing From 0ca600cb81a685b25b3b40765dd367675af0e8b4efbf27bb8d23866ab649bfe8 Mon Sep 17 00:00:00 2001 From: Torsten Gruner Date: Thu, 5 Sep 2019 17:57:13 +0000 Subject: [PATCH 3/6] Accepting request 727678 from home:cgiboudeaux:branches:security - Fix the sources URL. Use https. OBS-URL: https://build.opensuse.org/request/show/727678 OBS-URL: https://build.opensuse.org/package/show/security/john?expand=0&rev=57 --- john.changes | 5 +++++ john.spec | 6 +++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/john.changes b/john.changes index a652848..1fb0e02 100644 --- a/john.changes +++ b/john.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Mon Sep 2 06:23:15 UTC 2019 - Christophe Giboudeaux + +- Fix the sources URL. Use https. + ------------------------------------------------------------------- Thu Jun 6 12:34:28 UTC 2019 - simmphonie@opensuse.org diff --git a/john.spec b/john.spec index 161d299..ea85a49 100644 --- a/john.spec +++ b/john.spec @@ -24,9 +24,9 @@ Release: 0 Summary: Detects Weak Passwords License: GPL-2.0-or-later Group: Productivity/Security -URL: http://www.openwall.com/john/ -Source: http://www.openwall.com/john/j/%{name}-%{version}.tar.xz -Source1: http://www.openwall.com/john/j/%{name}-%{version}.tar.xz.sign +URL: https://www.openwall.com/john/ +Source: https://www.openwall.com/john/k/%{name}-%{version}.tar.xz +Source1: https://www.openwall.com/john/k/%{name}-%{version}.tar.xz.sign Source2: %{name}.8.gz Source3: %{name}-rpmlintrc Source6: mailer.8 From 489631b9c97f1b1a398233c8992dbcc59ecc734a93fd52813681818bcf69f632 Mon Sep 17 00:00:00 2001 From: Torsten Gruner Date: Mon, 9 Sep 2019 20:11:06 +0000 Subject: [PATCH 4/6] Accepting request 729559 from home:Simmphonie remove setBadness from rpmlintrc OBS-URL: https://build.opensuse.org/request/show/729559 OBS-URL: https://build.opensuse.org/package/show/security/john?expand=0&rev=58 --- john-rpmlintrc | 3 --- john.changes | 5 +++++ 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/john-rpmlintrc b/john-rpmlintrc index e4a43ee..39eae54 100644 --- a/john-rpmlintrc +++ b/john-rpmlintrc @@ -1,5 +1,2 @@ -# the password.lst contains some shebangs which are often -# used as passwords - so the rpmlint warning is a false positive -setBadness('devel-file-in-non-devel-package', 0) addFilter("devel-file-in-non-devel-package") addFilter("/usr/share/john/john.local.conf") diff --git a/john.changes b/john.changes index 1fb0e02..684fce8 100644 --- a/john.changes +++ b/john.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Mon Sep 9 19:29:28 UTC 2019 - simmphonie@opensuse.org + +- remove setBadness from rpmlintrc + ------------------------------------------------------------------- Mon Sep 2 06:23:15 UTC 2019 - Christophe Giboudeaux From 2168c9d05f1e3f0801fdacd54298e5b94c08cf824b419ac0aeafc3ffa2a5390a Mon Sep 17 00:00:00 2001 From: Torsten Gruner Date: Tue, 10 Sep 2019 13:29:52 +0000 Subject: [PATCH 5/6] Accepting request 729660 from home:jengelh:branches:security - Use noun phrase in summary. Reword description to avoid unspecific "Unix password". OBS-URL: https://build.opensuse.org/request/show/729660 OBS-URL: https://build.opensuse.org/package/show/security/john?expand=0&rev=59 --- john.changes | 6 ++++++ john.spec | 9 ++++----- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/john.changes b/john.changes index 684fce8..add642c 100644 --- a/john.changes +++ b/john.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Tue Sep 10 06:57:56 UTC 2019 - Jan Engelhardt + +- Use noun phrase in summary. Reword description to avoid + unspecific "Unix password". + ------------------------------------------------------------------- Mon Sep 9 19:29:28 UTC 2019 - simmphonie@opensuse.org diff --git a/john.spec b/john.spec index ea85a49..d933e62 100644 --- a/john.spec +++ b/john.spec @@ -21,7 +21,7 @@ Name: john Version: 1.9.0 Release: 0 -Summary: Detects Weak Passwords +Summary: Utility to detect weak passwords License: GPL-2.0-or-later Group: Productivity/Security URL: https://www.openwall.com/john/ @@ -46,9 +46,9 @@ BuildRequires: pkgconfig(openssl) BuildRoot: %{_tmppath}/%{name}-%{version}-build %description -John the Ripper is a fast password cracker (password security auditing -tool). Its primary purpose is to detect weak Unix passwords, but a -number of other hash types are supported as well. +John the Ripper is a password cracker (password security auditing +tool). Its primary purpose is to detect weak passwords, and a +number of other hash types are supported to that end. %prep %setup -q -a8 @@ -109,7 +109,6 @@ dos2unix %{buildroot}%{_defaultdocdir}/%{name}/README.krb5tgs-17-18-23.md %fdupes %{buildroot} %files -%defattr(-,root,root) %doc %{_defaultdocdir}/%{name}/ %{_mandir}/man8/john.8%{?ext_man} %{_mandir}/man8/mailer.8%{?ext_man} From 05c246e5e16d20b7e1baa48b10a821b4540c3a2faf6c0336f692ee7b2f8ec987 Mon Sep 17 00:00:00 2001 From: Torsten Gruner Date: Tue, 10 Sep 2019 14:39:55 +0000 Subject: [PATCH 6/6] Accepting request 729919 from home:Simmphonie Fixed build for ARM and PPC. CPU with AVX support at least is only available for x86_64 architecture now. OBS-URL: https://build.opensuse.org/request/show/729919 OBS-URL: https://build.opensuse.org/package/show/security/john?expand=0&rev=60 --- john.changes | 6 ++++++ john.spec | 10 +++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/john.changes b/john.changes index add642c..ca57b2c 100644 --- a/john.changes +++ b/john.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Tue Sep 10 13:32:21 UTC 2019 - simmphonie@opensuse.org + +- Fixed build for ARM and PPC. CPU with AVX support at least is + only available for x86_64 architecture now. + ------------------------------------------------------------------- Tue Sep 10 06:57:56 UTC 2019 - Jan Engelhardt diff --git a/john.spec b/john.spec index d933e62..66475fd 100644 --- a/john.spec +++ b/john.spec @@ -66,7 +66,15 @@ perl -pi -e 's#^(\#define JOHN_SYSTEMWIDE_HOME)\s.+$#$1\t\"%{johndir}\"#g' $RPM_ %build pushd src -%configure --with-systemwide --disable-openmp --enable-fuzz --enable-experimental-code --enable-pkg-config --disable-native-tests --enable-simd=avx +%configure --with-systemwide \ + --disable-openmp \ + --enable-fuzz \ + --enable-experimental-code \ + --enable-pkg-config \ +%ifarch x86_64 + --enable-simd=avx \ +%endif + --disable-native-tests make -s clean make %{?_smp_mflags} popd