Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 31 Aug 2009 21:21:23 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: jumbo patch update: 1.7.3.1-all-6

Hi,

I've just released a minor update of the jumbo patch.  The new file is
john-1.7.3.1-all-6.diff.gz, available from the usual places:

http://www.openwall.com/john/
ftp://ftp.openwall.com/pub/projects/john/contrib/

The only changes are fixes of known bugs in -all-5.  Specifically, the
following was fixed:

The macosx-x86-64 make target (and some rarely used targets that were
affected as well) will no longer fail on building the Markov mode utility
programs.  The issue was that some make targets were updating LDFLAGS
(for good reasons), but they did not similarly update LDFLAGS_MKV.
I dealt with this by dropping LDFLAGS_MKV.  This is not perfect: the
Markov mode utility programs are now unnecessarily getting linked
against libcrypto.  (The main alternative was to introduce updates of
LDFLAGS_MKV into every make target that updated LDFLAGS.  A possibly
better alternative will be to rework the JtR build process such that
there will be shared LDFLAGS (could be adjusted for the target system)
and additional per-program LDFLAGS, but this is something to consider
for the "upstream" JtR, not for the jumbo patch.  The idea is that the
"upstream" JtR could provide this LDFLAGS separation as a framework,
which the jumbo patch and/or other patches and/or a "community edition"
of JtR would make use of.)  This issue was reported by Alex V. Breger
and also by several others.

An off-by-one error in the size of an array in NETHALFLM_fmt.c has been
corrected.  Till Maas reported this one and provided a patch.

According to Alex V. Breger, the unnecessary "#include <netinet/in.h>"
directive in PO_fmt.c resulted in the build failing on OpenBSD 4.4.
Corrected by dropping the directive.

There was a loader.c bug I inadvertently introduced into the jumbo patch
between 1.7.3.1-all-1 and 1.7.3.1-all-2+.  Kurt Grutzmacher sort of
reported it, but never came up with a proper bug report (no reproduction
instructions, no wrong vs. proper output), yet I managed to reproduce
what I thought was likely the same issue.  Fixed.

Simon Marechal reported a bug in and provided a patch to my introduction
of the C2I() macro into his mkvcalcproba.c code.  Patch applied.

I've attached the diffs between -all-5 and -all-6, primarily to show
what exactly was changed.

If you're aware of any known bugs/fixes that I missed, please let me
know.  Also, now may be a good time to nominate additional patches for
inclusion into the next revision of the jumbo patch.

Alexander

 Makefile        |   13 ++++++-------
 NETHALFLM_fmt.c |    4 ++--
 PO_fmt.c        |    1 -
 loader.c        |    7 ++++++-
 mkvcalcproba.c  |    2 +-
 params.h        |    2 +-
 6 files changed, 16 insertions(+), 13 deletions(-)

diff -u john-1.7.3.1/src/Makefile john-1.7.3.1/src/Makefile
--- john-1.7.3.1/src/Makefile	2008-09-17 03:27:32 +0000
+++ john-1.7.3.1/src/Makefile	2009-08-31 13:29:00 +0000
@@ -18,7 +18,6 @@
 CFLAGS = -c -Wall -O2 -fomit-frame-pointer -I/usr/local/include -L/usr/local/lib
 ASFLAGS = -c
 LDFLAGS = -s -L/usr/local/lib -L/usr/local/ssl/lib -lcrypto -lm
-LDFLAGS_MKV = -s -lm
 OPT_NORMAL = -funroll-loops
 OPT_INLINE = -finline-functions
 
@@ -889,22 +888,22 @@
 	strip ../run/unique.exe
 
 ../run/genmkvpwd: $(GENMKVPWD_OBJS)
-	$(LD) $(GENMKVPWD_OBJS) $(LDFLAGS_MKV) -o ../run/genmkvpwd
+	$(LD) $(GENMKVPWD_OBJS) $(LDFLAGS) -o ../run/genmkvpwd
 
 ../run/genmkvpwd.exe: $(GENMKVPWD_OBJS)
-	$(LD) $(GENMKVPWD_OBJS) $(LDFLAGS_MKV) -o ../run/genmkvpwd.exe
+	$(LD) $(GENMKVPWD_OBJS) $(LDFLAGS) -o ../run/genmkvpwd.exe
 
 ../run/mkvcalcproba: mkvcalcproba.o
-	$(LD) mkvcalcproba.o $(LDFLAGS_MKV) -o ../run/mkvcalcproba
+	$(LD) mkvcalcproba.o $(LDFLAGS) -o ../run/mkvcalcproba
 
 ../run/mkvcalcproba.exe: mkvcalcproba.o
-	$(LD) mkvcalcproba.o $(LDFLAGS_MKV) -o ../run/mkvcalcproba.exe
+	$(LD) mkvcalcproba.o $(LDFLAGS) -o ../run/mkvcalcproba.exe
 
 ../run/calc_stat: calc_stat.o
-	$(LD) calc_stat.o $(LDFLAGS_MKV) -o ../run/calc_stat
+	$(LD) calc_stat.o $(LDFLAGS) -o ../run/calc_stat
 
 ../run/calc_stat.exe: calc_stat.o
-	$(LD) calc_stat.o $(LDFLAGS_MKV) -o ../run/calc_stat.exe
+	$(LD) calc_stat.o $(LDFLAGS) -o ../run/calc_stat.exe
 
 # Inlining the S-boxes produces faster code, as long as they fit in the cache
 # (that is, on RISC with at least 8 KB of L1 code cache).
diff -u john-1.7.3.1/src/NETHALFLM_fmt.c john-1.7.3.1/src/NETHALFLM_fmt.c
--- john-1.7.3.1/src/NETHALFLM_fmt.c	2008-08-24 08:54:11 +0000
+++ john-1.7.3.1/src/NETHALFLM_fmt.c	2009-08-31 13:38:11 +0000
@@ -106,10 +106,10 @@
   static unsigned char magic[] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};
   DES_key_schedule ks;
   unsigned char password[7 + 1];
-  unsigned char lm[7];
+  unsigned char lm[8];
 
   /* clear buffers */
-  memset(lm, 0, 7);
+  memset(lm, 0, 8);
   memset(output, 0, 8);  
 
   strncpy((char *) password, saved_plain, 7);
diff -u john-1.7.3.1/src/PO_fmt.c john-1.7.3.1/src/PO_fmt.c
--- john-1.7.3.1/src/PO_fmt.c	2008-08-25 01:16:26 +0000
+++ john-1.7.3.1/src/PO_fmt.c	2009-08-31 13:34:04 +0000
@@ -24,7 +24,6 @@
  */
 
 #include <string.h>
-#include <netinet/in.h>
 
 #include "arch.h"
 #include "misc.h"
diff -u john-1.7.3.1/src/loader.c john-1.7.3.1/src/loader.c
--- john-1.7.3.1/src/loader.c	2008-08-28 01:02:04 +0000
+++ john-1.7.3.1/src/loader.c	2009-08-20 05:35:49 +0000
@@ -223,7 +223,12 @@
 			*ciphertext = tmp;
 		}
 
-		if (source) sprintf(source, "%s:%s", uid, line);
+		if (source) {
+			if (line)
+				sprintf(source, "%s:%s", uid, line);
+			else
+				sprintf(source, "%s\n", uid);
+		}
 	}
 	else if (options.format && (strncmp(options.format, "netlmv2", 7)==0)) {
 		char *srv_challenge = ldr_get_field(&line);
diff -u john-1.7.3.1/src/mkvcalcproba.c john-1.7.3.1/src/mkvcalcproba.c
--- john-1.7.3.1/src/mkvcalcproba.c	2008-09-15 01:46:38 +0000
+++ john-1.7.3.1/src/mkvcalcproba.c	2009-08-31 13:39:41 +0000
@@ -99,7 +99,7 @@
 			continue;
 		ligne[strlen(ligne)-1] = 0; // chop
 		i=1; j=0; k=0;
-		j = ligne[0];
+		j = C2I(ligne[0]);
 		k = proba1[j];
 		printf("%s\t%d", ligne, k);
 		l = 0;
diff -u john-1.7.3.1/src/params.h john-1.7.3.1/src/params.h
--- john-1.7.3.1/src/params.h	2008-09-20 21:42:10 +0000
+++ john-1.7.3.1/src/params.h	2009-08-31 14:05:39 +0000
@@ -15,7 +15,7 @@
 /*
  * John's version number.
  */
-#define JOHN_VERSION			"1.7.3.1-all-5"
+#define JOHN_VERSION			"1.7.3.1-all-6"
 
 /*
  * Notes to packagers of John for *BSD "ports", Linux distributions, etc.:


-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ