Accepting request 128221 from security

- update to 1.7.9: + Added optional parallelization of the MD5-based crypt(3) code with OpenMP. + Added optional parallelization of the bitslice DES code with OpenMP. + Replaced the bitslice DES key setup algorithm with a faster one, which significantly improves performance at LM hashes, as well as at DES-based crypt(3) hashes when there's just one salt (or very few salts). + Optimized the DES S-box x86-64 (16-register SSE2) assembly code. + Added support for 10-character DES-based tripcodes (not optimized yet). + Added support for the "$2y$" prefix of bcrypt hashes. + Added two more hash table sizes (16M and 128M entries) for faster processing of very large numbers of hashes per salt (over 1M). + Added two pre-defined external mode variables: "abort" and "status", which let an external mode request the current cracking session to be aborted or the status line to be displayed, respectively. + Made some minor optimizations to external mode function calls and virtual machine implementation. + The "--make-charset" option now uses floating-point rather than 64-bit integer operations, which allows for larger CHARSET_* settings in params.h. + Added runtime detection of Intel AVX and AMD XOP instruction set extensions, with optional fallback to an alternate program binary. + Added relbench, a Perl script to compare two "john --test" benchmark runs, such as for different machines, "make" targets, C compilers, optimization options, or/and versions of John the Ripper. + Additional public lists of "top N passwords" have been merged into the bundled common passwords list, and some insufficiently common passwords were removed from the list. + Many minor enhancements and a few bug fixes were made. - updated jumbo patch to 1.7.9-jumbo-6 - specfile cleanup (using spec-cleaner) OBS-URL: https://build.opensuse.org/request/show/128221 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/john?expand=0&rev=18
2012-07-18 15:22:47 +00:00 · 2012-07-18 15:22:47 +00:00 · f76b3d66a2
commit f76b3d66a2
parent 2d55043b63 cd12b16567
10 changed files with 92 additions and 59 deletions
--- a/john-1.7.8-jumbo-2.tar.bz2
+++ b/john-1.7.8-jumbo-2.tar.bz2
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:e99c9ee861f7500bfc708c7b7a508da7336f621eedf1301a86ce0d2f5c4ca706
 size 1026712
--- a/john-1.7.8-jumbo-2.tar.bz2.sign
+++ b/john-1.7.8-jumbo-2.tar.bz2.sign
@ -1,10 +0,0 @@
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.10 (GNU/Linux)
 Comment: http://www.openwall.com/signatures/
 iQCVAwUATg+zyXK5fbEpUCnxAQLpwgP/WrKg2XvgG/gUydhBaBm0JMWy8xmuNvu4
 E1TdRf3bZnt4BEh5kWfBNRQ2CYBBTUNGiuXFJ9UbT7ul3saop26zg3852OfyJj36
 XAlOojW+DQnR5C2k+cGp8FCs9fP3a2u+sA8mgOYPQD9RkPas1t0mYlWFRMDEV5iC
 gmlHZctmtXo=
 =IDug
 -----END PGP SIGNATURE-----
--- a/john-1.7.8.tar.bz2
+++ b/john-1.7.8.tar.bz2
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:54388422b5eb048da8d5363082e62aa012f4f29a5a14feab67f84d650d0bc5e9
 size 695897
--- a/john-1.7.8.tar.bz2.sign
+++ b/john-1.7.8.tar.bz2.sign
@ -1,10 +0,0 @@
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.10 (GNU/Linux)
 Comment: http://www.openwall.com/signatures/
 iQCVAwUATgICWXK5fbEpUCnxAQIhCgQAqrfc600ljWZJOrLXnQAHIS4z97NY8AWk
 j1fmq19h2pzCzaO+LMsgB/trS89IKXlMpyGtKszJl41IfRx/oFCJRIKeKGJA5TVO
 vk1MGx7H647MRqpLu6JftLP2nG/tyLD6n9hBl9cSsvK0bGP536QT+YBzhYZyo8w9
 /5U/gZhbkaU=
 =8CMt
 -----END PGP SIGNATURE-----
--- a/john-1.7.9-jumbo-6.tar.bz2
+++ b/john-1.7.9-jumbo-6.tar.bz2
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:36bdd71421d0c794277ca8008889cce848a12b6f27d69d7e8d1e12f90daa096e
 size 1600920
--- a/john-1.7.9-jumbo-6.tar.bz2.sign
+++ b/john-1.7.9-jumbo-6.tar.bz2.sign
@ -0,0 +1,10 @@
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.10 (GNU/Linux)
 Comment: http://www.openwall.com/signatures/
 iQCVAwUAT+0U0nK5fbEpUCnxAQL/TAQAsExaih1mmoohOmcYwAZav5A9uYeELsP1
 Zau3J8QScf22lMWoephOqsHUWqML9Fy3Ic/GTcLM+4dPvYwggi59/QArcfvIuKkX
 kW4aO5uObzkqBdil8vXGtVi1K4xxXHQgORTzc7Q1Bwu4y7Pj30sW4WKr99Snqnsu
 NUiaxqPTrK4=
 =znb7
 -----END PGP SIGNATURE-----
--- a/john-1.7.9.tar.bz2
+++ b/john-1.7.9.tar.bz2
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:1d40083e37a7bc1ba1177651cbb27898dcf2a812b8ccf1430db0c372ac6dc199
 size 717505
--- a/john-1.7.9.tar.bz2.sign
+++ b/john-1.7.9.tar.bz2.sign
@ -0,0 +1,10 @@
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.10 (GNU/Linux)
 Comment: http://www.openwall.com/signatures/
 iQCVAwUATszbSHK5fbEpUCnxAQL82gP9FIpG9doN7BHXG118pmH5jCeGBKtHr67h
 R4jCNFU5obOd2bzXuFkoGCjCjzHlSGZcqRtlhLLtaheGfH7IYfUoDsqnSlYhVolL
 VPiPL+j/8KcmOWeqjURM/4xKEgDKoVoNg8C6x9lhaTtDvK3o/poGTavVCpNtvhQc
 FNV+H5b0QKE=
 =hDv+
 -----END PGP SIGNATURE-----
--- a/john.changes
+++ b/john.changes
@ -1,3 +1,36 @@
 -------------------------------------------------------------------
 Fri Jul 13 06:07:17 UTC 2012 - lars@linux-schulserver.de
 - update to 1.7.9:
  + Added optional parallelization of the MD5-based crypt(3) code with OpenMP.
  + Added optional parallelization of the bitslice DES code with OpenMP.
  + Replaced the bitslice DES key setup algorithm with a faster one, which
    significantly improves performance at LM hashes, as well as at DES-based
    crypt(3) hashes when there's just one salt (or very few salts).
  + Optimized the DES S-box x86-64 (16-register SSE2) assembly code.
  + Added support for 10-character DES-based tripcodes (not optimized yet).
  + Added support for the "$2y$" prefix of bcrypt hashes.
  + Added two more hash table sizes (16M and 128M entries) for faster processing
    of very large numbers of hashes per salt (over 1M).
  + Added two pre-defined external mode variables: "abort" and "status", which
    let an external mode request the current cracking session to be aborted or the
    status line to be displayed, respectively.
  + Made some minor optimizations to external mode function calls and virtual
    machine implementation.
  + The "--make-charset" option now uses floating-point rather than 64-bit
    integer operations, which allows for larger CHARSET_* settings in params.h.
  + Added runtime detection of Intel AVX and AMD XOP instruction set extensions,
    with optional fallback to an alternate program binary.
  + Added relbench, a Perl script to compare two "john --test" benchmark runs,
    such as for different machines, "make" targets, C compilers, optimization
    options, or/and versions of John the Ripper.
  + Additional public lists of "top N passwords" have been merged into the
    bundled common passwords list, and some insufficiently common passwords were
    removed from the list.
  + Many minor enhancements and a few bug fixes were made.
 - updated jumbo patch to 1.7.9-jumbo-6
 - specfile cleanup (using spec-cleaner)
 -------------------------------------------------------------------
 Fri Sep 30 09:40:39 UTC 2011 - joop.boonen@boonen.org
--- a/john.spec
+++ b/john.spec
@ -1,7 +1,7 @@
 #
 # spec file for package john
 #
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -15,26 +15,26 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 # norootforbuild
 Name:           john
-Url:            http://www.openwall.com/john/
+Version:        1.7.9
 Release:        0
 Summary:        Detects Weak Passwords
 License:        GPL-2.0+
 Group:          Productivity/Security
-Version:        1.7.8
+Url:            http://www.openwall.com/john/
 Release:        1
 Summary:        Detects Weak Passwords
 Source:         %{name}-%{version}.tar.bz2
 Source1:        %{name}-%{version}.tar.bz2.sign
 Source2:        %{name}.8.gz
 Source3:        %{name}-rpmlintrc
-Source4:        %{name}-%{version}-jumbo-2.tar.bz2
+Source4:        %{name}-%{version}-jumbo-6.tar.bz2
 Source5:        %{name}-%{version}-jumbo-6.tar.bz2.sign
 BuildRequires:  openssl-devel
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %define         johndir /var/lib/john
-%define cflags CFLAGS="-c $RPM_OPT_FLAGS -DJOHN_SYSTEMWIDE=1 -finline-limit=2000 --param inline-unit-growth=2000" LDFLAGS="-lcrypto"
+%define cflags CFLAGS="-c %{optflags} -DJOHN_SYSTEMWIDE=1 -finline-limit=2000 --param inline-unit-growth=2000" LDFLAGS="-lcrypto"
 %ifarch x86_64
-%define cflags CFLAGS="-c $RPM_OPT_FLAGS -DJOHN_SYSTEMWIDE=1" LDFLAGS="-lcrypto"
+%define cflags CFLAGS="-c %{optflags} -DJOHN_SYSTEMWIDE=1" LDFLAGS="-lcrypto"
 %endif
 %description
@ -42,21 +42,15 @@ John the Ripper is a fast password cracker (password security auditing
 tool). Its primary purpose is to detect weak Unix passwords, but a
 number of other hash types are supported as well.
 Authors:
 --------
    Solar Designer <solar@false.com>
 %prep
-%setup -q -n %{name}-%{version}
+%setup -q
 # apply the jumbo patch
 gzip -dc %{SOURCE4} | patch -p1
 # adapt the configs
 perl -pi -e "s#Wordlist = (.*)#Wordlist = %{johndir}/password.lst#g" $RPM_BUILD_DIR/%{name}-%{version}/run/john.conf
 perl -pi -e 's#^(\#define JOHN_SYSTEMWIDE_EXEC)\s.+$#$1\t\"%{johndir}\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h
-perl -pi -e 's#^(\#define CFG_FULL_NAME)\s.+$#$1\t\"%_sysconfdir/john.conf\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h
+perl -pi -e 's#^(\#define CFG_FULL_NAME)\s.+$#$1\t\"%{_sysconfdir}/john.conf\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h
-perl -pi -e 's#^(\#define CFG_ALT_NAME)\s.+$#$1\t\"%_sysconfdir/john.conf\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h
+perl -pi -e 's#^(\#define CFG_ALT_NAME)\s.+$#$1\t\"%{_sysconfdir}/john.conf\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h
 perl -pi -e 's#^(\#define WORDLIST_NAME)\s.+$#$1\t\"%{johndir}/password.lst\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h
 perl -pi -e 's#^(\#define LOG_NAME)\s.+$#$1\t\"/var/log/john.log\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h
 perl -pi -e 's#^(\#define JOHN_SYSTEMWIDE_HOME)\s.+$#$1\t\"%{johndir}\"#g' $RPM_BUILD_DIR/%{name}-%{version}/src/params.h
@ -107,27 +101,33 @@ make check
 popd
 %install
-mkdir -p %buildroot{%_bindir,%johndir,%_sysconfdir,%_mandir/man8}
+mkdir -p %{buildroot}{%{_bindir},%johndir,%{_sysconfdir},%{_mandir}/man8}
-install -m 755 run/john %buildroot%_bindir/
+install -m 755 run/john %{buildroot}%{_bindir}/
-cp -r run/un* %buildroot%_bindir/
+cp -r run/un* %{buildroot}%{_bindir}/
-install -m 644 -p run/{password.lst,*.chr} %buildroot%johndir/
+install -m755 run/relbench %{buildroot}%{_bindir}/
-install -m 644 -p run/john.conf %buildroot%_sysconfdir/
+install -m 644 -p run/{password.lst,*.chr} %{buildroot}%johndir/
-install -m 755 -p run/mailer %buildroot%_bindir/
+install -m 644 -p run/john.conf %{buildroot}%{_sysconfdir}/
-install -m 644 -p %{SOURCE2} %buildroot%_mandir/man8/
+install -m 755 -p run/mailer %{buildroot}%{_bindir}/
 install -m 644 -p %{SOURCE2} %{buildroot}%{_mandir}/man8/
 # handle documentation - makes rpmlint happy
 mkdir -p %{buildroot}%{_defaultdocdir}/%{name}
 cp doc/* %{buildroot}%{_defaultdocdir}/%{name}/
 rm %{buildroot}%{_defaultdocdir}/%{name}/INSTALL
 %clean
-rm -rf $RPM_BUILD_ROOT
+rm -rf %{buildroot}
 %files
 %defattr(-,root,root)
-%doc doc/*
+%doc %{_defaultdocdir}/%{name}/
 %doc %{_mandir}/man8/john.8.gz
-%_bindir/un*
+%{_bindir}/un*
 %{_bindir}/relbench
 %dir %{johndir}
-%attr(750,root,wheel) %_bindir/john
+%attr(750,root,wheel) %{_bindir}/john
-%_bindir/mailer
+%{_bindir}/mailer
 %attr(644,root,root) %johndir/password.lst
 %attr(644,root,root) %johndir/*.chr
-%config (noreplace) %_sysconfdir/john.conf
+%config (noreplace) %{_sysconfdir}/john.conf
 %changelog